./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1095514534

<...>
Warning: Permanently added '10.128.0.80' (ED25519) to the list of known hosts.
execve("./syz-executor1095514534", ["./syz-executor1095514534"], 0x7ffda0cb9f80 /* 10 vars */) = 0
brk(NULL)                               = 0x555565f13000
brk(0x555565f13d00)                     = 0x555565f13d00
arch_prctl(ARCH_SET_FS, 0x555565f13380) = 0
set_tid_address(0x555565f13650)         = 290
set_robust_list(0x555565f13660, 24)     = 0
rseq(0x555565f13ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1095514534", 4096) = 28
getrandom("\x44\x68\x7d\x0b\x5b\x0c\xb1\x83", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555565f13d00
brk(0x555565f34d00)                     = 0x555565f34d00
brk(0x555565f35000)                     = 0x555565f35000
mprotect(0x7f420aaee000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555565f13650) = 291
./strace-static-x86_64: Process 291 attached
[pid   291] set_robust_list(0x555565f13660, 24) = 0
[pid   291] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   291] setpgid(0, 0)               = 0
[pid   291] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   291] write(3, "1000", 4)         = 4
[pid   291] close(3)                    = 0
[pid   291] write(1, "executing program\n", 18executing program
) = 18
[pid   291] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=20, insns=0x200000000400, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 15, 0), prog_flags=0x40 /* BPF_F_??? */, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = -1 EINVAL (Invalid argument)
[pid   291] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_CGROUP_SOCKOPT, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 17, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_SETSOCKOPT, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 EINVAL (Invalid argument)
[pid   291] openat(AT_FDCWD, "memory.events", O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = 3
[pid   291] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_GETSOCKOPT, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = 4
[pid   291] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_LOOKUP, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_SETSOCKOPT, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = -1 EINVAL (Invalid argument)
[pid   291] socketpair(AF_TIPC, SOCK_DGRAM, 0, [5, 6]) = 0
[pid   291] close(5)                    = 0
[pid   291] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LPM_TRIE, key_size=7, value_size=65537, max_entries=8, map_flags=BPF_F_NO_PREALLOC, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5
[pid   291] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid   291] close(5)                    = 0
[pid   291] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LPM_TRIE, key_size=7, value_size=65537, max_entries=9, map_flags=BPF_F_NO_PREALLOC, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 5
[pid   291] bpf(BPF_MAP_UPDATE_ELEM, {map_fd=5, key=0x200000000080, value=0x200000000200, flags=BPF_ANY}, 32) = 0
[pid   291] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 15, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET4_GETPEERNAME, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = 7
[pid   291] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="timer_start", prog_fd=7}}, 16) = 8
