tclass=fifo_file permissive=1 [ 16.154973][ T30] audit: type=1400 audit(1713927061.980:64): avc: denied { rlimitinh } for pid=227 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 16.157763][ T30] audit: type=1400 audit(1713927061.980:65): avc: denied { siginh } for pid=227 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.1.93' (ED25519) to the list of known hosts. 2024/04/24 02:51:09 fuzzer started 2024/04/24 02:51:09 dialing manager at 10.128.0.163:30004 [ 23.807805][ T30] audit: type=1400 audit(1713927069.640:66): avc: denied { node_bind } for pid=285 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 23.828132][ T30] audit: type=1400 audit(1713927069.640:67): avc: denied { name_bind } for pid=285 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 24.077588][ T30] audit: type=1400 audit(1713927069.910:68): avc: denied { integrity } for pid=293 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 24.082139][ T293] cgroup: Unknown subsys name 'net' [ 24.099781][ T30] audit: type=1400 audit(1713927069.920:69): avc: denied { mounton } for pid=293 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 24.127256][ T30] audit: type=1400 audit(1713927069.920:70): avc: denied { mount } for pid=293 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 24.127695][ T293] cgroup: Unknown subsys name 'devices' [ 24.149150][ T30] audit: type=1400 audit(1713927069.940:71): avc: denied { unmount } for pid=293 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 24.350055][ T293] cgroup: Unknown subsys name 'hugetlb' [ 24.355518][ T293] cgroup: Unknown subsys name 'rlimit' [ 24.540169][ T30] audit: type=1400 audit(1713927070.380:72): avc: denied { mounton } for pid=293 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 24.564851][ T30] audit: type=1400 audit(1713927070.380:73): avc: denied { mount } for pid=293 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 24.573888][ T294] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 24.588349][ T30] audit: type=1400 audit(1713927070.380:74): avc: denied { setattr } for pid=293 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 24.619353][ T30] audit: type=1400 audit(1713927070.430:75): avc: denied { relabelto } for pid=294 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/04/24 02:51:10 code coverage: enabled 2024/04/24 02:51:10 comparison tracing: enabled 2024/04/24 02:51:10 extra coverage: enabled 2024/04/24 02:51:10 delay kcov mmap: mmap returned an invalid pointer 2024/04/24 02:51:10 setuid sandbox: enabled 2024/04/24 02:51:10 namespace sandbox: enabled 2024/04/24 02:51:10 Android sandbox: enabled 2024/04/24 02:51:10 fault injection: enabled 2024/04/24 02:51:10 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/24 02:51:10 net packet injection: enabled 2024/04/24 02:51:10 net device setup: enabled 2024/04/24 02:51:10 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/24 02:51:10 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/24 02:51:10 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/24 02:51:10 USB emulation: enabled 2024/04/24 02:51:10 hci packet injection: /dev/vhci does not exist 2024/04/24 02:51:10 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2024/04/24 02:51:10 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2024/04/24 02:51:10 swap file: enabled [ 24.666788][ T293] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/24 02:51:10 starting 5 executor processes [ 25.302646][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.309700][ T304] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.316916][ T304] device bridge_slave_0 entered promiscuous mode [ 25.325229][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.332104][ T304] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.339373][ T304] device bridge_slave_1 entered promiscuous mode [ 25.415415][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.422737][ T305] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.430077][ T305] device bridge_slave_0 entered promiscuous mode [ 25.436527][ T306] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.443389][ T306] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.450649][ T306] device bridge_slave_0 entered promiscuous mode [ 25.463492][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.470441][ T305] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.477592][ T305] device bridge_slave_1 entered promiscuous mode [ 25.484097][ T306] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.490953][ T306] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.498292][ T306] device bridge_slave_1 entered promiscuous mode [ 25.559209][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.566064][ T308] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.573419][ T308] device bridge_slave_0 entered promiscuous mode [ 25.589770][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.596616][ T308] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.603992][ T308] device bridge_slave_1 entered promiscuous mode [ 25.618795][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.625639][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.632935][ T307] device bridge_slave_0 entered promiscuous mode [ 25.655177][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.662074][ T307] bridge0: port 2(bridge_slave_1) entered disabled state [ 25.669332][ T307] device bridge_slave_1 entered promiscuous mode [ 25.755258][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.762127][ T304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.769413][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.776168][ T304] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.845555][ T306] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.852423][ T306] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.859536][ T306] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.866293][ T306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.877723][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.884582][ T305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.891688][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.898466][ T305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.926999][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.933873][ T307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.940973][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.947738][ T307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.959887][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.966736][ T308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.973955][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.980729][ T308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.004153][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.011440][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.018534][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 26.025914][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 26.035079][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.042181][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.049235][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 26.058007][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.065191][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.072409][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.079573][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.115254][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 26.123188][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 26.161647][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 26.169322][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 26.177215][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 26.185380][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.192218][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.199511][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 26.207432][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.214279][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.221501][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 26.229315][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 26.237129][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 26.245636][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.252476][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.259680][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 26.267604][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.274443][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.281585][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 26.288733][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 26.295898][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 26.303168][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 26.311121][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.317950][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.325140][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 26.333162][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.340011][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.347135][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 26.355061][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.361904][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.369205][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 26.377155][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.384010][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.402373][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 26.410300][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 26.418514][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 26.426649][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 26.435123][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 26.443582][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 26.460600][ T306] device veth0_vlan entered promiscuous mode [ 26.466893][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 26.474861][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 26.482824][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 26.491230][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 26.499351][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 26.506953][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 26.514791][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 26.522873][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 26.535467][ T307] device veth0_vlan entered promiscuous mode [ 26.543678][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 26.550999][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 26.558547][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 26.566228][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 26.574135][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 26.582073][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 26.590080][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 26.597478][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 26.615203][ T307] device veth1_macvtap entered promiscuous mode [ 26.622684][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 26.631385][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 26.639622][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 26.647455][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 26.655625][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 26.663599][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 26.671499][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 26.685748][ T306] device veth1_macvtap entered promiscuous mode [ 26.694178][ T304] device veth0_vlan entered promiscuous mode [ 26.702394][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 26.710438][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 26.719238][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 26.726803][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 26.734964][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 26.743054][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 