
Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:5949' (ECDSA) to the list of known hosts.
2022/09/13 14:33:34 fuzzer started
2022/09/13 14:33:35 dialing manager at localhost:36597
syzkaller login: [   40.740797] cgroup: Unknown subsys name 'net'
[   40.836156] cgroup: Unknown subsys name 'rlimit'
[   48.494110] systemd-udevd (129) used greatest stack depth: 24768 bytes left
2022/09/13 14:33:51 syscalls: 2215
2022/09/13 14:33:51 code coverage: enabled
2022/09/13 14:33:51 comparison tracing: enabled
2022/09/13 14:33:51 extra coverage: enabled
2022/09/13 14:33:51 setuid sandbox: enabled
2022/09/13 14:33:51 namespace sandbox: enabled
2022/09/13 14:33:51 Android sandbox: enabled
2022/09/13 14:33:51 fault injection: enabled
2022/09/13 14:33:51 leak checking: enabled
2022/09/13 14:33:51 net packet injection: enabled
2022/09/13 14:33:51 net device setup: enabled
2022/09/13 14:33:51 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/13 14:33:51 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/13 14:33:51 USB emulation: enabled
2022/09/13 14:33:51 hci packet injection: enabled
2022/09/13 14:33:51 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220913                                          )
2022/09/13 14:33:51 802.15.4 emulation: enabled
2022/09/13 14:33:51 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/13 14:33:51 fetching corpus: 37, signal 31136/34590 (executing program)
2022/09/13 14:33:51 fetching corpus: 87, signal 46690/51423 (executing program)
2022/09/13 14:33:52 fetching corpus: 137, signal 57786/63659 (executing program)
2022/09/13 14:33:52 fetching corpus: 187, signal 66697/73556 (executing program)
2022/09/13 14:33:52 fetching corpus: 237, signal 76486/84060 (executing program)
2022/09/13 14:33:52 fetching corpus: 287, signal 81025/89552 (executing program)
2022/09/13 14:33:52 fetching corpus: 337, signal 87125/96387 (executing program)
2022/09/13 14:33:52 fetching corpus: 387, signal 91544/101588 (executing program)
2022/09/13 14:33:53 fetching corpus: 437, signal 96660/107328 (executing program)
2022/09/13 14:33:53 fetching corpus: 487, signal 99492/110900 (executing program)
2022/09/13 14:33:53 fetching corpus: 537, signal 101930/114095 (executing program)
2022/09/13 14:33:53 fetching corpus: 587, signal 104273/117191 (executing program)
2022/09/13 14:33:53 fetching corpus: 637, signal 108240/121637 (executing program)
2022/09/13 14:33:53 fetching corpus: 687, signal 110855/124817 (executing program)
2022/09/13 14:33:54 fetching corpus: 737, signal 113715/128169 (executing program)
2022/09/13 14:33:54 fetching corpus: 787, signal 117097/131928 (executing program)
2022/09/13 14:33:54 fetching corpus: 837, signal 119005/134363 (executing program)
2022/09/13 14:33:54 fetching corpus: 887, signal 121556/137344 (executing program)
2022/09/13 14:33:54 fetching corpus: 937, signal 123714/139915 (executing program)
2022/09/13 14:33:54 fetching corpus: 987, signal 124848/141642 (executing program)
2022/09/13 14:33:55 fetching corpus: 1037, signal 127465/144577 (executing program)
2022/09/13 14:33:55 fetching corpus: 1087, signal 128982/146549 (executing program)
2022/09/13 14:33:55 fetching corpus: 1137, signal 131680/149420 (executing program)
2022/09/13 14:33:55 fetching corpus: 1187, signal 133441/151492 (executing program)
2022/09/13 14:33:55 fetching corpus: 1237, signal 136788/154691 (executing program)
2022/09/13 14:33:55 fetching corpus: 1287, signal 139106/157130 (executing program)
2022/09/13 14:33:55 fetching corpus: 1337, signal 140781/159090 (executing program)
2022/09/13 14:33:56 fetching corpus: 1387, signal 142160/160755 (executing program)
2022/09/13 14:33:56 fetching corpus: 1437, signal 143701/162528 (executing program)
2022/09/13 14:33:56 fetching corpus: 1487, signal 145277/164258 (executing program)
2022/09/13 14:33:56 fetching corpus: 1537, signal 146736/165858 (executing program)
2022/09/13 14:33:56 fetching corpus: 1587, signal 148077/167356 (executing program)
2022/09/13 14:33:56 fetching corpus: 1637, signal 149204/168723 (executing program)
2022/09/13 14:33:56 fetching corpus: 1687, signal 150872/170410 (executing program)
2022/09/13 14:33:56 fetching corpus: 1737, signal 152380/171960 (executing program)
2022/09/13 14:33:56 fetching corpus: 1787, signal 153777/173416 (executing program)
