Warning: Permanently added '10.128.0.17' (ED25519) to the list of known hosts. 2024/04/27 15:47:30 fuzzer started 2024/04/27 15:47:30 dialing manager at 10.128.0.163:30005 [ 20.538919][ T30] audit: type=1400 audit(1714232850.487:66): avc: denied { node_bind } for pid=283 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 20.550485][ T30] audit: type=1400 audit(1714232850.487:67): avc: denied { name_bind } for pid=283 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 20.554690][ T291] cgroup: Unknown subsys name 'net' [ 20.570229][ T30] audit: type=1400 audit(1714232850.487:68): avc: denied { integrity } for pid=291 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 20.599317][ T30] audit: type=1400 audit(1714232850.497:69): avc: denied { mounton } for pid=291 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 20.599560][ T291] cgroup: Unknown subsys name 'devices' [ 20.622131][ T30] audit: type=1400 audit(1714232850.497:70): avc: denied { mount } for pid=291 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 20.652196][ T30] audit: type=1400 audit(1714232850.517:71): avc: denied { unmount } for pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 20.791364][ T291] cgroup: Unknown subsys name 'hugetlb' [ 20.796927][ T291] cgroup: Unknown subsys name 'rlimit' [ 20.921809][ T30] audit: type=1400 audit(1714232850.867:72): avc: denied { mounton } for pid=291 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 20.946987][ T30] audit: type=1400 audit(1714232850.867:73): avc: denied { mount } for pid=291 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 20.970124][ T30] audit: type=1400 audit(1714232850.867:74): avc: denied { setattr } for pid=291 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 20.977938][ T292] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 21.002097][ T30] audit: type=1400 audit(1714232850.947:75): avc: denied { relabelto } for pid=292 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 21.037227][ T291] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/27 15:47:31 code coverage: enabled 2024/04/27 15:47:31 comparison tracing: enabled 2024/04/27 15:47:31 extra coverage: enabled 2024/04/27 15:47:31 delay kcov mmap: mmap returned an invalid pointer 2024/04/27 15:47:31 setuid sandbox: enabled 2024/04/27 15:47:31 namespace sandbox: enabled 2024/04/27 15:47:31 Android sandbox: enabled 2024/04/27 15:47:31 fault injection: enabled 2024/04/27 15:47:31 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/27 15:47:31 net packet injection: enabled 2024/04/27 15:47:31 net device setup: enabled 2024/04/27 15:47:31 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/27 15:47:31 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/27 15:47:31 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/27 15:47:31 USB emulation: enabled 2024/04/27 15:47:31 hci packet injection: /dev/vhci does not exist 2024/04/27 15:47:31 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2024/04/27 15:47:31 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2024/04/27 15:47:31 swap file: enabled 2024/04/27 15:47:31 starting 5 executor processes [ 21.639863][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.647173][ T302] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.654603][ T302] device bridge_slave_0 entered promiscuous mode [ 21.662526][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.669472][ T302] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.677001][ T302] device bridge_slave_1 entered promiscuous mode [ 21.715986][ T303] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.723527][ T303] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.730962][ T303] device bridge_slave_0 entered promiscuous mode [ 21.747591][ T303] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.754486][ T303] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.761961][ T303] device bridge_slave_1 entered promiscuous mode [ 21.859162][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.867024][ T308] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.874437][ T308] device bridge_slave_0 entered promiscuous mode [ 21.883163][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.890913][ T308] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.898379][ T308] device bridge_slave_1 entered promiscuous mode [ 21.970371][ T306] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.978053][ T306] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.986420][ T306] device bridge_slave_0 entered promiscuous mode [ 21.993229][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.000488][ T304] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.008055][ T304] device bridge_slave_0 entered promiscuous mode [ 22.015534][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.022456][ T304] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.030533][ T304] device bridge_slave_1 entered promiscuous mode [ 22.045583][ T306] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.052583][ T306] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.060091][ T306] device bridge_slave_1 entered promiscuous mode [ 22.109789][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.116648][ T302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.124004][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.130966][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.183054][ T303] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.189939][ T303] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.197022][ T303] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.203930][ T303] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.265553][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.272547][ T304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.279647][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.286513][ T304] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.317243][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.324146][ T308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.331306][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.338080][ T308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.346908][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.354309][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.361566][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.369278][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.376463][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.384101][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.392322][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.400665][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.409627][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.417199][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.444982][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.453104][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.461743][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.469492][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.476652][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.484808][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.491670][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.498948][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.507300][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.514413][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.521706][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.529956][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.537027][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.563566][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.571950][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.596376][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.605725][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.614172][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.622325][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.630243][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.638308][ T315] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.645366][ T315] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.652569][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.660886][ T315] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.668251][ T315] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.697602][ T302] device veth0_vlan entered promiscuous mode [ 22.705883][ T303] device veth0_vlan entered promiscuous mode [ 22.714273][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.722068][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.730996][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.742770][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.752183][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 22.762204][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.771213][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.778872][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.786054][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 22.794611][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.802884][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.810864][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.818337][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.827050][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.836467][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.845699][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.854647][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 22.862390][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 22.870139][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 22.878161][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 22.898405][ T302] device veth1_macvtap entered promiscuous mode [ 22.906183][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.917464][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.926506][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 22.935958][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 22.944689][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 22.961419][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 22.970036][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.978158][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 22.986304][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.002761][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 23.012096][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.020952][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.028834][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.036228][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 23.045172][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.053277][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.060631][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.067806][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.076147][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.084194][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 23.093109][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.101932][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 23.119687][ T303] device veth1_macvtap entered promiscuous mode [ 23.128119][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 23.136465][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 23.145232][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.153606][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.162159][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 23.170665][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.180150][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 23.188433][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.202987][ T304] device veth0_vlan entered promiscuous mode [ 23.217267][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.226601][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.235272][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.243252][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.252308][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.262540][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.271188][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.279419][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.287763][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.296285][ T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.316188][ T306] device veth0_vlan entered promiscuous mode [ 