Extracting prog: 30m3.811868948s
Minimizing prog: 5h27m45.751129216s
Simplifying prog options: 0s
Extracting C: 8m37.132506048s
Simplifying C: 56m17.811559728s


12 programs, 3 VMs, timeouts [45s 5m0s 16m0s]
extracting reproducer from 12 programs
single: executing 2 programs separately with timeout 45s
testing program (duration=45s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-unlink-bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_usb_control_io$hid
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_012={0x1, 0x1, 0xb, "ff"}, @global=@item_012={0x2, 0x1, 0x0, "113e"}]}}, 0x0}, 0x0)

program did not crash
testing program (duration=45s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): ioctl$TIOCSTI-prlimit64-sched_setscheduler-getpid-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-mmap-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet6-connect$inet6-sendmmsg
detailed listing:
executing program 0:
ioctl$TIOCSTI(0xffffffffffffffff, 0x540c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500400000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x36)

program did not crash
single: failed to extract reproducer
bisect: bisecting 12 programs with base timeout 45s
testing program (duration=48s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [4, 4, 8, 6, 4, 14, 4, 3, 8, 3, 16, 9]
detailed listing:
executing program 1:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000021c0), 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000006b00)={<r1=>0xffffffffffffffff})
dup2(r1, r0)
write$binfmt_misc(r0, &(0x7f0000000100)=ANY=[], 0xe1)
executing program 1:
ftruncate(0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
syz_read_part_table(0x5c5, &(0x7f0000000b80)="$eJzs2z9I22kYB/An1lBoB5dOndoOHY4uLR2boS1J2tJCSOtSbmihpRQzpVCIXKDQDppBMYM4uohcFv9MxgxOioKziIOH4OByhy6CiznufG+6P3h3elzh84EfD7/f+33fJ8+Q8Q2+aj3xU7fbzURE9+IfJ7p/sbu/lS88vla6X34RkYmBiPh+dbDvl5XMb7vTqTfS+3Z6n5q81Bk+eJRtbT0/vPlqudGT1j+l5/J0u/9MBuRczeRW+j5/qRZHarn3m8X67tDG+rPZ/Xy5/bTRnHuSffgm5VZT7U31Q9RiMAbidVSiEm+jekb9J1o7t4+vFlsL7+4dFTqjS3dSrvQv5zxt/4/Xx1426w9uzV8Zv1tbXCvvXTjJVf7k3wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/LTG6l7/OXanGklnu/WazvDm2sP5vdz5fbTxvNuSfZh29SbjXV3lQ/RC0GYyBeRyUy8Taqvzu55x/1n2jt3D6+WmwtvLt3VOiMLt1JudIZzHqa/h+vj71s1h/cmr8yfre2uFbeu3CSq1w8px8AAAAAAAAAAAAAAAAAAAAAEZEvPL5Wul9+EZGJb6M3vvnxu18v7nfTffdMyt1IdTt9n5q81Bk+eJRtbT0/vPlqufFD+v4pPZen2/3/+TD8bT8HAAD//69Xlno=")
executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7030000ffffffff850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0x43400)
executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000480)=""/89, 0x59}], 0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r1, 0x0)
executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(0xffffffffffffffff)
ioctl$KDFONTOP_SET(r0, 0x4b4a, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
executing program 1:
ioctl$TIOCSTI(0xffffffffffffffff, 0x540c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500400000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x36)
executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d00000004000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c030055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bf28d9961b626c57c2691208171655e9886ce413b71781ca532e6ea09a946df3d7cb4ebd31a08b32808b80200000000000000334d83239d0c2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb69e90ea0182babc18cae2ed4b4390af9a9ceefd07e002cab5ebfcaad34732181feb215139f15eadddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a58090000000000000094f22cdf550ef091a78098534f0d973058594119d06d5ea9a8d085734000030000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca39059787790017b0689a1f3db9c24db65c1e00015c1d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86e0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8e34fc7eac9e8af3904ea0f3698cd9492794b82649b50d726bff873339c4cad4ead1348474250eda2c8067ab730c1d85969b95a2a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c02000000000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860a44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acdfafe621f22712dfd09004770b4278fa14547d8ce3c21388e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cddcb24ebb6eddb9e87c9ece87a42c0000abdfc6ea55887dfa18d0aea1b6eca5a883702b0bf3aeebb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3e0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6e67f530996482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5bf55b98d926d3c27e7945b299968b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac2bc3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa1784d927aca9b8540534c5c49a0300cfbc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984aea1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a57094616020f72f1c55ee3d325c7496a7c2f10cfea516ae436751227378f00ca0f1f6c1dcf879700dd90b96a330f92bff736c83ca53e7f02b734d1a9292896f5d7f244bfab4946c7042e8827b1541eafcc5b4ba7a7880533cdeac995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb7961c07b47521973cf0bb6f5530f6216b047b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d413e7b2a9e2f87f7b44949fe14c00000000000047030c09f62d444b4981db81799776eeb444000000009705fa8b56779bc876ad4f8d8c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dee145ff221159aed2768edc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982e3ddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bf4d30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c208f4032e93408000000000000e96db049b92fc32ee34fe7a3419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab61213bf50000000000000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba375dfa55a49b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be573f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc0555d4bfcfd057980136d6e9000003b24fa300ef90bfe4ad364256937796f941c2faad94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808d409b5e36fc7fdd41def361427b6b9c118e5c9a0a1d5ca24886e33a7f81b2188ec75a5fc9302e3695bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124bad23e554c30fdd7cd8c2da1e8706417da26913688e7abfb9eac08603dfc2f2279ba161c13984cd753b54a85e6f3018c7d48c4b6c2f6910975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc0000000000000000b3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df74d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf378ca2e577e206a758a3f02816b4e91d49b9693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000000000000000019a4e9a9c2cbc906f97fd6eb71b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea12023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6088630d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a470563bd4621b9e43f08d341bb69df430ac6398c1b28bdd33b69b4b86d7c5f30cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a9f9355aea34fe55fd0d3011cb83ac03268dc66dd108a4e9944241e1d4ba69212ee0e7526e72c19346d08d3c3c82cb987f1bd2fd9ce2c88082ea23abbf23c6bd43fc9f9f8ea7656e25d3d73cd056b1f782de1fe349fc33546558366ed99030c0fda039272d277a3576d4e0469779d711e10b6bf040f7274fd9577c1c33326d2e60ee611ae226ef00e2944fb727832dc8dad36a6072aacfc4bcefb808ab7b3b95e0f60616320b2a9e1f8fac812daac9983639b35184803b7d192ce1f226e97fa23c37df95d067a54a8b412644cad9ecc251fbe418a81aaf00cc8d15758ff0eb885a40630396ba76b8fadc09e62ff70c8a0121e7e8322cb8bc0f50ad33a2879c27557ead3af79d4a034b9ca025ff3d38165b28f8a3e6f91589a711d1dca971a93d50d6b44e6ea13ffa3a8cd0025cb28c7007bff4e2a299cf333dfcd858000db8f8720e1d602a8e5138f8760684ee98be9b766433ece16dce5b1c2d6f671f675e1def56eb1355e40a5c188b88e3567a2c5ebae51748cf3aea239173364cfdc83ba7111dafa1b86516e357329227f1b6a810ffc1ca9fb3c522a6dab88e22c3d05ca67521adbb1358b52b54becd2534f8800a8e212b1fcdfbf6c3b741b1023ea74cc8245f3ab866987be3e0000000000000000000000000000000000000000000000000b4ade53e4de589f86460722d91a8513bde1cc2e5b1b06675ec1dabefbc95d1795b5152a2fc2c799c96ef510015b00"/4035], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
