last executing test programs:

16.492911016s ago: executing program 2 (id=171):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_bp={0x0, 0x8}, 0x390, 0x0, 0x0, 0x7, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000240))
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)='cpuset.mem_hardwall\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))

16.322093519s ago: executing program 2 (id=176):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x2, 0x922000000001, 0x106)
socket$kcm(0xa, 0x2, 0x88)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000240)='ns/user\x00')
socket$kcm(0x10, 0x400000002, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x6, 0x0, 0x0, 0x0, 0x0, 0x5d2e, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x100e64, 0xc78, 0x200000, 0x0, 0xd9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x5, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xfbffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x69}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000005c0)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socket$kcm(0x2a, 0x2, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@rights={{0x10}}, @rights={{0x10}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe0}, 0x14140)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080))

16.183228564s ago: executing program 1 (id=179):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @remote}, 0x10, &(0x7f00000000c0)=[{0x0, 0x4f}], 0x1, &(0x7f0000000180)=[@ip_pktinfo={{0x2f, 0x0, 0x7, {0x0, @dev, @loopback}}}], 0x30}, 0x0)

16.123177697s ago: executing program 1 (id=182):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000140)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000002c0)="140000001d000b63d25a80648c2594", 0xf}, {&(0x7f0000000580)="3f192725e7", 0x5}], 0x2}, 0x0)

16.122943703s ago: executing program 1 (id=183):
r0 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=0x1], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8916, &(0x7f0000000000)={<r1=>r0})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001140)={0x5, 0x3c, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x22020)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{}], 0x1}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="1b0000004b9e6a2300ac1c8913944e56000000000a000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r3, 0x3, 0x25, 0x4, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x48, 0x0, 0x0}, 0x40)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfe33)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000000008, 0x830d}, 0x2000, 0x8, 0xfffffffe, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x2, {0x2, 0x0, @empty}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x0)
r4 = socket$kcm(0xa, 0x5, 0x0)
close(r1)
socket$kcm(0x29, 0x0, 0x0)
sendmsg$sock(r4, &(0x7f0000001380)={&(0x7f00000001c0)=@l2tp={0x2, 0x0, @empty}, 0x80, &(0x7f0000001340)=[{0x0}], 0x1}, 0x4010)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000002280)=ANY=[@ANYBLOB="18020000e2ffffff00000000000000c685000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093add57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf72ee7944e810d0223917c3d042410f57466f59544047d6d8ac44060000000000ee16c729300d2301800000000000002b5a8b05fcc154ad5290a8cdb97c343f454ff69dd6cbde49b28a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b5592bf17956f3547497aba814382ff67b345b677a9d6523d87008000000400000000003fe8613ca29ff92be0d8deffff7b68136b0046d535dd39c0f35408869e9b342b953f91447e6b9eab304f134306320600a44095254b45a6c1312a13696c7202df5f764713504facc532c5a6d44d99ec7530ed7b0311000000000000e54e9072a22d911f4a2c2e2fa806e63c5cd98a8569a6d6bcfb000064885117e2ad910eae67e0ebe380d0f648713e68153579e02d71c58d147b00821ab9a6475b31e1ebf1369a04000000fbf3983f283f2f00000000992774814d63c933912d000006000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d02000000000000000edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b5062809a7418b165dd0336d226bac1e1223be1c97b15175d0e664beb126000e96549e1a1228c686edb475b705eaa9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412131ed9925989e01eae489ec7052e0ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000423346da092cbe220de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f03000000000000005dcf4f2aaee86d4802000000000000007cdb686d5da2a42e4b5024b6535811f362201d4f82012e6af704973d04ea923c19e6cb723c1923b3eea2d73e176dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2bd4e96c93bff3ad04a82ff3cfadcf65eb92adc6c68d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a9a362ee9cc624ec454b90200fd9603f96908bddc14500000000000000000000000000044d917c62b27679913075731e8fddb07c10c82002d60181588ae63a440454287de9e340f611267f37bdd0f2d21cb06fcaf45a0a297e396f428d43371424b307eef82c5d6d19f3ef0d3b8f7fa51957e3099caab31133b34a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e248deb8c83ab6eb2c72c484241dc3b66da78260f800fffd39368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f5078191c8a02ad436725771738a2a98891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423c1cbc8b5d19167152823ed853140edda002c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd77125d98120358900000892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f21ca450139c558000000000000000000000800000000000000000075aa0000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf00334fa94da8477be7d99b558ec6a5b1596ac1e7617c6b32eed0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde330a193a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbd11b015c415ca04192fbfb1a8b0e3460af35771dbac10062835c9bab3ad09f7a022c52d8000000000000000000004000000000000000000000000000000000000000000400000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de4295777a17bf4dfdfee5de0f3e4dadf51ab9562827b762fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c8182d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c877a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5f3c20dbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966950000000000000000c187da23d6855500fe8510b51e13a890e394b84a6ea2cc8d42b97c697c29122298d55e2e1cca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3872342dea9252132860c9af1bd5fe263c0313dea5d6e0c11a466d6892ed65f34667dd79b07b5cbdd8aa7dd561a26b5562d4861a7e1b0f48930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a107763138e8d9876291af2076890c47925ac773d95d2ca42acb3e5f3a1550665b898462c139ffd0106bc8a61b6117d252efcab7106b4c3a3c13a70ff452e9d2096142c517b0e91b5cf88332faca5b3ee96363065c3ce32d3d39ec36e20d597e05664f2526bd918090649da11f7299789d00f502cdf1e99d3efecb9b457642fe810370ba4fbe00fa60a28af966a27a1659e448bbe43a1dcd2ea760018b57a36ac41ef2051a7b703d55c0602540663016e20d50385766df4dac47802a55bd38dd767ee9960c6daa704fc5d01a14591f26b7b538c9bb22f6a2f7a34d1b9edfd125a9e25a110228c64253588ff420644dbc0854e69a7bdda72f93ceaccf92cfe7dd6296c950db10f6dd8a5ef9b73cf6a12a1ba16fdc7e35b805f4fd2fcff0a623722149c1465e4de2d53f0f10b14c21865027abc71a12cb1e9f8029c7a20000000eeb0d53a83e518c8d2052c08b515d9d0bde24ac4e798040c7db0bb03c019507d6377f3d5dd94a27abc6d6b120d61f772407e0d2cb50d29168b68aef9f176b4c3aa8b21279d4ea9c1f669aa8c2c17d5b3a8d1dda58d26f1019af04b7774c85d5bce8be010f27c5211938031c3404680b01279c778bd1fe1b48c4b5b8e0fe756e54a8d76b7cec5e3407d93b4eadc446440607de844acf5524a4657e33af2115547b735b57b5092d0bc8fa6acb832509abe0882d570ce400aaebd7baff88526608d6991aac95751671174129457e4a03aca69d82b64b89e6ad6ed1e275ec5002e48170e4c7b4f3971481098dedb88fba90770e44bf404d5a97fefe2fe8e459fe45933b78c7ab5fe985a480193a20fb07da1455fb283df68af569ac82aa6dc703e29bf158931fb79f2abfa6ff7eb8c4f381c9da58bea460e2ead969933e5391970ca4fddd64da2e5df9c4d82044068caaaab771b37bb06bbe673056d849825525f1120b2250f6b8520381f7a74b1c687781cb6b23e67b918844b83dbaeeb559ec8520d710dd6d6b4e64838bd434a36ed03fc0c488b24571032ffbc9f8ce97041e1bc4729d539358dc9599c1266b9ce2cb6dd0ad57a6e9d3d4a11a27f70b2934c96237e2ba09c58eeda678d4d08b6da99b7a86e946215afb1b48792fde54492e306cb5342e2589874b603a1de972b1f09cc350096f5c3e814118af9ba0793cfdf20c77b34eacfdf63ce59ec4d2f867bf884e941559b068d908325667672b5e1cf71f4829c0493e8b141399ed926b822becead7a0a2b4a4c008ab16b616d60f347e4da54f06443507efe57ea62399ef4eb11b2f559e1b056456a53998bf1c6d13c92e75136147f91ae3a75ca15eb1b51bf700b3c0bf54bc3745ff313c5e75dc66386897f6ee45429371b8d0878c442ad2fe9baf85c1390da13efc353ccbef950c29f39ddf436f0d9bf1be1515ed251d8b6f11ecb16b1e8d1ed04196e9b6c2f9e068b7749bb6c1f533e493f22c901662c65cb761dc2eeff2f698bd4dbae83e2dfdc4f1c7f918a00515c1bc189d10ec22b35c92725cbf0ba244fd029c4f026f68e000000060000ab0476c3fd7f7c1e5c000000000000000000000011e43e39d3f4394fbfa13c416b1c443c5e52eea726491ad75100ebad7c6d5a665c59a3fb158e43da904f19e7e8daa4e90390b8da945f6cd78536c0d2be07221f85ad46b180f256d4d84592691d15d65896b66b63a46705338b67b72dc1c3075fcdc5cbffb0366151632ba5be8ae815dfea9fadfd31c473a24a73d3e5116c3023b3563c72d26fbd59877132bde5ca4ef8d92fd3613c768b35223f6fd0b5e9a8b98cccf1e2b4612e620e3a159d6365c9045aaa826aa0ee6d26cf0397ce674c20824584b464ebdc2f3ea26a7aec4570b242a6677a4e9187f8591c3a9bdc0000001a002364bbd93964a8d0bdc802b9be2500"/3636], &(0x7f0000000040)='GPL\x00', 0x4, 0xfdc0, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
setsockopt$sock_attach_bpf(r4, 0x29, 0x22, &(0x7f0000000100)=r5, 0x120)

