last executing test programs:

16.418059829s ago: executing program 1 (id=2):
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x100000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x2, @perf_config_ext={0x407fff, 0x4000000aea}, 0x14d05, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xa9e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x14, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(0x0, 0x0, 0x10, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x4000000000000, 0xffffffffffffffff, 0x0)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x80000000}, [@call={0x85, 0x0, 0x0, 0x7a}]}, 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
socketpair(0x1e, 0x1, 0x8, &(0x7f0000001140))
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20810, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffd, 0xfffffffffffffffe}, 0x8000, 0x7, 0x4, 0x6, 0x61, 0x0, 0x5, 0x0, 0x2ff, 0x0, 0xb}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f1, &(0x7f0000000080))

16.417871412s ago: executing program 2 (id=3):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x2c, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x11b, 0x4, &(0x7f0000000000), 0x18)

16.276223529s ago: executing program 2 (id=4):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x100904}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="b4080000000000005a113400"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x94)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000005c0)="3504000041000511d25a35400c00020001ffe72037153e370c04018006041000450000002a560000e7ff0040", 0x2c}, {&(0x7f0000000600)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb1b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c891cc4556efd6a6d0f8d57f2267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc2261c238a5159ea98db9c00aeef644ae98a8cb8da3ff3b7ba14d7971910b559623af829524d83bf19f18628464076329140e0203fc75859185ccd019302afb784e41e16cf2d31db7aba83d0f500ce25fc2d7f524a04cfaa0015ea8a297477a5517f8a4ac167083a321c78070974afc897fb738fbcfeac369844fd7fc11fff502c02b7607007ead2007a18006a6ca8dc2d0119f01d7083c2ab5760ac7b24d7bf26b9030cf455a08385f9e662cbe0c3ca6e6fd4ac0c8566c0fca986c68ef7016a11d3e44253b6f2d07d53505ed58b8ad410f89425046321b4a9b27b5e767bdfa0ebf7abf3d91b319120000853d8e5cbc4a2c5c560b007eafe03e3332f6017f3164c7f602180aad23dfe5e770fe8855f45925e342b7dfd7ddaa68b65065465cdf4d5b8d995d6e6a7042ebea3d139c6a616232eb4efd1a50d0e6db3188a8e98375fda2a7ebd4cd59b9ea626c13685b05e6cf4d484e32869fd7c7167dbfa48b1529e5dd5f5a02673ccc7dbedfd75e34f3f9eb3c7833734a59acada6dd2ff364475e03f2219deedb5d0c941f2177a23167adcc5a15f4e5441ed537f26a1620df057aeb55b2ad3a00a77e23d304ed6034dd5ec9b2cfe777ca21ec4f48abdafa0d66a78d653068ef871bdc6598fd32edcba60c675a1e8f4e81e83f73414c179bfb7f329d71fe6e291fb2eaa59b9636cb6a74d0deb46a18c77f37abf0894a7083e0e4c237ff7c24872668ac40e307569a975b2765af8d3268d11b473d5d7544edd1ed0e507c319e128daf7e75c349c9b3de603580d52a6c118acf924216130364bfab8d59969e4dbee0a9208adb7bfa855556be06a666334a0612e4ff3fc6f4ddb9a0c209301081f34824496480d688ae9bd0c3c28ea8ecfe01a2b86dcb3750686a89891d9abf0d584c854b4bc6096293fbc8707312f424996361ef9261ef3ba7cd2ddffb0e3c81e6b962d680e02f7a672dc2643cc24ad6", 0x3bf}, {&(0x7f0000000000), 0x700}, {&(0x7f0000000040)="9d493c13b6b02affcc19cb904ec2bd74085b0bd225277e5a44d681809b6d764ecab211ef0c90ba361a4378457b19705b18406f35071130b4e06c4a3b1a6e9a9d7cf1453aeb21e4c30a85207027af69f536ec61a4a59614b3f59314c649223b791213aafb18e08f295189c63c72d255f34987edf7a120ed0fd80500000000000000c4bf95e695a7b864e534d2af6abeee35de087c976a02f4e4b20bdea333455b73232f9297ce2197ce", 0xa9}], 0x4}, 0x10049014)

16.147220703s ago: executing program 2 (id=5):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000080)='i', 0x34000}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000140)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000300)='^', 0x1}], 0x1}, 0x840)

16.113835411s ago: executing program 1 (id=6):
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="850000002e00000076000000000000666100000f000000009500000000000000e6b549e8a4871cb5b0766c167c4ba699444486d173e94e46b8d15de28680951105a8936e59522778fe06fc3ac4"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
r0 = socket$kcm(0x10, 0x3, 0x10)
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f00000002c0))

16.001867501s ago: executing program 1 (id=8):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9041c1d0800fe007c05e8fe55a104000100ff02142603600e12080005007a010401a80016002000034004020000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)

15.877539672s ago: executing program 1 (id=9):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000006000000040000000000000e0400000000000000000000000100000d0400000004000000040000000000000000000010040000000000000000000002030000000000000061"], 0x0, 0x5a, 0x0, 0x4, 0x80000}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={r0, 0x20, &(0x7f0000000080)={&(0x7f0000001680)=""/4098, 0x1002, 0x0, &(0x7f0000000000)=""/65, 0x41}}, 0x10)

15.814691661s ago: executing program 1 (id=11):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xe8001, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x2})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000008c0), 0x4)
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x25)
r2 = perf_event_open(&(0x7f0000001380)={0x2, 0x80, 0x0, 0x6, 0x1, 0xd8, 0x0, 0x1, 0x30100, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x1, @perf_config_ext={0x400, 0x81}, 0x1540, 0x9, 0x0, 0x0, 0x9, 0xfb04, 0x0, 0x0, 0x200, 0x0, 0x2}, 0x0, 0xf, 0xffffffffffffffff, 0xb)
perf_event_open(0x0, 0x0, 0x3, r2, 0x2)
r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffd, 0x10000}, 0x106181, 0x4, 0x0, 0x5, 0x0, 0xc, 0x1}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4)
r5 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x804, 0x14c9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x803, 0x0, @perf_config_ext={0x1}, 0x20a0, 0x58, 0x80000000, 0x4, 0x2, 0xfffffffe, 0x1, 0x0, 0x0, 0x0, 0x6e8}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
close(0x3)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, &(0x7f0000000040)=""/155, 0x1000000, 0x9b, 0x1}, 0x1f)

15.814520426s ago: executing program 0 (id=12):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x10}, 0x94)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001780)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x55, 0x1, 0x0, 0x0, 0x0, 0x7ff2, 0xa892, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b73, 0x1, @perf_config_ext={0x1, 0x1}, 0x14105, 0x32, 0xfffffbff, 0x6, 0x2, 0x6, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
recvmsg$unix(r0, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = socket$kcm(0xa, 0x2, 0x88)
setsockopt$sock_attach_bpf(r3, 0x1, 0x41, &(0x7f0000000040)=r2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000580)={&(0x7f00000001c0)=@in6={0xa, 0x4e21, 0x4, @mcast2, 0x9}, 0x1b, 0x0}, 0x4000080)
perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7f, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x3, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
recvmsg$kcm(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x2100)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)

15.397993685s ago: executing program 0 (id=13):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x4, [@fwd={0x2}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x12, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x50}, 0x20)

15.397613193s ago: executing program 0 (id=14):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='contention_end\x00'}, 0x18)
sendmsg$unix(r0, &(0x7f0000000200)={&(0x7f0000000040)=@abs={0x1, 0x2e}, 0x6e, 0x0}, 0x0)

15.326600079s ago: executing program 1 (id=15):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000011c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0xa, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000200)="442d3ad11752a171df318767ddf8", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
setsockopt$sock_attach_bpf(r2, 0x29, 0x1a, &(0x7f0000000140), 0x4)
sendmsg$kcm(r2, &(0x7f00000003c0)={&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0xfffffffc, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x80, 0x0}, 0x20000002)
r4 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8003}, 0x43, 0x2e, 0xfffffbff, 0x3, 0x2, 0x2, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
r6 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x9, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x2000, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socket$kcm(0x2c, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r7 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r7, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e21}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000300)="80", 0x1}], 0x1}, 0x0)
recvmsg(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000dc0)=""/255, 0xff}], 0x1, &(0x7f0000000480)=""/19, 0x13}, 0x40000010)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r1, <r8=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x2a, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8}, [@alu={0x4, 0x0, 0x7, 0xb, 0x0, 0xfffffffffffffff0, 0xfffffffffffffffc}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7b2}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xe3}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}, @generic={0x9, 0x6, 0xb, 0x7f, 0xffff}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}]}, 0x0, 0xd, 0x65, &(0x7f0000000300)=""/101, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x4, 0x7ff, 0xfffffffa}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000600), &(0x7f0000000640)=[{0x0, 0x4, 0x5, 0x8}, {0x2, 0x1, 0xe, 0x3}, {0x2, 0x4, 0xf, 0xb}, {0x2, 0x4, 0x7, 0xb}, {0x3, 0x1, 0x10, 0xc}], 0x10, 0xb0000000}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="0100"})

15.326421156s ago: executing program 0 (id=16):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000200)="6fb355bb7c1e85390de40d0df22a", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

15.256237174s ago: executing program 0 (id=17):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7050000000000006110380000000000dc0500001000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9808837203000000000000c2d182c7a3221481f5009edaf5f5ac058299e10e790a198f42a715b99fb3d2a73dd025848710155ad1efd7d991408000000000000085a0db0401fa29e075b7ab0408a0d8cfceeb23465bb027ee1151c02af21d8f9aa57e673a6724441d08087aff070eda8abef22b3a806c8226f5a2886c93bd29b37252ba4a6e9cc5f69e75680c431aa855e487ae513abd6c4ee973fce29a26018ed5e0780f8778a602a3533a3dac7da4fe491edf3abfa7bf871c58848ac46ada6776bd9b85df01e626026a59ddfa7a9c879acbfb0bf426785dec7d8611dc850df49ed8633bdb83dd505fb20649f53841a0e200c91f5bf1bb186ed87efc7b6f8859d029c8376ca19265e281fea0a6fd2222f8850c8445758503ede0ce1b3f73ecd8989e8c53c5e679b13802bddf80f3b1d07d6d68bfa12ab34697d40ac1150a842f8bb381344b994c19642a10eb30845a993daaa8bd4aebc595475feb3475d8e802498382e73edb98fcf2df96ab3c870490c4"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x48)

15.255853144s ago: executing program 0 (id=18):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1509, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x8000000000000001}, 0x309319, 0x4, 0x0, 0x3, 0x2, 0x1, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000640)=r2, 0x4)
sendmsg$unix(0xffffffffffffffff, 0x0, 0xc000090)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r3, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

15.196292531s ago: executing program 2 (id=19):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
socketpair(0xf, 0x3, 0x2, 0x0)

135.858168ms ago: executing program 32 (id=18):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1509, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x8000000000000001}, 0x309319, 0x4, 0x0, 0x3, 0x2, 0x1, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0x5, &(0x7f00000005c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000e5020000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000640)=r2, 0x4)
sendmsg$unix(0xffffffffffffffff, 0x0, 0xc000090)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r3, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

