program: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x7602, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bond0\x00'}) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x6402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000010c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='&'], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20) sendmsg$inet(r3, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)}, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89fc, &(0x7f0000000080)) syz_clone(0xae12e400, 0x0, 0x0, 0x0, 0x0, 0x0) [ 85.415730][ T4667] Bluetooth: hci0: command tx timeout [ 86.637961][ T10] cfg80211: failed to load regulatory.db [ 87.072428][ C0] hrtimer: interrupt took 76155 ns [ 87.424497][ T4667] Bluetooth: hci0: command tx timeout [ 87.955751][ T5325] ------------[ cut here ]------------ [ 87.958195][ T5325] WARNING: CPU: 0 PID: 5325 at kernel/events/core.c:7211 perf_pending_task+0x319/0x400 [ 87.962317][ T5325] Modules linked in: [ 87.964199][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 87.969215][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.973953][ T5325] RIP: 0010:perf_pending_task+0x319/0x400 [ 87.976582][ T5325] Code: 85 8f 00 00 00 41 fe 4d 00 eb 05 e8 21 4f cd ff 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8e 84 76 09 cc e8 08 4f cd ff 90 <0f> 0b 90 41 80 3c 1c 00 0f 85 02 ff ff ff e9 05 ff ff ff 44 89 e1 [ 87.984968][ T5325] RSP: 0018:ffffc9000d42f9d0 EFLAGS: 00010293 [ 87.987962][ T5325] RAX: ffffffff81f2fe18 RBX: dffffc0000000000 RCX: ffff8880354e8000 [ 87.991497][ T5325] RDX: 0000000000000000 RSI: 00000000749a7dcf RDI: 0000000000000000 [ 87.994999][ T5325] RBP: 00000000749a7dcf R08: ffffc9000d42f987 R09: 0000000000000000 [ 87.998435][ T5325] R10: ffffc9000d42f940 R11: ffffffff81f2fb00 R12: 1ffff110035f590f [ 88.001881][ T5325] R13: ffff8880354e8000 R14: ffff88801afacad8 R15: ffff88801afac878 [ 88.005478][ T5325] FS: 0000000000000000(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000 [ 88.009393][ T5325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.012475][ T5325] CR2: 00007f3aaa53a9a0 CR3: 0000000051e3e000 CR4: 0000000000352ef0 [ 88.016048][ T5325] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.019935][ T5325] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.023852][ T5325] Call Trace: [ 88.025424][ T5325] [ 88.026742][ T5325] task_work_run+0x1d1/0x260 [ 88.028785][ T5325] ? __pfx_task_work_run+0x10/0x10 [ 88.031117][ T5325] do_exit+0x6b5/0x22e0 [ 88.032992][ T5325] ? __pfx_do_exit+0x10/0x10 [ 88.035461][ T5325] ? proc_coredump_connector+0x172/0x4b0 [ 88.038021][ T5325] ? __pfx_proc_coredump_connector+0x10/0x10 [ 88.040699][ T5325] do_group_exit+0x21c/0x2d0 [ 88.042936][ T5325] get_signal+0x1286/0x1340 [ 88.045060][ T5325] arch_do_signal_or_restart+0x9a/0x750 [ 88.047700][ T5325] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 88.050369][ T5325] ? perf_pending_task+0x2da/0x400 [ 88.052605][ T5325] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 88.055336][ T5325] ? exit_to_user_mode_loop+0x40/0x110 [ 88.057721][ T5325] exit_to_user_mode_loop+0x75/0x110 [ 88.060080][ T5325] do_syscall_64+0x2bd/0x3b0 [ 88.062177][ T5325] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.064572][ T5325] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.067254][ T5325] ? clear_bhb_loop+0x60/0xb0 [ 88.069342][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.071884][ T5325] RIP: 0033:0x7f3aa978e929 [ 88.073925][ T5325] Code: Unable to access opcode bytes at 0x7f3aa978e8ff. [ 88.076921][ T5325] RSP: 002b:00007f3aaa55b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 88.080503][ T5325] RAX: 0000000000000009 RBX: 00007f3aa99b5fa0 RCX: 00007f3aa978e929 [ 88.084000][ T5325] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005 [ 88.087411][ T5325] RBP: 00007f3aa9810b39 R08: 0000000000000000 R09: 0000000000000000 [ 