[  231.737398][   T28] audit: type=1400 audit(1752352090.462:64): avc:  denied  { execmem } for  pid=290 comm="syz-executor109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  231.756891][   T28] audit: type=1400 audit(1752352090.462:65): avc:  denied  { bpf } for  pid=291 comm="syz-executor109" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  231.778054][   T28] audit: type=1400 audit(1752352090.462:66): avc:  denied  { prog_load } for  pid=291 comm="syz-executor109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  231.797436][   T28] audit: type=1400 audit(1752352090.462:67): avc:  denied  { perfmon } for  pid=291 comm="syz-executor109" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  231.818503][   T28] audit: type=1400 audit(1752352090.492:68): avc:  denied  { prog_run } for  pid=291 comm="syz-executor109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  231.837668][   T28] audit: type=1400 audit(1752352090.492:69): avc:  denied  { create } for  pid=291 comm="syz-executor109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  231.857621][   T28] audit: type=1400 audit(1752352090.492:70): avc:  denied  { map_create } for  pid=291 comm="syz-executor109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  231.876971][   T28] audit: type=1400 audit(1752352090.492:71): avc:  denied  { map_read map_write } for  pid=291 comm="syz-executor109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  331.788335][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  331.795371][    C0] rcu: 	1-...!: (0 ticks this GP) idle=cb44/1/0x4000000000000000 softirq=2338/2338 fqs=0
[  331.805178][    C0] 	(detected by 0, t=10002 jiffies, g=709, q=261 ncpus=2)
[  331.812285][    C0] Sending NMI from CPU 0 to CPUs 1:
[  331.817517][    C1] NMI backtrace for cpu 1
[  331.817527][    C1] CPU: 1 PID: 286 Comm: sshd-session Not tainted 6.1.141-syzkaller-00038-ge2deb0b42a3a #0
[  331.817544][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/19/2025
[  331.817552][    C1] RIP: 0010:kvm_wait+0xcc/0x140
[  331.817578][    C1] Code: 20 f6 44 24 21 02 75 24 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 75 48 0f b6 07 40 38 f0 75 a6 66 90 0f 00 2d b5 ae 13 04 f4 <eb> 9a fa 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 75 3f 0f b6 07
[  331.817591][    C1] RSP: 0018:ffffc90000e16c60 EFLAGS: 00000046
[  331.817606][    C1] RAX: 0000000000000003 RBX: ffff8881f7127c40 RCX: ffffffff84f06582
[  331.817618][    C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881f7127c40
[  331.817629][    C1] RBP: ffffc90000e16cf0 R08: dffffc0000000000 R09: ffffed103ee24f89
[  331.817641][    C1] R10: ffffed103ee24f89 R11: 1ffff1103ee24f88 R12: 1ffff1103ee20001
[  331.817653][    C1] R13: ffff8881f7138c94 R14: dffffc0000000000 R15: 1ffff920001c2d8c
[  331.817664][    C1] FS:  00007fd001de8300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  331.817679][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  331.817690][    C1] CR2: 0000200000010000 CR3: 000000010f2ed000 CR4: 00000000003506a0
[  331.817706][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  331.817715][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  331.817725][    C1] Call Trace:
[  331.817732][    C1]  <TASK>
[  331.817739][    C1]  ? __cfi_kvm_wait+0x10/0x10
