
Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:63501' (ECDSA) to the list of known hosts.
2022/09/13 17:20:39 fuzzer started
2022/09/13 17:20:39 dialing manager at localhost:36597
syzkaller login: [   36.340250] cgroup: Unknown subsys name 'net'
[   36.467265] cgroup: Unknown subsys name 'rlimit'
2022/09/13 17:20:53 syscalls: 2215
2022/09/13 17:20:53 code coverage: enabled
2022/09/13 17:20:53 comparison tracing: enabled
2022/09/13 17:20:53 extra coverage: enabled
2022/09/13 17:20:53 setuid sandbox: enabled
2022/09/13 17:20:53 namespace sandbox: enabled
2022/09/13 17:20:53 Android sandbox: enabled
2022/09/13 17:20:53 fault injection: enabled
2022/09/13 17:20:53 leak checking: enabled
2022/09/13 17:20:53 net packet injection: enabled
2022/09/13 17:20:53 net device setup: enabled
2022/09/13 17:20:53 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/13 17:20:53 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/13 17:20:53 USB emulation: enabled
2022/09/13 17:20:53 hci packet injection: enabled
2022/09/13 17:20:53 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220913                                          )
2022/09/13 17:20:53 802.15.4 emulation: enabled
2022/09/13 17:20:53 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/13 17:20:53 fetching corpus: 31, signal 21721/25358 (executing program)
2022/09/13 17:20:53 fetching corpus: 81, signal 39415/44488 (executing program)
2022/09/13 17:20:54 fetching corpus: 131, signal 55776/62085 (executing program)
2022/09/13 17:20:54 fetching corpus: 181, signal 64731/72280 (executing program)
2022/09/13 17:20:54 fetching corpus: 231, signal 72680/81414 (executing program)
2022/09/13 17:20:54 fetching corpus: 280, signal 77404/87364 (executing program)
2022/09/13 17:20:54 fetching corpus: 330, signal 83124/94164 (executing program)
2022/09/13 17:20:54 fetching corpus: 380, signal 88583/100644 (executing program)
2022/09/13 17:20:55 fetching corpus: 430, signal 93330/106352 (executing program)
2022/09/13 17:20:55 fetching corpus: 480, signal 96838/110881 (executing program)
2022/09/13 17:20:55 fetching corpus: 530, signal 100512/115536 (executing program)
2022/09/13 17:20:55 fetching corpus: 580, signal 103092/119150 (executing program)
2022/09/13 17:20:55 fetching corpus: 630, signal 106055/123036 (executing program)
2022/09/13 17:20:55 fetching corpus: 680, signal 108971/126866 (executing program)
2022/09/13 17:20:55 fetching corpus: 730, signal 112188/130914 (executing program)
2022/09/13 17:20:56 fetching corpus: 780, signal 115504/134983 (executing program)
2022/09/13 17:20:56 fetching corpus: 830, signal 119527/139610 (executing program)
2022/09/13 17:20:56 fetching corpus: 880, signal 122648/143468 (executing program)
2022/09/13 17:20:56 fetching corpus: 930, signal 125649/147125 (executing program)
2022/09/13 17:20:56 fetching corpus: 980, signal 129351/151301 (executing program)
2022/09/13 17:20:56 fetching corpus: 1029, signal 131823/154404 (executing program)
2022/09/13 17:20:57 fetching corpus: 1079, signal 135034/158083 (executing program)
2022/09/13 17:20:57 fetching corpus: 1129, signal 136623/160397 (executing program)
2022/09/13 17:20:57 fetching corpus: 1179, signal 138464/162932 (executing program)
2022/09/13 17:20:57 fetching corpus: 1229, signal 140793/165801 (executing program)
2022/09/13 17:20:57 fetching corpus: 1279, signal 142139/167866 (executing program)
2022/09/13 17:20:57 fetching corpus: 1328, signal 144359/170591 (executing program)
2022/09/13 17:20:57 fetching corpus: 1378, signal 146390/173084 (executing program)
2022/09/13 17:20:57 fetching corpus: 1428, signal 148118/175398 (executing program)
2022/09/13 17:20:58 fetching corpus: 1478, signal 150711/178303 (executing program)
2022/09/13 17:20:58 fetching corpus: 1527, signal 151570/179796 (executing program)
2022/09/13 17:20:58 fetching corpus: 1577, signal 153086/181775 (executing program)
2022/09/13 17:20:58 fetching corpus: 1627, signal 154427/183688 (executing program)
2022/09/13 17:20:58 fetching corpus: 1677, signal 156078/185793 (executing program)
2022/09/13 17:20:58 fetching corpus: 1727, signal 157946/187999 (executing program)
2022/09/13 17:20:58 fetching corpus: 1777, signal 159409/189872 (executing program)