executing program 0:
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8042c2e9a3885f1fc0e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = epoll_create1(0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
read$FUSE(r1, &(0x7f0000009b00)={0x2020}, 0x2020)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000))
executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
syz_read_part_table(0x5d4, &(0x7f0000000000)="$eJzs279r02kcB/BPqiF3Org4OamDwyEHiqMZVJKoKIRoF7lBQRExwxFBiFxA0EEDp5hBHF1KIUt/TE0zdGppoXMpHXoUOnS5o10KXZoj9OlSbmi59ODg9YIvH57n+/4+n+fzB3yD/7Wh+KvX62UiopeL+OGIXw+3C8U758s3Kg8jMv3D4tffaz/332RSon9q38W0Xk3rke+nuh+3bmfbKw+2Lz2ebQ7tXyci3kbE6dHO8CDm43iN5efOvHtfK32q518slxrrH5YW749vFiqde83WxN3sracpN5/qyVRfRT3exMt4EtWoxrOoDaj/t/bald1zpfbU8+s7xe7nmaspV/6Xcx62/+sLXx61GjcvT579eq0+vVDZOLGXq+aO6QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzUWH7uzLv3tdKnej4XEesflhbvj28WKp17zdbE3eytpyk3n+rJVF9FPd7Ey3gS1ajGs6jtH9jrHabtj//Q/8VyqbH+rb12ZfdcqT31/PpOsft55mrKlQc18AEH+7++8OVRq3Hz8uTZr9fq0wuVjRN7uWrumC4AAAAAAAAAAAAAAAAAAAAAEVEo3jlfvlF5GJGJXyLipz9/G+rv99L/7pmUu5jqatof+X6q+3Hrdra98mD70uPZ5h9p/216To92hv/zYTiyvwMAAP//2EuUrQ==")
executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000001100290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800068004000500080000003e"], 0x44}}, 0x0)
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_012={0x1, 0x1, 0xb, "ff"}, @global=@item_012={0x2, 0x1, 0x0, "113e"}]}}, 0x0}, 0x0)

program did not crash
replaying the whole log did not cause a kernel crash
single: executing 2 programs separately with timeout 5m0s
testing program (duration=5m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-unlink-bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_usb_control_io$hid
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_012={0x1, 0x1, 0xb, "ff"}, @global=@item_012={0x2, 0x1, 0x0, "113e"}]}}, 0x0}, 0x0)

program did not crash
testing program (duration=5m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): ioctl$TIOCSTI-prlimit64-sched_setscheduler-getpid-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-mmap-socketpair$unix-connect$unix-sendmmsg$unix-recvmmsg-socket$inet6-connect$inet6-sendmmsg
detailed listing:
executing program 0:
ioctl$TIOCSTI(0xffffffffffffffff, 0x540c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500400000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x36)

program did not crash
single: failed to extract reproducer
bisect: bisecting 12 programs with base timeout 5m0s
testing program (duration=5m3s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [4, 4, 8, 6, 4, 14, 4, 3, 8, 3, 16, 9]
detailed listing:
executing program 1:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000021c0), 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000006b00)={<r1=>0xffffffffffffffff})
dup2(r1, r0)
write$binfmt_misc(r0, &(0x7f0000000100)=ANY=[], 0xe1)
executing program 1:
ftruncate(0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10)
syz_read_part_table(0x5c5, &(0x7f0000000b80)="$eJzs2z9I22kYB/An1lBoB5dOndoOHY4uLR2boS1J2tJCSOtSbmihpRQzpVCIXKDQDppBMYM4uohcFv9MxgxOioKziIOH4OByhy6CiznufG+6P3h3elzh84EfD7/f+33fJ8+Q8Q2+aj3xU7fbzURE9+IfJ7p/sbu/lS88vla6X34RkYmBiPh+dbDvl5XMb7vTqTfS+3Z6n5q81Bk+eJRtbT0/vPlqudGT1j+l5/J0u/9MBuRczeRW+j5/qRZHarn3m8X67tDG+rPZ/Xy5/bTRnHuSffgm5VZT7U31Q9RiMAbidVSiEm+jekb9J1o7t4+vFlsL7+4dFTqjS3dSrvQv5zxt/4/Xx1426w9uzV8Zv1tbXCvvXTjJVf7k3wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/LTG6l7/OXanGklnu/WazvDm2sP5vdz5fbTxvNuSfZh29SbjXV3lQ/RC0GYyBeRyUy8Taqvzu55x/1n2jt3D6+WmwtvLt3VOiMLt1JudIZzHqa/h+vj71s1h/cmr8yfre2uFbeu3CSq1w8px8AAAAAAAAAAAAAAAAAAAAAEZEvPL5Wul9+EZGJb6M3vvnxu18v7nfTffdMyt1IdTt9n5q81Bk+eJRtbT0/vPlqufFD+v4pPZen2/3/+TD8bT8HAAD//69Xlno=")
executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7030000ffffffff850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0x43400)
executing program 1:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000480)=""/89, 0x59}], 0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r1, 0x0)
executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(0xffffffffffffffff)
ioctl$KDFONTOP_SET(r0, 0x4b4a, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
executing program 1:
ioctl$TIOCSTI(0xffffffffffffffff, 0x540c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500400000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x36)
executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000006000000bfa300000000000007030000407effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d00000004000000000000009500000000000000496cf2827fb43a431ca7ebfcd0cd00006ed3d09a6175037958e271b60dedf8937f02008b6d83923dd29c030055d47dafe6c8dc3d5d78c07f34e4d5b3185b310efd4989147a00000000f110026e6d2ef831ab7ea0c34f17e3adeef3bb622003b538dfd8e012e71f6420b90adddff61b5b0a341a2d7cbdb90000bdb2ca76050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bf28d9961b626c57c2691208171655e9886ce413b71781ca532e6ea09a946df3d7cb4ebd31a08b32808b80200000000000000334d83239d0c2e9ff10ff2d27080e71113610e10c358e8327e7050b6c860dac12233f9a1fb9c2aec61ce63a38d316ef49b66d6e42fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a5f3d74ca891c4594e8a4399e01eadd3964663e88535c133f7130856f75643619f567d2e24f29e5dad9326edb69e90ea0182babc18cae2ed4b4390af9a9ceefd07e002cab5ebfcaad34732181feb215139f15eadddcb0c7cbe31fbae7c34d5ac5e7e64c21add9191eadd6e1795ad6a0f7f8cd3fccbdc3dec04b25dfc17975238345d4f71af35910b158e56657b7218baaa7cbf781c0a99bd50499ccff0f000000000000c7beba3da8223fe5308e4e2833baace04f4087c4f0da0d9a88f9dbb593ddeb3f0932a4d0175b889b8eccf707882042e716df9b57b290c661d4e85031086e97bcc5ca0e221a0e34323c129102b7b7a643e82e88a1940b3c02ed9c92d6f64b1282dc519b00159830d7617001154c46bd3ca96318c570f0721fc7aa2a58090000000000000094f22cdf550ef091a78098534f0d973058594119d06d5ea9a8d085734000030000000000c12346e47ad97f4ead7cf754a52e4b2d0f22d428bd705414888700a30e2366c6a06b3367a389ca39059787790017b0689a1f3db9c24db65c1e00015c1d573dab18fd0600885f1ea8f2fd299fc3cdafda323e9c7080397bc49d70c060d57bc88fbe09baa058b040360ab9261503d2f363fb099408885afc2bf9a4f8c3506b669e889f5e4be1b8e0d634ebc1057b7e98186fc5141bd670dba6f43279f73db9dec75070cd9ab0fd969169ef6d2857b6bf955012cf7fe50d133da86e0477e42b98a6cc999dc21c3ef408e633dfa35f14d6e734837d365e63845f3c1092f8e34fc7eac9e8af3904ea0f3698cd9492794b82649b50d726bff873339c4cad4ead1348474250eda2c8067ab730c1d85969b95a2a5687f2ed690000522a0b7426000000000000000000000000000000000000000093fc7a82b98f99d9dedf7ba17f5f0b6d15e552fbd21f7eecff10243a43af03eea84c4304a5d3f93c02000000000000000043e1ed82b9aa0ae92a499984a009000000937523f5292d12659906005cde64f903c3415c458a2b32c2318f0858f19c6def80e1481e8e1c0098fc3f38b7a57211adb15d824cfdcf229628c0de