last executing test programs:

17.172881821s ago: executing program 2 (id=68):
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r0, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x18)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="85000000070000006a0a00ff000000220c00000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="0000002100000000050000000000000095c333d4c0a3ecdd69086b8e4c36439a8808b90ea579cdf8bd475a470064827701f4169ebebecb5bba94f06f020fb64e5594a86f5f00000000000008c7533dc98a94008d7d2a7d2c23bc3f4cc1992aebd29fd21e95b3c7c49de340c24cb6ba1a33740825c424ecd87a3b02ae7840be900964b6948074a8f2ed867fd6601b0ca02215f4c2a5157135575fa1903abe92246853cb7cb868a3b2524a92bfa8aaeaf3ff3f08fb97ec0c126bfea903ef567bdf48aecb23342c8102732b7257f65b1f7d82adec836fd77d2f5c6e6c18ae428531d9e4d906b0a19827bffab9ced1e24e8f063d44fb76dd59e75486"], &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e}, 0x2d)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@ifindex, r4, 0x11, 0x0, 0x0, @void, @value=r3}, 0x20)

17.032916016s ago: executing program 2 (id=71):
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x5452, &(0x7f00000006c0)='\x02;\xe5\b\x00\x1c\x9c\x00\x00\x00\x00\x00\x00\x91\xecB\xdcZ\xe5\xbd$\x05\x90\xa9\xf3\xc7\xcb\xb7\xf0\xa1;#\x989\xe9\x12\xdf^6T\xdf\xcd\x02\xc5\xb0\xba\x12\'QXp\t\xfc\xf3\x01\x02\xbc\xbf\xc0\xf0\x10\xee\xd3\\yy\xa4\xf9\xe8\x00\xdd\xe97 0_\xe4]W\xf7~\xacVK\xc9t\x9e+:\x85\xef\x94\x0e\x19\x9cV[N.\xeb\x9fJ>\xd9\x99\x88\xd8\xdd\xb8Y\xc3$\xc6\x93\v\x04REY\xf4\xea\xf2\xcd\xcd.\x16\x861\xa1\v\x8d\x8e\x84R\xa6\x83\x84\xc0\x01e\xc3\xc8\xcc?\xc8?\x19\xb2\xa2\xe1\xac<\xe9f\x11\xff3\xc7\x19\x9e\x19\xf5-\xfe\xbd\xae\xbbR\x82\x16\xf9\x15S\x03U\xe0\xd8t\xe3%96')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c0000000400000000"], 0x0, 0x58, 0x0, 0xa}, 0x28)

16.973174126s ago: executing program 2 (id=74):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796efea77aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece72f2090000f44a3210223fdae7ed04935c3c90941576aebc8619d73415cda2130f5011e4845505000001000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bf463261135e24d154114df1381b02a0dcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f884cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9a33c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac00000b0000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293d5c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f257aac5af18d8c6b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b79990565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353fad794b46c4fd73e1b4cc78de2156cb158870d5b8446dae9ba5f7f244e6cf8f6791671057347208a313ebbcb72b04706005670f2b0055e440d72c7c3316982c6ebe8675458cf6bb393b007f5cedb7bc411834600000000000000000000000000a20071b07d568a8150ed646b4978d0226d9651647a5999ae7c7c85322a215fcdb1adbad63499518fe0d10145d430422c78367dfa941f74b63f3884565ac89c673da2c2b1172be5f2cd1f3f453ebddd432bd24c73fa773b739e20fcec16a821230654a383ac1868495f67d942c772ca75e09073dbe9307ff5cac7c2c411149a4d989a8a019e068da218d4bc34e4102fd2f97397331e4cd70b4915582b635f07ca87f00dc929f902540f565c20add8675b79e005cf0277d954697317b907b77fa5d6b7feaebaf676a2a37de8aa70748fee4bc198ffd3e2de11eb0eff896fd94de0805ba6b1054a7b3e300d4581e9af62a1ecaee96d2819b3d192e5b9561eb622da25450f586be14017a1cf74f89a1dd18af004decfe266134c3d036ae7996931fe6008a73ed34c35f0da4ffee1fe63bc1af6ef1b4731d50b8ceb582a1e9c6e8d97f8290cc105754f592d16ccdb1df8636d7ca5e372cea97dd0f005cc7092b126dd46758917fb0d94b8483d403bd451429cc1660f0b5a529d8134dc2702f6d8e2f943d98fbe50a3ba653f13f98a00fcbf311f9758ade8e4eb87b4b9fb2d387f5d8c4bdcab2fff9ed8c9de961fd831a070381c8020352fea7c334b2959ddd956701a7ea415e224a81c9fa1ebbabe74f7743e09b6c8b72650b51d5c2000ef3679c039b3604374fc1af7ab354204afbd24f0e701bc08a98452ce2668617e85e0d876f5a8b6d9b777f1c384d8a9883e4262defb6b9aab8d5b76bc91ca50f87966797da2499ca0ac76707c0408a7b6d8708fe7714988babdc11f"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x88, 0x67, &(0x7f00000002c0)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e1f, @multicast2}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000100)="00446916ab", 0x5}], 0x1, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast2}}}], 0x20}, 0x0)

16.922829713s ago: executing program 2 (id=76):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2141, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000240), 0x4)

16.862363944s ago: executing program 2 (id=80):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x98}, [@ldst={0x6, 0x0, 0x6}]}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7ff0, 0x82, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2d, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000700)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x80001000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x9, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x9376745f1d148471, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x7606}, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300))
ioctl$SIOCSIFHWADDR(r3, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, 0x0, &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x12)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

16.729828751s ago: executing program 0 (id=82):
r0 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f00000006c0)={0x0, 0xffffffffffffff16, 0x0}, 0x44080)
sendmsg$inet(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000e80)='\a', 0x1}], 0x1}, 0x800)
sendmsg(r0, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003140)=[{&(0x7f0000002d80)="0f", 0x1}, {0x0, 0x2}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0, 0x4d}, {0x0}], 0x9}, 0x0)

16.008194966s ago: executing program 0 (id=83):
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00')
ioctl$TUNSETFILTEREBPF(r0, 0xb704, 0x0)

16.007792272s ago: executing program 0 (id=84):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffd}, 0x0, 0x1, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0)}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000480)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x29a12cb2b8e2de3c, 0x0, &(0x7f00000010c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000e000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x5, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
socketpair(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x0, 0x91ff, 0x0, 0x6, 0x1ff, 0x3, 0x200, 0x0, 0x0, 0x0, 0x100000004}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='cpuacct.usage_all\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))

15.883568784s ago: executing program 2 (id=87):
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x8, 0x1, 0x0, 0x7e, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7f, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r1, &(0x7f0000000100), 0x2, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000140), 0x2, 0x0)
syz_clone(0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)
write$cgroup_subtree(r4, 0x0, 0x6)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x8)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000100))
r7 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r8 = socket$kcm(0xa, 0x922000000003, 0x11)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x4, @perf_bp={&(0x7f0000000200)}, 0x0, 0x2, 0xfffffffe, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(r8, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r8, &(0x7f0000000000)={&(0x7f0000000cc0)=@l2tp6={0xa, 0x0, 0x1000, @mcast1, 0x7, 0x83}, 0x80, &(0x7f0000000180)=[{0x0}], 0x1}, 0x800)
socket$kcm(0x10, 0x2, 0x10)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x9, r7, 0x0)

15.883412158s ago: executing program 1 (id=88):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f0000000140)=[{0x0}, {&(0x7f0000000c00)="294f28dfe56d2c8ba23606", 0xb}], 0x2}, 0x0)

