Warning: Permanently added '[localhost]:34989' (ECDSA) to the list of known hosts.
2022/09/13 13:20:52 fuzzer started
2022/09/13 13:20:52 dialing manager at localhost:36597
syzkaller login: [   36.369533] cgroup: Unknown subsys name 'net'
[   36.454817] cgroup: Unknown subsys name 'rlimit'
2022/09/13 13:21:08 syscalls: 2215
2022/09/13 13:21:08 code coverage: enabled
2022/09/13 13:21:08 comparison tracing: enabled
2022/09/13 13:21:08 extra coverage: enabled
2022/09/13 13:21:08 setuid sandbox: enabled
2022/09/13 13:21:08 namespace sandbox: enabled
2022/09/13 13:21:08 Android sandbox: enabled
2022/09/13 13:21:08 fault injection: enabled
2022/09/13 13:21:08 leak checking: enabled
2022/09/13 13:21:08 net packet injection: enabled
2022/09/13 13:21:08 net device setup: enabled
2022/09/13 13:21:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/13 13:21:08 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/13 13:21:08 USB emulation: enabled
2022/09/13 13:21:08 hci packet injection: enabled
2022/09/13 13:21:08 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220913                                          )
2022/09/13 13:21:08 802.15.4 emulation: enabled
2022/09/13 13:21:08 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/13 13:21:08 fetching corpus: 50, signal 37518/40456 (executing program)
2022/09/13 13:21:08 fetching corpus: 100, signal 52244/55963 (executing program)
2022/09/13 13:21:09 fetching corpus: 150, signal 60648/65153 (executing program)
2022/09/13 13:21:09 fetching corpus: 200, signal 66183/71448 (executing program)
2022/09/13 13:21:09 fetching corpus: 250, signal 75119/80632 (executing program)
2022/09/13 13:21:09 fetching corpus: 300, signal 80460/86334 (executing program)
2022/09/13 13:21:09 fetching corpus: 350, signal 85684/91726 (executing program)
2022/09/13 13:21:10 fetching corpus: 400, signal 90367/96552 (executing program)
2022/09/13 13:21:10 fetching corpus: 450, signal 97233/103193 (executing program)
2022/09/13 13:21:10 fetching corpus: 500, signal 101026/106961 (executing program)
2022/09/13 13:21:10 fetching corpus: 550, signal 104272/110202 (executing program)
2022/09/13 13:21:10 fetching corpus: 600, signal 106920/112816 (executing program)
2022/09/13 13:21:11 fetching corpus: 650, signal 108765/114745 (executing program)
2022/09/13 13:21:11 fetching corpus: 700, signal 111141/117015 (executing program)
2022/09/13 13:21:11 fetching corpus: 750, signal 114439/119986 (executing program)
2022/09/13 13:21:11 fetching corpus: 800, signal 116613/121996 (executing program)
2022/09/13 13:21:11 fetching corpus: 850, signal 120166/124948 (executing program)
2022/09/13 13:21:11 fetching corpus: 900, signal 121972/126542 (executing program)
2022/09/13 13:21:12 fetching corpus: 950, signal 123826/128123 (executing program)
2022/09/13 13:21:12 fetching corpus: 1000, signal 125897/129861 (executing program)
2022/09/13 13:21:12 fetching corpus: 1050, signal 127933/131469 (executing program)
2022/09/13 13:21:12 fetching corpus: 1100, signal 131081/133716 (executing program)
2022/09/13 13:21:12 fetching corpus: 1150, signal 132970/135089 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136081 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136137 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136200 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136265 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136339 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136393 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136457 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136524 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136580 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136642 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136706 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136759 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136814 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136886 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/136961 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137027 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137094 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137158 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137237 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137308 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137370 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137446 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137513 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137575 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137638 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137683 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137740 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137796 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137868 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/137936 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138009 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138069 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138133 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138186 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138246 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138298 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138357 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138429 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138501 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138569 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138620 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138698 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138754 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138785 (executing program)
2022/09/13 13:21:13 fetching corpus: 1199, signal 134398/138785 (executing program)
2022/09/13 13:21:16 starting 8 fuzzer processes
13:21:16 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0x541b, 0x0)

13:21:16 executing program 1:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

