./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2561114461 <...> Warning: Permanently added '10.128.1.94' (ED25519) to the list of known hosts. execve("./syz-executor2561114461", ["./syz-executor2561114461"], 0x7ffda3193ff0 /* 10 vars */) = 0 brk(NULL) = 0x555556e07000 brk(0x555556e07d00) = 0x555556e07d00 arch_prctl(ARCH_SET_FS, 0x555556e07380) = 0 set_tid_address(0x555556e07650) = 293 set_robust_list(0x555556e07660, 24) = 0 rseq(0x555556e07ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2561114461", 4096) = 28 getrandom("\xdc\xe9\x8e\xb2\x22\xd9\x3f\x6b", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556e07d00 brk(0x555556e28d00) = 0x555556e28d00 brk(0x555556e29000) = 0x555556e29000 mprotect(0x7f4492ed8000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e07650) = 294 ./strace-static-x86_64: Process 294 attached [pid 294] set_robust_list(0x555556e07660, 24) = 0 [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 295 attached , child_tidptr=0x555556e07650) = 295 [pid 294] <... clone resumed>, child_tidptr=0x555556e07650) = 296 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 296 attached [pid 296] set_robust_list(0x555556e07660, 24) = 0 [pid 296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 296] setpgid(0, 0) = 0 [pid 293] <... clone resumed>, child_tidptr=0x555556e07650) = 297 [pid 296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 295] set_robust_list(0x555556e07660, 24./strace-static-x86_64: Process 297 attached [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] <... set_robust_list resumed>) = 0 [pid 293] <... clone resumed>, child_tidptr=0x555556e07650) = 298 [pid 293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 296] <... openat resumed>) = 3 [pid 296] write(3, "1000", 4) = 4 [pid 296] close(3) = 0 [pid 296] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72./strace-static-x86_64: Process 300 attached ./strace-static-x86_64: Process 298 attached [pid 293] <... clone resumed>, child_tidptr=0x555556e07650) = 299 [pid 297] set_robust_list(0x555556e07660, 24 [pid 295] <... clone resumed>, child_tidptr=0x555556e07650) = 300 [pid 297] <... set_robust_list resumed>) = 0 [pid 298] set_robust_list(0x555556e07660, 24 [pid 300] set_robust_list(0x555556e07660, 24 [pid 298] <... set_robust_list resumed>) = 0 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 300] <... set_robust_list resumed>) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] <... clone resumed>, child_tidptr=0x555556e07650) = 301 ./strace-static-x86_64: Process 302 attached [pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 296] <... bpf resumed>) = 3 [pid 296] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 302] set_robust_list(0x555556e07660, 24 [pid 300] <... prctl resumed>) = 0 [pid 298] <... clone resumed>, child_tidptr=0x555556e07650) = 302 [pid 300] setpgid(0, 0./strace-static-x86_64: Process 301 attached ./strace-static-x86_64: Process 299 attached [pid 302] <... set_robust_list resumed>) = 0 [pid 300] <... setpgid resumed>) = 0 [pid 296] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 302] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 300] <... openat resumed>) = 3 [pid 300] write(3, "1000", 4 [pid 302] <... prctl resumed>) = 0 [pid 300] <... write resumed>) = 4 [pid 302] setpgid(0, 0 [pid 299] set_robust_list(0x555556e07660, 24 [pid 302] <... setpgid resumed>) = 0 [pid 300] close(3 [pid 299] <... set_robust_list resumed>) = 0 [pid 302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 300] <... close resumed>) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 296] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 300] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 302] <... openat resumed>) = 3 [pid 302] write(3, "1000", 4 [pid 300] <... bpf resumed>) = 3 [pid 302] <... write resumed>) = 4 [pid 300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 302] close(3 [pid 301] set_robust_list(0x555556e07660, 24 [pid 300] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 302] <... close resumed>) = 0 [pid 301] <... set_robust_list resumed>) = 0 [pid 300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 299] <... clone resumed>, child_tidptr=0x555556e07650) = 303 [pid 302] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 301] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 303 attached [pid 303] set_robust_list(0x555556e07660, 24) = 