49860a44286fe0e257cfa4ce50f3d10763d442824414a73c06837fe08de62f8710ca977960b74d0000ce73da6022a8671d1a3575b4e18c28c73203bf134686dd65808452cb6b76fcb134252c78de9b240de7b4cd015a77f76bb6470c05fc980b3d8f3f964f432a4bf6cddd6222c2da006b6fdb9c8468ae1d986a893b9519444d16a6dfa92c04331a6698507048fab5ae402acdfafe621f22712dfd09004770b4278fa14547d8ce3c21388e5e4e2baacd98e8e451d6aaaf090000006ed1d9018000008dd952595d78e9583bf4ea5de36099e3cddcb24ebb6eddb9e87c9ece87a42c0000abdfc6ea55887dfa18d0aea1b6eca5a883702b0bf3aeebb225895db90e237157a34e9f447237ea5b391bddd1290f7ce987a0e36b8e71b1779bbe95ffa9c3e0f6ba66e4d48e75253e3d633811e4b3220616aafbe7a3a18375ae593eb58fd500426286472466823cb8e1800aaaa0d9463c0c4ea5541a55df6e67f530996482228816cdfccb98374c644eea45de7867a0efbad0ab2bc33b350440a90b791b2b33f74a112a3b91b40bed8db2df8633207f8387e04ca52ab0f3f7b058b13523b896800b992972d9609551c27a5916ea16069c5bf55b98d926d3c27e7945b299968b930780603134ae6b7f5092772bd5d880dbe21b790c475b14b7fe4fe002dffd651faa79bb0cee0cdac2bc3218f2ddaa6f7ba04b696a30d313bed30ba8f35569a9b07ee7308da09c01a4b827aa1784d927aca9b8540534c5c49a0300cfbc2213fc1572b0204dd456b11a454d1f3f14179974aae624ea59500f5e048b2780666de81a040663c57f49af25be909984aea1b81f33426f86b4b941c08dfe2bc8ec246ec1aae120c42405e428923f3a83d9ba5c373f5e8a54120b451e2806370f1ed60c9fd5d9af4d16cb0f413c324da52d4bd2e01d3ac2d578d72e2d63322dfc9245ce3e3a097fb82f4e3b61a57094616020f72f1c55ee3d325c7496a7c2f10cfea516ae436751227378f00ca0f1f6c1dcf879700dd90b96a330f92bff736c83ca53e7f02b734d1a9292896f5d7f244bfab4946c7042e8827b1541eafcc5b4ba7a7880533cdeac995d1caf6936f356ecf07a0084e7adc2dc12417997b03087c7b3b44b06f6158a2a18ce0e56ffbeb22f40521dd9972583d413098aa80db98ef324a2bfb7961c07b47521973cf0bb6f5530f6216b047b35d6e06b72b22b29de42bb1bc8ce0a0e3500000000000000000000000000b92eb197e4149627920000008000000000801792756f90b37f0858efc387f559203f314a4b0ed750fa72e5948ac3fe5921c14ef578d413e7b2a9e2f87f7b44949fe14c00000000000047030c09f62d444b4981db81799776eeb444000000009705fa8b56779bc876ad4f8d8c8e50815c4c3b27487996c09121caf47f76158362c74904f89cbc588aae84567a83571ff72bb65c082b5a8dee145ff221159aed2768edc05a3167d84205d5af86553c21e1f023a51c0e179fccfbc201982e3ddcaa45613899d19082453b180ca0c525b8d3cfaf7d0bcddeb5d5c7166038f276a92941393ba5e51f77172822bd903d9f8b436656771774ed88daab0d0cfdd1bf4d30ab566e1a4cb3ad66d830e10f7c1de13218aea21e7def613204c2b7c1ad48b01c208f4032e93408000000000000e96db049b92fc32ee34fe7a3419c8fbf03d61c159dc5864e030000a2c55b614d622b8de966c97e1940026f96db3c78ca18c9f08d1c47edf1a4d7298109f31b6078711ee72eacab61213bf50000000000000000000000000000001217887d0452aa6d26e4614d511710abeec84b78c027c160ba375dfa55a49b832ce4dfb91122193d514ed992c07f8cd6d897b314907e15642da228dbc03429e6e0e7ac118ed351c3b0c44bf5d8b58be573f8333aa8cc2ec5b5e305b3dee2562d415b4b9ed530797f55f9fe8510423409629a09000000000000009a35d9ca93e4b4591679547b8de8af1782451f7b8e1de508f1e9e525210d62797515b737bfb21d35ac560f99dbd18dad5e6345a464955e8141d75b6177e4fa176a020b0000000000006e76f0294fee7d19a0f327f8796d77b6e24b8df4bb438b527d10e657d49b844198ea9f93c4fd6fd2daa9bd87fd1e02ecc8075dca1280c201043257e9bd3c9a7aa150eb1711632b76d4dc0555d4bfcfd057980136d6e9000003b24fa300ef90bfe4ad364256937796f941c2faad94785f48777941f0cd3dba54ab6a5d5e91e90ac9ae994c3d4108b2fe7eca9413ac9bc138c74800487eb19c48db3f79be964808d409b5e36fc7fdd41def361427b6b9c118e5c9a0a1d5ca24886e33a7f81b2188ec75a5fc9302e3695bdcc9ab11201ef940569c995c21eeaefe2e8fc02e0433dc7371d1f72124bad23e554c30fdd7cd8c2da1e8706417da26913688e7abfb9eac08603dfc2f2279ba161c13984cd753b54a85e6f3018c7d48c4b6c2f6910975e9ff51318b09fa13e2d38ce013aab41524c298c3719e31bcb1f102eaeee69a19e006bcdb1acc0000000000000000b3d7848d5e1381fbe63c522053a3bb32eb6345e10f7a12bf84e0e196a00833f464dd2f6547f14ebf137fce33efeb813211f31ff24d7dbb00f2574ccda59b3ea068fc2a18c37ee579f5a9ecc47da73684bcadd209ae5bbb7147df74d027d8d0adcdb54182c9de8053fc8b1b9d19c16c53d34db6e26f6a88d449f6abf378ca2e577e206a758a3f02816b4e91d49b9693a798a330a1ccb32d49772e80862df36dc0156b3f72cd85083f8e96ca1697457ec722766bd46ee2424975a38149bd57e5c0eb4087fc243e7e51b0aca9f0ab0668d7f2ee9ad9f267d8804417aa7e36a64d489bb84a1483fd3c3ecb024060002858cbb1f7708f5b41fca2fee7c03b1f862ce88dc313d913e041dd7583a1ac41c466757c5dd07ea2c5d62a000000000000000019a4e9a9c2cbc906f97fd6eb71b18d09a5df123ebbdb2827b43aed6a29e9942e402c1ae52e9cb98f3019d364fc21ea12023db91ced3c2f06550cef8a79ed39091e4776001187d0ab2f82478431d36470cc008d745ce8fd64c9aa64da230bb080945a557081b767beb75b1ea856a55c71b8fda672289aa6088630d48ac8039f19fec3acbcc5944a4e6fd44af8f10110db730a8d0d41b4ea36f9510f843a470563bd4621b9e43f08d341bb69df430ac6398c1b28bdd33b69b4b86d7c5f30cf728294e8ea1861ce50c367498945285f73c94d91210652eb4f3077cab6be2a3512eddbcb63d091d69fb1b26c8ada9a9f9355aea34fe55fd0d3011cb83ac03268dc66dd108a4e9944241e1d4ba69212ee0e7526e72c19346d08d3c3c82cb987f1bd2fd9ce2c88082ea23abbf23c6bd43fc9f9f8ea7656e25d3d73cd056b1f782de1fe349fc33546558366ed99030c0fda039272d277a3576d4e0469779d711e10b6bf040f7274fd9577c1c33326d2e60ee611ae226ef00e2944fb727832dc8dad36a6072aacfc4bcefb808ab7b3b95e0f60616320b2a9e1f8fac812daac9983639b35184803b7d192ce1f226e97fa23c37df95d067a54a8b412644cad9ecc251fbe418a81aaf00cc8d15758ff0eb885a40630396ba76b8fadc09e62ff70c8a0121e7e8322cb8bc0f50ad33a2879c27557ead3af79d4a034b9ca025ff3d38165b28f8a3e6f91589a711d1dca971a93d50d6b44e6ea13ffa3a8cd0025cb28c7007bff4e2a299cf333dfcd858000db8f8720e1d602a8e5138f8760684ee98be9b766433ece16dce5b1c2d6f671f675e1def56eb1355e40a5c188b88e3567a2c5ebae51748cf3aea239173364cfdc83ba7111dafa1b86516e357329227f1b6a810ffc1ca9fb3c522a6dab88e22c3d05ca67521adbb1358b52b54becd2534f8800a8e212b1fcdfbf6c3b741b1023ea74cc8245f3ab866987be3e0000000000000000000000000000000000000000000000000b4ade53e4de589f86460722d91a8513bde1cc2e5b1b06675ec1dabefbc95d1795b5152a2fc2c799c96ef510015b00"/4035], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002300)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000140)="b9ff0300600d698cff9e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
executing program 0:
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8042c2e9a3885f1fc0e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = epoll_create1(0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
read$FUSE(r1, &(0x7f0000009b00)={0x2020}, 0x2020)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000))
executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
syz_read_part_table(0x5d4, &(0x7f0000000000)="$eJzs279r02kcB/BPqiF3Org4OamDwyEHiqMZVJKoKIRoF7lBQRExwxFBiFxA0EEDp5hBHF1KIUt/TE0zdGppoXMpHXoUOnS5o10KXZoj9OlSbmi59ODg9YIvH57n+/4+n+fzB3yD/7Wh+KvX62UiopeL+OGIXw+3C8U758s3Kg8jMv3D4tffaz/332RSon9q38W0Xk3rke+nuh+3bmfbKw+2Lz2ebQ7tXyci3kbE6dHO8CDm43iN5efOvHtfK32q518slxrrH5YW749vFiqde83WxN3sracpN5/qyVRfRT3exMt4EtWoxrOoDaj/t/bald1zpfbU8+s7xe7nmaspV/6Xcx62/+sLXx61GjcvT579eq0+vVDZOLGXq+aO6QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzUWH7uzLv3tdKnej4XEesflhbvj28WKp17zdbE3eytpyk3n+rJVF9FPd7Ey3gS1ajGs6jtH9jrHabtj//Q/8VyqbH+rb12ZfdcqT31/PpOsft55mrKlQc18AEH+7++8OVRq3Hz8uTZr9fq0wuVjRN7uWrumC4AAAAAAAAAAAAAAAAAAAAAEVEo3jlfvlF5GJGJXyLipz9/G+rv99L/7pmUu5jqatof+X6q+3Hrdra98mD70uPZ5h9p/216To92hv/zYTiyvwMAAP//2EuUrQ==")
executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000001100290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800068004000500080000003e"], 0x44}}, 0x0)
