last executing test programs:

31.511249508s ago: executing program 0 (id=113):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='subflow_check_data_avail\x00', r0, 0x0, 0x200000}, 0x18)
r1 = socket$kcm(0xa, 0x1, 0x106)
socket$kcm(0x10, 0x2, 0x4)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x114905, 0x4, 0x9, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000001cc0)=ANY=[@ANYBLOB="8fedcb7907031175f37538e486dd630080fc000b2c00db5b686158bbcfe8875a060300001123000000000000000000000000ac1414aa2c200007"], 0xfdef)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000100), &(0x7f0000000140)=r0}, 0x20)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a80)={r0, 0xe0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000006c0)=[0x0, 0x0], 0x0, 0x58, &(0x7f0000000700)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f00000008c0), &(0x7f0000000900), 0x8, 0x40, 0x8, 0x8, &(0x7f0000000940)}}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r4=>0xffffffffffffffff})
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x10040)
write$cgroup_subtree(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8100036c00fe08fff500000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r6, 0x0, 0x8000)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x7, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socket$kcm(0x23, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
socket$netlink(0x10, 0x3, 0x2)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x1ff}, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r7 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000080)=ANY=[@ANYBLOB="130300005500911fdabcf8b30771a54a07"], 0xfe33)
sendmsg$kcm(r1, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000081)

29.694483972s ago: executing program 0 (id=117):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f00000004c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = getpid()
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x7fff, 0x7fffffff}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x5, 0x3}, 0x0, 0x0, 0x40000, 0x0, 0x21, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="230000002c000d190a762d7f089e", 0xe}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8", 0x15}], 0x2}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
recvmsg$unix(r5, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x42)
r6 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x100002e, 0xfffffc02, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r8)
r9 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={r9, r6, 0x0, 0x10, &(0x7f0000000200)='rcu_utilization\x00'}, 0x30)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x1, 0x830d}, 0x0, 0x2, 0xdffffffe, 0x9, 0x9, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="d80000001900eb054e81f783db4cb9040a1d080006007c09e8f655a10a0015000600142603600e1208000900060004012800090008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece8b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0)
r11 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r11, &(0x7f00000009c0)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x20044818)
close(r11)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)

29.693902795s ago: executing program 1 (id=118):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) (async)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000640)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x480000000000000b, 0x954b, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x11efa, 0x4, 0x98, 0x0, 0x2, 0xfffff271, 0xfffc, 0x0, 0x0, 0x0, 0x20}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x3, 0x5, 0x5, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) (async)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r4, 0x0, 0x25, 0x4, @void}, 0x10) (async, rerun: 32)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100013800002c00000000000000b7020000000000007b9af8ff00000000b5090000c0ff0000dbaaf8fff1000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffc70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf98000000000000d6080000000000008500000007000000b70000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

29.477532972s ago: executing program 2 (id=120):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x40}, 0xc20, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$kcm(0x10, 0x3, 0x10)
recvmsg$kcm(r0, 0x0, 0x100)
socket$kcm(0x2b, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0xfffffffffffffeb8, 0x0, 0x0, 0x6}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="7a0af8ff75253073bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f81d9217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000098045f785a1292fcb8c1d3079a00db453620ce72d75946c2b638d91dbef661935839c77edf2d34b12cd48a1b20fb7dd8430a19f2c50d77bc0ea9b0af58e604f4942eb613eff28902010045ef76d7d864409ef2dc9518a09f4886afc26abba34635d0e8b598a51bc7421d33fe226c944bc76be40d435aa8b5208ff0df2db7619a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be34dda66fb977aef7c9cb92428ef25d9bf665bd60020500000000000000abe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e02200b95941d34ac81fd48f9b7314ffa730017f3d37fdb23bc26992529402a520ef67e246415a697a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f000000000080c4adf75a0a108585e9b2000000000000000000000074054d643c2b5692d8304a23eaf9153c457ae5bbe49b3c164461470a452bd357fa62341c759dc21b45a06ec414cadf9695d030012acad582e3fe75e61ae908347e4d6d089b"], &(0x7f0000000100)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000040)=r5, 0x4)
sendmsg$unix(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20040810}, 0x0)
socket$inet(0x2, 0xa, 0x400)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000050000000004000000100000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f00000012c0), 0x2201, 0x0)
socket$kcm(0x10, 0x2, 0x4)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000b00)=ANY=[], &(0x7f0000000840)=""/198, 0x15f, 0xc6, 0x0, 0x6}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={r7, 0x20, &(0x7f00000001c0)={&(0x7f0000000300)=""/10, 0xa, 0x0, &(0x7f0000002b40)=""/4096, 0x1000}}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340))
socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x10001, 0x0, 0xfffffffc, 0x5}, {0x2}]}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
close(r8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005200010000000000000000000a"], 0x1c}}, 0x0)

29.309935349s ago: executing program 2 (id=121):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
socket$kcm(0x2, 0x1000000000000002, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r4 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x890b, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async, rerun: 32)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async, rerun: 32)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0) (rerun: 32)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r7}, 0xc) (async, rerun: 32)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x2000, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) (rerun: 32)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd637f4b2266"], 0xfdef) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='pids.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x401c5820, &(0x7f0000000040)=0x8000000000000000) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'gre0\x00', 0x10})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x89f0, &(0x7f0000000080))

29.187416601s ago: executing program 2 (id=122):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003140)=ANY=[@ANYBLOB="c01800002000010a00000000000000000a0000002c01018028014880ed00a90013466820cd76bb221fbb4acd690c6a8b9c760a61eeec7793b579aefdb936d00f403d3f04637cdb9ac70e28c5dd66ddedde2d0930650e6821f9a26a4a193c1d06a3e75523f901e44fe087ae32c836c6d6ddba3af8e9a2beae8936168f9fa38c395f5cf7408df69c60bf584bee86a6312e9ce866e456c3eda6f2924082d78a2f385bdbd0c9afb54758c102bf13094645fb6aa34d424ec776691fee3d25307f61fed2752babf7c686e8a3d9b59a8343bcf4121bf5cf400a0c1070855fac565cad8968a97ce0a12a1161054d82d0a240b7dedf9ba3cc63e9d1c3b9a8402f7d5b4cafcd48928a3d4a76498900000014007c00ff01000000000000000000000000000108003d00", @ANYRES32=0x0, @ANYBLOB="08001a"], 0x18c0}}, 0x0)
syz_clone(0x68001680, &(0x7f0000000100)='_OP', 0x3, &(0x7f0000000140), &(0x7f0000000200), &(0x7f0000000240)="a448a694c237ec40bdd322dc55c79cd7b46b0f11d634018c7e33254f4e59d121757acc4f8579b8cbabd47474fb65af886d840806766e1edf711e7e7c23dd9c6c74ad9897694ac2f6311e96ea9afc6aa4c5b061f8f3b112a52ef12c17993cd8297c8fa852b8e520b3728843eb81250e9da99d601248c216")
r1 = socket$kcm(0x2c, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x11b, 0x2, &(0x7f0000000900), 0x4)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x201, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r2, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0700000004000000800100000400000028000000", @ANYBLOB, @ANYBLOB], 0x50)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x9, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x2, 0x922000000001, 0x106)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r3, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000001c0)=@bpf_lsm={0x18, 0x7, &(0x7f0000000040)=ANY=[], 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r4, 0x0, 0x0}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x200008c0)
sendmsg$kcm(r5, 0x0, 0x0)
socket$kcm(0x2, 0x922000000001, 0x106)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
sendmsg$can_j1939(0xffffffffffffffff, 0x0, 0x800)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="54000000020601080000000000000000000000000900020073797a320000eb0005000400000000000c0007800500150083000000050005000a000000050001000600000010000300686173683a69702c6d616300"], 0x54}}, 0x84000)

29.177506989s ago: executing program 1 (id=123):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES8=r0], &(0x7f00000000c0)='GPL\x00', 0x4}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='i2c_write\x00', r1}, 0x10)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)
close(r2)

28.83775181s ago: executing program 1 (id=124):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="05"], 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r1, @ANYRES32=r3, @ANYBLOB='&'], 0x10)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)="b8", 0xfc45}], 0x1, 0x0, 0x0, 0x10000000}, 0x92cd)

28.836436044s ago: executing program 1 (id=125):
r0 = socket$kcm(0x2a, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000058000000160a0101000b000000000000010000000900020073797a32000000000900010073797a30000000002c000380180003801400010076657468305f746f5f687372000000000800024000440000080001"], 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x40) (async)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8915, &(0x7f0000001cc0))
r2 = perf_event_open(&(0x7f00000000c0)={0x2, 0x6f, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1943}, 0x5000, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
socket$kcm(0x2, 0x7, 0x84) (async)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd27, 0x25dfdbfd, {{@in=@empty, @in6=@loopback, 0x0, 0x8, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in6=@rand_addr=' \x01\x00', 0x2, 0x3, 0x3, 0xb}]}]}, 0xfc}}, 0x0) (async)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x80000000c8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
close(r6) (async)
recvmsg$unix(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000200)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8100033a00fc08000000110200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000d00)=ANY=[], 0x48) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1100000004000000040000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000020000000000000000000000000000278820d5700000000000000000000180500d29aeef3ef7a7ff03ecca1f4ae80d8a66d9580df327980879dd7eb6eb8f4752fad4b327d789b4bde3f74fad382f039278ed82e95b8e0f06350f900048273be30a2921c74fe49ba1ba051d2da0fdc5ec6d253e7260d02e7bd"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000600000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
r9 = perf_event_open(&(0x7f0000002100)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0xa0100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x6}, 0x0, 0x0, 0x80000001, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r10 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x55, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x8407fff, 0xaea}, 0x14105, 0x32, 0xfffffbff, 0x5, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2007}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r9, 0x2405, r10) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

28.833823368s ago: executing program 2 (id=126):
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x4}, 0x50)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xf000000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1806000000000300000000000000c29c18120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r3}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xd50, 0x0, &(0x7f0000000000)="43227504000000b32415f73227b2", 0x0, 0xd01, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2}, 0x50)

28.717369549s ago: executing program 0 (id=127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800e4ff0000000000160000000000d498230eb2f30533f02551d4e645020018bf8a29a610644615d7141fd100000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000012000000850000001500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000001640)="e0857f9f582f0300000000000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

28.651322617s ago: executing program 0 (id=128):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40928, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x4, 0x3fe, 0x7ffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000079003000000000009500000000000000db74589d4b38cc306ac390649f8edea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475be393b1f1e4aba75a0750472719cc516eec8b02df8ef39db6e67fa14b769e7f385ba72c64242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba7000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r2 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={r2, r0, 0x0, 0x2, &(0x7f0000000040)=')\x00'}, 0x30)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="180000003d00010700000000030000000300009b20"], 0x18}}, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)}, 0x20040810)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x24000000)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0xfffffff8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x50)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x3, 0x1c, &(0x7f0000001840)=@ringbuf={{0x18, 0x6}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@snprintf={{}, {0x5, 0x3, 0x3, 0xa, 0x9}, {0x5}, {0x3, 0x3, 0x3, 0xa, 0xa}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x15, 0x0, 0x0, 0x76}}], {{}, {0x5}, {0x28}}}, &(0x7f0000000340)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r7 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f00000002c0)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r7, &(0x7f0000000380)={'some', 0x20, 0xa00000000000000, 0x20, 0xffff}, 0x2f)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
close(r9)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1946}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r10, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
recvmsg$unix(r8, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)

28.646256818s ago: executing program 2 (id=129):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x7, &(0x7f0000000000)=@raw=[@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xcf}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}], &(0x7f0000000040)='syzkaller\x00', 0x1, 0xf7, &(0x7f0000000080)=""/247, 0x41000, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, &(0x7f00000001c0)=[{0x1, 0x3, 0xd, 0x5}, {0x0, 0x2, 0xb, 0x8}, {0x0, 0x3, 0x9, 0x8}, {0x0, 0x3, 0x10}, {0x7, 0x2, 0xa, 0x5}, {0x5, 0x3, 0xe, 0x1}, {0x5, 0x2, 0xf, 0x6}, {0x0, 0x1, 0xd, 0x4}], 0x10, 0x5}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d80)=@newtaction={0x68, 0x30, 0xffff, 0x4000, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7f, 0x0, 0xc0000000, 0x3, 0x7}, 0x3, r3}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x2404c080}, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r0, r3, 0x25, 0x9, @void}, 0x10)
syz_clone(0xec000280, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0)

28.352608293s ago: executing program 0 (id=130):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181014100000000010000000000000e000a000f00000002800200121f", 0x2e}], 0x1}, 0x0)
socket$kcm(0xa, 0x5, 0x0) (async)
r1 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x29, 0x4a, 0x0, 0x0)
getpid()
socket$kcm(0xa, 0x1, 0x106) (async)
r2 = socket$kcm(0xa, 0x1, 0x106)
r3 = socket$kcm(0x15, 0x5, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r4}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020642500000000002020207b1af8ff00000000bfa1010000000100070100e200ffffffb782000008000000b703000834120000850000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020642500000000002020207b1af8ff00000000bfa1010000000100070100e200ffffffb782000008000000b703000834120000850000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0) (async)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[], 0xe4}}, 0x0)
close(r5)
r7 = socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) (async)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r8, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x3, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e0003000f000000028000001294", 0x2e}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r3, 0x114, 0x8, 0x0, 0x4) (async)
setsockopt$sock_attach_bpf(r3, 0x114, 0x8, 0x0, 0x4)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000700)=@in6={0xa, 0x4e24, 0x8000, @empty, 0x7}, 0x80, 0x0}, 0x24000000) (async)
sendmsg$kcm(r2, &(0x7f0000000140)={&(0x7f0000000700)=@in6={0xa, 0x4e24, 0x8000, @empty, 0x7}, 0x80, 0x0}, 0x24000000)
sendmsg$kcm(r2, &(0x7f0000000240)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @loopback, 0xffffffff}, 0x80, 0x0}, 0xe07e872424dfefca)

