program:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8020, 0x90024, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x6}, 0x8224, 0x2, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2101, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x115c04}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x22, 0x2, 0x21)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x30004081)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac004000202080002000300010004000300eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
close(0x3)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB='2'], 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$kcm(0x10, 0x400000002, 0x0)
r7 = openat$cgroup(r5, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r7, &(0x7f0000000080)='cpuacct.usage_percpu\x00', 0x0, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="9343000043"], 0xfe33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r5}, 0x10)

[   74.304638][ T5320] Bluetooth: hci0: command tx timeout
[   75.416699][    C0] hrtimer: interrupt took 64671 ns
[   76.274557][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[   76.278861][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[   76.340283][ T5320] Bluetooth: hci0: command tx timeout
[   77.374952][ T5341] ------------[ cut here ]------------
[   77.378568][ T5341] WARNING: CPU: 0 PID: 5341 at kernel/events/core.c:7211 perf_pending_task+0x319/0x400
[   77.382710][ T5341] Modules linked in:
[   77.385264][ T5341] CPU: 0 UID: 0 PID: 5341 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) 
[   77.390428][ T5341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.394882][ T5341] RIP: 0010:perf_pending_task+0x319/0x400
[   77.397911][ T5341] Code: 85 8f 00 00 00 41 fe 4d 00 eb 05 e8 71 4e cd ff 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8e 3a 7f 09 cc e8 58 4e cd ff 90 <0f> 0b 90 41 80 3c 1c 00 0f 85 02 ff ff ff e9 05 ff ff ff 44 89 e1
[   77.406356][ T5341] RSP: 0018:ffffc9000d5bf9d0 EFLAGS: 00010293
[   77.409486][ T5341] RAX: ffffffff81f2e818 RBX: dffffc0000000000 RCX: ffff88800068c880
[   77.413119][ T5341] RDX: 0000000000000000 RSI: 00000000748e29e6 RDI: 0000000000000000
[   77.416617][ T5341] RBP: 00000000748e29e6 R08: ffffc9000d5bf987 R09: 0000000000000000
[   77.420916][ T5341] R10: ffffc9000d5bf940 R11: ffffffff81f2e500 R12: 1ffff110035f490f
[   77.424713][ T5341] R13: ffff88800068c880 R14: ffff88801afa4ad8 R15: ffff88801afa4878
[   77.428603][ T5341] FS:  0000000000000000(0000) GS:ffff88808d21b000(0000) knlGS:0000000000000000
[   77.432418][ T5341] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   77.435272][ T5341] CR2: 00007f12895189a0 CR3: 0000000052299000 CR4: 0000000000352ef0
[   77.438876][ T5341] Call Trace:
[   77.440396][ T5341]  <TASK>
[   77.441738][ T5341]  task_work_run+0x1d1/0x260
[   77.444154][ T5341]  ? __pfx_task_work_run+0x10/0x10
[   77.447294][ T5341]  do_exit+0x6b5/0x22e0
[   77.449267][ T5341]  ? __pfx_do_exit+0x10/0x10
[   77.451322][ T5341]  ? proc_coredump_connector+0x172/0x4b0
[   77.453661][ T5341]  ? __pfx_proc_coredump_connector+0x10/0x10
[   77.456030][ T5341]  do_group_exit+0x21c/0x2d0
[   77.458422][ T5341]  get_signal+0x1286/0x1340
[   77.460407][ T5341]  arch_do_signal_or_restart+0x9a/0x750
[   77.463118][ T5341]  ? __rseq_handle_notify_resume+0x37e/0x11f0
[   77.466422][ T5341]  ? perf_pending_task+0x2da/0x400
[   77.469194][ T5341]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   77.471969][ T5341]  ? exit_to_user_mode_loop+0x40/0x110
[   77.474419][ T5341]  exit_to_user_mode_loop+0x75/0x110
[   77.476801][ T5341]  do_syscall_64+0x2bd/0x3b0
[   77.478974][ T5341]  ? lockdep_hardirqs_on+0x9c/0x150
[   77.481272][ T5341]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.484252][ T5341]  ? clear_bhb_loop+0x60/0xb0
[   77.486603][ T5341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.489359][ T5341] RIP: 0033:0x7f128878e929
[   77.491031][ T5341] Code: Unable to access opcode bytes at 0x7f128878e8ff.