0 [pid 303] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 303] setpgid(0, 0) = 0 [pid 303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 303] write(3, "1000", 4) = 4 [pid 303] close(3) = 0 [pid 303] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 303] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 303] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 302] <... bpf resumed>) = 3 [pid 302] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 302] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 301] <... prctl resumed>) = 0 [pid 301] setpgid(0, 0) = 0 [pid 301] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 301] write(3, "1000", 4) = 4 [pid 301] close(3) = 0 [ 21.278345][ T30] audit: type=1400 audit(1714128944.290:66): avc: denied { execmem } for pid=293 comm="syz-executor256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 21.288173][ T30] audit: type=1400 audit(1714128944.300:67): avc: denied { map_create } for pid=296 comm="syz-executor256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 21.291574][ T30] audit: type=1400 audit(1714128944.300:68): avc: denied { map_read map_write } for pid=296 comm="syz-executor256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 21.295057][ T30] audit: type=1400 audit(1714128944.300:69): avc: denied { prog_load } for pid=296 comm="syz-executor256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [pid 301] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 301] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [ 21.310134][ T30] audit: type=1400 audit(1714128944.310:70): avc: denied { bpf } for pid=300 comm="syz-executor256" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 21.332766][ T30] audit: type=1400 audit(1714128944.310:71): avc: denied { perfmon } for pid=300 comm="syz-executor256" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 21.354249][ T30] audit: type=1400 audit(1714128944.320:72): avc: denied { bpf } for pid=296 comm="syz-executor256" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 21.375326][ T30] audit: type=1400 audit(1714128944.320:73): avc: denied { perfmon } for pid=296 comm="syz-executor256" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [pid 301] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 303] <... bpf resumed>) = 4 [pid 302] <... bpf resumed>) = 4 [pid 301] <... bpf resumed>) = 4 [pid 296] <... bpf resumed>) = 4 [pid 301] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16) = 5 [pid 303] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 296] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 301] exit_group(0) = ? [pid 303] <... bpf resumed>) = 5 [pid 301] +++ exited with 0 +++ [pid 296] <... bpf resumed>) = 5 [pid 302] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16) = 5 [pid 302] exit_group(0) = ? [pid 302] +++ exited with 0 +++ [pid 300] <... bpf resumed>) = 4 [pid 300] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16) = 5 [pid 300] exit_group(0) = ? [pid 296] exit_group(0 [pid 303] exit_group(0 [pid 296] <... exit_group resumed>) = ? [pid 300] +++ exited with 0 +++ [pid 303] <... exit_group resumed>) = ? [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=302, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=301, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=300, si_uid=0, si_status=0, si_utime=0, si_stime=25} --- [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 295] <... clone resumed>, child_tidptr=0x555556e07650) = 304 [pid 297] <... clone resumed>, child_tidptr=0x555556e07650) = 305 [pid 298] <... clone resumed>, child_tidptr=0x555556e07650) = 306 ./strace-static-x86_64: Process 304 attached [pid 304] set_robust_list(0x555556e07660, 24) = 0 [pid 304] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 304] setpgid(0, 0) = 0 [pid 304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 304] write(3, "1000", 4) = 4 [pid 304] close(3) = 0 [pid 304] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 304] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 304] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144./strace-static-x86_64: Process 306 attached ./strace-static-x86_64: Process 305 attached [pid 306] set_robust_list(0x555556e07660, 24 [pid 305] set_robust_list(0x555556e07660, 24 [pid 304] <... bpf resumed>) = 4 [pid 306] <... set_robust_list resumed>) = 0 [pid 305] <... set_robust_list resumed>) = 0 [pid 306] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 305] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 306] <... prctl resumed>) = 0 [pid 305] <... prctl resumed>) = 0 [pid 306] setpgid(0, 0 [pid 305] setpgid(0, 0 [pid 306] <... setpgid resumed>) = 0 [pid 305] <... setpgid resumed>) = 0 [pid 306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 306] <... openat resumed>) = 3 [pid 305] <... openat resumed>) = 3 [pid 306] write(3, "1000", 4 [pid 305] write(3, "1000", 4 [pid 306] <... write resumed>) = 4 [pid 305] <... write resumed>) = 4 [pid 306] close(3 [pid 305] close(3 [pid 306] <... close resumed>) = 0 [pid 305] <... close resumed>) = 0 [pid 306] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 305] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 306] <... bpf resumed>) = 3 [pid 305] <... bpf resumed>) = 3 [pid 306] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 305] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 306] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 305] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 306] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 305] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 306] <... bpf resumed>) = 4 [pid 305] <... bpf resumed>) = 4 [pid 306] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 305] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 304] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 303] +++ exited with 0 +++ [pid 296] +++ exited with 0 +++ [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=296, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=303, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 294] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 299] <... restart_syscall resumed>) = 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 299] <... clone resumed>, child_tidptr=0x555556e07650) = 308 ./strace-static-x86_64: Process 308 attached [pid 308] set_robust_list(0x555556e07660, 24) = 0 [pid 308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 308] setpgid(0, 0) = 0 [pid 308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 294] <... clone resumed>, child_tidptr=0x555556e07650) = 309 [pid 308] <... openat resumed>) = 3 [pid 308] write(3, "1000", 4) = 4 [pid 308] close(3) = 0 [pid 308] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 308] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 308] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 308] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16./strace-static-x86_64: Process 309 attached [pid 309] set_robust_list(0x555556e07660, 24) = 0 [pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 309] setpgid(0, 0) = 0 [pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 309] write(3, "1000", 4) = 4 [pid 309] close(3) = 0 [pid 309] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 309] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 306] <... bpf resumed>) = 5 [pid 309] <... bpf resumed>) = 5 [pid 308] <... bpf resumed>) = 5 [pid 305] <... bpf resumed>) = 5 [pid 304] <... bpf resumed>) = 5 [pid 306] exit_group(0 [pid 305] exit_group(0 [pid 306] <... exit_group resumed>) = ? [pid 304] exit_group(0 [pid 305] <... exit_group resumed>) = ? [pid 306] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 298] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 308] exit_group(0 [pid 305] +++ exited with 0 +++ [pid 304] <... exit_group resumed>) = ? [pid 298] <... clone resumed>, child_tidptr=0x555556e07650) = 310 ./strace-static-x86_64: Process 310 attached [pid 310] set_robust_list(0x555556e07660, 24) = 0 [pid 304] +++ exited with 0 +++ [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 295] restart_syscall(<... resuming interrupted clone ...