last executing test programs:

16.607384697s ago: executing program 2 (id=323):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r2, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
ioctl$SIOCSIFHWADDR(r3, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @link_local})

16.476691989s ago: executing program 2 (id=326):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61106800000000006113bf0000000000bfa00000000000000700000008ffffffd50301000ee60060950000000000000069163a0000000000bf67000000000000350607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004d83dde4c375000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369226066812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20ceddf4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a1f37302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a1a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4c6ea9604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a09d8be0fc5beecf153236c19740be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c7476"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x48)

16.418077364s ago: executing program 2 (id=327):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x15, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000004000000000000001154d1ff85100000010000009500000000000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002300000018010000646c6c2500000000002020200600000000000000bf0600000000000007010000f8ffffffb702000008000000b703000059e70000a50000000600000095"], &(0x7f0000000180)='GPL\x00', 0x7, 0x0, 0x0, 0x41100, 0xa}, 0x94)

16.417717587s ago: executing program 2 (id=328):
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r0, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44)
perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x80)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0xa4, 0x1589, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_bp={0x0, 0x1}, 0x3c, 0x1, 0x0, 0x4, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r5 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x6a, 0xa, 0xff00}, [@call={0xc}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r6, 0x11, 0x0, 0x0, @void, @value=r5}, 0x20)

16.367339298s ago: executing program 1 (id=329):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}, 0x202, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b28, &(0x7f0000000000)={'wlan1\x00', @random="1f00"})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

16.318116321s ago: executing program 0 (id=331):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0xffac, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x8, &(0x7f0000001280)=ANY=[@ANYBLOB="6b0000000000000029000000080000000000000000000000000000007f000001080705000700000000000034366567f221978756640000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="000000007f00000100010000"], 0x6b}, 0xfc00)

16.268353385s ago: executing program 0 (id=332):
r0 = socket$kcm(0x18, 0x0, 0x0)
close(r0)

16.268105126s ago: executing program 0 (id=333):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$kcm(0xa, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x3, 0x3, &(0x7f0000000300)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x101140, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0xc}, 0x4000, 0x2, 0x0, 0x0, 0x0, 0xac26}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x6, 0x3, &(0x7f0000001480)=@framed, &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000100)=r1, 0x4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x100})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f0, &(0x7f0000000080))

15.737308623s ago: executing program 2 (id=334):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x11}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, 0x0, r0, 0xc, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)

15.677778958s ago: executing program 1 (id=335):
socket$kcm(0xa, 0x5, 0x0)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x10000003, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)}, 0x122)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'dummy0\x00'})
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8946, &(0x7f0000000080))

15.590560368s ago: executing program 2 (id=336):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x2000005, 0x2505, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x5, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000004095"], &(0x7f0000000340)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r5 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r5, r4, 0x0, 0xf, &(0x7f0000000140)='contention_end\x00'}, 0x30)

15.590356937s ago: executing program 0 (id=337):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x922000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x1, 0xf, &(0x7f00000002c0), 0x4)

15.507098468s ago: executing program 0 (id=338):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, 0x0, 0x47, 0x0, &(0x7f0000000280)="880a64b5afea2161e2c9b406781381a387829384ca76b266f3bf594488f043dadafae880df6d267ce9de097d42a86cb2f8032b8208d9d7fb074377b3e87d57d0ef7fbaa0ab749f", 0x0, 0x4, 0x0, 0x100}, 0x50)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@typedef={0x7}]}, {0x0, [0x61, 0x0, 0x0, 0x0, 0x0, 0x61, 0x61]}}, 0x0, 0x2d, 0x0, 0x0, 0x7}, 0x28)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r0, 0x58, &(0x7f00000002c0)}, 0x10)

15.475685802s ago: executing program 0 (id=339):
socket$kcm(0xa, 0x1, 0x106)
r0 = socket$kcm(0x10, 0x3, 0x10)
recvmsg$unix(r0, &(0x7f00000001c0)={&(0x7f00000000c0), 0x6e, &(0x7f0000000140)}, 0x22)
sendmsg$kcm(r0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x8102, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000005c0)="2e0000003c000511d25a8069edb0344a0418cb44b0fa0bf4cace8c6394b9027c92b47795140d010000c4d196c6a6", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000100), 0x4)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, 0x0, &(0x7f0000000240)}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))

15.367884426s ago: executing program 1 (id=340):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00b'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x80ffffff}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

15.240203696s ago: executing program 1 (id=341):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="b40000000000000061104c0000000000050000000000000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10)

15.212219629s ago: executing program 1 (id=342):
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b28, &(0x7f0000000000)={'bond_slave_1\x00', @random="0100"})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x6, 0x13, &(0x7f0000000200)=r3, 0x4)
sendmsg$kcm(r0, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x2000c854)
recvmsg(r0, &(0x7f0000000100)={0x0, 0xfffffd0a, 0x0}, 0x40)

15.067716822s ago: executing program 1 (id=343):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r0, 0x107, 0x2, 0x0, 0x0)

