Warning: Permanently added '10.128.0.131' (ED25519) to the list of known hosts.
2024/05/27 22:43:15 fuzzer started
2024/05/27 22:43:15 dialing manager at 10.128.0.163:30010
[   19.816105][   T30] audit: type=1400 audit(1716849795.796:66): avc:  denied  { node_bind } for  pid=281 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   19.819270][   T30] audit: type=1400 audit(1716849795.796:67): avc:  denied  { name_bind } for  pid=281 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   19.844424][   T30] audit: type=1400 audit(1716849795.826:68): avc:  denied  { mounton } for  pid=291 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   19.849068][  T290] cgroup: Unknown subsys name 'net'
[   19.875028][  T290] cgroup: Unknown subsys name 'devices'
[   19.890414][   T30] audit: type=1400 audit(1716849795.826:69): avc:  denied  { integrity } for  pid=290 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   19.912874][   T30] audit: type=1400 audit(1716849795.826:70): avc:  denied  { mounton } for  pid=290 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   19.918774][  T298] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   19.935924][   T30] audit: type=1400 audit(1716849795.826:71): avc:  denied  { mount } for  pid=290 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   19.965684][   T30] audit: type=1400 audit(1716849795.866:72): avc:  denied  { mount } for  pid=291 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   19.979959][  T293] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   19.988617][   T30] audit: type=1400 audit(1716849795.866:73): avc:  denied  { unmount } for  pid=290 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   20.016674][   T30] audit: type=1400 audit(1716849795.866:74): avc:  denied  { setattr } for  pid=294 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   20.039560][   T30] audit: type=1400 audit(1716849795.926:75): avc:  denied  { relabelto } for  pid=298 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   20.066665][  T290] cgroup: Unknown subsys name 'hugetlb'
[   20.072085][  T290] cgroup: Unknown subsys name 'rlimit'
2024/05/27 22:43:16 starting 5 executor processes
[   20.618679][  T305] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.625523][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.633012][  T305] device bridge_slave_0 entered promiscuous mode
[   20.646737][  T306] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.653656][  T306] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.661003][  T306] device bridge_slave_0 entered promiscuous mode
[   20.667457][  T305] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.674279][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.681602][  T305] device bridge_slave_1 entered promiscuous mode
[   20.691738][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.698594][  T306] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.705858][  T306] device bridge_slave_1 entered promiscuous mode
[   20.745541][  T307] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.752406][  T307] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.759838][  T307] device bridge_slave_0 entered promiscuous mode
[   20.775920][  T307] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.782755][  T307] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.790033][  T307] device bridge_slave_1 entered promiscuous mode
[   20.829000][  T308] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.836089][  T308] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.843396][  T308] device bridge_slave_0 entered promiscuous mode
[   20.857723][  T308] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.864552][  T308] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.871828][  T308] device bridge_slave_1 entered promiscuous mode
[   20.925047][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.932008][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.939301][  T309] device bridge_slave_0 entered promiscuous mode
[   20.957480][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.964393][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.971596][  T309] device bridge_slave_1 entered promiscuous mode
[   21.043288][  T305] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.050135][  T305] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.057231][  T305] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.064008][  T305] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.101742][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.108601][  T306] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.115690][  T306] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.122496][  T306] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.134943][  T307] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.141812][  T307] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.148888][  T307] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.155683][  T307] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.173679][  T308] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.180521][  T308] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.187599][  T308] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.194512][  T308] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.208212][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.215153][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.222251][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.229049][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.257895][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.265421][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.272528][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.279504][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.287582][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.296107][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.303149][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.310167][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.317164][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.324574][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[   