[PATCH] reproducer

[Ihor Solodrai]

---
 .../bpf/prog_tests/ftrace_direct_race.c       | 243 ++++++++++++++++++
 1 file changed, 243 insertions(+)
 create mode 100644 tools/testing/selftests/bpf/prog_tests/ftrace_direct_race.c

diff --git a/tools/testing/selftests/bpf/prog_tests/ftrace_direct_race.c b/tools/testing/selftests/bpf/prog_tests/ftrace_direct_race.c
new file mode 100644
index 000000000000..369c55364d05
--- /dev/null
+++ b/tools/testing/selftests/bpf/prog_tests/ftrace_direct_race.c
@@ -0,0 +1,243 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Copyright (c) 2026 Meta Platforms, Inc. and affiliates. */
+
+/* Test to reproduce ftrace race between BPF trampoline attach/detach
+ * and kprobe attach/detach on the same function.
+ *
+ * With CONFIG_HAVE_SINGLE_FTRACE_DIRECT_OPS, all BPF trampolines share
+ * a single ftrace_ops. Concurrent modifications (BPF trampoline vs kprobe)
+ * can race in ftrace_replace_code's verify-then-patch sequence, causing
+ * ftrace to become permanently disabled and leaving stale trampolines
+ * that reference freed BPF programs.
+ *
+ * Run with: ./test_progs -t ftrace_direct_race
+ */
+#include <test_progs.h>
+#include <bpf/libbpf.h>
+#include <pthread.h>
+#include <sys/ioctl.h>
+#include <linux/perf_event.h>
+#include <sys/syscall.h>
+
+#include "fentry_test.lskel.h"
+
+#define NUM_ITERATIONS	200
+
+static volatile bool stop;
+
+/* Thread 1: Rapidly attach and detach fentry BPF trampolines */
+static void *fentry_thread_fn(void *arg)
+{
+	int i;
+
+	for (i = 0; i < NUM_ITERATIONS && !stop; i++) {
+		struct fentry_test_lskel *skel;
+		int err;
+
+		skel = fentry_test_lskel__open();
+		if (!skel)
+			continue;
+
+		skel->keyring_id = KEY_SPEC_SESSION_KEYRING;
+		err = fentry_test_lskel__load(skel);
+		if (err) {
+			fentry_test_lskel__destroy(skel);
+			continue;
+		}
+
+		err = fentry_test_lskel__attach(skel);
+		if (err) {
+			fentry_test_lskel__destroy(skel);
+			continue;
+		}
+
+		/* Brief sleep to let the trampoline be live while kprobes race */
+		usleep(100 + rand() % 500);
+
+		fentry_test_lskel__detach(skel);
+		fentry_test_lskel__destroy(skel);
+	}
+
+	return NULL;
+}
+
+/* Thread 2: Rapidly create and destroy kprobes via tracefs on
+ * bpf_fentry_test* functions (the same functions the fentry thread targets).
+ * Creating/removing kprobe events goes through the ftrace code patching
+ * path that can race with BPF trampoline direct call operations.
+ */
+static void *kprobe_thread_fn(void *arg)
+{
+	const char *funcs[] = {
+		"bpf_fentry_test1",
+		"bpf_fentry_test2",
+		"bpf_fentry_test3",
+		"bpf_fentry_test4",
+		"bpf_fentry_test5",
+		"bpf_fentry_test6",
+	};
+	int i;
+
+	for (i = 0; i < NUM_ITERATIONS && !stop; i++) {
+		int j;
+
+		for (j = 0; j < 6 && !stop; j++) {
+			char cmd[256];
+
+			/* Create kprobe via tracefs */
+			snprintf(cmd, sizeof(cmd),
+				 "echo 'p:kprobe_race_%d %s' >> /sys/kernel/debug/tracing/kprobe_events 2>/dev/null",
+				 j, funcs[j]);
+			system(cmd);
+
+			/* Small delay */
+			usleep(50 + rand() % 200);
+
+			/* Remove kprobe */
+			snprintf(cmd, sizeof(cmd),
+				 "echo '-:kprobe_race_%d' >> /sys/kernel/debug/tracing/kprobe_events 2>/dev/null",
+				 j);
+			system(cmd);
+		}
+	}
+
+	return NULL;
+}
+
+/* Thread 3: Create kprobes via perf_event_open (the ftrace-based kind)
+ * which go through the arm_kprobe / disarm_kprobe ftrace path.
+ */
+static void *perf_kprobe_thread_fn(void *arg)
+{
+	const char *funcs[] = {
+		"bpf_fentry_test1",
+		"bpf_fentry_test2",
+		"bpf_fentry_test3",
+	};
+	int i;
+
+	for (i = 0; i < NUM_ITERATIONS && !stop; i++) {
+		int fds[3] = {-1, -1, -1};
+		int j;
+
+		for (j = 0; j < 3 && !stop; j++) {
+			struct perf_event_attr attr = {};
+			char path[256];
+			char buf[32];
+			char cmd[256];
+			int id_fd, id;
+
+			/* Create kprobe event */
+			snprintf(cmd, sizeof(cmd),
+				 "echo 'p:perf_race_%d %s' >> /sys/kernel/debug/tracing/kprobe_events 2>/dev/null",
+				 j, funcs[j]);
+			system(cmd);
+
+			/* Try to get the event id */
+			snprintf(path, sizeof(path),
+				 "/sys/kernel/debug/tracing/events/kprobes/perf_race_%d/id", j);
+			id_fd = open(path, O_RDONLY);
+			if (id_fd < 0)
+				continue;
+
+			memset(buf, 0, sizeof(buf));
+			if (read(id_fd, buf, sizeof(buf) - 1) > 0)
+				id = atoi(buf);
+			else
+				id = -1;
+			close(id_fd);
+
+			if (id < 0)
+				continue;
+
+			/* Open perf event to arm the kprobe via ftrace */
+			attr.type = PERF_TYPE_TRACEPOINT;
+			attr.size = sizeof(attr);
+			attr.config = id;
+			attr.sample_type = PERF_SAMPLE_RAW;
+			attr.sample_period = 1;
+			attr.wakeup_events = 1;
+
+			fds[j] = syscall(__NR_perf_event_open, &attr, -1, 0, -1, 0);
+			if (fds[j] >= 0)
+				ioctl(fds[j], PERF_EVENT_IOC_ENABLE, 0);
+		}
+
+		usleep(100 + rand() % 300);
+
+		/* Close perf events (disarms kprobes via ftrace) */
+		for (j = 0; j < 3; j++) {
+			char cmd[256];
+
+			if (fds[j] >= 0)
+				close(fds[j]);
+
+			snprintf(cmd, sizeof(cmd),
+				 "echo '-:perf_race_%d' >> /sys/kernel/debug/tracing/kprobe_events 2>/dev/null",
+				 j);
+			system(cmd);
+		}
+	}
+
+	return NULL;
+}
+
+void test_ftrace_direct_race(void)
+{
+	pthread_t fentry_tid, kprobe_tid, perf_kprobe_tid;
+	int err;
+
+	/* Check if ftrace is currently operational */
+	if (!ASSERT_OK(access("/sys/kernel/debug/tracing/kprobe_events", W_OK),
+		       "tracefs_access"))
+		return;
+
+	stop = false;
+
+	err = pthread_create(&fentry_tid, NULL, fentry_thread_fn, NULL);
+	if (!ASSERT_OK(err, "create_fentry_thread"))
+		return;
+
+	err = pthread_create(&kprobe_tid, NULL, kprobe_thread_fn, NULL);
+	if (!ASSERT_OK(err, "create_kprobe_thread")) {
+		stop = true;
+		pthread_join(fentry_tid, NULL);
+		return;
+	}
+
+	err = pthread_create(&perf_kprobe_tid, NULL, perf_kprobe_thread_fn, NULL);
+	if (!ASSERT_OK(err, "create_perf_kprobe_thread")) {
+		stop = true;
+		pthread_join(fentry_tid, NULL);
+		pthread_join(kprobe_tid, NULL);
+		return;
+	}
+
+	pthread_join(fentry_tid, NULL);
+	pthread_join(kprobe_tid, NULL);
+	pthread_join(perf_kprobe_tid, NULL);
+
+	/* If we get here without a kernel panic/oops, the test passed.