2022/09/13 17:20:58 fetching corpus: 1827, signal 161117/191982 (executing program)
2022/09/13 17:20:59 fetching corpus: 1877, signal 163302/194362 (executing program)
2022/09/13 17:20:59 fetching corpus: 1927, signal 165688/196843 (executing program)
2022/09/13 17:20:59 fetching corpus: 1977, signal 166907/198435 (executing program)
2022/09/13 17:20:59 fetching corpus: 2027, signal 168348/200202 (executing program)
2022/09/13 17:20:59 fetching corpus: 2077, signal 169723/201931 (executing program)
2022/09/13 17:20:59 fetching corpus: 2127, signal 171189/203632 (executing program)
2022/09/13 17:21:00 fetching corpus: 2177, signal 172333/205092 (executing program)
2022/09/13 17:21:00 fetching corpus: 2227, signal 173455/206556 (executing program)
2022/09/13 17:21:00 fetching corpus: 2277, signal 174312/207791 (executing program)
2022/09/13 17:21:00 fetching corpus: 2327, signal 175272/209122 (executing program)
2022/09/13 17:21:00 fetching corpus: 2377, signal 176275/210519 (executing program)
2022/09/13 17:21:00 fetching corpus: 2427, signal 177095/211776 (executing program)
2022/09/13 17:21:00 fetching corpus: 2477, signal 178344/213210 (executing program)
2022/09/13 17:21:00 fetching corpus: 2526, signal 179257/214506 (executing program)
2022/09/13 17:21:01 fetching corpus: 2576, signal 180330/215823 (executing program)
2022/09/13 17:21:01 fetching corpus: 2626, signal 181507/217233 (executing program)
2022/09/13 17:21:01 fetching corpus: 2676, signal 183140/218869 (executing program)
2022/09/13 17:21:01 fetching corpus: 2726, signal 184352/220239 (executing program)
2022/09/13 17:21:01 fetching corpus: 2776, signal 185416/221493 (executing program)
2022/09/13 17:21:01 fetching corpus: 2826, signal 186413/222716 (executing program)
2022/09/13 17:21:02 fetching corpus: 2876, signal 187856/224141 (executing program)
2022/09/13 17:21:02 fetching corpus: 2926, signal 189341/225534 (executing program)
2022/09/13 17:21:02 fetching corpus: 2976, signal 190379/226700 (executing program)
2022/09/13 17:21:02 fetching corpus: 3026, signal 192228/228259 (executing program)
2022/09/13 17:21:02 fetching corpus: 3076, signal 193764/229671 (executing program)
2022/09/13 17:21:02 fetching corpus: 3126, signal 194578/230705 (executing program)
2022/09/13 17:21:02 fetching corpus: 3176, signal 195294/231655 (executing program)
2022/09/13 17:21:03 fetching corpus: 3225, signal 196651/232917 (executing program)
2022/09/13 17:21:03 fetching corpus: 3275, signal 197635/233959 (executing program)
2022/09/13 17:21:03 fetching corpus: 3325, signal 198579/234968 (executing program)
2022/09/13 17:21:03 fetching corpus: 3374, signal 199595/235988 (executing program)
2022/09/13 17:21:03 fetching corpus: 3424, signal 200785/237067 (executing program)
2022/09/13 17:21:03 fetching corpus: 3474, signal 202043/238110 (executing program)
2022/09/13 17:21:04 fetching corpus: 3524, signal 203503/239349 (executing program)
2022/09/13 17:21:04 fetching corpus: 3574, signal 204175/240156 (executing program)
2022/09/13 17:21:04 fetching corpus: 3624, signal 204949/240971 (executing program)
2022/09/13 17:21:04 fetching corpus: 3674, signal 205755/241798 (executing program)
2022/09/13 17:21:04 fetching corpus: 3724, signal 206443/242580 (executing program)
2022/09/13 17:21:04 fetching corpus: 3774, signal 207271/243472 (executing program)
2022/09/13 17:21:04 fetching corpus: 3824, signal 207917/244233 (executing program)
2022/09/13 17:21:05 fetching corpus: 3874, signal 209399/245280 (executing program)
2022/09/13 17:21:05 fetching corpus: 3923, signal 210234/246038 (executing program)
2022/09/13 17:21:05 fetching corpus: 3973, signal 210805/246730 (executing program)
2022/09/13 17:21:05 fetching corpus: 4023, signal 211853/247569 (executing program)
2022/09/13 17:21:05 fetching corpus: 4073, signal 212438/248301 (executing program)
2022/09/13 17:21:05 fetching corpus: 4123, signal 213270/249001 (executing program)
2022/09/13 17:21:05 fetching corpus: 4173, signal 214169/249785 (executing program)
2022/09/13 17:21:06 fetching corpus: 4223, signal 214882/250430 (executing program)
2022/09/13 17:21:06 fetching corpus: 4273, signal 215790/251226 (executing program)
