last executing test programs:

40.028275852s ago: executing program 0 (id=386):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d8000000580081d34e81f782db44b904e417434509000300e8fe55a1180015000600142603600e120900210000000401a8001600a40001", 0x37}], 0x1}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={&(0x7f0000000040)="b64b6779e728a585fc6d831c9c111ee3bf867c7fa20663508d961b5b0bc1d4eded804b84c8ee0b5e7b55af44aa8bf4a16c4d4aaf896a13f650a3b4f737945a9a179a6ceb93adadb8dd841258d0f04b02868cd415ab9bc48b055a8b3f92b143cb16138c216513a045af2101e7e3c507bedee404330f1171812cdaeed17a0e89dd4863a4e6808ca6b7046c38f33b9a0417e1c8fae7a9e1b4c8161b02", 0x0, 0x0, 0x0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x2, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095001000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x39, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="3640000049009125745c7388641f9c0e0a"], 0xfe33)

39.838719281s ago: executing program 2 (id=389):
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x10}]})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x8940, &(0x7f0000000080))

39.838584338s ago: executing program 0 (id=390):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000e40)="180000003e000511d25a80698c6394090124fc602f6e3540", 0x18}], 0x1, 0x0, 0x0, 0x39c}, 0x0)

39.776425367s ago: executing program 1 (id=391):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x56, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x2, 0x0)
socket$kcm(0x11, 0xa, 0x300)
socket$kcm(0x21, 0x2, 0x2)
socket$kcm(0x2, 0x200000000000001, 0x106)
socket$kcm(0xf, 0x3, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
socket$kcm(0x10, 0x2, 0x10)
socket$kcm(0x22, 0x2, 0x21)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x0, 0x2010, r0, 0xfda}, 0x50)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e0007"], 0xfe33)

39.776168428s ago: executing program 0 (id=392):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r0, 0x8, 0x0, 0xfffffffffffffed3, 0x10, &(0x7f0000000200), 0x1}, 0x6d)

39.775707535s ago: executing program 2 (id=393):
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0xa, 0x5, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000340)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x0, 0x0, &(0x7f0000000800), 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0xd, &(0x7f0000000240)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x87}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="e06921e8682d85ff9782762f86dd", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

39.695262576s ago: executing program 0 (id=394):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, 0x0, 0xfe33)
sendmsg$kcm(r0, &(0x7f00000015c0)={&(0x7f00000003c0)=@nl, 0x80, &(0x7f0000000480)=[{&(0x7f0000000440)="4febeaa4", 0x4}], 0x1}, 0x40000)

39.694976908s ago: executing program 2 (id=395):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
ioctl$TUNSETLINK(r0, 0x801c581f, 0x0)

39.694859468s ago: executing program 0 (id=396):
bpf$OBJ_GET_PROG(0x7, &(0x7f00000004c0)=@generic={0x0, 0x0, 0x10}, 0x18)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@fallback=r0, r0, 0x2f}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000004c0)=ANY=[@ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB='/'], 0x20)

39.693240649s ago: executing program 1 (id=397):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c000000000061135f0000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf670000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x3e}, 0x48)

39.606867183s ago: executing program 2 (id=398):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfee, 0x0, 0x0, 0x0, 0x0, 0x100000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

39.606449985s ago: executing program 0 (id=399):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1200000005000000fd0900008100000052280000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00#\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xffffebff, 0x3, 0x2, 0x9, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4c840)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x7)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x9, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

39.605867942s ago: executing program 1 (id=400):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

39.564368412s ago: executing program 2 (id=401):
perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0xa, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x80, 0xa7, 0x2, 0x5, 0xa5, 0x9b9b, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)

39.410478342s ago: executing program 2 (id=402):
perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

39.410014892s ago: executing program 1 (id=403):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$kcm(0x2b, 0x1, 0x0)
close(r1)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x2420, 0x0, 0x0, 0x3, 0x3, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xae, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_config_ext={0x9, 0x2}, 0x1000, 0x4, 0x0, 0x4, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, 0x400000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x200000, 0x0)
r2 = syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22048, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x8080, 0x0, 0x0, 0x2, 0x0, 0xfffffffc}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
socket$kcm(0x2b, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18020000fcffffff00000000000000008500000041000000850000000800000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x1}, 0x80000, 0xca, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x4}, r2, 0x0, 0xffffffffffffffff, 0x1)
recvmsg$unix(r0, &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x1c0)
write$cgroup_subtree(r4, &(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYBLOB="3eca", @ANYRES8=r3], 0x9a)

39.240461382s ago: executing program 1 (id=404):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f0000000240), 0x4)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x20008890)
sendmsg$kcm(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000300)='\x00', 0x1}], 0x1}, 0x4044000)

1.019884ms ago: executing program 1 (id=405):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x2284, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x200, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x4}, 0x8080, 0x2, 0x0, 0x1, 0x7fffffff}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1e, 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
r2 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000200)=[{0x1, 0x2, 0x0, 0x9}, {0x3, 0x2, 0x5, 0xc}], 0x10, 0x40000000}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffefc, &(0x7f0000000080)=[{&(0x7f0000000280)="e03f03003d000b648c740d64fe5bfd1304873601005df33694f90324fc600800000000000000053582c1", 0x33fe0}], 0x1}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x30]}}, &(0x7f0000000600)=""/177, 0x1b, 0xb1, 0x0, 0x6}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x3}, 0x50)
socket$kcm(0x29, 0x2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000840)=ANY=[@ANYRES32=0x1, @ANYBLOB="f2ffffff00"/20, @ANYRES32, @ANYBLOB="05000000010000000100"/28], 0x50)
r5 = socket$kcm(0xa, 0x1, 0x106)
recvmsg$kcm(r5, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x40010160)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

664.464µs ago: executing program 32 (id=399):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1200000005000000fd0900008100000052280000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00#\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xffffebff, 0x3, 0x2, 0x9, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0x1c, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4c840)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x7)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='pids.max\x00', 0x2, 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x9, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[@ANYBLOB='-0'], 0x9)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

633.548µs ago: executing program 33 (id=402):
perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