15.880272168s ago: executing program 0 (id=89):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={0x0, r0}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x18000000000002a0, 0x2, 0x0, &(0x7f0000000040)="b907", 0x0, 0x0, 0x18000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = socket$kcm(0xa, 0x5, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800"/31], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=0x1], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r2})
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8936, &(0x7f0000000000)={r2})

15.782362182s ago: executing program 1 (id=90):
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x4, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x0, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x200}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x15}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

15.713873731s ago: executing program 0 (id=91):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="140000002c000b35d25a806f8c6394f90124fc60", 0x14}], 0x1}, 0x0)

15.532659212s ago: executing program 1 (id=92):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x68, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)

15.532488514s ago: executing program 0 (id=93):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000300000000000000000000001801000020a0702500000000008000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000000400000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41980100, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x94)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={r1, r0, 0x4, r0}, 0x10)

15.433319682s ago: executing program 1 (id=94):
r0 = socket$kcm(0x1e, 0x5, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)

15.433129959s ago: executing program 1 (id=95):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x10, 0x4, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)}, 0x1e)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000157b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000240)={r1, 0xffffffffffffffff, 0x500}, 0x57)

15.326387499s ago: executing program 1 (id=96):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socket$kcm(0xa, 0x5, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x25, 0x0, 0x3, 0xfffffffe}, {}, {0x28, 0x0, 0x1, 0x1}, {0xb1, 0x0, 0x28, 0x8001}, {0x6, 0xfc, 0x5, 0xffffffff}]})

129.978238ms ago: executing program 32 (id=93):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000300000000000000000000001801000020a0702500000000008000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000000400000006000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x41980100, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000140)='GPL\x00'}, 0x94)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000005c0)={r1, r0, 0x4, r0}, 0x10)

72.228126ms ago: executing program 33 (id=96):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
socket$kcm(0xa, 0x5, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x25, 0x0, 0x3, 0xfffffffe}, {}, {0x28, 0x0, 0x1, 0x1}, {0xb1, 0x0, 0x28, 0x8001}, {0x6, 0xfc, 0x5, 0xffffffff}]})

