last executing test programs: 520.84893ms ago: executing program 4: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='ext4_sync_file_enter\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x100002, 0x0) write$cgroup_int(r1, &(0x7f0000000680), 0x12) 279.454107ms ago: executing program 4: bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0xfffffffa, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES64, @ANYRES32, @ANYRESOCT=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) unlink(0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfeffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb01001800000000000000140000001400000007000000000000000100000604000000020000000000004000005fbd"], 0x0, 0x33}, 0x20) write$cgroup_int(r3, &(0x7f0000000000), 0x400000) ioctl$TUNSETCARRIER(r2, 0x400454e2, &(0x7f0000000400)=0x1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x2, 0x8, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r5}, &(0x7f0000000180), &(0x7f0000000100)=r4}, 0x20) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_unlink_exit\x00', r6}, 0x10) openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000500)='memory.pressure\x00', 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 216.722476ms ago: executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) 174.837543ms ago: executing program 1: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10) write$cgroup_pid(r0, &(0x7f0000000980), 0x12) 136.874149ms ago: executing program 1: bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180100"/16, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x2000000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) gettid() r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) write$cgroup_devices(r3, &(0x7f00000000c0)=ANY=[], 0xffdd) 85.854527ms ago: executing program 3: bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0x58, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0x1a, 0x0, &(0x7f00000007c0)='GPL\x00', 0x10000, 0x0, 0x0, 0x0, 0x28, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x1, 0xe, 0x0, 0x6}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000a00)=[{0x0, 0x0, 0x4, 0x1}, {}], 0x10, 0x401}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1ffffffffffffe4d, &(0x7f0000000b00)=ANY=[], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffdf2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xad) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x10) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$tipc(0x1e, 0x0, 0x0, &(0x7f0000000000)) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.io_service_bytes_recursive\x00', 0x26e1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='ext4_discard_blocks\x00', r4}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r2, 0xc0185879, &(0x7f0000000040)) 77.183208ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x0, 0x1, 0xffffffffffffffff, 0x1468}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000040000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000950000000000000030875715e13c82162070fc49fb4f"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x202, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, 0x0) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) perf_event_open(&(0x7f0000001ec0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = perf_event_open(&(0x7f00000000c0)={0x2, 0x6d, 0x80, 0x1, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x2fc}}, 0x0, 0x0, 0xffffffffffffffff, 0x3) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x5, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000ac0)={0xffffffffffffffff, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0xe6, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000340)='ext4_remove_blocks\x00'}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) write$cgroup_int(r7, &(0x7f0000000100), 0x1001) ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f00000002c0)=0x5) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000bc0)={0xffffffffffffffff, &(0x7f0000000880)}, 0x20) 13.015978ms ago: executing program 4: socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r3) 0s ago: executing program 1: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.10' (ED25519) to the list of known hosts. 2024/06/21 17:37:21 fuzzer started 2024/06/21 17:37:21 dialing manager at 10.128.0.163:30010 [ 18.907112][ T30] audit: type=1400 audit(1718991441.367:66): avc: denied { node_bind } for pid=282 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 18.910138][ T30] audit: type=1400 audit(1718991441.377:67): avc: denied { name_bind } for pid=282 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 18.932150][ T30] audit: type=1400 audit(1718991441.397:68): avc: denied { setattr } for pid=291 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 18.937715][ T290] cgroup: Unknown subsys name 'net' [ 18.956026][ T30] audit: type=1400 audit(1718991441.397:69): avc: denied { integrity } for pid=290 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 18.982883][ T290] cgroup: Unknown subsys name 'devices' [ 18.987941][ T294] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 18.989438][ T30] audit: type=1400 audit(1718991441.407:70): avc: denied { mounton } for pid=290 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 19.019185][ T30] audit: type=1400 audit(1718991441.407:71): avc: denied { mount } for pid=290 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.041185][ T30] audit: type=1400 audit(1718991441.447:72): avc: denied { unmount } for pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.061133][ T30] audit: type=1400 audit(1718991441.467:73): avc: denied { mounton } for pid=297 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 19.085946][ T30] audit: type=1400 audit(1718991441.467:74): avc: denied { mount } for pid=297 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 19.109368][ T30] audit: type=1400 audit(1718991441.507:75): avc: denied { relabelto } for pid=294 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 19.112292][ T293] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 19.298818][ T290] cgroup: Unknown subsys name 'hugetlb' [ 19.304342][ T290] cgroup: Unknown subsys name 