0s ago: executing program 34 (id=405):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x104101, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x2284, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x200, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x4}, 0x8080, 0x2, 0x0, 0x1, 0x7fffffff}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1e, 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
r2 = socket$kcm(0x2a, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x890b, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000200)=[{0x1, 0x2, 0x0, 0x9}, {0x3, 0x2, 0x5, 0xc}], 0x10, 0x40000000}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xfffffffffffffefc, &(0x7f0000000080)=[{&(0x7f0000000280)="e03f03003d000b648c740d64fe5bfd1304873601005df33694f90324fc600800000000000000053582c1", 0x33fe0}], 0x1}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x30]}}, &(0x7f0000000600)=""/177, 0x1b, 0xb1, 0x0, 0x6}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x3}, 0x50)
socket$kcm(0x29, 0x2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000840)=ANY=[@ANYRES32=0x1, @ANYBLOB="f2ffffff00"/20, @ANYRES32, @ANYBLOB="05000000010000000100"/28], 0x50)
r5 = socket$kcm(0xa, 0x1, 0x106)
recvmsg$kcm(r5, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x40010160)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:56797' (ED25519) to the list of known hosts.
syzkaller login: [   49.512718][ T5827] cgroup: Unknown subsys name 'net'
[   49.605631][ T5827] cgroup: Unknown subsys name 'cpuset'
[   49.610200][ T5827] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   51.525572][ T5827] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   55.951618][ T5221] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   55.955604][ T5221] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   55.960891][ T5221] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   55.965717][ T5221] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   55.969623][ T5221] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   55.977217][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   55.980388][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   55.984161][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   55.988598][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   55.992824][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   56.091327][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   56.094697][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   56.097508][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   56.100506][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   56.103455][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   56.268025][ T5839] chnl_net:caif_netlink_parms(): no params data found
[   56.322707][ T5843] chnl_net:caif_netlink_parms(): no params data found
[   56.377815][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.381364][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.383913][ T5839] bridge_slave_0: entered allmulticast mode
[   56.386660][ T5839] bridge_slave_0: entered promiscuous mode
[   56.412652][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.415965][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.419271][ T5839] bridge_slave_1: entered allmulticast mode
[   56.424433][ T5839] bridge_slave_1: entered promiscuous mode
[   56.499965][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.503453][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.506329][ T5843] bridge_slave_0: entered allmulticast mode
[   56.510007][ T5843] bridge_slave_0: entered promiscuous mode
[   56.514398][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.517768][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   56.525198][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.527662][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.530061][ T5843] bridge_slave_1: entered allmulticast mode
[   56.533355][ T5843] bridge_slave_1: entered promiscuous mode
[   56.537562][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.585106][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.589666][ T5839] team0: Port device team_slave_0 added
[   56.600708][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.614222][ T5839] team0: Port device team_slave_1 added
[   56.640784][ T5843] team0: Port device team_slave_0 added
[   56.644201][ T5843] team0: Port device team_slave_1 added
[   56.673208][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.675591][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.684342][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.705450][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.707834][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.717173][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.721669][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.724041][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.735048][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.739522][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.742803][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.745827][ T5849] bridge_slave_0: entered allmulticast mode
[   56.749001][ T5849] bridge_slave_0: entered promiscuous mode
[   56.753102][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.755542][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.757967][ T5849] bridge_slave_1: entered allmulticast mode
[   56.760810][ T5849] bridge_slave_1: entered promiscuous mode
[   56.763696][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.766582][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.778847][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.821952][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.838768][ T5839] hsr_slave_0: entered promiscuous mode
[   56.841629][ T5839] hsr_slave_1: entered promiscuous mode
[   56.845379][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.907533][ T5849] team0: Port device team_slave_0 added
[   56.914633][ T5843] hsr_slave_0: entered promiscuous mode
[   56.916939][ T5843] hsr_slave_1: entered promiscuous mode
[   56.919101][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   56.921867][ T5843] Cannot create hsr debugfs directory
[   56.932695][ T5849] team0: Port device team_slave_1 added
[   56.968635][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.971136][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.980394][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.002555][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.004817][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.013297][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.105290][ T5849] hsr_slave_0: entered promiscuous mode
[   57.108203][ T5849] hsr_slave_1: entered promiscuous mode
[   57.110365][ T5849] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   57.113226][ T5849] Cannot create hsr debugfs directory
[   57.177127][ T5839] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   57.195292][ T5839] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   57.204087][ T5839] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   57.209564][ T5839] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   57.260990][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.263444][ T5839] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.266180][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.268875][ T5839] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.278459][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   57.283847][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   57.292585][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.295987][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.316226][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   57.333026][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   57.377149][ T5849] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   57.386870][ T5849] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   57.395271][ T5849] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   57.407521][ T5849] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   57.426812][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.452442][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[   57.467594][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.475299][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.477747][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.493036][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   57.499280][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.501802][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.519944][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.522573][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.544426][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.547672][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.565992][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.617285][ T5843] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.624281][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   57.637163][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.639858][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.655370][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.657807][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.689401][ T5849] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   57.699759][ T5849] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.740113][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.787182][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.799152][ T5839] veth0_vlan: entered promiscuous mode
[   57.819524][ T5839] veth1_vlan: entered promiscuous mode
[   57.832197][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.843933][ T5843] veth0_vlan: entered promiscuous mode
[   57.850459][ T5843] veth1_vlan: entered promiscuous mode
[   57.883192][ T5839] veth0_macvtap: entered promiscuous mode
[   57.896623][ T5839] veth1_macvtap: entered promiscuous mode
[   57.900281][ T5849] veth0_vlan: entered promiscuous mode
[   57.921206][ T5843] veth0_macvtap: entered promiscuous mode
[   57.925075][ T5849] veth1_vlan: entered promiscuous mode
[   57.933117][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.939123][ T5843] veth1_macvtap: entered promiscuous mode
[   57.952181][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.958706][ T5839] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.962255][ T5839] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.965263][ T5839] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.968408][ T5839] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.990193][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.015152][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.027271][ T5849] veth0_macvtap: entered promiscuous mode
[   58.035558][ T5843] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.039072][ T5843] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.045539][ T5843] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.048969][ T5843] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.057678][ T5849] veth1_macvtap: entered promiscuous mode
[   58.071966][   T54] Bluetooth: hci0: command tx timeout
[   58.074391][   T54] Bluetooth: hci1: command tx timeout
[   58.120622][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.136350][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.151741][ T5845] Bluetooth: hci2: command tx timeout
[   58.156844][ T5849] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.160618][ T5849] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.167913][ T5849] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.172160][ T5849] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.194959][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.198904][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.218970][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.222791][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.284609][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.293737][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.337027][  T967] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.340307][  T967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.365153][  T967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.371543][  T967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.379706][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   58.410772][  T967] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.416949][  T967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.546868][ T5911] netlink: 830 bytes leftover after parsing attributes in process `syz.0.4'.
[   58.676516][ T5918] Zero length message leads to an empty skb
[   58.689305][ T5918] C: renamed from team_slave_0 (while UP)
[   58.724421][ T5918] netlink: 'syz.0.7': attribute type 3 has an invalid length.
[   58.740150][ T5918] netlink: 'syz.0.7': attribute type 1 has an invalid length.
[   58.744686][ T5918] netlink: 116 bytes leftover after parsing attributes in process `syz.0.7'.
[   58.864901][ T5925] netlink: 825 bytes leftover after parsing attributes in process `syz.0.10'.
[   58.867964][ T5925] netlink: 130144 bytes leftover after parsing attributes in process `syz.0.10'.
[   58.960122][ T5927] Driver unsupported XDP return value 0 on prog  (id 7) dev N/A, expect packet loss!
[   59.173979][ T5943] netlink: 830 bytes leftover after parsing attributes in process `syz.2.19'.