+	 * The real check is in dmesg: look for
+	 *   "WARNING: arch/x86/kernel/ftrace.c" or
+	 *   "BUG: KASAN: vmalloc-out-of-bounds in __bpf_prog_enter_recur"
+	 *
+	 * A more robust check: verify ftrace is still operational.
+	 */
+	ASSERT_OK(access("/sys/kernel/debug/tracing/kprobe_events", W_OK),
+		  "ftrace_still_operational");
+
+	/* Check that ftrace wasn't disabled */
+	{
+		char buf[64] = {};
+		int fd = open("/proc/sys/kernel/ftrace_enabled", O_RDONLY);
+
+		if (ASSERT_GE(fd, 0, "open_ftrace_enabled")) {
+			int n = read(fd, buf, sizeof(buf) - 1);
+
+			close(fd);
+			if (n > 0)
+				ASSERT_EQ(atoi(buf), 1, "ftrace_enabled");
+		}
+	}
+}
-- 
2.47.3


----

Splat:

[   24.170803] ------------[ cut here ]------------                                                                                                              
[   24.171055] WARNING: kernel/trace/ftrace.c:2715 at ftrace_get_addr_curr+0x149/0x190, CPU#13: kworker/13:6/873                                                 
[   24.171315] Modules linked in: bpf_test_modorder_y(OE+) bpf_test_modorder_x(OE) bpf_testmod(OE)                                                               
[   24.171561] CPU: 13 UID: 0 PID: 873 Comm: kworker/13:6 Tainted: G           OE       7.0.0-rc1-gda78c0a81eea #83 PREEMPT(full)                                
[   24.171827] Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE                                                                                                      
[   24.171941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-5.el9 11/05/2023                                                               
[   24.172132] Workqueue: events bpf_link_put_deferred                                                                                                           
[   24.172261] RIP: 0010:ftrace_get_addr_curr+0x149/0x190                                                                                                        
[   24.172376] Code: 00 4c 89 f7 e8 88 f8 ff ff 84 c0 75 92 4d 8b 7f 08 e8 fb b3 c1 00 4d 85 ff 0f 94 c0 49 81 ff b0 1c 6e 83 0f 94 c1 08 c1 74 96 <0f> 0b c6 05 
62 e8 2b 02 01 c7 05 54 e8 2b 02 00 00 00 00 48 c7 05                                                                                                            
[   24.172745] RSP: 0018:ffa0000504cafb78 EFLAGS: 00010202                                                                                                       
[   24.172861] RAX: 0000000000000000 RBX: ff110001000e48d0 RCX: ff1100011cd3a201                                                                                 
[   24.173034] RDX: 6e21cb51d943709c RSI: 0000000000000000 RDI: ffffffff81d416d4                                                                                 
[   24.173194] RBP: 0000000000000001 R08: 0000000080000000 R09: ffffffffffffffff                                                                                 
[   24.173366] R10: ffffffff81285522 R11: 0000000000000000 R12: ff110001000e48d0                                                                                 
[   24.173530] R13: ffffffff81d416d4 R14: ffffffff81d416d4 R15: ffffffff836e1cb0                                                                                 
[   24.173691] FS:  0000000000000000(0000) GS:ff1100203becc000(0000) knlGS:0000000000000000                                                                      
[   24.173849] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033                                                                                                 
[   24.173995] CR2: 00007f615e966270 CR3: 000000010bd9d005 CR4: 0000000000771ef0                                                                                 
[   24.174155] PKRU: 55555554                                                                                                                                    
[   24.174214] Call Trace:                                                                                                                                       
[   24.174285]  <TASK>                                                                                                                                           
[   24.174348]  ftrace_replace_code+0x7e/0x210                                                                                                                   
[   24.174443]  ftrace_modify_all_code+0x59/0x110                                                                                                                
[   24.174553]  __ftrace_hash_move_and_update_ops+0x227/0x2c0                                                                                                    
[   24.174659]  ? kfree+0x1ac/0x4c0                                                                                                                              
[   24.174751]  ? srso_return_thunk+0x5/0x5f                                                                                                                     
[   24.174834]  ? kfree+0x250/0x4c0                                                                                                                              
[   24.174926]  ? kfree+0x1ac/0x4c0                                                                                                                              
[   24.175010]  ? bpf_lsm_sk_alloc_security+0x4/0x20                                                                                                             
[   24.175132]  ftrace_update_ops+0x40/0x80                                                                                                                      
[   24.175217]  update_ftrace_direct_del+0x263/0x290                                                                                                             