'rlimit' 2024/06/21 17:37:21 starting 5 executor processes [ 19.847772][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 19.854619][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 19.861923][ T307] device bridge_slave_0 entered promiscuous mode [ 19.875241][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 19.882116][ T308] bridge0: port 1(bridge_slave_0) entered disabled state [ 19.889311][ T308] device bridge_slave_0 entered promiscuous mode [ 19.896999][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 19.903831][ T307] bridge0: port 2(bridge_slave_1) entered disabled state [ 19.911252][ T307] device bridge_slave_1 entered promiscuous mode [ 19.922233][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 19.929097][ T308] bridge0: port 2(bridge_slave_1) entered disabled state [ 19.936177][ T308] device bridge_slave_1 entered promiscuous mode [ 19.982044][ T309] bridge0: port 1(bridge_slave_0) entered blocking state [ 19.988902][ T309] bridge0: port 1(bridge_slave_0) entered disabled state [ 19.996090][ T309] device bridge_slave_0 entered promiscuous mode [ 20.010414][ T309] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.017281][ T309] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.024435][ T309] device bridge_slave_1 entered promiscuous mode [ 20.081393][ T310] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.088253][ T310] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.095427][ T310] device bridge_slave_0 entered promiscuous mode [ 20.102050][ T310] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.108894][ T310] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.116071][ T310] device bridge_slave_1 entered promiscuous mode [ 20.196434][ T311] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.203271][ T311] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.210552][ T311] device bridge_slave_0 entered promiscuous mode [ 20.217165][ T311] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.224082][ T311] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.231427][ T311] device bridge_slave_1 entered promiscuous mode [ 20.241480][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.248316][ T307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.255386][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.262213][ T307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.279468][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.286289][ T308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.293424][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.300196][ T308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.322109][ T309] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.328975][ T309] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.336036][ T309] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.342862][ T309] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.398650][ T310] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.405490][ T310] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.412606][ T310] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.419399][ T310] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.444938][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.452115][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.459169][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.466079][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.473107][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.480197][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.487499][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.494402][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.501841][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 20.509020][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.535306][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.542939][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.551018][ T299] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.557847][ T299] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.564995][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.573516][ T299] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.580367][ T299] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.587487][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.595294][ T299] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.602059][ T299] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.609400][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.617159][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.625072][ T299] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.631902][ T299] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.639063][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.646755][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 20.653888][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.661092][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.669000][ T299] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.675742][ T299] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.682920][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.690853][ T299] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.697693][ T299] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.719065][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.726819][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.734671][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.742501][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.766288][ T307] device veth0_vlan entered promiscuous mode [ 20.772949][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 20.781863][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 20.789726][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 20.796917][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 20.804172][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 20.820693][ T309] device veth0_vlan entered promiscuous mode [ 20.829500][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 20.837627][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 20.845289][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 