23.325879][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.334661][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.343294][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.350879][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.358166][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.367084][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.375195][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.383551][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.395302][ T304] device veth1_macvtap entered promiscuous mode [ 23.410360][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 23.418255][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_unlink_exit\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000017b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_unlink_exit\x00', r3}, 0x10) unlink(&(0x7f0000000140)='./cgroup\x00') [ 23.426708][ T327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.442768][ T308] device veth0_vlan entered promiscuous mode [ 23.461072][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x23000) [ 23.469719][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.477552][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.485764][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.494389][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.502889][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.511312][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.520461][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.527874][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.544028][ T306] device veth1_macvtap entered promiscuous mode [ 23.558406][ T308] device veth1_macvtap entered promiscuous mode executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xa, &(0x7f0000000280)=@raw=[@tail_call, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xd}, @generic={0x0, 0x0, 0x0, 0x2}, @map_idx={0x18, 0xa}], 0x0, 0x2, 0x0, 0x0, 0x40f00}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f00000007c0)='task_newtask\x00', r2}, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) [ 23.570716][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.579939][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.607549][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.616151][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.624719][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.633444][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.642594][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.651985][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.661415][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), 0x0, 0x75, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000000c0)='jbd2_write_superblock\x00', r2}, 0x10) ioctl$TUNSETOFFLOAD(r1, 0x40086607, 0x20001412) [ 23.670591][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0x20, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000000)=""/21, 0x15}}, 0x10) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000b00)='ext4_ext_convert_to_initialized_enter\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040)) write$cgroup_int(r2, &(0x7f0000000000), 0x400000) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='ext4_drop_inode\x00', r4}, 0x10) unlink(&(0x7f0000000140)='./cgroup\x00') executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x8, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8c18cffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b80)={&(0x7f0000000b40)='kfree_skb\x00', r2}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r5}, 0x10) close(r4) sendmsg$unix(r3, &(0x7f0000000800)={0x0, 0x63, 0x0}, 0x0) executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='qdisc_reset\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) close(r3) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r4}, 0x2e) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r5}, 0x2e) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x11, &(0x7f0000000b40)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @alu={0x7, 0x1, 0x5, 0x6, 0xa, 0xfffffffffffffff0, 0xfffffffffffffffc}, @map_val={0x18, 0xb, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9}], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc4, &(0x7f0000000a40)=""/196, 0x41100, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000000)={0x1, 0xa, 0x0, 0x4d6}, 0x10}, 0x90) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{0x1}, &(0x7f0000000280), &(0x7f00000002c0)=r6}, 0x20) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={r7, 0x58, &(0x7f0000000380)}, 0x10) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) ioctl$SIOCSIFHWADDR(r8, 0x40086602, &(0x7f0000000540)={'\x00', @dev}) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r9}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r10}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={r6, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x7, &(0x7f0000000740)=[0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x45, &(0x7f0000000800)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000840), &(0x7f0000000880), 0x8, 0xcd, 0x8, 0x8, &(0x7f00000008c0)}}, 0x10) executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_alloc_percpu\x00', r1}, 0x10) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000009c0)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000001ec0)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xa8}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) executing program 3: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000140)=ANY=[]) executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$cgroup_int(r0, &(0x7f0000000100), 0x1001) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000001c0)='ext4_discard_preallocations\x00', r2}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@typedef={0x5}]}, {0x0, [0x0, 0x0, 0x0, 0x0]}}, &(0x7f0000000400)=""/172, 0x2a, 0xac, 0x1}, 0x20) ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000002c0)=r2) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_clone(0x4034c000, 0x0, 0x0, 0x0, 0x0, 0x0) executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_int(r3, &(0x7f0000000200), 0x23000) [ 23.983900][ T354] syz-executor.0[354] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 23.983977][ T354] syz-executor.0[354] is installing a program with bpf_probe_write_user helper that may corrupt user memory! executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0xa, &(0x7f0000000280)=@raw=[@tail_call, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xd}, @generic={0x0, 