------------[ cut here ]------------
WARNING: CPU: 1 PID: 10230 at kernel/signal.c:2050 posixtimer_send_sigqueue+0x774/0xa68 kernel/signal.c:2055
Modules linked in:
CPU: 1 UID: 0 PID: 10230 Comm: syz.0.2523 Not tainted 6.13.0-rc3-syzkaller-00209-g499551201b5f #0
Hardware name: linux,dummy-virt (DT)
pstate: 000000c5 (nzcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : posixtimer_send_sigqueue+0x774/0xa68 kernel/signal.c:2050
lr : posixtimer_send_sigqueue+0x234/0xa68 kernel/signal.c:2005
sp : ffff80008ebc7ab0
x29: ffff80008ebc7ab0 x28: 1fffe00003c42697 x27: ffff000012bcdac0
x26: ffff00001e213578 x25: ffff00001e213544 x24: ffff00001e213560
x23: 1fffe00003c426a8 x22: 1ffff00011d78f68 x21: 0000000000000004
x20: ffff800086f896e0 x19: ffff00001e2134a0 x18: 00000000a80c6b9a
x17: 0000000000000000 x16: 0000000000000000 x15: 1fffe00002579ca4
x14: 1ffff000110e68fe x13: ffff000012bce540 x12: 0000000000000000
x11: ffff800086d8fc5c x10: 38e38d6d88a47918 x9 : 00000000aa80c6b9
x8 : 1fffe00002579ca7 x7 : 1fffe00001ea2be5 x6 : 0000000000000004
x5 : ffff80008678a3d0 x4 : 00000000f3f3f300 x3 : 0000000000000000
x2 : 0000000000000000 x1 : ffff00000f515f48 x0 : ffff00001e2134b8
Call trace:
 posixtimer_send_sigqueue+0x774/0xa68 kernel/signal.c:2055 (P)
 posix_timer_queue_signal+0xa0/0xe4 kernel/time/posix-timers.c:308
 cpu_timer_fire kernel/time/posix-cpu-timers.c:607 [inline]
 handle_posix_cpu_timers kernel/time/posix-cpu-timers.c:1390 [inline]
 posix_cpu_timers_work+0x954/0xe24 kernel/time/posix-cpu-timers.c:1137
 task_work_run+0x128/0x210 kernel/task_work.c:239
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 do_notify_resume+0x1d0/0x258 arch/arm64/kernel/entry-common.c:151
 exit_to_user_mode_prepare arch/arm64/kernel/entry-common.c:169 [inline]
 exit_to_user_mode arch/arm64/kernel/entry-common.c:178 [inline]
 el0_svc+0x100/0x180 arch/arm64/kernel/entry-common.c:745
 el0t_64_sync_handler+0x10c/0x138 arch/arm64/kernel/entry-common.c:762
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 816
hardirqs last  enabled at (815): [<ffff800085315eb4>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (815): [<ffff800085315eb4>] _raw_spin_unlock_irqrestore+0x80/0xac kernel/locking/spinlock.c:194
hardirqs last disabled at (816): [<ffff800085315ae0>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]
hardirqs last disabled at (816): [<ffff800085315ae0>] _raw_spin_lock_irqsave+0x7c/0x80 kernel/locking/spinlock.c:162
softirqs last  enabled at (806): [<ffff8000843919f0>] rcu_read_unlock_bh include/linux/rcupdate.h:915 [inline]
softirqs last  enabled at (806): [<ffff8000843919f0>] __dev_queue_xmit+0x6b0/0x331c net/core/dev.c:4461
softirqs last disabled at (798): [<ffff800084391564>] __dev_queue_xmit+0x224/0x331c net/core/dev.c:4353
---[ end trace 0000000000000000 ]---