> [pid 310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 295] <... restart_syscall resumed>) = 0 [pid 309] exit_group(0 [pid 308] <... exit_group resumed>) = ? [pid 297] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 311 attached [pid 309] <... exit_group resumed>) = ? [pid 295] <... clone resumed>, child_tidptr=0x555556e07650) = 311 [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 310] setpgid(0, 0) = 0 [pid 310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 297] <... clone resumed>, child_tidptr=0x555556e07650) = 312 [pid 310] <... openat resumed>) = 3 [pid 310] write(3, "1000", 4) = 4 [pid 311] set_robust_list(0x555556e07660, 24 [pid 310] close(3) = 0 [pid 310] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 311] <... set_robust_list resumed>) = 0 [pid 310] <... bpf resumed>) = 3 [pid 310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 311] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 310] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 311] <... prctl resumed>) = 0 [pid 310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 311] setpgid(0, 0) = 0 [pid 311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 310] <... bpf resumed>) = 4 [pid 310] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16./strace-static-x86_64: Process 312 attached [pid 312] set_robust_list(0x555556e07660, 24) = 0 [pid 311] <... openat resumed>) = 3 [pid 312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 312] setpgid(0, 0) = 0 [pid 311] write(3, "1000", 4 [pid 312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 311] <... write resumed>) = 4 [pid 311] close(3) = 0 [pid 312] <... openat resumed>) = 3 [pid 312] write(3, "1000", 4) = 4 [pid 311] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 312] close(3) = 0 [pid 311] <... bpf resumed>) = 3 [pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 312] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 [pid 311] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 312] <... bpf resumed>) = 3 [pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 312] <... bpf resumed>) = -1 EFAULT (Bad address) [pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 311] <... bpf resumed>) = 4 [pid 312] <... bpf resumed>) = 4 [pid 312] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [ 21.553782][ T30] audit: type=1400 audit(1714128944.560:74): avc: denied { prog_run } for pid=302 comm="syz-executor256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 21.573941][ T30] audit: type=1400 audit(1714128944.560:75): avc: denied { prog_run } for pid=303 comm="syz-executor256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [pid 311] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 309] +++ exited with 0 +++ [pid 308] +++ exited with 0 +++ [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=308, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 294] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=309, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 313 attached [pid 313] set_robust_list(0x555556e07660, 24) = 0 [pid 313] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 299] <... clone resumed>, child_tidptr=0x555556e07650) = 313 [pid 313] <... prctl resumed>) = 0 [pid 294] <... clone resumed>, child_tidptr=0x555556e07650) = 314 [pid 313] setpgid(0, 0) = 0 [pid 313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 313] write(3, "1000", 4) = 4 [pid 313] close(3) = 0 [pid 313] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 313] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 313] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 313] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16./strace-static-x86_64: Process 314 attached [pid 314] set_robust_list(0x555556e07660, 24) = 0 [pid 314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 314] setpgid(0, 0) = 0 [pid 314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 314] write(3, "1000", 4) = 4 [pid 314] close(3) = 0 [pid 314] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 314] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 314] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 314] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 312] <... bpf resumed>) = 5 [pid 310] <... bpf resumed>) = 5 [pid 314] <... bpf resumed>) = 5 [pid 313] <... bpf resumed>) = 5 [pid 312] exit_group(0 [pid 311] <... bpf resumed>) = 5 [pid 312] <... exit_group resumed>) = ? [pid 310] exit_group(0 [pid 314] exit_group(0 [pid 313] exit_group(0 [pid 312] +++ exited with 0 +++ [pid 311] exit_group(0 [pid 314] <... exit_group resumed>) = ? [pid 313] <... exit_group resumed>) = ? [pid 311] <... exit_group resumed>) = ? [pid 310] <... exit_group resumed>) = ? [pid 297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=312, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 297] restart_syscall(<... resuming interrupted clone ...