13:21:16 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0xa)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f0000000480)={0x1ac, r1, 0x100, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x4b}, @val={0x8}, @val={0xc, 0x99, {0x7ff8000, 0x7b}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0xeaf}, @NL80211_ATTR_VENDOR_DATA={0xa7, 0xc5, "03dc0a436db0f14dff541254a5c7a8a36ca6e54217e5b188e8f587352b4e31d5171de8d58c29daa17f049bef24cada7561a93b50e41632ba0337667166cf570ebf9d834472a2a3e14cff15ae67cc7333c0da6398f57eedcb0385030c558216241269b6e71bc1650009df822327e3bf271cdfa64f468ef29406a96a83d9ac4424852e0f0ca58457ce98392cbafa2bcdf898e1450025ea46d5d2cbcf7d1aa9ee1361f7d5"}, @NL80211_ATTR_VENDOR_DATA={0xca, 0xc5, "f0d4f357ea9145e8e7d6288760cd26b538493223883aa29ffabe4b5ade917a1db45c346d372f5113af6e392d2b74237ab03e8f72ccf7f97709d7931d6989026f3e29097e51e7775b3ff6f77e71a3f40cdc46981ae40c2a89dc4e6493ce4b22a034b36b818842878f48092f5e11bb0c86555335b5da77f89c4e11ff9fe59b5a691603d78ffe1dc2699fd1bbf87a168532add94315b2e6e288d64707f175193a1fdbeff9df88c87c3198eb35f6900ca121e7d6cfc5cb23c9755d3c8df2c92d8af0645f71564234"}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
sendmsg$SOCK_DESTROY(r2, &(0x7f0000001800)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000017c0)={&(0x7f0000000640)={0x1160, 0x15, 0x200, 0x70bd25, 0x25dfdbfe, {0xa, 0x7}, [@INET_DIAG_REQ_BYTECODE={0xc9, 0x1, "eb79b9a20ae4cc343a17141bba32dfd01afa7d74cc08d720766a41f3cb4f81ba36645c350d5e1f3a588f8812877e82da62e452e829fdeeb80f97373235b17226a45fcfa6c200d7f593af16b024e48df86b8974425ee2c9838517ead7af992eb779726d80a32a238562cee367c33f4ed427b76222276eee42688848ca552b4e336953135c4c15cf06195ddfe042775107c6365e018f66992ccb593bdb59e6e8de0bf6343c7b976d6f906f5a9f5472a452158078998ac087184b4ba6dc014d4f56d96fbe51bc"}, @INET_DIAG_REQ_BYTECODE={0x4a, 0x1, "1c0f922c1a7f67fc424c2157d351b0dea37f10a2e03ad735ddeec2dd90cbb9ee930ba7ab181446d220d45a5e4b48441f8d6fd4718656535d8ef783f8da22a30cef846310a7cc"}, @INET_DIAG_REQ_BYTECODE={0x2d, 0x1, "f0ba692721c03e89ad685327376ff7d6d0b958af4218b596578c0133d94fb64c339b50655d78234f85"}, @INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "8f33a1f76d60ba957e99dbdda801ca4a3b7a958e6e620b037607151fe6a8b095111b9635852304db0e51312ab1fcf26f211cfc6ba576842cc8504365e16ba07955659ea77f4048c7cf423f4699ab763021fa8ff6ab437410c374a7fbe9ca8218a820bb14636b3a6aa1f46561496af1560e650bdf815a3f390efebb2c83502989dd4a82eb1c62d57b63d588874902666e0f1ba96a644e0d85ac67395a57f521d4ead404ea9c14990f1c430221ad04a2bae6a60628f67b86d5d5360979a54476168f8c0950b94302232edca9b8eabbeca2b66be5eecf89e9e3df413d9c7a363b40493b4c1976941fbf2b61cd96da1da1cc02b55bb46ed90065c65726a0800c2176ed279c41a47869fe71c3600b24597ef31953994135437fcd5b6a13957fb3e6967f7591a9a92895ead391029393b2b188b68886d7285173869544b58d5fbe5a11a97aac857d2df506062b35964e0b698e3164fcd6dab4f1bbed74a20eed5bac4e26b5aaa6a6cf2801082ffd1c3d48ac4c9b2e38a5eb130468211a67d2e1ed9415db7033ef4745998d0e36b51e4eabbe17cc46d3cab5728d23afcd289ce3951736752878884ba6c55f8c739d985be65cbb01b52d40c6f5fa82ed2839365e299c1029761660c84aee2a27ebb681123004fe2fdad7af2dba905279084b6809a6e424c34b882c0bde1c16fd5fa839dfc65892149bec2abcf5a5c1a065380273c9df7f5cce6f49477a81ac7eda9df8c1546780c1366cbcce134dda84c716be9a1bdd77cd3bf7a631b9a78f7427fef7d1fa6a0f8739dfb8ca69661f983be429ca03aa87586fe1351941070ade2145e967af75a74545cb12e2f551458ba77eeedc8e1ff8c2d35c6a36944a7055c9514b10b7a5e7c8bb431909b2d39f091e4ee4c5eeddbe683163bec9f0ee12ba534418ced35cb631d8dcd966cb7161de529c9789ef24137c6bed520afd3a5d66ee13c1485ac63931051f23ccbfb789d4346e8762defe