20.852753][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 20.863200][ T308] device veth0_vlan entered promiscuous mode [ 20.873083][ T307] device veth1_macvtap entered promiscuous mode [ 20.880834][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 20.888884][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 20.896767][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 20.904608][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 20.912669][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 20.920118][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 20.927392][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 20.954036][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 20.961420][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.969072][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 20.977213][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.985118][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.991868][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.999011][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 21.006173][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.013422][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.021470][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.029407][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.036225][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.043416][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 21.051469][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.059421][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.066242][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.073456][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.081522][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.089465][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.096287][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.103512][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.111323][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.119119][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.126899][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.134557][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.142626][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.150683][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.158714][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.166988][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 21.180948][ T309] device veth1_macvtap entered promiscuous mode [ 21.193860][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.202182][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.210544][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.218426][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.226516][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.243586][ T311] device veth0_vlan entered promiscuous mode [ 21.249881][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.258129][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.265867][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.274296][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.282208][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.290405][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.303094][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.311349][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.319693][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.327659][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.335577][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.343070][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.362457][ T311] device veth1_macvtap entered promiscuous mode [ 21.373756][ T308] device veth1_macvtap entered promiscuous mode [ 21.381060][ T310] device veth0_vlan entered promiscuous mode [ 21.387849][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.395905][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.404361][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.413405][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.421197][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.429052][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.437252][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.445243][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.453530][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.461531][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.468857][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.491244][ T310] device veth1_macvtap entered promiscuous mode [ 21.501794][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.511777][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.521112][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.529402][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.537671][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.545713][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.554005][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.562194][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.570496][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.579013][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.587298][ T299] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.610967][ C1] hrtimer: interrupt took 26544 ns [ 21.646303][ T313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.679294][ T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.704314][ T313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.712640][ T313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 121.866436][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 121.872942][ C0] rcu: 0-...!: (1 GPs behind) idle=423/1/0x4000000000000000 softirq=2610/2611 fqs=0 last_accelerate: 92c9/ba1d dyntick_enabled: 1 [ 121.886194][ C0] (t=10001 jiffies g=761 q=9) [ 121.890954][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g761 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 121.903024][ C0] rcu: Possible timer handling issue on cpu=1 timer-softirq=346 [ 121.910695][ C0] rcu: rcu_preempt kthread starved for 10004 jiffies! g761 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 121.921707][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 