[   59.245676][ T5945] raw_sendmsg: syz.0.20 forgot to set AF_INET. Fix it!
[   59.680930][    C0] hrtimer: interrupt took 24062 ns
[   60.152132][   T54] Bluetooth: hci1: command tx timeout
[   60.152150][ T5845] Bluetooth: hci0: command tx timeout
[   60.229654][ T6003] warning: `syz.2.46' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   60.234139][ T5845] Bluetooth: hci2: command tx timeout
[   60.401387][ T6020] netlink: 'syz.2.54': attribute type 2 has an invalid length.
[   60.406437][ T6020] netlink: 'syz.2.54': attribute type 8 has an invalid length.
[   60.432301][ T6020] netlink: 132 bytes leftover after parsing attributes in process `syz.2.54'.
[   60.588333][ T6032] netlink: 'syz.0.61': attribute type 29 has an invalid length.
[   60.830751][ T6057] netlink: 'syz.0.72': attribute type 27 has an invalid length.
[   60.835926][ T6057] netlink: 'syz.0.72': attribute type 3 has an invalid length.
[   60.841125][ T6057] netlink: 132 bytes leftover after parsing attributes in process `syz.0.72'.
[   62.234826][ T5845] Bluetooth: hci0: command tx timeout
[   62.234881][   T54] Bluetooth: hci1: command tx timeout
[   62.237247][ T6105] mac80211_hwsim hwsim4 O3c: renamed from wlan1 (while UP)
[   62.311419][   T54] Bluetooth: hci2: command tx timeout
[   62.395526][ T6109] netlink: 731 bytes leftover after parsing attributes in process `syz.1.96'.
[   62.577551][ T6115] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   62.899414][ T6135] netlink: 'syz.0.107': attribute type 10 has an invalid length.
[   62.902119][ T6135] netlink: 40 bytes leftover after parsing attributes in process `syz.0.107'.
[   62.904982][ T6135] dummy0: entered promiscuous mode
[   62.907874][ T6135] bridge0: port 3(dummy0) entered blocking state
[   62.910077][ T6135] bridge0: port 3(dummy0) entered disabled state
[   62.922131][ T6135] dummy0: entered allmulticast mode
[   62.925235][ T6135] bridge0: port 3(dummy0) entered blocking state
[   62.927442][ T6135] bridge0: port 3(dummy0) entered forwarding state
[   63.287105][ T6148] vxcan1: entered allmulticast mode
[   63.864807][ T6163] netlink: 'syz.0.119': attribute type 21 has an invalid length.
[   63.868251][ T6163] IPv6: NLM_F_CREATE should be specified when creating new route
[   63.873154][ T6163] IPv6: Can't replace route, no match found
[   64.311662][   T54] Bluetooth: hci0: command tx timeout
[   64.311689][ T5845] Bluetooth: hci1: command tx timeout
[   64.401130][ T5845] Bluetooth: hci2: command tx timeout
[   65.005123][ T6178] netlink: 60 bytes leftover after parsing attributes in process `syz.1.126'.
[   65.226637][ T6197] netlink: 'syz.1.135': attribute type 29 has an invalid length.
[   65.251652][ T6197] netlink: 'syz.1.135': attribute type 29 has an invalid length.
[   65.700568][ T6218] delete_channel: no stack
[   66.436635][ T6257] netlink: 9286 bytes leftover after parsing attributes in process `syz.2.164'.
[   67.145756][ T6286] netlink: 26 bytes leftover after parsing attributes in process `syz.2.177'.
[   68.108958][ T6324] netlink: 'syz.0.194': attribute type 12 has an invalid length.
[   68.116376][ T6324] netlink: 172 bytes leftover after parsing attributes in process `syz.0.194'.
[   68.187744][ T6334] netlink: 22 bytes leftover after parsing attributes in process `syz.1.199'.
[   68.312845][ T6341] delete_channel: no stack
[   68.504062][ T6358] syzkaller0: entered promiscuous mode
[   68.505888][ T6358] syzkaller0: entered allmulticast mode
[   69.957593][ T6393] netdevsim netdevsim2 : renamed from netdevsim0 (while UP)
[   70.310217][    C1] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[   70.958128][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[   70.960409][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[   71.520852][ T6418] tap0: tun_chr_ioctl cmd 1074025672
[   71.523645][ T6418] tap0: ignored: set checksum enabled
[   71.574946][ T6422] netlink: 'syz.0.238': attribute type 21 has an invalid length.
[   71.577611][ T6422] netlink: 128 bytes leftover after parsing attributes in process `syz.0.238'.
[   71.581289][ T6422] netlink: 'syz.0.238': attribute type 4 has an invalid length.
[   71.583822][ T6422] netlink: 3 bytes leftover after parsing attributes in process `syz.0.238'.
[   71.889999][ T6456] netlink: 'syz.1.251': attribute type 10 has an invalid length.
[   71.893711][ T6456] netlink: 40 bytes leftover after parsing attributes in process `syz.1.251'.
[   71.897262][ T6456] batadv0: entered promiscuous mode
[   71.899054][ T6456] batadv0: entered allmulticast mode
[   71.915697][ T6456] bridge0: port 3(batadv0) entered blocking state
[   71.918884][ T6456] bridge0: port 3(batadv0) entered disabled state
[   71.935760][ T6456] bridge0: port 3(batadv0) entered blocking state
[   71.938406][ T6456] bridge0: port 3(batadv0) entered forwarding state
[   72.137428][ T6475] netlink: 40 bytes leftover after parsing attributes in process `syz.2.262'.
[   72.217058][   T13] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   72.220213][   T13] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   72.365570][ T6488] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.374484][ T6488] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.377014][ T6488] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.534567][ T5845] Bluetooth: hci2: unexpected event 0x06 length: 15 > 3
[   74.329942][ T6524] netlink: 60 bytes leftover after parsing attributes in process `syz.0.285'.
[   74.382858][ T6527] netlink: 60 bytes leftover after parsing attributes in process `syz.0.285'.
[   74.388029][ T6524] netlink: 60 bytes leftover after parsing attributes in process `syz.0.285'.
[   74.951857][ T6555] nr0: tun_chr_ioctl cmd 1074025677
[   74.954081][ T6555] nr0: linktype set to 825
[   75.531087][ T6571] netlink: 1053 bytes leftover after parsing attributes in process `syz.0.305'.
[   75.612340][ T6576] syz.0.308 uses obsolete (PF_INET,SOCK_PACKET)
[   76.183712][ T6603] netlink: 'syz.0.320': attribute type 21 has an invalid length.
[   76.582554][ T6623] netlink: 'syz.0.329': attribute type 2 has an invalid length.
[   76.792255][ T6629] netlink: 'syz.0.332': attribute type 6 has an invalid length.
[   77.055921][ T6619] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   77.064494][ T6619] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   77.278996][ T6643] openvswitch: netlink: Flow actions attr not present in new flow.
[   77.290784][ T6643] syzkaller0: entered promiscuous mode
[   78.239179][ T6645] netlink: 'syz.1.340': attribute type 1 has an invalid length.
[   78.253189][ T6645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.340'.
[   78.323999][ T6653] netlink: 17 bytes leftover after parsing attributes in process `syz.0.343'.
[   78.331875][ T6653] netlink: zone id is out of range
[   78.341072][ T6653] netlink: zone id is out of range
[   78.349368][ T6653] netlink: zone id is out of range
[   78.352149][ T6653] netlink: zone id is out of range
[   78.354257][ T6653] netlink: zone id is out of range
[   78.356358][ T6653] netlink: zone id is out of range
[   78.358396][ T6653] netlink: zone id is out of range
[   78.815675][ T6689] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.360'.
[   80.085753][ T6721] netlink: 203516 bytes leftover after parsing attributes in process `syz.0.376'.
[   80.142121][ T6723] netlink: 'syz.1.377': attribute type 9 has an invalid length.
[   80.155830][ T6723] netlink: 'syz.1.377': attribute type 8 has an invalid length.
[   80.158870][ T6723] netlink: 143452 bytes leftover after parsing attributes in process `syz.1.377'.
[   80.813464][ T6746] netlink: 176 bytes leftover after parsing attributes in process `syz.1.387'.
[   80.855842][ T6748] netlink: 9286 bytes leftover after parsing attributes in process `syz.0.386'.
[   81.008312][ T6756] delete_channel: no stack
[   81.196977][ T2207] cfg80211: failed to load regulatory.db
[   81.350867][ T6772] cgroup: fork rejected by pids controller in /syz0
[   81.449599][ T5845] Bluetooth: hci0: Unable to find connection for big 0x00
[   83.733139][ T6791] netlink: 149044 bytes leftover after parsing attributes in process `syz.1.405'.
[   96.852112][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   96.853112][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   96.853449][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   96.854101][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   96.854578][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   97.047056][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   97.047823][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   97.048085][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   97.048607][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   97.048917][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   97.165243][ T6800] chnl_net:caif_netlink_parms(): no params data found
[   98.871135][ T5842] Bluetooth: hci3: command tx timeout
[   99.121807][ T5842] Bluetooth: hci4: command tx timeout
[  100.951418][ T5842] Bluetooth: hci3: command tx timeout
[  101.191919][ T5842] Bluetooth: hci4: command tx timeout
[  103.031268][ T5842] Bluetooth: hci3: command tx timeout
[  103.271247][ T5842] Bluetooth: hci4: command tx timeout
[  105.111234][ T5842] Bluetooth: hci3: command tx timeout
[  105.351197][ T5842] Bluetooth: hci4: command tx timeout
[  120.950019][   T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  120.951061][   T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  120.951861][   T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  120.952415][   T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  120.953085][   T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  121.077738][    C1] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 40186292135 wd_nsec: 40186293366
[  123.031302][   T54] Bluetooth: hci5: command tx timeout
[  125.111232][   T54] Bluetooth: hci5: command tx timeout
[  127.191466][   T54] Bluetooth: hci5: command tx timeout
[  129.271362][   T54] Bluetooth: hci5: command tx timeout
[  132.395795][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  132.395865][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  157.785298][ T5842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  157.786096][ T5842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  157.786557][ T5842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  157.787461][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  157.787998][ T5842] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  157.863893][   T54] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  157.864829][   T54] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  157.865094][   T54] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  157.866225][   T54] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  157.866585][   T54] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  159.831457][   T54] Bluetooth: hci6: command tx timeout
[  159.911650][   T54] Bluetooth: hci7: command tx timeout
[  161.911535][   T54] Bluetooth: hci6: command tx timeout
[  161.991662][   T54] Bluetooth: hci7: command tx timeout
[  163.991395][   T54] Bluetooth: hci6: command tx timeout
[  164.071391][   T54] Bluetooth: hci7: command tx timeout
[  166.071267][   T54] Bluetooth: hci6: command tx timeout
[  166.151406][   T54] Bluetooth: hci7: command tx timeout
[  180.553998][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  181.544180][ T5845] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  181.544681][ T5845] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  181.545018][ T5845] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  181.545526][ T5845] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  181.546597][ T5845] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  186.350954][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  186.350972][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P971/1:b..l
[  186.351315][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=10145, q=6681 ncpus=2)
[  186.351327][    C1] task:kworker/1:3     state:R  running task     stack:24312 pid:971   tgid:971   ppid:2      task_flags:0x4208060 flags:0x00004000
[  186.351368][    C1] Workqueue: events_power_efficient gc_worker
[  186.351388][    C1] Call Trace:
[  186.351393][    C1]  <TASK>
[  186.351403][    C1]  __schedule+0x16f5/0x4d00
[  186.351425][    C1]  ? trace_call_bpf+0xb7/0x850
[  186.351449][    C1]  ? preempt_schedule_irq+0xb5/0x150
[  186.351470][    C1]  ? __pfx___schedule+0x10/0x10
[  186.351483][    C1]  ? trace_call_bpf+0x5ba/0x850
[  186.351500][    C1]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  186.351524][    C1]  ? preempt_schedule_irq+0xaa/0x150
[  186.351541][    C1]  preempt_schedule_irq+0xb5/0x150
[  186.351557][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  186.351579][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  186.351595][    C1]  irqentry_exit+0x6f/0x90
[  186.351609][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  186.351622][    C1] RIP: 0010:seqcount_lockdep_reader_access+0x17e/0x1c0
[  186.351637][    C1] Code: f8 4d 85 e4 75 16 e8 51 f8 20 f8 eb 15 e8 4a f8 20 f8 e8 75 58 cf 01 4d 85 e4 74 ea e8 3b f8 20 f8 fb 48 c7 04 24 0e 36 e0 45 <4b> c7 04 3e 00 00 00 00 66 43 c7 44 3e 09 00 00 43 c6 44 3e 0b 00
[  186.351647][    C1] RSP: 0018:ffffc90006737860 EFLAGS: 00000293
[  186.351658][    C1] RAX: ffffffff899f30b5 RBX: 0000000000000000 RCX: ffff88810866d640