16.053227475s ago: executing program 2 (id=184):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000b, 0x1509, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x76, 0x1ef7}, 0x172e4, 0x4, 0x0, 0x0, 0x2, 0xfffff271, 0x0, 0x0, 0x0, 0x0, 0x24}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r0, 0x107, 0x2, &(0x7f00000000c0), 0x10)
socket$kcm(0x10, 0x2, 0x4)
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0xb}, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000180)="715c00a73edb249051b347ff1ebaa4cc1734b96c25e692b5376f6c6066a5efbffd0bd8b84a24dffdbe9621be11609ff2e56a8f47d9", 0x0}, 0x20)
r1 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r1, &(0x7f0000001600)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @multicast1}}}], 0x20}, 0x8000)
sendmsg$inet(r1, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000580)="914781cba1", 0xffe3}], 0x2}, 0x48800)

16.053050605s ago: executing program 0 (id=185):
r0 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x1a, &(0x7f0000000140), 0x4)
sendmsg$kcm(r0, &(0x7f00000003c0)={&(0x7f0000000040)=@l2tp={0x2, 0x0, @remote, 0x2}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000780)="f1", 0x1}], 0x1}, 0x0)

15.992817877s ago: executing program 0 (id=186):
r0 = socket$kcm(0x11, 0x200000000000003, 0x300)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f00000003c0), 0x4)
recvmsg$kcm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f00000011c0)=""/4096, 0x1000}, {0x0}], 0x2}, 0x0)

15.992670436s ago: executing program 1 (id=187):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a00)=@bpf_lsm={0x6, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x20000000}, [@ldst={0x3, 0x0, 0x6, 0x0, 0x0, 0x18}]}, &(0x7f00000003c0)='syzkaller\x00', 0x9, 0xd2, &(0x7f00000002c0)=""/210}, 0x94)

15.922931567s ago: executing program 1 (id=188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x9, 0x42, 0x40, 0x42}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r0, &(0x7f0000000100), 0x0}, 0x20)

15.922816375s ago: executing program 0 (id=189):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x2, 0x0, 0x8, 0x0, 0x0, 0x802}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000015006b03004e21000af32c6e020675f800250002400100000017d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d4938037e786a6d0bdd70000b6c0504bb9189d9193e9bd1c1b78", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

15.92272735s ago: executing program 1 (id=190):
socket$kcm(0xa, 0x922000000003, 0x11)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xef, 0x10, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x1510, 0x4, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x25200000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)

15.922650722s ago: executing program 2 (id=191):
r0 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)="0209000202000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)

15.862559188s ago: executing program 2 (id=192):
r0 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x29, 0x3b, 0x0, 0x0)

15.862328039s ago: executing program 2 (id=193):
r0 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x408, 0xca, 0x0, 0x2, 0xfffffffffffffffc}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
close(r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9d, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x2, 0x1, 0xffffffff, 0x3}, {0xfffffffe, 0x3, 0x8}, {0x2, 0x3, 0x10004, 0x8}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000", @ANYRES32, @ANYBLOB], 0x230}, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, r0, 0x0)
recvmsg$unix(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000c8"], 0x0}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000}, 0x94)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x2, 0x0, 0x8, 0x0, 0x0, 0x802}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x408c4)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
write$cgroup_subtree(r4, &(0x7f0000000200)=ANY=[@ANYRES8=r2, @ANYRES8=r5], 0x12)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)

15.862239513s ago: executing program 0 (id=194):
r0 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f00000005c0)={&(0x7f0000000280)={0x2, 0x8, @remote}, 0x10, 0x0}, 0x900000020008831)

15.730933464s ago: executing program 0 (id=195):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x32, &(0x7f0000000040)=[{&(0x7f00000005c0)="3504000041000511d25a35400c0002000200002037153e370c04018006041000450000002a560000e7ff00400000", 0x2e}, {&(0x7f0000000600)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb1b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a7063b69c51b801500a5beee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c86a9710cc6415a6d3cc4556efd6a6d0f8d57f2267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf0a2c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc1161c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319120000853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f32a671fe6e291fb2eaa59b9636cb6a74d0deb46a18c77f37abf0894a7083e0e4d237ff7c24872668ac40e307569a975b2765af8d3268d11b473d5d7544edd1ed0e507c319e128daf7e75c349c9b3de603580d52a6c118acf924216130364bfab8d59969e4dbee0a9208adb7bfa855556be06a666334a0612e4ff3fc6f4ddb9a0c209301081f34824496480d688ae9bd0c3c28ea8ecfe01a2b86dcb3750686a89891d9abf0d584ca74b4bc6096293fbc8707312f424996361f39261ef3ba7cd2ddffb0e3c81e6b962d680e02f7a672dc2643cc24ad64d86fb4780827ca784a8af3376c2567bfde74dc50e16c81b71450af026459e2c37d94b8461b56ff944edc1a8cd93d0258fcc2f094615c152be66884103af11ff463100"/1013, 0x401}, {&(0x7f0000000a40)="47f72fedcd1d", 0x6}], 0x3}, 0x10049014)

15.652049973s ago: executing program 0 (id=196):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'dvmrp0\x00', 0x2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x45}]})

628.265483ms ago: executing program 32 (id=196):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'dvmrp0\x00', 0x2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x45}]})

205.184024ms ago: executing program 33 (id=190):
socket$kcm(0xa, 0x922000000003, 0x11)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xef, 0x10, 0x0, 0x0, 0x0, 0x5, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x1510, 0x4, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x401}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x25200000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)