68.754018ms ago: executing program 33 (id=15):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000011c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0xa, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000200)="442d3ad11752a171df318767ddf8", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
setsockopt$sock_attach_bpf(r2, 0x29, 0x1a, &(0x7f0000000140), 0x4)
sendmsg$kcm(r2, &(0x7f00000003c0)={&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0xfffffffc, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x80, 0x0}, 0x20000002)
r4 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8003}, 0x43, 0x2e, 0xfffffbff, 0x3, 0x2, 0x2, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
r6 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x4, 0x82, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7d, 0x0, @perf_config_ext={0x3, 0x8001}, 0x0, 0x2e, 0xfffffbff, 0x9, 0x2, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, 0xffffffffffffffff)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x2000, 0x2, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1d, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'wlan0\x00', 0x200})
socket$kcm(0x2c, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r7 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r7, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e21}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000300)="80", 0x1}], 0x1}, 0x0)
recvmsg(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000dc0)=""/255, 0xff}], 0x1, &(0x7f0000000480)=""/19, 0x13}, 0x40000010)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r1, <r8=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x2a, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8}, [@alu={0x4, 0x0, 0x7, 0xb, 0x0, 0xfffffffffffffff0, 0xfffffffffffffffc}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7b2}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xe3}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}}, @generic={0x9, 0x6, 0xb, 0x7f, 0xffff}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}]}, 0x0, 0xd, 0x65, &(0x7f0000000300)=""/101, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x1, 0x3}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x4, 0x7ff, 0xfffffffa}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000000600), &(0x7f0000000640)=[{0x0, 0x4, 0x5, 0x8}, {0x2, 0x1, 0xe, 0x3}, {0x2, 0x4, 0xf, 0xb}, {0x2, 0x4, 0x7, 0xb}, {0x3, 0x1, 0x10, 0xc}], 0x10, 0xb0000000}, 0x94)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="0100"})