[  186.351668][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  186.351675][    C1] RBP: ffffc90006737910 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  186.351684][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: 0000000000000200
[  186.351692][    C1] R13: ffff888107903418 R14: 1ffff92000ce6f0c R15: dffffc0000000000
[  186.351708][    C1]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  186.351729][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  186.351756][    C1]  gc_worker+0x308/0x1380
[  186.351778][    C1]  ? gc_worker+0x264/0x1380
[  186.351799][    C1]  ? __pfx_gc_worker+0x10/0x10
[  186.351818][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  186.351832][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  186.351845][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  186.351860][    C1]  process_scheduled_works+0xae1/0x17b0
[  186.351899][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  186.351925][    C1]  worker_thread+0x8a0/0xda0
[  186.351960][    C1]  kthread+0x711/0x8a0
[  186.351978][    C1]  ? __pfx_worker_thread+0x10/0x10
[  186.351991][    C1]  ? __pfx_kthread+0x10/0x10
[  186.352008][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  186.352021][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.352033][    C1]  ? __pfx_kthread+0x10/0x10
[  186.352050][    C1]  ret_from_fork+0x3fc/0x770
[  186.352075][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  186.352094][    C1]  ? __switch_to_asm+0x39/0x70
[  186.352107][    C1]  ? __switch_to_asm+0x33/0x70
[  186.352120][    C1]  ? __pfx_kthread+0x10/0x10
[  186.352137][    C1]  ret_from_fork_asm+0x1a/0x30
[  186.352167][    C1]  </TASK>
[  193.845604][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  193.845657][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  214.311192][   T18] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { P971 1-.... } 13296 jiffies s: 3333 root: 0x2/T
[  214.311244][   T18] rcu: blocking rcu_node structures (internal RCU debug):
[  214.311269][   T18] Sending NMI from CPU 0 to CPUs 1:
[  214.311315][    C1] NMI backtrace for cpu 1
[  214.311326][    C1] CPU: 1 UID: 0 PID: 6772 Comm: syz.0.399 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  214.311335][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  214.311339][    C1] RIP: 0010:asm_sysvec_apic_timer_interrupt+0x0/0x20
[  214.311350][    C1] Code: 56 6d 6e 0a e9 61 06 00 00 90 f3 0f 1e fa 0f 1f 00 fc 6a ff e8 11 05 00 00 48 89 c4 48 89 e7 e8 66 6c 6e 0a e9 41 06 00 00 90 <f3> 0f 1e fa 0f 1f 00 fc 6a ff e8 f1 04 00 00 48 89 c4 48 89 e7 e8
[  214.311355][    C1] RSP: 0018:ffffc900001e0378 EFLAGS: 00000006
[  214.311362][    C1] RAX: 00a46893dcfbd500 RBX: 1ffff9200003c07c RCX: 00a46893dcfbd500
[  214.311367][    C1] RDX: 0000000000000002 RSI: ffffffff8d99883e RDI: ffffffff8be29f40
[  214.311371][    C1] RBP: ffffc900001e0498 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  214.311376][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffffffff8e144400
[  214.311380][    C1] R13: dffffc0000000000 R14: 0000000000000246 R15: 0000000000000002
[  214.311385][    C1] FS:  00007efc489146c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  214.311390][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  214.311394][    C1] CR2: 00007efc47db5f80 CR3: 0000000100a90000 CR4: 00000000000006f0
[  214.311420][    C1] DR0: 0000000000000000 DR1: 0000200000000300 DR2: 0000000000000000
[  214.311426][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  214.311430][    C1] Call Trace:
[  214.311433][    C1]  <IRQ>
[  214.311435][    C1] RIP: 0010:rcu_read_unlock_special+0x87/0x4c0
[  214.311446][    C1] Code: f1 f1 f1 00 f2 f2 f2 4a 89 04 2b 66 42 c7 44 2b 09 f3 f3 42 c6 44 2b 0b f3 65 44 8b 35 62 2c f8 10 41 f7 c6 00 00 f0 00 74 49 <48> c7 44 24 40 0e 36 e0 45 4a c7 04 2b 00 00 00 00 66 42 c7 44 2b
[  214.311451][    C1] RSP: 0018:ffffc900001e03a0 EFLAGS: 00000206
[  214.311457][    C1]  ? __lock_acquire+0xab9/0xd20
[  214.311467][    C1]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  214.311476][    C1]  ? unwind_next_frame+0xa5/0x2390
[  214.311485][    C1]  __rcu_read_unlock+0x84/0xe0
[  214.311493][    C1]  ? unwind_next_frame+0xa5/0x2390
[  214.311499][    C1]  unwind_next_frame+0x19ae/0x2390
[  214.311508][    C1]  ? unwind_next_frame+0xa5/0x2390
[  214.311514][    C1]  ? run_timer_softirq+0xb7/0x180
[  214.311524][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  214.311533][    C1]  arch_stack_walk+0x11c/0x150
[  214.311541][    C1]  ? handle_softirqs+0x286/0x870
[  214.311549][    C1]  stack_trace_save+0x9c/0xe0
[  214.311557][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  214.311565][    C1]  ? stack_depot_save_flags+0x168/0x900
[  214.311573][    C1]  ? stack_depot_save_flags+0x40/0x900
[  214.311581][    C1]  kasan_save_track+0x3e/0x80
[  214.311587][    C1]  ? kasan_save_track+0x3e/0x80
[  214.311592][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[  214.311597][    C1]  ? kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  214.311604][    C1]  ? kmalloc_reserve+0xbd/0x290
[  214.311610][    C1]  ? __alloc_skb+0x142/0x2d0
[  214.311615][    C1]  ? ndisc_alloc_skb+0x9f/0x480
[  214.311623][    C1]  ? ndisc_send_rs+0x2b5/0x630
[  214.311630][    C1]  ? addrconf_rs_timer+0x369/0x670
[  214.311637][    C1]  ? call_timer_fn+0x17e/0x5f0
[  214.311642][    C1]  ? __run_timer_base+0x61a/0x860
[  214.311650][    C1]  ? run_timer_softirq+0xb7/0x180
[  214.311666][    C1]  __kasan_slab_alloc+0x6c/0x80
[  214.311673][    C1]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  214.311679][    C1]  ? kmalloc_reserve+0xbd/0x290
[  214.311686][    C1]  kmalloc_reserve+0xbd/0x290
[  214.311693][    C1]  __alloc_skb+0x142/0x2d0
[  214.311700][    C1]  ndisc_alloc_skb+0x9f/0x480
[  214.311708][    C1]  ndisc_send_rs+0x2b5/0x630
[  214.311717][    C1]  addrconf_rs_timer+0x369/0x670
[  214.311725][    C1]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  214.311731][    C1]  ? __irq_exit_rcu+0xd8/0x1f0
[  214.311739][    C1]  call_timer_fn+0x17e/0x5f0
[  214.311745][    C1]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  214.311751][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  214.311759][    C1]  ? call_timer_fn+0xbe/0x5f0
[  214.311764][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  214.311772][    C1]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  214.311779][    C1]  __run_timer_base+0x61a/0x860
[  214.311787][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  214.311799][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  214.311810][    C1]  run_timer_softirq+0xb7/0x180
[  214.311819][    C1]  handle_softirqs+0x286/0x870
[  214.311826][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  214.311833][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  214.311840][    C1]  ? irq_work_single+0x1ac/0x240
[  214.311847][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  214.311855][    C1]  __irq_exit_rcu+0xca/0x1f0
[  214.311862][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  214.311869][    C1]  ? rcu_is_watching+0x15/0xb0
[  214.311876][    C1]  irq_exit_rcu+0x9/0x30
[  214.311882][    C1]  sysvec_irq_work+0xa3/0xc0
[  214.311888][    C1]  </IRQ>
[  214.311890][    C1]  <TASK>
[  214.311893][    C1]  asm_sysvec_irq_work+0x1a/0x20
[  214.311899][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  214.311907][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 8a 0a 82 00 48 8b 1b 48 8b 44 24
[  214.311912][    C1] RSP: 0018:ffffc90008807540 EFLAGS: 00000287
[  214.311918][    C1] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  214.311922][    C1] RDX: ffffc90003f71000 RSI: 0000000000047620 RDI: 0000000000047621
[  214.311926][    C1] RBP: ffffc90008807690 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  214.311930][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  214.311935][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  214.311943][    C1]  ? console_flush_all+0x13a/0xc40
[  214.311952][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  214.311962][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  214.311971][    C1]  console_unlock+0xc4/0x270
[  214.311979][    C1]  ? __pfx_console_unlock+0x10/0x10
[  214.311987][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  214.311996][    C1]  vprintk_emit+0x5b7/0x7a0
[  214.312009][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  214.312017][    C1]  ? irqentry_exit+0x74/0x90
[  214.312026][    C1]  _printk+0xcf/0x120
[  214.312036][    C1]  ? __pfx__printk+0x10/0x10
[  214.312043][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  214.312051][    C1]  ? kernfs_path_from_node+0x2c/0x260
[  214.312061][    C1]  pids_can_fork+0x470/0x4c0
[  214.312071][    C1]  ? __pfx_pids_can_fork+0x10/0x10
[  214.312079][    C1]  cgroup_can_fork+0x753/0xd10
[  214.312088][    C1]  copy_process+0x20fe/0x3b80
[  214.312097][    C1]  ? copy_process+0x978/0x3b80
[  214.312138][    C1]  ? __pfx_copy_process+0x10/0x10
[  214.312148][    C1]  ? migrate_enable+0x29c/0x3c0
[  214.312158][    C1]  kernel_clone+0x21e/0x870
[  214.312167][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  214.312178][    C1]  __x64_sys_clone+0x18b/0x1e0
[  214.312186][    C1]  ? __pfx___x64_sys_clone+0x10/0x10
[  214.312196][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  214.312205][    C1]  ? rcu_is_watching+0x15/0xb0
[  214.312213][    C1]  ? do_syscall_64+0xbe/0x3b0
[  214.312222][    C1]  do_syscall_64+0xfa/0x3b0
[  214.312230][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.312236][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  214.312243][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.312248][    C1] RIP: 0033:0x7efc47b8e9a9
[  214.312255][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.312260][    C1] RSP: 002b:00007efc48913fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  214.312267][    C1] RAX: ffffffffffffffda RBX: 00007efc47db5fa0 RCX: 00007efc47b8e9a9
[  214.312271][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  214.312275][    C1] RBP: 00007efc47c10d69 R08: 0000000000000000 R09: 0000000000000000
[  214.312278][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.312282][    C1] R13: 0000000000000000 R14: 00007efc47db5fa0 R15: 00007fffd5206248
[  214.312289][    C1]  </TASK>
[  218.055802][ T5846] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  218.056622][ T5846] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  218.057073][ T5846] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  218.057943][ T5846] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  218.058541][ T5846] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  218.145082][ T6842] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  218.146456][ T6842] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  218.146929][ T6842] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  218.147821][ T6842] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  218.148406][ T6842] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  221.512458][ T6844] Bluetooth: hci3: command 0x0406 tx timeout
[  221.512489][ T6844] Bluetooth: hci4: command 0x0406 tx timeout
[  233.511346][   T34] INFO: task rcu_tasks_trace:32 blocked for more than 143 seconds.
[  233.511379][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  233.511386][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.511393][   T34] task:rcu_tasks_trace state:D stack:26360 pid:32    tgid:32    ppid:2      task_flags:0x208040 flags:0x00004000
[  233.511425][   T34] Call Trace:
[  233.511430][   T34]  <TASK>
[  233.511438][   T34]  __schedule+0x16f5/0x4d00
[  233.511460][   T34]  ? do_raw_spin_lock+0x121/0x290
[  233.511476][   T34]  ? schedule+0x165/0x360
[  233.511487][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.511498][   T34]  ? __pfx___schedule+0x10/0x10
[  233.511515][   T34]  ? schedule+0x91/0x360
[  233.511527][   T34]  schedule+0x165/0x360
[  233.511539][   T34]  synchronize_rcu_expedited+0x5f5/0x730
[  233.511555][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  233.511566][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  233.511586][   T34]  ? __pfx___might_resched+0x10/0x10
[  233.511599][   T34]  ? rcu_tasks_trace_pregp_step+0xe2a/0xe70
[  233.511618][   T34]  synchronize_rcu+0x11a/0x310
[  233.511629][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  233.511640][   T34]  ? __pfx_rcu_tasks_trace_pregp_step+0x10/0x10
[  233.511651][   T34]  ? rcu_is_watching+0x15/0xb0
[  233.511662][   T34]  ? trace_contention_end+0x39/0x120
[  233.511674][   T34]  ? __mutex_lock+0x330/0xe80
[  233.511686][   T34]  rcu_tasks_wait_gp+0x490/0xac0
[  233.511703][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  233.511714][   T34]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  233.511727][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.511742][   T34]  ? __pfx_rcu_tasks_wait_gp+0x10/0x10
[  233.511755][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  233.511769][   T34]  rcu_tasks_one_gp+0xc19/0xdf0
[  233.511787][   T34]  ? rcu_tasks_one_gp+0xe9/0xdf0
[  233.511803][   T34]  rcu_tasks_kthread+0x195/0x1c0
[  233.511818][   T34]  kthread+0x711/0x8a0
[  233.511832][   T34]  ? __pfx_rcu_tasks_kthread+0x10/0x10
[  233.511844][   T34]  ? __pfx_kthread+0x10/0x10
[  233.511856][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  233.511866][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.511876][   T34]  ? __pfx_kthread+0x10/0x10
[  233.511888][   T34]  ret_from_fork+0x3fc/0x770
