./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor488494269
<...>
Warning: Permanently added '10.128.0.70' (ED25519) to the list of known hosts.
execve("./syz-executor488494269", ["./syz-executor488494269"], 0x7ffd54795d20 /* 10 vars */) = 0
brk(NULL) = 0x55555593a000
brk(0x55555593ad00) = 0x55555593ad00
arch_prctl(ARCH_SET_FS, 0x55555593a380) = 0
set_tid_address(0x55555593a650) = 299
set_robust_list(0x55555593a660, 24) = 0
rseq(0x55555593aca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor488494269", 4096) = 27
getrandom("\xd5\xed\x0e\x77\x6c\xee\xc4\x32", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55555593ad00
brk(0x55555595bd00) = 0x55555595bd00
brk(0x55555595c000) = 0x55555595c000
mprotect(0x7fec518f6000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 300 attached
, child_tidptr=0x55555593a650) = 300
[pid 300] set_robust_list(0x55555593a660, 24) = 0
[pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 300] setpgid(0, 0) = 0
[pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 300] write(3, "1000", 4) = 4
[pid 300] close(3) = 0
[pid 300] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKHASH, key_size=4, value_size=8, max_entries=8, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[ 31.937125][ T30] audit: type=1400 audit(1711714336.592:66): avc: denied { execmem } for pid=299 comm="syz-executor488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 31.964886][ T30] audit: type=1400 audit(1711714336.622:67): avc: denied { map_create } for pid=300 comm="syz-executor488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 31.984290][ T30] audit: type=1400 audit(1711714336.622:68): avc: denied { map_read map_write } for pid=300 comm="syz-executor488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 32.004652][ T30] audit: type=1400 audit(1711714336.622:69): avc: denied { prog_load } for pid=300 comm="syz-executor488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 32.023933][ T30] audit: type=1400 audit(1711714336.622:70): avc: denied { bpf } for pid=300 comm="syz-executor488" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 32.044718][ T30] audit: type=1400 audit(1711714336.622:71): avc: denied { perfmon } for pid=300 comm="syz-executor488" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[pid 300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=20, insns=0x20000280, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid 300] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=4}}, 16) = 5
[pid 300] socketpair(AF_UNIX, SOCK_STREAM, 0, [6, 7]) = 0
[ 32.800636][ T30] audit: type=1400 audit(1711714337.452:72): avc: denied { prog_run } for pid=300 comm="syz-executor488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 132.812912][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 132.819355][ C0] rcu: 0-...!: (10008 ticks this GP) idle=4d9/1/0x4000000000000000 softirq=2187/2190 fqs=0 last_accelerate: 9708/be5e dyntick_enabled: 1
[ 132.833232][ C0] (t=10002 jiffies g=1541 q=1)
[ 132.837923][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g1541 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 132.849985][ C0] rcu: Possible timer handling issue on cpu=1 timer-softirq=845
[ 132.857536][ C0] rcu: rcu_preempt kthread starved for 10004 jiffies! g1541 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[ 132.868648][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 132.878455][ C0] rcu: RCU grace-period kthread stack dump:
[ 132.884199][ C0] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000
[ 132.893211][ C0] Call Trace:
[ 132.896380][ C0]
[ 132.899118][ C0] __schedule+0xccc/0x1590
[ 132.903385][ C0] ? __sched_text_start+0x8/0x8
[ 132.908055][ C0] ? __kasan_check_write+0x14/0x20
[ 132.913003][ C0] ? __kasan_check_write+0x14/0x20
[ 132.917950][ C0] schedule+0x11f/0x1e0
[ 132.921958][ C0] schedule_timeout+0x18c/0x370
[ 132.926643][ C0] ? __update_idle_core+0x2a0/0x2a0
[ 132.931664][ C0] ? console_conditional_schedule+0x30/0x30
[ 132.937393][ C0] ? update_process_times+0x200/0x200
[ 132.942630][ C0] ? prepare_to_swait_event+0x308/0x320
[ 132.947986][ C0] rcu_gp_fqs_loop+0x2af/0xf80
[ 132.952585][ C0] ? debug_smp_processor_id+0x17/0x20
[ 132.957792][ C0] ? __note_gp_changes+0x4ab/0x920
[ 132.962741][ C0] ? rcu_gp_init+0xc30/0xc30
[ 132.967166][ C0] ? _raw_spin_unlock_irq+0x4e/0x70
[ 132.972200][ C0] ? rcu_gp_init+0x9cf/0xc30
[ 132.976635][ C0] rcu_gp_kthread+0xa4/0x350
[ 132.981055][ C0] ? _raw_spin_lock+0x1b0/0x1b0
[ 132.985742][ C0] ? rcu_barrier_callback+0x50/0x50
[ 132.990777][ C0] ? __kasan_check_read+0x11/0x20
[ 132.995646][ C0] ? __kthread_parkme+0xb2/0x200
[ 133.000411][ C0] kthread+0x421/0x510
[ 133.004317][ C0] ? rcu_barrier_callback+0x50/0x50
[ 133.009349][ C0] ? kthread_blkcg+0xd0/0xd0
[ 133.014602][ C0] ret_from_fork+0x1f/0x30
[ 133.018895][ C0]
[ 133.021726][ C0] rcu: Stack dump where RCU GP kthread last ran:
[ 133.027907][ C0] Sending NMI from CPU 0 to CPUs 1:
[ 133.032950][ C1] NMI backtrace for cpu 1
[ 133.032968][ C1] CPU: 1 PID: 293 Comm: sshd Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 133.033012][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
[ 133.033035][ C1] RIP: 0010:kvm_wait+0x147/0x180
[ 133.033097][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 133.033142][ C1] RSP: 0000:ffffc900009d6480 EFLAGS: 00000246
[ 133.033178][ C1] RAX: 0000000000000001 RBX: 1ffff9200013ac94 RCX: 1ffffffff0d1aa9c
[ 133.033210][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4
[ 133.033239][ C1] RBP: ffffc900009d6530 R08: dffffc0000000000 R09: ffffed103ee26fdb
[ 133.033274][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 133.033320][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff9200013ac98
[ 133.033351][ C1] FS: 00007f01889b0800(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 133.033391][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 133.033422][ C1] CR2: 000055ac79b80008 CR3: 000000011de7c000 CR4: 00000000003506a0
[ 133.033456][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 133.033482][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 133.033509][ C1] Call Trace:
[ 133.033520][ C1]
[ 133.033533][ C1] ? show_regs+0x58/0x60
[ 133.033576][ C1] ? nmi_cpu_backtrace+0x29f/0x300
[ 133.033627][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270
[ 133.033681][ C1] ? kvm_wait+0x147/0x180
[ 133.033720][ C1] ? kvm_wait+0x147/0x180
[ 133.033761][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20
[ 133.033808][ C1] ? nmi_handle+0xa8/0x280
[ 133.033853][ C1] ? kvm_wait+0x147/0x180
[ 133.033894][ C1] ? default_do_nmi+0x69/0x160
[ 133.033938][ C1] ? exc_nmi+0xaf/0x120
[ 133.033978][ C1] ? end_repeat_nmi+0x16/0x31
[ 133.034022][ C1] ? kvm_wait+0x147/0x180
[ 133.034079][ C1] ? kvm_wait+0x147/0x180
[ 133.034130][ C1] ? kvm_wait+0x147/0x180
[ 133.034172][ C1]
[ 133.034184][ C1]