0s ago: executing program 34 (id=19):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, @perf_bp={0x0, 0xf}, 0x1000, 0x4, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000980)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
socketpair(0xf, 0x3, 0x2, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:35760' (ED25519) to the list of known hosts.
syzkaller login: [   48.240907][ T5758] cgroup: Unknown subsys name 'net'
[   48.333292][ T5758] cgroup: Unknown subsys name 'cpuset'
[   48.339877][ T5758] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   49.869603][ T5758] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   54.466665][ T5829] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   54.470871][ T5829] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   54.476444][ T5829] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   54.481114][ T5829] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   54.484720][ T5829] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   54.604366][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   54.607443][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   54.610631][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   54.617934][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   54.621113][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   54.624880][ T5835] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   54.628530][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   54.678692][ T5220] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   54.683502][ T5220] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   54.687314][ T5220] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   54.726064][ T5826] chnl_net:caif_netlink_parms(): no params data found
[   54.861515][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.865429][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.869507][ T5826] bridge_slave_0: entered allmulticast mode
[   54.873372][ T5826] bridge_slave_0: entered promiscuous mode
[   54.882638][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   54.888670][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.891847][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.895173][ T5826] bridge_slave_1: entered allmulticast mode
[   54.900004][ T5826] bridge_slave_1: entered promiscuous mode
[   54.960337][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   54.969405][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.054583][ T5826] team0: Port device team_slave_0 added
[   55.057537][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.060522][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.063439][ T5831] bridge_slave_0: entered allmulticast mode
[   55.068646][ T5831] bridge_slave_0: entered promiscuous mode
[   55.073773][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.077388][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.080346][ T5831] bridge_slave_1: entered allmulticast mode
[   55.084116][ T5831] bridge_slave_1: entered promiscuous mode
[   55.100754][ T5826] team0: Port device team_slave_1 added
[   55.148841][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.151141][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.160159][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.171327][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.175007][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   55.180080][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.182249][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.190774][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.196836][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.253857][ T5831] team0: Port device team_slave_0 added
[   55.267123][ T5831] team0: Port device team_slave_1 added
[   55.335066][ T5826] hsr_slave_0: entered promiscuous mode
[   55.338496][ T5826] hsr_slave_1: entered promiscuous mode
[   55.375470][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.378475][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.390552][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.395702][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.398459][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.400927][ T5833] bridge_slave_0: entered allmulticast mode
[   55.404746][ T5833] bridge_slave_0: entered promiscuous mode
[   55.410192][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.413313][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.416440][ T5833] bridge_slave_1: entered allmulticast mode
[   55.420332][ T5833] bridge_slave_1: entered promiscuous mode
[   55.424516][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.429221][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.439418][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.498710][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.503299][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.588009][ T5831] hsr_slave_0: entered promiscuous mode
[   55.591182][ T5831] hsr_slave_1: entered promiscuous mode
[   55.593961][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   55.599801][ T5831] Cannot create hsr debugfs directory
[   55.604992][ T5833] team0: Port device team_slave_0 added
[   55.629617][ T5833] team0: Port device team_slave_1 added
[   55.669010][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.671900][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.682626][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.706142][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.709093][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.721356][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.834585][ T5833] hsr_slave_0: entered promiscuous mode
[   55.838437][ T5833] hsr_slave_1: entered promiscuous mode
[   55.841307][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   55.844445][ T5833] Cannot create hsr debugfs directory
[   56.035437][ T5826] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   56.053087][ T5826] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   56.060370][ T5826] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   56.077043][ T5826] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   56.114656][ T5833] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   56.128708][ T5833] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   56.136417][ T5833] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   56.165140][ T5833] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   56.233553][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   56.239995][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   56.247384][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   56.258466][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   56.330445][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.356770][ T5826] 8021q: adding VLAN 0 to HW filter on device team0
[   56.371156][ T4977] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.374453][ T4977] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.400495][ T4977] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.403553][ T4977] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.442239][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.490037][ T5826] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   56.525036][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   56.528298][   T54] Bluetooth: hci0: command tx timeout
[   56.549955][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.552843][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.580409][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.583343][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.649656][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.686786][   T54] Bluetooth: hci1: command tx timeout
[   56.708150][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   56.723322][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.726387][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.751535][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.754733][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.766342][   T54] Bluetooth: hci2: command tx timeout
[   56.781214][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.880243][ T5826] veth0_vlan: entered promiscuous mode
[   56.888850][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.901534][ T5826] veth1_vlan: entered promiscuous mode
[   56.963454][ T5826] veth0_macvtap: entered promiscuous mode
[   56.981954][ T5833] veth0_vlan: entered promiscuous mode
[   56.998464][ T5826] veth1_macvtap: entered promiscuous mode
[   57.008211][ T5833] veth1_vlan: entered promiscuous mode
[   57.024857][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.033516][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.043891][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.059684][ T5826] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.063058][ T5826] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.066956][ T5826] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.070179][ T5826] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.080653][ T5833] veth0_macvtap: entered promiscuous mode
[   57.099102][ T5833] veth1_macvtap: entered promiscuous mode
[   57.133849][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.147778][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.157845][ T5831] veth0_vlan: entered promiscuous mode
[   57.170079][ T5833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.172967][ T5833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.177948][ T5833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.180732][ T5833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.191841][ T5831] veth1_vlan: entered promiscuous mode
[   57.203904][  T971] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.211998][  T971] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.255174][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.258644][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.264611][ T4977] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.267110][ T5831] veth0_macvtap: entered promiscuous mode
[   57.269315][ T4977] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.281158][ T5831] veth1_macvtap: entered promiscuous mode
[   57.307444][ T4977] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.310282][ T4977] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.319893][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.333156][ T5826] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   57.341335][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.349162][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.352774][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.362922][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.368345][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.556844][ T5899] netlink: 17 bytes leftover after parsing attributes in process `syz.2.4'.
[   57.560699][ T5899] netlink: zone id is out of range
[   57.562739][ T5899] netlink: zone id is out of range
[   57.565398][ T5899] netlink: zone id is out of range
[   57.571364][ T5899] netlink: zone id is out of range
[   57.573517][ T5899] netlink: zone id is out of range
[   57.576505][ T5899] netlink: zone id is out of range
[   57.578628][ T5899] netlink: zone id is out of range
[   57.580737][ T5899] netlink: zone id is out of range
[   57.582962][ T5899] netlink: zone id is out of range
[   57.585245][ T5899] netlink: zone id is out of range
[   57.603306][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.616380][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.638373][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.642926][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.880262][ T5910] netlink: 'syz.1.8': attribute type 1 has an invalid length.
[   58.012767][ T5917] syzkaller1: tun_chr_ioctl cmd 1074025673
[   58.075590][    C1] hrtimer: interrupt took 942428 ns
[   58.271373][ T5919] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   58.607565][   T54] Bluetooth: hci0: command tx timeout
[   58.690463][ T5929] warning: `syz.1.15' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   58.778523][   T54] Bluetooth: hci1: command tx timeout
[   58.846103][   T54] Bluetooth: hci2: command tx timeout
[   60.685791][ T5220] Bluetooth: hci0: command tx timeout
[   60.846204][ T5220] Bluetooth: hci1: command tx timeout
[   60.926292][ T5220] Bluetooth: hci2: command tx timeout
[   62.767903][ T5220] Bluetooth: hci0: command tx timeout
[   62.937556][ T5220] Bluetooth: hci1: command tx timeout
[   63.005833][ T5220] Bluetooth: hci2: command tx timeout
[   74.262327][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   74.263075][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   74.263480][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   74.264571][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   74.265037][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   74.393468][ T5220] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   74.394058][ T5220] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   74.394324][ T5220] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   74.398007][ T5220] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   74.398563][ T5220] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   74.444978][ T5220] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   74.451640][ T5220] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   74.452205][ T5220] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   74.453031][ T5220] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   74.453384][ T5220] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   76.365799][ T5220] Bluetooth: hci3: command tx timeout
[   76.456011][ T5220] Bluetooth: hci4: command tx timeout
[   76.525872][ T5220] Bluetooth: hci5: command tx timeout
[   78.446000][ T5220] Bluetooth: hci3: command tx timeout
[   78.525886][ T5220] Bluetooth: hci4: command tx timeout
[   78.606061][ T5220] Bluetooth: hci5: command tx timeout
[   80.529487][ T5220] Bluetooth: hci3: command tx timeout
[   80.616058][ T5220] Bluetooth: hci4: command tx timeout
[   80.685956][ T5220] Bluetooth: hci5: command tx timeout
[   81.256045][   T24] cfg80211: failed to load regulatory.db
[   81.829114][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[   81.831596][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[   82.605906][ T5220] Bluetooth: hci3: command tx timeout
[   82.685914][ T5220] Bluetooth: hci4: command tx timeout
[   82.766061][ T5220] Bluetooth: hci5: command tx timeout
[   95.593703][    C0] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 35636108718 wd_nsec: 35636109728
[  135.113887][   T54] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  135.115839][   T54] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  135.116271][   T54] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  135.116898][   T54] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  135.117749][   T54] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  135.161904][ T5220] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  135.162463][ T5220] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  135.162715][ T5220] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  135.163218][ T5220] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  135.163524][ T5220] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  135.199326][ T5220] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  135.199864][ T5220] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  135.200122][ T5220] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  135.201211][ T5220] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  135.201521][ T5220] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  137.166014][ T5220] Bluetooth: hci6: command tx timeout
[  137.245770][   T54] Bluetooth: hci7: command tx timeout
[  137.246125][ T5220] Bluetooth: hci8: command tx timeout
[  139.245827][ T5220] Bluetooth: hci6: command tx timeout
[  139.325975][   T54] Bluetooth: hci7: command tx timeout
[  139.326923][ T5220] Bluetooth: hci8: command tx timeout
[  141.335931][ T5220] Bluetooth: hci6: command tx timeout
[  141.405907][ T5220] Bluetooth: hci8: command tx timeout
[  141.405947][ T5220] Bluetooth: hci7: command tx timeout
[  142.719876][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  142.722154][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  143.405881][   T54] Bluetooth: hci6: command tx timeout
[  143.485979][   T54] Bluetooth: hci7: command tx timeout
[  143.486021][   T54] Bluetooth: hci8: command tx timeout