21.331546][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[   21.368233][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.375667][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   21.383517][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.390719][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.398423][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.406359][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.413181][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.420386][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.428078][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.436043][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.442868][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.450061][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.457790][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.486805][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   21.494187][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.503445][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.512457][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.520388][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.527217][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.534326][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.542223][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.549050][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.558014][  T305] device veth0_vlan entered promiscuous mode
[   21.567634][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.575402][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.583594][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.590428][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.598929][  T306] device veth0_vlan entered promiscuous mode
[   21.616042][  T305] device veth1_macvtap entered promiscuous mode
[   21.624061][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   21.632247][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.639771][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.649603][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.657440][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.665434][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.672273][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.679788][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.687544][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.695359][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.703258][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   21.711135][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.725420][  T307] device veth0_vlan entered promiscuous mode
[   21.732569][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.739841][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.747196][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.755259][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.763641][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   21.771282][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.779485][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.786760][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.802022][  T309] device veth0_vlan entered promiscuous mode
[   21.813317][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.821255][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.828985][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.837128][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.845213][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   21.852904][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.860652][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.868842][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   21.876985][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   21.884968][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   21.896584][  T307] device veth1_macvtap entered promiscuous mode
[   21.913137][  T309] device veth1_macvtap entered promiscuous mode
[   21.923559][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.930887][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.938611][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   21.946553][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   21.954470][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   21.962081][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.970030][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   21.978187][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   21.986241][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   21.994238][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   22.001462][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.008707][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   22.016864][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.024784][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.031619][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.038756][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   22.046818][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.054739][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.061572][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.068721][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.076680][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.084538][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.091991][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.099926][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.111579][  T306] device veth1_macvtap entered promiscuous mode