0s ago: executing program 32 (id=339):
socket$kcm(0xa, 0x1, 0x106)
r0 = socket$kcm(0x10, 0x3, 0x10)
recvmsg$unix(r0, &(0x7f00000001c0)={&(0x7f00000000c0), 0x6e, &(0x7f0000000140)}, 0x22)
sendmsg$kcm(r0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x8102, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000005c0)="2e0000003c000511d25a8069edb0344a0418cb44b0fa0bf4cace8c6394b9027c92b47795140d010000c4d196c6a6", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000100), 0x4)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, 0x0, &(0x7f0000000240)}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6gre0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89f1, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:10771' (ED25519) to the list of known hosts.
syzkaller login: [   41.732468][ T5761] cgroup: Unknown subsys name 'net'
[   41.843511][ T5761] cgroup: Unknown subsys name 'cpuset'
[   41.847747][ T5761] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   43.156547][ T5761] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   46.451153][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   46.454146][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   46.456884][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   46.460005][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   46.469393][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   46.483224][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   46.486055][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   46.488763][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   46.494304][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   46.497031][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   46.541984][ T5220] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   46.544860][ T5220] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   46.547530][ T5220] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   46.550726][ T5220] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   46.553386][ T5220] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   46.685333][ T5832] chnl_net:caif_netlink_parms(): no params data found
[   46.712222][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   46.795302][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.797887][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.800812][ T5832] bridge_slave_0: entered allmulticast mode
[   46.803601][ T5832] bridge_slave_0: entered promiscuous mode
[   46.810389][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.812748][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.815121][ T5832] bridge_slave_1: entered allmulticast mode
[   46.817842][ T5832] bridge_slave_1: entered promiscuous mode
[   46.847302][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.850338][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.852926][ T5828] bridge_slave_0: entered allmulticast mode
[   46.855635][ T5828] bridge_slave_0: entered promiscuous mode
[   46.876447][ T5835] chnl_net:caif_netlink_parms(): no params data found
[   46.882844][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.885877][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.888819][ T5828] bridge_slave_1: entered allmulticast mode
[   46.893472][ T5828] bridge_slave_1: entered promiscuous mode
[   46.912404][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.937408][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.976701][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.997379][ T5832] team0: Port device team_slave_0 added
[   47.002969][ T5832] team0: Port device team_slave_1 added
[   47.020592][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.061910][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.064188][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.072787][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.095630][ T5828] team0: Port device team_slave_0 added
[   47.099368][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.101672][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.110105][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.134113][ T5828] team0: Port device team_slave_1 added
[   47.170166][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.172479][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.174741][ T5835] bridge_slave_0: entered allmulticast mode
[   47.177370][ T5835] bridge_slave_0: entered promiscuous mode
[   47.185913][ T5832] hsr_slave_0: entered promiscuous mode
[   47.191261][ T5832] hsr_slave_1: entered promiscuous mode
[   47.195145][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.197417][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.206321][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.211054][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.213372][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.222682][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.226325][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.228637][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.231358][ T5835] bridge_slave_1: entered allmulticast mode
[   47.234130][ T5835] bridge_slave_1: entered promiscuous mode
[   47.291517][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   47.307951][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   47.347143][ T5828] hsr_slave_0: entered promiscuous mode
[   47.350311][ T5828] hsr_slave_1: entered promiscuous mode
[   47.352796][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.355756][ T5828] Cannot create hsr debugfs directory
[   47.359947][ T5835] team0: Port device team_slave_0 added
[   47.373267][ T5835] team0: Port device team_slave_1 added
[   47.426514][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.429501][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.439159][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.450352][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.455197][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   47.465115][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.518799][ T5835] hsr_slave_0: entered promiscuous mode
[   47.522336][ T5835] hsr_slave_1: entered promiscuous mode
[   47.524544][ T5835] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   47.527289][ T5835] Cannot create hsr debugfs directory
[   47.566115][ T5832] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   47.573054][ T5832] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   47.577646][ T5832] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   47.597514][ T5832] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   47.671157][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   47.684802][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   47.696956][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.699622][ T5832] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.702428][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.704878][ T5832] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.715056][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   47.720679][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   47.732916][ T4384] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.737478][ T4384] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.835679][ T5835] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   47.844129][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.848577][ T5835] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   47.861679][ T5835] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   47.867196][ T5835] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   47.887113][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[   47.897587][ T1084] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.900163][ T1084] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.906938][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.922454][ T1084] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.925160][ T1084] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.961512][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   47.977283][ T4384] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.979704][ T4384] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.994561][ T4384] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.996968][ T4384] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.017950][ T5828] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   48.022224][ T5828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   48.052514][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.070097][ T5835] 8021q: adding VLAN 0 to HW filter on device team0
[   48.076088][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.078442][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.092214][ T4384] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.094660][ T4384] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.147474][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.172851][ T5832] veth0_vlan: entered promiscuous mode
[   48.182144][ T5832] veth1_vlan: entered promiscuous mode
[   48.200098][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.216997][ T5832] veth0_macvtap: entered promiscuous mode
[   48.227476][ T5832] veth1_macvtap: entered promiscuous mode
[   48.251502][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.257588][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.263015][ T5828] veth0_vlan: entered promiscuous mode
[   48.270598][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.276534][ T5828] veth1_vlan: entered promiscuous mode
[   48.284464][ T5832] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.287468][ T5832] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.291152][ T5832] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.294027][ T5832] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.325712][ T5835] veth0_vlan: entered promiscuous mode
[   48.327932][ T5828] veth0_macvtap: entered promiscuous mode
[   48.346068][ T5828] veth1_macvtap: entered promiscuous mode
[   48.357585][ T5835] veth1_vlan: entered promiscuous mode
[   48.378884][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.381869][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.383683][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.397684][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.411028][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.413891][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.416690][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.420903][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.431933][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.437186][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.461083][ T5835] veth0_macvtap: entered promiscuous mode
[   48.473287][ T5835] veth1_macvtap: entered promiscuous mode
[   48.497750][ T1084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.498098][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   48.506446][ T1084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.516468][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[   48.529857][   T54] Bluetooth: hci1: command tx timeout
[   48.532281][ T5220] Bluetooth: hci0: command tx timeout
[   48.546255][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.550412][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.563123][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[   48.581948][ T5835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   48.586199][ T5835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   48.593334][ T5835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   48.597017][ T5835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.609600][   T54] Bluetooth: hci2: command tx timeout
[   48.763375][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.766884][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.825917][ T4384] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.830499][ T4384] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   49.053604][ T5917] netlink: 212424 bytes leftover after parsing attributes in process `syz.1.10'.
[   49.077514][   T52] Scheduler tracepoints stat_sleep, stat_iowait, stat_blocked and stat_runtime require the kernel parameter schedstats=enable or kernel.sched_schedstats=1
[   49.089060][ T5917] raw_sendmsg: syz.1.10 forgot to set AF_INET. Fix it!
[   49.226877][    C0] hrtimer: interrupt took 185125 ns
[   49.361448][ T5943] warning: `syz.1.15' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   49.511379][ T5959] netlink: 'syz.1.18': attribute type 2 has an invalid length.
[   49.514630][ T5959] netlink: 110008 bytes leftover after parsing attributes in process `syz.1.18'.
[   49.847597][ T6007] netlink: 'syz.1.21': attribute type 13 has an invalid length.
[   49.876484][ T6007] netlink: 160 bytes leftover after parsing attributes in process `syz.1.21'.
[   49.934579][ T6007] erspan0: refused to change device tx_queue_len
[   49.937597][ T6007] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[   49.944435][ T6009] netlink: 61211 bytes leftover after parsing attributes in process `syz.0.23'.
[   50.032332][ T6018] sctp: [Deprecated]: syz.0.26 (pid 6018) Use of int in maxseg socket option.
[   50.032332][ T6018] Use struct sctp_assoc_value instead
[   50.033174][ T6020] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   50.040097][ T6020] IPv6: NLM_F_CREATE should be set when creating new route
[   50.042487][ T6020] IPv6: NLM_F_CREATE should be set when creating new route
[   50.044445][ T6007] syz.1.21 (6007) used greatest stack depth: 18344 bytes left
[   50.045162][ T6020] IPv6: NLM_F_CREATE should be set when creating new route
[   50.126570][ T6026] netlink: 152 bytes leftover after parsing attributes in process `syz.0.30'.