[  163.675654][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[  163.675666][    C0] rcu: 	0-....: (10500 ticks this GP) idle=57e4/1/0x4000000000000000 softirq=13689/15458 fqs=4747
[  163.675901][    C0] rcu: 	         hardirqs   softirqs   csw/system
[  163.675906][    C0] rcu: 	 number:   957182       2717            0
[  163.675912][    C0] rcu: 	cputime:    24173      28280          116   ==> 52480(ms)
[  163.675918][    C0] rcu: 	(t=10500 jiffies g=7129 q=3041 ncpus=2)
[  163.675926][    C0] CPU: 0 UID: 0 PID: 5929 Comm: syz.1.15 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  163.675935][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  163.675939][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110
[  163.675952][    C0] Code: 74 05 e8 cb 9e 56 f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 13 cd 1f f6 65 8b 05 bc f9 2e 07 85 c0 74 40 48 c7 04 24 0e 36
[  163.675957][    C0] RSP: 0018:ffffc90000007a60 EFLAGS: 00000206
[  163.675964][    C0] RAX: c42bcac3923bd200 RBX: 0000000000000a02 RCX: c42bcac3923bd200
[  163.675968][    C0] RDX: 0000000000000002 RSI: ffffffff8d99883e RDI: 0000000000000001
[  163.675972][    C0] RBP: ffffc90000007af0 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  163.675977][    C0] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  163.675981][    C0] R13: dffffc0000000000 R14: ffff88804b025940 R15: 1ffff92000000f4c
[  163.675985][    C0] FS:  00007f43dd7ba6c0(0000) GS:ffff8880b861f000(0000) knlGS:0000000000000000
[  163.675990][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  163.675995][    C0] CR2: 0000000000000000 CR3: 000000002898e000 CR4: 00000000000006f0
[  163.676021][    C0] Call Trace:
[  163.676025][    C0]  <IRQ>
[  163.676029][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  163.676038][    C0]  ? rcu_is_watching+0x15/0xb0
[  163.676050][    C0]  __mod_timer+0xb37/0xf30
[  163.676061][    C0]  ? __get_random_u32_below+0x3e/0x90
[  163.676072][    C0]  call_timer_fn+0x17e/0x5f0
[  163.676079][    C0]  ? __pfx_garp_join_timer+0x10/0x10
[  163.676088][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.676096][    C0]  ? call_timer_fn+0xbe/0x5f0
[  163.676102][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  163.676114][    C0]  ? __pfx_garp_join_timer+0x10/0x10
[  163.676124][    C0]  __run_timer_base+0x61a/0x860
[  163.676132][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  163.676148][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  163.676165][    C0]  run_timer_softirq+0xb7/0x180
[  163.676174][    C0]  handle_softirqs+0x286/0x870
[  163.676184][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  163.676193][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  163.676200][    C0]  ? irq_work_single+0x1ac/0x240
[  163.676208][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  163.676218][    C0]  __irq_exit_rcu+0xca/0x1f0
[  163.676225][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  163.676234][    C0]  ? rcu_is_watching+0x15/0xb0
[  163.676242][    C0]  irq_exit_rcu+0x9/0x30
[  163.676248][    C0]  sysvec_irq_work+0xa3/0xc0
[  163.676254][    C0]  </IRQ>
[  163.676256][    C0]  <TASK>
[  163.676259][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  163.676265][    C0] RIP: 0010:console_flush_all+0x7f7/0xc40
[  163.676274][    C0] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 8a 0a 82 00 48 8b 1b 48 8b 44 24
[  163.676279][    C0] RSP: 0018:ffffc900040ff840 EFLAGS: 00000287
[  163.676284][    C0] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  163.676289][    C0] RDX: ffffc900038c2000 RSI: 0000000000000a3b RDI: 0000000000000a3c
[  163.676293][    C0] RBP: ffffc900040ff990 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  163.676297][    C0] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  163.676301][    C0] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  163.676320][    C0]  ? console_flush_all+0x13a/0xc40
[  163.676331][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  163.676347][    C0]  console_unlock+0xc4/0x270
[  163.676356][    C0]  ? __pfx_console_unlock+0x10/0x10
[  163.676366][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  163.676376][    C0]  vprintk_emit+0x5b7/0x7a0
[  163.676385][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  163.676392][    C0]  ? rcu_is_watching+0x15/0xb0
[  163.676399][    C0]  ? trace_contention_end+0x39/0x120
[  163.676407][    C0]  ? __mutex_lock+0x330/0xe80
[  163.676418][    C0]  ? __lock_acquire+0xab9/0xd20
[  163.676427][    C0]  _printk+0xcf/0x120
[  163.676436][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  163.676446][    C0]  ? __pfx__printk+0x10/0x10
[  163.676456][    C0]  ? netdev_name_node_lookup+0xdf/0x120
[  163.676467][    C0]  wext_ioctl_dispatch+0x3cc/0x410
[  163.676473][    C0]  ? __pfx_ioctl_standard_call+0x10/0x10
[  163.676481][    C0]  wext_handle_ioctl+0x100/0x1c0
[  163.676488][    C0]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  163.676502][    C0]  sock_ioctl+0x15f/0x790
[  163.676511][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  163.676519][    C0]  ? __fget_files+0x2a/0x420
[  163.676527][    C0]  ? __fget_files+0x3a0/0x420
[  163.676534][    C0]  ? __fget_files+0x2a/0x420
[  163.676542][    C0]  ? bpf_lsm_file_ioctl+0x9/0x20
[  163.676552][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  163.676560][    C0]  __se_sys_ioctl+0xfc/0x170
[  163.676571][    C0]  do_syscall_64+0xfa/0x3b0
[  163.676581][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.676587][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  163.676595][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.676601][    C0] RIP: 0033:0x7f43dc98e9a9
[  163.676608][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.676612][    C0] RSP: 002b:00007f43dd7ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.676619][    C0] RAX: ffffffffffffffda RBX: 00007f43dcbb5fa0 RCX: 00007f43dc98e9a9
[  163.676623][    C0] RDX: 0000200000000040 RSI: 0000000000008b04 RDI: 0000000000000004
[  163.676627][    C0] RBP: 00007f43dca10d69 R08: 0000000000000000 R09: 0000000000000000
[  163.676630][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  163.676634][    C0] R13: 0000000000000000 R14: 00007f43dcbb5fa0 R15: 00007ffe025639b8
[  163.676645][    C0]  </TASK>
[  180.614904][ T5838] Bluetooth: hci0: command 0x0406 tx timeout
[  180.614935][ T5838] Bluetooth: hci1: command 0x0406 tx timeout
[  180.614952][ T5838] Bluetooth: hci2: command 0x0406 tx timeout
[  190.685651][    C0] sched: DL replenish lagged too much
[  193.896904][   T18] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 13520 jiffies s: 1085 root: 0x1/.
[  193.896933][   T18] rcu: blocking rcu_node structures (internal RCU debug):
[  193.896942][   T18] Sending NMI from CPU 1 to CPUs 0:
[  193.897008][    C0] NMI backtrace for cpu 0
[  193.897028][    C0] CPU: 0 UID: 0 PID: 5929 Comm: syz.1.15 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  193.897041][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  193.897048][    C0] RIP: 0010:native_apic_msr_write+0x39/0x50
[  193.897067][    C0] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 cc cc cc cc cc f3 0f 1e fa 89 f6 31 d2 e9 e2 db 86 03 66
[  193.897076][    C0] RSP: 0018:ffffc90000007898 EFLAGS: 00000046
[  193.897086][    C0] RAX: 00000000000000dd RBX: ffff88804b023900 RCX: 0000000000000838
[  193.897094][    C0] RDX: 0000000000000000 RSI: 00000000000000dd RDI: 0000000000000838
[  193.897101][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff81aec9fe
[  193.897108][    C0] R10: 0000000000000003 R11: ffffffff81702490 R12: 0000000010000a10
[  193.897115][    C0] R13: dffffc0000000000 R14: 00000000000000dd R15: 0000000000000020
[  193.897122][    C0] FS:  00007f43dd7ba6c0(0000) GS:ffff8880b861f000(0000) knlGS:0000000000000000
[  193.897131][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  193.897139][    C0] CR2: 0000000000000000 CR3: 000000002898e000 CR4: 00000000000006f0
[  193.897172][    C0] Call Trace:
[  193.897178][    C0]  <IRQ>
[  193.897183][    C0]  lapic_next_event+0x11/0x20
[  193.897196][    C0]  clockevents_program_event+0x1cf/0x360
[  193.897216][    C0]  hrtimer_interrupt+0x620/0xaa0
[  193.897238][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  193.897252][    C0]  sysvec_apic_timer_interrupt+0x52/0xc0
[  193.897266][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  193.897277][    C0] RIP: 0010:note_gp_changes+0x25f/0x300
[  193.897294][    C0] Code: 1f 00 48 c7 44 24 40 00 00 00 00 9c 8f 44 24 40 f6 44 24 41 02 75 4f 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 20 0e 36 e0 45 <4a> c7 04 2b 00 00 00 00 66 42 c7 44 2b 09 00 00 42 c6 44 2b 0b 00
[  193.897302][    C0] RSP: 0018:ffffc90000007b00 EFLAGS: 00000206
[  193.897311][    C0] RAX: c42bcac3923bd200 RBX: 1ffff92000000f64 RCX: c42bcac3923bd200
[  193.897319][    C0] RDX: 0000000000000002 RSI: ffffffff8d99883e RDI: ffffffff8be29f40
[  193.897326][    C0] RBP: ffffc90000007bd0 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  193.897333][    C0] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: ffff88804b03afd4
[  193.897379][    C0] R13: dffffc0000000000 R14: 0000000000000a02 R15: ffff88804b03afc0
[  193.897395][    C0]  ? trace_call_bpf+0xb7/0x850
[  193.897408][    C0]  ? __pfx_note_gp_changes+0x10/0x10
[  193.897423][    C0]  ? trace_call_bpf+0xb7/0x850
[  193.897438][    C0]  rcu_core+0x29d/0x1710
[  193.897448][    C0]  ? clockevents_program_event+0x24d/0x360
[  193.897464][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  193.897478][    C0]  ? irq_work_single+0x1ac/0x240
[  193.897491][    C0]  ? __pfx_rcu_core+0x10/0x10
[  193.897502][    C0]  ? __irq_exit_rcu+0xd8/0x1f0
[  193.897514][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  193.897528][    C0]  ? irqentry_exit+0x74/0x90
[  193.897542][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  193.897561][    C0]  handle_softirqs+0x286/0x870
[  193.897575][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  193.897589][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  193.897600][    C0]  ? irq_work_single+0x1ac/0x240
[  193.897611][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  193.897628][    C0]  __irq_exit_rcu+0xca/0x1f0
[  193.897639][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  193.897653][    C0]  ? rcu_is_watching+0x15/0xb0
[  193.897666][    C0]  irq_exit_rcu+0x9/0x30
[  193.897676][    C0]  sysvec_irq_work+0xa3/0xc0
[  193.897687][    C0]  </IRQ>
[  193.897691][    C0]  <TASK>
[  193.897696][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  193.897707][    C0] RIP: 0010:console_flush_all+0x7f7/0xc40
[  193.897721][    C0] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 8a 0a 82 00 48 8b 1b 48 8b 44 24
[  193.897730][    C0] RSP: 0018:ffffc900040ff840 EFLAGS: 00000287
[  193.897740][    C0] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  193.897748][    C0] RDX: ffffc900038c2000 RSI: 0000000000000a3b RDI: 0000000000000a3c
[  193.897755][    C0] RBP: ffffc900040ff990 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  193.897763][    C0] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  193.897770][    C0] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  193.897785][    C0]  ? console_flush_all+0x13a/0xc40
[  193.897802][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  193.897822][    C0]  console_unlock+0xc4/0x270
[  193.897836][    C0]  ? __pfx_console_unlock+0x10/0x10
[  193.897881][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  193.897904][    C0]  vprintk_emit+0x5b7/0x7a0
[  193.897918][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  193.897930][    C0]  ? rcu_is_watching+0x15/0xb0
[  193.897942][    C0]  ? trace_contention_end+0x39/0x120
[  193.897956][    C0]  ? __mutex_lock+0x330/0xe80
[  193.897972][    C0]  ? __lock_acquire+0xab9/0xd20
[  193.897985][    C0]  _printk+0xcf/0x120
[  193.897999][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  193.898015][    C0]  ? __pfx__printk+0x10/0x10
[  193.898030][    C0]  ? netdev_name_node_lookup+0xdf/0x120
[  193.898046][    C0]  wext_ioctl_dispatch+0x3cc/0x410
[  193.898057][    C0]  ? __pfx_ioctl_standard_call+0x10/0x10
[  193.898068][    C0]  wext_handle_ioctl+0x100/0x1c0
[  193.898079][    C0]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  193.898095][    C0]  sock_ioctl+0x15f/0x790
[  193.898110][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  193.898124][    C0]  ? __fget_files+0x2a/0x420
[  193.898136][    C0]  ? __fget_files+0x3a0/0x420
[  193.898147][    C0]  ? __fget_files+0x2a/0x420
[  193.898160][    C0]  ? bpf_lsm_file_ioctl+0x9/0x20
[  193.898176][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  193.898190][    C0]  __se_sys_ioctl+0xfc/0x170
[  193.898206][    C0]  do_syscall_64+0xfa/0x3b0
[  193.898221][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.898232][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  193.898245][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.898255][    C0] RIP: 0033:0x7f43dc98e9a9
[  193.898267][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.898275][    C0] RSP: 002b:00007f43dd7ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  193.898287][    C0] RAX: ffffffffffffffda RBX: 00007f43dcbb5fa0 RCX: 00007f43dc98e9a9
[  193.898295][    C0] RDX: 0000200000000040 RSI: 0000000000008b04 RDI: 0000000000000004
[  193.898303][    C0] RBP: 00007f43dca10d69 R08: 0000000000000000 R09: 0000000000000000
[  193.898309][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  193.898316][    C0] R13: 0000000000000000 R14: 00007f43dcbb5fa0 R15: 00007ffe025639b8
[  193.898330][    C0]  </TASK>
[  196.388838][ T5829] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  196.402025][ T5829] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  196.402786][ T5829] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  196.403970][ T5829] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  196.404706][ T5829] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  196.432027][ T5979] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  196.432747][ T5979] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  196.433142][ T5979] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  196.434030][ T5979] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  196.434991][ T5979] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  196.554068][ T5982] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  196.555081][ T5982] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  196.556399][ T5982] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  196.557497][ T5982] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  196.558095][ T5982] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  201.107032][ T5986] Bluetooth: hci3: command 0x0406 tx timeout
[  201.107078][ T5986] Bluetooth: hci4: command 0x0406 tx timeout
[  201.107107][ T5986] Bluetooth: hci5: command 0x0406 tx timeout
[  204.508361][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  204.509116][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  223.966538][   T34] INFO: task kworker/u10:0:27 blocked for more than 143 seconds.
[  223.966573][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.966583][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.966591][   T34] task:kworker/u10:0   state:D stack:24344 pid:27    tgid:27    ppid:2      task_flags:0x4208060 flags:0x00004000
[  223.966631][   T34] Workqueue: events_unbound fsnotify_mark_destroy_workfn
[  223.966655][   T34] Call Trace:
[  223.966662][   T34]  <TASK>
[  223.966673][   T34]  __schedule+0x16f5/0x4d00
[  223.966696][   T34]  ? trace_call_bpf+0xb7/0x850
[  223.966715][   T34]  ? __pfx___schedule+0x10/0x10
[  223.966731][   T34]  ? schedule+0x165/0x360
[  223.966748][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.966763][   T34]  ? __pfx___schedule+0x10/0x10
[  223.966791][   T34]  ? schedule+0x91/0x360
[  223.966809][   T34]  schedule+0x165/0x360
[  223.966827][   T34]  schedule_timeout+0x9a/0x270
[  223.966842][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  223.966865][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.966880][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.966897][   T34]  ? wait_for_completion+0x267/0x5d0
[  223.966915][   T34]  wait_for_completion+0x2bf/0x5d0
[  223.966941][   T34]  ? __pfx_wait_for_completion+0x10/0x10
[  223.966959][   T34]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  223.967015][   T34]  __synchronize_srcu+0x30e/0x3a0
[  223.967035][   T34]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  223.967052][   T34]  ? __pfx___synchronize_srcu+0x10/0x10
[  223.967066][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  223.967089][   T34]  ? ktime_get_mono_fast_ns+0x2af/0x2d0
