Warning: Permanently added '10.128.1.6' (ED25519) to the list of known hosts. 2024/05/22 07:43:36 fuzzer started 2024/05/22 07:43:36 dialing manager at 10.128.0.163:30005 [ 19.390910][ T30] audit: type=1400 audit(1716363816.257:66): avc: denied { node_bind } for pid=281 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 19.394269][ T30] audit: type=1400 audit(1716363816.257:67): avc: denied { name_bind } for pid=281 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 19.418940][ T30] audit: type=1400 audit(1716363816.287:68): avc: denied { integrity } for pid=289 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 19.430130][ T289] cgroup: Unknown subsys name 'net' [ 19.442149][ T30] audit: type=1400 audit(1716363816.297:69): avc: denied { mounton } for pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 19.468488][ T30] audit: type=1400 audit(1716363816.297:70): avc: denied { mount } for pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.468628][ T289] cgroup: Unknown subsys name 'devices' [ 19.490322][ T30] audit: type=1400 audit(1716363816.317:71): avc: denied { unmount } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.501015][ T295] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 19.515312][ T30] audit: type=1400 audit(1716363816.317:72): avc: denied { mounton } for pid=291 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 19.548161][ T30] audit: type=1400 audit(1716363816.317:73): avc: denied { mount } for pid=291 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 19.571361][ T30] audit: type=1400 audit(1716363816.317:74): avc: denied { setattr } for pid=292 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 19.594388][ T30] audit: type=1400 audit(1716363816.397:75): avc: denied { relabelto } for pid=295 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.621399][ T293] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 19.718337][ T289] cgroup: Unknown subsys name 'hugetlb' [ 19.723816][ T289] cgroup: Unknown subsys name 'rlimit' 2024/05/22 07:43:36 starting 5 executor processes [ 20.103326][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.110580][ T305] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.117863][ T305] device bridge_slave_0 entered promiscuous mode [ 20.124470][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.131334][ T305] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.138420][ T305] device bridge_slave_1 entered promiscuous mode [ 20.207196][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.214041][ T308] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.221264][ T308] device bridge_slave_0 entered promiscuous mode [ 20.228927][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.235755][ T308] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.243002][ T308] device bridge_slave_1 entered promiscuous mode [ 20.305051][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.311993][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.319071][ T307] device bridge_slave_0 entered promiscuous mode [ 20.341157][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.348038][ T307] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.355076][ T307] device bridge_slave_1 entered promiscuous mode [ 20.376188][ T309] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.383101][ T309] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.390260][ T309] device bridge_slave_0 entered promiscuous mode [ 20.397098][ T309] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.403931][ T309] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.411204][ T309] device bridge_slave_1 entered promiscuous mode [ 20.447086][ T310] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.453934][ T310] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.461231][ T310] device bridge_slave_0 entered promiscuous mode [ 20.474032][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.480896][ T305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.487974][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.494758][ T305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.502252][ T310] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.509122][ T310] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.516214][ T310] device bridge_slave_1 entered promiscuous mode [ 20.633345][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.640200][ T308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.647290][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.654070][ T308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.667868][ T317] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.675020][ T317] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.682117][ T317] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.689123][ T317] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.697236][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 20.704382][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.732096][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.740033][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.746876][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.754106][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.762090][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.768920][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.781325][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.789743][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.826662][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.834273][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.842815][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.849663][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.870598][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 20.878726][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 