26.750814][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 26.758857][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 26.766122][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 26.779043][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 26.786782][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 26.796826][ T308] device veth0_vlan entered promiscuous mode [ 26.804356][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 26.812046][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 26.819335][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 26.827320][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 26.843779][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 26.852127][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready executing program 0: r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRESOCT, @ANYRESDEC, @ANYRESHEX, @ANYRESHEX=r0, @ANYRESOCT, @ANYRES8, @ANYRESDEC=r0], 0x2, 0x1ec, &(0x7f0000000a40)="$eJzsmb+LE0EUx78zm+ydhwg2FjYWHniit9ndqFxzxQmWgnAnahm8NUQ3iSQrJBGLoIWNpaBg6z+QwiKVhZ2drRYqCBamtBNGZnayO+4mMf4AF3wfyOx3Z97Mm3lhvwsJCIL4b/n44ev7R+e39k4DOIh1rOj+z1Yaw434d0/vnHq8feHZ6O3zV61D98bZ9RgAIZbPbwN4uWMh0vdC/Dh7XV/3wErTvsvgOKn1FTA4sfwmRDo7AMM1HXPT0O0DWoSBc70d7t9ohIErG082vmyqZn6ZdDJk2AewqvfHjPFuf3CrFoZBJyvKYponN7RIlJEfWlQ/tb8djm2jfvL7uvrw/lDe69rABU9q6YHD07oKhl2tt7ACx3HSkhjnP1pK17eWOX8RxOHNQmzj74kH/zD7k6IUIRF3R5jxtPxcsGyPfKCTniOT8ev8rE/FOPJvCWVcAHJDb9bC8OIfrGxrE5gZk/qTdO4Thj+VkFg5KlHzdqXbH2w2mrV6UA9avl89555x3bN+RRlR3C7wv1XlT2vG+uU5sTaz0atFUcfrAVHHS+79uDUcd/dF+4uaw5X/cWwcj9dg+p2VvCgzMP3h6irVhjV38wRBEARBEARBEARBEARBEL/EMTDE/4QJpn8QnYV/SUV/DwAA//8rwm4/") r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r2, 0x0, 0x0) [ 26.860357][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 26.868402][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 26.884686][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 26.893080][ T61] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 26.906871][ T304] device veth1_macvtap entered promiscuous mode executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000080)={0x18}, 0x18) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) getdents64(r6, 0x0, 0x9) [ 26.931151][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 26.940386][ T333] loop0: detected capacity change from 0 to 16 [ 26.948812][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 26.957016][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 26.965491][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 26.974087][ T333] erofs: (device loop0): mounted with root inode @ nid 36. [ 26.974300][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 26.989587][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 26.998482][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.006412][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 27.014560][ T333] erofs: (device loop0): z_erofs_map_blocks_iter: invalid logical cluster 0 at nid 36 [ 27.014759][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 27.032421][ T305] device veth0_vlan entered promiscuous mode [ 27.039540][ T333] erofs: (device loop0): z_erofs_readpage: failed to read, err [-117] [ 27.043201][ T308] device veth1_macvtap entered promiscuous mode [ 27.047566][ T333] erofs: (device loop0): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 27.072326][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x104, 0x1, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='ext4_sync_file_exit\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x40001) [ 27.082150][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.091288][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 27.099864][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 27.107930][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 27.122221][ T305] device veth1_macvtap entered promiscuous mode [ 27.138191][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 27.146170][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x0, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r2, &(0x7f0000000180), 0x2000) [ 27.182797][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 27.203711][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 27.220460][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 27.237354][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 27.254279][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 27.271162][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 27.288780][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00') [ 27.335033][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 27.347710][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 27.364440][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000001a00850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0x0) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000200)={0x1, r3}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000500)) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x20000) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b) creat(&(0x7f0000000040)='./bus\x00', 0x0) executing program 3: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000004080), 0x1, 0x762, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9GxdNttQs8mW7KY0IaAighdBxYOgl579UW/exB9X/S88SEvVtFjxIJHZzKbbZrfJpkmWup8PTPt9M7N5892Zee/tzrATQM8aTf/JRRyOiA+TiOFsfhIRA/WoP+Lk2no3V5aL6ZTE6uqrfyT1dW6sLBej6TWpg1nh0Yj48b2II7mN9VYXl2YK5XJpPiuP12bPj1cXl46emy1Ml6ZLc8cnJiePnXjmxPGdy/WvX5YOXf3opSe/PvnPu49c/uCnJE7GoWxZcx47ZTRGs/dkIH0Lb/PiTlfWZUm3N4BtSU/NvrWzPA7HcPTVIwDg/+ytiFgFAHpMov8HgB7T+B7gxspysTF19xuJvXXthYjYv5Z/4/rm2pL+7Jrd/vp10KEbyW1XRpKIGNmB+kcj4vNvX/8ynWKXrkMCtPL2d1mwof1PNtyz0KmntrDO6B1l7R/sne/T8c+zrcZ/ufXxT7QY/wy2OHe3Y/PzP3dlB6ppKx3/Pd90b9vNpvwzI31Z6YH6mG8gOXuuXErbtgcjYiwGBtPyxF3qGLv+7/V2y5rHf39+/OYXaf3p/7fWyF3pH7z9NVOFWuFecm527Z2Ix/pb5Z+s7/+kzfj39BbrePm59z9rtyzNP823MW3Mf3etXop4ouX+v3VHW3LX+xPH64fDeOOgaOGbXz8dald/8/5Pp7T+xmeBvZDu/6G75z+SNN+vWe28jp8vDf/Qbtnm+bc+/vclr9Xjfdm8i4VabX4iYl/yysb5x269tlFurJ/mP/Z4Pf8D2Sob2r9Wx3/6mfCNzRLPNqL/6u9fbT//3ZXmP9XR/u88uHxzpq9d/Vvb/5P1aCybs5X2b6sbeC/vHQAAAAAAAAAAAAAAAAAAAAAAAABsVS4iDkWSy6/HuVw+v/YM74djKFeuVGtHzlYW5qai/qzskRjINX7qcrjp91Anst/Db5SP3VF+OiIeiohPBg/Uy/lipTzV7eQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHOwzfP/U78NdnvrAIBds7/bGwAA7Dn9PwD0nk77f+MFALj/6c8BoPfo/wGg9+j/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GWnT51Kp9W/V5aLaXnqwuLCTOXC0alSdSY/u1DMFyvz5/PTlcp0uZQvVmY3+3vlSuX8ZMwtXByvlaq18eri0pnZysJc7cy52cJ06UxpYE+yAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDOVBeXZgrlcmleIBAI1oNut0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94f/AgAA///tuiN0") [ 