./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1529069984 <...> Warning: Permanently added '10.128.0.100' (ED25519) to the list of known hosts. execve("./syz-executor1529069984", ["./syz-executor1529069984"], 0x7ffe53177f90 /* 10 vars */) = 0 brk(NULL) = 0x5555574fd000 brk(0x5555574fdd00) = 0x5555574fdd00 arch_prctl(ARCH_SET_FS, 0x5555574fd380) = 0 set_tid_address(0x5555574fd650) = 476 set_robust_list(0x5555574fd660, 24) = 0 rseq(0x5555574fdca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1529069984", 4096) = 28 getrandom("\x45\x46\xca\x0b\x02\x69\x2b\x1c", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555574fdd00 brk(0x55555751ed00) = 0x55555751ed00 brk(0x55555751f000) = 0x55555751f000 mprotect(0x7f70341ce000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555574fd650) = 477 ./strace-static-x86_64: Process 477 attached [pid 477] set_robust_list(0x5555574fd660, 24) = 0 [pid 477] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 477] setpgid(0, 0) = 0 [pid 477] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 477] write(3, "1000", 4) = 4 [pid 477] close(3) = 0 [pid 477] write(1, "executing program\n", 18executing program ) = 18 [pid 477] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 477] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 477] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=5, key=0x20000040, value=0x20000140, flags=BPF_ANY}, 32) = 0 [pid 477] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [ 206.002442][ T30] audit: type=1400 audit(1721368537.775:66): avc: denied { execmem } for pid=476 comm="syz-executor152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 206.022073][ T30] audit: type=1400 audit(1721368537.785:67): avc: denied { map_create } for pid=477 comm="syz-executor152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 206.041927][ T30] audit: type=1400 audit(1721368537.785:68): avc: denied { map_read map_write } for pid=477 comm="syz-executor152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 206.062927][ T30] audit: type=1400 audit(1721368537.785:69): avc: denied { prog_load } for pid=477 comm="syz-executor152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 206.082390][ T30] audit: type=1400 audit(1721368537.795:70): avc: denied { bpf } for pid=477 comm="syz-executor152" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 206.103907][ T30] audit: type=1400 audit(1721368537.795:71): avc: denied { perfmon } for pid=477 comm="syz-executor152" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [pid 477] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 477] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_page_alloc", prog_fd=6}}, 16) = 7 [pid 477] exit_group(0) = ? [pid 477] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=477, si_uid=0, si_status=0, si_utime=0, si_stime=24} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 479 attached [pid 479] set_robust_list(0x5555574fd660, 24) = 0 [pid 479] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 476] <... clone resumed>, child_tidptr=0x5555574fd650) = 479 [pid 479] <... prctl resumed>) = 0 [pid 479] setpgid(0, 0) = 0 [pid 479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 479] write(3, "1000", 4) = 4 [pid 479] close(3) = 0 [pid 479] write(1, "executing program\n", 18executing program ) = 18 [pid 479] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 479] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 479] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=5, key=0x20000040, value=0x20000140, flags=BPF_ANY}, 32) = 0 [pid 479] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 479] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 479] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_page_alloc", prog_fd=6}}, 16) = 7 [pid 479] exit_group(0) = ? [pid 479] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=479, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 480 attached [pid 480] set_robust_list(0x5555574fd660, 24) = 0 [pid 480] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 480] setpgid(0, 0) = 0 [pid 480] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 476] <... clone resumed>, child_tidptr=0x5555574fd650) = 480 [pid 480] <... openat resumed>) = 3 [pid 480] write(3, "1000", 4executing program ) = 4 [pid 480] close(3) = 0 [pid 480] write(1, "executing program\n", 18) = 18 [pid 480] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 480] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 480] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=5, key=0x20000040, value=0x20000140, flags=BPF_ANY}, 32) = 0 [pid 480] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 480] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 480] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_page_alloc", prog_fd=6}}, 16) = 7 [pid 480] exit_group(0) = ? [pid 480] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=480, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 206.254231][ T30] audit: type=1400 audit(1721368538.025:72): avc: denied { prog_run } for pid=477 comm="syz-executor152" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555574fd650) = 481 ./strace-static-x86_64: Process 481 attached [pid 481] set_robust_list(0x5555574fd660, 24) = 0 [pid 481] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 481] setpgid(0, 0) = 0 [pid 481] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 481] write(3, "1000", 4) = 4 [pid 481] close(3) = 0 [pid 481] write(1, "executing program\n", 18executing program ) = 18 [pid 481] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 481] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 481] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=5, key=0x20000040, value=0x20000140, flags=BPF_ANY}, 32) = 0 [pid 481] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 481] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 481] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_page_alloc", prog_fd=6}}, 16) = 7 [pid 481] exit_group(0) = ? [pid 481] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=481, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 482 attached , child_tidptr=0x5555574fd650) = 482 [pid 482] set_robust_list(0x5555574fd660, 24) = 0 [pid 482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 482] setpgid(0, 0) = 0 [pid 482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 482] write(3, "1000", 4executing program ) = 4 [pid 482] close(3) = 0 [pid 482] write(1, "executing program\n", 18) = 18 [pid 482] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 482] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 482] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=5, key=0x20000040, value=0x20000140, flags=BPF_ANY}, 32) = 0 [pid 482] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 482] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 482] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_page_alloc", prog_fd=6}}, 16) = 7 [pid 482] exit_group(0) = ? [pid 482] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=482, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 483 attached [pid 483] set_robust_list(0x5555574fd660, 24) = 0 [pid 483] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 483] setpgid(0, 0) = 0 [pid 476] <... clone resumed>, child_tidptr=0x5555574fd650) = 483 [pid 483] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 483] write(3, "1000", 4) = 4 [pid 483] close(3) = 0 [pid 483] write(1, "executing program\n", 18executing program ) = 18 [pid 483] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 483] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 483] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=5, key=0x20000040, value=0x20000140, flags=BPF_ANY}, 32) = 0 [pid 483] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 483] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 483] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_page_alloc", prog_fd=6}}, 16) = 7 [pid 483] exit_group(0) = ? [pid 483] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=483, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 484 attached , child_tidptr=0x5555574fd650) = 484 [pid 484] set_robust_list(0x5555574fd660, 24) = 0 [pid 484] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 484] setpgid(0, 0) = 0 [pid 484] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 484] write(3, "1000", 4) = 4 [pid 484] close(3executing program ) = 0 [pid 484] write(1, "executing program\n", 18) = 18 [pid 484] socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0 [pid 484] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5 [pid 484] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=5, key=0x20000040, value=0x20000140, flags=BPF_ANY}, 32) = 0 [pid 484] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 484] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 6 [pid 484] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_page_alloc", prog_fd=6}}, 16) = 7 [ 306.400025][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 306.407734][ C1] rcu: 1-...!: (10000 ticks this GP) idle=581/1/0x4000000000000000 softirq=3127/3127 fqs=0 last_accelerate: db21/0231 dyntick_enabled: 1 [ 306.421897][ C1] (t=10000 jiffies g=2457 q=12) [ 306.426663][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 9999 jiffies! g2457 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 306.438640][ C1] rcu: Possible timer handling issue on cpu=1 timer-softirq=1646 [ 306.446302][ C1] rcu: rcu_preempt kthread starved for 10000 jiffies! g2457 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 306.457644][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 306.467465][ C1] rcu: RCU grace-period kthread stack dump: [ 306.473184][ C1] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 306.482339][ C1] Call Trace: [ 306.485540][ C1] [ 306.488318][ C1] __schedule+0xccc/0x1590 [ 306.492693][ C1] ? __sched_text_start+0x8/0x8 [ 306.497717][ C1] ? __kasan_check_write+0x14/0x20 [ 306.503189][ C1] schedule+0x11f/0x1e0 [ 306.507177][ C1] schedule_timeout+0x18c/0x370 [ 306.511864][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 306.516898][ C1] ? console_conditional_schedule+0x30/0x30 [ 306.522626][ C1] ? update_process_times+0x200/0x200 [ 306.527836][ C1] ? prepare_to_swait_event+0x308/0x320 [ 306.533216][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 306.537816][ C1] ? debug_smp_processor_id+0x17/0x20 [ 306.543024][ C1] ? __note_gp_changes+0x4ab/0x920 [ 306.547969][ C1] ? rcu_gp_init+0xc30/0xc30 [ 306.552395][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 306.557447][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 306.561856][ C1] rcu_gp_kthread+0xa4/0x350 [ 306.566390][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 306.571064][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 306.575775][ C1] ? __kasan_check_read+0x11/0x20 [ 306.580629][ C1] ? __kthread_parkme+0xb2/0x200 [ 306.585409][ C1] kthread+0x421/0x510 [ 306.589566][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 306.594220][ C1] ? kthread_blkcg+0xd0/0xd0 [ 306.598642][ C1] ret_from_fork+0x1f/0x30 [ 306.603331][ C1] [ 306.606191][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 306.612374][ C1] NMI backtrace for cpu 1 [ 306.616531][ C1] CPU: 1 PID: 484 Comm: syz-executor152 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 306.626595][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 306.636914][ C1] Call Trace: [ 306.639988][ C1] [ 306.642671][ C1] dump_stack_lvl+0x151/0x1b7 [ 306.647183][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 306.653174][ C1] dump_stack+0x15/0x17 [ 306.657165][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 306.661939][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 306.667930][ C1] ? panic+0x751/0x751 [ 306.671948][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 306.677822][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 306.683811][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 306.689982][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 306.696050][ C1] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 306.702045][ C1] ? rcu_check_gp_kthread_expired_fqs_timer+0x18e/0x230 [ 306.708809][ C1] print_cpu_stall+0x310/0x5f0 [ 306.713411][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 306.718446][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 306.724520][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 306.729552][ C1] update_process_times+0x198/0x200 [ 306.734770][ C1] tick_sched_timer+0x188/0x240 [ 306.739590][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 306.744926][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 306.750460][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 306.755375][ C1] ? clockevents_program_event+0x22f/0x300 [ 306.761021][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 306.766912][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 306.771779][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 306.777509][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 306.782971][ C1] [ 306.786353][ C1] [ 306.789131][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 