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_012={0x1, 0x1, 0xb, "ff"}, @global=@item_012={0x2, 0x1, 0x0, "113e"}]}}, 0x0}, 0x0)

program did not crash
replaying the whole log did not cause a kernel crash
single: executing 2 programs separately with timeout 16m0s
testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-unlink-bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN-syz_usb_control_io$hid
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_012={0x1, 0x1, 0xb, "ff"}, @global=@item_012={0x2, 0x1, 0x0, "113e"}]}}, 0x0}, 0x0)

program crashed: INFO: task hung in _vm_unmap_aliases
single: successfully extracted reproducer
found reproducer with 9 syscalls
minimizing guilty program
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-unlink-bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD-bpf$BPF_RAW_TRACEPOINT_OPEN
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-unlink-bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-unlink-bpf$MAP_CREATE-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-unlink-bpf$MAP_CREATE-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-unlink-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unlink(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$BPF_RAW_TRACEPOINT_OPEN-bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-syz_usb_control_io-bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$hid-bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
detailed listing:
executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000080000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

program did not crash
extracting C reproducer
testing compiled C program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
simplifying C reproducer
testing compiled C program (duration=24m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=24m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=24m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=24m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=24m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=24m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$MAP_CREATE-bpf$PROG_LOAD-bpf$PROG_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
reproducing took 7h2m44.50708924s
repro crashed as (corrupted=false):
INFO: task kworker/0:1:10 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:1     state:D stack:0     pid:10    tgid:10    ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16005 r9:00000000 r8:82714b74 r7:00000002 r6:df841d94 r5:82e2ec00
 r4:82e2ec00
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e2ec00 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16005 r9:df841e20 r8:00000000 r7:ffffffff r6:00000000 r5:84d7d080
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84d7d080
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e2ec00 r8:00800000 r7:00000000 r6:82c16000 r5:00001000 r4:7f0cd000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eadbf000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84ced754 r4:84ced400
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:dddd00c0 r6:82c16000 r5:84ced754 r4:82cb2000
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e2ec00 r9:82cb202c r8:61c88647 r7:dddd00e0 r6:82604d40 r5:dddd00c0
 r4:82cb2000
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df839e90 r8:82cb1b40 r7:82cb2000 r6:80267c04 r5:82e2ec00
 r4:82cb1940
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf841fb0 to 0xdf841ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82cb1940
INFO: task kworker/1:0:24 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:0     state:D stack:0     pid:24    tgid:24    ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df87dd94 r5:82e3b000
 r4:82e3b000
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e3b000 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df87de20 r8:00000000 r7:ffffffff r6:00000000 r5:8503b4c0
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8503b4c0
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e3b000 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f013000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:df95d000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84c5e354 r4:84c5e000
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84c5e354 r4:82cb2180
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e3b000 r9:82cb21ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:82cb2180
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df819d60 r8:82cc3e40 r7:82cb2180 r6:80267c04 r5:82e3b000
 r4:82cc3c00
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf87dfb0 to 0xdf87dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82cc3c00
INFO: task kworker/1:1:45 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:1     state:D stack:0     pid:45    tgid:45    ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df919d94 r5:82ebbc00
 r4:82ebbc00
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82ebbc00 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df919e20 r8:00000000 r7:ffffffff r6:00000000 r5:8437f080
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8437f080
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82ebbc00 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f015000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:df883000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84bccb54 r4:84bcc800
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84bccb54 r4:82fb5400
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82ebbc00 r9:82fb542c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:82fb5400
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df87de90 r8:82fb47c0 r7:82fb5400 r6:80267c04 r5:82ebbc00
 r4:82fb46c0
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf919fb0 to 0xdf919ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82fb46c0
INFO: task kworker/0:3:123 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:3     state:D stack:0     pid:123   tgid:123   ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16005 r9:00000000 r8:82714b74 r7:00000002 r6:dfa09d94 r5:836bd400
 r4:836bd400
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:836bd400 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16005 r9:dfa09e20 r8:00000000 r7:ffffffff r6:00000000 r5:84d97c80
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84d97c80
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:836bd400 r8:00800000 r7:00000000 r6:82c16000 r5:00001000 r4:7f0c7000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:ead75000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84ce3f54 r4:84ce3c00
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:dddd00c0 r6:82c16000 r5:84ce3f54 r4:836cc300
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:836bd400 r9:836cc32c r8:61c88647 r7:dddd00e0 r6:82604d40 r5:dddd00c0
 r4:836cc300
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:dfa01e90 r8:836d1340 r7:836cc300 r6:80267c04 r5:836bd400
 r4:836d1240
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdfa09fb0 to 0xdfa09ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:836d1240
INFO: task kworker/1:2:3019 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:2     state:D stack:0     pid:3019  tgid:3019  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df9a9d94 r5:83e80c00