[   22.135381][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   22.142985][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.151036][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.159088][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.167105][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   22.175168][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075"], 0x0}, 0x90)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001c00)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000000), 0xffe000)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40305829, &(0x7f0000000040))
write$cgroup_freezer_state(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='block_plug\x00', r2}, 0x10)
write$cgroup_pid(r0, &(0x7f0000000980), 0x12)

[   22.182991][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.190683][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   22.198518][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.206316][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.214286][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.222450][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.230420][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

[   22.257362][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   22.266530][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.274618][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   22.296607][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
executing program 0:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x24, 0x4, 0x2}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f00000002c0), 0x20000000}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r3}, &(0x7f0000000700), &(0x7f0000000740)=r4}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000200000000000000000818110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r6}, 0x10)
write$cgroup_pid(r2, &(0x7f0000000980), 0x12)

[   22.304767][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.313263][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.340009][  T308] device veth0_vlan entered promiscuous mode
executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001060000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd63"], 0xfdef)

[   22.359839][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   22.368296][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.380223][  T308] device veth1_macvtap entered promiscuous mode
[   22.396997][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
executing program 2:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='global_dirty_state\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='global_dirty_state\x00'}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r5, &(0x7f0000000180), 0x40001)

[   22.404487][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   22.413425][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.421733][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   22.430710][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program 0:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xdb, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000000)=0x80000)

executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8946, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
mkdir(0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x4, [@var={0x2, 0x0, 0x0, 0x11}, @enum]}, {0x0, [0x0, 0x61]}}, 0x0, 0x38}, 0x20)

executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8c18cffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1}, 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r2}, 0x38)

executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x40)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000000)='ext4_mark_inode_dirty\x00'}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000ffff0002000000181100000000000000e4863bdc1c68f6ddd71a28c5312825b59e9649e20866715ae69f06e58997cb83a39c0bb381122a80abba66ae69f42ab31667a09f275535028b3aa0441fb6f561d95d1305b30a32f63b6567b8279ebb7e173aabe6217a1004ac2ed911dc93beb7c0d190bc3b2213cbf8fa54267fa857e1f584454ac227237ac09f28", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100000085000000820000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x8, 0x1000, &(0x7f0000001080)=""/4096, 0x41000, 0x2c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x2, 0xf, 0xe47a, 0x3ff}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000009c0), &(0x7f0000000a00)=[{0x1, 0x3, 0x5, 0x7}, {0x0, 0x5, 0x9, 0xb}, {0x4, 0x5, 0xb, 0x8}], 0x10, 0x4}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="000085000000860000009500"/25], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='ext4_ext_rm_leaf\x00'}, 0x10)
gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='ext4_ext_rm_leaf\x00', r3}, 0x10)

executing program 4:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))

executing program 2:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a03f0fff0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c8500000032000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)

[   22.599175][  T336] syz-executor.1[336] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r0}, &(0x7f0000000700), &(0x7f0000000740)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000200000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))

[   22.599311][  T336] syz-executor.1[336] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   22.676089][    C0] hrtimer: interrupt took 37146 ns
[  122.705783][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  122.712299][    C1] rcu: 	1-...!: (9999 ticks this GP) idle=0c5/1/0x4000000000000000 softirq=2439/2440 fqs=0 last_accelerate: 935a/ba79 dyntick_enabled: 1
[  122.726076][    C1] 	(t=10002 jiffies g=825 q=207)
[  122.730842][    C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g825 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  122.742823][    C1] rcu: 	Possible timer handling issue on cpu=0 timer-softirq=505
[  122.750369][    C1] rcu: rcu_preempt kthread starved for 10004 jiffies! g825 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[  122.761477][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  122.771288][    C1] rcu: RCU grace-period kthread stack dump:
[  122.777113][    C1] task:rcu_preempt     state:I stack:28328 pid:   14 ppid:     2 flags:0x00004000
[  122.786154][    C1] Call Trace:
[  122.789252][    C1]  <TASK>
[  122.792033][    C1]  __schedule+0xccc/0x1590
[  122.796283][    C1]  ? __sched_text_start+0x8/0x8
[  122.800974][    C1]  ? __kasan_check_write+0x14/0x20
[  122.805920][    C1]  schedule+0x11f/0x1e0
[  122.809909][    C1]  schedule_timeout+0x18c/0x370
[  122.814595][    C1]  ? _raw_spin_unlock_irq+0x4e/0x70
[  122.819633][    C1]  ? console_conditional_schedule+0x30/0x30
[  122.825362][    C1]  ? update_process_times+0x200/0x200
[  122.830563][    C1]  ? prepare_to_swait_event+0x308/0x320
[  122.835953][    C1]  rcu_gp_fqs_loop+0x2af/0xf80
[  122.840544][    C1]  ? debug_smp_processor_id+0x17/0x20
[  122.845841][    C1]  ? __note_gp_changes+0x4ab/0x920
[  122.850790][    C1]  ? rcu_gp_init+0xc30/0xc30
[  122.855215][    C1]  ? _raw_spin_unlock_irq+0x4e/0x70
[  122.860250][    C1]  ? rcu_gp_init+0x9cf/0xc30
[  122.864677][    C1]  rcu_gp_kthread+0xa4/0x350
[  122.869101][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  122.873787][    C1]  ? wake_nocb_gp+0x1e0/0x1e0
[  122.878299][    C1]  ? __kasan_check_read+0x11/0x20
[  122.883159][    C1]  ? __kthread_parkme+0xb2/0x200
[  122.887936][    C1]  kthread+0x421/0x510
[  122.891840][    C1]  ? wake_nocb_gp+0x1e0/0x1e0
[  122.896354][    C1]  ? kthread_blkcg+0xd0/0xd0
[  122.900778][    C1]  ret_from_fork+0x1f/0x30
[  122.905037][    C1]  </TASK>
[  122.907905][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  122.914069][    C1] Sending NMI from CPU 1 to CPUs 0:
[  122.919112][    C0] NMI backtrace for cpu 0
[  122.919130][    C0] CPU: 0 PID: 367 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  122.919145][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  122.919156][    C0] RIP: 0010:perf_callchain_kernel+0x3ae/0x640
[  122.919176][    C0] Code: 00 00 4c 89 ff e8 d2 d0 33 00 49 89 c6 31 ff 48 89 c6 e8 35 3a 6f 00 4d 85 f6 0f 84 cd 01 00 00 48 8b 44 24 30 42 0f b6 04 20 <84> c0 0f 85 0c 01 00 00 48 8b 44 24 10 44 8b 38 48 8b 44 24 58 42
[  122.919187][    C0] RSP: 0018:ffffc90000007600 EFLAGS: 00000086
[  122.919201][    C0] RAX: 0000000000000000 RBX: ffff88810da0c8a8 RCX: ffff88810d9fcf00
[  122.919211][    C0] RDX: 0000000000010202 RSI: ffffffffa0030196 RDI: 0000000000000000
[  122.919221][    C0] RBP: ffffc90000007750 R08: ffffffff8101006b R09: ffffc90000007680
[  122.919232][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  122.919242][    C0] R13: 1ffff92000000ecc R14: ffffffffa0030196 R15: ffffc90000007680
[  122.919253][    C0] FS:  00007f98e29916c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  122.919266][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.919276][    C0] CR2: 00007f5273c836c6 CR3: 00000001284d3000 CR4: 00000000003506b0
[  122.919289][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  122.919297][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  122.919306][    C0] Call Trace:
[  122.919310][    C0]  <NMI>
[  122.919314][    C0]  ? show_regs+0x58/0x60
[  122.919329][    C0]  ? nmi_cpu_backtrace+0x29f/0x300
[  122.919346][    C0]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  122.919363][    C0]  ? perf_callchain_kernel+0x3ae/0x640
[  122.919378][    C0]  ? perf_callchain_kernel+0x3ae/0x640
[  122.919392][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  122.919408][    C0]  ? nmi_handle+0xa8/0x280
[  122.919423][    C0]  ? perf_callchain_kernel+0x3ae/0x640
[  122.919438][    C0]  ? default_do_nmi+0x69/0x160
[  122.919453][    C0]  ? exc_nmi+0xaf/0x120
[  122.919466][    C0]  ? end_repeat_nmi+0x16/0x31
[  122.919480][    C0]  ? bpf_prog_8a405b5ced52e191+0x42/0xeac
[  122.919492][    C0]  ? perf_callchain_kernel+0x39b/0x640
[  122.919507][    C0]  ? bpf_prog_8a405b5ced52e191+0x42/0xeac
[  122.919518][    C0]  ? perf_callchain_kernel+0x3ae/0x640
[  122.919533][    C0]  ? perf_callchain_kernel+0x3ae/0x640
[  122.919548][    C0]  ? perf_callchain_kernel+0x3ae/0x640
[  122.919563][    C0]  </NMI>
[  122.919567][    C0]  <IRQ>
[  122.919570][    C0]  ? __stack_depot_save+0x34/0x470
[  122.919588][    C0]  ? arch_perf_update_userpage+0x450/0x450
[  122.919604][    C0]  ? bpf_prog_8a405b5ced52e191+0x42/0xeac
[  122.919616][    C0]  ? debug_smp_processor_id+0x17/0x20
[  122.919631][    C0]  ? get_callchain_entry+0x170/0x390
[  122.919647][    C0]  get_perf_callchain+0x579/0x810
[  122.919663][    C0]  ? put_callchain_entry+0xb0/0xb0
[  122.919679][    C0]  ? __perf_event_header__init_id+0x467/0x590
[  122.919693][    C0]  ? kvm_is_in_guest+0x28/0x40
[  122.919708][    C0]  perf_prepare_sample+0x359/0x1a80
[  122.919722][    C0]  ? perf_callchain+0x190/0x190
[  122.919734][    C0]  ? enqueue_task_fair+0xd61/0x29a0
[  122.919751][    C0]  perf_event_output_forward+0xdb/0x1b0
[  122.919764][    C0]  ? perf_get_page_size+0x4c0/0x4c0
[  122.919779][    C0]  ? __this_cpu_preempt_check+0x13/0x20
[  122.919794][    C0]  ? __perf_event_account_interrupt+0x18f/0x2c0
[  122.919809][    C0]  __perf_event_overflow+0x20b/0x390
[  122.919823][    C0]  perf_swevent_hrtimer+0x3fd/0x560
[  122.919838][    C0]  ? __raise_softirq_irqoff+0xe0/0xe0
[  122.919853][    C0]  ? __kasan_check_read+0x11/0x20
[  122.919868][    C0]  ? cpu_clock_event_read+0x50/0x50
[  122.919887][    C0]  ? timerqueue_add+0x250/0x270
[  122.919902][    C0]  ? timerqueue_del+0xb4/0x100
[  122.919914][    C0]  ? cpu_clock_event_read+0x50/0x50
[  122.919929][    C0]  __hrtimer_run_queues+0x41a/0xad0
[  122.919945][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[  122.919958][    C0]  ? clockevents_program_event+0x22f/0x300
[  122.919973][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  122.919989][    C0]  hrtimer_interrupt+0x40c/0xaa0
[  122.920006][    C0]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  122.920025][    C0]  sysvec_apic_timer_interrupt+0x95/0xc0