> [pid 310] +++ exited with 0 +++ [pid 298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=310, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 313] +++ exited with 0 +++ [pid 297] <... restart_syscall resumed>) = 0 [pid 299] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=313, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 299] restart_syscall(<... resuming interrupted clone ...> [pid 297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556e07650) = 315 ./strace-static-x86_64: Process 315 attached [pid 299] <... restart_syscall resumed>) = 0 [pid 298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 315] set_robust_list(0x555556e07660, 24) = 0 [pid 315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 315] setpgid(0, 0 [pid 299] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 298] <... clone resumed>, child_tidptr=0x555556e07650) = 316 [pid 315] <... setpgid resumed>) = 0 [pid 315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 299] <... clone resumed>, child_tidptr=0x555556e07650) = 317 [pid 315] <... openat resumed>) = 3 [pid 315] write(3, "1000", 4) = 4 [pid 315] close(3) = 0 [pid 315] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72./strace-static-x86_64: Process 316 attached ) = 3 [pid 315] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 315] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 [pid 316] set_robust_list(0x555556e07660, 24) = 0 [pid 315] <... bpf resumed>) = 4 [pid 315] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 316] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 317 attached [pid 317] set_robust_list(0x555556e07660, 24) = 0 [pid 317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 317] setpgid(0, 0 [pid 316] <... prctl resumed>) = 0 [pid 317] <... setpgid resumed>) = 0 [pid 317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 317] write(3, "1000", 4) = 4 [pid 317] close(3) = 0 [pid 317] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 317] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 317] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 317] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="workqueue_queue_work", prog_fd=4}}, 16 [pid 316] setpgid(0, 0) = 0 [pid 316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 316] write(3, "1000", 4) = 4 [pid 316] close(3) = 0 [pid 316] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=2, value_size=4, max_entries=2, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3 [pid 316] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 316] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [ 121.737118][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 121.743912][ C1] rcu: 0-...!: (0 ticks this GP) idle=8b1/1/0x4000000000000000 softirq=1982/1984 fqs=0 last_accelerate: 92ff/ba15 dyntick_enabled: 1 [ 121.757437][ C1] (detected by 1, t=10006 jiffies, g=489, q=53) [ 121.763596][ C1] Sending NMI from CPU 1 to CPUs 0: [ 121.768697][ C0] NMI backtrace for cpu 0 [ 121.768731][ C0] CPU: 0 PID: 307 Comm: kworker/0:3 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 121.768751][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 121.768773][ C0] Workqueue: events bpf_prog_free_deferred [ 121.768815][ C0] RIP: 0010:kvm_wait+0x117/0x180 [ 121.768836][ C0] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 53 41 0f b6 45 00 44 38 f0 0f 85 63 ff ff ff 66 90 0f 00 2d 8a 03 f3 03 f4 54 ff ff ff fa 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b [ 121.768850][ C0] RSP: 0018:ffffc90000007860 EFLAGS: 00000046 [ 121.768864][ C0] RAX: 0000000000000003 RBX: 1ffff92000000f10 RCX: ffffffff8154fa7f [ 121.768877][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881f70365c0 [ 121.768889][ C0] RBP: ffffc90000007910 R08: dffffc0000000000 R09: ffffed103ee06cb9 [ 121.768902][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 121.768914][ C0] R13: ffff8881f70365c0 R14: 0000000000000003 R15: 1ffff92000000f14 [ 121.768927][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 121.768942][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 121.768955][ C0] CR2: 0000000000000000 CR3: 0000000120b39000 CR4: 00000000003506b0 [ 121.768969][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 121.768979][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 121.768990][ C0] Call Trace: [ 121.768997][ C0] [ 121.769011][ C0] ? show_regs+0x58/0x60 [ 121.769040][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 121.769074][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 121.769109][ C0] ? kvm_wait+0x117/0x180 [ 