88.090800][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.094388][ T5325] R13: 0000000000000000 R14: 00007f3aa99b5fa0 R15: 00007ffe6a839bd8 [ 88.097885][ T5325] [ 88.099292][ T5325] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 88.102465][ T5325] CPU: 0 UID: 0 PID: 5325 Comm: syz.0.0 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 88.107468][ T5325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.112542][ T5325] Call Trace: [ 88.114377][ T5325] [ 88.116016][ T5325] dump_stack_lvl+0x99/0x250 [ 88.118229][ T5325] ? __asan_memcpy+0x40/0x70 [ 88.120446][ T5325] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.122856][ T5325] ? __pfx__printk+0x10/0x10 [ 88.124928][ T5325] panic+0x2db/0x790 [ 88.126748][ T5325] ? __pfx_panic+0x10/0x10 [ 88.128680][ T5325] __warn+0x31b/0x4b0 [ 88.130442][ T5325] ? perf_pending_task+0x319/0x400 [ 88.132780][ T5325] ? perf_pending_task+0x319/0x400 [ 88.135064][ T5325] report_bug+0x2be/0x4f0 [ 88.136961][ T5325] ? perf_pending_task+0x319/0x400 [ 88.139245][ T5325] ? perf_pending_task+0x319/0x400 [ 88.141603][ T5325] ? perf_pending_task+0x31b/0x400 [ 88.143938][ T5325] handle_bug+0x84/0x160 [ 88.145853][ T5325] exc_invalid_op+0x1a/0x50 [ 88.147932][ T5325] asm_exc_invalid_op+0x1a/0x20 [ 88.150123][ T5325] RIP: 0010:perf_pending_task+0x319/0x400 [ 88.152613][ T5325] Code: 85 8f 00 00 00 41 fe 4d 00 eb 05 e8 21 4f cd ff 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8e 84 76 09 cc e8 08 4f cd ff 90 <0f> 0b 90 41 80 3c 1c 00 0f 85 02 ff ff ff e9 05 ff ff ff 44 89 e1 [ 88.160912][ T5325] RSP: 0018:ffffc9000d42f9d0 EFLAGS: 00010293 [ 88.163534][ T5325] RAX: ffffffff81f2fe18 RBX: dffffc0000000000 RCX: ffff8880354e8000 [ 88.166985][ T5325] RDX: 0000000000000000 RSI: 00000000749a7dcf RDI: 0000000000000000 [ 88.170393][ T5325] RBP: 00000000749a7dcf R08: ffffc9000d42f987 R09: 0000000000000000 [ 88.173931][ T5325] R10: ffffc9000d42f940 R11: ffffffff81f2fb00 R12: 1ffff110035f590f [ 88.177332][ T5325] R13: ffff8880354e8000 R14: ffff88801afacad8 R15: ffff88801afac878 [ 88.180773][ T5325] ? __pfx_perf_pending_task+0x10/0x10 [ 88.183203][ T5325] ? perf_pending_task+0x318/0x400 [ 88.185474][ T5325] task_work_run+0x1d1/0x260 [ 88.187490][ T5325] ? __pfx_task_work_run+0x10/0x10 [ 88.189770][ T5325] do_exit+0x6b5/0x22e0 [ 88.191751][ T5325] ? __pfx_do_exit+0x10/0x10 [ 88.193845][ T5325] ? proc_coredump_connector+0x172/0x4b0 [ 88.197142][ T5325] ? __pfx_proc_coredump_connector+0x10/0x10 [ 88.199812][ T5325] do_group_exit+0x21c/0x2d0 [ 88.201882][ T5325] get_signal+0x1286/0x1340 [ 88.203869][ T5325] arch_do_signal_or_restart+0x9a/0x750 [ 88.206298][ T5325] ? __rseq_handle_notify_resume+0x37e/0x11f0 [ 88.208917][ T5325] ? perf_pending_task+0x2da/0x400 [ 88.211209][ T5325] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 88.213958][ T5325] ? exit_to_user_mode_loop+0x40/0x110 [ 88.216192][ T5325] exit_to_user_mode_loop+0x75/0x110 [ 88.218416][ T5325] do_syscall_64+0x2bd/0x3b0 [ 88.220508][ T5325] ? lockdep_hardirqs_on+0x9c/0x150 [ 88.222840][ T5325] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.225491][ T5325] ? clear_bhb_loop+0x60/0xb0 [ 88.227474][ T5325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.229934][ T5325] RIP: 0033:0x7f3aa978e929 [ 88.231862][ T5325] Code: Unable to access opcode bytes at 0x7f3aa978e8ff. [ 88.234804][ T5325] RSP: 002b:00007f3aaa55b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 88.238305][ T5325] RAX: 0000000000000009 RBX: 00007f3aa99b5fa0 RCX: 00007f3aa978e929 [ 88.241322][ T5325] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005 [ 88.244704][ T5325] RBP: 00007f3aa9810b39 R08: 0000000000000000 R09: 0000000000000000 [ 88.248094][ T5325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.251389][ T5325] R13: 0000000000000000 R14: 00007f3aa99b5fa0 R15: 00007ffe6a839bd8 [ 88.254970][ T5325] [ 88.256846][ T5325] Kernel Offset: disabled [ 88.258661][ T5325] Rebooting in 86400 seconds..