20.886364][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 20.893740][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 20.900982][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.909035][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.916991][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.923818][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.931013][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.938959][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.945773][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.952962][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.960694][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.980051][ T309] device veth0_vlan entered promiscuous mode [ 20.997593][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.005659][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.013429][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.020623][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.028254][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.036860][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 21.044233][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.051638][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.059799][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.067535][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.074641][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.081899][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.089879][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.096725][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.103823][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.111765][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.118610][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.125732][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.133669][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.140520][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.147716][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.155630][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.162493][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.169637][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.177435][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.185366][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 21.192910][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 21.201283][ T305] device veth0_vlan entered promiscuous mode [ 21.209144][ T308] device veth0_vlan entered promiscuous mode [ 21.218695][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.226845][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.234833][ T317] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.241690][ T317] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.252056][ T308] device veth1_macvtap entered promiscuous mode [ 21.261096][ T309] device veth1_macvtap entered promiscuous mode [ 21.277477][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.285426][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.293468][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.300862][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.308822][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.316694][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.323994][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.331765][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.339465][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.347288][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.354941][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.362917][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.377809][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.385648][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.394067][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.402002][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.409753][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.417865][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.425862][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.433787][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.442148][ T305] device veth1_macvtap entered promiscuous mode [ 21.459597][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.467308][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.475317][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.483524][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.491539][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.499656][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.507789][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.517084][ T310] device veth0_vlan entered promiscuous mode [ 21.526009][ T310] device veth1_macvtap entered promiscuous mode [ 21.543731][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.551526][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.559392][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.567359][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.575231][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.582743][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.591185][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.599309][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.607254][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.615428][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.623525][ T317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.639818][ T307] device veth0_vlan entered promiscuous mode [ 21.652165][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.659382][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.666534][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.674477][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.683092][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x7, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffe2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r1}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) close(r2) executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10) r3 = openat$cgroup_freezer_state(r1, &(0x7f0000000140), 0x2, 0x0) r4 = openat$cgroup_procs(r1, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f00000000c0), 0x12) write$cgroup_freezer_state(r3, &(0x7f0000000400)='FROZEN\x00', 0x7) write$cgroup_freezer_state(r3, &(0x7f0000000080)='THAWED\x00', 0x7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000980), 0x12) [ 21.691131][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.699153][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.706831][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.714785][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.722225][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r2}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) close(r4) sendmsg$unix(r3, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0) executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 21.741957][ T307] device veth1_macvtap entered promiscuous mode [ 21.754504][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.766435][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.775808][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd"], 0xfdef) [ 21.796297][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.809705][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.819706][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.828045][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 3: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b53c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a90f16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0) recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1}, 0x40000100) executing program 4: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r3, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0) close(r1) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x128}, 0x0) executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0xfff, 0x7}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mm_page_alloc\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvmsg$unix(r3, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x0, 0x3}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4}, 0x0, &(0x7f0000000300)}, 0x20) bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x7fff}, 0x48) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x4, 0x808, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0, @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r4}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r6, 0xffffffffffffffff}, &(0x7f00000003c0), &(0x7f0000000400)}, 0x20) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000380), 0xffffd6c0, r7}, 0x38) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x293d, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000080), &(0x7f00000001c0)}, 0x20) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) [ 21.988559][ T357] syz-executor.2[357] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 21.988632][ T357] syz-executor.2[357] is installing a program with bpf_probe_write_user helper that may corrupt user memory! executing program 1: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b53c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a90f16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0) recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1}, 0x40000100) [ 22.010308][ T361] syz-executor.0[361] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 22.039523][ T361] syz-executor.0[361] is installing a program with bpf_probe_write_user helper that may corrupt user memory! executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) recvmsg$unix(r0, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) close(r1) [ 22.077477][ C1] hrtimer: interrupt took 29324 ns executing program 4: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x5452, &(0x7f0000000a00)={'veth0_to_bridge\x00', @dev}) executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffff7f850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0) executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r3}, 0x10) write$cgroup_type(r2, &(0x7f0000000180), 0x2000) executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair(0x1d, 0x2, 0x2, &(0x7f0000000140)) executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) [ 122.326494][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 122.333008][ C0] rcu: 0-...!: (9999 ticks this GP) idle=ac7/1/0x4000000000000000 softirq=2369/2375 fqs=0 last_accelerate: 9318/ba4d dyntick_enabled: 1 [ 122.346786][ C0] (t=10002 jiffies g=977 q=58) [ 122.351459][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g977 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 122.363438][ C0] rcu: Possible timer handling issue on cpu=1 timer-softirq=436 [ 122.370987][ C0] rcu: rcu_preempt kthread starved for 10004 jiffies! g977 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 122.382013][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 122.391818][ C0] rcu: RCU grace-period kthread stack dump: [ 122.397556][ C0] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 122.406598][ C0] Call Trace: [ 122.409698][ C0] [ 122.412479][ C0] __schedule+0xccc/0x1590 [ 122.416730][ C0] ? __sched_text_start+0x8/0x8 [ 122.421420][ C0] ? __kasan_check_write+0x14/0x20 [ 122.426405][ C0] schedule+0x11f/0x1e0 [ 122.430358][ C0] schedule_timeout+0x18c/0x370 [ 122.435044][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 122.440166][ C0] ? console_conditional_schedule+0x30/0x30 [ 122.445893][ C0] ? update_process_times+0x200/0x200 [ 122.451301][ C0] ? prepare_to_swait_event+0x308/0x320 [ 