[  331.817758][    C1]  ? pv_hash+0x86/0x150
[  331.817780][    C1]  __pv_queued_spin_lock_slowpath+0x690/0xc40
[  331.817808][    C1]  ? _raw_spin_unlock+0x4c/0x70
[  331.817829][    C1]  ? __cfi___pv_queued_spin_lock_slowpath+0x10/0x10
[  331.817845][    C1]  ? __kasan_check_write+0x14/0x20
[  331.817865][    C1]  ? _raw_spin_trylock+0xb1/0x140
[  331.817884][    C1]  ? __cfi_sch_direct_xmit+0x10/0x10
[  331.817905][    C1]  queued_spin_lock_slowpath+0x47/0x50
[  331.817937][    C1]  _raw_spin_lock_irqsave+0x108/0x110
[  331.817957][    C1]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  331.817977][    C1]  ? __dev_queue_xmit+0x13fb/0x3420
[  331.817998][    C1]  lock_timer_base+0x127/0x270
[  331.818016][    C1]  __mod_timer+0x10a/0xb30
[  331.818031][    C1]  ? __kasan_check_read+0x11/0x20
[  331.818050][    C1]  ? selinux_ip_postroute+0x245/0xf60
[  331.818069][    C1]  add_timer+0x68/0x80
[  331.818084][    C1]  __queue_delayed_work+0x173/0x200
[  331.818103][    C1]  queue_delayed_work_on+0xdb/0x150
[  331.818121][    C1]  ? __cfi_queue_delayed_work_on+0x10/0x10
[  331.818139][    C1]  ? __virt_addr_valid+0x228/0x2e0
[  331.818154][    C1]  kvfree_call_rcu+0x436/0x7a0
[  331.818172][    C1]  ? __cfi_kvfree_call_rcu+0x10/0x10
[  331.818188][    C1]  ? longest_prefix_match+0x4ac/0x640
[  331.818206][    C1]  trie_delete_elem+0x572/0x720
[  331.818224][    C1]  bpf_prog_3d1485d3268e5ad0+0x40/0x44
[  331.818240][    C1]  bpf_trace_run3+0x113/0x270
[  331.818259][    C1]  ? __cfi_bpf_trace_run3+0x10/0x10
[  331.818278][    C1]  ? debug_smp_processor_id+0x17/0x20
[  331.818298][    C1]  ? get_nohz_timer_target+0x74/0x540
[  331.818313][    C1]  ? __ip_queue_xmit+0x11d1/0x1d00
[  331.818336][    C1]  __bpf_trace_timer_start+0x2b/0x40
[  331.818351][    C1]  enqueue_timer+0x337/0x480
[  331.818370][    C1]  __mod_timer+0x79f/0xb30
[  331.818387][    C1]  mod_timer+0x1f/0x30
[  331.818403][    C1]  sk_reset_timer+0x22/0xb0
[  331.818419][    C1]  tcp_rearm_rto+0x312/0x700
[  331.818438][    C1]  ? tcp_rbtree_insert+0x149/0x180
[  331.818457][    C1]  tcp_event_new_data_sent+0x250/0x400
[  331.818474][    C1]  tcp_write_xmit+0x161f/0x5fb0
[  331.818495][    C1]  __tcp_push_pending_frames+0x9c/0x2f0
[  331.818510][    C1]  tcp_push+0x48f/0x660
[  331.818529][    C1]  ? __check_object_size+0x45a/0x600
[  331.818549][    C1]  tcp_sendmsg_locked+0x34f1/0x3d90
[  331.818569][    C1]  ? __local_bh_enable_ip+0x58/0x80
[  331.818586][    C1]  ? __cfi_tcp_sendmsg_locked+0x10/0x10
[  331.818603][    C1]  tcp_sendmsg+0x2f/0x50
[  331.818616][    C1]  inet_sendmsg+0xb6/0xd0
[  331.818631][    C1]  sock_write_iter+0x2ca/0x3b0
[  331.818649][    C1]  ? __cfi_sock_write_iter+0x10/0x10
[  331.818667][    C1]  ? fsnotify_perm+0x67/0x5b0
[  331.818682][    C1]  ? security_file_permission+0x8a/0xb0
[  331.818699][    C1]  vfs_write+0x5db/0xca0
[  331.818719][    C1]  ? __cfi_vfs_write+0x10/0x10
[  331.818738][    C1]  ? _raw_spin_unlock_irq+0x4d/0x70
[  331.818758][    C1]  ? __kasan_check_write+0x14/0x20
[  331.818778][    C1]  ? __kasan_check_read+0x11/0x20
[  331.818797][    C1]  ? __fdget_pos+0x1f2/0x380
[  331.818818][    C1]  ksys_write+0x140/0x240
[  331.818837][    C1]  ? __cfi_ksys_write+0x10/0x10
[  331.818856][    C1]  ? debug_smp_processor_id+0x17/0x20
[  331.818875][    C1]  __x64_sys_write+0x7b/0x90