[  223.967108][   T34]  ? synchronize_srcu+0x295/0x2c0
[  223.967124][   T34]  fsnotify_mark_destroy_workfn+0x101/0x2f0
[  223.967143][   T34]  ? __pfx_fsnotify_mark_destroy_workfn+0x10/0x10
[  223.967161][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.967176][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  223.967191][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  223.967208][   T34]  process_scheduled_works+0xae1/0x17b0
[  223.967247][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  223.967273][   T34]  worker_thread+0x8a0/0xda0
[  223.967295][   T34]  kthread+0x711/0x8a0
[  223.967308][   T34]  ? __pfx_worker_thread+0x10/0x10
[  223.967318][   T34]  ? __pfx_kthread+0x10/0x10
[  223.967330][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.967340][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.967351][   T34]  ? __pfx_kthread+0x10/0x10
[  223.967363][   T34]  ret_from_fork+0x3fc/0x770
[  223.967374][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  223.967386][   T34]  ? __switch_to_asm+0x39/0x70
[  223.967398][   T34]  ? __switch_to_asm+0x33/0x70
[  223.967408][   T34]  ? __pfx_kthread+0x10/0x10
[  223.967420][   T34]  ret_from_fork_asm+0x1a/0x30
[  223.967437][   T34]  </TASK>
[  223.967444][   T34] INFO: task rcu_tasks_trace:32 blocked for more than 143 seconds.
[  223.967453][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.967459][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.967464][   T34] task:rcu_tasks_trace state:D stack:27944 pid:32    tgid:32    ppid:2      task_flags:0x208040 flags:0x00004000
[  223.967489][   T34] Call Trace:
[  223.967494][   T34]  <TASK>
[  223.967500][   T34]  __schedule+0x16f5/0x4d00
[  223.967517][   T34]  ? do_raw_spin_lock+0x121/0x290
[  223.967530][   T34]  ? schedule+0x165/0x360
[  223.967540][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.967557][   T34]  ? __pfx___schedule+0x10/0x10
[  223.967575][   T34]  ? schedule+0x91/0x360
[  223.967586][   T34]  schedule+0x165/0x360
[  223.967598][   T34]  synchronize_rcu_expedited+0x583/0x730
[  223.967611][   T34]  ? __pfx_synchronize_rcu_expedited+0x10/0x10
[  223.967629][   T34]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  223.967640][   T34]  ? __pfx___might_resched+0x10/0x10
[  223.967655][   T34]  ? __pfx_autoremove_wake_function+0x10/0x10
[  223.967683][   T34]  synchronize_rcu+0x11a/0x310
[  223.967700][   T34]  ? __pfx_synchronize_rcu+0x10/0x10
[  223.967717][   T34]  ? __pfx_rcu_tasks_trace_pregp_step+0x10/0x10
[  223.967736][   T34]  ? rcu_is_watching+0x15/0xb0
[  223.967751][   T34]  ? trace_contention_end+0x39/0x120
[  223.967769][   T34]  ? __mutex_lock+0x330/0xe80
[  223.967792][   T34]  rcu_tasks_wait_gp+0x490/0xac0
[  223.967818][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  223.967835][   T34]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  223.967852][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.967870][   T34]  ? __pfx_rcu_tasks_wait_gp+0x10/0x10
[  223.967888][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  223.967911][   T34]  rcu_tasks_one_gp+0xc19/0xdf0
[  223.967941][   T34]  ? rcu_tasks_one_gp+0xe9/0xdf0
[  223.967968][   T34]  rcu_tasks_kthread+0x195/0x1c0
[  223.968022][   T34]  kthread+0x711/0x8a0
[  223.968044][   T34]  ? __pfx_rcu_tasks_kthread+0x10/0x10
[  223.968064][   T34]  ? __pfx_kthread+0x10/0x10
[  223.968086][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.968103][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.968121][   T34]  ? __pfx_kthread+0x10/0x10
[  223.968141][   T34]  ret_from_fork+0x3fc/0x770
[  223.968161][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  223.968181][   T34]  ? __switch_to_asm+0x39/0x70
[  223.968200][   T34]  ? __switch_to_asm+0x33/0x70
[  223.968217][   T34]  ? __pfx_kthread+0x10/0x10
[  223.968238][   T34]  ret_from_fork_asm+0x1a/0x30
[  223.968268][   T34]  </TASK>
[  223.968295][   T34] INFO: task kworker/u9:2:971 blocked for more than 143 seconds.
[  223.968308][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.968319][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.968327][   T34] task:kworker/u9:2    state:D stack:24648 pid:971   tgid:971   ppid:2      task_flags:0x4208060 flags:0x00004000
[  223.968373][   T34] Workqueue: events_unbound linkwatch_event
[  223.968395][   T34] Call Trace:
[  223.968403][   T34]  <TASK>
[  223.968415][   T34]  __schedule+0x16f5/0x4d00
[  223.968443][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.968460][   T34]  ? schedule+0x165/0x360
[  223.968482][   T34]  ? __pfx___schedule+0x10/0x10
[  223.968512][   T34]  ? schedule+0x91/0x360
[  223.968534][   T34]  schedule+0x165/0x360
[  223.968560][   T34]  schedule_preempt_disabled+0x13/0x30
[  223.968579][   T34]  __mutex_lock+0x724/0xe80
[  223.968599][   T34]  ? __mutex_lock+0x51b/0xe80
[  223.968624][   T34]  ? linkwatch_event+0xe/0x60
[  223.968644][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  223.968671][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.968688][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  223.968704][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  223.968723][   T34]  linkwatch_event+0xe/0x60
[  223.968740][   T34]  process_scheduled_works+0xae1/0x17b0
[  223.968765][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  223.968783][   T34]  worker_thread+0x8a0/0xda0
[  223.968806][   T34]  kthread+0x711/0x8a0
[  223.968819][   T34]  ? __pfx_worker_thread+0x10/0x10
[  223.968829][   T34]  ? __pfx_kthread+0x10/0x10
[  223.968841][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.968851][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.968861][   T34]  ? __pfx_kthread+0x10/0x10
[  223.968873][   T34]  ret_from_fork+0x3fc/0x770
[  223.968884][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  223.968896][   T34]  ? __switch_to_asm+0x39/0x70
[  223.968907][   T34]  ? __switch_to_asm+0x33/0x70
[  223.968917][   T34]  ? __pfx_kthread+0x10/0x10
[  223.968929][   T34]  ret_from_fork_asm+0x1a/0x30
[  223.968946][   T34]  </TASK>
[  223.969009][   T34] INFO: task kworker/u10:6:4977 blocked for more than 143 seconds.
[  223.969018][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.969024][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.969029][   T34] task:kworker/u10:6   state:D stack:23752 pid:4977  tgid:4977  ppid:2      task_flags:0x4208060 flags:0x00004000
[  223.969054][   T34] Workqueue: events_unbound fsnotify_connector_destroy_workfn
[  223.969067][   T34] Call Trace:
[  223.969072][   T34]  <TASK>
[  223.969078][   T34]  __schedule+0x16f5/0x4d00
[  223.969091][   T34]  ? trace_call_bpf+0xb7/0x850
[  223.969105][   T34]  ? perf_trace_lock+0xec/0x3b0
[  223.969114][   T34]  ? schedule+0x165/0x360
[  223.969126][   T34]  ? __pfx___schedule+0x10/0x10
[  223.969139][   T34]  ? schedule+0x91/0x360
[  223.969151][   T34]  ? schedule+0x91/0x360
[  223.969162][   T34]  schedule+0x165/0x360
[  223.969173][   T34]  schedule_timeout+0x9a/0x270
[  223.969183][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  223.969193][   T34]  ? wait_for_completion+0x2b7/0x5d0
[  223.969207][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.969217][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.969227][   T34]  ? wait_for_completion+0x267/0x5d0
[  223.969238][   T34]  wait_for_completion+0x2bf/0x5d0
[  223.969254][   T34]  ? __pfx_wait_for_completion+0x10/0x10
[  223.969263][   T34]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  223.969279][   T34]  __synchronize_srcu+0x30e/0x3a0
[  223.969289][   T34]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  223.969299][   T34]  ? __pfx___synchronize_srcu+0x10/0x10
[  223.969308][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  223.969323][   T34]  ? ktime_get_mono_fast_ns+0x2af/0x2d0
[  223.969336][   T34]  ? synchronize_srcu+0x295/0x2c0
[  223.969346][   T34]  fsnotify_connector_destroy_workfn+0x44/0xb0
[  223.969357][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  223.969367][   T34]  process_scheduled_works+0xae1/0x17b0
[  223.969388][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  223.969405][   T34]  worker_thread+0x8a0/0xda0
[  223.969416][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  223.969429][   T34]  ? __kthread_parkme+0x7b/0x200
[  223.969444][   T34]  kthread+0x711/0x8a0
[  223.969456][   T34]  ? __pfx_worker_thread+0x10/0x10
[  223.969466][   T34]  ? __pfx_kthread+0x10/0x10
[  223.969478][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.969488][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.969497][   T34]  ? __pfx_kthread+0x10/0x10
[  223.969509][   T34]  ret_from_fork+0x3fc/0x770
[  223.969520][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  223.969532][   T34]  ? __switch_to_asm+0x39/0x70
[  223.969542][   T34]  ? __switch_to_asm+0x33/0x70
[  223.969558][   T34]  ? __pfx_kthread+0x10/0x10
[  223.969570][   T34]  ret_from_fork_asm+0x1a/0x30
[  223.969587][   T34]  </TASK>
[  223.969601][   T34] INFO: task kworker/u8:3:5848 blocked for more than 143 seconds.
[  223.969608][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.969614][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.969618][   T34] task:kworker/u8:3    state:D stack:21880 pid:5848  tgid:5848  ppid:2      task_flags:0x4208060 flags:0x00004000
[  223.969641][   T34] Workqueue: ipv6_addrconf addrconf_dad_work
[  223.969656][   T34] Call Trace:
[  223.969660][   T34]  <TASK>
[  223.969666][   T34]  __schedule+0x16f5/0x4d00
[  223.969681][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.969692][   T34]  ? schedule+0x165/0x360
[  223.969704][   T34]  ? __pfx___schedule+0x10/0x10
[  223.969721][   T34]  ? schedule+0x91/0x360
[  223.969733][   T34]  schedule+0x165/0x360
[  223.969744][   T34]  schedule_preempt_disabled+0x13/0x30
[  223.969754][   T34]  __mutex_lock+0x724/0xe80
[  223.969766][   T34]  ? __mutex_lock+0x51b/0xe80
[  223.969779][   T34]  ? addrconf_dad_work+0x112/0x14b0
[  223.969792][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  223.969808][   T34]  ? do_raw_spin_lock+0x121/0x290
[  223.969818][   T34]  ? look_up_lock_class+0x74/0x170
[  223.969832][   T34]  addrconf_dad_work+0x112/0x14b0
[  223.969844][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.969856][   T34]  ? __pfx_addrconf_dad_work+0x10/0x10
[  223.969868][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  223.969881][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.969890][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  223.969900][   T34]  ? process_scheduled_works+0x9ef/0x17b0
[  223.969910][   T34]  process_scheduled_works+0xae1/0x17b0
[  223.969931][   T34]  ? __pfx_process_scheduled_works+0x10/0x10
[  223.969948][   T34]  worker_thread+0x8a0/0xda0
[  223.969959][   T34]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  223.969972][   T34]  ? __kthread_parkme+0x7b/0x200
[  223.970014][   T34]  kthread+0x711/0x8a0
[  223.970028][   T34]  ? __pfx_worker_thread+0x10/0x10
[  223.970038][   T34]  ? __pfx_kthread+0x10/0x10
[  223.970050][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.970060][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.970069][   T34]  ? __pfx_kthread+0x10/0x10
[  223.970081][   T34]  ret_from_fork+0x3fc/0x770
[  223.970091][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  223.970103][   T34]  ? __switch_to_asm+0x39/0x70
[  223.970113][   T34]  ? __switch_to_asm+0x33/0x70
[  223.970123][   T34]  ? __pfx_kthread+0x10/0x10
[  223.970135][   T34]  ret_from_fork_asm+0x1a/0x30
[  223.970152][   T34]  </TASK>
[  223.970162][   T34] INFO: task syz.1.15:5926 blocked for more than 143 seconds.
[  223.970168][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.970174][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.970180][   T34] task:syz.1.15        state:D stack:26920 pid:5926  tgid:5926  ppid:5826   task_flags:0x400040 flags:0x00004004
[  223.970203][   T34] Call Trace:
[  223.970207][   T34]  <TASK>
[  223.970214][   T34]  __schedule+0x16f5/0x4d00
[  223.970229][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.970239][   T34]  ? schedule+0x165/0x360
[  223.970251][   T34]  ? __pfx___schedule+0x10/0x10
[  223.970268][   T34]  ? schedule+0x91/0x360
[  223.970279][   T34]  schedule+0x165/0x360
[  223.970290][   T34]  schedule_preempt_disabled+0x13/0x30
[  223.970300][   T34]  __mutex_lock+0x724/0xe80
[  223.970312][   T34]  ? __mutex_lock+0x51b/0xe80
[  223.970325][   T34]  ? perf_trace_destroy+0x2e/0x150
[  223.970336][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  223.970350][   T34]  ? security_perf_event_free+0x40/0x70
[  223.970362][   T34]  ? rcu_is_watching+0x15/0xb0
[  223.970374][   T34]  ? rcu_is_watching+0x15/0xb0
[  223.970384][   T34]  ? __pfx_tp_perf_event_destroy+0x10/0x10
[  223.970395][   T34]  perf_trace_destroy+0x2e/0x150
[  223.970406][   T34]  ? __pfx_tp_perf_event_destroy+0x10/0x10
[  223.970415][   T34]  __free_event+0x316/0x7b0
[  223.970426][   T34]  ? __pfx_perf_release+0x10/0x10
[  223.970438][   T34]  perf_event_release_kernel+0x45b/0x510
[  223.970449][   T34]  ? __pfx_perf_release+0x10/0x10
[  223.970460][   T34]  perf_release+0x38/0x50
[  223.970471][   T34]  __fput+0x44c/0xa70
[  223.970492][   T34]  task_work_run+0x1d4/0x260
[  223.970513][   T34]  ? __pfx_task_work_run+0x10/0x10
[  223.970528][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  223.970539][   T34]  exit_to_user_mode_loop+0xec/0x110
[  223.970553][   T34]  do_syscall_64+0x2bd/0x3b0
[  223.970565][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.970576][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.970585][   T34]  ? exc_page_fault+0x9f/0xf0
[  223.970596][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.970605][   T34] RIP: 0033:0x7f43dc98e9a9
[  223.970614][   T34] RSP: 002b:00007ffe02563b18 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  223.970625][   T34] RAX: 0000000000000000 RBX: 00007f43dcbb7ba0 RCX: 00007f43dc98e9a9
[  223.970632][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  223.970639][   T34] RBP: 00007f43dcbb7ba0 R08: 00000000000001d0 R09: 0000001a02563e0f
[  223.970645][   T34] R10: 00007f43dcbb7ac0 R11: 0000000000000246 R12: 000000000000e753
[  223.970652][   T34] R13: 00007ffe02563c10 R14: ffffffffffffffff R15: 00007ffe02563c30
[  223.970666][   T34]  </TASK>
[  223.970671][   T34] INFO: task syz.2.19:5932 blocked for more than 143 seconds.
[  223.970677][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.970683][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.970687][   T34] task:syz.2.19        state:D stack:26920 pid:5932  tgid:5932  ppid:5833   task_flags:0x400040 flags:0x00004004
[  223.970710][   T34] Call Trace:
[  223.970714][   T34]  <TASK>
[  223.970720][   T34]  __schedule+0x16f5/0x4d00
[  223.970733][   T34]  ? trace_call_bpf+0xb7/0x850
[  223.970745][   T34]  ? perf_trace_run_bpf_submit+0xf9/0x170
[  223.970756][   T34]  ? schedule+0x165/0x360
[  223.970767][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.970776][   T34]  ? __pfx___schedule+0x10/0x10
[  223.970793][   T34]  ? schedule+0x91/0x360
[  223.970806][   T34]  schedule+0x165/0x360
[  223.970818][   T34]  schedule_timeout+0x9a/0x270
[  223.970827][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  223.970842][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.970851][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.970863][   T34]  __wait_for_common+0x3da/0x710
[  223.970881][   T34]  ? __pfx_schedule_timeout+0x10/0x10
[  223.970890][   T34]  ? __pfx___wait_for_common+0x10/0x10
[  223.970903][   T34]  ? __raw_spin_lock_init+0x45/0x100
[  223.970915][   T34]  ? __init_swait_queue_head+0xa9/0x150
[  223.970927][   T34]  wait_for_completion_state+0x1c/0x40
[  223.970938][   T34]  __wait_rcu_gp+0x24c/0x280
[  223.970951][   T34]  synchronize_rcu_tasks_generic+0x132/0x220
[  223.970963][   T34]  ? __pfx_synchronize_rcu_tasks_generic+0x10/0x10
[  223.970998][   T34]  ? rcu_read_lock_any_held+0xb3/0x120
[  223.971010][   T34]  ? __pfx_call_rcu_tasks_trace+0x10/0x10
[  223.971022][   T34]  ? __pfx_wakeme_after_rcu+0x10/0x10
[  223.971042][   T34]  perf_trace_event_unreg+0xbe/0x1b0
[  223.971053][   T34]  perf_trace_destroy+0xa4/0x150
[  223.971063][   T34]  ? __pfx_tp_perf_event_destroy+0x10/0x10
[  223.971073][   T34]  __free_event+0x316/0x7b0
[  223.971083][   T34]  ? __pfx_perf_release+0x10/0x10
[  223.971094][   T34]  perf_event_release_kernel+0x45b/0x510
[  223.971104][   T34]  ? __pfx_perf_release+0x10/0x10
[  223.971122][   T34]  perf_release+0x38/0x50
[  223.971139][   T34]  __fput+0x44c/0xa70
[  223.971163][   T34]  task_work_run+0x1d4/0x260
[  223.971184][   T34]  ? __pfx_task_work_run+0x10/0x10