[   24.175341]  ? bpf_lsm_sk_alloc_security+0x4/0x20                                                                                                             
[   24.175456]  ? 0xffffffffc0006a80                                                                                                                             
[   24.175543]  bpf_trampoline_update+0x1fb/0x810                                                                                                                
[   24.175654]  bpf_trampoline_unlink_prog+0x103/0x1a0                                                                                                           
[   24.175767]  ? process_scheduled_works+0x271/0x640                                                                                                            
[   24.175886]  bpf_shim_tramp_link_release+0x20/0x40                                                                                                            
[   24.176001]  bpf_link_free+0x54/0xd0                                                                                                                          
[   24.176092]  process_scheduled_works+0x2c2/0x640                             
[   24.176222]  worker_thread+0x22a/0x340                                                                                                    21:11:27 [422/10854]
[   24.176319]  ? srso_return_thunk+0x5/0x5f
[   24.176405]  ? __pfx_worker_thread+0x10/0x10
[   24.176522]  kthread+0x10c/0x140
[   24.176611]  ? __pfx_kthread+0x10/0x10
[   24.176698]  ret_from_fork+0x148/0x290
[   24.176785]  ? __pfx_kthread+0x10/0x10
[   24.176872]  ret_from_fork_asm+0x1a/0x30
[   24.176985]  </TASK>
[   24.177043] irq event stamp: 6965
[   24.177126] hardirqs last  enabled at (6973): [<ffffffff8136008c>] __console_unlock+0x5c/0x70
[   24.177325] hardirqs last disabled at (6982): [<ffffffff81360071>] __console_unlock+0x41/0x70
[   24.177520] softirqs last  enabled at (6524): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.177675] softirqs last disabled at (6123): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.177844] ---[ end trace 0000000000000000 ]---
[   24.177963] Bad trampoline accounting at: 000000003143da54 (bpf_fentry_test3+0x4/0x20)
[   24.178134] ------------[ cut here ]------------
[   24.178261] WARNING: arch/x86/kernel/ftrace.c:105 at ftrace_replace_code+0xf7/0x210, CPU#13: kworker/13:6/873
[   24.178476] Modules linked in: bpf_test_modorder_y(OE+) bpf_test_modorder_x(OE) bpf_testmod(OE)
[   24.178680] CPU: 13 UID: 0 PID: 873 Comm: kworker/13:6 Tainted: G        W  OE       7.0.0-rc1-gda78c0a81eea #83 PREEMPT(full) 
[   24.178925] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   24.179059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-5.el9 11/05/2023
[   24.179258] Workqueue: events bpf_link_put_deferred
[   24.179374] RIP: 0010:ftrace_replace_code+0xf7/0x210
[   24.179485] Code: c0 0f 85 ec 00 00 00 8b 44 24 03 41 33 45 00 0f b6 4c 24 07 41 32 4d 04 0f b6 c9 09 c1 0f 84 49 ff ff ff 4c 89 2d b9 df 8b 03 <0f> 0b bf ea 
ff ff ff e9 c4 00 00 00 e8 f8 e5 19 00 48 85 c0 0f 84
[   24.179847] RSP: 0018:ffa0000504cafb98 EFLAGS: 00010202
[   24.179965] RAX: 0000000038608000 RBX: 0000000000000001 RCX: 00000000386080c1
[   24.180126] RDX: ffffffff81d41000 RSI: 0000000000000005 RDI: ffffffff81d416d4
[   24.180295] RBP: 0000000000000001 R08: 000000000000ffff R09: ffffffff82e98430
[   24.180455] R10: 000000000002fffd R11: 00000000fffeffff R12: ff110001000e48d0
[   24.180617] R13: ffffffff83ec0f2d R14: ffffffff84b43820 R15: ffa0000504cafb9b
[   24.180777] FS:  0000000000000000(0000) GS:ff1100203becc000(0000) knlGS:0000000000000000
[   24.180939] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.181077] CR2: 00007f615e966270 CR3: 000000010bd9d005 CR4: 0000000000771ef0
[   24.181247] PKRU: 55555554
[   24.181303] Call Trace:
[   24.181360]  <TASK>
[   24.181424]  ftrace_modify_all_code+0x59/0x110
[   24.181536]  __ftrace_hash_move_and_update_ops+0x227/0x2c0
[   24.181650]  ? kfree+0x1ac/0x4c0
[   24.181743]  ? srso_return_thunk+0x5/0x5f
[   24.181828]  ? kfree+0x250/0x4c0
[   24.181916]  ? kfree+0x1ac/0x4c0
[   24.182004]  ? bpf_lsm_sk_alloc_security+0x4/0x20
[   24.182123]  ftrace_update_ops+0x40/0x80
[   24.182213]  update_ftrace_direct_del+0x263/0x290
[   24.182337]  ? bpf_lsm_sk_alloc_security+0x4/0x20
[   24.182455]  ? 0xffffffffc0006a80
[   24.182543]  bpf_trampoline_update+0x1fb/0x810
[   24.182655]  bpf_trampoline_unlink_prog+0x103/0x1a0
[   24.182768]  ? process_scheduled_works+0x271/0x640
[   24.182887]  bpf_shim_tramp_link_release+0x20/0x40
[   24.183001]  bpf_link_free+0x54/0xd0
[   24.183088]  process_scheduled_works+0x2c2/0x640
[   24.183220]  worker_thread+0x22a/0x340                                                                                                    21:11:27 [367/10854]
[   24.183319]  ? srso_return_thunk+0x5/0x5f        
[   24.183405]  ? __pfx_worker_thread+0x10/0x10     
[   24.183521]  kthread+0x10c/0x140
[   24.183610]  ? __pfx_kthread+0x10/0x10
[   24.183697]  ret_from_fork+0x148/0x290
[   24.183783]  ? __pfx_kthread+0x10/0x10
[   24.183868]  ret_from_fork_asm+0x1a/0x30
[   24.183979]  </TASK>
[   24.184056] irq event stamp: 7447
[   24.184138] hardirqs last  enabled at (7455): [<ffffffff8136008c>] __console_unlock+0x5c/0x70
[   24.184339] hardirqs last disabled at (7464): [<ffffffff81360071>] __console_unlock+0x41/0x70
[   24.184522] softirqs last  enabled at (6524): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.184675] softirqs last disabled at (6123): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.184836] ---[ end trace 0000000000000000 ]---
[   24.185177] ------------[ ftrace bug ]------------
[   24.185310] ftrace failed to modify 
[   24.185312] [<ffffffff81d416d4>] bpf_fentry_test3+0x4/0x20
[   24.185544]  actual:   e8:27:29:6c:3e
[   24.185627]  expected: e8:a7:49:54:ff
[   24.185717] ftrace record flags: e8180000
[   24.185798]  (0) R   tramp: ERROR!