122.456684][ C0] rcu_gp_fqs_loop+0x2af/0xf80 [ 122.461276][ C0] ? debug_smp_processor_id+0x17/0x20 [ 122.466482][ C0] ? __note_gp_changes+0x4ab/0x920 [ 122.471434][ C0] ? rcu_gp_init+0xc30/0xc30 [ 122.475861][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 122.480893][ C0] ? rcu_gp_init+0x9cf/0xc30 [ 122.485328][ C0] rcu_gp_kthread+0xa4/0x350 [ 122.489830][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.494517][ C0] ? rcu_barrier_callback+0x50/0x50 [ 122.499550][ C0] ? __kasan_check_read+0x11/0x20 [ 122.504411][ C0] ? __kthread_parkme+0xb2/0x200 [ 122.509185][ C0] kthread+0x421/0x510 [ 122.513091][ C0] ? rcu_barrier_callback+0x50/0x50 [ 122.518132][ C0] ? kthread_blkcg+0xd0/0xd0 [ 122.522641][ C0] ret_from_fork+0x1f/0x30 [ 122.526890][ C0] [ 122.529762][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 122.535921][ C0] Sending NMI from CPU 0 to CPUs 1: [ 122.540962][ C1] NMI backtrace for cpu 1 [ 122.540985][ C1] CPU: 1 PID: 357 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 122.541004][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 122.541017][ C1] RIP: 0010:timerqueue_add+0x8/0x270 [ 122.541039][ C1] Code: e1 07 38 c1 0f 8c 78 ff ff ff 4c 89 e7 e8 70 64 2a ff e9 6b ff ff ff cc cc cc cc cc cc cc cc cc cc cc 55 48 89 e5 41 57 41 56 <41> 55 41 54 53 48 83 ec 30 49 89 f7 49 89 fe 48 bb 00 00 00 00 00 [ 122.541052][ C1] RSP: 0018:ffffc900001d03c0 EFLAGS: 00000086 [ 122.541068][ C1] RAX: 0000000000000000 RBX: ffff8881f7129a08 RCX: 0000000000000000 [ 122.541080][ C1] RDX: 0000000000010303 RSI: ffff88810cc20160 RDI: ffff8881f7129a60 [ 122.541092][ C1] RBP: ffffc900001d03d0 R08: ffffffff8160e437 R09: 0000000000000003 [ 122.541105][ C1] R10: fffff5200003a074 R11: dffffc0000000001 R12: ffff8881f7129a60 [ 122.541118][ C1] R13: dffffc0000000000 R14: ffff88810cc20160 R15: 0000000000000001 [ 122.541130][ C1] FS: 00007f9b721f96c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 122.541146][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.541158][ C1] CR2: 00007fac268eb344 CR3: 0000000129203000 CR4: 00000000003506a0 [ 122.541174][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 122.541184][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 122.541195][ C1] Call Trace: [ 122.541199][ C1] [ 122.541204][ C1] ? show_regs+0x58/0x60 [ 122.541224][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 122.541244][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 122.541266][ C1] ? timerqueue_add+0x8/0x270 [ 122.541281][ C1] ? timerqueue_add+0x8/0x270 [ 122.541297][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 122.541316][ C1] ? nmi_handle+0xa8/0x280 [ 122.541334][ C1] ? timerqueue_add+0x8/0x270 [ 122.541349][ C1] ? default_do_nmi+0x69/0x160 [ 122.541369][ C1] ? exc_nmi+0xaf/0x120 [ 122.541385][ C1] ? end_repeat_nmi+0x16/0x31 [ 122.541403][ C1] ? enqueue_hrtimer+0x57/0x240 [ 122.541420][ C1] ? timerqueue_add+0x8/0x270 [ 122.541436][ C1] ? timerqueue_add+0x8/0x270 [ 122.541452][ C1] ? timerqueue_add+0x8/0x270 [ 122.541468][ C1] [ 122.541473][ C1] [ 122.541478][ C1] enqueue_hrtimer+0xca/0x240 [ 122.541493][ C1] ? __hrtimer_run_queues+0x46b/0xad0 [ 122.541510][ C1] __hrtimer_run_queues+0x478/0xad0 [ 122.541530][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 122.541543][ C1] ? clockevents_program_event+0x236/0x300 [ 122.541561][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 122.541580][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 122.541602][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 122.541620][ C1] sysvec_apic_timer_interrupt+0x44/0xc0 [ 122.541639][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.541655][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 122.541674][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 122.541687][ C1] RSP: 0018:ffffc900001d0780 EFLAGS: 00000246 [ 122.541700][ C1] RAX: 0000000000000001 RBX: 1ffff9200003a0f4 RCX: 1ffffffff0d1aa9c [ 122.541712][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4 [ 122.541723][ C1] RBP: ffffc900001d0830 R08: dffffc0000000000 R09: ffffed103ee26fdb [ 122.541736][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 122.541748][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff9200003a0f8 [ 122.541765][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.541795][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 122.541815][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 122.541837][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 122.541858][ C1] ? ktime_get+0x12f/0x160 [ 122.541875][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 122.541895][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 122.541915][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 122.541936][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 122.541954][ C1] ? security_task_free+0x9a/0xc0 [ 122.541975][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9e0 [ 122.541993][ C1] bpf_trace_run2+0xec/0x210 [ 122.542012][ C1] ? debug_smp_processor_id+0x17/0x20 [ 122.542032][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 122.542050][ C1] ? security_task_free+0x9a/0xc0 [ 122.542069][ C1] ? __irq_exit_rcu+0x5c/0xf0 [ 122.542087][ C1] ? irqentry_exit+0x30/0x40 [ 122.542104][ C1] ? security_task_free+0x9a/0xc0 [ 122.542123][ C1] __bpf_trace_kfree+0x6f/0x90 [ 122.542140][ C1] ? security_task_free+0x9a/0xc0 [ 122.542159][ C1] kfree+0x1f3/0x220 [ 122.542176][ C1] ? refcount_dec_not_one+0x114/0x210 [ 122.542192][ C1] ? security_task_free+0x75/0xc0 [ 122.542212][ C1] security_task_free+0x9a/0xc0 [ 122.542231][ C1] __put_task_struct+0xed/0x3e0 [ 122.542249][ C1] ? delayed_put_task_struct+0x61/0x1a0 [ 122.542268][ C1] delayed_put_task_struct+0x69/0x1a0 [ 122.542286][ C1] ? put_task_struct_rcu_user+0x90/0x90 [ 122.542303][ C1] rcu_do_batch+0x57a/0xc10 [ 122.542326][ C1] ? local_bh_enable+0x20/0x20 [ 