[  122.920041][    C0]  </IRQ>
[  122.920045][    C0]  <TASK>
[  122.920049][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  122.920063][    C0] RIP: 0010:kvm_wait+0x147/0x180
[  122.920077][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  122.920087][    C0] RSP: 0018:ffffc900053aec80 EFLAGS: 00000246
[  122.920098][    C0] RAX: 0000000000000001 RBX: 1ffff92000a75d94 RCX: 1ffffffff0d1aa9c
[  122.920108][    C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4
[  122.920117][    C0] RBP: ffffc900053aed30 R08: dffffc0000000000 R09: ffffed103ee06fdb
[  122.920128][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  122.920137][    C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a75d98
[  122.920150][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  122.920165][    C0]  ? kvm_arch_para_hints+0x30/0x30
[  122.920180][    C0]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[  122.920198][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  122.920213][    C0]  ? stack_trace_save+0x113/0x1c0
[  122.920229][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  122.920243][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[  122.920259][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  122.920276][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  122.920293][    C0]  sock_map_delete_elem+0x99/0x130
[  122.920309][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  122.920325][    C0]  bpf_prog_8a405b5ced52e191+0x42/0xeac
[  122.920336][    C0]  bpf_trace_run2+0xec/0x210
[  122.920352][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  122.920366][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  122.920383][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  122.920398][    C0]  __bpf_trace_kfree+0x6f/0x90
[  122.920412][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  122.920427][    C0]  kfree+0x1f3/0x220
[  122.920441][    C0]  ? irqentry_exit+0x30/0x40
[  122.920455][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  122.920472][    C0]  copy_verifier_state+0xd7/0xcc0
[  122.920487][    C0]  ? do_check+0x3385/0xf2c0
[  122.920503][    C0]  do_check+0x47a0/0xf2c0
[  122.920520][    C0]  ? __x64_sys_bpf+0x7c/0x90
[  122.920538][    C0]  ? mark_reg_unknown+0x600/0x600
[  122.920553][    C0]  ? irqentry_exit+0x30/0x40
[  122.920567][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  122.920582][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  122.920598][    C0]  ? btf_check_subprog_arg_match+0x181/0x2f0
[  122.920615][    C0]  do_check_common+0x909/0x1290
[  122.920632][    C0]  bpf_check+0x3835/0x12bf0
[  122.920653][    C0]  ? 0xffffffffa0028804
[  122.920662][    C0]  ? is_bpf_text_address+0x172/0x190
[  122.920678][    C0]  ? stack_trace_save+0x1c0/0x1c0
[  122.920692][    C0]  ? __kernel_text_address+0x9b/0x110
[  122.920706][    C0]  ? unwind_get_return_address+0x4d/0x90
[  122.920722][    C0]  ? bpf_get_btf_vmlinux+0x60/0x60
[  122.920736][    C0]  ? arch_stack_walk+0xf3/0x140
[  122.920753][    C0]  ? stack_trace_save+0x113/0x1c0
[  122.920767][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  122.920781][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  122.920796][    C0]  ? __stack_depot_save+0x34/0x470
[  122.920813][    C0]  ? ____kasan_kmalloc+0xed/0x110
[  122.920826][    C0]  ? ____kasan_kmalloc+0xdb/0x110
[  122.920839][    C0]  ? __kasan_kmalloc+0x9/0x10
[  122.920851][    C0]  ? kmem_cache_alloc_trace+0x115/0x210
[  122.920866][    C0]  ? selinux_bpf_prog_alloc+0x51/0x140
[  122.920880][    C0]  ? security_bpf_prog_alloc+0x62/0x90
[  122.920894][    C0]  ? bpf_prog_load+0x9ee/0x1b50
[  122.920908][    C0]  ? __sys_bpf+0x4bc/0x760
[  122.920920][    C0]  ? __x64_sys_bpf+0x7c/0x90
[  122.920932][    C0]  ? do_syscall_64+0x3d/0xb0
[  122.920945][    C0]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  122.920964][    C0]  ? irqentry_exit+0x30/0x40
[  122.920978][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  122.920994][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  122.921008][    C0]  ? 0xffffffff81000000
[  122.921021][    C0]  ? __check_object_size+0x73/0x3d0
[  122.921036][    C0]  ? __virt_addr_valid+0xb9/0x2f0
[  122.921049][    C0]  ? __check_object_size+0xfc/0x3d0
[  122.921064][    C0]  ? memset+0x35/0x40
[  122.921077][    C0]  ? bpf_obj_name_cpy+0x196/0x1e0
[  122.921091][    C0]  bpf_prog_load+0x12ac/0x1b50
[  122.921106][    C0]  ? map_freeze+0x370/0x370
[  122.921123][    C0]  ? __sanitizer_cov_trace_switch+0x60/0xe0
[  122.921140][    C0]  __sys_bpf+0x4bc/0x760
[  122.921153][    C0]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  122.921169][    C0]  ? __kasan_check_read+0x11/0x20
[  122.921185][    C0]  __x64_sys_bpf+0x7c/0x90
[  122.921198][    C0]  do_syscall_64+0x3d/0xb0
[  122.921210][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  122.921226][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  122.921239][    C0] RIP: 0033:0x7f98e3c1cee9
[  122.921256][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  122.921268][    C0] RSP: 002b:00007f98e29910c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  122.921281][    C0] RAX: ffffffffffffffda RBX: 00007f98e3d4bf80 RCX: 00007f98e3c1cee9
[  122.921292][    C0] RDX: 0000000000000048 RSI: 0000000020000200 RDI: 0000000000000005
[  122.921301][    C0] RBP: 00007f98e3c6949e R08: 0000000000000000 R09: 0000000000000000
[  122.921309][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  122.921317][    C0] R13: 000000000000000b R14: 00007f98e3d4bf80 R15: 00007ffc4b93bd88
[  122.921330][    C0]  </TASK>
[  122.922185][    C1] NMI backtrace for cpu 1
[  123.832226][    C1] CPU: 1 PID: 369 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  123.842193][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  123.852084][    C1] Call Trace:
[  123.855213][    C1]  <IRQ>
[  123.858009][    C1]  dump_stack_lvl+0x151/0x1b7