04dcbcca90ab005f9c76538a83a0507faa75355698bb0784fc28e3173ad13cb9e149b1c6f4110236f427028f956a7015f4406db5ec7a1964c97d37baff2f019b42661885883e5605c205a287e6061683c52662f665c5cd4f56e28754433d376bf60cca862500d1377bb62e7f017a86be93e2b32ac6301b9d86d1b2c4792e0d3bb44bd352554dea29918065d2bf466ccfac3cb423500f1aa7cd6204c2c6f6882562cfe1866f8a4bf4c208ecb3a2485b81394c5b1592aeb561a5da685ed1fff64e255d5964ec419f9ca6300bb1e29676779447ee098b0f3d77845770e0a4d629e50630de5d59075bd2788c14e8eaa3f27e56777942c806fcb927d109fd001cf4a9edeedbacc6f3f5c1c0b8d250accf0e2b9a321462b5a3b06981b6dd256b7034655b1aa9249ddd54959232de0166e58f5386281c7b7b679f25e5c14f9f732b82a68b1cb8f600934079f03c1bcf15e68bbc9cf894594b7d39d8f3ea3fd8e50fa226ac3c3dc3bfb0b3f876429909667341369ad1e47ab3e09124b183029689a85fab82de6be036a54c329be579eca34086a04f4f37fe0f4bf2abc9f7b967468826eb2c7aabfd6bca90c725a8fffd831b5d08e6983b9e5582d72578891faa4dbe25d24f754302464b5545d6cdd95f30cb6a05d65e3c122f56a8be35e215347be640fdcf04282423cd164755a69d5a47534cd02a4cfbf0404f58a05e1f0b02c578c2eb4029d4e4785c516c0ef122540db8c2dc71a831f4b578c794cade07b6159badcd94cc95d22ba692c323d4fbf6f33fcdea9734f7838a694eb574e5cf768a560aa2d0f2156e8679a1fc8cd3d510e7cef1bbd7903cdcc2c04aca4d25aba331f4e5909859c224054bddd54f4674c279368e4d9ce293d57fc734b0205959d4dba22d237f4c97d98bb616854bb4139701f9bd53ebf094585b4f0a16b0d2a0791ba4dcc90768d4bf3c6650b4b16b7e9f6e5c0bec128f7110c33919e7aaadfc433abb865315b11f619e27b953dca6092025d37db9b5039f0a3262e8db168992538e3d061e51aab1925f197f393f9ab5d47be8b5ed39842879343e74e4a95a686350d079ae9f0cd26b7b8b431ba94ad2ae4a20fafc379c3e66922ebef747764ff3540307e739cb0d1d3655146dc5d58fea4c8b12421483d621e1691d161a93b5a0cd1d25d41b7592508ae63bc74288cdb9197cd4601a4934de758232c9ce95d1d62ddc77dea9b33c02d0b8810a831f75577340207fc2acbb78c8b5b45f8c2d6be033ad9bea68450630b2d35cc7e3ff5ac0b96af6b44b9cc712412bdbfc479b5387c2839f4870a4e695eb9bc9fb53cca1b660a76079c29bc1203d763f439ff04463ae1183b8284f5330c176318f2943b763b67cf22124fa2bd3422f4b6ad7df3c92c8847f009820e3d5b07f9484c19075359314dd566e88a8c1dd51c54931f802fb5ca2d4e268e5829343c405998da958ec7eadd95f47dbab28ed52b1bca5c8f5206d70f349717b9e85b2e77495c420d67fbfbe09de4576dd3c74de134a50da0a0bd08d88e2463da7f9eef8b172bcb7edfdf319ed50201766d2a0e28799e74e8b9331dc671589ef2dad3ac6ef40baf1eade8fefb8e887daa7f27a974c4be98ad58bf2200db44c587ee71e5a78d83488235f200198331e5fc8919a0189d1acb275e516c30dc6a6610a4e8ce22868cf1cac3b55b43e77d9ac81a95536661620fe6fd2aa4537f9d284c0c66c1b4b8e8a14b3be9a3d5e1f9abc24d2f7f52752e983189206e39f716dbbd4b78958b4971eea773d8b86d76bf02c783e25ba954556610a91da6fdee4be4348e5272e0676b5af987158688ee671d9f645cd5cacaf4789ec93a70501ee11673d4950a7a68e63aee91af4eb29a84c1086d1e89bc38b1e567364bdc6dc5a88f7083d56f31853e405ae86f3857ac2666eb7db3862dc5acd251b3ecd6cc88c5df382e15ee4fe30e4b9fcd6b32cd89fb1c856c0dcf9bd36b70ae43ee296d6f2b494f8dd478f0511217975221605632237227a60513b70936ce928f17c45d5b4a9b0af5378d5c8cb5a7a6b8f62eb242810da3f80d1beabf6fda1f2d917cc93e72a15ae5161d641e9369556e213cbc5faa58efd887c217ad8bbf5f4e66c3627c765a1edd6a554bd0a524344d1fdfc97eb0e35ce15e26555fb3272713ac12bcf4810d6c164daeeb5e811f7176a393be8a07f7f63865b6671a567f9134782db20b735c50ab7bcfeecd6f3feeda30f992625e93c3a7f789b127d6d9f40b19e73ebc1c830e636517d1f841c938c07799a1c4be331b9e58e1c3c494ce7010b28c868e2a7e802faa03dfc6904261199eba7cc1068081b70340fa0a3f8d9d96a46a6754a1a504e08a7508e82568d8aa4fcec741c6891d16cbc5bd955eb2c8445af9fe7a960df1c685802ae2d4b5ae71c0a6996f5cb0f825035ff6faf19e50d9d6bca00ae173d877a47c1ff66e7e77f81c9d0b51bc2d20829e9ae222a740c204903217f115323761be2f5f9ae60df5515e7046946262e3387d