Extracting prog: 2h24m33.268584464s
Minimizing prog: 2h41m29.337779913s
Simplifying prog options: 0s
Extracting C: 9m19.967875397s
Simplifying C: 59m58.274598314s


extracting reproducer from 12 programs
testing a last program of every proc
single: executing 2 programs separately with timeout 45s
testing program (duration=45s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$unix-socket$unix-bind$unix-listen-connect$unix-accept4-ioctl$TIOCMGET
detailed listing:
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program did not crash
testing program (duration=45s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_procfs$userns-socket$inet6_tcp-ioctl$F2FS_IOC_MOVE_RANGE-dup2-socket$inet6_tcp-recvmmsg-ioctl$BTRFS_IOC_GET_SUBVOL_INFO
detailed listing:
executing program 0:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))

program did not crash
single: failed to extract reproducer
bisect: bisecting 12 programs with base timeout 45s
testing program (duration=48s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7]
detailed listing:
executing program 1:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='}.\'\x00', 0x0)
r3 = dup3(r2, r0, 0x0)
r4 = fcntl$dupfd(r1, 0x0, r0)
recvmmsg$unix(r4, &(0x7f0000002140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}}], 0x1, 0x0, 0x0)
dup2(r3, r5)
fsetxattr$trusted_overlay_origin(r5, &(0x7f0000000300), 0x0, 0x0, 0x0)
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup3(r0, r1, 0x0)
recvmmsg(r2, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r1)
connect$unix(r3, &(0x7f0000000280)=@abs, 0x6e)
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept$unix(r1, 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r2, 0x5451, 0x0)
executing program 0:
r0 = gettid()
timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8)
syz_fuse_handle_req(r1, &(0x7f00000007c0)="ccd3e8e0b6b96943623dbdcfb7d3691960e79653256ff9b6db0644abaed0732bf272349a8f263b9b1b05a3c730a62605eb61b2e647df19558c1f4be58ebdeb65d93a8b93e4ba4bc91e7967beb461c2f18569753fe040aecdd9771bd77596d06d054510bc58b6305c2a3dd3ff61bf1aa4c48632ab45218d71c6989b69d61b89034f09c38069f6e269ffbb6590a264dabb94f3b7d951a50c37aefc423cf2920ee5d73986bfc8844e7f2ef55d93c5abae0d394951235bc8dd44d14b3c93806f9cf62c202df4953b6b55a195295913e737861d25a7ffbeff56d37f5960f72d4a0aa0d75fdc50535f21a749e8e86da4b006446b8ca3fb0f17ba2e900a598eeb6602879a6b41824dc145064eb8b33bdd6e702e58036f60329f1901ffc0b021e96f4434c4eae508a791391b26d0c8a5c0ea4c92b8f992fc24d7667963daf8ea5df6b9bbe80476487392502db81ce1b97170d368f5e2ee85285450171868e4d944ffbb75d2ce5e038311f240fcc348d23e470f1020da258def10ae4bec78a61d0e7e9fafbdfed88a6cde0ff47455e329652429ddf04273575dabae10febc5b5281996559b5201cac40c40f7ad92e461819265cce7fb94b5569111fe26f1b1020c33174e5864abd0f8d3b88c0acbb95a5fd952400d87537f6b9689ed52d486735c53004ce0e3646902de3a877074e14d74f56e38590da678c7566d0719b931a62019dbb574280c9b211b50299bc902cb7899ef0bcef2d0bb48399fd2259afefed38becc1afcb4887db6d3d34efd6e9c18d8360a1a203b952cfc2727800e29ca1f542fe0516be31c15252adbcd2136d82485be981b77ab5d06d396f33a48b5a00e3e6a729f3bdec2a53f9197b255d5379bacad191c5c692284727dc7ce47406ef7a2b17201835475b5b42aabca518f3fd7c434848a106fe5206986349b13bf3a71e7508902177cd55711a874cd8a657a10b4438beac22a60fdecef91e8f2f405bcaeea9461149075a30c9a6e4a1f431b71dfddd5386bb9f602311aad4e5847256cc08798740a9cf6a1ec9cd19d9192d90a9aa0ec99c1c5109835391b5673498b066a5d3cbabf179a3010c4e6fe66f826df0eafaaf5a094a4257beff9d3e4f923ad2626951cdd1d21a0f0efee9fb7820802d47044e940a4b4467c0da752a75e65c963e2d7e17afc8be98b1ecf7169f7976ed05a744bdd0edf2c2ddf596cd87ac5c48a88463286b82eabc8199d41f3fcf17d7daf98caa3ab3ff5445893977305f6210bf1e2dd064271ca15ac98ee9f0fe62fe1ef442bfb1650998d1ba40fa4497a9dcd7ef06d8f87b858b2bab3ecb8f579abe2bab97ee40601fdab61c08d356f3fbf0f6fb85eb9212ee30edf2f8dac3ac64303befbb43b391d64b3bae55ac2c6612af07e8c9237444463e1400f21a43b718a90ea6489b67df3534d9badcf59ece45aa3fffaa1badd71505c45b4f485ba62a42dc62cbb730a6c044230a7561a7618e910839531405da3316103afa58f7a9e21424b276e921514db098ec51be81eb8ce33d93e52208634e12a2584afa1bc35b420476867bce18801505b8f6a04835a990b8cb1b6cca7c1f1e12f7916fc05314f627b45365f916db144c63bf6f0e2e92a3c49c9957e2c28f5c917a790050f1ecf57150b02199c6e6ef23c2da718692f3b5ec141af0f182c76c469e9c5457c6eff5c65996719ec8e8cefa5f5fca25915626c0aeb6d288b15c7dca5a061d6ad76ce1b3169f576c07f08b1efd28f5f8436ea029d255f74099d021d64aee916dc22e1dead58db19ec7c058cd505fcc1683835d4fd999d2feabdcc1adb5e3fee2ea6e88a76118fc128404ce9ae799eb17ac69935e8f8c6e5bb01eb3660d44c0e5207edb4e65fa9dbc0310a88b70177da2b56aec129526e1f72ff18301f6a1b467bf8f82cc3a0125c01277e571299c6365af5622a636848b681524a70cd3de0db025e0f20b25876f898225481325da13266f378f9e5be9a813309393272a402706a4fef6ad882b22ef785fea586fa8cc1ae969eafd70095d30d1ebeef4459561ed5c13f0b40f987a298201f479857a58ce7e8f893d78167ae1efda09b9df09922db881b598d15dd4f06925739a7bb4cf9c54c86b54a135939a1bb95594a7ded336e2880649f6aa34fe29824ba7617689d0295185a8a8f139498d18206898067bc4e9da774930c08568da4dffafee93e6f7bdae1afce7ad08a75647a6a4d6233840b3c8dfa5fd8775278f3452f9a42155b2ff6435f3f76490e6577affedc049c25aa8543931bcc5169c12ddc8a817bafcf3a00b35bd1f0673e187532eb5c54c96e8d746c7b1473ecdee8c1afeea12e40908092d8ad42f4a49d672a38695d3beb664e4e1230c71897d8d453906e149dc9871f0b0b251ff8c91a96b36787a7d6561c2bb21af848e38c478ad9c680e02688d034d2c6705aa374cdd9f8b28df9dc1ee182d8cbe2bd13ca31439d2ac991660840b3e1973928e52be8511f2fc6a799f87aa0ddb6b5f0a9d59ae9b0d3c1d00ee7d6f8b4a5ee64fbd03db6fb85b34666bd5d99a4ee1c12a0e46d8af4792e4718c47bd2b10ab2600035946b5580859a5fc0ebe64af51318c3f090097e15693cddc2b8baf63f2a20be4d81ef7b11aade8458f27e10d5f1b81a90358a6a038403d8c6045ddf59402cb9fc3c268d47b8e8c169de76238b2a6d61b18f7e645ee164fa06443526aa5474da59a7dfd4f810c3ed3c93976e47be0cebd064cf71b3ef6ad51617bdfd0f3b8336380ad7ec84afd82fe345801838cec53155cb42140b79206e0db0128edd7d61919a0d9ad44a93bdc1018b2e44f279c9d19c0cef2d7ae5ea9a0f84d4fbd1b0a05894fe3b7dd09c6e93d6728fa24c70bcdb13226e50c5b5c1345ba6103e8c8db5867de2b8a8a0181a262cbd9837c0e6e7ec9e695dd6421d0aecf2a5469238c59d7a4e026b2a90161ee03ba003ed0a98c83d4f3b26c38f2740e75985386c00402671fd924c9ed860e72a1030e13b5bde95c40d2f1a143587c146225a87966b5f80cbaf28060d718d056a9515a20454ed4d350f8ae0068746a22630e5b858d259a43deb26f4f8ceac44987e1181c221092dec2dd29b25039352d9496c89dbce863555f935dc7e708ff407fac09c00902b08d49ffa37b477052b88ff1e4633730abf2c6f6d40750067ceeadc9a257f0af1f14d7082cf4ac3ecc1fe51821d07f1346d6d6f03362896d855c7fba9d3e62c99c937306952ccece53a381bf67e9bc76b6885f6a9d6d5d76c8b175187582b37d57141ce07bc7e29803ea2f6618f5fa81b8a5cb9776210633bfa28cd757d1174f6d868ac92a095f3217c2621ee819b27337df325a15b558a37c13861fa63ee21f0eafc0ce7432060a86fcf0108e58729c0da6501c32ba0c77cee7fa4bbff76b37e006439391c803bb8a6cae667c6acb6b4ed82c97be0608b22a662121630ae6beb1d94cdf5a50a620a8906513908c0ec42c87b6d1d4daccfe117abcbc87d5ecc86a1c58b83a0df027368ba0c57a0f641bde40410c6877f6c5fc695667642d25de16b70bceed19f566562d42e11c1cfd37fcc4bf54f57c75a86dafd91e9f065c6fe1f3ed23e75ea1701ad37eebe5be221afcf02410755d67cc5141e7d9b0eb76a8c9dbe5138bee14ff8db99c8641636a898670b4f68db0612e7423f2e25a581d872ec2668a9a5dcf54dd509ada1714fc1144e6d66e710713262b55399b190cd0be30e911593f1200b4b6c1cdf7239f07cd77767dfc48fe3387ace9c8c9940a56d11ac79cf5f9a6dbdd269e124ea4e383b51f94f67a464ad965a99e16aea54d1447ef13dbdef3f6f88cb0900e84b8230ef925d1a261a947d6a4a359a373274639f8106d6ab8831833491283906535ee8be4d5250ed9290116d08defdd0ae5cf4e38ef2f38ef1cc0fc50e86f77b1fce142b011e5797b0e7a04b9afee1e6b0d3e3d9016bf91d90745a5aad5f236a1bc5beecfc541873aebde5790c08a8f88abfec0e29846ffc78bcccdba74d143cc4ce82c129b90d2b91adbf491ee2b833ede320279ae5d78e1eb29ef3d3e593c14c2c97b546df5b2a9fd13bb51624d66880889de98b4c7fd6b8b4fc566c9ad049184d58397469043beb69c98d9663bda3389d70c5ed19466e9b43b963771dc5fd1bf9e9c0f86d66f13170fda8b8fb3656a1fcc22e14b9a5e1083a58cf1281bacfeb857b04c17217de1845c9a649046bfa4b3aa421da8e69016a3af425da1936a31cb99e2379e7089ad628f9002210cdf506c91267bfb28b890a12ccca13d2c464975a13a8d010bb6f6f5157316c71980eabce39004996ec4c3cba49abd5a04f1bef70c025a17dd9176b3d443c72582bebe77a91458dc1df9c148ec058e2c71400988101a9f22d953684f8292ca23db48b7e962c632c9975fbfd300325abf311c9f5bdb6a0f4e5da27e5e60d25cdd1777db2b1f395d585b2999f89e93d624e1295c363a94db98d8d862c8f30c16a8b186b58cfb7e5d632ba3dfaccb8c1682f2c21b96e45082df868ae4aa256a0a6b74ceaa39dd25cad1ed60f960e654b7ec2a8d8c8f1bed77d82208df1796dba84661b6c60b9905f135387abd03850151365e3dd333bb67b98416d2e914d736ff476a5d0e4c227b0d0f2b7683444e6cc690334b7443e0563600e1a30edb7a82763f43caeb9689f929a0eceabaeded9233b6c5ae491dbbdcb5d63bd06e1b92594e06fd78290520f422c77296249ee72d565ac5f7e4acf38df97deaf722d25fbc836df97c35c8c648f9be6bc860394bd37b29ab8d35993c22e81833126e29d7c9e238dd9c19dd896b80ced026b9c4040ba84f13b9242719defeaedf960578403f6450b469d54b271d3d1288a0643f96bd70f7fc7dc3ada91e09ee45d4ceab916d7a421631904da96dfee05878761e9952985397998163a52193c084975e1d2c37c6f542a286065da4923fc59d841eecfda5454b033b9b9f204c8178e721599c6e779d0091c7aa401a494deb008724ab1ea8cb973c1c9ce821f1e36e3e9d831ec9ec79f5ad6b4076c191c05ef226a4686bba81ec42833356c6104b2ede6f078852327a667a51e35fc975ac6652740d5dfffad1612f43c2e76892a3511ff8a42ee94e532a165485d36f7922268ba84f9ef0e9afb442e1e703535a057552bd85ac52aa94ba863a193940bc46dd06de12c48513f72a8c9325efd3835e5056da8e07cb313afdc220cd4b62bb1ca8a0dee17dde5bd5a0bdf1e55596401675f0efe6c260d14c30a4673663dbd7a14df5b7ceedec2cab5ea58d7bb7a8ac5c92c6c6d6f0f63fbfcb72b4a0ad0289eeea2e8ffca0f26cb82e9ee8c0ab393d6b183856771af3a656cc00803709ec9378355883fce5b2f17a5f2c38ac0ad2e9cfd8dfbabc8ea57a1d8a3165e9c2a2f3ef4467af73e7c6a606f7822c772deea9c3c92e19cd7000b22c38a25e1c4947fb48b5ebd1f418d98890b849ae1d4b095d9c7f5f775b345d37553e6f6b663df477ce29d4544700e589819eae6a34dc09606ac5256712d215302d7aafd97bd02cf436e02030ab27e0196032f393e5f5ff16f8273b22706c028c016f4381c42a02aaf5e474e5c1ab6e25f732e27f245b34d09603cb732e9df14c5551d686c83e5f54abeed62a2bca4d9a8cd9764da3695bf41ab3ac2f8f88d014fa47788306d738678c734c8acae2a9454378ef99ce8f9ba16974ef96d03c1553112203e9efdde85bc60b8c67fd248bfba2c49fbe294513dad94cf3f4255a5ff507bbff69d21