0s ago: executing program 34 (id=87):
r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000580)={0x2, 0x80, 0x8, 0x1, 0x0, 0x7e, 0x0, 0x7ff0, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7f, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r1, &(0x7f0000000100), 0x2, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000140), 0x2, 0x0)
syz_clone(0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)
write$cgroup_subtree(r4, 0x0, 0x6)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x8)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000100))
r7 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r8 = socket$kcm(0xa, 0x922000000003, 0x11)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x4, @perf_bp={&(0x7f0000000200)}, 0x0, 0x2, 0xfffffffe, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(r8, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r8, &(0x7f0000000000)={&(0x7f0000000cc0)=@l2tp6={0xa, 0x0, 0x1000, @mcast1, 0x7, 0x83}, 0x80, &(0x7f0000000180)=[{0x0}], 0x1}, 0x800)
socket$kcm(0x10, 0x2, 0x10)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x9, r7, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:43705' (ED25519) to the list of known hosts.
syzkaller login: [   49.175164][ T5815] cgroup: Unknown subsys name 'net'
[   49.342921][ T5815] cgroup: Unknown subsys name 'cpuset'
[   49.348367][ T5815] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   50.718546][ T5815] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   55.250847][ T5217] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   55.259741][ T5217] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   55.263460][ T5217] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   55.267815][ T5217] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   55.271475][ T5217] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   55.320577][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   55.326159][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   55.341054][ T5829] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   55.345311][ T5829] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   55.349856][ T5829] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   55.353106][ T5829] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   55.356808][ T5829] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   55.360570][ T5829] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   55.380059][ T5834] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   55.383528][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   55.665353][ T5826] chnl_net:caif_netlink_parms(): no params data found
[   55.783933][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   55.821035][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   55.847578][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.850474][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.852952][ T5826] bridge_slave_0: entered allmulticast mode
[   55.855746][ T5826] bridge_slave_0: entered promiscuous mode
[   55.886757][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.889383][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.891786][ T5826] bridge_slave_1: entered allmulticast mode
[   55.894541][ T5826] bridge_slave_1: entered promiscuous mode
[   55.964295][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.967613][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.972587][ T5831] bridge_slave_0: entered allmulticast mode
[   55.976442][ T5831] bridge_slave_0: entered promiscuous mode
[   55.982664][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.985939][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.990661][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.993789][ T5831] bridge_slave_1: entered allmulticast mode
[   55.997679][ T5831] bridge_slave_1: entered promiscuous mode
[   56.015989][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.060364][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.064134][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.067372][ T5833] bridge_slave_0: entered allmulticast mode
[   56.071297][ T5833] bridge_slave_0: entered promiscuous mode
[   56.086318][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.093081][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.096944][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.100078][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.103067][ T5833] bridge_slave_1: entered allmulticast mode
[   56.105752][ T5833] bridge_slave_1: entered promiscuous mode
[   56.117536][ T5826] team0: Port device team_slave_0 added
[   56.140949][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.145226][ T5826] team0: Port device team_slave_1 added
[   56.157481][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   56.177541][ T5831] team0: Port device team_slave_0 added
[   56.190369][ T5833] team0: Port device team_slave_0 added
[   56.202461][ T5831] team0: Port device team_slave_1 added
[   56.206235][ T5833] team0: Port device team_slave_1 added
[   56.210365][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.212691][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.222766][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.253056][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.255387][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.264480][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.284284][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.287224][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.298180][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.317083][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   56.320303][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.331044][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   56.343636][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.346670][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.358218][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.369470][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   56.371792][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.381160][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   56.407497][ T5826] hsr_slave_0: entered promiscuous mode
[   56.409955][ T5826] hsr_slave_1: entered promiscuous mode
[   56.441579][ T5831] hsr_slave_0: entered promiscuous mode
[   56.444817][ T5831] hsr_slave_1: entered promiscuous mode
[   56.447888][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   56.451931][ T5831] Cannot create hsr debugfs directory
[   56.491632][ T5833] hsr_slave_0: entered promiscuous mode
[   56.494129][ T5833] hsr_slave_1: entered promiscuous mode
[   56.496315][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   56.500038][ T5833] Cannot create hsr debugfs directory
[   56.690333][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   56.697836][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   56.711662][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   56.721742][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   56.746833][ T5826] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   56.760355][ T5826] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   56.765117][ T5826] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   56.780033][ T5826] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   56.822696][ T5833] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   56.831570][ T5833] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   56.844848][ T5833] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   56.857796][ T5833] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   56.927612][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.944760][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.954944][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   56.973647][  T909] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.976911][  T909] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.985980][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[   56.993463][  T909] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.996668][  T909] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.005437][  T909] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.008740][  T909] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.022115][  T909] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.024522][  T909] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.036293][ T5831] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   57.040307][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   57.133774][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   57.163540][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   57.169851][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.179691][ T5723] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.182081][ T5723] bridge0: port 1(bridge_slave_0) entered forwarding state
[   57.186002][ T5723] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.188447][ T5723] bridge0: port 2(bridge_slave_1) entered forwarding state
[   57.237951][ T5831] veth0_vlan: entered promiscuous mode
[   57.246935][ T5831] veth1_vlan: entered promiscuous mode
[   57.288115][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.291921][ T5831] veth0_macvtap: entered promiscuous mode
[   57.305678][ T5831] veth1_macvtap: entered promiscuous mode
[   57.312081][ T5217] Bluetooth: hci0: command tx timeout
[   57.343015][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.358513][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.374418][ T5826] veth0_vlan: entered promiscuous mode
[   57.378603][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.393404][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.397170][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.401603][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.405304][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.416920][ T5826] veth1_vlan: entered promiscuous mode
[   57.447927][ T5833] veth0_vlan: entered promiscuous mode
[   57.466264][ T5833] veth1_vlan: entered promiscuous mode
[   57.469148][ T5217] Bluetooth: hci1: command tx timeout
[   57.471366][ T5217] Bluetooth: hci2: command tx timeout
[   57.493042][ T5826] veth0_macvtap: entered promiscuous mode
[   57.498480][ T5826] veth1_macvtap: entered promiscuous mode
[   57.524978][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.527584][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.541354][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.553262][ T5833] veth0_macvtap: entered promiscuous mode
[   57.557858][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.567076][ T5833] veth1_macvtap: entered promiscuous mode