306.795043][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 306.800166][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 2b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 306.819702][ C1] RSP: 0000:ffffc90000996460 EFLAGS: 00000246 [ 306.825604][ C1] RAX: 0000000000000003 RBX: 1ffff92000132c90 RCX: ffffffff8154fbdf [ 306.833414][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888105da9158 [ 306.841295][ C1] RBP: ffffc90000996510 R08: dffffc0000000000 R09: ffffed1020bb522c [ 306.849114][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 306.857379][ C1] R13: ffff888105da9158 R14: 0000000000000003 R15: 1ffff92000132c94 [ 306.865189][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 306.871261][ C1] ? asm_sysvec_call_function_single+0x1b/0x20 [ 306.877251][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 306.882199][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 306.888380][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 306.894484][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 306.900840][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 306.905611][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 306.910645][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 306.915941][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 306.921092][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 306.926480][ C1] bpf_trace_run4+0x13f/0x270 [ 306.930986][ C1] ? bpf_trace_run3+0x250/0x250 [ 306.935673][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 306.940975][ C1] __alloc_pages+0x3cb/0x8f0 [ 306.945398][ C1] ? prep_new_page+0x110/0x110 [ 306.950269][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 306.955721][ C1] ? stack_trace_save+0x113/0x1c0 [ 306.960592][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 306.965442][ C1] __stack_depot_save+0x38d/0x470 [ 306.970392][ C1] stack_depot_save+0xe/0x10 [ 306.974815][ C1] save_stack+0x104/0x1e0 [ 306.978982][ C1] ? __reset_page_owner+0x190/0x190 [ 306.984015][ C1] ? post_alloc_hook+0x1a3/0x1b0 [ 306.988820][ C1] ? prep_new_page+0x1b/0x110 [ 306.993389][ C1] ? get_page_from_freelist+0x3550/0x35d0 [ 306.998953][ C1] ? __alloc_pages+0x27e/0x8f0 [ 307.003982][ C1] ? __stack_depot_save+0x38d/0x470 [ 307.009014][ C1] ? kasan_set_track+0x5d/0x70 [ 307.013876][ C1] ? kasan_set_free_info+0x23/0x40 [ 307.018933][ C1] ? ____kasan_slab_free+0x126/0x160 [ 307.024053][ C1] ? __kasan_slab_free+0x11/0x20 [ 307.028828][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 307.034210][ C1] ? kfree+0xc8/0x220 [ 307.038027][ C1] ? sock_map_unref+0x352/0x4d0 [ 307.042719][ C1] ? sock_hash_delete_elem+0x274/0x2f0 [ 307.048272][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 307.053824][ C1] ? bpf_trace_run4+0x13f/0x270 [ 307.058523][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 307.064368][ C1] ? sanitize_ptr_alu+0x32b/0xac0 [ 307.069220][ C1] __set_page_owner+0x28/0x2e0 [ 307.073821][ C1] ? kernel_init_free_pages+0xda/0xf0 [ 307.079026][ C1] post_alloc_hook+0x1a3/0x1b0 [ 307.083714][ C1] prep_new_page+0x1b/0x110 [ 307.088054][ C1] get_page_from_freelist+0x3550/0x35d0 [ 307.093609][ C1] ? is_bpf_text_address+0x172/0x190 [ 307.098737][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 307.103772][ C1] ? __kernel_text_address+0x9b/0x110 [ 307.108977][ C1] ? lruvec_init+0x150/0x150 [ 307.113399][ C1] ? __alloc_pages+0x8f0/0x8f0 [ 307.117998][ C1] ? __alloc_pages_bulk+0xe40/0xe40 [ 307.123045][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 307.127991][ C1] __alloc_pages+0x27e/0x8f0 [ 307.132606][ C1] ? prep_new_page+0x110/0x110 [ 307.137299][ C1] ? stack_trace_save+0x113/0x1c0 [ 307.142200][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 307.147089][ C1] __stack_depot_save+0x38d/0x470 [ 307.151971][ C1] ? kfree+0xc8/0x220 [ 307.155941][ C1] kasan_set_track+0x5d/0x70 [ 307.160368][ C1] ? kasan_set_track+0x4b/0x70 [ 307.164967][ C1] ? kasan_set_free_info+0x23/0x40 [ 307.169916][ C1] ? ____kasan_slab_free+0x126/0x160 [ 307.175045][ C1] ? __kasan_slab_free+0x11/0x20 [ 307.179816][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 307.185202][ C1] ? kfree+0xc8/0x220 [ 307.189184][ C1] ? sock_map_unref+0x352/0x4d0 [ 307.193872][ C1] ? sock_hash_delete_elem+0x274/0x2f0 [ 307.199186][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 307.204992][ C1] ? bpf_trace_run4+0x13f/0x270 [ 307.209675][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 307.215136][ C1] ? __alloc_pages+0x3cb/0x8f0 [ 307.220025][ C1] ? wp_page_copy+0x200/0x1b00 [ 307.224623][ C1] ? do_wp_page+0x6fa/0xb60 [ 307.228968][ C1] ? handle_pte_fault+0x7c0/0x24d0 [ 307.233913][ C1] ? do_handle_mm_fault+0x1ea9/0x23a0 [ 307.239310][ C1] ? exc_page_fault+0x3b5/0x830 [ 307.243980][ C1] ? asm_exc_page_fault+0x27/0x30 [ 307.248846][ C1] ? post_alloc_hook+0x1a3/0x1b0 [ 307.254070][ C1] kasan_set_free_info+0x23/0x40 [ 307.258823][ C1] ____kasan_slab_free+0x126/0x160 [ 307.263779][ C1] __kasan_slab_free+0x11/0x20 [ 307.268370][ C1] slab_free_freelist_hook+0xbd/0x190 [ 307.273583][ C1] ? sock_map_unref+0x352/0x4d0 [ 307.278271][ C1] kfree+0xc8/0x220 [ 307.281913][ C1] sock_map_unref+0x352/0x4d0 [ 307.286427][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 307.291546][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 307.297883][ C1] bpf_trace_run4+0x13f/0x270 [ 307.302413][ C1] ? bpf_trace_run3+0x250/0x250 [ 307.307080][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 307.312377][ C1] __alloc_pages+0x3cb/0x8f0 [ 307.316800][ C1] ? prep_new_page+0x110/0x110 [ 307.321401][ C1] ? __kasan_check_write+0x14/0x20 [ 307.326348][ C1] ? cpumask_next+0x8a/0xb0 [ 307.330691][ C1] wp_page_copy+0x200/0x1b00 [ 307.335115][ C1] ? __kasan_check_write+0x14/0x20 [ 307.340722][ C1] ? insert_page_into_pte_locked+0x4e0/0x4e0 [ 307.346529][ C1] ? __pte_map_lock+0x442/0x620 [ 307.351648][ C1] do_wp_page+0x6fa/0xb60 [ 307.355815][ C1] handle_pte_fault+0x7c0/0x24d0 [ 307.360593][ C1] ? fault_around_bytes_set+0xc0/0xc0 [ 307.365798][ C1] do_handle_mm_fault+0x1ea9/0x23a0 [ 307.370930][ C1] ? numa_migrate_prep+0xe0/0xe0 [ 307.375691][ C1] ? __kasan_check_write+0x14/0x20 [ 307.380637][ C1] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 307.385586][ C1] ? _raw_spin_lock_irqsave+0x210/0x210 [ 307.391100][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 307.396128][ C1] ? down_read_trylock+0x1f9/0x300 [ 307.401082][ C1] ? __init_rwsem+0x1c0/0x1c0 [ 307.405590][ C1] ? vmacache_update+0xb7/0x120 [ 307.410275][ C1] ? __find_vma+0x136/0x150 [ 307.414614][ C1] exc_page_fault+0x3b5/0x830 [ 307.419135][ C1] asm_exc_page_fault+0x27/0x30 [ 307.423814][ C1] RIP: 0033:0x7f70341312d0 [ 307.428266][ C1] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 1d 0d 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 0f b1 15 10 3a 0a 00 0f 85 0f 02 00 00 4c 8d 25 03 3a 0a 00 4c [ 307.448206][ C1] RSP: 002b:00007ffd0a09f8f0 EFLAGS: 00010246 [ 307.454114][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 307.461912][ C1] RDX: 0000000000000001 RSI: 00007f70341d2120 RDI: 0000000000000000 [ 307.469725][ C1] RBP: 00007f70341d2120 R08: 0000000000000006 R09: 0000000000000006 [ 307.477553][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.485349][ C1] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 307.493264][ C1] [ 307.496149][ C1] NMI backtrace for cpu 1 [ 307.500292][ C1] CPU: 1 PID: 484 Comm: syz-executor152 Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 307.510362][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 307.520260][ C1] Call Trace: [ 307.523397][ C1] [ 307.526070][ C1] dump_stack_lvl+0x151/0x1b7 [ 307.530581][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 307.536051][ C1] ? ttwu_do_wakeup+0x187/0x430 [ 307.540737][ C1] dump_stack+0x15/0x17 [ 307.544902][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 307.549765][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 307.555751][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 307.561075][ C1] ? __kasan_check_write+0x14/0x20 [ 307.565994][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 307.570683][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 307.576929][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 307.582746][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 307.588751][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 307.594466][ C1] rcu_dump_cpu_stacks+0x1d8/0x330 [ 307.599421][ C1] print_cpu_stall+0x315/0x5f0 [ 307.604020][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 307.609044][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 307.615035][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 307.620068][ C1] update_process_times+0x198/0x200 [ 307.625100][ C1] tick_sched_timer+0x188/0x240 [ 307.629797][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 307.635170][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 307.640470][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 307.645421][ C1] ? clockevents_program_event+0x22f/0x300 [ 307.651146][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 307.657042][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 307.661818][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 307.667633][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 307.673101][ C1] [ 307.675874][ C1] [ 307.678660][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 307.684468][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 307.689244][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 2b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 307.709380][ C1] RSP: 0000:ffffc90000996460 EFLAGS: 00000246 [ 307.715294][ C1] RAX: 0000000000000003 RBX: 1ffff92000132c90 RCX: ffffffff8154fbdf [ 307.723090][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888105da9158 [ 307.730908][ C1] RBP: ffffc90000996510 R08: dffffc0000000000 R09: ffffed1020bb522c [ 307.738829][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 307.746613][ C1] R13: ffff888105da9158 R14: 0000000000000003 R15: 1ffff92000132c94 [ 307.754427][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 307.760500][ C1] ? asm_sysvec_call_function_single+0x1b/0x20 [ 307.766497][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 307.771554][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 307.777662][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 307.783540][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 307.789781][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 307.794553][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 307.799783][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 307.805073][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 307.810088][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 307.815469][ C1] bpf_trace_run4+0x13f/0x270 [ 307.819985][ C1] ? bpf_trace_run3+0x250/0x250 [ 307.824670][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 307.829969][ C1] __alloc_pages+0x3cb/0x8f0 [ 307.834477][ C1] ? prep_new_page+0x110/0x110 [ 307.839116][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 307.844661][ C1] ? stack_trace_save+0x113/0x1c0 [ 307.849520][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 307.854646][ C1] __stack_depot_save+0x38d/0x470 [ 307.859501][ C1] stack_depot_save+0xe/0x10 [ 307.863928][ C1] save_stack+0x104/0x1e0 [ 307.868094][ C1] ? __reset_page_owner+0x190/0x190 [ 307.873156][ C1] ? post_alloc_hook+0x1a3/0x1b0 [ 307.878184][ C1] ? prep_new_page+0x1b/0x110 [ 307.882698][ C1] ? get_page_from_freelist+0x3550/0x35d0 [ 307.888365][ C1] ? __alloc_pages+0x27e/0x8f0 [ 307.892942][ C1] ? __stack_depot_save+0x38d/0x470 [ 307.898060][ C1] ? kasan_set_track+0x5d/0x70 [ 307.902673][ C1] ? kasan_set_free_info+0x23/0x40 [ 307.907831][ C1] ? ____kasan_slab_free+0x126/0x160 [ 307.912941][ C1] ? __kasan_slab_free+0x11/0x20 [ 307.917709][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 307.923089][ C1] ? kfree+0xc8/0x220 [ 307.926908][ C1] ? sock_map_unref+0x352/0x4d0 [ 307.931778][ C1] ? sock_hash_delete_elem+0x274/0x2f0 [ 307.937068][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 307.942618][ C1] ? bpf_trace_run4+0x13f/0x270 [ 307.947589][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 307.953078][ C1] ? sanitize_ptr_alu+0x32b/0xac0 [ 307.957941][ C1] __set_page_owner+0x28/0x2e0 [ 307.962523][ C1] ? kernel_init_free_pages+0xda/0xf0 [ 307.967726][ C1] post_alloc_hook+0x1a3/0x1b0 [ 307.972330][ C1] prep_new_page+0x1b/0x110 [ 307.976666][ C1] get_page_from_freelist+0x3550/0x35d0 [ 307.982047][ C1] ? is_bpf_text_address+0x172/0x190 [ 307.987168][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 307.992117][ C1] ? __kernel_text_address+0x9b/0x110 [ 307.997449][ C1] ? lruvec_init+0x150/0x150 [ 308.001862][ C1] ? __alloc_pages+0x8f0/0x8f0 [ 308.006468][ C1] ? __alloc_pages_bulk+0xe40/0xe40 [ 308.011678][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 308.016539][ C1] __alloc_pages+0x27e/0x8f0 [ 308.020957][ C1] ? prep_new_page+0x110/0x110 [ 308.025581][ C1] ? stack_trace_save+0x113/0x1c0 [ 308.030502][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 