[  223.971198][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  223.971209][   T34]  exit_to_user_mode_loop+0xec/0x110
[  223.971218][   T34]  do_syscall_64+0x2bd/0x3b0
[  223.971230][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.971239][   T34]  ? asm_sysvec_call_function_single+0x1a/0x20
[  223.971250][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.971258][   T34] RIP: 0033:0x7faf2cf8e9a9
[  223.971266][   T34] RSP: 002b:00007ffd7c3e5668 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  223.971277][   T34] RAX: 0000000000000000 RBX: 000000000000e490 RCX: 00007faf2cf8e9a9
[  223.971284][   T34] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  223.971290][   T34] RBP: 00007faf2d1b7ba0 R08: 0000000000000001 R09: 000000107c3e595f
[  223.971297][   T34] R10: 00007faf2ce00000 R11: 0000000000000246 R12: 00007faf2d1b5fac
[  223.971303][   T34] R13: 00007faf2d1b5fa0 R14: ffffffffffffffff R15: 00007ffd7c3e5780
[  223.971317][   T34]  </TASK>
[  223.971322][   T34] INFO: task syz.0.18:5935 blocked for more than 143 seconds.
[  223.971329][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.971334][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.971339][   T34] task:syz.0.18        state:D stack:28328 pid:5935  tgid:5934  ppid:5831   task_flags:0x400140 flags:0x00004004
[  223.971362][   T34] Call Trace:
[  223.971366][   T34]  <TASK>
[  223.971372][   T34]  __schedule+0x16f5/0x4d00
[  223.971392][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.971412][   T34]  ? schedule+0x165/0x360
[  223.971426][   T34]  ? __pfx___schedule+0x10/0x10
[  223.971442][   T34]  ? schedule+0x91/0x360
[  223.971454][   T34]  schedule+0x165/0x360
[  223.971465][   T34]  schedule_preempt_disabled+0x13/0x30
[  223.971475][   T34]  __mutex_lock+0x724/0xe80
[  223.971486][   T34]  ? __mutex_lock+0x51b/0xe80
[  223.971500][   T34]  ? perf_trace_init+0x50/0x2d0
[  223.971510][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  223.971524][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.971536][   T34]  perf_trace_init+0x50/0x2d0
[  223.971545][   T34]  ? perf_tp_event_init+0x7c/0x120
[  223.971564][   T34]  perf_tp_event_init+0x8d/0x120
[  223.971575][   T34]  perf_try_init_event+0x17f/0x870
[  223.971586][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  223.971598][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  223.971609][   T34]  perf_event_alloc+0x1357/0x2bb0
[  223.971619][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.971628][   T34]  ? perf_event_alloc+0xf6b/0x2bb0
[  223.971646][   T34]  ? __pfx_perf_event_alloc+0x10/0x10
[  223.971660][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  223.971671][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  223.971681][   T34]  ? find_lively_task_by_vpid+0x19/0x290
[  223.971693][   T34]  __se_sys_perf_event_open+0x772/0x1d70
[  223.971710][   T34]  ? __pfx___se_sys_perf_event_open+0x10/0x10
[  223.971727][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  223.971740][   T34]  ? rcu_is_watching+0x15/0xb0
[  223.971752][   T34]  ? do_syscall_64+0xbe/0x3b0
[  223.971762][   T34]  ? __x64_sys_perf_event_open+0x20/0xc0
[  223.971774][   T34]  do_syscall_64+0xfa/0x3b0
[  223.971785][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.971795][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.971806][   T34]  ? exc_page_fault+0x9f/0xf0
[  223.971817][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.971826][   T34] RIP: 0033:0x7f846cb8e9a9
[  223.971833][   T34] RSP: 002b:00007f846dab3038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  223.971844][   T34] RAX: ffffffffffffffda RBX: 00007f846cdb5fa0 RCX: 00007f846cb8e9a9
[  223.971851][   T34] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  223.971857][   T34] RBP: 00007f846cc10d69 R08: 0000000000000000 R09: 0000000000000000
[  223.971864][   T34] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  223.971870][   T34] R13: 0000000000000000 R14: 00007f846cdb5fa0 R15: 00007ffee406aaa8
[  223.971884][   T34]  </TASK>
[  223.971888][   T34] INFO: task syz-executor:5941 blocked for more than 143 seconds.
[  223.971895][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.971901][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.971905][   T34] task:syz-executor    state:D stack:26920 pid:5941  tgid:5941  ppid:1      task_flags:0x400140 flags:0x00004004
[  223.971932][   T34] Call Trace:
[  223.971939][   T34]  <TASK>
[  223.971948][   T34]  __schedule+0x16f5/0x4d00
[  223.971998][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.972018][   T34]  ? schedule+0x165/0x360
[  223.972036][   T34]  ? __pfx___schedule+0x10/0x10
[  223.972053][   T34]  ? schedule+0x91/0x360
[  223.972065][   T34]  schedule+0x165/0x360
[  223.972076][   T34]  schedule_preempt_disabled+0x13/0x30
[  223.972086][   T34]  __mutex_lock+0x724/0xe80
[  223.972098][   T34]  ? __mutex_lock+0x51b/0xe80
[  223.972111][   T34]  ? inet_rtm_newaddr+0x3b0/0x18b0
[  223.972124][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  223.972140][   T34]  ? __nla_parse+0x40/0x60
[  223.972155][   T34]  inet_rtm_newaddr+0x3b0/0x18b0
[  223.972170][   T34]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  223.972188][   T34]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  223.972198][   T34]  rtnetlink_rcv_msg+0x7cf/0xb70
[  223.972213][   T34]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  223.972225][   T34]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  223.972244][   T34]  netlink_rcv_skb+0x208/0x470
[  223.972255][   T34]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  223.972268][   T34]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  223.972282][   T34]  ? netlink_deliver_tap+0x2e/0x1b0
[  223.972291][   T34]  ? netlink_deliver_tap+0x2e/0x1b0
[  223.972303][   T34]  netlink_unicast+0x75c/0x8e0
[  223.972320][   T34]  netlink_sendmsg+0x805/0xb30
[  223.972333][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.972344][   T34]  ? aa_sock_msg_perm+0x94/0x160
[  223.972356][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  223.972367][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.972377][   T34]  __sock_sendmsg+0x21c/0x270
[  223.972391][   T34]  __sys_sendto+0x3bd/0x520
[  223.972402][   T34]  ? __pfx___sys_sendto+0x10/0x10
[  223.972421][   T34]  ? do_syscall_64+0xb7/0x3b0
[  223.972432][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  223.972446][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  223.972461][   T34]  __x64_sys_sendto+0xde/0x100
[  223.972471][   T34]  do_syscall_64+0xfa/0x3b0
[  223.972482][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.972493][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.972501][   T34]  ? exc_page_fault+0x9f/0xf0
[  223.972513][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.972521][   T34] RIP: 0033:0x7f2cfcd9083c
[  223.972529][   T34] RSP: 002b:00007fff97a0ec00 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  223.972540][   T34] RAX: ffffffffffffffda RBX: 00007f2cfdae4620 RCX: 00007f2cfcd9083c
[  223.972547][   T34] RDX: 0000000000000028 RSI: 00007f2cfdae4670 RDI: 0000000000000003
[  223.972559][   T34] RBP: 0000000000000000 R08: 00007fff97a0ec54 R09: 000000000000000c
[  223.972565][   T34] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  223.972571][   T34] R13: 0000000000000000 R14: 00007f2cfdae4670 R15: 0000000000000000
[  223.972584][   T34]  </TASK>
[  223.972589][   T34] INFO: task syz-executor:5945 blocked for more than 143 seconds.
[  223.972596][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.972601][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.972606][   T34] task:syz-executor    state:D stack:26920 pid:5945  tgid:5945  ppid:1      task_flags:0x400140 flags:0x00004004
[  223.972630][   T34] Call Trace:
[  223.972634][   T34]  <TASK>
[  223.972640][   T34]  __schedule+0x16f5/0x4d00
[  223.972655][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.972665][   T34]  ? schedule+0x165/0x360
[  223.972677][   T34]  ? __pfx___schedule+0x10/0x10
[  223.972694][   T34]  ? schedule+0x91/0x360
[  223.972705][   T34]  schedule+0x165/0x360
[  223.972717][   T34]  schedule_preempt_disabled+0x13/0x30
[  223.972727][   T34]  __mutex_lock+0x724/0xe80
[  223.972738][   T34]  ? __mutex_lock+0x51b/0xe80
[  223.972752][   T34]  ? inet_rtm_newaddr+0x3b0/0x18b0
[  223.972763][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  223.972779][   T34]  ? __nla_parse+0x40/0x60
[  223.972793][   T34]  inet_rtm_newaddr+0x3b0/0x18b0
[  223.972809][   T34]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  223.972826][   T34]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  223.972836][   T34]  rtnetlink_rcv_msg+0x7cf/0xb70
[  223.972850][   T34]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  223.972862][   T34]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  223.972881][   T34]  netlink_rcv_skb+0x208/0x470
[  223.972891][   T34]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  223.972903][   T34]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  223.972918][   T34]  ? netlink_deliver_tap+0x2e/0x1b0
[  223.972926][   T34]  ? netlink_deliver_tap+0x2e/0x1b0
[  223.972938][   T34]  netlink_unicast+0x75c/0x8e0
[  223.972954][   T34]  netlink_sendmsg+0x805/0xb30
[  223.972967][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.973006][   T34]  ? aa_sock_msg_perm+0x94/0x160
[  223.973020][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  223.973030][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.973040][   T34]  __sock_sendmsg+0x21c/0x270
[  223.973053][   T34]  __sys_sendto+0x3bd/0x520
[  223.973063][   T34]  ? __pfx___sys_sendto+0x10/0x10
[  223.973082][   T34]  ? do_syscall_64+0xb7/0x3b0
[  223.973094][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  223.973106][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  223.973121][   T34]  __x64_sys_sendto+0xde/0x100
[  223.973132][   T34]  do_syscall_64+0xfa/0x3b0
[  223.973142][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.973153][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.973161][   T34]  ? exc_page_fault+0x9f/0xf0
[  223.973173][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.973181][   T34] RIP: 0033:0x7f76ab19083c
[  223.973189][   T34] RSP: 002b:00007fffe9018770 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  223.973200][   T34] RAX: ffffffffffffffda RBX: 00007f76abee4620 RCX: 00007f76ab19083c
[  223.973207][   T34] RDX: 0000000000000028 RSI: 00007f76abee4670 RDI: 0000000000000003
[  223.973213][   T34] RBP: 0000000000000000 R08: 00007fffe90187c4 R09: 000000000000000c
[  223.973219][   T34] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  223.973225][   T34] R13: 0000000000000000 R14: 00007f76abee4670 R15: 0000000000000000
[  223.973238][   T34]  </TASK>
[  223.973243][   T34] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  223.973248][   T34] INFO: task syz-executor:5947 blocked for more than 143 seconds.
[  223.973255][   T34]       Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0
[  223.973260][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  223.973265][   T34] task:syz-executor    state:D stack:26920 pid:5947  tgid:5947  ppid:1      task_flags:0x400140 flags:0x00004004
[  223.973288][   T34] Call Trace:
[  223.973292][   T34]  <TASK>
[  223.973299][   T34]  __schedule+0x16f5/0x4d00
[  223.973314][   T34]  ? __lock_acquire+0xab9/0xd20
[  223.973324][   T34]  ? schedule+0x165/0x360
[  223.973336][   T34]  ? __pfx___schedule+0x10/0x10
[  223.973352][   T34]  ? schedule+0x91/0x360
[  223.973364][   T34]  schedule+0x165/0x360
[  223.973375][   T34]  schedule_preempt_disabled+0x13/0x30
[  223.973385][   T34]  __mutex_lock+0x724/0xe80
[  223.973396][   T34]  ? __mutex_lock+0x51b/0xe80
[  223.973410][   T34]  ? inet_rtm_newaddr+0x3b0/0x18b0
[  223.973421][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  223.973437][   T34]  ? __nla_parse+0x40/0x60
[  223.973451][   T34]  inet_rtm_newaddr+0x3b0/0x18b0
[  223.973465][   T34]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  223.973483][   T34]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  223.973493][   T34]  rtnetlink_rcv_msg+0x7cf/0xb70
[  223.973507][   T34]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  223.973519][   T34]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  223.973537][   T34]  netlink_rcv_skb+0x208/0x470
[  223.973547][   T34]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  223.973564][   T34]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  223.973579][   T34]  ? netlink_deliver_tap+0x2e/0x1b0
[  223.973588][   T34]  ? netlink_deliver_tap+0x2e/0x1b0
[  223.973599][   T34]  netlink_unicast+0x75c/0x8e0
[  223.973615][   T34]  netlink_sendmsg+0x805/0xb30
[  223.973629][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.973639][   T34]  ? aa_sock_msg_perm+0x94/0x160
[  223.973651][   T34]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  223.973661][   T34]  ? __pfx_netlink_sendmsg+0x10/0x10
[  223.973671][   T34]  __sock_sendmsg+0x21c/0x270
[  223.973684][   T34]  __sys_sendto+0x3bd/0x520
[  223.973694][   T34]  ? __pfx___sys_sendto+0x10/0x10
[  223.973713][   T34]  ? do_syscall_64+0xb7/0x3b0
[  223.973725][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  223.973737][   T34]  ? __pfx_perf_trace_preemptirq_template+0x10/0x10
[  223.973752][   T34]  __x64_sys_sendto+0xde/0x100
[  223.973763][   T34]  do_syscall_64+0xfa/0x3b0
[  223.973774][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.973784][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.973793][   T34]  ? exc_page_fault+0x9f/0xf0
[  223.973806][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.973814][   T34] RIP: 0033:0x7faa71f9083c
[  223.973822][   T34] RSP: 002b:00007ffd37647e60 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  223.973832][   T34] RAX: ffffffffffffffda RBX: 00007faa72ce4620 RCX: 00007faa71f9083c
[  223.973839][   T34] RDX: 0000000000000028 RSI: 00007faa72ce4670 RDI: 0000000000000003
[  223.973846][   T34] RBP: 0000000000000000 R08: 00007ffd37647eb4 R09: 000000000000000c
[  223.973852][   T34] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  223.973858][   T34] R13: 0000000000000000 R14: 00007faa72ce4670 R15: 0000000000000000
[  223.973871][   T34]  </TASK>
[  223.973875][   T34] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  223.973886][   T34] 
[  223.973886][   T34] Showing all locks held in the system:
[  223.973894][   T34] 3 locks held by kworker/1:0/24:
[  223.973901][   T34]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.973931][   T34]  #1: ffffc900001c7bc0 ((work_completion)(&fw_work->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.973960][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: regdb_fw_cb+0x7d/0x1c0
[  223.974017][   T34] 2 locks held by kworker/u10:0/27:
[  223.974023][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.974052][   T34]  #1: ffffc9000060fbc0 ((reaper_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.974081][   T34] 2 locks held by rcu_tasks_trace/32:
[  223.974087][   T34]  #0: ffffffff8e13fe10 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{4:4}, at: rcu_tasks_one_gp+0xaf9/0xdf0
[  223.974118][   T34]  #1: ffffffff8e144bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  223.974148][   T34] 1 lock held by khungtaskd/34:
[  223.974154][   T34]  #0: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  223.974185][   T34] 6 locks held by kworker/u11:0/54:
[  223.974191][   T34]  #0: ffff888021e20148 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.974220][   T34]  #1: ffffc900007cfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.974249][   T34]  #2: ffff8880253f0dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  223.974279][   T34]  #3: ffff8880253f00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  223.974310][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  223.974338][   T34]  #5: ffff88810fc2ab38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  223.974373][   T34] 3 locks held by kworker/0:2/790:
[  223.974381][   T34] 3 locks held by kworker/u9:2/971:
[  223.974387][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.974415][   T34]  #1: ffffc90006ea7bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.974444][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  223.974487][   T34] 2 locks held by kworker/u10:6/4977:
[  223.974493][   T34]  #0: ffff88801a489148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.974521][   T34]  #1: ffffc900034bfbc0 (connector_reaper_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.974554][   T34] 5 locks held by kworker/u11:1/5220:
[  223.974560][   T34]  #0: ffff888101287148 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.974588][   T34]  #1: ffffc90002a3fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.974617][   T34]  #2: ffff888029d74dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  223.974645][   T34]  #3: ffff888029d740b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  223.974676][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  223.974704][   T34] 2 locks held by getty/5658:
[  223.974710][   T34]  #0: ffff888109fe30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  223.974738][   T34]  #1: ffffc900029032f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  223.974768][   T34] 5 locks held by kworker/u11:2/5829:
[  223.974774][   T34]  #0: ffff888030bf8948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.974803][   T34]  #1: ffffc9000316fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.974832][   T34]  #2: ffff8881242e0dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  223.974860][   T34]  #3: ffff8881242e00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  223.974891][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  223.974919][   T34] 5 locks held by kworker/u11:3/5835:
[  223.974925][   T34]  #0: ffff888107e09148 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.974953][   T34]  #1: ffffc900031bfbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.975008][   T34]  #2: ffff88802aa50dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  223.975037][   T34]  #3: ffff88802aa500b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  223.975068][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  223.975095][   T34] 5 locks held by kworker/u11:4/5838:
[  223.975101][   T34]  #0: ffff888113314948 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.975130][   T34]  #1: ffffc900031efbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.975158][   T34]  #2: ffff88810fe78dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  223.975186][   T34]  #3: ffff88810fe780b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  223.975216][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  223.975245][   T34] 3 locks held by kworker/u8:3/5848:
[  223.975251][   T34]  #0: ffff888107e0b148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.975279][   T34]  #1: ffffc9000324fbc0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.975307][   T34]  #2: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x112/0x14b0
[  223.975340][   T34] 1 lock held by syz.1.15/5926:
[  223.975346][   T34]  #0: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_destroy+0x2e/0x150
[  223.975374][   T34] 3 locks held by syz.1.15/5929:
[  223.975380][   T34] 1 lock held by syz.2.19/5932:
[  223.975385][   T34]  #0: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_destroy+0x2e/0x150
[  223.975413][   T34] 3 locks held by syz.0.18/5935:
[  223.975418][   T34]  #0: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: class_srcu_constructor+0x2c/0x60
[  223.975448][   T34]  #1: ffffffff99b075d0 (&pmus_srcu){.+.+}-{0:0}, at: perf_event_alloc+0xf6b/0x2bb0
[  223.975477][   T34]  #2: ffffffff8e1a2ca8 (event_mutex){+.+.}-{4:4}, at: perf_trace_init+0x50/0x2d0
[  223.975504][   T34] 1 lock held by syz-executor/5941:
[  223.975510][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.975539][   T34] 1 lock held by syz-executor/5945:
[  223.975545][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.975578][   T34] 1 lock held by syz-executor/5947:
[  223.975584][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.980116][   T34] 2 locks held by dhcpcd/5950:
[  223.980129][   T34]  #0: ffff888121926258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  223.980184][   T34]  #1: ffffffff8e144bf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  223.980239][   T34] 1 lock held by dhcpcd/5951:
[  223.980249][   T34]  #0: ffff88812d882258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  223.980302][   T34] 1 lock held by dhcpcd/5952:
[  223.980312][   T34]  #0: ffff8880313cc258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  223.980365][   T34] 1 lock held by dhcpcd/5953:
[  223.980375][   T34]  #0: ffff88811e5ea258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  223.980425][   T34] 1 lock held by dhcpcd/5954:
[  223.980434][   T34]  #0: ffff88811e1ce258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  223.980480][   T34] 1 lock held by dhcpcd/5955:
[  223.980486][   T34]  #0: ffff888111dc0258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  223.980515][   T34] 1 lock held by syz-executor/5959:
[  223.980521][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.980556][   T34] 1 lock held by syz-executor/5963:
[  223.980562][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.980592][   T34] 1 lock held by syz-executor/5966:
[  223.980597][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.980626][   T34] 4 locks held by kworker/u11:5/5969:
[  223.980631][   T34]  #0: ffff88811e132948 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.980664][   T34]  #1: ffffc900047afbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.980692][   T34]  #2: ffff8880642800b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  223.980722][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  223.980753][   T34] 1 lock held by syz-executor/5973:
[  223.980758][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.980786][   T34] 1 lock held by syz-executor/5976:
[  223.980792][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.980822][   T34] 4 locks held by kworker/u11:6/5979:
[  223.980828][   T34]  #0: ffff88811e131148 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.980859][   T34]  #1: ffffc900047ffbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.980886][   T34]  #2: ffff8880642840b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  223.980915][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  223.980944][   T34] 1 lock held by syz-executor/5981:
[  223.980949][   T34]  #0: ffffffff8f51cdc8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  223.981009][   T34] 4 locks held by kworker/u11:7/5982:
[  223.981017][   T34]  #0: ffff888121ac1148 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.981049][   T34]  #1: ffffc9000481fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.981077][   T34]  #2: ffff888064dd80b8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  223.981105][   T34]  #3: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  223.981135][   T34] 5 locks held by kworker/u11:8/5984:
[  223.981140][   T34]  #0: ffff88803032c948 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  223.981168][   T34]  #1: ffffc9000482fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  223.981196][   T34]  #2: ffff888108b84dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  223.981225][   T34]  #3: ffff888108b840b8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x1eb/0xdf0
[  223.981255][   T34]  #4: ffffffff8f684f48 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  223.983560][   T34] 
[  223.983566][   T34] =============================================
[  223.983566][   T34] 
[  223.983572][   T34] NMI backtrace for cpu 1
[  223.983578][   T34] CPU: 1 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  223.983587][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  223.983591][   T34] Call Trace:
[  223.983594][   T34]  <TASK>
[  223.983597][   T34]  dump_stack_lvl+0x189/0x250
[  223.983609][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.983617][   T34]  ? __pfx__printk+0x10/0x10
[  223.983631][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  223.983641][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  223.983647][   T34]  ? _printk+0xcf/0x120
[  223.983657][   T34]  ? __pfx__printk+0x10/0x10
[  223.983667][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  223.983675][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  223.983684][   T34]  watchdog+0xfee/0x1030
[  223.983692][   T34]  ? watchdog+0x1de/0x1030
[  223.983701][   T34]  kthread+0x711/0x8a0
[  223.983712][   T34]  ? __pfx_watchdog+0x10/0x10
[  223.983718][   T34]  ? __pfx_kthread+0x10/0x10
[  223.983728][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.983736][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.983744][   T34]  ? __pfx_kthread+0x10/0x10
[  223.983753][   T34]  ret_from_fork+0x3fc/0x770
[  223.983762][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  223.983771][   T34]  ? __switch_to_asm+0x39/0x70
[  223.983779][   T34]  ? __switch_to_asm+0x33/0x70
[  223.983787][   T34]  ? __pfx_kthread+0x10/0x10
[  223.983796][   T34]  ret_from_fork_asm+0x1a/0x30
[  223.983811][   T34]  </TASK>
[  223.983815][   T34] Sending NMI from CPU 1 to CPUs 0:
[  223.983861][    C0] NMI backtrace for cpu 0
[  223.983873][    C0] CPU: 0 UID: 0 PID: 5929 Comm: syz.1.15 Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  223.983882][    C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  223.983886][    C0] RIP: 0010:error_entry+0x1/0x140
[  223.983897][    C0] Code: 0f 22 de eb 0a f3 48 0f ae db e9 a6 fd ff ff 85 db 0f 85 9e fd ff ff 0f 01 f8 e9 96 fd ff ff 90 90 90 90 90 90 90 90 90 90 56 <48> 8b 74 24 08 48 89 7c 24 08 52 51 50 41 50 41 51 41 52 41 53 53
[  223.983902][    C0] RSP: 0018:ffffc900000079c0 EFLAGS: 00000046
[  223.983909][    C0] RAX: 1ffff11006238115 RBX: ffff8880311c08a8 RCX: 0000000000000100
[  223.983913][    C0] RDX: ffff888109dc1cc0 RSI: 0000000000000000 RDI: 0000000000000005
[  223.983917][    C0] RBP: ffffc90000007c10 R08: 0000000000000000 R09: ffffffff8aeac01a
[  223.983922][    C0] R10: 0000000000000002 R11: 0000000000000100 R12: dffffc0000000000
[  223.983925][    C0] R13: ffff888022efaf00 R14: ffff8880311c0e80 R15: ffffffff8aeac01a
[  223.983930][    C0] FS:  00007f43dd7ba6c0(0000) GS:ffff8880b861f000(0000) knlGS:0000000000000000
[  223.983935][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  223.983939][    C0] CR2: 0000000000000000 CR3: 000000002898e000 CR4: 00000000000006f0
[  223.983965][    C0] Call Trace:
[  223.983970][    C0]  <IRQ>
[  223.984003][    C0]  asm_sysvec_apic_timer_interrupt+0xf/0x20
[  223.984012][    C0] RIP: 0010:ieee80211_rx_list+0x168/0x2d80
[  223.984020][    C0] Code: 03 42 80 3c 20 00 74 08 4c 89 f7 e8 22 b9 38 f7 49 8b 06 48 8d 1c d8 48 81 c3 a8 01 00 00 48 89 d8 48 c1 e8 03 42 80 3c 20 00 <74> 08 48 89 df e8 fe b8 38 f7 48 8b 1b 48 85 db 48 8b 44 24 08 0f
[  223.984025][    C0] RSP: 0018:ffffc90000007a00 EFLAGS: 00000246
[  223.984032][    C0]  ? irq_work_single+0x1ac/0x240
[  223.984040][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  223.984050][    C0]  ? __pfx_ieee80211_rx_list+0x10/0x10
[  223.984058][    C0]  ? __lock_acquire+0xab9/0xd20
[  223.984065][    C0]  ? ieee80211_rx_napi+0xca/0x3d0
[  223.984073][    C0]  ? ieee80211_rx_napi+0xca/0x3d0
[  223.984082][    C0]  ? ieee80211_rx_napi+0xca/0x3d0
[  223.984089][    C0]  ieee80211_rx_napi+0x1a8/0x3d0
[  223.984097][    C0]  ? __pfx_ieee80211_rx_napi+0x10/0x10
[  223.984106][    C0]  ? skb_dequeue+0x10e/0x150
[  223.984115][    C0]  ieee80211_handle_queued_frames+0xe8/0x1f0
[  223.984124][    C0]  tasklet_action_common+0x36c/0x580
[  223.984133][    C0]  ? __pfx_tasklet_action_common+0x10/0x10
[  223.984142][    C0]  ? workqueue_softirq_action+0xd4/0x150
[  223.984151][    C0]  handle_softirqs+0x286/0x870
[  223.984159][    C0]  ? __irq_exit_rcu+0xca/0x1f0
[  223.984166][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  223.984173][    C0]  ? irq_work_single+0x1ac/0x240
[  223.984179][    C0]  ? irqtime_account_irq+0xb6/0x1c0
[  223.984188][    C0]  __irq_exit_rcu+0xca/0x1f0
[  223.984194][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  223.984202][    C0]  ? rcu_is_watching+0x15/0xb0
[  223.984209][    C0]  irq_exit_rcu+0x9/0x30
[  223.984215][    C0]  sysvec_irq_work+0xa3/0xc0
[  223.984222][    C0]  </IRQ>
[  223.984224][    C0]  <TASK>
[  223.984226][    C0]  asm_sysvec_irq_work+0x1a/0x20
[  223.984232][    C0] RIP: 0010:console_flush_all+0x7f7/0xc40
[  223.984241][    C0] Code: 48 21 c3 0f 85 e9 01 00 00 e8 75 e7 1e 00 48 8b 5c 24 20 4d 85 f6 75 07 e8 66 e7 1e 00 eb 06 e8 5f e7 1e 00 fb 48 8b 44 24 28 <42> 80 3c 20 00 74 08 48 89 df e8 8a 0a 82 00 48 8b 1b 48 8b 44 24
[  223.984246][    C0] RSP: 0018:ffffc900040ff840 EFLAGS: 00000287
[  223.984251][    C0] RAX: 1ffffffff1d36927 RBX: ffffffff8e9b4938 RCX: 0000000000080000
[  223.984255][    C0] RDX: ffffc900038c2000 RSI: 0000000000000a3b RDI: 0000000000000a3c
[  223.984259][    C0] RBP: ffffc900040ff990 R08: ffffffff8fa1e8f7 R09: 1ffffffff1f43d1e
[  223.984264][    C0] R10: dffffc0000000000 R11: fffffbfff1f43d1f R12: dffffc0000000000
[  223.984268][    C0] R13: 0000000000000001 R14: 0000000000000200 R15: ffffffff8e9b48e0
[  223.984276][    C0]  ? console_flush_all+0x13a/0xc40
[  223.984285][    C0]  ? __pfx_console_flush_all+0x10/0x10
[  223.984296][    C0]  console_unlock+0xc4/0x270
[  223.984303][    C0]  ? __pfx_console_unlock+0x10/0x10
[  223.984311][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  223.984320][    C0]  vprintk_emit+0x5b7/0x7a0
[  223.984328][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  223.984335][    C0]  ? rcu_is_watching+0x15/0xb0
[  223.984341][    C0]  ? trace_contention_end+0x39/0x120
[  223.984349][    C0]  ? __mutex_lock+0x330/0xe80
[  223.984358][    C0]  ? __lock_acquire+0xab9/0xd20
[  223.984365][    C0]  _printk+0xcf/0x120
[  223.984373][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  223.984381][    C0]  ? __pfx__printk+0x10/0x10
[  223.984389][    C0]  ? netdev_name_node_lookup+0xdf/0x120
[  223.984398][    C0]  wext_ioctl_dispatch+0x3cc/0x410
[  223.984404][    C0]  ? __pfx_ioctl_standard_call+0x10/0x10
[  223.984410][    C0]  wext_handle_ioctl+0x100/0x1c0
[  223.984416][    C0]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  223.984425][    C0]  sock_ioctl+0x15f/0x790
[  223.984434][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  223.984441][    C0]  ? __fget_files+0x2a/0x420
[  223.984448][    C0]  ? __fget_files+0x3a0/0x420
[  223.984455][    C0]  ? __fget_files+0x2a/0x420
[  223.984462][    C0]  ? bpf_lsm_file_ioctl+0x9/0x20
[  223.984471][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  223.984478][    C0]  __se_sys_ioctl+0xfc/0x170
[  223.984488][    C0]  do_syscall_64+0xfa/0x3b0
[  223.984496][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.984502][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  223.984509][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.984515][    C0] RIP: 0033:0x7f43dc98e9a9
[  223.984521][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.984526][    C0] RSP: 002b:00007f43dd7ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  223.984532][    C0] RAX: ffffffffffffffda RBX: 00007f43dcbb5fa0 RCX: 00007f43dc98e9a9
[  223.984537][    C0] RDX: 0000200000000040 RSI: 0000000000008b04 RDI: 0000000000000004
[  223.984541][    C0] RBP: 00007f43dca10d69 R08: 0000000000000000 R09: 0000000000000000
[  223.984544][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  223.984548][    C0] R13: 0000000000000000 R14: 00007f43dcbb5fa0 R15: 00007ffe025639b8
[  223.984559][    C0]  </TASK>
[  223.984850][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  223.984858][   T34] CPU: 1 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller-00411-g95993dc3039e-dirty #0 PREEMPT(full) 
[  223.984867][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  223.984871][   T34] Call Trace:
[  223.984874][   T34]  <TASK>
[  223.984877][   T34]  dump_stack_lvl+0x99/0x250
[  223.984887][   T34]  ? __asan_memcpy+0x40/0x70
[  223.984897][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.984905][   T34]  ? __pfx__printk+0x10/0x10
[  223.984918][   T34]  panic+0x2db/0x790
[  223.984928][   T34]  ? __pfx_panic+0x10/0x10
[  223.984936][   T34]  ? nmi_backtrace_stall_check+0x433/0x440
[  223.984946][   T34]  ? irq_work_queue+0xc3/0x140
[  223.984957][   T34]  watchdog+0x102d/0x1030
[  223.984965][   T34]  ? watchdog+0x1de/0x1030
[  223.984997][   T34]  kthread+0x711/0x8a0
[  223.985017][   T34]  ? __pfx_watchdog+0x10/0x10
[  223.985024][   T34]  ? __pfx_kthread+0x10/0x10
[  223.985034][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  223.985042][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.985050][   T34]  ? __pfx_kthread+0x10/0x10
[  223.985060][   T34]  ret_from_fork+0x3fc/0x770
[  223.985068][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  223.985081][   T34]  ? __switch_to_asm+0x39/0x70
[  223.985095][   T34]  ? __switch_to_asm+0x33/0x70
[  223.985108][   T34]  ? __pfx_kthread+0x10/0x10
[  223.985119][   T34]  ret_from_fork_asm+0x1a/0x30
[  223.985133][   T34]  </TASK>
[  223.985853][   T34] Kernel Offset: disabled