[   24.185798]  expected tramp: ffffffffc0404000
[   24.185975] ------------[ cut here ]------------
[   24.186086] WARNING: kernel/trace/ftrace.c:2254 at ftrace_bug+0x101/0x290, CPU#13: kworker/13:6/873
[   24.186285] Modules linked in: bpf_test_modorder_y(OE+) bpf_test_modorder_x(OE) bpf_testmod(OE)
[   24.186484] CPU: 13 UID: 0 PID: 873 Comm: kworker/13:6 Tainted: G        W  OE       7.0.0-rc1-gda78c0a81eea #83 PREEMPT(full) 
[   24.186728] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   24.186863] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-5.el9 11/05/2023
[   24.187057] Workqueue: events bpf_link_put_deferred
[   24.187172] RIP: 0010:ftrace_bug+0x101/0x290
[   24.187294] Code: 05 72 03 83 f8 02 7f 13 83 f8 01 74 46 83 f8 02 75 13 48 c7 c7 41 a3 69 82 eb 51 83 f8 03 74 3c 83 f8 04 74 40 48 85 db 75 4c <0f> 0b c6 05 
ba eb 2b 02 01 c7 05 ac eb 2b 02 00 00 00 00 48 c7 05
[   24.187663] RSP: 0018:ffa0000504cafb70 EFLAGS: 00010246
[   24.187772] RAX: 0000000000000022 RBX: ff110001000e48d0 RCX: e5ff63967b168c00
[   24.187934] RDX: 0000000000000000 RSI: 00000000fffeffff RDI: ffffffff83018490
[   24.188096] RBP: 00000000ffffffea R08: 000000000000ffff R09: ffffffff82e98430
[   24.188267] R10: 000000000002fffd R11: 00000000fffeffff R12: ff110001000e48d0
[   24.188423] R13: ffffffff83ec0f2d R14: ffffffff81d416d4 R15: ffffffff836e1cb0
[   24.188581] FS:  0000000000000000(0000) GS:ff1100203becc000(0000) knlGS:0000000000000000
[   24.188738] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.188870] CR2: 00007f615e966270 CR3: 000000010bd9d005 CR4: 0000000000771ef0
[   24.189032] PKRU: 55555554
[   24.189088] Call Trace:
[   24.189144]  <TASK>
[   24.189204]  ftrace_replace_code+0x1d6/0x210
[   24.189335]  ftrace_modify_all_code+0x59/0x110
[   24.189443]  __ftrace_hash_move_and_update_ops+0x227/0x2c0
[   24.189554]  ? kfree+0x1ac/0x4c0
[   24.189638]  ? srso_return_thunk+0x5/0x5f
[   24.189720]  ? kfree+0x250/0x4c0
[   24.189802]  ? kfree+0x1ac/0x4c0
[   24.189889]  ? bpf_lsm_sk_alloc_security+0x4/0x20
[   24.190010]  ftrace_update_ops+0x40/0x80
[   24.190095]  update_ftrace_direct_del+0x263/0x290
[   24.190205]  ? bpf_lsm_sk_alloc_security+0x4/0x20                                                                                         21:11:28 [312/10854]
[   24.190335]  ? 0xffffffffc0006a80
[   24.190422]  bpf_trampoline_update+0x1fb/0x810
[   24.190542]  bpf_trampoline_unlink_prog+0x103/0x1a0
[   24.190651]  ? process_scheduled_works+0x271/0x640
[   24.190764]  bpf_shim_tramp_link_release+0x20/0x40
[   24.190871]  bpf_link_free+0x54/0xd0
[   24.190964]  process_scheduled_works+0x2c2/0x640
[   24.191093]  worker_thread+0x22a/0x340
[   24.191177]  ? srso_return_thunk+0x5/0x5f
[   24.191274]  ? __pfx_worker_thread+0x10/0x10
[   24.191388]  kthread+0x10c/0x140
[   24.191478]  ? __pfx_kthread+0x10/0x10
[   24.191565]  ret_from_fork+0x148/0x290
[   24.191641]  ? __pfx_kthread+0x10/0x10
[   24.191729]  ret_from_fork_asm+0x1a/0x30
[   24.191833]  </TASK>
[   24.191896] irq event stamp: 8043
[   24.191979] hardirqs last  enabled at (8051): [<ffffffff8136008c>] __console_unlock+0x5c/0x70
[   24.192167] hardirqs last disabled at (8058): [<ffffffff81360071>] __console_unlock+0x41/0x70
[   24.192368] softirqs last  enabled at (7828): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.192528] softirqs last disabled at (7817): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.192689] ---[ end trace 0000000000000000 ]---
[   24.193549] ------------[ cut here ]------------
[   24.193773] WARNING: kernel/trace/ftrace.c:2709 at ftrace_get_addr_curr+0x6c/0x190, CPU#10: test_progs/311
[   24.193973] Modules linked in: bpf_test_modorder_y(OE+) bpf_test_modorder_x(OE) bpf_testmod(OE)
[   24.194206] CPU: 10 UID: 0 PID: 311 Comm: test_progs Tainted: G        W  OE       7.0.0-rc1-gda78c0a81eea #83 PREEMPT(full) 
[   24.194461] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   24.194594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-5.el9 11/05/2023
[   24.194778] RIP: 0010:ftrace_get_addr_curr+0x6c/0x190
[   24.194891] Code: 48 0f 44 ce 4c 8b 3c c8 e8 e1 b4 c1 00 4d 85 ff 74 18 4d 39 77 10 74 05 4d 8b 3f eb eb 49 8b 47 18 48 85 c0 0f 85 19 01 00 00 <0f> 0b 48 8b 
43 08 a9 00 00 00 08 75 1c a9 00 00 00 20 48 c7 c1 80
[   24.195270] RSP: 0018:ffa0000000d4bb38 EFLAGS: 00010246
[   24.195381] RAX: 0000000000000001 RBX: ff11000100125710 RCX: ff1100010b28a2c0
[   24.195540] RDX: 0000000000000003 RSI: 0000000000000003 RDI: ff11000100125710
[   24.195698] RBP: 0000000000000001 R08: 0000000080000000 R09: ffffffffffffffff
[   24.195863] R10: ffffffff82046a38 R11: 0000000000000000 R12: ff11000100125710
[   24.196033] R13: ffffffff81529fc4 R14: ffffffff81529fc4 R15: 0000000000000000
[   24.196199] FS:  00007f46532a54c0(0000) GS:ff1100203be0c000(0000) knlGS:0000000000000000
[   24.196374] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.196509] CR2: 000055e885be1470 CR3: 000000010eef9003 CR4: 0000000000771ef0
[   24.196663] PKRU: 55555554
[   24.196720] Call Trace:
[   24.196778]  <TASK>
[   24.196844]  ftrace_replace_code+0x7e/0x210
[   24.196948]  ftrace_modify_all_code+0x59/0x110
[   24.197059]  __ftrace_hash_move_and_update_ops+0x227/0x2c0
[   24.197174]  ? srso_return_thunk+0x5/0x5f
[   24.197271]  ? __mutex_lock+0x22a/0xc60
[   24.197360]  ? kfree+0x1ac/0x4c0
[   24.197455]  ? srso_return_thunk+0x5/0x5f
[   24.197538]  ? kfree+0x250/0x4c0
[   24.197626]  ? bpf_fentry_test3+0x4/0x20