 r4:83e80c00
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:83e80c00 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df9a9e20 r8:00000000 r7:ffffffff r6:00000000 r5:843bcf80
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:843bcf80
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:83e80c00 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f013000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:df981000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84bcff54 r4:84bcfc00
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84bcff54 r4:83473680
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:83e80c00 r9:834736ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473680
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df87de90 r8:836d10c0 r7:83473680 r6:80267c04 r5:83e80c00
 r4:82f03140
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf9a9fb0 to 0xdf9a9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82f03140
INFO: task kworker/1:3:3032 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:3     state:D stack:0     pid:3032  tgid:3032  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df9edd94 r5:83e82400
 r4:83e82400
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:83e82400 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df9ede20 r8:00000000 r7:ffffffff r6:00000000 r5:84e16e40
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e16e40
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:83e82400 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f0ed000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eb11f000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84c5cf54 r4:84c5cc00
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84c5cf54 r4:83473880
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:83e82400 r9:834738ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473880
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df87de90 r8:849b2640 r7:83473880 r6:80267c04 r5:83e82400
 r4:84250540
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf9edfb0 to 0xdf9edff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:84250540
INFO: task kworker/1:4:3033 blocked for more than 451 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:4     state:D stack:0     pid:3033  tgid:3033  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df9f5d94 r5:82e98000
 r4:82e98000
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e98000 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df9f5e20 r8:00000000 r7:ffffffff r6:00000000 r5:866d7b00
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:866d7b00
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e98000 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f3bf000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eb349000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:86381354 r4:86381000
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:86381354 r4:83473800
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e98000 r9:8347382c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473800
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df87de90 r8:849b2cc0 r7:83473800 r6:80267c04 r5:82e98000
 r4:84250540
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf9f5fb0 to 0xdf9f5ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:84250540
INFO: task kworker/1:5:3035 blocked for more than 451 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:5     state:D stack:0     pid:3035  tgid:3035  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:dfa4dd94 r5:82e9a400
 r4:82e9a400
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e9a400 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:dfa4de20 r8:00000000 r7:ffffffff r6:00000000 r5:8533cc00
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8533cc00
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e9a400 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f179000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eb6f3000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84c5ef54 r4:84c5ec00
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84c5ef54 r4:83473980
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e9a400 r9:834739ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473980
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df9f5e90 r8:83c02800 r7:83473980 r6:80267c04 r5:82e9a400
 r4:84364dc0
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdfa4dfb0 to 0xdfa4dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:84364dc0
INFO: task kworker/1:6:3038 blocked for more than 451 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:6     state:D stack:0     pid:3038  tgid:3038  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:dfa8dd94 r5:82e2d400
 r4:82e2d400
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e2d400 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:dfa8de20 r8:00000000 r7:ffffffff r6:00000000 r5:8580ad80
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8580ad80
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e2d400 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f245000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:ed389000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:843e3754 r4:843e3400
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:843e3754 r4:83473900
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e2d400 r9:8347392c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473900
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df9f5e90 r8:849ca280 r7:83473900 r6:80267c04 r5:82e2d400
 r4:8438d080
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdfa8dfb0 to 0xdfa8dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:8438d080
INFO: task kworker/1:7:3039 blocked for more than 451 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:7     state:D stack:0     pid:3039  tgid:3039  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:dfaadd94 r5:84154800
 r4:84154800
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:84154800 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:dfaade20 r8:00000000 r7:ffffffff r6:00000000 r5:85923280
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85923280
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:84154800 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f27d000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eb407000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84c79354 r4:84c79000
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84c79354 r4:83473a00
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:84154800 r9:83473a2c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473a00
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df9f5e90 r8:849ca340 r7:83473a00 r6:80267c04 r5:84154800
 r4:8438d040
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdfaadfb0 to 0xdfaadff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:8438d040
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
NMI backtrace for cpu 1
CPU: 1 PID: 32 Comm: khungtaskd Not tainted 6.10.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
Call trace: 
[<818d3698>] (dump_backtrace) from [<818d3794>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257)