28.095814234s ago: executing program 2 (id=131):
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff004}, {0x6}]}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff004}, {0x6}]})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000001946}, 0x0, 0x0, 0x3, 0x8, 0x3fd, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000001946}, 0x0, 0x0, 0x3, 0x8, 0x3fd, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = socket$kcm(0x2, 0x1, 0x84)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r2, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="030000000300000003000000000000000000000000000000000000004746e45278febb90fa96dc38149858e85d4d4c2ada55636afd3fb900b33399adce892d8000afcdd1aba73a32449d8b69c94f7504121b3510b88d079925c0337745bc5ceb75a9911393fcbaaa664fa2db96493e701c8ae85d2ec2fabed74b"], 0x50)
setsockopt$sock_attach_bpf(r3, 0x84, 0x5, 0x0, 0x0) (async)
setsockopt$sock_attach_bpf(r3, 0x84, 0x5, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000021c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWFLOWTABLE={0x0, 0x16, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_FLOWTABLE_HOOK={0x0, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x0, 0x3, 0x0, 0x1, [{0x0, 0x1, 'veth0_macvtap\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x0, 0x3, 0x0, 0x1, [{0x0, 0x1, 'veth1_virt_wifi\x00'}, {0x0, 0x1, 'ip6gretap0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM]}, @NFTA_FLOWTABLE_HANDLE={0x0, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_TABLE={0x0, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x0, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0x0, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x0, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x0, 0x2, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_USERDATA={0x0, 0x7, 0x1, 0x0, "2d948ce9ea8e3bc5870e46d50e3fda04681cb41d7e74350708088acb9e45a915aa0c32bbd5"}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0xc8}}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000021c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWFLOWTABLE={0x0, 0x16, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_FLOWTABLE_HOOK={0x0, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x0, 0x3, 0x0, 0x1, [{0x0, 0x1, 'veth0_macvtap\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x0, 0x3, 0x0, 0x1, [{0x0, 0x1, 'veth1_virt_wifi\x00'}, {0x0, 0x1, 'ip6gretap0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM]}, @NFTA_FLOWTABLE_HANDLE={0x0, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_TABLE={0x0, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x0, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0x0, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x0, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x0, 0x2, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_USERDATA={0x0, 0x7, 0x1, 0x0, "2d948ce9ea8e3bc5870e46d50e3fda04681cb41d7e74350708088acb9e45a915aa0c32bbd5"}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0xc8}}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x9, 0x0, 0x0)
socket$kcm(0xa, 0x3, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r5, &(0x7f0000000e80)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/268, 0x10c}, {&(0x7f00000020c0)=""/193, 0xc1}, {&(0x7f0000003180)=""/4066, 0xfe2}, {&(0x7f0000000c00)=""/193, 0xc1}, {&(0x7f0000000dc0)=""/185, 0xb9}, {&(0x7f0000000100)=""/215, 0xd7}, {&(0x7f00000010c0)=""/4078, 0xfee}, {&(0x7f0000000780)=""/230, 0xe6}, {&(0x7f0000000500)=""/164, 0xa4}, {&(0x7f0000000fc0)=""/217, 0xd9}, {&(0x7f0000000000)=""/47, 0x2f}], 0xb}, 0x12106)
recvmsg$kcm(r5, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}, 0x0) (async)
recvmsg$kcm(r5, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r6 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x40000100)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="1400000016000b63d25a80648c2594f91c240685", 0x14}], 0x1}, 0x0) (async)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="1400000016000b63d25a80648c2594f91c240685", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
setsockopt$sock_attach_bpf(r1, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r1)

25.347054046s ago: executing program 1 (id=132):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000000007911c00000000000850000009000000095000000f8000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfe01, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x21)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xc, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1d}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a40)={r1, 0xe0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000004c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, &(0x7f0000000780)=[{}], 0x8, 0x0, 0x0, 0x0, 0x0, 0x22, 0x8, 0x0, 0x0}}, 0x10)

25.226879561s ago: executing program 1 (id=133):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000006000000040000000000000e0400000000000000000000000100000d0400000004000000040000000000000000000010040000000000000000000002030000000000000061"], 0x0, 0x5a, 0x0, 0x4, 0x80000}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={r1, 0x20, &(0x7f0000000080)={&(0x7f0000001680)=""/4098, 0x1002, 0x0, 0x0}}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="1400000022000b0fd25a806c8c6f94f90124fc60", 0x14}], 0x1}, 0x4000010)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x180, 0xc8, 0x400000, 0x0, 0x0, 0x4, 0x7, 0x0, 0x0, 0x0, 0x20b}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="97d9deabea352018000000000000006761110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b63d25a80648c2594f90124fc60100c06", 0x17}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="3504000040000511d25a35400c000200", 0x10}], 0x1}, 0x10049014)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20044050)
r4 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x10001, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)={0x14, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfdef)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0xffc0)
r7 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r7, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x3, @local, 0x1, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000780)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6e911b51818462b400", 0x28}], 0x1}, 0x0)

15.653919162s ago: executing program 0 (id=134):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7ffbffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
r0 = socket$kcm(0xa, 0x5, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0x21, 0x5, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r1, 0x0, 0x0}, 0x20)
setsockopt$sock_attach_bpf(r0, 0x0, 0x29, 0x0, 0x5000)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4) (async)
r3 = socket$kcm(0x10, 0x2, 0x0) (async, rerun: 64)
r4 = socket$kcm(0x10, 0x400000002, 0x0) (rerun: 64)
sendmsg$inet(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x8000) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0500aec53b651e4f000001000000400000000500", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r5}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000b80)={r5, 0x0, &(0x7f0000000b40)=""/31}, 0x20) (async, rerun: 64)
sendmsg$kcm(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f851030000005e040602000000000e0003000f00000002800000121f", 0x2e}], 0x1}, 0x4000000) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) (async)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x62, 0x2, 0x0, 0x0, 0x0, 0x0, 0x37a05, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x500}, 0x111211, 0x10000, 0x100, 0x0, 0xffffffffffffbbfe, 0x2, 0x1, 0x0, 0xfffffffc, 0x0, 0x1bffffffffffffc}, 0x0, 0x8001, 0xffffffffffffffff, 0x1) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) (async, rerun: 32)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff}) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))

12.620724164s ago: executing program 32 (id=131):
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00', 0x112})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff004}, {0x6}]}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xfffff004}, {0x6}]})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
sendmsg$inet(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000001946}, 0x0, 0x0, 0x3, 0x8, 0x3fd, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8000001946}, 0x0, 0x0, 0x3, 0x8, 0x3fd, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = socket$kcm(0x2, 0x1, 0x84)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r2, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="030000000300000003000000000000000000000000000000000000004746e45278febb90fa96dc38149858e85d4d4c2ada55636afd3fb900b33399adce892d8000afcdd1aba73a32449d8b69c94f7504121b3510b88d079925c0337745bc5ceb75a9911393fcbaaa664fa2db96493e701c8ae85d2ec2fabed74b"], 0x50)
setsockopt$sock_attach_bpf(r3, 0x84, 0x5, 0x0, 0x0) (async)
setsockopt$sock_attach_bpf(r3, 0x84, 0x5, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000021c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWFLOWTABLE={0x0, 0x16, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_FLOWTABLE_HOOK={0x0, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x0, 0x3, 0x0, 0x1, [{0x0, 0x1, 'veth0_macvtap\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x0, 0x3, 0x0, 0x1, [{0x0, 0x1, 'veth1_virt_wifi\x00'}, {0x0, 0x1, 'ip6gretap0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM]}, @NFTA_FLOWTABLE_HANDLE={0x0, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_TABLE={0x0, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x0, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0x0, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x0, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x0, 0x2, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_USERDATA={0x0, 0x7, 0x1, 0x0, "2d948ce9ea8e3bc5870e46d50e3fda04681cb41d7e74350708088acb9e45a915aa0c32bbd5"}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0xc8}}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000021c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWFLOWTABLE={0x0, 0x16, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_FLOWTABLE_HOOK={0x0, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x0, 0x3, 0x0, 0x1, [{0x0, 0x1, 'veth0_macvtap\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x0, 0x3, 0x0, 0x1, [{0x0, 0x1, 'veth1_virt_wifi\x00'}, {0x0, 0x1, 'ip6gretap0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM]}, @NFTA_FLOWTABLE_HANDLE={0x0, 0x5, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_TABLE={0x0, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x0, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0x0, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x0, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_NAME={0x0, 0x2, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_USERDATA={0x0, 0x7, 0x1, 0x0, "2d948ce9ea8e3bc5870e46d50e3fda04681cb41d7e74350708088acb9e45a915aa0c32bbd5"}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0xc8}}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x6, 0x9, 0x0, 0x0)
socket$kcm(0xa, 0x3, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0b046b876c1d0048380019001931a0e69ee517d34460bc06000000a701251e6182949a3651f60a84c9f4d4938037e70e4509c51c268811000000000000000000002571cd53b9851b30599980bc", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r5, &(0x7f0000000e80)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000300)=""/268, 0x10c}, {&(0x7f00000020c0)=""/193, 0xc1}, {&(0x7f0000003180)=""/4066, 0xfe2}, {&(0x7f0000000c00)=""/193, 0xc1}, {&(0x7f0000000dc0)=""/185, 0xb9}, {&(0x7f0000000100)=""/215, 0xd7}, {&(0x7f00000010c0)=""/4078, 0xfee}, {&(0x7f0000000780)=""/230, 0xe6}, {&(0x7f0000000500)=""/164, 0xa4}, {&(0x7f0000000fc0)=""/217, 0xd9}, {&(0x7f0000000000)=""/47, 0x2f}], 0xb}, 0x12106)
recvmsg$kcm(r5, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}, 0x0) (async)
recvmsg$kcm(r5, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x7, 0xffffffffffffffff}, 0x828, 0x0, 0x0, 0x0, 0x9, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r6 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x40000100)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="1400000016000b63d25a80648c2594f91c240685", 0x14}], 0x1}, 0x0) (async)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="1400000016000b63d25a80648c2594f91c240685", 0x14}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
setsockopt$sock_attach_bpf(r1, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r1)

9.571699635s ago: executing program 33 (id=133):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7fffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000006000000040000000000000e0400000000000000000000000100000d0400000004000000040000000000000000000010040000000000000000000002030000000000000061"], 0x0, 0x5a, 0x0, 0x4, 0x80000}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={r1, 0x20, &(0x7f0000000080)={&(0x7f0000001680)=""/4098, 0x1002, 0x0, 0x0}}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="1400000022000b0fd25a806c8c6f94f90124fc60", 0x14}], 0x1}, 0x4000010)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5}, 0x180, 0xc8, 0x400000, 0x0, 0x0, 0x4, 0x7, 0x0, 0x0, 0x0, 0x20b}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="97d9deabea352018000000000000006761110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b63d25a80648c2594f90124fc60100c06", 0x17}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="3504000040000511d25a35400c000200", 0x10}], 0x1}, 0x10049014)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20044050)
r4 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x10001, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)={0x14, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfdef)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0xffc0)
r7 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r7, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x3, @local, 0x1, 0xffffffff}, 0x80, &(0x7f0000001880)=[{&(0x7f0000000780)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6e911b51818462b400", 0x28}], 0x1}, 0x0)

