./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3047345685 <...> Warning: Permanently added '10.128.1.25' (ED25519) to the list of known hosts. execve("./syz-executor3047345685", ["./syz-executor3047345685"], 0x7ffec16453c0 /* 10 vars */) = 0 brk(NULL) = 0x555579819000 brk(0x555579819d00) = 0x555579819d00 arch_prctl(ARCH_SET_FS, 0x555579819380) = 0 set_tid_address(0x555579819650) = 5064 set_robust_list(0x555579819660, 24) = 0 rseq(0x555579819ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3047345685", 4096) = 28 getrandom("\x34\x70\x6f\x4f\x1c\x10\xc6\x26", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555579819d00 brk(0x55557983ad00) = 0x55557983ad00 brk(0x55557983b000) = 0x55557983b000 mprotect(0x7f1fbbac8000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached [pid 5065] set_robust_list(0x555579819660, 24) = 0 [pid 5065] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5064] <... clone resumed>, child_tidptr=0x555579819650) = 5065 ./strace-static-x86_64: Process 5066 attached [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] set_robust_list(0x555579819660, 24 [pid 5065] <... clone resumed>, child_tidptr=0x555579819650) = 5066 [pid 5066] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5067 attached [pid 5064] <... clone resumed>, child_tidptr=0x555579819650) = 5067 [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5067] set_robust_list(0x555579819660, 24 [pid 5066] <... prctl resumed>) = 0 [pid 5067] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5068 attached [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] setpgid(0, 0 [pid 5064] <... clone resumed>, child_tidptr=0x555579819650) = 5068 [pid 5068] set_robust_list(0x555579819660, 24 [pid 5066] <... setpgid resumed>) = 0 [pid 5068] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5069 attached [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5071 attached ./strace-static-x86_64: Process 5070 attached [pid 5069] set_robust_list(0x555579819660, 24 [pid 5067] <... clone resumed>, child_tidptr=0x555579819650) = 5069 [pid 5064] <... clone resumed>, child_tidptr=0x555579819650) = 5071 [pid 5071] set_robust_list(0x555579819660, 24 [pid 5070] set_robust_list(0x555579819660, 24 [pid 5069] <... set_robust_list resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x555579819650) = 5070 [pid 5066] <... openat resumed>) = 3 [pid 5064] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... set_robust_list resumed>) = 0 [pid 5070] <... set_robust_list resumed>) = 0 [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5066] write(3, "1000", 4 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... prctl resumed>) = 0 [ 74.540105][ T28] audit: type=1400 audit(1713177029.179:87): avc: denied { execmem } for pid=5064 comm="syz-executor304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... prctl resumed>) = 0 [pid 5069] setpgid(0, 0 [pid 5066] <... write resumed>) = 4 [pid 5070] setpgid(0, 0 [pid 5069] <... setpgid resumed>) = 0 [pid 5066] close(3 [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... setpgid