./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1123341449 <...> 00 audit(1703937052.364:63): avc: denied { write } for pid=228 comm="sh" path="pipe:[13384]" dev="pipefs" ino=13384 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 14.254329][ T28] audit: type=1400 audit(1703937052.364:64): avc: denied { rlimitinh } for pid=228 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 14.257029][ T28] audit: type=1400 audit(1703937052.364:65): avc: denied { siginh } for pid=228 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.142' (ED25519) to the list of known hosts. execve("./syz-executor1123341449", ["./syz-executor1123341449"], 0x7ffd32681750 /* 10 vars */) = 0 brk(NULL) = 0x5555565a7000 brk(0x5555565a7d00) = 0x5555565a7d00 arch_prctl(ARCH_SET_FS, 0x5555565a7380) = 0 set_tid_address(0x5555565a7650) = 297 set_robust_list(0x5555565a7660, 24) = 0 rseq(0x5555565a7ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1123341449", 4096) = 28 getrandom("\x49\xa6\xa3\x8e\x76\xa7\xc4\x51", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555565a7d00 brk(0x5555565c8d00) = 0x5555565c8d00 brk(0x5555565c9000) = 0x5555565c9000 mprotect(0x7f87a6005000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565a7650) = 298 ./strace-static-x86_64: Process 298 attached [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] set_robust_list(0x5555565a7660, 24) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] <... clone resumed>, child_tidptr=0x5555565a7650) = 299 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] <... clone resumed>, child_tidptr=0x5555565a7650) = 300 ./strace-static-x86_64: Process 300 attached ./strace-static-x86_64: Process 301 attached ./strace-static-x86_64: Process 299 attached [pid 297] <... clone resumed>, child_tidptr=0x5555565a7650) = 301 [pid 300] set_robust_list(0x5555565a7660, 24 [pid 301] set_robust_list(0x5555565a7660, 24 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 301] <... set_robust_list resumed>) = 0 [pid 300] <... set_robust_list resumed>) = 0 [pid 299] set_robust_list(0x5555565a7660, 24 [pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 300] setpgid(0, 0) = 0 [pid 297] <... clone resumed>, child_tidptr=0x5555565a7650) = 302 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 297] <... clone resumed>, child_tidptr=0x5555565a7650) = 303 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 300] <... openat resumed>) = 3 [pid 300] write(3, "1000", 4 [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] <... set_robust_list resumed>) = 0 [pid 297] <... clone resumed>, child_tidptr=0x5555565a7650) = 304 ./strace-static-x86_64: Process 304 attached [pid 304] set_robust_list(0x5555565a7660, 24) = 0 [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 300] <... write resumed>) = 4 [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 305 ./strace-static-x86_64: Process 303 attached [pid 300] close(3 [pid 303] set_robust_list(0x5555565a7660, 24) = 0 [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 300] <... close resumed>) = 0 [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 306 [pid 300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 307 attached ./strace-static-x86_64: Process 306 attached ./strace-static-x86_64: Process 305 attached ./strace-static-x86_64: Process 302 attached [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 307] set_robust_list(0x5555565a7660, 24 [pid 306] set_robust_list(0x5555565a7660, 24 [pid 305] set_robust_list(0x5555565a7660, 24 [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 307 [pid 302] set_robust_list(0x5555565a7660, 24 [pid 306] <... set_robust_list resumed>) = 0 [pid 305] <... set_robust_list resumed>) = 0 [pid 302] <... set_robust_list resumed>) = 0 [pid 299] <... clone resumed>, child_tidptr=0x5555565a7650) = 308 [pid 306] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 306] <... prctl resumed>) = 0 [pid 305] <... prctl resumed>) = 0 [pid 300] <... bpf resumed>) = 3 [pid 306] setpgid(0, 0 [pid 305] setpgid(0, 0 [pid 302] <... clone resumed>, child_tidptr=0x5555565a7650) = 309 [pid 306] <... setpgid resumed>) = 0 [pid 305] <... setpgid resumed>) = 0 [pid 306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 306] <... openat resumed>) = 3 [pid 305] <... openat resumed>) = 3 [pid 306] write(3, "1000", 4 [pid 305] write(3, "1000", 4 [pid 306] <... write resumed>) = 4 [pid 305] <... write resumed>) = 4 [pid 306] close(3 [pid 305] close(3 [pid 306] <... close resumed>) = 0 [pid 305] <... close resumed>) = 0 [pid 306] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 305] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 306] <... bpf resumed>) = 3 [pid 305] <... bpf resumed>) = 3 [pid 306] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 305] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 300] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 309 attached ./strace-static-x86_64: Process 308 attached [pid 309] set_robust_list(0x5555565a7660, 24 [pid 307] <... set_robust_list resumed>) = 0 [ 23.474218][ T28] audit: type=1400 audit(1703937061.594:66): avc: denied { execmem } for pid=297 comm="syz-executor112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 23.503221][ T28] audit: type=1400 audit(1703937061.624:67): avc: denied { bpf } for pid=300 comm="syz-executor112" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [pid 307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 307] setpgid(0, 0) = 0 [pid 307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 307] write(3, "1000", 4) = 4 [pid 307] close(3) = 0 [pid 307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 309] <... set_robust_list resumed>) = 0 [pid 308] set_robust_list(0x5555565a7660, 24 [pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 308] <... set_robust_list resumed>) = 0 [pid 309] <... prctl resumed>) = 0 [pid 309] setpgid(0, 0 [pid 308] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 307] <... bpf resumed>) = 3 [pid 306] <... bpf resumed>) = 4 [pid 309] <... setpgid resumed>) = 0 [pid 308] <... prctl resumed>) = 0 [pid 306] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [ 23.524433][ T28] audit: type=1400 audit(1703937061.624:68): avc: denied { prog_load } for pid=300 comm="syz-executor112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 23.544187][ T28] audit: type=1400 audit(1703937061.624:69): avc: denied { perfmon } for pid=300 comm="syz-executor112" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [pid 307] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 308] setpgid(0, 0) = 0 [pid 306] <... bpf resumed>) = 5 [pid 309] <... openat resumed>) = 3 [pid 308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 309] write(3, "1000", 4 [pid 306] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 308] <... openat resumed>) = 3 [pid 309] <... write resumed>) = 4 [pid 306] <... bpf resumed>) = 0 [pid 309] close(3 [pid 308] write(3, "1000", 4 [pid 306] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 309] <... close resumed>) = 0 [pid 308] <... write resumed>) = 4 [pid 305] <... bpf resumed>) = 4 [pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 308] close(3 [pid 307] <... bpf resumed>) = 4 [pid 306] <... bpf resumed>) = 6 [pid 305] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 300] <... bpf resumed>) = 4 [pid 308] <... close resumed>) = 0 [pid 307] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 305] <... bpf resumed>) = 5 [pid 300] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 309] <... bpf resumed>) = 3 [pid 307] <... bpf resumed>) = 5 [pid 308] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 309] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 307] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 306] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 305] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 300] <... bpf resumed>) = 5 [pid 307] <... bpf resumed>) = 0 [pid 305] <... bpf resumed>) = 0 [pid 300] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 309] <... bpf resumed>) = 4 [pid 309] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 308] <... bpf resumed>) = 3 [pid 305] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 300] <... bpf resumed>) = 0 [pid 309] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 308] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 307] <... bpf resumed>) = 6 [pid 306] <... bpf resumed>) = 7 [ 23.565233][ T28] audit: type=1400 audit(1703937061.624:70): avc: denied { prog_run } for pid=300 comm="syz-executor112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 23.584862][ T28] audit: type=1400 audit(1703937061.704:71): avc: denied { map_create } for pid=306 comm="syz-executor112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 23.604781][ T28] audit: type=1400 audit(1703937061.704:72): avc: denied { map_read map_write } for pid=306 comm="syz-executor112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 23.632234][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 23.643648][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 23.651133][ T294] Modules linked in: [ 23.654845][ T294] Preemption disabled at: [ 23.654850][ T294] [] remove_wait_queue+0x26/0x140 [ 23.665422][ T294] CPU: 0 PID: 294 Comm: strace-static-x Not tainted 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 23.675313][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 23.685209][ T294] Call Trace: [ 23.688336][ T294] [ 23.691111][ T294] dump_stack_lvl+0x151/0x1b7 [ 23.695622][ T294] ? remove_wait_queue+0x26/0x140 [ 23.700508][ T294] ? remove_wait_queue+0x26/0x140 [ 23.705361][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 23.710639][ T294] ? remove_wait_queue+0x26/0x140 [ 23.716377][ T294] dump_stack+0x15/0x17 [ 23.720370][ T294] __schedule_bug+0x195/0x260 [ 23.724879][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 23.729653][ T294] ? bpf_trace_printk+0x1be/0x300 [ 23.734513][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 23.739808][ T294] ? kernel_waitid+0x520/0x520 [ 23.744418][ T294] __schedule+0xce9/0x1540 [ 23.748676][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 23.753439][ T294] ? bpf_trace_run2+0x138/0x290 [ 23.758124][ T294] ? __sched_text_start+0x8/0x8 [ 23.762811][ T294] schedule+0xc3/0x180 [ 23.766734][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 23.771751][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 23.777045][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 23.782453][ T294] do_syscall_64+0x49/0xb0 [ 23.786678][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 23.792322][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 23.798048][ T294] RIP: 0033:0x4d49a6 [ 23.801781][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 23.821220][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [pid 309] <... bpf resumed>) = 0 [pid 308] <... bpf resumed>) = 4 [pid 307] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 306] exit_group(0 [pid 305] <... bpf resumed>) = 6 [pid 300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 308] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 307] <... bpf resumed>) = 7 [pid 306] <... exit_group resumed>) = ? [pid 305] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 309] <... bpf resumed>) = 6 [pid 308] <... bpf resumed>) = 5 [pid 307] exit_group(0 [pid 305] <... bpf resumed>) = 7 [pid 300] <... bpf resumed>) = 6 [pid 309] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 306] +++ exited with 0 +++ [ 23.829471][ T294] RAX: 0000000000000132 RBX: 0000000000000003 RCX: 00000000004d49a6 [ 23.837277][ T294] RDX: 0000000040000001 RSI: 00007ffd3268148c RDI: 00000000ffffffff [ 23.845177][ T294] RBP: 0000000000d4f380 R08: 0000000000000000 R09: 0000000000000000 [ 23.852986][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d547e0 [ 23.860798][ T294] R13: 0000000000000133 R14: 00007ffd3268148c R15: 0000000000617180 [ 23.868623][ T294] [ 23.878154][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 23.889563][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 23.897099][ T294] Modules linked in: [ 23.901012][ T294] Preemption disabled at: [ 23.901020][ T294] [] pipe_write+0x14b2/0x1990 [ 23.911349][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 23.922620][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 23.932511][ T294] Call Trace: [ 23.935634][ T294] [ 23.938413][ T294] dump_stack_lvl+0x151/0x1b7 [ 23.942923][ T294] ? pipe_write+0x14b2/0x1990 [ 23.947451][ T294] ? pipe_write+0x14b2/0x1990 [ 23.951952][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 23.957251][ T294] ? task_rq_lock+0xd2/0x2b0 [ 23.961673][ T294] ? pipe_write+0x14b2/0x1990 [ 23.966196][ T294] dump_stack+0x15/0x17 [ 23.970179][ T294] __schedule_bug+0x195/0x260 [ 23.974695][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 23.979987][ T294] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 23.985282][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 23.989970][ T294] __schedule+0xce9/0x1540 [ 23.994223][ T294] ? __lock_task_sighand+0xde/0x100 [ 23.999265][ T294] ? __sched_text_start+0x8/0x8 [ 24.003941][ T294] ? __kasan_check_write+0x14/0x20 [ 24.008889][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 24.013663][ T294] schedule+0xc3/0x180 [ 24.017573][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 24.022603][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 24.027903][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 24.033288][ T294] do_syscall_64+0x49/0xb0 [ 24.037574][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 24.043262][ T294] RIP: 0033:0x4e6c1a [ 24.046992][ T294] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 24.066435][ T294] RSP: 002b:00007ffd32681350 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 24.074689][ T294] RAX: 0000000000000000 RBX: 0000000000d4d2f8 RCX: 00000000004e6c1a [pid 305] exit_group(0 [pid 308] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 307] <... exit_group resumed>) = ? [pid 300] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 309] <... bpf resumed>) = 7 [pid 305] <... exit_group resumed>) = ? [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- [pid 309] exit_group(0 [pid 307] +++ exited with 0 +++ [pid 301] restart_syscall(<... resuming interrupted clone ...> [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=307, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 309] <... exit_group resumed>) = ? [pid 301] <... restart_syscall resumed>) = 0 [pid 300] <... bpf resumed>) = 7 [pid 308] <... bpf resumed>) = 0 [pid 305] +++ exited with 0 +++ [pid 300] exit_group(0 [pid 308] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 304] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=7} --- [pid 300] <... exit_group resumed>) = ? [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 308] <... bpf resumed>) = 6 [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 311 [pid 308] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 312 [ 24.082493][ T294] RDX: 0000000000000000 RSI: 0000000000000131 RDI: 0000000000000018 [ 24.090306][ T294] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000001 [ 24.098112][ T294] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000d4f620 [ 24.106027][ T294] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180 [ 24.113849][ T294] [ 24.122635][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000102, exited with 00000101? [ 24.134039][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 24.141474][ T294] Modules linked in: [ 24.145109][ T294] Preemption disabled at: [ 24.145114][ T294] [] remove_wait_queue+0x26/0x140 [ 24.155700][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 24.167069][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 24.177068][ T294] Call Trace: [ 24.180193][ T294] [ 24.182973][ T294] dump_stack_lvl+0x151/0x1b7 [ 24.187483][ T294] ? remove_wait_queue+0x26/0x140 [ 24.192343][ T294] ? remove_wait_queue+0x26/0x140 [ 24.197204][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 24.202499][ T294] ? remove_wait_queue+0x26/0x140 [ 24.207360][ T294] dump_stack+0x15/0x17 [ 24.211352][ T294] __schedule_bug+0x195/0x260 [ 24.215863][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 24.220637][ T294] ? bpf_trace_printk+0x1be/0x300 [ 24.225502][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 24.230795][ T294] ? kernel_waitid+0x520/0x520 [ 24.235420][ T294] __schedule+0xce9/0x1540 [ 24.239646][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 24.244593][ T294] ? bpf_trace_run2+0x138/0x290 [ 24.249280][ T294] ? __sched_text_start+0x8/0x8 [ 24.253969][ T294] schedule+0xc3/0x180 [ 24.257878][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 24.262914][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 24.268212][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 24.273582][ T294] do_syscall_64+0x49/0xb0 [ 24.277838][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 24.283563][ T294] RIP: 0033:0x4d49a6 [ 24.287299][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 24.306836][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 24.315116][ T294] RAX: 0000000000000138 RBX: 0000000000000003 RCX: 00000000004d49a6 [ 24.322894][ T294] RDX: 0000000040000001 RSI: 00007ffd3268148c RDI: 00000000ffffffff ./strace-static-x86_64: Process 312 attached ./strace-static-x86_64: Process 311 attached [pid 309] +++ exited with 0 +++ [pid 302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=309, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 312] set_robust_list(0x5555565a7660, 24) = 0 [pid 312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 312] setpgid(0, 0) = 0 [pid 312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 312] <... openat resumed>) = 3 [pid 312] write(3, "1000", 4) = 4 [pid 312] close(3) = 0 [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 313 [pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 314 attached ./strace-static-x86_64: Process 313 attached ) = 3 [pid 311] set_robust_list(0x5555565a7660, 24 [pid 302] <... clone resumed>, child_tidptr=0x5555565a7650) = 314 [pid 314] set_robust_list(0x5555565a7660, 24 [pid 313] set_robust_list(0x5555565a7660, 24 [pid 312] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 311] <... set_robust_list resumed>) = 0 [pid 314] <... set_robust_list resumed>) = 0 [pid 313] <... set_robust_list resumed>) = 0 [pid 311] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 313] setpgid(0, 0) = 0 [pid 314] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 311] <... prctl resumed>) = 0 [pid 314] <... prctl resumed>) = 0 [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 311] setpgid(0, 0 [pid 314] setpgid(0, 0 [pid 311] <... setpgid resumed>) = 0 [pid 314] <... setpgid resumed>) = 0 [pid 311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 311] <... openat resumed>) = 3 [pid 314] <... openat resumed>) = 3 [pid 311] write(3, "1000", 4 [pid 314] write(3, "1000", 4 [pid 311] <... write resumed>) = 4 [pid 314] <... write resumed>) = 4 [pid 311] close(3 [pid 314] close(3 [pid 311] <... close resumed>) = 0 [pid 314] <... close resumed>) = 0 [pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 313] <... openat resumed>) = 3 [pid 313] write(3, "1000", 4) = 4 [pid 314] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 313] close(3 [pid 311] <... bpf resumed>) = 3 [pid 314] <... bpf resumed>) = 3 [pid 313] <... close resumed>) = 0 [pid 311] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 314] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 313] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 313] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 300] +++ exited with 0 +++ [pid 314] <... bpf resumed>) = 4 [pid 313] <... bpf resumed>) = 4 [pid 312] <... bpf resumed>) = 4 [pid 311] <... bpf resumed>) = 4 [pid 308] <... bpf resumed>) = 7 [pid 314] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 313] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 312] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 