27.381698][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 127.468018][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 127.474916][ C0] rcu: 0-...!: (10000 ticks this GP) idle=faf/1/0x4000000000000000 softirq=2634/2634 fqs=0 last_accelerate: 94ff/bc4b dyntick_enabled: 1 [ 127.488785][ C0] (t=10000 jiffies g=1037 q=15) [ 127.493549][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 9999 jiffies! g1037 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 127.505792][ C0] rcu: Possible timer handling issue on cpu=0 timer-softirq=613 [ 127.513344][ C0] rcu: rcu_preempt kthread starved for 10000 jiffies! g1037 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 127.524573][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 127.534468][ C0] rcu: RCU grace-period kthread stack dump: [ 127.540207][ C0] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 127.549233][ C0] Call Trace: [ 127.552348][ C0] [ 127.555124][ C0] __schedule+0xccc/0x1590 [ 127.559376][ C0] ? __sched_text_start+0x8/0x8 [ 127.564057][ C0] ? __kasan_check_write+0x14/0x20 [ 127.569007][ C0] schedule+0x11f/0x1e0 [ 127.572998][ C0] schedule_timeout+0x18c/0x370 [ 127.577683][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 127.582746][ C0] ? console_conditional_schedule+0x30/0x30 [ 127.588536][ C0] ? update_process_times+0x200/0x200 [ 127.593743][ C0] ? prepare_to_swait_event+0x308/0x320 [ 127.599129][ C0] rcu_gp_fqs_loop+0x2af/0xf80 [ 127.603736][ C0] ? debug_smp_processor_id+0x17/0x20 [ 127.609043][ C0] ? __note_gp_changes+0x4ab/0x920 [ 127.613993][ C0] ? rcu_gp_init+0xc30/0xc30 [ 127.618510][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 127.623534][ C0] ? rcu_gp_init+0x9cf/0xc30 [ 127.627968][ C0] rcu_gp_kthread+0xa4/0x350 [ 127.632383][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 127.637094][ C0] ? rcu_barrier_callback+0x50/0x50 [ 127.642107][ C0] ? __kasan_check_read+0x11/0x20 [ 127.646963][ C0] ? __kthread_parkme+0xb2/0x200 [ 127.651736][ C0] kthread+0x421/0x510 [ 127.655643][ C0] ? rcu_barrier_callback+0x50/0x50 [ 127.660680][ C0] ? kthread_blkcg+0xd0/0xd0 [ 127.665102][ C0] ret_from_fork+0x1f/0x30 [ 127.669364][ C0] [ 127.672237][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 127.678571][ C0] NMI backtrace for cpu 0 [ 127.682850][ C0] CPU: 0 PID: 344 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 127.692814][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 127.702825][ C0] Call Trace: [ 127.705946][ C0] [ 127.708659][ C0] dump_stack_lvl+0x151/0x1b7 [ 127.713165][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 127.718627][ C0] dump_stack+0x15/0x17 [ 127.722608][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 127.727382][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 127.733390][ C0] ? panic+0x751/0x751 [ 127.737286][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 127.743180][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 127.749000][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 127.754903][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 127.760626][ C0] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 127.766621][ C0] ? rcu_check_gp_kthread_expired_fqs_timer+0x18e/0x230 [ 127.773479][ C0] print_cpu_stall+0x310/0x5f0 [ 127.778074][ C0] rcu_sched_clock_irq+0x989/0x12f0 [ 127.783106][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 127.789093][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 127.794132][ C0] update_process_times+0x198/0x200 [ 127.799170][ C0] tick_sched_timer+0x188/0x240 [ 127.803845][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 127.809230][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 127.814264][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 127.819216][ C0] ? clockevents_program_event+0x22f/0x300 [ 127.824850][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 127.830763][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 127.835539][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 127.841256][ C0] sysvec_apic_timer_interrupt+0x95/0xc0 [ 127.846728][ C0] [ 127.849503][ C0] [ 127.852318][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 127.858107][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 127.862870][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 127.882310][ C0] RSP: 0018:ffffc900053277c0 EFLAGS: 00000246 [ 127.888216][ C0] RAX: 0000000000000001 RBX: 1ffff92000a64efc RCX: 1ffffffff0d1aa9c [ 127.896024][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 127.903833][ C0] RBP: ffffc90005327870 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 127.911648][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 127.919466][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a64f00 [ 127.927282][ C0] ? asm_common_interrupt+0x27/0x40 [ 127.932303][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 127.937253][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 127.943162][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 127.949408][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 127.954177][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 127.959221][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 127.964505][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 127.969547][ C0] ? kvfree+0x35/0x40 [ 127.973509][ C0] bpf_prog_6164f3e647ab800e+0x3d/0x238 [ 127.978887][ C0] bpf_trace_run2+0xec/0x210 [ 127.983312][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 