[   50.612655][   T54] Bluetooth: hci1: command tx timeout
[   50.615478][   T54] Bluetooth: hci0: command tx timeout
[   50.680505][   T54] Bluetooth: hci2: command tx timeout
[   51.084927][ T6048] netlink: 60 bytes leftover after parsing attributes in process `syz.0.39'.
[   51.450016][ T6071] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[   51.579458][ T6085] netlink: 14546 bytes leftover after parsing attributes in process `syz.0.57'.
[   51.958401][ T6098] netlink: 'syz.1.63': attribute type 10 has an invalid length.
[   52.593111][ T6098] team0 (unregistering): Port device team_slave_0 removed
[   52.614167][ T6098] team0 (unregistering): Port device team_slave_1 removed
[   52.667611][ T6106] netlink: 'syz.2.66': attribute type 2 has an invalid length.
[   52.674800][ T6106] netlink: 85376 bytes leftover after parsing attributes in process `syz.2.66'.
[   52.679842][   T54] Bluetooth: hci1: command tx timeout
[   52.679968][ T5220] Bluetooth: hci0: command tx timeout
[   52.761267][ T5220] Bluetooth: hci2: command tx timeout
[   52.794340][ T6113] netlink: 'syz.1.70': attribute type 11 has an invalid length.
[   52.796955][ T6113] netlink: 149476 bytes leftover after parsing attributes in process `syz.1.70'.
[   52.813405][ T6113] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   52.950695][ T6121] netlink: 15999 bytes leftover after parsing attributes in process `syz.1.73'.
[   53.183424][ T6129] netlink: 'syz.1.78': attribute type 2 has an invalid length.
[   53.185460][ T6131] netlink: 'syz.2.77': attribute type 2 has an invalid length.
[   53.188533][ T6131] netlink: 'syz.2.77': attribute type 8 has an invalid length.
[   53.473266][ T6156] netlink: zone id is out of range
[   53.475164][ T6156] netlink: zone id is out of range
[   53.485299][ T6156] netlink: zone id is out of range
[   53.487036][ T6156] netlink: zone id is out of range
[   53.496675][ T6156] netlink: zone id is out of range
[   53.498433][ T6156] netlink: zone id is out of range
[   53.505479][ T6156] netlink: zone id is out of range
[   53.507481][ T6156] netlink: zone id is out of range
[   53.513949][ T6156] netlink: zone id is out of range
[   53.566728][ T6158] syzkaller0: entered promiscuous mode
[   53.569598][ T6158] syzkaller0: entered allmulticast mode
[   54.324600][ T6184] __nla_validate_parse: 6 callbacks suppressed
[   54.324610][ T6184] netlink: 495 bytes leftover after parsing attributes in process `syz.2.104'.
[   54.365508][ T6188] netlink: 4 bytes leftover after parsing attributes in process `syz.2.106'.
[   54.759144][ T5220] Bluetooth: hci0: command tx timeout
[   54.839537][ T5220] Bluetooth: hci2: command tx timeout
[   55.228607][ T6208] netlink: 'syz.0.112': attribute type 21 has an invalid length.
[   55.232160][ T6208] netlink: 132 bytes leftover after parsing attributes in process `syz.0.112'.
[   55.253257][ T5220] Bluetooth: hci1: command tx timeout
[   55.520808][ T6217] netlink: 'syz.0.115': attribute type 10 has an invalid length.
[   55.523578][ T6217] netlink: 56823 bytes leftover after parsing attributes in process `syz.0.115'.
[   55.573467][ T6219] netlink: 'syz.0.116': attribute type 1 has an invalid length.
[   55.576417][ T6219] netlink: 'syz.0.116': attribute type 4 has an invalid length.
[   55.586205][ T6219] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.116'.
[   55.617502][ T6213] delete_channel: no stack
[   56.181831][ T6236] netlink: 'syz.0.124': attribute type 28 has an invalid length.
[   56.530914][ T6242] netlink: 183676 bytes leftover after parsing attributes in process `syz.0.126'.
[   56.654169][ T6253] netlink: 'syz.0.131': attribute type 21 has an invalid length.
[   56.656848][ T6253] netlink: 128 bytes leftover after parsing attributes in process `syz.0.131'.
[   56.663450][ T6253] netlink: 'syz.0.131': attribute type 3 has an invalid length.
[   56.677640][ T6253] netlink: 3 bytes leftover after parsing attributes in process `syz.0.131'.
[   56.796495][ T6261] netlink: 'syz.0.135': attribute type 15 has an invalid length.
[   56.799857][ T6261] netlink: 'syz.0.135': attribute type 7 has an invalid length.
[   56.802755][ T6261] netlink: 52 bytes leftover after parsing attributes in process `syz.0.135'.
[   56.856693][ T6265] netlink: 'syz.1.137': attribute type 29 has an invalid length.
[   56.927590][ T6267] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.138'.
[   57.057193][ T6285] delete_channel: no stack
[   57.078370][ T6285] delete_channel: no stack
[   57.516157][ T6320] bridge_slave_1: left allmulticast mode
[   57.518130][ T6320] bridge_slave_1: left promiscuous mode
[   57.521473][ T6320] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.527356][ T6320] bridge_slave_0: left allmulticast mode
[   57.538503][ T6320] bridge_slave_0: left promiscuous mode
[   57.545440][ T6320] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.097940][ T6363] syzkaller0: entered promiscuous mode
[   58.099967][ T6363] syzkaller0: entered allmulticast mode
[   58.978376][ T5220] Bluetooth: hci1: ACL packet for unknown connection handle 0
[   59.790919][ T6451] syz.1.226 uses obsolete (PF_INET,SOCK_PACKET)
[   60.393917][ T6498] __nla_validate_parse: 8 callbacks suppressed
[   60.393927][ T6498] netlink: 60 bytes leftover after parsing attributes in process `syz.1.246'.
[   60.507160][ T6504] validate_nla: 7 callbacks suppressed
[   60.507171][ T6504] netlink: 'syz.0.250': attribute type 4 has an invalid length.
[   60.566715][ T6509] Zero length message leads to an empty skb
[   60.628300][ T6508] Driver unsupported XDP return value 0 on prog  (id 89) dev N/A, expect packet loss!
[   61.759504][ T6551] syzkaller0: entered promiscuous mode
[   61.761383][ T6551] syzkaller0: entered allmulticast mode
[   62.024247][ T6575] netlink: 'syz.2.283': attribute type 1 has an invalid length.
[   62.094546][ T6581] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.285'.
[   62.107766][ T6582] netlink: 132 bytes leftover after parsing attributes in process `syz.2.283'.
[   62.316202][ T6594] netlink: 'syz.0.291': attribute type 2 has an invalid length.
[   62.321502][ T6594] netlink: 17267 bytes leftover after parsing attributes in process `syz.0.291'.
[   62.986961][ T6617] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.302'.
[   62.991712][ T6615] netlink: 132 bytes leftover after parsing attributes in process `syz.1.300'.
[   63.264270][ T6638] netlink: 15999 bytes leftover after parsing attributes in process `syz.1.312'.
[   63.628997][ T6669] syzkaller0: entered promiscuous mode
[   63.630807][ T6669] syzkaller0: entered allmulticast mode
[   65.024515][ T6707] netlink: 22 bytes leftover after parsing attributes in process `syz.0.339'.
[   67.072778][    C1] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 2303793970 wd_nsec: 2303793996
[   70.850348][ T1359] ieee802154 phy0 wpan0: encryption failed: -22
[   70.850535][ T1359] ieee802154 phy1 wpan1: encryption failed: -22
[   81.788525][ T6725] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   81.794032][ T6725] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   81.794687][ T6725] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   81.799405][ T6725] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   81.799950][ T6725] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   81.800627][ T6725] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   81.801725][ T6725] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   81.803017][ T6725] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   81.804656][ T6725] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   81.805901][ T6725] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   81.806922][ T6725] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   81.808581][ T6725] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   81.819569][ T6725] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   81.820007][ T6725] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   81.822875][ T5831] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   82.775559][ T6722] chnl_net:caif_netlink_parms(): no params data found
[   82.859685][ T6718] chnl_net:caif_netlink_parms(): no params data found
[   83.879321][ T6727] Bluetooth: hci3: command tx timeout
[   83.879629][ T6727] Bluetooth: hci5: command tx timeout
[   83.879721][ T6727] Bluetooth: hci4: command tx timeout
[   85.959327][ T6726] Bluetooth: hci4: command tx timeout
[   85.959371][ T6726] Bluetooth: hci5: command tx timeout
[   85.959401][ T6726] Bluetooth: hci3: command tx timeout
[   88.039183][ T6727] Bluetooth: hci3: command tx timeout
[   88.039224][ T6727] Bluetooth: hci5: command tx timeout
[   88.039255][ T6727] Bluetooth: hci4: command tx timeout
[   90.119241][ T6727] Bluetooth: hci5: command tx timeout
[   90.119285][ T6727] Bluetooth: hci3: command tx timeout
[   90.119346][ T6726] Bluetooth: hci4: command tx timeout
[  132.298197][ T1359] ieee802154 phy0 wpan0: encryption failed: -22
[  132.298257][ T1359] ieee802154 phy1 wpan1: encryption failed: -22
[  141.989592][ T5831] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  141.990712][ T5831] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  141.991249][ T5831] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  141.992460][ T5831] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  141.993267][ T5831] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  141.998099][ T5831] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  141.999048][ T5831] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  141.999636][ T5831] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  142.000895][ T5831] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  142.001695][ T5831] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  142.129327][ T5831] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  142.132603][ T5831] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  142.139228][ T5831] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  142.140418][ T5831] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  142.144232][ T5831] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  144.039112][ T6726] Bluetooth: hci6: command tx timeout
[  144.040622][ T5831] Bluetooth: hci7: command tx timeout
[  144.199089][ T5831] Bluetooth: hci8: command tx timeout
[  146.119163][ T6726] Bluetooth: hci6: command tx timeout
[  146.120290][ T5831] Bluetooth: hci7: command tx timeout
[  146.279064][ T5831] Bluetooth: hci8: command tx timeout
[  148.199635][ T6726] Bluetooth: hci6: command tx timeout
[  148.205688][ T5831] Bluetooth: hci7: command tx timeout
[  148.359189][ T5831] Bluetooth: hci8: command tx timeout
[  150.279085][ T6726] Bluetooth: hci6: command tx timeout
[  150.279139][ T5831] Bluetooth: hci7: command tx timeout
[  150.439206][ T5831] Bluetooth: hci8: command tx timeout
[  170.207959][ T6725] Bluetooth: hci0: command 0x0406 tx timeout
[  170.208007][ T6725] Bluetooth: hci1: command 0x0406 tx timeout
[  170.208075][ T5831] Bluetooth: hci2: command 0x0406 tx timeout
[  171.638942][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  171.638957][    C1] rcu: 	1-....: (1 GPs behind) idle=c36c/1/0x4000000000000000 softirq=17199/17200 fqs=5235
[  171.639239][    C1] rcu: 	         hardirqs   softirqs   csw/system
[  171.639244][    C1] rcu: 	 number:   962305          0            0
[  171.639251][    C1] rcu: 	cputime:    26217      26272           96   ==> 52490(ms)
[  171.639259][    C1] rcu: 	(t=10501 jiffies g=8789 q=3164 ncpus=2)
[  171.639269][    C1] CPU: 1 UID: 0 PID: 6707 Comm: syz.0.339 Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[  171.639277][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  171.639281][    C1] RIP: 0010:__local_bh_enable_ip+0x135/0x1c0
[  171.639294][    C1] Code: 8b e8 ff f2 e8 09 65 66 8b 05 df 5f 1a 11 66 85 c0 75 5a bf 01 00 00 00 e8 e8 27 0b 00 e8 73 f9 41 00 fb 65 8b 05 bb 5f 1a 11 <85> c0 75 05 e8 f2 f5 ad ff 48 c7 04 24 0e 36 e0 45 4b c7 04 37 00
[  171.639299][    C1] RSP: 0018:ffffc900001e0960 EFLAGS: 00000286
[  171.639306][    C1] RAX: 0000000000000101 RBX: 0000000000000200 RCX: 6faa8fe60ef9d400
[  171.639311][    C1] RDX: 0000000000000002 RSI: ffffffff8d99873a RDI: ffffffff8be29f80
[  171.639315][    C1] RBP: ffffc900001e09f0 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  171.639320][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffffffff8664af00
[  171.639324][    C1] R13: ffff88810e82a000 R14: dffffc0000000000 R15: 1ffff9200003c12c
[  171.639329][    C1] FS:  00007fc58007a6c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  171.639334][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  171.639339][    C1] CR2: 00007fc0d1598fc8 CR3: 0000000029690000 CR4: 00000000000006f0
[  171.639366][    C1] Call Trace:
[  171.639372][    C1]  <IRQ>
[  171.639378][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  171.639396][    C1]  ? wg_packet_send_staged_packets+0x270/0x17d0
[  171.639416][    C1]  ? wg_packet_send_staged_packets+0x270/0x17d0
[  171.639426][    C1]  wg_packet_send_staged_packets+0x117e/0x17d0
[  171.639452][    C1]  ? wg_packet_send_staged_packets+0x270/0x17d0
[  171.639469][    C1]  ? __pfx_wg_packet_send_staged_packets+0x10/0x10
[  171.639478][    C1]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  171.639507][    C1]  ? skb_queue_tail+0x30/0xf0
[  171.639526][    C1]  ? wg_packet_send_keepalive+0x16f/0x2c0
[  171.639583][    C1]  call_timer_fn+0x17e/0x5f0
[  171.639593][    C1]  ? __pfx_wg_expired_send_persistent_keepalive+0x10/0x10
[  171.639602][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.639610][    C1]  ? call_timer_fn+0xbe/0x5f0
[  171.639618][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  171.639651][    C1]  ? __pfx_wg_expired_send_persistent_keepalive+0x10/0x10