121.931512][ C0] rcu: RCU grace-period kthread stack dump: [ 121.937250][ C0] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 121.946286][ C0] Call Trace: [ 121.949400][ C0] [ 121.952177][ C0] __schedule+0xccc/0x1590 [ 121.956433][ C0] ? __sched_text_start+0x8/0x8 [ 121.961111][ C0] ? __kasan_check_write+0x14/0x20 [ 121.966061][ C0] schedule+0x11f/0x1e0 [ 121.970049][ C0] schedule_timeout+0x18c/0x370 [ 121.974733][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 121.979768][ C0] ? console_conditional_schedule+0x30/0x30 [ 121.985496][ C0] ? update_process_times+0x200/0x200 [ 121.990707][ C0] ? prepare_to_swait_event+0x308/0x320 [ 121.996093][ C0] rcu_gp_fqs_loop+0x2af/0xf80 [ 122.000689][ C0] ? debug_smp_processor_id+0x17/0x20 [ 122.005893][ C0] ? __note_gp_changes+0x4ab/0x920 [ 122.010843][ C0] ? rcu_gp_init+0xc30/0xc30 [ 122.015273][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 122.020303][ C0] ? rcu_gp_init+0x9cf/0xc30 [ 122.024734][ C0] rcu_gp_kthread+0xa4/0x350 [ 122.029154][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.033840][ C0] ? wake_nocb_gp+0x1e0/0x1e0 [ 122.038354][ C0] ? __kasan_check_read+0x11/0x20 [ 122.043213][ C0] ? __kthread_parkme+0xb2/0x200 [ 122.047993][ C0] kthread+0x421/0x510 [ 122.051895][ C0] ? wake_nocb_gp+0x1e0/0x1e0 [ 122.056405][ C0] ? kthread_blkcg+0xd0/0xd0 [ 122.060840][ C0] ret_from_fork+0x1f/0x30 [ 122.065093][ C0] [ 122.067961][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 122.074131][ C0] Sending NMI from CPU 0 to CPUs 1: [ 122.079165][ C1] NMI backtrace for cpu 1 [ 122.079186][ C1] CPU: 1 PID: 339 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 122.079202][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 122.079214][ C1] RIP: 0010:__unwind_start+0x23f/0x3a0 [ 122.079236][ C1] Code: 41 83 3f 00 0f 84 30 01 00 00 48 8b 45 c0 48 8d 48 50 48 8d 50 38 4c 8d 70 08 4c 8d 60 10 48 8b 45 d0 48 83 c0 08 48 89 45 b8 <4c> 89 f0 48 c1 e8 03 48 89 45 90 4d 89 e7 49 c1 ef 03 48 89 4d 98 [ 122.079248][ C1] RSP: 0018:ffffc900001d0580 EFLAGS: 00000086 [ 122.079261][ C1] RAX: ffffc900009d73e8 RBX: ffffc900009d7490 RCX: ffffc900001d06d0 [ 122.079273][ C1] RDX: ffffc900001d06b8 RSI: ffffc900009d7490 RDI: ffffc900001d06d8 [ 122.079284][ C1] RBP: ffffc900001d05f0 R08: dffffc0000000001 R09: ffffc900001d0680 [ 122.079295][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc900001d0690 [ 122.079306][ C1] R13: ffff88810c7c4f00 R14: ffffc900001d0688 R15: ffffc900001d0680 [ 122.079317][ C1] FS: 00007f6432ffc6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 122.079330][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.079341][ C1] CR2: 0000786c6c257830 CR3: 000000010c39e000 CR4: 00000000003506a0 [ 122.079354][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 122.079362][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 122.079371][ C1] Call Trace: [ 122.079375][ C1] [ 122.079380][ C1] ? show_regs+0x58/0x60 [ 122.079395][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 122.079413][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 122.079431][ C1] ? __unwind_start+0x23f/0x3a0 [ 122.079446][ C1] ? __unwind_start+0x23f/0x3a0 [ 122.079462][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 122.079478][ C1] ? nmi_handle+0xa8/0x280 [ 122.079493][ C1] ? __unwind_start+0x23f/0x3a0 [ 122.079508][ C1] ? default_do_nmi+0x69/0x160 [ 122.079524][ C1] ? exc_nmi+0xaf/0x120 [ 122.079537][ C1] ? end_repeat_nmi+0x16/0x31 [ 122.079554][ C1] ? __unwind_start+0x23f/0x3a0 [ 122.079569][ C1] ? __unwind_start+0x23f/0x3a0 [ 122.079589][ C1] ? __unwind_start+0x23f/0x3a0 [ 122.079604][ C1] [ 122.079608][ C1] [ 122.079614][ C1] perf_callchain_kernel+0x355/0x640 [ 122.079633][ C1] ? arch_perf_update_userpage+0x450/0x450 [ 122.079650][ C1] ? __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 122.079668][ C1] ? debug_smp_processor_id+0x17/0x20 [ 122.079683][ C1] ? get_callchain_entry+0x170/0x390 [ 122.079700][ C1] get_perf_callchain+0x579/0x810 [ 122.079717][ C1] ? put_callchain_entry+0xb0/0xb0 [ 122.079734][ C1] ? __perf_event_header__init_id+0x460/0x590 [ 122.079747][ C1] ? kvm_is_in_guest+0x28/0x40 [ 122.079763][ C1] perf_prepare_sample+0x359/0x1a80 [ 122.079778][ C1] ? perf_callchain+0x190/0x190 [ 122.079790][ C1] ? enqueue_task_fair+0xd61/0x29a0 [ 122.079808][ C1] perf_event_output_forward+0xdb/0x1b0 [ 122.079823][ C1] ? perf_get_page_size+0x4c0/0x4c0 [ 122.079838][ C1] ? __this_cpu_preempt_check+0x13/0x20 [ 122.079854][ C1] ? __perf_event_account_interrupt+0x18f/0x2c0 [ 122.079869][ C1] __perf_event_overflow+0x20b/0x390 [ 122.079883][ C1] perf_swevent_hrtimer+0x3fd/0x560 [ 122.079899][ C1] ? __raise_softirq_irqoff+0xe0/0xe0 [ 122.079914][ C1] ? __kasan_check_read+0x11/0x20 [ 122.079930][ C1] ? cpu_clock_event_read+0x50/0x50 [ 122.079951][ C1] ? timerqueue_add+0x250/0x270 [ 122.079966][ C1] ? timerqueue_del+0xb4/0x100 [ 122.079979][ C1] ? cpu_clock_event_read+0x50/0x50 [ 122.079994][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 122.080011][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 122.080025][ C1] ? clockevents_program_event+0x236/0x300 [ 122.080040][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 122.080056][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 122.080074][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 122.080089][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 122.080104][ C1] [ 122.080108][ C1] [ 122.080113][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.080127][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 122.080142][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 122.080153][ C1] RSP: 0018:ffffc900009d73e0 EFLAGS: 00000246 [ 122.080165][ C1] RAX: 0000000000000001 RBX: 1ffff9200013ae80 RCX: 1ffffffff0d1aa9c [ 122.080175][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7138ad4 [ 122.080184][ C1] RBP: ffffc900009d7490 R08: dffffc0000000000 R09: ffffed103ee2715b [ 122.080195][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 122.080205][ C1] R13: ffff8881f7138ad4 R14: 0000000000000001 R15: 1ffff9200013ae84 [ 122.080218][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.080234][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 