0s ago: executing program 34 (id=193):
r0 = perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x408, 0xca, 0x0, 0x2, 0xfffffffffffffffc}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
close(r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9d, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x2, 0x1, 0xffffffff, 0x3}, {0xfffffffe, 0x3, 0x8}, {0x2, 0x3, 0x10004, 0x8}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000", @ANYRES32, @ANYBLOB], 0x230}, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, r0, 0x0)
recvmsg$unix(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB="85000000c8"], 0x0}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000}, 0x94)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x2, 0x0, 0x8, 0x0, 0x0, 0x802}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x408c4)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
write$cgroup_subtree(r4, &(0x7f0000000200)=ANY=[@ANYRES8=r2, @ANYRES8=r5], 0x12)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:17411' (ED25519) to the list of known hosts.
syzkaller login: [   41.256790][ T5791] cgroup: Unknown subsys name 'net'
[   41.406129][ T5791] cgroup: Unknown subsys name 'cpuset'
[   41.410889][ T5791] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   42.714164][ T5791] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   45.986977][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   45.990038][ T5223] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   45.992732][ T5223] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   45.995235][ T5223] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   45.997947][ T5223] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   46.000530][ T5223] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.002847][ T5223] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.016137][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.019034][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   46.030911][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   46.033820][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   46.036647][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   46.043684][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   46.049021][ T5834] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.052606][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.167348][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   46.280010][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.282690][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.285578][ T5833] bridge_slave_0: entered allmulticast mode
[   46.288290][ T5833] bridge_slave_0: entered promiscuous mode
[   46.305251][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.307603][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.309786][ T5833] bridge_slave_1: entered allmulticast mode
[   46.312411][ T5833] bridge_slave_1: entered promiscuous mode
[   46.322026][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   46.340193][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.354199][ T5830] chnl_net:caif_netlink_parms(): no params data found
[   46.366938][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.407711][ T5833] team0: Port device team_slave_0 added
[   46.417503][ T5833] team0: Port device team_slave_1 added
[   46.436356][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.438662][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.441004][ T5837] bridge_slave_0: entered allmulticast mode
[   46.443934][ T5837] bridge_slave_0: entered promiscuous mode
[   46.456688][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.458920][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.461104][ T5837] bridge_slave_1: entered allmulticast mode
[   46.463813][ T5837] bridge_slave_1: entered promiscuous mode
[   46.469444][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.471626][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.479855][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.504503][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.506632][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.515172][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.526956][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.529237][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.531454][ T5830] bridge_slave_0: entered allmulticast mode
[   46.534630][ T5830] bridge_slave_0: entered promiscuous mode
[   46.537926][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.540207][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.542401][ T5830] bridge_slave_1: entered allmulticast mode
[   46.546101][ T5830] bridge_slave_1: entered promiscuous mode
[   46.552828][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.557823][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.602801][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.608893][ T5837] team0: Port device team_slave_0 added
[   46.614289][ T5833] hsr_slave_0: entered promiscuous mode
[   46.616599][ T5833] hsr_slave_1: entered promiscuous mode
[   46.628147][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.637242][ T5837] team0: Port device team_slave_1 added
[   46.671438][ T5830] team0: Port device team_slave_0 added
[   46.675046][ T5830] team0: Port device team_slave_1 added
[   46.700119][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.702242][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.711141][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.715408][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.717533][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.725733][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.732375][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.735370][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.745605][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.749669][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.751766][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.759593][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.799225][ T5837] hsr_slave_0: entered promiscuous mode
[   46.801436][ T5837] hsr_slave_1: entered promiscuous mode
[   46.804093][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.806517][ T5837] Cannot create hsr debugfs directory
[   46.825544][ T5830] hsr_slave_0: entered promiscuous mode
[   46.827752][ T5830] hsr_slave_1: entered promiscuous mode
[   46.829896][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   46.832297][ T5830] Cannot create hsr debugfs directory
[   46.971919][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   46.978420][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   46.989541][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   46.995847][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.036089][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.040741][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.045068][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.056201][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.085021][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.087426][ T5833] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.090218][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.092524][ T5833] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.098238][ T5830] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.105068][ T5830] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.109981][ T5830] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.116727][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.118981][ T5837] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.121381][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.123658][ T5837] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.128847][ T5830] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.170091][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.172441][ T5830] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.174917][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.177194][ T5830] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.190954][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.207853][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.211229][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.217696][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.220291][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.223900][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.226502][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.241872][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.249508][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   47.258436][ T3645] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.260660][ T3645] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.267638][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   47.278453][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.281084][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.287180][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.289676][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.301587][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.304034][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.334647][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.359581][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[   47.383898][ T3615] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.386248][ T3615] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.389946][ T3615] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.392282][ T3615] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.457335][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.498422][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.535559][ T5833] veth0_vlan: entered promiscuous mode
[   47.544883][ T5833] veth1_vlan: entered promiscuous mode
[   47.555758][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.559602][ T5837] veth0_vlan: entered promiscuous mode
[   47.577437][ T5837] veth1_vlan: entered promiscuous mode
[   47.595775][ T5833] veth0_macvtap: entered promiscuous mode
[   47.598304][ T5830] veth0_vlan: entered promiscuous mode
[   47.611093][ T5830] veth1_vlan: entered promiscuous mode
[   47.616967][ T5837] veth0_macvtap: entered promiscuous mode
[   47.620275][ T5833] veth1_macvtap: entered promiscuous mode
[   47.627095][ T5837] veth1_macvtap: entered promiscuous mode