72f2569bcc8285b950bc33d4c18845bf70bcd2418deadc6eeffa2a9f4917f179b4004d6e781cac2af7034bb253f46cfa1a7f5fbb91ab8ad84e1fbbb735a9801ade351d55a0b91f386af0b94e1bdf4c3d82d333068e4ddcc3876dfdbee416e0bf1e6c275e626256776577edb8e2c16e0139593f2f8e4585973b7aedabc9e2ecf574ded44f3f1b9b99eec95de77a5516c17da9e0351e1f3ce55704ec25ba12136a46adcadd9caf2476bd947fd1470cf2760d4afbe5b9ab278cb2a624d1817bb54cb355d7c526698b588d3f6f3e94ef1e134342f536916bbc1c94469b2766efd637305f7b770cc2562189fc269afbab04fb8eebf44a4e92e374e6643b734cd83c7575388659888d1d15bbdb912f6d681ab5da0fa7fe428578b46ba33d3188c99551aa301cac60ab8c59382e7ccbea3e3e1eddd2a3b6b3d64dd8d756bd94a22c8c2f01c7fb1f1ae0024e3aca8615c60313e556aeda3199edd8ef01e9b1ac9b0d2d7282d2965a3d91e9ff708beefb2b0a649f9a7cfd46dfe915ea25ff8fe5bf1b27147853afaeb0c2cdb35946ee49fc655eace4323e142e094c953c5127e1bb224ca0829570ba392939241403117f241d872b3c3eff94166d16be188242a2ecd565e449d1dfba55da5db40330d0a361a125c92c89f61a26300845c55e35efb04bf25f0d5d7282d438002673f8e8402c576a5b402874e44fa71224e8dbc2afb80276cab9244ab70282fded63510a4965035dcc90680d4c07fa4dc3bf1b384227926b7aacd4f1465f1c6c25547684b119f06e0161909e9b2468c8195489da99ec6cccd8f10089f478c8667fe0d86befdc03eabb7eacadf9146c3e8284cf2ce908fe8096d7bd4aa6b42f97399b35ce8334e0bcae2f652414350a00d9e99b1b38132c7418afe7db75537c141cfd71b1e3ea1c154193d81f414a3b9b1bc314fe13e37c702cd1f197dedd3d41b795f5af43c0f75fcf83b5abff0815ecc09211c2059614cc9597639d52066cd48c36063b35744ae6af3d78f16e0feb61992ef0ec9a864ea69a97f0c93535b1c9e70f1335b044d71d6008ed9290a2111d672b601e92524fb1b0f91b061193741dcfc958ad09bcaa888405a50a04622a1fa09398228bb51a401112782d33a58342daf32e49cd3135a5becda21b82b21b29006bef9dfb90f037ae50ed079b5d8a8a42057b24d644e1685bb4f54ac8876c4d5ce42c4ba8b818796fe4050626862181ea6e15fe9a5123a45a967fbb8d3c3cd402dcd867574cca3256de3c0184cfc153490866570566513b51fb439e9f4b9154eb63ab065400664b27098ee73a215c89d5e6592ac426f751d6dbbc3321ccb62c43a147924a40ee69e2921a0fd990f2156d5c811cfd000aa4671294aa6d4b1c470a8bb5fbea40ab6f6ef2ed17b230cd9ecae00d3ad90fd4eb8adcd614f73e725706483704f0d28187900589a7dbb9db45317a4cef42bfd96afdffe8af1c7eaa2236420c0b99ef228ec255e56f6fdebfee22e1643b843cead36c9b18824363add91839391e0a192394b31c3024efbac231acf9542fba430b4b87d6d5c157326faf731dd82adce8cbac11700fbc4d4b8559b0adee65a0bc15d519c7f1410e20d3e530f59668163cbcae512f87c60a999852288961898147badba3f76cd725ed87dab7c2d3004372332a2c5275381767b21135c3df9ae257fb11c9c3b777fb966fdf0ea5034223b2a79e39941662f75163efb7896fcac72b0d8c8947c63e44e3a1dbfef867c920197423544eee09fde95f39447c3d99d60665ecf337122e61fdcbe961dfee212e558001cd8c64b4e2248039ecfbe77ad5e832510b45b188bff1a6abd7434c4275678c7f02618d4aa5795336583c7d317fe4c5c1cc4b47536f4b40590d13cdfeb1c2e3757b6d544dc8053d94d83b7ee952d126939da0bec0c6f0c8296d0d17e681fa04bc4492dce754cb502f68dbcad1e787614fb1c67a141e776b25ed48d07a2acb0c26f781e524f69173aee86f4f53a95bd27b6bf33b1a7825c2a8ce18175d2a718f592c810f0824a067d9d022e7b94534ea8eef219d3dcf73a50ef5620f8842fad15b05ced9ee0e2d285a4d24a3ad934766f224a94f939f242576cc8ff0b717815d645ac5594afe0646ead4655f7d2f8154c61e97ed8d559f3e4a9cef8291aa4c518cf6821e4c5fbe77a1cfbafaa24825b756dd79bf96719840d3db348e21cbb45224f315559b19b20703f868503942801be391a70bfa95c1c06db21e2867822b4424c4a952f9843cea0b491a5ea70e9"}]}, 0x1160}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r3 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r3, &(0x7f00000003c0)=[{&(0x7f0000000300)=""/146, 0x92}, {&(0x7f0000000200)=""/94, 0x5e}], 0x2)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}, 0x18292}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