[   57.574008][ T5826] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.576834][ T5826] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.581648][   T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.584365][   T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.586976][ T5826] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.590238][ T5826] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.627050][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.648523][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   57.650434][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.670571][ T5833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.674283][ T5833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.677992][ T5833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.683063][ T5833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.778835][  T909] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.781423][  T909] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.801987][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.804557][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.816733][ T1121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.822068][ T1121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.885065][  T909] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.887733][  T909] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.184469][ T5914] netlink: 'syz.1.10': attribute type 5 has an invalid length.
[   58.259465][ T5919] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.336872][ T5925] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.15'.
[   58.572421][ T5945] bridge0: port 3(ip6gretap0) entered blocking state
[   58.581414][ T5945] bridge0: port 3(ip6gretap0) entered disabled state
[   58.586068][ T5945] ip6gretap0: entered allmulticast mode
[   58.599996][ T5945] ip6gretap0: entered promiscuous mode
[   58.610313][ T5945] bridge0: port 3(ip6gretap0) entered blocking state
[   58.612675][ T5945] bridge0: port 3(ip6gretap0) entered forwarding state
[   59.050830][ T5963] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.389611][ T5834] Bluetooth: hci0: command tx timeout
[   59.550311][ T5834] Bluetooth: hci2: command tx timeout
[   59.552712][ T5834] Bluetooth: hci1: command tx timeout
[   59.705328][ T5984] netlink: 'syz.2.42': attribute type 29 has an invalid length.
[   59.740951][ T5984] netlink: 'syz.2.42': attribute type 29 has an invalid length.
[   59.884396][ T5992] syz.2.45: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   59.890133][ T5992] CPU: 0 UID: 0 PID: 5992 Comm: syz.2.45 Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[   59.890145][ T5992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   59.890149][ T5992] Call Trace:
[   59.890154][ T5992]  <TASK>
[   59.890177][ T5992]  dump_stack_lvl+0x189/0x250
[   59.890194][ T5992]  ? __pfx_dump_stack_lvl+0x10/0x10
[   59.890203][ T5992]  ? __pfx__printk+0x10/0x10
[   59.890216][ T5992]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[   59.890226][ T5992]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[   59.890238][ T5992]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[   59.890249][ T5992]  warn_alloc+0x214/0x310
[   59.890260][ T5992]  ? stack_depot_save_flags+0x429/0x900
[   59.890272][ T5992]  ? __pfx_warn_alloc+0x10/0x10
[   59.890282][ T5992]  ? kasan_save_track+0x4f/0x80
[   59.890293][ T5992]  ? xskq_create+0x56/0x170
[   59.890303][ T5992]  ? xsk_init_queue+0xb0/0x110
[   59.890311][ T5992]  ? xsk_setsockopt+0x4de/0x710
[   59.890318][ T5992]  ? do_sock_setsockopt+0x17c/0x1b0
[   59.890326][ T5992]  ? __x64_sys_setsockopt+0x13f/0x1b0
[   59.890332][ T5992]  ? do_syscall_64+0xfa/0x3b0
[   59.890342][ T5992]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.890353][ T5992]  __vmalloc_node_range_noprof+0x125/0x12f0
[   59.890375][ T5992]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   59.890384][ T5992]  ? xskq_create+0x56/0x170
[   59.890394][ T5992]  ? __kasan_kmalloc+0x93/0xb0
[   59.890403][ T5992]  vmalloc_user_noprof+0xad/0xf0
[   59.890411][ T5992]  ? xskq_create+0xbf/0x170
[   59.890421][ T5992]  xskq_create+0xbf/0x170
[   59.890431][ T5992]  xsk_init_queue+0xb0/0x110
[   59.890441][ T5992]  xsk_setsockopt+0x4de/0x710
[   59.890451][ T5992]  ? __pfx_xsk_setsockopt+0x10/0x10
[   59.890461][ T5992]  ? __fget_files+0x2a/0x420
[   59.890470][ T5992]  ? aa_sock_opt_perm+0x74/0x110
[   59.890480][ T5992]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[   59.890490][ T5992]  ? __pfx_xsk_setsockopt+0x10/0x10
[   59.890499][ T5992]  do_sock_setsockopt+0x17c/0x1b0
[   59.890509][ T5992]  __x64_sys_setsockopt+0x13f/0x1b0
[   59.890520][ T5992]  do_syscall_64+0xfa/0x3b0
[   59.890530][ T5992]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.890537][ T5992]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   59.890546][ T5992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.890553][ T5992] RIP: 0033:0x7efe08d8eb69
[   59.890561][ T5992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.890567][ T5992] RSP: 002b:00007efe09c2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   59.890575][ T5992] RAX: ffffffffffffffda RBX: 00007efe08fb5fa0 RCX: 00007efe08d8eb69
[   59.890580][ T5992] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000006
[   59.890585][ T5992] RBP: 00007efe08e11df1 R08: 0000000000000004 R09: 0000000000000000
[   59.890589][ T5992] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[   59.890593][ T5992] R13: 0000000000000000 R14: 00007efe08fb5fa0 R15: 00007ffedaf4a728
[   59.890606][ T5992]  </TASK>
[   59.890646][ T5992] Mem-Info:
[   59.999439][ T5992] active_anon:5186 inactive_anon:0 isolated_anon:0
[   59.999439][ T5992]  active_file:854 inactive_file:38205 isolated_file:0
[   59.999439][ T5992]  unevictable:1768 dirty:1435 writeback:0
[   59.999439][ T5992]  slab_reclaimable:9018 slab_unreclaimable:52338
[   59.999439][ T5992]  mapped:18119 shmem:2434 pagetables:937
[   59.999439][ T5992]  sec_pagetables:0 bounce:0
[   59.999439][ T5992]  kernel_misc_reclaimable:0
[   59.999439][ T5992]  free:299657 free_pcp:23614 free_cma:0
[   60.014784][ T5992] Node 0 active_anon:11928kB inactive_anon:0kB active_file:2512kB inactive_file:146792kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:38588kB dirty:3492kB writeback:0kB shmem:4708kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2544kB pagetables:1620kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   60.025988][ T5992] Node 1 active_anon:8816kB inactive_anon:0kB active_file:904kB inactive_file:6028kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:33888kB dirty:2248kB writeback:0kB shmem:5028kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8880kB pagetables:2128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   60.036909][ T5992] Node 0 DMA free:15360kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   60.046810][ T5992] lowmem_reserve[]: 0 812 812 812 812
[   60.049015][ T5992] Node 0 DMA32 free:269456kB boost:0kB min:33656kB low:42068kB high:50480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:11928kB inactive_anon:0kB active_file:2512kB inactive_file:146792kB unevictable:3536kB writepending:3492kB present:1556484kB managed:831912kB mlocked:0kB bounce:0kB free_pcp:62108kB local_pcp:41724kB free_cma:0kB
[   60.059871][ T5992] lowmem_reserve[]: 0 0 0 0 0
[   60.061709][ T5992] Node 1 DMA32 free:458616kB boost:0kB min:19192kB low:23988kB high:28784kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   60.073749][ T5992] lowmem_reserve[]: 0 0 854 854 854
[   60.075781][ T5992] Node 1 Normal free:455024kB boost:0kB min:36616kB low:45768kB high:54920kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8816kB inactive_anon:0kB active_file:904kB inactive_file:6028kB unevictable:3536kB writepending:2248kB present:1048576kB managed:875016kB mlocked:0kB bounce:0kB free_pcp:32360kB local_pcp:21348kB free_cma:0kB
[   60.086471][ T5992] lowmem_reserve[]: 0 0 0 0 0
[   60.088404][ T5992] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   60.093464][ T5992] Node 0 DMA32: 7418*4kB (UM) 275*8kB (UM) 147*16kB (UME) 60*32kB (UM) 51*64kB (UME) 43*128kB (UM) 33*256kB (UM) 30*512kB (UM) 20*1024kB (UME) 8*2048kB (U) 40*4096kB (UM) = 269424kB
[   60.100465][ T5992] Node 1 DMA32: 2*4kB (M) 2*8kB (M) 2*16kB (M) 2*32kB (M) 2*64kB (M) 1*128kB (M) 2*256kB (M) 2*512kB (M) 2*1024kB (M) 2*2048kB (M) 110*4096kB (M) = 458616kB
[   60.106840][ T5992] Node 1 Normal: 430*4kB (UE) 403*8kB (U) 432*16kB (U) 111*32kB (UME) 74*64kB (UME) 33*128kB (UME) 26*256kB (UME) 18*512kB (UME) 9*1024kB (UME) 4*2048kB (M) 97*4096kB (M) = 454960kB
[   60.113599][ T5992] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   60.116739][ T5992] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   60.120263][ T5992] 41510 total pagecache pages
[   60.121940][ T5992] 0 pages in swap cache
[   60.123404][ T5992] Free swap  = 124996kB
[   60.124935][ T5992] Total swap = 124996kB
[   60.126404][ T5992] 786301 pages RAM
[   60.127713][ T5992] 0 pages HighMem/MovableOnly
[   60.129511][ T5992] 241075 pages reserved
[   60.131031][ T5992] 0 pages cma reserved
[   60.688204][ T6009] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[   60.692081][ T6009] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[   61.054612][ T6019] netlink: 10 bytes leftover after parsing attributes in process `syz.1.58'.
[   61.292535][ T6030] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   61.469840][ T5834] Bluetooth: hci0: command tx timeout
[   61.629500][ T5834] Bluetooth: hci1: command tx timeout
[   61.631916][ T5217] Bluetooth: hci2: command tx timeout
[   61.749636][    C1] hrtimer: interrupt took 30734 ns
[   61.821392][ T6035] Zero length message leads to an empty skb
[   62.069193][ T6046] netlink: 'syz.2.67': attribute type 21 has an invalid length.
[   62.071733][ T6046] netlink: 156 bytes leftover after parsing attributes in process `syz.2.67'.
[   62.458019][ T6071] netlink: 'syz.1.79': attribute type 4 has an invalid length.
[   62.471198][ T6071] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.79'.
[   62.567859][ T6076] warning: `syz.2.80' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   63.753649][ T5217] Bluetooth: hci0: command tx timeout
[   63.998993][ T5217] Bluetooth: hci1: command tx timeout
[   64.000875][   T54] Bluetooth: hci2: command tx timeout
[   64.674070][ T5834] Bluetooth: hci0: Opcode 0x206a failed: -110
[   65.813374][ T5834] Bluetooth: hci0: command 0x206a tx timeout
[   71.099729][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[   71.101970][ T1360] ieee802154 phy1 wpan1: encryption failed: -22
[   76.214551][    C0] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 11795742031 wd_nsec: 11795742332
[   79.987913][ T5217] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   79.992256][ T5217] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   79.995871][ T5217] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   80.001692][ T5217] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   80.005295][ T5217] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   80.065530][ T5217] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   80.071722][ T5217] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   80.075560][ T5217] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   80.079899][ T5217] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   80.083470][ T5217] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   80.143352][ T5834] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   80.148531][ T5834] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   80.154253][ T5834] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   80.159081][ T5834] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   80.163421][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   81.259134][   T24] cfg80211: failed to load regulatory.db