a09b332384efe541f270911a71ba51b1b56638886a274cbbbbecbf8a98d988a2bb02e6f515d3cf6cb15460d2f744dfd4c95d9742fd7357e52906699227fe3fe27845738ad06741269dd18de914b0c43983fd7d5fcb7677300fd5f8f3f09eed1067dd9cf5cfbd9cf8e9c971c7ffdd32031e06823055f37b90d5a6a8fda84d6e3af7b9b8d4a9b48806066e3fd30b316792cccb5fc15ed2904baf9c1401d87684293d4570711ac1b122f77a1009843bd8a1b8864d9feac5bc68e64d24503039f76e42592d12191bef414acc74f86daae62ea5a96c7d35dda929613e43315a9bce5313aa84a0a43c104be87eaf3df13e94f862dfec1b6fb733a6e05d82c473bd612051cc528def4c2e20176fb53bd396b218ab65646090f25ef4a4ed6d4846bbc421d95354da7069f25be2866fa97824e33c3692b4697b7d447fa616c120dafab47d9d00e0eccb3d41b21540ab5b55b2beec11154201857b2f2c7d3faa3100724cef68c2f1c3d9c3b4f49b6f457016b710cbfa031a2ed76c959c040b8dfcede0a2c783d292e0ee743509285eb22c988a221fcfd080adcb1e67cdda7cc126cac19446da48adfd07a2439fa348b5ffe77cc345c043f2c3c78cefd275fa51ba071bf9da71fcf450a3f4773b697d5154896f985660b1dba1c44022b06a0be3693189ed87595508b4cb91f7600bc1b172584ce081a11c0ac157d726f060aed4cda55dc27aeeac9dd97d1174d77f882a1a294df3f7df93788c4fe844bb2266142dc30404269f242c98293ca0b3b014988fe71722c2c1f3f36c30fa508d3e61430a1cbc8e06bb4b95b02c0d92e7b265bb6a52f2d35f874539c7f16abc219d0f591beb51230255a14a5cea267e6fe05afadd499e5acccee1f83001a7d847f164dd8540ccb56b241a159053455a5e0f92f0da2ad86c9b65435a51140d45059e6865d6d68ffa184357a878737ed352759b3ba69dd48c2a225c39c1816385d89ce7c251983a1e17e1f32d4a441e854de1117bfaa2f8a98f10188685554c47281ea9deee9a985cb953b91767875cdca7fc20c289e8dd751dc7118e258209fa1d6b70b758097dff7b003b4c879f3a7a5a25a3d95b5320bc35500ca691a83f298f87975f81d7aa33aad00ba26175d26502c6cc297f971036b668608f90dfe42a5531605189ce7c0f84a1ad0f622463a130ebc125b7c77edde0d20dd885fc5a2ea95667a18f01040b7fc4eca5c9b94f5e610e0a57a0d7b073fc55a97bbbc5dd8161f54f0473012dda915e824b73ad46277f5eb285b87ff54a536c0507e0cd95f8709fbbed468ce9c47db1a845dfcc443ac34449996648237e63da351b813c28726ec2bb0c515eaea0872d3d8a102d160089e42ae3af313a01a2ea74d31bbf7927aeab933e1484c518796090c652a4bc1921a4e0cfa8b02fdff60100b61e0acafc7fefb21faa05ac223561b9d556b172dc6f18bc2abe7302587077f58bef7c1776e3d876f862caec771ce62cad6ad2caef939a6a01900bc4328cffd8c06ef26d3371c4783e82cb7792d8d37221e76705d58a03052df6e790f6fd303f868d74983b20b915db4f05bb75bd744b9a286d411651106a946494052baaa4f085ce065ad8e75933069a837a6d4eeb414c4f99329032758edfeb8b23ef9c0600ee7b6efdd365e0a2bda1750efb059e01b533ee5f7cabd65a26403960484cc2eb6f374a8965d7d29e6484b86c25d304259106a8bb9753c9bd9856f0b87a6e68266d8cb8065ef1eec2af237be7a626bcff0427611ad837409c6d69ecf0607dbdbae2db60eac2b88a0ab6a637ab48224ea979299ddd1c721b2b58bd7e92d645929a7b56b9374a7857da0dc2f9921a3a63a53fcf0d016457f553709a5b747b87356db203b719f30e3d78599c28277d8546174047cbcf152f918601275f41955ae96198a4f0612340fabb5e3774e60bf6397cc726c8eef360c492712f6fc1f0c5c91adc426897d09de86fec6c0fc7affbb64652fba16c5d9fb383b29eaaba31d5af7bd12c34c488c292c618ad689aa7914994b313df0f2ebe270659851f52efce137786b28e1c09d21277ea284544e00d3868b42887a9ea74e22a3e3b342b687b7d80e057e3291c8da3cd309a83cb4ad8f0b3991ad2df85bca3737a2f18c53a122bc3e0d1bc5a8a77f32ee2fa53b06e1225039aae1f9aad06012371ffcab50e23586a2bb552104cdf2d277db66b1f1904821caba96dbac02fa23a8a3ffdfa3404ae37c1fe4935b010eb3468f45f74eedc18fbbf57bfd03b97ee0d2109cb071e7f86fc354a12c74e04e1b13107d38277f714bfb74a16cdd13cfd257ad139cd5783ecc46b433e3ed2cbd6bcf53b1be7ddd7f27785af0d572b6a08ea00f7304254afd376b44568d4dd2117f2057e163d920448d16238320a4e8cc8c0bdff3d5e98d8d0d00127ab1a30e7d403555e40940f6319aea0f4f3a46d1a3da7db7e2d70ee84febe36bb835f9044a8e9c4c2b6a27a54bccad07a8a745c911b82b9bbbd7367cf29df2f0818a545655f6115ef3d14cbd914e1f7ce31380560d21a6e1b5a9cfd31fd953ae438857280a566a8296bf0891348ea70d370e963169cc57d6e6fe58d822aefa863afcbabaef1525e0627a320f104b25e2219216df0ad589d54e4c0f2ac96fad71f418289c5a2a5b459b4142a6d280026d2282e3a6930396eb099aac709918f157181614529170be773645307bb282b947945a395c71f465650af976e1244a57b3cc8006668e36186281faec79ac614be7f147e036fa8191965c0ab977c66e175539a564b494726f732e64955d15597f6e9159e7af4794532c520315ad97ef6f1088bc342568a2a13eb45dd6ba4cb51b9d827e0ff43c75b876e7ce77829cf8ef6043e1236ef58342f21566505b163ddf20e1746646c6cb8e634422ce2df519a9385eb3b0b18d7bc42b35f3ba93699b2bec18d23f954aae4a2dd55d46c0694284254fd8d7706e3cd5f013ab9bd7e35c30a7b4235884f226c8177cb61b64cb5e4841b7da398611e9053f00553d217af30a9f7baef888be813a57e0fc33783d753b678e3750e6791aef0dacfb3ae49263c39832c4191e864a14be46d9858b6f2e92adeaff5b381fc873bb6c59e73870e04fc3b0d03985576046b52303d2d4e96fc5ed0476383e521d921ece737a2ab3b1e2b8c206c93486ec1f831ff3ecc4196c1db3427e76a51b06f814dacfd094d5103a5fe60b62d4b418a21442d9a8d3f1b7f9622ac05011735ccd99dab0eecc1fb31c7290f8d9ffeaf16336d80ee3ed68185049e29472e386fc11727c95190fc8df18e862a585549bfb33a70234ebfa7f4cf6d41211e67a13d6ea6597fd02829d164a2ccc8591f93899c891d75a188e75e65cc2220879be7b0375cbf8c973aca2eacb3b65382046a7b8dabae8d0284d0adea15e27c2c6f2ef2913d106f98d77f6d47262762468baa2d0e1c5fbf5d35d839cfa0e94fd7f0833ac2a772888e8a5c68510c43ff1ce661d999dc1f76b74a0a81e5233ebd97c93afa2a5d1f665baa554fbdcf87ff81cdb31f9089bb96ae41343a5190acee6596aa5456345c8507f9f56d2b3a21d7bdaf899807c030e51a104df2cc406dfec61f10adc7b341f2f5345453daffaba0b074a9314f329a49438a53a27185627f5ad6e624a7481ab6d6c0936d776e1a3ca43ca87da1863758242b0ef27ffa1a4a6dafe073d39f804e8ef38bf8aea7942221612ffcc5dd2340f8faf8b7c769e1dffe4977c7b8bedf837a52ecc45173e36885f407a0976b9eec6e778b65c1329ef15f9adc27be400be936381d826baca30575811912946e93e5db9f6ba7af9c24b4d94d6e778d1056187ddc6b9c434ae21ed72712efbc3a73d43edb3f40ed6d89e7987e05f12d8ae17348cff93a2bdcde2d4622b24e9fa96de39dde82a90635b2fc0de95e610f6a586f45f8677174d4bcee804efa4ca03aa2f5ddbdecdf9809ea178b3eac11d3bd85ce58a21e52ef074e71961b95151819e37f2044cb50b2aa460e23959582533b19d1eceec672cefda5cf12a245a71dd947588318565449ac9602a6f5ec17feef323561717c12977d5bd178b8f06a9517cc1adbce0e0a8fd05499233897fcd66289312db9f52a7ef0786e7efdf98dfb263fcec150d471c9ef9d2b96bd63c9b8be35f07c6b057df4485df747a95a90612e645aa9de2dedefadcdc16d17bf88b9edee630e0470cf4a7c647dd36dd60b00ab85f8a1643ad068656b6ab9bfd7494c7bc60b0f0809ecf3a3c10ceb03fa929cdb17e3f7197ce4500d590a9d7414438bb01805ba1c4cc9d02d97f887b7176d7e6e29b6a41d3236115d2393df0389bdf412c3317f39253eebdb0807fdec1845edf3343c19622304762dc5e53bd116c073387f3f297693891f3aaac8dcd7b4250c0ed2c713202917027aec0b65bdf79bdc795e4e527986818f6a8454b2308df4d72fd44d45af644952057c21f08866b81dd70ac24f3021e90a3a71040ecd6ae62e70abccbc815c66afe070d2446522a0d516dc168e55be4ce0e32c41673e3b054ff017591c8b5d84780e93caa6271d2d2fe17cf34d34d7db9584cfee239d148466dc2ee65d06bb38382b5b63c74b348fcadf2f004b8e298c444ccef05ec15f6fb5eb6735839b6ecb1e929520a7c72ab8d3a8c44e1c149be790f313ce8cb687a9b21f96f4a526c4fc66f4e27146f62fa47dd487a79210ba7580f37cfbbbf1f345f868e7010cbe7a13ab75c3a18502dd45d0ce667d0b139d4fe1545a0b07ed1fb66ae01c1d1eac1f99bed236b8b23b39c390657d17c07a919decbe696d5a5f0997d67f6e3b0b3f581e8a798110925e4261b25cfe2def63015351a077133d869e7ed101562b061a80d4945149959aa450bd22474298ba82f32a6455af83748a0d3f791d6e602ee5aa08f877e5d33754563af5822578cb989df501d3df0b839792b245fcfb58c15c3f66abe91ef327ba99eae7ef0e5ca052313a29b199da60c0d92fb509aef1511ffff27be17865adc28a182debdbe4a0881862147c89dcca02588be737026e2c49028b955db581e64b3f4097a082a4f916f50e78ca72b5de1d022f5003cc290ccce023dbec5e36bb933b3fc1be74f60a16ab6eb66c82afa47f947a21e8b25d9687f7ee5d3a5ff77f1c31ab6783e6d6396a76f0c756cbbe70c9a8b732b91b2234f2b1a2fb10524870e31cfeaa99b0ee75317d44fa93807ffdaba32f54e698178f136778801685b2e4534611b7514180a19aa4a00e3e19266c4fca5dccf40f56b8e49af5a5506114406c25e9b8d76bc1d9b46739737dcb9703c5492d69c9d06b282fe2effb7ef5d094e94faf8950be4a88e34549a11dee2dc191a1c75b93bccaddfdb8e11b9983de3f8260af4692203d46106be0d6a723e0a3e9c8da084444f86ffe0c9070a7463004e72f876d642a50a303249710644cd81efad0a51dc587dfabb54e2e39d42d390113adcc0f7f0318b735582570a9dcbdf71a02f12a29f4f79178e1c9004b8d2a77cf376723e536ce72316f87e17109ebae06c5e3cafd778bfcfe6601e4a9c811b59f6e268bb961ad32ef683296770c0d3a63281566919abdacef4429babd340681dbf174feba63a42b2d6349ccdb218d9f9158df2b7c2e2717c134627345f6cc61a6135ac24a0bd0d14a8187b40ebdbb744a03fb692713770032d3f1b3f58d5ef64526fb8a68f7bfce2982339072913257326821b1e07bc46509b7d99aebb289d2114ec30f9e2b774dd0281c36ca1df8684cc1daccb5f34e22f0186457bc7b5a35fa23bd00", 0x2000, &(0x7f0000002c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(r1)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
socket(0x1d, 0x2, 0x6)
executing program 1:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept(r1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x4094}, 0x20040090)
executing program 0:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
r1 = dup(r0)
sendmsg$NFT_MSG_GETOBJ(r1, 0x0, 0x24000081)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4000040}, 0x40000)
timer_create(0x7, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendto$l2tp6(r1, 0x0, 0x0, 0x20000000, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x20)
openat$vcs(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
shutdown(r1, 0x0)
executing program 0:
syz_open_procfs(0x0, &(0x7f0000000580)='cgroup\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
signalfd4(0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10842, 0x0)
r0 = inotify_init1(0x0)
dup(r0)
pselect6(0x40, &(0x7f0000000080)={0x3ff}, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x0})
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program did not crash
replaying the whole log did not cause a kernel crash
single: executing 2 programs separately with timeout 5m0s
testing program (duration=5m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$unix-socket$unix-bind$unix-listen-connect$unix-accept4-ioctl$TIOCMGET
detailed listing:
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program did not crash
testing program (duration=5m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_procfs$userns-socket$inet6_tcp-ioctl$F2FS_IOC_MOVE_RANGE-dup2-socket$inet6_tcp-recvmmsg-ioctl$BTRFS_IOC_GET_SUBVOL_INFO
detailed listing:
executing program 0:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))