resumed>) = 0 [pid 5066] <... close resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5069] <... openat resumed>) = 3 [pid 5064] <... clone resumed>, child_tidptr=0x555579819650) = 5072 ./strace-static-x86_64: Process 5072 attached [pid 5070] <... openat resumed>) = 3 [pid 5069] write(3, "1000", 4 [pid 5066] sendmsg(-1, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xec\x66\x31\x89\xd3\x34\x8b\xf1\x3f\x87\x2a\x46\x83\x52\xb7\x24\x82\xb5\xb2\xb3\x64\xa2\x9c\x6f\x0f\x2c\x4e\x74\x1b\xf6\x45\x7d\x14\x18\x45\x5e\x15\x72\x53\x23\x16\x81\xa3\x88\x9f\x39\xb3\xda\x6b\x60\xdb\xe4\x04\xcb\x9a\x14\x5d\x0d\x49\xcf\xd1\x66\x8a\x32\xb9\x6f\xf3\x02\x97\x57\x48\x99\x3a\x8a\x53\x41\x44\xd2\x11\xc6\x81\xff\x3d\x91\xff\xa4\x36\xd4\x0b\x9a\xfe\x64\x8e\xc8\xbd\xe2\xf7\x55\x3f\xb5"..., iov_len=2643}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5072] set_robust_list(0x555579819660, 24 [pid 5069] <... write resumed>) = 4 [pid 5066] <... sendmsg resumed>) = -1 EBADF (Bad file descriptor) [pid 5072] <... set_robust_list resumed>) = 0 [pid 5070] write(3, "1000", 4 [pid 5069] close(3 [pid 5066] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=4, value_size=8, max_entries=8, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72./strace-static-x86_64: Process 5073 attached [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... write resumed>) = 4 [pid 5069] <... close resumed>) = 0 [pid 5073] set_robust_list(0x555579819660, 24 [pid 5071] <... clone resumed>, child_tidptr=0x555579819650) = 5073 [pid 5070] close(3 [pid 5066] <... bpf resumed>) = 3 [pid 5073] <... set_robust_list resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] sendmsg(-1, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xec\x66\x31\x89\xd3\x34\x8b\xf1\x3f\x87\x2a\x46\x83\x52\xb7\x24\x82\xb5\xb2\xb3\x64\xa2\x9c\x6f\x0f\x2c\x4e\x74\x1b\xf6\x45\x7d\x14\x18\x45\x5e\x15\x72\x53\x23\x16\x81\xa3\x88\x9f\x39\xb3\xda\x6b\x60\xdb\xe4\x04\xcb\x9a\x14\x5d\x0d\x49\xcf\xd1\x66\x8a\x32\xb9\x6f\xf3\x02\x97\x57\x48\x99\x3a\x8a\x53\x41\x44\xd2\x11\xc6\x81\xff\x3d\x91\xff\xa4\x36\xd4\x0b\x9a\xfe\x64\x8e\xc8\xbd\xe2\xf7\x55\x3f\xb5"..., iov_len=2643}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5073] <... prctl resumed>) = 0 [pid 5070] <... sendmsg resumed>) = -1 EBADF (Bad file descriptor) [pid 5070] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=4, value_size=8, max_entries=8, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 5073] setpgid(0, 0 [pid 5070] <... bpf resumed>) = 3 [pid 5073] <... setpgid resumed>) = 0 [pid 5070] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5073] <... openat resumed>) = 3 [pid 5070] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144./strace-static-x86_64: Process 5074 attached [pid 5069] sendmsg(-1, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xec\x66\x31\x89\xd3\x34\x8b\xf1\x3f\x87\x2a\x46\x83\x52\xb7\x24\x82\xb5\xb2\xb3\x64\xa2\x9c\x6f\x0f\x2c\x4e\x74\x1b\xf6\x45\x7d\x14\x18\x45\x5e\x15\x72\x53\x23\x16\x81\xa3\x88\x9f\x39\xb3\xda\x6b\x60\xdb\xe4\x04\xcb\x9a\x14\x5d\x0d\x49\xcf\xd1\x66\x8a\x32\xb9\x6f\xf3\x02\x97\x57\x48\x99\x3a\x8a\x53\x41\x44\xd2\x11\xc6\x81\xff\x3d\x91\xff\xa4\x36\xd4\x0b\x9a\xfe\x64\x8e\xc8\xbd\xe2\xf7\x55\x3f\xb5"..., iov_len=2643}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5066] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5074] set_robust_list(0x555579819660, 