[ 133.034197][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 133.034254][ C1] ? kvm_arch_para_hints+0x30/0x30
[ 133.034319][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40
[ 133.034410][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 133.034468][ C1] ? __stack_depot_save+0x34/0x470
[ 133.034522][ C1] _raw_spin_lock_bh+0x139/0x1b0
[ 133.034573][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 133.034661][ C1] ? sock_hash_bucket_hash+0x352/0x7e0
[ 133.034711][ C1] sock_hash_delete_elem+0xb1/0x2f0
[ 133.034772][ C1] ? sock_map_unref+0x352/0x4d0
[ 133.034814][ C1] bpf_prog_3578375fc1ecd9df+0x5b/0xd2c
[ 133.034848][ C1] bpf_trace_run2+0xec/0x210
[ 133.034894][ C1] ? bpf_trace_run1+0x1c0/0x1c0
[ 133.034939][ C1] ? sock_map_unref+0x352/0x4d0
[ 133.034982][ C1] ? sock_map_unref+0x352/0x4d0
[ 133.035025][ C1] __bpf_trace_kfree+0x6f/0x90
[ 133.035121][ C1] ? sock_map_unref+0x352/0x4d0
[ 133.035167][ C1] kfree+0x1f3/0x220
[ 133.035217][ C1] sock_map_unref+0x352/0x4d0
[ 133.035269][ C1] sock_hash_delete_elem+0x274/0x2f0
[ 133.035334][ C1] ? skb_release_data+0x8a9/0xa80
[ 133.035391][ C1] bpf_prog_3578375fc1ecd9df+0x5b/0xd2c
[ 133.035425][ C1] bpf_trace_run2+0xec/0x210
[ 133.035473][ C1] ? bpf_trace_run1+0x1c0/0x1c0
[ 133.035519][ C1] ? skb_release_data+0x8a9/0xa80
[ 133.035559][ C1] ? virtqueue_kick_prepare+0x2c7/0x4d0
[ 133.035605][ C1] ? skb_release_data+0x8a9/0xa80
[ 133.035647][ C1] __bpf_trace_kfree+0x6f/0x90
[ 133.035687][ C1] ? skb_release_data+0x8a9/0xa80
[ 133.035726][ C1] kfree+0x1f3/0x220
[ 133.035773][ C1] skb_release_data+0x8a9/0xa80
[ 133.035817][ C1] __kfree_skb+0x50/0x70
[ 133.035854][ C1] tcp_rtx_queue_unlink_and_free+0x203/0x720
[ 133.035906][ C1] tcp_ack+0x23e0/0x68a0
[ 133.035969][ C1] ? tcp_rcv_established+0x1ac0/0x1ac0
[ 133.036024][ C1] ? __kernel_text_address+0x9b/0x110
[ 133.036082][ C1] ? ktime_get+0x12f/0x160
[ 133.036133][ C1] tcp_rcv_established+0xcd6/0x1ac0
[ 133.036187][ C1] ? tcp_check_space+0x9d0/0x9d0
[ 133.036232][ C1] ? __kasan_check_read+0x11/0x20
[ 133.036277][ C1] ? ipv4_dst_check+0xe3/0x150
[ 133.036320][ C1] tcp_v4_do_rcv+0x3d7/0xa00
[ 133.036387][ C1] tcp_v4_rcv+0x23dd/0x2a70
[ 133.036454][ C1] ? __kasan_check_write+0x14/0x20
[ 133.036500][ C1] ? tcp_filter+0x90/0x90
[ 133.036551][ C1] ip_protocol_deliver_rcu+0x32f/0x710
[ 133.036600][ C1] ip_local_deliver+0x2c6/0x590
[ 133.036664][ C1] ? ip_protocol_deliver_rcu+0x710/0x710
[ 133.036710][ C1] ? ip_rcv_finish_core+0xb0d/0x1490
[ 133.036758][ C1] ip_sublist_rcv+0x7e2/0x980
[ 133.036798][ C1] ? packet_rcv+0x160/0x1150
[ 133.036844][ C1] ? ip_list_rcv+0x470/0x470
[ 133.036884][ C1] ? memset+0x35/0x40
[ 133.036924][ C1] ? ip_rcv_core+0x736/0xb50
[ 133.036969][ C1] ip_list_rcv+0x422/0x470
[ 133.037014][ C1] ? ip_rcv_finish+0xd0/0xd0
[ 133.037090][ C1] ? ip_rcv_finish+0xd0/0xd0
[ 133.037140][ C1] __netif_receive_skb_list_core+0x6b1/0x890
[ 133.037192][ C1] ? __netif_receive_skb+0x530/0x530
[ 133.037233][ C1] ? receive_buf+0x37ce/0x5720
[ 133.037283][ C1] netif_receive_skb_list_internal+0x967/0xcc0
[ 133.037353][ C1] ? virtnet_poll_tx+0x500/0x500
[ 133.037393][ C1] ? netif_receive_skb_list+0x2d0/0x2d0
[ 133.037443][ C1] ? __kasan_check_write+0x14/0x20
[ 133.037487][ C1] ? virtqueue_get_buf_ctx+0x482/0xe30
[ 133.037534][ C1] ? detach_buf_split+0x71a/0xae0
[ 133.037585][ C1] ? __kasan_check_write+0x14/0x20
[ 133.037651][ C1] napi_complete_done+0x344/0x770
[ 133.037704][ C1] ? __napi_schedule_irqoff+0x280/0x280