2022/09/13 17:21:06 fetching corpus: 4323, signal 216540/251915 (executing program)
2022/09/13 17:21:06 fetching corpus: 4373, signal 217127/252510 (executing program)
2022/09/13 17:21:06 fetching corpus: 4423, signal 217745/253167 (executing program)
2022/09/13 17:21:06 fetching corpus: 4473, signal 218541/253827 (executing program)
2022/09/13 17:21:06 fetching corpus: 4523, signal 219539/254529 (executing program)
2022/09/13 17:21:06 fetching corpus: 4572, signal 220152/255068 (executing program)
2022/09/13 17:21:07 fetching corpus: 4622, signal 220758/255628 (executing program)
2022/09/13 17:21:07 fetching corpus: 4671, signal 221303/256143 (executing program)
2022/09/13 17:21:07 fetching corpus: 4721, signal 222005/256693 (executing program)
2022/09/13 17:21:07 fetching corpus: 4771, signal 222482/257187 (executing program)
2022/09/13 17:21:07 fetching corpus: 4821, signal 223017/257694 (executing program)
2022/09/13 17:21:07 fetching corpus: 4871, signal 224106/258344 (executing program)
2022/09/13 17:21:07 fetching corpus: 4921, signal 224656/258866 (executing program)
2022/09/13 17:21:07 fetching corpus: 4971, signal 225031/259272 (executing program)
2022/09/13 17:21:08 fetching corpus: 5021, signal 225782/259817 (executing program)
2022/09/13 17:21:08 fetching corpus: 5071, signal 226599/260322 (executing program)
2022/09/13 17:21:08 fetching corpus: 5121, signal 227174/260837 (executing program)
2022/09/13 17:21:08 fetching corpus: 5171, signal 227838/261368 (executing program)
2022/09/13 17:21:08 fetching corpus: 5221, signal 228551/261820 (executing program)
2022/09/13 17:21:08 fetching corpus: 5271, signal 229458/262318 (executing program)
2022/09/13 17:21:09 fetching corpus: 5320, signal 230621/262848 (executing program)
2022/09/13 17:21:09 fetching corpus: 5370, signal 231330/263281 (executing program)
2022/09/13 17:21:09 fetching corpus: 5420, signal 231857/263710 (executing program)
2022/09/13 17:21:09 fetching corpus: 5470, signal 232748/264175 (executing program)
2022/09/13 17:21:09 fetching corpus: 5520, signal 233253/264544 (executing program)
2022/09/13 17:21:09 fetching corpus: 5570, signal 233940/264972 (executing program)
2022/09/13 17:21:09 fetching corpus: 5620, signal 234626/265355 (executing program)
2022/09/13 17:21:10 fetching corpus: 5670, signal 235343/265766 (executing program)
2022/09/13 17:21:10 fetching corpus: 5720, signal 235857/266085 (executing program)
2022/09/13 17:21:10 fetching corpus: 5770, signal 236930/266468 (executing program)
2022/09/13 17:21:10 fetching corpus: 5820, signal 237428/266799 (executing program)
2022/09/13 17:21:10 fetching corpus: 5870, signal 237977/267109 (executing program)
2022/09/13 17:21:10 fetching corpus: 5920, signal 238634/267424 (executing program)
2022/09/13 17:21:11 fetching corpus: 5970, signal 239204/267783 (executing program)
2022/09/13 17:21:11 fetching corpus: 6020, signal 239823/268051 (executing program)
2022/09/13 17:21:11 fetching corpus: 6070, signal 240573/268309 (executing program)
2022/09/13 17:21:11 fetching corpus: 6120, signal 241110/268553 (executing program)
2022/09/13 17:21:11 fetching corpus: 6170, signal 241760/268829 (executing program)
2022/09/13 17:21:11 fetching corpus: 6220, signal 242432/269143 (executing program)
2022/09/13 17:21:11 fetching corpus: 6270, signal 243119/269393 (executing program)
2022/09/13 17:21:11 fetching corpus: 6320, signal 243492/269669 (executing program)
2022/09/13 17:21:12 fetching corpus: 6370, signal 243977/269889 (executing program)
2022/09/13 17:21:12 fetching corpus: 6420, signal 244555/270112 (executing program)
2022/09/13 17:21:12 fetching corpus: 6470, signal 245065/270323 (executing program)
2022/09/13 17:21:12 fetching corpus: 6520, signal 245585/270521 (executing program)
2022/09/13 17:21:12 fetching corpus: 6570, signal 246176/270543 (executing program)
2022/09/13 17:21:12 fetching corpus: 6619, signal 246978/270545 (executing program)
2022/09/13 17:21:13 fetching corpus: 6669, signal 247640/270551 (executing program)
2022/09/13 17:21:13 fetching corpus: 6719, signal 248168/270564 (executing program)
2022/09/13 17:21:13 fetching corpus: 6769, signal 248660/270570 (executing program)
2022/09/13 17:21:13 fetching corpus: 6818, signal 249687/270571 (executing program)