24 [pid 5073] write(3, "1000", 4 [pid 5072] <... clone resumed>, child_tidptr=0x555579819650) = 5074 [pid 5069] <... sendmsg resumed>) = -1 EBADF (Bad file descriptor) [pid 5069] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=4, value_size=8, max_entries=8, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 5069] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5069] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5074] <... set_robust_list resumed>) = 0 [pid 5073] <... write resumed>) = 4 [pid 5066] <... bpf resumed>) = -1 EFAULT (Bad address) [ 74.610000][ T28] audit: type=1400 audit(1713177029.249:88): avc: denied { map_create } for pid=5066 comm="syz-executor304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 74.629526][ T28] audit: type=1400 audit(1713177029.249:89): avc: denied { map_read map_write } for pid=5066 comm="syz-executor304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] close(3 [pid 5066] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5074] <... prctl resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5074] setpgid(0, 0 [pid 5073] sendmsg(-1, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xec\x66\x31\x89\xd3\x34\x8b\xf1\x3f\x87\x2a\x46\x83\x52\xb7\x24\x82\xb5\xb2\xb3\x64\xa2\x9c\x6f\x0f\x2c\x4e\x74\x1b\xf6\x45\x7d\x14\x18\x45\x5e\x15\x72\x53\x23\x16\x81\xa3\x88\x9f\x39\xb3\xda\x6b\x60\xdb\xe4\x04\xcb\x9a\x14\x5d\x0d\x49\xcf\xd1\x66\x8a\x32\xb9\x6f\xf3\x02\x97\x57\x48\x99\x3a\x8a\x53\x41\x44\xd2\x11\xc6\x81\xff\x3d\x91\xff\xa4\x36\xd4\x0b\x9a\xfe\x64\x8e\xc8\xbd\xe2\xf7\x55\x3f\xb5"..., iov_len=2643}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0 [pid 5074] <... setpgid resumed>) = 0 [pid 5073] <... sendmsg resumed>) = -1 EBADF (Bad file descriptor) [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=4, value_size=8, max_entries=8, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 5074] <... openat resumed>) = 3 [pid 5073] <... bpf resumed>) = 3 [pid 5074] write(3, "1000", 4 [pid 5073] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5074] <... write resumed>) = 4 [pid 5073] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 5074] close(3 [pid 5073] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 5074] <... close resumed>) = 0 [pid 5070] <... bpf resumed>) = 4 [pid 5074] sendmsg(-1, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xec\x66\x31\x89\xd3\x34\x8b\xf1\x3f\x87\x2a\x46\x83\x52\xb7\x24\x82\xb5\xb2\xb3\x64\xa2\x9c\x6f\x0f\x2c\x4e\x74\x1b\xf6\x45\x7d\x14\x18\x45\x5e\x15\x72\x53\x23\x16\x81\xa3\x88\x9f\x39\xb3\xda\x6b\x60\xdb\xe4\x04\xcb\x9a\x14\x5d\x0d\x49\xcf\xd1\x66\x8a\x32\xb9\x6f\xf3\x02\x97\x57\x48\x99\x3a\x8a\x53\x41\x44\xd2\x11\xc6\x81\xff\x3d\x91\xff\xa4\x36\xd4\x0b\x9a\xfe\x64\x8e\xc8\xbd\xe2\xf7\x55\x3f\xb5"..., iov_len=2643}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = -1 