122.542344][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 122.542364][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.542383][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 122.542403][ C1] ? rcu_report_qs_rnp+0x2bf/0x390 [ 122.542422][ C1] rcu_core+0x517/0x1020 [ 122.542443][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 122.542463][ C1] ? run_timer_softirq+0x89/0xf0 [ 122.542479][ C1] rcu_core_si+0x9/0x10 [ 122.542496][ C1] __do_softirq+0x26d/0x5bf [ 122.542514][ C1] __irq_exit_rcu+0x50/0xf0 [ 122.542532][ C1] irq_exit_rcu+0x9/0x10 [ 122.542548][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 122.542567][ C1] [ 122.542571][ C1] [ 122.542577][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.542593][ C1] RIP: 0010:generic_map_lookup_batch+0x66e/0xc70 [ 122.542615][ C1] Code: 00 4c 8b 7c 24 28 48 8b 5c 24 78 74 08 48 89 df e8 27 f9 32 00 48 8b 0b 48 8b 7c 24 48 4c 89 f6 48 8b 54 24 40 e8 02 06 00 00 <41> 89 c5 89 c7 48 c7 c6 70 3b a0 86 e8 01 db f0 ff 41 83 fd fe 0f [ 122.542628][ C1] RSP: 0018:ffffc90000a07c20 EFLAGS: 00000286 [ 122.542641][ C1] RAX: 0000000000000000 RBX: ffffc90000a07e28 RCX: 0000000000040000 [ 122.542653][ C1] RDX: ffffc900017af000 RSI: 00000000000210e6 RDI: 00000000000210e7 [ 122.542664][ C1] RBP: ffffc90000a07d60 R08: ffffffff817f5823 R09: 0000000000000004 [ 122.542676][ C1] R10: ffffed1021759f63 R11: dffffc0000000001 R12: dffffc0000000000 [ 122.542689][ C1] R13: 0000000000000000 R14: ffff88810bacfb18 R15: 1ffff92000140f9c [ 122.542703][ C1] ? bpf_map_copy_value+0x243/0x500 [ 122.542725][ C1] ? bpf_map_update_value+0x3c0/0x3c0 [ 122.542743][ C1] ? __fdget+0x1bc/0x240 [ 122.542757][ C1] ? bpf_map_update_value+0x3c0/0x3c0 [ 122.542777][ C1] bpf_map_do_batch+0x2dc/0x620 [ 122.542796][ C1] __sys_bpf+0x5dc/0x760 [ 122.542812][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 122.542833][ C1] ? __kasan_check_read+0x11/0x20 [ 122.542852][ C1] __x64_sys_bpf+0x7c/0x90 [ 122.542868][ C1] do_syscall_64+0x3d/0xb0 [ 122.542883][ C1] ? sysvec_call_function_single+0x52/0xb0 [ 122.542901][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 122.542922][ C1] RIP: 0033:0x7f9b73484ee9 [ 122.542939][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 122.542952][ C1] RSP: 002b:00007f9b721f90c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 122.542968][ C1] RAX: ffffffffffffffda RBX: 00007f9b735b3f80 RCX: 00007f9b73484ee9 [ 122.542981][ C1] RDX: 0000000000000038 RSI: 0000000020000480 RDI: 0000000000000018 [ 122.542992][ C1] RBP: 00007f9b734d149e R08: 0000000000000000 R09: 0000000000000000 [ 122.543002][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.543013][ C1] R13: 000000000000000b R14: 00007f9b735b3f80 R15: 00007fffdf1dfe98 [ 122.543028][ C1] [ 122.544030][ C0] NMI backtrace for cpu 0 [ 123.303797][ C0] CPU: 0 PID: 383 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 123.313767][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 123.323662][ C0] Call Trace: [ 123.326783][ C0] [ 123.329474][ C0] dump_stack_lvl+0x151/0x1b7 [ 123.333987][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 123.339454][ C0] ? ttwu_do_wakeup+0x187/0x430 [ 123.344142][ C0] dump_stack+0x15/0x17 [ 123.348130][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 123.352907][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 123.359118][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 123.364417][ C0] ? __kasan_check_write+0x14/0x20 [ 123.369358][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 123.374041][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 123.379942][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 123.385759][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 123.391661][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 123.397389][ C0] rcu_dump_cpu_stacks+0x1d8/0x330 [ 123.402337][ C0] print_cpu_stall+0x315/0x5f0 [ 123.406941][ C0] rcu_sched_clock_irq+0x989/0x12f0 [ 123.411971][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 123.417961][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 123.422993][ C0] update_process_times+0x198/0x200 [ 123.428029][ C0] tick_sched_timer+0x188/0x240 [ 123.432864][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 123.438248][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 123.443293][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 123.448230][ C0] ? clockevents_program_event+0x22f/0x300 [ 123.453868][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 123.459775][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 123.464906][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 123.470635][ C0] sysvec_apic_timer_interrupt+0x95/0xc0 [ 123.476095][ C0] [ 123.478868][ C0] [ 123.481646][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.487461][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 123.492235][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 123.511675][ C0] RSP: 0018:ffffc900052b6ac0 EFLAGS: 00000246 [ 123.517576][ C0] RAX: 0000000000000003 RBX: 1ffff92000a56d5c RCX: ffffffff8154fa7f [ 123.525401][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810dff2258 [ 123.533199][ C0] RBP: ffffc900052b6b70 R08: dffffc0000000000 R09: ffffed1021bfe44c [ 123.541011][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 123.548820][ C0] R13: ffff88810dff2258 R14: 0000000000000003 R15: 1ffff92000a56d60 [ 123.556639][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 123.562715][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.568699][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 123.573649][ C0] ? pv_hash+0x86/0x150 [ 123.577794][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 123.583697][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 123.589945][ C0] ? 