2022/09/13 17:21:13 fetching corpus: 6868, signal 250339/270589 (executing program)
2022/09/13 17:21:13 fetching corpus: 6918, signal 250758/270601 (executing program)
2022/09/13 17:21:13 fetching corpus: 6967, signal 251626/270627 (executing program)
2022/09/13 17:21:13 fetching corpus: 7017, signal 252132/270637 (executing program)
2022/09/13 17:21:14 fetching corpus: 7067, signal 252900/270726 (executing program)
2022/09/13 17:21:14 fetching corpus: 7117, signal 253339/270726 (executing program)
2022/09/13 17:21:14 fetching corpus: 7167, signal 253848/270733 (executing program)
2022/09/13 17:21:14 fetching corpus: 7217, signal 254537/270742 (executing program)
2022/09/13 17:21:14 fetching corpus: 7267, signal 255390/270742 (executing program)
2022/09/13 17:21:14 fetching corpus: 7317, signal 255833/270743 (executing program)
2022/09/13 17:21:15 fetching corpus: 7367, signal 256512/270744 (executing program)
2022/09/13 17:21:15 fetching corpus: 7417, signal 256936/270773 (executing program)
2022/09/13 17:21:15 fetching corpus: 7467, signal 257358/270777 (executing program)
2022/09/13 17:21:15 fetching corpus: 7517, signal 257923/270805 (executing program)
2022/09/13 17:21:15 fetching corpus: 7567, signal 258341/270811 (executing program)
2022/09/13 17:21:15 fetching corpus: 7617, signal 258751/270824 (executing program)
2022/09/13 17:21:15 fetching corpus: 7667, signal 259036/270848 (executing program)
2022/09/13 17:21:16 fetching corpus: 7717, signal 259365/270857 (executing program)
2022/09/13 17:21:16 fetching corpus: 7767, signal 259837/270867 (executing program)
2022/09/13 17:21:16 fetching corpus: 7815, signal 260227/270873 (executing program)
2022/09/13 17:21:16 fetching corpus: 7865, signal 260940/270891 (executing program)
2022/09/13 17:21:16 fetching corpus: 7915, signal 261334/270945 (executing program)
2022/09/13 17:21:16 fetching corpus: 7944, signal 261608/270949 (executing program)
2022/09/13 17:21:16 fetching corpus: 7944, signal 261608/270974 (executing program)
2022/09/13 17:21:16 fetching corpus: 7944, signal 261608/270974 (executing program)
2022/09/13 17:21:18 starting 8 fuzzer processes
17:21:18 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)

17:21:18 executing program 7:
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000000100)=[{&(0x7f0000002240)=""/4109, 0x100d}, {&(0x7f0000000000)=""/12, 0xc}], 0x2, 0x7, 0xfbd1)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x41)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'})
perf_event_open$cgroup(&(0x7f0000000340)={0x3, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
write$sndseq(r1, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0xfffffdcd)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=[{&(0x7f00000003c0)=""/183, 0xb7}, {&(0x7f0000000480)=""/113, 0x71}], 0x2)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGMTSLOTS(r2, 0x8040450a, &(0x7f0000007b00))
r3 = memfd_secret(0x80000)
io_cancel(0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x8, 0x801, r2, &(0x7f0000000500)="5875e26ebd5e30fc1f39806f60a6529780a2ddb5b3ad6583e351ddf16ffea57b3d6744f86300000000", 0x29, 0xa2, 0x0, 0x6, r3}, &(0x7f0000000540))
getdents64(0xffffffffffffffff, &(0x7f00000017c0)=""/200, 0xc8)
ioctl$EXT4_IOC_MIGRATE(r3, 0x6609)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)

17:21:18 executing program 2:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, r0, 0x0)

17:21:18 executing program 3:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)

17:21:18 executing program 0:
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB])
r1 = gettid()
setpgid(0x0, r1)
perf_event_open(&(0x7f0000001240)={0x4, 0x80, 0x8c, 0x0, 0x3f, 0xfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x66b}, 0x52140, 0xfffffffffffffffd, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2000000}, r1, 0x0, r0, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r2, &(0x7f00000011c0)="25f603b7fa9fa3548414f40992c1cf45f19705c7eee437fda4265b7eb2e7bb1ca4ec9b16e7d8334d052aeb04b0d5037a01019288274bf0cb88e4b0d450527f3e3100845f824bd7c768b941db8d3d5f400ea29894fe6bc6553b229e9e616dbeb1b077c3ff25d19fa7ce2453d6417761", 0x6f)
r3 = getpgid(0xffffffffffffffff)