2022/09/13 14:33:57 fetching corpus: 1837, signal 155569/175101 (executing program)
2022/09/13 14:33:57 fetching corpus: 1887, signal 156931/176425 (executing program)
2022/09/13 14:33:57 fetching corpus: 1937, signal 158627/177992 (executing program)
2022/09/13 14:33:57 fetching corpus: 1987, signal 160762/179815 (executing program)
2022/09/13 14:33:57 fetching corpus: 2037, signal 161349/180680 (executing program)
2022/09/13 14:33:57 fetching corpus: 2087, signal 163013/182143 (executing program)
2022/09/13 14:33:57 fetching corpus: 2137, signal 163994/183246 (executing program)
2022/09/13 14:33:58 fetching corpus: 2187, signal 164935/184247 (executing program)
2022/09/13 14:33:58 fetching corpus: 2237, signal 165768/185133 (executing program)
2022/09/13 14:33:58 fetching corpus: 2287, signal 167111/186274 (executing program)
2022/09/13 14:33:58 fetching corpus: 2337, signal 168680/187558 (executing program)
2022/09/13 14:33:58 fetching corpus: 2387, signal 170101/188703 (executing program)
2022/09/13 14:33:58 fetching corpus: 2437, signal 171261/189743 (executing program)
2022/09/13 14:33:58 fetching corpus: 2487, signal 172156/190608 (executing program)
2022/09/13 14:33:59 fetching corpus: 2537, signal 173728/191760 (executing program)
2022/09/13 14:33:59 fetching corpus: 2587, signal 174757/192683 (executing program)
2022/09/13 14:33:59 fetching corpus: 2637, signal 176403/193875 (executing program)
2022/09/13 14:33:59 fetching corpus: 2687, signal 177351/194641 (executing program)
2022/09/13 14:33:59 fetching corpus: 2737, signal 178740/195616 (executing program)
2022/09/13 14:33:59 fetching corpus: 2787, signal 180271/196632 (executing program)
2022/09/13 14:34:00 fetching corpus: 2837, signal 181374/197404 (executing program)
2022/09/13 14:34:00 fetching corpus: 2887, signal 182207/198076 (executing program)
2022/09/13 14:34:00 fetching corpus: 2937, signal 183385/198809 (executing program)
2022/09/13 14:34:00 fetching corpus: 2987, signal 184302/199448 (executing program)
2022/09/13 14:34:00 fetching corpus: 3037, signal 185872/200306 (executing program)
2022/09/13 14:34:00 fetching corpus: 3087, signal 186870/200898 (executing program)
2022/09/13 14:34:00 fetching corpus: 3137, signal 187438/201345 (executing program)
2022/09/13 14:34:01 fetching corpus: 3187, signal 188141/201873 (executing program)
2022/09/13 14:34:01 fetching corpus: 3237, signal 188911/202375 (executing program)
2022/09/13 14:34:01 fetching corpus: 3287, signal 189678/202890 (executing program)
2022/09/13 14:34:01 fetching corpus: 3337, signal 190330/203311 (executing program)
2022/09/13 14:34:01 fetching corpus: 3387, signal 191375/203829 (executing program)
2022/09/13 14:34:01 fetching corpus: 3437, signal 192184/204312 (executing program)
2022/09/13 14:34:01 fetching corpus: 3487, signal 192991/204735 (executing program)
2022/09/13 14:34:02 fetching corpus: 3537, signal 193612/205121 (executing program)
2022/09/13 14:34:02 fetching corpus: 3587, signal 194747/205623 (executing program)
2022/09/13 14:34:02 fetching corpus: 3637, signal 195751/206049 (executing program)
2022/09/13 14:34:02 fetching corpus: 3687, signal 196786/206531 (executing program)
2022/09/13 14:34:02 fetching corpus: 3737, signal 197596/206950 (executing program)
2022/09/13 14:34:02 fetching corpus: 3787, signal 198238/207245 (executing program)
2022/09/13 14:34:03 fetching corpus: 3837, signal 198965/207595 (executing program)
2022/09/13 14:34:03 fetching corpus: 3887, signal 199580/207838 (executing program)
2022/09/13 14:34:03 fetching corpus: 3937, signal 200262/208092 (executing program)
2022/09/13 14:34:03 fetching corpus: 3987, signal 201005/208346 (executing program)
2022/09/13 14:34:03 fetching corpus: 4037, signal 201860/208622 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/208793 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/208874 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/208956 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209047 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209113 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209195 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209268 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209360 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209443 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209523 