[  233.511901][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  233.511913][   T34]  ? __switch_to_asm+0x39/0x70
[  233.511926][   T34]  ? __switch_to_asm+0x33/0x70
[  233.511936][   T34]  ? __pfx_kthread+0x10/0x10
[  233.511948][   T34]  ret_from_fork_asm+0x1a/0x30
[  233.511966][   T34]  </TASK>
[  233.512027][   T34] INFO: task kworker/u9:5:4595 blocked for more than 143 seconds.
[  233.512034][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  233.512040][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.512045][   T34] task:kworker/u9:5    state:D stack:24624 pid:4595  tgid:4595  ppid:2      task_flags:0x4208060 flags:0x00004000
[  233.512101][   T34] Workqueue: events_unbound bpf_map_free_deferred
[  233.512119][   T34] Call Trace:
[  233.512124][   T34]  <TASK>
[  233.512130][   T34]  __schedule+0x16f5/0x4d00
[  233.512148][   T34]  ? do_raw_spin_lock+0x121/0x290
[  233.512160][   T34]  ? schedule+0x165/0x360
[  233.512172][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.512181][   T34]  ? __pfx___schedule+0x10/0x10
[  233.512198][   T34]  ? schedule+0x91/0x360
[  233.512210][   T34]  schedule+0x165/0x360
[  233.512222][   T34]  synchronize_rcu_expedited+0x583/0x730
[  233.512234][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  233.512250][   T34]  ? perf_iterate_sb+0x60d/0x6b0
[  233.512262][   T34]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  233.512274][   T34]  ? __pfx___might_resched+0x10/0x10
[  233.512284][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  233.512302][   T34]  synchronize_rcu+0x11a/0x310
[  233.512313][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  233.512326][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  233.512340][   T34]  dev_map_free+0x11a/0x6a0
[  233.512361][   T34]  bpf_map_free_deferred+0xed/0x110
[  233.512373][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  233.512386][   T34]  process_scheduled_works+0xae1/0x17b0
[  233.512408][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  233.512425][   T34]  worker_thread+0x8a0/0xda0
[  233.512437][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  233.512451][   T34]  ? __kthread_parkme+0x7b/0x200
[  233.512466][   T34]  kthread+0x711/0x8a0
[  233.512479][   T34]  ? __pfx_worker_thread+0x10/0x10
[  233.512489][   T34]  ? __pfx_kthread+0x10/0x10
[  233.512502][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  233.512512][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.512522][   T34]  ? __pfx_kthread+0x10/0x10
[  233.512534][   T34]  ret_from_fork+0x3fc/0x770
[  233.512546][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  233.512558][   T34]  ? __switch_to_asm+0x39/0x70
[  233.512569][   T34]  ? __switch_to_asm+0x33/0x70
[  233.512579][   T34]  ? __pfx_kthread+0x10/0x10
[  233.512591][   T34]  ret_from_fork_asm+0x1a/0x30
[  233.512608][   T34]  </TASK>
[  233.512633][   T34] INFO: task syz.2.402:6779 blocked for more than 143 seconds.
[  233.512640][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  233.512646][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.512651][   T34] task:syz.2.402       state:D stack:27952 pid:6779  tgid:6778  ppid:5849   task_flags:0x400140 flags:0x00004004
[  233.512689][   T34] Call Trace:
[  233.512695][   T34]  <TASK>
[  233.512706][   T34]  __schedule+0x16f5/0x4d00
[  233.512730][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.512745][   T34]  ? schedule+0x165/0x360
[  233.512762][   T34]  ? __pfx___schedule+0x10/0x10
[  233.512785][   T34]  ? schedule+0x91/0x360
[  233.512802][   T34]  schedule+0x165/0x360
[  233.512820][   T34]  schedule_preempt_disabled+0x13/0x30
[  233.512835][   T34]  __mutex_lock+0x724/0xe80
[  233.512853][   T34]  ? __mutex_lock+0x51b/0xe80
[  233.512873][   T34]  ? synchronize_rcu_expedited+0x3b9/0x730
[  233.512893][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  233.512912][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  233.512931][   T34]  synchronize_rcu_expedited+0x3b9/0x730
[  233.512950][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  233.512977][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.512988][   T34]  ? __pfx___might_resched+0x10/0x10
[  233.513001][   T34]  ? do_raw_spin_lock+0x121/0x290
[  233.513028][   T34]  synchronize_rcu+0x11a/0x310
[  233.513046][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  233.513062][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  233.513105][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.513125][   T34]  rcu_sync_enter+0x1da/0x310
[  233.513143][   T34]  ? __pfx_rcu_sync_enter+0x10/0x10
[  233.513158][   T34]  ? bp_constraints_lock+0xd6/0x1b0
[  233.513184][   T34]  percpu_down_write+0x60/0x330
[  233.513207][   T34]  bp_constraints_lock+0xd6/0x1b0
[  233.513223][   T34]  register_perf_hw_breakpoint+0x8f/0x260
[  233.513239][   T34]  ? __pfx_register_perf_hw_breakpoint+0x10/0x10
[  233.513257][   T34]  hw_breakpoint_event_init+0x8d/0x120
[  233.513277][   T34]  perf_try_init_event+0x17f/0x870
[  233.513297][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.513317][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.513340][   T34]  perf_event_alloc+0x1357/0x2bb0
[  233.513361][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.513375][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.513405][   T34]  ? __pfx_perf_event_alloc+0x10/0x10
[  233.513425][   T34]  ? __fget_files+0x2a/0x420
[  233.513441][   T34]  ? __fget_files+0x3a0/0x420
[  233.513464][   T34]  __se_sys_perf_event_open+0x5a1/0x1d70
[  233.513483][   T34]  ? __pfx_trace_call_bpf+0x10/0x10
[  233.513504][   T34]  ? __pfx___se_sys_perf_event_open+0x10/0x10
[  233.513531][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.513554][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.513578][   T34]  ? do_syscall_64+0xbe/0x3b0
[  233.513592][   T34]  ? __x64_sys_perf_event_open+0x20/0xc0
[  233.513613][   T34]  do_syscall_64+0xfa/0x3b0
[  233.513631][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.513647][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.513662][   T34]  ? exc_page_fault+0x9f/0xf0
[  233.513681][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.513696][   T34] RIP: 0033:0x7f5d8bd8e9a9
[  233.513710][   T34] RSP: 002b:00007f5d8cbc5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  233.513727][   T34] RAX: ffffffffffffffda RBX: 00007f5d8bfb5fa0 RCX: 00007f5d8bd8e9a9
[  233.513737][   T34] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000080
[  233.513748][   T34] RBP: 00007f5d8be10d69 R08: 0000000000000000 R09: 0000000000000000
[  233.513758][   T34] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  233.513769][   T34] R13: 0000000000000001 R14: 00007f5d8bfb5fa0 R15: 00007fff5fb6d758
[  233.513792][   T34]  </TASK>
[  233.513800][   T34] INFO: task syz.1.403:6784 blocked for more than 143 seconds.
[  233.513811][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  233.513821][   T34]       Blocked by coredump.
[  233.513828][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.513836][   T34] task:syz.1.403       state:D stack:27560 pid:6784  tgid:6784  ppid:5839   task_flags:0x40004c flags:0x00004002
[  233.513882][   T34] Call Trace:
[  233.513888][   T34]  <TASK>
[  233.513899][   T34]  __schedule+0x16f5/0x4d00
[  233.513920][   T34]  ? trace_call_bpf+0xb7/0x850
[  233.513939][   T34]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  233.513957][   T34]  ? schedule+0x165/0x360
[  233.513975][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.513990][   T34]  ? __pfx___schedule+0x10/0x10
[  233.514012][   T34]  ? schedule+0x91/0x360
[  233.514032][   T34]  schedule+0x165/0x360
[  233.514051][   T34]  schedule_timeout+0x9a/0x270
[  233.514094][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  233.514121][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  233.514137][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.514155][   T34]  __wait_for_common+0x3da/0x710
[  233.514187][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  233.514203][   T34]  ? __pfx___wait_for_common+0x10/0x10
[  233.514223][   T34]  ? __raw_spin_lock_init+0x45/0x100
[  233.514243][   T34]  ? __init_swait_queue_head+0xa9/0x150
[  233.514264][   T34]  wait_for_completion_state+0x1c/0x40
[  233.514282][   T34]  __wait_rcu_gp+0x24c/0x280
[  233.514306][   T34]  synchronize_rcu_tasks_generic+0x132/0x220
[  233.514321][   T34]  ? __pfx_synchronize_rcu_tasks_generic+0x10/0x10
[  233.514339][   T34]  ? rcu_read_lock_any_held+0xb3/0x120
[  233.514364][   T34]  ? __pfx_call_rcu_tasks_trace+0x10/0x10
[  233.514384][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  233.514418][   T34]  perf_trace_event_unreg+0xbe/0x1b0
[  233.514435][   T34]  perf_trace_destroy+0xa4/0x150
[  233.514450][   T34]  ? __pfx_tp_perf_event_destroy+0x10/0x10
[  233.514467][   T34]  __free_event+0x316/0x7b0
[  233.514483][   T34]  ? __pfx_perf_release+0x10/0x10
[  233.514502][   T34]  perf_event_release_kernel+0x45b/0x510
[  233.514518][   T34]  ? __pfx_perf_release+0x10/0x10
[  233.514536][   T34]  perf_release+0x38/0x50
[  233.514553][   T34]  __fput+0x44c/0xa70
[  233.514578][   T34]  task_work_run+0x1d4/0x260
[  233.514603][   T34]  ? __pfx_task_work_run+0x10/0x10
[  233.514630][   T34]  do_exit+0x6b5/0x22e0
[  233.514653][   T34]  ? __pfx_do_exit+0x10/0x10
[  233.514665][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.514678][   T34]  ? rcu_is_watching+0x15/0xb0
[  233.514692][   T34]  __x64_sys_exit+0x40/0x40
[  233.514704][   T34]  x64_sys_call+0x21a3/0x21c0
[  233.514716][   T34]  do_syscall_64+0xfa/0x3b0
[  233.514727][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.514738][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.514747][   T34]  ? exc_page_fault+0x9f/0xf0
[  233.514758][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.514766][   T34] RIP: 0033:0x7f6dbc98e9a9
[  233.514774][   T34] RSP: 002b:00007f6dbd8d9fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000003c
[  233.514785][   T34] RAX: ffffffffffffffda RBX: 00007f6dbcbb5fa0 RCX: 00007f6dbc98e9a9
[  233.514792][   T34] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  233.514798][   T34] RBP: 00007f6dbca10d69 R08: 0000000000000000 R09: 0000000000000000
[  233.514804][   T34] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  233.514810][   T34] R13: 0000000000000000 R14: 00007f6dbcbb5fa0 R15: 00007ffefab57a08
[  233.514824][   T34]  </TASK>
[  233.514829][   T34] INFO: task syz.1.405:6788 blocked for more than 143 seconds.
[  233.514836][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  233.514842][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.514847][   T34] task:syz.1.405       state:D stack:28904 pid:6788  tgid:6787  ppid:5839   task_flags:0x400140 flags:0x00004004
[  233.514871][   T34] Call Trace:
[  233.514875][   T34]  <TASK>
[  233.514882][   T34]  __schedule+0x16f5/0x4d00
[  233.514897][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.514907][   T34]  ? schedule+0x165/0x360
[  233.514919][   T34]  ? __pfx___schedule+0x10/0x10
[  233.514936][   T34]  ? schedule+0x91/0x360
[  233.514947][   T34]  schedule+0x165/0x360
[  233.514958][   T34]  schedule_preempt_disabled+0x13/0x30
[  233.514968][   T34]  __mutex_lock+0x724/0xe80
[  233.514979][   T34]  ? __mutex_lock+0x51b/0xe80
[  233.514993][   T34]  ? perf_trace_init+0x50/0x2d0
[  233.515003][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  233.515018][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.515030][   T34]  perf_trace_init+0x50/0x2d0
[  233.515039][   T34]  ? perf_tp_event_init+0x7c/0x120
[  233.515050][   T34]  perf_tp_event_init+0x8d/0x120
[  233.515061][   T34]  perf_try_init_event+0x17f/0x870
[  233.515097][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.515112][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.515122][   T34]  perf_event_alloc+0x1357/0x2bb0
[  233.515133][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.515142][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.515160][   T34]  ? __pfx_perf_event_alloc+0x10/0x10
[  233.515173][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.515184][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.515194][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.515206][   T34]  __se_sys_perf_event_open+0x772/0x1d70
[  233.515221][   T34]  ? __bpf_trace_bpf_trace_printk+0x71/0x100
[  233.515233][   T34]  ? __pfx___se_sys_perf_event_open+0x10/0x10
[  233.515254][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.515266][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.515281][   T34]  ? do_syscall_64+0xbe/0x3b0
[  233.515291][   T34]  ? __x64_sys_perf_event_open+0x20/0xc0
[  233.515303][   T34]  do_syscall_64+0xfa/0x3b0
[  233.515314][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.515324][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.515333][   T34]  ? exc_page_fault+0x9f/0xf0
[  233.515344][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.515359][   T34] RIP: 0033:0x7f6dbc98e9a9
[  233.515366][   T34] RSP: 002b:00007f6dbd8da038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  233.515377][   T34] RAX: ffffffffffffffda RBX: 00007f6dbcbb5fa0 RCX: 00007f6dbc98e9a9
[  233.515384][   T34] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000200000000040
[  233.515390][   T34] RBP: 00007f6dbca10d69 R08: 0000000000000000 R09: 0000000000000000
[  233.515397][   T34] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  233.515403][   T34] R13: 0000000000000001 R14: 00007f6dbcbb5fa0 R15: 00007ffefab57a08
[  233.515416][   T34]  </TASK>