[   24.197712]  ftrace_set_hash+0x13c/0x3d0
[   24.197811]  ftrace_set_filter_ip+0x88/0xb0
[   24.197909]  ? bpf_fentry_test3+0x4/0x20                                                                                                  21:11:28 [257/10854]
[   24.198000]  disarm_kprobe_ftrace+0x83/0xd0
[   24.198089]  __disable_kprobe+0x129/0x160
[   24.198178]  disable_kprobe+0x27/0x60
[   24.198272]  kprobe_register+0xa2/0xe0
[   24.198362]  perf_trace_event_unreg+0x33/0xd0
[   24.198473]  perf_kprobe_destroy+0x3b/0x80
[   24.198557]  __free_event+0x119/0x290
[   24.198640]  perf_event_release_kernel+0x1ef/0x220
[   24.198758]  perf_release+0x12/0x20
[   24.198843]  __fput+0x11b/0x2a0
[   24.198946]  task_work_run+0x8b/0xc0
[   24.199035]  exit_to_user_mode_loop+0x107/0x4d0
[   24.199155]  do_syscall_64+0x25b/0x390
[   24.199249]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.199360]  ? trace_irq_disable+0x1d/0xc0
[   24.199451]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.199559] RIP: 0033:0x7f46530ff85b
[   24.199675] Code: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 e3 83 f8 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 
ff ff 77 35 44 89 c7 89 44 24 0c e8 41 84 f8 ff 8b 44
[   24.200034] RSP: 002b:00007ffc40859770 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   24.200192] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f46530ff85b
[   24.200382] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000019
[   24.200552] RBP: 00007ffc408597c0 R08: 0000000000000000 R09: 00007ffc40859757
[   24.200702] R10: 0000000000000000 R11: 0000000000000293 R12: 00007ffc4085ddc8
[   24.200855] R13: 000055e8800de120 R14: 000055e88118d390 R15: 00007f46533de000
[   24.201035]  </TASK>
[   24.201091] irq event stamp: 200379
[   24.201208] hardirqs last  enabled at (200387): [<ffffffff8136008c>] __console_unlock+0x5c/0x70
[   24.201453] hardirqs last disabled at (200396): [<ffffffff81360071>] __console_unlock+0x41/0x70
[   24.201667] softirqs last  enabled at (200336): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.201890] softirqs last disabled at (200329): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.202121] ---[ end trace 0000000000000000 ]---
[   24.202398] ------------[ cut here ]------------
[   24.202534] WARNING: kernel/trace/ftrace.c:2715 at ftrace_get_addr_curr+0x149/0x190, CPU#10: test_progs/311
[   24.202753] Modules linked in: bpf_test_modorder_y(OE+) bpf_test_modorder_x(OE) bpf_testmod(OE)
[   24.202962] CPU: 10 UID: 0 PID: 311 Comm: test_progs Tainted: G        W  OE       7.0.0-rc1-gda78c0a81eea #83 PREEMPT(full) 
[   24.203203] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   24.203344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-5.el9 11/05/2023
[   24.203526] RIP: 0010:ftrace_get_addr_curr+0x149/0x190
[   24.203629] Code: 00 4c 89 f7 e8 88 f8 ff ff 84 c0 75 92 4d 8b 7f 08 e8 fb b3 c1 00 4d 85 ff 0f 94 c0 49 81 ff b0 1c 6e 83 0f 94 c1 08 c1 74 96 <0f> 0b c6 05 
62 e8 2b 02 01 c7 05 54 e8 2b 02 00 00 00 00 48 c7 05
[   24.203996] RSP: 0018:ffa0000000d4bb38 EFLAGS: 00010202
[   24.204110] RAX: 0000000000000000 RBX: ff11000100125710 RCX: ff1100010b28a201
[   24.204280] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffff81529fc4
[   24.204437] RBP: 0000000000000001 R08: 0000000080000000 R09: ffffffffffffffff
[   24.204595] R10: ffffffff82046a38 R11: 0000000000000000 R12: ff11000100125710
[   24.204755] R13: ffffffff81529fc4 R14: ffffffff81529fc4 R15: ffffffff836e1cb0
[   24.204914] FS:  00007f46532a54c0(0000) GS:ff1100203be0c000(0000) knlGS:0000000000000000
[   24.205072] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.205204] CR2: 000055e885be1470 CR3: 000000010eef9003 CR4: 0000000000771ef0
[   24.205386] PKRU: 55555554
[   24.205443] Call Trace:
[   24.205503]  <TASK>
[   24.205565]  ftrace_replace_code+0x7e/0x210
[   24.205669]  ftrace_modify_all_code+0x59/0x110                                                                                            21:11:28 [202/10854]
[   24.205784]  __ftrace_hash_move_and_update_ops+0x227/0x2c0
[   24.205902]  ? srso_return_thunk+0x5/0x5f
[   24.205987]  ? __mutex_lock+0x22a/0xc60
[   24.206072]  ? kfree+0x1ac/0x4c0
[   24.206163]  ? srso_return_thunk+0x5/0x5f
[   24.206254]  ? kfree+0x250/0x4c0
[   24.206344]  ? bpf_fentry_test3+0x4/0x20
[   24.206428]  ftrace_set_hash+0x13c/0x3d0
[   24.206523]  ftrace_set_filter_ip+0x88/0xb0
[   24.206614]  ? bpf_fentry_test3+0x4/0x20
[   24.206703]  disarm_kprobe_ftrace+0x83/0xd0
[   24.206789]  __disable_kprobe+0x129/0x160
[   24.206880]  disable_kprobe+0x27/0x60
[   24.206972]  kprobe_register+0xa2/0xe0
[   24.207057]  perf_trace_event_unreg+0x33/0xd0
[   24.207169]  perf_kprobe_destroy+0x3b/0x80
[   24.207262]  __free_event+0x119/0x290
[   24.207348]  perf_event_release_kernel+0x1ef/0x220
[   24.207461]  perf_release+0x12/0x20
[   24.207543]  __fput+0x11b/0x2a0
[   24.207626]  task_work_run+0x8b/0xc0
[   24.207711]  exit_to_user_mode_loop+0x107/0x4d0
[   24.207827]  do_syscall_64+0x25b/0x390
[   24.207915]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.208021]  ? trace_irq_disable+0x1d/0xc0
[   24.208110]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.208215] RIP: 0033:0x7f46530ff85b
[   24.208307] Code: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 e3 83 f8 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 
ff ff 77 35 44 89 c7 89 44 24 0c e8 41 84 f8 ff 8b 44