perf_event_open(&(0x7f00000012c0)={0x5, 0x80, 0x40, 0x9b, 0x4, 0x9, 0x0, 0x2, 0x40441, 0x6, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1000, 0x2, @perf_config_ext={0x1c00000000000000, 0x8470000000000000}, 0x2, 0x400, 0x4, 0x7, 0xff, 0x2, 0x3, 0x0, 0xf3b6, 0x0, 0x8}, r3, 0x3, 0xffffffffffffffff, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITE_FIXED, 0x0)
syz_io_uring_complete(0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
fcntl$dupfd(r2, 0x0, r4)
perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write(r4, &(0x7f0000000080)="01", 0x41030)

17:21:18 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4}]}]}, 0x24}}, 0x0)

17:21:18 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
truncate(&(0x7f0000000280)='./file1\x00', 0x5)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x4f)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x800007, 0x7})

17:21:18 executing program 6:
r0 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x30, 0x0, &(0x7f0000000080)=0x1b00)

[   75.845480] audit: type=1400 audit(1663089679.019:6): avc:  denied  { execmem } for  pid=282 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[   77.030176] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   77.031353] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   77.033621] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   77.041995] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.044307] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   77.045160] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.051073] Bluetooth: hci0: HCI_REQ-0x0c1a
[   77.085582] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   77.087270] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   77.088588] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   77.090472] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   77.092858] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   77.094287] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   77.095518] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   77.096933] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.098573] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   77.101526] Bluetooth: hci2: HCI_REQ-0x0c1a
[   77.103698] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   77.105334] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   77.106639] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   77.132638] Bluetooth: hci3: HCI_REQ-0x0c1a
[   77.151450] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   77.157273] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   77.158518] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   77.160633] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   77.162366] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   77.164199] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   77.165658] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   77.167106] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   77.169320] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   77.170588] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   77.180902] Bluetooth: hci7: HCI_REQ-0x0c1a
[   77.203079] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   77.203707] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   77.205149] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   77.210960] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   77.214385] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   77.216295] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   77.217158] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   77.218997] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   77.222061] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   77.224981] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   77.229521] Bluetooth: hci4: HCI_REQ-0x0c1a
[   77.230264] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   77.233440] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   77.239061] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   77.239978] Bluetooth: hci5: HCI_REQ-0x0c1a
[   77.256908] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   77.265589] Bluetooth: hci6: HCI_REQ-0x0c1a