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209593 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209662 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209731 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209813 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209899 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/209974 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/210049 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/210122 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/210194 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/210270 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/210285 (executing program)
2022/09/13 14:34:03 fetching corpus: 4056, signal 202391/210285 (executing program)
2022/09/13 14:34:06 starting 8 fuzzer processes
14:34:06 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='fdinfo/3\x00')
read$hiddev(r0, &(0x7f0000000200)=""/114, 0x72)

14:34:06 executing program 1:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8943, &(0x7f0000001300)={'wlan0\x00'})

14:34:06 executing program 2:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000440), 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000480)={0x0, @time})

[   70.245798] audit: type=1400 audit(1663079646.328:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
14:34:06 executing program 3:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000270008000f801", 0x17}], 0x0, &(0x7f00000006c0)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x7fffffff)

14:34:06 executing program 4:
syz_genetlink_get_family_id$tipc2(&(0x7f0000000600), 0xffffffffffffffff)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000a80))

14:34:06 executing program 5:
r0 = semget$private(0x0, 0x4, 0x0)
semctl$GETVAL(r0, 0x0, 0xc, 0x0)

14:34:06 executing program 7:
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000340), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000780)={0x14}, 0x14}}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_START_REQ(r1, &(0x7f0000000a40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x14}, 0x14}}, 0x0)

14:34:06 executing program 6:
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$sock_int(r0, 0x1, 0x3e, 0x0, &(0x7f00000000c0))

[   71.475811] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   71.482043] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   71.484108] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   71.487398] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   71.489161] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   71.490704] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   71.502680] Bluetooth: hci0: HCI_REQ-0x0c1a
[   71.512099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   71.522401] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   71.526161] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   71.545863] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   71.552470] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   71.554449] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   71.567574] Bluetooth: hci1: HCI_REQ-0x0c1a
[   71.597897] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   71.599835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   71.606106] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   71.607414] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   71.609031] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   71.611368] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   71.612737] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   71.613926] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   71.615035] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   71.616251] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   71.617415] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   71.618834] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   71.624322] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   71.625470] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   71.626495] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   71.635159] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   71.636787] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   71.641885] Bluetooth: hci7: HCI_REQ-0x0c1a