[  171.639667][    C1]  __run_timer_base+0x61a/0x860
[  171.639676][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  171.639716][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  171.639760][    C1]  run_timer_softirq+0xb7/0x180
[  171.639774][    C1]  handle_softirqs+0x286/0x870
[  171.639792][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  171.639813][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  171.639827][    C1]  ? irq_work_single+0x1ac/0x240
[  171.639844][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  171.639861][    C1]  __irq_exit_rcu+0xca/0x1f0
[  171.639871][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  171.639890][    C1]  ? rcu_is_watching+0x15/0xb0
[  171.639905][    C1]  irq_exit_rcu+0x9/0x30
[  171.639912][    C1]  sysvec_irq_work+0xa3/0xc0
[  171.639920][    C1]  </IRQ>
[  171.639922][    C1]  <TASK>
[  171.639927][    C1]  asm_sysvec_irq_work+0x1a/0x20
[  171.639935][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  171.639944][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 ea 0a 82 00 48 8b 1b 48 8b 44 24
[  171.639949][    C1] RSP: 0018:ffffc90008ed6d40 EFLAGS: 00000287
[  171.639955][    C1] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  171.639959][    C1] RDX: ffffc90022ae7000 RSI: 0000000000001d5e RDI: 0000000000001d5f
[  171.639963][    C1] RBP: ffffc90008ed6e90 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  171.639968][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  171.639972][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  171.640015][    C1]  ? console_flush_all+0x13a/0xc40
[  171.640039][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  171.640071][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  171.640090][    C1]  console_unlock+0xc4/0x270
[  171.640106][    C1]  ? __pfx_console_unlock+0x10/0x10
[  171.640125][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  171.640144][    C1]  vprintk_emit+0x5b7/0x7a0
[  171.640161][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  171.640167][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  171.640177][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  171.640219][    C1]  _printk+0xcf/0x120
[  171.640232][    C1]  ? __pfx____ratelimit+0x10/0x10
[  171.640250][    C1]  ? __pfx__printk+0x10/0x10
[  171.640257][    C1]  ? trace_call_bpf+0xb7/0x850
[  171.640291][    C1]  __nla_validate_parse+0x2563/0x2d40
[  171.640302][    C1]  ? __sock_sendmsg+0x21c/0x270
[  171.640310][    C1]  ? ____sys_sendmsg+0x505/0x830
[  171.640317][    C1]  ? ___sys_sendmsg+0x21f/0x2a0
[  171.640323][    C1]  ? __x64_sys_sendmsg+0x19b/0x260
[  171.640361][    C1]  ? __pfx___nla_validate_parse+0x10/0x10
[  171.640427][    C1]  __nla_parse+0x40/0x60
[  171.640447][    C1]  genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  171.640473][    C1]  genl_family_rcv_msg_doit+0xb8/0x300
[  171.640497][    C1]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  171.640512][    C1]  ? rcu_is_watching+0x15/0xb0
[  171.640527][    C1]  ? apparmor_capable+0x137/0x1b0
[  171.640560][    C1]  ? bpf_lsm_capable+0x9/0x20
[  171.640568][    C1]  ? security_capable+0x7e/0x2e0
[  171.640591][    C1]  genl_rcv_msg+0x60e/0x790
[  171.640616][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  171.640626][    C1]  ? __pfx_ovs_dp_cmd_set+0x10/0x10
[  171.640639][    C1]  ? irqentry_exit+0x74/0x90
[  171.640649][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.640677][    C1]  netlink_rcv_skb+0x208/0x470
[  171.640689][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  171.640704][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  171.640746][    C1]  ? down_read+0x1ad/0x2e0
[  171.640763][    C1]  genl_rcv+0x28/0x40
[  171.640772][    C1]  netlink_unicast+0x75c/0x8e0
[  171.640806][    C1]  netlink_sendmsg+0x805/0xb30
[  171.640838][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  171.640851][    C1]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  171.640860][    C1]  ? aa_sock_msg_perm+0x94/0x160
[  171.640875][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  171.640885][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  171.640896][    C1]  __sock_sendmsg+0x21c/0x270
[  171.640915][    C1]  ____sys_sendmsg+0x505/0x830
[  171.640937][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  171.640966][    C1]  ? import_iovec+0x74/0xa0
[  171.640983][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  171.640999][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  171.641050][    C1]  ? __fget_files+0x2a/0x420
[  171.641083][    C1]  ? __fget_files+0x2a/0x420
[  171.641091][    C1]  ? __fget_files+0x3a0/0x420
[  171.641121][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  171.641137][    C1]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  171.641193][    C1]  do_syscall_64+0xfa/0x3b0
[  171.641206][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.641212][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  171.641229][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.641235][    C1] RIP: 0033:0x7fc57f18e9a9
[  171.641245][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.641250][    C1] RSP: 002b:00007fc58007a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.641257][    C1] RAX: ffffffffffffffda RBX: 00007fc57f3b6160 RCX: 00007fc57f18e9a9
[  171.641261][    C1] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000c
[  171.641265][    C1] RBP: 00007fc57f210d69 R08: 0000000000000000 R09: 0000000000000000
[  171.641269][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.641272][    C1] R13: 0000000000000000 R14: 00007fc57f3b6160 R15: 00007ffc71c13ee8
[  171.641307][    C1]  </TASK>
[  193.726086][ T1359] ieee802154 phy0 wpan0: encryption failed: -22
[  193.726143][ T1359] ieee802154 phy1 wpan1: encryption failed: -22
[  198.847179][   T18] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-.... } 13378 jiffies s: 4525 root: 0x2/.
[  198.847213][   T18] rcu: blocking rcu_node structures (internal RCU debug):
[  198.847224][   T18] Sending NMI from CPU 0 to CPUs 1:
[  198.847254][    C1] NMI backtrace for cpu 1
[  198.847282][    C1] CPU: 1 UID: 0 PID: 6707 Comm: syz.0.339 Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[  198.847290][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  198.847294][    C1] RIP: 0010:asm_sysvec_irq_work+0x0/0x20
[  198.847305][    C1] Code: 16 64 6e 0a e9 41 05 00 00 90 f3 0f 1e fa 0f 1f 00 fc 6a ff e8 f1 03 00 00 48 89 c4 48 89 e7 e8 f6 42 6e 0a e9 21 05 00 00 90 <f3> 0f 1e fa 0f 1f 00 fc 6a ff e8 d1 03 00 00 48 89 c4 48 89 e7 e8
[  198.847311][    C1] RSP: 0018:ffffc900001e0298 EFLAGS: 00000006
[  198.847317][    C1] RAX: 6faa8fe60ef9d400 RBX: 1ffff9200003c060 RCX: 6faa8fe60ef9d400
[  198.847322][    C1] RDX: 0000000000000002 RSI: ffffffff8d99873a RDI: ffffffff8be29f80
[  198.847327][    C1] RBP: ffffc900001e03b8 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  198.847331][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffffffff8e144400
[  198.847335][    C1] R13: dffffc0000000000 R14: 0000000000000246 R15: 0000000000000002
[  198.847340][    C1] FS:  00007fc58007a6c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  198.847345][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  198.847349][    C1] CR2: 00007fc0d1598fc8 CR3: 0000000029690000 CR4: 00000000000006f0
[  198.847375][    C1] Call Trace:
[  198.847381][    C1]  <IRQ>
[  198.847383][    C1] RIP: 0010:rcu_read_unlock_special+0x87/0x4c0
[  198.847394][    C1] Code: f1 f1 f1 00 f2 f2 f2 4a 89 04 2b 66 42 c7 44 2b 09 f3 f3 42 c6 44 2b 0b f3 65 44 8b 35 92 37 f8 10 41 f7 c6 00 00 f0 00 74 49 <48> c7 44 24 40 0e 36 e0 45 4a c7 04 2b 00 00 00 00 66 42 c7 44 2b
[  198.847399][    C1] RSP: 0018:ffffc900001e02c0 EFLAGS: 00000206
[  198.847411][    C1]  ? __pfx_perf_trace_lock+0x10/0x10
[  198.847426][    C1]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  198.847440][    C1]  ? unwind_next_frame+0xa5/0x2390
[  198.847460][    C1]  __rcu_read_unlock+0x84/0xe0
[  198.847473][    C1]  ? unwind_next_frame+0xa5/0x2390
[  198.847479][    C1]  unwind_next_frame+0x19ae/0x2390
[  198.847495][    C1]  ? unwind_next_frame+0xa5/0x2390
[  198.847504][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  198.847518][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  198.847529][    C1]  arch_stack_walk+0x11c/0x150
[  198.847545][    C1]  ? irq_exit_rcu+0x9/0x30
[  198.847559][    C1]  stack_trace_save+0x9c/0xe0
[  198.847570][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  198.847590][    C1]  ? __irq_exit_rcu+0xd8/0x1f0
[  198.847598][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  198.847610][    C1]  kasan_save_track+0x3e/0x80
[  198.847622][    C1]  ? kasan_save_track+0x3e/0x80
[  198.847630][    C1]  ? kasan_save_free_info+0x46/0x50
[  198.847638][    C1]  ? __kasan_slab_free+0x62/0x70
[  198.847643][    C1]  ? kmem_cache_free+0x18f/0x400
[  198.847649][    C1]  ? skb_release_data+0x62d/0x7c0
[  198.847656][    C1]  ? __kfree_skb+0x55/0x70
[  198.847662][    C1]  ? tcp_write_queue_purge+0x143/0x2f0
[  198.847672][    C1]  ? tcp_done_with_error+0x43/0xd0
[  198.847679][    C1]  ? tcp_retransmit_timer+0x1d16/0x3370
[  198.847687][    C1]  ? tcp_write_timer+0x162/0x2e0
[  198.847695][    C1]  ? call_timer_fn+0x17e/0x5f0
[  198.847701][    C1]  ? __run_timer_base+0x61a/0x860
[  198.847709][    C1]  ? run_timer_softirq+0xb7/0x180
[  198.847717][    C1]  ? handle_softirqs+0x286/0x870
[  198.847724][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  198.847778][    C1]  ? skb_release_data+0x62d/0x7c0
[  198.847786][    C1]  kasan_save_free_info+0x46/0x50
[  198.847795][    C1]  __kasan_slab_free+0x62/0x70
[  198.847803][    C1]  kmem_cache_free+0x18f/0x400
[  198.847817][    C1]  skb_release_data+0x62d/0x7c0
[  198.847838][    C1]  __kfree_skb+0x55/0x70
[  198.847847][    C1]  tcp_write_queue_purge+0x143/0x2f0
[  198.847866][    C1]  tcp_done_with_error+0x43/0xd0
[  198.847877][    C1]  tcp_retransmit_timer+0x1d16/0x3370
[  198.847902][    C1]  ? __pfx_tcp_retransmit_timer+0x10/0x10
[  198.847914][    C1]  ? kvm_clock_get_cycles+0x47/0x60
[  198.847925][    C1]  ? ktime_get+0x1cb/0x1f0
[  198.847941][    C1]  ? tcp_write_timer_handler+0x33c/0x9b0
[  198.847958][    C1]  tcp_write_timer+0x162/0x2e0
[  198.847973][    C1]  call_timer_fn+0x17e/0x5f0
[  198.847980][    C1]  ? __pfx_tcp_write_timer+0x10/0x10
[  198.847988][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.847995][    C1]  ? call_timer_fn+0xbe/0x5f0
[  198.848002][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  198.848024][    C1]  ? __pfx_tcp_write_timer+0x10/0x10
[  198.848037][    C1]  __run_timer_base+0x61a/0x860
[  198.848046][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  198.848073][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  198.848103][    C1]  run_timer_softirq+0xb7/0x180
[  198.848115][    C1]  handle_softirqs+0x286/0x870
[  198.848129][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  198.848144][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  198.848152][    C1]  ? irq_work_single+0x1ac/0x240
[  198.848164][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  198.848178][    C1]  __irq_exit_rcu+0xca/0x1f0
[  198.848187][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  198.848200][    C1]  ? rcu_is_watching+0x15/0xb0
[  198.848212][    C1]  irq_exit_rcu+0x9/0x30
[  198.848218][    C1]  sysvec_irq_work+0xa3/0xc0
[  198.848226][    C1]  </IRQ>
[  198.848228][    C1]  <TASK>
[  198.848233][    C1]  asm_sysvec_irq_work+0x1a/0x20
[  198.848239][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  198.848248][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 ea 0a 82 00 48 8b 1b 48 8b 44 24
[  198.848253][    C1] RSP: 0018:ffffc90008ed6d40 EFLAGS: 00000287
[  198.848292][    C1] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  198.848297][    C1] RDX: ffffc90022ae7000 RSI: 0000000000001d5e RDI: 0000000000001d5f
[  198.848301][    C1] RBP: ffffc90008ed6e90 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  198.848306][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  198.848310][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  198.848340][    C1]  ? console_flush_all+0x13a/0xc40
[  198.848358][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  198.848381][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  198.848396][    C1]  console_unlock+0xc4/0x270
[  198.848409][    C1]  ? __pfx_console_unlock+0x10/0x10
[  198.848423][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  198.848438][    C1]  vprintk_emit+0x5b7/0x7a0
[  198.848451][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  198.848458][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  198.848468][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  198.848497][    C1]  _printk+0xcf/0x120
[  198.848507][    C1]  ? __pfx____ratelimit+0x10/0x10
[  198.848521][    C1]  ? __pfx__printk+0x10/0x10
[  198.848529][    C1]  ? trace_call_bpf+0xb7/0x850
[  198.848552][    C1]  __nla_validate_parse+0x2563/0x2d40
[  198.848562][    C1]  ? __sock_sendmsg+0x21c/0x270
[  198.848570][    C1]  ? ____sys_sendmsg+0x505/0x830
[  198.848581][    C1]  ? ___sys_sendmsg+0x21f/0x2a0
[  198.848587][    C1]  ? __x64_sys_sendmsg+0x19b/0x260
[  198.848614][    C1]  ? __pfx___nla_validate_parse+0x10/0x10
[  198.848658][    C1]  __nla_parse+0x40/0x60
[  198.848674][    C1]  genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  198.848694][    C1]  genl_family_rcv_msg_doit+0xb8/0x300
[  198.848711][    C1]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  198.848723][    C1]  ? rcu_is_watching+0x15/0xb0
[  198.848735][    C1]  ? apparmor_capable+0x137/0x1b0
[  198.848746][    C1]  ? bpf_lsm_capable+0x9/0x20
[  198.848752][    C1]  ? security_capable+0x7e/0x2e0
[  198.848770][    C1]  genl_rcv_msg+0x60e/0x790