308] exit_group(0 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=300, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 313] <... bpf resumed>) = 5 [pid 312] <... bpf resumed>) = 5 [pid 311] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 308] <... exit_group resumed>) = ? [pid 313] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 312] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 308] +++ exited with 0 +++ [pid 312] <... bpf resumed>) = 0 [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=308, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 313] <... bpf resumed>) = 0 [pid 314] <... bpf resumed>) = 5 [pid 313] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 311] <... bpf resumed>) = 5 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 314] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 312] <... bpf resumed>) = 6 [pid 312] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 313] <... bpf resumed>) = 6 [pid 311] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 314] <... bpf resumed>) = 0 [pid 314] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 313] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 311] <... bpf resumed>) = 0 [pid 298] <... clone resumed>, child_tidptr=0x5555565a7650) = 315 [pid 314] <... bpf resumed>) = 6 [pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 314] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16./strace-static-x86_64: Process 315 attached [pid 311] <... bpf resumed>) = 6 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 315] set_robust_list(0x5555565a7660, 24 [pid 311] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 315] <... set_robust_list resumed>) = 0 [pid 315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 299] <... clone resumed>, child_tidptr=0x5555565a7650) = 316 ./strace-static-x86_64: Process 316 attached [pid 315] setpgid(0, 0) = 0 [pid 316] set_robust_list(0x5555565a7660, 24 [pid 315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 316] <... set_robust_list resumed>) = 0 [pid 315] write(3, "1000", 4 [pid 316] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 315] <... write resumed>) = 4 [pid 316] <... prctl resumed>) = 0 [pid 315] close(3 [pid 316] setpgid(0, 0 [pid 315] <... close resumed>) = 0 [pid 316] <... setpgid resumed>) = 0 [pid 315] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 315] <... bpf resumed>) = 3 [pid 316] <... openat resumed>) = 3 [pid 315] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 316] write(3, "1000", 4) = 4 [ 24.330702][ T294] RBP: 0000000000d4f770 R08: 0000000000000000 R09: 0000000000000000 [ 24.338514][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d547e0 [ 24.346327][ T294] R13: 000000000000012e R14: 00007ffd3268148c R15: 0000000000617180 [ 24.354141][ T294] [pid 316] close(3) = 0 [pid 316] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 312] <... bpf resumed>) = 7 [pid 315] <... bpf resumed>) = 4 [pid 314] <... bpf resumed>) = 7 [pid 313] <... bpf resumed>) = 7 [pid 312] exit_group(0 [pid 311] <... bpf resumed>) = 7 [pid 315] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [ 24.398378][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 24.409797][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 24.417411][ T294] Modules linked in: [ 24.421110][ T294] Preemption disabled at: [ 24.421115][ T294] [] __lock_task_sighand+0x6b/0x100 [ 24.431976][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 24.443278][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 24.453140][ T294] Call Trace: [ 24.456264][ T294] [ 24.459041][ T294] dump_stack_lvl+0x151/0x1b7 [ 24.463553][ T294] ? __lock_task_sighand+0x6b/0x100 [ 24.468586][ T294] ? __lock_task_sighand+0x6b/0x100 [ 24.473620][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 24.478915][ T294] ? fsnotify_perm+0x6a/0x5d0 [ 24.483434][ T294] ? __lock_task_sighand+0x6b/0x100 [ 24.488463][ T294] dump_stack+0x15/0x17 [ 24.492456][ T294] __schedule_bug+0x195/0x260 [ 24.496969][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 24.502263][ T294] ? file_end_write+0x1c0/0x1c0 [ 24.506987][ T294] __schedule+0xce9/0x1540 [ 24.511204][ T294] ? __kasan_check_read+0x11/0x20 [ 24.516062][ T294] ? __fdget_pos+0x204/0x390 [ 24.520499][ T294] ? __sched_text_start+0x8/0x8 [ 24.525176][ T294] ? ksys_write+0x24f/0x2c0 [ 24.529522][ T294] ? unlock_page_memcg+0x160/0x160 [ 24.534462][ T294] schedule+0xc3/0x180 [ 24.538387][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 24.543403][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 24.548698][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 24.554078][ T294] do_syscall_64+0x49/0xb0 [ 24.558342][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 24.564059][ T294] RIP: 0033:0x4e5c73 [ 24.567793][ T294] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 24.587236][ T294] RSP: 002b:00007ffd32681258 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [pid 314] exit_group(0 [pid 313] exit_group(0 [pid 312] <... exit_group resumed>) = ? [pid 311] exit_group(0 [pid 316] <... bpf resumed>) = 3 [pid 315] <... bpf resumed>) = 5 [pid 314] <... exit_group resumed>) = ? [pid 313] <... exit_group resumed>) = ? [pid 315] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 315] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 312] +++ exited with 0 +++ [pid 311] <... exit_group resumed>) = ? [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=312, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 315] <... bpf resumed>) = 6 [pid 313] +++ exited with 0 +++ [pid 315] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 316] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 304] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=313, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 317 attached [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 317 ./strace-static-x86_64: Process 318 attached [ 24.595480][ T294] RAX: 0000000000000012 RBX: 0000000000000012 RCX: 00000000004e5c73 [ 24.603291][ T294] RDX: 0000000000000012 RSI: 0000000000d50000 RDI: 0000000000000002 [ 24.611101][ T294] RBP: 0000000000d50000 R08: 0000000000000000 R09: 0000000000000002 [ 24.618914][ T294] R10: 000000000063c820 R11: 0000000000000246 R12: 0000000000000012 [ 24.626723][ T294] R13: 0000000000617480 R14: 0000000000000012 R15: 0000000000000001 [ 24.634539][ T294] [ 24.652386][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 24.663804][ T292] BUG: scheduling while atomic: sshd/292/0x00000002 [ 24.670255][ T292] Modules linked in: [ 24.673911][ T292] Preemption disabled at: [ 24.673916][ T292] [] schedule+0xbc/0x180 [ 24.683724][ T292] CPU: 0 PID: 292 Comm: sshd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 24.694143][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 24.704118][ T292] Call Trace: [ 24.707242][ T292] [ 24.710024][ T292] dump_stack_lvl+0x151/0x1b7 [ 24.714552][ T292] ? schedule+0xbc/0x180 [ 24.718613][ T292] ? schedule+0xbc/0x180 [ 24.722697][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 24.727992][ T292] ? schedule+0xbc/0x180 [ 24.732065][ T292] dump_stack+0x15/0x17 [ 24.736059][ T292] __schedule_bug+0x195/0x260 [ 24.740573][ T292] ? bpf_bprintf_cleanup+0x4f/0x60 [ 24.745519][ T292] ? bpf_trace_printk+0x1be/0x300 [ 24.750382][ T292] ? cpu_util_update_eff+0x10e0/0x10e0 [ 24.755858][ T292] ? bpf_probe_write_user+0xf0/0xf0 [ 24.760893][ T292] ? finish_task_switch+0x167/0x7b0 [ 24.765926][ T292] ? bpf_trace_run2+0xe9/0x290 [ 24.770527][ T292] __schedule+0xce9/0x1540 [ 24.774783][ T292] ? __this_cpu_preempt_check+0x13/0x20 [ 24.780163][ T292] ? bpf_trace_run2+0x138/0x290 [ 24.784847][ T292] ? __sched_text_start+0x8/0x8 [ 24.789536][ T292] ? bpf_trace_run1+0x240/0x240 [ 24.794225][ T292] ? ksys_read+0x24f/0x2c0 [ 24.798476][ T292] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 24.803854][ T292] schedule+0xc3/0x180 [ 24.807770][ T292] exit_to_user_mode_loop+0x4e/0xa0 [ 24.812797][ T292] exit_to_user_mode_prepare+0x5a/0xa0 [ 24.818090][ T292] syscall_exit_to_user_mode+0x26/0x140 [ 24.823472][ T292] do_syscall_64+0x49/0xb0 [ 24.827724][ T292] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 24.833366][ T292] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 24.839095][ T292] RIP: 0033:0x7fac9a2fd587 [ 24.843344][ T292] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 b9 01 00 00 00 e9 12 fe ff ff 31 c9 e9 0b fe ff ff 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00 [ 24.862792][ T292] RSP: 002b:00007fffb50a8a48 EFLAGS: 00000246 ORIG_RAX: 0000000000000027 [ 24.871034][ T292] RAX: 0000000000000124 RBX: 0000000000000000 RCX: 00007fac9a2fd587 [ 24.878841][ T292] RDX: 000000000000085c RSI: 000055d143ab5480 RDI: 000055d143ab2937 [ 24.886657][ T292] RBP: 000055d143ab3856 R08: 0000000000000006 R09: 0000000000000000 [ 24.894473][ T292] R10: 000055d143ab3856 R11: 0000000000000246 R12: 000055d143ab2937 [pid 317] set_robust_list(0x5555565a7660, 24 [pid 318] set_robust_list(0x5555565a7660, 24 [pid 317] <... set_robust_list resumed>) = 0 [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 318 [pid 318] <... set_robust_list resumed>) = 0 [pid 317] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 318] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 317] <... prctl resumed>) = 0 [pid 318] <... prctl resumed>) = 0 [pid 317] setpgid(0, 0 [pid 318] setpgid(0, 0 [pid 317] <... setpgid resumed>) = 0 [pid 318] <... setpgid resumed>) = 0 [pid 317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 318] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 317] <... openat resumed>) = 3 [pid 318] <... openat resumed>) = 3 [pid 317] write(3, "1000", 4 [pid 318] write(3, "1000", 4 [pid 317] <... write resumed>) = 4 [pid 318] <... write resumed>) = 4 [pid 317] close(3 [pid 318] close(3 [pid 317] <... close resumed>) = 0 [pid 318] <... close resumed>) = 0 [pid 317] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 318] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 317] <... bpf resumed>) = 3 [pid 318] <... bpf resumed>) = 3 [pid 317] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [ 24.902281][ T292] R13: 000055d143ab5480 R14: 000055d143ab5480 R15: 00007fffb50a8fd0 [ 24.910100][ T292] [ 24.913937][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000102, exited with 00000101? [ 24.925326][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 24.932739][ T294] Modules linked in: [ 24.936400][ T294] Preemption disabled at: [ 24.936404][ T294] [] remove_wait_queue+0x26/0x140 [ 24.947005][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 24.958357][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 24.969117][ T294] Call Trace: [ 24.972242][ T294] [ 24.975020][ T294] dump_stack_lvl+0x151/0x1b7 [ 24.979534][ T294] ? remove_wait_queue+0x26/0x140 [ 24.984396][ T294] ? remove_wait_queue+0x26/0x140 [ 24.989259][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 24.994556][ T294] ? remove_wait_queue+0x26/0x140 [ 24.999409][ T294] dump_stack+0x15/0x17 [ 25.003401][ T294] __schedule_bug+0x195/0x260 [ 25.007915][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 25.012720][ T294] ? bpf_trace_printk+0x1be/0x300 [ 25.017551][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 25.022933][ T294] ? kernel_waitid+0x520/0x520 [ 25.027534][ T294] __schedule+0xce9/0x1540 [ 25.031786][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 25.036570][ T294] ? bpf_trace_run2+0x138/0x290 [ 25.041252][ T294] ? __sched_text_start+0x8/0x8 [ 25.045932][ T294] schedule+0xc3/0x180 [ 25.049847][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 25.054876][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 25.060168][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 25.065547][ T294] do_syscall_64+0x49/0xb0 [ 25.069800][ T294] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 25.075440][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.081169][ T294] RIP: 0033:0x4d49a6 [ 25.084904][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [pid 318] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 315] <... bpf resumed>) = 7 [pid 314] +++ exited with 0 +++ [pid 315] exit_group(0) = ? [pid 302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=314, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 320 attached , child_tidptr=0x5555565a7650) = 320 [pid 320] set_robust_list(0x5555565a7660, 24) = 0 [pid 320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 320] setpgid(0, 0) = 0 [ 25.104345][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 25.112589][ T294] RAX: 0000000000000130 RBX: 0000000000000002 RCX: 00000000004d49a6 [ 25.120399][ T294] RDX: 0000000040000001 RSI: 00007ffd3268148c RDI: 00000000ffffffff [ 25.128209][ T294] RBP: 0000000000d4f620 R08: 0000000000000000 R09: 0000000000000000 [ 25.136021][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d54750 [ 25.143834][ T294] R13: 000000000000013a R14: 00007ffd3268148c R15: 0000000000617180 [ 25.151650][ T294] [ 25.159410][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 25.170906][ T292] BUG: scheduling while atomic: sshd/292/0x00000002 [ 25.177404][ T292] Modules linked in: [ 25.181017][ T292] Preemption disabled at: [ 25.181025][ T292] [] release_sock+0x30/0x1b0 [ 25.191295][ T292] CPU: 0 PID: 292 Comm: sshd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 25.201683][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.211587][ T292] Call Trace: [ 25.214701][ T292] [ 25.217476][ T292] dump_stack_lvl+0x151/0x1b7 [ 25.221988][ T292] ? release_sock+0x30/0x1b0 [ 25.226418][ T292] ? release_sock+0x30/0x1b0 [ 25.230844][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 25.236144][ T292] ? release_sock+0x30/0x1b0 [ 25.240566][ T292] dump_stack+0x15/0x17 [ 25.244558][ T292] __schedule_bug+0x195/0x260 [ 25.249078][ T292] ? cpu_util_update_eff+0x10e0/0x10e0 [ 25.254370][ T292] __schedule+0xce9/0x1540 [ 25.258619][ T292] ? __kasan_check_read+0x11/0x20 [ 25.263475][ T292] ? _copy_to_user+0x74/0x90 [ 25.267906][ T292] ? __sched_text_start+0x8/0x8 [ 25.272599][ T292] ? __se_sys_rt_sigprocmask+0x311/0x380 [ 25.278058][ T292] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 25.283445][ T292] schedule+0xc3/0x180 [ 25.287351][ T292] exit_to_user_mode_loop+0x4e/0xa0 [ 25.292384][ T292] exit_to_user_mode_prepare+0x5a/0xa0 [ 25.297679][ T292] syscall_exit_to_user_mode+0x26/0x140 [ 25.303060][ T292] do_syscall_64+0x49/0xb0 [ 25.307309][ T292] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.313040][ T292] RIP: 0033:0x7fac9a2c2773 [ 25.317297][ T292] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41 [ 25.336737][ T292] RSP: 002b:00007fffb50ad210 EFLAGS: 00000246 ORIG_RAX: 000000000000000e [ 25.344981][ T292] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fac9a2c2773 [pid 320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 320] write(3, "1000", 4) = 4 [pid 320] close(3) = 0 [pid 320] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 320] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 311] +++ exited with 0 +++ [pid 318] <... bpf resumed>) = 4 [pid 320] <... bpf resumed>) = 4 [pid 317] <... bpf resumed>) = 4 [pid 316] <... bpf resumed>) = 4 [pid 315] +++ exited with 0 +++ [pid 320] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 318] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 317] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 316] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 320] <... bpf resumed>) = 5 [pid 318] <... bpf resumed>) = 5 [pid 317] <... bpf resumed>) = 5 [pid 316] <... bpf resumed>) = 5 [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=311, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=315, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 320] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 318] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 317] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 316] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 301] restart_syscall(<... resuming interrupted clone ...> [pid 320] <... bpf resumed>) = 0 [pid 318] <... bpf resumed>) = 0 [pid 317] <... bpf resumed>) = 0 [pid 316] <... bpf resumed>) = 0 [pid 301] <... restart_syscall resumed>) = 0 [pid 320] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 318] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 317] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 316] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 320] <... bpf resumed>) = 6 [pid 318] <... bpf resumed>) = 6 [pid 317] <... bpf resumed>) = 6 [pid 316] <... bpf resumed>) = 6 ./strace-static-x86_64: Process 321 attached [pid 320] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 318] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 317] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 316] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 321] set_robust_list(0x5555565a7660, 24) = 0 [pid 321] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 298] <... clone resumed>, child_tidptr=0x5555565a7650) = 321 [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 322 [pid 321] <... prctl resumed>) = 0 [pid 321] setpgid(0, 0./strace-static-x86_64: Process 322 attached ) = 0 [pid 322] set_robust_list(0x5555565a7660, 24 [pid 321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 322] <... set_robust_list resumed>) = 0 [pid 321] <... openat resumed>) = 3 [pid 322] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 321] write(3, "1000", 4 [pid 322] <... prctl resumed>) = 0 [pid 321] <... write resumed>) = 4 [pid 322] setpgid(0, 0 [pid 321] close(3 [pid 322] <... setpgid resumed>) = 0 [pid 321] <... close resumed>) = 0 [pid 322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 321] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 322] <... openat resumed>) = 3 [pid 321] <... bpf resumed>) = 3 [pid 322] write(3, "1000", 4 [pid 321] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 322] <... write resumed>) = 4 [pid 322] close(3) = 0 [pid 322] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 321] <... bpf resumed>) = 4 [pid 320] <... bpf resumed>) = 7 [pid 318] <... bpf resumed>) = 7 [pid 317] <... bpf resumed>) = 7 [pid 316] <... bpf resumed>) = 7 [pid 322] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [ 25.352790][ T292] RDX: 00007fffb50ad2f8 RSI: 00007fffb50ad278 RDI: 0000000000000000 [ 25.360796][ T292] RBP: 000055d14403e5e0 R08: 0000000000000000 R09: 0000000000000000 [ 25.368605][ T292] R10: 0000000000000008 R11: 0000000000000246 R12: 000055d143aa9aa4 [ 25.376397][ T292] R13: 0000000000000019 R14: 000055d143aaa3e8 R15: 00007fffb50ad278 [ 25.384215][ T292] [ 25.408647][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 25.420063][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 25.427607][ T294] Modules linked in: [ 25.431368][ T294] Preemption disabled at: [ 25.431373][ T294] [] pipe_write+0x14b2/0x1990 [ 25.441615][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 25.452914][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.462810][ T294] Call Trace: [ 25.465932][ T294] [ 25.468709][ T294] dump_stack_lvl+0x151/0x1b7 [ 25.473221][ T294] ? pipe_write+0x14b2/0x1990 [ 25.477735][ T294] ? pipe_write+0x14b2/0x1990 [ 25.482248][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 25.487594][ T294] ? pipe_write+0x14b2/0x1990 [ 25.492056][ T294] dump_stack+0x15/0x17 [ 25.496048][ T294] __schedule_bug+0x195/0x260 [ 25.500564][ T294] ? bpf_trace_printk+0x1be/0x300 [ 25.505423][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 25.510720][ T294] __schedule+0xce9/0x1540 [ 25.514974][ T294] ? __sched_text_start+0x8/0x8 [ 25.519658][ T294] ? ksys_write+0x24f/0x2c0 [ 25.523998][ T294] schedule+0xc3/0x180 [ 25.527902][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 25.532937][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 25.538232][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 25.543610][ T294] do_syscall_64+0x49/0xb0 [ 25.547868][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.553595][ T294] RIP: 0033:0x4e815a [ 25.557326][ T294] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 78 0c 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 36 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 b8 ff ff ff f7 [ 25.576766][ T294] RSP: 002b:00007ffd326812b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 25.585015][ T294] RAX: 0000000000001000 RBX: 0000000020000000 RCX: 00000000004e815a [ 25.592823][ T294] RDX: 0000000000000001 RSI: 00007ffd326812e0 RDI: 0000000000000141 [ 25.600635][ T294] RBP: 000000000063c8a0 R08: 0000000000000001 R09: 0000000000000000 [pid 321] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 320] exit_group(0 [pid 318] exit_group(0 [pid 317] exit_group(0 [pid 316] exit_group(0 [pid 322] <... bpf resumed>) = 4 [pid 321] <... bpf resumed>) = 5 [pid 320] <... exit_group resumed>) = ? [pid 318] <... exit_group resumed>) = ? [pid 322] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 317] <... exit_group resumed>) = ? [pid 316] <... exit_group resumed>) = ? [pid 322] <... bpf resumed>) = 5 [pid 318] +++ exited with 0 +++ [pid 322] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 322] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 316] +++ exited with 0 +++ [pid 304] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=318, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 322] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [ 25.608454][ T294] R10: 00007ffd326812f0 R11: 0000000000000246 R12: 0000000000000000 [ 25.616265][ T294] R13: 0000000020000340 R14: 0000000000d51010 R15: 0000000000d536b0 [ 25.624073][ T294] [ 25.631352][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000102, exited with 00000101? [ 25.642751][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 25.650180][ T294] Modules linked in: [ 25.653816][ T294] Preemption disabled at: [ 25.653821][ T294] [] __lock_task_sighand+0x6b/0x100 [ 25.664580][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 25.675951][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.685842][ T294] Call Trace: [ 25.688969][ T294] [ 25.691745][ T294] dump_stack_lvl+0x151/0x1b7 [ 25.696256][ T294] ? __lock_task_sighand+0x6b/0x100 [ 25.701293][ T294] ? __lock_task_sighand+0x6b/0x100 [ 25.706326][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 25.711619][ T294] ? fsnotify_perm+0x6a/0x5d0 [ 25.716136][ T294] ? __lock_task_sighand+0x6b/0x100 [ 25.721169][ T294] dump_stack+0x15/0x17 [ 25.725159][ T294] __schedule_bug+0x195/0x260 [ 25.729676][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 25.734969][ T294] ? file_end_write+0x1c0/0x1c0 [ 25.739657][ T294] __schedule+0xce9/0x1540 [ 25.743909][ T294] ? __kasan_check_read+0x11/0x20 [ 25.748777][ T294] ? __fdget_pos+0x204/0x390 [ 25.753499][ T294] ? __sched_text_start+0x8/0x8 [ 25.758144][ T294] ? ksys_write+0x24f/0x2c0 [ 25.762482][ T294] schedule+0xc3/0x180 [ 25.766391][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 25.771422][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 25.776714][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 25.782096][ T294] do_syscall_64+0x49/0xb0 [ 25.786527][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 25.792253][ T294] RIP: 0033:0x4e5c73 [ 25.795984][ T294] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 25.815436][ T294] RSP: 002b:00007ffd32681258 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 25.823671][ T294] RAX: 0000000000000012 RBX: 0000000000000012 RCX: 00000000004e5c73 [ 25.831482][ T294] RDX: 0000000000000012 RSI: 0000000000d50000 RDI: 0000000000000002 [ 25.839295][ T294] RBP: 0000000000d50000 R08: 0000000000000000 R09: 0000000000000000 [ 25.847106][ T294] R10: 000000000063c820 R11: 0000000000000246 R12: 0000000000000012 [ 25.854915][ T294] R13: 0000000000617480 R14: 0000000000000012 R15: 0000000000000001 [pid 321] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 322] <... bpf resumed>) = 7 [pid 321] <... bpf resumed>) = 0 [pid 317] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 322] exit_group(0) = ? [pid 321] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=317, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 321] <... bpf resumed>) = 6 [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] <... restart_syscall resumed>) = 0 [pid 321] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 323 attached [ 25.862731][ T294] [ 25.869869][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 25.881263][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 25.888703][ T294] Modules linked in: [ 25.892591][ T294] Preemption disabled at: [ 25.892595][ T294] [] pipe_write+0x14b2/0x1990 [ 25.902864][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 25.914205][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.924101][ T294] Call Trace: [ 25.927230][ T294] [ 25.930001][ T294] dump_stack_lvl+0x151/0x1b7 [ 25.934514][ T294] ? pipe_write+0x14b2/0x1990 [ 25.939025][ T294] ? pipe_write+0x14b2/0x1990 [ 25.943540][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 25.948842][ T294] ? pipe_write+0x14b2/0x1990 [ 25.953355][ T294] dump_stack+0x15/0x17 [ 25.957343][ T294] __schedule_bug+0x195/0x260 [ 25.961855][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 25.966627][ T294] ? bpf_trace_printk+0x1be/0x300 [ 25.971491][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 25.976786][ T294] ? kernel_waitid+0x520/0x520 [ 25.981385][ T294] __schedule+0xce9/0x1540 [ 25.985640][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 25.990410][ T294] ? bpf_trace_run2+0x138/0x290 [ 25.995095][ T294] ? __sched_text_start+0x8/0x8 [ 25.999784][ T294] schedule+0xc3/0x180 [ 26.003692][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 26.008749][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.014023][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 26.019402][ T294] do_syscall_64+0x49/0xb0 [ 26.023655][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 26.029382][ T294] RIP: 0033:0x4d49a6 [ 26.033114][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 26.052555][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d ./strace-static-x86_64: Process 324 attached [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 323 [pid 323] set_robust_list(0x5555565a7660, 24) = 0 [pid 323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 323] setpgid(0, 0) = 0 [ 26.060800][ T294] RAX: 0000000000000144 RBX: 0000000000000001 RCX: 00000000004d49a6 [ 26.068612][ T294] RDX: 0000000040000001 RSI: 00007ffd3268148c RDI: 00000000ffffffff [ 26.076429][ T294] RBP: 0000000000d4f380 R08: 0000000000000000 R09: 0000000000000000 [ 26.084233][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d546c0 [ 26.092049][ T294] R13: 0000000000000143 R14: 00007ffd3268148c R15: 0000000000617180 [ 26.099868][ T294] [ 26.104365][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 26.116041][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 26.123495][ T294] Modules linked in: [ 26.127217][ T294] Preemption disabled at: [ 26.127224][ T294] [] up_read+0x16/0x170 [ 26.136845][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 26.148215][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.158112][ T294] Call Trace: [ 26.161241][ T294] [ 26.164009][ T294] dump_stack_lvl+0x151/0x1b7 [ 26.168522][ T294] ? up_read+0x16/0x170 [ 26.172517][ T294] ? up_read+0x16/0x170 [ 26.176509][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 26.181802][ T294] ? fsnotify_perm+0x6a/0x5d0 [ 26.186327][ T294] ? up_read+0x16/0x170 [ 26.190309][ T294] dump_stack+0x15/0x17 [ 26.194309][ T294] __schedule_bug+0x195/0x260 [ 26.198815][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 26.204106][ T294] ? file_end_write+0x1c0/0x1c0 [ 26.208796][ T294] __schedule+0xce9/0x1540 [ 26.213047][ T294] ? __kasan_check_read+0x11/0x20 [ 26.217914][ T294] ? __fdget_pos+0x204/0x390 [ 26.222336][ T294] ? __sched_text_start+0x8/0x8 [ 26.227020][ T294] ? ksys_write+0x24f/0x2c0 [ 26.231360][ T294] schedule+0xc3/0x180 [ 26.235267][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 26.240305][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.245596][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 26.250978][ T294] do_syscall_64+0x49/0xb0 [ 26.255230][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 26.260956][ T294] RIP: 0033:0x4e5c73 [ 26.264690][ T294] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 26.284133][ T294] RSP: 002b:00007ffd326812f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 26.292724][ T294] RAX: 000000000000004b RBX: 000000000000004b RCX: 00000000004e5c73 [ 26.300533][ T294] RDX: 000000000000004b RSI: 0000000000d50000 RDI: 0000000000000002 [pid 323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 324] set_robust_list(0x5555565a7660, 24 [pid 323] <... openat resumed>) = 3 [pid 322] +++ exited with 0 +++ [pid 320] +++ exited with 0 +++ [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 324 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 323] write(3, "1000", 4) = 4 [pid 323] close(3) = 0 [pid 323] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 324] <... set_robust_list resumed>) = 0 [pid 323] <... bpf resumed>) = 3 [pid 321] <... bpf resumed>) = 7 [pid 324] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 323] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=320, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=322, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 324] <... prctl resumed>) = 0 [pid 323] <... bpf resumed>) = 4 [pid 321] exit_group(0 [pid 299] <... clone resumed>, child_tidptr=0x5555565a7650) = 326 [pid 324] setpgid(0, 0 [pid 323] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 321] <... exit_group resumed>) = ? [ 26.308345][ T294] RBP: 0000000000d50000 R08: 0000000000000012 R09: 00434558454f4c43 [ 26.316162][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000004b [ 26.323969][ T294] R13: 0000000000617480 R14: 000000000000004b R15: 0000000000617180 [ 26.331786][ T294] [ 26.338906][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 26.350315][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 26.357820][ T294] Modules linked in: [ 26.361618][ T294] Preemption disabled at: [ 26.361625][ T294] [] pipe_write+0x14b2/0x1990 [ 26.371792][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 26.383249][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.393116][ T294] Call Trace: [ 26.396244][ T294] [ 26.399016][ T294] dump_stack_lvl+0x151/0x1b7 [ 26.403526][ T294] ? pipe_write+0x14b2/0x1990 [ 26.408040][ T294] ? pipe_write+0x14b2/0x1990 [ 26.412555][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 26.417956][ T294] ? task_rq_lock+0xd2/0x2b0 [ 26.422385][ T294] ? pipe_write+0x14b2/0x1990 [ 26.426894][ T294] dump_stack+0x15/0x17 [ 26.430889][ T294] __schedule_bug+0x195/0x260 [ 26.435401][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 26.440695][ T294] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 26.445999][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 26.450765][ T294] __schedule+0xce9/0x1540 [ 26.455017][ T294] ? __lock_task_sighand+0xde/0x100 [ 26.460052][ T294] ? __sched_text_start+0x8/0x8 [ 26.464737][ T294] ? __kasan_check_write+0x14/0x20 [ 26.469685][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 26.474457][ T294] ? unlock_page_memcg+0x160/0x160 [ 26.479409][ T294] schedule+0xc3/0x180 [ 26.483311][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 26.488347][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.493727][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 26.499107][ T294] do_syscall_64+0x49/0xb0 [ 26.503363][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 26.509089][ T294] RIP: 0033:0x4e6c1a [ 26.512822][ T294] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 26.532349][ T294] RSP: 002b:00007ffd32681350 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 26.540594][ T294] RAX: 0000000000000000 RBX: 0000000000d4d2f8 RCX: 00000000004e6c1a [ 26.548408][ T294] RDX: 0000000000000000 RSI: 0000000000000141 RDI: 0000000000000018 [ 26.556223][ T294] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000018 [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 326 attached [pid 324] <... setpgid resumed>) = 0 [pid 323] <... bpf resumed>) = 5 [pid 321] +++ exited with 0 +++ [pid 323] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 323] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 323] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 324] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 323] <... bpf resumed>) = 7 [pid 323] exit_group(0) = ? [pid 324] <... openat resumed>) = 3 [pid 323] +++ exited with 0 +++ [pid 302] <... clone resumed>, child_tidptr=0x5555565a7650) = 327 [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 328 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=321, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=323, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 298] restart_syscall(<... resuming interrupted clone ...> [pid 324] write(3, "1000", 4 [pid 298] <... restart_syscall resumed>) = 0 [pid 324] <... write resumed>) = 4 [pid 324] close(3 [pid 326] set_robust_list(0x5555565a7660, 24) = 0 [pid 326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 324] <... close resumed>) = 0 [pid 326] setpgid(0, 0) = 0 [pid 324] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 326] write(3, "1000", 4) = 4 [pid 326] close(3) = 0 [pid 326] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 324] <... bpf resumed>) = 3 [pid 326] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 327 attached [pid 298] <... clone resumed>, child_tidptr=0x5555565a7650) = 329 [pid 327] set_robust_list(0x5555565a7660, 24) = 0 [pid 327] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 327] <... prctl resumed>) = 0 [pid 327] setpgid(0, 0) = 0 [pid 327] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 327] write(3, "1000", 4) = 4 [pid 327] close(3) = 0 [pid 327] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 330 attached ./strace-static-x86_64: Process 329 attached ./strace-static-x86_64: Process 328 attached [pid 324] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 330 [pid 330] set_robust_list(0x5555565a7660, 24 [pid 329] set_robust_list(0x5555565a7660, 24 [pid 328] set_robust_list(0x5555565a7660, 24 [pid 329] <... set_robust_list resumed>) = 0 [pid 328] <... set_robust_list resumed>) = 0 [pid 330] <... set_robust_list resumed>) = 0 [pid 327] <... bpf resumed>) = 3 [pid 327] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 330] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 328] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 330] <... prctl resumed>) = 0 [pid 329] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 328] <... prctl resumed>) = 0 [pid 328] setpgid(0, 0 [pid 330] setpgid(0, 0 [pid 329] <... prctl resumed>) = 0 [pid 328] <... setpgid resumed>) = 0 [pid 330] <... setpgid resumed>) = 0 [pid 330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 329] setpgid(0, 0 [pid 328] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 330] <... openat resumed>) = 3 [pid 329] <... setpgid resumed>) = 0 [pid 330] write(3, "1000", 4) = 4 [pid 330] close(3) = 0 [pid 330] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 328] <... openat resumed>) = 3 [pid 330] <... bpf resumed>) = 3 [pid 329] <... openat resumed>) = 3 [pid 328] write(3, "1000", 4 [pid 330] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 329] write(3, "1000", 4 [pid 328] <... write resumed>) = 4 [pid 329] <... write resumed>) = 4 [pid 329] close(3) = 0 [pid 328] close(3 [pid 329] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 328] <... close resumed>) = 0 [pid 330] <... bpf resumed>) = 4 [pid 329] <... bpf resumed>) = 3 [pid 328] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 327] <... bpf resumed>) = 4 [pid 326] <... bpf resumed>) = 4 [pid 324] <... bpf resumed>) = 4 [pid 330] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 329] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 326] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 324] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 330] <... bpf resumed>) = 5 [pid 329] <... bpf resumed>) = 4 [pid 328] <... bpf resumed>) = 3 [pid 326] <... bpf resumed>) = 5 [pid 324] <... bpf resumed>) = 5 [pid 330] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 329] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 328] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 327] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 326] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 324] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 330] <... bpf resumed>) = 0 [pid 329] <... bpf resumed>) = 5 [pid 328] <... bpf resumed>) = 4 [pid 327] <... bpf resumed>) = 5 [pid 326] <... bpf resumed>) = 0 [pid 324] <... bpf resumed>) = 0 [pid 330] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 329] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 328] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 327] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 326] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 324] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 330] <... bpf resumed>) = 6 [pid 329] <... bpf resumed>) = 0 [pid 328] <... bpf resumed>) = 5 [pid 327] <... bpf resumed>) = 0 [pid 326] <... bpf resumed>) = 6 [pid 330] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 329] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 328] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 327] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 326] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 324] <... bpf resumed>) = 6 [pid 330] <... bpf resumed>) = 7 [pid 329] <... bpf resumed>) = 6 [pid 328] <... bpf resumed>) = 0 [ 26.564027][ T294] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000d4ecf0 [ 26.571841][ T294] R13: 0000000000000000 R14: 000000000006057f R15: 0000000000617180 [ 26.579656][ T294] [pid 327] <... bpf resumed>) = 6 [pid 326] <... bpf resumed>) = 7 [ 26.610112][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 26.621539][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 26.629093][ T294] Modules linked in: [ 26.632792][ T294] Preemption disabled at: [ 26.632798][ T294] [] up_read+0x16/0x170 [ 26.642690][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 26.654057][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.663949][ T294] Call Trace: [ 26.667076][ T294] [ 26.669864][ T294] dump_stack_lvl+0x151/0x1b7 [ 26.674370][ T294] ? up_read+0x16/0x170 [ 26.678359][ T294] ? up_read+0x16/0x170 [ 26.682352][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 26.687655][ T294] ? fsnotify_perm+0x6a/0x5d0 [ 26.692158][ T294] ? up_read+0x16/0x170 [ 26.696163][ T294] dump_stack+0x15/0x17 [ 26.700145][ T294] __schedule_bug+0x195/0x260 [ 26.704660][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 26.709951][ T294] ? file_end_write+0x1c0/0x1c0 [ 26.714662][ T294] __schedule+0xce9/0x1540 [ 26.718892][ T294] ? __kasan_check_read+0x11/0x20 [ 26.723751][ T294] ? __fdget_pos+0x204/0x390 [ 26.728248][ T294] ? __sched_text_start+0x8/0x8 [ 26.732863][ T294] ? ksys_write+0x24f/0x2c0 [ 26.737300][ T294] schedule+0xc3/0x180 [ 26.741203][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 26.746231][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.751537][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 26.756910][ T294] do_syscall_64+0x49/0xb0 [ 26.761165][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 26.766891][ T294] RIP: 0033:0x4e5c73 [ 26.770621][ T294] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 26.790065][ T294] RSP: 002b:00007ffd326812f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 26.798315][ T294] RAX: 0000000000000061 RBX: 0000000000000061 RCX: 00000000004e5c73 [pid 324] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 330] exit_group(0 [pid 329] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 328] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 327] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 326] exit_group(0 [pid 330] <... exit_group resumed>) = ? [pid 329] <... bpf resumed>) = 7 [pid 328] <... bpf resumed>) = 6 [pid 327] <... bpf resumed>) = 7 [ 26.806220][ T294] RDX: 0000000000000061 RSI: 0000000000d50000 RDI: 0000000000000002 [ 26.814024][ T294] RBP: 0000000000d50000 R08: 0000000000000000 R09: 0000000000000002 [ 26.821836][ T294] R10: 00007ffd32681266 R11: 0000000000000246 R12: 0000000000000061 [ 26.829645][ T294] R13: 0000000000617480 R14: 0000000000000061 R15: 0000000000617180 [ 26.837464][ T294] [ 26.842445][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [pid 324] <... bpf resumed>) = 7 [pid 330] +++ exited with 0 +++ [pid 329] exit_group(0 [pid 328] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 327] exit_group(0 [pid 326] <... exit_group resumed>) = ? [ 26.848374][ C1] softirq: huh, entered softirq 6 TASKLET ffffffff8145fc40 with preempt_count 00000103, exited with 00000102? [ 26.853872][ T326] BUG: scheduling while atomic: syz-executor112/326/0x00000002 [ 26.865319][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 26.865333][ T294] Modules linked in: [ 26.865342][ T294] Preemption disabled at: [ 26.865346][ T294] [] __lock_task_sighand+0x6b/0x100 [ 26.865373][ T294] CPU: 1 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 26.865392][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 26.865401][ T294] Call Trace: [ 26.865405][ T294] [ 26.865410][ T294] dump_stack_lvl+0x151/0x1b7 [ 26.865429][ T294] ? __lock_task_sighand+0x6b/0x100 [ 26.865443][ T294] ? __lock_task_sighand+0x6b/0x100 [ 26.865458][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 26.865476][ T294] ? fsnotify_perm+0x6a/0x5d0 [ 26.865495][ T294] ? __lock_task_sighand+0x6b/0x100 [ 26.865509][ T294] dump_stack+0x15/0x17 [ 26.865523][ T294] __schedule_bug+0x195/0x260 [ 26.865545][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 26.865560][ T294] ? file_end_write+0x1c0/0x1c0 [ 26.865579][ T294] __schedule+0xce9/0x1540 [ 26.865600][ T294] ? __kasan_check_read+0x11/0x20 [ 26.865620][ T294] ? __fdget_pos+0x204/0x390 [ 26.865637][ T294] ? __sched_text_start+0x8/0x8 [ 26.865656][ T294] ? ksys_write+0x24f/0x2c0 [ 26.865674][ T294] schedule+0xc3/0x180 [ 26.865691][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 26.865709][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 26.865726][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 26.865746][ T294] do_syscall_64+0x49/0xb0 [ 26.873162][ T326] Modules linked in: [ 26.880456][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 26.880477][ T294] RIP: 0033:0x4e5c73 [ 26.880490][ T294] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 26.880504][ T294] RSP: 002b:00007ffd326812a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 26.880522][ T294] RAX: 000000000000002c RBX: 000000000000002c RCX: 00000000004e5c73 [ 26.884178][ T326] [ 26.884183][ T326] Preemption disabled at: [ 26.888343][ T294] RDX: 000000000000002c RSI: 0000000000d50000 RDI: 0000000000000002 [ 26.888354][ T294] RBP: 0000000000d50000 R08: 0000000000000000 R09: 0000000000000003 [ 26.888363][ T294] R10: 00007ffd32681287 R11: 0000000000000246 R12: 000000000000002c [ 26.888374][ T294] R13: 0000000000617480 R14: 000000000000002c R15: 0000000000000001 [ 26.888389][ T294] [ 27.106163][ T326] [] ptrace_stop+0x57e/0x930 [ 27.112294][ T326] CPU: 0 PID: 326 Comm: syz-executor112 Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 27.123611][ T326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 27.133502][ T326] Call Trace: [ 27.136625][ T326] [ 27.139404][ T326] dump_stack_lvl+0x151/0x1b7 [ 27.143915][ T326] ? ptrace_stop+0x57e/0x930 [ 27.148342][ T326] ? ptrace_stop+0x57e/0x930 [ 27.152770][ T326] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 27.158068][ T326] ? ptrace_stop+0x57e/0x930 [ 27.162490][ T326] dump_stack+0x15/0x17 [ 27.166485][ T326] __schedule_bug+0x195/0x260 [ 27.171000][ T326] ? cpu_util_update_eff+0x10e0/0x10e0 [ 27.176293][ T326] __schedule+0xce9/0x1540 [ 27.180548][ T326] ? __kasan_check_write+0x14/0x20 [ 27.185490][ T326] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 27.190441][ T326] ? __sched_text_start+0x8/0x8 [ 27.195125][ T326] ? __kasan_check_read+0x11/0x20 [ 27.199986][ T326] ? cgroup_update_frozen+0x15f/0x980 [ 27.205202][ T326] schedule+0xc3/0x180 [ 27.209105][ T326] ptrace_stop+0x54f/0x930 [ 27.213357][ T326] ptrace_notify+0x225/0x350 [ 27.217790][ T326] ? do_notify_parent+0xa20/0xa20 [ 27.222647][ T326] ? _raw_spin_lock_irqsave+0x210/0x210 [ 27.228019][ T326] ? blocking_notifier_call_chain+0x127/0x140 [ 27.233923][ T326] do_exit+0x206c/0x2b80 [ 27.238007][ T326] ? put_task_struct+0x80/0x80 [ 27.242603][ T326] ? __kasan_check_write+0x14/0x20 [ 27.247550][ T326] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 27.252503][ T326] ? _raw_spin_lock_irqsave+0x210/0x210 [ 27.257881][ T326] ? zap_other_threads+0x29c/0x2d0 [ 27.262827][ T326] do_group_exit+0x21a/0x2d0 [ 27.267266][ T326] __x64_sys_exit_group+0x3f/0x40 [ 27.272114][ T326] do_syscall_64+0x3d/0xb0 [ 27.276367][ T326] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 27.282108][ T326] RIP: 0033:0x7f87a5f8eff9 [ 27.286350][ T326] Code: 90 49 c7 c0 b8 ff ff ff be e7 00 00 00 ba 3c 00 00 00 eb 12 0f 1f 44 00 00 89 d0 0f 05 48 3d 00 f0 ff ff 77 1c f4 89 f0 0f 05 <48> 3d 00 f0 ff ff 76 e7 f7 d8 64 41 89 00 eb df 0f 1f 80 00 00 00 [pid 324] exit_group(0 [pid 329] <... exit_group resumed>) = ? [pid 328] <... bpf resumed>) = 7 [pid 327] <... exit_group resumed>) = ? [pid 326] +++ exited with 0 +++ [pid 324] <... exit_group resumed>) = ? [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=330, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 328] exit_group(0) = ? [pid 329] +++ exited with 0 +++ [pid 328] +++ exited with 0 +++ [pid 303] restart_syscall(<... resuming interrupted clone ...> [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=326, si_uid=0, si_status=0, si_utime=0, si_stime=26} --- [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=329, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 303] <... restart_syscall resumed>) = 0 [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=328, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 336 [pid 299] <... clone resumed>, child_tidptr=0x5555565a7650) = 335 [pid 298] <... clone resumed>, child_tidptr=0x5555565a7650) = 334 [ 27.306053][ T326] RSP: 002b:00007ffe0cd32588 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 27.314293][ T326] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f87a5f8eff9 [ 27.322108][ T326] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 27.329952][ T326] RBP: 00007f87a600b2b0 R08: ffffffffffffffb8 R09: 00000000000000a0 [ 27.337729][ T326] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f87a600b2b0 [ 27.345540][ T326] R13: 0000000000000000 R14: 00007f87a600bd20 R15: 00007f87a5f601b0 [ 27.353363][ T326] [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 337 ./strace-static-x86_64: Process 335 attached ./strace-static-x86_64: Process 337 attached [pid 337] set_robust_list(0x5555565a7660, 24 [pid 335] set_robust_list(0x5555565a7660, 24) = 0 [pid 337] <... set_robust_list resumed>) = 0 [ 27.361143][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000102, exited with 00000101? [ 27.366969][ C1] softirq: huh, entered softirq 6 TASKLET ffffffff8145fc40 with preempt_count 00000103, exited with 00000102? [ 27.372825][ T84] BUG: scheduling while atomic: syslogd/84/0x00000002 [ 27.384040][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 27.384053][ T294] Modules linked in: [ 27.384062][ T294] Preemption disabled at: [ 27.384066][ T294] [] __do_softirq+0xec/0x661 [ 27.384094][ T294] CPU: 1 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 27.384110][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 27.384119][ T294] Call Trace: [ 27.384123][ T294] [ 27.384128][ T294] dump_stack_lvl+0x151/0x1b7 [ 27.384145][ T294] ? __do_softirq+0xec/0x661 [ 27.384161][ T294] ? __do_softirq+0xec/0x661 [ 27.384177][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 27.384196][ T294] ? __do_softirq+0xec/0x661 [ 27.384214][ T294] dump_stack+0x15/0x17 [ 27.384230][ T294] __schedule_bug+0x195/0x260 [ 27.384247][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 27.384266][ T294] __schedule+0xce9/0x1540 [ 27.384285][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 27.384299][ T294] ? __sched_text_start+0x8/0x8 [ 27.384316][ T294] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 27.384333][ T294] schedule+0xc3/0x180 [ 27.384349][ T294] do_wait+0x6e7/0xa10 [ 27.390920][ T84] Modules linked in: [ 27.398306][ T294] kernel_wait4+0x29e/0x3d0 [ 27.398324][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 27.402018][ T84] [ 27.402024][ T84] Preemption disabled at: [ 27.406181][ T294] ? bpf_trace_printk+0x1be/0x300 [ 27.412184][ T84] [] is_module_text_address+0x1f/0x360 [ 27.423540][ T294] ? kernel_waitid+0x520/0x520 [ 27.423561][ T294] __x64_sys_wait4+0x130/0x1e0 [ 27.543665][ T294] ? kernel_wait+0x230/0x230 [ 27.548095][ T294] ? bpf_trace_run2+0x138/0x290 [ 27.552781][ T294] ? __bpf_trace_sys_enter+0x62/0x70 [ 27.557899][ T294] ? __traceiter_sys_enter+0x2a/0x40 [ 27.563019][ T294] ? syscall_enter_from_user_mode+0x12c/0x190 [ 27.568921][ T294] do_syscall_64+0x3d/0xb0 [ 27.573173][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 27.578901][ T294] RIP: 0033:0x4d49a6 [ 27.582636][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 27.602073][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [pid 335] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 336 attached [pid 337] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 335] <... prctl resumed>) = 0 [pid 337] <... prctl resumed>) = 0 [pid 336] set_robust_list(0x5555565a7660, 24 [pid 335] setpgid(0, 0 [pid 337] setpgid(0, 0 [pid 336] <... set_robust_list resumed>) = 0 [pid 335] <... setpgid resumed>) = 0 [pid 337] <... setpgid resumed>) = 0 [pid 336] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 337] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 336] <... prctl resumed>) = 0 [pid 335] <... openat resumed>) = 3 [pid 337] <... openat resumed>) = 3 [pid 336] setpgid(0, 0 [pid 335] write(3, "1000", 4 [pid 337] write(3, "1000", 4 [pid 336] <... setpgid resumed>) = 0 [pid 335] <... write resumed>) = 4 [pid 337] <... write resumed>) = 4 [ 27.610322][ T294] RAX: ffffffffffffffda RBX: 0000000000d4d2f8 RCX: 00000000004d49a6 [ 27.618135][ T294] RDX: 0000000040000000 RSI: 00007ffd3268148c RDI: 00000000ffffffff [ 27.625953][ T294] RBP: 0000000000000000 R08: 0000000000000017 R09: 0000000000000006 [ 27.633761][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d546c0 [ 27.641658][ T294] R13: 0000000000000000 R14: 00007ffd3268148c R15: 0000000000617180 [ 27.649494][ T294] [ 27.652331][ T84] CPU: 0 PID: 84 Comm: syslogd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 27.662923][ T84] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 27.672819][ T84] Call Trace: [ 27.675943][ T84] [ 27.678720][ T84] dump_stack_lvl+0x151/0x1b7 [ 27.683229][ T84] ? is_module_text_address+0x1f/0x360 [ 27.688521][ T84] ? is_module_text_address+0x1f/0x360 [ 27.693821][ T84] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 27.699117][ T84] ? is_module_text_address+0x1f/0x360 [ 27.704410][ T84] dump_stack+0x15/0x17 [ 27.708399][ T84] __schedule_bug+0x195/0x260 [pid 336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 335] close(3 [pid 337] close(3 [pid 336] <... openat resumed>) = 3 [pid 335] <... close resumed>) = 0 [pid 337] <... close resumed>) = 0 [pid 336] write(3, "1000", 4 [pid 335] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [ 27.712918][ T84] ? cpu_util_update_eff+0x10e0/0x10e0 [ 27.718208][ T84] ? __stack_depot_save+0x36/0x480 [ 27.723158][ T84] __schedule+0xce9/0x1540 [ 27.727412][ T84] ? ____kasan_slab_free+0x131/0x180 [ 27.732790][ T84] ? __kasan_slab_free+0x11/0x20 [ 27.737565][ T84] ? kmem_cache_free+0x291/0x510 [ 27.742333][ T84] ? kfree_skbmem+0x104/0x170 [ 27.746859][ T84] ? consume_skb+0xb4/0x250 [ 27.751192][ T84] ? xas_start+0x32c/0x3f0 [ 27.755443][ T84] ? __sched_text_start+0x8/0x8 [ 27.760140][ T84] ? __kasan_check_write+0x14/0x20 [ 27.765084][ T84] schedule+0xc3/0x180 [ 27.768982][ T84] schedule_timeout+0xa9/0x380 [ 27.773584][ T84] ? __kasan_check_write+0x14/0x20 [ 27.778538][ T84] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 27.783825][ T84] ? console_conditional_schedule+0x10/0x10 [ 27.789554][ T84] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 27.795194][ T84] ? prepare_to_wait_exclusive+0x1ac/0x1f0 [ 27.800842][ T84] __skb_wait_for_more_packets+0x394/0x5f0 [ 27.806485][ T84] ? skb_gso_transport_seglen+0x4f0/0x4f0 [ 27.812031][ T84] ? mutex_unlock+0xb2/0x260 [ 27.816461][ T84] ? __skb_wait_for_more_packets+0x5f0/0x5f0 [ 27.822275][ T84] ? __mutex_lock_slowpath+0x10/0x10 [ 27.827395][ T84] ? avc_has_perm+0x16f/0x260 [ 27.831909][ T84] __unix_dgram_recvmsg+0x350/0x12b0 [ 27.837205][ T84] ? unix_unhash+0x10/0x10 [ 27.841451][ T84] ? avc_has_perm+0x16f/0x260 [ 27.845983][ T84] ? ring_buffer_unlock_commit+0x4b2/0x610 [ 27.851616][ T84] unix_dgram_recvmsg+0xb7/0xd0 [ 27.856297][ T84] ? unix_dgram_sendmsg+0x2050/0x2050 [ 27.861507][ T84] sock_read_iter+0x3b2/0x4b0 [ 27.866020][ T84] ? kernel_sock_ip_overhead+0x280/0x280 [ 27.871492][ T84] ? __kasan_check_read+0x11/0x20 [ 27.876433][ T84] ? fsnotify_perm+0x470/0x5d0 [ 27.881054][ T84] vfs_read+0x771/0xad0 [ 27.885029][ T84] ? bpf_bprintf_cleanup+0x48/0x60 [ 27.889971][ T84] ? kernel_read+0x1f0/0x1f0 [ 27.894405][ T84] ? __kasan_check_read+0x11/0x20 [ 27.899259][ T84] ? __fdget_pos+0x204/0x390 [ 27.903683][ T84] ksys_read+0x199/0x2c0 [ 27.907765][ T84] ? vfs_write+0xeb0/0xeb0 [ 27.912015][ T84] ? __bpf_trace_sys_enter+0x62/0x70 [ 27.917144][ T84] __x64_sys_read+0x7b/0x90 [ 27.921476][ T84] do_syscall_64+0x3d/0xb0 [ 27.925728][ T84] ? sysvec_call_function_single+0x52/0xb0 [ 27.931381][ T84] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 27.937108][ T84] RIP: 0033:0x7f29330bfb6a [ 27.941352][ T84] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [pid 337] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 336] <... write resumed>) = 4 [pid 335] <... bpf resumed>) = 3 [pid 337] <... bpf resumed>) = 3 [pid 336] close(3 [pid 335] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 337] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 336] <... close resumed>) = 0 [pid 336] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 336] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 334 attached [pid 334] set_robust_list(0x5555565a7660, 24) = 0 [pid 334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 334] setpgid(0, 0) = 0 [pid 334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 334] write(3, "1000", 4) = 4 [pid 334] close(3) = 0 [pid 334] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 334] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 327] +++ exited with 0 +++ [pid 324] +++ exited with 0 +++ [pid 304] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=324, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=327, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 302] <... clone resumed>, child_tidptr=0x5555565a7650) = 339 [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 340 ./strace-static-x86_64: Process 340 attached [pid 340] set_robust_list(0x5555565a7660, 24) = 0 [pid 340] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 340] setpgid(0, 0) = 0 [pid 340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 340] write(3, "1000", 4./strace-static-x86_64: Process 339 attached [pid 339] set_robust_list(0x5555565a7660, 24) = 0 [pid 339] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 339] setpgid(0, 0) = 0 [pid 339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 339] write(3, "1000", 4) = 4 [pid 339] close(3 [pid 340] <... write resumed>) = 4 [pid 339] <... close resumed>) = 0 [pid 339] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 340] close(3) = 0 [pid 340] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 339] <... bpf resumed>) = 3 [pid 339] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 340] <... bpf resumed>) = 3 [pid 340] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 335] <... bpf resumed>) = 4 [pid 337] <... bpf resumed>) = 4 [pid 336] <... bpf resumed>) = 4 [pid 334] <... bpf resumed>) = 4 [pid 335] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 337] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 336] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 334] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 337] <... bpf resumed>) = 5 [pid 336] <... bpf resumed>) = 5 [pid 335] <... bpf resumed>) = 5 [pid 334] <... bpf resumed>) = 5 [pid 337] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 336] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 335] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 334] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 337] <... bpf resumed>) = 0 [pid 336] <... bpf resumed>) = 0 [pid 335] <... bpf resumed>) = 0 [pid 334] <... bpf resumed>) = 0 [pid 337] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 336] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 335] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 334] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 337] <... bpf resumed>) = 6 [pid 336] <... bpf resumed>) = 6 [pid 340] <... bpf resumed>) = 4 [pid 339] <... bpf resumed>) = 4 [pid 340] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 334] <... bpf resumed>) = 6 [pid 340] <... bpf resumed>) = 5 [pid 339] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 337] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 336] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 335] <... bpf resumed>) = 6 [ 27.960799][ T84] RSP: 002b:00007ffe51648748 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 27.969039][ T84] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f29330bfb6a [ 27.976857][ T84] RDX: 00000000000000ff RSI: 000055afe3572300 RDI: 0000000000000000 [ 27.984681][ T84] RBP: 000055afe35722c0 R08: 0000000000000001 R09: 0000000000000000 [ 27.992519][ T84] R10: 00007f293325e3a3 R11: 0000000000000246 R12: 000055afe357233a [ 28.000285][ T84] R13: 000055afe3572300 R14: 0000000000000000 R15: 00007f293329ca80 [ 28.008114][ T84] [pid 334] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 337] <... bpf resumed>) = 7 [pid 336] <... bpf resumed>) = 7 [ 28.034353][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 28.045780][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 28.053400][ T294] Modules linked in: [ 28.057185][ T294] Preemption disabled at: [ 28.057193][ T294] [] __lock_task_sighand+0x6b/0x100 [ 28.067954][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 28.079347][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 28.089249][ T294] Call Trace: [ 28.092363][ T294] [ 28.095140][ T294] dump_stack_lvl+0x151/0x1b7 [ 28.099664][ T294] ? __lock_task_sighand+0x6b/0x100 [ 28.104685][ T294] ? __lock_task_sighand+0x6b/0x100 [ 28.109812][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 28.115102][ T294] ? __lock_task_sighand+0x6b/0x100 [ 28.120139][ T294] dump_stack+0x15/0x17 [ 28.124134][ T294] __schedule_bug+0x195/0x260 [ 28.128647][ T294] ? bpf_trace_printk+0x1be/0x300 [ 28.133508][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 28.138797][ T294] __schedule+0xce9/0x1540 [ 28.143051][ T294] ? __sched_text_start+0x8/0x8 [ 28.147826][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 28.152601][ T294] schedule+0xc3/0x180 [ 28.156508][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 28.161541][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 28.166836][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 28.172216][ T294] do_syscall_64+0x49/0xb0 [ 