121.769135][ C0] ? kvm_wait+0x117/0x180 [ 121.769162][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 121.769193][ C0] ? nmi_handle+0xa8/0x280 [ 121.769223][ C0] ? kvm_wait+0x117/0x180 [ 121.769250][ C0] ? default_do_nmi+0x69/0x160 [ 121.769280][ C0] ? exc_nmi+0xaf/0x120 [ 121.769307][ C0] ? end_repeat_nmi+0x16/0x31 [ 121.769336][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 121.769371][ C0] ? kvm_wait+0x117/0x180 [ 121.769387][ C0] ? kvm_wait+0x117/0x180 [ 121.769403][ C0] ? kvm_wait+0x117/0x180 [ 121.769418][ C0] [ 121.769423][ C0] [ 121.769429][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 121.769448][ C0] ? pv_hash+0x86/0x150 [ 121.769466][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 121.769485][ C0] ? sock_hash_delete_elem+0x2a2/0x2f0 [ 121.769507][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 121.769529][ C0] _raw_spin_lock+0x139/0x1b0 [ 121.769547][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 121.769569][ C0] __queue_work+0x58c/0xcd0 [ 121.769590][ C0] queue_work_on+0x105/0x170 [ 121.769608][ C0] ? wq_worker_last_func+0x50/0x50 [ 121.769626][ C0] ? free_uid+0x16c/0x2f0 [ 121.769642][ C0] ? file_free_rcu+0x9f/0xb0 [ 121.769661][ C0] bpf_prog_free+0x13c/0x150 [ 121.769679][ C0] __bpf_prog_put_rcu+0xaf/0xc0 [ 121.769702][ C0] ? __bpf_prog_put_noref+0x2c0/0x2c0 [ 121.769719][ C0] rcu_do_batch+0x57a/0xc10 [ 121.769741][ C0] ? local_bh_enable+0x20/0x20 [ 121.769759][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 121.769779][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 121.769800][ C0] ? rcu_report_qs_rnp+0x381/0x390 [ 121.769819][ C0] rcu_core+0x517/0x1020 [ 121.769839][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 121.769858][ C0] ? sched_clock_cpu+0x18/0x3b0 [ 121.769877][ C0] ? irqtime_account_irq+0x79/0x3c0 [ 121.769895][ C0] rcu_core_si+0x9/0x10 [ 121.769924][ C0] __do_softirq+0x26d/0x5bf [ 121.769941][ C0] do_softirq+0xf6/0x150 [ 121.769959][ C0] [ 121.769964][ C0] [ 121.769969][ C0] ? __local_bh_enable_ip+0x80/0x80 [ 121.769986][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 121.770004][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 121.770021][ C0] ? ret_from_fork+0x1f/0x30 [ 121.770039][ C0] __local_bh_enable_ip+0x75/0x80 [ 121.770056][ C0] _raw_spin_unlock_bh+0x51/0x60 [ 121.770074][ C0] sock_hash_delete_elem+0x2a2/0x2f0 [ 121.770093][ C0] bpf_prog_bc4ba9860fbb0da4+0x3e/0x4a8 [ 121.770108][ C0] bpf_trace_run3+0x11e/0x250 [ 121.770127][ C0] ? bpf_trace_run2+0x210/0x210 [ 121.770145][ C0] ? __kasan_check_write+0x14/0x20 [ 121.770162][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 121.770180][ C0] __bpf_trace_workqueue_queue_work+0x2b/0x40 [ 121.770199][ C0] ? perf_trace_workqueue_execute_end+0x3c0/0x3c0 [ 121.770218][ C0] __traceiter_workqueue_queue_work+0x81/0xd0 [ 121.770237][ C0] __queue_work+0xb7d/0xcd0 [ 121.770256][ C0] queue_work_on+0x105/0x170 [ 121.770274][ C0] ? wq_worker_last_func+0x50/0x50 [ 121.770294][ C0] bpf_map_put+0x1e0/0x250 [ 121.770309][ C0] bpf_prog_free_deferred+0x132/0x730 [ 121.770329][ C0] process_one_work+0x6bb/0xc10 [ 121.770347][ C0] worker_thread+0xad5/0x12a0 [ 121.770363][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 121.770385][ C0] kthread+0x421/0x510 [ 121.770400][ C0] ? worker_clr_flags+0x180/0x180 [ 121.770415][ C0] ? kthread_blkcg+0xd0/0xd0 [ 121.770432][ C0] ret_from_fork+0x1f/0x30 [ 121.770452][ C0] [ 121.770458][ C0] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.761 msecs [ 121.770640][ C1] rcu: rcu_preempt kthread starved for 10006 jiffies! g489 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 122.276726][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 122.286531][ C1] rcu: RCU grace-period kthread stack dump: [ 122.292270][ C1] task:rcu_preempt state:R running task stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 122.302853][ C1] Call Trace: [ 122.305971][ C1] [ 122.308752][ C1] __schedule+0xccc/0x1590 [ 122.313011][ C1] ? __sched_text_start+0x8/0x8 [ 122.317703][ C1] ? __kasan_check_write+0x14/0x20 [ 122.322639][ C1] schedule+0x11f/0x1e0 [ 122.326632][ C1] schedule_timeout+0x18c/0x370 [ 122.331319][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 122.336351][ C1] ? console_conditional_schedule+0x30/0x30 [ 122.342078][ C1] ? update_process_times+0x200/0x200 [ 122.347286][ C1] ? prepare_to_swait_event+0x308/0x320 [ 