[   82.108877][ T5217] Bluetooth: hci4: command tx timeout
[   82.111759][ T5217] Bluetooth: hci3: command tx timeout
[   82.189403][ T5834] Bluetooth: hci5: command tx timeout
[   84.188967][ T5217] Bluetooth: hci4: command tx timeout
[   84.192288][ T5834] Bluetooth: hci3: command tx timeout
[   84.268832][ T5834] Bluetooth: hci5: command tx timeout
[   86.268898][ T5217] Bluetooth: hci4: command tx timeout
[   86.271471][ T5834] Bluetooth: hci3: command tx timeout
[   86.351528][ T5217] Bluetooth: hci5: command tx timeout
[   88.688887][ T5217] Bluetooth: hci4: command tx timeout
[   88.691347][ T5217] Bluetooth: hci3: command tx timeout
[   88.693746][ T5217] Bluetooth: hci5: command tx timeout
[  134.809318][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[  134.812033][ T1360] ieee802154 phy1 wpan1: encryption failed: -22
[  140.562432][ T5836] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  140.565446][ T5829] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  140.568312][ T5829] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  140.571910][ T5836] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  140.574993][ T5829] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  140.578290][ T5836] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  140.589270][ T5829] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  140.592080][ T5836] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  140.595203][ T5829] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  140.598392][ T5836] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  140.602385][ T5829] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  140.609064][ T5836] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  140.653168][ T6151] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  140.656960][ T6151] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  140.661144][ T6151] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  142.669303][ T5217] Bluetooth: hci6: command tx timeout
[  142.671869][ T6151] Bluetooth: hci8: command tx timeout
[  142.749016][ T6151] Bluetooth: hci7: command tx timeout
[  144.748908][ T5217] Bluetooth: hci6: command tx timeout
[  144.751759][ T6151] Bluetooth: hci8: command tx timeout
[  145.043701][ T6151] Bluetooth: hci7: command tx timeout
[  146.829004][ T6151] Bluetooth: hci8: command tx timeout
[  146.831091][ T6151] Bluetooth: hci6: command tx timeout
[  147.068858][ T5217] Bluetooth: hci7: command tx timeout
[  148.909070][ T5217] Bluetooth: hci6: command tx timeout
[  148.911464][ T5217] Bluetooth: hci8: command tx timeout
[  149.150674][ T6151] Bluetooth: hci7: command tx timeout
[  180.589727][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  181.869829][ T5217] Bluetooth: hci2: command 0x0406 tx timeout
[  181.872024][   T54] Bluetooth: hci0: command 0x206a tx timeout
[  199.720097][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[  199.722161][ T1360] ieee802154 phy1 wpan1: encryption failed: -22
[  200.914355][ T5836] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  200.918793][ T5836] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  200.921543][ T5836] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  200.924918][ T5836] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  200.927397][ T5836] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  200.932654][ T5217] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  200.935494][ T5217] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  200.938287][ T5217] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  200.942185][ T5217] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  200.944714][ T5217] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  200.989616][ T6164] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  200.992537][ T6164] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  200.995085][ T6164] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  200.997974][ T6164] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  201.000936][ T6164] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  207.471998][ T5836] Bluetooth: hci5: command 0x0406 tx timeout
[  207.474685][ T5836] Bluetooth: hci3: command 0x0406 tx timeout
[  207.477173][ T5836] Bluetooth: hci4: command 0x0406 tx timeout
[  222.029316][   T34] INFO: task syz.2.87:6090 blocked for more than 143 seconds.
[  222.032515][   T34]       Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0
[  222.036317][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  222.043558][   T34] task:syz.2.87        state:D stack:25096 pid:6090  tgid:6090  ppid:5833   task_flags:0x400040 flags:0x00004004
[  222.048413][   T34] Call Trace:
[  222.050246][   T34]  <TASK>
[  222.051498][   T34]  __schedule+0x16f5/0x4d00
[  222.053414][   T34]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  222.055792][   T34]  ? schedule+0x165/0x360
[  222.057640][   T34]  ? __pfx___schedule+0x10/0x10
[  222.062456][   T34]  ? schedule+0x91/0x360
[  222.064319][   T34]  ? schedule+0x91/0x360
[  222.067059][   T34]  schedule+0x165/0x360
[  222.069418][   T34]  schedule_timeout+0x9a/0x270
[  222.071509][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  222.073806][   T34]  ? __wait_for_common+0x3c7/0x710
[  222.076057][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.078245][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.083135][   T34]  __wait_for_common+0x3da/0x710
[  222.085326][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  222.087639][   T34]  ? __pfx___wait_for_common+0x10/0x10
[  222.090434][   T34]  ? __raw_spin_lock_init+0x45/0x100
[  222.092759][   T34]  ? __init_swait_queue_head+0xa9/0x150
[  222.095176][   T34]  wait_for_completion_state+0x1c/0x40
[  222.097530][   T34]  __wait_rcu_gp+0x24c/0x280
[  222.101957][   T34]  synchronize_rcu_tasks_generic+0x132/0x220
[  222.104583][   T34]  ? __pfx_synchronize_rcu_tasks_generic+0x10/0x10
[  222.107320][   T34]  ? rcu_read_lock_any_held+0xb3/0x120
[  222.109955][   T34]  ? __pfx_call_rcu_tasks_trace+0x10/0x10
[  222.112293][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  222.114620][   T34]  perf_trace_event_unreg+0xbe/0x1b0
[  222.116906][   T34]  perf_trace_destroy+0xa4/0x150
[  222.122434][   T34]  ? __pfx_tp_perf_event_destroy+0x10/0x10
[  222.124956][   T34]  __free_event+0x316/0x7b0
[  222.126930][   T34]  ? __pfx_perf_release+0x10/0x10
[  222.131826][   T34]  perf_event_release_kernel+0x45b/0x510
[  222.134286][   T34]  ? __pfx_perf_release+0x10/0x10
[  222.136506][   T34]  perf_release+0x38/0x50
[  222.138483][   T34]  __fput+0x44c/0xa70
[  222.141642][   T34]  task_work_run+0x1d4/0x260
[  222.143223][   T34]  ? __pfx_task_work_run+0x10/0x10
[  222.145036][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  222.146897][   T34]  exit_to_user_mode_loop+0xec/0x110
[  222.150068][   T34]  do_syscall_64+0x2bd/0x3b0
[  222.151681][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.153358][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.155373][   T34]  ? exc_page_fault+0x9f/0xf0
[  222.156909][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.161392][   T34] RIP: 0033:0x7efe08d8eb69
[  222.162902][   T34] RSP: 002b:00007ffedaf4a888 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  222.165620][   T34] RAX: 0000000000000000 RBX: 00007efe08fb7ba0 RCX: 00007efe08d8eb69
[  222.169237][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  222.172579][   T34] RBP: 00007efe08fb7ba0 R08: 0000000000000218 R09: 0000001edaf4ab7f
[  222.176714][   T34] R10: 00007efe08fb7ac0 R11: 0000000000000246 R12: 000000000000fa68
[  222.182287][   T34] R13: 00007efe08fb6080 R14: ffffffffffffffff R15: 00007ffedaf4a9a0
[  222.185673][   T34]  </TASK>
[  222.187048][   T34] INFO: task syz.1.96:6111 blocked for more than 143 seconds.
[  222.191423][   T34]       Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0
[  222.194928][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  222.198565][   T34] task:syz.1.96        state:D stack:25096 pid:6111  tgid:6111  ppid:5831   task_flags:0x400040 flags:0x00004004
[  222.205872][   T34] Call Trace:
[  222.207370][   T34]  <TASK>
[  222.209092][   T34]  __schedule+0x16f5/0x4d00
[  222.210992][   T34]  ? trace_call_bpf+0xb7/0x850
[  222.393317][   T34]  ? perf_trace_lock+0xec/0x3b0
[  222.395208][   T34]  ? schedule+0x165/0x360
[  222.396638][   T34]  ? __pfx___schedule+0x10/0x10
[  222.398286][   T34]  ? schedule+0x91/0x360
[  222.400143][   T34]  ? schedule+0x91/0x360
[  222.401555][   T34]  schedule+0x165/0x360
[  222.402907][   T34]  schedule_timeout+0x9a/0x270
[  222.404476][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  222.406262][   T34]  ? __wait_for_common+0x3c7/0x710
[  222.407932][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.409877][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.411720][   T34]  __wait_for_common+0x3da/0x710
[  222.413602][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  222.415526][   T34]  ? __pfx___wait_for_common+0x10/0x10
[  222.417335][   T34]  ? __raw_spin_lock_init+0x45/0x100
[  222.419158][   T34]  ? __init_swait_queue_head+0xa9/0x150
[  222.421449][   T34]  wait_for_completion_state+0x1c/0x40
[  222.423237][   T34]  __wait_rcu_gp+0x24c/0x280
[  222.424782][   T34]  synchronize_rcu_tasks_generic+0x132/0x220
[  222.426719][   T34]  ? __pfx_synchronize_rcu_tasks_generic+0x10/0x10
[  222.428889][   T34]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  222.430963][   T34]  ? __pfx_call_rcu_tasks_trace+0x10/0x10
[  222.432829][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  222.434619][   T34]  perf_event_detach_bpf_prog+0x298/0x320
[  222.436491][   T34]  ? __pfx_perf_event_detach_bpf_prog+0x10/0x10
[  222.438501][   T34]  ? security_perf_event_free+0x40/0x70
[  222.440437][   T34]  ? kfree+0x4d/0x440
[  222.441775][   T34]  _free_event+0x87b/0xa00
[  222.443248][   T34]  ? __pfx_perf_release+0x10/0x10
[  222.444871][   T34]  perf_event_release_kernel+0x45b/0x510
[  222.446677][   T34]  ? __pfx_perf_release+0x10/0x10
[  222.448352][   T34]  perf_release+0x38/0x50
[  222.450657][   T34]  __fput+0x44c/0xa70
[  222.452144][   T34]  task_work_run+0x1d4/0x260
[  222.453701][   T34]  ? __pfx_task_work_run+0x10/0x10
[  222.455461][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  222.457404][   T34]  exit_to_user_mode_loop+0xec/0x110
[  222.461749][   T34]  do_syscall_64+0x2bd/0x3b0
[  222.463338][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.465327][   T34]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  222.467355][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.470078][   T34] RIP: 0033:0x7fe5c3d8eb69
[  222.471584][   T34] RSP: 002b:00007fff30e22c08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  222.474252][   T34] RAX: 0000000000000000 RBX: 00007fe5c3fb7ba0 RCX: 00007fe5c3d8eb69
[  222.477097][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  222.479830][   T34] RBP: 00007fe5c3fb7ba0 R08: 0000000000000080 R09: 0000000730e22eff