0xffffffffa000e620 [ 123.593932][ C0] ? is_bpf_text_address+0x172/0x190 [ 123.599055][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 123.603829][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 123.608862][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 123.614245][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 123.619280][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.623963][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9e0 [ 123.629346][ C0] bpf_trace_run2+0xec/0x210 [ 123.633773][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.638458][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.643145][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.647832][ C0] __bpf_trace_kfree+0x6f/0x90 [ 123.652439][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.657119][ C0] kfree+0x1f3/0x220 [ 123.660855][ C0] sock_map_unref+0x352/0x4d0 [ 123.665367][ C0] sock_hash_delete_elem+0x274/0x2f0 [ 123.670484][ C0] ? kvfree+0x35/0x40 [ 123.674303][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9e0 [ 123.679690][ C0] bpf_trace_run2+0xec/0x210 [ 123.684112][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.688798][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 123.694438][ C0] ? kvfree+0x35/0x40 [ 123.698259][ C0] ? free_unref_page+0x2b3/0x750 [ 123.703032][ C0] ? kvfree+0x35/0x40 [ 123.706850][ C0] __bpf_trace_kfree+0x6f/0x90 [ 123.711451][ C0] ? kvfree+0x35/0x40 [ 123.715268][ C0] kfree+0x1f3/0x220 [ 123.719006][ C0] kvfree+0x35/0x40 [ 123.722645][ C0] __vunmap+0x850/0x8f0 [ 123.726641][ C0] vfree+0x7f/0xb0 [ 123.730196][ C0] bpf_prog_calc_tag+0x69a/0x8f0 [ 123.734976][ C0] ? __bpf_prog_free+0xe0/0xe0 [ 123.739578][ C0] resolve_pseudo_ldimm64+0xe2/0x1240 [ 123.745128][ C0] ? check_attach_btf_id+0x40f/0xef0 [ 123.750246][ C0] ? bpf_check+0x12bf0/0x12bf0 [ 123.754847][ C0] ? check_attach_btf_id+0xef0/0xef0 [ 123.759967][ C0] ? __mark_reg_known+0x1b0/0x1b0 [ 123.764830][ C0] ? security_capable+0x87/0xb0 [ 123.769521][ C0] bpf_check+0x3174/0x12bf0 [ 123.773862][ C0] ? 0xffffffffa000e620 [ 123.777853][ C0] ? is_bpf_text_address+0x172/0x190 [ 123.782972][ C0] ? stack_trace_save+0x1c0/0x1c0 [ 123.787827][ C0] ? __kernel_text_address+0x9b/0x110 [ 123.793035][ C0] ? unwind_get_return_address+0x4d/0x90 [ 123.798504][ C0] ? bpf_get_btf_vmlinux+0x60/0x60 [ 123.803448][ C0] ? arch_stack_walk+0xf3/0x140 [ 123.808141][ C0] ? stack_trace_save+0x113/0x1c0 [ 123.812995][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 123.817943][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 123.822892][ C0] ? __stack_depot_save+0x34/0x470 [ 123.827841][ C0] ? ____kasan_kmalloc+0xed/0x110 [ 123.832699][ C0] ? ____kasan_kmalloc+0xdb/0x110 [ 123.837557][ C0] ? __kasan_kmalloc+0x9/0x10 [ 123.842071][ C0] ? kmem_cache_alloc_trace+0x115/0x210 [ 123.847453][ C0] ? selinux_bpf_prog_alloc+0x51/0x140 [ 123.852747][ C0] ? security_bpf_prog_alloc+0x62/0x90 [ 123.858039][ C0] ? bpf_prog_load+0x9ee/0x1b50 [ 123.862730][ C0] ? __sys_bpf+0x4bc/0x760 [ 123.866979][ C0] ? __x64_sys_bpf+0x7c/0x90 [ 123.871405][ C0] ? do_syscall_64+0x3d/0xb0 [ 123.875832][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 123.881746][ C0] ? __kasan_kmalloc+0x9/0x10 [ 123.886261][ C0] ? memset+0x35/0x40 [ 123.890067][ C0] ? bpf_obj_name_cpy+0x196/0x1e0 [ 123.894944][ C0] bpf_prog_load+0x12ac/0x1b50 [ 123.899532][ C0] ? map_freeze+0x370/0x370 [ 123.903876][ C0] ? selinux_bpf+0xcb/0x100 [ 123.908209][ C0] ? security_bpf+0x82/0xb0 [ 123.912546][ C0] __sys_bpf+0x4bc/0x760 [ 123.916626][ C0] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 123.921838][ C0] ? __kasan_check_read+0x11/0x20 [ 123.926694][ C0] __x64_sys_bpf+0x7c/0x90 [ 123.930947][ C0] do_syscall_64+0x3d/0xb0 [ 123.935198][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 123.940926][ C0] RIP: 0033:0x7fac267c5ee9 [ 123.945181][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 123.964627][ C0] RSP: 002b:00007fac2553a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 123.972866][ C0] RAX: ffffffffffffffda RBX: 00007fac268f4f80 RCX: 00007fac267c5ee9 [ 123.980774][ C0] RDX: 0000000000000090 RSI: 0000000020000680 RDI: 0000000000000005 [ 123.988575][ C0] RBP: 00007fac2681249e R08: 0000000000000000 R09: 0000000000000000 [ 123.996385][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.004199][ C0] R13: 000000000000000b R14: 00007fac268f4f80 R15: 00007ffe1b7911c8 [ 124.012014][ C0] [ 265.033768][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [syz-executor.2:357] [ 265.042101][ C1] Modules linked in: [ 265.045832][ C1] CPU: 1 PID: 357 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 265.055810][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.065713][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 265.070483][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.090441][ C1] RSP: 0018:ffffc900001d0780 EFLAGS: 00000246 [ 265.096341][ C1] RAX: 0000000000000001 RBX: 1ffff9200003a0f4 RCX: 1ffffffff0d1aa9c [ 265.104153][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4 [ 265.112056][ C1] RBP: ffffc900001d0830 R08: dffffc0000000000 R09: ffffed103ee26fdb [ 265.119864][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.127672][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff9200003a0f8 [ 265.135495][ C1] FS: 00007f9b721f96c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 265.144257][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.150674][ C1] CR2: 00007fac268eb344 CR3: 0000000129203000 CR4: 00000000003506a0 [ 265.158495][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.166300][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.174109][ C1] Call Trace: [ 265.177320][ C1] [ 265.180012][ C1] ? show_regs+0x58/0x60 [ 265.184093][ C1] ? watchdog_timer_fn+0x4b1/0x5f0 [ 265.189039][ C1] ? proc_watchdog_cpumask+0xd0/0xd0 [ 265.194249][ C1] ? __hrtimer_run_queues+0x41a/0xad0 [ 265.199456][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 265.204397][ C1] ? clockevents_program_event+0x22f/0x300 [ 265.210042][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 265.215943][ C1] ? hrtimer_interrupt+0x40c/0xaa0 [ 265.220895][ C1] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 265.226798][ C1] ? sysvec_apic_timer_interrupt+0x44/0xc0 [ 265.232432][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.238421][ C1] ? kvm_wait+0x147/0x180 [ 265.242586][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 265.247629][ C1] ? __pv_queued_spin_lock_slowpath+0x351/0xc40 [ 265.253783][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 265.259687][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.265932][ C1] ? ktime_get+0x12f/0x160 [ 265.270185][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 265.274957][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.279992][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 265.285287][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 265.290320][ C1] ? security_task_free+0x9a/0xc0 [ 265.295181][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9e0 [ 265.300563][ C1] bpf_trace_run2+0xec/0x210 [ 265.304988][ C1] ? debug_smp_processor_id+0x17/0x20 [ 265.310197][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.314882][ C1] ? security_task_free+0x9a/0xc0 [ 265.319742][ C1] ? __irq_exit_rcu+0x5c/0xf0 [ 265.324256][ C1] ? irqentry_exit+0x30/0x40 [ 265.328682][ C1] ? security_task_free+0x9a/0xc0 [ 265.333543][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.338143][ C1] ? security_task_free+0x9a/0xc0 [ 265.343002][ C1] kfree+0x1f3/0x220 [ 265.346736][ C1] ? refcount_dec_not_one+0x114/0x210 [ 265.351942][ C1] ? security_task_free+0x75/0xc0 [ 265.356806][ C1] security_task_free+0x9a/0xc0 [ 265.361489][ C1] __put_task_struct+0xed/0x3e0 [ 265.366176][ C1] ? delayed_put_task_struct+0x61/0x1a0 [ 265.371564][ C1] delayed_put_task_struct+0x69/0x1a0 [ 265.376773][ C1] ? put_task_struct_rcu_user+0x90/0x90 [ 265.382332][ C1] rcu_do_batch+0x57a/0xc10 [ 265.386670][ C1] ? local_bh_enable+0x20/0x20 [ 265.391263][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 265.396562][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 265.401246][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 265.406889][ C1] ? rcu_report_qs_rnp+0x2bf/0x390 [ 265.411832][ C1] rcu_core+0x517/0x1020 [ 265.415913][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 265.420946][ C1] ? run_timer_softirq+0x89/0xf0 [ 265.425726][ C1] rcu_core_si+0x9/0x10 [ 265.429712][ C1] __do_softirq+0x26d/0x5bf [ 265.434052][ C1] __irq_exit_rcu+0x50/0xf0 [ 265.438390][ C1] irq_exit_rcu+0x9/0x10 [ 265.442470][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 265.447939][ C1] [ 265.450716][ C1] [ 265.453492][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.459309][ C1] RIP: 0010:generic_map_lookup_batch+0x66e/0xc70 [ 265.465469][ C1] Code: 00 4c 8b 7c 24 28 48 8b 5c 24 78 74 08 48 89 df e8 27 f9 32 00 48 8b 0b 48 8b 7c 24 48 4c 89 f6 48 8b 54 24 40 e8 02 06 00 00 <41> 89 c5 89 c7 48 c7 c6 70 3b a0 86 e8 01 db f0 ff 41 83 fd fe 0f [ 265.484910][ C1] RSP: 0018:ffffc90000a07c20 EFLAGS: 00000286 [ 265.490812][ C1] RAX: 0000000000000000 RBX: ffffc90000a07e28 RCX: 0000000000040000 [ 265.498624][ C1] RDX: ffffc900017af000 RSI: 00000000000210e6 RDI: 00000000000210e7 [ 265.506435][ C1] RBP: ffffc90000a07d60 R08: ffffffff817f5823 R09: 0000000000000004 [ 265.514248][ C1] R10: ffffed1021759f63 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.522058][ C1] R13: 0000000000000000 R14: ffff88810bacfb18 R15: 1ffff92000140f9c [ 265.529871][ C1] ? bpf_map_copy_value+0x243/0x500 [ 265.534905][ C1] ? bpf_map_update_value+0x3c0/0x3c0 [ 265.540111][ C1] ? __fdget+0x1bc/0x240 [ 265.544191][ C1] ? bpf_map_update_value+0x3c0/0x3c0 [ 265.549399][ C1] bpf_map_do_batch+0x2dc/0x620 [ 265.554086][ C1] __sys_bpf+0x5dc/0x760 [ 265.558163][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 265.563373][ C1] ? __kasan_check_read+0x11/0x20 [ 265.568233][ C1] __x64_sys_bpf+0x7c/0x90 [ 265.572484][ C1] do_syscall_64+0x3d/0xb0 [ 265.576738][ C1] ? sysvec_call_function_single+0x52/0xb0 [ 265.582377][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.588107][ C1] RIP: 0033:0x7f9b73484ee9 [ 265.592491][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 265.611916][ C1] RSP: 002b:00007f9b721f90c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 265.620161][ C1] RAX: ffffffffffffffda RBX: 00007f9b735b3f80 RCX: 00007f9b73484ee9 [ 265.627978][ C1] RDX: 0000000000000038 RSI: 0000000020000480 RDI: 0000000000000018 [ 265.635782][ C1] RBP: 00007f9b734d149e R08: 0000000000000000 R09: 0000000000000000 [ 265.643596][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.651407][ C1] R13: 000000000000000b R14: 00007f9b735b3f80 R15: 00007fffdf1dfe98 [ 265.659220][ C1] [ 265.662085][ C1] Sending NMI from CPU 1 to CPUs 0: [ 265.667133][ C0] NMI backtrace for cpu 0 [ 265.667142][ C0] CPU: 0 PID: 383 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 265.667159][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.667167][ C0] RIP: 0010:__pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 265.667190][ C0] Code: 00 00 49 89 dc c6 03 00 48 8b 44 24 10 0f b6 04 10 84 c0 0f 85 48 01 00 00 48 8b 44 24 08 c6 00 01 bb 00 80 ff ff eb 06 f3 90 c3 74 5e 41 0f b6 44 15 00 84 c0 75 36 41 80 3f 00 75 ea 4c 89 [ 265.667201][ C0] RSP: 0018:ffffc900052b6b80 EFLAGS: 00000206 [ 265.667213][ C0] RAX: 0000000000000000 RBX: 00000000fffffc28 RCX: ffffffff8154fa7f [ 265.667224][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810dff2258 [ 265.667234][ C0] RBP: ffffc900052b6c70 R08: dffffc0000000000 R09: ffffed1021bfe44c [ 265.667245][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881f7037ed4 [ 265.667255][ C0] R13: 1ffff11021bfe44b R14: 1ffff1103ee00001 R15: ffff88810dff2258 [ 265.667266][ C0] FS: 