0x0, 0x0, 0x2}, @map_idx={0x18, 0xa}], 0x0, 0x2, 0x0, 0x0, 0x40f00}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f00000007c0)='task_newtask\x00', r2}, 0x10) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) [ 24.013869][ T361] syz-executor.4[361] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 24.033341][ T361] syz-executor.4[361] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 124.048780][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 124.066927][ C1] rcu: 1-...!: (10000 ticks this GP) idle=0cf/1/0x4000000000000000 softirq=2591/2591 fqs=0 last_accelerate: 93d8/baf1 dyntick_enabled: 1 [ 124.080934][ C1] (t=10000 jiffies g=1105 q=249) [ 124.085766][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 9999 jiffies! g1105 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 124.097740][ C1] rcu: Possible timer handling issue on cpu=1 timer-softirq=366 [ 124.105285][ C1] rcu: rcu_preempt kthread starved for 10005 jiffies! g1105 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 124.116501][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 124.126307][ C1] rcu: RCU grace-period kthread stack dump: [ 124.132047][ C1] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 124.141072][ C1] Call Trace: [ 124.144365][ C1] [ 124.147154][ C1] __schedule+0xccc/0x1590 [ 124.151641][ C1] ? __sched_text_start+0x8/0x8 [ 124.156324][ C1] ? __kasan_check_write+0x14/0x20 [ 124.161267][ C1] schedule+0x11f/0x1e0 [ 124.166051][ C1] schedule_timeout+0x18c/0x370 [ 124.170653][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 124.175685][ C1] ? console_conditional_schedule+0x30/0x30 [ 124.181412][ C1] ? update_process_times+0x200/0x200 [ 124.186780][ C1] ? prepare_to_swait_event+0x308/0x320 [ 124.192164][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 124.196859][ C1] ? debug_smp_processor_id+0x17/0x20 [ 124.202066][ C1] ? __note_gp_changes+0x4ab/0x920 [ 124.207098][ C1] ? rcu_gp_init+0xc30/0xc30 [ 124.211521][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 124.216736][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 124.221159][ C1] rcu_gp_kthread+0xa4/0x350 [ 124.225585][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 124.230359][ C1] ? rcu_barrier_callback+0x50/0x50 [ 124.235391][ C1] ? __kasan_check_read+0x11/0x20 [ 124.240252][ C1] ? __kthread_parkme+0xb2/0x200 [ 124.245032][ C1] kthread+0x421/0x510 [ 124.248931][ C1] ? rcu_barrier_callback+0x50/0x50 [ 124.254089][ C1] ? kthread_blkcg+0xd0/0xd0 [ 124.258604][ C1] ret_from_fork+0x1f/0x30 [ 124.262858][ C1] [ 124.265926][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 124.272317][ C1] NMI backtrace for cpu 1 [ 124.276773][ C1] CPU: 1 PID: 100 Comm: udevd Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 124.286015][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 124.295858][ C1] Call Trace: [ 124.298966][ C1] [ 124.301664][ C1] dump_stack_lvl+0x151/0x1b7 [ 124.306172][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 124.311776][ C1] dump_stack+0x15/0x17 [ 124.315762][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 124.320538][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 124.326550][ C1] ? panic+0x751/0x751 [ 124.330547][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 124.336454][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 124.342249][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 124.348151][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 124.353879][ C1] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 124.359867][ C1] ? rcu_check_gp_kthread_expired_fqs_timer+0x18e/0x230 [ 124.366665][ C1] print_cpu_stall+0x310/0x5f0 [ 124.371237][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 124.376363][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 124.382609][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 124.387843][ C1] update_process_times+0x198/0x200 [ 124.392860][ C1] tick_sched_timer+0x188/0x240 [ 124.397538][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 124.402938][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 124.407958][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 124.412927][ C1] ? clockevents_program_event+0x22f/0x300 [ 124.418542][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 124.424444][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 124.429220][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 124.435032][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 124.440504][ C1] [ 124.443276][ C1] [ 124.446054][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 124.451875][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 124.456642][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 124.476171][ C1] RSP: 0018:ffffc90000a17420 EFLAGS: 00000246 [ 124.482071][ C1] RAX: 0000000000000003 RBX: 1ffff92000142e88 RCX: ffffffff8154fa7f [ 124.489880][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810c9a8958 [ 124.497694][ C1] RBP: ffffc90000a174d0 R08: dffffc0000000000 R09: ffffed102193512c [ 124.505512][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 124.513446][ C1] R13: ffff88810c9a8958 R14: 0000000000000003 R15: 1ffff92000142e8c [ 124.521323][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 124.527396][ C1] ? asm_common_interrupt+0x27/0x40 [ 124.532428][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 124.537705][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 124.543778][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 124.549797][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 124.556046][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 124.560816][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 124.565852][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 124.571147][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 124.576219][ C1] ? sock_map_unref+0x352/0x4d0 [ 124.580868][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xccc [ 124.586374][ C1] bpf_trace_run2+0xec/0x210 [ 124.590920][ C1] ? exc_int3+0xf/0x70 [ 124.594873][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 124.599824][ C1] ? sock_map_unref+0x352/0x4d0 [ 124.604511][ C1] ? sock_map_unref+0x179/0x4d0 [ 124.609231][ C1] ? sock_map_unref+0x352/0x4d0 [ 124.613886][ C1] __bpf_trace_kfree+0x6f/0x90 [ 124.618487][ C1] ? sock_map_unref+0x352/0x4d0 [ 124.623172][ C1] kfree+0x1f3/0x220 [ 124.626928][ C1] sock_map_unref+0x352/0x4d0 [ 124.631601][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 124.636710][ C1] ? inotify_free_event+0x15/0x20 [ 124.641657][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xccc [ 124.647127][ C1] bpf_trace_run2+0xec/0x210 [ 124.651639][ C1] ? exc_int3+0xf/0x70 [ 124.655552][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 124.660345][ C1] ? inotify_free_event+0x15/0x20 [ 124.665180][ C1] ? inotify_read+0x4c7/0x850 [ 124.669728][ C1] ? inotify_free_event+0x15/0x20 [ 124.674553][ C1] __bpf_trace_kfree+0x6f/0x90 [ 124.679152][ C1] ? inotify_free_event+0x15/0x20 [ 124.684014][ C1] kfree+0x1f3/0x220 [ 124.687745][ C1] ? __kasan_check_write+0x14/0x20 [ 124.692701][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 124.697293][ C1] inotify_free_event+0x15/0x20 [ 124.701980][ C1] fsnotify_destroy_event+0xe6/0x100 [ 124.707104][ C1] inotify_read+0x5a0/0x850 [ 124.711460][ C1] ? match_file+0x140/0x140 [ 124.715960][ C1] ? do_inotify_init+0x490/0x490 [ 124.720725][ C1] ? wait_woken+0x170/0x170 [ 124.725065][ C1] ? __kasan_check_read+0x11/0x20 [ 124.729925][ C1] ? fsnotify_perm+0x470/0x5d0 [ 124.734523][ C1] ? security_file_permission+0x86/0xb0 [ 124.739904][ C1] ? do_inotify_init+0x490/0x490 [ 124.744686][ C1] vfs_read+0x27d/0xd40 [ 124.748783][ C1] ? kernel_read+0x1f0/0x1f0 [ 124.753196][ C1] ? ep_destroy_wakeup_source+0x70/0x70 [ 124.758582][ C1] ? do_epoll_wait+0x1a50/0x1a50 [ 124.763355][ C1] ? __kasan_check_read+0x11/0x20 [ 124.768212][ C1] ? __fdget_pos+0x209/0x3a0 [ 124.772749][ C1] ksys_read+0x199/0x2c0 [ 124.776830][ C1] ? vfs_write+0x1110/0x1110 [ 124.781256][ C1] ? debug_smp_processor_id+0x17/0x20 [ 124.786549][ C1] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 124.792453][ C1] __x64_sys_read+0x7b/0x90 [ 124.796918][ C1] do_syscall_64+0x3d/0xb0 [ 124.801131][ C1] ? sysvec_call_function_single+0x52/0xb0 [ 124.806868][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 124.812588][ C1] RIP: 0033:0x7f82b6ed7b6a [ 124.817237][ C1] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 124.836854][ C1] RSP: 002b:00007ffdfbcfbac8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 124.845095][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f82b6ed7b6a [ 124.853107][ C1] RDX: 0000000000000110 RSI: 00007ffdfbcfbca8 RDI: 0000000000000007 [ 124.860921][ C1] RBP: 0000000000000000 R08: 00000000016ebafc R09: 00007ffdfbdd30b0 [ 124.868736][ C1] R10: 0000000000000a80 R11: 0000000000000246 R12: 00007ffdfbcfbca8 [ 124.876543][ C1] R13: 0000000200000001 R14: 0000000000000000 R15: 0000000000000000 [ 124.884362][ C1] [ 124.887287][ C1] Sending NMI from CPU 1 to CPUs 0: [ 124.892399][ C0] NMI backtrace for cpu 0 [ 124.892410][ C0] CPU: 0 PID: 357 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 124.892429][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 124.892439][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 124.892462][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 124.892475][ C0] RSP: 0018:ffffc900052bf2c0 EFLAGS: 00000246 [ 124.892491][ C0] RAX: 0000000000000001 RBX: 1ffff92000a57e5c RCX: 1ffffffff0d1aa9c [ 124.892504][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 124.892515][ C0] RBP: ffffc900052bf370 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 124.892528][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 124.892540][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a57e60 [ 124.892552][ C0] FS: 00007f2ba6ce46c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 124.892568][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 124.892581][ C0] CR2: 00007f9b38c68000 CR3: 0000000128803000 CR4: 00000000003506b0 [ 124.892597][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 124.892606][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 124.892617][ C0] Call Trace: [ 124.892622][ C0] [ 124.892629][ C0] ? show_regs+0x58/0x60 [ 124.892648][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 124.892669][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 124.892690][ C0] ? kvm_wait+0x147/0x180 [ 124.892705][ C0] ? kvm_wait+0x147/0x180 [ 124.892721][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 124.892739][ C0] ? nmi_handle+0xa8/0x280 [ 124.892757][ C0] ? kvm_wait+0x147/0x180 [ 124.892772][ C0] ? default_do_nmi+0x69/0x160 [ 124.892790][ C0] ? exc_nmi+0xaf/0x120 [ 124.892806][ C0] ? end_repeat_nmi+0x16/0x31 [ 124.892832][ C0] ? kvm_wait+0x147/0x180 [ 124.892847][ C0] ? kvm_wait+0x147/0x180 [ 124.892863][ C0] ? kvm_wait+0x147/0x180 [ 124.892878][ C0] [ 124.892883][ C0] [ 124.892888][ C0] ? asm_common_interrupt+0x27/0x40 [ 124.892904][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 124.892922][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 124.892946][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 124.892968][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 124.892987][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 124.893006][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 124.893026][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 124.893045][ C0] ? avc_audit_post_callback+0x43d/0xb20 [ 124.893063][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xccc [ 124.893077][ C0] bpf_trace_run2+0xec/0x210 [ 124.893097][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 124.893114][ C0] ? avc_audit_post_callback+0x43d/0xb20 [ 124.893131][ C0] ? audit_log_format+0xd7/0x120 [ 124.893147][ C0] ? sidtab_sid2str_get+0x1b3/0x2a0 [ 124.893166][ C0] ? avc_audit_post_callback+0x43d/0xb20 [ 124.893184][ C0] __bpf_trace_kfree+0x6f/0x90 [ 124.893201][ C0] ? avc_audit_post_callback+0x43d/0xb20 [ 124.893218][ C0] kfree+0x1f3/0x220 [ 124.893237][ C0] avc_audit_post_callback+0x43d/0xb20 [ 124.893257][ C0] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 124.893277][ C0] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 124.893294][ C0] common_lsm_audit+0xbc6/0x18b0 [ 124.893312][ C0] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 124.893330][ C0] ? ipv6_skb_to_auditdata+0xd90/0xd90 [ 124.893347][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 124.893367][ C0] ? avc_update_node+0x2f9/0xd50 [ 124.893387][ C0] slow_avc_audit+0x26c/0x3c0 [ 124.893404][ C0] ? avc_get_hash_stats+0x180/0x180 [ 124.893420][ C0] ? avc_has_perm_noaudit+0x2dd/0x430 [ 124.893440][ C0] ? do_vfs_ioctl+0xbc1/0x2a80 [ 124.893460][ C0] avc_has_perm+0x1f5/0x260 [ 124.893478][ C0] ? avc_has_perm_noaudit+0x430/0x430 [ 124.893495][ C0] ? debug_smp_processor_id+0x17/0x20 [ 124.893513][ C0] ? kasan_quarantine_put+0x34/0x1a0 [ 124.893531][ C0] ? kmem_cache_free+0x116/0x2e0 [ 124.893548][ C0] ? ioctl_has_perm+0x1f8/0x560 [ 124.893565][ C0] selinux_tun_dev_open+0xbc/0x180 [ 124.893582][ C0] security_tun_dev_open+0x62/0x90 [ 124.893599][ C0] tun_set_iff+0x3f6/0xdb0 [ 124.893618][ C0] __tun_chr_ioctl+0x85b/0x2290 [ 124.893635][ C0] ? putname+0xfa/0x150 [ 124.893652][ C0] ? tun_flow_create+0x320/0x320 [ 124.893675][ C0] tun_chr_ioctl+0x2a/0x40 [ 124.893691][ C0] ? tun_chr_poll+0x6d0/0x6d0 [ 124.893708][ C0] __se_sys_ioctl+0x114/0x190 [ 124.893727][ C0] __x64_sys_ioctl+0x7b/0x90 [ 124.893746][ C0] do_syscall_64+0x3d/0xb0 [ 124.893762][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 124.893781][ C0] RIP: 0033:0x7f2ba7f70ea9 [ 124.893796][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 124.893809][ C0] RSP: 002b:00007f2ba6ce40c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 124.893831][ C0] RAX: ffffffffffffffda RBX: 00007f2ba809ef80 RCX: 00007f2ba7f70ea9 [ 124.893844][ C0] RDX: 0000000020000200 RSI: 00000000400454ca RDI: 0000000000000006 [ 124.893855][ C0] RBP: 00007f2ba7fbd4a4 R08: 0000000000000000 R09: 0000000000000000 [ 124.893866][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.893876][ C0] R13: 000000000000000b R14: 00007f2ba809ef80 R15: 00007ffd4548ff08 [ 124.893891][ C0] [ 124.894384][ C1] NMI backtrace for cpu 1 [ 125.428050][ C1] CPU: 1 PID: 100 Comm: udevd Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 125.437245][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 125.447291][ C1] Call Trace: [ 125.450452][ C1] [ 125.453121][ C1] dump_stack_lvl+0x151/0x1b7 [ 125.457618][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 125.463088][ C1] ? cpumask_next+0x8a/0xb0 [ 125.467423][ C1] dump_stack+0x15/0x17 [ 125.471412][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 125.476372][ C1] ? init_x2apic_ldr+0x10/0x10 [ 125.480908][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 125.486908][ C1] ? irq_work_queue+0xd4/0x160 [ 125.491518][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 125.497659][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 125.503471][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 125.509372][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 125.515102][ C1] rcu_dump_cpu_stacks+0x1d8/0x330 [ 125.520049][ C1] print_cpu_stall+0x315/0x5f0 [ 125.524649][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 125.529684][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 125.535686][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 125.540931][ C1] update_process_times+0x198/0x200 [ 125.545958][ C1] tick_sched_timer+0x188/0x240 [ 125.550648][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 125.556031][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 125.561148][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 125.566094][ C1] ? clockevents_program_event+0x22f/0x300 [ 125.571737][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 125.577812][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 125.582588][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 125.588312][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 125.593780][ C1] [ 125.596558][ C1] [ 125.599357][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 125.605175][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 125.609930][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 125.629830][ C1] RSP: 0018:ffffc90000a17420 EFLAGS: 00000246 [ 125.635713][ C1] RAX: 0000000000000003 RBX: 1ffff92000142e88 RCX: ffffffff8154fa7f [ 125.643514][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810c9a8958 [ 125.651609][ C1] RBP: ffffc90000a174d0 R08: dffffc0000000000 R09: ffffed102193512c [ 125.659691][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 125.667563][ C1] R13: ffff88810c9a8958 R14: 0000000000000003 R15: 1ffff92000142e8c [ 125.675407][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 125.681452][ C1] ? asm_common_interrupt+0x27/0x40 [ 125.686567][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 125.691665][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 125.697810][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 125.703693][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 125.709939][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 125.714715][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 125.719754][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 125.725041][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 125.730074][ C1] ? sock_map_unref+0x352/0x4d0 [ 125.734760][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xccc [ 125.740137][ C1] bpf_trace_run2+0xec/0x210 [ 125.744654][ C1] ? exc_int3+0xf/0x70 [ 125.748556][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 125.753245][ C1] ? sock_map_unref+0x352/0x4d0 [ 125.757933][ C1] ? sock_map_unref+0x179/0x4d0 [ 125.762731][ C1] ? sock_map_unref+0x352/0x4d0 [ 125.767505][ C1] __bpf_trace_kfree+0x6f/0x90 [ 125.772099][ C1] ? sock_map_unref+0x352/0x4d0 [ 125.776792][ C1] kfree+0x1f3/0x220 [ 125.780522][ C1] sock_map_unref+0x352/0x4d0 [ 125.785033][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 125.790151][ C1] ? inotify_free_event+0x15/0x20 [ 125.795008][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xccc [ 125.800389][ C1] bpf_trace_run2+0xec/0x210 [ 125.804818][ C1] ? exc_int3+0xf/0x70 [ 125.808729][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 125.813440][ C1] ? inotify_free_event+0x15/0x20 [ 125.818276][ C1] ? inotify_read+0x4c7/0x850 [ 125.822804][ C1] ? inotify_free_event+0x15/0x20 [ 125.827751][ C1] __bpf_trace_kfree+0x6f/0x90 [ 125.832351][ C1] ? inotify_free_event+0x15/0x20 [ 125.837210][ C1] kfree+0x1f3/0x220 [ 125.840944][ C1] ? __kasan_check_write+0x14/0x20 [ 125.845909][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 125.850492][ C1] inotify_free_event+0x15/0x20 [ 125.855176][ C1] fsnotify_destroy_event+0xe6/0x100 [ 125.860298][ C1] inotify_read+0x5a0/0x850 [ 125.864637][ C1] ? match_file+0x140/0x140 [ 125.868981][ C1] ? do_inotify_init+0x490/0x490 [ 125.873782][ C1] ? wait_woken+0x170/0x170 [ 125.878087][ C1] ? __kasan_check_read+0x11/0x20 [ 125.883066][ C1] ? fsnotify_perm+0x470/0x5d0 [ 125.887650][ C1] ? security_file_permission+0x86/0xb0 [ 125.893032][ C1] ? do_inotify_init+0x490/0x490 [ 125.897803][ C1] vfs_read+0x27d/0xd40 [ 125.901799][ C1] ? kernel_read+0x1f0/0x1f0 [ 125.906222][ C1] ? ep_destroy_wakeup_source+0x70/0x70 [ 125.911617][ C1] ? do_epoll_wait+0x1a50/0x1a50 [ 125.916394][ C1] ? __kasan_check_read+0x11/0x20 [ 125.921728][ C1] ? __fdget_pos+0x209/0x3a0 [ 125.926157][ C1] ksys_read+0x199/0x2c0 [ 125.930419][ C1] ? vfs_write+0x1110/0x1110 [ 125.934848][ C1] ? debug_smp_processor_id+0x17/0x20 [ 125.940235][ C1] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 125.946219][ C1] __x64_sys_read+0x7b/0x90 [ 125.950561][ C1] do_syscall_64+0x3d/0xb0 [ 125.954812][ C1] ? sysvec_call_function_single+0x52/0xb0 [ 125.960460][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 125.966285][ C1] RIP: 0033:0x7f82b6ed7b6a [ 125.970541][ C1] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 125.990434][ C1] RSP: 002b:00007ffdfbcfbac8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 125.998761][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f82b6ed7b6a [ 126.006730][ C1] RDX: 0000000000000110 RSI: 00007ffdfbcfbca8 RDI: 0000000000000007 [ 126.014534][ C1] RBP: 0000000000000000 R08: 00000000016ebafc R09: 00007ffdfbdd30b0 [ 126.022429][ C1] R10: 0000000000000a80 R11: 0000000000000246 R12: 00007ffdfbcfbca8 [ 126.030352][ C1] R13: 0000000200000001 R14: 0000000000000000 R15: 0000000000000000 [ 126.038252][ C1] [ 265.104829][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 225s! [syz-executor.1:357] [ 265.113177][ C0] Modules linked in: [ 265.117008][ C0] CPU: 0 PID: 357 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 265.127228][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.137437][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 265.142288][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.162238][ C0] RSP: 0018:ffffc900052bf2c0 EFLAGS: 00000246 [ 265.168141][ C0] RAX: 0000000000000001 RBX: 1ffff92000a57e5c RCX: 1ffffffff0d1aa9c [ 265.175956][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 265.183773][ C0] RBP: ffffc900052bf370 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 265.191576][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.199479][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a57e60 [ 265.207491][ C0] FS: 00007f2ba6ce46c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 265.216354][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.222853][ C0] CR2: 00007f9b38c68000 CR3: 0000000128803000 CR4: 00000000003506b0 [ 265.230676][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.238737][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.246640][ C0] Call Trace: [ 265.249783][ C0] [ 265.252570][ C0] ? show_regs+0x58/0x60 [ 265.256872][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 265.261810][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 265.266915][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 265.272142][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 265.277070][ C0] ? clockevents_program_event+0x22f/0x300 [ 265.282714][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 265.288612][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 265.293562][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 265.299471][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 265.305245][ C0] [ 265.307975][ C0] [ 265.310747][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.316821][ C0] ? kvm_wait+0x147/0x180 [ 265.320990][ C0] ? asm_common_interrupt+0x27/0x40 [ 265.326277][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 265.331351][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 265.337258][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.343495][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 265.348467][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.353702][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 265.359030][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 265.364031][ C0] ? avc_audit_post_callback+0x43d/0xb20 [ 265.369498][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xccc [ 265.375365][ C0] bpf_trace_run2+0xec/0x210 [ 265.379761][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.384549][ C0] ? avc_audit_post_callback+0x43d/0xb20 [ 265.389998][ C0] ? audit_log_format+0xd7/0x120 [ 265.394768][ C0] ? sidtab_sid2str_get+0x1b3/0x2a0 [ 265.399819][ C0] ? avc_audit_post_callback+0x43d/0xb20 [ 265.405288][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.409878][ C0] ? avc_audit_post_callback+0x43d/0xb20 [ 265.415513][ C0] kfree+0x1f3/0x220 [ 265.419247][ C0] avc_audit_post_callback+0x43d/0xb20 [ 265.424542][ C0] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 265.429927][ C0] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 265.435314][ C0] common_lsm_audit+0xbc6/0x18b0 [ 265.440096][ C0] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 265.445475][ C0] ? ipv6_skb_to_auditdata+0xd90/0xd90 [ 265.450780][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 265.456392][ C0] ? avc_update_node+0x2f9/0xd50 [ 265.461171][ C0] slow_avc_audit+0x26c/0x3c0 [ 265.465689][ C0] ? avc_get_hash_stats+0x180/0x180 [ 265.470717][ C0] ? avc_has_perm_noaudit+0x2dd/0x430 [ 265.475926][ C0] ? do_vfs_ioctl+0xbc1/0x2a80 [ 265.480525][ C0] avc_has_perm+0x1f5/0x260 [ 265.485075][ C0] ? avc_has_perm_noaudit+0x430/0x430 [ 265.490347][ C0] ? debug_smp_processor_id+0x17/0x20 [ 265.495520][ C0] ? kasan_quarantine_put+0x34/0x1a0 [ 265.500730][ C0] ? kmem_cache_free+0x116/0x2e0 [ 265.505502][ C0] ? ioctl_has_perm+0x1f8/0x560 [ 265.510191][ C0] selinux_tun_dev_open+0xbc/0x180 [ 265.515138][ C0] security_tun_dev_open+0x62/0x90 [ 265.520087][ C0] tun_set_iff+0x3f6/0xdb0 [ 265.524423][ C0] __tun_chr_ioctl+0x85b/0x2290 [ 265.529110][ C0] ? putname+0xfa/0x150 [ 265.533118][ C0] ? tun_flow_create+0x320/0x320 [ 265.537880][ C0] tun_chr_ioctl+0x2a/0x40 [ 265.542128][ C0] ? tun_chr_poll+0x6d0/0x6d0 [ 265.546641][ C0] __se_sys_ioctl+0x114/0x190 [ 265.551242][ C0] __x64_sys_ioctl+0x7b/0x90 [ 265.555776][ C0] do_syscall_64+0x3d/0xb0 [ 265.560016][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.565739][ C0] RIP: 0033:0x7f2ba7f70ea9 [ 265.570006][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 