308.035450][ C1] __stack_depot_save+0x38d/0x470 [ 308.040311][ C1] ? kfree+0xc8/0x220 [ 308.044131][ C1] kasan_set_track+0x5d/0x70 [ 308.048651][ C1] ? kasan_set_track+0x4b/0x70 [ 308.053338][ C1] ? kasan_set_free_info+0x23/0x40 [ 308.058285][ C1] ? ____kasan_slab_free+0x126/0x160 [ 308.063407][ C1] ? __kasan_slab_free+0x11/0x20 [ 308.068179][ C1] ? slab_free_freelist_hook+0xbd/0x190 [ 308.073559][ C1] ? kfree+0xc8/0x220 [ 308.077381][ C1] ? sock_map_unref+0x352/0x4d0 [ 308.082068][ C1] ? sock_hash_delete_elem+0x274/0x2f0 [ 308.087486][ C1] ? bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 308.093033][ C1] ? bpf_trace_run4+0x13f/0x270 [ 308.097724][ C1] ? __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 308.103194][ C1] ? __alloc_pages+0x3cb/0x8f0 [ 308.107785][ C1] ? wp_page_copy+0x200/0x1b00 [ 308.112395][ C1] ? do_wp_page+0x6fa/0xb60 [ 308.116726][ C1] ? handle_pte_fault+0x7c0/0x24d0 [ 308.121674][ C1] ? do_handle_mm_fault+0x1ea9/0x23a0 [ 308.127144][ C1] ? exc_page_fault+0x3b5/0x830 [ 308.131838][ C1] ? asm_exc_page_fault+0x27/0x30 [ 308.136698][ C1] ? post_alloc_hook+0x1a3/0x1b0 [ 308.141550][ C1] kasan_set_free_info+0x23/0x40 [ 308.146324][ C1] ____kasan_slab_free+0x126/0x160 [ 308.151273][ C1] __kasan_slab_free+0x11/0x20 [ 308.155871][ C1] slab_free_freelist_hook+0xbd/0x190 [ 308.161085][ C1] ? sock_map_unref+0x352/0x4d0 [ 308.165766][ C1] kfree+0xc8/0x220 [ 308.169412][ C1] sock_map_unref+0x352/0x4d0 [ 308.173925][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 308.179046][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 308.184429][ C1] bpf_trace_run4+0x13f/0x270 [ 308.188940][ C1] ? bpf_trace_run3+0x250/0x250 [ 308.193630][ C1] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 308.198922][ C1] __alloc_pages+0x3cb/0x8f0 [ 308.203347][ C1] ? prep_new_page+0x110/0x110 [ 308.207948][ C1] ? __kasan_check_write+0x14/0x20 [ 308.212894][ C1] ? cpumask_next+0x8a/0xb0 [ 308.217258][ C1] wp_page_copy+0x200/0x1b00 [ 308.221667][ C1] ? __kasan_check_write+0x14/0x20 [ 308.226612][ C1] ? insert_page_into_pte_locked+0x4e0/0x4e0 [ 308.232425][ C1] ? __pte_map_lock+0x442/0x620 [ 308.237111][ C1] do_wp_page+0x6fa/0xb60 [ 308.241278][ C1] handle_pte_fault+0x7c0/0x24d0 [ 308.246051][ C1] ? fault_around_bytes_set+0xc0/0xc0 [ 308.251362][ C1] do_handle_mm_fault+0x1ea9/0x23a0 [ 308.256382][ C1] ? numa_migrate_prep+0xe0/0xe0 [ 308.261173][ C1] ? __kasan_check_write+0x14/0x20 [ 308.266100][ C1] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 308.271052][ C1] ? _raw_spin_lock_irqsave+0x210/0x210 [ 308.276428][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 308.281474][ C1] ? down_read_trylock+0x1f9/0x300 [ 308.286407][ C1] ? __init_rwsem+0x1c0/0x1c0 [ 308.291103][ C1] ? vmacache_update+0xb7/0x120 [ 308.295788][ C1] ? __find_vma+0x136/0x150 [ 308.300126][ C1] exc_page_fault+0x3b5/0x830 [ 308.304641][ C1] asm_exc_page_fault+0x27/0x30 [ 308.309322][ C1] RIP: 0033:0x7f70341312d0 [ 308.313578][ C1] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 1d 0d 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 0f b1 15 10 3a 0a 00 0f 85 0f 02 00 00 4c 8d 25 03 3a 0a 00 4c [ 308.333109][ C1] RSP: 002b:00007ffd0a09f8f0 EFLAGS: 00010246 [ 308.339008][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001 [ 308.346826][ C1] RDX: 0000000000000001 RSI: 00007f70341d2120 RDI: 0000000000000000 [ 308.354964][ C1] RBP: 00007f70341d2120 R08: 0000000000000006 R09: 0000000000000006 [ 308.362766][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.370576][ C1] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 308.378392][ C1] [ 353.077770][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 143s! [init:1] [ 353.085056][ C0] Modules linked in: [ 353.088786][ C0] CPU: 0 PID: 1 Comm: init Not tainted 5.15.151-syzkaller-00415-gdb06c48ab67e #0 [ 353.098012][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 353.108004][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 353.112761][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 2b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 353.132813][ C0] RSP: 0018:ffffc90000017440 EFLAGS: 00000246 [ 353.138714][ C0] RAX: 0000000000000001 RBX: 1ffff92000002e8c RCX: 1ffffffff0d1aa9c [ 353.146527][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7038ad4 [ 353.154342][ C0] RBP: ffffc900000174f0 R08: dffffc0000000000 