[  198.848788][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  198.848797][    C1]  ? __pfx_ovs_dp_cmd_set+0x10/0x10
[  198.848808][    C1]  ? irqentry_exit+0x74/0x90
[  198.848817][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  198.848837][    C1]  netlink_rcv_skb+0x208/0x470
[  198.848847][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  198.848859][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  198.848887][    C1]  ? down_read+0x1ad/0x2e0
[  198.848901][    C1]  genl_rcv+0x28/0x40
[  198.848909][    C1]  netlink_unicast+0x75c/0x8e0
[  198.848934][    C1]  netlink_sendmsg+0x805/0xb30
[  198.848953][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  198.848963][    C1]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  198.848972][    C1]  ? aa_sock_msg_perm+0x94/0x160
[  198.848984][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  198.848993][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  198.849002][    C1]  __sock_sendmsg+0x21c/0x270
[  198.849017][    C1]  ____sys_sendmsg+0x505/0x830
[  198.849033][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  198.849053][    C1]  ? import_iovec+0x74/0xa0
[  198.849066][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  198.849078][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  198.849111][    C1]  ? __fget_files+0x2a/0x420
[  198.849134][    C1]  ? __fget_files+0x2a/0x420
[  198.849141][    C1]  ? __fget_files+0x3a0/0x420
[  198.849162][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  198.849175][    C1]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  198.849212][    C1]  do_syscall_64+0xfa/0x3b0
[  198.849223][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.849229][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  198.849242][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.849249][    C1] RIP: 0033:0x7fc57f18e9a9
[  198.849277][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.849282][    C1] RSP: 002b:00007fc58007a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  198.849289][    C1] RAX: ffffffffffffffda RBX: 00007fc57f3b6160 RCX: 00007fc57f18e9a9
[  198.849294][    C1] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000c
[  198.849298][    C1] RBP: 00007fc57f210d69 R08: 0000000000000000 R09: 0000000000000000
[  198.849301][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  198.849305][    C1] R13: 0000000000000000 R14: 00007fc57f3b6160 R15: 00007ffc71c13ee8
[  198.849328][    C1]  </TASK>
[  202.230720][   T54] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  202.231765][   T54] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  202.232314][   T54] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  202.233549][   T54] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  202.234369][   T54] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  202.373006][ T6766] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  202.384549][ T6766] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  202.385286][ T6766] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  202.386527][ T6766] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  202.387322][ T6766] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  202.512919][ T6769] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  202.514086][ T6769] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  202.514693][ T6769] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  202.515949][ T6769] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  202.516769][ T6769] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  206.199627][ T6773] Bluetooth: hci4: command 0x0406 tx timeout
[  206.199671][ T6773] Bluetooth: hci5: command 0x0406 tx timeout
[  206.199701][ T6773] Bluetooth: hci3: command 0x0406 tx timeout
[  225.719281][   T34] INFO: task rcu_tasks_trace:32 blocked for more than 143 seconds.
[  225.719301][   T34]       Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0
[  225.719309][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  225.719315][   T34] task:rcu_tasks_trace state:D stack:26360 pid:32    tgid:32    ppid:2      task_flags:0x208040 flags:0x00004000
[  225.719344][   T34] Call Trace:
[  225.719350][   T34]  <TASK>
[  225.719365][   T34]  __schedule+0x16f5/0x4d00
[  225.719398][   T34]  ? perf_trace_run_bpf_submit+0x100/0x170
[  225.719426][   T34]  ? schedule+0x165/0x360
[  225.719450][   T34]  ? __pfx___schedule+0x10/0x10
[  225.719499][   T34]  ? schedule+0x91/0x360
[  225.719521][   T34]  schedule+0x165/0x360
[  225.719541][   T34]  schedule_preempt_disabled+0x13/0x30
[  225.719553][   T34]  __mutex_lock+0x724/0xe80
[  225.719568][   T34]  ? perf_trace_lock+0x2f8/0x3b0
[  225.719582][   T34]  ? __mutex_lock+0x51b/0xe80
[  225.719608][   T34]  ? synchronize_rcu_expedited+0x3b9/0x730
[  225.719629][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  225.719668][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  225.719692][   T34]  synchronize_rcu_expedited+0x3b9/0x730
[  225.719706][   T34]  ? perf_trace_lock+0x2f8/0x3b0
[  225.719722][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  225.719772][   T34]  ? __pfx___might_resched+0x10/0x10
[  225.719791][   T34]  ? rcu_tasks_trace_pregp_step+0xe2a/0xe70
[  225.719830][   T34]  synchronize_rcu+0x11a/0x310
[  225.719845][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  225.719860][   T34]  ? __pfx_rcu_tasks_trace_pregp_step+0x10/0x10
[  225.719874][   T34]  ? rcu_is_watching+0x15/0xb0
[  225.719889][   T34]  ? trace_contention_end+0x39/0x120
[  225.719905][   T34]  ? __mutex_lock+0x330/0xe80
[  225.719927][   T34]  rcu_tasks_wait_gp+0x490/0xac0
[  225.719961][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  225.719973][   T34]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  225.720013][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.720030][   T34]  ? __pfx_rcu_tasks_wait_gp+0x10/0x10
[  225.720047][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  225.720079][   T34]  rcu_tasks_one_gp+0xc19/0xdf0
[  225.720120][   T34]  ? rcu_tasks_one_gp+0xe9/0xdf0
[  225.720153][   T34]  rcu_tasks_kthread+0x195/0x1c0
[  225.720179][   T34]  kthread+0x711/0x8a0
[  225.720203][   T34]  ? __pfx_rcu_tasks_kthread+0x10/0x10
[  225.720219][   T34]  ? __pfx_kthread+0x10/0x10
[  225.720242][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  225.720256][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.720267][   T34]  ? __pfx_kthread+0x10/0x10
[  225.720287][   T34]  ret_from_fork+0x3fc/0x770
[  225.720307][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  225.720332][   T34]  ? __switch_to_asm+0x39/0x70
[  225.720345][   T34]  ? __switch_to_asm+0x33/0x70
[  225.720357][   T34]  ? __pfx_kthread+0x10/0x10
[  225.720377][   T34]  ret_from_fork_asm+0x1a/0x30
[  225.720420][   T34]  </TASK>
[  225.720474][   T34] INFO: task kworker/u9:12:5992 blocked for more than 143 seconds.
[  225.720488][   T34]       Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0
[  225.720495][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  225.720501][   T34] task:kworker/u9:12   state:D stack:24744 pid:5992  tgid:5992  ppid:2      task_flags:0x4208060 flags:0x00004000
[  225.720527][   T34] Workqueue: events_unbound cfg80211_wiphy_work
[  225.720546][   T34] Call Trace:
[  225.720551][   T34]  <TASK>
[  225.720566][   T34]  __schedule+0x16f5/0x4d00
[  225.720594][   T34]  ? perf_trace_run_bpf_submit+0x100/0x170
[  225.720622][   T34]  ? schedule+0x165/0x360
[  225.720645][   T34]  ? __pfx___schedule+0x10/0x10
[  225.720673][   T34]  ? schedule+0x91/0x360
[  225.720699][   T34]  ? schedule+0x91/0x360
[  225.720720][   T34]  schedule+0x165/0x360
[  225.720740][   T34]  synchronize_rcu_expedited+0x5f5/0x730
[  225.720761][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  225.720777][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  225.720823][   T34]  ? __pfx___might_resched+0x10/0x10
[  225.720841][   T34]  ? perf_trace_run_bpf_submit+0x100/0x170
[  225.720878][   T34]  synchronize_rcu+0x11a/0x310
[  225.720893][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  225.720907][   T34]  ? __ieee80211_scan_completed+0x3fa/0xb40
[  225.720941][   T34]  __ieee80211_scan_completed+0x4f8/0xb40
[  225.720974][   T34]  cfg80211_wiphy_work+0x2df/0x460
[  225.721016][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  225.721034][   T34]  process_scheduled_works+0xae1/0x17b0
[  225.721099][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  225.721143][   T34]  worker_thread+0x8a0/0xda0
[  225.721205][   T34]  kthread+0x711/0x8a0
[  225.721228][   T34]  ? __pfx_worker_thread+0x10/0x10
[  225.721243][   T34]  ? __pfx_kthread+0x10/0x10
[  225.721264][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  225.721278][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.721290][   T34]  ? __pfx_kthread+0x10/0x10
[  225.721309][   T34]  ret_from_fork+0x3fc/0x770
[  225.721328][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  225.721354][   T34]  ? __switch_to_asm+0x39/0x70
[  225.721366][   T34]  ? __switch_to_asm+0x33/0x70
[  225.721378][   T34]  ? __pfx_kthread+0x10/0x10
[  225.721398][   T34]  ret_from_fork_asm+0x1a/0x30
[  225.721440][   T34]  </TASK>
[  225.721447][   T34] INFO: task syz.2.336:6694 blocked for more than 143 seconds.
[  225.721455][   T34]       Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0
[  225.721462][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  225.721468][   T34] task:syz.2.336       state:D stack:24264 pid:6694  tgid:6694  ppid:5832   task_flags:0x400040 flags:0x00004004
[  225.721497][   T34] Call Trace:
[  225.721503][   T34]  <TASK>
[  225.721517][   T34]  __schedule+0x16f5/0x4d00
[  225.721546][   T34]  ? perf_trace_run_bpf_submit+0x100/0x170
[  225.721573][   T34]  ? schedule+0x165/0x360
[  225.721596][   T34]  ? __pfx___schedule+0x10/0x10
[  225.721624][   T34]  ? schedule+0x91/0x360
[  225.721649][   T34]  ? schedule+0x91/0x360
[  225.721671][   T34]  schedule+0x165/0x360
[  225.721691][   T34]  synchronize_rcu_expedited+0x5f5/0x730
[  225.721703][   T34]  ? bpf_raw_tp_link_release+0x43/0x70
[  225.721715][   T34]  ? bpf_link_free+0xed/0x330
[  225.721734][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  225.721750][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  225.721795][   T34]  ? __pfx___might_resched+0x10/0x10
[  225.721839][   T34]  synchronize_rcu+0x11a/0x310
[  225.721854][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  225.721871][   T34]  ? rcu_is_watching+0x15/0xb0
[  225.721886][   T34]  ? trace_kmalloc+0x1f/0xd0
[  225.721897][   T34]  ? tracepoint_probe_unregister+0x324/0x9b0
[  225.721911][   T34]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  225.721934][   T34]  tracepoint_probe_unregister+0x725/0x9b0
[  225.721960][   T34]  ? __pfx_bpf_link_release+0x10/0x10
[  225.721997][   T34]  bpf_raw_tp_link_release+0x43/0x70
[  225.722018][   T34]  bpf_link_free+0xed/0x330
[  225.722037][   T34]  ? __pfx_bpf_link_release+0x10/0x10
[  225.722055][   T34]  bpf_link_release+0x6b/0x80
[  225.722072][   T34]  __fput+0x44c/0xa70
[  225.722110][   T34]  task_work_run+0x1d4/0x260
[  225.722133][   T34]  ? __pfx_task_work_run+0x10/0x10
[  225.722161][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  225.722180][   T34]  exit_to_user_mode_loop+0xec/0x110
[  225.722195][   T34]  do_syscall_64+0x2bd/0x3b0
[  225.722209][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.722223][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.722237][   T34]  ? exc_page_fault+0x9f/0xf0
[  225.722257][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.722268][   T34] RIP: 0033:0x7f3e2b78e9a9
[  225.722281][   T34] RSP: 002b:00007ffe0a5caa08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  225.722295][   T34] RAX: 0000000000000000 RBX: 00007f3e2b9b7ba0 RCX: 00007f3e2b78e9a9
[  225.722304][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  225.722311][   T34] RBP: 00007f3e2b9b7ba0 R08: 00000000000000a0 R09: 0000000a0a5cacff
[  225.722319][   T34] R10: 00007f3e2b9b7ac0 R11: 0000000000000246 R12: 000000000000febf
[  225.722327][   T34] R13: 00007f3e2b9b6080 R14: ffffffffffffffff R15: 00007ffe0a5cab20
[  225.722365][   T34]  </TASK>
[  225.722371][   T34] INFO: task syz.0.339:6702 blocked for more than 143 seconds.
[  225.722379][   T34]       Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0
[  225.722386][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  225.722392][   T34] task:syz.0.339       state:D stack:24264 pid:6702  tgid:6702  ppid:5835   task_flags:0x400040 flags:0x00004004
[  225.722416][   T34] Call Trace:
[  225.722422][   T34]  <TASK>
[  225.722435][   T34]  __schedule+0x16f5/0x4d00
[  225.722464][   T34]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  225.722496][   T34]  ? schedule+0x165/0x360
[  225.722519][   T34]  ? __pfx___schedule+0x10/0x10
[  225.722563][   T34]  ? schedule+0x91/0x360
[  225.722585][   T34]  schedule+0x165/0x360
[  225.722605][   T34]  schedule_preempt_disabled+0x13/0x30
[  225.722617][   T34]  __mutex_lock+0x724/0xe80
[  225.722635][   T34]  ? __mutex_lock+0x51b/0xe80
[  225.722662][   T34]  ? tracepoint_probe_unregister+0x30/0x9b0
[  225.722684][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  225.722700][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  225.722737][   T34]  ? __local_bh_enable_ip+0x12d/0x1c0
[  225.722752][   T34]  ? __pfx___bpf_trace_contention_end+0x10/0x10
[  225.722768][   T34]  tracepoint_probe_unregister+0x30/0x9b0
[  225.722785][   T34]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  225.722797][   T34]  ? __pfx_bpf_link_release+0x10/0x10
[  225.722816][   T34]  ? __pfx_bpf_link_release+0x10/0x10
[  225.722834][   T34]  bpf_raw_tp_link_release+0x43/0x70
[  225.722852][   T34]  bpf_link_free+0xed/0x330