[   47.640844][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.647751][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.655070][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.659942][ T5833] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.662685][ T5833] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.665914][ T5833] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.668616][ T5833] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.676030][ T5830] veth0_macvtap: entered promiscuous mode
[   47.680609][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.686394][ T5837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.689160][ T5837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.691887][ T5837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.695506][ T5837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.709232][ T5830] veth1_macvtap: entered promiscuous mode
[   47.749561][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.759667][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.773274][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.776548][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.777120][ T5830] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.781784][ T5830] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.786706][ T5830] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.789519][ T5830] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.824364][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.825284][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.827362][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.837618][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.853386][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.855857][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.887274][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   47.896031][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.901199][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.928221][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.930675][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.954714][ T5894] sctp: [Deprecated]: syz.2.3 (pid 5894) Use of struct sctp_assoc_value in delayed_ack socket option.
[   47.954714][ T5894] Use struct sctp_sack_info instead
[   48.075150][ T5908] netlink: 16255 bytes leftover after parsing attributes in process `syz.1.9'.
[   48.085436][   T54] Bluetooth: hci0: command tx timeout
[   48.085442][ T5834] Bluetooth: hci1: command tx timeout
[   48.093629][   T54] Bluetooth: hci2: command tx timeout
[   48.253083][ T5920] Illegal XDP return value 38 on prog  (id 7) dev N/A, expect packet loss!
[   48.353870][ T5927] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   49.708737][ T5973] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   49.711075][ T5973] batman_adv: batadv0: Removing interface: batadv_slave_0
[   49.722361][ T5973] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   49.725841][ T5973] batman_adv: batadv0: Removing interface: batadv_slave_1
[   50.049694][ T5989] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.44'.
[   50.162991][   T54] Bluetooth: hci1: command tx timeout
[   50.173140][   T54] Bluetooth: hci2: command tx timeout
[   50.173246][ T5834] Bluetooth: hci0: command tx timeout
[   50.317096][ T5999] netlink: 188 bytes leftover after parsing attributes in process `syz.2.49'.
[   51.468640][    C1] hrtimer: interrupt took 15517 ns
[   51.953732][ T6046] netlink: 'syz.2.71': attribute type 21 has an invalid length.
[   52.012274][ T6044] netlink: 'syz.1.70': attribute type 9 has an invalid length.
[   52.015430][ T6044] netlink: 61951 bytes leftover after parsing attributes in process `syz.1.70'.
[   52.243437][ T5834] Bluetooth: hci0: command tx timeout
[   52.259571][ T5834] Bluetooth: hci2: command tx timeout
[   52.259618][   T54] Bluetooth: hci1: command tx timeout
[   52.300066][ T6072] netlink: 'syz.2.83': attribute type 11 has an invalid length.
[   52.302590][ T6072] netlink: 149476 bytes leftover after parsing attributes in process `syz.2.83'.
[   52.368676][ T6072] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   53.276364][ T6103] sit0: entered allmulticast mode
[   53.281309][ T6103] sit0: entered promiscuous mode
[   53.413831][ T6114] netlink: 205628 bytes leftover after parsing attributes in process `syz.0.97'.
[   53.417195][ T6114] netlink: zone id is out of range
[   53.419011][ T6114] netlink: zone id is out of range
[   53.420754][ T6114] netlink: get zone limit has 8 unknown bytes
[   53.916936][ T6146] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.116'.
[   54.241852][ T6158] netlink: 14546 bytes leftover after parsing attributes in process `syz.2.122'.
[   54.323094][   T54] Bluetooth: hci2: command tx timeout
[   54.325023][   T54] Bluetooth: hci0: command tx timeout
[   54.333001][ T5834] Bluetooth: hci1: command tx timeout
[   54.452159][ T6174] syz.1.129 uses obsolete (PF_INET,SOCK_PACKET)
[   54.456486][ T6174] netlink: 'syz.1.129': attribute type 10 has an invalid length.
[   54.486040][ T6174] team0: Device ipvlan1 failed to register rx_handler
[   54.564564][ T6186] Zero length message leads to an empty skb
[   54.652011][ T6191] netlink: 'syz.2.137': attribute type 4 has an invalid length.
[   54.654551][ T6191] netlink: 140 bytes leftover after parsing attributes in process `syz.2.137'.
[   54.668113][ T6174] syz.1.129 (6174) used greatest stack depth: 19800 bytes left
[   56.250036][ T6235] nr0: tun_chr_ioctl cmd 1074025677
[   56.251970][ T6235] nr0: linktype set to 825
[   56.268513][ T6238] warning: `syz.2.156' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   57.425261][ T5834] Bluetooth: hci2: unexpected event 0x06 length: 15 > 3
[   57.525083][ T6320] netlink: 17 bytes leftover after parsing attributes in process `syz.0.195'.
[   57.530270][ T6320] netlink: zone id is out of range
[   57.532021][ T6320] netlink: zone id is out of range
[   57.537511][ T6320] netlink: zone id is out of range
[   57.539187][ T6320] netlink: zone id is out of range
[   57.540917][ T6320] netlink: zone id is out of range
[   57.542673][ T6320] netlink: zone id is out of range
[   57.544784][ T6320] netlink: zone id is out of range
[   63.524998][ T5834] Bluetooth: hci2: command 0x0406 tx timeout
[   72.986545][ T5223] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   72.989639][ T5223] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   72.992484][ T5223] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   72.997680][ T5223] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   73.001046][ T5223] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   73.821277][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   73.825066][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   73.828439][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   73.831197][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   73.835171][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   73.837869][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   73.842152][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   73.845239][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   73.848677][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   73.851323][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  117.592924][    C0] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 60129846963 wd_nsec: 60129848284
[  133.381772][ T6336] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  133.387594][ T6336] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  133.390662][ T6336] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  133.398567][ T6336] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  133.401638][ T6336] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  134.697613][ T6350] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  134.700651][ T6350] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  134.704892][ T6350] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  134.707843][ T6350] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  134.711359][ T6350] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  134.716163][ T6350] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  134.721860][ T6350] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  134.732741][ T6350] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  134.803893][ T6337] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  134.808603][ T6337] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  227.172889][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  227.175006][    C0] rcu: 	0-....: (1 GPs behind) idle=ccfc/1/0x4000000000000000 softirq=14480/14488 fqs=2706
[  227.179286][    C0] rcu: 	         hardirqs   softirqs   csw/system
[  227.181302][    C0] rcu: 	 number:   985279          0            0
[  227.183276][    C0] rcu: 	cputime:    26123      26356           89   ==> 52490(ms)
[  227.185663][    C0] rcu: 	(t=10501 jiffies g=6781 q=2403 ncpus=2)
[  227.187619][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 5086 jiffies! g6781 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  227.191277][    C0] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=12007
[  227.193677][    C0] rcu: rcu_preempt kthread starved for 5088 jiffies! g6781 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[  227.197056][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  227.200136][    C0] rcu: RCU grace-period kthread stack dump:
[  227.201965][    C0] task:rcu_preempt     state:I stack:27320 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  227.205588][    C0] Call Trace:
[  227.206627][    C0]  <TASK>
[  227.207561][    C0]  __schedule+0x16f5/0x4d00
[  227.209001][    C0]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  227.210839][    C0]  ? schedule+0x165/0x360
[  227.212176][    C0]  ? __pfx___schedule+0x10/0x10
[  227.213712][    C0]  ? schedule+0x91/0x360
[  227.215039][    C0]  ? schedule+0x91/0x360
[  227.216376][    C0]  schedule+0x165/0x360
[  227.217669][    C0]  schedule_timeout+0x12b/0x270
[  227.219184][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  227.220883][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  227.222746][    C0]  ? __pfx_process_timeout+0x10/0x10
[  227.224384][    C0]  ? prepare_to_swait_event+0x341/0x380
[  227.226124][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  227.227716][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[  227.229659][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  227.231284][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  227.232916][    C0]  ? finish_swait+0xcd/0x1f0
[  227.234394][    C0]  rcu_gp_kthread+0x99/0x390