[ 133.037757][ C1] ? virtqueue_enable_cb_prepare+0x2c6/0x5b0
[ 133.037811][ C1] virtnet_poll+0xbee/0x1260
[ 133.037860][ C1] ? refill_work+0x220/0x220
[ 133.037922][ C1] ? trace_xdp_exception+0x140/0x140
[ 133.037968][ C1] __napi_poll+0xc4/0x5a0
[ 133.038007][ C1] net_rx_action+0x47d/0xc50
[ 133.038083][ C1] ? net_tx_action+0x550/0x550
[ 133.038131][ C1] ? __sched_clock_gtod_offset+0xd0/0x100
[ 133.038187][ C1] __do_softirq+0x26d/0x5bf
[ 133.038234][ C1] __irq_exit_rcu+0x50/0xf0
[ 133.038280][ C1] irq_exit_rcu+0x9/0x10
[ 133.038325][ C1] common_interrupt+0x59/0xd0
[ 133.038397][ C1] asm_common_interrupt+0x27/0x40
[ 133.038445][ C1] RIP: 0033:0x7f0188ac3585
[ 133.038487][ C1] Code: ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 b9 01 00 00 00 e9 12 fe ff ff 31 c9 e9 0b fe ff ff 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 <0f> 05 c3 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84
[ 133.038520][ C1] RSP: 002b:00007fffc4a7daf8 EFLAGS: 00000246
[ 133.038552][ C1] RAX: 0000000000000027 RBX: 0000000000000000 RCX: 0000000000000000
[ 133.038577][ C1] RDX: 000000000000085c RSI: 000055d0d2cc0480 RDI: 000055d0d2cbd937
[ 133.038606][ C1] RBP: 000055d0d2cbe856 R08: 0000000000000006 R09: 0000000000000000
[ 133.038648][ C1] R10: 000055d0d2cbe856 R11: 0000000000000246 R12: 000055d0d2cbd937
[ 133.038678][ C1] R13: 000055d0d2cc0480 R14: 000055d0d2cc0480 R15: 00007fffc4a7e080
[ 133.038718][ C1]
[ 133.038731][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 5.782 msecs
[ 133.038949][ C0] NMI backtrace for cpu 0
[ 133.724539][ C0] CPU: 0 PID: 300 Comm: syz-executor488 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 133.734623][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
[ 133.744497][ C0] Call Trace:
[ 133.747634][ C0]
[ 133.750314][ C0] dump_stack_lvl+0x151/0x1b7
[ 133.754832][ C0] ? io_uring_drop_tctx_refs+0x190/0x190
[ 133.760307][ C0] ? ttwu_do_wakeup+0x187/0x430
[ 133.764987][ C0] dump_stack+0x15/0x17
[ 133.768981][ C0] nmi_cpu_backtrace+0x2f7/0x300
[ 133.773777][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270
[ 133.779739][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210
[ 133.785037][ C0] ? _raw_spin_lock+0x1b0/0x1b0
[ 133.789721][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 133.795644][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270
[ 133.801438][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 133.807344][ C0] arch_trigger_cpumask_backtrace+0x10/0x20
[ 133.813072][ C0] rcu_dump_cpu_stacks+0x1d8/0x330
[ 133.818019][ C0] print_cpu_stall+0x315/0x5f0
[ 133.822630][ C0] rcu_sched_clock_irq+0x989/0x12f0
[ 133.827655][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340
[ 133.833645][ C0] ? hrtimer_run_queues+0x15f/0x440
[ 133.838680][ C0] update_process_times+0x198/0x200
[ 133.843724][ C0] tick_sched_timer+0x188/0x240
[ 133.848414][ C0] ? tick_setup_sched_timer+0x480/0x480
[ 133.853778][ C0] __hrtimer_run_queues+0x41a/0xad0
[ 133.858818][ C0] ? hrtimer_interrupt+0xaa0/0xaa0
[ 133.863775][ C0] ? clockevents_program_event+0x22f/0x300
[ 133.869402][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0
[ 133.875307][ C0] hrtimer_interrupt+0x40c/0xaa0
[ 133.880091][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0
[ 133.885810][ C0] sysvec_apic_timer_interrupt+0x95/0xc0
[ 133.891279][ C0]
[ 133.894121][ C0]
[ 133.896832][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 133.902647][ C0] RIP: 0010:kvm_wait+0x147/0x180