[   59.829132] audit: type=1400 audit(1663075276.396:6): avc:  denied  { execmem } for  pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
13:21:16 executing program 4:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, 'queue1\x00'})

13:21:16 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x11, 0xfffffffffffffffe, &(0x7f0000000200)=0xc)

13:21:16 executing program 5:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200)=0x1a)

13:21:16 executing program 6:
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x14)

13:21:16 executing program 7:
clock_nanosleep(0x5, 0x0, 0x0, 0x0)

[   61.102382] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   61.105977] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   61.107768] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   61.110628] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   61.122185] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   61.124148] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   61.129133] Bluetooth: hci0: HCI_REQ-0x0c1a
[   61.224836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   61.236641] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   61.238539] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   61.241465] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   61.247098] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   61.249170] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   61.250477] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   61.254784] Bluetooth: hci4: HCI_REQ-0x0c1a
[   61.304151] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   61.307156] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   61.312795] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   61.317127] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   61.318655] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   61.325133] Bluetooth: hci2: HCI_REQ-0x0c1a
[   61.337519] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   61.350786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   61.355079] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   61.360849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   61.362286] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   61.363822] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   61.365270] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   61.369858] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   61.371199] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   61.372167] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   61.373388] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   61.376677] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   61.377974] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   61.379717] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   61.382083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   61.388202] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   61.388625] Bluetooth: hci3: HCI_REQ-0x0c1a
[   61.390403] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   61.390943] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   61.395666] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   61.397351] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   61.397450] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   61.399746] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   61.399805] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   61.402336] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   61.407824] Bluetooth: hci5: HCI_REQ-0x0c1a
[   61.408936] Bluetooth: hci6: HCI_REQ-0x0c1a
[   61.410736] Bluetooth: hci7: HCI_REQ-0x0c1a
[   63.193654] Bluetooth: hci1: Opcode 0x c03 failed: -110
[   63.195222] Bluetooth: hci0: command 0x0409 tx timeout
[   63.320942] Bluetooth: hci4: command 0x0409 tx timeout
[   63.385110] Bluetooth: hci2: command 0x0409 tx timeout
[   63.448954] Bluetooth: hci7: command 0x0409 tx timeout
[   63.449423] Bluetooth: hci3: command 0x0409 tx timeout
[   63.449819] Bluetooth: hci5: command 0x0409 tx timeout
[   63.450263] Bluetooth: hci6: command 0x0409 tx timeout
[   65.241972] Bluetooth: hci0: command 0x041b tx timeout
[   65.368978] Bluetooth: hci4: command 0x041b tx timeout
[   65.433932] Bluetooth: hci2: command 0x041b tx timeout
[   65.497962] Bluetooth: hci6: command 0x041b tx timeout
[   65.498472] Bluetooth: hci5: command 0x041b tx timeout
[   65.499404] Bluetooth: hci3: command 0x041b tx timeout
[   65.499851] Bluetooth: hci7: command 0x041b tx timeout
[   66.023725] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.025850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   66.042282] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   66.045144] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   66.047070] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   66.047747] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   66.053001] Bluetooth: hci1: HCI_REQ-0x0c1a
[   67.289965] Bluetooth: hci0: command 0x040f tx timeout
[   67.416992] Bluetooth: hci4: command 0x040f tx timeout
[   67.480992] Bluetooth: hci2: command 0x040f tx timeout
[   67.545003] Bluetooth: hci7: command 0x040f tx timeout
[   67.546231] Bluetooth: hci3: command 0x040f tx timeout
[   67.547496] Bluetooth: hci5: command 0x040f tx timeout
[   67.548758] Bluetooth: hci6: command 0x040f tx timeout
[   68.121068] Bluetooth: hci1: command 0x0409 tx timeout
[   69.338418] Bluetooth: hci0: command 0x0419 tx timeout
[   69.465938] Bluetooth: hci4: command 0x0419 tx timeout
[   69.529932] Bluetooth: hci2: command 0x0419 tx timeout
[   69.594022] Bluetooth: hci6: command 0x0419 tx timeout
[   69.594835] Bluetooth: hci5: command 0x0419 tx timeout
[   69.595535] Bluetooth: hci3: command 0x0419 tx timeout
[   69.596009] Bluetooth: hci7: command 0x0419 tx timeout
[   70.170066] Bluetooth: hci1: command 0x041b tx timeout
[   72.216960] Bluetooth: hci1: command 0x040f tx timeout
[   74.265062] Bluetooth: hci1: command 0x0419 tx timeout
13:22:13 executing program 6:
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x14)