[  227.235885][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  227.237505][    C0]  ? __kthread_parkme+0x7b/0x200
[  227.239025][    C0]  ? __kthread_parkme+0x1a1/0x200
[  227.240647][    C0]  kthread+0x711/0x8a0
[  227.241937][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  227.243540][    C0]  ? __pfx_kthread+0x10/0x10
[  227.244987][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  227.246610][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.248220][    C0]  ? __pfx_kthread+0x10/0x10
[  227.249642][    C0]  ret_from_fork+0x3fc/0x770
[  227.251081][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  227.252649][    C0]  ? __switch_to_asm+0x39/0x70
[  227.254154][    C0]  ? __switch_to_asm+0x33/0x70
[  227.255651][    C0]  ? __pfx_kthread+0x10/0x10
[  227.257120][    C0]  ret_from_fork_asm+0x1a/0x30
[  227.258674][    C0]  </TASK>
[  227.259643][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  227.261568][    C0] Sending NMI from CPU 0 to CPUs 1:
[  227.263235][    C1] NMI backtrace for cpu 1
[  227.263245][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  227.263254][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  227.263258][    C1] RIP: 0010:queued_write_lock_slowpath+0x125/0x260
[  227.263271][    C1] Code: 00 01 00 00 43 0f b6 04 27 84 c0 74 35 89 d9 80 e1 07 80 c1 03 38 c1 7c 29 48 89 df e8 64 fc b1 f6 eb 1f f3 90 43 0f b6 04 27 <84> c0 74 14 89 d9 80 e1 07 80 c1 03 38 c1 7c 08 48 89 df e8 43 fc
[  227.263276][    C1] RSP: 0018:ffffc900001e0260 EFLAGS: 00000206
[  227.263283][    C1] RAX: 0000000000000000 RBX: ffff88801af32040 RCX: ffffffff8b714f78
[  227.263288][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff88801af32040
[  227.263292][    C1] RBP: ffffc900001e0310 R08: ffff88801af32043 R09: 1ffff110035e6408
[  227.263296][    C1] R10: dffffc0000000000 R11: ffffed10035e6409 R12: dffffc0000000000
[  227.263300][    C1] R13: 1ffff9200003c050 R14: ffffc900001e02b0 R15: 1ffff110035e6408
[  227.263305][    C1] FS:  0000000000000000(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  227.263310][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  227.263314][    C1] CR2: 00007fc45467cf53 CR3: 000000000df38000 CR4: 00000000000006f0
[  227.263339][    C1] Call Trace:
[  227.263344][    C1]  <IRQ>
[  227.263353][    C1]  ? __pfx_queued_write_lock_slowpath+0x10/0x10
[  227.263376][    C1]  do_raw_write_lock+0x1f2/0x260
[  227.263390][    C1]  ? __pfx_do_raw_write_lock+0x10/0x10
[  227.263398][    C1]  ? trace_call_bpf+0xb7/0x850
[  227.263410][    C1]  ? __neigh_event_send+0x3b/0x1560
[  227.263424][    C1]  __neigh_event_send+0x3b/0x1560
[  227.263449][    C1]  neigh_resolve_output+0x198/0x750
[  227.263463][    C1]  ? __pfx_ip_neigh_gw4+0x10/0x10
[  227.263484][    C1]  ip_finish_output2+0xd40/0x1160
[  227.263502][    C1]  ? ip_finish_output2+0x452/0x1160
[  227.263514][    C1]  ? __pfx_ip_finish_output2+0x10/0x10
[  227.263522][    C1]  ? ip_skb_dst_mtu+0x147/0xc50
[  227.263530][    C1]  ? ip_skb_dst_mtu+0x147/0xc50
[  227.263540][    C1]  ? ip_skb_dst_mtu+0x970/0xc50
[  227.263552][    C1]  ? ip_finish_output+0x33a/0x3f0
[  227.263573][    C1]  ip_push_pending_frames+0xbe/0x150
[  227.263586][    C1]  __icmp_send+0xf87/0x12d0
[  227.263600][    C1]  ? __pfx_perf_trace_lock+0x10/0x10
[  227.263616][    C1]  ? __icmp_send+0x1b9/0x12d0
[  227.263633][    C1]  ? __pfx___icmp_send+0x10/0x10
[  227.263654][    C1]  ? perf_trace_buf_alloc+0x131/0x2a0
[  227.263697][    C1]  ipv4_link_failure+0x64e/0xa30
[  227.263717][    C1]  ? __pfx_ipv4_link_failure+0x10/0x10
[  227.263735][    C1]  ? __pfx_ipv4_link_failure+0x10/0x10
[  227.263744][    C1]  arp_error_report+0x118/0x160
[  227.263757][    C1]  neigh_invalidate+0x235/0x460
[  227.263776][    C1]  neigh_timer_handler+0x913/0x1030
[  227.263793][    C1]  call_timer_fn+0x17e/0x5f0
[  227.263801][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  227.263807][    C1]  ? call_timer_fn+0xbe/0x5f0
[  227.263814][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  227.263832][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  227.263840][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.263847][    C1]  ? __pfx_neigh_timer_handler+0x10/0x10
[  227.263857][    C1]  __run_timer_base+0x61a/0x860
[  227.263868][    C1]  ? ktime_get+0x3e/0x1f0
[  227.263890][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  227.263898][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[  227.263925][    C1]  run_timer_softirq+0xb7/0x180
[  227.263936][    C1]  handle_softirqs+0x286/0x870
[  227.263950][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  227.263965][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  227.263978][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  227.263992][    C1]  __irq_exit_rcu+0xca/0x1f0
[  227.264000][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  227.264018][    C1]  irq_exit_rcu+0x9/0x30
[  227.264024][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  227.264033][    C1]  </IRQ>
[  227.264035][    C1]  <TASK>
[  227.264039][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  227.264047][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  227.264054][    C1] Code: d3 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d d3 9d 19 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  227.264088][    C1] RSP: 0018:ffffc90000177de0 EFLAGS: 00000282
[  227.264095][    C1] RAX: ccf01c357ebf6900 RBX: ffffffff81976a48 RCX: ccf01c357ebf6900
[  227.264099][    C1] RDX: 0000000000000001 RSI: ffffffff8d998940 RDI: ffffffff8be29f40
[  227.264103][    C1] RBP: ffffc90000177f20 R08: ffff888136632f9b R09: 1ffff11026cc65f3
[  227.264108][    C1] R10: dffffc0000000000 R11: ffffed1026cc65f4 R12: ffffffff8fa1e9f0
[  227.264112][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110200d7000
[  227.264121][    C1]  ? do_idle+0x1e8/0x510
[  227.264141][    C1]  default_idle+0x13/0x20
[  227.264150][    C1]  default_idle_call+0x74/0xb0
[  227.264156][    C1]  do_idle+0x1e8/0x510
[  227.264171][    C1]  ? __pfx_do_idle+0x10/0x10
[  227.264177][    C1]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  227.264186][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.264196][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  227.264204][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  227.264223][    C1]  cpu_startup_entry+0x44/0x60
[  227.264232][    C1]  start_secondary+0x101/0x110
[  227.264239][    C1]  common_startup_64+0x13e/0x147
[  227.264265][    C1]  </TASK>
[  227.265249][    C0] CPU: 0 UID: 0 PID: 6310 Comm: syz.1.190 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  227.265259][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  227.265262][    C0] RIP: 0010:rcu_read_unlock_special+0x87/0x4c0
[  227.265273][    C0] Code: f1 f1 f1 00 f2 f2 f2 4a 89 04 2b 66 42 c7 44 2b 09 f3 f3 42 c6 44 2b 0b f3 65 44 8b 35 62 2c f8 10 41 f7 c6 00 00 f0 00 74 49 <48> c7 44 24 40 0e 36 e0 45 4a c7 04 2b 00 00 00 00 66 42 c7 44 2b
[  227.265279][    C0] RSP: 0018:ffffc90000007460 EFLAGS: 00000206
[  227.265285][    C0] RAX: b2f7892336400e00 RBX: 1ffff92000000e94 RCX: b2f7892336400e00
[  227.265290][    C0] RDX: 0000000000000002 RSI: ffffffff8d998940 RDI: ffffffff8be29f40
[  227.265294][    C0] RBP: ffffc90000007558 R08: ffffffff8fa1e9f7 R09: 1ffffffff1f43d3e
[  227.265299][    C0] R10: dffffc0000000000 R11: fffffbfff1f43d3f R12: ffffffff8e144400
[  227.265303][    C0] R13: dffffc0000000000 R14: 0000000000000246 R15: 0000000000000001
[  227.265308][    C0] FS:  00007effced726c0(0000) GS:ffff8880b861f000(0000) knlGS:0000000000000000
[  227.265313][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  227.265317][    C0] CR2: 00007f2347ce56c0 CR3: 0000000119ac6000 CR4: 00000000000006f0
[  227.265341][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  227.265346][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  227.265350][    C0] Call Trace:
[  227.265355][    C0]  <IRQ>
[  227.265360][    C0]  ? __pfx_perf_trace_lock+0x10/0x10
[  227.265378][    C0]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  227.265395][    C0]  ? unwind_next_frame+0xa5/0x2390
[  227.265421][    C0]  __rcu_read_unlock+0x84/0xe0
[  227.265436][    C0]  ? unwind_next_frame+0xa5/0x2390
[  227.265442][    C0]  unwind_next_frame+0x19ae/0x2390
[  227.265462][    C0]  ? unwind_next_frame+0xa5/0x2390
[  227.265472][    C0]  ? __unwind_start+0xf8/0x760
[  227.265494][    C0]  __unwind_start+0x5b9/0x760
[  227.265512][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  227.265523][    C0]  arch_stack_walk+0xe4/0x150
[  227.265544][    C0]  ? arch_stack_walk+0xe4/0x150
[  227.265562][    C0]  stack_trace_save+0x9c/0xe0
[  227.265573][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  227.265586][    C0]  ? __irq_exit_rcu+0xd8/0x1f0
[  227.265595][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  227.265613][    C0]  kasan_save_track+0x3e/0x80
[  227.265719][    C0]  ? neigh_invalidate+0x3a2/0x460
[  227.265728][    C0]  kasan_save_free_info+0x46/0x50
[  227.265738][    C0]  __kasan_slab_free+0x62/0x70
[  227.265747][    C0]  kmem_cache_free+0x18f/0x400
[  227.265767][    C0]  neigh_invalidate+0x3a2/0x460
[  227.265795][    C0]  neigh_timer_handler+0x913/0x1030
[  227.265820][    C0]  call_timer_fn+0x17e/0x5f0
[  227.265828][    C0]  ? __pfx_neigh_timer_handler+0x10/0x10
[  227.265834][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.265841][    C0]  ? call_timer_fn+0xbe/0x5f0
[  227.265849][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  227.265880][    C0]  ? __pfx_neigh_timer_handler+0x10/0x10
[  227.265893][    C0]  __run_timer_base+0x61a/0x860
[  227.265902][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  227.265940][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  227.265981][    C0]  run_timer_softirq+0xb7/0x180
[  227.265994][    C0]  handle_softirqs+0x286/0x870
[  227.266011][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  227.266031][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  227.266039][    C0]  ? irq_work_single+0x1ac/0x240
[  227.266055][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  227.266103][    C0]  __irq_exit_rcu+0xca/0x1f0
[  227.266113][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  227.266131][    C0]  ? rcu_is_watching+0x15/0xb0
[  227.266144][    C0]  irq_exit_rcu+0x9/0x30
[  227.266151][    C0]  sysvec_irq_work+0xa3/0xc0
[  227.266160][    C0]  </IRQ>
[  227.266162][    C0]  <TASK>
[  227.266167][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  227.266175][    C0] RIP: 0010:raw_spin_rq_unlock_irq+0x13/0x90