EBADF (Bad file descriptor) [pid 5074] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=4, value_size=8, max_entries=8, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 5074] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [ 74.650000][ T28] audit: type=1400 audit(1713177029.249:90): avc: denied { prog_load } for pid=5070 comm="syz-executor304" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 74.669909][ T28] audit: type=1400 audit(1713177029.249:91): avc: denied { bpf } for pid=5070 comm="syz-executor304" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [pid 5074] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [ 74.692268][ T28] audit: type=1400 audit(1713177029.269:92): avc: denied { perfmon } for pid=5070 comm="syz-executor304" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 ** 1 printk messages dropped ** [ 74.715690][ T28] ------------[ cut here ]------------ [ 74.715710][ T28] WARNING: CPU: 0 PID: 28 at kernel/softirq.c:362 __local_bh_enable_ip+0xc3/0x120 [ 74.715771][ T28] Modules linked in: [ 74.715791][ T28] CPU: 0 PID: 28 Comm: kauditd Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 74.715821][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 74.715839][ T28] RIP: 0010:__local_bh_enable_ip+0xc3/0x120 [ 74.715874][ T28] Code: 00 e8 81 6c 0b 00 e8 4c 69 42 00 fb 65 8b 05 cc 34 b2 7e 85 c0 74 52 5b 5d c3 cc cc cc cc 65 8b 05 4e e9 b0 7e 85 c0 75 9e 90 <0f> 0b 90 eb 98 e8 73 67 42 00 eb 99 48 89 ef e8 f9 df 19 00 eb a2 [ 74.715900][ T28] RSP: 0018:ffffc90000a47758 EFLAGS: 00010046 [ 74.715928][ T28] RAX: 0000000000000000 RBX: 0000000000000201 RCX: 1ffffffff1f3d467 [ 74.715949][ T28] RDX: 0000000000000000 RSI: 0000000000000201 RDI: ffffffff88cb2754 [ 74.715970][ T28] RBP: ffffffff88cb2754 R08: 0000000000000000 R09: ffffed1005e46e01 [ 74.715990][ T28] R10: ffff88802f23700b R11: 0000000000000001 R12: fffffffffffffffe [ 74.716011][ T28] R13: ffff88802f237008 R14: ffff88802f237000 R15: 00000000049396b8 [ 74.716033][ T28] FS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000 [ 74.716060][ T28] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 74.716082][ T28] CR2: 000000001a092a48 CR3: 000000000d57a000 CR4: 00000000003506f0 [ 74.716103][ T28] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 74.716121][ T28] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 74.716139][ T28] Call Trace: [ 74.716150][ T28] [ 74.716163][ T28] ? show_regs+0x8c/0xa0 [ 74.716189][ T28] ? __warn+0xe5/0x390 [ 74.716214][ T28] ? __local_bh_enable_ip+0xc3/0x120 [ 74.716247][ T28] ? report_bug+0x3c0/0x580 [ 74.716281][ T28] ? handle_bug+0x3d/0x70 [ 74.716309][ T28] ? exc_invalid_op+0x17/0x50 [ 74.716336][ T28] ? asm_exc_invalid_op+0x1a/0x20 [ 74.716374][ T28] ? sock_hash_delete_elem+0x1f4/0x260 [ 74.716409][ T28] ? sock_hash_delete_elem+0x1f4/0x260 [ 74.716442][ T28] ? __local_bh_enable_ip+0xc3/0x120 [ 74.716475][ T28] sock_hash_delete_elem+0x1f4/0x260 [ 74.716509][ T28] ? __pfx_bpf_map_delete_elem+0x10/0x10 [ 74.716545][ T28] ___bpf_prog_run+0x3e51/0xae80 [ 74.716592][ T28] ? __pfx_data_push_tail+0x10/0x10 [ 74.716625][ T28] __bpf_prog_run32+0xc1/0x100 [ 74.716653][ T28] ? __pfx___bpf_prog_run32+0x10/0x10 [ 74.716681][ T28] ? __pfx_lock_acquire+0x10/0x10 [ 74.716720][ T28] ? __pfx___cant_migrate+0x10/0x10 [ 74.716751][ T28] bpf_trace_run2+0x151/0x420 [ 74.716778][ T28] ? __pfx_bpf_trace_run2+0x10/0x10 [ 74.716806][ T28] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 74.716843][ T28] ? vsnprintf+0x3cd/0x1880 [ 74.716874][ T28] __bpf_trace_console+0xc7/0x100 [ 74.716909][ T28] ? __pfx___bpf_trace_console+0x10/0x10 [ 74.716941][ T28] ? printk_parse_prefix+0x66/0x250 [ 74.716965][ T28] printk_sprint+0x1e9/0x300 [ 74.716988][ T28] vprintk_store+0x4e4/0xb70 [ 74.717011][ T28] ? __pfx_vprintk_store+0x10/0x10 [ 74.717034][ T28] ? __pfx___lock_acquire+0x10/0x10 [ 74.717067][ T28] ? lock_acquire+0x1b1/0x540 [ 74.717096][ T28] ? find_held_lock+0x2d/0x110 [ 74.717122][ T28] vprintk_emit+0xac/0x5a0 [ 74.717147][ T28] ? __pfx_kauditd_send_multicast_skb+0x10/0x10 [ 74.717173][ T28] vprintk+0x7f/0xa0 [ 74.717197][ T28] _printk+0xc8/0x100 [ 74.717226][ T28] ? __pfx__printk+0x10/0x10 [ 74.717255][ T28] ? ___ratelimit+0x24c/0x580 [ 74.717282][ T28] ? __pfx____ratelimit+0x10/0x10 [ 74.717309][ T28] ? kauditd_hold_skb+0x1b2/0x240 [ 74.717333][ T28] kauditd_hold_skb+0x1fb/0x240 [ 74.717359][ T28] kauditd_send_queue+0x236/0x290 [ 74.717383][ T28] ? __pfx_kauditd_hold_skb+0x10/0x10 [ 74.717409][ T28] kauditd_thread+0x61e/0xa80 [ 74.717434][ T28] ? __pfx_kauditd_thread+0x10/0x10 [ 74.717459][ T28] ? __pfx_autoremove_wake_function+0x10/0x10 [ 74.717489][ T28] ? lockdep_hardirqs_on+0x7c/0x110 [ 74.717519][ T28] ? __kthread_parkme+0x148/0x220 [ 74.717546][ T28] ? __pfx_kauditd_thread+0x10/0x10 [ 74.717576][ T28] kthread+0x2c1/0x3a0 [ 74.717605][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 74.717630][ T28] ? __pfx_kthread+0x10/0x10 [ 74.717659][ T28] ret_from_fork+0x45/0x80 [ 74.717690][ T28] ? __pfx_kthread+0x10/0x10 [ 74.717719][ T28] ret_from_fork_asm+0x1a/0x30 [ 74.717752][ T28] [ 74.717764][ T28] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 75.151703][ T28] CPU: 0 PID: 28 Comm: kauditd Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 [ 75.160926][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 75.170993][ T28] Call Trace: [ 75.174278][ T28] [ 75.177210][ T28] dump_stack_lvl+0x3d/0x1f0 [ 75.181812][ T28] panic+0x6f5/0x7a0 [ 75.185718][ T28] ? __pfx_panic+0x10/0x10 [ 75.190146][ T28] ? show_trace_log_lvl+0x363/0x500 [ 75.195358][ T28] ? check_panic_on_warn+0x1f/0xb0 [ 75.200565][ T28] ? __local_bh_enable_ip+0xc3/0x120 [ 75.205855][ T28] check_panic_on_warn+0xab/0xb0 [ 75.210815][ T28] __warn+0xf1/0x390 [ 75.214710][ T28] ? __local_bh_enable_ip+0xc3/0x120 [ 75.219997][ T28] report_bug+0x3c0/0x580 [ 75.224361][ T28] handle_bug+0x3d/0x70 [ 75.228530][ T28] exc_invalid_op+0x17/0x50 [ 75.233037][ T28] asm_exc_invalid_op+0x1a/0x20 [ 75.237901][ T28] RIP: 0010:__local_bh_enable_ip+0xc3/0x120 [ 75.243804][ T28] Code: 00 e8 81 6c 0b 00 e8 4c 