[ 133.907432][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 133.926864][ C0] RSP: 0018:ffffc900009578e0 EFLAGS: 00000246
[ 133.932766][ C0] RAX: 0000000000000003 RBX: 1ffff9200012af20 RCX: ffffffff8154f88f
[ 133.940598][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881156a6808
[ 133.948389][ C0] RBP: ffffc90000957990 R08: dffffc0000000000 R09: ffffed1022ad4d02
[ 133.956335][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 133.964160][ C0] R13: ffff8881156a6808 R14: 0000000000000003 R15: 1ffff9200012af24
[ 133.971961][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 133.978065][ C0] ? bpf_bprintf_prepare+0xc1/0x1360
[ 133.983162][ C0] ? kvm_arch_para_hints+0x30/0x30
[ 133.988122][ C0] ? pv_hash+0x86/0x150
[ 133.992115][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[ 133.998001][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 134.004265][ C0] _raw_spin_lock_bh+0x139/0x1b0
[ 134.009023][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 134.014059][ C0] ? sock_hash_bucket_hash+0x352/0x7e0
[ 134.019354][ C0] sock_hash_delete_elem+0xb1/0x2f0
[ 134.024386][ C0] ? kvfree+0x35/0x40
[ 134.028206][ C0] bpf_prog_3578375fc1ecd9df+0x5b/0xd2c
[ 134.033584][ C0] bpf_trace_run2+0xec/0x210
[ 134.038014][ C0] ? bpf_trace_run1+0x1c0/0x1c0
[ 134.042710][ C0] ? sock_map_update_elem_sys+0x439/0x660
[ 134.048254][ C0] ? kvfree+0x35/0x40
[ 134.052079][ C0] ? kvfree+0x35/0x40
[ 134.055908][ C0] __bpf_trace_kfree+0x6f/0x90
[ 134.060519][ C0] ? kvfree+0x35/0x40
[ 134.064313][ C0] kfree+0x1f3/0x220
[ 134.068045][ C0] ? bpf_map_update_value+0x164/0x3c0
[ 134.073256][ C0] kvfree+0x35/0x40
[ 134.076901][ C0] map_update_elem+0x653/0x770
[ 134.081518][ C0] __sys_bpf+0x405/0x760
[ 134.085615][ C0] ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 134.090790][ C0] ? ptrace_notify+0x24c/0x350
[ 134.095399][ C0] ? __kasan_check_read+0x11/0x20
[ 134.100281][ C0] __x64_sys_bpf+0x7c/0x90
[ 134.104502][ C0] do_syscall_64+0x3d/0xb0
[ 134.108766][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 134.114481][ C0] RIP: 0033:0x7fec51882f39
[ 134.118751][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 134.138178][ C0] RSP: 002b:00007fff43c8cc48 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 134.146424][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fec51882f39
[ 134.154237][ C0] RDX: 0000000000000020 RSI: 0000000020000200 RDI: 0000000000000002
[ 134.162048][ C0] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000006
[ 134.169861][ C0] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000
[ 134.177674][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 134.185495][ C0]
[ 134.188356][ C0] Sending NMI from CPU 0 to CPUs 1:
[ 134.193412][ C1] NMI backtrace for cpu 1
[ 134.193431][ C1] CPU: 1 PID: 293 Comm: sshd Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 134.193537][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
[ 134.193560][ C1] RIP: 0010:kvm_wait+0x147/0x180
[ 134.193617][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 134.193668][ C1] RSP: 0000:ffffc900009d6480 EFLAGS: 00000246
[ 134.193720][ C1] RAX: 0000000000000001 RBX: 1ffff9200013ac94 RCX: 1ffffffff0d1aa9c
[ 134.193754][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4
[ 134.193784][ C1] RBP: ffffc900009d6530 R08: dffffc0000000000 R09: ffffed103ee26fdb
[ 134.193820][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 134.193868][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff9200013ac98