[  123.862528][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[  123.867987][    C1]  ? ttwu_do_wakeup+0x187/0x430
[  123.872675][    C1]  dump_stack+0x15/0x17
[  123.876665][    C1]  nmi_cpu_backtrace+0x2f7/0x300
[  123.881440][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  123.887430][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  123.892723][    C1]  ? __kasan_check_write+0x14/0x20
[  123.897669][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  123.902447][    C1]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  123.908348][    C1]  nmi_trigger_cpumask_backtrace+0x15d/0x270
[  123.914160][    C1]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  123.920061][    C1]  arch_trigger_cpumask_backtrace+0x10/0x20
[  123.925794][    C1]  rcu_dump_cpu_stacks+0x1d8/0x330
[  123.930740][    C1]  print_cpu_stall+0x315/0x5f0
[  123.935338][    C1]  rcu_sched_clock_irq+0x989/0x12f0
[  123.940377][    C1]  ? rcu_boost_kthread_setaffinity+0x340/0x340
[  123.946365][    C1]  ? hrtimer_run_queues+0x15f/0x440
[  123.951396][    C1]  update_process_times+0x198/0x200
[  123.956429][    C1]  tick_sched_timer+0x188/0x240
[  123.961115][    C1]  ? tick_setup_sched_timer+0x480/0x480
[  123.966494][    C1]  __hrtimer_run_queues+0x41a/0xad0
[  123.971530][    C1]  ? hrtimer_interrupt+0xaa0/0xaa0
[  123.976476][    C1]  ? clockevents_program_event+0x22f/0x300
[  123.982123][    C1]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  123.988020][    C1]  hrtimer_interrupt+0x40c/0xaa0
[  123.992797][    C1]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  123.998527][    C1]  sysvec_apic_timer_interrupt+0x95/0xc0
[  124.003991][    C1]  </IRQ>
[  124.006766][    C1]  <TASK>
[  124.009545][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  124.015362][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  124.020137][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  124.039577][    C1] RSP: 0018:ffffc900053676a0 EFLAGS: 00000246
[  124.045483][    C1] RAX: 0000000000000003 RBX: 1ffff92000a6ced8 RCX: ffffffff8154fa7f
[  124.053292][    C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810cc7a528
[  124.061105][    C1] RBP: ffffc90005367750 R08: dffffc0000000000 R09: ffffed102198f4a6
[  124.068912][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  124.076727][    C1] R13: ffff88810cc7a528 R14: 0000000000000003 R15: 1ffff92000a6cedc
[  124.084539][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  124.090613][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  124.096601][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  124.101549][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  124.107626][    C1]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  124.113640][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  124.119875][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  124.124647][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  124.129681][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  124.134545][    C1]  ? __kernel_text_address+0x9b/0x110
[  124.139752][    C1]  sock_map_delete_elem+0x99/0x130
[  124.144785][    C1]  ? sock_map_unref+0x352/0x4d0
[  124.149471][    C1]  bpf_prog_8a405b5ced52e191+0x42/0xeac
[  124.155007][    C1]  bpf_trace_run2+0xec/0x210
[  124.159408][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  124.164096][    C1]  ? stack_trace_save+0x113/0x1c0
[  124.168956][    C1]  ? sock_map_unref+0x352/0x4d0
[  124.173642][    C1]  ? __mutex_lock_slowpath+0x10/0x10
[  124.178764][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  124.184320][    C1]  ? sock_map_unref+0x352/0x4d0
[  124.189005][    C1]  __bpf_trace_kfree+0x6f/0x90
[  124.193603][    C1]  ? sock_map_unref+0x352/0x4d0
[  124.198379][    C1]  kfree+0x1f3/0x220
[  124.202114][    C1]  sock_map_unref+0x352/0x4d0
[  124.206630][    C1]  sock_map_delete_elem+0xc1/0x130
[  124.211570][    C1]  ? kvfree+0x35/0x40
[  124.215515][    C1]  bpf_prog_8a405b5ced52e191+0x42/0xeac
[  124.220894][    C1]  bpf_trace_run2+0xec/0x210
[  124.225317][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  124.230001][    C1]  ? kvfree+0x35/0x40
[  124.233920][    C1]  ? btf_parse_hdr+0x62/0x7c0
[  124.238787][    C1]  ? bpf_btf_find_by_name_kind+0x850/0x850
[  124.244425][    C1]  ? kvfree+0x35/0x40
[  124.248244][    C1]  __bpf_trace_kfree+0x6f/0x90
[  124.252848][    C1]  ? kvfree+0x35/0x40
[  124.256661][    C1]  kfree+0x1f3/0x220
[  124.260394][    C1]  ? btf_parse_hdr+0x53f/0x7c0
[  124.264997][    C1]  kvfree+0x35/0x40
[  124.268638][    C1]  btf_new_fd+0x443/0x910
[  124.272805][    C1]  bpf_btf_load+0x6f/0x90
[  124.276973][    C1]  __sys_bpf+0x50e/0x760
[  124.281052][    C1]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  124.286265][    C1]  ? __kasan_check_read+0x11/0x20
[  124.291125][    C1]  __x64_sys_bpf+0x7c/0x90
[  124.295376][    C1]  do_syscall_64+0x3d/0xb0
[  124.299623][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  124.305353][    C1] RIP: 0033:0x7f0f6904aee9
[  124.309608][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  124.329047][    C1] RSP: 002b:00007f0f67dbf0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  124.337292][    C1] RAX: ffffffffffffffda RBX: 00007f0f69179f80 RCX: 00007f0f6904aee9
[  124.345353][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000012
[  124.353244][    C1] RBP: 00007f0f6909749e R08: 0000000000000000 R09: 0000000000000000
[  124.361060][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  124.368870][    C1] R13: 000000000000000b R14: 00007f0f69179f80 R15: 00007ffc76086978
[  124.376687][    C1]  </TASK>
[  264.960974][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [syz-executor.2:367]
[  264.969307][    C0] Modules linked in:
[  264.973042][    C0] CPU: 0 PID: 367 Comm: syz-executor.2 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  264.983019][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  264.992917][    C0] RIP: 0010:kvm_wait+0x147/0x180