[  227.266185][    C0] Code: cc e8 c1 82 db 09 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 53 66 90 e8 14 10 de 09 e8 bf 9f 34 00 fb 5b <41> 5e 41 5f e9 44 5e de 09 cc f3 0f 1e fa 49 be 00 00 00 00 00 fc
[  227.266189][    C0] RSP: 0018:ffffc90006bc6d28 EFLAGS: 00000282
[  227.266195][    C0] RAX: b2f7892336400e00 RBX: ffff88802068ddc0 RCX: b2f7892336400e00
[  227.266200][    C0] RDX: 0000000000000006 RSI: ffffffff8d998940 RDI: ffffffff8be29f40
[  227.266204][    C0] RBP: ffffc90006bc6f50 R08: ffffffff8fa1e9f7 R09: 1ffffffff1f43d3e
[  227.266208][    C0] R10: dffffc0000000000 R11: fffffbfff1f43d3f R12: ffff88802068d640
[  227.266212][    C0] R13: dffffc0000000000 R14: ffff88802068d640 R15: ffff88804b039fc0
[  227.266250][    C0]  __schedule+0x1948/0x4d00
[  227.266262][    C0]  ? trace_call_bpf+0xb7/0x850
[  227.266273][    C0]  ? __lock_acquire+0xab9/0xd20
[  227.266301][    C0]  ? preempt_schedule_common+0x83/0xd0
[  227.266321][    C0]  ? __pfx___schedule+0x10/0x10
[  227.266336][    C0]  ? perf_trace_preemptirq_template+0x280/0x340
[  227.266349][    C0]  ? irqentry_enter+0x3d/0x60
[  227.266366][    C0]  ? __lock_acquire+0xab9/0xd20
[  227.266378][    C0]  ? migrate_enable+0x29c/0x3c0
[  227.266387][    C0]  ? preempt_schedule+0xae/0xc0
[  227.266400][    C0]  preempt_schedule_common+0x83/0xd0
[  227.266412][    C0]  preempt_schedule+0xae/0xc0
[  227.266423][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  227.266448][    C0]  preempt_schedule_thunk+0x16/0x30
[  227.266468][    C0]  _raw_spin_unlock_irqrestore+0xfd/0x110
[  227.266479][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  227.266510][    C0]  rcu_report_qs_rsp+0xad/0x1b0
[  227.266520][    C0]  rcu_preempt_deferred_qs_irqrestore+0x9d2/0xc40
[  227.266530][    C0]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  227.266567][    C0]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  227.266579][    C0]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  227.266599][    C0]  ? rcu_is_watching+0x7f/0xb0
[  227.266614][    C0]  rcu_read_unlock_special+0x3fe/0x4c0
[  227.266627][    C0]  ? preempt_schedule_common+0x83/0xd0
[  227.266638][    C0]  ? preempt_schedule+0xae/0xc0
[  227.266647][    C0]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  227.266665][    C0]  ? copy_pmd_range+0x66f1/0x7000
[  227.266696][    C0]  __rcu_read_unlock+0x84/0xe0
[  227.266704][    C0]  ? copy_pmd_range+0x66f1/0x7000
[  227.266716][    C0]  copy_pmd_range+0x67b9/0x7000
[  227.266755][    C0]  ? irqentry_exit+0x74/0x90
[  227.266792][    C0]  ? __pfx_copy_pmd_range+0x10/0x10
[  227.266801][    C0]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  227.266850][    C0]  copy_page_range+0xc46/0x1270
[  227.266859][    C0]  ? __lock_acquire+0xab9/0xd20
[  227.266909][    C0]  ? __pfx_copy_page_range+0x10/0x10
[  227.266936][    C0]  ? up_write+0x1c4/0x420
[  227.266943][    C0]  ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[  227.266962][    C0]  dup_mmap+0xf57/0x1ac0
[  227.267005][    C0]  ? __pfx_dup_mmap+0x10/0x10
[  227.267032][    C0]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  227.267039][    C0]  ? mm_init+0xce1/0xf10
[  227.267085][    C0]  copy_mm+0x13c/0x4b0
[  227.267102][    C0]  ? copy_process+0x978/0x3b80
[  227.267110][    C0]  copy_process+0x16d3/0x3b80
[  227.267136][    C0]  ? copy_process+0x978/0x3b80
[  227.267176][    C0]  ? __pfx_copy_process+0x10/0x10
[  227.267193][    C0]  ? kernel_clone+0x7e/0x870
[  227.267216][    C0]  kernel_clone+0x21e/0x870
[  227.267237][    C0]  ? __pfx_kernel_clone+0x10/0x10
[  227.267283][    C0]  __x64_sys_clone+0x18b/0x1e0
[  227.267300][    C0]  ? __pfx___x64_sys_clone+0x10/0x10
[  227.267334][    C0]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  227.267348][    C0]  ? rcu_is_watching+0x15/0xb0
[  227.267367][    C0]  ? do_syscall_64+0xbe/0x3b0
[  227.267385][    C0]  do_syscall_64+0xfa/0x3b0
[  227.267393][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.267403][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.267410][    C0]  ? exc_page_fault+0x9f/0xf0
[  227.267425][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.267432][    C0] RIP: 0033:0x7effcdf8e9a9
[  227.267442][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.267447][    C0] RSP: 002b:00007effced71fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  227.267454][    C0] RAX: ffffffffffffffda RBX: 00007effce1b5fa0 RCX: 00007effcdf8e9a9
[  227.267458][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000025200000
[  227.267462][    C0] RBP: 00007effce010d69 R08: 0000000000000000 R09: 0000000000000000
[  227.267466][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  227.267469][    C0] R13: 0000000000000000 R14: 00007effce1b5fa0 R15: 00007ffe475ad568
[  227.267503][    C0]  </TASK>
[  227.680106][    C0] sched: DL replenish lagged too much
[  227.756079][   T18] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 17033 jiffies s: 2869 root: 0x1/.
[  227.759802][   T18] rcu: blocking rcu_node structures (internal RCU debug):
[  227.761990][   T18] Sending NMI from CPU 1 to CPUs 0:
[  227.763765][    C0] NMI backtrace for cpu 0
[  227.763775][    C0] CPU: 0 UID: 0 PID: 6310 Comm: syz.1.190 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  227.763784][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  227.763788][    C0] RIP: 0010:native_apic_msr_write+0x39/0x50
[  227.763800][    C0] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 cc cc cc cc cc f3 0f 1e fa 89 f6 31 d2 e9 e2 db 86 03 66
[  227.763806][    C0] RSP: 0018:ffffc900000074a8 EFLAGS: 00000046
[  227.763812][    C0] RAX: 00000000000000f6 RBX: 0000000000000200 RCX: 000000000000083f
[  227.763817][    C0] RDX: 0000000000000000 RSI: 00000000000000f6 RDI: 000000000000083f
[  227.763821][    C0] RBP: ffffc90000007578 R08: ffffc90000007507 R09: 1ffff92000000ea0
[  227.763825][    C0] R10: dffffc0000000000 R11: fffff52000000ea1 R12: ffff88804b03af01
[  227.763829][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88804b0314f0
[  227.763833][    C0] FS:  00007effced726c0(0000) GS:ffff8880b861f000(0000) knlGS:0000000000000000
[  227.763839][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  227.763843][    C0] CR2: 00007f2347ce56c0 CR3: 0000000119ac6000 CR4: 00000000000006f0
[  227.763867][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  227.763873][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  227.763876][    C0] Call Trace:
[  227.763881][    C0]  <IRQ>
[  227.763884][    C0]  arch_irq_work_raise+0x6d/0x80
[  227.763892][    C0]  __irq_work_queue_local+0x1d7/0x550
[  227.763903][    C0]  ? __pfx___irq_work_queue_local+0x10/0x10
[  227.763912][    C0]  ? __virt_addr_valid+0x4a5/0x5c0
[  227.763921][    C0]  ? __phys_addr+0xd3/0x180
[  227.763934][    C0]  irq_work_queue_on+0x122/0x230
[  227.763944][    C0]  rcu_read_unlock_special+0x3ab/0x4c0
[  227.763960][    C0]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  227.763970][    C0]  ? trace_call_bpf+0xb7/0x850
[  227.763979][    C0]  ? trace_call_bpf+0xb7/0x850
[  227.763995][    C0]  __rcu_read_unlock+0x84/0xe0
[  227.764005][    C0]  ? trace_call_bpf+0xb7/0x850
[  227.764011][    C0]  trace_call_bpf+0x5ae/0x850
[  227.764017][    C0]  ? irq_work_single+0x1ac/0x240
[  227.764024][    C0]  ? trace_call_bpf+0xb7/0x850
[  227.764033][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  227.764045][    C0]  ? __pfx_trace_call_bpf+0x10/0x10
[  227.764079][    C0]  ? __irq_exit_rcu+0xd8/0x1f0
[  227.764090][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  227.764106][    C0]  perf_trace_run_bpf_submit+0x78/0x170
[  227.764120][    C0]  perf_trace_preemptirq_template+0x280/0x340
[  227.764132][    C0]  ? _raw_spin_lock_irqsave+0x82/0xf0
[  227.764142][    C0]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  227.764153][    C0]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  227.764162][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  227.764170][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  227.764178][    C0]  ? _raw_spin_lock_irqsave+0x82/0xf0
[  227.764185][    C0]  ? _raw_spin_lock_irqsave+0x82/0xf0
[  227.764195][    C0]  trace_irq_disable+0xee/0x110
[  227.764205][    C0]  _raw_spin_lock_irqsave+0x82/0xf0
[  227.764213][    C0]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  227.764230][    C0]  __mod_timer+0x1ae/0xf30
[  227.764244][    C0]  ? __pfx_do_raw_write_lock+0x10/0x10
[  227.764260][    C0]  addrconf_mod_rs_timer+0x51/0xe0
[  227.764270][    C0]  addrconf_rs_timer+0x45e/0x670
[  227.764284][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  227.764293][    C0]  ? __irq_exit_rcu+0xd8/0x1f0
[  227.764307][    C0]  call_timer_fn+0x17e/0x5f0
[  227.764314][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  227.764320][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.764327][    C0]  ? call_timer_fn+0xbe/0x5f0
[  227.764334][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  227.764353][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  227.764362][    C0]  __run_timer_base+0x61a/0x860
[  227.764371][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  227.764394][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  227.764419][    C0]  run_timer_softirq+0xb7/0x180
[  227.764430][    C0]  handle_softirqs+0x286/0x870
[  227.764441][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  227.764454][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  227.764461][    C0]  ? irq_work_single+0x1ac/0x240
[  227.764472][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  227.764484][    C0]  __irq_exit_rcu+0xca/0x1f0
[  227.764491][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  227.764503][    C0]  ? rcu_is_watching+0x15/0xb0
[  227.764514][    C0]  irq_exit_rcu+0x9/0x30
[  227.764520][    C0]  sysvec_irq_work+0xa3/0xc0
[  227.764527][    C0]  </IRQ>
[  227.764530][    C0]  <TASK>
[  227.764533][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  227.764540][    C0] RIP: 0010:raw_spin_rq_unlock_irq+0x13/0x90
[  227.764549][    C0] Code: cc e8 c1 82 db 09 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 53 66 90 e8 14 10 de 09 e8 bf 9f 34 00 fb 5b <41> 5e 41 5f e9 44 5e de 09 cc f3 0f 1e fa 49 be 00 00 00 00 00 fc
[  227.764554][    C0] RSP: 0018:ffffc90006bc6d28 EFLAGS: 00000282
[  227.764560][    C0] RAX: b2f7892336400e00 RBX: ffff88802068ddc0 RCX: b2f7892336400e00
[  227.764564][    C0] RDX: 0000000000000006 RSI: ffffffff8d998940 RDI: ffffffff8be29f40
[  227.764568][    C0] RBP: ffffc90006bc6f50 R08: ffffffff8fa1e9f7 R09: 1ffffffff1f43d3e
[  227.764572][    C0] R10: dffffc0000000000 R11: fffffbfff1f43d3f R12: ffff88802068d640