[   71.643343] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   71.650917] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   71.652460] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   71.653858] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   71.668479] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   71.670211] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   71.671358] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   71.682476] Bluetooth: hci2: HCI_REQ-0x0c1a
[   71.683903] Bluetooth: hci3: HCI_REQ-0x0c1a
[   71.684659] Bluetooth: hci6: HCI_REQ-0x0c1a
[   71.700464] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   71.712830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   71.725870] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   71.727271] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   71.728551] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   71.731681] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   71.739749] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   71.741302] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   71.743894] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   71.745111] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   71.747100] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   71.767149] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   71.770038] Bluetooth: hci5: HCI_REQ-0x0c1a
[   71.783464] Bluetooth: hci4: HCI_REQ-0x0c1a
[   73.554055] Bluetooth: hci0: command 0x0409 tx timeout
[   73.618693] Bluetooth: hci1: command 0x0409 tx timeout
[   73.681640] Bluetooth: hci7: command 0x0409 tx timeout
[   73.747196] Bluetooth: hci2: command 0x0409 tx timeout
[   73.747819] Bluetooth: hci6: command 0x0409 tx timeout
[   73.748363] Bluetooth: hci3: command 0x0409 tx timeout
[   73.809640] Bluetooth: hci4: command 0x0409 tx timeout
[   73.810636] Bluetooth: hci5: command 0x0409 tx timeout
[   75.601679] Bluetooth: hci0: command 0x041b tx timeout
[   75.665918] Bluetooth: hci1: command 0x041b tx timeout
[   75.729622] Bluetooth: hci7: command 0x041b tx timeout
[   75.793704] Bluetooth: hci3: command 0x041b tx timeout
[   75.794200] Bluetooth: hci6: command 0x041b tx timeout
[   75.794959] Bluetooth: hci2: command 0x041b tx timeout
[   75.857642] Bluetooth: hci5: command 0x041b tx timeout
[   75.858105] Bluetooth: hci4: command 0x041b tx timeout
[   77.649687] Bluetooth: hci0: command 0x040f tx timeout
[   77.714166] Bluetooth: hci1: command 0x040f tx timeout
[   77.777679] Bluetooth: hci7: command 0x040f tx timeout
[   77.841718] Bluetooth: hci2: command 0x040f tx timeout
[   77.842565] Bluetooth: hci6: command 0x040f tx timeout
[   77.844075] Bluetooth: hci3: command 0x040f tx timeout
[   77.905713] Bluetooth: hci4: command 0x040f tx timeout
[   77.906257] Bluetooth: hci5: command 0x040f tx timeout
[   79.697657] Bluetooth: hci0: command 0x0419 tx timeout
[   79.761649] Bluetooth: hci1: command 0x0419 tx timeout
[   79.825639] Bluetooth: hci7: command 0x0419 tx timeout
[   79.889665] Bluetooth: hci3: command 0x0419 tx timeout
[   79.890147] Bluetooth: hci6: command 0x0419 tx timeout
[   79.890568] Bluetooth: hci2: command 0x0419 tx timeout
[   79.953713] Bluetooth: hci5: command 0x0419 tx timeout
[   79.954204] Bluetooth: hci4: command 0x0419 tx timeout
[  129.672779] loop3: detected capacity change from 0 to 264192
[  129.701532] audit: type=1400 audit(1663079705.784:7): avc:  denied  { open } for  pid=3842 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  129.703534] audit: type=1400 audit(1663079705.784:8): avc:  denied  { kernel } for  pid=3842 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  129.713597] ------------[ cut here ]------------
[  129.713617] 
[  129.713620] ======================================================
[  129.713624] WARNING: possible circular locking dependency detected
[  129.713628] 6.0.0-rc5-next-20220913 #1 Not tainted
[  129.713634] ------------------------------------------------------
[  129.713638] syz-executor.3/3844 is trying to acquire lock:
[  129.713644] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  129.713680] 
[  129.713680] but task is already holding lock:
[  129.713683] ffff888008e1ac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  129.713711] 
[  129.713711] which lock already depends on the new lock.