13:22:14 executing program 6:
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x14)

13:22:14 executing program 6:
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x14)

13:22:14 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000540), 0x6042)

13:22:14 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000540), 0x6042)

13:22:14 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x11, 0xfffffffffffffffe, &(0x7f0000000200)=0xc)

13:22:14 executing program 6:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000540), 0x6042)

13:22:14 executing program 7:
clock_nanosleep(0x5, 0x0, 0x0, 0x0)

[  119.165849] audit: type=1400 audit(1663075335.733:7): avc:  denied  { open } for  pid=3890 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.167379] audit: type=1400 audit(1663075335.735:8): avc:  denied  { kernel } for  pid=3890 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.183717] ------------[ cut here ]------------
[  119.183751] 
[  119.183756] ======================================================
[  119.183763] WARNING: possible circular locking dependency detected
[  119.183769] 6.0.0-rc5-next-20220913 #1 Not tainted
[  119.183780] ------------------------------------------------------
[  119.183786] syz-executor.2/3892 is trying to acquire lock:
[  119.183797] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  119.183857] 
[  119.183857] but task is already holding lock:
[  119.183861] ffff88803c12c020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  119.183915] 
[  119.183915] which lock already depends on the new lock.
[  119.183915] 
[  119.183920] 
[  119.183920] the existing dependency chain (in reverse order) is:
[  119.183925] 
[  119.183925] -> #3 (&ctx->lock){....}-{2:2}:
[  119.183951]        _raw_spin_lock+0x2a/0x40
[  119.183980]        __perf_event_task_sched_out+0x53b/0x18d0
[  119.184003]        __schedule+0xedd/0x2470
[  119.184020]        schedule+0xda/0x1b0
[  119.184037]        exit_to_user_mode_prepare+0x114/0x1a0
[  119.184074]        syscall_exit_to_user_mode+0x19/0x40
[  119.184106]        do_syscall_64+0x48/0x90
[  119.184130]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  119.184162] 
[  119.184162] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  119.184187]        _raw_spin_lock_nested+0x30/0x40
[  119.184214]        raw_spin_rq_lock_nested+0x1e/0x30
[  119.184237]        task_fork_fair+0x63/0x4d0
[  119.184268]        sched_cgroup_fork+0x3d0/0x540
[  119.184294]        copy_process+0x3f9e/0x6df0
[  119.184312]        kernel_clone+0xe7/0x890
[  119.184329]        user_mode_thread+0xad/0xf0
[  119.184348]        rest_init+0x24/0x250
[  119.184379]        arch_call_rest_init+0xf/0x14
[  119.184413]        start_kernel+0x4c1/0x4e6
[  119.184445]        secondary_startup_64_no_verify+0xe0/0xeb
[  119.184470] 
[  119.184470] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  119.184495]        _raw_spin_lock_irqsave+0x39/0x60
[  119.184523]        try_to_wake_up+0xab/0x1920
[  119.184547]        up+0x75/0xb0
[  119.184569]        __up_console_sem+0x6e/0x80
[  119.184597]        console_unlock+0x46a/0x590
[  119.184627]        do_con_write+0xc05/0x1d50
[  119.184646]        con_write+0x21/0x40
[  119.184663]        n_tty_write+0x4d4/0xfe0
[  119.184686]        file_tty_write.constprop.0+0x49c/0x8f0
[  119.184708]        vfs_write+0x9c3/0xd90
[  119.184740]        ksys_write+0x127/0x250
[  119.184772]        do_syscall_64+0x3b/0x90
[  119.184796]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  119.184828] 
[  119.184828] -> #0 ((console_sem).lock){....}-{2:2}:
[  119.184853]        __lock_acquire+0x2a02/0x5e70
[  119.184883]        lock_acquire+0x1a2/0x530
[  119.184913]        _raw_spin_lock_irqsave+0x39/0x60
[  119.184941]        down_trylock+0xe/0x70
[  119.184964]        __down_trylock_console_sem+0x3b/0xd0
[  119.184995]        vprintk_emit+0x16b/0x560
[  119.185025]        vprintk+0x84/0xa0
[  119.185056]        _printk+0xba/0xf1
[  119.185087]        report_bug.cold+0x72/0xab
[  119.185110]        handle_bug+0x3c/0x70
[  119.185134]        exc_invalid_op+0x14/0x50
[  119.185158]        asm_exc_invalid_op+0x16/0x20
[  119.185188]        group_sched_out.part.0+0x2c7/0x460
[  119.185207]        ctx_sched_out+0x8f1/0xc10
[  119.185225]        __perf_event_task_sched_out+0x6d0/0x18d0
[  119.185248]        __schedule+0xedd/0x2470
[  119.185265]        schedule+0xda/0x1b0
[  119.185282]        exit_to_user_mode_prepare+0x114/0x1a0
[  119.185318]        syscall_exit_to_user_mode+0x19/0x40