[   79.115340] Bluetooth: hci2: command 0x0409 tx timeout
[   79.115361] Bluetooth: hci1: Opcode 0x c03 failed: -110
[   79.117800] Bluetooth: hci0: command 0x0409 tx timeout
[   79.178778] Bluetooth: hci3: command 0x0409 tx timeout
[   79.242889] Bluetooth: hci4: command 0x0409 tx timeout
[   79.243641] Bluetooth: hci7: command 0x0409 tx timeout
[   79.306818] Bluetooth: hci5: command 0x0409 tx timeout
[   79.306870] Bluetooth: hci6: command 0x0409 tx timeout
[   81.162768] Bluetooth: hci0: command 0x041b tx timeout
[   81.162820] Bluetooth: hci2: command 0x041b tx timeout
[   81.226863] Bluetooth: hci3: command 0x041b tx timeout
[   81.290803] Bluetooth: hci7: command 0x041b tx timeout
[   81.291242] Bluetooth: hci4: command 0x041b tx timeout
[   81.354901] Bluetooth: hci6: command 0x041b tx timeout
[   81.355430] Bluetooth: hci5: command 0x041b tx timeout
[   82.370537] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   82.373357] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   82.375416] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   82.383549] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   82.388659] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   82.390406] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   82.403872] Bluetooth: hci1: HCI_REQ-0x0c1a
[   83.210912] Bluetooth: hci2: command 0x040f tx timeout
[   83.212534] Bluetooth: hci0: command 0x040f tx timeout
[   83.275128] Bluetooth: hci3: command 0x040f tx timeout
[   83.338899] Bluetooth: hci4: command 0x040f tx timeout
[   83.340890] Bluetooth: hci7: command 0x040f tx timeout
[   83.402834] Bluetooth: hci5: command 0x040f tx timeout
[   83.403609] Bluetooth: hci6: command 0x040f tx timeout
[   84.426820] Bluetooth: hci1: command 0x0409 tx timeout
[   85.259274] Bluetooth: hci0: command 0x0419 tx timeout
[   85.260100] Bluetooth: hci2: command 0x0419 tx timeout
[   85.322839] Bluetooth: hci3: command 0x0419 tx timeout
[   85.386814] Bluetooth: hci7: command 0x0419 tx timeout
[   85.387243] Bluetooth: hci4: command 0x0419 tx timeout
[   85.450846] Bluetooth: hci6: command 0x0419 tx timeout
[   85.451279] Bluetooth: hci5: command 0x0419 tx timeout
[   86.475047] Bluetooth: hci1: command 0x041b tx timeout
[   88.522776] Bluetooth: hci1: command 0x040f tx timeout
[   90.570767] Bluetooth: hci1: command 0x0419 tx timeout
17:22:15 executing program 6:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000400)={'ip6_vti0\x00', &(0x7f0000000380)={'ip6gre0\x00', <r1=>0x0, 0x29, 0x4, 0x6, 0x1, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x80, 0x20, 0x1000, 0xffffffff}})
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000440)={@dev={0xfe, 0x80, '\x00', 0x33}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x10001, 0x5, 0x200, 0x0, 0x9e, 0x1000000, r1})
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@remote, @ipv4={'\x00', '\xff\xff', @empty}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x6395, 0x0, 0x0, 0x0, 0x5000004})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, @in_args={0x4}}, './file0\x00'})
ioctl$sock_inet6_SIOCDELRT(r2, 0x890c, &(0x7f0000000140)={@mcast1, @mcast1, @remote, 0x8, 0x2, 0x400, 0x100, 0x3, 0x100000})
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x2100c, 0x0)

[  132.857893] audit: type=1400 audit(1663089736.031:7): avc:  denied  { open } for  pid=3688 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  132.859394] audit: type=1400 audit(1663089736.032:8): avc:  denied  { kernel } for  pid=3688 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  132.869436] ------------[ cut here ]------------
[  132.869460] 
[  132.869464] ======================================================
[  132.869467] WARNING: possible circular locking dependency detected
[  132.869472] 6.0.0-rc5-next-20220913 #1 Not tainted
[  132.869478] ------------------------------------------------------
[  132.869482] syz-executor.6/3689 is trying to acquire lock:
[  132.869488] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  132.869527] 
[  132.869527] but task is already holding lock:
[  132.869530] ffff88800f341820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  132.869557] 
[  132.869557] which lock already depends on the new lock.