 r7:00000000 r6:00000113 r5:60000193 r4:81fe11d0
[<818d377c>] (show_stack) from [<818f0dc0>] (__dump_stack lib/dump_stack.c:88 [inline])
[<818d377c>] (show_stack) from [<818f0dc0>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:114)
[<818f0d50>] (dump_stack_lvl) from [<818f0de4>] (dump_stack+0x18/0x1c lib/dump_stack.c:123)
 r5:00000001 r4:00000001
[<818f0dcc>] (dump_stack) from [<818c0994>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113)
[<818c0834>] (nmi_cpu_backtrace) from [<818c0ae0>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62)
 r7:00000001 r6:8260c5d0 r5:8261a7cc r4:ffffffff
[<818c09b0>] (nmi_trigger_cpumask_backtrace) from [<802103c8>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:851)
 r9:00000001 r8:828a51a0 r7:8260c734 r6:00007d6b r5:8261ad88 r4:8639821c
[<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352730>] (trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline])
[<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352730>] (check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline])
[<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352730>] (watchdog+0x48c/0x59c kernel/hung_task.c:379)
[<803522a4>] (watchdog) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df819e58 r8:82cc6e00 r7:00000000 r6:803522a4 r5:82e3e000
 r4:82f9e900
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf8e1fb0 to 0xdf8e1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82f9e900
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 2816 Comm: syslogd Not tainted 6.10.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at mutex_unlock+0x0/0x44 kernel/locking/mutex.c:543
LR is at __unix_dgram_recvmsg+0x2cc/0x4c8 net/unix/af_unix.c:2470
pc : [<818f753c>]    lr : [<81686e80>]    psr: 60000013
sp : ec3a1da0  ip : dddd4928  fp : ec3a1e24
r10: 00000000  r9 : 0000007a  r8 : 0000007a
r7 : 84446000  r6 : 82cfe634  r5 : 82cfe400  r4 : 85084480
r3 : 835b6c00  r2 : 00000000  r1 : 00000000  r0 : 82cfe634
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 84304800  DAC: fffffffd
Call trace: 
[<81686bb4>] (__unix_dgram_recvmsg) from [<816870c0>] (unix_dgram_recvmsg+0x44/0x4c net/unix/af_unix.c:2486)
 r10:00000001 r9:00000000 r8:01ee31d0 r7:00000000 r6:84446000 r5:ec3a1e68
 r4:8168707c
[<8168707c>] (unix_dgram_recvmsg) from [<813cfe78>] (sock_recvmsg_nosec net/socket.c:1046 [inline])
[<8168707c>] (unix_dgram_recvmsg) from [<813cfe78>] (sock_recvmsg+0x50/0x78 net/socket.c:1068)
 r4:8168707c
[<813cfe28>] (sock_recvmsg) from [<813cff44>] (sock_read_iter+0xa4/0xfc net/socket.c:1138)
 r7:84446000 r6:843d6540 r5:ec3a1f08 r4:ec3a1ef0
[<813cfea0>] (sock_read_iter) from [<805013fc>] (new_sync_read fs/read_write.c:395 [inline])
[<813cfea0>] (sock_read_iter) from [<805013fc>] (vfs_read+0x2ec/0x31c fs/read_write.c:476)
 r7:00000000 r6:835b6c00 r5:000000ff r4:843d6540
[<80501110>] (vfs_read) from [<80501e8c>] (ksys_read+0xc4/0xf8 fs/read_write.c:619)
 r10:00000003 r9:835b6c00 r8:8020029c r7:000000ff r6:01ee31d0 r5:843d6540
 r4:843d6540
[<80501dc8>] (ksys_read) from [<80501ed0>] (__do_sys_read fs/read_write.c:629 [inline])
[<80501dc8>] (ksys_read) from [<80501ed0>] (sys_read+0x10/0x14 fs/read_write.c:627)
 r7:00000003 r6:01ee32d0 r5:76f135a0 r4:fffffc00
[<80501ec0>] (sys_read) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:67)
Exception stack(0xec3a1fa8 to 0xec3a1ff0)
1fa0:                   fffffc00 76f135a0 00000000 01ee31d0 000000ff 00000000
1fc0: fffffc00 76f135a0 01ee32d0 00000003 00000000 01ee31c8 76ed854c 76ed8548
1fe0: 76ed79f8 7e9abc70 76e4d2ec 76d5b2fc

final repro crashed as (corrupted=false):
INFO: task kworker/0:1:10 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:1     state:D stack:0     pid:10    tgid:10    ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16005 r9:00000000 r8:82714b74 r7:00000002 r6:df841d94 r5:82e2ec00
 r4:82e2ec00
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e2ec00 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16005 r9:df841e20 r8:00000000 r7:ffffffff r6:00000000 r5:84d7d080
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84d7d080
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e2ec00 r8:00800000 r7:00000000 r6:82c16000 r5:00001000 r4:7f0cd000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eadbf000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84ced754 r4:84ced400
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:dddd00c0 r6:82c16000 r5:84ced754 r4:82cb2000
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e2ec00 r9:82cb202c r8:61c88647 r7:dddd00e0 r6:82604d40 r5:dddd00c0
 r4:82cb2000
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df839e90 r8:82cb1b40 r7:82cb2000 r6:80267c04 r5:82e2ec00
 r4:82cb1940
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf841fb0 to 0xdf841ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82cb1940
INFO: task kworker/1:0:24 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:0     state:D stack:0     pid:24    tgid:24    ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df87dd94 r5:82e3b000
 r4:82e3b000
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e3b000 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df87de20 r8:00000000 r7:ffffffff r6:00000000 r5:8503b4c0
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8503b4c0
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e3b000 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f013000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:df95d000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84c5e354 r4:84c5e000
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84c5e354 r4:82cb2180
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e3b000 r9:82cb21ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:82cb2180
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df819d60 r8:82cc3e40 r7:82cb2180 r6:80267c04 r5:82e3b000
 r4:82cc3c00
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf87dfb0 to 0xdf87dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82cc3c00
INFO: task kworker/1:1:45 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:1     state:D stack:0     pid:45    tgid:45    ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df919d94 r5:82ebbc00
 r4:82ebbc00
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82ebbc00 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df919e20 r8:00000000 r7:ffffffff r6:00000000 r5:8437f080
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8437f080
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82ebbc00 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f015000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:df883000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84bccb54 r4:84bcc800
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84bccb54 r4:82fb5400
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82ebbc00 r9:82fb542c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:82fb5400
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df87de90 r8:82fb47c0 r7:82fb5400 r6:80267c04 r5:82ebbc00
 r4:82fb46c0
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf919fb0 to 0xdf919ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82fb46c0