[   24.208657] RSP: 002b:00007ffc40859770 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   24.208816] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f46530ff85b
[   24.208978] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000019
[   24.209133] RBP: 00007ffc408597c0 R08: 0000000000000000 R09: 00007ffc40859757
[   24.209300] R10: 0000000000000000 R11: 0000000000000293 R12: 00007ffc4085ddc8
[   24.209457] R13: 000055e8800de120 R14: 000055e88118d390 R15: 00007f46533de000
[   24.209633]  </TASK>
[   24.209689] irq event stamp: 200963
[   24.209770] hardirqs last  enabled at (200971): [<ffffffff8136008c>] __console_unlock+0x5c/0x70
[   24.209971] hardirqs last disabled at (200978): [<ffffffff81360071>] __console_unlock+0x41/0x70
[   24.210156] softirqs last  enabled at (200568): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.210370] softirqs last disabled at (200557): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.210554] ---[ end trace 0000000000000000 ]---
[   24.210665] Bad trampoline accounting at: 00000000ab641fec (bpf_lsm_sk_alloc_security+0x4/0x20)
[   24.210866] ------------[ cut here ]------------
[   24.210993] WARNING: arch/x86/kernel/ftrace.c:105 at ftrace_replace_code+0xf7/0x210, CPU#10: test_progs/311
[   24.211182] Modules linked in: bpf_test_modorder_y(OE+) bpf_test_modorder_x(OE) bpf_testmod(OE)
[   24.211412] CPU: 10 UID: 0 PID: 311 Comm: test_progs Tainted: G        W  OE       7.0.0-rc1-gda78c0a81eea #83 PREEMPT(full) 
[   24.211656] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   24.211788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-5.el9 11/05/2023
[   24.211980] RIP: 0010:ftrace_replace_code+0xf7/0x210
[   24.212091] Code: c0 0f 85 ec 00 00 00 8b 44 24 03 41 33 45 00 0f b6 4c 24 07 41 32 4d 04 0f b6 c9 09 c1 0f 84 49 ff ff ff 4c 89 2d b9 df 8b 03 <0f> 0b bf ea 
ff ff ff e9 c4 00 00 00 e8 f8 e5 19 00 48 85 c0 0f 84
[   24.212503] RSP: 0018:ffa0000000d4bb58 EFLAGS: 00010202
[   24.212628] RAX: 00000000780a0001 RBX: 0000000000000001 RCX: 00000000780a00c1
[   24.212798] RDX: ffffffff81529000 RSI: 0000000000000005 RDI: ffffffff81529fc4
[   24.212970] RBP: 0000000000000001 R08: 000000000000ffff R09: ffffffff82e98430
[   24.213130] R10: 000000000002fffd R11: 00000000fffeffff R12: ff11000100125710
[   24.213317] R13: ffffffff83ec0f2d R14: ffffffff84b43820 R15: ffa0000000d4bb5b
[   24.213488] FS:  00007f46532a54c0(0000) GS:ff1100203be0c000(0000) knlGS:0000000000000000
[   24.213674] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.213813] CR2: 000055e885be1470 CR3: 000000010eef9003 CR4: 0000000000771ef0
[   24.213986] PKRU: 55555554
[   24.214044] Call Trace:
[   24.214100]  <TASK>
[   24.214167]  ftrace_modify_all_code+0x59/0x110
[   24.214301]  __ftrace_hash_move_and_update_ops+0x227/0x2c0
[   24.214415]  ? srso_return_thunk+0x5/0x5f
[   24.214502]  ? __mutex_lock+0x22a/0xc60
[   24.214588]  ? kfree+0x1ac/0x4c0
[   24.214682]  ? srso_return_thunk+0x5/0x5f
[   24.214765]  ? kfree+0x250/0x4c0
[   24.214855]  ? bpf_fentry_test3+0x4/0x20
[   24.214943]  ftrace_set_hash+0x13c/0x3d0
[   24.215041]  ftrace_set_filter_ip+0x88/0xb0
[   24.215132]  ? bpf_fentry_test3+0x4/0x20
[   24.215221]  disarm_kprobe_ftrace+0x83/0xd0
[   24.215328]  __disable_kprobe+0x129/0x160
[   24.215418]  disable_kprobe+0x27/0x60
[   24.215507]  kprobe_register+0xa2/0xe0
[   24.215594]  perf_trace_event_unreg+0x33/0xd0
[   24.215701]  perf_kprobe_destroy+0x3b/0x80
[   24.215790]  __free_event+0x119/0x290
[   24.215888]  perf_event_release_kernel+0x1ef/0x220
[   24.216007]  perf_release+0x12/0x20
[   24.216091]  __fput+0x11b/0x2a0
[   24.216183]  task_work_run+0x8b/0xc0
[   24.216293]  exit_to_user_mode_loop+0x107/0x4d0
[   24.216411]  do_syscall_64+0x25b/0x390
[   24.216497]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.216606]  ? trace_irq_disable+0x1d/0xc0
[   24.216699]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.216807] RIP: 0033:0x7f46530ff85b
[   24.216895] Code: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 e3 83 f8 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 
ff ff 77 35 44 89 c7 89 44 24 0c e8 41 84 f8 ff 8b 44
[   24.217293] RSP: 002b:00007ffc40859770 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   24.217461] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f46530ff85b
[   24.217627] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000019
[   24.217785] RBP: 00007ffc408597c0 R08: 0000000000000000 R09: 00007ffc40859757
[   24.217950] R10: 0000000000000000 R11: 0000000000000293 R12: 00007ffc4085ddc8
[   24.218107] R13: 000055e8800de120 R14: 000055e88118d390 R15: 00007f46533de000
[   24.218306]  </TASK>
[   24.218363] irq event stamp: 201623
[   24.218445] hardirqs last  enabled at (201631): [<ffffffff8136008c>] __console_unlock+0x5c/0x70
[   24.218625] hardirqs last disabled at (201638): [<ffffffff81360071>] __console_unlock+0x41/0x70
[   24.218810] softirqs last  enabled at (201612): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.219012] softirqs last disabled at (201601): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.219208] ---[ end trace 0000000000000000 ]---
[   24.219693] ------------[ ftrace bug ]------------
[   24.219801] ftrace failed to modify 
[   24.219804] [<ffffffff81529fc4>] bpf_lsm_sk_alloc_security+0x4/0x20
[   24.220022]  actual:   e9:b7:ca:ad:3e
[   24.220113]  expected: e8:b7:c0:d5:ff
[   24.220203] ftrace record flags: e8980000
[   24.220307]  (0) R   tramp: ERROR!