[  331.818894][    C1]  x64_sys_call+0x27b/0x9a0
[  331.818911][    C1]  do_syscall_64+0x4c/0xa0
[  331.818933][    C1]  ? clear_bhb_loop+0x30/0x80
[  331.818948][    C1]  ? clear_bhb_loop+0x30/0x80
[  331.818964][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  331.818980][    C1] RIP: 0033:0x7fd0016a7407
[  331.819024][    C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  331.819036][    C1] RSP: 002b:00007ffda59a0800 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  331.819052][    C1] RAX: ffffffffffffffda RBX: 00007fd001de8300 RCX: 00007fd0016a7407
[  331.819063][    C1] RDX: 000000000000002c RSI: 000055deec620170 RDI: 0000000000000004
[  331.819073][    C1] RBP: 000055deec623ca0 R08: 0000000000000000 R09: 0000000000000000
[  331.819083][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  331.819092][    C1] R13: 00007ffda59a0950 R14: 0000000000000000 R15: 0000000000000004
[  331.819105][    C1]  </TASK>
[  331.819111][    C1] INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.594 msecs
[  331.819473][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10001 jiffies! g709 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  332.389868][    C0] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=348
[  332.397579][    C0] rcu: rcu_preempt kthread starved for 10002 jiffies! g709 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[  332.408753][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  332.418700][    C0] rcu: RCU grace-period kthread stack dump:
[  332.424569][    C0] task:rcu_preempt     state:I stack:28352 pid:14    ppid:2      flags:0x00004000
[  332.433757][    C0] Call Trace:
[  332.437024][    C0]  <TASK>
[  332.439939][    C0]  __schedule+0xb87/0x14e0
[  332.444349][    C0]  ? release_firmware_map_entry+0x194/0x194
[  332.450229][    C0]  ? __mod_timer+0x7ae/0xb30
[  332.454824][    C0]  schedule+0xbd/0x170
[  332.458881][    C0]  schedule_timeout+0x12c/0x2e0
[  332.463722][    C0]  ? __cfi_schedule_timeout+0x10/0x10
[  332.469077][    C0]  ? __cfi_process_timeout+0x10/0x10
[  332.474346][    C0]  ? prepare_to_swait_event+0x308/0x320
[  332.479878][    C0]  rcu_gp_fqs_loop+0x2d8/0x10a0
[  332.484715][    C0]  ? rcu_gp_init+0xf10/0xf10
[  332.489291][    C0]  rcu_gp_kthread+0x95/0x370
[  332.493880][    C0]  ? __cfi_rcu_gp_kthread+0x10/0x10
[  332.499092][    C0]  ? __kasan_check_read+0x11/0x20
[  332.504117][    C0]  ? __kthread_parkme+0x142/0x180
[  332.509130][    C0]  kthread+0x281/0x320
[  332.513185][    C0]  ? __cfi_rcu_gp_kthread+0x10/0x10
[  332.518376][    C0]  ? __cfi_kthread+0x10/0x10
[  332.522990][    C0]  ret_from_fork+0x1f/0x30
[  332.527424][    C0]  </TASK>
[  332.530430][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  332.536788][    C0] Sending NMI from CPU 0 to CPUs 1:
[  332.542016][    C1] NMI backtrace for cpu 1
[  332.542024][    C1] CPU: 1 PID: 286 Comm: sshd-session Not tainted 6.1.141-syzkaller-00038-ge2deb0b42a3a #0
[  332.542040][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/19/2025
[  332.542047][    C1] RIP: 0010:kvm_wait+0xcc/0x140
[  332.542069][    C1] Code: 20 f6 44 24 21 02 75 24 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 75 48 0f b6 07 40 38 f0 75 a6 66 90 0f 00 2d b5 ae 13 04 f4 <eb> 9a fa 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 75 3f 0f b6 07
