program:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x20, 0x12506, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0xffffffff}, 0x7402, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_clone(0x126400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x20000000000001c0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0xfffffffffffffd7f)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = gettid()
syz_open_procfs$namespace(r3, &(0x7f0000000680)='ns/cgroup\x00')
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
recvmsg(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000100000000000000000000007112"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1f}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x4, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

[   73.946551][ T5298] Bluetooth: hci0: command tx timeout
[   74.668618][ T5319] ------------[ cut here ]------------
[   74.671162][ T5319] WARNING: CPU: 0 PID: 5319 at kernel/events/core.c:7211 perf_pending_task+0x319/0x400
[   74.675409][ T5319] Modules linked in:
[   74.682715][ T5319] CPU: 0 UID: 0 PID: 5319 Comm: syz.0.0 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[   74.687706][ T5319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.692124][ T5319] RIP: 0010:perf_pending_task+0x319/0x400
[   74.694861][ T5319] Code: 85 8f 00 00 00 41 fe 4d 00 eb 05 e8 21 4f cd ff 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8e 84 76 09 cc e8 08 4f cd ff 90 <0f> 0b 90 41 80 3c 1c 00 0f 85 02 ff ff ff e9 05 ff ff ff 44 89 e1
[   74.702903][ T5319] RSP: 0018:ffffc9000d34f9d0 EFLAGS: 00010293
[   74.705345][ T5319] RAX: ffffffff81f2fe18 RBX: dffffc0000000000 RCX: ffff8880338cc880
[   74.708944][ T5319] RDX: 0000000000000000 RSI: 0000000074982edc RDI: 0000000000000000
[   74.712417][ T5319] RBP: 0000000074982edc R08: ffffffff8fa10bf7 R09: 1ffffffff1f4217e
[   74.715340][ T5319] R10: dffffc0000000000 R11: ffffffff81f2fb00 R12: 1ffff110035f810f
[   74.718844][ T5319] R13: ffff8880338cc880 R14: ffff88801afc0ad8 R15: ffff88801afc0878
[   74.722270][ T5319] FS:  0000000000000000(0000) GS:ffff88808d251000(0000) knlGS:0000000000000000
[   74.726195][ T5319] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   74.729026][ T5319] CR2: 00007f852d1d49a0 CR3: 0000000051aef000 CR4: 0000000000352ef0
[   74.732414][ T5319] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   74.736013][ T5319] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   74.739519][ T5319] Call Trace:
[   74.741062][ T5319]  <TASK>
[   74.742415][ T5319]  task_work_run+0x1d1/0x260
[   74.744539][ T5319]  ? __pfx_task_work_run+0x10/0x10
[   74.746950][ T5319]  do_exit+0x6b5/0x22e0
[   74.748759][ T5319]  ? __pfx_do_exit+0x10/0x10
[   74.750804][ T5319]  ? proc_coredump_connector+0x172/0x4b0
[   74.753278][ T5319]  ? __pfx_proc_coredump_connector+0x10/0x10
[   74.755992][ T5319]  do_group_exit+0x21c/0x2d0
[   74.758095][ T5319]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.760623][ T5319]  get_signal+0x1286/0x1340
[   74.762662][ T5319]  arch_do_signal_or_restart+0x9a/0x750
[   74.765310][ T5319]  ? __rseq_handle_notify_resume+0x37e/0x11f0
[   74.767834][ T5319]  ? perf_pending_task+0x2da/0x400
[   74.769965][ T5319]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   74.772434][ T5319]  ? exit_to_user_mode_loop+0x40/0x110
[   74.774607][ T5319]  exit_to_user_mode_loop+0x75/0x110
[   74.776887][ T5319]  do_syscall_64+0x2bd/0x3b0
[   74.778627][ T5319]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.780731][ T5319]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.783316][ T5319]  ? clear_bhb_loop+0x60/0xb0
[   74.785446][ T5319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.788265][ T5319] RIP: 0033:0x7f8530d8e929
[   74.790221][ T5319] Code: Unable to access opcode bytes at 0x7f8530d8e8ff.