[   77.493566][ T5341] RSP: 002b:00007f1289539038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   77.497376][ T5341] RAX: 0000000000000004 RBX: 00007f12889b5fa0 RCX: 00007f128878e929
[   77.500838][ T5341] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000240
[   77.504619][ T5341] RBP: 00007f1288810b39 R08: 0000000000000000 R09: 0000000000000000
[   77.508233][ T5341] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[   77.512166][ T5341] R13: 0000000000000000 R14: 00007f12889b5fa0 R15: 00007ffe8439e6e8
[   77.516098][ T5341]  </TASK>
[   77.517664][ T5341] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   77.521020][ T5341] CPU: 0 UID: 0 PID: 5341 Comm: syz.0.0 Not tainted 6.16.0-rc5-syzkaller-00224-g379f604cc3dc #0 PREEMPT(full) 
[   77.526200][ T5341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   77.531326][ T5341] Call Trace:
[   77.533111][ T5341]  <TASK>
[   77.534419][ T5341]  dump_stack_lvl+0x99/0x250
[   77.536435][ T5341]  ? __asan_memcpy+0x40/0x70
[   77.538557][ T5341]  ? __pfx_dump_stack_lvl+0x10/0x10
[   77.540987][ T5341]  ? __pfx__printk+0x10/0x10
[   77.543199][ T5341]  panic+0x2db/0x790
[   77.545388][ T5341]  ? __pfx_panic+0x10/0x10
[   77.547891][ T5341]  __warn+0x31b/0x4b0
[   77.550163][ T5341]  ? perf_pending_task+0x319/0x400
[   77.552567][ T5341]  ? perf_pending_task+0x319/0x400
[   77.555056][ T5341]  report_bug+0x2be/0x4f0
[   77.557111][ T5341]  ? perf_pending_task+0x319/0x400
[   77.559337][ T5341]  ? perf_pending_task+0x319/0x400
[   77.561380][ T5341]  ? perf_pending_task+0x31b/0x400
[   77.563525][ T5341]  handle_bug+0x84/0x160
[   77.565425][ T5341]  exc_invalid_op+0x1a/0x50
[   77.567597][ T5341]  asm_exc_invalid_op+0x1a/0x20
[   77.570216][ T5341] RIP: 0010:perf_pending_task+0x319/0x400
[   77.573179][ T5341] Code: 85 8f 00 00 00 41 fe 4d 00 eb 05 e8 71 4e cd ff 48 83 c4 18 5b 41 5c 41 5d 41 5e 41 5f 5d e9 8e 3a 7f 09 cc e8 58 4e cd ff 90 <0f> 0b 90 41 80 3c 1c 00 0f 85 02 ff ff ff e9 05 ff ff ff 44 89 e1
[   77.581308][ T5341] RSP: 0018:ffffc9000d5bf9d0 EFLAGS: 00010293
[   77.584078][ T5341] RAX: ffffffff81f2e818 RBX: dffffc0000000000 RCX: ffff88800068c880
[   77.588244][ T5341] RDX: 0000000000000000 RSI: 00000000748e29e6 RDI: 0000000000000000
[   77.592002][ T5341] RBP: 00000000748e29e6 R08: ffffc9000d5bf987 R09: 0000000000000000
[   77.595606][ T5341] R10: ffffc9000d5bf940 R11: ffffffff81f2e500 R12: 1ffff110035f490f
[   77.599727][ T5341] R13: ffff88800068c880 R14: ffff88801afa4ad8 R15: ffff88801afa4878
[   77.603359][ T5341]  ? __pfx_perf_pending_task+0x10/0x10
[   77.606328][ T5341]  ? perf_pending_task+0x318/0x400
[   77.608943][ T5341]  task_work_run+0x1d1/0x260
[   77.611149][ T5341]  ? __pfx_task_work_run+0x10/0x10
[   77.613423][ T5341]  do_exit+0x6b5/0x22e0
[   77.615395][ T5341]  ? __pfx_do_exit+0x10/0x10
[   77.617536][ T5341]  ? proc_coredump_connector+0x172/0x4b0
[   77.620393][ T5341]  ? __pfx_proc_coredump_connector+0x10/0x10
[   77.623682][ T5341]  do_group_exit+0x21c/0x2d0
[   77.625934][ T5341]  get_signal+0x1286/0x1340
[   77.628003][ T5341]  arch_do_signal_or_restart+0x9a/0x750
[   77.630455][ T5341]  ? __rseq_handle_notify_resume+0x37e/0x11f0
[   77.633200][ T5341]  ? perf_pending_task+0x2da/0x400
[   77.635632][ T5341]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[   77.638625][ T5341]  ? exit_to_user_mode_loop+0x40/0x110
[   77.641523][ T5341]  exit_to_user_mode_loop+0x75/0x110
[   77.644280][ T5341]  do_syscall_64+0x2bd/0x3b0
[   77.646399][ T5341]  ? lockdep_hardirqs_on+0x9c/0x150
[   77.648734][ T5341]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.651508][ T5341]  ? clear_bhb_loop+0x60/0xb0
[   77.653781][ T5341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.656813][ T5341] RIP: 0033:0x7f128878e929
[   77.659137][ T5341] Code: Unable to access opcode bytes at 0x7f128878e8ff.
[   77.662511][ T5341] RSP: 002b:00007f1289539038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   77.666210][ T5341] RAX: 0000000000000004 RBX: 00007f12889b5fa0 RCX: 00007f128878e929
[   77.669668][ T5341] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000240
[   77.673115][ T5341] RBP: 00007f1288810b39 R08: 0000000000000000 R09: 0000000000000000
[   77.676928][ T5341] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[   77.681001][ T5341] R13: 0000000000000000 R14: 00007f12889b5fa0 R15: 00007ffe8439e6e8
[   77.684912][ T5341]  </TASK>
[   77.686655][ T5341] Kernel Offset: disabled
[   77.688546][ T5341] Rebooting in 86400 seconds..