[  332.542081][    C1] RSP: 0018:ffffc90000e16c60 EFLAGS: 00000046
[  332.542095][    C1] RAX: 0000000000000003 RBX: ffff8881f7127c40 RCX: ffffffff84f06582
[  332.542105][    C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff8881f7127c40
[  332.542115][    C1] RBP: ffffc90000e16cf0 R08: dffffc0000000000 R09: ffffed103ee24f89
[  332.542126][    C1] R10: ffffed103ee24f89 R11: 1ffff1103ee24f88 R12: 1ffff1103ee20001
[  332.542136][    C1] R13: ffff8881f7138c94 R14: dffffc0000000000 R15: 1ffff920001c2d8c
[  332.542146][    C1] FS:  00007fd001de8300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  332.542160][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  332.542170][    C1] CR2: 0000200000010000 CR3: 000000010f2ed000 CR4: 00000000003506a0
[  332.542186][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  332.542194][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  332.542204][    C1] Call Trace:
[  332.542210][    C1]  <TASK>
[  332.542216][    C1]  ? __cfi_kvm_wait+0x10/0x10
[  332.542233][    C1]  ? pv_hash+0x86/0x150
[  332.542253][    C1]  __pv_queued_spin_lock_slowpath+0x690/0xc40
[  332.542269][    C1]  ? _raw_spin_unlock+0x4c/0x70
[  332.542289][    C1]  ? __cfi___pv_queued_spin_lock_slowpath+0x10/0x10
[  332.542304][    C1]  ? __kasan_check_write+0x14/0x20
[  332.542323][    C1]  ? _raw_spin_trylock+0xb1/0x140
[  332.542340][    C1]  ? __cfi_sch_direct_xmit+0x10/0x10
[  332.542360][    C1]  queued_spin_lock_slowpath+0x47/0x50
[  332.542380][    C1]  _raw_spin_lock_irqsave+0x108/0x110
[  332.542398][    C1]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[  332.542417][    C1]  ? __dev_queue_xmit+0x13fb/0x3420
[  332.542437][    C1]  lock_timer_base+0x127/0x270
[  332.542454][    C1]  __mod_timer+0x10a/0xb30
[  332.542469][    C1]  ? __kasan_check_read+0x11/0x20
[  332.542487][    C1]  ? selinux_ip_postroute+0x245/0xf60
[  332.542504][    C1]  add_timer+0x68/0x80
[  332.542518][    C1]  __queue_delayed_work+0x173/0x200
[  332.542536][    C1]  queue_delayed_work_on+0xdb/0x150
[  332.542553][    C1]  ? __cfi_queue_delayed_work_on+0x10/0x10
[  332.542569][    C1]  ? __virt_addr_valid+0x228/0x2e0
[  332.542583][    C1]  kvfree_call_rcu+0x436/0x7a0
[  332.542600][    C1]  ? __cfi_kvfree_call_rcu+0x10/0x10
[  332.542616][    C1]  ? longest_prefix_match+0x4ac/0x640
[  332.542633][    C1]  trie_delete_elem+0x572/0x720
[  332.542649][    C1]  bpf_prog_3d1485d3268e5ad0+0x40/0x44
[  332.542665][    C1]  bpf_trace_run3+0x113/0x270
[  332.542683][    C1]  ? __cfi_bpf_trace_run3+0x10/0x10
[  332.542700][    C1]  ? debug_smp_processor_id+0x17/0x20
[  332.542718][    C1]  ? get_nohz_timer_target+0x74/0x540
[  332.542733][    C1]  ? __ip_queue_xmit+0x11d1/0x1d00
[  332.542754][    C1]  __bpf_trace_timer_start+0x2b/0x40
[  332.542768][    C1]  enqueue_timer+0x337/0x480
[  332.542786][    C1]  __mod_timer+0x79f/0xb30
[  332.542802][    C1]  mod_timer+0x1f/0x30
[  332.542816][    C1]  sk_reset_timer+0x22/0xb0
[  332.542832][    C1]  tcp_rearm_rto+0x312/0x700
[  332.542848][    C1]  ? tcp_rbtree_insert+0x149/0x180
[  332.542866][    C1]  tcp_event_new_data_sent+0x250/0x400
[  332.542882][    C1]  tcp_write_xmit+0x161f/0x5fb0
[  332.542912][    C1]  __tcp_push_pending_frames+0x9c/0x2f0
[  332.542926][    C1]  tcp_push+0x48f/0x660
[  332.542945][    C1]  ? __check_object_size+0x45a/0x600