0s ago: executing program 34 (id=134):
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x800c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x4a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x3fe, 0x7ffbffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) (async)
r0 = socket$kcm(0xa, 0x5, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0x21, 0x5, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r1, 0x0, 0x0}, 0x20)
setsockopt$sock_attach_bpf(r0, 0x0, 0x29, 0x0, 0x5000)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4) (async)
r3 = socket$kcm(0x10, 0x2, 0x0) (async, rerun: 64)
r4 = socket$kcm(0x10, 0x400000002, 0x0) (rerun: 64)
sendmsg$inet(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x8000) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0500aec53b651e4f000001000000400000000500", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r5}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000b80)={r5, 0x0, &(0x7f0000000b40)=""/31}, 0x20) (async, rerun: 64)
sendmsg$kcm(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f851030000005e040602000000000e0003000f00000002800000121f", 0x2e}], 0x1}, 0x4000000) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) (async)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x62, 0x2, 0x0, 0x0, 0x0, 0x0, 0x37a05, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x500}, 0x111211, 0x10000, 0x100, 0x0, 0xffffffffffffbbfe, 0x2, 0x1, 0x0, 0xfffffffc, 0x0, 0x1bffffffffffffc}, 0x0, 0x8001, 0xffffffffffffffff, 0x1) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x200}) (async, rerun: 32)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff}) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:40175' (ED25519) to the list of known hosts.
syzkaller login: [   58.316004][ T5833] cgroup: Unknown subsys name 'net'
[   58.473705][ T5833] cgroup: Unknown subsys name 'cpuset'
[   58.478993][ T5833] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   60.989367][ T5833] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   66.237347][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.241999][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.245465][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.249455][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.256391][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.327535][ T5853] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.332456][ T5853] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   66.335882][ T5853] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   66.340417][ T5853] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   66.346628][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   66.350437][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   66.353433][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   66.356975][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   66.362481][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   66.366358][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   66.587673][ T5851] chnl_net:caif_netlink_parms(): no params data found
[   66.704540][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.707819][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.713710][ T5851] bridge_slave_0: entered allmulticast mode
[   66.717682][ T5851] bridge_slave_0: entered promiscuous mode
[   66.726004][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.728995][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.732624][ T5851] bridge_slave_1: entered allmulticast mode
[   66.736759][ T5851] bridge_slave_1: entered promiscuous mode
[   66.819101][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.829322][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.908999][ T5851] team0: Port device team_slave_0 added
[   66.918373][ T5851] team0: Port device team_slave_1 added
[   66.921917][ T5858] chnl_net:caif_netlink_parms(): no params data found
[   66.966419][ T5856] chnl_net:caif_netlink_parms(): no params data found
[   66.976789][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.979472][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.990587][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.014669][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.017433][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.027935][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.137255][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.142213][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.145310][ T5858] bridge_slave_0: entered allmulticast mode
[   67.149211][ T5858] bridge_slave_0: entered promiscuous mode
[   67.157690][ T5851] hsr_slave_0: entered promiscuous mode
[   67.161899][ T5851] hsr_slave_1: entered promiscuous mode
[   67.184501][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.187722][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.191161][ T5858] bridge_slave_1: entered allmulticast mode
[   67.195208][ T5858] bridge_slave_1: entered promiscuous mode
[   67.257046][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.286640][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.290711][ T5856] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.293957][ T5856] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.296981][ T5856] bridge_slave_0: entered allmulticast mode
[   67.302288][ T5856] bridge_slave_0: entered promiscuous mode
[   67.342402][ T5856] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.345468][ T5856] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.348777][ T5856] bridge_slave_1: entered allmulticast mode
[   67.354082][ T5856] bridge_slave_1: entered promiscuous mode
[   67.368430][ T5858] team0: Port device team_slave_0 added
[   67.373790][ T5858] team0: Port device team_slave_1 added
[   67.418494][ T5856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.438402][ T5856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.458167][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.461439][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.472459][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.497283][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.500251][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.510760][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.556979][ T5856] team0: Port device team_slave_0 added
[   67.576657][ T5856] team0: Port device team_slave_1 added
[   67.617393][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_0
[   67.621576][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.632992][ T5856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   67.643640][ T5858] hsr_slave_0: entered promiscuous mode
[   67.646853][ T5858] hsr_slave_1: entered promiscuous mode
[   67.649963][ T5858] debugfs: 'hsr0' already exists in 'hsr'
[   67.652443][ T5858] Cannot create hsr debugfs directory
[   67.655535][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_1
[   67.658366][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.669200][ T5856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   67.800423][ T5856] hsr_slave_0: entered promiscuous mode
[   67.803538][ T5856] hsr_slave_1: entered promiscuous mode
[   67.806427][ T5856] debugfs: 'hsr0' already exists in 'hsr'
[   67.808702][ T5856] Cannot create hsr debugfs directory
[   67.848062][ T5851] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   67.885828][ T5851] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   67.921836][ T5851] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   67.927220][ T5851] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   68.094496][ T5858] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   68.113015][ T5858] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   68.132141][ T5858] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   68.154044][ T5858] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   68.181409][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.203634][ T5856] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   68.224805][ T5856] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   68.234711][ T5856] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   68.244115][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[   68.246619][ T5856] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   68.280784][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.283267][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.294400][ T1088] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.297067][ T1088] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.323680][ T5860] Bluetooth: hci0: command tx timeout
[   68.399982][   T54] Bluetooth: hci2: command tx timeout
[   68.403031][ T5860] Bluetooth: hci1: command tx timeout
[   68.425350][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.447361][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.485233][ T5858] 8021q: adding VLAN 0 to HW filter on device team0
[   68.502089][ T5856] 8021q: adding VLAN 0 to HW filter on device team0
[   68.506642][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.509741][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.534066][ T1088] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.537041][ T1088] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.548969][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.551931][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.567210][ T1088] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.570132][ T1088] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.679465][ T5858] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   68.714886][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.791217][ T5851] veth0_vlan: entered promiscuous mode
[   68.796820][ T5851] veth1_vlan: entered promiscuous mode
[   68.836324][ T5851] veth0_macvtap: entered promiscuous mode
[   68.842868][ T5851] veth1_macvtap: entered promiscuous mode
[   68.867285][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.877773][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.894396][ T5745] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.906895][ T5873] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.913073][ T5873] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.928184][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.932532][ T5873] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.008795][ T5856] veth0_vlan: entered promiscuous mode
[   69.021190][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.039296][ T5856] veth1_vlan: entered promiscuous mode
[   69.059809][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.062696][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.103733][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.106941][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.152869][ T5856] veth0_macvtap: entered promiscuous mode
[   69.164696][ T5858] veth0_vlan: entered promiscuous mode
[   69.167538][ T5856] veth1_macvtap: entered promiscuous mode
[   69.179511][ T5851] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   69.195311][ T5858] veth1_vlan: entered promiscuous mode
[   69.216101][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.243854][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.284053][ T5873] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.287632][ T5873] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.303526][ T5858] veth0_macvtap: entered promiscuous mode
[   69.321901][    C0] hrtimer: interrupt took 39041 ns
[   69.329121][ T5873] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.333728][ T5873] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.344517][ T5858] veth1_macvtap: entered promiscuous mode
[   69.388089][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.438923][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.463180][ T5745] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.465907][ T5745] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.512686][ T5745] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.518167][ T5918] netlink: 'syz.0.1': attribute type 13 has an invalid length.
[   69.527808][ T5745] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.533284][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.536147][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.222210][ T5918] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.226187][ T5918] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.314881][ T5918] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   70.324811][ T5918] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   70.401611][ T5860] Bluetooth: hci0: command tx timeout
[   70.475739][ T5873] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.478586][ T5873] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.491174][   T54] Bluetooth: hci2: command tx timeout
[   70.494977][ T5860] Bluetooth: hci1: command tx timeout
[   70.525224][ T5923] openvswitch: netlink: Tunnel attr 7 has unexpected len 12 expected 0
[   70.535621][ T5873] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.583810][ T5873] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   70.600072][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.622891][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.641806][ T5925] netlink: 'syz.0.5': attribute type 10 has an invalid length.
[   70.645230][ T5925] netlink: 55 bytes leftover after parsing attributes in process `syz.0.5'.
[   71.052670][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.055726][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.176150][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.179409][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.221540][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   71.224531][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   71.558075][ T5933] syz.2.3 uses obsolete (PF_INET,SOCK_PACKET)
[   72.483448][ T5860] Bluetooth: hci0: command tx timeout
[   72.572330][ T5860] Bluetooth: hci1: command tx timeout
[   72.574607][ T5860] Bluetooth: hci2: command tx timeout
[   72.666370][ T5959] Zero length message leads to an empty skb
[   73.501336][ T5985] netlink: 'syz.0.21': attribute type 49 has an invalid length.
[   73.627360][ T5975] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   73.792052][ T5975] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   74.547435][ T6001] netlink: 'syz.1.27': attribute type 3 has an invalid length.
[   74.558634][ T6001] netlink: 'syz.1.27': attribute type 2 has an invalid length.
[   74.563501][ T5860] Bluetooth: hci0: command tx timeout
[   74.575292][ T6001] netlink: 198112 bytes leftover after parsing attributes in process `syz.1.27'.
[   74.672047][ T5860] Bluetooth: hci2: command tx timeout
[   74.673299][   T54] Bluetooth: hci1: command tx timeout
[   74.985538][   T54] Bluetooth: hci1: unexpected cc 0x1004 length: 12 > 11
[   75.738487][ T6053] netlink: 40 bytes leftover after parsing attributes in process `syz.1.40'.
[   75.752526][ T6053] netlink: 63503 bytes leftover after parsing attributes in process `syz.1.40'.
[   76.194403][ T6069] syzkaller1: tun_chr_ioctl cmd 1074025676
[   76.196973][ T6069] syzkaller1: owner set to 778
[   76.309337][   T54] Bluetooth: hci2: unexpected event 0x04 length: 15 > 10
[   76.309366][   T54] Bluetooth: unknown link type 110
[   76.315044][   T54] Bluetooth: hci2: connection err: -111
[   76.875693][ T6096] netlink: 'syz.2.50': attribute type 46 has an invalid length.
[   78.975315][ T6122] netlink: 24 bytes leftover after parsing attributes in process `syz.2.56'.
[   78.978164][ T6122] openvswitch: netlink: Flow key attr not present in new flow.
[   78.995527][ T6125] netlink: 24 bytes leftover after parsing attributes in process `syz.2.56'.
[   78.998965][ T6125] openvswitch: netlink: Flow key attr not present in new flow.
[   79.040817][   T54] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   79.043684][   T54] Bluetooth: hci1: Injecting HCI hardware error event
[   79.046278][   T54] Bluetooth: hci1: hardware error 0x00
[   79.405890][ T6144] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   80.369434][ T6165] netlink: 45 bytes leftover after parsing attributes in process `syz.2.68'.
[   81.039507][ T6179] netlink: 8 bytes leftover after parsing attributes in process `syz.2.71'.
[   81.047558][ T6179] netlink: 6 bytes leftover after parsing attributes in process `syz.2.71'.
[   81.132935][   T54] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   83.845743][ T6217] =======================================================
[   83.845743][ T6217] WARNING: The mand mount option has been deprecated and
[   83.845743][ T6217]          and is ignored by this kernel. Remove the mand