28.176476][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 28.182114][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 28.187843][ T294] RIP: 0033:0x4e815a [ 28.191574][ T294] Code: 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 78 0c 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 36 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 b8 ff ff ff f7 [ 28.211013][ T294] RSP: 002b:00007ffd326812b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 28.219270][ T294] RAX: 0000000000001000 RBX: 0000000020000000 RCX: 00000000004e815a [ 28.227088][ T294] RDX: 0000000000000001 RSI: 00007ffd326812e0 RDI: 000000000000014f [pid 335] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 334] <... bpf resumed>) = 7 [pid 340] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 339] <... bpf resumed>) = 5 [pid 337] exit_group(0 [ 28.234886][ T294] RBP: 000000000063c8a0 R08: 0000000000000001 R09: 0000000000000000 [ 28.242780][ T294] R10: 00007ffd326812f0 R11: 0000000000000246 R12: 0000000000000000 [ 28.250594][ T294] R13: 00000000200002c0 R14: 0000000000d51010 R15: 0000000000d536b0 [ 28.258414][ T294] [ 28.262886][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 28.274304][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 28.281794][ T294] Modules linked in: [ 28.285490][ T294] Preemption disabled at: [ 28.285496][ T294] [] pipe_write+0x14b2/0x1990 [ 28.295736][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 28.307107][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 28.317000][ T294] Call Trace: [ 28.320126][ T294] [ 28.322900][ T294] dump_stack_lvl+0x151/0x1b7 [ 28.327417][ T294] ? pipe_write+0x14b2/0x1990 [ 28.331925][ T294] ? pipe_write+0x14b2/0x1990 [ 28.336446][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 28.341732][ T294] ? task_rq_lock+0xd2/0x2b0 [ 28.346159][ T294] ? pipe_write+0x14b2/0x1990 [ 28.350673][ T294] dump_stack+0x15/0x17 [ 28.354665][ T294] __schedule_bug+0x195/0x260 [ 28.359181][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 28.364470][ T294] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 28.369773][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 28.374454][ T294] __schedule+0xce9/0x1540 [ 28.378744][ T294] ? __lock_task_sighand+0xde/0x100 [ 28.383741][ T294] ? __sched_text_start+0x8/0x8 [ 28.388426][ T294] ? __kasan_check_write+0x14/0x20 [ 28.393373][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 28.398148][ T294] schedule+0xc3/0x180 [ 28.402053][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 28.407087][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 28.412394][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 28.417859][ T294] do_syscall_64+0x49/0xb0 [ 28.422106][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 28.427750][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 28.433477][ T294] RIP: 0033:0x4e6c1a [ 28.437210][ T294] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 28.456657][ T294] RSP: 002b:00007ffd32681350 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 28.464892][ T294] RAX: 0000000000000000 RBX: 0000000000d4d2f8 RCX: 00000000004e6c1a [ 28.472703][ T294] RDX: 0000000000000000 RSI: 0000000000000150 RDI: 0000000000000018 [pid 336] exit_group(0 [pid 335] <... bpf resumed>) = 7 [pid 334] exit_group(0 [pid 340] <... bpf resumed>) = 0 [pid 339] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 337] <... exit_group resumed>) = ? [pid 336] <... exit_group resumed>) = ? [pid 335] exit_group(0 [pid 334] <... exit_group resumed>) = ? [pid 337] +++ exited with 0 +++ [pid 336] +++ exited with 0 +++ [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=337, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 28.480516][ T294] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000001 [ 28.488326][ T294] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000d4f620 [ 28.496138][ T294] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180 [ 28.503954][ T294] [ 28.510667][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 28.522081][ T292] BUG: scheduling while atomic: sshd/292/0x00000002 [ 28.528522][ T292] Modules linked in: [ 28.532197][ T292] Preemption disabled at: [ 28.532206][ T292] [] __set_current_blocked+0x11b/0x2f0 [ 28.543232][ T292] CPU: 0 PID: 292 Comm: sshd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 28.553626][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 28.563518][ T292] Call Trace: [ 28.566641][ T292] [ 28.569420][ T292] dump_stack_lvl+0x151/0x1b7 [ 28.573933][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 28.579224][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 28.584521][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 28.589816][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 28.595109][ T292] dump_stack+0x15/0x17 [ 28.599105][ T292] __schedule_bug+0x195/0x260 [ 28.603617][ T292] ? cpu_util_update_eff+0x10e0/0x10e0 [ 28.608911][ T292] __schedule+0xce9/0x1540 [ 28.613252][ T292] ? __kasan_check_read+0x11/0x20 [ 28.618111][ T292] ? _copy_to_user+0x74/0x90 [ 28.622541][ T292] ? __sched_text_start+0x8/0x8 [ 28.627226][ T292] ? __se_sys_rt_sigprocmask+0x311/0x380 [ 28.632697][ T292] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 28.638078][ T292] schedule+0xc3/0x180 [ 28.641981][ T292] exit_to_user_mode_loop+0x4e/0xa0 [ 28.647016][ T292] exit_to_user_mode_prepare+0x5a/0xa0 [ 28.652308][ T292] syscall_exit_to_user_mode+0x26/0x140 [ 28.657692][ T292] do_syscall_64+0x49/0xb0 [ 28.661939][ T292] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 28.667668][ T292] RIP: 0033:0x7fac9a2c2773 [ 28.671923][ T292] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41 [ 28.691366][ T292] RSP: 002b:00007fffb50ad210 EFLAGS: 00000246 ORIG_RAX: 000000000000000e [ 28.699611][ T292] RAX: 0000000000000000 RBX: 0000000000060000 RCX: 00007fac9a2c2773 [ 28.707420][ T292] RDX: 00007fffb50ad2f8 RSI: 00007fffb50ad278 RDI: 0000000000000001 [ 28.715234][ T292] RBP: 000055d14403e5e0 R08: 0000000000000001 R09: 0000000000000000 [ 28.723063][ T292] R10: 0000000000000008 R11: 0000000000000246 R12: 000055d143aa9aa4 [pid 340] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 339] <... bpf resumed>) = 0 [pid 335] <... exit_group resumed>) = ? [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=336, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 340] <... bpf resumed>) = 6 [pid 339] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 340] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 339] <... bpf resumed>) = 6 [pid 339] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565a7650) = 341 [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565a7650) = 342 ./strace-static-x86_64: Process 342 attached [pid 342] set_robust_list(0x5555565a7660, 24) = 0 [pid 342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 342] setpgid(0, 0) = 0 [pid 342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 342] write(3, "1000", 4) = 4 [pid 342] close(3) = 0 [pid 342] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 342] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 341 attached [pid 341] set_robust_list(0x5555565a7660, 24) = 0 [pid 341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 341] setpgid(0, 0) = 0 [pid 341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 341] write(3, "1000", 4) = 4 [pid 341] close(3) = 0 [pid 341] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [ 28.730855][ T292] R13: 000000000000001c R14: 000055d143aaa3e8 R15: 00007fffb50ad278 [ 28.738670][ T292] [ 28.742180][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 28.753582][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 28.760956][ T294] Modules linked in: [ 28.764664][ T294] Preemption disabled at: [ 28.764675][ T294] [] __lock_task_sighand+0x6b/0x100 [ 28.775415][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 28.786778][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 28.796758][ T294] Call Trace: [ 28.799881][ T294] [ 28.802661][ T294] dump_stack_lvl+0x151/0x1b7 [ 28.807173][ T294] ? __lock_task_sighand+0x6b/0x100 [ 28.812208][ T294] ? __lock_task_sighand+0x6b/0x100 [ 28.817240][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 28.822534][ T294] ? task_rq_lock+0xd2/0x2b0 [ 28.826973][ T294] ? __lock_task_sighand+0x6b/0x100 [ 28.832003][ T294] dump_stack+0x15/0x17 [ 28.835991][ T294] __schedule_bug+0x195/0x260 [ 28.840502][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 28.845797][ T294] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 28.851091][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 28.855779][ T294] __schedule+0xce9/0x1540 [ 28.860060][ T294] ? __lock_task_sighand+0xde/0x100 [ 28.865071][ T294] ? __sched_text_start+0x8/0x8 [ 28.869754][ T294] ? __kasan_check_write+0x14/0x20 [ 28.874697][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 28.879478][ T294] schedule+0xc3/0x180 [ 28.883378][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 28.888414][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 28.893801][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 28.899177][ T294] do_syscall_64+0x49/0xb0 [ 28.903425][ T294] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 28.909072][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 28.914804][ T294] RIP: 0033:0x4e6c1a [ 28.918530][ T294] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [pid 341] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [ 28.937973][ T294] RSP: 002b:00007ffd32681350 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 28.946213][ T294] RAX: 0000000000000000 RBX: 0000000000d4d2f8 RCX: 00000000004e6c1a [ 28.954115][ T294] RDX: 0000000000000000 RSI: 000000000000012f RDI: 0000000000000018 [ 28.961933][ T294] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000000 [ 28.969736][ T294] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000d4f230 [ 28.977546][ T294] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180 [ 28.985362][ T294] [ 28.989006][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 29.000417][ T292] BUG: scheduling while atomic: sshd/292/0x00000002 [ 29.006790][ T292] Modules linked in: [ 29.010573][ T292] Preemption disabled at: [ 29.010580][ T292] [] __set_current_blocked+0x11b/0x2f0 [ 29.021575][ T292] CPU: 0 PID: 292 Comm: sshd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 29.031963][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 29.041855][ T292] Call Trace: [ 29.044985][ T292] [ 29.047763][ T292] dump_stack_lvl+0x151/0x1b7 [ 29.052272][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 29.057564][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 29.062860][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 29.068156][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 29.073478][ T292] dump_stack+0x15/0x17 [ 29.077440][ T292] __schedule_bug+0x195/0x260 [ 29.081954][ T292] ? cpu_util_update_eff+0x10e0/0x10e0 [ 29.087252][ T292] __schedule+0xce9/0x1540 [ 29.091501][ T292] ? __kasan_check_read+0x11/0x20 [ 29.096360][ T292] ? _copy_to_user+0x74/0x90 [ 29.100799][ T292] ? __sched_text_start+0x8/0x8 [ 29.105477][ T292] ? __se_sys_rt_sigprocmask+0x311/0x380 [ 29.110950][ T292] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 29.116323][ T292] schedule+0xc3/0x180 [ 29.120229][ T292] exit_to_user_mode_loop+0x4e/0xa0 [ 29.125260][ T292] exit_to_user_mode_prepare+0x5a/0xa0 [ 29.130556][ T292] syscall_exit_to_user_mode+0x26/0x140 [ 29.135937][ T292] do_syscall_64+0x49/0xb0 [ 29.140201][ T292] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 29.145916][ T292] RIP: 0033:0x7fac9a2c2773 [ 29.150182][ T292] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41 [ 29.169618][ T292] RSP: 002b:00007fffb50ad210 EFLAGS: 00000246 ORIG_RAX: 000000000000000e [ 29.177857][ T292] RAX: 0000000000000000 RBX: 0000000000060000 RCX: 00007fac9a2c2773 [pid 334] +++ exited with 0 +++ [pid 342] <... bpf resumed>) = 4 [pid 341] <... bpf resumed>) = 4 [pid 340] <... bpf resumed>) = 7 [pid 339] <... bpf resumed>) = 7 [pid 335] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=334, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 342] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 341] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 340] exit_group(0 [pid 339] exit_group(0 [pid 342] <... bpf resumed>) = 5 [pid 341] <... bpf resumed>) = 5 [pid 340] <... exit_group resumed>) = ? [pid 339] <... exit_group resumed>) = ? [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=335, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 342] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 341] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 342] <... bpf resumed>) = 0 [pid 341] <... bpf resumed>) = 0 [pid 342] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 341] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 299] <... clone resumed>, child_tidptr=0x5555565a7650) = 343 [pid 298] <... clone resumed>, child_tidptr=0x5555565a7650) = 344 [pid 342] <... bpf resumed>) = 6 [pid 341] <... bpf resumed>) = 6 [pid 342] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 341] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16./strace-static-x86_64: Process 344 attached [pid 344] set_robust_list(0x5555565a7660, 24) = 0 [pid 344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 344] setpgid(0, 0) = 0 [pid 344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 344] write(3, "1000", 4) = 4 [pid 344] close(3) = 0 [pid 344] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 344] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 343 attached [pid 343] set_robust_list(0x5555565a7660, 24) = 0 [pid 343] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 343] setpgid(0, 0) = 0 [pid 343] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 343] write(3, "1000", 4) = 4 [pid 343] close(3) = 0 [pid 343] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 343] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 340] +++ exited with 0 +++ [pid 339] +++ exited with 0 +++ [pid 304] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=340, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=339, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 346 attached , child_tidptr=0x5555565a7650) = 346 [pid 346] set_robust_list(0x5555565a7660, 24) = 0 [pid 346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 346] setpgid(0, 0) = 0 [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 347 [pid 346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 346] write(3, "1000", 4) = 4 [pid 346] close(3./strace-static-x86_64: Process 347 attached [pid 347] set_robust_list(0x5555565a7660, 24 [pid 346] <... close resumed>) = 0 [pid 347] <... set_robust_list resumed>) = 0 [pid 346] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 347] setpgid(0, 0) = 0 [pid 347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 347] write(3, "1000", 4 [pid 346] <... bpf resumed>) = 3 [pid 347] <... write resumed>) = 4 [pid 346] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 347] close(3) = 0 [pid 347] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 347] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 342] <... bpf resumed>) = 7 [pid 344] <... bpf resumed>) = 4 [pid 343] <... bpf resumed>) = 4 [pid 341] <... bpf resumed>) = 7 [pid 347] <... bpf resumed>) = 4 [pid 346] <... bpf resumed>) = 4 [ 29.185673][ T292] RDX: 00007fffb50ad2f8 RSI: 00007fffb50ad278 RDI: 0000000000000001 [ 29.193480][ T292] RBP: 000055d14403e5e0 R08: 0000000000000001 R09: 0000000000000000 [ 29.201292][ T292] R10: 0000000000000008 R11: 0000000000000246 R12: 000055d143aa9aa4 [ 29.209104][ T292] R13: 000000000000001c R14: 000055d143aaa3e8 R15: 00007fffb50ad278 [ 29.216930][ T292] [ 29.238253][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 29.249893][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 29.257412][ T294] Modules linked in: [ 29.261114][ T294] Preemption disabled at: [ 29.261121][ T294] [] up_read+0x16/0x170 [ 29.270948][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 29.282202][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 29.292096][ T294] Call Trace: [ 29.295218][ T294] [ 29.297996][ T294] dump_stack_lvl+0x151/0x1b7 [ 29.302509][ T294] ? up_read+0x16/0x170 [ 29.306500][ T294] ? up_read+0x16/0x170 [ 29.310501][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 29.315790][ T294] ? up_read+0x16/0x170 [ 29.319782][ T294] dump_stack+0x15/0x17 [ 29.323774][ T294] __schedule_bug+0x195/0x260 [ 29.328289][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 29.333581][ T294] ? alloc_file_pseudo+0x280/0x2f0 [ 29.338530][ T294] __schedule+0xce9/0x1540 [ 29.342780][ T294] ? _raw_spin_unlock+0x4c/0x70 [ 29.347469][ T294] ? __sched_text_start+0x8/0x8 [ 29.352153][ T294] ? __sys_socket+0x1f7/0x3a0 [ 29.356676][ T294] schedule+0xc3/0x180 [ 29.360583][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 29.365608][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 29.370902][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 29.376283][ T294] do_syscall_64+0x49/0xb0 [ 29.380536][ T294] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 29.386178][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 29.391907][ T294] RIP: 0033:0x4e8217 [ 29.395639][ T294] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 29.415081][ T294] RSP: 002b:00007ffd32681218 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 29.423327][ T294] RAX: 0000000000000003 RBX: 0000000000000000 RCX: 00000000004e8217 [ 29.431137][ T294] RDX: 0000000000000000 RSI: 0000000000080002 RDI: 0000000000000001 [pid 344] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 343] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 342] exit_group(0 [pid 341] exit_group(0 [pid 347] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 346] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 344] <... bpf resumed>) = 5 [pid 347] <... bpf resumed>) = 5 [pid 343] <... bpf resumed>) = 5 [pid 342] <... exit_group resumed>) = ? [pid 341] <... exit_group resumed>) = ? [pid 347] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 347] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 343] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 341] +++ exited with 0 +++ [pid 347] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 344] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 343] <... bpf resumed>) = 0 [pid 342] +++ exited with 0 +++ [pid 344] <... bpf resumed>) = 0 [pid 343] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=341, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=342, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 344] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 343] <... bpf resumed>) = 6 [pid 346] <... bpf resumed>) = 5 [pid 344] <... bpf resumed>) = 6 [pid 343] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 346] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 344] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 346] <... bpf resumed>) = 0 [pid 346] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 346] <... bpf resumed>) = 6 [pid 346] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16./strace-static-x86_64: Process 349 attached ./strace-static-x86_64: Process 348 attached [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 348 [pid 349] set_robust_list(0x5555565a7660, 24 [pid 348] set_robust_list(0x5555565a7660, 24 [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 349 [pid 349] <... set_robust_list resumed>) = 0 [pid 348] <... set_robust_list resumed>) = 0 [pid 349] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 348] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 349] <... prctl resumed>) = 0 [pid 348] <... prctl resumed>) = 0 [pid 349] setpgid(0, 0 [pid 348] setpgid(0, 0 [pid 349] <... setpgid resumed>) = 0 [pid 348] <... setpgid resumed>) = 0 [pid 349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 348] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 349] <... openat resumed>) = 3 [pid 