[   74.793142][ T5319] RSP: 002b:00007f852d1f50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   74.797096][ T5319] RAX: 0000000000000001 RBX: 00007f8530fb5fa8 RCX: 00007f8530d8e929
[   74.800636][ T5319] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8530fb5fac
[   74.804459][ T5319] RBP: 00007f8530fb5fa0 R08: 7fffffffffffffff R09: 0000000000000000
[   74.808371][ T5319] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f8530fb5fac
[   74.811798][ T5319] R13: 0000000000000000 R14: 00007ffc92124a70 R15: 00007ffc92124b58
[   74.815300][ T5319]  </TASK>
[   74.816903][ T5319] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   74.820398][ T5319] CPU: 0 UID: 0 PID: 5319 Comm: syz.0.0 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) 
[   74.825417][ T5319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   74.829981][ T5319] Call Trace:
[   74.831470][ T5319]  <TASK>
[   74.832881][ T5319]  dump_stack_lvl+0x99/0x250
[   74.834901][ T5319]  ? __asan_memcpy+0x40/0x70
[   74.836955][ T5319]  ? __pfx_dump_stack_lvl+0x10/0x10
[   74.839428][ T5319]  ? __pfx__printk+0x10/0x10
[   74.841547][ T5319]  panic+0x2db/0x790
[   74.843263][ T5319]  ? __pfx_panic+0x10/0x10
[   74.845409][ T5319]  __warn+0x31b/0x4b0
[   74.847201][ T5319]  ? perf_pending_task+0x319/0x400
[   74.849485][ T5319]  ? perf_pending_task+0x319/0x400
[   74.851934][ T5319]  report_bug+0x2be/0x4f0
[   74.853987][ T5319]  ? perf_pending_task+0x319/0x400
[   74.856397][ T5319]  ? perf_pending_task+0x319/0x400
[   74.858746][ T5319]  ? perf_pending_task+0x31b/0x400
[   74.861070][ T5319]  handle_bug+0x84/0x160
[   74.862982][ T5319]  exc_invalid_op+0x1a/0x50
[   74.865095][ T5319]  asm_exc_invalid_op+0x1a/0x20
[   74.867225][ T5319] RIP: 0010:perf_pending_task+0x319/0x400
[   74.869842][ T5319] Code: 85 8f 00 00 00 41 fe 4d 00 eb 05 e8 21 4f cd ff 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8e 84 76 09 cc e8 08 4f cd ff 90 <0f> 0b 90 41 80 3c 1c 00 0f 85 02 ff ff ff e9 05 ff ff ff 44 89 e1
[   74.878152][ T5319] RSP: 0018:ffffc9000d34f9d0 EFLAGS: 00010293
[   74.880818][ T5319] RAX: ffffffff81f2fe18 RBX: dffffc0000000000 RCX: ffff8880338cc880
[   74.884145][ T5319] RDX: 0000000000000000 RSI: 0000000074982edc RDI: 0000000000000000
[   74.887519][ T5319] RBP: 0000000074982edc R08: ffffffff8fa10bf7 R09: 1ffffffff1f4217e
[   74.891023][ T5319] R10: dffffc0000000000 R11: ffffffff81f2fb00 R12: 1ffff110035f810f
[   74.894879][ T5319] R13: ffff8880338cc880 R14: ffff88801afc0ad8 R15: ffff88801afc0878
[   74.898677][ T5319]  ? __pfx_perf_pending_task+0x10/0x10
[   74.901034][ T5319]  ? perf_pending_task+0x318/0x400
[   74.903289][ T5319]  task_work_run+0x1d1/0x260
[   74.905528][ T5319]  ? __pfx_task_work_run+0x10/0x10
[   74.907840][ T5319]  do_exit+0x6b5/0x22e0
[   74.909693][ T5319]  ? __pfx_do_exit+0x10/0x10
[   74.911710][ T5319]  ? proc_coredump_connector+0x172/0x4b0
[   74.913970][ T5319]  ? __pfx_proc_coredump_connector+0x10/0x10
[   74.916687][ T5319]  do_group_exit+0x21c/0x2d0
[   74.918757][ T5319]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.921040][ T5319]  get_signal+0x1286/0x1340
[   74.923235][ T5319]  arch_do_signal_or_restart+0x9a/0x750
[   74.926259][ T5319]  ? __rseq_handle_notify_resume+0x37e/0x11f0
[   74.929515][ T5319]  ? perf_pending_task+0x2da/0x400
[   74.931904][ T5319]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   74.934661][ T5319]  ? exit_to_user_mode_loop+0x40/0x110
[   74.937163][ T5319]  exit_to_user_mode_loop+0x75/0x110
[   74.939562][ T5319]  do_syscall_64+0x2bd/0x3b0
[   74.941571][ T5319]  ? lockdep_hardirqs_on+0x9c/0x150
[   74.943653][ T5319]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.946019][ T5319]  ? clear_bhb_loop+0x60/0xb0
[   74.947945][ T5319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.950506][ T5319] RIP: 0033:0x7f8530d8e929
[   74.952346][ T5319] Code: Unable to access opcode bytes at 0x7f8530d8e8ff.
[   74.955101][ T5319] RSP: 002b:00007f852d1f50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   74.958611][ T5319] RAX: 0000000000000001 RBX: 00007f8530fb5fa8 RCX: 00007f8530d8e929
[   74.962209][ T5319] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8530fb5fac
[   74.965633][ T5319] RBP: 00007f8530fb5fa0 R08: 7fffffffffffffff R09: 0000000000000000
[   74.968931][ T5319] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f8530fb5fac
[   74.972279][ T5319] R13: 0000000000000000 R14: 00007ffc92124a70 R15: 00007ffc92124b58
[   74.975709][ T5319]  </TASK>
[   74.977428][ T5319] Kernel Offset: disabled
[   74.979304][ T5319] Rebooting in 86400 seconds..