[  332.542964][    C1]  tcp_sendmsg_locked+0x34f1/0x3d90
[  332.542982][    C1]  ? __local_bh_enable_ip+0x58/0x80
[  332.542998][    C1]  ? __cfi_tcp_sendmsg_locked+0x10/0x10
[  332.543014][    C1]  tcp_sendmsg+0x2f/0x50
[  332.543026][    C1]  inet_sendmsg+0xb6/0xd0
[  332.543040][    C1]  sock_write_iter+0x2ca/0x3b0
[  332.543058][    C1]  ? __cfi_sock_write_iter+0x10/0x10
[  332.543075][    C1]  ? fsnotify_perm+0x67/0x5b0
[  332.543089][    C1]  ? security_file_permission+0x8a/0xb0
[  332.543105][    C1]  vfs_write+0x5db/0xca0
[  332.543124][    C1]  ? __cfi_vfs_write+0x10/0x10
[  332.543142][    C1]  ? _raw_spin_unlock_irq+0x4d/0x70
[  332.543161][    C1]  ? __kasan_check_write+0x14/0x20
[  332.543180][    C1]  ? __kasan_check_read+0x11/0x20
[  332.543197][    C1]  ? __fdget_pos+0x1f2/0x380
[  332.543217][    C1]  ksys_write+0x140/0x240
[  332.543234][    C1]  ? __cfi_ksys_write+0x10/0x10
[  332.543252][    C1]  ? debug_smp_processor_id+0x17/0x20
[  332.543270][    C1]  __x64_sys_write+0x7b/0x90
[  332.543288][    C1]  x64_sys_call+0x27b/0x9a0
[  332.543304][    C1]  do_syscall_64+0x4c/0xa0
[  332.543315][    C1]  ? clear_bhb_loop+0x30/0x80
[  332.543330][    C1]  ? clear_bhb_loop+0x30/0x80
[  332.543345][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  332.543359][    C1] RIP: 0033:0x7fd0016a7407
[  332.543371][    C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  332.543381][    C1] RSP: 002b:00007ffda59a0800 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  332.543396][    C1] RAX: ffffffffffffffda RBX: 00007fd001de8300 RCX: 00007fd0016a7407
[  332.543406][    C1] RDX: 000000000000002c RSI: 000055deec620170 RDI: 0000000000000004
[  332.543416][    C1] RBP: 000055deec623ca0 R08: 0000000000000000 R09: 0000000000000000
[  332.543425][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  332.543433][    C1] R13: 00007ffda59a0950 R14: 0000000000000000 R15: 0000000000000004
[  332.543445][    C1]  </TASK>
[  485.175280][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [syz-executor109:291]
[  485.183904][    C0] Modules linked in:
[  485.187793][    C0] CPU: 0 PID: 291 Comm: syz-executor109 Not tainted 6.1.141-syzkaller-00038-ge2deb0b42a3a #0
[  485.198113][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/19/2025
[  485.208242][    C0] RIP: 0010:smp_call_function_many_cond+0x872/0x960
[  485.214827][    C0] Code: 41 8b 1f 89 de 83 e6 01 31 ff e8 39 66 09 00 83 e3 01 48 bb 00 00 00 00 00 fc ff df 75 0a e8 05 62 09 00 e9 38 ff ff ff f3 90 <41> 0f b6 44 1d 00 84 c0 75 14 41 f7 07 01 00 00 00 0f 84 1a ff ff
[  485.234855][    C0] RSP: 0018:ffffc90000e57640 EFLAGS: 00000293
[  485.240901][    C0] RAX: ffffffff8166958e RBX: dffffc0000000000 RCX: ffff88810ddae540
[  485.248943][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  485.256894][    C0] RBP: ffffc90000e57778 R08: dffffc0000000000 R09: ffffed103ee07213
[  485.264847][    C0] R10: 0000000000000000 R11: ffffffff81341b30 R12: 1ffff1103ee07210
[  485.272798][    C0] R13: 1ffff1103ee2789d R14: 0000000000000001 R15: ffff8881f713c4e8
[  485.280755][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  485.289669][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  485.296247][    C0] CR2: 00007f420aaf5130 CR3: 0000000006e0f000 CR4: 00000000003506b0