[   83.845743][ T6217]          option from the mount to silence this warning.
[   83.845743][ T6217] =======================================================
[   84.946558][ T6239] netlink: 132 bytes leftover after parsing attributes in process `syz.2.88'.
[   85.645493][ T6240] netlink: 'syz.0.89': attribute type 10 has an invalid length.
[   85.649056][ T6240] netlink: 55 bytes leftover after parsing attributes in process `syz.0.89'.
[   85.849031][ T6252] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   86.055371][ T6254] warning: `syz.2.91' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   86.124166][ T6250] netlink: 28 bytes leftover after parsing attributes in process `syz.2.91'.
[   86.565873][  T972] cfg80211: failed to load regulatory.db
[   87.178748][ T6285] netlink: 140 bytes leftover after parsing attributes in process `syz.0.101'.
[   87.184415][ T6284] delete_channel: no stack
[   87.186262][ T6284] delete_channel: no stack
[   87.188863][ T6285] netlink: 6 bytes leftover after parsing attributes in process `syz.0.101'.
[   87.452741][ T6289] Driver unsupported XDP return value 0 on prog  (id 97) dev N/A, expect packet loss!
[   88.066726][ T6308] netlink: zone id is out of range
[   88.096907][ T6308] netlink: zone id is out of range
[   88.108734][ T6308] netlink: zone id is out of range
[   88.189134][ T6317] netlink: del zone limit has 4 unknown bytes
[   88.743074][ T6308] netlink: set zone limit has 4 unknown bytes
[   89.698133][ T6344] netlink: 16 bytes leftover after parsing attributes in process `syz.1.115'.
[   90.781291][ T6352] netlink: 'syz.0.117': attribute type 21 has an invalid length.
[   91.282954][ T6374] netlink: 6032 bytes leftover after parsing attributes in process `syz.2.122'.
[   92.096183][ T6400] netlink: 'syz.0.130': attribute type 10 has an invalid length.
[   92.105216][ T6400] geneve0: entered promiscuous mode
[   92.116340][ T6400] bond0: (slave geneve0): Enslaving as an active interface with an up link
[   92.119507][ T5873] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.143852][ T5873] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.150338][ T5873] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.188054][ T5873] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.196340][ T6400] netdevsim netdevsim0 : renamed from netdevsim0
[   92.507470][ T6405] netlink: 60 bytes leftover after parsing attributes in process `syz.2.131'.
[   92.519454][ T6405] netlink: 60 bytes leftover after parsing attributes in process `syz.2.131'.
[   92.526331][ T6405] netlink: 60 bytes leftover after parsing attributes in process `syz.2.131'.
[  101.985993][    C0] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 2856224522 wd_nsec: 2856224352
[  104.710038][ T6406] netlink: 60 bytes leftover after parsing attributes in process `syz.2.131'.
[  108.171709][ T5860] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  108.173000][ T5860] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  108.173552][ T5860] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  108.174459][ T5860] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  108.175309][ T5860] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  110.239866][ T5860] Bluetooth: hci3: command tx timeout
[  111.176552][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  111.179401][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  111.180870][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  111.181735][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  111.182220][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  112.319908][   T54] Bluetooth: hci3: command tx timeout
[  113.199936][   T54] Bluetooth: hci4: command tx timeout
[  114.399736][   T54] Bluetooth: hci3: command tx timeout
[  115.279711][   T54] Bluetooth: hci4: command tx timeout
[  116.479749][   T54] Bluetooth: hci3: command tx timeout
[  117.359812][   T54] Bluetooth: hci4: command tx timeout
[  119.440236][   T54] Bluetooth: hci4: command tx timeout
[  120.678117][ T5860] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  120.679146][ T5860] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  120.683005][ T5860] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  120.684264][ T5860] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  120.684861][ T5860] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  122.719794][ T5860] Bluetooth: hci5: command tx timeout
[  124.799854][ T5860] Bluetooth: hci5: command tx timeout
[  126.880213][ T5860] Bluetooth: hci5: command tx timeout
[  128.959860][ T5860] Bluetooth: hci5: command tx timeout
[  132.644007][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  132.644100][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  155.819614][    C0] sched: DL replenish lagged too much
[  168.648136][   T54] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  168.648869][   T54] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  168.649327][   T54] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  168.650248][   T54] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  168.651001][   T54] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  170.719801][   T54] Bluetooth: hci6: command tx timeout
[  171.763763][ T5860] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  171.764922][ T5860] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  171.765479][ T5860] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  171.766848][ T5860] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  171.768039][ T5860] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  172.799820][ T5860] Bluetooth: hci6: command tx timeout
[  173.841632][ T5860] Bluetooth: hci7: command tx timeout
[  174.879964][ T5860] Bluetooth: hci6: command tx timeout
[  175.919811][ T5860] Bluetooth: hci7: command tx timeout
[  176.959831][ T5860] Bluetooth: hci6: command tx timeout
[  177.999755][ T5860] Bluetooth: hci7: command tx timeout
[  180.080111][ T5860] Bluetooth: hci7: command tx timeout
[  181.668690][   T54] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  181.669877][   T54] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  181.670778][   T54] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  181.671861][   T54] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  181.672442][   T54] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  183.679914][   T54] Bluetooth: hci8: command tx timeout
[  185.759908][   T54] Bluetooth: hci8: command tx timeout
[  187.840137][   T54] Bluetooth: hci8: command tx timeout
[  189.919853][ T5853] Bluetooth: hci8: command tx timeout
[  191.039893][ T5853] Bluetooth: hci0: command 0x0406 tx timeout
[  191.040011][ T5853] Bluetooth: hci2: command 0x0406 tx timeout
[  194.085713][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  194.085771][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  209.769536][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  209.769552][    C0] rcu: 	0-....: (10487 ticks this GP) idle=4944/1/0x4000000000000000 softirq=17819/20562 fqs=5229
[  209.769915][    C0] rcu: 	         hardirqs   softirqs   csw/system
[  209.769921][    C0] rcu: 	 number:  1197963       1829            0
[  209.769928][    C0] rcu: 	cputime:    30999      21456           63   ==> 52480(ms)
[  209.769935][    C0] rcu: 	(t=10500 jiffies g=11457 q=3790 ncpus=2)
[  209.769962][    C0] CPU: 0 UID: 0 PID: 6406 Comm: syz.2.131 Not tainted syzkaller #0 PREEMPT(full) 
[  209.769971][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  209.769976][    C0] RIP: 0010:call_rcu+0x73e/0x9c0
[  209.769993][    C0] Code: 84 24 a1 00 00 00 02 75 62 f7 44 24 50 00 02 00 00 49 bc 00 00 00 00 00 fc ff df 74 01 fb 48 c7 84 24 80 00 00 00 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 66 43 c7 44 25 09 00 00 43 c6 44 25 0b
[  209.770001][    C0] RSP: 0018:ffffc90000007320 EFLAGS: 00000206
[  209.770012][    C0] RAX: 53a7e0a2c6a43900 RBX: ffff888027f0ec50 RCX: 53a7e0a2c6a43900
[  209.770019][    C0] RDX: 0000000000000002 RSI: ffffffff8d9bb5e6 RDI: ffffffff8be34480
[  209.770025][    C0] RBP: ffffc90000007450 R08: ffffffff8fa3c237 R09: 1ffffffff1f47846
[  209.770031][    C0] R10: dffffc0000000000 R11: fffffbfff1f47847 R12: dffffc0000000000
[  209.770037][    C0] R13: 1ffff92000000e74 R14: 1ffff1100960760e R15: 00000000000000ee
[  209.770043][    C0] FS:  00007f27d28a76c0(0000) GS:ffff8880b860f000(0000) knlGS:0000000000000000
[  209.770052][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  209.770058][    C0] CR2: 00007f27d27056c0 CR3: 0000000027492000 CR4: 00000000000006f0
[  209.770092][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  209.770099][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  209.770105][    C0] Call Trace:
[  209.770110][    C0]  <IRQ>
[  209.770117][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.770141][    C0]  ? __pfx_call_rcu+0x10/0x10
[  209.770153][    C0]  ? percpu_counter_add_batch+0xea/0x1e0
[  209.770167][    C0]  ? dst_release+0x126/0x1b0
[  209.770181][    C0]  __dev_queue_xmit+0x85c/0x3b50
[  209.770200][    C0]  ? __dev_queue_xmit+0x27b/0x3b50
[  209.770207][    C0]  ? sched_clock_cpu+0x74/0x430
[  209.770214][    C0]  ? lapic_next_event+0x11/0x20
[  209.770221][    C0]  ? clockevents_program_event+0x24d/0x360
[  209.770232][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  209.770237][    C0]  ? hrtimer_interrupt+0x889/0xaa0
[  209.770246][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  209.770255][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  209.770266][    C0]  ? __irq_exit_rcu+0xd8/0x1f0
[  209.770273][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  209.770283][    C0]  ? irqentry_exit+0x74/0x90
[  209.770292][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.770305][    C0]  ? ip6_finish_output2+0xf99/0x16a0
[  209.770317][    C0]  ip6_finish_output2+0x11bc/0x16a0
[  209.770327][    C0]  ? ip6_finish_output2+0x701/0x16a0
[  209.770338][    C0]  ? __pfx_ip6_finish_output2+0x10/0x10
[  209.770346][    C0]  ? ip6_mtu+0x7d/0x3f0
[  209.770362][    C0]  ? ip6_finish_output+0x2ef/0x4e0
[  209.770371][    C0]  ndisc_send_skb+0xb54/0x1440
[  209.770381][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  209.770389][    C0]  ? ndisc_send_skb+0x20c/0x1440
[  209.770402][    C0]  ? __pfx_ndisc_send_skb+0x10/0x10
[  209.770426][    C0]  addrconf_rs_timer+0x369/0x670
[  209.770438][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  209.770446][    C0]  ? __irq_exit_rcu+0xd8/0x1f0
[  209.770456][    C0]  call_timer_fn+0x17e/0x5f0
[  209.770467][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  209.770474][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.770481][    C0]  ? call_timer_fn+0xbe/0x5f0
[  209.770490][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  209.770505][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  209.770514][    C0]  __run_timer_base+0x61a/0x860
[  209.770523][    C0]  ? ktime_get+0x3e/0x1f0
[  209.770537][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  209.770544][    C0]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  209.770561][    C0]  run_timer_softirq+0xb7/0x180
[  209.770570][    C0]  handle_softirqs+0x286/0x870
[  209.770579][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  209.770588][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  209.770598][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  209.770608][    C0]  __irq_exit_rcu+0xca/0x1f0
[  209.770614][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  209.770625][    C0]  irq_exit_rcu+0x9/0x30
[  209.770631][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  209.770640][    C0]  </IRQ>
[  209.770642][    C0]  <TASK>
[  209.770645][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  209.770654][    C0] RIP: 0010:memmove+0x18a/0x1b0
[  209.770663][    C0] Code: 1f 4c 89 54 17 f8 eb 40 48 83 fa 04 72 12 44 8b 1e 44 8b 54 16 fc 44 89 1f 44 89 54 17 fc eb 28 48 83 fa 02 72 16 66 44 8b 1e <66> 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01
[  209.770669][    C0] RSP: 0018:ffffc9000454e598 EFLAGS: 00000202
[  209.770676][    C0] RAX: ffffc9000454e8f2 RBX: ffffc9000454e8ef RCX: ffffffff8b77d96d
[  209.770680][    C0] RDX: 0000000000000003 RSI: ffffc9000454e8ef RDI: ffffc9000454e8f2
[  209.770685][    C0] RBP: 0000000000000003 R08: ffffc9000454e8f2 R09: 1ffff920008a9d1e
[  209.770689][    C0] R10: dffffc0000000000 R11: fffff520008a3554 R12: 000000007ffffffb
[  209.770694][    C0] R13: 0000000000000000 R14: 0000000000000003 R15: 000000007ffffffe
[  209.770702][    C0]  ? move_right+0x5d/0xa0
[  209.770713][    C0]  move_right+0x5d/0xa0
[  209.770722][    C0]  widen_string+0x85/0x2a0
[  209.770728][    C0]  ? string+0x279/0x2b0
[  209.770736][    C0]  vsnprintf+0x739/0xf00
[  209.770788][    C0]  sprintf+0xd9/0x120
[  209.770801][    C0]  ? __pfx_sprintf+0x10/0x10
[  209.770809][    C0]  ? desc_read+0x208/0x3f0
[  209.770821][    C0]  info_print_prefix+0x1f3/0x310
[  209.770832][    C0]  ? __pfx_info_print_prefix+0x10/0x10
[  209.770847][    C0]  record_print_text+0x154/0x420
[  209.770858][    C0]  ? irqentry_exit+0x74/0x90
[  209.770867][    C0]  ? __pfx_record_print_text+0x10/0x10
[  209.770880][    C0]  ? printk_get_next_message+0x238/0x7b0
[  209.770891][    C0]  printk_get_next_message+0x26d/0x7b0
[  209.770904][    C0]  ? __pfx_printk_get_next_message+0x10/0x10
[  209.770912][    C0]  ? irqentry_exit+0x74/0x90
[  209.770920][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.770934][    C0]  ? console_flush_all+0x3b1/0xc40
[  209.770941][    C0]  ? console_flush_all+0x476/0xc40
[  209.770962][    C0]  ? kasan_check_range+0x9f/0x2c0
[  209.770971][    C0]  ? console_flush_all+0x476/0xc40
[  209.770981][    C0]  console_flush_all+0x4ca/0xc40
[  209.770988][    C0]  ? console_flush_all+0x8b1/0xc40
[  209.770997][    C0]  ? console_flush_all+0x13a/0xc40
[  209.771008][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  209.771022][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  209.771032][    C0]  console_unlock+0xc4/0x270
[  209.771041][    C0]  ? __pfx_console_unlock+0x10/0x10
[  209.771051][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  209.771061][    C0]  vprintk_emit+0x5b7/0x7a0
[  209.771070][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  209.771077][    C0]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  209.771086][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  209.771104][    C0]  _printk+0xcf/0x120
[  209.771114][    C0]  ? __pfx____ratelimit+0x10/0x10
[  209.771125][    C0]  ? __pfx__printk+0x10/0x10
[  209.771133][    C0]  ? perf_swevent_event+0x33e/0x5e0
[  209.771148][    C0]  __nla_validate_parse+0x2563/0x2d40
[  209.771159][    C0]  ? perf_trace_run_bpf_submit+0xee/0x170
[  209.771172][    C0]  ? irqentry_enter+0x3d/0x60
[  209.771182][    C0]  ? __pfx___nla_validate_parse+0x10/0x10
[  209.771198][    C0]  ? irqentry_exit+0x74/0x90
[  209.771206][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.771221][    C0]  __nla_parse+0x40/0x60
[  209.771231][    C0]  rtnl_dump_ifinfo+0x2ed/0x1060
[  209.771252][    C0]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  209.771261][    C0]  ? perf_trace_preemptirq_template+0x280/0x340
[  209.771271][    C0]  ? irqentry_enter+0x3d/0x60
[  209.771280][    C0]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  209.771324][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  209.771334][    C0]  ? irqentry_exit+0x74/0x90
[  209.771352][    C0]  ? __pfx_rtnl_dumpit+0x10/0x10
[  209.771360][    C0]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  209.771369][    C0]  rtnl_dumpit+0xa2/0x200
[  209.771379][    C0]  netlink_dump+0x6e4/0xe90
[  209.771387][    C0]  ? irqentry_enter+0x3d/0x60
[  209.771402][    C0]  ? __pfx_netlink_dump+0x10/0x10
[  209.771424][    C0]  netlink_recvmsg+0x676/0xa30
[  209.771438][    C0]  ? __pfx_netlink_recvmsg+0x10/0x10
[  209.771449][    C0]  ? aa_sock_msg_perm+0xf1/0x1d0
[  209.771460][    C0]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  209.771469][    C0]  ? security_socket_recvmsg+0x7e/0x2e0
[  209.771479][    C0]  ? __pfx_netlink_recvmsg+0x10/0x10
[  209.771488][    C0]  sock_recvmsg+0x22c/0x270
[  209.771498][    C0]  ____sys_recvmsg+0x1c9/0x460
[  209.771513][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  209.771531][    C0]  ? import_iovec+0x74/0xa0
[  209.771540][    C0]  ___sys_recvmsg+0x1b5/0x510
[  209.771552][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  209.771561][    C0]  ? rcu_read_unlock_special+0x3a2/0x4b0
[  209.771581][    C0]  ? __rcu_read_unlock+0x84/0xe0
[  209.771590][    C0]  ? __fget_files+0x3a0/0x420