265.589522][ C0] RSP: 002b:00007f2ba6ce40c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.597765][ C0] RAX: ffffffffffffffda RBX: 00007f2ba809ef80 RCX: 00007f2ba7f70ea9 [ 265.605575][ C0] RDX: 0000000020000200 RSI: 00000000400454ca RDI: 0000000000000006 [ 265.613387][ C0] RBP: 00007f2ba7fbd4a4 R08: 0000000000000000 R09: 0000000000000000 [ 265.621370][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.629267][ C0] R13: 000000000000000b R14: 00007f2ba809ef80 R15: 00007ffd4548ff08 [ 265.637085][ C0] [ 265.639955][ C0] Sending NMI from CPU 0 to CPUs 1: [ 265.645083][ C1] NMI backtrace for cpu 1 [ 265.645097][ C1] CPU: 1 PID: 100 Comm: udevd Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 265.645115][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.645125][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 265.645148][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.645162][ C1] RSP: 0018:ffffc90000a17420 EFLAGS: 00000246 [ 265.645183][ C1] RAX: 0000000000000003 RBX: 1ffff92000142e88 RCX: ffffffff8154fa7f [ 265.645196][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810c9a8958 [ 265.645208][ C1] RBP: ffffc90000a174d0 R08: dffffc0000000000 R09: ffffed102193512c [ 265.645221][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.645233][ C1] R13: ffff88810c9a8958 R14: 0000000000000003 R15: 1ffff92000142e8c [ 265.645245][ C1] FS: 00007f82b6dacc80(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 265.645261][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.645273][ C1] CR2: 0000001b2e722000 CR3: 000000010c9a2000 CR4: 00000000003506a0 [ 265.645289][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.645299][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.645309][ C1] Call Trace: [ 265.645314][ C1] [ 265.645321][ C1] ? show_regs+0x58/0x60 [ 265.645339][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 265.645360][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 265.645381][ C1] ? kvm_wait+0x147/0x180 [ 265.645396][ C1] ? kvm_wait+0x147/0x180 [ 265.645412][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 265.645430][ C1] ? nmi_handle+0xa8/0x280 [ 265.645447][ C1] ? kvm_wait+0x147/0x180 [ 265.645462][ C1] ? default_do_nmi+0x69/0x160 [ 265.645481][ C1] ? exc_nmi+0xaf/0x120 [ 265.645497][ C1] ? end_repeat_nmi+0x16/0x31 [ 265.645515][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.645536][ C1] ? kvm_wait+0x147/0x180 [ 265.645551][ C1] ? kvm_wait+0x147/0x180 [ 265.645567][ C1] ? kvm_wait+0x147/0x180 [ 265.645582][ C1] [ 265.645587][ C1] [ 265.645592][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.645609][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 265.645626][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.645653][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 265.645675][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.645696][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 265.645720][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.645744][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 265.645765][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 265.645787][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.645804][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xccc [ 265.645819][ C1] bpf_trace_run2+0xec/0x210 [ 265.645837][ C1] ? exc_int3+0xf/0x70 [ 265.645853][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.645870][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.645887][ C1] ? sock_map_unref+0x179/0x4d0 [ 265.645904][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.645921][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.645938][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.645955][ C1] kfree+0x1f3/0x220 [ 265.645974][ C1] sock_map_unref+0x352/0x4d0 [ 265.645992][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 265.646011][ C1] ? inotify_free_event+0x15/0x20 [ 265.646029][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xccc [ 265.646042][ C1] bpf_trace_run2+0xec/0x210 [ 265.646059][ C1] ? exc_int3+0xf/0x70 [ 265.646075][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.646092][ C1] ? inotify_free_event+0x15/0x20 [ 265.646109][ C1] ? inotify_read+0x4c7/0x850 [ 265.646126][ C1] ? inotify_free_event+0x15/0x20 [ 265.646143][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.646158][ C1] ? inotify_free_event+0x15/0x20 [ 265.646181][ C1] kfree+0x1f3/0x220 [ 265.646197][ C1] ? __kasan_check_write+0x14/0x20 [ 265.646213][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 265.646232][ C1] inotify_free_event+0x15/0x20 [ 265.646248][ C1] fsnotify_destroy_event+0xe6/0x100 [ 265.646266][ C1] inotify_read+0x5a0/0x850 [ 265.646282][ C1] ? match_file+0x140/0x140 [ 265.646301][ C1] ? do_inotify_init+0x490/0x490 [ 265.646319][ C1] ? wait_woken+0x170/0x170 [ 265.646334][ C1] ? __kasan_check_read+0x11/0x20 [ 265.646351][ C1] ? fsnotify_perm+0x470/0x5d0 [ 265.646370][ C1] ? security_file_permission+0x86/0xb0 [ 265.646389][ C1] ? do_inotify_init+0x490/0x490 [ 265.646406][ C1] vfs_read+0x27d/0xd40 [ 265.646422][ C1] ? kernel_read+0x1f0/0x1f0 [ 265.646436][ C1] ? ep_destroy_wakeup_source+0x70/0x70 [ 265.646456][ C1] ? do_epoll_wait+0x1a50/0x1a50 [ 265.646475][ C1] ? __kasan_check_read+0x11/0x20 [ 265.646492][ C1] ? __fdget_pos+0x209/0x3a0 [ 265.646507][ C1] ksys_read+0x199/0x2c0 [ 265.646522][ C1] ? vfs_write+0x1110/0x1110 [ 265.646538][ C1] ? debug_smp_processor_id+0x17/0x20 [ 265.646555][ C1] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 265.646575][ C1] __x64_sys_read+0x7b/0x90 [ 265.646590][ C1] do_syscall_64+0x3d/0xb0 [ 265.646605][ C1] ? sysvec_call_function_single+0x52/0xb0 [ 265.646623][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.646643][ C1] RIP: 0033:0x7f82b6ed7b6a [ 265.646657][ C1] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83 [ 265.646670][ C1] RSP: 002b:00007ffdfbcfbac8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 265.646687][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f82b6ed7b6a [ 265.646699][ C1] RDX: 0000000000000110 RSI: 00007ffdfbcfbca8 RDI: 0000000000000007 [ 265.646709][ C1] RBP: 0000000000000000 R08: 00000000016ebafc R09: 00007ffdfbdd30b0 [ 265.646721][ C1] R10: 0000000000000a80 R11: 0000000000000246 R12: 00007ffdfbcfbca8 [ 265.646737][ C1] R13: 0000000200000001 R14: 0000000000000000 R15: 0000000000000000 [ 265.646752][ C1]