[  227.764576][    C0] R13: dffffc0000000000 R14: ffff88802068d640 R15: ffff88804b039fc0
[  227.764598][    C0]  __schedule+0x1948/0x4d00
[  227.764607][    C0]  ? trace_call_bpf+0xb7/0x850
[  227.764615][    C0]  ? __lock_acquire+0xab9/0xd20
[  227.764632][    C0]  ? preempt_schedule_common+0x83/0xd0
[  227.764646][    C0]  ? __pfx___schedule+0x10/0x10
[  227.764656][    C0]  ? perf_trace_preemptirq_template+0x280/0x340
[  227.764667][    C0]  ? irqentry_enter+0x3d/0x60
[  227.764683][    C0]  ? __lock_acquire+0xab9/0xd20
[  227.764693][    C0]  ? migrate_enable+0x29c/0x3c0
[  227.764700][    C0]  ? preempt_schedule+0xae/0xc0
[  227.764711][    C0]  preempt_schedule_common+0x83/0xd0
[  227.764720][    C0]  preempt_schedule+0xae/0xc0
[  227.764729][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  227.764745][    C0]  preempt_schedule_thunk+0x16/0x30
[  227.764758][    C0]  _raw_spin_unlock_irqrestore+0xfd/0x110
[  227.764767][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  227.764786][    C0]  rcu_report_qs_rsp+0xad/0x1b0
[  227.764793][    C0]  rcu_preempt_deferred_qs_irqrestore+0x9d2/0xc40
[  227.764803][    C0]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  227.764824][    C0]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  227.764835][    C0]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  227.764847][    C0]  ? rcu_is_watching+0x7f/0xb0
[  227.764858][    C0]  rcu_read_unlock_special+0x3fe/0x4c0
[  227.764868][    C0]  ? preempt_schedule_common+0x83/0xd0
[  227.764877][    C0]  ? preempt_schedule+0xae/0xc0
[  227.764885][    C0]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  227.764899][    C0]  ? copy_pmd_range+0x66f1/0x7000
[  227.764915][    C0]  __rcu_read_unlock+0x84/0xe0
[  227.764924][    C0]  ? copy_pmd_range+0x66f1/0x7000
[  227.764932][    C0]  copy_pmd_range+0x67b9/0x7000
[  227.764955][    C0]  ? irqentry_exit+0x74/0x90
[  227.764977][    C0]  ? __pfx_copy_pmd_range+0x10/0x10
[  227.764985][    C0]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  227.765013][    C0]  copy_page_range+0xc46/0x1270
[  227.765021][    C0]  ? __lock_acquire+0xab9/0xd20
[  227.765050][    C0]  ? __pfx_copy_page_range+0x10/0x10
[  227.765087][    C0]  ? up_write+0x1c4/0x420
[  227.765094][    C0]  ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[  227.765108][    C0]  dup_mmap+0xf57/0x1ac0
[  227.765133][    C0]  ? __pfx_dup_mmap+0x10/0x10
[  227.765149][    C0]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  227.765157][    C0]  ? mm_init+0xce1/0xf10
[  227.765174][    C0]  copy_mm+0x13c/0x4b0
[  227.765185][    C0]  ? copy_process+0x978/0x3b80
[  227.765192][    C0]  copy_process+0x16d3/0x3b80
[  227.765208][    C0]  ? copy_process+0x978/0x3b80
[  227.765231][    C0]  ? __pfx_copy_process+0x10/0x10
[  227.765244][    C0]  ? kernel_clone+0x7e/0x870
[  227.765258][    C0]  kernel_clone+0x21e/0x870
[  227.765273][    C0]  ? __pfx_kernel_clone+0x10/0x10
[  227.765299][    C0]  __x64_sys_clone+0x18b/0x1e0
[  227.765311][    C0]  ? __pfx___x64_sys_clone+0x10/0x10
[  227.765332][    C0]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  227.765343][    C0]  ? rcu_is_watching+0x15/0xb0
[  227.765356][    C0]  ? do_syscall_64+0xbe/0x3b0
[  227.765369][    C0]  do_syscall_64+0xfa/0x3b0
[  227.765377][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  227.765386][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.765393][    C0]  ? exc_page_fault+0x9f/0xf0
[  227.765404][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.765410][    C0] RIP: 0033:0x7effcdf8e9a9
[  227.765418][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  227.765422][    C0] RSP: 002b:00007effced71fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  227.765429][    C0] RAX: ffffffffffffffda RBX: 00007effce1b5fa0 RCX: 00007effcdf8e9a9
[  227.765433][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000025200000
[  227.765437][    C0] RBP: 00007effce010d69 R08: 0000000000000000 R09: 0000000000000000
[  227.765440][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  227.765444][    C0] R13: 0000000000000000 R14: 00007effce1b5fa0 R15: 00007ffe475ad568
[  227.765463][    C0]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  228.509001][ T6355] syz-executor: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  228.542145][ T6355] CPU: 1 UID: 0 PID: 6355 Comm: syz-executor Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  228.542158][ T6355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  228.542163][ T6355] Call Trace:
[  228.542167][ T6355]  <TASK>
[  228.542171][ T6355]  dump_stack_lvl+0x189/0x250
[  228.542192][ T6355]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.542204][ T6355]  ? __pfx__printk+0x10/0x10
[  228.542218][ T6355]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  228.542229][ T6355]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  228.542243][ T6355]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  228.542259][ T6355]  warn_alloc+0x214/0x310
[  228.542281][ T6355]  ? __pfx_warn_alloc+0x10/0x10
[  228.542307][ T6355]  ? __get_vm_area_node+0x28f/0x300
[  228.542319][ T6355]  ? kcov_ioctl+0x55/0x640
[  228.542337][ T6355]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  228.542394][ T6355]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  228.542416][ T6355]  ? __pfx_kcov_ioctl+0x10/0x10
[  228.542428][ T6355]  vmalloc_user_noprof+0xad/0xf0
[  228.542439][ T6355]  ? kcov_ioctl+0x55/0x640
[  228.542453][ T6355]  kcov_ioctl+0x55/0x640
[  228.542468][ T6355]  ? bpf_lsm_file_ioctl+0x9/0x20
[  228.542480][ T6355]  ? __pfx_kcov_ioctl+0x10/0x10
[  228.542492][ T6355]  __se_sys_ioctl+0xfc/0x170
[  228.542511][ T6355]  do_syscall_64+0xfa/0x3b0
[  228.542521][ T6355]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.542532][ T6355]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.542539][ T6355]  ? exc_page_fault+0x9f/0xf0
[  228.542554][ T6355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.542562][ T6355] RIP: 0033:0x7f61ff78e5ab
[  228.542571][ T6355] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  228.542577][ T6355] RSP: 002b:00007ffe473467e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  228.542586][ T6355] RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 00007f61ff78e5ab
[  228.542591][ T6355] RDX: 0000000000080000 RSI: ffffffff80086301 RDI: 00000000000000d8
[  228.542600][ T6355] RBP: 00007f61ff9b6038 R08: 0000000000000005 R09: 0000000000000000
[  228.542604][ T6355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  228.542608][ T6355] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  228.542640][ T6355]  </TASK>
[  228.542643][ T6355] Mem-Info:
[  228.723135][ T6355] active_anon:5512 inactive_anon:0 isolated_anon:0
[  228.723135][ T6355]  active_file:10594 inactive_file:38231 isolated_file:0
[  228.723135][ T6355]  unevictable:1768 dirty:1 writeback:0
[  228.723135][ T6355]  slab_reclaimable:9078 slab_unreclaimable:55123
[  228.723135][ T6355]  mapped:49081 shmem:2437 pagetables:1551
[  228.723135][ T6355]  sec_pagetables:0 bounce:0
[  228.723135][ T6355]  kernel_misc_reclaimable:0
[  228.723135][ T6355]  free:195688 free_pcp:32445 free_cma:0
[  228.764211][ T6355] Node 0 active_anon:4708kB inactive_anon:0kB active_file:37828kB inactive_file:144648kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:35044kB dirty:4kB writeback:0kB shmem:4692kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6260kB pagetables:2240kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  228.794124][ T6355] Node 1 active_anon:17340kB inactive_anon:0kB active_file:4548kB inactive_file:8276kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:165428kB dirty:0kB writeback:0kB shmem:5056kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5484kB pagetables:3964kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  228.814722][ T6355] Node 0 DMA free:15360kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  228.834217][ T6355] lowmem_reserve[]: 0 812 812 812 812
[  228.835994][ T6355] Node 0 DMA32 free:270380kB boost:0kB min:33656kB low:42068kB high:50480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4708kB inactive_anon:0kB active_file:37828kB inactive_file:144648kB unevictable:3536kB writepending:4kB present:1556484kB managed:831908kB mlocked:0kB bounce:0kB free_pcp:64024kB local_pcp:20012kB free_cma:0kB
[  228.865767][ T6355] lowmem_reserve[]: 0 0 0 0 0
[  228.867365][ T6355] Node 1 DMA32 free:418124kB boost:0kB min:19192kB low:23988kB high:28784kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:19792kB local_pcp:19792kB free_cma:0kB
[  228.892917][ T6355] lowmem_reserve[]: 0 0 854 854 854
[  228.894661][ T6355] Node 1 Normal free:68824kB boost:0kB min:36616kB low:45768kB high:54920kB reserved_highatomic:0KB free_highatomic:0KB active_anon:17340kB inactive_anon:0kB active_file:4548kB inactive_file:8276kB unevictable:3536kB writepending:0kB present:1048576kB managed:875016kB mlocked:0kB bounce:0kB free_pcp:45912kB local_pcp:23940kB free_cma:0kB
[  228.923099][ T6355] lowmem_reserve[]: 0 0 0 0 0
[  228.924675][ T6355] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  228.928609][ T6355] Node 0 DMA32: 516*4kB (UME) 680*8kB (UM) 307*16kB (UM) 476*32kB (UME) 170*64kB (UME) 59*128kB (UME) 20*256kB (UM) 4*512kB (UM) 4*1024kB (UM) 2*2048kB (UM) 51*4096kB (M) = 270336kB
[  228.943138][ T6355] Node 1 DMA32: 3*4kB (UM) 2*8kB (M) 3*16kB (UM) 2*32kB (M) 3*64kB (UM) 2*128kB (UM) 3*256kB (UM) 2*512kB (M) 2*1024kB (M) 2*2048kB (M) 100*4096kB (M) = 418124kB
[  228.948264][ T6355] Node 1 Normal: 1*4kB (U) 3*8kB (UME) 59*16kB (M) 39*32kB (ME) 25*64kB (UME) 12*128kB (ME) 10*256kB (UME) 13*512kB (UME) 11*1024kB (UM) 7*2048kB (UME) 6*4096kB (UM) = 64748kB
[  228.973010][ T6355] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  228.975836][ T6355] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  228.978582][ T6355] 51262 total pagecache pages
[  228.980012][ T6355] 0 pages in swap cache
[  228.981297][ T6355] Free swap  = 124996kB
[  228.982568][ T6355] Total swap = 124996kB
[  229.005364][ T6355] 786301 pages RAM
[  229.006551][ T6355] 0 pages HighMem/MovableOnly
[  229.008006][ T6355] 241076 pages reserved
[  229.009345][ T6355] 0 pages cma reserved
[  229.277203][ T6353] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  229.280469][ T6353] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  229.288558][ T6353] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  229.291882][ T6353] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  229.295629][ T6353] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2