[  209.771604][    C0]  __x64_sys_recvmsg+0x198/0x260
[  209.771615][    C0]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  209.771638][    C0]  do_syscall_64+0xfa/0x3b0
[  209.771648][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.771654][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  209.771663][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.771669][    C0] RIP: 0033:0x7f27d198ec29
[  209.771679][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.771684][    C0] RSP: 002b:00007f27d28a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  209.771691][    C0] RAX: ffffffffffffffda RBX: 00007f27d1bd6090 RCX: 00007f27d198ec29
[  209.771696][    C0] RDX: 0000000000000000 RSI: 0000200000000900 RDI: 000000000000000c
[  209.771700][    C0] RBP: 00007f27d1a11e41 R08: 0000000000000000 R09: 0000000000000000
[  209.771704][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  209.771708][    C0] R13: 00007f27d1bd6128 R14: 00007f27d1bd6090 R15: 00007ffee56358c8
[  209.771721][    C0]  </TASK>
[  228.710914][ T5853] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  228.711553][ T5853] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  228.711922][ T5853] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  228.712660][ T5853] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  228.713247][ T5853] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  231.843438][ T6466] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  231.844896][ T6462] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  231.845410][ T6462] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  231.846305][ T6462] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  231.846908][ T6462] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  232.001459][ T5861] Bluetooth: hci3: command 0x0406 tx timeout
[  237.119677][ T6468] Bluetooth: hci4: command 0x0406 tx timeout
[  240.161168][   T18] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 13544 jiffies s: 3857 root: 0x1/.
[  240.161197][   T18] rcu: blocking rcu_node structures (internal RCU debug):
[  240.161219][   T18] Sending NMI from CPU 1 to CPUs 0:
[  240.161280][    C0] NMI backtrace for cpu 0
[  240.161293][    C0] CPU: 0 UID: 0 PID: 6406 Comm: syz.2.131 Not tainted syzkaller #0 PREEMPT(full) 
[  240.161302][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  240.161308][    C0] RIP: 0010:sched_core_idle_cpu+0xf8/0x200
[  240.161321][    C0] Code: 75 67 41 83 3e 00 75 1f 48 81 c3 88 00 00 00 48 89 d8 48 c1 e8 03 42 0f b6 04 20 84 c0 75 63 31 c0 83 3b 00 0f 94 c0 5b 41 5c <41> 5d 41 5e 41 5f 5d e9 7c 5f e5 09 cc 89 ee 48 c7 c7 40 dd ff 8d
[  240.161327][    C0] RSP: 0018:ffffc900000075f8 EFLAGS: 00000083
[  240.161335][    C0] RAX: 0000000000000000 RBX: ffff888106c15640 RCX: 53a7e0a2c6a43900
[  240.161340][    C0] RDX: 0000000000010100 RSI: ffffffff8be34460 RDI: ffff88804b03aa88
[  240.161344][    C0] RBP: 0000000000000000 R08: ffffffff8fa3c237 R09: 1ffffffff1f47846
[  240.161349][    C0] R10: dffffc0000000000 R11: fffffbfff1f47847 R12: 0000000000000000
[  240.161354][    C0] R13: 1ffffffff1b7c7a2 R14: ffff88804b03aa98 R15: ffff888106c15640
[  240.161359][    C0] FS:  00007f27d28a76c0(0000) GS:ffff8880b860f000(0000) knlGS:0000000000000000
[  240.161365][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  240.161370][    C0] CR2: 00007f27d27056c0 CR3: 0000000027492000 CR4: 00000000000006f0
[  240.161393][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  240.161399][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  240.161403][    C0] Call Trace:
[  240.161407][    C0]  <IRQ>
[  240.161412][    C0]  __irq_exit_rcu+0xd8/0x1f0
[  240.161421][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  240.161430][    C0]  irq_exit_rcu+0x9/0x30
[  240.161436][    C0]  sysvec_apic_timer_interrupt+0x57/0xc0
[  240.161446][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  240.161453][    C0] RIP: 0010:kasan_quarantine_put+0x88/0x220
[  240.161465][    C0] Code: e8 0d 77 a3 ff 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 0f 85 88 00 00 00 41 f7 c7 00 02 00 00 74 01 fb 31 c0 <48> 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc cc 48 8d 80
[  240.161470][    C0] RSP: 0018:ffffc90000007788 EFLAGS: 00000206
[  240.161476][    C0] RAX: 53a7e0a2c6a43901 RBX: ffff888021170a80 RCX: 53a7e0a2c6a43900
[  240.161481][    C0] RDX: 0000000000000002 RSI: ffffffff8d9bb5e6 RDI: ffffffff8be34480
[  240.161486][    C0] RBP: 0000000000000000 R08: ffffffff8fa3c237 R09: 1ffffffff1f47846
[  240.161490][    C0] R10: dffffc0000000000 R11: fffffbfff1f47847 R12: ffffea0000845c00
[  240.161495][    C0] R13: 0000000000000000 R14: 000000000001f380 R15: 0000000000000282
[  240.161506][    C0]  ? skb_release_data+0x62d/0x7c0
[  240.161516][    C0]  kmem_cache_free+0x18f/0x400
[  240.161524][    C0]  skb_release_data+0x62d/0x7c0
[  240.161537][    C0]  sk_skb_reason_drop+0x127/0x170
[  240.161546][    C0]  ? hsr_forward_skb+0x9e/0x2860
[  240.161554][    C0]  hsr_forward_skb+0x1ac6/0x2860
[  240.161565][    C0]  ? hsr_forward_skb+0x9e/0x2860
[  240.161573][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.161581][    C0]  ? __pfx_hsr_forward_skb+0x10/0x10
[  240.161593][    C0]  ? hsr_forward_skb+0xa/0x2860
[  240.161601][    C0]  send_hsr_supervision_frame+0x612/0xb30
[  240.161612][    C0]  ? __pfx_send_hsr_supervision_frame+0x10/0x10
[  240.161620][    C0]  hsr_announce+0x1d5/0x360
[  240.161626][    C0]  ? hsr_announce+0x83/0x360
[  240.161633][    C0]  ? __pfx_hsr_announce+0x10/0x10
[  240.161640][    C0]  ? __irq_exit_rcu+0xd8/0x1f0
[  240.161649][    C0]  call_timer_fn+0x17e/0x5f0
[  240.161659][    C0]  ? __pfx_hsr_announce+0x10/0x10
[  240.161665][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.161672][    C0]  ? call_timer_fn+0xbe/0x5f0
[  240.161681][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  240.161694][    C0]  ? __pfx_hsr_announce+0x10/0x10
[  240.161728][    C0]  __run_timer_base+0x61a/0x860
[  240.161740][    C0]  ? ktime_get+0x3e/0x1f0
[  240.161755][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  240.161767][    C0]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  240.161790][    C0]  run_timer_softirq+0xb7/0x180
[  240.161804][    C0]  handle_softirqs+0x286/0x870
[  240.161816][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  240.161827][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  240.161838][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  240.161851][    C0]  __irq_exit_rcu+0xca/0x1f0
[  240.161860][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  240.161875][    C0]  irq_exit_rcu+0x9/0x30
[  240.161886][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  240.161898][    C0]  </IRQ>
[  240.161901][    C0]  <TASK>
[  240.161905][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  240.161915][    C0] RIP: 0010:console_flush_all+0x7f7/0xc40
[  240.161928][    C0] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 4a 1f 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 4a 1f 00 eb 06 e8 5f 4a 1f 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 ea 6d 83 00 48 8b 1b 48 8b 44 24
[  240.161936][    C0] RSP: 0018:ffffc9000454eb80 EFLAGS: 00000293
[  240.161945][    C0] RAX: 1ffffffff1d36b6f RBX: ffffffff8e9b5b78 RCX: ffff888106c15640
[  240.161951][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  240.161956][    C0] RBP: ffffc9000454ecd0 R08: ffffffff8fa3c237 R09: 1ffffffff1f47846
[  240.161964][    C0] R10: dffffc0000000000 R11: fffffbfff1f47847 R12: dffffc0000000000
[  240.161972][    C0] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b5b20
[  240.161991][    C0]  ? console_flush_all+0x13a/0xc40
[  240.162006][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  240.162022][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  240.162044][    C0]  console_unlock+0xc4/0x270
[  240.162059][    C0]  ? __pfx_console_unlock+0x10/0x10
[  240.162075][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  240.162093][    C0]  vprintk_emit+0x5b7/0x7a0
[  240.162109][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  240.162121][    C0]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  240.162137][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  240.162162][    C0]  _printk+0xcf/0x120
[  240.162178][    C0]  ? __pfx____ratelimit+0x10/0x10
[  240.162195][    C0]  ? __pfx__printk+0x10/0x10
[  240.162209][    C0]  ? perf_swevent_event+0x33e/0x5e0
[  240.162232][    C0]  __nla_validate_parse+0x2563/0x2d40
[  240.162250][    C0]  ? perf_trace_run_bpf_submit+0xee/0x170
[  240.162270][    C0]  ? irqentry_enter+0x3d/0x60
[  240.162284][    C0]  ? __pfx___nla_validate_parse+0x10/0x10
[  240.162308][    C0]  ? irqentry_exit+0x74/0x90
[  240.162323][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  240.162346][    C0]  __nla_parse+0x40/0x60
[  240.162363][    C0]  rtnl_dump_ifinfo+0x2ed/0x1060
[  240.162388][    C0]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  240.162403][    C0]  ? perf_trace_preemptirq_template+0x280/0x340
[  240.162421][    C0]  ? irqentry_enter+0x3d/0x60
[  240.162436][    C0]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  240.162490][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  240.162507][    C0]  ? irqentry_exit+0x74/0x90
[  240.162528][    C0]  ? __pfx_rtnl_dumpit+0x10/0x10
[  240.162542][    C0]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  240.162558][    C0]  rtnl_dumpit+0xa2/0x200
[  240.162575][    C0]  netlink_dump+0x6e4/0xe90
[  240.162590][    C0]  ? irqentry_enter+0x3d/0x60
[  240.162611][    C0]  ? __pfx_netlink_dump+0x10/0x10
[  240.162641][    C0]  netlink_recvmsg+0x676/0xa30
[  240.162663][    C0]  ? __pfx_netlink_recvmsg+0x10/0x10
[  240.162681][    C0]  ? aa_sock_msg_perm+0xf1/0x1d0
[  240.162725][    C0]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  240.162743][    C0]  ? security_socket_recvmsg+0x7e/0x2e0
[  240.162760][    C0]  ? __pfx_netlink_recvmsg+0x10/0x10
[  240.162776][    C0]  sock_recvmsg+0x22c/0x270
[  240.162792][    C0]  ____sys_recvmsg+0x1c9/0x460
[  240.162815][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  240.162842][    C0]  ? import_iovec+0x74/0xa0
[  240.162855][    C0]  ___sys_recvmsg+0x1b5/0x510
[  240.162876][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  240.162893][    C0]  ? rcu_read_unlock_special+0x3a2/0x4b0
[  240.162921][    C0]  ? __rcu_read_unlock+0x84/0xe0
[  240.162935][    C0]  ? __fget_files+0x3a0/0x420
[  240.162955][    C0]  __x64_sys_recvmsg+0x198/0x260
[  240.162975][    C0]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  240.163008][    C0]  do_syscall_64+0xfa/0x3b0
[  240.163026][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.163043][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  240.163058][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.163070][    C0] RIP: 0033:0x7f27d198ec29
[  240.163083][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.163093][    C0] RSP: 002b:00007f27d28a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  240.163107][    C0] RAX: ffffffffffffffda RBX: 00007f27d1bd6090 RCX: 00007f27d198ec29
[  240.163115][    C0] RDX: 0000000000000000 RSI: 0000200000000900 RDI: 000000000000000c
[  240.163123][    C0] RBP: 00007f27d1a11e41 R08: 0000000000000000 R09: 0000000000000000
[  240.163130][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.163138][    C0] R13: 00007f27d1bd6128 R14: 00007f27d1bd6090 R15: 00007ffee56358c8
[  240.163156][    C0]  </TASK>
[  242.186169][ T6473] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  242.188085][ T6473] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  242.188724][ T6473] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  242.190372][ T6473] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  242.192837][ T6473] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  244.000658][   T34] INFO: task kworker/u10:0:27 blocked for more than 143 seconds.
[  244.000685][   T34]       Not tainted syzkaller #0
[  244.000705][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  244.000713][   T34] task:kworker/u10:0   state:D stack:25544 pid:27    tgid:27    ppid:2      task_flags:0x4208060 flags:0x00004000
[  244.000757][   T34] Workqueue: events_unbound fsnotify_mark_destroy_workfn
[  244.000780][   T34] Call Trace:
[  244.000787][   T34]  <TASK>
[  244.000799][   T34]  __schedule+0x1798/0x4cc0
[  244.000822][   T34]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  244.000853][   T34]  ? __lock_acquire+0xab9/0xd20
[  244.000872][   T34]  ? __pfx___schedule+0x10/0x10
[  244.000904][   T34]  ? schedule+0x91/0x360
[  244.000924][   T34]  schedule+0x165/0x360
[  244.000942][   T34]  schedule_timeout+0x9a/0x270
[  244.000958][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  244.000984][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.000999][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.001014][   T34]  ? wait_for_completion+0x267/0x5d0
[  244.001033][   T34]  wait_for_completion+0x2bf/0x5d0
[  244.001060][   T34]  ? __pfx_wait_for_completion+0x10/0x10
[  244.001074][   T34]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  244.001110][   T34]  __synchronize_srcu+0x30e/0x3a0
[  244.001134][   T34]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  244.001151][   T34]  ? __pfx___synchronize_srcu+0x10/0x10
[  244.001169][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  244.001188][   T34]  ? ktime_get_mono_fast_ns+0x2af/0x2d0
[  244.001207][   T34]  ? synchronize_srcu+0x295/0x2c0
[  244.001229][   T34]  fsnotify_mark_destroy_workfn+0x101/0x2f0
[  244.001252][   T34]  ? __pfx_fsnotify_mark_destroy_workfn+0x10/0x10
[  244.001272][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.001286][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  244.001299][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  244.001345][   T34]  process_scheduled_works+0xae1/0x17b0
[  244.001388][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  244.001416][   T34]  worker_thread+0x8a0/0xda0
[  244.001452][   T34]  kthread+0x711/0x8a0
[  244.001472][   T34]  ? __pfx_worker_thread+0x10/0x10
[  244.001486][   T34]  ? __pfx_kthread+0x10/0x10
[  244.001504][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.001519][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.001534][   T34]  ? __pfx_kthread+0x10/0x10
[  244.001553][   T34]  ret_from_fork+0x439/0x7d0
[  244.001571][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  244.001592][   T34]  ? __switch_to_asm+0x39/0x70
[  244.001606][   T34]  ? __switch_to_asm+0x33/0x70
[  244.001622][   T34]  ? __pfx_kthread+0x10/0x10
[  244.001639][   T34]  ret_from_fork_asm+0x1a/0x30
[  244.001672][   T34]  </TASK>
[  244.001725][   T34] INFO: task kworker/1:2:791 blocked for more than 143 seconds.
[  244.001738][   T34]       Not tainted syzkaller #0
[  244.001745][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  244.001751][   T34] task:kworker/1:2     state:D stack:25144 pid:791   tgid:791   ppid:2      task_flags:0x4208060 flags:0x00004000
[  244.001790][   T34] Workqueue: events drain_vmap_area_work
[  244.001806][   T34] Call Trace:
[  244.001812][   T34]  <TASK>
[  244.001822][   T34]  __schedule+0x1798/0x4cc0
[  244.001850][   T34]  ? do_raw_spin_lock+0x121/0x290
[  244.001871][   T34]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  244.001888][   T34]  ? __pfx___schedule+0x10/0x10
[  244.001919][   T34]  ? schedule+0x91/0x360
[  244.001937][   T34]  schedule+0x165/0x360
[  244.001953][   T34]  schedule_timeout+0x9a/0x270
[  244.001969][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  244.001994][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.002008][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.002023][   T34]  ? wait_for_completion+0x267/0x5d0
[  244.002043][   T34]  wait_for_completion+0x2bf/0x5d0
[  244.002073][   T34]  ? __pfx_wait_for_completion+0x10/0x10
[  244.002096][   T34]  ? __flush_work+0xd2/0xbc0
[  244.002114][   T34]  ? __flush_work+0xd2/0xbc0
[  244.002130][   T34]  __flush_work+0x9b9/0xbc0
[  244.002151][   T34]  ? __flush_work+0xd2/0xbc0
[  244.002169][   T34]  ? __pfx___flush_work+0x10/0x10
[  244.002186][   T34]  ? __pfx_wq_barrier_func+0x10/0x10
[  244.002215][   T34]  ? __pfx_purge_vmap_node+0x10/0x10
[  244.002242][   T34]  __purge_vmap_area_lazy+0x89e/0xb40
[  244.002264][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  244.002281][   T34]  drain_vmap_area_work+0x27/0x40
[  244.002297][   T34]  process_scheduled_works+0xae1/0x17b0
[  244.002368][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  244.002402][   T34]  worker_thread+0x8a0/0xda0
[  244.002421][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  244.002446][   T34]  ? __kthread_parkme+0x7b/0x200