program did not crash
single: failed to extract reproducer
bisect: bisecting 12 programs with base timeout 5m0s
testing program (duration=5m3s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7]
detailed listing:
executing program 1:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='}.\'\x00', 0x0)
r3 = dup3(r2, r0, 0x0)
r4 = fcntl$dupfd(r1, 0x0, r0)
recvmmsg$unix(r4, &(0x7f0000002140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}}], 0x1, 0x0, 0x0)
dup2(r3, r5)
fsetxattr$trusted_overlay_origin(r5, &(0x7f0000000300), 0x0, 0x0, 0x0)
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup3(r0, r1, 0x0)
recvmmsg(r2, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r1)
connect$unix(r3, &(0x7f0000000280)=@abs, 0x6e)
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept$unix(r1, 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r2, 0x5451, 0x0)
executing program 0:
r0 = gettid()
timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8)
syz_fuse_handle_req(r1, &(0x7f00000007c0)="ccd3e8e0b6b96943623dbdcfb7d3691960e79653256ff9b6db0644abaed0732bf272349a8f263b9b1b05a3c730a62605eb61b2e647df19558c1f4be58ebdeb65d93a8b93e4ba4bc91e7967beb461c2f18569753fe040aecdd9771bd77596d06d054510bc58b6305c2a3dd3ff61bf1aa4c48632ab45218d71c6989b69d61b89034f09c38069f6e269ffbb6590a264dabb94f3b7d951a50c37aefc423cf2920ee5d73986bfc8844e7f2ef55d93c5abae0d394951235bc8dd44d14b3c93806f9cf62c202df4953b6b55a195295913e737861d25a7ffbeff56d37f5960f72d4a0aa0d75fdc50535f21a749e8e86da4b006446b8ca3fb0f17ba2e900a598eeb6602879a6b41824dc145064eb8b33bdd6e702e58036f60329f1901ffc0b021e96f4434c4eae508a791391b26d0c8a5c0ea4c92b8f992fc24d7667963daf8ea5df6b9bbe80476487392502db81ce1b97170d368f5e2ee85285450171868e4d944ffbb75d2ce5e038311f240fcc348d23e470f1020da258def10ae4bec78a61d0e7e9fafbdfed88a6cde0ff47455e329652429ddf04273575dabae10febc5b5281996559b5201cac40c40f7ad92e461819265cce7fb94b5569111fe26f1b1020c33174e5864abd0f8d3b88c0acbb95a5fd952400d87537f6b9689ed52d486735c53004ce0e3646902de3a877074e14d74f56e38590da678c7566d0719b931a62019dbb574280c9b211b50299bc902cb7899ef0bcef2d0bb48399fd2259afefed38becc1afcb4887db6d3d34efd6e9c18d8360a1a203b952cfc2727800e29ca1f542fe0516be31c15252adbcd2136d82485be981b77ab5d06d396f33a48b5a00e3e6a729f3bdec2a53f9197b255d5379bacad191c5c692284727dc7ce47406ef7a2b17201835475b5b42aabca518f3fd7c434848a106fe5206986349b13bf3a71e7508902177cd55711a874cd8a657a10b4438beac22a60fdecef91e8f2f405bcaeea9461149075a30c9a6e4a1f431b71dfddd5386bb9f602311aad4e5847256cc08798740a9cf6a1ec9cd19d9192d90a9aa0ec99c1c5109835391b5673498b066a5d3cbabf179a3010c4e6fe66f826df0eafaaf5a094a4257beff9d3e4f923ad2626951cdd1d21a0f0efee9fb7820802d47044e940a4b4467c0da752a75e65c963e2d7e17afc8be98b1ecf7169f7976ed05a744bdd0edf2c2ddf596cd87ac5c48a88463286b82eabc8199d41f3fcf17d7daf98caa3ab3ff5445893977305f6210bf1e2dd064271ca15ac98ee9f0fe62fe1ef442bfb1650998d1ba40fa4497a9dcd7ef06d8f87b858b2bab3ecb8f579abe2bab97ee40601fdab61c08d356f3fbf0f6fb85eb9212ee30edf2f8dac3ac64303befbb43b391d64b3bae55ac2c6612af07e8c9237444463e1400f21a43b718a90ea6489b67df3534d9badcf59ece45aa3fffaa1badd71505c45b4f485ba62a42dc62cbb730a6c044230a7561a7618e910839531405da3316103afa58f7a9e21424b276e921514db098ec51be81eb8ce33d93e52208634e12a2584afa1bc35b420476867bce18801505b8f6a04835a990b8cb1b6cca7c1f1e12f7916fc05314f627b45365f916db144c63bf6f0e2e92a3c49c9957e2c28f5c917a790050f1ecf57150b02199c6e6ef23c2da718692f3b5ec141af0f182c76c469e9c5457c6eff5c65996719ec8e8cefa5f5fca25915626c0aeb6d288b15c7dca5a061d6ad76ce1b3169f576c07f08b1efd28f5f8436ea029d255f74099d021d64aee916dc22e1dead58db19ec7c058cd505fcc1683835d4fd999d2feabdcc1adb5e3fee2ea6e88a76118fc128404ce9ae799eb17ac69935e8f8c6e5bb01eb3660d44c0e5207edb4e65fa9dbc0310a88b70177da2b56aec129526e1f72ff18301f6a1b467bf8f82cc3a0125c01277e571299c6365af5622a636848b681524a70cd3de0db025e0f20b25876f898225481325da13266f378f9e5be9a813309393272a402706a4fef6ad882b22ef785fea586fa8cc1ae969eafd70095d30d1ebeef4459561ed5c13f0b40f987a298201f479857a58ce7e8f893d78167ae1efda09b9df09922db881b598d15dd4f06925739a7bb4cf9c54c86b54a135939a1bb95594a7ded336e2880649f6aa34fe29824ba7617689d0295185a8a8f139498d18206898067bc4e9da774930c08568da4dffafee93e6f7bdae1afce7ad08a75647a6a4d6233840b3c8dfa5fd8775278f3452f9a42155b2ff6435f3f76490e6577affedc049c25aa8543931bcc5169c12ddc8a817bafcf3a00b35bd1f0673e187532eb5c54c96e8d746c7b1473ecdee8c1afeea12e40908092d8ad42f4a49d672a38695d3beb664e4e1230c71897d8d453906e149dc9871f0b0b251ff8c91a96b36787a7d6561c2bb21af848e38c478ad9c680e02688d034d2c6705aa374cdd9f8b28df9dc1ee182d8cbe2bd13ca31439d2ac991660840b3e1973928e52be8511f2fc6a799f87aa0ddb6b5f0a9d59ae9b0d3c1d00ee7d6f8b4a5ee64fbd03db6fb85b34666bd5d99a4ee1c12a0e46d8af4792e4718c47bd2b10ab2600035946b5580859a5fc0ebe64af51318c3f090097e15693cddc2b8baf63f2a20be4d81ef7b11aade8458f27e10d5f1b81a90358a6a038403d8c6045ddf59402cb9fc3c268d47b8e8c169de76238b2a6d61b18f7e645ee164fa06443526aa5474da59a7dfd4f810c3ed3c93976e47be0cebd064cf71b3ef6ad51617bdfd0f3b8336380ad7ec84afd82fe345801838cec53155cb42140b79206e0db0128edd7d61919a0d9ad44a93bdc1018b2e44f279c9d19c0cef2d7ae5ea9a0f84d4fbd1b0a05894fe3b7dd09c6e93d6728fa24c70bcdb13226e50c5b5c1345ba6103e8c8db5867de2b8a8a0181a262cbd9837c0e6e7ec9e695dd6421d0aecf2a5469238c59d7a4e026b2a90161ee03ba003ed0a98c83d4f3b26c38f2740e75985386c00402671fd924c9ed860e72a1030e13b5bde95c40d2f1a143587c146225a87966b5f80cbaf28060d718d056a9515a20454ed4d350f8ae0068746a22630e5b858d259a43deb26f4f8ceac44987e1181c221092dec2dd29b25039352d9496c89dbce863555f935dc7e708ff407fac09c00902b08d49ffa37b477052b88ff1e4633730abf2c6f6d40750067ceeadc9a257f0af1f14d7082cf4ac3ecc1fe51821d07f1346d6d6f03362896d855c7fba9d3e62c99c937306952ccece53a381bf67e9bc76b6885f6a9d6d5d76c8b175187582b37d57141ce07bc7e29803ea2f6618f5fa81b8a5cb9776210633bfa28cd757d1174f6d868ac92a095f3217c2621ee819b27337df325a15b558a37c13861fa63ee21f0eafc0ce7432060a86fcf0108e58729c0da6501c32ba0c77cee7fa4bbff76b37e006439391c803bb8a6cae667c6acb6b4ed82c97be0608b22a662121630ae6beb1d94cdf5a50a620a8906513908c0ec42c87b6d1d4daccfe117abcbc87d5ecc86a1c58b83a0df027368ba0c57a0f641bde40410c6877f6c5fc695667642d25de16b70bceed19f566562d42e11c1cfd37fcc4bf54f57c75a86dafd91e9f065c6fe1f3ed23e75ea1701ad37eebe5be221afcf02410755d67cc5141e7d9b0eb76a8c9dbe5138bee14ff8db99c8641636a898670b4f68db0612e7423f2e25a581d872ec2668a9a5dcf54dd509ada1714fc1144e6d66e710713262b55399b190cd0be30e911593f1200b4b6c1cdf7239f07cd77767dfc48fe3387ace9c8c9940a56d11ac79cf5f9a6dbdd269e124ea4e383b51f94f67a464ad965a99e16aea54d1447ef13dbdef3f6f88cb0900e84b8230ef925d1a261a947d6a4a359a373274639f8106d6ab8831833491283906535ee8be4d5250ed9290116d08defdd0ae5cf4e38ef2f38ef1cc0fc50e86f77b1fce142b011e5797b0e7a04b9afee1e6b0d3e3d9016bf91d90745a5aad5f236a1bc5beecfc541873aebde5790c08a8f88abfec0e29846ffc78bcccdba74d143cc4ce82c129b90d2b91adbf491ee2b833ede320279ae5d78e1eb29ef3d3e593c14c2c97b546df5b2a9fd13bb51624d66880889de98b4c7fd6b8b4fc566c9ad049184d58397469043beb69c98d9663bda3389d70c5ed19466e9b43b963771dc5fd1bf9e9c0f86d66f13170fda8b8fb3656a1fcc22e14b9a5e1083a58cf1281bacfeb857b04c17217de1845c9a649046bfa4b3aa421da8e69016a3af425da1936a31cb99e2379e7089ad628f9002210cdf506c91267bfb28b890a12ccca13d2c464975a13a8d010bb6f6f5157316c71980eabce39004996ec4c3cba49abd5a04f1bef70c025a17dd9176b3d443c72582bebe77a91458dc1df9c148ec058e2c71400988101a9f22d953684f8292ca23db48b7e962c632c9975fbfd300325abf311c9f5bdb6a0f4e5da27e5e60d25cdd1777db2b1f395d585b2999f89e93d624e1295c363a94db98d8d862c8f30c16a8b186b58cfb7e5d632ba3dfaccb8c1682f2c21b96e45082df868ae4aa256a0a6b74ceaa39dd25cad1ed60f960e654b7ec2a8d8c8f1bed77d82208df1796dba84661b6c60b9905f135387abd03850151365e3dd333bb67b98416d2e914d736ff476a5d0e4c227b0d0f2b7683444e6cc690334b7443e0563600e1a30edb7a82763f43caeb9689f929a0eceabaeded9233b6c5ae491dbbdcb5d63bd06e1b92594e06fd78290520f422c77296249ee72d565ac5f7e4acf38df97deaf722d25fbc836df97c35c8c648f9be6bc860394bd37b29ab8d35993c22e81833126e29d7c9e238dd9c19dd896b80ced026b9c4040ba84f13b9242719defeaedf960578403f6450b469d54b271d3d1288a0643f96bd70f7fc7dc3ada91e09ee45d4ceab916d7a421631904da96dfee05878761e9952985397998163a52193c084975e1d2c37c6f542a286065da4923fc59d841eecfda5454b033b9b9f204c8178e721599c6e779d0091c7aa401a494deb008724ab1ea8cb973c1c9ce821f1e36e3e9d831ec9ec79f5ad6b4076c191c05ef226a4686bba81ec42833356c6104b2ede6f078852327a667a51e35fc975ac6652740d5dfffad1612f43c2e76892a3511ff8a42ee94e532a165485d36f7922268ba84f9ef0e9afb442e1e703535a057552bd85ac52aa94ba863a193940bc46dd06de12c48513f72a8c9325efd3835e5056da8e07cb313afdc220cd4b62bb1ca8a0dee17dde5bd5a0bdf1e55596401675f0efe6c260d14c30a4673663dbd7a14df5b7ceedec2cab5ea58d7bb7a8ac5c92c6c6d6f0f63fbfcb72b4a0ad0289eeea2e8ffca0f26cb82e9ee8c0ab393d6b183856771af3a656cc00803709ec9378355883fce5b2f17a5f2c38ac0ad2e9cfd8dfbabc8ea57a1d8a3165e9c2a2f3ef4467af73e7c6a606f7822c772deea9c3c92e19cd7000b22c38a25e1c4947fb48b5ebd1f418d98890b849ae1d4b095d9c7f5f775b345d37553e6f6b663df477ce29d4544700e589819eae6a34dc09606ac5256712d215302d7aafd97bd02cf436e02030ab27e0196032f393e5f5ff16f8273b22706c028c016f4381c42a02aaf5e474e5c1ab6e25f732e27f245b34d09603cb732e9df14c5551d686c83e5f54abeed62a2bca4d9a8cd9764da3695bf41ab3ac2f8f88d014fa47788306d738678c734c8acae2a9454378ef99ce8f9ba16974ef96d03c1553112203e9efdde85bc60b8c67fd248bfba2c49fbe294513dad94cf3f4255a5ff507bbff69d21a09b332384efe541f270911a71ba51b1b56638886a274cbbbbecbf8a98d988a2bb02e6f515d3cf6cb15460d2f744dfd4c95d9742fd7357e52906699227fe3fe27845738ad06741269dd18de914b0c43983fd7d5fcb7677300fd5f8f3f09eed1067dd9cf5cfbd9cf8e9c971c7ffdd32031e06823055f37b90d5a6a8fda84d6e3af7b9b8d4a9b48806066e3fd30b316792cccb5fc15ed2904baf9c1401d87684293d4570711ac1b122f77a1009843bd8a1b8864d9feac5bc68e64d24503039f76e42592d12191bef414acc74f86daae62ea5a96c7d35dda929613e43315a9bce5313aa84a0a43c104be87eaf3df13e94f862dfec1b6fb733a6e05d82c473bd612051cc528def4c2e20176fb53bd396b218ab65646090f25ef4a4ed6d4846bbc421d95354da7069f25be2866fa97824e33c3692b4697b7d447fa616c120dafab47d9d00e0eccb3d41b21540ab5b55b2beec11154201857b2f2c7d3faa3100724cef68c2f1c3d9c3b4f49b6f457016b710cbfa031a2ed76c959c040b8dfcede0a2c783d292e0ee743509285eb22c988a221fcfd080adcb1e67cdda7cc126cac19446da48adfd07a2439fa348b5ffe77cc345c043f2c3c78cefd275fa51ba071bf9da71fcf450a3f4773b697d5154896f985660b1dba1c44022b06a0be3693189ed87595508b4cb91f7600bc1b172584ce081a11c0ac157d726f060aed4cda55dc27aeeac9dd97d1174d77f882a1a294df3f7df93788c4fe844bb2266142dc30404269f242c98293ca0b3b014988fe71722c2c1f3f36c30fa508d3e61430a1cbc8e06bb4b95b02c0d92e7b265bb6a52f2d35f874539c7f16abc219d0f591beb51230255a14a5cea267e6fe05afadd499e5acccee1f83001a7d847f164dd8540ccb56b241a159053455a5e0f92f0da2ad86c9b65435