[  119.185350]        do_syscall_64+0x48/0x90
[  119.185374]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  119.185405] 
[  119.185405] other info that might help us debug this:
[  119.185405] 
[  119.185410] Chain exists of:
[  119.185410]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  119.185410] 
[  119.185438]  Possible unsafe locking scenario:
[  119.185438] 
[  119.185442]        CPU0                    CPU1
[  119.185446]        ----                    ----
[  119.185450]   lock(&ctx->lock);
[  119.185460]                                lock(&rq->__lock);
[  119.185471]                                lock(&ctx->lock);
[  119.185483]   lock((console_sem).lock);
[  119.185493] 
[  119.185493]  *** DEADLOCK ***
[  119.185493] 
[  119.185497] 2 locks held by syz-executor.2/3892:
[  119.185509]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  119.185556]  #1: ffff88803c12c020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  119.185607] 
[  119.185607] stack backtrace:
[  119.185612] CPU: 0 PID: 3892 Comm: syz-executor.2 Not tainted 6.0.0-rc5-next-20220913 #1
[  119.185635] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  119.185649] Call Trace:
[  119.185654]  <TASK>
[  119.185662]  dump_stack_lvl+0x8b/0xb3
[  119.185688]  check_noncircular+0x263/0x2e0
[  119.185719]  ? format_decode+0x26c/0xb50
[  119.185746]  ? print_circular_bug+0x450/0x450
[  119.185778]  ? enable_ptr_key_workfn+0x20/0x20
[  119.185806]  ? format_decode+0x26c/0xb50
[  119.185834]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  119.185868]  __lock_acquire+0x2a02/0x5e70
[  119.185909]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  119.185951]  lock_acquire+0x1a2/0x530
[  119.185983]  ? down_trylock+0xe/0x70
[  119.186010]  ? rcu_read_unlock+0x40/0x40
[  119.186049]  ? vprintk+0x84/0xa0
[  119.186083]  _raw_spin_lock_irqsave+0x39/0x60
[  119.186112]  ? down_trylock+0xe/0x70
[  119.186137]  down_trylock+0xe/0x70
[  119.186162]  ? vprintk+0x84/0xa0
[  119.186194]  __down_trylock_console_sem+0x3b/0xd0
[  119.186227]  vprintk_emit+0x16b/0x560
[  119.186263]  vprintk+0x84/0xa0
[  119.186296]  _printk+0xba/0xf1
[  119.186329]  ? record_print_text.cold+0x16/0x16
[  119.186370]  ? report_bug.cold+0x66/0xab
[  119.186397]  ? group_sched_out.part.0+0x2c7/0x460
[  119.186418]  report_bug.cold+0x72/0xab
[  119.186446]  handle_bug+0x3c/0x70
[  119.186471]  exc_invalid_op+0x14/0x50
[  119.186498]  asm_exc_invalid_op+0x16/0x20
[  119.186530] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  119.186554] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  119.186575] RSP: 0018:ffff88803db37c48 EFLAGS: 00010006
[  119.186591] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  119.186605] RDX: ffff888020445040 RSI: ffffffff81566027 RDI: 0000000000000005
[  119.186620] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  119.186633] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88803c12c000
[  119.186648] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  119.186668]  ? group_sched_out.part.0+0x2c7/0x460
[  119.186692]  ? group_sched_out.part.0+0x2c7/0x460
[  119.186716]  ctx_sched_out+0x8f1/0xc10
[  119.186739]  __perf_event_task_sched_out+0x6d0/0x18d0
[  119.186776]  ? lock_is_held_type+0xd7/0x130
[  119.186810]  ? __perf_cgroup_move+0x160/0x160
[  119.186832]  ? set_next_entity+0x304/0x550
[  119.186866]  ? update_curr+0x267/0x740
[  119.186901]  ? lock_is_held_type+0xd7/0x130
[  119.186935]  __schedule+0xedd/0x2470
[  119.186960]  ? io_schedule_timeout+0x150/0x150
[  119.186983]  ? rcu_read_lock_sched_held+0x3e/0x80
[  119.187020]  schedule+0xda/0x1b0
[  119.187041]  exit_to_user_mode_prepare+0x114/0x1a0
[  119.187080]  syscall_exit_to_user_mode+0x19/0x40
[  119.187114]  do_syscall_64+0x48/0x90
[  119.187140]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  119.187173] RIP: 0033:0x7feef3969b19
[  119.187189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  119.187209] RSP: 002b:00007feef0edf218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  119.187229] RAX: 0000000000000001 RBX: 00007feef3a7cf68 RCX: 00007feef3969b19
[  119.187243] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007feef3a7cf6c
[  119.187256] RBP: 00007feef3a7cf60 R08: 000000000000000e R09: 0000000000000000
[  119.187270] R10: 0000000000000005 R11: 0000000000000246 R12: 00007feef3a7cf6c
[  119.187283] R13: 00007ffdcab2bf5f R14: 00007feef0edf300 R15: 0000000000022000
[  119.187307]  </TASK>
[  119.288788] WARNING: CPU: 0 PID: 3892 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  119.290051] Modules linked in:
[  119.290498] CPU: 0 PID: 3892 Comm: syz-executor.2 Not tainted 6.0.0-rc5-next-20220913 #1
[  119.291610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  119.293162] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  119.293911] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  119.296385] RSP: 0018:ffff88803db37c48 EFLAGS: 00010006
[  119.297122] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  119.298034] RDX: ffff888020445040 RSI: ffffffff81566027 RDI: 0000000000000005
[  119.298967] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  119.299892] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88803c12c000
[  119.300820] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  119.301756] FS:  00007feef0edf700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  119.302803] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  119.303570] CR2: 000055afcce06688 CR3: 000000000e120000 CR4: 0000000000350ef0
[  119.304504] Call Trace:
[  119.304846]  <TASK>
[  119.305154]  ctx_sched_out+0x8f1/0xc10
[  119.305671]  __perf_event_task_sched_out+0x6d0/0x18d0
[  119.306355]  ? lock_is_held_type+0xd7/0x130
[  119.306960]  ? __perf_cgroup_move+0x160/0x160
[  119.307553]  ? set_next_entity+0x304/0x550
[  119.308128]  ? update_curr+0x267/0x740
[  119.308658]  ? lock_is_held_type+0xd7/0x130
[  119.309247]  __schedule+0xedd/0x2470
[  119.309742]  ? io_schedule_timeout+0x150/0x150
[  119.310356]  ? rcu_read_lock_sched_held+0x3e/0x80
[  119.311015]  schedule+0xda/0x1b0
[  119.311467]  exit_to_user_mode_prepare+0x114/0x1a0
[  119.312131]  syscall_exit_to_user_mode+0x19/0x40
[  119.312775]  do_syscall_64+0x48/0x90
[  119.313283]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  119.313979] RIP: 0033:0x7feef3969b19
[  119.314477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  119.316816] RSP: 002b:00007feef0edf218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  119.317795] RAX: 0000000000000001 RBX: 00007feef3a7cf68 RCX: 00007feef3969b19
[  119.318726] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007feef3a7cf6c
[  119.319680] RBP: 00007feef3a7cf60 R08: 000000000000000e R09: 0000000000000000
[  119.320626] R10: 0000000000000005 R11: 0000000000000246 R12: 00007feef3a7cf6c
[  119.321551] R13: 00007ffdcab2bf5f R14: 00007feef0edf300 R15: 0000000000022000
[  119.322494]  </TASK>
[  119.322817] irq event stamp: 1912
[  119.323274] hardirqs last  enabled at (1911): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  119.324515] hardirqs last disabled at (1912): [<ffffffff8424b1d5>] __schedule+0x1225/0x2470
[  119.325608] softirqs last  enabled at (1650): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  119.326730] softirqs last disabled at (1641): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  119.327888] ---[ end trace 0000000000000000 ]---
[  119.534094] audit: type=1400 audit(1663075336.102:9): avc:  denied  { read } for  pid=3890 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  119.559216] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  119.578507] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  119.607579] syz-executor.2 (3892) used greatest stack depth: 22808 bytes left
[  124.313095] Bluetooth: hci3: Opcode 0x c03 failed: -110
[  128.537004] Bluetooth: hci3: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
13:22:16  Registers:
info registers vcpu 0
RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b25c1 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff88803db37698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000069 R11=0000000000000001
R12=0000000000000069 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b25b0
RIP=ffffffff822b2619 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007feef0edf700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055afcce06688 CR3=000000000e120000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 ffffffffffffffff ff00000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000007 RBX=ffff88800fd39ac0 RCX=ffffffff811da58c RDX=0000000000000000
RSI=0000000000200000 RDI=0000000000000000 RBP=0000000000200000 RSP=ffff88800fec7d88
R8 =0000000000000000 R9 =ffff888009239a07 R10=ffffed1001247340 R11=0000000000000001
R12=ffff88807ad22ff9 R13=ffff88800fd39ac0 R14=fcfcfcfcfcfcfcfc R15=0000000000000092
RIP=ffffffff814613f4 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffa450f66f4 CR3=0000000017fc6000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 00524f5252450040 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000