[  244.002501][   T34]  kthread+0x711/0x8a0
[  244.002523][   T34]  ? __pfx_worker_thread+0x10/0x10
[  244.002537][   T34]  ? __pfx_kthread+0x10/0x10
[  244.002556][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.002572][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.002588][   T34]  ? __pfx_kthread+0x10/0x10
[  244.002607][   T34]  ret_from_fork+0x439/0x7d0
[  244.002625][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  244.002647][   T34]  ? __switch_to_asm+0x39/0x70
[  244.002664][   T34]  ? __switch_to_asm+0x33/0x70
[  244.002680][   T34]  ? __pfx_kthread+0x10/0x10
[  244.002706][   T34]  ret_from_fork_asm+0x1a/0x30
[  244.002738][   T34]  </TASK>
[  244.002868][   T34] INFO: task kworker/u8:4:5873 blocked for more than 143 seconds.
[  244.002879][   T34]       Not tainted syzkaller #0
[  244.002886][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  244.002893][   T34] task:kworker/u8:4    state:D stack:22072 pid:5873  tgid:5873  ppid:2      task_flags:0x4208060 flags:0x00004000
[  244.002931][   T34] Workqueue: netns cleanup_net
[  244.002950][   T34] Call Trace:
[  244.002956][   T34]  <TASK>
[  244.002966][   T34]  __schedule+0x1798/0x4cc0
[  244.003001][   T34]  ? __lock_acquire+0xab9/0xd20
[  244.003022][   T34]  ? __pfx___schedule+0x10/0x10
[  244.003053][   T34]  ? schedule+0x91/0x360
[  244.003072][   T34]  schedule+0x165/0x360
[  244.003090][   T34]  schedule_preempt_disabled+0x13/0x30
[  244.003105][   T34]  __mutex_lock+0x7e6/0x1350
[  244.003127][   T34]  ? __mutex_lock+0x5bb/0x1350
[  244.003147][   T34]  ? cfg80211_pernet_exit+0x19/0x140
[  244.003168][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  244.003192][   T34]  ? __pfx___might_resched+0x10/0x10
[  244.003210][   T34]  ? net_generic+0x1e/0x240
[  244.003225][   T34]  ? idr_destroy+0x218/0x290
[  244.003245][   T34]  cfg80211_pernet_exit+0x19/0x140
[  244.003267][   T34]  ops_undo_list+0x49a/0x990
[  244.003290][   T34]  ? __pfx_ops_undo_list+0x10/0x10
[  244.003312][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  244.003366][   T34]  cleanup_net+0x4c5/0x800
[  244.003387][   T34]  ? __pfx_cleanup_net+0x10/0x10
[  244.003407][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.003421][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  244.003435][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  244.003450][   T34]  process_scheduled_works+0xae1/0x17b0
[  244.003490][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  244.003522][   T34]  worker_thread+0x8a0/0xda0
[  244.003541][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  244.003566][   T34]  ? __kthread_parkme+0x7b/0x200
[  244.003591][   T34]  kthread+0x711/0x8a0
[  244.003613][   T34]  ? __pfx_worker_thread+0x10/0x10
[  244.003628][   T34]  ? __pfx_kthread+0x10/0x10
[  244.003647][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.003663][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.003679][   T34]  ? __pfx_kthread+0x10/0x10
[  244.003704][   T34]  ret_from_fork+0x439/0x7d0
[  244.003722][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  244.003744][   T34]  ? __switch_to_asm+0x39/0x70
[  244.003761][   T34]  ? __switch_to_asm+0x33/0x70
[  244.003777][   T34]  ? __pfx_kthread+0x10/0x10
[  244.003796][   T34]  ret_from_fork_asm+0x1a/0x30
[  244.003830][   T34]  </TASK>
[  244.003853][   T34] INFO: task kworker/u10:5:6364 blocked for more than 143 seconds.
[  244.003864][   T34]       Not tainted syzkaller #0
[  244.003872][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  244.003880][   T34] task:kworker/u10:5   state:D stack:27984 pid:6364  tgid:6364  ppid:2      task_flags:0x4208060 flags:0x00004000
[  244.003922][   T34] Workqueue: events_unbound fsnotify_connector_destroy_workfn
[  244.003943][   T34] Call Trace:
[  244.003948][   T34]  <TASK>
[  244.003959][   T34]  __schedule+0x1798/0x4cc0
[  244.003980][   T34]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  244.004013][   T34]  ? __lock_acquire+0xab9/0xd20
[  244.004033][   T34]  ? __pfx___schedule+0x10/0x10
[  244.004067][   T34]  ? schedule+0x91/0x360
[  244.004087][   T34]  schedule+0x165/0x360
[  244.004107][   T34]  schedule_timeout+0x9a/0x270
[  244.004122][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  244.004150][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.004167][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.004183][   T34]  ? wait_for_completion+0x267/0x5d0
[  244.004203][   T34]  wait_for_completion+0x2bf/0x5d0
[  244.004233][   T34]  ? __pfx_wait_for_completion+0x10/0x10
[  244.004249][   T34]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  244.004280][   T34]  __synchronize_srcu+0x30e/0x3a0
[  244.004302][   T34]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  244.004347][   T34]  ? __pfx___synchronize_srcu+0x10/0x10
[  244.004368][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  244.004392][   T34]  ? ktime_get_mono_fast_ns+0x2af/0x2d0
[  244.004413][   T34]  ? synchronize_srcu+0x295/0x2c0
[  244.004436][   T34]  fsnotify_connector_destroy_workfn+0x44/0xb0
[  244.004454][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  244.004469][   T34]  process_scheduled_works+0xae1/0x17b0
[  244.004512][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  244.004544][   T34]  worker_thread+0x8a0/0xda0
[  244.004563][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  244.004588][   T34]  ? __kthread_parkme+0x7b/0x200
[  244.004614][   T34]  kthread+0x711/0x8a0
[  244.004635][   T34]  ? __pfx_worker_thread+0x10/0x10
[  244.004650][   T34]  ? __pfx_kthread+0x10/0x10
[  244.004670][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.004691][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.004707][   T34]  ? __pfx_kthread+0x10/0x10
[  244.004725][   T34]  ret_from_fork+0x439/0x7d0
[  244.004744][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  244.004765][   T34]  ? __switch_to_asm+0x39/0x70
[  244.004782][   T34]  ? __switch_to_asm+0x33/0x70
[  244.004799][   T34]  ? __pfx_kthread+0x10/0x10
[  244.004818][   T34]  ret_from_fork_asm+0x1a/0x30
[  244.004852][   T34]  </TASK>
[  244.004861][   T34] INFO: task syz.1.133:6413 blocked for more than 143 seconds.
[  244.004871][   T34]       Not tainted syzkaller #0
[  244.004879][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  244.004886][   T34] task:syz.1.133       state:D stack:27568 pid:6413  tgid:6411  ppid:5856   task_flags:0x400140 flags:0x00004006
[  244.004927][   T34] Call Trace:
[  244.004933][   T34]  <TASK>
[  244.004943][   T34]  __schedule+0x1798/0x4cc0
[  244.004981][   T34]  ? __lock_acquire+0xab9/0xd20
[  244.005002][   T34]  ? __pfx___schedule+0x10/0x10
[  244.005034][   T34]  ? schedule+0x91/0x360
[  244.005055][   T34]  schedule+0x165/0x360
[  244.005074][   T34]  schedule_preempt_disabled+0x13/0x30
[  244.005090][   T34]  __mutex_lock+0x7e6/0x1350
[  244.005114][   T34]  ? __mutex_lock+0x5bb/0x1350
[  244.005137][   T34]  ? rtnetlink_rcv_msg+0x71c/0xb70
[  244.005159][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  244.005198][   T34]  rtnetlink_rcv_msg+0x71c/0xb70
[  244.005221][   T34]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  244.005238][   T34]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  244.005254][   T34]  ? ref_tracker_free+0x63a/0x7d0
[  244.005272][   T34]  ? __asan_memcpy+0x40/0x70
[  244.005292][   T34]  ? __pfx_ref_tracker_free+0x10/0x10
[  244.005306][   T34]  ? __skb_clone+0x63/0x7a0
[  244.005362][   T34]  netlink_rcv_skb+0x208/0x470
[  244.005384][   T34]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  244.005403][   T34]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  244.005434][   T34]  ? netlink_deliver_tap+0x2e/0x1b0
[  244.005460][   T34]  netlink_unicast+0x82f/0x9e0
[  244.005486][   T34]  ? __pfx_netlink_unicast+0x10/0x10
[  244.005505][   T34]  ? netlink_sendmsg+0x642/0xb30
[  244.005522][   T34]  ? skb_put+0x11b/0x210
[  244.005544][   T34]  netlink_sendmsg+0x805/0xb30
[  244.005572][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.005594][   T34]  ? aa_sock_msg_perm+0xf1/0x1d0
[  244.005613][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  244.005631][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.005650][   T34]  __sock_sendmsg+0x21c/0x270
[  244.005671][   T34]  sock_write_iter+0x258/0x330
[  244.005695][   T34]  ? __pfx_sock_write_iter+0x10/0x10
[  244.005722][   T34]  ? bpf_lsm_file_permission+0x9/0x20
[  244.005741][   T34]  ? security_file_permission+0x75/0x290
[  244.005764][   T34]  vfs_write+0x5c9/0xb30
[  244.005784][   T34]  ? __pfx_sock_write_iter+0x10/0x10
[  244.005801][   T34]  ? __pfx_vfs_write+0x10/0x10
[  244.005826][   T34]  ? __fget_files+0x2a/0x420
[  244.005851][   T34]  ksys_write+0x145/0x250
[  244.005868][   T34]  ? __pfx_ksys_write+0x10/0x10
[  244.005880][   T34]  ? rcu_is_watching+0x15/0xb0
[  244.005900][   T34]  ? do_syscall_64+0xbe/0x3b0
[  244.005923][   T34]  do_syscall_64+0xfa/0x3b0
[  244.005939][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.005957][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.005971][   T34]  ? exc_page_fault+0x9f/0xf0
[  244.005992][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.006006][   T34] RIP: 0033:0x7f5c89f8ec29
[  244.006020][   T34] RSP: 002b:00007f5c8ae6d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  244.006035][   T34] RAX: ffffffffffffffda RBX: 00007f5c8a1d6090 RCX: 00007f5c89f8ec29
[  244.006046][   T34] RDX: 000000000000fe33 RSI: 0000200000000040 RDI: 0000000000000008
[  244.006056][   T34] RBP: 00007f5c8a011e41 R08: 0000000000000000 R09: 0000000000000000
[  244.006065][   T34] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  244.006074][   T34] R13: 00007f5c8a1d6128 R14: 00007f5c8a1d6090 R15: 00007fff65d5eaa8
[  244.006101][   T34]  </TASK>
[  244.006125][   T34] 
[  244.006125][   T34] Showing all locks held in the system:
[  244.006135][   T34] 2 locks held by kworker/u10:0/27:
[  244.006144][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.006186][   T34]  #1: ffffc9000060fbc0 ((reaper_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.006225][   T34] 1 lock held by khungtaskd/34:
[  244.006233][   T34]  #0: ffffffff8e13a160 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  244.006277][   T34] 5 locks held by kworker/u11:0/54:
[  244.006286][   T34]  #0: ffff88802aa9c948 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.006349][   T34]  #1: ffffc900007cfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.006388][   T34]  #2: ffff888109a10dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  244.006425][   T34]  #3: ffff888109a100b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  244.006463][   T34]  #4: ffffffff8f69fd48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  244.006510][   T34] 3 locks held by kworker/1:2/791:
[  244.006519][   T34]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.006556][   T34]  #1: ffffc90004c3fbc0 (drain_vmap_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.006587][   T34]  #2: ffffffff8e23d488 (vmap_purge_lock){+.+.}-{4:4}, at: drain_vmap_area_work+0x17/0x40
[  244.006643][   T34] 5 locks held by kworker/u11:1/5237:
[  244.006651][   T34]  #0: ffff888030e7c148 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.006690][   T34]  #1: ffffc90006617bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.006723][   T34]  #2: ffff88810ab2cdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  244.006753][   T34]  #3: ffff88810ab2c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  244.006784][   T34]  #4: ffffffff8f69fd48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  244.006817][   T34] 2 locks held by getty/5679:
[  244.006825][   T34]  #0: ffff888026c0d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  244.006861][   T34]  #1: ffffc90001bd82f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  244.006894][   T34] 4 locks held by kworker/u11:2/5853:
[  244.006901][   T34]  #0: ffff8881298b3948 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.006938][   T34]  #1: ffffc9000331fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.006971][   T34]  #2: ffff88810fb840b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  244.007004][   T34]  #3: ffffffff8f69fd48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  244.007033][   T34] 6 locks held by kworker/u11:3/5860:
[  244.007040][   T34]  #0: ffff888023c2b148 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.007066][   T34]  #1: ffffc9000336fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.007094][   T34]  #2: ffff888110190dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  244.007121][   T34]  #3: ffff8881101900b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  244.007154][   T34]  #4: ffffffff8f69fd48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  244.007190][   T34]  #5: ffff888023c2e338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  244.007233][   T34] 5 locks held by kworker/u11:4/5861:
[  244.007242][   T34]  #0: ffff88806dd0e148 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.007279][   T34]  #1: ffffc9000337fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.007348][   T34]  #2: ffff888106408dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  244.007385][   T34]  #3: ffff8881064080b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  244.007425][   T34]  #4: ffffffff8f69fd48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  244.007465][   T34] 3 locks held by kworker/u8:3/5867:
[  244.007474][   T34]  #0: ffff88802224b148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.007524][   T34]  #1: ffffc900033bfbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.007561][   T34]  #2: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  244.007600][   T34] 4 locks held by kworker/u8:4/5873:
[  244.007608][   T34]  #0: ffff88801b2f7148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.007645][   T34]  #1: ffffc9000339fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.007681][   T34]  #2: ffffffff8f52df10 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  244.007728][   T34]  #3: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: cfg80211_pernet_exit+0x19/0x140
[  244.007773][   T34] 2 locks held by kworker/u10:5/6364:
[  244.007781][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.007818][   T34]  #1: ffffc9000448fbc0 (connector_reaper_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.007855][   T34] 6 locks held by syz.2.131/6406:
[  244.007863][   T34] 1 lock held by syz.1.133/6413:
[  244.007871][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x71c/0xb70
[  244.007911][   T34] 2 locks held by dhcpcd/6415:
[  244.007920][   T34]  #0: ffff888020388258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  244.007958][   T34]  #1: ffffffff8e13fbf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  244.007998][   T34] 1 lock held by dhcpcd/6416:
[  244.008006][   T34]  #0: ffff88802038e258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  244.008045][   T34] 1 lock held by dhcpcd/6417:
[  244.008052][   T34]  #0: ffff888111a16258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  244.008088][   T34] 1 lock held by dhcpcd/6418:
[  244.008095][   T34]  #0: ffff888031b0c258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  244.008131][   T34] 2 locks held by dhcpcd/6419:
[  244.008138][   T34]  #0: ffff888134bf4258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  244.008171][   T34]  #1: ffffffff8e13fbf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  244.008209][   T34] 1 lock held by syz.0.134/6422:
[  244.008216][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xeee/0x2d00
[  244.008254][   T34] 1 lock held by syz-executor/6427:
[  244.008262][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.008299][   T34] 1 lock held by syz-executor/6432:
[  244.008306][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.008370][   T34] 1 lock held by syz-executor/6435:
[  244.008379][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.008414][   T34] 1 lock held by dhcpcd/6440:
[  244.008420][   T34]  #0: ffff8881119be258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  244.008454][   T34] 1 lock held by syz-executor/6442:
[  244.008462][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.008497][   T34] 1 lock held by syz-executor/6447:
[  244.008503][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.008537][   T34] 1 lock held by syz-executor/6453:
[  244.008543][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.008574][   T34] 1 lock held by syz-executor/6458:
[  244.008581][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.008619][   T34] 4 locks held by kworker/u11:5/6462:
[  244.008627][   T34]  #0: ffff88810fcdf148 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.008669][   T34]  #1: ffffc900042afbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.008710][   T34]  #2: ffff88810616c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  244.008743][   T34]  #3: ffffffff8f69fd48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  244.008781][   T34] 1 lock held by syz-executor/6464:
[  244.008789][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.008822][   T34] 4 locks held by kworker/u11:7/6468:
[  244.008828][   T34]  #0: ffff88801da84148 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  244.008867][   T34]  #1: ffffc9000428fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  244.008902][   T34]  #2: ffff888107b640b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  244.008940][   T34]  #3: ffffffff8f69fd48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  244.008978][   T34] 1 lock held by syz-executor/6470:
[  244.008987][   T34]  #0: ffffffff8f53adc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  244.009022][   T34] 
[  244.009027][   T34] =============================================
[  244.009027][   T34] 
[  244.009035][   T34] NMI backtrace for cpu 1
[  244.009043][   T34] CPU: 1 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  244.009057][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  244.009064][   T34] Call Trace:
[  244.009069][   T34]  <TASK>
[  244.009075][   T34]  dump_stack_lvl+0x189/0x250
[  244.009094][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.009109][   T34]  ? __pfx__printk+0x10/0x10
[  244.009138][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  244.009156][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  244.009172][   T34]  ? __pfx__printk+0x10/0x10
[  244.009194][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  244.009209][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  244.009225][   T34]  watchdog+0xf93/0xfe0
[  244.009248][   T34]  ? watchdog+0x1de/0xfe0
[  244.009271][   T34]  kthread+0x711/0x8a0
[  244.009289][   T34]  ? __pfx_watchdog+0x10/0x10
[  244.009305][   T34]  ? __pfx_kthread+0x10/0x10
[  244.009352][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.009366][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.009380][   T34]  ? __pfx_kthread+0x10/0x10
[  244.009395][   T34]  ret_from_fork+0x439/0x7d0
[  244.009409][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  244.009429][   T34]  ? __switch_to_asm+0x39/0x70
[  244.009444][   T34]  ? __switch_to_asm+0x33/0x70
[  244.009458][   T34]  ? __pfx_kthread+0x10/0x10
[  244.009475][   T34]  ret_from_fork_asm+0x1a/0x30
[  244.009504][   T34]  </TASK>
[  244.009509][   T34] Sending NMI from CPU 1 to CPUs 0:
[  244.009550][    C0] NMI backtrace for cpu 0
[  244.009561][    C0] CPU: 0 UID: 0 PID: 6406 Comm: syz.2.131 Not tainted syzkaller #0 PREEMPT(full) 
[  244.009570][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  244.009575][    C0] RIP: 0010:rcu_segcblist_ready_cbs+0x2a/0x80
[  244.009587][    C0] Code: 66 0f 1f 00 41 57 41 56 53 49 be 00 00 00 00 00 fc ff df 48 8d 5f 70 48 89 d8 48 c1 e8 03 42 0f b6 04 30 84 c0 75 3b f6 03 01 <75> 04 31 c0 eb 27 48 8d 47 08 48 89 c1 48 c1 e9 03 42 80 3c 31 00
[  244.009593][    C0] RSP: 0018:ffffc90000006780 EFLAGS: 00000002
[  244.009600][    C0] RAX: 0000000000000000 RBX: ffff88804b03b098 RCX: 53a7e0a2c6a43901
[  244.009605][    C0] RDX: 0000000000000000 RSI: ffffffff8b8c0c40 RDI: ffff88804b03b028
[  244.009610][    C0] RBP: ffffc90000006868 R08: ffffffff8fa3c237 R09: 1ffffffff1f47846
[  244.009615][    C0] R10: dffffc0000000000 R11: fffffbfff1f47847 R12: ffff88804b03af80
[  244.009619][    C0] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000002cc1
[  244.009624][    C0] FS:  00007f27d28a76c0(0000) GS:ffff8880b860f000(0000) knlGS:0000000000000000
[  244.009630][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  244.009634][    C0] CR2: 00007f27d27056c0 CR3: 0000000027492000 CR4: 00000000000006f0
[  244.009659][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  244.009664][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  244.009668][    C0] Call Trace:
[  244.009672][    C0]  <IRQ>
[  244.009676][    C0]  rcu_sched_clock_irq+0x659/0x11b0
[  244.009687][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  244.009695][    C0]  ? irqtime_account_process_tick+0x25/0x3f0
[  244.009706][    C0]  update_process_times+0x23c/0x2f0
[  244.009717][    C0]  tick_nohz_handler+0x39a/0x520
[  244.009726][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  244.009734][    C0]  __hrtimer_run_queues+0x4e0/0xc60
[  244.009747][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  244.009753][    C0]  ? ktime_get_update_offsets_now+0x3ab/0x3d0
[  244.009764][    C0]  hrtimer_interrupt+0x45b/0xaa0
[  244.009779][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  244.009789][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
[  244.009798][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  244.009806][    C0] RIP: 0010:kernel_text_address+0x21/0xe0
[  244.009816][    C0] Code: 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 41 56 53 48 81 ff 00 00 00 81 0f 93 c0 48 81 ff bc f3 7e 8b 0f 92 c1 bd 01 00 00 00 <84> c8 75 0c 48 89 fb e8 83 2f a7 ff 85 c0 74 0c 89 e8 5b 41 5e 5d
[  244.009821][    C0] RSP: 0018:ffffc90000006c78 EFLAGS: 00000293
[  244.009827][    C0] RAX: 0000000000000001 RBX: ffffffff8ace0a4b RCX: 53a7e0a2c6a43901
[  244.009832][    C0] RDX: 0000000000000006 RSI: ffffffff8dbaacc4 RDI: ffffffff8ace0a4b
[  244.009836][    C0] RBP: 0000000000000001 R08: ffffc900000073f0 R09: 0000000000000000
[  244.009840][    C0] R10: ffffc90000006d18 R11: fffff52000000da5 R12: ffff888106c15640
[  244.009845][    C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92000000da2
[  244.009850][    C0]  ? cfg80211_inform_bss_data+0x1fb/0x3b30
[  244.009859][    C0]  ? cfg80211_inform_bss_data+0x1fb/0x3b30
[  244.009867][    C0]  ? cfg80211_inform_bss_data+0x1fb/0x3b30
[  244.009873][    C0]  __kernel_text_address+0xd/0x40
[  244.009882][    C0]  unwind_get_return_address+0x4d/0x90
[  244.009890][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  244.009900][    C0]  arch_stack_walk+0xfc/0x150
[  244.009910][    C0]  ? cfg80211_inform_bss_data+0x1fb/0x3b30
[  244.009918][    C0]  stack_trace_save+0x9c/0xe0
[  244.009926][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  244.009934][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  244.009941][    C0]  ? sched_clock+0x3f/0x60
[  244.009950][    C0]  ? sched_clock_cpu+0x74/0x430
[  244.009957][    C0]  ? clockevents_program_event+0x24d/0x360
[  244.009967][    C0]  kasan_save_track+0x3e/0x80
[  244.009977][    C0]  ? kasan_save_track+0x3e/0x80
[  244.009985][    C0]  ? kasan_save_free_info+0x46/0x50
[  244.009992][    C0]  ? __kasan_slab_free+0x5b/0x80
[  244.009998][    C0]  ? kfree+0x18e/0x440
[  244.010007][    C0]  ? ieee80211_inform_bss+0xbd9/0x10a0
[  244.010014][    C0]  ? cfg80211_inform_single_bss_data+0xd05/0x1ac0
[  244.010035][    C0]  ? check_slab_allocation+0x43/0x130
[  244.010041][    C0]  kasan_save_free_info+0x46/0x50
[  244.010049][    C0]  __kasan_slab_free+0x5b/0x80
[  244.010055][    C0]  ? ieee80211_inform_bss+0xbd9/0x10a0
[  244.010061][    C0]  kfree+0x18e/0x440
[  244.010071][    C0]  ieee80211_inform_bss+0xbd9/0x10a0
[  244.010081][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  244.010092][    C0]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  244.010099][    C0]  cfg80211_inform_single_bss_data+0xd05/0x1ac0
[  244.010109][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  244.010127][    C0]  cfg80211_inform_bss_data+0x1fb/0x3b30
[  244.010138][    C0]  ? perf_trace_lock_acquire+0xf5/0x410
[  244.010144][    C0]  ? do_raw_spin_unlock+0x4d/0x240
[  244.010155][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  244.010164][    C0]  ? ktime_get+0x3e/0x1f0
[  244.010171][    C0]  ? ktime_get+0x3e/0x1f0
[  244.010180][    C0]  ? ktime_get+0x3e/0x1f0
[  244.010186][    C0]  ? ktime_get+0x3e/0x1f0
[  244.010195][    C0]  ? perf_trace_lock_acquire+0xf5/0x410
[  244.010207][    C0]  ? ieee80211_bss_info_update+0x2dc/0x9e0
[  244.010215][    C0]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[  244.010224][    C0]  ? ieee80211_bss_info_update+0x2dc/0x9e0
[  244.010232][    C0]  ieee80211_bss_info_update+0x746/0x9e0
[  244.010243][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  244.010254][    C0]  ? irqentry_exit+0x74/0x90
[  244.010269][    C0]  ? ieee80211_get_channel_khz+0x15b/0x8a0
[  244.010285][    C0]  ieee80211_scan_rx+0x593/0xa20
[  244.010299][    C0]  ieee80211_rx_list+0x201c/0x2a90
[  244.010354][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  244.010368][    C0]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  244.010375][    C0]  ? __irq_exit_rcu+0xd8/0x1f0
[  244.010384][    C0]  ? irqentry_exit+0x74/0x90
[  244.010392][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.010401][    C0]  ? ieee80211_rx_napi+0xca/0x3d0
[  244.010409][    C0]  ? ieee80211_rx_napi+0xca/0x3d0
[  244.010416][    C0]  ? ieee80211_rx_napi+0x10f/0x3d0
[  244.010424][    C0]  ? ieee80211_rx_napi+0xca/0x3d0
[  244.010435][    C0]  ieee80211_rx_napi+0x1a8/0x3d0
[  244.010448][    C0]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  244.010465][    C0]  ? skb_dequeue+0x10e/0x150
[  244.010479][    C0]  ieee80211_handle_queued_frames+0xe8/0x1f0
[  244.010492][    C0]  tasklet_action_common+0x36c/0x580
[  244.010502][    C0]  ? __pfx_tasklet_action_common+0x10/0x10
[  244.010512][    C0]  ? workqueue_softirq_action+0xd4/0x150
[  244.010521][    C0]  handle_softirqs+0x286/0x870
[  244.010529][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  244.010537][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  244.010545][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  244.010554][    C0]  __irq_exit_rcu+0xca/0x1f0
[  244.010560][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  244.010569][    C0]  irq_exit_rcu+0x9/0x30
[  244.010575][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  244.010584][    C0]  </IRQ>
[  244.010586][    C0]  <TASK>
[  244.010589][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  244.010596][    C0] RIP: 0010:console_flush_all+0x80e/0xc40
[  244.010605][    C0] Code: 07 e8 66 4a 1f 00 eb 06 e8 5f 4a 1f 00 fb 48 8b 44 24 28 42 80 3c 20 00 74 08 48 89 df e8 ea 6d 83 00 48 8b 1b 48 8b 44 24 38 <42> 0f b6 04 20 84 c0 0f 85 d0 01 00 00 48 8b 44 24 10 80 38 01 0f
[  244.010611][    C0] RSP: 0018:ffffc9000454eb80 EFLAGS: 00000246
[  244.010617][    C0] RAX: 1ffff920008a9da4 RBX: 00000000000009ea RCX: ffff888106c15640
[  244.010622][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  244.010625][    C0] RBP: ffffc9000454ecd0 R08: ffffffff8fa3c237 R09: 1ffffffff1f47846
[  244.010630][    C0] R10: dffffc0000000000 R11: fffffbfff1f47847 R12: dffffc0000000000
[  244.010635][    C0] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b5b20
[  244.010651][    C0]  ? console_flush_all+0x13a/0xc40
[  244.010661][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  244.010672][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  244.010682][    C0]  console_unlock+0xc4/0x270
[  244.010690][    C0]  ? __pfx_console_unlock+0x10/0x10
[  244.010698][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  244.010707][    C0]  vprintk_emit+0x5b7/0x7a0
[  244.010715][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  244.010721][    C0]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  244.010730][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  244.010743][    C0]  _printk+0xcf/0x120
[  244.010752][    C0]  ? __pfx____ratelimit+0x10/0x10
[  244.010761][    C0]  ? __pfx__printk+0x10/0x10
[  244.010769][    C0]  ? perf_swevent_event+0x33e/0x5e0
[  244.010782][    C0]  __nla_validate_parse+0x2563/0x2d40
[  244.010795][    C0]  ? perf_trace_run_bpf_submit+0xee/0x170
[  244.010807][    C0]  ? irqentry_enter+0x3d/0x60
[  244.010815][    C0]  ? __pfx___nla_validate_parse+0x10/0x10
[  244.010827][    C0]  ? irqentry_exit+0x74/0x90
[  244.010835][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.010847][    C0]  __nla_parse+0x40/0x60
[  244.010857][    C0]  rtnl_dump_ifinfo+0x2ed/0x1060
[  244.010870][    C0]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  244.010878][    C0]  ? perf_trace_preemptirq_template+0x280/0x340
[  244.010888][    C0]  ? irqentry_enter+0x3d/0x60
[  244.010897][    C0]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  244.010925][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  244.010936][    C0]  ? irqentry_exit+0x74/0x90
[  244.010953][    C0]  ? __pfx_rtnl_dumpit+0x10/0x10
[  244.010963][    C0]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  244.010975][    C0]  rtnl_dumpit+0xa2/0x200
[  244.010986][    C0]  netlink_dump+0x6e4/0xe90
[  244.010993][    C0]  ? irqentry_enter+0x3d/0x60
[  244.011005][    C0]  ? __pfx_netlink_dump+0x10/0x10
[  244.011020][    C0]  netlink_recvmsg+0x676/0xa30
[  244.011032][    C0]  ? __pfx_netlink_recvmsg+0x10/0x10
[  244.011041][    C0]  ? aa_sock_msg_perm+0xf1/0x1d0
[  244.011051][    C0]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  244.011059][    C0]  ? security_socket_recvmsg+0x7e/0x2e0
[  244.011069][    C0]  ? __pfx_netlink_recvmsg+0x10/0x10
[  244.011077][    C0]  sock_recvmsg+0x22c/0x270
[  244.011086][    C0]  ____sys_recvmsg+0x1c9/0x460
[  244.011099][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  244.011113][    C0]  ? import_iovec+0x74/0xa0
[  244.011120][    C0]  ___sys_recvmsg+0x1b5/0x510
[  244.011131][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[  244.011140][    C0]  ? rcu_read_unlock_special+0x3a2/0x4b0
[  244.011155][    C0]  ? __rcu_read_unlock+0x84/0xe0
[  244.011164][    C0]  ? __fget_files+0x3a0/0x420
[  244.011175][    C0]  __x64_sys_recvmsg+0x198/0x260
[  244.011185][    C0]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  244.011202][    C0]  do_syscall_64+0xfa/0x3b0
[  244.011212][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.011218][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  244.011226][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.011232][    C0] RIP: 0033:0x7f27d198ec29
[  244.011240][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.011245][    C0] RSP: 002b:00007f27d28a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  244.011253][    C0] RAX: ffffffffffffffda RBX: 00007f27d1bd6090 RCX: 00007f27d198ec29
[  244.011258][    C0] RDX: 0000000000000000 RSI: 0000200000000900 RDI: 000000000000000c
[  244.011262][    C0] RBP: 00007f27d1a11e41 R08: 0000000000000000 R09: 0000000000000000
[  244.011266][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  244.011270][    C0] R13: 00007f27d1bd6128 R14: 00007f27d1bd6090 R15: 00007ffee56358c8
[  244.011279][    C0]  </TASK>
[  244.033461][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  244.033479][   T34] CPU: 1 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  244.033494][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  244.033503][   T34] Call Trace:
[  244.033510][   T34]  <TASK>
[  244.033517][   T34]  dump_stack_lvl+0x99/0x250
[  244.033538][   T34]  ? __asan_memcpy+0x40/0x70
[  244.033557][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  244.033572][   T34]  ? __pfx__printk+0x10/0x10
[  244.033602][   T34]  vpanic+0x281/0x750
[  244.033620][   T34]  ? __pfx_vpanic+0x10/0x10
[  244.033634][   T34]  ? preempt_schedule+0xae/0xc0
[  244.033652][   T34]  ? preempt_schedule_common+0x83/0xd0
[  244.033674][   T34]  panic+0xb9/0xc0
[  244.033698][   T34]  ? __pfx_panic+0x10/0x10
[  244.033715][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  244.033733][   T34]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  244.033750][   T34]  watchdog+0xfd2/0xfe0
[  244.033774][   T34]  ? watchdog+0x1de/0xfe0
[  244.033798][   T34]  kthread+0x711/0x8a0
[  244.033817][   T34]  ? __pfx_watchdog+0x10/0x10
[  244.033834][   T34]  ? __pfx_kthread+0x10/0x10
[  244.033851][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  244.033867][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  244.033882][   T34]  ? __pfx_kthread+0x10/0x10
[  244.033899][   T34]  ret_from_fork+0x439/0x7d0
[  244.033915][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  244.033935][   T34]  ? __switch_to_asm+0x39/0x70
[  244.033949][   T34]  ? __switch_to_asm+0x33/0x70
[  244.033964][   T34]  ? __pfx_kthread+0x10/0x10
[  244.033981][   T34]  ret_from_fork_asm+0x1a/0x30
[  244.034008][   T34]  </TASK>
[  244.034675][   T34] Kernel Offset: disabled