[  129.713711] 
[  129.713714] 
[  129.713714] the existing dependency chain (in reverse order) is:
[  129.713717] 
[  129.713717] -> #3 (&ctx->lock){....}-{2:2}:
[  129.713731]        _raw_spin_lock+0x2a/0x40
[  129.713748]        __perf_event_task_sched_out+0x53b/0x18d0
[  129.713761]        __schedule+0xedd/0x2470
[  129.713771]        schedule+0xda/0x1b0
[  129.713780]        exit_to_user_mode_prepare+0x114/0x1a0
[  129.713801]        syscall_exit_to_user_mode+0x19/0x40
[  129.713819]        do_syscall_64+0x48/0x90
[  129.713833]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  129.713850] 
[  129.713850] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  129.713864]        _raw_spin_lock_nested+0x30/0x40
[  129.713878]        raw_spin_rq_lock_nested+0x1e/0x30
[  129.713892]        task_fork_fair+0x63/0x4d0
[  129.713909]        sched_cgroup_fork+0x3d0/0x540
[  129.713923]        copy_process+0x3f9e/0x6df0
[  129.713933]        kernel_clone+0xe7/0x890
[  129.713943]        user_mode_thread+0xad/0xf0
[  129.713953]        rest_init+0x24/0x250
[  129.713969]        arch_call_rest_init+0xf/0x14
[  129.713989]        start_kernel+0x4c1/0x4e6
[  129.714006]        secondary_startup_64_no_verify+0xe0/0xeb
[  129.714020] 
[  129.714020] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  129.714034]        _raw_spin_lock_irqsave+0x39/0x60
[  129.714049]        try_to_wake_up+0xab/0x1920
[  129.714062]        up+0x75/0xb0
[  129.714074]        __up_console_sem+0x6e/0x80
[  129.714090]        console_unlock+0x46a/0x590
[  129.714106]        do_con_write+0xc05/0x1d50
[  129.714117]        con_write+0x21/0x40
[  129.714126]        n_tty_write+0x4d4/0xfe0
[  129.714139]        file_tty_write.constprop.0+0x49c/0x8f0
[  129.714151]        vfs_write+0x9c3/0xd90
[  129.714170]        ksys_write+0x127/0x250
[  129.714187]        do_syscall_64+0x3b/0x90
[  129.714200]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  129.714217] 
[  129.714217] -> #0 ((console_sem).lock){....}-{2:2}:
[  129.714230]        __lock_acquire+0x2a02/0x5e70
[  129.714247]        lock_acquire+0x1a2/0x530
[  129.714263]        _raw_spin_lock_irqsave+0x39/0x60
[  129.714278]        down_trylock+0xe/0x70
[  129.714290]        __down_trylock_console_sem+0x3b/0xd0
[  129.714306]        vprintk_emit+0x16b/0x560
[  129.714323]        vprintk+0x84/0xa0
[  129.714340]        _printk+0xba/0xf1
[  129.714358]        report_bug.cold+0x72/0xab
[  129.714370]        handle_bug+0x3c/0x70
[  129.714383]        exc_invalid_op+0x14/0x50
[  129.714396]        asm_exc_invalid_op+0x16/0x20
[  129.714412]        group_sched_out.part.0+0x2c7/0x460
[  129.714423]        ctx_sched_out+0x8f1/0xc10
[  129.714432]        __perf_event_task_sched_out+0x6d0/0x18d0
[  129.714444]        __schedule+0xedd/0x2470
[  129.714454]        schedule+0xda/0x1b0
[  129.714463]        exit_to_user_mode_prepare+0x114/0x1a0
[  129.714482]        syscall_exit_to_user_mode+0x19/0x40
[  129.714499]        do_syscall_64+0x48/0x90
[  129.714512]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  129.714529] 
[  129.714529] other info that might help us debug this:
[  129.714529] 
[  129.714532] Chain exists of:
[  129.714532]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  129.714532] 
[  129.714547]  Possible unsafe locking scenario:
[  129.714547] 
[  129.714549]        CPU0                    CPU1
[  129.714551]        ----                    ----
[  129.714554]   lock(&ctx->lock);
[  129.714559]                                lock(&rq->__lock);
[  129.714566]                                lock(&ctx->lock);
[  129.714572]   lock((console_sem).lock);
[  129.714578] 
[  129.714578]  *** DEADLOCK ***
[  129.714578] 
[  129.714580] 2 locks held by syz-executor.3/3844:
[  129.714587]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  129.714612]  #1: ffff888008e1ac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  129.714639] 
[  129.714639] stack backtrace:
[  129.714642] CPU: 0 PID: 3844 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220913 #1
[  129.714655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  129.714663] Call Trace:
[  129.714666]  <TASK>
[  129.714670]  dump_stack_lvl+0x8b/0xb3
[  129.714685]  check_noncircular+0x263/0x2e0
[  129.714701]  ? format_decode+0x26c/0xb50
[  129.714717]  ? print_circular_bug+0x450/0x450