[  222.482388][   T34] R10: 00007fe5c3fb7ac0 R11: 0000000000000246 R12: 000000000000fc91
[  222.484939][   T34] R13: 00007fff30e22d00 R14: ffffffffffffffff R15: 00007fff30e22d20
[  222.487521][   T34]  </TASK>
[  222.488593][   T34] 
[  222.488593][   T34] Showing all locks held in the system:
[  222.493403][   T34] 4 locks held by kworker/u8:0/12:
[  222.495078][   T34]  #0: ffff88801b2f6948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.499359][   T34]  #1: ffffc900000f7bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.503194][   T34]  #2: ffffffff8f5101d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  222.506170][   T34]  #3: ffffffff8e144bb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  222.511435][   T34] 3 locks held by kworker/u8:1/13:
[  222.513202][   T34]  #0: ffff88810a1aa148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.517044][   T34]  #1: ffffc90000107bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.524187][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  222.527502][   T34] 3 locks held by kworker/1:0/24:
[  222.529646][   T34]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.533512][   T34]  #1: ffffc900001c7bc0 ((work_completion)(&fw_work->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.537632][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: regdb_fw_cb+0x7d/0x1c0
[  222.543493][   T34] 3 locks held by kworker/u9:0/26:
[  222.545658][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.550571][   T34]  #1: ffffc900001efbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.555275][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  222.561325][   T34] 2 locks held by rcu_tasks_trace/32:
[  222.563687][   T34]  #0: ffffffff8e13fdd0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{4:4}, at: rcu_tasks_one_gp+0xaf9/0xdf0
[  222.568401][   T34]  #1: ffffffff8e144bb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  222.574144][   T34] 1 lock held by khungtaskd/34:
[  222.575767][   T34]  #0: ffffffff8e13f0a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  222.580980][   T34] 4 locks held by kworker/u11:0/54:
[  222.582762][   T34]  #0: ffff88803a4c5148 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.586394][   T34]  #1: ffffc900007cfbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.591052][   T34]  #2: ffff88803dcbc0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  222.594411][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  222.608804][   T34] 4 locks held by kworker/u11:1/5217:
[  222.610640][   T34]  #0: ffff88803b8b3148 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.614379][   T34]  #1: ffffc9000ab77bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.618458][   T34]  #2: ffff88803af880b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  222.639830][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  222.643393][   T34] 2 locks held by getty/5654:
[  222.644955][   T34]  #0: ffff88801c2c90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  222.648155][   T34]  #1: ffffc900029062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  222.682144][   T34] 5 locks held by kworker/u11:2/5829:
[  222.684081][   T34]  #0: ffff888026d93948 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.687653][   T34]  #1: ffffc90003a0fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.696257][   T34]  #2: ffff888113c6cdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  222.701221][   T34]  #3: ffff888113c6c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  222.704590][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  222.708183][   T34] 5 locks held by kworker/u11:3/5834:
[  222.711656][   T34]  #0: ffff88810820e948 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.716275][   T34]  #1: ffffc90003a4fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.723564][   T34]  #2: ffff8881118bcdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  222.727421][   T34]  #3: ffff8881118bc0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  222.731149][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  222.734535][   T34] 3 locks held by kworker/1:4/5877:
[  222.736348][   T34]  #0: ffff88801a481d48 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.742085][   T34]  #1: ffffc900044bfbc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.746125][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf00
[  222.750581][   T34] 1 lock held by syz.2.87/6090:
[  222.752230][   T34]  #0: ffffffff8e1a2c68 (event_mutex){+.+.}-{4:4}, at: perf_trace_destroy+0x2e/0x150
[  222.755743][   T34] 3 locks held by syz.2.87/6091:
[  222.757542][   T34] 1 lock held by syz.0.93/6113:
[  222.760742][   T34]  #0: ffffffff8f5101d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  222.764128][   T34] 1 lock held by syz.1.96/6114:
[  222.766144][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  222.770237][   T34] 1 lock held by syz-executor/6119:
[  222.772293][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.775711][   T34] 1 lock held by syz-executor/6123:
[  222.777445][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.782742][   T34] 1 lock held by syz-executor/6125:
[  222.784714][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.788202][   T34] 1 lock held by dhcpcd/6128:
[  222.792412][   T34]  #0: ffff88811a274258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  222.795751][   T34] 1 lock held by dhcpcd/6129:
[  222.797703][   T34]  #0: ffff888106f9c258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  222.802915][   T34] 1 lock held by dhcpcd/6130:
[  222.804593][   T34]  #0: ffff888026770258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  222.807637][   T34] 1 lock held by dhcpcd/6131:
[  222.809631][   T34]  #0: ffff88803bd8c258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  222.812671][   T34] 1 lock held by dhcpcd/6132:
[  222.814190][   T34]  #0: ffff88810a2de258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  222.817175][   T34] 1 lock held by dhcpcd/6133:
[  222.820635][   T34]  #0: ffff88803c7bc258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  222.823818][   T34] 1 lock held by syz-executor/6142:
[  222.825453][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.828408][   T34] 1 lock held by syz-executor/6143:
[  222.831815][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.834914][   T34] 1 lock held by syz-executor/6144:
[  222.836895][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.841224][   T34] 6 locks held by kworker/u11:5/6151:
[  222.842914][   T34]  #0: ffff88810820d148 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.846483][   T34]  #1: ffffc90002adfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.851657][   T34]  #2: ffff888028064dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  222.854963][   T34]  #3: ffff8880280640b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  222.858630][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  222.863759][   T34]  #5: ffff88810820fb38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  222.867578][   T34] 5 locks held by kworker/u11:6/6152:
[  222.870234][   T34]  #0: ffff88811cb1a948 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.874673][   T34]  #1: ffffc90002acfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.881080][   T34]  #2: ffff88810b1a4dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  222.908329][   T34]  #3: ffff88810b1a40b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  222.911970][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  222.915072][   T34] 1 lock held by syz-executor/6157:
[  222.916742][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.921145][   T34] 1 lock held by syz-executor/6158:
[  222.922811][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.925918][   T34] 1 lock held by syz-executor/6162:
[  222.927664][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  222.931921][   T34] 4 locks held by kworker/u11:7/6164:
[  222.933675][   T34]  #0: ffff88803ddf1948 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.937302][   T34]  #1: ffffc90002a8fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.942551][   T34]  #2: ffff88803facc0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  222.945800][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  222.949341][   T34] 5 locks held by kworker/u11:8/6167:
[  222.951089][   T34]  #0: ffff88811c247948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.954592][   T34]  #1: ffffc90002a5fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.960224][   T34]  #2: ffff88803bd9cdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  222.963503][   T34]  #3: ffff88803bd9c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  222.966691][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  222.970244][   T34] 5 locks held by kworker/u11:10/6169:
[  222.972125][   T34]  #0: ffff88811cb1f948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  222.975659][   T34]  #1: ffffc90002a3fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  222.981038][   T34]  #2: ffff88811cafcdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  222.984173][   T34]  #3: ffff88811cafc0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  222.987812][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  222.991946][   T34] 
[  222.992783][   T34] =============================================
[  222.992783][   T34] 
[  222.995443][   T34] NMI backtrace for cpu 0
[  222.995449][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[  222.995458][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  222.995462][   T34] Call Trace:
[  222.995466][   T34]  <TASK>
[  222.995469][   T34]  dump_stack_lvl+0x189/0x250
[  222.995481][   T34]  ? __wake_up_klogd+0xd9/0x110
[  222.995493][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.995501][   T34]  ? __pfx__printk+0x10/0x10
[  222.995516][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  222.995526][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  222.995533][   T34]  ? _printk+0xcf/0x120
[  222.995544][   T34]  ? __pfx__printk+0x10/0x10
[  222.995555][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  222.995563][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  222.995572][   T34]  watchdog+0xfee/0x1030
[  222.995586][   T34]  ? watchdog+0x1de/0x1030
[  222.995600][   T34]  kthread+0x711/0x8a0
[  222.995612][   T34]  ? __pfx_watchdog+0x10/0x10
[  222.995623][   T34]  ? __pfx_kthread+0x10/0x10
[  222.995634][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.995642][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.995651][   T34]  ? __pfx_kthread+0x10/0x10
[  222.995662][   T34]  ret_from_fork+0x3fc/0x770
[  222.995671][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  222.995681][   T34]  ? __switch_to_asm+0x39/0x70
[  222.995690][   T34]  ? __switch_to_asm+0x33/0x70
[  222.995698][   T34]  ? __pfx_kthread+0x10/0x10
[  222.995709][   T34]  ret_from_fork_asm+0x1a/0x30
[  222.995725][   T34]  </TASK>
[  222.995728][   T34] Sending NMI from CPU 0 to CPUs 1:
[  223.049210][    C1] NMI backtrace for cpu 1