VM DIAGNOSIS:
09:22:21  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff816825f6 RBX=0000000000000000 RCX=ffff888106c15640 RDX=0000000000010100
RSI=0000000000000008 RDI=ffffffff92a633c0 RBP=ffffc90000006a78 RSP=ffffc900000069e0
R8 =ffffffff92a633c7 R9 =1ffffffff254c678 R10=dffffc0000000000 R11=fffffbfff254c679
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff816825f7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f27d28a76c0 ffffffff 00c00000
GS =0000 ffff8880b860f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f27d27056c0 CR3=0000000027492000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f27d1ba7498 00007f27d1ba7470 XMM03=00007f27d1ba74a8 00007f27d1ba74a0
XMM04=00007f27d270d100 00007f27d1ba7460 XMM05=00007f27d1ba7478 00007f27d1ba74c0
XMM06=00007f27d1ba74b8 00007f27d1ba74b0 XMM07=00007f27d1ba74a8 00007f27d1ba74a0
XMM08=0000000000000000 00007f27d1a12f0f XMM09=0000000000000000 00007f27d1a12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff33bf660 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=0000000000000000 RDI=0000000000000020 RBP=ffffffff99dfb6b0 RSP=ffffc9000068f6d0
R8 =ffff888020428237 R9 =1ffff11004085046 R10=dffffc0000000000 R11=ffffffff855048b0
R12=dffffc0000000000 R13=0000000000000000 R14=ffffffff99dfb420 R15=0000000000000000
RIP=ffffffff85504927 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c0f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005644d6c4cce0 CR3=000000001af2e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 000000000000ff00 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