348] <... openat resumed>) = 3 [pid 349] write(3, "1000", 4) = 4 [pid 348] write(3, "1000", 4 [pid 349] close(3 [pid 348] <... write resumed>) = 4 [pid 349] <... close resumed>) = 0 [pid 348] close(3 [pid 349] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 348] <... close resumed>) = 0 [pid 348] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 349] <... bpf resumed>) = 3 [pid 349] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 348] <... bpf resumed>) = 3 [ 29.438951][ T294] RBP: 00007ffd326812e0 R08: 00000000ffffffff R09: 000000000000000c [ 29.446761][ T294] R10: 0000000000554612 R11: 0000000000000246 R12: 00007ffd326812e0 [ 29.454571][ T294] R13: 0000000000d536b0 R14: 0000000000423160 R15: 0000000000617180 [ 29.462388][ T294] [pid 348] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 347] <... bpf resumed>) = 7 [pid 349] <... bpf resumed>) = 4 [pid 348] <... bpf resumed>) = 4 [pid 347] exit_group(0 [pid 346] <... bpf resumed>) = 7 [pid 344] <... bpf resumed>) = 7 [pid 343] <... bpf resumed>) = 7 [pid 349] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 348] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 347] <... exit_group resumed>) = ? [pid 346] exit_group(0 [pid 344] exit_group(0 [pid 343] exit_group(0 [pid 349] <... bpf resumed>) = 5 [pid 348] <... bpf resumed>) = 5 [pid 347] +++ exited with 0 +++ [pid 346] <... exit_group resumed>) = ? [pid 344] <... exit_group resumed>) = ? [ 29.501000][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 29.512444][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 29.519967][ T294] Modules linked in: [ 29.523721][ T294] Preemption disabled at: [ 29.523726][ T294] [] __lock_task_sighand+0x6b/0x100 [ 29.534518][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 29.545891][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 29.555781][ T294] Call Trace: [ 29.558907][ T294] [ 29.561683][ T294] dump_stack_lvl+0x151/0x1b7 [ 29.566194][ T294] ? __lock_task_sighand+0x6b/0x100 [ 29.571315][ T294] ? __lock_task_sighand+0x6b/0x100 [ 29.576349][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 29.581643][ T294] ? fsnotify_perm+0x6a/0x5d0 [ 29.586157][ T294] ? __lock_task_sighand+0x6b/0x100 [ 29.591279][ T294] dump_stack+0x15/0x17 [ 29.595271][ T294] __schedule_bug+0x195/0x260 [ 29.599785][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 29.605079][ T294] ? file_end_write+0x1c0/0x1c0 [ 29.609789][ T294] __schedule+0xce9/0x1540 [ 29.614025][ T294] ? __kasan_check_read+0x11/0x20 [ 29.619080][ T294] ? __fdget_pos+0x204/0x390 [ 29.623502][ T294] ? __sched_text_start+0x8/0x8 [ 29.628189][ T294] ? ksys_write+0x24f/0x2c0 [ 29.632534][ T294] schedule+0xc3/0x180 [ 29.636437][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 29.641468][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 29.646763][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 29.652144][ T294] do_syscall_64+0x49/0xb0 [ 29.656397][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 29.662041][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 29.667764][ T294] RIP: 0033:0x4e5c73 [ 29.671497][ T294] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 29.691547][ T294] RSP: 002b:00007ffd32681308 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [pid 343] <... exit_group resumed>) = ? [pid 349] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 348] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 346] +++ exited with 0 +++ [pid 349] <... bpf resumed>) = 0 [pid 349] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 344] +++ exited with 0 +++ [pid 349] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 343] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=343, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=344, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 348] <... bpf resumed>) = 0 [pid 304] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=347, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=346, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 348] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 348] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16./strace-static-x86_64: Process 351 attached ./strace-static-x86_64: Process 350 attached [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 351 [pid 302] <... clone resumed>, child_tidptr=0x5555565a7650) = 350 [pid 351] set_robust_list(0x5555565a7660, 24) = 0 [pid 350] set_robust_list(0x5555565a7660, 24 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 351] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 350] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 352 attached ./strace-static-x86_64: Process 353 attached [pid 351] <... prctl resumed>) = 0 [pid 350] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 299] <... clone resumed>, child_tidptr=0x5555565a7650) = 352 [pid 352] set_robust_list(0x5555565a7660, 24 [pid 351] setpgid(0, 0 [pid 350] <... prctl resumed>) = 0 [pid 298] <... clone resumed>, child_tidptr=0x5555565a7650) = 353 [pid 351] <... setpgid resumed>) = 0 [pid 350] setpgid(0, 0 [pid 351] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 350] <... setpgid resumed>) = 0 [pid 351] <... openat resumed>) = 3 [pid 350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 353] set_robust_list(0x5555565a7660, 24) = 0 [pid 353] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 351] write(3, "1000", 4 [pid 350] <... openat resumed>) = 3 [pid 351] <... write resumed>) = 4 [pid 350] write(3, "1000", 4 [pid 351] close(3) = 0 [pid 350] <... write resumed>) = 4 [pid 353] <... prctl resumed>) = 0 [pid 352] <... set_robust_list resumed>) = 0 [pid 351] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 350] close(3 [pid 352] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 353] setpgid(0, 0) = 0 [pid 353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 350] <... close resumed>) = 0 [pid 350] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 353] <... openat resumed>) = 3 [pid 353] write(3, "1000", 4) = 4 [pid 353] close(3) = 0 [pid 353] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 352] <... prctl resumed>) = 0 [pid 351] <... bpf resumed>) = 3 [pid 350] <... bpf resumed>) = 3 [pid 353] <... bpf resumed>) = 3 [pid 352] setpgid(0, 0 [pid 351] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 350] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 349] <... bpf resumed>) = 7 [pid 348] <... bpf resumed>) = 7 [ 29.699794][ T294] RAX: 000000000000002c RBX: 000000000000002c RCX: 00000000004e5c73 [ 29.707604][ T294] RDX: 000000000000002c RSI: 0000000000d50000 RDI: 0000000000000002 [ 29.715415][ T294] RBP: 0000000000d50000 R08: 0000000000000002 R09: 0000000000000018 [ 29.723226][ T294] R10: 0000000000548960 R11: 0000000000000246 R12: 000000000000002c [ 29.731036][ T294] R13: 0000000000617480 R14: 000000000000002c R15: 0000000000000001 [ 29.738855][ T294] [ 29.757869][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 29.769281][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 29.776620][ T294] Modules linked in: [ 29.780500][ T294] Preemption disabled at: [ 29.780507][ T294] [] pipe_write+0x14b2/0x1990 [ 29.790775][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 29.802105][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 29.812348][ T294] Call Trace: [ 29.815462][ T294] [ 29.818243][ T294] dump_stack_lvl+0x151/0x1b7 [ 29.822756][ T294] ? pipe_write+0x14b2/0x1990 [ 29.827268][ T294] ? pipe_write+0x14b2/0x1990 [ 29.832041][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 29.837337][ T294] ? task_rq_lock+0xd2/0x2b0 [ 29.841761][ T294] ? pipe_write+0x14b2/0x1990 [ 29.846276][ T294] dump_stack+0x15/0x17 [ 29.850269][ T294] __schedule_bug+0x195/0x260 [ 29.854782][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 29.860076][ T294] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 29.865369][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 29.870057][ T294] __schedule+0xce9/0x1540 [ 29.874313][ T294] ? __lock_task_sighand+0xde/0x100 [ 29.879344][ T294] ? __sched_text_start+0x8/0x8 [ 29.884032][ T294] ? __kasan_check_write+0x14/0x20 [ 29.888978][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 29.893752][ T294] schedule+0xc3/0x180 [ 29.897660][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 29.902701][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 29.907988][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 29.913368][ T294] do_syscall_64+0x49/0xb0 [ 29.918056][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 29.923784][ T294] RIP: 0033:0x4e6c1a [ 29.927514][ T294] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 29.946963][ T294] RSP: 002b:00007ffd32681350 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [pid 353] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 352] <... setpgid resumed>) = 0 [pid 351] <... bpf resumed>) = 4 [pid 350] <... bpf resumed>) = 4 [pid 349] exit_group(0 [pid 348] exit_group(0 [pid 353] <... bpf resumed>) = 4 [pid 349] <... exit_group resumed>) = ? [pid 353] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 348] <... exit_group resumed>) = ? [pid 353] <... bpf resumed>) = 5 [pid 353] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 353] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 351] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [ 29.955200][ T294] RAX: 0000000000000000 RBX: 0000000000d4d2f8 RCX: 00000000004e6c1a [ 29.963013][ T294] RDX: 0000000000000000 RSI: 000000000000015c RDI: 0000000000000018 [ 29.970823][ T294] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000003 [ 29.978658][ T294] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000d4f620 [ 29.986449][ T294] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180 [ 29.994267][ T294] [ 30.002252][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 30.013657][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 30.021127][ T294] Modules linked in: [ 30.023465][ T28] audit: type=1400 audit(1703937068.144:73): avc: denied { remove_name } for pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 30.024725][ T294] Preemption disabled at: [ 30.024730][ T294] [] remove_wait_queue+0x26/0x140 [ 30.047298][ T28] audit: type=1400 audit(1703937068.144:74): avc: denied { rename } for pid=84 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 30.050969][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 30.090428][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 30.100498][ T294] Call Trace: [ 30.103618][ T294] [ 30.106396][ T294] dump_stack_lvl+0x151/0x1b7 [ 30.110909][ T294] ? remove_wait_queue+0x26/0x140 [ 30.115767][ T294] ? remove_wait_queue+0x26/0x140 [ 30.120632][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 30.125924][ T294] ? remove_wait_queue+0x26/0x140 [ 30.130785][ T294] dump_stack+0x15/0x17 [ 30.134780][ T294] __schedule_bug+0x195/0x260 [ 30.139745][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 30.144515][ T294] ? bpf_trace_printk+0x1be/0x300 [ 30.149381][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 30.154669][ T294] ? kernel_waitid+0x520/0x520 [ 30.159272][ T294] __schedule+0xce9/0x1540 [ 30.163526][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 30.168298][ T294] ? bpf_trace_run2+0x138/0x290 [ 30.172983][ T294] ? __sched_text_start+0x8/0x8 [ 30.177672][ T294] schedule+0xc3/0x180 [ 30.181577][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 30.186618][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 30.191908][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 30.197286][ T294] do_syscall_64+0x49/0xb0 [ 30.201538][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 30.207266][ T294] RIP: 0033:0x4d49a6 [ 30.211000][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 30.230701][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 30.238950][ T294] RAX: 000000000000015f RBX: 0000000000000002 RCX: 00000000004d49a6 [ 30.246758][ T294] RDX: 0000000040000001 RSI: 00007ffd3268148c RDI: 00000000ffffffff [pid 350] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 353] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 352] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 351] <... bpf resumed>) = 5 [pid 350] <... bpf resumed>) = 5 [pid 349] +++ exited with 0 +++ [pid 348] +++ exited with 0 +++ [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=348, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 303] restart_syscall(<... resuming interrupted clone ...> [pid 352] <... openat resumed>) = 3 [pid 351] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 350] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=349, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 303] <... restart_syscall resumed>) = 0 [pid 352] write(3, "1000", 4 [pid 351] <... bpf resumed>) = 0 [pid 350] <... bpf resumed>) = 0 [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 352] <... write resumed>) = 4 [pid 351] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 350] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 352] close(3 [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 355 [pid 351] <... bpf resumed>) = 6 ./strace-static-x86_64: Process 355 attached [pid 350] <... bpf resumed>) = 6 [pid 352] <... close resumed>) = 0 [pid 350] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 351] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 352] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 355] set_robust_list(0x5555565a7660, 24) = 0 [pid 355] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 355] setpgid(0, 0) = 0 [pid 355] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 352] <... bpf resumed>) = 3 [pid 352] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 356 ./strace-static-x86_64: Process 356 attached [pid 355] write(3, "1000", 4 [pid 356] set_robust_list(0x5555565a7660, 24) = 0 [pid 356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 355] <... write resumed>) = 4 [pid 355] close(3 [pid 356] setpgid(0, 0 [pid 355] <... close resumed>) = 0 [pid 355] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 356] <... setpgid resumed>) = 0 [pid 356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 356] write(3, "1000", 4) = 4 [pid 356] close(3 [pid 355] <... bpf resumed>) = 3 [pid 356] <... close resumed>) = 0 [pid 355] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 356] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 356] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 353] <... bpf resumed>) = 7 [pid 350] <... bpf resumed>) = 7 [pid 351] <... bpf resumed>) = 7 [pid 352] <... bpf resumed>) = 4 [pid 356] <... bpf resumed>) = 4 [pid 355] <... bpf resumed>) = 4 [pid 356] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 355] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 353] exit_group(0 [ 30.254569][ T294] RBP: 0000000000d4f8c0 R08: 0000000000000000 R09: 0000000000000000 [ 30.262382][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d54750 [ 30.270194][ T294] R13: 0000000000000160 R14: 00007ffd3268148c R15: 0000000000617180 [ 30.278008][ T294] [ 30.299993][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 30.311385][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 30.318833][ T294] Modules linked in: [ 30.322452][ T294] Preemption disabled at: [ 30.322457][ T294] [] is_module_text_address+0x1f/0x360 [ 30.333640][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 30.344983][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 30.354878][ T294] Call Trace: [ 30.358005][ T294] [ 30.360778][ T294] dump_stack_lvl+0x151/0x1b7 [ 30.365292][ T294] ? is_module_text_address+0x1f/0x360 [ 30.370587][ T294] ? is_module_text_address+0x1f/0x360 [ 30.375880][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 30.381176][ T294] ? fsnotify_perm+0x6a/0x5d0 [ 30.385689][ T294] ? is_module_text_address+0x1f/0x360 [ 30.390985][ T294] dump_stack+0x15/0x17 [ 30.394982][ T294] __schedule_bug+0x195/0x260 [ 30.399489][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 30.404795][ T294] ? file_end_write+0x1c0/0x1c0 [ 30.409470][ T294] __schedule+0xce9/0x1540 [ 30.413738][ T294] ? __kasan_check_read+0x11/0x20 [ 30.418587][ T294] ? __fdget_pos+0x204/0x390 [ 30.423013][ T294] ? __sched_text_start+0x8/0x8 [ 30.427698][ T294] ? ksys_write+0x24f/0x2c0 [ 30.432035][ T294] ? unlock_page_memcg+0x160/0x160 [ 30.436991][ T294] schedule+0xc3/0x180 [ 30.440894][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 30.445940][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 30.451220][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 30.456599][ T294] do_syscall_64+0x49/0xb0 [ 30.460850][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 30.466494][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 30.472223][ T294] RIP: 0033:0x4e5c73 [ 30.475952][ T294] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18 [ 30.495399][ T294] RSP: 002b:00007ffd326812f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 30.503640][ T294] RAX: 0000000000000111 RBX: 0000000000000111 RCX: 00000000004e5c73 [pid 352] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 351] exit_group(0 [pid 350] exit_group(0 [pid 356] <... bpf resumed>) = 5 [pid 355] <... bpf resumed>) = 5 [pid 353] <... exit_group resumed>) = ? [pid 352] <... bpf resumed>) = 5 [pid 351] <... exit_group resumed>) = ? [pid 350] <... exit_group resumed>) = ? [pid 353] +++ exited with 0 +++ [pid 352] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [ 30.511459][ T294] RDX: 0000000000000111 RSI: 0000000000d50000 RDI: 0000000000000002 [ 30.519263][ T294] RBP: 0000000000d50000 R08: 0000000000000000 R09: 0000000000000002 [ 30.527075][ T294] R10: 00007ffd32681266 R11: 0000000000000246 R12: 0000000000000111 [ 30.534883][ T294] R13: 0000000000617480 R14: 0000000000000111 R15: 0000000000617180 [ 30.542701][ T294] [ 30.549056][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 30.560454][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 30.567856][ T294] Modules linked in: [ 30.571527][ T294] Preemption disabled at: [ 30.571532][ T294] [] __lock_task_sighand+0x6b/0x100 [ 30.582413][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 30.593748][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 30.603644][ T294] Call Trace: [ 30.606769][ T294] [ 30.609545][ T294] dump_stack_lvl+0x151/0x1b7 [ 30.614056][ T294] ? __lock_task_sighand+0x6b/0x100 [ 30.619097][ T294] ? __lock_task_sighand+0x6b/0x100 [ 30.624150][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 30.629419][ T294] ? __lock_task_sighand+0x6b/0x100 [ 30.634453][ T294] dump_stack+0x15/0x17 [ 30.638447][ T294] __schedule_bug+0x195/0x260 [ 30.642965][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 30.648252][ T294] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 30.653551][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 30.658241][ T294] __schedule+0xce9/0x1540 [ 30.662490][ T294] ? __lock_task_sighand+0xde/0x100 [ 30.667522][ T294] ? __sched_text_start+0x8/0x8 [ 30.672209][ T294] ? __kasan_check_write+0x14/0x20 [ 30.677156][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 30.681935][ T294] schedule+0xc3/0x180 [ 30.685837][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 30.690869][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 30.696164][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 30.701546][ T294] do_syscall_64+0x49/0xb0 [ 30.705799][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 30.711439][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 30.717169][ T294] RIP: 0033:0x4e6c1a [ 30.720908][ T294] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 30.740341][ T294] RSP: 002b:00007ffd326812d0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [ 30.748585][ T294] RAX: 0000000000000050 RBX: 0000000000d4ee40 RCX: 00000000004e6c1a [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=353, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 356] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 355] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 352] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 351] +++ exited with 0 +++ [pid 350] +++ exited with 0 +++ [pid 352] <... bpf resumed>) = 6 [pid 304] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=351, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=350, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 356] <... bpf resumed>) = 0 [pid 355] <... bpf resumed>) = 0 [pid 352] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 356] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 355] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 357 attached [pid 356] <... bpf resumed>) = 6 [pid 355] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 357] set_robust_list(0x5555565a7660, 24 [pid 356] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 357 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 359 attached [pid 357] <... set_robust_list resumed>) = 0 [pid 302] <... clone resumed>, child_tidptr=0x5555565a7650) = 358 [pid 357] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 298] <... clone resumed>, child_tidptr=0x5555565a7650) = 359 [pid 357] <... prctl resumed>) = 0 [pid 357] setpgid(0, 0) = 0 [pid 357] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 357] write(3, "1000", 4) = 4 [pid 357] close(3) = 0 [pid 357] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 358 attached [pid 359] set_robust_list(0x5555565a7660, 24) = 0 [pid 358] set_robust_list(0x5555565a7660, 24 [pid 357] <... bpf resumed>) = 3 [pid 359] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 358] <... set_robust_list resumed>) = 0 [pid 357] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 359] <... prctl resumed>) = 0 [pid 358] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 359] setpgid(0, 0) = 0 [pid 357] <... bpf resumed>) = 4 [pid 356] <... bpf resumed>) = 7 [ 30.756401][ T294] RDX: 0000000000000058 RSI: 000000000000012d RDI: 000000000000420e [ 30.764208][ T294] RBP: 00007ffd326813d0 R08: 000000000000420d R09: 0000000000000003 [ 30.772130][ T294] R10: 000000000063c820 R11: 0000000000000206 R12: 0000000000d4ee40 [ 30.779944][ T294] R13: 00007ffd3268142c R14: 000000000000857f R15: 0000000000617180 [ 30.787756][ T294] [ 30.807956][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 30.819404][ T292] BUG: scheduling while atomic: sshd/292/0x00000002 [ 30.825875][ T292] Modules linked in: [ 30.829684][ T292] Preemption disabled at: [ 30.829692][ T292] [] __set_current_blocked+0x11b/0x2f0 [ 30.836979][ C1] softirq: huh, entered softirq 9 RCU ffffffff8160b930 with preempt_count 00000103, exited with 00000102? [ 30.840704][ T292] CPU: 0 PID: 292 Comm: sshd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 30.851782][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 30.863102][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 30.863112][ T292] Call Trace: [ 30.863118][ T292] [ 30.863126][ T292] dump_stack_lvl+0x151/0x1b7 [ 30.863148][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 30.863165][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 30.863183][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 30.863201][ T292] ? fsnotify_perm+0x470/0x5d0 [ 30.870588][ T294] Modules linked in: [ 30.880377][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 30.880406][ T292] dump_stack+0x15/0x17 [ 30.883496][ T294] [ 30.883502][ T294] Preemption disabled at: [ 30.886282][ T292] __schedule_bug+0x195/0x260 [ 30.890806][ T294] [] remove_wait_queue+0x26/0x140 [ 30.896084][ T292] ? cpu_util_update_eff+0x10e0/0x10e0 [ 30.946868][ T292] ? kernel_read+0x1f0/0x1f0 [ 30.951297][ T292] __schedule+0xce9/0x1540 [ 30.955543][ T292] ? __kasan_check_read+0x11/0x20 [ 30.960400][ T292] ? __fdget_pos+0x204/0x390 [ 30.964827][ T292] ? __sched_text_start+0x8/0x8 [ 30.969512][ T292] ? ksys_read+0x24f/0x2c0 [ 30.973850][ T292] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 30.979235][ T292] schedule+0xc3/0x180 [ 30.983142][ T292] exit_to_user_mode_loop+0x4e/0xa0 [ 30.988174][ T292] exit_to_user_mode_prepare+0x5a/0xa0 [ 30.993468][ T292] syscall_exit_to_user_mode+0x26/0x140 [ 30.998850][ T292] do_syscall_64+0x49/0xb0 [ 31.003209][ T292] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 31.008937][ T292] RIP: 0033:0x7fac9a316b6a [ 31.013188][ T292] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 31.032622][ T292] RSP: 002b:00007fffb50a90c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 31.040870][ T292] RAX: 0000000000000c79 RBX: 0000000000000000 RCX: 00007fac9a316b6a [ 31.048682][ T292] RDX: 0000000000004000 RSI: 00007fffb50a90e8 RDI: 0000000000000009 [pid 355] <... bpf resumed>) = 7 [ 31.056490][ T292] RBP: 000055d144046390 R08: 0000000000000000 R09: 0000000000000000 [ 31.064305][ T292] R10: 00007fffb50a90e8 R11: 0000000000000246 R12: 000055d14403e5e0 [ 31.072113][ T292] R13: 000055d143ab2937 R14: 000055d143ab5480 R15: 000055d14403e5e0 [ 31.079933][ T292] [ 31.082792][ T294] CPU: 1 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 31.083970][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 31.094156][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 31.094167][ T294] Call Trace: [ 31.094172][ T294] [ 31.094177][ T294] dump_stack_lvl+0x151/0x1b7 [ 31.105558][ T292] BUG: scheduling while atomic: sshd/292/0x00000002 [ 31.115594][ T294] ? remove_wait_queue+0x26/0x140 [ 31.115614][ T294] ? remove_wait_queue+0x26/0x140 [ 31.115629][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 31.118729][ T292] Modules linked in: [ 31.121499][ T294] ? remove_wait_queue+0x26/0x140 [ 31.126007][ T292] [ 31.126012][ T292] Preemption disabled at: [ 31.132433][ T294] dump_stack+0x15/0x17 [ 31.132451][ T294] __schedule_bug+0x195/0x260 [ 31.137300][ T292] [] touch_atime+0x3ac/0x540 [ 31.142153][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 31.181645][ T294] ? bpf_trace_printk+0x1be/0x300 [ 31.186507][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 31.191802][ T294] ? kernel_waitid+0x520/0x520 [ 31.196409][ T294] __schedule+0xce9/0x1540 [ 31.200654][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 31.205529][ T294] ? bpf_trace_run2+0x138/0x290 [ 31.210202][ T294] ? __sched_text_start+0x8/0x8 [ 31.214978][ T294] schedule+0xc3/0x180 [ 31.218891][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 31.223917][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 31.229209][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 31.234592][ T294] do_syscall_64+0x49/0xb0 [ 31.238844][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 31.244571][ T294] RIP: 0033:0x4d49a6 [ 31.248304][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 31.267745][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 31.275991][ T294] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00000000004d49a6 [ 31.283801][ T294] RDX: 0000000040000001 RSI: 00007ffd3268148c RDI: 00000000ffffffff [ 31.291616][ T294] RBP: 0000000000d4eba0 R08: 0000000000000000 R09: 0000000000000000 [ 31.299426][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d54870 [ 31.307237][ T294] R13: 000000000000012a R14: 00007ffd3268148c R15: 0000000000617180 [ 31.315052][ T294] [ 31.317915][ T292] CPU: 0 PID: 292 Comm: sshd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 31.326982][ C1] softirq: huh, entered softirq 9 RCU ffffffff8160b930 with preempt_count 00000103, exited with 00000102? [ 31.328327][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 31.328339][ T292] Call Trace: [ 31.328343][ T292] [ 31.328350][ T292] dump_stack_lvl+0x151/0x1b7 [ 31.339470][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 31.349328][ T292] ? touch_atime+0x3ac/0x540 [ 31.349344][ T292] ? touch_atime+0x3ac/0x540 [ 31.349358][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 31.349378][ T292] ? touch_atime+0x3ac/0x540 [ 31.349393][ T292] dump_stack+0x15/0x17 [ 31.352456][ T294] Modules linked in: [ 31.355232][ T292] __schedule_bug+0x195/0x260 [ 31.359822][ T294] Preemption disabled at: [ 31.367122][ T292] ? bpf_bprintf_cleanup+0x48/0x60 [ 31.367142][ T292] ? bpf_trace_printk+0x1be/0x300 [ 31.367160][ T292] ? cpu_util_update_eff+0x10e0/0x10e0 [ 31.367176][ T292] ? bpf_probe_write_user+0xf0/0xf0 [ 31.367195][ T292] ? bpf_trace_run2+0xe9/0x290 [ 31.367216][ T292] __schedule+0xce9/0x1540 [ 31.371548][ T294] [] __lock_task_sighand+0x6b/0x100 [ 31.375977][ T292] ? bpf_trace_run2+0x138/0x290 [ 31.442462][ T292] ? __sched_text_start+0x8/0x8 [ 31.447152][ T292] ? bpf_trace_run1+0x240/0x240 [ 31.451833][ T292] ? ksys_read+0x24f/0x2c0 [ 31.456087][ T292] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 31.461471][ T292] schedule+0xc3/0x180 [ 31.465375][ T292] exit_to_user_mode_loop+0x4e/0xa0 [ 31.470411][ T292] exit_to_user_mode_prepare+0x5a/0xa0 [ 31.475704][ T292] syscall_exit_to_user_mode+0x26/0x140 [ 31.481085][ T292] do_syscall_64+0x49/0xb0 [ 31.485338][ T292] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 31.491073][ T292] RIP: 0033:0x7fac9a2fd587 [ 31.495317][ T292] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 b9 01 00 00 00 e9 12 fe ff ff 31 c9 e9 0b fe ff ff 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00 [ 31.514761][ T292] RSP: 002b:00007fffb50a8a48 EFLAGS: 00000246 ORIG_RAX: 0000000000000027 [ 31.523008][ T292] RAX: 0000000000000124 RBX: 0000000000000000 RCX: 00007fac9a2fd587 [ 31.530816][ T292] RDX: 000000000000085c RSI: 000055d143ab5480 RDI: 000055d143ab2937 [ 31.538635][ T292] RBP: 000055d143ab3856 R08: 0000000000000006 R09: 0000000000000000 [ 31.546440][ T292] R10: 000055d143ab3856 R11: 0000000000000246 R12: 000055d143ab2937 [ 31.554250][ T292] R13: 000055d143ab5480 R14: 000055d143ab5480 R15: 00007fffb50a8fd0 [ 31.562065][ T292] [ 31.564932][ T294] CPU: 1 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 31.576307][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 31.586191][ T294] Call Trace: [ 31.589381][ T294] [ 31.592090][ T294] dump_stack_lvl+0x151/0x1b7 [ 31.596604][ T294] ? __lock_task_sighand+0x6b/0x100 [ 31.601636][ T294] ? __lock_task_sighand+0x6b/0x100 [ 31.606682][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 31.611967][ T294] ? __lock_task_sighand+0x6b/0x100 [ 31.617002][ T294] dump_stack+0x15/0x17 [ 31.620995][ T294] __schedule_bug+0x195/0x260 [ 31.625508][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 31.630279][ T294] ? bpf_trace_printk+0x1be/0x300 [ 31.635146][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 31.640435][ T294] ? kernel_waitid+0x520/0x520 [ 31.645037][ T294] __schedule+0xce9/0x1540 [ 31.649287][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 31.654062][ T294] ? bpf_trace_run2+0x138/0x290 [ 31.658749][ T294] ? __sched_text_start+0x8/0x8 [ 31.663437][ T294] schedule+0xc3/0x180 [ 31.667343][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 31.672373][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 31.677671][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 31.683051][ T294] do_syscall_64+0x49/0xb0 [ 31.687303][ T294] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 31.692944][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 31.698674][ T294] RIP: 0033:0x4d49a6 [ 31.702407][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 31.721849][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 31.730090][ T294] RAX: 0000000000000130 RBX: 0000000000d4d2f8 RCX: 00000000004d49a6 [ 31.737904][ T294] RDX: 0000000040000000 RSI: 00007ffd3268148c RDI: 00000000ffffffff [ 31.745731][ T294] RBP: 0000000000000000 R08: 0000000000000017 R09: 0000000000000000 [ 31.753526][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d54870 [ 31.761337][ T294] R13: 0000000000000000 R14: 00007ffd3268148c R15: 0000000000617180 [ 31.769166][ T294] [ 31.776931][ C0] softirq: huh, entered softirq 9 RCU ffffffff8160b930 with preempt_count 00000103, exited with 00000102? [ 31.788099][ T91] BUG: scheduling while atomic: klogd/91/0x00000002 [ 31.794456][ T91] Modules linked in: [ 31.798219][ T91] Preemption disabled at: [ 31.798232][ T91] [] unix_dgram_sendmsg+0xc74/0x2050 [ 31.809067][ T91] CPU: 0 PID: 91 Comm: klogd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 31.819716][ T91] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 31.829785][ T91] Call Trace: [ 31.832923][ T91] [ 31.835779][ T91] dump_stack_lvl+0x151/0x1b7 [ 31.840284][ T91] ? unix_dgram_sendmsg+0xc74/0x2050 [ 31.845411][ T91] ? unix_dgram_sendmsg+0xc74/0x2050 [ 31.850528][ T91] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 31.855855][ T91] ? unix_dgram_sendmsg+0xc74/0x2050 [ 31.860942][ T91] dump_stack+0x15/0x17 [ 31.864935][ T91] __schedule_bug+0x195/0x260 [ 31.869535][ T91] ? __sys_sendto+0x4b6/0x5f0 [ 31.874048][ T91] ? cpu_util_update_eff+0x10e0/0x10e0 [ 31.879342][ T91] ? __ia32_sys_getpeername+0x90/0x90 [ 31.884555][ T91] __schedule+0xce9/0x1540 [ 31.888805][ T91] ? __sched_text_start+0x8/0x8 [ 31.893490][ T91] schedule+0xc3/0x180 [ 31.897396][ T91] exit_to_user_mode_loop+0x4e/0xa0 [ 31.902431][ T91] exit_to_user_mode_prepare+0x5a/0xa0 [ 31.907810][ T91] syscall_exit_to_user_mode+0x26/0x140 [ 31.913195][ T91] do_syscall_64+0x49/0xb0 [ 31.917618][ T91] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 31.923343][ T91] RIP: 0033:0x7fbe3e6b19b5 [ 31.927598][ T91] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 [ 31.947127][ T91] RSP: 002b:00007ffd9e53bf18 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 31.955370][ T91] RAX: 0000000000000047 RBX: 0000000000000000 RCX: 00007fbe3e6b19b5 [pid 352] <... bpf resumed>) = 7 [pid 359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 357] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 356] exit_group(0 [pid 355] exit_group(0 [pid 352] exit_group(0 [pid 357] <... bpf resumed>) = 5 [pid 356] <... exit_group resumed>) = ? [pid 355] <... exit_group resumed>) = ? [pid 352] <... exit_group resumed>) = ? [pid 357] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 356] +++ exited with 0 +++ [pid 357] <... bpf resumed>) = 0 [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=356, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 357] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 357] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 358] <... prctl resumed>) = 0 [pid 358] setpgid(0, 0) = 0 [pid 358] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 358] <... openat resumed>) = 3 [pid 358] write(3, "1000", 4 [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 360 [pid 358] <... write resumed>) = 4 [pid 358] close(3) = 0 [pid 358] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 358] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 359] <... openat resumed>) = 3 [pid 359] write(3, "1000", 4) = 4 [pid 359] close(3) = 0 [pid 359] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 359] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16./strace-static-x86_64: Process 360 attached [pid 360] set_robust_list(0x5555565a7660, 24) = 0 [pid 360] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 360] setpgid(0, 0) = 0 [pid 360] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 360] write(3, "1000", 4) = 4 [pid 360] close(3) = 0 [pid 360] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 360] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 355] +++ exited with 0 +++ [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=355, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 303] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565a7650) = 364 ./strace-static-x86_64: Process 364 attached [pid 364] set_robust_list(0x5555565a7660, 24) = 0 [pid 364] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 364] setpgid(0, 0) = 0 [pid 364] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 364] write(3, "1000", 4) = 4 [pid 364] close(3) = 0 [pid 364] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 364] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 357] <... bpf resumed>) = 7 [pid 352] +++ exited with 0 +++ [pid 358] <... bpf resumed>) = 4 [pid 360] <... bpf resumed>) = 4 [pid 359] <... bpf resumed>) = 4 [pid 358] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 357] exit_group(0 [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=352, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 31.963183][ T91] RDX: 0000000000000047 RSI: 000055db5d733310 RDI: 0000000000000003 [ 31.970996][ T91] RBP: 000055db5d72d2c0 R08: 0000000000000000 R09: 0000000000000000 [ 31.978807][ T91] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 [ 31.986616][ T91] R13: 00007fbe3e83f212 R14: 00007ffd9e53c018 R15: 0000000000000000 [ 31.994435][ T91] [ 32.018638][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 32.030052][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 32.037408][ T294] Modules linked in: [ 32.041112][ T294] Preemption disabled at: [ 32.041119][ T294] [] remove_wait_queue+0x26/0x140 [ 32.051819][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 32.063064][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 32.072956][ T294] Call Trace: [ 32.076081][ T294] [ 32.078864][ T294] dump_stack_lvl+0x151/0x1b7 [ 32.083370][ T294] ? remove_wait_queue+0x26/0x140 [ 32.088232][ T294] ? remove_wait_queue+0x26/0x140 [ 32.093091][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 32.098387][ T294] ? remove_wait_queue+0x26/0x140 [ 32.103246][ T294] dump_stack+0x15/0x17 [ 32.107329][ T294] __schedule_bug+0x195/0x260 [ 32.111838][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 32.116612][ T294] ? bpf_trace_printk+0x1be/0x300 [ 32.121474][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 32.126769][ T294] ? kernel_waitid+0x520/0x520 [ 32.131371][ T294] __schedule+0xce9/0x1540 [ 32.135630][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 32.140399][ T294] ? bpf_trace_run2+0x138/0x290 [ 32.145082][ T294] ? __sched_text_start+0x8/0x8 [ 32.149770][ T294] schedule+0xc3/0x180 [ 32.153679][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 32.158711][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 32.164098][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 32.169477][ T294] do_syscall_64+0x49/0xb0 [ 32.173723][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 32.179473][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 32.185205][ T294] RIP: 0033:0x4d49a6 [ 32.188938][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [ 32.208377][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 32.216618][ T294] RAX: 000000000000012e RBX: 0000000000000006 RCX: 00000000004d49a6 [ 32.224433][ T294] RDX: 0000000040000001 RSI: 00007ffd3268148c RDI: 00000000ffffffff [ 32.232243][ T294] RBP: 0000000000d4f230 R08: 0000000000000000 R09: 0000000000000000 [ 32.240139][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d54990 [ 32.247951][ T294] R13: 000000000000012f R14: 00007ffd3268148c R15: 0000000000617180 [ 32.255773][ T294] [ 32.259809][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 32.271300][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 32.279233][ T294] Modules linked in: [ 32.282883][ T294] Preemption disabled at: [ 32.282888][ T294] [] pipe_write+0x14b2/0x1990 [ 32.293129][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 32.304492][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 32.314389][ T294] Call Trace: [ 32.317599][ T294] [ 32.320463][ T294] dump_stack_lvl+0x151/0x1b7 [ 32.324975][ T294] ? pipe_write+0x14b2/0x1990 [ 32.329576][ T294] ? pipe_write+0x14b2/0x1990 [ 32.334089][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 32.339411][ T294] ? task_rq_lock+0xd2/0x2b0 [ 32.343810][ T294] ? pipe_write+0x14b2/0x1990 [ 32.348412][ T294] dump_stack+0x15/0x17 [ 32.352410][ T294] __schedule_bug+0x195/0x260 [ 32.357009][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 32.362301][ T294] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 32.367595][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 32.372282][ T294] __schedule+0xce9/0x1540 [ 32.376536][ T294] ? __lock_task_sighand+0xde/0x100 [ 32.381567][ T294] ? __sched_text_start+0x8/0x8 [ 32.386255][ T294] ? __kasan_check_write+0x14/0x20 [ 32.391200][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 32.395973][ T294] ? unlock_page_memcg+0x160/0x160 [ 32.400923][ T294] schedule+0xc3/0x180 [ 32.404826][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 32.409862][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 32.415154][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 32.420539][ T294] do_syscall_64+0x49/0xb0 [ 32.424789][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 32.430433][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 32.436159][ T294] RIP: 0033:0x4e6c1a [ 32.439980][ T294] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 32.459423][ T294] RSP: 002b:00007ffd32681350 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [pid 360] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 359] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 358] <... bpf resumed>) = 5 [pid 357] <... exit_group resumed>) = ? [pid 364] <... bpf resumed>) = 4 [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 360] <... bpf resumed>) = 5 [pid 359] <... bpf resumed>) = 5 [pid 358] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 357] +++ exited with 0 +++ [pid 299] <... restart_syscall resumed>) = 0 [pid 364] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 360] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 359] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 358] <... bpf resumed>) = 0 [pid 364] <... bpf resumed>) = 5 [pid 360] <... bpf resumed>) = 0 [pid 359] <... bpf resumed>) = 0 [pid 358] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 364] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 360] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 359] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 304] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=357, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 358] <... bpf resumed>) = 6 [pid 364] <... bpf resumed>) = 0 [pid 360] <... bpf resumed>) = 6 [pid 359] <... bpf resumed>) = 6 [pid 358] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 364] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 360] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 359] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 364] <... bpf resumed>) = 6 [pid 364] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16./strace-static-x86_64: Process 365 attached [pid 299] <... clone resumed>, child_tidptr=0x5555565a7650) = 365 [pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 365] set_robust_list(0x5555565a7660, 24 [pid 304] <... clone resumed>, child_tidptr=0x5555565a7650) = 366 [pid 365] <... set_robust_list resumed>) = 0 [pid 365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 365] setpgid(0, 0) = 0 [pid 365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 366 attached ) = 3 [pid 365] write(3, "1000", 4) = 4 [pid 365] close(3) = 0 [pid 365] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 366] set_robust_list(0x5555565a7660, 24) = 0 [pid 366] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 364] <... bpf resumed>) = 7 [pid 360] <... bpf resumed>) = 7 [pid 359] <... bpf resumed>) = 7 [pid 358] <... bpf resumed>) = 7 [pid 366] <... prctl resumed>) = 0 [pid 365] <... bpf resumed>) = 3 [pid 364] exit_group(0 [ 32.467664][ T294] RAX: 0000000000000000 RBX: 0000000000d4d2f8 RCX: 00000000004e6c1a [ 32.475475][ T294] RDX: 0000000000000000 RSI: 0000000000000168 RDI: 0000000000000018 [ 32.483288][ T294] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000002 [ 32.491101][ T294] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000d4f620 [ 32.498912][ T294] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180 [ 32.506729][ T294] [ 32.528703][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 32.540294][ T292] BUG: scheduling while atomic: sshd/292/0x00000002 [ 32.546697][ T292] Modules linked in: [ 32.550398][ T292] Preemption disabled at: [ 32.550406][ T292] [] __set_current_blocked+0x11b/0x2f0 [ 32.561392][ T292] CPU: 0 PID: 292 Comm: sshd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 32.571801][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 32.581682][ T292] Call Trace: [ 32.584806][ T292] [ 32.587583][ T292] dump_stack_lvl+0x151/0x1b7 [ 32.592096][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 32.597661][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 32.602956][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 32.608251][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 32.613543][ T292] dump_stack+0x15/0x17 [ 32.617536][ T292] __schedule_bug+0x195/0x260 [ 32.622048][ T292] ? cpu_util_update_eff+0x10e0/0x10e0 [ 32.627343][ T292] ? pollwake+0x280/0x280 [ 32.631512][ T292] __schedule+0xce9/0x1540 [ 32.635768][ T292] ? __se_sys_ppoll+0x2b3/0x330 [ 32.640450][ T292] ? __sched_text_start+0x8/0x8 [ 32.645138][ T292] ? __x64_sys_ppoll+0xd0/0xd0 [ 32.649737][ T292] schedule+0xc3/0x180 [ 32.653641][ T292] exit_to_user_mode_loop+0x4e/0xa0 [ 32.658678][ T292] exit_to_user_mode_prepare+0x5a/0xa0 [ 32.663971][ T292] syscall_exit_to_user_mode+0x26/0x140 [ 32.669354][ T292] do_syscall_64+0x49/0xb0 [ 32.673602][ T292] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 32.679247][ T292] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 32.685151][ T292] RIP: 0033:0x7fac9a319ad5 [ 32.689400][ T292] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83 [ 32.708841][ T292] RSP: 002b:00007fffb50ad1f0 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 32.717088][ T292] RAX: 0000000000000002 RBX: 00000000000668a0 RCX: 00007fac9a319ad5 [pid 360] exit_group(0 [pid 359] exit_group(0 [pid 358] exit_group(0 [pid 366] setpgid(0, 0 [pid 365] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 364] <... exit_group resumed>) = ? [pid 360] <... exit_group resumed>) = ? [pid 359] <... exit_group resumed>) = ? [pid 358] <... exit_group resumed>) = ? [pid 365] <... bpf resumed>) = 4 [pid 364] +++ exited with 0 +++ [pid 360] +++ exited with 0 +++ [pid 365] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 365] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 365] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 365] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 303] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=364, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 358] +++ exited with 0 +++ [pid 301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=360, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 302] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=358, si_uid=0, si_status=0, si_utime=0, si_stime=21} --- [pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 303] <... clone resumed>, child_tidptr=0x5555565a7650) = 368 [pid 302] <... clone resumed>, child_tidptr=0x5555565a7650) = 367 [pid 301] <... clone resumed>, child_tidptr=0x5555565a7650) = 369 ./strace-static-x86_64: Process 369 attached ./strace-static-x86_64: Process 367 attached [pid 366] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 368 attached [pid 368] set_robust_list(0x5555565a7660, 24) = 0 [pid 368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 368] setpgid(0, 0) = 0 [pid 368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 366] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 369] set_robust_list(0x5555565a7660, 24 [pid 368] <... openat resumed>) = 3 [pid 368] write(3, "1000", 4) = 4 [pid 368] close(3) = 0 [pid 368] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 366] <... openat resumed>) = 3 [pid 366] write(3, "1000", 4 [pid 369] <... set_robust_list resumed>) = 0 [pid 367] set_robust_list(0x5555565a7660, 24 [pid 366] <... write resumed>) = 4 [pid 369] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 367] <... set_robust_list resumed>) = 0 [pid 366] close(3) = 0 [pid 369] setpgid(0, 0 [pid 366] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 369] <... setpgid resumed>) = 0 [pid 369] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 367] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 369] <... openat resumed>) = 3 [pid 367] <... prctl resumed>) = 0 [pid 369] write(3, "1000", 4 [pid 367] setpgid(0, 0 [pid 369] <... write resumed>) = 4 [pid 369] close(3 [pid 368] <... bpf resumed>) = 3 [pid 367] <... setpgid resumed>) = 0 [pid 366] <... bpf resumed>) = 3 [pid 369] <... close resumed>) = 0 [pid 369] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 [pid 366] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 368] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 367] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 369] <... bpf resumed>) = 3 [pid 367] <... openat resumed>) = 3 [pid 369] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 367] write(3, "1000", 4) = 4 [pid 367] close(3) = 0 [pid 367] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 367] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 365] <... bpf resumed>) = 7 [pid 365] exit_group(0) = ? [ 32.724896][ T292] RDX: 00007fffb50ad210 RSI: 0000000000000004 RDI: 000055d14403fb20 [ 32.732718][ T292] RBP: 000055d14403e5e0 R08: 0000000000000008 R09: 0000000000000000 [ 32.740524][ T292] R10: 00007fffb50ad2f8 R11: 0000000000000246 R12: 000055d143aa9aa4 [ 32.748333][ T292] R13: 0000000000000001 R14: 000055d143aaa3e8 R15: 00007fffb50ad278 [ 32.756158][ T292] [ 32.778369][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 32.789767][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 32.797259][ T294] Modules linked in: [ 32.800952][ T294] Preemption disabled at: [ 32.800957][ T294] [] remove_wait_queue+0x26/0x140 [ 32.812003][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 32.823345][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 32.833241][ T294] Call Trace: [ 32.836381][ T294] [ 32.839229][ T294] dump_stack_lvl+0x151/0x1b7 [ 32.843740][ T294] ? remove_wait_queue+0x26/0x140 [ 32.848599][ T294] ? remove_wait_queue+0x26/0x140 [ 32.853501][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 32.858757][ T294] ? remove_wait_queue+0x26/0x140 [ 32.863616][ T294] dump_stack+0x15/0x17 [ 32.867611][ T294] __schedule_bug+0x195/0x260 [ 32.872207][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 32.877502][ T294] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 32.882798][ T294] ? _raw_spin_lock+0x1b0/0x1b0 [ 32.887488][ T294] __schedule+0xce9/0x1540 [ 32.891745][ T294] ? __lock_task_sighand+0xde/0x100 [ 32.896770][ T294] ? __sched_text_start+0x8/0x8 [ 32.901458][ T294] ? __kasan_check_write+0x14/0x20 [ 32.906404][ T294] ? __se_sys_ptrace+0x3b2/0x410 [ 32.911186][ T294] schedule+0xc3/0x180 [ 32.915083][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 32.920127][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 32.925412][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 32.930797][ T294] do_syscall_64+0x49/0xb0 [ 32.935068][ T294] ? sysvec_call_function_single+0x52/0xb0 [ 32.940689][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 32.946418][ T294] RIP: 0033:0x4e6c1a [ 32.950150][ T294] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c [ 32.969765][ T294] RSP: 002b:00007ffd326812d0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065 [pid 359] +++ exited with 0 +++ [pid 369] <... bpf resumed>) = 4 [pid 368] <... bpf resumed>) = 4 [ 32.978009][ T294] RAX: 0000000000000050 RBX: 0000000000d4eba0 RCX: 00000000004e6c1a [ 32.985928][ T294] RDX: 0000000000000058 RSI: 000000000000012a RDI: 000000000000420e [ 32.993733][ T294] RBP: 00007ffd326813d0 R08: 000000000000420d R09: 0000000000000000 [ 33.001545][ T294] R10: 000000000063c820 R11: 0000000000000206 R12: 0000000000d4eba0 [ 33.009356][ T294] R13: 00007ffd3268142c R14: 000000000000857f R15: 0000000000617180 [ 33.017262][ T294] [pid 366] <... bpf resumed>) = 4 [ 33.022217][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 33.034007][ T292] BUG: scheduling while atomic: sshd/292/0x00000002 [ 33.040477][ T292] Modules linked in: [ 33.044140][ T292] Preemption disabled at: [ 33.044148][ T292] [] __set_current_blocked+0x11b/0x2f0 [ 33.055168][ T292] CPU: 0 PID: 292 Comm: sshd Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 33.065667][ T292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 33.075564][ T292] Call Trace: [ 33.078685][ T292] [ 33.081466][ T292] dump_stack_lvl+0x151/0x1b7 [ 33.085980][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 33.091279][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 33.096664][ T292] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 33.101953][ T292] ? __set_current_blocked+0x11b/0x2f0 [ 33.107243][ T292] dump_stack+0x15/0x17 [ 33.111234][ T292] __schedule_bug+0x195/0x260 [ 33.115750][ T292] ? cpu_util_update_eff+0x10e0/0x10e0 [ 33.121041][ T292] ? __kasan_check_write+0x14/0x20 [ 33.125993][ T292] __schedule+0xce9/0x1540 [ 33.130242][ T292] ? timerqueue_add+0x250/0x270 [ 33.134928][ T292] ? __sched_text_start+0x8/0x8 [ 33.139621][ T292] schedule+0xc3/0x180 [ 33.143523][ T292] schedule_hrtimeout_range_clock+0x1ef/0x360 [ 33.149422][ T292] ? hrtimer_nanosleep_restart+0x170/0x170 [ 33.155062][ T292] ? add_wait_queue+0x189/0x1c0 [ 33.159751][ T292] ? __remove_hrtimer+0x4d0/0x4d0 [ 33.164640][ T292] ? __pollwait+0x2f5/0x3f0 [ 33.168954][ T292] ? poll_initwait+0x160/0x160 [ 33.173553][ T292] schedule_hrtimeout_range+0x2a/0x40 [ 33.178761][ T292] do_sys_poll+0xdd7/0x1230 [ 33.183200][ T292] ? poll_select_finish+0x7b0/0x7b0 [ 33.188219][ T292] ? __x64_compat_sys_ppoll_time64+0xd0/0xd0 [ 33.194038][ T292] ? __x64_compat_sys_ppoll_time64+0xd0/0xd0 [ 33.199849][ T292] ? __x64_compat_sys_ppoll_time64+0xd0/0xd0 [ 33.205760][ T292] ? __x64_compat_sys_ppoll_time64+0xd0/0xd0 [ 33.211574][ T292] ? _raw_spin_lock_irqsave+0x210/0x210 [ 33.216946][ T292] ? __kasan_check_write+0x14/0x20 [ 33.221894][ T292] ? recalc_sigpending+0x164/0x1c0 [ 33.226844][ T292] ? _raw_spin_unlock_irq+0x4d/0x70 [ 33.232315][ T292] ? sigprocmask+0x280/0x280 [ 33.236747][ T292] __se_sys_ppoll+0x29c/0x330 [ 33.241252][ T292] ? __x64_sys_ppoll+0xd0/0xd0 [ 33.245850][ T292] ? __bpf_trace_sys_enter+0x62/0x70 [ 33.250974][ T292] __x64_sys_ppoll+0xbf/0xd0 [ 33.255397][ T292] do_syscall_64+0x3d/0xb0 [ 33.259650][ T292] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 33.265382][ T292] RIP: 0033:0x7fac9a319ad5 [ 33.269633][ T292] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83 [ 33.289073][ T292] RSP: 002b:00007fffb50ad1f0 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 33.297316][ T292] RAX: ffffffffffffffda RBX: 00000000000668a0 RCX: 00007fac9a319ad5 [ 33.305128][ T292] RDX: 00007fffb50ad210 RSI: 0000000000000004 RDI: 000055d14403fb20 [ 33.312941][ T292] RBP: 000055d14403e5e0 R08: 0000000000000008 R09: 0000000000000000 [ 33.320757][ T292] R10: 00007fffb50ad2f8 R11: 0000000000000246 R12: 000055d143aa9aa4 [pid 369] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 368] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 367] <... bpf resumed>) = 4 [pid 366] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 365] +++ exited with 0 +++ [pid 367] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 366] <... bpf resumed>) = 5 [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=365, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [pid 367] <... bpf resumed>) = 5 [pid 366] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 367] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4 [pid 366] <... bpf resumed>) = 0 [pid 367] <... bpf resumed>) = 0 [pid 366] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 367] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 366] <... bpf resumed>) = 6 [pid 367] <... bpf resumed>) = 6 [pid 366] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 367] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565a7650) = 371 ./strace-static-x86_64: Process 371 attached [pid 371] set_robust_list(0x5555565a7660, 24) = 0 [pid 371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 371] setpgid(0, 0) = 0 [pid 371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 371] write(3, "1000", 4) = 4 [pid 371] close(3) = 0 [pid 371] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 371] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=359, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555565a7650) = 372 ./strace-static-x86_64: Process 372 attached [pid 372] set_robust_list(0x5555565a7660, 24) = 0 [pid 372] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 372] setpgid(0, 0) = 0 [pid 372] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 372] write(3, "1000", 4) = 4 [pid 372] close(3) = 0 [pid 372] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000a40, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 3 [pid 372] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=3}}, 16 [pid 369] <... bpf resumed>) = 5 [pid 369] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 369] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 369] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 368] <... bpf resumed>) = 5 [pid 368] bpf(BPF_MAP_FREEZE, {map_fd=5}, 4) = 0 [pid 368] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [ 33.328563][ T292] R13: 0000000000000001 R14: 000055d143aaa3e8 R15: 00007fffb50ad278 [ 33.336381][ T292] [ 33.340005][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 33.351390][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 33.358770][ T294] Modules linked in: [ 33.362471][ T294] Preemption disabled at: [ 33.362476][ T294] [] remove_wait_queue+0x26/0x140 [ 33.373152][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0 [ 33.384438][ T294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 33.394324][ T294] Call Trace: [ 33.397449][ T294] [ 33.400225][ T294] dump_stack_lvl+0x151/0x1b7 [ 33.404737][ T294] ? remove_wait_queue+0x26/0x140 [ 33.409601][ T294] ? remove_wait_queue+0x26/0x140 [ 33.414467][ T294] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 33.419756][ T294] ? remove_wait_queue+0x26/0x140 [ 33.424614][ T294] dump_stack+0x15/0x17 [ 33.428610][ T294] __schedule_bug+0x195/0x260 [ 33.433130][ T294] ? __ia32_sys_waitid+0xd0/0xd0 [ 33.437894][ T294] ? bpf_trace_printk+0x1be/0x300 [ 33.442764][ T294] ? cpu_util_update_eff+0x10e0/0x10e0 [ 33.448054][ T294] ? kernel_waitid+0x520/0x520 [ 33.452650][ T294] __schedule+0xce9/0x1540 [ 33.456912][ T294] ? __x64_sys_wait4+0x181/0x1e0 [ 33.461680][ T294] ? bpf_trace_run2+0x138/0x290 [ 33.466364][ T294] ? __sched_text_start+0x8/0x8 [ 33.471051][ T294] schedule+0xc3/0x180 [ 33.474956][ T294] exit_to_user_mode_loop+0x4e/0xa0 [ 33.479992][ T294] exit_to_user_mode_prepare+0x5a/0xa0 [ 33.485285][ T294] syscall_exit_to_user_mode+0x26/0x140 [ 33.490664][ T294] do_syscall_64+0x49/0xb0 [ 33.494916][ T294] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 33.500563][ T294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 33.506288][ T294] RIP: 0033:0x4d49a6 [ 33.510021][ T294] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24 [pid 368] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=6}}, 16 [pid 372] <... bpf resumed>) = 4 [ 33.529911][ T294] RSP: 002b:00007ffd32681468 EFLAGS: 00000246 ORIG_RAX: 000000000000003d [ 33.538229][ T294] RAX: 0000000000000173 RBX: 0000000000000001 RCX: 00000000004d49a6 [ 33.546039][ T294] RDX: 0000000040000001 RSI: 00007ffd3268148c RDI: 00000000ffffffff [ 33.553866][ T294] RBP: 0000000000d4f380 R08: 0000000000000000 R09: 0000000000000000 [ 33.561663][ T294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000d546c0 [ 33.569479][ T294] R13: 0000000000000174 R14: 00007ffd3268148c R15: 0000000000617180 [ 33.577291][ T294] [ 33.582155][ C0] softirq: huh, entered softirq 3 NET_RX ffffffff84096740 with preempt_count 00000103, exited with 00000102? [ 33.593593][ T294] BUG: scheduling while atomic: strace-static-x/294/0x00000002 [ 33.600983][ T294] Modules linked in: [ 33.604629][ T294] Preemption disabled at: [ 33.604634][ T294] [] __lock_task_sighand+0x6b/0x100 [ 33.615391][ T294] CPU: 0 PID: 294 Comm: strace-static-x Tainted: G W 6.1.57-syzkaller-00067-gd3006fb9449d #0