a51140d45059e6865d6d68ffa184357a878737ed352759b3ba69dd48c2a225c39c1816385d89ce7c251983a1e17e1f32d4a441e854de1117bfaa2f8a98f10188685554c47281ea9deee9a985cb953b91767875cdca7fc20c289e8dd751dc7118e258209fa1d6b70b758097dff7b003b4c879f3a7a5a25a3d95b5320bc35500ca691a83f298f87975f81d7aa33aad00ba26175d26502c6cc297f971036b668608f90dfe42a5531605189ce7c0f84a1ad0f622463a130ebc125b7c77edde0d20dd885fc5a2ea95667a18f01040b7fc4eca5c9b94f5e610e0a57a0d7b073fc55a97bbbc5dd8161f54f0473012dda915e824b73ad46277f5eb285b87ff54a536c0507e0cd95f8709fbbed468ce9c47db1a845dfcc443ac34449996648237e63da351b813c28726ec2bb0c515eaea0872d3d8a102d160089e42ae3af313a01a2ea74d31bbf7927aeab933e1484c518796090c652a4bc1921a4e0cfa8b02fdff60100b61e0acafc7fefb21faa05ac223561b9d556b172dc6f18bc2abe7302587077f58bef7c1776e3d876f862caec771ce62cad6ad2caef939a6a01900bc4328cffd8c06ef26d3371c4783e82cb7792d8d37221e76705d58a03052df6e790f6fd303f868d74983b20b915db4f05bb75bd744b9a286d411651106a946494052baaa4f085ce065ad8e75933069a837a6d4eeb414c4f99329032758edfeb8b23ef9c0600ee7b6efdd365e0a2bda1750efb059e01b533ee5f7cabd65a26403960484cc2eb6f374a8965d7d29e6484b86c25d304259106a8bb9753c9bd9856f0b87a6e68266d8cb8065ef1eec2af237be7a626bcff0427611ad837409c6d69ecf0607dbdbae2db60eac2b88a0ab6a637ab48224ea979299ddd1c721b2b58bd7e92d645929a7b56b9374a7857da0dc2f9921a3a63a53fcf0d016457f553709a5b747b87356db203b719f30e3d78599c28277d8546174047cbcf152f918601275f41955ae96198a4f0612340fabb5e3774e60bf6397cc726c8eef360c492712f6fc1f0c5c91adc426897d09de86fec6c0fc7affbb64652fba16c5d9fb383b29eaaba31d5af7bd12c34c488c292c618ad689aa7914994b313df0f2ebe270659851f52efce137786b28e1c09d21277ea284544e00d3868b42887a9ea74e22a3e3b342b687b7d80e057e3291c8da3cd309a83cb4ad8f0b3991ad2df85bca3737a2f18c53a122bc3e0d1bc5a8a77f32ee2fa53b06e1225039aae1f9aad06012371ffcab50e23586a2bb552104cdf2d277db66b1f1904821caba96dbac02fa23a8a3ffdfa3404ae37c1fe4935b010eb3468f45f74eedc18fbbf57bfd03b97ee0d2109cb071e7f86fc354a12c74e04e1b13107d38277f714bfb74a16cdd13cfd257ad139cd5783ecc46b433e3ed2cbd6bcf53b1be7ddd7f27785af0d572b6a08ea00f7304254afd376b44568d4dd2117f2057e163d920448d16238320a4e8cc8c0bdff3d5e98d8d0d00127ab1a30e7d403555e40940f6319aea0f4f3a46d1a3da7db7e2d70ee84febe36bb835f9044a8e9c4c2b6a27a54bccad07a8a745c911b82b9bbbd7367cf29df2f0818a545655f6115ef3d14cbd914e1f7ce31380560d21a6e1b5a9cfd31fd953ae438857280a566a8296bf0891348ea70d370e963169cc57d6e6fe58d822aefa863afcbabaef1525e0627a320f104b25e2219216df0ad589d54e4c0f2ac96fad71f418289c5a2a5b459b4142a6d280026d2282e3a6930396eb099aac709918f157181614529170be773645307bb282b947945a395c71f465650af976e1244a57b3cc8006668e36186281faec79ac614be7f147e036fa8191965c0ab977c66e175539a564b494726f732e64955d15597f6e9159e7af4794532c520315ad97ef6f1088bc342568a2a13eb45dd6ba4cb51b9d827e0ff43c75b876e7ce77829cf8ef6043e1236ef58342f21566505b163ddf20e1746646c6cb8e634422ce2df519a9385eb3b0b18d7bc42b35f3ba93699b2bec18d23f954aae4a2dd55d46c0694284254fd8d7706e3cd5f013ab9bd7e35c30a7b4235884f226c8177cb61b64cb5e4841b7da398611e9053f00553d217af30a9f7baef888be813a57e0fc33783d753b678e3750e6791aef0dacfb3ae49263c39832c4191e864a14be46d9858b6f2e92adeaff5b381fc873bb6c59e73870e04fc3b0d03985576046b52303d2d4e96fc5ed0476383e521d921ece737a2ab3b1e2b8c206c93486ec1f831ff3ecc4196c1db3427e76a51b06f814dacfd094d5103a5fe60b62d4b418a21442d9a8d3f1b7f9622ac05011735ccd99dab0eecc1fb31c7290f8d9ffeaf16336d80ee3ed68185049e29472e386fc11727c95190fc8df18e862a585549bfb33a70234ebfa7f4cf6d41211e67a13d6ea6597fd02829d164a2ccc8591f93899c891d75a188e75e65cc2220879be7b0375cbf8c973aca2eacb3b65382046a7b8dabae8d0284d0adea15e27c2c6f2ef2913d106f98d77f6d47262762468baa2d0e1c5fbf5d35d839cfa0e94fd7f0833ac2a772888e8a5c68510c43ff1ce661d999dc1f76b74a0a81e5233ebd97c93afa2a5d1f665baa554fbdcf87ff81cdb31f9089bb96ae41343a5190acee6596aa5456345c8507f9f56d2b3a21d7bdaf899807c030e51a104df2cc406dfec61f10adc7b341f2f5345453daffaba0b074a9314f329a49438a53a27185627f5ad6e624a7481ab6d6c0936d776e1a3ca43ca87da1863758242b0ef27ffa1a4a6dafe073d39f804e8ef38bf8aea7942221612ffcc5dd2340f8faf8b7c769e1dffe4977c7b8bedf837a52ecc45173e36885f407a0976b9eec6e778b65c1329ef15f9adc27be400be936381d826baca30575811912946e93e5db9f6ba7af9c24b4d94d6e778d1056187ddc6b9c434ae21ed72712efbc3a73d43edb3f40ed6d89e7987e05f12d8ae17348cff93a2bdcde2d4622b24e9fa96de39dde82a90635b2fc0de95e610f6a586f45f8677174d4bcee804efa4ca03aa2f5ddbdecdf9809ea178b3eac11d3bd85ce58a21e52ef074e71961b95151819e37f2044cb50b2aa460e23959582533b19d1eceec672cefda5cf12a245a71dd947588318565449ac9602a6f5ec17feef323561717c12977d5bd178b8f06a9517cc1adbce0e0a8fd05499233897fcd66289312db9f52a7ef0786e7efdf98dfb263fcec150d471c9ef9d2b96bd63c9b8be35f07c6b057df4485df747a95a90612e645aa9de2dedefadcdc16d17bf88b9edee630e0470cf4a7c647dd36dd60b00ab85f8a1643ad068656b6ab9bfd7494c7bc60b0f0809ecf3a3c10ceb03fa929cdb17e3f7197ce4500d590a9d7414438bb01805ba1c4cc9d02d97f887b7176d7e6e29b6a41d3236115d2393df0389bdf412c3317f39253eebdb0807fdec1845edf3343c19622304762dc5e53bd116c073387f3f297693891f3aaac8dcd7b4250c0ed2c713202917027aec0b65bdf79bdc795e4e527986818f6a8454b2308df4d72fd44d45af644952057c21f08866b81dd70ac24f3021e90a3a71040ecd6ae62e70abccbc815c66afe070d2446522a0d516dc168e55be4ce0e32c41673e3b054ff017591c8b5d84780e93caa6271d2d2fe17cf34d34d7db9584cfee239d148466dc2ee65d06bb38382b5b63c74b348fcadf2f004b8e298c444ccef05ec15f6fb5eb6735839b6ecb1e929520a7c72ab8d3a8c44e1c149be790f313ce8cb687a9b21f96f4a526c4fc66f4e27146f62fa47dd487a79210ba7580f37cfbbbf1f345f868e7010cbe7a13ab75c3a18502dd45d0ce667d0b139d4fe1545a0b07ed1fb66ae01c1d1eac1f99bed236b8b23b39c390657d17c07a919decbe696d5a5f0997d67f6e3b0b3f581e8a798110925e4261b25cfe2def63015351a077133d869e7ed101562b061a80d4945149959aa450bd22474298ba82f32a6455af83748a0d3f791d6e602ee5aa08f877e5d33754563af5822578cb989df501d3df0b839792b245fcfb58c15c3f66abe91ef327ba99eae7ef0e5ca052313a29b199da60c0d92fb509aef1511ffff27be17865adc28a182debdbe4a0881862147c89dcca02588be737026e2c49028b955db581e64b3f4097a082a4f916f50e78ca72b5de1d022f5003cc290ccce023dbec5e36bb933b3fc1be74f60a16ab6eb66c82afa47f947a21e8b25d9687f7ee5d3a5ff77f1c31ab6783e6d6396a76f0c756cbbe70c9a8b732b91b2234f2b1a2fb10524870e31cfeaa99b0ee75317d44fa93807ffdaba32f54e698178f136778801685b2e4534611b7514180a19aa4a00e3e19266c4fca5dccf40f56b8e49af5a5506114406c25e9b8d76bc1d9b46739737dcb9703c5492d69c9d06b282fe2effb7ef5d094e94faf8950be4a88e34549a11dee2dc191a1c75b93bccaddfdb8e11b9983de3f8260af4692203d46106be0d6a723e0a3e9c8da084444f86ffe0c9070a7463004e72f876d642a50a303249710644cd81efad0a51dc587dfabb54e2e39d42d390113adcc0f7f0318b735582570a9dcbdf71a02f12a29f4f79178e1c9004b8d2a77cf376723e536ce72316f87e17109ebae06c5e3cafd778bfcfe6601e4a9c811b59f6e268bb961ad32ef683296770c0d3a63281566919abdacef4429babd340681dbf174feba63a42b2d6349ccdb218d9f9158df2b7c2e2717c134627345f6cc61a6135ac24a0bd0d14a8187b40ebdbb744a03fb692713770032d3f1b3f58d5ef64526fb8a68f7bfce2982339072913257326821b1e07bc46509b7d99aebb289d2114ec30f9e2b774dd0281c36ca1df8684cc1daccb5f34e22f0186457bc7b5a35fa23bd00", 0x2000, &(0x7f0000002c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(r1)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
socket(0x1d, 0x2, 0x6)
executing program 1:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept(r1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x4094}, 0x20040090)
executing program 0:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
r1 = dup(r0)
sendmsg$NFT_MSG_GETOBJ(r1, 0x0, 0x24000081)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4000040}, 0x40000)
timer_create(0x7, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendto$l2tp6(r1, 0x0, 0x0, 0x20000000, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x20)
openat$vcs(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
shutdown(r1, 0x0)
executing program 0:
syz_open_procfs(0x0, &(0x7f0000000580)='cgroup\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
signalfd4(0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10842, 0x0)
r0 = inotify_init1(0x0)
dup(r0)
pselect6(0x40, &(0x7f0000000080)={0x3ff}, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x0})
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: bisecting 12 programs
bisect: split chunks (needed=false): <12>
bisect: split chunk #0 of len 12 into 3 parts
bisect: testing without sub-chunk 1/3
testing program (duration=5m2s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7, 7, 7, 7, 7, 7, 7]
detailed listing:
executing program 1:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept(r1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x4094}, 0x20040090)
executing program 0:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
r1 = dup(r0)
sendmsg$NFT_MSG_GETOBJ(r1, 0x0, 0x24000081)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4000040}, 0x40000)
timer_create(0x7, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendto$l2tp6(r1, 0x0, 0x0, 0x20000000, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x20)
openat$vcs(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
shutdown(r1, 0x0)
executing program 0:
syz_open_procfs(0x0, &(0x7f0000000580)='cgroup\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
signalfd4(0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10842, 0x0)
r0 = inotify_init1(0x0)
dup(r0)
pselect6(0x40, &(0x7f0000000080)={0x3ff}, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x0})
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: the chunk can be dropped
bisect: testing without sub-chunk 2/3
testing program (duration=5m1s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7, 7, 7]
detailed listing:
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: the chunk can be dropped
bisect: testing without sub-chunk 3/3
bisect: split chunks (needed=true): <4>
bisect: split chunk #0 of len 4 into 2 parts
bisect: testing without sub-chunk 1/2
testing program (duration=5m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7]
detailed listing:
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program did not crash
bisect: testing without sub-chunk 2/2
testing program (duration=5m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7]
detailed listing:
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: the chunk can be dropped
bisect: split chunks (needed=true): <2>
bisect: split chunk #0 of len 2 into 2 parts
bisect: testing without sub-chunk 1/2
testing program (duration=5m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-listen-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$MAP_CREATE-bpf$BPF_PROG_DETACH-bpf$MAP_UPDATE_ELEM-sendmsg
detailed listing:
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)