[  223.049221][    C1] CPU: 1 UID: 0 PID: 6091 Comm: syz.2.87 Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[  223.049230][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  223.049234][    C1] RIP: 0010:native_apic_msr_write+0x39/0x50
[  223.049248][    C1] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 cc cc cc cc cc f3 0f 1e fa 89 f6 31 d2 e9 e2 d0 86 03 66
[  223.049253][    C1] RSP: 0018:ffffc900001e0388 EFLAGS: 00000046
[  223.049261][    C1] RAX: 00000000000000f5 RBX: ffff888136623900 RCX: 0000000000000838
[  223.049266][    C1] RDX: 0000000000000000 RSI: 00000000000000f5 RDI: 0000000000000838
[  223.049270][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff81aebece
[  223.049273][    C1] R10: 0000000000000003 R11: ffffffff81702490 R12: 000000000ffff94a
[  223.049278][    C1] R13: dffffc0000000000 R14: 00000000000000f5 R15: 0000000000000020
[  223.049282][    C1] FS:  00007efe09c2f6c0(0000) GS:ffff8881a3c1f000(0000) knlGS:0000000000000000
[  223.049287][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  223.049292][    C1] CR2: 00007fe494e60cbf CR3: 0000000011644000 CR4: 00000000000006f0
[  223.049296][    C1] Call Trace:
[  223.049299][    C1]  <IRQ>
[  223.049302][    C1]  lapic_next_event+0x11/0x20
[  223.049310][    C1]  clockevents_program_event+0x1cf/0x360
[  223.049323][    C1]  hrtimer_interrupt+0x620/0xaa0
[  223.049338][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  223.049346][    C1]  sysvec_apic_timer_interrupt+0x52/0xc0
[  223.049354][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  223.049366][    C1] RIP: 0010:lock_acquire+0x175/0x360
[  223.049373][    C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 cb de 01 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  223.049378][    C1] RSP: 0018:ffffc900001e05f8 EFLAGS: 00000206
[  223.049383][    C1] RAX: accee36815db0000 RBX: 0000000000000000 RCX: accee36815db0000
[  223.049387][    C1] RDX: 0000000000000000 RSI: ffffffff8db863e2 RDI: ffffffff8be29f80
[  223.049391][    C1] RBP: ffffffff8172aae5 R08: 0000000000000000 R09: ffffffff8172aae5
[  223.049395][    C1] R10: ffffc900001e07b8 R11: ffffffff81acf520 R12: 0000000000000002
[  223.049399][    C1] R13: ffffffff8e13f0a0 R14: 0000000000000000 R15: 0000000000000246
[  223.049404][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.049411][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  223.049420][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.049431][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.049438][    C1]  ? __iterate_interfaces+0x2ab/0x590
[  223.049445][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.049451][    C1]  unwind_next_frame+0xc2/0x2390
[  223.049458][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.049466][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.049473][    C1]  ? mac80211_hwsim_beacon_tx+0x3f0/0x860
[  223.049484][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  223.049493][    C1]  arch_stack_walk+0x11c/0x150
[  223.049502][    C1]  ? __iterate_interfaces+0x2ab/0x590
[  223.049509][    C1]  stack_trace_save+0x9c/0xe0
[  223.049517][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  223.049525][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  223.049532][    C1]  ? sched_clock+0x3f/0x60
[  223.049541][    C1]  ? sched_clock_cpu+0x74/0x430
[  223.049549][    C1]  ? clockevents_program_event+0x24d/0x360
[  223.049558][    C1]  kasan_save_track+0x3e/0x80
[  223.049568][    C1]  ? kasan_save_track+0x3e/0x80
[  223.049576][    C1]  ? kasan_save_free_info+0x46/0x50
[  223.049584][    C1]  ? __kasan_slab_free+0x62/0x70
[  223.049589][    C1]  ? kmem_cache_free+0x18f/0x400
[  223.049595][    C1]  ? mac80211_hwsim_beacon_tx+0x3f0/0x860
[  223.049604][    C1]  ? __iterate_interfaces+0x2ab/0x590
[  223.049623][    C1]  ? kasan_byte_accessible+0x18/0x30
[  223.049630][    C1]  ? mac80211_hwsim_beacon_tx+0x3f0/0x860
[  223.049639][    C1]  kasan_save_free_info+0x46/0x50
[  223.049646][    C1]  __kasan_slab_free+0x62/0x70
[  223.049652][    C1]  kmem_cache_free+0x18f/0x400
[  223.049660][    C1]  mac80211_hwsim_beacon_tx+0x3f0/0x860
[  223.049671][    C1]  __iterate_interfaces+0x2ab/0x590
[  223.049677][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  223.049686][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  223.049693][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  223.049702][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  223.049709][    C1]  mac80211_hwsim_beacon+0xbb/0x1c0
[  223.049717][    C1]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  223.049724][    C1]  __hrtimer_run_queues+0x52c/0xc60
[  223.049736][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  223.049746][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  223.049754][    C1]  handle_softirqs+0x286/0x870
[  223.049763][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  223.049771][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  223.049780][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  223.049790][    C1]  __irq_exit_rcu+0xca/0x1f0
[  223.049797][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  223.049806][    C1]  irq_exit_rcu+0x9/0x30
[  223.049813][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  223.049820][    C1]  </IRQ>
[  223.049822][    C1]  <TASK>
[  223.049825][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  223.049831][    C1] RIP: 0010:in_lock_functions+0x1a/0x30
[  223.049839][    C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 81 ff 90 11 71 8b 0f 93 c0 48 81 ff 24 57 71 8b 0f 92 c1 20 c1 <0f> b6 c1 e9 be a3 d2 09 cc cc cc cc cc cc cc cc cc cc cc cc cc cc
[  223.049845][    C1] RSP: 0018:ffffc90002fff398 EFLAGS: 00000246
[  223.049850][    C1] RAX: 0000000000000000 RBX: ffffffff8b6fb17e RCX: accee36815db0000
[  223.049854][    C1] RDX: 0000000000000000 RSI: ffffffff8be29f60 RDI: ffffffff8b6fb17e
[  223.049858][    C1] RBP: ffffc90002fff438 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  223.049862][    C1] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  223.049866][    C1] R13: ffffffff8e144440 R14: ffff888107b3b1a0 R15: dffffc0000000000
[  223.049872][    C1]  ? preempt_schedule+0xae/0xc0
[  223.049881][    C1]  ? preempt_schedule+0xae/0xc0
[  223.049889][    C1]  preempt_schedule_common+0x43/0xd0
[  223.049897][    C1]  preempt_schedule+0xae/0xc0
[  223.049904][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[  223.049914][    C1]  preempt_schedule_thunk+0x16/0x30
[  223.049926][    C1]  _raw_spin_unlock_irqrestore+0xfd/0x110
[  223.049934][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  223.049942][    C1]  ? swake_up_one+0x78/0x140
[  223.049951][    C1]  rcu_preempt_deferred_qs_irqrestore+0x874/0xc40
[  223.049967][    C1]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  223.049978][    C1]  ? rcu_is_watching+0x15/0xb0
[  223.049986][    C1]  rcu_read_unlock_special+0x3fe/0x4c0
[  223.049995][    C1]  ? __pfx_perf_trace_lock+0x10/0x10
[  223.050042][    C1]  ? irqentry_exit+0x74/0x90
[  223.050054][    C1]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  223.050069][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.050080][    C1]  __rcu_read_unlock+0x84/0xe0
[  223.050089][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.050096][    C1]  unwind_next_frame+0x19ae/0x2390
[  223.050104][    C1]  ? unwind_next_frame+0xa5/0x2390
[  223.050112][    C1]  ? security_sk_alloc+0x52/0x390
[  223.050120][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  223.050128][    C1]  arch_stack_walk+0x11c/0x150
[  223.050137][    C1]  ? sk_prot_alloc+0x101/0x220
[  223.050146][    C1]  stack_trace_save+0x9c/0xe0
[  223.050154][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  223.050162][    C1]  ? stack_trace_save+0x9c/0xe0
[  223.050172][    C1]  kasan_save_track+0x3e/0x80
[  223.050181][    C1]  ? kasan_save_track+0x3e/0x80
[  223.050190][    C1]  ? __kasan_kmalloc+0x93/0xb0
[  223.050195][    C1]  ? __kmalloc_noprof+0x27a/0x4f0
[  223.050201][    C1]  ? security_sk_alloc+0x52/0x390
[  223.050219][    C1]  __kasan_kmalloc+0x93/0xb0
[  223.050226][    C1]  __kmalloc_noprof+0x27a/0x4f0
[  223.050232][    C1]  ? security_sk_alloc+0x52/0x390
[  223.050239][    C1]  security_sk_alloc+0x52/0x390
[  223.050246][    C1]  sk_prot_alloc+0x101/0x220
[  223.050252][    C1]  ? sk_alloc+0x24/0x370
[  223.050259][    C1]  sk_alloc+0x3a/0x370
[  223.050267][    C1]  __netlink_create+0x65/0x260
[  223.050278][    C1]  netlink_create+0x3ca/0x590
[  223.050286][    C1]  ? __pfx_sock_diag_bind+0x10/0x10
[  223.050296][    C1]  __sock_create+0x4b3/0x9f0
[  223.050307][    C1]  __sys_socket+0xd7/0x1b0
[  223.050317][    C1]  __x64_sys_socket+0x7a/0x90
[  223.050327][    C1]  do_syscall_64+0xfa/0x3b0
[  223.050336][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.050342][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  223.050349][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.050355][    C1] RIP: 0033:0x7efe08d8eb69
[  223.050367][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.050372][    C1] RSP: 002b:00007efe09c2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  223.050379][    C1] RAX: ffffffffffffffda RBX: 00007efe08fb5fa0 RCX: 00007efe08d8eb69
[  223.050383][    C1] RDX: 0000000000000004 RSI: 0000000000000002 RDI: 0000000000000010
[  223.050387][    C1] RBP: 00007efe08e11df1 R08: 0000000000000000 R09: 0000000000000000
[  223.050391][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  223.050394][    C1] R13: 0000000000000000 R14: 00007efe08fb5fa0 R15: 00007ffedaf4a728
[  223.050403][    C1]  </TASK>
[  223.532977][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  223.535987][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00434-gcd7c97f4584a-dirty #0 PREEMPT(full) 
[  223.541179][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  223.545389][   T34] Call Trace:
[  223.546863][   T34]  <TASK>
[  223.548197][   T34]  dump_stack_lvl+0x99/0x250
[  223.550247][   T34]  ? __asan_memcpy+0x40/0x70
[  223.552159][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.554315][   T34]  ? __pfx__printk+0x10/0x10
[  223.556297][   T34]  panic+0x2db/0x790
[  223.558028][   T34]  ? __pfx_panic+0x10/0x10
[  223.559930][   T34]  ? nmi_backtrace_stall_check+0x433/0x440
[  223.562446][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  223.564801][   T34]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  223.567524][   T34]  watchdog+0x102d/0x1030
[  223.569448][   T34]  ? watchdog+0x1de/0x1030
[  223.571378][   T34]  kthread+0x711/0x8a0
[  223.573154][   T34]  ? __pfx_watchdog+0x10/0x10
[  223.575181][   T34]  ? __pfx_kthread+0x10/0x10
[  223.577183][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.579425][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.581678][   T34]  ? __pfx_kthread+0x10/0x10
[  223.583666][   T34]  ret_from_fork+0x3fc/0x770
[  223.585717][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  223.587939][   T34]  ? __switch_to_asm+0x39/0x70
[  223.590050][   T34]  ? __switch_to_asm+0x33/0x70
[  223.592153][   T34]  ? __pfx_kthread+0x10/0x10
[  223.594202][   T34]  ret_from_fork_asm+0x1a/0x30
[  223.596312][   T34]  </TASK>
[  223.598544][   T34] Kernel Offset: disabled
[  223.600397][   T34] Rebooting in 86400 seconds..