[  225.722871][   T34]  ? __pfx_bpf_link_release+0x10/0x10
[  225.722889][   T34]  bpf_link_release+0x6b/0x80
[  225.722906][   T34]  __fput+0x44c/0xa70
[  225.722942][   T34]  task_work_run+0x1d4/0x260
[  225.722965][   T34]  ? __pfx_task_work_run+0x10/0x10
[  225.723013][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  225.723034][   T34]  exit_to_user_mode_loop+0xec/0x110
[  225.723049][   T34]  do_syscall_64+0x2bd/0x3b0
[  225.723066][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.723076][   T34]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  225.723096][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.723107][   T34] RIP: 0033:0x7fc57f18e9a9
[  225.723118][   T34] RSP: 002b:00007ffc71c14048 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  225.723132][   T34] RAX: 0000000000000000 RBX: 00007fc57f3b7ba0 RCX: 00007fc57f18e9a9
[  225.723140][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  225.723147][   T34] RBP: 00007fc57f3b7ba0 R08: 00000000000001e4 R09: 0000001a71c1433f
[  225.723155][   T34] R10: 00007fc57f3b7ac0 R11: 0000000000000246 R12: 000000000000ff7f
[  225.723163][   T34] R13: 00007fc57f3b6240 R14: ffffffffffffffff R15: 00007ffc71c14160
[  225.723201][   T34]  </TASK>
[  225.723207][   T34] INFO: task syz.1.343:6712 blocked for more than 143 seconds.
[  225.723215][   T34]       Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0
[  225.723222][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  225.723228][   T34] task:syz.1.343       state:D stack:26056 pid:6712  tgid:6712  ppid:5828   task_flags:0x400040 flags:0x00004004
[  225.723254][   T34] Call Trace:
[  225.723260][   T34]  <TASK>
[  225.723279][   T34]  __schedule+0x16f5/0x4d00
[  225.723310][   T34]  ? perf_trace_run_bpf_submit+0x100/0x170
[  225.723338][   T34]  ? schedule+0x165/0x360
[  225.723361][   T34]  ? __pfx___schedule+0x10/0x10
[  225.723389][   T34]  ? schedule+0x91/0x360
[  225.723415][   T34]  ? schedule+0x91/0x360
[  225.723437][   T34]  schedule+0x165/0x360
[  225.723456][   T34]  synchronize_rcu_expedited+0x583/0x730
[  225.723470][   T34]  ? perf_trace_lock+0x2f8/0x3b0
[  225.723491][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  225.723534][   T34]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  225.723550][   T34]  ? __pfx___might_resched+0x10/0x10
[  225.723565][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  225.723606][   T34]  synchronize_rcu+0x11a/0x310
[  225.723621][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  225.723637][   T34]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  225.723670][   T34]  packet_release+0xa05/0xce0
[  225.723696][   T34]  ? __pfx_packet_release+0x10/0x10
[  225.723705][   T34]  ? down_write+0x162/0x1f0
[  225.723733][   T34]  ? __pfx_perf_trace_lock+0x10/0x10
[  225.723756][   T34]  sock_close+0xc3/0x240
[  225.723775][   T34]  ? __pfx_sock_close+0x10/0x10
[  225.723791][   T34]  __fput+0x44c/0xa70
[  225.723832][   T34]  task_work_run+0x1d4/0x260
[  225.723856][   T34]  ? __pfx_task_work_run+0x10/0x10
[  225.723883][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  225.723903][   T34]  exit_to_user_mode_loop+0xec/0x110
[  225.723917][   T34]  do_syscall_64+0x2bd/0x3b0
[  225.723931][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.723945][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.723956][   T34]  ? exc_page_fault+0x9f/0xf0
[  225.723995][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.724008][   T34] RIP: 0033:0x7fc0d078e9a9
[  225.724020][   T34] RSP: 002b:00007ffd54d87518 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  225.724033][   T34] RAX: 0000000000000000 RBX: 000000000000fdab RCX: 00007fc0d078e9a9
[  225.724041][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  225.724048][   T34] RBP: 00007fc0d09b7ba0 R08: 0000000000000001 R09: 0000000254d8780f
[  225.724056][   T34] R10: 00007fc0d0600000 R11: 0000000000000246 R12: 00007fc0d09b5fac
[  225.724064][   T34] R13: 00007fc0d09b5fa0 R14: ffffffffffffffff R15: 00007ffd54d87630
[  225.724102][   T34]  </TASK>
[  225.724116][   T34] 
[  225.724116][   T34] Showing all locks held in the system:
[  225.724124][   T34] 2 locks held by rcu_tasks_trace/32:
[  225.724132][   T34]  #0: ffffffff8e13fdd0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{4:4}, at: rcu_tasks_one_gp+0xaf9/0xdf0
[  225.724172][   T34]  #1: ffffffff8e144bb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  225.724211][   T34] 1 lock held by khungtaskd/34:
[  225.724218][   T34]  #0: ffffffff8e13f0a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  225.724262][   T34] 4 locks held by kworker/u11:0/54:
[  225.724269][   T34]  #0: ffff888043c26148 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.724311][   T34]  #1: ffffc900007cfbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.724347][   T34]  #2: ffff8881106b00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  225.724386][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  225.724440][   T34] 3 locks held by kworker/1:2/5213:
[  225.724447][   T34]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.724488][   T34]  #1: ffffc90007947bc0 ((work_completion)(&fw_work->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.724524][   T34]  #2: ffffffff8dfe4850 (umhelper_sem){++++}-{4:4}, at: usermodehelper_read_lock_wait+0xff/0x210
[  225.724562][   T34] 5 locks held by kworker/u11:1/5220:
[  225.724569][   T34]  #0: ffff888020837148 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.724605][   T34]  #1: ffffc900077a7bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.724641][   T34]  #2: ffff888029d0cdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  225.724678][   T34]  #3: ffff888029d0c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  225.724718][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  225.724754][   T34] 2 locks held by getty/5658:
[  225.724761][   T34]  #0: ffff8880232d20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  225.724796][   T34]  #1: ffffc900029062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  225.724835][   T34] 4 locks held by kworker/u11:2/5831:
[  225.724842][   T34]  #0: ffff888030b03148 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.724886][   T34]  #1: ffffc9000381fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.724922][   T34]  #2: ffff888105a900b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  225.724959][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  225.725021][   T34] 3 locks held by kworker/u8:3/5855:
[  225.725029][   T34]  #0: ffff8881066fe948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.725065][   T34]  #1: ffffc9000387fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.725102][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  225.725140][   T34] 3 locks held by kworker/u9:12/5992:
[  225.725147][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.725183][   T34]  #1: ffffc90004de7bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.725220][   T34]  #2: ffff8881107a0768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x460
[  225.725262][   T34] 3 locks held by kworker/u9:13/5995:
[  225.725269][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.725306][   T34]  #1: ffffc90004e17bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.725344][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  225.725382][   T34] 1 lock held by syz.2.336/6694:
[  225.725389][   T34]  #0: ffffffff8e193d68 (tracepoints_mutex){+.+.}-{4:4}, at: tracepoint_probe_unregister+0x30/0x9b0
[  225.725429][   T34] 1 lock held by syz.0.339/6702:
[  225.725435][   T34]  #0: ffffffff8e193d68 (tracepoints_mutex){+.+.}-{4:4}, at: tracepoint_probe_unregister+0x30/0x9b0
[  225.725475][   T34] 5 locks held by syz.0.339/6707:
[  225.725487][   T34] 2 locks held by syz.1.343/6712:
[  225.725494][   T34]  #0: ffff888103432008 (&sb->s_type->i_mutex_key#11){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  225.725536][   T34]  #1: ffffffff8e144bb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  225.725574][   T34] 2 locks held by syz-executor/6718:
[  225.725581][   T34]  #0: ffffffff8ecb14c0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  225.725621][   T34]  #1: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  225.725660][   T34] 1 lock held by syz-executor/6719:
[  225.725667][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  225.725706][   T34] 2 locks held by syz-executor/6722:
[  225.725713][   T34]  #0: ffffffff8eca43a0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  225.725753][   T34]  #1: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  225.725792][   T34] 5 locks held by kworker/u11:3/6725:
[  225.725799][   T34]  #0: ffff88802c809948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.725836][   T34]  #1: ffffc90004dbfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.725872][   T34]  #2: ffff88810ca88dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  225.725909][   T34]  #3: ffff88810ca880b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  225.725948][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  225.726004][   T34] 6 locks held by kworker/u11:4/6726:
[  225.726011][   T34]  #0: ffff888023f12148 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.726048][   T34]  #1: ffffc90004d97bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.726084][   T34]  #2: ffff888107e18dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  225.726121][   T34]  #3: ffff888107e180b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  225.726160][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  225.726195][   T34]  #5: ffff888020833b38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  225.726236][   T34] 5 locks held by kworker/u11:5/6727:
[  225.726243][   T34]  #0: ffff88802b3c2148 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.726279][   T34]  #1: ffffc90004d6fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.726318][   T34]  #2: ffff88802ade4dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  225.726356][   T34]  #3: ffff88802ade40b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  225.726396][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  225.726432][   T34] 1 lock held by dhcpcd/6739:
[  225.726439][   T34]  #0: ffff888036a72258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  225.726476][   T34] 1 lock held by dhcpcd/6740:
[  225.726489][   T34]  #0: ffff888036d96258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  225.726526][   T34] 1 lock held by dhcpcd/6741:
[  225.726533][   T34]  #0: ffff888036cfe258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  225.726570][   T34] 1 lock held by dhcpcd/6742:
[  225.726577][   T34]  #0: ffff888036dc6258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  225.726614][   T34] 1 lock held by dhcpcd/6743:
[  225.726621][   T34]  #0: ffff8880320e2258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  225.726658][   T34] 1 lock held by dhcpcd/6744:
[  225.726665][   T34]  #0: ffff888108cca258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  225.726701][   T34] 1 lock held by syz-executor/6748:
[  225.726708][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  225.726746][   T34] 1 lock held by syz-executor/6749:
[  225.726752][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  225.726790][   T34] 1 lock held by syz-executor/6755:
[  225.726796][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  225.726834][   T34] 2 locks held by kworker/0:4/6757:
[  225.726840][   T34]  #0: ffff88801a482148 ((wq_completion)events_freezable_pwr_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.726877][   T34]  #1: ffffc9000330fbc0 ((work_completion)(&(&ev->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.726915][   T34] 1 lock held by syz-executor/6761:
[  225.726921][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  225.726958][   T34] 1 lock held by syz-executor/6765:
[  225.726965][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  225.727024][   T34] 5 locks held by kworker/u11:6/6766:
[  225.727031][   T34]  #0: ffff888105a4a948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.727068][   T34]  #1: ffffc900032bfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.727104][   T34]  #2: ffff888107d50dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  225.727140][   T34]  #3: ffff888107d500b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  225.727179][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  225.727214][   T34] 1 lock held by syz-executor/6768:
[  225.727221][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  225.727258][   T34] 4 locks held by kworker/u11:7/6769:
[  225.727265][   T34]  #0: ffff888023283948 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.727306][   T34]  #1: ffffc900032afbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.727342][   T34]  #2: ffff888122d580b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  225.727381][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  225.727419][   T34] 5 locks held by kworker/u11:8/6771:
[  225.727425][   T34]  #0: ffff88802c80d148 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  225.727461][   T34]  #1: ffffc9000328fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  225.727502][   T34]  #2: ffff888107d54dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  225.727539][   T34]  #3: ffff888107d540b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  225.727578][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  225.727615][   T34] 
[  225.727620][   T34] =============================================
[  225.727620][   T34] 
[  225.727627][   T34] NMI backtrace for cpu 0
[  225.727632][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[  225.727641][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  225.727644][   T34] Call Trace:
[  225.727649][   T34]  <TASK>
[  225.727653][   T34]  dump_stack_lvl+0x189/0x250
[  225.727670][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.727682][   T34]  ? __pfx__printk+0x10/0x10
[  225.727699][   T34]  ? perf_trace_lock+0x2f8/0x3b0
[  225.727723][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  225.727739][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  225.727746][   T34]  ? _printk+0xcf/0x120
[  225.727768][   T34]  ? __pfx__printk+0x10/0x10
[  225.727784][   T34]  ? debug_show_all_locks+0x2e/0x180
[  225.727792][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  225.727805][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  225.727820][   T34]  watchdog+0xfee/0x1030
[  225.727838][   T34]  ? watchdog+0x1de/0x1030
[  225.727866][   T34]  kthread+0x711/0x8a0
[  225.727885][   T34]  ? __pfx_watchdog+0x10/0x10
[  225.727898][   T34]  ? __pfx_kthread+0x10/0x10
[  225.727915][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  225.727925][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.727934][   T34]  ? __pfx_kthread+0x10/0x10
[  225.727949][   T34]  ret_from_fork+0x3fc/0x770
[  225.727964][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  225.728005][   T34]  ? __switch_to_asm+0x39/0x70
[  225.728016][   T34]  ? __switch_to_asm+0x33/0x70
[  225.728025][   T34]  ? __pfx_kthread+0x10/0x10
[  225.728041][   T34]  ret_from_fork_asm+0x1a/0x30
[  225.728078][   T34]  </TASK>
[  225.728082][   T34] Sending NMI from CPU 0 to CPUs 1:
[  225.728133][    C1] NMI backtrace for cpu 1
[  225.728143][    C1] CPU: 1 UID: 0 PID: 6707 Comm: syz.0.339 Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[  225.728151][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  225.728155][    C1] RIP: 0010:native_apic_msr_eoi+0xf/0x20
[  225.728168][    C1] Code: f8 c3 cc cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa b9 0b 08 00 00 31 c0 31 d2 0f 30 <e9> 8c 14 00 0a cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90
[  225.728173][    C1] RSP: 0018:ffffc900001e01f0 EFLAGS: 00000046
[  225.728180][    C1] RAX: 0000000000000000 RBX: ffffc900001e0238 RCX: 000000000000080b
[  225.728185][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  225.728188][    C1] RBP: 0000000000000000 R08: ffff888136623b0f R09: 1ffff11026cc4761
[  225.728193][    C1] R10: dffffc0000000000 R11: ffffed1026cc4762 R12: dffffc0000000000
[  225.728197][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  225.728201][    C1] FS:  00007fc58007a6c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  225.728206][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  225.728211][    C1] CR2: 00007fc0d1598fc8 CR3: 0000000029690000 CR4: 00000000000006f0
[  225.728236][    C1] Call Trace:
[  225.728242][    C1]  <IRQ>
[  225.728245][    C1]  __sysvec_apic_timer_interrupt+0x45/0x410
[  225.728259][    C1]  sysvec_apic_timer_interrupt+0x52/0xc0
[  225.728269][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  225.728276][    C1] RIP: 0010:rcu_read_unlock_special+0x87/0x4c0
[  225.728287][    C1] Code: f1 f1 f1 00 f2 f2 f2 4a 89 04 2b 66 42 c7 44 2b 09 f3 f3 42 c6 44 2b 0b f3 65 44 8b 35 92 37 f8 10 41 f7 c6 00 00 f0 00 74 49 <48> c7 44 24 40 0e 36 e0 45 4a c7 04 2b 00 00 00 00 66 42 c7 44 2b
[  225.728296][    C1] RSP: 0018:ffffc900001e02e0 EFLAGS: 00000206
[  225.728301][    C1] RAX: 6faa8fe60ef9d400 RBX: 1ffff9200003c064 RCX: 6faa8fe60ef9d400
[  225.728306][    C1] RDX: 0000000000000002 RSI: ffffffff8d99873a RDI: ffffffff8be29f80
[  225.728310][    C1] RBP: ffffc900001e03d8 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  225.728314][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffffffff8e144400
[  225.728319][    C1] R13: dffffc0000000000 R14: 0000000000000246 R15: 0000000000000002
[  225.728344][    C1]  ? __pfx_perf_trace_lock+0x10/0x10
[  225.728358][    C1]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  225.728372][    C1]  ? unwind_next_frame+0xa5/0x2390
[  225.728392][    C1]  __rcu_read_unlock+0x84/0xe0
[  225.728404][    C1]  ? unwind_next_frame+0xa5/0x2390
[  225.728411][    C1]  unwind_next_frame+0x19ae/0x2390
[  225.728426][    C1]  ? unwind_next_frame+0xa5/0x2390
[  225.728436][    C1]  ? handle_softirqs+0x286/0x870
[  225.728450][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  225.728460][    C1]  arch_stack_walk+0x11c/0x150
[  225.728476][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  225.728490][    C1]  stack_trace_save+0x9c/0xe0
[  225.728500][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  225.728522][    C1]  save_stack+0xf5/0x1f0
[  225.728531][    C1]  ? __pfx_perf_trace_lock+0x10/0x10
[  225.728540][    C1]  ? __pfx_save_stack+0x10/0x10
[  225.728547][    C1]  ? __free_frozen_pages+0xc71/0xe70
[  225.728554][    C1]  ? __folio_put+0x21b/0x2c0
[  225.728561][    C1]  ? skb_release_data+0x49a/0x7c0
[  225.728568][    C1]  ? __kfree_skb+0x55/0x70
[  225.728574][    C1]  ? tcp_write_queue_purge+0x143/0x2f0
[  225.728583][    C1]  ? tcp_done_with_error+0x43/0xd0
[  225.728591][    C1]  ? tcp_retransmit_timer+0x1d16/0x3370
[  225.728599][    C1]  ? tcp_write_timer+0x162/0x2e0
[  225.728607][    C1]  ? call_timer_fn+0x17e/0x5f0
[  225.728613][    C1]  ? __run_timer_base+0x61a/0x860
[  225.728621][    C1]  ? run_timer_softirq+0xb7/0x180
[  225.728630][    C1]  ? handle_softirqs+0x286/0x870
[  225.728653][    C1]  __reset_page_owner+0x71/0x1f0
[  225.728665][    C1]  __free_frozen_pages+0xc71/0xe70
[  225.728685][    C1]  __folio_put+0x21b/0x2c0
[  225.728697][    C1]  ? __pfx___folio_put+0x10/0x10
[  225.728720][    C1]  skb_release_data+0x49a/0x7c0
[  225.728741][    C1]  __kfree_skb+0x55/0x70
[  225.728749][    C1]  tcp_write_queue_purge+0x143/0x2f0
[  225.728769][    C1]  tcp_done_with_error+0x43/0xd0
[  225.728781][    C1]  tcp_retransmit_timer+0x1d16/0x3370
[  225.728806][    C1]  ? __pfx_tcp_retransmit_timer+0x10/0x10
[  225.728818][    C1]  ? kvm_clock_get_cycles+0x47/0x60
[  225.728829][    C1]  ? ktime_get+0x1cb/0x1f0
[  225.728845][    C1]  ? tcp_write_timer_handler+0x33c/0x9b0
[  225.728863][    C1]  tcp_write_timer+0x162/0x2e0
[  225.728877][    C1]  call_timer_fn+0x17e/0x5f0
[  225.728884][    C1]  ? __pfx_tcp_write_timer+0x10/0x10
[  225.728892][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.728899][    C1]  ? call_timer_fn+0xbe/0x5f0
[  225.728906][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  225.728928][    C1]  ? __pfx_tcp_write_timer+0x10/0x10
[  225.728940][    C1]  __run_timer_base+0x61a/0x860
[  225.728949][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  225.729009][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  225.729041][    C1]  run_timer_softirq+0xb7/0x180
[  225.729053][    C1]  handle_softirqs+0x286/0x870
[  225.729066][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  225.729082][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  225.729089][    C1]  ? irq_work_single+0x1ac/0x240
[  225.729101][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  225.729115][    C1]  __irq_exit_rcu+0xca/0x1f0
[  225.729124][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  225.729138][    C1]  ? rcu_is_watching+0x15/0xb0
[  225.729149][    C1]  irq_exit_rcu+0x9/0x30
[  225.729156][    C1]  sysvec_irq_work+0xa3/0xc0
[  225.729164][    C1]  </IRQ>
[  225.729166][    C1]  <TASK>
[  225.729170][    C1]  asm_sysvec_irq_work+0x1a/0x20
[  225.729177][    C1] RIP: 0010:console_flush_all+0x7f7/0xc40
[  225.729186][    C1] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 ea 0a 82 00 48 8b 1b 48 8b 44 24
[  225.729191][    C1] RSP: 0018:ffffc90008ed6d40 EFLAGS: 00000287
[  225.729196][    C1] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  225.729201][    C1] RDX: ffffc90022ae7000 RSI: 0000000000001d5e RDI: 0000000000001d5f
[  225.729205][    C1] RBP: ffffc90008ed6e90 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  225.729209][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  225.729214][    C1] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  225.729243][    C1]  ? console_flush_all+0x13a/0xc40
[  225.729260][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  225.729283][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  225.729302][    C1]  console_unlock+0xc4/0x270
[  225.729316][    C1]  ? __pfx_console_unlock+0x10/0x10
[  225.729330][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  225.729345][    C1]  vprintk_emit+0x5b7/0x7a0
[  225.729358][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  225.729365][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  225.729375][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  225.729403][    C1]  _printk+0xcf/0x120
[  225.729414][    C1]  ? __pfx____ratelimit+0x10/0x10
[  225.729428][    C1]  ? __pfx__printk+0x10/0x10
[  225.729435][    C1]  ? trace_call_bpf+0xb7/0x850
[  225.729458][    C1]  __nla_validate_parse+0x2563/0x2d40
[  225.729470][    C1]  ? __sock_sendmsg+0x21c/0x270
[  225.729478][    C1]  ? ____sys_sendmsg+0x505/0x830
[  225.729484][    C1]  ? ___sys_sendmsg+0x21f/0x2a0
[  225.729490][    C1]  ? __x64_sys_sendmsg+0x19b/0x260
[  225.729517][    C1]  ? __pfx___nla_validate_parse+0x10/0x10
[  225.729561][    C1]  __nla_parse+0x40/0x60
[  225.729577][    C1]  genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  225.729597][    C1]  genl_family_rcv_msg_doit+0xb8/0x300
[  225.729615][    C1]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  225.729627][    C1]  ? rcu_is_watching+0x15/0xb0
[  225.729639][    C1]  ? apparmor_capable+0x137/0x1b0
[  225.729650][    C1]  ? bpf_lsm_capable+0x9/0x20
[  225.729657][    C1]  ? security_capable+0x7e/0x2e0
[  225.729676][    C1]  genl_rcv_msg+0x60e/0x790
[  225.729693][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  225.729703][    C1]  ? __pfx_ovs_dp_cmd_set+0x10/0x10
[  225.729714][    C1]  ? irqentry_exit+0x74/0x90
[  225.729723][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.729743][    C1]  netlink_rcv_skb+0x208/0x470
[  225.729753][    C1]  ? __pfx_genl_rcv_msg+0x10/0x10
[  225.729765][    C1]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  225.729793][    C1]  ? down_read+0x1ad/0x2e0
[  225.729807][    C1]  genl_rcv+0x28/0x40
[  225.729815][    C1]  netlink_unicast+0x75c/0x8e0
[  225.729840][    C1]  netlink_sendmsg+0x805/0xb30
[  225.729859][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.729869][    C1]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  225.729878][    C1]  ? aa_sock_msg_perm+0x94/0x160
[  225.729890][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  225.729899][    C1]  ? __pfx_netlink_sendmsg+0x10/0x10
[  225.729909][    C1]  __sock_sendmsg+0x21c/0x270
[  225.729924][    C1]  ____sys_sendmsg+0x505/0x830
[  225.729940][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  225.729960][    C1]  ? import_iovec+0x74/0xa0
[  225.729973][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  225.730006][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  225.730039][    C1]  ? __fget_files+0x2a/0x420
[  225.730062][    C1]  ? __fget_files+0x2a/0x420
[  225.730070][    C1]  ? __fget_files+0x3a0/0x420
[  225.730091][    C1]  __x64_sys_sendmsg+0x19b/0x260
[  225.730103][    C1]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  225.730140][    C1]  do_syscall_64+0xfa/0x3b0
[  225.730152][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.730158][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  225.730170][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.730177][    C1] RIP: 0033:0x7fc57f18e9a9
[  225.730186][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.730190][    C1] RSP: 002b:00007fc58007a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  225.730197][    C1] RAX: ffffffffffffffda RBX: 00007fc57f3b6160 RCX: 00007fc57f18e9a9
[  225.730202][    C1] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000c
[  225.730205][    C1] RBP: 00007fc57f210d69 R08: 0000000000000000 R09: 0000000000000000
[  225.730209][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  225.730213][    C1] R13: 0000000000000000 R14: 00007fc57f3b6160 R15: 00007ffc71c13ee8
[  225.730236][    C1]  </TASK>
[  225.756639][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  225.756651][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[  225.756661][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  225.756666][   T34] Call Trace:
[  225.756672][   T34]  <TASK>
[  225.756678][   T34]  dump_stack_lvl+0x99/0x250
[  225.756694][   T34]  ? __asan_memcpy+0x40/0x70
[  225.756710][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.756722][   T34]  ? __pfx__printk+0x10/0x10
[  225.756759][   T34]  panic+0x2db/0x790
[  225.756781][   T34]  ? __pfx_panic+0x10/0x10
[  225.756792][   T34]  ? __pfx_delay_tsc+0x10/0x10
[  225.756800][   T34]  ? nmi_backtrace_stall_check+0x433/0x440
[  225.756819][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  225.756835][   T34]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  225.756858][   T34]  watchdog+0x102d/0x1030
[  225.756877][   T34]  ? watchdog+0x1de/0x1030
[  225.756907][   T34]  kthread+0x711/0x8a0
[  225.756927][   T34]  ? __pfx_watchdog+0x10/0x10
[  225.756940][   T34]  ? __pfx_kthread+0x10/0x10
[  225.756958][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  225.756970][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.757000][   T34]  ? __pfx_kthread+0x10/0x10
[  225.757017][   T34]  ret_from_fork+0x3fc/0x770
[  225.757034][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  225.757056][   T34]  ? __switch_to_asm+0x39/0x70
[  225.757066][   T34]  ? __switch_to_asm+0x33/0x70
[  225.757076][   T34]  ? __pfx_kthread+0x10/0x10
[  225.757092][   T34]  ret_from_fork_asm+0x1a/0x30
[  225.757131][   T34]  </TASK>
[  225.757861][   T34] Kernel Offset: disabled