00007fac2553a6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 265.667279][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.667290][ C0] CR2: 0000001b2e624000 CR3: 0000000129546000 CR4: 00000000003506b0 [ 265.667303][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.667311][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.667321][ C0] Call Trace: [ 265.667325][ C0] [ 265.667331][ C0] ? show_regs+0x58/0x60 [ 265.667346][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 265.667364][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 265.667381][ C0] ? __pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 265.667397][ C0] ? __pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 265.667413][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 265.667429][ C0] ? nmi_handle+0xa8/0x280 [ 265.667444][ C0] ? __pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 265.667460][ C0] ? default_do_nmi+0x69/0x160 [ 265.667475][ C0] ? exc_nmi+0xaf/0x120 [ 265.667488][ C0] ? end_repeat_nmi+0x16/0x31 [ 265.667504][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.667520][ C0] ? __pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 265.667536][ C0] ? __pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 265.667553][ C0] ? __pv_queued_spin_lock_slowpath+0x5ba/0xc40 [ 265.667569][ C0] [ 265.667573][ C0] [ 265.667579][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.667596][ C0] ? 0xffffffffa000e620 [ 265.667606][ C0] ? is_bpf_text_address+0x172/0x190 [ 265.667623][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 265.667639][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.667655][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 265.667673][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 265.667688][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.667703][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9e0 [ 265.667715][ C0] bpf_trace_run2+0xec/0x210 [ 265.667731][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.667745][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.667761][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.667775][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.667789][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.667803][ C0] kfree+0x1f3/0x220 [ 265.667820][ C0] sock_map_unref+0x352/0x4d0 [ 265.667843][ C0] sock_hash_delete_elem+0x274/0x2f0 [ 265.667858][ C0] ? kvfree+0x35/0x40 [ 265.667871][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9e0 [ 265.667882][ C0] bpf_trace_run2+0xec/0x210 [ 265.667898][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.667912][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 265.667928][ C0] ? kvfree+0x35/0x40 [ 265.667940][ C0] ? free_unref_page+0x2b3/0x750 [ 265.667955][ C0] ? kvfree+0x35/0x40 [ 265.667968][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.667981][ C0] ? kvfree+0x35/0x40 [ 265.667994][ C0] kfree+0x1f3/0x220 [ 265.668009][ C0] kvfree+0x35/0x40 [ 265.668021][ C0] __vunmap+0x850/0x8f0 [ 265.668037][ C0] vfree+0x7f/0xb0 [ 265.668049][ C0] bpf_prog_calc_tag+0x69a/0x8f0 [ 265.668065][ C0] ? __bpf_prog_free+0xe0/0xe0 [ 265.668084][ C0] resolve_pseudo_ldimm64+0xe2/0x1240 [ 265.668101][ C0] ? check_attach_btf_id+0x40f/0xef0 [ 265.668117][ C0] ? bpf_check+0x12bf0/0x12bf0 [ 265.668132][ C0] ? check_attach_btf_id+0xef0/0xef0 [ 265.668147][ C0] ? __mark_reg_known+0x1b0/0x1b0 [ 265.668161][ C0] ? security_capable+0x87/0xb0 [ 265.668178][ C0] bpf_check+0x3174/0x12bf0 [ 265.668200][ C0] ? 0xffffffffa000e620 [ 265.668210][ C0] ? is_bpf_text_address+0x172/0x190 [ 265.668225][ C0] ? stack_trace_save+0x1c0/0x1c0 [ 265.668239][ C0] ? __kernel_text_address+0x9b/0x110 [ 265.668254][ C0] ? unwind_get_return_address+0x4d/0x90 [ 265.668271][ C0] ? bpf_get_btf_vmlinux+0x60/0x60 [ 265.668285][ C0] ? arch_stack_walk+0xf3/0x140 [ 265.668303][ C0] ? stack_trace_save+0x113/0x1c0 [ 265.668317][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 265.668331][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 265.668346][ C0] ? __stack_depot_save+0x34/0x470 [ 265.668363][ C0] ? ____kasan_kmalloc+0xed/0x110 [ 265.668376][ C0] ? ____kasan_kmalloc+0xdb/0x110 [ 265.668389][ C0] ? __kasan_kmalloc+0x9/0x10 [ 265.668401][ C0] ? kmem_cache_alloc_trace+0x115/0x210 [ 265.668416][ C0] ? selinux_bpf_prog_alloc+0x51/0x140 [ 265.668429][ C0] ? security_bpf_prog_alloc+0x62/0x90 [ 265.668444][ C0] ? bpf_prog_load+0x9ee/0x1b50 [ 265.668457][ C0] ? __sys_bpf+0x4bc/0x760 [ 265.668469][ C0] ? __x64_sys_bpf+0x7c/0x90 [ 265.668482][ C0] ? do_syscall_64+0x3d/0xb0 [ 265.668495][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.668521][ C0] ? __kasan_kmalloc+0x9/0x10 [ 265.668535][ C0] ? memset+0x35/0x40 [ 265.668548][ C0] ? bpf_obj_name_cpy+0x196/0x1e0 [ 265.668562][ C0] bpf_prog_load+0x12ac/0x1b50 [ 265.668579][ C0] ? map_freeze+0x370/0x370 [ 265.668596][ C0] ? selinux_bpf+0xcb/0x100 [ 265.668609][ C0] ? security_bpf+0x82/0xb0 [ 265.668622][ C0] __sys_bpf+0x4bc/0x760 [ 265.668636][ C0] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 265.668653][ C0] ? __kasan_check_read+0x11/0x20 [ 265.668668][ C0] __x64_sys_bpf+0x7c/0x90 [ 265.668682][ C0] do_syscall_64+0x3d/0xb0 [ 265.668695][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.668711][ C0] RIP: 0033:0x7fac267c5ee9 [ 265.668724][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 265.668735][ C0] RSP: 002b:00007fac2553a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 265.668749][ C0] RAX: ffffffffffffffda RBX: 00007fac268f4f80 RCX: 00007fac267c5ee9 [ 265.668759][ C0] RDX: 0000000000000090 RSI: 0000000020000680 RDI: 0000000000000005 [ 265.668768][ C0] RBP: 00007fac2681249e R08: 0000000000000000 R09: 0000000000000000 [ 265.668777][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.668786][ C0] R13: 000000000000000b R14: 00007fac268f4f80 R15: 00007ffe1b7911c8 [ 265.668799][ C0]