122.080249][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 122.080267][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 122.080286][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 122.080302][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 122.080319][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 122.080337][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 122.080354][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x35c [ 122.080366][ C1] bpf_trace_run2+0x159/0x210 [ 122.080383][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 122.080398][ C1] ? skb_release_data+0x8a9/0xa80 [ 122.080412][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.080428][ C1] ? skb_release_data+0x8a9/0xa80 [ 122.080441][ C1] __bpf_trace_kfree+0x6f/0x90 [ 122.080456][ C1] ? skb_release_data+0x8a9/0xa80 [ 122.080469][ C1] kfree+0x1f3/0x220 [ 122.080484][ C1] ? _copy_to_iter+0x2fa/0xde0 [ 122.080500][ C1] skb_release_data+0x8a9/0xa80 [ 122.080515][ C1] ? tsk_advance_rx_queue+0x10a/0x260 [ 122.080530][ C1] kfree_skb+0xba/0x360 [ 122.080543][ C1] tsk_advance_rx_queue+0x10a/0x260 [ 122.080558][ C1] tipc_recvstream+0x807/0xf70 [ 122.080579][ C1] ? tipc_sendstream+0x70/0x70 [ 122.080593][ C1] ? ____sys_recvmsg+0x1f1/0x530 [ 122.080609][ C1] ? tipc_sendstream+0x70/0x70 [ 122.080622][ C1] ____sys_recvmsg+0x286/0x530 [ 122.080637][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 122.080654][ C1] ? import_iovec+0xe5/0x120 [ 122.080670][ C1] ___sys_recvmsg+0x1ec/0x690 [ 122.080685][ C1] ? __sys_recvmsg+0x260/0x260 [ 122.080699][ C1] ? enqueue_hrtimer+0xca/0x240 [ 122.080713][ C1] ? __hrtimer_run_queues+0xa6f/0xad0 [ 122.080731][ C1] ? __fdget+0x1bc/0x240 [ 122.080745][ C1] __x64_sys_recvmsg+0x1dc/0x2b0 [ 122.080759][ C1] ? __kasan_check_write+0x14/0x20 [ 122.080774][ C1] ? ___sys_recvmsg+0x690/0x690 [ 122.080791][ C1] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 122.080808][ C1] do_syscall_64+0x3d/0xb0 [ 122.080821][ C1] ? sysvec_call_function_single+0x52/0xb0 [ 122.080837][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 122.080851][ C1] RIP: 0033:0x7f6433c820a9 [ 122.080866][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 122.080877][ C1] RSP: 002b:00007f6432ffc0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 122.080891][ C1] RAX: ffffffffffffffda RBX: 00007f6433db8f80 RCX: 00007f6433c820a9 [ 122.080902][ C1] RDX: 0000000000001f00 RSI: 0000000020000500 RDI: 0000000000000004 [ 122.080911][ C1] RBP: 00007f6433cf1074 R08: 0000000000000000 R09: 0000000000000000 [ 122.080920][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.080928][ C1] R13: 000000000000000b R14: 00007f6433db8f80 R15: 00007fff0d825e48 [ 122.080941][ C1] [ 122.081232][ C0] NMI backtrace for cpu 0 [ 122.813197][ C0] CPU: 0 PID: 355 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 122.823160][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 122.833054][ C0] Call Trace: [ 122.836181][ C0] [ 122.838872][ C0] dump_stack_lvl+0x151/0x1b7 [ 122.843389][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 122.849063][ C0] ? ttwu_do_wakeup+0x187/0x430 [ 122.853744][ C0] dump_stack+0x15/0x17 [ 122.857739][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 122.862515][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 122.868499][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 122.873793][ C0] ? __kasan_check_write+0x14/0x20 [ 122.878838][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.883521][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 122.889429][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 122.895237][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 122.901146][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 122.906871][ C0] rcu_dump_cpu_stacks+0x1d8/0x330 [ 122.911819][ C0] print_cpu_stall+0x315/0x5f0 [ 122.916419][ C0] rcu_sched_clock_irq+0x989/0x12f0 [ 122.921449][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 122.927611][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 122.932644][ C0] update_process_times+0x198/0x200 [ 122.937672][ C0] tick_sched_timer+0x188/0x240 [ 122.942357][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 122.947738][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 122.952775][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 122.957721][ C0] ? clockevents_program_event+0x22f/0x300 [ 122.963358][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 122.969263][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 122.974037][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 122.979764][ C0] sysvec_apic_timer_interrupt+0x95/0xc0 [ 122.985241][ C0] [ 122.988005][ C0] [ 122.990783][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.996600][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 123.001375][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 123.020815][ C0] RSP: 0018:ffffc90000c07520 EFLAGS: 00000246 [ 123.026721][ C0] RAX: 0000000000000003 RBX: 1ffff92000180ea8 RCX: ffffffff8154fb7f [ 123.034528][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810ac77798 [ 123.042340][ C0] RBP: ffffc90000c075d0 R08: dffffc0000000000 R09: ffffed102158eef4 [ 123.050146][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 123.058046][ C0] R13: ffff88810ac77798 R14: 0000000000000003 R15: 1ffff92000180eac [ 123.066337][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 123.072410][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.078397][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 123.083346][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 123.089426][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 123.095324][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 123.101573][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 123.106344][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 123.111378][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 123.116672][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 123.121707][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x35c [ 123.127090][ C0] bpf_trace_run2+0x159/0x210 [ 123.131603][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.136288][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.140973][ C0] ? event_function+0x284/0x300 [ 123.145663][ C0] ? event_function_call+0x5b0/0x5b0 [ 123.150782][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.155467][ C0] __bpf_trace_kfree+0x6f/0x90 [ 123.160070][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.165273][ C0] kfree+0x1f3/0x220 [ 123.169004][ C0] sock_map_unref+0x352/0x4d0 [ 123.173517][ C0] sock_hash_delete_elem+0x274/0x2f0 [ 123.178637][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x35c [ 123.184028][ C0] bpf_trace_run2+0x159/0x210 [ 123.188530][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.193231][ C0] ? event_function_call+0x4d0/0x5b0 [ 123.198336][ C0] ? selinux_perf_event_free+0x5b/0x70 [ 123.203631][ C0] ? perf_adjust_period+0x4f0/0x4f0 [ 123.208669][ C0] ? selinux_perf_event_free+0x5b/0x70 [ 123.213964][ C0] __bpf_trace_kfree+0x6f/0x90 [ 123.218567][ C0] ? selinux_perf_event_free+0x5b/0x70 [ 123.223854][ C0] kfree+0x1f3/0x220 [ 123.227676][ C0] selinux_perf_event_free+0x5b/0x70 [ 123.232796][ C0] security_perf_event_free+0x44/0x80 [ 123.238001][ C0] _free_event+0x739/0xce0 [ 123.242258][ C0] perf_event_release_kernel+0x7d9/0x860 [ 123.247724][ C0] ? perf_event_read_local+0x720/0x720 [ 123.253019][ C0] perf_release+0x3b/0x40 [ 123.257182][ C0] ? perf_mmap+0x1340/0x1340 [ 123.261607][ C0] __fput+0x3fe/0x910 [ 123.266049][ C0] ____fput+0x15/0x20 [ 123.269866][ C0] task_work_run+0x129/0x190 [ 123.274294][ C0] exit_to_user_mode_loop+0xc4/0xe0 [ 123.279326][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 123.284622][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 123.290002][ C0] do_syscall_64+0x49/0xb0 [ 123.294273][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 123.299986][ C0] RIP: 0033:0x7fc7e74890a9 [ 123.304237][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 123.323678][ C0] RSP: 002b:00007fc7e68030c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 123.331923][ C0] RAX: 0000000000000000 RBX: 00007fc7e75bff80 RCX: 00007fc7e74890a9 [ 123.339735][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 123.347543][ C0] RBP: 00007fc7e74f8074 R08: 0000000000000000 R09: 0000000000000000 [ 123.355441][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.363268][ C0] R13: 000000000000000b R14: 00007fc7e75bff80 R15: 00007ffd559cd878 [ 123.371245][ C0] [ 123.374104][ C0] Sending NMI from CPU 0 to CPUs 1: [ 123.379144][ C1] NMI backtrace for cpu 1 [ 123.379155][ C1] CPU: 1 PID: 339 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 123.379172][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 123.379180][ C1] RIP: 0010:native_apic_msr_write+0x39/0x50 [ 123.379203][ C1] Code: 74 05 83 ff 30 75 12 5d c3 81 ff d0 00 00 00 74 f6 81 ff e0 00 00 00 74 ee c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 eb d9 89 f6 31 d2 e8 da ad 51 01 5d c3 0f 1f 84 00 00 00 00 [ 123.379215][ C1] RSP: 0018:ffffc900001d0df8 EFLAGS: 00000046 [ 123.379229][ C1] RAX: 000000000000020b RBX: ffffffff8602c9c8 RCX: 0000000000000838 [ 123.379239][ C1] RDX: 0000000000000000 RSI: 000000000000020b RDI: 0000000000000838 [ 123.379248][ C1] RBP: ffffc900001d0df8 R08: ffffffff8163a31b R09: ffffffff8163a20d [ 123.379259][ C1] R10: 0000000000000002 R11: ffff88810c7c4f00 R12: 0000000000000020 [ 123.379269][ C1] R13: dffffc0000000000 R14: 000000000000020b R15: dffffc0000000000 [ 123.379279][ C1] FS: 00007f6432ffc6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 123.379293][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.379303][ C1] CR2: 0000786c6c257830 CR3: 000000010c39e000 CR4: 00000000003506a0 [ 123.379317][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 123.379325][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 123.379335][ C1] Call Trace: [ 123.379338][ C1] [ 123.379343][ C1] ? show_regs+0x58/0x60 [ 123.379359][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 123.379377][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 123.379395][ C1] ? native_apic_msr_write+0x39/0x50 [ 123.379411][ C1] ? native_apic_msr_write+0x39/0x50 [ 123.379427][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 123.379442][ C1] ? nmi_handle+0xa8/0x280 [ 123.379464][ C1] ? native_apic_msr_write+0x39/0x50 [ 123.379480][ C1] ? __unwind_start+0x23f/0x3a0 [ 123.379496][ C1] ? default_do_nmi+0x69/0x160 [ 123.379512][ C1] ? exc_nmi+0xaf/0x120 [ 123.379525][ C1] ? end_repeat_nmi+0x16/0x31 [ 123.379541][ C1] ? clockevents_program_event+0x7d/0x300 [ 123.379557][ C1] ? clockevents_program_event+0x18b/0x300 [ 123.379572][ C1] ? native_apic_msr_write+0x39/0x50 [ 123.379588][ C1] ? native_apic_msr_write+0x39/0x50 [ 123.379605][ C1] ? native_apic_msr_write+0x39/0x50 [ 123.379621][ C1] [ 123.379625][ C1] [ 123.379629][ C1] lapic_next_event+0x5f/0x70 [ 123.379643][ C1] clockevents_program_event+0x1c1/0x300 [ 123.379658][ C1] tick_program_event+0x9f/0x120 [ 123.379674][ C1] hrtimer_interrupt+0x625/0xaa0 [ 123.379693][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 123.379708][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 123.379724][ C1] [ 123.379728][ C1] [ 123.379732][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.379747][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 123.379762][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 123.379773][ C1] RSP: 0018:ffffc900009d73e0 EFLAGS: 00000246 [ 123.379785][ C1] RAX: 0000000000000001 RBX: 1ffff9200013ae80 RCX: 1ffffffff0d1aa9c [ 123.379795][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7138ad4 [ 123.379804][ C1] RBP: ffffc900009d7490 R08: dffffc0000000000 R09: ffffed103ee2715b [ 123.379815][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 123.379825][ C1] R13: ffff8881f7138ad4 R14: 0000000000000001 R15: 1ffff9200013ae84 [ 123.379839][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 123.379853][ C1] ? __pv_queued_spin_lock_slowpath+0x351/0xc40 [ 123.379873][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 123.379891][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 123.379909][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 123.379925][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 123.379942][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 