R09: ffffed103ee0715b [ 353.162235][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 353.170157][ C0] R13: ffff8881f7038ad4 R14: 0000000000000001 R15: 1ffff92000002e90 [ 353.177966][ C0] FS: 00007f6ad7846380(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 353.186729][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 353.193160][ C0] CR2: 0000558a044a1c68 CR3: 000000010b944000 CR4: 00000000003506b0 [ 353.201018][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 353.208775][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 353.216673][ C0] Call Trace: [ 353.219798][ C0] [ 353.222497][ C0] ? show_regs+0x58/0x60 [ 353.226571][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 353.231524][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 353.236636][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 353.241859][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 353.246877][ C0] ? clockevents_program_event+0x22f/0x300 [ 353.252520][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 353.258425][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 353.263371][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 353.269272][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 353.275041][ C0] [ 353.277811][ C0] [ 353.280614][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 353.286578][ C0] ? kvm_wait+0x147/0x180 [ 353.290746][ C0] ? asm_common_interrupt+0x27/0x40 [ 353.295778][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 353.300823][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 353.306804][ C0] ? get_page_from_freelist+0x3550/0x35d0 [ 353.312464][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 353.318714][ C0] ? is_bpf_text_address+0x172/0x190 [ 353.323854][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 353.328885][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 353.333922][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 353.339215][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 353.344363][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xe64 [ 353.350334][ C0] bpf_trace_run4+0x13f/0x270 [ 353.355530][ C0] ? bpf_trace_run3+0x250/0x250 [ 353.360209][ C0] __bpf_trace_mm_page_alloc+0xbf/0xf0 [ 353.365587][ C0] __alloc_pages+0x3cb/0x8f0 [ 353.370032][ C0] ? prep_new_page+0x110/0x110 [ 353.374628][ C0] new_slab+0x9a/0x4e0 [ 353.378527][ C0] ___slab_alloc+0x39e/0x830 [ 353.382965][ C0] ? dup_task_struct+0x53/0xc60 [ 353.387727][ C0] ? dup_task_struct+0x53/0xc60 [ 353.392402][ C0] __slab_alloc+0x4a/0x90 [ 353.396570][ C0] ? dup_task_struct+0x53/0xc60 [ 353.401257][ C0] kmem_cache_alloc+0x134/0x200 [ 353.405958][ C0] dup_task_struct+0x53/0xc60 [ 353.410461][ C0] ? __kasan_check_write+0x14/0x20 [ 353.415413][ C0] copy_process+0x5c4/0x3290 [ 353.419832][ C0] ? do_nanosleep+0x555/0x6a0 [ 353.424374][ C0] ? pidfd_show_fdinfo+0x2b0/0x2b0 [ 353.429289][ C0] ? hrtimer_init_sleeper+0x3b/0x1a0 [ 353.434410][ C0] ? hrtimer_nanosleep+0x107/0x3f0 [ 353.439455][ C0] kernel_clone+0x21e/0x9e0 [ 353.443787][ C0] ? __remove_hrtimer+0x4d0/0x4d0 [ 353.448646][ C0] ? create_io_thread+0x1e0/0x1e0 [ 353.453507][ C0] ? get_timespec64+0x197/0x270 [ 353.458199][ C0] ? timespec64_add_safe+0x220/0x220 [ 353.463316][ C0] __do_sys_vfork+0xcd/0x130 [ 353.467871][ C0] ? __do_sys_fork+0x110/0x110 [ 353.472470][ C0] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 353.477936][ C0] do_syscall_64+0x3d/0xb0 [ 353.482276][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 353.487924][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 353.493645][ C0] RIP: 0033:0x7f6ad7980a68 [ 353.497904][ C0] Code: 00 48 8d b8 e0 02 00 00 48 89 b8 d8 02 00 00 48 89 b8 e0 02 00 00 b8 11 01 00 00 0f 05 44 89 c0 c3 90 5f b8 3a 00 00 00 0f 05 <57> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 90 43 0f 00 f7 d8 64 89 01 48 [ 353.517438][ C0] RSP: 002b:00007fff81130630 EFLAGS: 00000246 ORIG_RAX: 000000000000003a [ 353.526106][ C0] RAX: ffffffffffffffda RBX: 000055b8a1d76a50 RCX: 00007f6ad7980a68 [ 353.533925][ C0] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00007f6ad7b0bbed [ 353.541736][ C0] RBP: 00007f6ad7b46528 R08: 0000000000000007 R09: 262122169194621f [ 353.550245][ C0] R10: 00007fff81130670 R11: 0000000000000246 R12: 0000000000000000 [ 353.558048][ C0] R13: 0000000000000018 R14: 000055b8a0477169 R15: 00007f6ad7b77a80 [ 353.565971][ C0]