program did not crash
bisect: testing without sub-chunk 2/2
testing program (duration=5m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_ep_write
detailed listing:
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: the chunk can be dropped
bisect: split chunks (needed=true): <1>
bisect: split chunk #0 of len 1 into 2 parts
bisect: no way to further split the chunk
bisect: 1 programs left: 

executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')


bisect: trying to concatenate
bisect: concatenate 1 entries
testing program (duration=7m30s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_control_io$cdc_ncm-syz_usb_ep_write
detailed listing:
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')

program did not crash
bisect: concatenated prog does not crash
single: executing 2 programs separately with timeout 16m0s
testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$unix-socket$unix-bind$unix-listen-connect$unix-accept4-ioctl$TIOCMGET
detailed listing:
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program did not crash
testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_procfs$userns-socket$inet6_tcp-ioctl$F2FS_IOC_MOVE_RANGE-dup2-socket$inet6_tcp-recvmmsg-ioctl$BTRFS_IOC_GET_SUBVOL_INFO
detailed listing:
executing program 0:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))

program did not crash
single: failed to extract reproducer
bisect: bisecting 12 programs with base timeout 16m0s
testing program (duration=16m3s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7]
detailed listing:
executing program 1:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = memfd_create(&(0x7f0000000080)='}.\'\x00', 0x0)
r3 = dup3(r2, r0, 0x0)
r4 = fcntl$dupfd(r1, 0x0, r0)
recvmmsg$unix(r4, &(0x7f0000002140)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}}], 0x1, 0x0, 0x0)
dup2(r3, r5)
fsetxattr$trusted_overlay_origin(r5, &(0x7f0000000300), 0x0, 0x0, 0x0)
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup3(r0, r1, 0x0)
recvmmsg(r2, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r1)
connect$unix(r3, &(0x7f0000000280)=@abs, 0x6e)
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept$unix(r1, 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r2, 0x5451, 0x0)
executing program 0:
r0 = gettid()
timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8)
syz_fuse_handle_req(r1, &(0x7f00000007c0)="ccd3e8e0b6b96943623dbdcfb7d3691960e79653256ff9b6db0644abaed0732bf272349a8f263b9b1b05a3c730a62605eb61b2e647df19558c1f4be58ebdeb65d93a8b93e4ba4bc91e7967beb461c2f18569753fe040aecdd9771bd77596d06d054510bc58b6305c2a3dd3ff61bf1aa4c48632ab45218d71c6989b69d61b89034f09c38069f6e269ffbb6590a264dabb94f3b7d951a50c37aefc423cf2920ee5d73986bfc8844e7f2ef55d93c5abae0d394951235bc8dd44d14b3c93806f9cf62c202df4953b6b55a195295913e737861d25a7ffbeff56d37f5960f72d4a0aa0d75fdc50535f21a749e8e86da4b006446b8ca3fb0f17ba2e900a598eeb6602879a6b41824dc145064eb8b33bdd6e702e58036f60329f1901ffc0b021e96f4434c4eae508a791391b26d0c8a5c0ea4c92b8f992fc24d7667963daf8ea5df6b9bbe80476487392502db81ce1b97170d368f5e2ee85285450171868e4d944ffbb75d2ce5e038311f240fcc348d23e470f1020da258def10ae4bec78a61d0e7e9fafbdfed88a6cde0ff47455e329652429ddf04273575dabae10febc5b5281996559b5201cac40c40f7ad92e461819265cce7fb94b5569111fe26f1b1020c33174e5864abd0f8d3b88c0acbb95a5fd952400d87537f6b9689ed52d486735c53004ce0e3646902de3a877074e14d74f56e38590da678c7566d0719b931a62019dbb574280c9b211b50299bc902cb7899ef0bcef2d0bb48399fd2259afefed38becc1afcb4887db6d3d34efd6e9c18d8360a1a203b952cfc2727800e29ca1f542fe0516be31c15252adbcd2136d82485be981b77ab5d06d396f33a48b5a00e3e6a729f3bdec2a53f9197b255d5379bacad191c5c692284727dc7ce47406ef7a2b17201835475b5b42aabca518f3fd7c434848a106fe5206986349b13bf3a71e7508902177cd55711a874cd8a657a10b4438beac22a60fdecef91e8f2f405bcaeea9461149075a30c9a6e4a1f431b71dfddd5386bb9f602311aad4e5847256cc08798740a9cf6a1ec9cd19d9192d90a9aa0ec99c1c5109835391b5673498b066a5d3cbabf179a3010c4e6fe66f826df0eafaaf5a094a4257beff9d3e4f923ad2626951cdd1d21a0f0efee9fb7820802d47044e940a4b4467c0da752a75e65c963e2d7e17afc8be98b1ecf7169f7976ed05a744bdd0edf2c2ddf596cd87ac5c48a88463286b82eabc8199d41f3fcf17d7daf98caa3ab3ff5445893977305f6210bf1e2dd064271ca15ac98ee9f0fe62fe1ef442bfb1650998d1ba40fa4497a9dcd7ef06d8f87b858b2bab3ecb8f579abe2bab97ee40601fdab61c08d356f3fbf0f6fb85eb9212ee30edf2f8dac3ac64303befbb43b391d64b3bae55ac2c6612af07e8c9237444463e1400f21a43b718a90ea6489b67df3534d9badcf59ece45aa3fffaa1badd71505c45b4f485ba62a42dc62cbb730a6c044230a7561a7618e910839531405da3316103afa58f7a9e21424b276e921514db098ec51be81eb8ce33d93e52208634e12a2584afa1bc35b420476867bce18801505b8f6a04835a990b8cb1b6cca7c1f1e12f7916fc05314f627b45365f916db144c63bf6f0e2e92a3c49c9957e2c28f5c917a790050f1ecf57150b02199c6e6ef23c2da718692f3b5ec141af0f182c76c469e9c5457c6eff5c65996719ec8e8cefa5f5fca25915626c0aeb6d288b15c7dca5a061d6ad76ce1b3169f576c07f08b1efd28f5f8436ea029d255f74099d021d64aee916dc22e1dead58db19ec7c058cd505fcc1683835d4fd999d2feabdcc1adb5e3fee2ea6e88a76118fc128404ce9ae799eb17ac69935e8f8c6e5bb01eb3660d44c0e5207edb4e65fa9dbc0310a88b70177da2b56aec129526e1f72ff18301f6a1b467bf8f82cc3a0125c01277e571299c6365af5622a636848b681524a70cd3de0db025e0f20b25876f898225481325da13266f378f9e5be9a813309393272a402706a4fef6ad882b22ef785fea586fa8cc1ae969eafd70095d30d1ebeef4459561ed5c13f0b40f987a298201f479857a58ce7e8f893d78167ae1efda09b9df09922db881b598d15dd4f06925739a7bb4cf9c54c86b54a135939a1bb95594a7ded336e2880649f6aa34fe29824ba7617689d0295185a8a8f139498d18206898067bc4e9da774930c08568da4dffafee93e6f7bdae1afce7ad08a75647a6a4d6233840b3c8dfa5fd8775278f3452f9a42155b2ff6435f3f76490e6577affedc049c25aa8543931bcc5169c12ddc8a817bafcf3a00b35bd1f0673e187532eb5c54c96e8d746c7b1473ecdee8c1afeea12e40908092d8ad42f4a49d672a38695d3beb664e4e1230c71897d8d453906e149dc9871f0b0b251ff8c91a96b36787a7d6561c2bb21af848e38c478ad9c680e02688d034d2c6705aa374cdd9f8b28df9dc1ee182d8cbe2bd13ca31439d2ac991660840b3e1973928e52be8511f2fc6a799f87aa0ddb6b5f0a9d59ae9b0d3c1d00ee7d6f8b4a5ee64fbd03db6fb85b34666bd5d99a4ee1c12a0e46d8af4792e4718c47bd2b10ab2600035946b5580859a5fc0ebe64af51318c3f090097e15693cddc2b8baf63f2a20be4d81ef7b11aade8458f27e10d5f1b81a90358a6a038403d8c6045ddf59402cb9fc3c268d47b8e8c169de76238b2a6d61b18f7e645ee164fa06443526aa5474da59a7dfd4f810c3ed3c93976e47be0cebd064cf71b3ef6ad51617bdfd0f3b8336380ad7ec84afd82fe345801838cec53155cb42140b79206e0db0128edd7d61919a0d9ad44a93bdc1018b2e44f279c9d19c0cef2d7ae5ea9a0f84d4fbd1b0a05894fe3b7dd09c6e93d6728fa24c70bcdb13226e50c5b5c1345ba6103e8c8db5867de2b8a8a0181a262cbd9837c0e6e7ec9e695dd6421d0aecf2a5469238c59d7a4e026b2a90161ee03ba003ed0a98c83d4f3b26c38f2740e75985386c00402671fd924c9ed860e72a1030e13b5bde95c40d2f1a143587c146225a87966b5f80cbaf28060d718d056a9515a20454ed4d350f8ae0068746a22630e5b858d259a43deb26f4f8ceac44987e1181c221092dec2dd29b25039352d9496c89dbce863555f935dc7e708ff407fac09c00902b08d49ffa37b477052b88ff1e4633730abf2c6f6d40750067ceeadc9a257f0af1f14d7082cf4ac3ecc1fe51821d07f1346d6d6f03362896d855c7fba9d3e62c99c937306952ccece53a381bf67e9bc76b6885f6a9d6d5d76c8b175187582b37d57141ce07bc7e29803ea2f6618f5fa81b8a5cb9776210633bfa28cd757d1174f6d868ac92a095f3217c2621ee819b27337df325a15b558a37c13861fa63ee21f0eafc0ce7432060a86fcf0108e58729c0da6501c32ba0c77cee7fa4bbff76b37e006439391c803bb8a6cae667c6acb6b4ed82c97be0608b22a662121630ae6beb1d94cdf5a50a620a8906513908c0ec42c87b6d1d4daccfe117abcbc87d5ecc86a1c58b83a0df027368ba0c57a0f641bde40410c6877f6c5fc695667642d25de16b70bceed19f566562d42e11c1cfd37fcc4bf54f57c75a86dafd91e9f065c6fe1f3ed23e75ea1701ad37eebe5be221afcf02410755d67cc5141e7d9b0eb76a8c9dbe5138bee14ff8db99c8641636a898670b4f68db0612e7423f2e25a581d872ec2668a9a5dcf54dd509ada1714fc1144e6d66e710713262b55399b190cd0be30e911593f1200b4b6c1cdf7239f07cd77767dfc48fe3387ace9c8c9940a56d11ac79cf5f9a6dbdd269e124ea4e383b51f94f67a464ad965a99e16aea54d1447ef13dbdef3f6f88cb0900e84b8230ef925d1a261a947d6a4a359a373274639f8106d6ab8831833491283906535ee8be4d5250ed9290116d08defdd0ae5cf4e38ef2f38ef1cc0fc50e86f77b1fce142b011e5797b0e7a04b9afee1e6b0d3e3d9016bf91d90745a5aad5f236a1bc5beecfc541873aebde5790c08a8f88abfec0e29846ffc78bcccdba74d143cc4ce82c129b90d2b91adbf491ee2b833ede320279ae5d78e1eb29ef3d3e593c14c2c97b546df5b2a9fd13bb51624d66880889de98b4c7fd6b8b4fc566c9ad049184d58397469043beb69c98d9663bda3389d70c5ed19466e9b43b963771dc5fd1bf9e9c0f86d66f13170fda8b8fb3656a1fcc22e14b9a5e1083a58cf1281bacfeb857b04c17217de1845c9a649046bfa4b3aa421da8e69016a3af425da1936a31cb99e2379e7089ad628f9002210cdf506c91267bfb28b890a12ccca13d2c464975a13a8d010bb6f6f5157316c71980eabce39004996ec4c3cba49abd5a04f1bef70c025a17dd9176b3d443c72582bebe77a91458dc1df9c148ec058e2c71400988101a9f22d953684f8292ca23db48b7e962c632c9975fbfd300325abf311c9f5bdb6a0f4e5da27e5e60d25cdd1777db2b1f395d585b2999f89e93d624e1295c363a94db98d8d862c8f30c16a8b186b58cfb7e5d632ba3dfaccb8c1682f2c21b96e45082df868ae4aa256a0a6b74ceaa39dd25cad1ed60f960e654b7ec2a8d8c8f1bed77d82208df1796dba84661b6c60b9905f135387abd03850151365e3dd333bb67b98416d2e914d736ff476a5d0e4c227b0d0f2b7683444e6cc690334b7443e0563600e1a30edb7a82763f43caeb9689f929a0eceabaeded9233b6c5ae491dbbdcb5d63bd06e1b92594e06fd78290520f422c77296249ee72d565ac5f7e4acf38df97deaf722d25fbc836df97c35c8c648f9be6bc860394bd37b29ab8d35993c22e81833126e29d7c9e238dd9c19dd896b80ced026b9c4040ba84f13b9242719defeaedf960578403f6450b469d54b271d3d1288a0643f96bd70f7fc7dc3ada91e09ee45d4ceab916d7a421631904da96dfee05878761e9952985397998163a52193c084975e1d2c37c6f542a286065da4923fc59d841eecfda5454b033b9b9f204c8178e721599c6e779d0091c7aa401a494deb008724ab1ea8cb973c1c9ce821f1e36e3e9d831ec9ec79f5ad6b4076c191c05ef226a4686bba81ec42833356c6104b2ede6f078852327a667a51e35fc975ac6652740d5dfffad1612f43c2e76892a3511ff8a42ee94e532a165485d36f7922268ba84f9ef0e9afb442e1e703535a057552bd85ac52aa94ba863a193940bc46dd06de12c48513f72a8c9325efd3835e5056da8e07cb313afdc220cd4b62bb1ca8a0dee17dde5bd5a0bdf1e55596401675f0efe6c260d14c30a4673663dbd7a14df5b7ceedec2cab5ea58d7bb7a8ac5c92c6c6d6f0f63fbfcb72b4a0ad0289eeea2e8ffca0f26cb82e9ee8c0ab393d6b183856771af3a656cc00803709ec9378355883fce5b2f17a5f2c38ac0ad2e9cfd8dfbabc8ea57a1d8a3165e9c2a2f3ef4467af73e7c6a606f7822c772deea9c3c92e19cd7000b22c38a25e1c4947fb48b5ebd1f418d98890b849ae1d4b095d9c7f5f775b345d37553e6f6b663df477ce29d4544700e589819eae6a34dc09606ac5256712d215302d7aafd97bd02cf436e02030ab27e0196032f393e5f5ff16f8273b22706c028c016f4381c42a02aaf5e474e5c1ab6e25f732e27f245b34d09603cb732e9df14c5551d686c83e5f54abeed62a2bca4d9a8cd9764da3695bf41ab3ac2f8f88d014fa47788306d738678c734c8acae2a9454378ef99ce8f9ba16974ef96d03c1553112203e9efdde85bc60b8c67fd248bfba2c49fbe294513dad94cf3f4255a5ff507bbff69d21a09b332384efe541f270911a71ba51b1b56638886a274cbbbbecbf8a98d988a2bb02e6f515d3cf6cb15460d2f744dfd4c95d9742fd7357e52906699227fe3fe27845738ad06741269dd18de914b0c43983fd7d5fcb7677300fd5f8f3f09eed1067dd9cf5cfbd9cf8e9c971c7ffdd32031e06823055f37b90d5a6a8fda84d6e3af7b9b8d4a9b48806066e3fd30b316792cccb5fc15ed2904baf9c1401d87684293d4570711ac1b122f77a1009843bd8a1b8864d9feac5bc68e64d24503039f76e42592d12191bef414acc74f86daae62ea5a96c7d35dda929613e43315a9bce5313aa84a0a43c104be87eaf3df13e94f862dfec1b6fb733a6e05d82c473bd612051cc528def4c2e20176fb53bd396b218ab65646090f25ef4a4ed6d4846bbc421d95354da7069f25be2866fa97824e33c3692b4697b7d447fa616c120dafab47d9d00e0eccb3d41b21540ab5b55