VM DIAGNOSIS:
05:53:19  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff81680ea6 RBX=0000000000000000 RCX=ffff888109dc1cc0 RDX=0000000000010100
RSI=0000000000000008 RDI=ffffffff92a52460 RBP=ffffc900000078b8 RSP=ffffc90000007820
R8 =ffffffff92a52467 R9 =1ffffffff254a48c R10=dffffc0000000000 R11=fffffbfff254a48d
R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff81680ea7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f43dd7ba6c0 ffffffff 00c00000
GS =0000 ffff8880b861f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000000000000 CR3=000000002898e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f43dcb86478 00007f43dcb86450 XMM03=00007f43dcb86488 00007f43dcb86480
XMM04=00007f43dd6ed100 00007f43dcb86440 XMM05=00007f43dcb86458 00007f43dcb864a0
XMM06=00007f43dcb86498 00007f43dcb86490 XMM07=00007f43dcb86488 00007f43dcb86480
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007f43dca11ec1
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000030 RBX=0000000000000030 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc9000068f7b0
R8 =ffff888108cc8237 R9 =1ffff11021199046 R10=dffffc0000000000 R11=ffffffff85472aa0
R12=dffffc0000000000 R13=ffffffff99af58d5 R14=ffffffff99dfa1e0 R15=0000000000000000
RIP=ffffffff85472b1c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1f000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fca542a05e4 CR3=000000011006c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=00000000000000ff ff00000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