VM DIAGNOSIS:
02:09:11  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000006c RBX=000000000000006c RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000068f6d0
R8 =ffff888108a50237 R9 =1ffff1102114a046 R10=dffffc0000000000 R11=ffffffff85471fa0
R12=dffffc0000000000 R13=ffffffff99af58ba R14=ffffffff99dfa1e0 R15=0000000000000000
RIP=ffffffff8547201c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe494e413f8 CR3=000000000df38000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000000 00007fe497187d20
XMM02=0000000500000007 ffffffff00000001 XMM03=ffffffff84752a0d ffffffff8962c91c
XMM04=0000000000000000 0000000000000016 XMM05=0000000000000000 000000000003bf12
XMM06=ffffffff896b16da ffffffff00000007 XMM07=ffffffff00000000 ffffffff81cee4ee
XMM08=ffffffff8950e3f8 ffffffff00000006 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=0000000000000820 RCX=0000000000000100 RDX=ffff888107b39cc0
RSI=0000000000000000 RDI=0000000000000000 RBP=ffffc900001e0830 RSP=ffffc900001e0560
R8 =ffff888107b39cc0 R9 =0000000000000002 R10=0000000000000003 R11=0000000000000100
R12=0000000000212110 R13=dffffc0000000000 R14=00000000000000f0 R15=1ffff9200003c0b0
RIP=ffffffff822365c7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007efe09c2f6c0 ffffffff 00c00000
GS =0000 ffff8881a3c1f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe494e60cbf CR3=0000000011644000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000602
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000000001dba522b 000000000000001b XMM01=7a79730000000000 00000000370675df
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffffffffffffff00 0000000000000000 XMM05=0200000000000000 00000000000002ff
XMM06=0200000000000000 00000000000002ff XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