b2beec11154201857b2f2c7d3faa3100724cef68c2f1c3d9c3b4f49b6f457016b710cbfa031a2ed76c959c040b8dfcede0a2c783d292e0ee743509285eb22c988a221fcfd080adcb1e67cdda7cc126cac19446da48adfd07a2439fa348b5ffe77cc345c043f2c3c78cefd275fa51ba071bf9da71fcf450a3f4773b697d5154896f985660b1dba1c44022b06a0be3693189ed87595508b4cb91f7600bc1b172584ce081a11c0ac157d726f060aed4cda55dc27aeeac9dd97d1174d77f882a1a294df3f7df93788c4fe844bb2266142dc30404269f242c98293ca0b3b014988fe71722c2c1f3f36c30fa508d3e61430a1cbc8e06bb4b95b02c0d92e7b265bb6a52f2d35f874539c7f16abc219d0f591beb51230255a14a5cea267e6fe05afadd499e5acccee1f83001a7d847f164dd8540ccb56b241a159053455a5e0f92f0da2ad86c9b65435a51140d45059e6865d6d68ffa184357a878737ed352759b3ba69dd48c2a225c39c1816385d89ce7c251983a1e17e1f32d4a441e854de1117bfaa2f8a98f10188685554c47281ea9deee9a985cb953b91767875cdca7fc20c289e8dd751dc7118e258209fa1d6b70b758097dff7b003b4c879f3a7a5a25a3d95b5320bc35500ca691a83f298f87975f81d7aa33aad00ba26175d26502c6cc297f971036b668608f90dfe42a5531605189ce7c0f84a1ad0f622463a130ebc125b7c77edde0d20dd885fc5a2ea95667a18f01040b7fc4eca5c9b94f5e610e0a57a0d7b073fc55a97bbbc5dd8161f54f0473012dda915e824b73ad46277f5eb285b87ff54a536c0507e0cd95f8709fbbed468ce9c47db1a845dfcc443ac34449996648237e63da351b813c28726ec2bb0c515eaea0872d3d8a102d160089e42ae3af313a01a2ea74d31bbf7927aeab933e1484c518796090c652a4bc1921a4e0cfa8b02fdff60100b61e0acafc7fefb21faa05ac223561b9d556b172dc6f18bc2abe7302587077f58bef7c1776e3d876f862caec771ce62cad6ad2caef939a6a01900bc4328cffd8c06ef26d3371c4783e82cb7792d8d37221e76705d58a03052df6e790f6fd303f868d74983b20b915db4f05bb75bd744b9a286d411651106a946494052baaa4f085ce065ad8e75933069a837a6d4eeb414c4f99329032758edfeb8b23ef9c0600ee7b6efdd365e0a2bda1750efb059e01b533ee5f7cabd65a26403960484cc2eb6f374a8965d7d29e6484b86c25d304259106a8bb9753c9bd9856f0b87a6e68266d8cb8065ef1eec2af237be7a626bcff0427611ad837409c6d69ecf0607dbdbae2db60eac2b88a0ab6a637ab48224ea979299ddd1c721b2b58bd7e92d645929a7b56b9374a7857da0dc2f9921a3a63a53fcf0d016457f553709a5b747b87356db203b719f30e3d78599c28277d8546174047cbcf152f918601275f41955ae96198a4f0612340fabb5e3774e60bf6397cc726c8eef360c492712f6fc1f0c5c91adc426897d09de86fec6c0fc7affbb64652fba16c5d9fb383b29eaaba31d5af7bd12c34c488c292c618ad689aa7914994b313df0f2ebe270659851f52efce137786b28e1c09d21277ea284544e00d3868b42887a9ea74e22a3e3b342b687b7d80e057e3291c8da3cd309a83cb4ad8f0b3991ad2df85bca3737a2f18c53a122bc3e0d1bc5a8a77f32ee2fa53b06e1225039aae1f9aad06012371ffcab50e23586a2bb552104cdf2d277db66b1f1904821caba96dbac02fa23a8a3ffdfa3404ae37c1fe4935b010eb3468f45f74eedc18fbbf57bfd03b97ee0d2109cb071e7f86fc354a12c74e04e1b13107d38277f714bfb74a16cdd13cfd257ad139cd5783ecc46b433e3ed2cbd6bcf53b1be7ddd7f27785af0d572b6a08ea00f7304254afd376b44568d4dd2117f2057e163d920448d16238320a4e8cc8c0bdff3d5e98d8d0d00127ab1a30e7d403555e40940f6319aea0f4f3a46d1a3da7db7e2d70ee84febe36bb835f9044a8e9c4c2b6a27a54bccad07a8a745c911b82b9bbbd7367cf29df2f0818a545655f6115ef3d14cbd914e1f7ce31380560d21a6e1b5a9cfd31fd953ae438857280a566a8296bf0891348ea70d370e963169cc57d6e6fe58d822aefa863afcbabaef1525e0627a320f104b25e2219216df0ad589d54e4c0f2ac96fad71f418289c5a2a5b459b4142a6d280026d2282e3a6930396eb099aac709918f157181614529170be773645307bb282b947945a395c71f465650af976e1244a57b3cc8006668e36186281faec79ac614be7f147e036fa8191965c0ab977c66e175539a564b494726f732e64955d15597f6e9159e7af4794532c520315ad97ef6f1088bc342568a2a13eb45dd6ba4cb51b9d827e0ff43c75b876e7ce77829cf8ef6043e1236ef58342f21566505b163ddf20e1746646c6cb8e634422ce2df519a9385eb3b0b18d7bc42b35f3ba93699b2bec18d23f954aae4a2dd55d46c0694284254fd8d7706e3cd5f013ab9bd7e35c30a7b4235884f226c8177cb61b64cb5e4841b7da398611e9053f00553d217af30a9f7baef888be813a57e0fc33783d753b678e3750e6791aef0dacfb3ae49263c39832c4191e864a14be46d9858b6f2e92adeaff5b381fc873bb6c59e73870e04fc3b0d03985576046b52303d2d4e96fc5ed0476383e521d921ece737a2ab3b1e2b8c206c93486ec1f831ff3ecc4196c1db3427e76a51b06f814dacfd094d5103a5fe60b62d4b418a21442d9a8d3f1b7f9622ac05011735ccd99dab0eecc1fb31c7290f8d9ffeaf16336d80ee3ed68185049e29472e386fc11727c95190fc8df18e862a585549bfb33a70234ebfa7f4cf6d41211e67a13d6ea6597fd02829d164a2ccc8591f93899c891d75a188e75e65cc2220879be7b0375cbf8c973aca2eacb3b65382046a7b8dabae8d0284d0adea15e27c2c6f2ef2913d106f98d77f6d47262762468baa2d0e1c5fbf5d35d839cfa0e94fd7f0833ac2a772888e8a5c68510c43ff1ce661d999dc1f76b74a0a81e5233ebd97c93afa2a5d1f665baa554fbdcf87ff81cdb31f9089bb96ae41343a5190acee6596aa5456345c8507f9f56d2b3a21d7bdaf899807c030e51a104df2cc406dfec61f10adc7b341f2f5345453daffaba0b074a9314f329a49438a53a27185627f5ad6e624a7481ab6d6c0936d776e1a3ca43ca87da1863758242b0ef27ffa1a4a6dafe073d39f804e8ef38bf8aea7942221612ffcc5dd2340f8faf8b7c769e1dffe4977c7b8bedf837a52ecc45173e36885f407a0976b9eec6e778b65c1329ef15f9adc27be400be936381d826baca30575811912946e93e5db9f6ba7af9c24b4d94d6e778d1056187ddc6b9c434ae21ed72712efbc3a73d43edb3f40ed6d89e7987e05f12d8ae17348cff93a2bdcde2d4622b24e9fa96de39dde82a90635b2fc0de95e610f6a586f45f8677174d4bcee804efa4ca03aa2f5ddbdecdf9809ea178b3eac11d3bd85ce58a21e52ef074e71961b95151819e37f2044cb50b2aa460e23959582533b19d1eceec672cefda5cf12a245a71dd947588318565449ac9602a6f5ec17feef323561717c12977d5bd178b8f06a9517cc1adbce0e0a8fd05499233897fcd66289312db9f52a7ef0786e7efdf98dfb263fcec150d471c9ef9d2b96bd63c9b8be35f07c6b057df4485df747a95a90612e645aa9de2dedefadcdc16d17bf88b9edee630e0470cf4a7c647dd36dd60b00ab85f8a1643ad068656b6ab9bfd7494c7bc60b0f0809ecf3a3c10ceb03fa929cdb17e3f7197ce4500d590a9d7414438bb01805ba1c4cc9d02d97f887b7176d7e6e29b6a41d3236115d2393df0389bdf412c3317f39253eebdb0807fdec1845edf3343c19622304762dc5e53bd116c073387f3f297693891f3aaac8dcd7b4250c0ed2c713202917027aec0b65bdf79bdc795e4e527986818f6a8454b2308df4d72fd44d45af644952057c21f08866b81dd70ac24f3021e90a3a71040ecd6ae62e70abccbc815c66afe070d2446522a0d516dc168e55be4ce0e32c41673e3b054ff017591c8b5d84780e93caa6271d2d2fe17cf34d34d7db9584cfee239d148466dc2ee65d06bb38382b5b63c74b348fcadf2f004b8e298c444ccef05ec15f6fb5eb6735839b6ecb1e929520a7c72ab8d3a8c44e1c149be790f313ce8cb687a9b21f96f4a526c4fc66f4e27146f62fa47dd487a79210ba7580f37cfbbbf1f345f868e7010cbe7a13ab75c3a18502dd45d0ce667d0b139d4fe1545a0b07ed1fb66ae01c1d1eac1f99bed236b8b23b39c390657d17c07a919decbe696d5a5f0997d67f6e3b0b3f581e8a798110925e4261b25cfe2def63015351a077133d869e7ed101562b061a80d4945149959aa450bd22474298ba82f32a6455af83748a0d3f791d6e602ee5aa08f877e5d33754563af5822578cb989df501d3df0b839792b245fcfb58c15c3f66abe91ef327ba99eae7ef0e5ca052313a29b199da60c0d92fb509aef1511ffff27be17865adc28a182debdbe4a0881862147c89dcca02588be737026e2c49028b955db581e64b3f4097a082a4f916f50e78ca72b5de1d022f5003cc290ccce023dbec5e36bb933b3fc1be74f60a16ab6eb66c82afa47f947a21e8b25d9687f7ee5d3a5ff77f1c31ab6783e6d6396a76f0c756cbbe70c9a8b732b91b2234f2b1a2fb10524870e31cfeaa99b0ee75317d44fa93807ffdaba32f54e698178f136778801685b2e4534611b7514180a19aa4a00e3e19266c4fca5dccf40f56b8e49af5a5506114406c25e9b8d76bc1d9b46739737dcb9703c5492d69c9d06b282fe2effb7ef5d094e94faf8950be4a88e34549a11dee2dc191a1c75b93bccaddfdb8e11b9983de3f8260af4692203d46106be0d6a723e0a3e9c8da084444f86ffe0c9070a7463004e72f876d642a50a303249710644cd81efad0a51dc587dfabb54e2e39d42d390113adcc0f7f0318b735582570a9dcbdf71a02f12a29f4f79178e1c9004b8d2a77cf376723e536ce72316f87e17109ebae06c5e3cafd778bfcfe6601e4a9c811b59f6e268bb961ad32ef683296770c0d3a63281566919abdacef4429babd340681dbf174feba63a42b2d6349ccdb218d9f9158df2b7c2e2717c134627345f6cc61a6135ac24a0bd0d14a8187b40ebdbb744a03fb692713770032d3f1b3f58d5ef64526fb8a68f7bfce2982339072913257326821b1e07bc46509b7d99aebb289d2114ec30f9e2b774dd0281c36ca1df8684cc1daccb5f34e22f0186457bc7b5a35fa23bd00", 0x2000, &(0x7f0000002c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(r1)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
socket(0x1d, 0x2, 0x6)
executing program 1:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept(r1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x4094}, 0x20040090)
executing program 0:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
r1 = dup(r0)
sendmsg$NFT_MSG_GETOBJ(r1, 0x0, 0x24000081)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4000040}, 0x40000)
timer_create(0x7, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendto$l2tp6(r1, 0x0, 0x0, 0x20000000, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x20)
openat$vcs(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
shutdown(r1, 0x0)
executing program 0:
syz_open_procfs(0x0, &(0x7f0000000580)='cgroup\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
signalfd4(0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10842, 0x0)
r0 = inotify_init1(0x0)
dup(r0)
pselect6(0x40, &(0x7f0000000080)={0x3ff}, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x0})
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: bisecting 12 programs
bisect: split chunks (needed=false): <12>
bisect: split chunk #0 of len 12 into 3 parts
bisect: testing without sub-chunk 1/3
testing program (duration=16m2s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7, 7, 7, 7, 7, 7, 7]
detailed listing:
executing program 1:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept(r1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x4094}, 0x20040090)
executing program 0:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
r1 = dup(r0)
sendmsg$NFT_MSG_GETOBJ(r1, 0x0, 0x24000081)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x4000040}, 0x40000)
timer_create(0x7, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendto$l2tp6(r1, 0x0, 0x0, 0x20000000, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x20)
openat$vcs(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
shutdown(r1, 0x0)
executing program 0:
syz_open_procfs(0x0, &(0x7f0000000580)='cgroup\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
signalfd4(0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x10842, 0x0)
r0 = inotify_init1(0x0)
dup(r0)
pselect6(0x40, &(0x7f0000000080)={0x3ff}, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x0})
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: the chunk can be dropped
bisect: testing without sub-chunk 2/3
testing program (duration=16m1s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7, 7, 7]
detailed listing:
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: the chunk can be dropped
bisect: testing without sub-chunk 3/3
bisect: split chunks (needed=true): <4>
bisect: split chunk #0 of len 4 into 2 parts
bisect: testing without sub-chunk 1/2
testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7]
detailed listing:
executing program 1:
syz_open_procfs$userns(0x0, &(0x7f0000000040))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
dup2(r0, r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000640)=[{{&(0x7f0000000240)=@pppol2tpv3={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0, 0xffffffffffffffc4}}], 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x8901, &(0x7f0000000040))
executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r1, 0x4)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = accept4(r1, 0x0, 0x0, 0x0)
ioctl$TIOCMGET(r2, 0x5451, 0x0)

program did not crash
bisect: testing without sub-chunk 2/2
testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): [7, 7]
detailed listing:
executing program 0:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)