127.987999][ C0] ? kvfree+0x35/0x40 [ 127.991925][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 127.996787][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 128.001818][ C0] ? kvfree+0x35/0x40 [ 128.005641][ C0] __bpf_trace_kfree+0x6f/0x90 [ 128.010239][ C0] ? kvfree+0x35/0x40 [ 128.014055][ C0] kfree+0x1f3/0x220 [ 128.017789][ C0] kvfree+0x35/0x40 [ 128.021432][ C0] __bpf_prog_put_noref+0xa1/0x2c0 [ 128.026377][ C0] bpf_prog_put_deferred+0x2ee/0x3e0 [ 128.031500][ C0] ? copy_map_value+0x230/0x230 [ 128.036184][ C0] bpf_prog_release+0x27d/0x290 [ 128.040872][ C0] ? bpf_prog_put+0x270/0x270 [ 128.045384][ C0] ? bpf_prog_put+0x270/0x270 [ 128.049928][ C0] __fput+0x3fe/0x910 [ 128.053720][ C0] ____fput+0x15/0x20 [ 128.057625][ C0] task_work_run+0x129/0x190 [ 128.062050][ C0] exit_to_user_mode_loop+0xc4/0xe0 [ 128.067776][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 128.073072][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 128.078454][ C0] do_syscall_64+0x49/0xb0 [ 128.082715][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 128.088385][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 128.094199][ C0] RIP: 0033:0x7ff765f96d9a [ 128.098460][ C0] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24 [ 128.117893][ C0] RSP: 002b:00007ffd59092200 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 128.126132][ C0] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007ff765f96d9a [ 128.134047][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 128.141940][ C0] RBP: 00007ff7660c7980 R08: 0000001b2ea20000 R09: 0000000000000351 [ 128.149751][ C0] R10: 00000000812e7ea3 R11: 0000000000000293 R12: 0000000000006e10 [ 128.157561][ C0] R13: 0000000000006b09 R14: 00007ffd590923c0 R15: 00007ff765f4ecb0 [ 128.165501][ C0] [ 128.168442][ C0] NMI backtrace for cpu 0 [ 128.172527][ C0] CPU: 0 PID: 344 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 128.182592][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 128.192663][ C0] Call Trace: [ 128.195785][ C0] [ 128.198479][ C0] dump_stack_lvl+0x151/0x1b7 [ 128.202988][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 128.208458][ C0] ? ttwu_do_wakeup+0x187/0x430 [ 128.213201][ C0] dump_stack+0x15/0x17 [ 128.217131][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 128.221909][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 128.227899][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 128.233191][ C0] ? __kasan_check_write+0x14/0x20 [ 128.238140][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 128.242824][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 128.248738][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 128.254540][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 128.260444][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 128.266171][ C0] rcu_dump_cpu_stacks+0x1d8/0x330 [ 128.271119][ C0] print_cpu_stall+0x315/0x5f0 [ 128.275724][ C0] rcu_sched_clock_irq+0x989/0x12f0 [ 128.280762][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 128.286743][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 128.291777][ C0] update_process_times+0x198/0x200 [ 128.296811][ C0] tick_sched_timer+0x188/0x240 [ 128.301498][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 128.306878][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 128.311941][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 128.316860][ C0] ? clockevents_program_event+0x22f/0x300 [ 128.322505][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 128.328405][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 128.333182][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 128.338908][ C0] sysvec_apic_timer_interrupt+0x95/0xc0 [ 128.344371][ C0] [ 128.347149][ C0] [ 128.349929][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 128.355751][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 128.360606][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 128.380175][ C0] RSP: 0018:ffffc900053277c0 EFLAGS: 00000246 [ 128.386075][ C0] RAX: 0000000000000001 RBX: 1ffff92000a64efc RCX: 1ffffffff0d1aa9c [ 128.394013][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 128.401800][ C0] RBP: ffffc90005327870 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 128.409612][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 128.417592][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a64f00 [ 128.425430][ C0] ? asm_common_interrupt+0x27/0x40 [ 128.430440][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 128.435388][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 128.441290][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 128.447554][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 128.452312][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 128.457441][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 128.462728][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 128.467761][ C0] ? kvfree+0x35/0x40 [ 128.471600][ C0] bpf_prog_6164f3e647ab800e+0x3d/0x238 [ 128.476960][ C0] bpf_trace_run2+0xec/0x210 [ 128.481402][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 128.486072][ C0] ? kvfree+0x35/0x40 [ 128.489895][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 128.494840][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 128.499875][ C0] ? kvfree+0x35/0x40 [ 128.503694][ C0] __bpf_trace_kfree+0x6f/0x90 [ 128.508707][ C0] ? kvfree+0x35/0x40 [ 128.512516][ C0] kfree+0x1f3/0x220 [ 128.516251][ C0] kvfree+0x35/0x40 [ 128.519899][ C0] __bpf_prog_put_noref+0xa1/0x2c0 [ 128.524855][ C0] bpf_prog_put_deferred+0x2ee/0x3e0 [ 128.529967][ C0] ? copy_map_value+0x230/0x230 [ 128.534649][ C0] bpf_prog_release+0x27d/0x290 [ 128.539336][ C0] ? bpf_prog_put+0x270/0x270 [ 128.543851][ C0] ? bpf_prog_put+0x270/0x270 [ 128.548372][ C0] __fput+0x3fe/0x910 [ 128.552183][ C0] ____fput+0x15/0x20 [ 128.555999][ C0] task_work_run+0x129/0x190 [ 128.560428][ C0] exit_to_user_mode_loop+0xc4/0xe0 [ 128.565469][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 