[ 134.193900][ C1] FS: 00007f01889b0800(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 134.193955][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 134.194001][ C1] CR2: 000055ac79b80008 CR3: 000000011de7c000 CR4: 00000000003506a0
[ 134.194049][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 134.194075][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 134.194103][ C1] Call Trace:
[ 134.194114][ C1]
[ 134.194127][ C1] ? show_regs+0x58/0x60
[ 134.194171][ C1] ? nmi_cpu_backtrace+0x29f/0x300
[ 134.194251][ C1] ? ___ratelimit+0x3c0/0x5a0
[ 134.194304][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270
[ 134.194375][ C1] ? kvm_wait+0x147/0x180
[ 134.194416][ C1] ? kvm_wait+0x147/0x180
[ 134.194458][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20
[ 134.194507][ C1] ? nmi_handle+0xa8/0x280
[ 134.194568][ C1] ? kvm_wait+0x147/0x180
[ 134.194615][ C1] ? kvm_wait+0x147/0x180
[ 134.194671][ C1] ? default_do_nmi+0x69/0x160
[ 134.194717][ C1] ? exc_nmi+0xaf/0x120
[ 134.194775][ C1] ? end_repeat_nmi+0x16/0x31
[ 134.194822][ C1] ? kvm_wait+0x147/0x180
[ 134.194866][ C1] ? kvm_wait+0x147/0x180
[ 134.194910][ C1] ? kvm_wait+0x147/0x180
[ 134.194953][ C1]
[ 134.194966][ C1]
[ 134.194980][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 134.195039][ C1] ? kvm_arch_para_hints+0x30/0x30
[ 134.195104][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40
[ 134.195163][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 134.195219][ C1] ? __stack_depot_save+0x34/0x470
[ 134.195288][ C1] _raw_spin_lock_bh+0x139/0x1b0
[ 134.195352][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 134.195403][ C1] ? sock_hash_bucket_hash+0x352/0x7e0
[ 134.195470][ C1] sock_hash_delete_elem+0xb1/0x2f0
[ 134.195520][ C1] ? sock_map_unref+0x352/0x4d0
[ 134.195567][ C1] bpf_prog_3578375fc1ecd9df+0x5b/0xd2c
[ 134.195611][ C1] bpf_trace_run2+0xec/0x210
[ 134.195663][ C1] ? bpf_trace_run1+0x1c0/0x1c0
[ 134.195712][ C1] ? sock_map_unref+0x352/0x4d0
[ 134.195762][ C1] ? sock_map_unref+0x352/0x4d0
[ 134.195823][ C1] __bpf_trace_kfree+0x6f/0x90
[ 134.195865][ C1] ? sock_map_unref+0x352/0x4d0
[ 134.195910][ C1] kfree+0x1f3/0x220
[ 134.195958][ C1] sock_map_unref+0x352/0x4d0
[ 134.196008][ C1] sock_hash_delete_elem+0x274/0x2f0
[ 134.196074][ C1] ? skb_release_data+0x8a9/0xa80
[ 134.196118][ C1] bpf_prog_3578375fc1ecd9df+0x5b/0xd2c
[ 134.196169][ C1] bpf_trace_run2+0xec/0x210
[ 134.196218][ C1] ? bpf_trace_run1+0x1c0/0x1c0
[ 134.196282][ C1] ? skb_release_data+0x8a9/0xa80
[ 134.196340][ C1] ? virtqueue_kick_prepare+0x2c7/0x4d0
[ 134.196402][ C1] ? skb_release_data+0x8a9/0xa80
[ 134.196458][ C1] __bpf_trace_kfree+0x6f/0x90
[ 134.196500][ C1] ? skb_release_data+0x8a9/0xa80
[ 134.196555][ C1] kfree+0x1f3/0x220
[ 134.196602][ C1] skb_release_data+0x8a9/0xa80
[ 134.196668][ C1] __kfree_skb+0x50/0x70
[ 134.196721][ C1] tcp_rtx_queue_unlink_and_free+0x203/0x720
[ 134.196773][ C1] tcp_ack+0x23e0/0x68a0
[ 134.196854][ C1] ? tcp_rcv_established+0x1ac0/0x1ac0
[ 134.196911][ C1] ? __kernel_text_address+0x9b/0x110
[ 134.196968][ C1] ? ktime_get+0x12f/0x160
[ 134.197012][ C1] tcp_rcv_established+0xcd6/0x1ac0
[ 134.197096][ C1] ? tcp_check_space+0x9d0/0x9d0
[ 134.197158][ C1] ? __kasan_check_read+0x11/0x20
[ 134.197219][ C1] ? ipv4_dst_check+0xe3/0x150
[ 134.197264][ C1] tcp_v4_do_rcv+0x3d7/0xa00
[ 134.197320][ C1] tcp_v4_rcv+0x23dd/0x2a70
[ 134.197392][ C1] ? __kasan_check_write+0x14/0x20