[   24.220321] ------------[ cut here ]------------
[   24.220507] WARNING: kernel/trace/ftrace.c:2715 at ftrace_get_addr_curr+0x149/0x190, CPU#10: test_progs/311
[   24.220693] Modules linked in: bpf_test_modorder_y(OE+) bpf_test_modorder_x(OE) bpf_testmod(OE)
[   24.220895] CPU: 10 UID: 0 PID: 311 Comm: test_progs Tainted: G        W  OE       7.0.0-rc1-gda78c0a81eea #83 PREEMPT(full) 
[   24.221135] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   24.221284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-5.el9 11/05/2023
[   24.221467] RIP: 0010:ftrace_get_addr_curr+0x149/0x190
[   24.221577] Code: 00 4c 89 f7 e8 88 f8 ff ff 84 c0 75 92 4d 8b 7f 08 e8 fb b3 c1 00 4d 85 ff 0f 94 c0 49 81 ff b0 1c 6e 83 0f 94 c1 08 c1 74 96 <0f> 0b c6 05 
62 e8 2b 02 01 c7 05 54 e8 2b 02 00 00 00 00 48 c7 05
[   24.221938] RSP: 0018:ffa0000000d4bb10 EFLAGS: 00010202
[   24.222052] RAX: 0000000000000000 RBX: ff11000100125710 RCX: ff1100010b28a201
[   24.222205] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffff81529fc4
[   24.222384] RBP: 00000000ffffffea R08: 000000000000ffff R09: ffffffff82e98430
[   24.222542] R10: 000000000002fffd R11: 00000000fffeffff R12: ff11000100125710
[   24.222708] R13: ffffffff83ec0f2d R14: ffffffff81529fc4 R15: ffffffff836e1cb0
[   24.222866] FS:  00007f46532a54c0(0000) GS:ff1100203be0c000(0000) knlGS:0000000000000000
[   24.223034] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.223171] CR2: 000055e885be1470 CR3: 000000010eef9003 CR4: 0000000000771ef0
[   24.223341] PKRU: 55555554
[   24.223397] Call Trace:
[   24.223454]  <TASK>
[   24.223511]  ? bpf_lsm_sk_alloc_security+0x4/0x20
[   24.223623]  ftrace_bug+0x1ff/0x290
[   24.223710]  ftrace_replace_code+0x1d6/0x210
[   24.223829]  ftrace_modify_all_code+0x59/0x110
[   24.223946]  __ftrace_hash_move_and_update_ops+0x227/0x2c0
[   24.224060]  ? srso_return_thunk+0x5/0x5f
[   24.224148]  ? __mutex_lock+0x22a/0xc60
[   24.224245]  ? kfree+0x1ac/0x4c0
[   24.224337]  ? srso_return_thunk+0x5/0x5f
[   24.224420]  ? kfree+0x250/0x4c0
[   24.224512]  ? bpf_fentry_test3+0x4/0x20
[   24.224597]  ftrace_set_hash+0x13c/0x3d0
[   24.224690]  ftrace_set_filter_ip+0x88/0xb0
[   24.224776]  ? bpf_fentry_test3+0x4/0x20
[   24.224869]  disarm_kprobe_ftrace+0x83/0xd0
[   24.224965]  __disable_kprobe+0x129/0x160
[   24.225051]  disable_kprobe+0x27/0x60
[   24.225136]  kprobe_register+0xa2/0xe0
[   24.225223]  perf_trace_event_unreg+0x33/0xd0
[   24.225346]  perf_kprobe_destroy+0x3b/0x80
[   24.225431]  __free_event+0x119/0x290
[   24.225518]  perf_event_release_kernel+0x1ef/0x220
[   24.225631]  perf_release+0x12/0x20
[   24.225715]  __fput+0x11b/0x2a0
[   24.225804]  task_work_run+0x8b/0xc0
[   24.225895]  exit_to_user_mode_loop+0x107/0x4d0
[   24.226016]  do_syscall_64+0x25b/0x390
[   24.226099]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.226207]  ? trace_irq_disable+0x1d/0xc0
[   24.226308]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.226415] RIP: 0033:0x7f46530ff85b
[   24.226498] Code: 03 00 00 00 0f 05 48 3d 00 f0 ff ff 77 41 c3 48 83 ec 18 89 7c 24 0c e8 e3 83 f8 ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 
ff ff 77 35 44 89 c7 89 44 24 0c e8 41 84 f8 ff 8b 44
[   24.226851] RSP: 002b:00007ffc40859770 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   24.227016] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f46530ff85b
[   24.227173] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000019
[   24.227341] RBP: 00007ffc408597c0 R08: 0000000000000000 R09: 00007ffc40859757
[   24.227500] R10: 0000000000000000 R11: 0000000000000293 R12: 00007ffc4085ddc8
[   24.227652] R13: 000055e8800de120 R14: 000055e88118d390 R15: 00007f46533de000
[   24.227830]  </TASK>
[   24.227891] irq event stamp: 202299
[   24.227974] hardirqs last  enabled at (202307): [<ffffffff8136008c>] __console_unlock+0x5c/0x70
[   24.228162] hardirqs last disabled at (202314): [<ffffffff81360071>] __console_unlock+0x41/0x70
[   24.228357] softirqs last  enabled at (201682): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.228540] softirqs last disabled at (201671): [<ffffffff812b8b97>] __irq_exit_rcu+0x47/0xc0
[   24.228716] ---[ end trace 0000000000000000 ]---
[   24.228834] Bad trampoline accounting at: 00000000ab641fec (bpf_lsm_sk_alloc_security+0x4/0x20)
[   24.229029] 
[   24.229029]  expected tramp: ffffffff81286080
[   24.261301] BUG: unable to handle page fault for address: ffa00000004b9050
[   24.261436] #PF: supervisor read access in kernel mode
[   24.261528] #PF: error_code(0x0000) - not-present page
[   24.261621] PGD 100000067 P4D 100832067 PUD 100833067 PMD 100efb067 PTE 0