[  129.714734]  ? enable_ptr_key_workfn+0x20/0x20
[  129.714748]  ? __lockdep_reset_lock+0x180/0x180
[  129.714765]  ? format_decode+0x26c/0xb50
[  129.714780]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  129.714798]  __lock_acquire+0x2a02/0x5e70
[  129.714820]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  129.714842]  lock_acquire+0x1a2/0x530
[  129.714859]  ? down_trylock+0xe/0x70
[  129.714874]  ? rcu_read_unlock+0x40/0x40
[  129.714891]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  129.714913]  ? vprintk+0x84/0xa0
[  129.714931]  _raw_spin_lock_irqsave+0x39/0x60
[  129.714946]  ? down_trylock+0xe/0x70
[  129.714960]  down_trylock+0xe/0x70
[  129.714973]  ? vprintk+0x84/0xa0
[  129.714991]  __down_trylock_console_sem+0x3b/0xd0
[  129.715008]  vprintk_emit+0x16b/0x560
[  129.715026]  ? lock_downgrade+0x6d0/0x6d0
[  129.715044]  vprintk+0x84/0xa0
[  129.715062]  _printk+0xba/0xf1
[  129.715080]  ? record_print_text.cold+0x16/0x16
[  129.715100]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  129.715114]  ? lock_downgrade+0x6d0/0x6d0
[  129.715132]  ? report_bug.cold+0x66/0xab
[  129.715146]  ? group_sched_out.part.0+0x2c7/0x460
[  129.715157]  report_bug.cold+0x72/0xab
[  129.715172]  handle_bug+0x3c/0x70
[  129.715186]  exc_invalid_op+0x14/0x50
[  129.715200]  asm_exc_invalid_op+0x16/0x20
[  129.715217] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  129.715230] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  129.715242] RSP: 0018:ffff88803ec9fc48 EFLAGS: 00010006
[  129.715251] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  129.715258] RDX: ffff88801863d040 RSI: ffffffff81566027 RDI: 0000000000000005
[  129.715266] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  129.715274] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888008e1ac00
[  129.715281] R13: ffff88806ce3d100 R14: ffffffff8547bfc0 R15: 0000000000000002
[  129.715292]  ? group_sched_out.part.0+0x2c7/0x460
[  129.715305]  ? group_sched_out.part.0+0x2c7/0x460
[  129.715318]  ctx_sched_out+0x8f1/0xc10
[  129.715330]  __perf_event_task_sched_out+0x6d0/0x18d0
[  129.715345]  ? lock_is_held_type+0xd7/0x130
[  129.715364]  ? __perf_cgroup_move+0x160/0x160
[  129.715376]  ? set_next_entity+0x304/0x550
[  129.715394]  ? update_curr+0x267/0x740
[  129.715412]  ? lock_is_held_type+0xd7/0x130
[  129.715431]  __schedule+0xedd/0x2470
[  129.715444]  ? io_schedule_timeout+0x150/0x150
[  129.715456]  ? __x64_sys_futex_time32+0x480/0x480
[  129.715470]  schedule+0xda/0x1b0
[  129.715481]  exit_to_user_mode_prepare+0x114/0x1a0
[  129.715502]  syscall_exit_to_user_mode+0x19/0x40
[  129.715520]  do_syscall_64+0x48/0x90
[  129.715535]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  129.715552] RIP: 0033:0x7f74ec9a4b19
[  129.715561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  129.715572] RSP: 002b:00007f74e9f1a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  129.715583] RAX: 0000000000000001 RBX: 00007f74ecab7f68 RCX: 00007f74ec9a4b19
[  129.715590] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f74ecab7f6c
[  129.715598] RBP: 00007f74ecab7f60 R08: 000000000000000e R09: 0000000000000000
[  129.715605] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f74ecab7f6c
[  129.715612] R13: 00007ffc33fed3ff R14: 00007f74e9f1a300 R15: 0000000000022000
[  129.715625]  </TASK>
[  129.769953] WARNING: CPU: 0 PID: 3844 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  129.770561] Modules linked in:
[  129.770781] CPU: 0 PID: 3844 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220913 #1
[  129.771311] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  129.772059] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  129.772424] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  129.773606] RSP: 0018:ffff88803ec9fc48 EFLAGS: 00010006
[  129.773961] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  129.774428] RDX: ffff88801863d040 RSI: ffffffff81566027 RDI: 0000000000000005
[  129.774899] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  129.775365] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888008e1ac00
[  129.775834] R13: ffff88806ce3d100 R14: ffffffff8547bfc0 R15: 0000000000000002
[  129.776310] FS:  00007f74e9f1a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  129.776839] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  129.777228] CR2: 000055e9aec28000 CR3: 00000000099f6000 CR4: 0000000000350ef0