[  233.515424][   T34] INFO: task syz.1.405:6789 blocked for more than 143 seconds.
[  233.515431][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  233.515437][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.515441][   T34] task:syz.1.405       state:D stack:28032 pid:6789  tgid:6787  ppid:5839   task_flags:0x400140 flags:0x00004004
[  233.515464][   T34] Call Trace:
[  233.515468][   T34]  <TASK>
[  233.515474][   T34]  __schedule+0x16f5/0x4d00
[  233.515489][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.515500][   T34]  ? schedule+0x165/0x360
[  233.515512][   T34]  ? __pfx___schedule+0x10/0x10
[  233.515529][   T34]  ? schedule+0x91/0x360
[  233.515540][   T34]  schedule+0x165/0x360
[  233.515555][   T34]  schedule_preempt_disabled+0x13/0x30
[  233.515566][   T34]  __mutex_lock+0x724/0xe80
[  233.515577][   T34]  ? __mutex_lock+0x51b/0xe80
[  233.515590][   T34]  ? perf_trace_init+0x50/0x2d0
[  233.515601][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  233.515615][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.515627][   T34]  perf_trace_init+0x50/0x2d0
[  233.515636][   T34]  ? perf_tp_event_init+0x7c/0x120
[  233.515647][   T34]  perf_tp_event_init+0x8d/0x120
[  233.515657][   T34]  perf_try_init_event+0x17f/0x870
[  233.515668][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.515680][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.515691][   T34]  perf_event_alloc+0x1357/0x2bb0
[  233.515701][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.515710][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.515728][   T34]  ? __pfx_perf_event_alloc+0x10/0x10
[  233.515741][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.515752][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.515761][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.515774][   T34]  __se_sys_perf_event_open+0x772/0x1d70
[  233.515787][   T34]  ? __bpf_trace_bpf_trace_printk+0x71/0x100
[  233.515799][   T34]  ? __pfx___se_sys_perf_event_open+0x10/0x10
[  233.515815][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.515827][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.515842][   T34]  ? do_syscall_64+0xbe/0x3b0
[  233.515852][   T34]  ? __x64_sys_perf_event_open+0x20/0xc0
[  233.515864][   T34]  do_syscall_64+0xfa/0x3b0
[  233.515875][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.515885][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.515894][   T34]  ? exc_page_fault+0x9f/0xf0
[  233.515905][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.515914][   T34] RIP: 0033:0x7f6dbc98e9a9
[  233.515921][   T34] RSP: 002b:00007f6dbd8b9038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  233.515931][   T34] RAX: ffffffffffffffda RBX: 00007f6dbcbb6080 RCX: 00007f6dbc98e9a9
[  233.515938][   T34] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000100
[  233.515945][   T34] RBP: 00007f6dbca10d69 R08: 0000000000000009 R09: 0000000000000000
[  233.515951][   T34] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  233.515958][   T34] R13: 0000000000000001 R14: 00007f6dbcbb6080 R15: 00007ffefab57a08
[  233.515971][   T34]  </TASK>
[  233.515975][   T34] INFO: task syz.1.405:6790 blocked for more than 143 seconds.
[  233.515982][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  233.515987][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.515992][   T34] task:syz.1.405       state:D stack:25896 pid:6790  tgid:6787  ppid:5839   task_flags:0x400140 flags:0x00004004
[  233.516016][   T34] Call Trace:
[  233.516020][   T34]  <TASK>
[  233.516026][   T34]  __schedule+0x16f5/0x4d00
[  233.516042][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.516055][   T34]  ? schedule+0x165/0x360
[  233.516101][   T34]  ? __pfx___schedule+0x10/0x10
[  233.516119][   T34]  ? schedule+0x91/0x360
[  233.516131][   T34]  schedule+0x165/0x360
[  233.516142][   T34]  schedule_preempt_disabled+0x13/0x30
[  233.516152][   T34]  __mutex_lock+0x724/0xe80
[  233.516171][   T34]  ? __mutex_lock+0x51b/0xe80
[  233.516193][   T34]  ? perf_trace_init+0x50/0x2d0
[  233.516205][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  233.516220][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.516237][   T34]  perf_trace_init+0x50/0x2d0
[  233.516250][   T34]  ? perf_tp_event_init+0x7c/0x120
[  233.516268][   T34]  perf_tp_event_init+0x8d/0x120
[  233.516282][   T34]  perf_try_init_event+0x17f/0x870
[  233.516293][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.516305][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.516316][   T34]  perf_event_alloc+0x1357/0x2bb0
[  233.516333][   T34]  ? __lock_acquire+0xab9/0xd20
[  233.516353][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  233.516383][   T34]  ? __pfx_perf_event_alloc+0x10/0x10
[  233.516404][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.516422][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.516438][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  233.516457][   T34]  __se_sys_perf_event_open+0x772/0x1d70
[  233.516480][   T34]  ? __pfx___se_sys_perf_event_open+0x10/0x10
[  233.516507][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.516528][   T34]  ? rcu_is_watching+0x15/0xb0
[  233.516547][   T34]  ? do_syscall_64+0xbe/0x3b0
[  233.516560][   T34]  ? __x64_sys_perf_event_open+0x20/0xc0
[  233.516579][   T34]  do_syscall_64+0xfa/0x3b0
[  233.516596][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.516612][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.516626][   T34]  ? exc_page_fault+0x9f/0xf0
[  233.516644][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.516657][   T34] RIP: 0033:0x7f6dbc98e9a9
[  233.516669][   T34] RSP: 002b:00007f6dbd898038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  233.516683][   T34] RAX: ffffffffffffffda RBX: 00007f6dbcbb6160 RCX: 00007f6dbc98e9a9
[  233.516693][   T34] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000100
[  233.516704][   T34] RBP: 00007f6dbca10d69 R08: 0000000000000009 R09: 0000000000000000
[  233.516713][   T34] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  233.516723][   T34] R13: 0000000000000000 R14: 00007f6dbcbb6160 R15: 00007ffefab57a08
[  233.516746][   T34]  </TASK>
[  233.516769][   T34] 
[  233.516769][   T34] Showing all locks held in the system:
[  233.516779][   T34] 2 locks held by kworker/0:0/9:
[  233.516786][   T34]  #0: ffff88801a482148 ((wq_completion)events_freezable_pwr_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.516835][   T34]  #1: ffffc900000c7bc0 ((work_completion)(&(&ev->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.516884][   T34] 3 locks held by kworker/u8:1/13:
[  233.516890][   T34]  #0: ffff888021cca148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.516934][   T34]  #1: ffffc90000107bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.516980][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  233.517028][   T34] 1 lock held by rcu_tasks_trace/32:
[  233.517036][   T34]  #0: ffffffff8e13fe10 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{4:4}, at: rcu_tasks_one_gp+0xaf9/0xdf0
[  233.517114][   T34] 1 lock held by khungtaskd/34:
[  233.517122][   T34]  #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  233.517174][   T34] 4 locks held by kworker/u11:0/54:
[  233.517184][   T34]  #0: ffff8880460ef948 ((wq_completion)hci8#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.517236][   T34]  #1: ffffc900007cfbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.517277][   T34]  #2: ffff888044ffc0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  233.517325][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  233.517378][   T34] 2 locks held by kworker/0:1H/60:
[  233.517387][   T34]  #0: ffff88801baab948 ((wq_completion)kblockd){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.517432][   T34]  #1: ffffc90000edfbc0 ((work_completion)(&q->timeout_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.517482][   T34] 3 locks held by kworker/u9:3/77:
[  233.517490][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.517532][   T34]  #1: ffffc9000176fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.517573][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  233.517624][   T34] 3 locks held by kworker/1:3/971:
[  233.517640][   T34] 3 locks held by kworker/0:2/2207:
[  233.517649][   T34]  #0: ffff88801a481d48 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.517692][   T34]  #1: ffffc9000a9f7bc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.517733][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf00
[  233.517795][   T34] 3 locks held by kworker/u9:5/4595:
[  233.517804][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.517848][   T34]  #1: ffffc90022687bc0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.517891][   T34]  #2: ffffffff8e144bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  233.517941][   T34] 2 locks held by getty/5657:
[  233.517951][   T34]  #0: ffff88810b03d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  233.517995][   T34]  #1: ffffc900029062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  233.518048][   T34] 6 locks held by kworker/u11:2/5842:
[  233.518058][   T34]  #0: ffff88802a525948 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.518146][   T34]  #1: ffffc9000351fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.518195][   T34]  #2: ffff88802a178dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  233.518246][   T34]  #3: ffff88802a1780b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  233.518295][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  233.518341][   T34]  #5: ffff88802a524b38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  233.518407][   T34] 3 locks held by kworker/0:3/5844:
[  233.518417][   T34]  #0: ffff88801a481d48 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.518466][   T34]  #1: ffffc90003b0fbc0 ((crda_timeout).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.518518][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: crda_timeout_work+0x15/0x50
[  233.518568][   T34] 5 locks held by kworker/u11:3/5845:
[  233.518578][   T34]  #0: ffff888036e67948 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.518628][   T34]  #1: ffffc90003b1fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.518680][   T34]  #2: ffff88810840cdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  233.518732][   T34]  #3: ffff88810840c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  233.518787][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  233.518836][   T34] 4 locks held by kworker/u11:4/5846:
[  233.518847][   T34]  #0: ffff8880364c3948 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.518905][   T34]  #1: ffffc90003b2fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.518956][   T34]  #2: ffff888045f5c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  233.519010][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  233.519100][   T34] 4 locks held by syz.0.399/6772:
[  233.519112][   T34] 4 locks held by syz.2.402/6779:
[  233.519121][   T34]  #0: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: class_srcu_constructor+0x2c/0x60
[  233.519172][   T34]  #1: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: perf_event_alloc+0xf6b/0x2bb0
[  233.519220][   T34]  #2: ffffffff8e1f6830 (bp_cpuinfo_sem){++++}-{0:0}, at: bp_constraints_lock+0xd6/0x1b0
[  233.519270][   T34]  #3: ffffffff8e144bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  233.519320][   T34] 1 lock held by syz.1.403/6784:
[  233.519330][   T34]  #0: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_destroy+0x2e/0x150
[  233.519383][   T34] 3 locks held by syz.1.405/6788:
[  233.519393][   T34]  #0: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: class_srcu_constructor+0x2c/0x60
[  233.519443][   T34]  #1: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: perf_event_alloc+0xf6b/0x2bb0
[  233.519524][   T34]  #2: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_init+0x50/0x2d0
[  233.519575][   T34] 3 locks held by syz.1.405/6789:
[  233.519585][   T34]  #0: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: class_srcu_constructor+0x2c/0x60
[  233.519638][   T34]  #1: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: perf_event_alloc+0xf6b/0x2bb0
[  233.519691][   T34]  #2: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_init+0x50/0x2d0
[  233.519742][   T34] 3 locks held by syz.1.405/6790:
[  233.519752][   T34]  #0: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: class_srcu_constructor+0x2c/0x60
[  233.519806][   T34]  #1: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: perf_event_alloc+0xf6b/0x2bb0
[  233.519859][   T34]  #2: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_init+0x50/0x2d0
[  233.519908][   T34] 1 lock held by dhcpcd/6794:
[  233.519918][   T34]  #0: ffff888029abe258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  233.519972][   T34] 1 lock held by dhcpcd/6796:
[  233.519982][   T34]  #0: ffff888039500258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  233.520034][   T34] 1 lock held by dhcpcd/6797:
[  233.520044][   T34]  #0: ffff888039044258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  233.520122][   T34] 2 locks held by syz-executor/6800:
[  233.520133][   T34]  #0: ffffffff8eca43a0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  233.520191][   T34]  #1: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  233.520241][   T34] 1 lock held by dhcpcd/6803:
[  233.520251][   T34]  #0: ffff8880398ce258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  233.520301][   T34] 1 lock held by syz-executor/6804:
[  233.520312][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x37a/0x1df0
[  233.520371][   T34] 1 lock held by dhcpcd/6810:
[  233.520381][   T34]  #0: ffff8880402a8258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  233.520429][   T34] 1 lock held by dhcpcd/6811:
[  233.520438][   T34]  #0: ffff888040374258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  233.520488][   T34] 1 lock held by syz-executor/6814:
[  233.520498][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  233.520551][   T34] 1 lock held by syz-executor/6820:
[  233.520561][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  233.520610][   T34] 1 lock held by syz-executor/6821:
[  233.520621][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  233.520673][   T34] 2 locks held by kworker/0:2H/6827:
[  233.520684][   T34]  #0: ffff88801baab948 ((wq_completion)kblockd){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.520735][   T34]  #1: ffffc90004d5fbc0 ((work_completion)(&q->timeout_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.520787][   T34] 1 lock held by syz-executor/6830:
[  233.520797][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  233.520849][   T34] 1 lock held by syz-executor/6836:
[  233.520859][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  233.520911][   T34] 1 lock held by syz-executor/6839:
[  233.551239][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  233.551317][   T34] 4 locks held by kworker/u11:5/6842:
[  233.551328][   T34]  #0: ffff888044b93948 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.551396][   T34]  #1: ffffc900028ffbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.551448][   T34]  #2: ffff888044cb40b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  233.551499][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  233.551551][   T34] 5 locks held by kworker/u11:6/6843:
[  233.551561][   T34]  #0: ffff888039711148 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  233.551612][   T34]  #1: ffffc900028dfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  233.551663][   T34]  #2: ffff88810941cdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  233.551714][   T34]  #3: ffff88810941c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  233.551769][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  233.551870][   T34] 
[  233.551878][   T34] =============================================
[  233.551878][   T34] 
[  233.551889][   T34] NMI backtrace for cpu 0
[  233.551899][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  233.551913][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  233.551920][   T34] Call Trace:
[  233.551925][   T34]  <TASK>
[  233.551930][   T34]  dump_stack_lvl+0x189/0x250
[  233.551950][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.551964][   T34]  ? __pfx__printk+0x10/0x10
[  233.551990][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  233.552007][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  233.552018][   T34]  ? _printk+0xcf/0x120
[  233.552036][   T34]  ? __pfx__printk+0x10/0x10
[  233.552053][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  233.552092][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  233.552109][   T34]  watchdog+0xfee/0x1030
[  233.552122][   T34]  ? watchdog+0x1de/0x1030
[  233.552138][   T34]  kthread+0x711/0x8a0
[  233.552158][   T34]  ? __pfx_watchdog+0x10/0x10
[  233.552168][   T34]  ? __pfx_kthread+0x10/0x10
[  233.552185][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  233.552201][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.552215][   T34]  ? __pfx_kthread+0x10/0x10
[  233.552232][   T34]  ret_from_fork+0x3fc/0x770
[  233.552248][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  233.552264][   T34]  ? __switch_to_asm+0x39/0x70
[  233.552278][   T34]  ? __switch_to_asm+0x33/0x70
[  233.552292][   T34]  ? __pfx_kthread+0x10/0x10
[  233.552308][   T34]  ret_from_fork_asm+0x1a/0x30
[  233.552335][   T34]  </TASK>
[  233.552341][   T34] Sending NMI from CPU 0 to CPUs 1:
[  233.552404][    C1] NMI backtrace for cpu 1
[  233.552417][    C1] CPU: 1 UID: 0 PID: 6772 Comm: syz.0.399 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  233.552427][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  233.552432][    C1] RIP: 0010:rcu_read_unlock_special+0x87/0x4c0
[  233.552446][    C1] Code: f1 f1 f1 00 f2 f2 f2 4a 89 04 2b 66 42 c7 44 2b 09 f3 f3 42 c6 44 2b 0b f3 65 44 8b 35 62 2c f8 10 41 f7 c6 00 00 f0 00 74 49 <48> c7 44 24 40 0e 36 e0 45 4a c7 04 2b 00 00 00 00 66 42 c7 44 2b
[  233.552452][    C1] RSP: 0018:ffffc900001e03a0 EFLAGS: 00000206
[  233.552459][    C1] RAX: 00a46893dcfbd500 RBX: 1ffff9200003c07c RCX: 00a46893dcfbd500
[  233.552464][    C1] RDX: 0000000000000002 RSI: ffffffff8d99883e RDI: ffffffff8be29f40
[  233.552468][    C1] RBP: ffffc900001e0498 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  233.552472][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffffffff8e144400
[  233.552477][    C1] R13: dffffc0000000000 R14: 0000000000000246 R15: 0000000000000002
[  233.552481][    C1] FS:  00007efc489146c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  233.552486][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  233.552491][    C1] CR2: 00007efc47db5f80 CR3: 0000000100a90000 CR4: 00000000000006f0
[  233.552517][    C1] DR0: 0000000000000000 DR1: 0000200000000300 DR2: 0000000000000000
[  233.552522][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  233.552526][    C1] Call Trace:
[  233.552530][    C1]  <IRQ>
[  233.552533][    C1]  ? __lock_acquire+0xab9/0xd20
[  233.552543][    C1]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  233.552553][    C1]  ? unwind_next_frame+0xa5/0x2390
[  233.552562][    C1]  __rcu_read_unlock+0x84/0xe0
[  233.552571][    C1]  ? unwind_next_frame+0xa5/0x2390
[  233.552577][    C1]  unwind_next_frame+0x19ae/0x2390
[  233.552585][    C1]  ? unwind_next_frame+0xa5/0x2390
[  233.552592][    C1]  ? run_timer_softirq+0xb7/0x180
[  233.552602][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  233.552610][    C1]  arch_stack_walk+0x11c/0x150
[  233.552620][    C1]  ? handle_softirqs+0x286/0x870
[  233.552628][    C1]  stack_trace_save+0x9c/0xe0
[  233.552636][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  233.552644][    C1]  ? stack_depot_save_flags+0x168/0x900
[  233.552653][    C1]  ? stack_depot_save_flags+0x40/0x900
[  233.552660][    C1]  kasan_save_track+0x3e/0x80
[  233.552667][    C1]  ? kasan_save_track+0x3e/0x80
[  233.552671][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[  233.552677][    C1]  ? kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  233.552683][    C1]  ? kmalloc_reserve+0xbd/0x290
[  233.552690][    C1]  ? __alloc_skb+0x142/0x2d0
[  233.552696][    C1]  ? ndisc_alloc_skb+0x9f/0x480
[  233.552704][    C1]  ? ndisc_send_rs+0x2b5/0x630
[  233.552711][    C1]  ? addrconf_rs_timer+0x369/0x670
[  233.552718][    C1]  ? call_timer_fn+0x17e/0x5f0
[  233.552724][    C1]  ? __run_timer_base+0x61a/0x860
[  233.552732][    C1]  ? run_timer_softirq+0xb7/0x180
[  233.552748][    C1]  __kasan_slab_alloc+0x6c/0x80
[  233.552754][    C1]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  233.552761][    C1]  ? kmalloc_reserve+0xbd/0x290
[  233.552767][    C1]  kmalloc_reserve+0xbd/0x290
[  233.552774][    C1]  __alloc_skb+0x142/0x2d0
[  233.552781][    C1]  ndisc_alloc_skb+0x9f/0x480
[  233.552790][    C1]  ndisc_send_rs+0x2b5/0x630
[  233.552798][    C1]  addrconf_rs_timer+0x369/0x670
[  233.552806][    C1]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  233.552813][    C1]  ? __irq_exit_rcu+0xd8/0x1f0
[  233.552821][    C1]  call_timer_fn+0x17e/0x5f0
[  233.552826][    C1]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  233.552832][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.552841][    C1]  ? call_timer_fn+0xbe/0x5f0
[  233.552846][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  233.552854][    C1]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  233.552861][    C1]  __run_timer_base+0x61a/0x860
[  233.552869][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  233.552881][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  233.552892][    C1]  run_timer_softirq+0xb7/0x180
[  233.552901][    C1]  handle_softirqs+0x286/0x870
[  233.552908][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  233.552916][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  233.552922][    C1]  ? irq_work_single+0x1ac/0x240
[  233.552929][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  233.552938][    C1]  __irq_exit_rcu+0xca/0x1f0
[  233.552944][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  233.552952][    C1]  ? rcu_is_watching+0x15/0xb0
[  233.552959][    C1]  irq_exit_rcu+0x9/0x30
[  233.552965][    C1]  sysvec_irq_work+0xa3/0xc0
[  233.552977][    C1]  </IRQ>
[  233.552979][    C1]  <TASK>
[  233.552982][    C1]  asm_sysvec_irq_work+0x1a/0x20
[  233.552989][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  233.552998][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 8a 0a 82 00 48 8b 1b 48 8b 44 24
[  233.553003][    C1] RSP: 0018:ffffc90008807540 EFLAGS: 00000287
[  233.553008][    C1] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  233.553013][    C1] RDX: ffffc90003f71000 RSI: 0000000000047620 RDI: 0000000000047621
[  233.553017][    C1] RBP: ffffc90008807690 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  233.553021][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  233.553025][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  233.553034][    C1]  ? console_flush_all+0x13a/0xc40
[  233.553043][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  233.553053][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  233.553062][    C1]  console_unlock+0xc4/0x270
[  233.553103][    C1]  ? __pfx_console_unlock+0x10/0x10
[  233.553111][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  233.553120][    C1]  vprintk_emit+0x5b7/0x7a0
[  233.553128][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  233.553136][    C1]  ? irqentry_exit+0x74/0x90
[  233.553145][    C1]  _printk+0xcf/0x120
[  233.553155][    C1]  ? __pfx__printk+0x10/0x10
[  233.553162][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  233.553170][    C1]  ? kernfs_path_from_node+0x2c/0x260
[  233.553180][    C1]  pids_can_fork+0x470/0x4c0
[  233.553189][    C1]  ? __pfx_pids_can_fork+0x10/0x10
[  233.553197][    C1]  cgroup_can_fork+0x753/0xd10
[  233.553207][    C1]  copy_process+0x20fe/0x3b80
[  233.553216][    C1]  ? copy_process+0x978/0x3b80
[  233.553226][    C1]  ? __pfx_copy_process+0x10/0x10
[  233.553233][    C1]  ? migrate_enable+0x29c/0x3c0
[  233.553242][    C1]  kernel_clone+0x21e/0x870
[  233.553252][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  233.553262][    C1]  __x64_sys_clone+0x18b/0x1e0
[  233.553271][    C1]  ? __pfx___x64_sys_clone+0x10/0x10
[  233.553281][    C1]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  233.553290][    C1]  ? rcu_is_watching+0x15/0xb0
[  233.553298][    C1]  ? do_syscall_64+0xbe/0x3b0
[  233.553307][    C1]  do_syscall_64+0xfa/0x3b0
[  233.553315][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.553320][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  233.553327][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.553333][    C1] RIP: 0033:0x7efc47b8e9a9
[  233.553341][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.553345][    C1] RSP: 002b:00007efc48913fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  233.553352][    C1] RAX: ffffffffffffffda RBX: 00007efc47db5fa0 RCX: 00007efc47b8e9a9
[  233.553356][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  233.553360][    C1] RBP: 00007efc47c10d69 R08: 0000000000000000 R09: 0000000000000000
[  233.553363][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  233.553367][    C1] R13: 0000000000000000 R14: 00007efc47db5fa0 R15: 00007fffd5206248
[  233.553374][    C1]  </TASK>
[  233.553388][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  233.553399][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  233.553412][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  233.553419][   T34] Call Trace:
[  233.553424][   T34]  <TASK>
[  233.553429][   T34]  dump_stack_lvl+0x99/0x250
[  233.553446][   T34]  ? __asan_memcpy+0x40/0x70
[  233.553464][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.553479][   T34]  ? __pfx__printk+0x10/0x10
[  233.553505][   T34]  panic+0x2db/0x790
[  233.553522][   T34]  ? __pfx_panic+0x10/0x10
[  233.553534][   T34]  ? nmi_backtrace_stall_check+0x433/0x440
[  233.553551][   T34]  ? irq_work_queue+0xc3/0x140
[  233.553567][   T34]  watchdog+0x102d/0x1030
[  233.553580][   T34]  ? watchdog+0x1de/0x1030
[  233.553595][   T34]  kthread+0x711/0x8a0
[  233.553615][   T34]  ? __pfx_watchdog+0x10/0x10
[  233.553625][   T34]  ? __pfx_kthread+0x10/0x10
[  233.553643][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  233.553658][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  233.553673][   T34]  ? __pfx_kthread+0x10/0x10
[  233.553690][   T34]  ret_from_fork+0x3fc/0x770
[  233.553706][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  233.553724][   T34]  ? __switch_to_asm+0x39/0x70
[  233.553738][   T34]  ? __switch_to_asm+0x33/0x70
[  233.553753][   T34]  ? __pfx_kthread+0x10/0x10
[  233.553770][   T34]  ret_from_fork_asm+0x1a/0x30
[  233.553796][   T34]  </TASK>
[  233.554589][   T34] Kernel Offset: disabled