128.570802][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 128.576658][ C0] do_syscall_64+0x49/0xb0 [ 128.580909][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 128.586553][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 128.592278][ C0] RIP: 0033:0x7ff765f96d9a [ 128.596628][ C0] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24 [ 128.616060][ C0] RSP: 002b:00007ffd59092200 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 128.624304][ C0] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007ff765f96d9a [ 128.632211][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 128.640026][ C0] RBP: 00007ff7660c7980 R08: 0000001b2ea20000 R09: 0000000000000351 [ 128.647837][ C0] R10: 00000000812e7ea3 R11: 0000000000000293 R12: 0000000000006e10 [ 128.655748][ C0] R13: 0000000000006b09 R14: 00007ffd590923c0 R15: 00007ff765f4ecb0 [ 128.663563][ C0] [ 128.666424][ C0] Sending NMI from CPU 0 to CPUs 1: [ 128.671494][ C1] NMI backtrace for cpu 1 [ 128.671504][ C1] CPU: 1 PID: 348 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 128.671523][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 128.671532][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 128.671554][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 128.671567][ C1] RSP: 0018:ffffc900053771a0 EFLAGS: 00000246 [ 128.671582][ C1] RAX: 0000000000000003 RBX: 1ffff92000a6ee38 RCX: ffffffff8154f88f [ 128.671595][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810cce2258 [ 128.671607][ C1] RBP: ffffc90005377250 R08: dffffc0000000000 R09: ffffed102199c44c [ 128.671620][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 128.671632][ C1] R13: ffff88810cce2258 R14: 0000000000000003 R15: 1ffff92000a6ee3c [ 128.671644][ C1] FS: 00007fa2fe4dd6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 128.671659][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.671671][ C1] CR2: 00007fa2fe4dcf38 CR3: 0000000128434000 CR4: 00000000003506a0 [ 128.671689][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 128.671699][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 128.671710][ C1] Call Trace: [ 128.671715][ C1] [ 128.671721][ C1] ? show_regs+0x58/0x60 [ 128.671747][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 128.671767][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 128.671788][ C1] ? kvm_wait+0x147/0x180 [ 128.671803][ C1] ? kvm_wait+0x147/0x180 [ 128.671818][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 128.671836][ C1] ? nmi_handle+0xa8/0x280 [ 128.671853][ C1] ? kvm_wait+0x147/0x180 [ 128.671868][ C1] ? default_do_nmi+0x69/0x160 [ 128.671886][ C1] ? exc_nmi+0xaf/0x120 [ 128.671901][ C1] ? end_repeat_nmi+0x16/0x31 [ 128.671918][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 128.671939][ C1] ? kvm_wait+0x147/0x180 [ 128.671954][ C1] ? kvm_wait+0x147/0x180 [ 128.671969][ C1] ? kvm_wait+0x147/0x180 [ 128.671984][ C1] [ 128.671989][ C1] [ 128.671994][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 128.672011][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 128.672028][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 128.672048][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 128.672069][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 128.672090][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 128.672108][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 128.672127][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 128.672147][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 128.672164][ C1] ? sock_map_unref+0x352/0x4d0 [ 128.672181][ C1] bpf_prog_6164f3e647ab800e+0x3d/0x238 [ 128.672195][ C1] bpf_trace_run2+0xec/0x210 [ 128.672213][ C1] ? __kasan_check_write+0x14/0x20 [ 128.672231][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 128.672248][ C1] ? sock_map_unref+0x352/0x4d0 [ 128.672265][ C1] ? sock_map_unref+0x352/0x4d0 [ 128.672282][ C1] __bpf_trace_kfree+0x6f/0x90 [ 128.672298][ C1] ? sock_map_unref+0x352/0x4d0 [ 128.672314][ C1] kfree+0x1f3/0x220 [ 128.672331][ C1] sock_map_unref+0x352/0x4d0 [ 128.672349][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 128.672367][ C1] ? security_compute_sid+0x1d7d/0x1f40 [ 128.672384][ C1] bpf_prog_6164f3e647ab800e+0x3d/0x238 [ 128.672397][ C1] bpf_trace_run2+0xec/0x210 [ 128.672414][ C1] ? context_to_sid+0x5a8/0x600 [ 128.672431][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 128.672448][ C1] ? security_compute_sid+0x1d7d/0x1f40 [ 128.672465][ C1] ? security_compute_sid+0x1d7d/0x1f40 [ 128.672482][ C1] __bpf_trace_kfree+0x6f/0x90 [ 128.672498][ C1] ? security_compute_sid+0x1d7d/0x1f40 [ 128.672514][ C1] kfree+0x1f3/0x220 [ 128.672530][ C1] ? policydb_context_isvalid+0x1de/0x430 [ 128.672550][ C1] security_compute_sid+0x1d7d/0x1f40 [ 128.672572][ C1] ? security_transition_sid+0x90/0x90 [ 128.672589][ C1] ? __kasan_slab_alloc+0xc3/0xe0 [ 128.672604][ C1] ? __kasan_slab_alloc+0xb1/0xe0 [ 128.672619][ C1] ? slab_post_alloc_hook+0x53/0x2c0 [ 128.672636][ C1] ? kmem_cache_alloc+0xf5/0x200 [ 128.672653][ C1] ? __d_alloc+0x2d/0x6c0 [ 128.672668][ C1] ? d_alloc_pseudo+0x1d/0x70 [ 128.672683][ C1] ? alloc_file_pseudo+0x131/0x2f0 [ 128.672699][ C1] ? __shmem_file_setup+0x1d6/0x2a0 [ 128.672714][ C1] ? shmem_file_setup+0x2f/0x40 [ 128.672732][ C1] ? __se_sys_memfd_create+0x1e1/0x3e0 [ 128.672750][ C1] ? __x64_sys_memfd_create+0x5b/0x70 [ 128.672767][ C1] ? do_syscall_64+0x3d/0xb0 [ 128.672782][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 128.672805][ C1] ? __kasan_check_write+0x14/0x20 [ 128.672822][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 128.672839][ C1] ? _raw_spin_trylock_bh+0x190/0x190 [ 128.672858][ C1] security_transition_sid+0x7d/0x90 [ 128.672875][ C1] inode_doinit_with_dentry+0x61b/0x1070 [ 128.672895][ C1] ? sb_finish_set_opts+0xa90/0xa90 [ 128.672912][ C1] ? __d_alloc+0x19b/0x6c0 [ 128.672927][ C1] ? d_set_d_op+0xff/0x390 [ 128.672943][ C1] selinux_d_instantiate+0x27/0x40 [ 128.672962][ C1] security_d_instantiate+0x9f/0x100 [ 128.672978][ C1] d_instantiate+0x55/0x90 [ 128.672994][ C1] alloc_file_pseudo+0x248/0x2f0 [ 128.673012][ C1] ? alloc_empty_file_noaccount+0x80/0x80 [ 128.673031][ C1] ? __kasan_check_write+0x14/0x20 [ 128.673047][ C1] ? clear_nlink+0x89/0xe0 [ 128.673064][ C1] __shmem_file_setup+0x1d6/0x2a0 [ 128.673080][ C1] shmem_file_setup+0x2f/0x40 [ 128.673095][ C1] __se_sys_memfd_create+0x1e1/0x3e0 [ 128.673113][ C1] __x64_sys_memfd_create+0x5b/0x70 [ 128.673131][ C1] do_syscall_64+0x3d/0xb0 [ 128.673146][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 128.673166][ C1] RIP: 0033:0x7fa2ff769ea9 [ 128.673180][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 128.673193][ C1] RSP: 002b:00007fa2fe4dcea8 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 128.673210][ C1] RAX: ffffffffffffffda RBX: 0000000000000762 RCX: 00007fa2ff769ea9 [ 128.673222][ C1] RDX: 00007fa2fe4dcf80 RSI: 0000000000000000 RDI: 00007fa2ff7b5722 [ 128.673233][ C1] RBP: 0000000020001180 R08: 00007fa2fe4dcc47 R09: 0000000000000000 [ 128.673244][ C1] R10: 000000000000000a R11: 0000000000000202 R12: 00000000200000c0 [ 128.673254][ C1] R13: 00007fa2fe4dcf80 R14: 00007fa2fe4dcf40 R15: 0000000020004080 [ 128.673269][ C1] [ 265.058535][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 225s! [syz-executor.1:344] [ 265.066866][ C0] Modules linked in: [ 265.070594][ C0] CPU: 0 PID: 344 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 265.080572][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.090473][ C0] RIP: 0010:__pv_queued_spin_lock_slowpath+0x38b/0xc40 [ 265.097156][ C0] Code: 00 00 00 00 00 fc ff df 41 0f b6 04 16 84 c0 0f 85 ac 00 00 00 48 8b 44 24 08 83 38 00 0f 85 15 01 00 00 45 84 e4 74 09 f3 90 <41> ff cc 75 d9 eb 1b 48 8b 44 24 20 0f b6 04 10 84 c0 0f 85 cd 00 [ 265.117025][ C0] RSP: 0018:ffffc90005327880 EFLAGS: 00000286 [ 265.123014][ C0] RAX: ffff8881f7037ec8 RBX: ffff8881f7037ed4 RCX: 0000000000000000 [ 265.131129][ C0] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 265.138904][ C0] RBP: ffffc90005327970 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 265.146707][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 00000000000057a9 [ 265.154519][ C0] R13: 1ffff1102199c44b R14: 1ffff1103ee06fd9 R15: ffff88810cce2258 [ 265.162336][ C0] FS: 000055555611e480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 265.171097][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.177519][ C0] CR2: 0000001b2e623000 CR3: 000000010cdf2000 CR4: 00000000003506b0 [ 265.185334][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.193144][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.200955][ C0] Call Trace: [ 265.204080][ C0] [ 265.206782][ C0] ? show_regs+0x58/0x60 [ 265.210849][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 265.215798][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 265.220916][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 265.226156][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 265.231071][ C0] ? clockevents_program_event+0x22f/0x300 [ 265.236715][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 265.242647][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 265.247568][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 265.253468][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 265.259112][ C0] [ 265.261883][ C0] [ 265.264666][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.270678][ C0] ? __pv_queued_spin_lock_slowpath+0x38b/0xc40 [ 265.276728][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.282977][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 265.287750][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.292786][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 265.298081][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 265.303121][ C0] ? kvfree+0x35/0x40 [ 265.306929][ C0] bpf_prog_6164f3e647ab800e+0x3d/0x238 [ 265.312310][ C0] bpf_trace_run2+0xec/0x210 [ 265.316737][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.321433][ C0] ? kvfree+0x35/0x40 [ 265.325245][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 265.330106][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.335225][ C0] ? kvfree+0x35/0x40 [ 265.339480][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.344076][ C0] ? kvfree+0x35/0x40 [ 265.347900][ C0] kfree+0x1f3/0x220 [ 265.351630][ C0] kvfree+0x35/0x40 [ 265.355276][ C0] __bpf_prog_put_noref+0xa1/0x2c0 [ 265.360230][ C0] bpf_prog_put_deferred+0x2ee/0x3e0 [ 265.365430][ C0] ? copy_map_value+0x230/0x230 [ 265.370127][ C0] bpf_prog_release+0x27d/0x290 [ 265.374813][ C0] ? bpf_prog_put+0x270/0x270 [ 265.379320][ C0] ? bpf_prog_put+0x270/0x270 [ 265.383830][ C0] __fput+0x3fe/0x910 [ 265.387826][ C0] ____fput+0x15/0x20 [ 265.391642][ C0] task_work_run+0x129/0x190 [ 265.396066][ C0] exit_to_user_mode_loop+0xc4/0xe0 [ 265.401100][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 265.406397][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 265.411775][ C0] do_syscall_64+0x49/0xb0 [ 265.416029][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 265.421687][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.427398][ C0] RIP: 0033:0x7ff765f96d9a [ 265.431667][ C0] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24 [ 265.451658][ C0] RSP: 002b:00007ffd59092200 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 265.459879][ C0] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007ff765f96d9a [ 265.467697][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 265.475733][ C0] RBP: 00007ff7660c7980 R08: 0000001b2ea20000 R09: 0000000000000351 [ 265.483541][ C0] R10: 00000000812e7ea3 R11: 0000000000000293 R12: 0000000000006e10 [ 265.491351][ C0] R13: 0000000000006b09 R14: 00007ffd590923c0 R15: 00007ff765f4ecb0 [ 265.499171][ C0] [ 265.502032][ C0] Sending NMI from CPU 0 to CPUs 1: [ 265.507091][ C1] NMI backtrace for cpu 1 [ 265.507101][ C1] CPU: 1 PID: 348 Comm: syz-executor.3 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 265.507121][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.507131][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 