[   24.261745] Oops: Oops: 0000 [#1] SMP NOPTI
[   24.261821] CPU: 9 UID: 0 PID: 1338 Comm: ip Tainted: G        W  OE       7.0.0-rc1-gda78c0a81eea #83 PREEMPT(full) 
[   24.262006] Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
[   24.262119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-5.el9 11/05/2023
[   24.262281] RIP: 0010:__cgroup_bpf_run_lsm_current+0xc5/0x2f0
[   24.262393] Code: a6 6f 1a 02 01 48 c7 c7 31 5b 71 82 be bf 01 00 00 48 c7 c2 d3 70 65 82 e8 d8 53 ce ff 4d 8b 7f 60 4d 85 ff 0f 84 14 02 00 00 <49> 8b 46 f0 
4c 63 b0 34 05 00 00 c7 44 24 10 00 00 00 00 41 0f b7
[   24.262693] RSP: 0018:ffa0000004dfbc98 EFLAGS: 00010282
[   24.262784] RAX: 0000000000000001 RBX: ffa0000004dfbd10 RCX: 0000000000000001
[   24.262923] RDX: 00000000d7c4159d RSI: ffffffff8359b368 RDI: ff1100011b5c50c8
[   24.263055] RBP: ffa0000004dfbd30 R08: 0000000000020000 R09: ffffffffffffffff
[   24.263187] R10: ffffffff814f76b3 R11: 0000000000000000 R12: ff1100011b5c4580
[   24.263325] R13: 0000000000000000 R14: ffa00000004b9060 R15: ffffffff835b3040
[   24.263465] FS:  00007f0007064800(0000) GS:ff1100203bdcc000(0000) knlGS:0000000000000000
[   24.263599] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.263709] CR2: ffa00000004b9050 CR3: 0000000120f4d002 CR4: 0000000000771ef0
[   24.263841] PKRU: 55555554
[   24.263890] Call Trace:
[   24.263938]  <TASK>
[   24.263992]  bpf_trampoline_6442513766+0x6a/0x10d
[   24.264088]  security_sk_alloc+0x83/0xd0
[   24.264162]  sk_prot_alloc+0xf4/0x150
[   24.264236]  sk_alloc+0x34/0x2a0
[   24.264305]  ? srso_return_thunk+0x5/0x5f
[   24.264375]  ? _raw_spin_unlock_irqrestore+0x35/0x50
[   24.264465]  ? srso_return_thunk+0x5/0x5f
[   24.264533]  ? __wake_up_common_lock+0xa8/0xd0
[   24.264625]  __netlink_create+0x2f/0xf0
[   24.264695]  netlink_create+0x1c4/0x230
[   24.264765]  ? __pfx_rtnetlink_bind+0x10/0x10
[   24.264858]  __sock_create+0x21d/0x400
[   24.264937]  __sys_socket+0x65/0x100
[   24.265007]  ? srso_return_thunk+0x5/0x5f
[   24.265077]  __x64_sys_socket+0x19/0x30
[   24.265146]  do_syscall_64+0xde/0x390
[   24.265216]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.265307]  ? trace_irq_disable+0x1d/0xc0
[   24.265379]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   24.265469] RIP: 0033:0x7f0006f112ab
[   24.265538] Code: 73 01 c3 48 8b 0d 6d 8b 0e 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 29 00 00 00 0f 05 <48> 3d 01 f0 
ff ff 73 01 c3 48 8b 0d 3d 8b 0e 00 f7 d8 64 89 01 48
[   24.265822] RSP: 002b:00007ffd8ecb3be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[   24.265960] RAX: ffffffffffffffda RBX: 000056212b30d040 RCX: 00007f0006f112ab
[   24.266088] RDX: 0000000000000000 RSI: 0000000000080003 RDI: 0000000000000010
[   24.266217] RBP: 0000000000000000 R08: 00007ffd8ecb3bc0 R09: 0000000000000000
[   24.266346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   24.266474] R13: 000056212b30d040 R14: 00007ffd8ecb3d88 R15: 0000000000000004
[   24.266617]  </TASK>
[   24.266663] Modules linked in: bpf_test_modorder_y(OE+) bpf_test_modorder_x(OE) bpf_testmod(OE)
[   24.266824] CR2: ffa00000004b9050
[   24.266897] ---[ end trace 0000000000000000 ]---
[   24.266989] RIP: 0010:__cgroup_bpf_run_lsm_current+0xc5/0x2f0
[   24.267101] Code: a6 6f 1a 02 01 48 c7 c7 31 5b 71 82 be bf 01 00 00 48 c7 c2 d3 70 65 82 e8 d8 53 ce ff 4d 8b 7f 60 4d 85 ff 0f 84 14 02 00 00 <49> 8b 46 f0 
4c 63 b0 34 05 00 00 c7 44 24 10 00 00 00 00 41 0f b7
[   24.267406] RSP: 0018:ffa0000004dfbc98 EFLAGS: 00010282
[   24.267499] RAX: 0000000000000001 RBX: ffa0000004dfbd10 RCX: 0000000000000001
[   24.267629] RDX: 00000000d7c4159d RSI: ffffffff8359b368 RDI: ff1100011b5c50c8
[   24.267758] RBP: ffa0000004dfbd30 R08: 0000000000020000 R09: ffffffffffffffff
[   24.267897] R10: ffffffff814f76b3 R11: 0000000000000000 R12: ff1100011b5c4580
[   24.268030] R13: 0000000000000000 R14: ffa00000004b9060 R15: ffffffff835b3040
[   24.268167] FS:  00007f0007064800(0000) GS:ff1100203bdcc000(0000) knlGS:0000000000000000
[   24.268311] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   24.268428] CR2: ffa00000004b9050 CR3: 0000000120f4d002 CR4: 0000000000771ef0
[   24.268565] PKRU: 55555554
[   24.268613] Kernel panic - not syncing: Fatal exception
[   24.268977] Kernel Offset: disabled
[   24.269046] ---[ end Kernel panic - not syncing: Fatal exception ]---



> ---
>  arch/x86/Kconfig        |   1 +
>  kernel/bpf/trampoline.c | 220 ++++++++++++++++++++++++++++++++++------
>  kernel/trace/Kconfig    |   3 +
>  kernel/trace/ftrace.c   |   7 +-
>  4 files changed, 200 insertions(+), 31 deletions(-)
> 
> [...]