watchdog: BUG: soft lockup - CPU#0 stuck for 143s! [kworker/0:8:8621]
Modules linked in:
irq event stamp: 4448448
hardirqs last  enabled at (4448447): [<ffffffff89400c02>] asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
hardirqs last disabled at (4448448): [<ffffffff8937658b>] sysvec_apic_timer_interrupt+0xb/0xc0 arch/x86/kernel/apic/apic.c:1097
softirqs last  enabled at (4420266): [<ffffffff81469973>] invoke_softirq kernel/softirq.c:432 [inline]
softirqs last  enabled at (4420266): [<ffffffff81469973>] __irq_exit_rcu+0x123/0x180 kernel/softirq.c:636
softirqs last disabled at (4420217): [<ffffffff81469973>] invoke_softirq kernel/softirq.c:432 [inline]
softirqs last disabled at (4420217): [<ffffffff81469973>] __irq_exit_rcu+0x123/0x180 kernel/softirq.c:636
CPU: 0 PID: 8621 Comm: kworker/0:8 Not tainted 5.15.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events prog_array_map_clear_deferred
RIP: 0010:check_region_inline mm/kasan/generic.c:169 [inline]
RIP: 0010:kasan_check_range+0x0/0x180 mm/kasan/generic.c:189
Code: 00 00 e9 a3 36 3a 02 0f 1f 00 48 89 f2 be f5 00 00 00 e9 93 36 3a 02 0f 1f 00 48 89 f2 be f8 00 00 00 e9 83 36 3a 02 0f 1f 00 <48> 85 f6 0f 84 70 01 00 00 49 89 f9 41 54 44 0f b6 c2 49 01 f1 55
RSP: 0018:ffffc900177efa70 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff815c9bb1
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8d6f5390
RBP: 1ffff92002efdf51 R08: 0000000000000000 R09: 0000000019b61d01
R10: ffffffff818d6cc9 R11: 0000000000000000 R12: ffff88807987d0c8
R13: ffffc90097df6188 R14: ffff88807987d060 R15: 0000000010000001
FS:  0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f877ab7e9e0 CR3: 000000000b68e000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
Call Trace:
 <TASK>
 instrument_atomic_read include/linux/instrumented.h:71 [inline]
 test_bit include/asm-generic/bitops/instrumented-non-atomic.h:134 [inline]
 cpumask_test_cpu include/linux/cpumask.h:344 [inline]
 cpu_online include/linux/cpumask.h:895 [inline]
 trace_lock_release include/trace/events/lock.h:58 [inline]
 lock_release+0xa1/0x720 kernel/locking/lockdep.c:5636
 __mutex_unlock_slowpath+0x99/0x5e0 kernel/locking/mutex.c:900
 fd_array_map_delete_elem+0x1b0/0x2e0 kernel/bpf/arraymap.c:824
 bpf_fd_array_map_clear kernel/bpf/arraymap.c:871 [inline]
 prog_array_map_clear_deferred+0x10b/0x1b0 kernel/bpf/arraymap.c:1050
 process_one_work+0x9b2/0x1690 kernel/workqueue.c:2297
 worker_thread+0x658/0x11f0 kernel/workqueue.c:2444
 kthread+0x405/0x4f0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 8117 Comm: kworker/1:5 Not tainted 5.15.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events prog_array_map_clear_deferred
RIP: 0010:lock_acquire kernel/locking/lockdep.c:5628 [inline]
RIP: 0010:lock_acquire+0x1d3/0x510 kernel/locking/lockdep.c:5590
Code: ff ff 48 c7 c7 e0 08 8c 89 48 83 c4 20 e8 f5 da da 07 b8 ff ff ff ff 65 0f c1 05 88 d6 a5 7e 83 f8 01 0f 85 b4 02 00 00 9c 58 <f6> c4 02 0f 85 9f 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00
RSP: 0018:ffffc9000adff9f0 EFLAGS: 00000046
RAX: 0000000000000046 RBX: 1ffff920015bff40 RCX: ffffffff815c50df
RDX: 1ffff11004bcc4eb RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8fd38b17
R10: fffffbfff1fa7162 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: ffff888022e7a8c8 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f877ab9f9e0 CR3: 000000000b68e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __mutex_lock_common kernel/locking/mutex.c:607 [inline]
 __mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:740
 fd_array_map_delete_elem+0x120/0x2e0 kernel/bpf/arraymap.c:821
 bpf_fd_array_map_clear kernel/bpf/arraymap.c:871 [inline]
 prog_array_map_clear_deferred+0x10b/0x1b0 kernel/bpf/arraymap.c:1050
 process_one_work+0x9b2/0x1690 kernel/workqueue.c:2297
 worker_thread+0x658/0x11f0 kernel/workqueue.c:2444
 kthread+0x405/0x4f0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
----------------
Code disassembly (best guess):
   0:	00 00                	add    %al,(%rax)
   2:	e9 a3 36 3a 02       	jmpq   0x23a36aa
   7:	0f 1f 00             	nopl   (%rax)
   a:	48 89 f2             	mov    %rsi,%rdx
   d:	be f5 00 00 00       	mov    $0xf5,%esi
  12:	e9 93 36 3a 02       	jmpq   0x23a36aa
  17:	0f 1f 00             	nopl   (%rax)
  1a:	48 89 f2             	mov    %rsi,%rdx
  1d:	be f8 00 00 00       	mov    $0xf8,%esi
  22:	e9 83 36 3a 02       	jmpq   0x23a36aa
  27:	0f 1f 00             	nopl   (%rax)
* 2a:	48 85 f6             	test   %rsi,%rsi <-- trapping instruction
  2d:	0f 84 70 01 00 00    	je     0x1a3
  33:	49 89 f9             	mov    %rdi,%r9
  36:	41 54                	push   %r12
  38:	44 0f b6 c2          	movzbl %dl,%r8d
  3c:	49 01 f1             	add    %rsi,%r9
  3f:	55                   	push   %rbp