VM DIAGNOSIS:
09:48:21  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000065 RBX=0000000000000065 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000068f7b0
R8 =ffff888020cc8237 R9 =1ffff11004199046 R10=dffffc0000000000 R11=ffffffff85471fa0
R12=dffffc0000000000 R13=ffffffff99af58b8 R14=ffffffff99dfa1e0 R15=0000000000000000
RIP=ffffffff8547201c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000056412bbdde08 CR3=0000000021cae000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 000000ff00000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff81680ea6 RBX=0000000000000000 RCX=ffff88801fef1cc0 RDX=0000000000010100
RSI=0000000000000008 RDI=ffffffff92a52460 RBP=ffffc900001e0208 RSP=ffffc900001e0180
R8 =ffffffff92a52467 R9 =1ffffffff254a48c R10=dffffc0000000000 R11=fffffbfff254a48d
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81680ea7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc58007a6c0 ffffffff 00c00000
GS =0000 ffff8881a3c1f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fc0d1598fc8 CR3=0000000029690000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f3e2b986478 00007f3e2b986450 XMM03=00007f3e2b986488 00007f3e2b986480
XMM04=00007f3e2c4ed100 00007f3e2b986440 XMM05=00007f3e2b986458 00007f3e2b9864a0
XMM06=00007f3e2b986498 00007f3e2b986490 XMM07=00007f3e2b986488 00007f3e2b986480
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f3e2b811ec1
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