VM DIAGNOSIS:
16:14:53  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000075 RBX=0000000000000075 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000068f7b0
R8 =ffff888107608237 R9 =1ffff11020ec1046 R10=dffffc0000000000 R11=ffffffff85472aa0
R12=dffffc0000000000 R13=ffffffff99af58b9 R14=ffffffff99dfa1e0 R15=0000000000000000
RIP=ffffffff85472b1c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055dedce6ae08 CR3=000000010c86a000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000ff0000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81680ea6 RBX=0000000000000000 RCX=ffff88810fcb8000 RDX=0000000000010100
RSI=0000000000000008 RDI=ffffffff92a52460 RBP=ffffc900001e02c8 RSP=ffffc900001e0240
R8 =ffffffff92a52467 R9 =1ffffffff254a48c R10=dffffc0000000000 R11=fffffbfff254a48d
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81680ea7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007efc489146c0 ffffffff 00c00000
GS =0000 ffff8881a3c1f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007efc47db5f80 CR3=0000000100a90000 CR4=000006f0
DR0=0000000000000000 DR1=0000200000000300 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007efc47d86478 00007efc47d86450 XMM03=00007efc47d86488 00007efc47d86480
XMM04=00007efc488ed100 00007efc47d86440 XMM05=00007efc47d86458 00007efc47d864a0
XMM06=00007efc47d86498 00007efc47d86490 XMM07=00007efc47d86488 00007efc47d86480
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007efc47c11ec1
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