INFO: task kworker/0:3:123 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:3     state:D stack:0     pid:123   tgid:123   ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16005 r9:00000000 r8:82714b74 r7:00000002 r6:dfa09d94 r5:836bd400
 r4:836bd400
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:836bd400 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16005 r9:dfa09e20 r8:00000000 r7:ffffffff r6:00000000 r5:84d97c80
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16005 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84d97c80
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:836bd400 r8:00800000 r7:00000000 r6:82c16000 r5:00001000 r4:7f0c7000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:ead75000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84ce3f54 r4:84ce3c00
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:dddd00c0 r6:82c16000 r5:84ce3f54 r4:836cc300
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:836bd400 r9:836cc32c r8:61c88647 r7:dddd00e0 r6:82604d40 r5:dddd00c0
 r4:836cc300
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:dfa01e90 r8:836d1340 r7:836cc300 r6:80267c04 r5:836bd400
 r4:836d1240
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdfa09fb0 to 0xdfa09ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:836d1240
INFO: task kworker/1:2:3019 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:2     state:D stack:0     pid:3019  tgid:3019  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df9a9d94 r5:83e80c00
 r4:83e80c00
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:83e80c00 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df9a9e20 r8:00000000 r7:ffffffff r6:00000000 r5:843bcf80
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:843bcf80
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:83e80c00 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f013000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:df981000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84bcff54 r4:84bcfc00
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84bcff54 r4:83473680
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:83e80c00 r9:834736ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473680
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df87de90 r8:836d10c0 r7:83473680 r6:80267c04 r5:83e80c00
 r4:82f03140
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf9a9fb0 to 0xdf9a9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82f03140
INFO: task kworker/1:3:3032 blocked for more than 450 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:3     state:D stack:0     pid:3032  tgid:3032  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df9edd94 r5:83e82400
 r4:83e82400
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:83e82400 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df9ede20 r8:00000000 r7:ffffffff r6:00000000 r5:84e16e40
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e16e40
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:83e82400 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f0ed000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eb11f000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84c5cf54 r4:84c5cc00
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84c5cf54 r4:83473880
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:83e82400 r9:834738ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473880
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df87de90 r8:849b2640 r7:83473880 r6:80267c04 r5:83e82400
 r4:84250540
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf9edfb0 to 0xdf9edff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:84250540
INFO: task kworker/1:4:3033 blocked for more than 451 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:4     state:D stack:0     pid:3033  tgid:3033  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:df9f5d94 r5:82e98000
 r4:82e98000
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e98000 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:df9f5e20 r8:00000000 r7:ffffffff r6:00000000 r5:866d7b00
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:866d7b00
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e98000 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f3bf000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eb349000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:86381354 r4:86381000
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:86381354 r4:83473800
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e98000 r9:8347382c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473800
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df87de90 r8:849b2cc0 r7:83473800 r6:80267c04 r5:82e98000
 r4:84250540
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf9f5fb0 to 0xdf9f5ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:84250540
INFO: task kworker/1:5:3035 blocked for more than 451 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:5     state:D stack:0     pid:3035  tgid:3035  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:dfa4dd94 r5:82e9a400
 r4:82e9a400
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e9a400 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:dfa4de20 r8:00000000 r7:ffffffff r6:00000000 r5:8533cc00
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8533cc00
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e9a400 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f179000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eb6f3000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84c5ef54 r4:84c5ec00
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84c5ef54 r4:83473980
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e9a400 r9:834739ac r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473980
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df9f5e90 r8:83c02800 r7:83473980 r6:80267c04 r5:82e9a400
 r4:84364dc0
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdfa4dfb0 to 0xdfa4dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:84364dc0
INFO: task kworker/1:6:3038 blocked for more than 451 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:6     state:D stack:0     pid:3038  tgid:3038  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:dfa8dd94 r5:82e2d400
 r4:82e2d400
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:82e2d400 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:dfa8de20 r8:00000000 r7:ffffffff r6:00000000 r5:8580ad80
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8580ad80
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:82e2d400 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f245000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:ed389000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:843e3754 r4:843e3400
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:843e3754 r4:83473900
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:82e2d400 r9:8347392c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473900
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df9f5e90 r8:849ca280 r7:83473900 r6:80267c04 r5:82e2d400
 r4:8438d080
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdfa8dfb0 to 0xdfa8dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:8438d080
INFO: task kworker/1:7:3039 blocked for more than 451 seconds.