[ 134.197454][ C1] ? tcp_filter+0x90/0x90
[ 134.197508][ C1] ip_protocol_deliver_rcu+0x32f/0x710
[ 134.197558][ C1] ip_local_deliver+0x2c6/0x590
[ 134.197630][ C1] ? ip_protocol_deliver_rcu+0x710/0x710
[ 134.197681][ C1] ? ip_rcv_finish_core+0xb0d/0x1490
[ 134.197734][ C1] ip_sublist_rcv+0x7e2/0x980
[ 134.197779][ C1] ? packet_rcv+0x160/0x1150
[ 134.197829][ C1] ? ip_list_rcv+0x470/0x470
[ 134.197875][ C1] ? memset+0x35/0x40
[ 134.197932][ C1] ? ip_rcv_core+0x736/0xb50
[ 134.197981][ C1] ip_list_rcv+0x422/0x470
[ 134.198029][ C1] ? ip_rcv_finish+0xd0/0xd0
[ 134.198076][ C1] ? ip_rcv_finish+0xd0/0xd0
[ 134.198119][ C1] __netif_receive_skb_list_core+0x6b1/0x890
[ 134.198189][ C1] ? __netif_receive_skb+0x530/0x530
[ 134.198232][ C1] ? receive_buf+0x37ce/0x5720
[ 134.198284][ C1] netif_receive_skb_list_internal+0x967/0xcc0
[ 134.198341][ C1] ? virtnet_poll_tx+0x500/0x500
[ 134.198386][ C1] ? netif_receive_skb_list+0x2d0/0x2d0
[ 134.198438][ C1] ? __kasan_check_write+0x14/0x20
[ 134.198486][ C1] ? virtqueue_get_buf_ctx+0x482/0xe30
[ 134.198550][ C1] ? detach_buf_split+0x71a/0xae0
[ 134.198598][ C1] ? __kasan_check_write+0x14/0x20
[ 134.198669][ C1] napi_complete_done+0x344/0x770
[ 134.198736][ C1] ? __napi_schedule_irqoff+0x280/0x280
[ 134.198802][ C1] ? virtqueue_enable_cb_prepare+0x2c6/0x5b0
[ 134.198870][ C1] virtnet_poll+0xbee/0x1260
[ 134.198918][ C1] ? refill_work+0x220/0x220
[ 134.198964][ C1] ? trace_xdp_exception+0x140/0x140
[ 134.199014][ C1] __napi_poll+0xc4/0x5a0
[ 134.199072][ C1] net_rx_action+0x47d/0xc50
[ 134.199121][ C1] ? net_tx_action+0x550/0x550
[ 134.199164][ C1] ? __sched_clock_gtod_offset+0xd0/0x100
[ 134.199222][ C1] __do_softirq+0x26d/0x5bf
[ 134.199270][ C1] __irq_exit_rcu+0x50/0xf0
[ 134.199319][ C1] irq_exit_rcu+0x9/0x10
[ 134.199365][ C1] common_interrupt+0x59/0xd0
[ 134.199412][ C1] asm_common_interrupt+0x27/0x40
[ 134.199464][ C1] RIP: 0033:0x7f0188ac3585
[ 134.199498][ C1] Code: ff 5b 41 5c 41 5d 41 5e 41 5f 5d c3 b9 01 00 00 00 e9 12 fe ff ff 31 c9 e9 0b fe ff ff 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 <0f> 05 c3 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84
[ 134.199535][ C1] RSP: 002b:00007fffc4a7daf8 EFLAGS: 00000246
[ 134.199570][ C1] RAX: 0000000000000027 RBX: 0000000000000000 RCX: 0000000000000000
[ 134.199598][ C1] RDX: 000000000000085c RSI: 000055d0d2cc0480 RDI: 000055d0d2cbd937
[ 134.199638][ C1] RBP: 000055d0d2cbe856 R08: 0000000000000006 R09: 0000000000000000
[ 134.199668][ C1] R10: 000055d0d2cbe856 R11: 0000000000000246 R12: 000055d0d2cbd937
[ 134.199701][ C1] R13: 000055d0d2cc0480 R14: 000055d0d2cc0480 R15: 00007fffc4a7e080
[ 134.199743][ C1]
[ 134.199758][ C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 6.346 msecs
[ 265.134618][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 225s! [syz-executor488:300]
[ 265.143072][ C0] Modules linked in:
[ 265.146805][ C0] CPU: 0 PID: 300 Comm: syz-executor488 Not tainted 5.15.148-syzkaller-00718-g993bed180178 #0
[ 265.156885][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
[ 265.166767][ C0] RIP: 0010:kvm_wait+0x147/0x180
[ 265.171670][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[ 265.191429][ C0] RSP: 0018:ffffc900009578e0 EFLAGS: 00000246
[ 265.197335][ C0] RAX: 0000000000000003 RBX: 1ffff9200012af20 RCX: ffffffff8154f88f
[ 265.205158][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881156a6808