program crashed: WARNING: ODEBUG bug in netdev_release
bisect: the chunk can be dropped
bisect: split chunks (needed=true): <2>
bisect: split chunk #0 of len 2 into 2 parts
bisect: testing without sub-chunk 1/2
testing program (duration=16m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-listen-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$MAP_CREATE-bpf$BPF_PROG_DETACH-bpf$MAP_UPDATE_ELEM-sendmsg
detailed listing:
executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)

program crashed: INFO: task hung in _vm_unmap_aliases
bisect: the chunk can be dropped
bisect: testing without sub-chunk 2/2
bisect: no need to test this chunk, it's definitely needed
bisect: split chunks (needed=true): <1>
bisect: split chunk #0 of len 1 into 2 parts
bisect: no way to further split the chunk
bisect: 1 programs left: 

executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)


bisect: trying to concatenate
bisect: concatenate 1 entries
testing program (duration=24m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-listen-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$MAP_CREATE-bpf$BPF_PROG_DETACH-bpf$MAP_UPDATE_ELEM-sendmsg
detailed listing:
executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)='*', 0x1}], 0x1}, 0x4)

program crashed: INFO: task hung in _vm_unmap_aliases
bisect: concatenation succeeded
found reproducer with 7 syscalls
minimizing guilty program
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-listen-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$MAP_CREATE-bpf$BPF_PROG_DETACH-bpf$MAP_UPDATE_ELEM
detailed listing:
executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r2, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r0}, 0x20)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-listen-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$MAP_CREATE-bpf$BPF_PROG_DETACH
detailed listing:
executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='\a'], 0x10)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-listen-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-bpf$MAP_CREATE
detailed listing:
executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-listen-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-listen
detailed listing:
executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)

program did not crash
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket$inet6_tcp-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

program did not crash
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, 0x0, &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program did not crash
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program did not crash
testing program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], 0x0, 0x1}, 0x94)

program did not crash
extracting C reproducer
testing compiled C program (duration=19m4.462892812s, {Threaded:true Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
simplifying C reproducer
testing compiled C program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:2 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing compiled C program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
program crashed: INFO: task hung in _vm_unmap_aliases
testing program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program did not crash
validation run: crashed=false
testing program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program did not crash
validation run: crashed=false
testing program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program crashed: INFO: task hung in _vm_unmap_aliases
validation run: crashed=true
testing program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program crashed: INFO: task hung in _vm_unmap_aliases
validation run: crashed=true
testing program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program did not crash
validation run: crashed=false
testing program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program did not crash
validation run: crashed=false
testing program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program did not crash
validation run: crashed=false
testing program (duration=19m4.462892812s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:10 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD
detailed listing:
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)

program crashed: INFO: task hung in _vm_unmap_aliases
validation run: crashed=true
reproducing took 8h47m13.452206616s
repro crashed as (corrupted=false):
INFO: task kworker/1:20:4204 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:20    state:D stack:0     pid:4204  tgid:4204  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:dfba9d84 r8:00000002 r7:60000113 r6:dfba9d8c r5:854e9800
 r4:854e9800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:854e9800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfba9e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85722340
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:854e9800 r7:00000000 r6:83018200 r5:00001000 r4:7f073000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e0575000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84daf78c r4:84daf400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:84daf78c r4:856b6500
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:854e9800 r8:856b652c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:856b6500
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:856b6500 r8:8027ecf4 r7:dfad1e60 r6:83aebf80 r5:854e9800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xdfba9fb0 to 0xdfba9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84f7e080
INFO: task kworker/1:20:4204 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: cf501000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:21:4209 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:21    state:D stack:0     pid:4209  tgid:4209  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:dfbf1d84 r8:00000002 r7:60000113 r6:dfbf1d8c r5:854e8000
 r4:854e8000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:854e8000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfbf1e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42540
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:854e8000 r7:00000000 r6:83018200 r5:00001000 r4:7f07f000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e8795000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84efef8c r4:84efec00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:84efef8c r4:856b6600
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:854e8000 r8:856b662c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:856b6600
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:856b6600 r8:8027ecf4 r7:dfad1e60 r6:84ed3e00 r5:854e8000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xdfbf1fb0 to 0xdfbf1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84f7e200
INFO: task kworker/1:21:4209 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: cf501000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:182:4929 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:182   state:D stack:0     pid:4929  tgid:4929  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea88dd84 r8:00000002 r7:60000113 r6:ea88dd8c r5:85816c00
 r4:85816c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85816c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea88de08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8584afc0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85816c00 r7:00000000 r6:83018200 r5:00001000 r4:7f059000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfda7000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588838c r4:85888000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:8588838c r4:8584c280
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85816c00 r8:8584c2ac r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584c280
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584c280 r8:8027ecf4 r7:ea8f5e60 r6:8584c300 r5:85816c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea88dfb0 to 0xea88dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:8584af40
INFO: task kworker/1:182:4929 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: cf501000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:183:4931 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:183   state:D stack:0     pid:4931  tgid:4931  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea905d84 r8:00000002 r7:60000113 r6:ea905d8c r5:85813c00
 r4:85813c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85813c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea905e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cab300
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85813c00 r7:00000000 r6:83018200 r5:00001000 r4:7f085000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:ea96d000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588bb8c r4:8588b800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:8588bb8c r4:8584c380
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85813c00 r8:8584c3ac r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584c380
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584c380 r8:8027ecf4 r7:ea88de60 r6:8584c400 r5:85813c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea905fb0 to 0xea905ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:8584a6c0
INFO: task kworker/1:183:4931 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:184:4934 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:184   state:D stack:0     pid:4934  tgid:4934  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea8e9d84 r8:00000002 r7:60000013 r6:ea8e9d8c r5:85814800
 r4:85814800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85814800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea8e9e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85835400
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85814800 r7:00000000 r6:83018200 r5:00001000 r4:7f04f000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfbe1000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85895b8c r4:85895800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:85895b8c r4:8584c580
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85814800 r8:8584c5ac r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584c580
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584c580 r8:8027ecf4 r7:ea905e60 r6:8584c600 r5:85814800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea8e9fb0 to 0xea8e9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84cc1400
INFO: task kworker/1:184:4934 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/0:203:4942 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:203   state:D stack:0     pid:4942  tgid:4942  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea959d84 r8:00000002 r7:60000013 r6:ea959d8c r5:85819800
 r4:85819800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85819800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea959e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cd1380
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85819800 r7:00000000 r6:83018000 r5:00001000 r4:7f061000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfa7b000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff238c r4:84ff2000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff238c r4:85845280
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85819800 r8:858452ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845280
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845280 r8:8027ecf4 r7:ea975e60 r6:8584c900 r5:85819800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea959fb0 to 0xea959ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848300
INFO: task kworker/0:203:4942 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/0:204:4944 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:204   state:D stack:0     pid:4944  tgid:4944  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea961d84 r8:00000002 r7:60000013 r6:ea961d8c r5:8581b000
 r4:8581b000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581b000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea961e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cd1ac0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581b000 r7:00000000 r6:83018000 r5:00001000 r4:7f063000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfeb1000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588af8c r4:8588ac00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8588af8c r4:85845300
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581b000 r8:8584532c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845300
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845300 r8:8027ecf4 r7:ea975e60 r6:8584c980 r5:8581b000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea961fb0 to 0xea961ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848740
INFO: task kworker/0:204:4944 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:186:4945 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:186   state:D stack:0     pid:4945  tgid:4945  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea95dd84 r8:00000002 r7:60000113 r6:ea95dd8c r5:8581bc00
 r4:8581bc00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581bc00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea95de08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c9fdc0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:8581bc00 r7:00000000 r6:83018200 r5:00001000 r4:7f04b000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfb51000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85888b8c r4:85888800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:85888b8c r4:8584ca00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581bc00 r8:8584ca2c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584ca00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584ca00 r8:8027ecf4 r7:ea90de60 r6:8584ca80 r5:8581bc00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea95dfb0 to 0xea95dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85837080
INFO: task kworker/1:186:4945 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:187:4947 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:187   state:D stack:0     pid:4947  tgid:4947  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea965d84 r8:00000002 r7:60000113 r6:ea965d8c r5:8581d400
 r4:8581d400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581d400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea965e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42300
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:8581d400 r7:00000000 r6:83018200 r5:00001000 r4:7f07d000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e4701000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff38c r4:84eff000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:84eff38c r4:8584cb00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581d400 r8:8584cb2c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584cb00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584cb00 r8:8027ecf4 r7:ea90de60 r6:8584cb80 r5:8581d400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea965fb0 to 0xea965ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:858494c0
INFO: task kworker/1:187:4947 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/0:205:4950 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:205   state:D stack:0     pid:4950  tgid:4950  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea97dd84 r8:00000002 r7:60000013 r6:ea97dd8c r5:8581e000
 r4:8581e000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581e000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea97de08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:857383c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581e000 r7:00000000 r6:83018000 r5:00001000 r4:7f065000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dff13000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff078c r4:84ff0400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff078c r4:85845380
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581e000 r8:858453ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845380
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845380 r8:8027ecf4 r7:ea959e60 r6:8584cc80 r5:8581e000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea97dfb0 to 0xea97dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848f40
INFO: task kworker/0:205:4950 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:206:4952 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:206   state:D stack:0     pid:4952  tgid:4952  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea915d84 r8:00000002 r7:60000013 r6:ea915d8c r5:8581ec00
 r4:8581ec00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581ec00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea915e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42400
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f07b000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e0661000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84effb8c r4:84eff800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84effb8c r4:85845400
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581ec00 r8:8584542c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845400
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845400 r8:8027ecf4 r7:ea959e60 r6:8584cd00 r5:8581ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea915fb0 to 0xea915ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:858488c0
INFO: task kworker/0:206:4952 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:207:4954 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:207   state:D stack:0     pid:4954  tgid:4954  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea919d84 r8:00000002 r7:60000013 r6:ea919d8c r5:8581c800
 r4:8581c800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581c800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea919e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8555ec40
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581c800 r7:00000000 r6:83018000 r5:00001000 r4:7f081000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:ea845000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85895f8c r4:85895c00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:85895f8c r4:85845480
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581c800 r8:858454ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845480
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845480 r8:8027ecf4 r7:ea959e60 r6:8584cd80 r5:8581c800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea919fb0 to 0xea919ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848440
INFO: task kworker/0:207:4954 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d0d70000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:208:4957 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:208   state:D stack:0     pid:4957  tgid:4957  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea91dd84 r8:00000002 r7:60000013 r6:ea91dd8c r5:8581a400
 r4:8581a400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581a400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea91de08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cc19c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581a400 r7:00000000 r6:83018000 r5:00001000 r4:7f05d000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfe6d000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff038c r4:84ff0000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff038c r4:85845500
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581a400 r8:8584552c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845500
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845500 r8:8027ecf4 r7:ea959e60 r6:8584ce00 r5:8581a400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea91dfb0 to 0xea91dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848a00
INFO: task kworker/0:208:4957 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d0d70000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:209:4959 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:209   state:D stack:0     pid:4959  tgid:4959  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea931d84 r8:00000002 r7:60000013 r6:ea931d8c r5:85828c00
 r4:85828c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85828c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea931e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:854fce80
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85828c00 r7:00000000 r6:83018000 r5:00001000 r4:7f045000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:df90d000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff338c r4:84ff3000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff338c r4:85845580
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85828c00 r8:858455ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845580
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845580 r8:8027ecf4 r7:ea91de60 r6:8584cf80 r5:85828c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea931fb0 to 0xea931ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85838f80
INFO: task kworker/0:209:4959 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d0d70000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:210:4960 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:210   state:D stack:0     pid:4960  tgid:4960  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea991d84 r8:00000002 r7:60000113 r6:ea991d8c r5:85828000
 r4:85828000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85828000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea991e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85837240
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85828000 r7:00000000 r6:83018000 r5:00001000 r4:7f051000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfc27000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85894f8c r4:85894c00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:85894f8c r4:85845600
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85828000 r8:8584562c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845600
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845600 r8:8027ecf4 r7:ea91de60 r6:8584cc00 r5:85828000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea991fb0 to 0xea991ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84cc0f00
INFO: task kworker/0:210:4960 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d2420000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:211:4962 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:211   state:D stack:0     pid:4962  tgid:4962  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea995d84 r8:00000002 r7:60000013 r6:ea995d8c r5:85829800
 r4:85829800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85829800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea995e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cc1c40
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85829800 r7:00000000 r6:83018000 r5:00001000 r4:7f05b000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfe0f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff3b8c r4:84ff3800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff3b8c r4:85845700
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85829800 r8:8584572c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845700
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845700 r8:8027ecf4 r7:ea991e60 r6:85846000 r5:85829800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea995fb0 to 0xea995ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:858388c0
INFO: task kworker/0:211:4962 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d4d8f000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:212:4964 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:212   state:D stack:0     pid:4964  tgid:4964  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea999d84 r8:00000002 r7:60000013 r6:ea999d8c r5:8582a400
 r4:8582a400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8582a400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea999e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e238c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582a400 r7:00000000 r6:83018000 r5:00001000 r4:7f057000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfd15000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8595e78c r4:8595e400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8595e78c r4:85845780
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582a400 r8:858457ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845780
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845780 r8:8027ecf4 r7:ea991e60 r6:85846080 r5:8582a400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea999fb0 to 0xea999ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85837540
INFO: task kworker/0:212:4964 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d4d8f000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:213:4966 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:213   state:D stack:0     pid:4966  tgid:4966  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea921d84 r8:00000002 r7:60000013 r6:ea921d8c r5:84d76000
 r4:84d76000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:84d76000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea921e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85838a80
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:84d76000 r7:00000000 r6:83018000 r5:00001000 r4:7f055000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfcc3000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8595f38c r4:8595f000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8595f38c r4:85845800
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:84d76000 r8:8584582c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845800
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845800 r8:8027ecf4 r7:ea991e60 r6:85845880 r5:84d76000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea921fb0 to 0xea921ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84cb5300
INFO: task kworker/0:213:4966 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d66c8000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:214:4968 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:214   state:D stack:0     pid:4968  tgid:4968  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea945d84 r8:00000002 r7:60000113 r6:ea945d8c r5:84d76c00
 r4:84d76c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:84d76c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea945e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85835980
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:84d76c00 r7:00000000 r6:83018000 r5:00001000 r4:7f083000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:ea8fd000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84fedf8c r4:84fedc00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84fedf8c r4:85845900
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:84d76c00 r8:8584592c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845900
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845900 r8:8027ecf4 r7:ea991e60 r6:85845980 r5:84d76c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea945fb0 to 0xea945ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848a00
INFO: task kworker/0:214:4968 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d6ca6000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:215:4970 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:215   state:D stack:0     pid:4970  tgid:4970  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea9a5d84 r8:00000002 r7:60000013 r6:ea9a5d8c r5:84d75400
 r4:84d75400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:84d75400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea9a5e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85835000
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:84d75400 r7:00000000 r6:83018000 r5:00001000 r4:7f053000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfc6a000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8589578c r4:85895400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8589578c r4:85845a00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:84d75400 r8:85845a2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845a00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845a00 r8:8027ecf4 r7:ea991e60 r6:85845a80 r5:84d75400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9a5fb0 to 0xea9a5ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:8583ae00
INFO: task kworker/0:215:4970 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d7655000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:216:4972 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:216   state:D stack:0     pid:4972  tgid:4972  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea9c9d84 r8:00000002 r7:60000013 r6:ea9c9d8c r5:84d74800
 r4:84d74800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:84d74800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea9c9e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cb90c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:84d74800 r7:00000000 r6:83018000 r5:00001000 r4:7f049000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfaf9000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588978c r4:85889400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8588978c r4:85845b00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:84d74800 r8:85845b2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845b00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845b00 r8:8027ecf4 r7:ea945e60 r6:85845b80 r5:84d74800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9c9fb0 to 0xea9c9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841000
INFO: task kworker/0:216:4972 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d827b000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:217:4974 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:217   state:D stack:0     pid:4974  tgid:4974  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea969d84 r8:00000002 r7:60000113 r6:ea969d8c r5:8582bc00
 r4:8582bc00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8582bc00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea969e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:858357c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582bc00 r7:00000000 r6:83018000 r5:00001000 r4:7f087000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:ea9f5000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84fed78c r4:84fed400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84fed78c r4:85845c80
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582bc00 r8:85845cac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845c80
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845c80 r8:8027ecf4 r7:ea945e60 r6:85846180 r5:8582bc00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea969fb0 to 0xea969ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841640
INFO: task kworker/0:217:4974 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d855f000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:218:4976 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:218   state:D stack:0     pid:4976  tgid:4976  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea985d84 r8:00000002 r7:60000113 r6:ea985d8c r5:8582d400
 r4:8582d400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8582d400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea985e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85835580
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582d400 r7:00000000 r6:83018000 r5:00001000 r4:7f04d000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfba5000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8589438c r4:85894000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8589438c r4:85845d00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582d400 r8:85845d2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845d00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845d00 r8:8027ecf4 r7:ea969e60 r6:85846200 r5:8582d400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea985fb0 to 0xea985ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841880
INFO: task kworker/0:218:4976 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d8c67000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:221:4986 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:221   state:D stack:0     pid:4986  tgid:4986  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:eaa11d84 r8:00000002 r7:60000113 r6:eaa11d8c r5:8582b000
 r4:8582b000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8582b000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:eaa11e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42d40
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582b000 r7:00000000 r6:83018000 r5:00001000 r4:7f077000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfa77000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84efeb8c r4:84efe800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84efeb8c r4:85845e80
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582b000 r8:85845eac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e80
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e80 r8:8027ecf4 r7:eaa05e60 r6:85846480 r5:8582b000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeaa11fb0 to 0xeaa11ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841a00
INFO: task kworker/0:221:4986 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d8f16000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:222:4991 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:222   state:D stack:0     pid:4991  tgid:4991  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:eaa65d84 r8:00000002 r7:60000013 r6:eaa65d8c r5:85930c00
 r4:85930c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85930c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:eaa65e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42c80
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85930c00 r7:00000000 r6:83018000 r5:00001000 r4:7f045000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfa13000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84efe78c r4:84efe400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84efe78c r4:85845f00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85930c00 r8:85845f2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845f00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845f00 r8:8027ecf4 r7:eaa05e60 r6:85846680 r5:85930c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeaa65fb0 to 0xeaa65ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84f7e400
INFO: task kworker/0:222:4991 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d8f16000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:223:4994 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:223   state:D stack:0     pid:4994  tgid:4994  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:eaa99d84 r8:00000002 r7:60000013 r6:eaa99d8c r5:85933000
 r4:85933000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85933000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:eaa99e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841780
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85933000 r7:00000000 r6:83018000 r5:00001000 r4:7f075000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e05eb000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84efff8c r4:84effc00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84efff8c r4:85845f80
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85933000 r8:85845fac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845f80
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845f80 r8:8027ecf4 r7:eaa05e60 r6:85846880 r5:85933000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeaa99fb0 to 0xeaa99ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84dbe880
INFO: task kworker/0:223:4994 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d95d3000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/1:196:5014 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:196   state:D stack:0     pid:5014  tgid:5014  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:eaad5d84 r8:00000002 r7:60000113 r6:eaad5d8c r5:85920c00
 r4:85920c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85920c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:eaad5e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cab4c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85920c00 r7:00000000 r6:83018200 r5:00001000 r4:7f047000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfab3000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85889f8c r4:85889c00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:85889f8c r4:85846d00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85920c00 r8:85846d2c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:85846d00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85846d00 r8:8027ecf4 r7:ea9c5e60 r6:85852580 r5:85920c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeaad5fb0 to 0xeaad5ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848ec0
INFO: task kworker/1:196:5014 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d980a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/1:197:5034 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:197   state:D stack:0     pid:5034  tgid:5034  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea9d9d84 r8:00000002 r7:60000113 r6:ea9d9d8c r5:85926c00
 r4:85926c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85926c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea9d9e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84caf280
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85926c00 r7:00000000 r6:83018200 r5:00001000 r4:7f079000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e060d000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588938c r4:85889000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:8588938c r4:85846c00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85926c00 r8:85846c2c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:85846c00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85846c00 r8:8027ecf4 r7:eaad5e60 r6:85852d00 r5:85926c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9d9fb0 to 0xea9d9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84cd1540
INFO: task kworker/1:197:5034 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d9d18000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/1:198:5037 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:198   state:D stack:0     pid:5037  tgid:5037  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea9e1d84 r8:00000002 r7:60000113 r6:ea9e1d8c r5:85924800
 r4:85924800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85924800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea9e1e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85844000
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85924800 r7:00000000 r6:83018200 r5:00001000 r4:7f05f000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfa27000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588b38c r4:8588b000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:8588b38c r4:85855000
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85924800 r8:8585502c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:85855000
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85855000 r8:8027ecf4 r7:ea9c5e60 r6:85852e00 r5:85924800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9e1fb0 to 0xea9e1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848a80
INFO: task kworker/1:198:5037 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d9ecb000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT 
Hardware name: ARM-Versatile Express
Call trace: 
[<80201a00>] (dump_backtrace) from [<80201afc>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257)
 r7:00000000 r6:000f0013 r5:600f0093 r4:8225c2b0
[<80201ae4>] (show_stack) from [<8021fe00>] (__dump_stack lib/dump_stack.c:94 [inline])
[<80201ae4>] (show_stack) from [<8021fe00>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:120)
[<8021fd90>] (dump_stack_lvl) from [<8021fe24>] (dump_stack+0x18/0x1c lib/dump_stack.c:129)
 r5:00000000 r4:00000001
[<8021fe0c>] (dump_stack) from [<81a19bd4>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113)
[<81a19a74>] (nmi_cpu_backtrace) from [<81a19d20>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62)
 r7:00000000 r6:8280c690 r5:8281af40 r4:ffffffff
[<81a19bf0>] (nmi_trigger_cpumask_backtrace) from [<802304fc>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:852)
 r9:8280c80c r8:82ab3564 r7:8281bb28 r6:00007b89 r5:8281b508 r4:85c4540c
[<802304e4>] (arch_trigger_cpumask_backtrace) from [<8037ff64>] (trigger_all_cpu_backtrace include/linux/nmi.h:158 [inline])
[<802304e4>] (arch_trigger_cpumask_backtrace) from [<8037ff64>] (check_hung_uninterruptible_tasks kernel/hung_task.c:307 [inline])
[<802304e4>] (arch_trigger_cpumask_backtrace) from [<8037ff64>] (watchdog+0x4a8/0x74c kernel/hung_task.c:470)
[<8037fabc>] (watchdog) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:00000000 r8:8037fabc r7:83349780 r6:83349780 r5:83259800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xdf8e1fb0 to 0xdf8e1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:8334c5c0
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 2823 Comm: pr/ttyAMA0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT 
Hardware name: ARM-Versatile Express
PC is at __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
PC is at _raw_spin_unlock_irqrestore+0x28/0x54 kernel/locking/spinlock.c:194
LR is at spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
LR is at __uart_port_unlock_irqrestore include/linux/serial_core.h:616 [inline]
LR is at pl011_console_device_unlock+0x20/0x24 drivers/tty/serial/amba-pl011.c:2603
pc : [<81a391b4>]    lr : [<80a70c14>]    psr: 60000013
sp : eb84deb0  ip : eb84dec0  fp : eb84debc
r10: 8295a38c  r9 : 00000001  r8 : 00000000
r7 : 00000117  r6 : 8295a2f0  r5 : 00000000  r4 : 00000001
r3 : 00000d12  r2 : 00000000  r1 : 60000013  r0 : 83e9b040
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 30c5387d  Table: 855a9740  DAC: 00000000
Call trace: 
[<81a3918c>] (_raw_spin_unlock_irqrestore) from [<80a70c14>] (spin_unlock_irqrestore include/linux/spinlock.h:406 [inline])
[<81a3918c>] (_raw_spin_unlock_irqrestore) from [<80a70c14>] (__uart_port_unlock_irqrestore include/linux/serial_core.h:616 [inline])
[<81a3918c>] (_raw_spin_unlock_irqrestore) from [<80a70c14>] (pl011_console_device_unlock+0x20/0x24 drivers/tty/serial/amba-pl011.c:2603)
[<80a70bf4>] (pl011_console_device_unlock) from [<802e7e24>] (nbcon_emit_one+0x80/0xf8 kernel/printk/nbcon.c:1123)
[<802e7da4>] (nbcon_emit_one) from [<802e8044>] (nbcon_kthread_func+0x1a8/0x2a4 kernel/printk/nbcon.c:1210)
 r6:8280c690 r5:84b66000 r4:8295a2f0
[<802e7e9c>] (nbcon_kthread_func) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8295a2f0 r8:802e7e9c r7:846e0080 r6:846e0080 r5:84b66000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeb84dfb0 to 0xeb84dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84667f80