VM DIAGNOSIS:
11:09:02  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000002e RBX=000000000000002e RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90000006790
R8 =ffff888107990237 R9 =1ffff11020f32046 R10=dffffc0000000000 R11=ffffffff85472aa0
R12=dffffc0000000000 R13=ffffffff99af58a2 R14=ffffffff99dfa1e0 R15=0000000000000000
RIP=ffffffff85472b1c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007effced726c0 ffffffff 00c00000
GS =0000 ffff8880b861f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2347ce56c0 CR3=0000000119ac6000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=0000000000000000 0000000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 000000524f525245 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f2347011ec1
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=00000000000001ff RBX=ffff88801af32040 RCX=ffffffff8b714f78 RDX=0000000000000001
RSI=0000000000000004 RDI=ffff88801af32040 RBP=ffffc900001e0310 RSP=ffffc900001e0260
R8 =ffff88801af32043 R9 =1ffff110035e6408 R10=dffffc0000000000 R11=ffffed10035e6409
R12=dffffc0000000000 R13=1ffff9200003c050 R14=ffffc900001e02b0 R15=1ffff110035e6408
RIP=ffffffff8b714fa0 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fc45467cf53 CR3=000000000df38000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000000 00007fc456986d00
XMM02=0000000500000007 041e900300000001 XMM03=030100000008061d 80031d80041ea003
XMM04=0000000000000000 000000000000000e XMM05=0000000000000000 000000000001df8a
XMM06=1000060102c60010 000fb00300000007 XMM07=a0030e8000000000 0100000408060f80
XMM08=03081e8004054010 001e800400000006 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