[ 265.212960][ C0] RBP: ffffc90000957990 R08: dffffc0000000000 R09: ffffed1022ad4d02
[ 265.220777][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 265.228581][ C0] R13: ffff8881156a6808 R14: 0000000000000003 R15: 1ffff9200012af24
[ 265.236404][ C0] FS: 000055555593a380(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 265.245158][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 265.251581][ C0] CR2: 00007fec518fa0e0 CR3: 000000011dad2000 CR4: 00000000003506b0
[ 265.259396][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 265.267219][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 265.275020][ C0] Call Trace:
[ 265.278145][ C0]
[ 265.280842][ C0] ? show_regs+0x58/0x60
[ 265.284936][ C0] ? watchdog_timer_fn+0x4b1/0x5f0
[ 265.289861][ C0] ? proc_watchdog_cpumask+0xd0/0xd0
[ 265.294987][ C0] ? __hrtimer_run_queues+0x41a/0xad0
[ 265.300198][ C0] ? hrtimer_interrupt+0xaa0/0xaa0
[ 265.305143][ C0] ? clockevents_program_event+0x22f/0x300
[ 265.310780][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0
[ 265.316712][ C0] ? hrtimer_interrupt+0x40c/0xaa0
[ 265.321644][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[ 265.327534][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0
[ 265.333173][ C0]
[ 265.335950][ C0]
[ 265.338731][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 265.344722][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[ 265.350803][ C0] ? kvm_wait+0x147/0x180
[ 265.354961][ C0] ? bpf_bprintf_prepare+0xc1/0x1360
[ 265.360082][ C0] ? kvm_arch_para_hints+0x30/0x30
[ 265.365047][ C0] ? pv_hash+0x86/0x150
[ 265.369025][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[ 265.374940][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[ 265.381190][ C0] _raw_spin_lock_bh+0x139/0x1b0
[ 265.385951][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 265.390987][ C0] ? sock_hash_bucket_hash+0x352/0x7e0
[ 265.396294][ C0] sock_hash_delete_elem+0xb1/0x2f0
[ 265.401315][ C0] ? kvfree+0x35/0x40
[ 265.405150][ C0] bpf_prog_3578375fc1ecd9df+0x5b/0xd2c
[ 265.410513][ C0] bpf_trace_run2+0xec/0x210
[ 265.414941][ C0] ? bpf_trace_run1+0x1c0/0x1c0
[ 265.419626][ C0] ? sock_map_update_elem_sys+0x439/0x660
[ 265.425193][ C0] ? kvfree+0x35/0x40
[ 265.429017][ C0] ? kvfree+0x35/0x40
[ 265.432841][ C0] __bpf_trace_kfree+0x6f/0x90
[ 265.437422][ C0] ? kvfree+0x35/0x40
[ 265.441251][ C0] kfree+0x1f3/0x220
[ 265.444972][ C0] ? bpf_map_update_value+0x164/0x3c0
[ 265.450184][ C0] kvfree+0x35/0x40
[ 265.453941][ C0] map_update_elem+0x653/0x770
[ 265.458543][ C0] __sys_bpf+0x405/0x760
[ 265.462619][ C0] ? bpf_link_show_fdinfo+0x2d0/0x2d0
[ 265.467828][ C0] ? ptrace_notify+0x24c/0x350
[ 265.472435][ C0] ? __kasan_check_read+0x11/0x20
[ 265.477291][ C0] __x64_sys_bpf+0x7c/0x90
[ 265.481553][ C0] do_syscall_64+0x3d/0xb0
[ 265.485794][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 265.491526][ C0] RIP: 0033:0x7fec51882f39
[ 265.495789][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 265.515223][ C0] RSP: 002b:00007fff43c8cc48 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 265.523473][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fec51882f39
[ 265.531280][ C0] RDX: 0000000000000020 RSI: 0000000020000200 RDI: 0000000000000002
[ 265.539091][ C0] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000006
[ 265.546915][ C0] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000
[ 265.554722][ C0] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 265.562548][ C0]