[  485.304207][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  485.312593][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  485.320555][    C0] Call Trace:
[  485.323906][    C0]  <TASK>
[  485.326843][    C0]  ? __cfi_do_sync_core+0x10/0x10
[  485.331856][    C0]  ? smp_call_function_many+0x40/0x40
[  485.337220][    C0]  ? enqueue_timer+0x16a/0x480
[  485.341968][    C0]  ? text_poke+0x30/0x30
[  485.346205][    C0]  ? text_poke_loc_init+0x349/0x570
[  485.351473][    C0]  ? __cfi_do_sync_core+0x10/0x10
[  485.356579][    C0]  on_each_cpu_cond_mask+0x43/0x80
[  485.361673][    C0]  text_poke_bp_batch+0x1cc/0x580
[  485.366679][    C0]  ? text_poke_loc_init+0x570/0x570
[  485.371862][    C0]  ? __kasan_check_write+0x14/0x20
[  485.376955][    C0]  ? mutex_lock+0x8d/0x1a0
[  485.381362][    C0]  ? __cfi_mutex_lock+0x10/0x10
[  485.386279][    C0]  ? enqueue_timer+0x16a/0x480
[  485.391056][    C0]  text_poke_finish+0x1a/0x30
[  485.395729][    C0]  arch_jump_label_transform_apply+0x15/0x30
[  485.401781][    C0]  __jump_label_update+0x37c/0x3a0
[  485.406875][    C0]  jump_label_update+0x39b/0x450
[  485.411792][    C0]  static_key_disable_cpuslocked+0xc9/0x1a0
[  485.417668][    C0]  static_key_disable+0x1a/0x30
[  485.422501][    C0]  tracepoint_probe_unregister+0x624/0x8b0
[  485.428288][    C0]  bpf_probe_unregister+0x61/0x70
[  485.433298][    C0]  bpf_raw_tp_link_release+0x63/0x90
[  485.438566][    C0]  bpf_link_free+0x13a/0x390
[  485.443154][    C0]  ? bpf_link_put_deferred+0x20/0x20
[  485.448530][    C0]  bpf_link_release+0x15f/0x170
[  485.453898][    C0]  ? __cfi_bpf_link_release+0x10/0x10
[  485.459256][    C0]  __fput+0x1fc/0x8f0
[  485.463362][    C0]  ____fput+0x15/0x20
[  485.467337][    C0]  task_work_run+0x1db/0x240
[  485.471909][    C0]  ? __cfi_task_work_run+0x10/0x10
[  485.477004][    C0]  ? disassociate_ctty+0x1f2/0x8b0
[  485.482115][    C0]  ? __kasan_check_write+0x14/0x20
[  485.487227][    C0]  do_exit+0xa1d/0x2650
[  485.491390][    C0]  ? __cfi_do_exit+0x10/0x10
[  485.495963][    C0]  ? _raw_spin_unlock_irq+0x4d/0x70
[  485.501162][    C0]  ? __kasan_check_write+0x14/0x20
[  485.506284][    C0]  ? _raw_spin_lock_irq+0x8f/0xe0
[  485.511304][    C0]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[  485.516853][    C0]  ? zap_other_threads+0x2c1/0x2f0
[  485.522036][    C0]  do_group_exit+0x210/0x2d0
[  485.526615][    C0]  __x64_sys_exit_group+0x3f/0x40
[  485.531672][    C0]  x64_sys_call+0x7b4/0x9a0
[  485.536158][    C0]  do_syscall_64+0x4c/0xa0
[  485.540651][    C0]  ? clear_bhb_loop+0x30/0x80
[  485.545316][    C0]  ? clear_bhb_loop+0x30/0x80
[  485.549971][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  485.555850][    C0] RIP: 0033:0x7f420aa79509
[  485.560246][    C0] Code: Unable to access opcode bytes at 0x7f420aa794df.
[  485.567239][    C0] RSP: 002b:00007ffeb5a62838 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  485.575730][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f420aa79509
[  485.583768][    C0] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[  485.591719][    C0] RBP: 00007f420aaf42d0 R08: ffffffffffffffb8 R09: 0000000000000140
[  485.600020][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f420aaf42d0
[  485.607983][    C0] R13: 0000000000000000 R14: 00007f420aaf4d20 R15: 00007f420aa4a770
[  485.615939][    C0]  </TASK>