[  264.997693][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  265.017563][    C0] RSP: 0018:ffffc900053aec80 EFLAGS: 00000246
[  265.023463][    C0] RAX: 0000000000000001 RBX: 1ffff92000a75d94 RCX: 1ffffffff0d1aa9c
[  265.031275][    C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4
[  265.039088][    C0] RBP: ffffc900053aed30 R08: dffffc0000000000 R09: ffffed103ee06fdb
[  265.046988][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  265.054797][    C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000a75d98
[  265.062608][    C0] FS:  00007f98e29916c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  265.071376][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  265.077799][    C0] CR2: 00007f5273c836c6 CR3: 00000001284d3000 CR4: 00000000003506b0
[  265.085618][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  265.093422][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  265.101231][    C0] Call Trace:
[  265.104357][    C0]  <IRQ>
[  265.107062][    C0]  ? show_regs+0x58/0x60
[  265.111127][    C0]  ? watchdog_timer_fn+0x4b1/0x5f0
[  265.116078][    C0]  ? proc_watchdog_cpumask+0xd0/0xd0
[  265.121195][    C0]  ? __hrtimer_run_queues+0x41a/0xad0
[  265.126405][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[  265.131350][    C0]  ? clockevents_program_event+0x22f/0x300
[  265.136994][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  265.142894][    C0]  ? hrtimer_interrupt+0x40c/0xaa0
[  265.147843][    C0]  ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  265.153745][    C0]  ? sysvec_apic_timer_interrupt+0x95/0xc0
[  265.159384][    C0]  </IRQ>
[  265.162160][    C0]  <TASK>
[  265.164941][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  265.170929][    C0]  ? kvm_wait+0x147/0x180
[  265.175107][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  265.181083][    C0]  ? kvm_arch_para_hints+0x30/0x30
[  265.186037][    C0]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[  265.191932][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  265.198184][    C0]  ? stack_trace_save+0x113/0x1c0
[  265.203041][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  265.207990][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[  265.212763][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  265.217797][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  265.222831][    C0]  sock_map_delete_elem+0x99/0x130
[  265.227779][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  265.232814][    C0]  bpf_prog_8a405b5ced52e191+0x42/0xeac
[  265.238298][    C0]  bpf_trace_run2+0xec/0x210
[  265.242724][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  265.247411][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  265.252445][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  265.257481][    C0]  __bpf_trace_kfree+0x6f/0x90
[  265.262078][    C0]  ? copy_verifier_state+0xd7/0xcc0
[  265.267114][    C0]  kfree+0x1f3/0x220
[  265.270843][    C0]  ? irqentry_exit+0x30/0x40
[  265.275274][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  265.280912][    C0]  copy_verifier_state+0xd7/0xcc0
[  265.285778][    C0]  ? do_check+0x3385/0xf2c0
[  265.290115][    C0]  do_check+0x47a0/0xf2c0
[  265.294281][    C0]  ? __x64_sys_bpf+0x7c/0x90
[  265.298709][    C0]  ? mark_reg_unknown+0x600/0x600
[  265.303565][    C0]  ? irqentry_exit+0x30/0x40
[  265.307991][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  265.313633][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  265.319622][    C0]  ? btf_check_subprog_arg_match+0x181/0x2f0
[  265.325443][    C0]  do_check_common+0x909/0x1290
[  265.330125][    C0]  bpf_check+0x3835/0x12bf0
[  265.334469][    C0]  ? 0xffffffffa0028804
[  265.338458][    C0]  ? is_bpf_text_address+0x172/0x190
[  265.343578][    C0]  ? stack_trace_save+0x1c0/0x1c0
[  265.348438][    C0]  ? __kernel_text_address+0x9b/0x110
[  265.353645][    C0]  ? unwind_get_return_address+0x4d/0x90
[  265.359114][    C0]  ? bpf_get_btf_vmlinux+0x60/0x60
[  265.364062][    C0]  ? arch_stack_walk+0xf3/0x140
[  265.368748][    C0]  ? stack_trace_save+0x113/0x1c0
[  265.373607][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  265.378555][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  265.383502][    C0]  ? __stack_depot_save+0x34/0x470
[  265.388470][    C0]  ? ____kasan_kmalloc+0xed/0x110
[  265.393317][    C0]  ? ____kasan_kmalloc+0xdb/0x110
[  265.398260][    C0]  ? __kasan_kmalloc+0x9/0x10
[  265.402859][    C0]  ? kmem_cache_alloc_trace+0x115/0x210
[  265.408239][    C0]  ? selinux_bpf_prog_alloc+0x51/0x140
[  265.413534][    C0]  ? security_bpf_prog_alloc+0x62/0x90
[  265.418828][    C0]  ? bpf_prog_load+0x9ee/0x1b50
[  265.423515][    C0]  ? __sys_bpf+0x4bc/0x760
[  265.427767][    C0]  ? __x64_sys_bpf+0x7c/0x90
[  265.432201][    C0]  ? do_syscall_64+0x3d/0xb0
[  265.436622][    C0]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  265.442528][    C0]  ? irqentry_exit+0x30/0x40
[  265.446963][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  265.452769][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  265.458845][    C0]  ? 0xffffffff81000000
[  265.462835][    C0]  ? __check_object_size+0x73/0x3d0
[  265.467865][    C0]  ? __virt_addr_valid+0xb9/0x2f0
[  265.472727][    C0]  ? __check_object_size+0xfc/0x3d0
[  265.477761][    C0]  ? memset+0x35/0x40
[  265.481581][    C0]  ? bpf_obj_name_cpy+0x196/0x1e0
[  265.486441][    C0]  bpf_prog_load+0x12ac/0x1b50
[  265.491045][    C0]  ? map_freeze+0x370/0x370
[  265.495388][    C0]  ? __sanitizer_cov_trace_switch+0x60/0xe0
[  265.501111][    C0]  __sys_bpf+0x4bc/0x760
[  265.505191][    C0]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  265.510401][    C0]  ? __kasan_check_read+0x11/0x20
[  265.515261][    C0]  __x64_sys_bpf+0x7c/0x90
[  265.519510][    C0]  do_syscall_64+0x3d/0xb0
[  265.523761][    C0]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[  265.529405][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  265.535139][    C0] RIP: 0033:0x7f98e3c1cee9