      Not tainted 6.10.0-rc1-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:7     state:D stack:0     pid:3039  tgid:3039  ppid:2      flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<818f4db8>] (__schedule) from [<818f59bc>] (__schedule_loop kernel/sched/core.c:6822 [inline])
[<818f4db8>] (__schedule) from [<818f59bc>] (schedule+0x2c/0xfc kernel/sched/core.c:6837)
 r10:82c16205 r9:00000000 r8:82714b74 r7:00000002 r6:dfaadd94 r5:84154800
 r4:84154800
[<818f5990>] (schedule) from [<818f5fcc>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6894)
 r5:84154800 r4:82714b70
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock_common kernel/locking/mutex.c:684 [inline])
[<818f5fb4>] (schedule_preempt_disabled) from [<818f88b4>] (__mutex_lock.constprop.0+0x2e8/0xae0 kernel/locking/mutex.c:752)
[<818f85cc>] (__mutex_lock.constprop.0) from [<818f9180>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1040)
 r10:82c16205 r9:dfaade20 r8:00000000 r7:ffffffff r6:00000000 r5:85923280
 r4:00000000
[<818f916c>] (__mutex_lock_slowpath) from [<818f91c0>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:286)
[<818f9184>] (mutex_lock) from [<804a5088>] (_vm_unmap_aliases+0x60/0x2e8 mm/vmalloc.c:2828)
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vm_reset_perms mm/vmalloc.c:3257 [inline])
[<804a5028>] (_vm_unmap_aliases) from [<804a8ee4>] (vfree+0x170/0x1e4 mm/vmalloc.c:3336)
 r10:82c16205 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85923280
 r4:00000000
[<804a8d74>] (vfree) from [<804fb7cc>] (execmem_free+0x30/0x64 mm/execmem.c:69)
 r9:84154800 r8:01800000 r7:00000000 r6:82c16200 r5:00001000 r4:7f27d000
[<804fb79c>] (execmem_free) from [<80395668>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1073)
 r5:00001000 r4:eb407000
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_binary_free kernel/bpf/core.c:1119 [inline])
[<80395658>] (bpf_jit_free_exec) from [<80395a48>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1243)
[<803959e0>] (bpf_jit_free) from [<80396b7c>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2803)
 r5:84c79354 r4:84c79000
[<80396a30>] (bpf_prog_free_deferred) from [<802671bc>] (process_one_work+0x1c4/0x510 kernel/workqueue.c:3231)
 r7:ddde40c0 r6:82c16200 r5:84c79354 r4:83473a00
[<80266ff8>] (process_one_work) from [<80267df0>] (process_scheduled_works kernel/workqueue.c:3312 [inline])
[<80266ff8>] (process_one_work) from [<80267df0>] (worker_thread+0x1ec/0x418 kernel/workqueue.c:3393)
 r10:84154800 r9:83473a2c r8:61c88647 r7:ddde40e0 r6:82604d40 r5:ddde40c0
 r4:83473a00
[<80267c04>] (worker_thread) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df9f5e90 r8:849ca340 r7:83473a00 r6:80267c04 r5:84154800
 r4:8438d040
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdfaadfb0 to 0xdfaadff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:8438d040
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
NMI backtrace for cpu 1
CPU: 1 PID: 32 Comm: khungtaskd Not tainted 6.10.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
Call trace: 
[<818d3698>] (dump_backtrace) from [<818d3794>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257)
 r7:00000000 r6:00000113 r5:60000193 r4:81fe11d0
[<818d377c>] (show_stack) from [<818f0dc0>] (__dump_stack lib/dump_stack.c:88 [inline])
[<818d377c>] (show_stack) from [<818f0dc0>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:114)
[<818f0d50>] (dump_stack_lvl) from [<818f0de4>] (dump_stack+0x18/0x1c lib/dump_stack.c:123)
 r5:00000001 r4:00000001
[<818f0dcc>] (dump_stack) from [<818c0994>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113)
[<818c0834>] (nmi_cpu_backtrace) from [<818c0ae0>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62)
 r7:00000001 r6:8260c5d0 r5:8261a7cc r4:ffffffff
[<818c09b0>] (nmi_trigger_cpumask_backtrace) from [<802103c8>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:851)
 r9:00000001 r8:828a51a0 r7:8260c734 r6:00007d6b r5:8261ad88 r4:8639821c
[<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352730>] (trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline])
[<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352730>] (check_hung_uninterruptible_tasks kernel/hung_task.c:223 [inline])
[<802103b0>] (arch_trigger_cpumask_backtrace) from [<80352730>] (watchdog+0x48c/0x59c kernel/hung_task.c:379)
[<803522a4>] (watchdog) from [<80271228>] (kthread+0x104/0x134 kernel/kthread.c:389)
 r10:00000000 r9:df819e58 r8:82cc6e00 r7:00000000 r6:803522a4 r5:82e3e000
 r4:82f9e900
[<80271124>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:134)
Exception stack(0xdf8e1fb0 to 0xdf8e1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80271124 r4:82f9e900
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 2816 Comm: syslogd Not tainted 6.10.0-rc1-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at mutex_unlock+0x0/0x44 kernel/locking/mutex.c:543
LR is at __unix_dgram_recvmsg+0x2cc/0x4c8 net/unix/af_unix.c:2470
pc : [<818f753c>]    lr : [<81686e80>]    psr: 60000013
sp : ec3a1da0  ip : dddd4928  fp : ec3a1e24
r10: 00000000  r9 : 0000007a  r8 : 0000007a
r7 : 84446000  r6 : 82cfe634  r5 : 82cfe400  r4 : 85084480
r3 : 835b6c00  r2 : 00000000  r1 : 00000000  r0 : 82cfe634
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 84304800  DAC: fffffffd
Call trace: 
[<81686bb4>] (__unix_dgram_recvmsg) from [<816870c0>] (unix_dgram_recvmsg+0x44/0x4c net/unix/af_unix.c:2486)
 r10:00000001 r9:00000000 r8:01ee31d0 r7:00000000 r6:84446000 r5:ec3a1e68
 r4:8168707c
[<8168707c>] (unix_dgram_recvmsg) from [<813cfe78>] (sock_recvmsg_nosec net/socket.c:1046 [inline])
[<8168707c>] (unix_dgram_recvmsg) from [<813cfe78>] (sock_recvmsg+0x50/0x78 net/socket.c:1068)
 r4:8168707c
[<813cfe28>] (sock_recvmsg) from [<813cff44>] (sock_read_iter+0xa4/0xfc net/socket.c:1138)
 r7:84446000 r6:843d6540 r5:ec3a1f08 r4:ec3a1ef0
[<813cfea0>] (sock_read_iter) from [<805013fc>] (new_sync_read fs/read_write.c:395 [inline])
[<813cfea0>] (sock_read_iter) from [<805013fc>] (vfs_read+0x2ec/0x31c fs/read_write.c:476)
 r7:00000000 r6:835b6c00 r5:000000ff r4:843d6540
[<80501110>] (vfs_read) from [<80501e8c>] (ksys_read+0xc4/0xf8 fs/read_write.c:619)
 r10:00000003 r9:835b6c00 r8:8020029c r7:000000ff r6:01ee31d0 r5:843d6540
 r4:843d6540
[<80501dc8>] (ksys_read) from [<80501ed0>] (__do_sys_read fs/read_write.c:629 [inline])
[<80501dc8>] (ksys_read) from [<80501ed0>] (sys_read+0x10/0x14 fs/read_write.c:627)
 r7:00000003 r6:01ee32d0 r5:76f135a0 r4:fffffc00
[<80501ec0>] (sys_read) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:67)
Exception stack(0xec3a1fa8 to 0xec3a1ff0)
1fa0:                   fffffc00 76f135a0 00000000 01ee31d0 000000ff 00000000
1fc0: fffffc00 76f135a0 01ee32d0 00000003 00000000 01ee31c8 76ed854c 76ed8548
1fe0: 76ed79f8 7e9abc70 76e4d2ec 76d5b2fc