final repro crashed as (corrupted=false):
INFO: task kworker/1:20:4204 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:20    state:D stack:0     pid:4204  tgid:4204  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:dfba9d84 r8:00000002 r7:60000113 r6:dfba9d8c r5:854e9800
 r4:854e9800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:854e9800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfba9e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85722340
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:854e9800 r7:00000000 r6:83018200 r5:00001000 r4:7f073000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e0575000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84daf78c r4:84daf400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:84daf78c r4:856b6500
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:854e9800 r8:856b652c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:856b6500
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:856b6500 r8:8027ecf4 r7:dfad1e60 r6:83aebf80 r5:854e9800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xdfba9fb0 to 0xdfba9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84f7e080
INFO: task kworker/1:20:4204 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: cf501000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:21:4209 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:21    state:D stack:0     pid:4209  tgid:4209  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:dfbf1d84 r8:00000002 r7:60000113 r6:dfbf1d8c r5:854e8000
 r4:854e8000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:854e8000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:dfbf1e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42540
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:854e8000 r7:00000000 r6:83018200 r5:00001000 r4:7f07f000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e8795000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84efef8c r4:84efec00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:84efef8c r4:856b6600
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:854e8000 r8:856b662c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:856b6600
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:856b6600 r8:8027ecf4 r7:dfad1e60 r6:84ed3e00 r5:854e8000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xdfbf1fb0 to 0xdfbf1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84f7e200
INFO: task kworker/1:21:4209 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: cf501000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:182:4929 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:182   state:D stack:0     pid:4929  tgid:4929  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea88dd84 r8:00000002 r7:60000113 r6:ea88dd8c r5:85816c00
 r4:85816c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85816c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea88de08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8584afc0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85816c00 r7:00000000 r6:83018200 r5:00001000 r4:7f059000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfda7000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588838c r4:85888000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:8588838c r4:8584c280
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85816c00 r8:8584c2ac r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584c280
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584c280 r8:8027ecf4 r7:ea8f5e60 r6:8584c300 r5:85816c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea88dfb0 to 0xea88dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:8584af40
INFO: task kworker/1:182:4929 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: cf501000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:183:4931 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:183   state:D stack:0     pid:4931  tgid:4931  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea905d84 r8:00000002 r7:60000113 r6:ea905d8c r5:85813c00
 r4:85813c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85813c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea905e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cab300
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85813c00 r7:00000000 r6:83018200 r5:00001000 r4:7f085000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:ea96d000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588bb8c r4:8588b800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:8588bb8c r4:8584c380
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85813c00 r8:8584c3ac r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584c380
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584c380 r8:8027ecf4 r7:ea88de60 r6:8584c400 r5:85813c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea905fb0 to 0xea905ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:8584a6c0
INFO: task kworker/1:183:4931 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:184:4934 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:184   state:D stack:0     pid:4934  tgid:4934  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea8e9d84 r8:00000002 r7:60000013 r6:ea8e9d8c r5:85814800
 r4:85814800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85814800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea8e9e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85835400
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85814800 r7:00000000 r6:83018200 r5:00001000 r4:7f04f000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfbe1000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85895b8c r4:85895800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:85895b8c r4:8584c580
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85814800 r8:8584c5ac r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584c580
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584c580 r8:8027ecf4 r7:ea905e60 r6:8584c600 r5:85814800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea8e9fb0 to 0xea8e9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84cc1400
INFO: task kworker/1:184:4934 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/0:203:4942 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:203   state:D stack:0     pid:4942  tgid:4942  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea959d84 r8:00000002 r7:60000013 r6:ea959d8c r5:85819800
 r4:85819800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85819800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea959e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cd1380
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85819800 r7:00000000 r6:83018000 r5:00001000 r4:7f061000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfa7b000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff238c r4:84ff2000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff238c r4:85845280
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85819800 r8:858452ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845280
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845280 r8:8027ecf4 r7:ea975e60 r6:8584c900 r5:85819800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea959fb0 to 0xea959ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848300
INFO: task kworker/0:203:4942 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/0:204:4944 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:204   state:D stack:0     pid:4944  tgid:4944  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea961d84 r8:00000002 r7:60000013 r6:ea961d8c r5:8581b000
 r4:8581b000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581b000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea961e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cd1ac0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581b000 r7:00000000 r6:83018000 r5:00001000 r4:7f063000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfeb1000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588af8c r4:8588ac00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8588af8c r4:85845300
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581b000 r8:8584532c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845300
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845300 r8:8027ecf4 r7:ea975e60 r6:8584c980 r5:8581b000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea961fb0 to 0xea961ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848740
INFO: task kworker/0:204:4944 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:186:4945 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:186   state:D stack:0     pid:4945  tgid:4945  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea95dd84 r8:00000002 r7:60000113 r6:ea95dd8c r5:8581bc00
 r4:8581bc00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581bc00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea95de08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c9fdc0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:8581bc00 r7:00000000 r6:83018200 r5:00001000 r4:7f04b000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfb51000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85888b8c r4:85888800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:85888b8c r4:8584ca00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581bc00 r8:8584ca2c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584ca00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584ca00 r8:8027ecf4 r7:ea90de60 r6:8584ca80 r5:8581bc00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea95dfb0 to 0xea95dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85837080
INFO: task kworker/1:186:4945 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/1:187:4947 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:187   state:D stack:0     pid:4947  tgid:4947  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea965d84 r8:00000002 r7:60000113 r6:ea965d8c r5:8581d400
 r4:8581d400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581d400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea965e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42300
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:8581d400 r7:00000000 r6:83018200 r5:00001000 r4:7f07d000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e4701000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff38c r4:84eff000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:84eff38c r4:8584cb00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581d400 r8:8584cb2c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:8584cb00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8584cb00 r8:8027ecf4 r7:ea90de60 r6:8584cb80 r5:8581d400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea965fb0 to 0xea965ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:858494c0
INFO: task kworker/1:187:4947 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
INFO: task kworker/0:205:4950 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:205   state:D stack:0     pid:4950  tgid:4950  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea97dd84 r8:00000002 r7:60000013 r6:ea97dd8c r5:8581e000
 r4:8581e000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581e000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea97de08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:857383c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581e000 r7:00000000 r6:83018000 r5:00001000 r4:7f065000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dff13000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff078c r4:84ff0400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff078c r4:85845380
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581e000 r8:858453ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845380
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845380 r8:8027ecf4 r7:ea959e60 r6:8584cc80 r5:8581e000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea97dfb0 to 0xea97dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848f40
INFO: task kworker/0:205:4950 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:206:4952 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:206   state:D stack:0     pid:4952  tgid:4952  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea915d84 r8:00000002 r7:60000013 r6:ea915d8c r5:8581ec00
 r4:8581ec00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581ec00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea915e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42400
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f07b000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e0661000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84effb8c r4:84eff800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84effb8c r4:85845400
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581ec00 r8:8584542c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845400
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845400 r8:8027ecf4 r7:ea959e60 r6:8584cd00 r5:8581ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea915fb0 to 0xea915ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:858488c0
INFO: task kworker/0:206:4952 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d070a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:207:4954 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:207   state:D stack:0     pid:4954  tgid:4954  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea919d84 r8:00000002 r7:60000013 r6:ea919d8c r5:8581c800
 r4:8581c800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581c800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea919e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:8555ec40
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581c800 r7:00000000 r6:83018000 r5:00001000 r4:7f081000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:ea845000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85895f8c r4:85895c00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:85895f8c r4:85845480
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581c800 r8:858454ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845480
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845480 r8:8027ecf4 r7:ea959e60 r6:8584cd80 r5:8581c800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea919fb0 to 0xea919ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848440
INFO: task kworker/0:207:4954 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d0d70000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:208:4957 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:208   state:D stack:0     pid:4957  tgid:4957  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea91dd84 r8:00000002 r7:60000013 r6:ea91dd8c r5:8581a400
 r4:8581a400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8581a400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea91de08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cc19c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8581a400 r7:00000000 r6:83018000 r5:00001000 r4:7f05d000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfe6d000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff038c r4:84ff0000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff038c r4:85845500
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8581a400 r8:8584552c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845500
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845500 r8:8027ecf4 r7:ea959e60 r6:8584ce00 r5:8581a400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea91dfb0 to 0xea91dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848a00
INFO: task kworker/0:208:4957 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d0d70000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:209:4959 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:209   state:D stack:0     pid:4959  tgid:4959  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea931d84 r8:00000002 r7:60000013 r6:ea931d8c r5:85828c00
 r4:85828c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85828c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea931e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:854fce80
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85828c00 r7:00000000 r6:83018000 r5:00001000 r4:7f045000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:df90d000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff338c r4:84ff3000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff338c r4:85845580
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85828c00 r8:858455ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845580
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845580 r8:8027ecf4 r7:ea91de60 r6:8584cf80 r5:85828c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea931fb0 to 0xea931ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85838f80
INFO: task kworker/0:209:4959 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d0d70000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:210:4960 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:210   state:D stack:0     pid:4960  tgid:4960  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea991d84 r8:00000002 r7:60000113 r6:ea991d8c r5:85828000
 r4:85828000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85828000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea991e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85837240
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85828000 r7:00000000 r6:83018000 r5:00001000 r4:7f051000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfc27000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85894f8c r4:85894c00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:85894f8c r4:85845600
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85828000 r8:8584562c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845600
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845600 r8:8027ecf4 r7:ea91de60 r6:8584cc00 r5:85828000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea991fb0 to 0xea991ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84cc0f00
INFO: task kworker/0:210:4960 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d2420000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:211:4962 blocked for more than 430 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:211   state:D stack:0     pid:4962  tgid:4962  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea995d84 r8:00000002 r7:60000013 r6:ea995d8c r5:85829800
 r4:85829800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85829800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea995e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cc1c40
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85829800 r7:00000000 r6:83018000 r5:00001000 r4:7f05b000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfe0f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84ff3b8c r4:84ff3800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84ff3b8c r4:85845700
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85829800 r8:8584572c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845700
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845700 r8:8027ecf4 r7:ea991e60 r6:85846000 r5:85829800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea995fb0 to 0xea995ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:858388c0
INFO: task kworker/0:211:4962 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d4d8f000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:212:4964 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:212   state:D stack:0     pid:4964  tgid:4964  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea999d84 r8:00000002 r7:60000013 r6:ea999d8c r5:8582a400
 r4:8582a400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8582a400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea999e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84e238c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582a400 r7:00000000 r6:83018000 r5:00001000 r4:7f057000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfd15000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8595e78c r4:8595e400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8595e78c r4:85845780
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582a400 r8:858457ac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845780
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845780 r8:8027ecf4 r7:ea991e60 r6:85846080 r5:8582a400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea999fb0 to 0xea999ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85837540
INFO: task kworker/0:212:4964 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d4d8f000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:213:4966 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:213   state:D stack:0     pid:4966  tgid:4966  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea921d84 r8:00000002 r7:60000013 r6:ea921d8c r5:84d76000
 r4:84d76000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:84d76000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea921e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85838a80
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:84d76000 r7:00000000 r6:83018000 r5:00001000 r4:7f055000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfcc3000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8595f38c r4:8595f000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8595f38c r4:85845800
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:84d76000 r8:8584582c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845800
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845800 r8:8027ecf4 r7:ea991e60 r6:85845880 r5:84d76000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea921fb0 to 0xea921ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84cb5300
INFO: task kworker/0:213:4966 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d66c8000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:214:4968 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:214   state:D stack:0     pid:4968  tgid:4968  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea945d84 r8:00000002 r7:60000113 r6:ea945d8c r5:84d76c00
 r4:84d76c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:84d76c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea945e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85835980
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:84d76c00 r7:00000000 r6:83018000 r5:00001000 r4:7f083000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:ea8fd000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84fedf8c r4:84fedc00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84fedf8c r4:85845900
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:84d76c00 r8:8584592c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845900
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845900 r8:8027ecf4 r7:ea991e60 r6:85845980 r5:84d76c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea945fb0 to 0xea945ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848a00
INFO: task kworker/0:214:4968 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d6ca6000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:215:4970 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:215   state:D stack:0     pid:4970  tgid:4970  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea9a5d84 r8:00000002 r7:60000013 r6:ea9a5d8c r5:84d75400
 r4:84d75400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:84d75400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea9a5e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85835000
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:84d75400 r7:00000000 r6:83018000 r5:00001000 r4:7f053000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfc6a000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8589578c r4:85895400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8589578c r4:85845a00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:84d75400 r8:85845a2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845a00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845a00 r8:8027ecf4 r7:ea991e60 r6:85845a80 r5:84d75400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9a5fb0 to 0xea9a5ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:8583ae00
INFO: task kworker/0:215:4970 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d7655000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:216:4972 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:216   state:D stack:0     pid:4972  tgid:4972  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea9c9d84 r8:00000002 r7:60000013 r6:ea9c9d8c r5:84d74800
 r4:84d74800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:84d74800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea9c9e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cb90c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:84d74800 r7:00000000 r6:83018000 r5:00001000 r4:7f049000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfaf9000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588978c r4:85889400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8588978c r4:85845b00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:84d74800 r8:85845b2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845b00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845b00 r8:8027ecf4 r7:ea945e60 r6:85845b80 r5:84d74800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9c9fb0 to 0xea9c9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841000
INFO: task kworker/0:216:4972 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d827b000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:217:4974 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:217   state:D stack:0     pid:4974  tgid:4974  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea969d84 r8:00000002 r7:60000113 r6:ea969d8c r5:8582bc00
 r4:8582bc00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8582bc00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea969e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:858357c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582bc00 r7:00000000 r6:83018000 r5:00001000 r4:7f087000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:ea9f5000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84fed78c r4:84fed400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84fed78c r4:85845c80
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582bc00 r8:85845cac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845c80
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845c80 r8:8027ecf4 r7:ea945e60 r6:85846180 r5:8582bc00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea969fb0 to 0xea969ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841640
INFO: task kworker/0:217:4974 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d855f000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:218:4976 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:218   state:D stack:0     pid:4976  tgid:4976  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea985d84 r8:00000002 r7:60000113 r6:ea985d8c r5:8582d400
 r4:8582d400
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8582d400 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea985e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85835580
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582d400 r7:00000000 r6:83018000 r5:00001000 r4:7f04d000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfba5000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8589438c r4:85894000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:8589438c r4:85845d00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582d400 r8:85845d2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845d00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845d00 r8:8027ecf4 r7:ea969e60 r6:85846200 r5:8582d400
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea985fb0 to 0xea985ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841880
INFO: task kworker/0:218:4976 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d8c67000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:221:4986 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:221   state:D stack:0     pid:4986  tgid:4986  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:eaa11d84 r8:00000002 r7:60000113 r6:eaa11d8c r5:8582b000
 r4:8582b000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:8582b000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:eaa11e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42d40
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582b000 r7:00000000 r6:83018000 r5:00001000 r4:7f077000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfa77000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84efeb8c r4:84efe800
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84efeb8c r4:85845e80
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582b000 r8:85845eac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e80
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e80 r8:8027ecf4 r7:eaa05e60 r6:85846480 r5:8582b000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeaa11fb0 to 0xeaa11ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841a00
INFO: task kworker/0:221:4986 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d8f16000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:222:4991 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:222   state:D stack:0     pid:4991  tgid:4991  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:eaa65d84 r8:00000002 r7:60000013 r6:eaa65d8c r5:85930c00
 r4:85930c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85930c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:eaa65e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84c42c80
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85930c00 r7:00000000 r6:83018000 r5:00001000 r4:7f045000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfa13000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84efe78c r4:84efe400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84efe78c r4:85845f00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85930c00 r8:85845f2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845f00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845f00 r8:8027ecf4 r7:eaa05e60 r6:85846680 r5:85930c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeaa65fb0 to 0xeaa65ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84f7e400
INFO: task kworker/0:222:4991 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d8f16000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/0:223:4994 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:223   state:D stack:0     pid:4994  tgid:4994  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:eaa99d84 r8:00000002 r7:60000013 r6:eaa99d8c r5:85933000
 r4:85933000
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85933000 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:eaa99e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841780
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:85933000 r7:00000000 r6:83018000 r5:00001000 r4:7f075000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e05eb000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84efff8c r4:84effc00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84efff8c r4:85845f80
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85933000 r8:85845fac r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845f80
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845f80 r8:8027ecf4 r7:eaa05e60 r6:85846880 r5:85933000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeaa99fb0 to 0xeaa99ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84dbe880
INFO: task kworker/0:223:4994 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d95d3000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/1:196:5014 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:196   state:D stack:0     pid:5014  tgid:5014  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:eaad5d84 r8:00000002 r7:60000113 r6:eaad5d8c r5:85920c00
 r4:85920c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85920c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:eaad5e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84cab4c0
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85920c00 r7:00000000 r6:83018200 r5:00001000 r4:7f047000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfab3000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:85889f8c r4:85889c00
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:85889f8c r4:85846d00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85920c00 r8:85846d2c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:85846d00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85846d00 r8:8027ecf4 r7:ea9c5e60 r6:85852580 r5:85920c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeaad5fb0 to 0xeaad5ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848ec0
INFO: task kworker/1:196:5014 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d980a000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/1:197:5034 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:197   state:D stack:0     pid:5034  tgid:5034  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea9d9d84 r8:00000002 r7:60000113 r6:ea9d9d8c r5:85926c00
 r4:85926c00
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85926c00 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea9d9e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:84caf280
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85926c00 r7:00000000 r6:83018200 r5:00001000 r4:7f079000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e060d000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588938c r4:85889000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:8588938c r4:85846c00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85926c00 r8:85846c2c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:85846c00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85846c00 r8:8027ecf4 r7:eaad5e60 r6:85852d00 r5:85926c00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9d9fb0 to 0xea9d9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84cd1540
INFO: task kworker/1:197:5034 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d9d18000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
INFO: task kworker/1:198:5037 blocked for more than 431 seconds.
      Not tainted 6.16.0-rc5-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:198   state:D stack:0     pid:5037  tgid:5037  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a30c40>] (__schedule_loop kernel/sched/core.c:6868 [inline])
[<81a2fcb8>] (__schedule) from [<81a30c40>] (schedule+0x2c/0x130 kernel/sched/core.c:6883)
 r10:829185c4 r9:ea9e1d84 r8:00000002 r7:60000113 r6:ea9e1d8c r5:85924800
 r4:85924800
[<81a30c14>] (schedule) from [<81a31028>] (schedule_preempt_disabled+0x18/0x24 kernel/sched/core.c:6940)
 r5:85924800 r4:829185c0
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock_common kernel/locking/mutex.c:679 [inline])
[<81a31010>] (schedule_preempt_disabled) from [<81a3370c>] (__mutex_lock.constprop.0+0x300/0x6f8 kernel/locking/mutex.c:747)
[<81a3340c>] (__mutex_lock.constprop.0) from [<81a33bd8>] (__mutex_lock_slowpath+0x14/0x18 kernel/locking/mutex.c:1035)
 r10:8280c960 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:ea9e1e08
 r4:00000000
[<81a33bc4>] (__mutex_lock_slowpath) from [<81a33c18>] (mutex_lock+0x3c/0x40 kernel/locking/mutex.c:278)
[<81a33bdc>] (mutex_lock) from [<804e436c>] (_vm_unmap_aliases+0x68/0x240 mm/vmalloc.c:2904)
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85844000
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018205 r8:85924800 r7:00000000 r6:83018200 r5:00001000 r4:7f05f000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:dfa27000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:8588b38c r4:8588b000
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:ddde2d40 r6:83018200 r5:8588b38c r4:85855000
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:85924800 r8:8585502c r7:82804d40 r6:ddde2d40 r5:ddde2d60
 r4:85855000
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85855000 r8:8027ecf4 r7:ea9c5e60 r6:85852e00 r5:85924800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9e1fb0 to 0xea9e1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85848a80
INFO: task kworker/1:198:5037 is blocked on a mutex likely owned by task kworker/0:220:4981.
task:kworker/0:220   state:R  running task     stack:0     pid:4981  tgid:4981  ppid:2      task_flags:0x4208060 flags:0x00000000
Workqueue: events bpf_prog_free_deferred
Call trace: 
[<81a2fcb8>] (__schedule) from [<81a31074>] (preempt_schedule_irq+0x40/0xa8 kernel/sched/core.c:7113)
 r10:8280c9b4 r9:8582ec00 r8:80200be4 r7:ea9f1d54 r6:ffffffff r5:8582ec00
 r4:00000000
[<81a31034>] (preempt_schedule_irq) from [<80200c04>] (svc_preempt+0x8/0x18)
Exception stack(0xea9f1d20 to 0xea9f1d68)
1d20: d9ecb000 eb529000 00000001 80239bb8 7f049000 00000001 82abf1c4 82abe5a0
1d40: 7f049000 eb529000 8280c9b4 ea9f1d9c ea9f1da0 ea9f1d70 80230af0 80239bd0
1d60: 80000113 ffffffff
 r5:80000113 r4:80239bd0
[<80230a8c>] (flush_tlb_kernel_range) from [<804e4130>] (__purge_vmap_area_lazy+0x284/0x458 mm/vmalloc.c:2328)
 r4:82abf1e4
[<804e3eac>] (__purge_vmap_area_lazy) from [<804e44e8>] (_vm_unmap_aliases+0x1e4/0x240 mm/vmalloc.c:2943)
 r10:00000000 r9:00000000 r8:00000000 r7:ffffffff r6:ea9f1dc0 r5:ea9f1e08
 r4:ea9f1dc0
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vm_reset_perms mm/vmalloc.c:3335 [inline])
[<804e4304>] (_vm_unmap_aliases) from [<804e825c>] (vfree+0x16c/0x210 mm/vmalloc.c:3414)
 r10:83016070 r9:00000001 r8:00000000 r7:ffffffff r6:00000000 r5:85841080
 r4:00000000
[<804e80f0>] (vfree) from [<8054ddbc>] (execmem_free+0x30/0x50 mm/execmem.c:399)
 r9:83018005 r8:8582ec00 r7:00000000 r6:83018000 r5:00001000 r4:7f071000
[<8054dd8c>] (execmem_free) from [<803c5dc0>] (bpf_jit_free_exec+0x10/0x14 kernel/bpf/core.c:1077)
 r5:00001000 r4:e052f000
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_binary_free kernel/bpf/core.c:1123 [inline])
[<803c5db0>] (bpf_jit_free_exec) from [<803c61a0>] (bpf_jit_free+0x68/0xe4 kernel/bpf/core.c:1246)
[<803c6138>] (bpf_jit_free) from [<803c7230>] (bpf_prog_free_deferred+0x14c/0x164 kernel/bpf/core.c:2891)
 r5:84eff78c r4:84eff400
[<803c70e4>] (bpf_prog_free_deferred) from [<8027e2a8>] (process_one_work+0x1b4/0x4f4 kernel/workqueue.c:3238)
 r7:dddced40 r6:83018000 r5:84eff78c r4:85845e00
[<8027e0f4>] (process_one_work) from [<8027eef0>] (process_scheduled_works kernel/workqueue.c:3321 [inline])
[<8027e0f4>] (process_one_work) from [<8027eef0>] (worker_thread+0x1fc/0x3d8 kernel/workqueue.c:3402)
 r10:61c88647 r9:8582ec00 r8:85845e2c r7:82804d40 r6:dddced40 r5:dddced60
 r4:85845e00
[<8027ecf4>] (worker_thread) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:85845e00 r8:8027ecf4 r7:eaa05e60 r6:85846300 r5:8582ec00
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xea9f1fb0 to 0xea9f1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:85841580
Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 32 Comm: khungtaskd Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT 
Hardware name: ARM-Versatile Express
Call trace: 
[<80201a00>] (dump_backtrace) from [<80201afc>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:257)
 r7:00000000 r6:000f0013 r5:600f0093 r4:8225c2b0
[<80201ae4>] (show_stack) from [<8021fe00>] (__dump_stack lib/dump_stack.c:94 [inline])
[<80201ae4>] (show_stack) from [<8021fe00>] (dump_stack_lvl+0x70/0x7c lib/dump_stack.c:120)
[<8021fd90>] (dump_stack_lvl) from [<8021fe24>] (dump_stack+0x18/0x1c lib/dump_stack.c:129)
 r5:00000000 r4:00000001
[<8021fe0c>] (dump_stack) from [<81a19bd4>] (nmi_cpu_backtrace+0x160/0x17c lib/nmi_backtrace.c:113)
[<81a19a74>] (nmi_cpu_backtrace) from [<81a19d20>] (nmi_trigger_cpumask_backtrace+0x130/0x1d8 lib/nmi_backtrace.c:62)
 r7:00000000 r6:8280c690 r5:8281af40 r4:ffffffff
[<81a19bf0>] (nmi_trigger_cpumask_backtrace) from [<802304fc>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:852)
 r9:8280c80c r8:82ab3564 r7:8281bb28 r6:00007b89 r5:8281b508 r4:85c4540c
[<802304e4>] (arch_trigger_cpumask_backtrace) from [<8037ff64>] (trigger_all_cpu_backtrace include/linux/nmi.h:158 [inline])
[<802304e4>] (arch_trigger_cpumask_backtrace) from [<8037ff64>] (check_hung_uninterruptible_tasks kernel/hung_task.c:307 [inline])
[<802304e4>] (arch_trigger_cpumask_backtrace) from [<8037ff64>] (watchdog+0x4a8/0x74c kernel/hung_task.c:470)
[<8037fabc>] (watchdog) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:00000000 r8:8037fabc r7:83349780 r6:83349780 r5:83259800
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xdf8e1fb0 to 0xdf8e1ff8)
1fa0:                                     00000000 00000000 00000000 00000000
1fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
1fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:8334c5c0
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 2823 Comm: pr/ttyAMA0 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT 
Hardware name: ARM-Versatile Express
PC is at __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
PC is at _raw_spin_unlock_irqrestore+0x28/0x54 kernel/locking/spinlock.c:194
LR is at spin_unlock_irqrestore include/linux/spinlock.h:406 [inline]
LR is at __uart_port_unlock_irqrestore include/linux/serial_core.h:616 [inline]
LR is at pl011_console_device_unlock+0x20/0x24 drivers/tty/serial/amba-pl011.c:2603
pc : [<81a391b4>]    lr : [<80a70c14>]    psr: 60000013
sp : eb84deb0  ip : eb84dec0  fp : eb84debc
r10: 8295a38c  r9 : 00000001  r8 : 00000000
r7 : 00000117  r6 : 8295a2f0  r5 : 00000000  r4 : 00000001
r3 : 00000d12  r2 : 00000000  r1 : 60000013  r0 : 83e9b040
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 30c5387d  Table: 855a9740  DAC: 00000000
Call trace: 
[<81a3918c>] (_raw_spin_unlock_irqrestore) from [<80a70c14>] (spin_unlock_irqrestore include/linux/spinlock.h:406 [inline])
[<81a3918c>] (_raw_spin_unlock_irqrestore) from [<80a70c14>] (__uart_port_unlock_irqrestore include/linux/serial_core.h:616 [inline])
[<81a3918c>] (_raw_spin_unlock_irqrestore) from [<80a70c14>] (pl011_console_device_unlock+0x20/0x24 drivers/tty/serial/amba-pl011.c:2603)
[<80a70bf4>] (pl011_console_device_unlock) from [<802e7e24>] (nbcon_emit_one+0x80/0xf8 kernel/printk/nbcon.c:1123)
[<802e7da4>] (nbcon_emit_one) from [<802e8044>] (nbcon_kthread_func+0x1a8/0x2a4 kernel/printk/nbcon.c:1210)
 r6:8280c690 r5:84b66000 r4:8295a2f0
[<802e7e9c>] (nbcon_kthread_func) from [<80285f1c>] (kthread+0x12c/0x280 kernel/kthread.c:464)
 r10:00000000 r9:8295a2f0 r8:802e7e9c r7:846e0080 r6:846e0080 r5:84b66000
 r4:00000001
[<80285df0>] (kthread) from [<80200114>] (ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:137)
Exception stack(0xeb84dfb0 to 0xeb84dff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r10:00000000 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:80285df0
 r4:84667f80