[  265.539402][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  265.558828][    C0] RSP: 002b:00007f98e29910c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  265.567073][    C0] RAX: ffffffffffffffda RBX: 00007f98e3d4bf80 RCX: 00007f98e3c1cee9
[  265.574884][    C0] RDX: 0000000000000048 RSI: 0000000020000200 RDI: 0000000000000005
[  265.582694][    C0] RBP: 00007f98e3c6949e R08: 0000000000000000 R09: 0000000000000000
[  265.590506][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  265.598328][    C0] R13: 000000000000000b R14: 00007f98e3d4bf80 R15: 00007ffc4b93bd88
[  265.606138][    C0]  </TASK>
[  265.609000][    C0] Sending NMI from CPU 0 to CPUs 1:
[  265.614061][    C1] NMI backtrace for cpu 1
[  265.614069][    C1] CPU: 1 PID: 369 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0
[  265.614085][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  265.614092][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  265.614110][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  265.614121][    C1] RSP: 0018:ffffc900053676a0 EFLAGS: 00000246
[  265.614133][    C1] RAX: 0000000000000003 RBX: 1ffff92000a6ced8 RCX: ffffffff8154fa7f
[  265.614144][    C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810cc7a528
[  265.614154][    C1] RBP: ffffc90005367750 R08: dffffc0000000000 R09: ffffed102198f4a6
[  265.614165][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  265.614174][    C1] R13: ffff88810cc7a528 R14: 0000000000000003 R15: 1ffff92000a6cedc
[  265.614184][    C1] FS:  00007f0f67dbf6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  265.614198][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  265.614208][    C1] CR2: 0000001b2e821000 CR3: 00000001282bd000 CR4: 00000000003506a0
[  265.614221][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  265.614229][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  265.614237][    C1] Call Trace:
[  265.614242][    C1]  <NMI>
[  265.614247][    C1]  ? show_regs+0x58/0x60
[  265.614261][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[  265.614278][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  265.614296][    C1]  ? kvm_wait+0x147/0x180
[  265.614308][    C1]  ? kvm_wait+0x147/0x180
[  265.614321][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  265.614337][    C1]  ? nmi_handle+0xa8/0x280
[  265.614351][    C1]  ? kvm_wait+0x147/0x180
[  265.614364][    C1]  ? default_do_nmi+0x69/0x160
[  265.614379][    C1]  ? exc_nmi+0xaf/0x120
[  265.614393][    C1]  ? end_repeat_nmi+0x16/0x31
[  265.614407][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  265.614425][    C1]  ? kvm_wait+0x147/0x180
[  265.614438][    C1]  ? kvm_wait+0x147/0x180
[  265.614451][    C1]  ? kvm_wait+0x147/0x180
[  265.614463][    C1]  </NMI>
[  265.614467][    C1]  <TASK>
[  265.614471][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  265.614486][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  265.614500][    C1]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  265.614516][    C1]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  265.614534][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  265.614552][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  265.614568][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  265.614584][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  265.614598][    C1]  ? __kernel_text_address+0x9b/0x110
[  265.614614][    C1]  sock_map_delete_elem+0x99/0x130
[  265.614630][    C1]  ? sock_map_unref+0x352/0x4d0
[  265.614650][    C1]  bpf_prog_8a405b5ced52e191+0x42/0xeac
[  265.614661][    C1]  bpf_trace_run2+0xec/0x210
[  265.614677][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  265.614692][    C1]  ? stack_trace_save+0x113/0x1c0
[  265.614706][    C1]  ? sock_map_unref+0x352/0x4d0
[  265.614720][    C1]  ? __mutex_lock_slowpath+0x10/0x10
[  265.614734][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  265.614748][    C1]  ? sock_map_unref+0x352/0x4d0
[  265.614763][    C1]  __bpf_trace_kfree+0x6f/0x90
[  265.614777][    C1]  ? sock_map_unref+0x352/0x4d0
[  265.614791][    C1]  kfree+0x1f3/0x220
[  265.614806][    C1]  sock_map_unref+0x352/0x4d0
[  265.614822][    C1]  sock_map_delete_elem+0xc1/0x130
[  265.614837][    C1]  ? kvfree+0x35/0x40
[  265.614849][    C1]  bpf_prog_8a405b5ced52e191+0x42/0xeac
[  265.614860][    C1]  bpf_trace_run2+0xec/0x210
[  265.614875][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  265.614890][    C1]  ? kvfree+0x35/0x40
[  265.614902][    C1]  ? btf_parse_hdr+0x62/0x7c0
[  265.614917][    C1]  ? bpf_btf_find_by_name_kind+0x850/0x850
[  265.614933][    C1]  ? kvfree+0x35/0x40
[  265.614946][    C1]  __bpf_trace_kfree+0x6f/0x90
[  265.614959][    C1]  ? kvfree+0x35/0x40
[  265.614971][    C1]  kfree+0x1f3/0x220
[  265.614987][    C1]  ? btf_parse_hdr+0x53f/0x7c0
[  265.615002][    C1]  kvfree+0x35/0x40
[  265.615014][    C1]  btf_new_fd+0x443/0x910
[  265.615029][    C1]  bpf_btf_load+0x6f/0x90
[  265.615062][    C1]  __sys_bpf+0x50e/0x760
[  265.615078][    C1]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  265.615097][    C1]  ? __kasan_check_read+0x11/0x20
[  265.615116][    C1]  __x64_sys_bpf+0x7c/0x90
[  265.615131][    C1]  do_syscall_64+0x3d/0xb0
[  265.615147][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  265.615163][    C1] RIP: 0033:0x7f0f6904aee9
[  265.615178][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  265.615191][    C1] RSP: 002b:00007f0f67dbf0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  265.615207][    C1] RAX: ffffffffffffffda RBX: 00007f0f69179f80 RCX: 00007f0f6904aee9
[  265.615219][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000012
[  265.615228][    C1] RBP: 00007f0f6909749e R08: 0000000000000000 R09: 0000000000000000
[  265.615239][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  265.615248][    C1] R13: 000000000000000b R14: 00007f0f69179f80 R15: 00007ffc76086978
[  265.615263][    C1]  </TASK>