122.352670][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 122.357270][ C1] ? debug_smp_processor_id+0x17/0x20 [ 122.362483][ C1] ? __note_gp_changes+0x4ab/0x920 [ 122.367423][ C1] ? rcu_gp_init+0xc30/0xc30 [ 122.371849][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 122.376904][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 122.381308][ C1] rcu_gp_kthread+0xa4/0x350 [ 122.385733][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.390425][ C1] ? rcu_barrier_callback+0x50/0x50 [ 122.395458][ C1] ? __kasan_check_read+0x11/0x20 [ 122.400314][ C1] ? __kthread_parkme+0xb2/0x200 [ 122.405088][ C1] kthread+0x421/0x510 [ 122.408993][ C1] ? rcu_barrier_callback+0x50/0x50 [ 122.414136][ C1] ? kthread_blkcg+0xd0/0xd0 [ 122.418573][ C1] ret_from_fork+0x1f/0x30 [ 122.423003][ C1] [ 122.425873][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 122.432026][ C1] NMI backtrace for cpu 1 [ 122.436198][ C1] CPU: 1 PID: 39 Comm: kworker/1:1 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 122.445826][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 122.455722][ C1] Workqueue: events bpf_prog_free_deferred [ 122.461479][ C1] Call Trace: [ 122.464604][ C1] [ 122.467297][ C1] dump_stack_lvl+0x151/0x1b7 [ 122.471805][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 122.477280][ C1] dump_stack+0x15/0x17 [ 122.481266][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 122.486040][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 122.492029][ C1] ? panic+0x751/0x751 [ 122.495936][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 122.501837][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 122.507651][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 122.513554][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 122.519282][ C1] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 122.525269][ C1] print_other_cpu_stall+0x112d/0x1340 [ 122.530565][ C1] ? print_cpu_stall+0x5f0/0x5f0 [ 122.535339][ C1] rcu_sched_clock_irq+0xaec/0x12f0 [ 122.540381][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 122.546363][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 122.551394][ C1] update_process_times+0x198/0x200 [ 122.556608][ C1] tick_sched_timer+0x188/0x240 [ 122.561287][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 122.566669][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 122.571705][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 122.576653][ C1] ? clockevents_program_event+0x22f/0x300 [ 122.582291][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 122.588194][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 122.592971][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 122.598697][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 122.604164][ C1] [ 122.606940][ C1] [ 122.609719][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.615533][ C1] RIP: 0010:smp_call_function_many_cond+0x843/0x9b0 [ 122.621957][ C1] Code: 45 8b 7d 00 44 89 fe 83 e6 01 31 ff e8 76 a8 0a 00 41 83 e7 01 49 bf 00 00 00 00 00 fc ff df 75 07 e8 b1 a4 0a 00 eb 38 f3 90 <42> 0f b6 04 3b 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 95 a4 [ 122.641397][ C1] RSP: 0018:ffffc9000028f880 EFLAGS: 00000293 [ 122.647300][ C1] RAX: ffffffff8165819b RBX: 1ffff1103ee07971 RCX: ffff8881081fbb40 [ 122.655198][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 122.663008][ C1] RBP: ffffc9000028f988 R08: ffffffff8165816a R09: ffffc9000028f7c0 [ 122.670819][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 122.678630][ C1] R13: ffff8881f703cb88 R14: ffff8881f7138280 R15: dffffc0000000000 [ 122.686443][ C1] ? smp_call_function_many_cond+0x82a/0x9b0 [ 122.692257][ C1] ? smp_call_function_many_cond+0x85b/0x9b0 [ 122.698080][ C1] ? flush_tlb_all+0x30/0x30 [ 122.702501][ C1] ? smp_call_function_many+0x40/0x40 [ 122.707708][ C1] ? __kasan_check_write+0x14/0x20 [ 122.712655][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 122.717255][ C1] ? flush_tlb_all+0x30/0x30 [ 122.721681][ C1] on_each_cpu_cond_mask+0x40/0x80 [ 122.726634][ C1] flush_tlb_kernel_range+0x49/0x210 [ 122.731749][ C1] __purge_vmap_area_lazy+0x230/0x1690 [ 122.737043][ C1] ? cpumask_next+0x8a/0xb0 [ 122.741386][ C1] ? purge_fragmented_blocks_allcpus+0x80b/0x920 [ 122.747545][ C1] ? purge_fragmented_blocks_allcpus+0x89b/0x920 [ 122.753709][ C1] ? mutex_lock+0xb6/0x1e0 [ 122.757960][ C1] ? purge_fragmented_blocks_allcpus+0x920/0x920 [ 122.764130][ C1] _vm_unmap_aliases+0x339/0x3b0 [ 122.768898][ C1] __vunmap+0x617/0x8f0 [ 122.772889][ C1] vfree+0x7f/0xb0 [ 122.776449][ C1] module_memfree+0x17/0x30 [ 122.780785][ C1] bpf_jit_free_exec+0x15/0x20 [ 122.785386][ C1] bpf_jit_free+0x98/0x240 [ 122.789642][ C1] bpf_prog_free_deferred+0x61e/0x730 [ 122.794846][ C1] process_one_work+0x6bb/0xc10 [ 122.799536][ C1] worker_thread+0xad5/0x12a0 [ 122.804046][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.808740][ C1] kthread+0x421/0x510 [ 122.812637][ C1] ? worker_clr_flags+0x180/0x180 [ 122.817499][ C1] ? kthread_blkcg+0xd0/0xd0 [ 122.821928][ C1] ret_from_fork+0x1f/0x30 [ 122.826182][ C1] [ 265.011003][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [kworker/1:1:39] [ 265.019092][ C1] Modules linked in: [ 265.022828][ C1] CPU: 1 PID: 39 Comm: kworker/1:1 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 265.032452][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.042354][ C1] Workqueue: events bpf_prog_free_deferred [ 265.047992][ C1] RIP: 0010:smp_call_function_many_cond+0x843/0x9b0 [ 265.054417][ C1] Code: 45 8b 7d 00 44 89 fe 83 e6 01 31 ff e8 76 a8 0a 00 41 83 e7 01 49 bf 00 00 00 00 00 fc ff df 75 07 e8 b1 a4 0a 00 eb 38 f3 90 <42> 0f b6 04 3b 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 95 a4 [ 265.074287][ C1] RSP: 0018:ffffc9000028f880 EFLAGS: 00000293 [ 265.080187][ C1] RAX: ffffffff8165819b RBX: 1ffff1103ee07971 RCX: ffff8881081fbb40 [ 265.087997][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 265.095808][ C1] RBP: ffffc9000028f988 R08: ffffffff8165816a R09: ffffc9000028f7c0 [ 265.103623][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 265.111433][ C1] R13: ffff8881f703cb88 R14: ffff8881f7138280 R15: dffffc0000000000 [ 265.119246][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 265.128010][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.134433][ C1] CR2: 0000000000000000 CR3: 0000000120bc4000 CR4: 00000000003506a0 [ 265.142249][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.150053][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.157865][ C1] Call Trace: [ 265.160999][ C1] [ 265.163700][ C1] ? show_regs+0x58/0x60 [ 265.167761][ C1] ? watchdog_timer_fn+0x4b1/0x5f0 [ 265.172710][ C1] ? proc_watchdog_cpumask+0xd0/0xd0 [ 265.177828][ C1] ? __hrtimer_run_queues+0x41a/0xad0 [ 265.183037][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 265.187983][ C1] ? clockevents_program_event+0x22f/0x300 [ 265.193624][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 265.199528][ C1] ? hrtimer_interrupt+0x40c/0xaa0 [ 265.204486][ C1] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 265.210378][ C1] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 265.216025][ C1] [ 265.218799][ C1] [ 265.221573][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.227561][ C1] ? smp_call_function_many_cond+0x82a/0x9b0 [ 265.233375][ C1] ? smp_call_function_many_cond+0x85b/0x9b0 [ 265.239194][ C1] ? smp_call_function_many_cond+0x843/0x9b0 [ 265.245009][ C1] ? flush_tlb_all+0x30/0x30 [ 265.249523][ C1] ? smp_call_function_many+0x40/0x40 [ 265.254726][ C1] ? __kasan_check_write+0x14/0x20 [ 265.259815][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 265.264411][ C1] ? flush_tlb_all+0x30/0x30 [ 265.268846][ C1] on_each_cpu_cond_mask+0x40/0x80 [ 265.273787][ C1] flush_tlb_kernel_range+0x49/0x210 [ 265.278909][ C1] __purge_vmap_area_lazy+0x230/0x1690 [ 265.284202][ C1] ? cpumask_next+0x8a/0xb0 [ 265.288541][ C1] ? purge_fragmented_blocks_allcpus+0x80b/0x920 [ 265.294704][ C1] ? purge_fragmented_blocks_allcpus+0x89b/0x920 [ 265.300869][ C1] ? mutex_lock+0xb6/0x1e0 [ 265.305118][ C1] ? purge_fragmented_blocks_allcpus+0x920/0x920 [ 265.311285][ C1] _vm_unmap_aliases+0x339/0x3b0 [ 265.316055][ C1] __vunmap+0x617/0x8f0 [ 265.320061][ C1] vfree+0x7f/0xb0 [ 265.323606][ C1] module_memfree+0x17/0x30 [ 265.327946][ C1] bpf_jit_free_exec+0x15/0x20 [ 265.332552][ C1] bpf_jit_free+0x98/0x240 [ 265.336797][ C1] bpf_prog_free_deferred+0x61e/0x730 [ 265.342007][ C1] process_one_work+0x6bb/0xc10 [ 265.346695][ C1] worker_thread+0xad5/0x12a0 [ 265.351221][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 265.355896][ C1] kthread+0x421/0x510 [ 265.359804][ C1] ? worker_clr_flags+0x180/0x180 [ 265.364661][ C1] ? kthread_blkcg+0xd0/0xd0 [ 265.369085][ C1] ret_from_fork+0x1f/0x30 [ 265.373357][ C1]