123.379960][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 123.379976][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x35c [ 123.379989][ C1] bpf_trace_run2+0x159/0x210 [ 123.380005][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.380020][ C1] ? skb_release_data+0x8a9/0xa80 [ 123.380035][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.380051][ C1] ? skb_release_data+0x8a9/0xa80 [ 123.380065][ C1] __bpf_trace_kfree+0x6f/0x90 [ 123.380079][ C1] ? skb_release_data+0x8a9/0xa80 [ 123.380093][ C1] kfree+0x1f3/0x220 [ 123.380108][ C1] ? _copy_to_iter+0x2fa/0xde0 [ 123.380124][ C1] skb_release_data+0x8a9/0xa80 [ 123.380139][ C1] ? tsk_advance_rx_queue+0x10a/0x260 [ 123.380153][ C1] kfree_skb+0xba/0x360 [ 123.380166][ C1] tsk_advance_rx_queue+0x10a/0x260 [ 123.380181][ C1] tipc_recvstream+0x807/0xf70 [ 123.380197][ C1] ? tipc_sendstream+0x70/0x70 [ 123.380210][ C1] ? ____sys_recvmsg+0x1f1/0x530 [ 123.380226][ C1] ? tipc_sendstream+0x70/0x70 [ 123.380240][ C1] ____sys_recvmsg+0x286/0x530 [ 123.380255][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 123.380272][ C1] ? import_iovec+0xe5/0x120 [ 123.380288][ C1] ___sys_recvmsg+0x1ec/0x690 [ 123.380303][ C1] ? __sys_recvmsg+0x260/0x260 [ 123.380317][ C1] ? enqueue_hrtimer+0xca/0x240 [ 123.380331][ C1] ? __hrtimer_run_queues+0xa6f/0xad0 [ 123.380349][ C1] ? __fdget+0x1bc/0x240 [ 123.380363][ C1] __x64_sys_recvmsg+0x1dc/0x2b0 [ 123.380378][ C1] ? __kasan_check_write+0x14/0x20 [ 123.380393][ C1] ? ___sys_recvmsg+0x690/0x690 [ 123.380410][ C1] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 123.380426][ C1] do_syscall_64+0x3d/0xb0 [ 123.380440][ C1] ? sysvec_call_function_single+0x52/0xb0 [ 123.380461][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 123.380475][ C1] RIP: 0033:0x7f6433c820a9 [ 123.380487][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 123.380498][ C1] RSP: 002b:00007f6432ffc0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 123.380513][ C1] RAX: ffffffffffffffda RBX: 00007f6433db8f80 RCX: 00007f6433c820a9 [ 123.380523][ C1] RDX: 0000000000001f00 RSI: 0000000020000500 RDI: 0000000000000004 [ 123.380532][ C1] RBP: 00007f6433cf1074 R08: 0000000000000000 R09: 0000000000000000 [ 123.380541][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.380550][ C1] R13: 000000000000000b R14: 00007f6433db8f80 R15: 00007fff0d825e48 [ 123.380563][ C1] [ 265.043515][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [syz-executor.2:339] [ 265.051847][ C1] Modules linked in: [ 265.055583][ C1] CPU: 1 PID: 339 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 265.065557][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 265.075470][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 265.080223][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.100187][ C1] RSP: 0018:ffffc900009d73e0 EFLAGS: 00000246 [ 265.106088][ C1] RAX: 0000000000000001 RBX: 1ffff9200013ae80 RCX: 1ffffffff0d1aa9c [ 265.113918][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7138ad4 [ 265.121709][ C1] RBP: ffffc900009d7490 R08: dffffc0000000000 R09: ffffed103ee2715b [ 265.129520][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.137420][ C1] R13: ffff8881f7138ad4 R14: 0000000000000001 R15: 1ffff9200013ae84 [ 265.145277][ C1] FS: 00007f6432ffc6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 265.154002][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.160427][ C1] CR2: 0000786c6c257830 CR3: 000000010c39e000 CR4: 00000000003506a0 [ 265.168333][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.176135][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.183976][ C1] Call Trace: [ 265.187068][ C1] [ 265.189757][ C1] ? show_regs+0x58/0x60 [ 265.193844][ C1] ? watchdog_timer_fn+0x4b1/0x5f0 [ 265.198786][ C1] ? proc_watchdog_cpumask+0xd0/0xd0 [ 265.203993][ C1] ? __hrtimer_run_queues+0x41a/0xad0 [ 265.209200][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 265.214144][ C1] ? clockevents_program_event+0x22f/0x300 [ 265.219787][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 265.225774][ C1] ? hrtimer_interrupt+0x40c/0xaa0 [ 265.230724][ C1] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 265.236627][ C1] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 265.242266][ C1] [ 265.245052][ C1] [ 265.247820][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.253810][ C1] ? kvm_wait+0x147/0x180 [ 265.257975][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.263963][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 265.269055][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 265.274954][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.281202][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 265.285972][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.291007][ C1] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 265.296301][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 265.301336][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x35c [ 265.306719][ C1] bpf_trace_run2+0x159/0x210 [ 265.311230][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.315916][ C1] ? skb_release_data+0x8a9/0xa80 [ 265.320775][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.326767][ C1] ? skb_release_data+0x8a9/0xa80 [ 265.331623][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.336224][ C1] ? skb_release_data+0x8a9/0xa80 [ 265.341106][ C1] kfree+0x1f3/0x220 [ 265.344815][ C1] ? _copy_to_iter+0x2fa/0xde0 [ 265.349418][ C1] skb_release_data+0x8a9/0xa80 [ 265.354192][ C1] ? tsk_advance_rx_queue+0x10a/0x260 [ 265.359398][ C1] kfree_skb+0xba/0x360 [ 265.363394][ C1] tsk_advance_rx_queue+0x10a/0x260 [ 265.368429][ C1] tipc_recvstream+0x807/0xf70 [ 265.373286][ C1] ? tipc_sendstream+0x70/0x70 [ 265.377960][ C1] ? ____sys_recvmsg+0x1f1/0x530 [ 265.382660][ C1] ? tipc_sendstream+0x70/0x70 [ 265.387264][ C1] ____sys_recvmsg+0x286/0x530 [ 265.391947][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 265.396810][ C1] ? import_iovec+0xe5/0x120 [ 265.401239][ C1] ___sys_recvmsg+0x1ec/0x690 [ 265.405745][ C1] ? __sys_recvmsg+0x260/0x260 [ 265.410343][ C1] ? enqueue_hrtimer+0xca/0x240 [ 265.415029][ C1] ? __hrtimer_run_queues+0xa6f/0xad0 [ 265.420241][ C1] ? __fdget+0x1bc/0x240 [ 265.424317][ C1] __x64_sys_recvmsg+0x1dc/0x2b0 [ 265.429091][ C1] ? __kasan_check_write+0x14/0x20 [ 265.434038][ C1] ? ___sys_recvmsg+0x690/0x690 [ 265.438728][ C1] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 265.444193][ C1] do_syscall_64+0x3d/0xb0 [ 265.448445][ C1] ? sysvec_call_function_single+0x52/0xb0 [ 265.454089][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.459820][ C1] RIP: 0033:0x7f6433c820a9 [ 265.464093][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 265.483509][ C1] RSP: 002b:00007f6432ffc0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 265.491755][ C1] RAX: ffffffffffffffda RBX: 00007f6433db8f80 RCX: 00007f6433c820a9 [ 265.499565][ C1] RDX: 0000000000001f00 RSI: 0000000020000500 RDI: 0000000000000004 [ 265.507380][ C1] RBP: 00007f6433cf1074 R08: 0000000000000000 R09: 0000000000000000 [ 265.515188][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.523001][ C1] R13: 000000000000000b R14: 00007f6433db8f80 R15: 00007fff0d825e48 [ 265.530816][ C1] [ 265.533686][ C1] Sending NMI from CPU 1 to CPUs 0: [ 265.538828][ C0] NMI backtrace for cpu 0 [ 265.538837][ C0] CPU: 0 PID: 355 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 265.538853][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 265.538861][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 265.538881][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 4b 02 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.538893][ C0] RSP: 0018:ffffc90000c07520 EFLAGS: 00000246 [ 265.538906][ C0] RAX: 0000000000000003 RBX: 1ffff92000180ea8 RCX: ffffffff8154fb7f [ 265.538921][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810ac77798 [ 265.538931][ C0] RBP: ffffc90000c075d0 R08: dffffc0000000000 R09: ffffed102158eef4 [ 265.538942][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.538952][ C0] R13: ffff88810ac77798 R14: 0000000000000003 R15: 1ffff92000180eac [ 265.538962][ C0] FS: 00007fc7e68036c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 265.538976][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.538987][ C0] CR2: 0000001b2ea24000 CR3: 000000011add0000 CR4: 00000000003506b0 [ 265.539000][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.539009][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.539018][ C0] Call Trace: [ 265.539023][ C0] [ 265.539028][ C0] ? show_regs+0x58/0x60 [ 265.539044][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 265.539062][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 265.539080][ C0] ? kvm_wait+0x147/0x180 [ 265.539093][ C0] ? kvm_wait+0x147/0x180 [ 265.539106][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 265.539123][ C0] ? nmi_handle+0xa8/0x280 [ 265.539138][ C0] ? kvm_wait+0x147/0x180 [ 265.539152][ C0] ? default_do_nmi+0x69/0x160 [ 265.539168][ C0] ? exc_nmi+0xaf/0x120 [ 265.539182][ C0] ? end_repeat_nmi+0x16/0x31 [ 265.539197][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.539215][ C0] ? kvm_wait+0x147/0x180 [ 265.539228][ C0] ? kvm_wait+0x147/0x180 [ 265.539242][ C0] ? kvm_wait+0x147/0x180 [ 265.539255][ C0] [ 265.539259][ C0] [ 265.539263][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.539278][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 265.539293][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.539310][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 265.539328][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.539346][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 265.539363][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.539379][ C0] ? sock_hash_bucket_hash+0x31c/0x7e0 [ 265.539398][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 265.539414][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x35c [ 265.539427][ C0] bpf_trace_run2+0x159/0x210 [ 265.539443][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.539458][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.539473][ C0] ? event_function+0x284/0x300 [ 265.539487][ C0] ? event_function_call+0x5b0/0x5b0 [ 265.539501][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.539516][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.539530][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.539544][ C0] kfree+0x1f3/0x220 [ 265.539561][ C0] sock_map_unref+0x352/0x4d0 [ 265.539577][ C0] sock_hash_delete_elem+0x274/0x2f0 [ 265.539594][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x35c [ 265.539605][ C0] bpf_trace_run2+0x159/0x210 [ 265.539621][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.539636][ C0] ? event_function_call+0x4d0/0x5b0 [ 265.539649][ C0] ? selinux_perf_event_free+0x5b/0x70 [ 265.539664][ C0] ? perf_adjust_period+0x4f0/0x4f0 [ 265.539678][ C0] ? selinux_perf_event_free+0x5b/0x70 [ 265.539693][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.539706][ C0] ? selinux_perf_event_free+0x5b/0x70 [ 265.539720][ C0] kfree+0x1f3/0x220 [ 265.539736][ C0] selinux_perf_event_free+0x5b/0x70 [ 265.539750][ C0] security_perf_event_free+0x44/0x80 [ 265.539765][ C0] _free_event+0x739/0xce0 [ 265.539780][ C0] perf_event_release_kernel+0x7d9/0x860 [ 265.539799][ C0] ? perf_event_read_local+0x720/0x720 [ 265.539817][ C0] perf_release+0x3b/0x40 [ 265.539830][ C0] ? perf_mmap+0x1340/0x1340 [ 265.539844][ C0] __fput+0x3fe/0x910 [ 265.539861][ C0] ____fput+0x15/0x20 [ 265.539875][ C0] task_work_run+0x129/0x190 [ 265.539889][ C0] exit_to_user_mode_loop+0xc4/0xe0 [ 265.539904][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 265.539924][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 265.539940][ C0] do_syscall_64+0x49/0xb0 [ 265.539954][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.539968][ C0] RIP: 0033:0x7fc7e74890a9 [ 265.539980][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 265.539991][ C0] RSP: 002b:00007fc7e68030c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 265.540005][ C0] RAX: 0000000000000000 RBX: 00007fc7e75bff80 RCX: 00007fc7e74890a9 [ 265.540015][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 265.540023][ C0] RBP: 00007fc7e74f8074 R08: 0000000000000000 R09: 0000000000000000 [ 265.540032][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.540041][ C0] R13: 000000000000000b R14: 00007fc7e75bff80 R15: 00007ffd559cd878 [ 265.540053][ C0]