[  129.777702] Call Trace:
[  129.777882]  <TASK>
[  129.778042]  ctx_sched_out+0x8f1/0xc10
[  129.778310]  __perf_event_task_sched_out+0x6d0/0x18d0
[  129.778669]  ? lock_is_held_type+0xd7/0x130
[  129.778966]  ? __perf_cgroup_move+0x160/0x160
[  129.779270]  ? set_next_entity+0x304/0x550
[  129.779560]  ? update_curr+0x267/0x740
[  129.779836]  ? lock_is_held_type+0xd7/0x130
[  129.780144]  __schedule+0xedd/0x2470
[  129.780402]  ? io_schedule_timeout+0x150/0x150
[  129.780717]  ? __x64_sys_futex_time32+0x480/0x480
[  129.781053]  schedule+0xda/0x1b0
[  129.781290]  exit_to_user_mode_prepare+0x114/0x1a0
[  129.781629]  syscall_exit_to_user_mode+0x19/0x40
[  129.781958]  do_syscall_64+0x48/0x90
[  129.782217]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  129.782569] RIP: 0033:0x7f74ec9a4b19
[  129.782821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  129.784018] RSP: 002b:00007f74e9f1a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  129.784520] RAX: 0000000000000001 RBX: 00007f74ecab7f68 RCX: 00007f74ec9a4b19
[  129.784987] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f74ecab7f6c
[  129.785454] RBP: 00007f74ecab7f60 R08: 000000000000000e R09: 0000000000000000
[  129.785921] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f74ecab7f6c
[  129.786386] R13: 00007ffc33fed3ff R14: 00007f74e9f1a300 R15: 0000000000022000
[  129.786861]  </TASK>
[  129.787024] irq event stamp: 2552
[  129.787255] hardirqs last  enabled at (2551): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  129.787885] hardirqs last disabled at (2552): [<ffffffff8424b1d5>] __schedule+0x1225/0x2470
[  129.788442] softirqs last  enabled at (2156): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  129.789014] softirqs last disabled at (2089): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  129.789585] ---[ end trace 0000000000000000 ]---
[  132.890524] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  132.891908] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  132.893927] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  132.895639] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  132.897325] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  132.898897] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  132.900014] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  132.901861] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  132.903078] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  132.904262] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  132.906019] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  132.908556] Bluetooth: hci5: HCI_REQ-0x0c1a
[  132.908751] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  132.913159] Bluetooth: hci2: HCI_REQ-0x0c1a
[  134.929677] Bluetooth: hci5: command 0x0409 tx timeout
[  134.930619] Bluetooth: hci2: command 0x0409 tx timeout
[  134.931121] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  136.977624] Bluetooth: hci2: command 0x041b tx timeout
[  136.978124] Bluetooth: hci5: command 0x041b tx timeout
[  139.025694] Bluetooth: hci5: command 0x040f tx timeout
[  139.026266] Bluetooth: hci2: command 0x040f tx timeout
[  139.154166] Bluetooth: hci1: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
14:35:06  Registers:
info registers vcpu 0
RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b25c1 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff88803ec9f698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000066 R11=0000000000000001
R12=0000000000000066 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b25b0
RIP=ffffffff822b2619 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f74e9f1a700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055e9aec28000 CR3=00000000099f6000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88803d46e000 RCX=ffffea00003cb600 RDX=ffffea0000250880
RSI=0000000000000008 RDI=ffffffff8177f7c1 RBP=0000000000000000 RSP=ffff88803ec3f8d0
R8 =ffff888009422360 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=dffffc0000000000 R13=ffff88803ec3f910 R14=ffff888007c4f780 R15=ffff888009422bd0
RIP=ffffffff817889e6 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f50d6e508e0 CR3=000000003d856000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 00362e6f732e6362 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000