69 42 00 fb 65 8b 05 cc 34 b2 7e 85 c0 74 52 5b 5d c3 cc cc cc cc 65 8b 05 4e e9 b0 7e 85 c0 75 9e 90 <0f> 0b 90 eb 98 e8 73 67 42 00 eb 99 48 89 ef e8 f9 df 19 00 eb a2 [ 75.263427][ T28] RSP: 0018:ffffc90000a47758 EFLAGS: 00010046 [ 75.269499][ T28] RAX: 0000000000000000 RBX: 0000000000000201 RCX: 1ffffffff1f3d467 [ 75.277476][ T28] RDX: 0000000000000000 RSI: 0000000000000201 RDI: ffffffff88cb2754 [ 75.285443][ T28] RBP: ffffffff88cb2754 R08: 0000000000000000 R09: ffffed1005e46e01 [ 75.293436][ T28] R10: ffff88802f23700b R11: 0000000000000001 R12: fffffffffffffffe [ 75.301418][ T28] R13: ffff88802f237008 R14: ffff88802f237000 R15: 00000000049396b8 [ 75.309400][ T28] ? sock_hash_delete_elem+0x1f4/0x260 [ 75.314874][ T28] ? sock_hash_delete_elem+0x1f4/0x260 [ 75.320344][ T28] sock_hash_delete_elem+0x1f4/0x260 [ 75.325638][ T28] ? __pfx_bpf_map_delete_elem+0x10/0x10 [ 75.331277][ T28] ___bpf_prog_run+0x3e51/0xae80 [ 75.336228][ T28] ? __pfx_data_push_tail+0x10/0x10 [ 75.341430][ T28] __bpf_prog_run32+0xc1/0x100 [ 75.346194][ T28] ? __pfx___bpf_prog_run32+0x10/0x10 [ 75.351569][ T28] ? __pfx_lock_acquire+0x10/0x10 [ 75.356611][ T28] ? __pfx___cant_migrate+0x10/0x10 [ 75.361819][ T28] bpf_trace_run2+0x151/0x420 [ 75.366504][ T28] ? __pfx_bpf_trace_run2+0x10/0x10 [ 75.371699][ T28] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 75.377612][ T28] ? vsnprintf+0x3cd/0x1880 [ 75.382125][ T28] __bpf_trace_console+0xc7/0x100 [ 75.387160][ T28] ? __pfx___bpf_trace_console+0x10/0x10 [ 75.392800][ T28] ? printk_parse_prefix+0x66/0x250 [ 75.398005][ T28] printk_sprint+0x1e9/0x300 [ 75.402597][ T28] vprintk_store+0x4e4/0xb70 [ 75.407291][ T28] ? __pfx_vprintk_store+0x10/0x10 [ 75.412492][ T28] ? __pfx___lock_acquire+0x10/0x10 [ 75.417699][ T28] ? lock_acquire+0x1b1/0x540 [ 75.422381][ T28] ? find_held_lock+0x2d/0x110 [ 75.427149][ T28] vprintk_emit+0xac/0x5a0 [ 75.431569][ T28] ? __pfx_kauditd_send_multicast_skb+0x10/0x10 [ 75.437899][ T28] vprintk+0x7f/0xa0 [ 75.441797][ T28] _printk+0xc8/0x100 [ 75.445791][ T28] ? __pfx__printk+0x10/0x10 [ 75.450392][ T28] ? ___ratelimit+0x24c/0x580 [ 75.455076][ T28] ? __pfx____ratelimit+0x10/0x10 [ 75.460105][ T28] ? kauditd_hold_skb+0x1b2/0x240 [ 75.465144][ T28] kauditd_hold_skb+0x1fb/0x240 [ 75.469996][ T28] kauditd_send_queue+0x236/0x290 [ 75.475021][ T28] ? __pfx_kauditd_hold_skb+0x10/0x10 [ 75.480398][ T28] kauditd_thread+0x61e/0xa80 [ 75.485163][ T28] ? __pfx_kauditd_thread+0x10/0x10 [ 75.490369][ T28] ? __pfx_autoremove_wake_function+0x10/0x10 [ 75.496440][ T28] ? lockdep_hardirqs_on+0x7c/0x110 [ 75.501650][ T28] ? __kthread_parkme+0x148/0x220 [ 75.506679][ T28] ? __pfx_kauditd_thread+0x10/0x10 [ 75.511888][ T28] kthread+0x2c1/0x3a0 [ 75.515964][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 75.521172][ T28] ? __pfx_kthread+0x10/0x10 [ 75.525772][ T28] ret_from_fork+0x45/0x80 [ 75.530196][ T28] ? __pfx_kthread+0x10/0x10 [ 75.534793][ T28] ret_from_fork_asm+0x1a/0x30 [ 75.539573][ T28] [ 75.542668][ T28] Kernel Offset: disabled [ 75.547009][ T28] Rebooting in 86400 seconds..