265.507154][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.507168][ C1] RSP: 0018:ffffc900053771a0 EFLAGS: 00000246 [ 265.507189][ C1] RAX: 0000000000000003 RBX: 1ffff92000a6ee38 RCX: ffffffff8154f88f [ 265.507201][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810cce2258 [ 265.507214][ C1] RBP: ffffc90005377250 R08: dffffc0000000000 R09: ffffed102199c44c [ 265.507227][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.507239][ C1] R13: ffff88810cce2258 R14: 0000000000000003 R15: 1ffff92000a6ee3c [ 265.507251][ C1] FS: 00007fa2fe4dd6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 265.507267][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.507279][ C1] CR2: 00007fa2fe4dcf38 CR3: 0000000128434000 CR4: 00000000003506a0 [ 265.507294][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.507304][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.507315][ C1] Call Trace: [ 265.507321][ C1] [ 265.507327][ C1] ? show_regs+0x58/0x60 [ 265.507346][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 265.507367][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 265.507388][ C1] ? kvm_wait+0x147/0x180 [ 265.507402][ C1] ? kvm_wait+0x147/0x180 [ 265.507418][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 265.507436][ C1] ? nmi_handle+0xa8/0x280 [ 265.507454][ C1] ? kvm_wait+0x147/0x180 [ 265.507469][ C1] ? kvm_wait+0x147/0x180 [ 265.507484][ C1] ? default_do_nmi+0x69/0x160 [ 265.507501][ C1] ? exc_nmi+0xaf/0x120 [ 265.507517][ C1] ? end_repeat_nmi+0x16/0x31 [ 265.507533][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.507554][ C1] ? kvm_wait+0x147/0x180 [ 265.507569][ C1] ? kvm_wait+0x147/0x180 [ 265.507584][ C1] ? kvm_wait+0x147/0x180 [ 265.507599][ C1] [ 265.507604][ C1] [ 265.507609][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.507626][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 265.507643][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.507663][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 265.507684][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.507711][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 265.507730][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.507748][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 265.507768][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 265.507786][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.507803][ C1] bpf_prog_6164f3e647ab800e+0x3d/0x238 [ 265.507817][ C1] bpf_trace_run2+0xec/0x210 [ 265.507835][ C1] ? __kasan_check_write+0x14/0x20 [ 265.507853][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.507873][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.507890][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.507907][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.507924][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.507940][ C1] kfree+0x1f3/0x220 [ 265.507958][ C1] sock_map_unref+0x352/0x4d0 [ 265.507976][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 265.507994][ C1] ? security_compute_sid+0x1d7d/0x1f40 [ 265.508011][ C1] bpf_prog_6164f3e647ab800e+0x3d/0x238 [ 265.508025][ C1] bpf_trace_run2+0xec/0x210 [ 265.508041][ C1] ? context_to_sid+0x5a8/0x600 [ 265.508059][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.508076][ C1] ? security_compute_sid+0x1d7d/0x1f40 [ 265.508092][ C1] ? security_compute_sid+0x1d7d/0x1f40 [ 265.508109][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.508124][ C1] ? security_compute_sid+0x1d7d/0x1f40 [ 265.508140][ C1] kfree+0x1f3/0x220 [ 265.508156][ C1] ? policydb_context_isvalid+0x1de/0x430 [ 265.508176][ C1] security_compute_sid+0x1d7d/0x1f40 [ 265.508198][ C1] ? security_transition_sid+0x90/0x90 [ 265.508215][ C1] ? __kasan_slab_alloc+0xc3/0xe0 [ 265.508230][ C1] ? __kasan_slab_alloc+0xb1/0xe0 [ 265.508245][ C1] ? slab_post_alloc_hook+0x53/0x2c0 [ 265.508263][ C1] ? kmem_cache_alloc+0xf5/0x200 [ 265.508279][ C1] ? __d_alloc+0x2d/0x6c0 [ 265.508294][ C1] ? d_alloc_pseudo+0x1d/0x70 [ 265.508309][ C1] ? alloc_file_pseudo+0x131/0x2f0 [ 265.508326][ C1] ? __shmem_file_setup+0x1d6/0x2a0 [ 265.508341][ C1] ? shmem_file_setup+0x2f/0x40 [ 265.508355][ C1] ? __se_sys_memfd_create+0x1e1/0x3e0 [ 265.508372][ C1] ? __x64_sys_memfd_create+0x5b/0x70 [ 265.508389][ C1] ? do_syscall_64+0x3d/0xb0 [ 265.508404][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.508427][ C1] ? __kasan_check_write+0x14/0x20 [ 265.508445][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 265.508463][ C1] ? _raw_spin_trylock_bh+0x190/0x190 [ 265.508481][ C1] security_transition_sid+0x7d/0x90 [ 265.508498][ C1] inode_doinit_with_dentry+0x61b/0x1070 [ 265.508520][ C1] ? sb_finish_set_opts+0xa90/0xa90 [ 265.508537][ C1] ? __d_alloc+0x19b/0x6c0 [ 265.508552][ C1] ? d_set_d_op+0xff/0x390 [ 265.508568][ C1] selinux_d_instantiate+0x27/0x40 [ 265.508586][ C1] security_d_instantiate+0x9f/0x100 [ 265.508603][ C1] d_instantiate+0x55/0x90 [ 265.508618][ C1] alloc_file_pseudo+0x248/0x2f0 [ 265.508636][ C1] ? alloc_empty_file_noaccount+0x80/0x80 [ 265.508655][ C1] ? __kasan_check_write+0x14/0x20 [ 265.508671][ C1] ? clear_nlink+0x89/0xe0 [ 265.508692][ C1] __shmem_file_setup+0x1d6/0x2a0 [ 265.508708][ C1] shmem_file_setup+0x2f/0x40 [ 265.508723][ C1] __se_sys_memfd_create+0x1e1/0x3e0 [ 265.508741][ C1] __x64_sys_memfd_create+0x5b/0x70 [ 265.508764][ C1] do_syscall_64+0x3d/0xb0 [ 265.508780][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.508799][ C1] RIP: 0033:0x7fa2ff769ea9 [ 265.508814][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 265.508827][ C1] RSP: 002b:00007fa2fe4dcea8 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 265.508844][ C1] RAX: ffffffffffffffda RBX: 0000000000000762 RCX: 00007fa2ff769ea9 [ 265.508855][ C1] RDX: 00007fa2fe4dcf80 RSI: 0000000000000000 RDI: 00007fa2ff7b5722 [ 265.508867][ C1] RBP: 0000000020001180 R08: 00007fa2fe4dcc47 R09: 0000000000000000 [ 265.508878][ C1] R10: 000000000000000a R11: 0000000000000202 R12: 00000000200000c0 [ 265.508888][ C1] R13: 00007fa2fe4dcf80 R14: 00007fa2fe4dcf40 R15: 0000000020004080 [ 265.508904][ C1]