[  132.869557] 
[  132.869561] 
[  132.869561] the existing dependency chain (in reverse order) is:
[  132.869564] 
[  132.869564] -> #3 (&ctx->lock){....}-{2:2}:
[  132.869578]        _raw_spin_lock+0x2a/0x40
[  132.869595]        __perf_event_task_sched_out+0x53b/0x18d0
[  132.869608]        __schedule+0xedd/0x2470
[  132.869618]        schedule+0xda/0x1b0
[  132.869628]        futex_wait_queue+0xf5/0x1e0
[  132.869643]        futex_wait+0x28e/0x690
[  132.869652]        do_futex+0x2ff/0x380
[  132.869662]        __x64_sys_futex+0x1c6/0x4d0
[  132.869672]        do_syscall_64+0x3b/0x90
[  132.869686]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.869704] 
[  132.869704] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  132.869719]        _raw_spin_lock_nested+0x30/0x40
[  132.869734]        raw_spin_rq_lock_nested+0x1e/0x30
[  132.869748]        task_fork_fair+0x63/0x4d0
[  132.869765]        sched_cgroup_fork+0x3d0/0x540
[  132.869779]        copy_process+0x3f9e/0x6df0
[  132.869790]        kernel_clone+0xe7/0x890
[  132.869799]        user_mode_thread+0xad/0xf0
[  132.869809]        rest_init+0x24/0x250
[  132.869826]        arch_call_rest_init+0xf/0x14
[  132.869847]        start_kernel+0x4c1/0x4e6
[  132.869864]        secondary_startup_64_no_verify+0xe0/0xeb
[  132.869878] 
[  132.869878] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  132.869892]        _raw_spin_lock_irqsave+0x39/0x60
[  132.869907]        try_to_wake_up+0xab/0x1920
[  132.869920]        up+0x75/0xb0
[  132.869932]        __up_console_sem+0x6e/0x80
[  132.869948]        console_unlock+0x46a/0x590
[  132.869964]        vt_ioctl+0x2822/0x2ca0
[  132.869977]        tty_ioctl+0x7c4/0x1700
[  132.869988]        __x64_sys_ioctl+0x19a/0x210
[  132.870004]        do_syscall_64+0x3b/0x90
[  132.870016]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.870033] 
[  132.870033] -> #0 ((console_sem).lock){....}-{2:2}:
[  132.870047]        __lock_acquire+0x2a02/0x5e70
[  132.870064]        lock_acquire+0x1a2/0x530
[  132.870080]        _raw_spin_lock_irqsave+0x39/0x60
[  132.870095]        down_trylock+0xe/0x70
[  132.870107]        __down_trylock_console_sem+0x3b/0xd0
[  132.870123]        vprintk_emit+0x16b/0x560
[  132.870140]        vprintk+0x84/0xa0
[  132.870156]        _printk+0xba/0xf1
[  132.870174]        report_bug.cold+0x72/0xab
[  132.870186]        handle_bug+0x3c/0x70
[  132.870199]        exc_invalid_op+0x14/0x50
[  132.870212]        asm_exc_invalid_op+0x16/0x20
[  132.870229]        group_sched_out.part.0+0x2c7/0x460
[  132.870239]        ctx_sched_out+0x8f1/0xc10
[  132.870249]        __perf_event_task_sched_out+0x6d0/0x18d0
[  132.870261]        __schedule+0xedd/0x2470
[  132.870270]        schedule+0xda/0x1b0
[  132.870280]        futex_wait_queue+0xf5/0x1e0
[  132.870290]        futex_wait+0x28e/0x690
[  132.870300]        do_futex+0x2ff/0x380
[  132.870308]        __x64_sys_futex+0x1c6/0x4d0
[  132.870318]        do_syscall_64+0x3b/0x90
[  132.870331]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.870348] 
[  132.870348] other info that might help us debug this:
[  132.870348] 
[  132.870351] Chain exists of:
[  132.870351]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  132.870351] 
[  132.870366]  Possible unsafe locking scenario:
[  132.870366] 
[  132.870368]        CPU0                    CPU1
[  132.870370]        ----                    ----
[  132.870372]   lock(&ctx->lock);
[  132.870378]                                lock(&rq->__lock);
[  132.870385]                                lock(&ctx->lock);
[  132.870391]   lock((console_sem).lock);
[  132.870397] 
[  132.870397]  *** DEADLOCK ***
[  132.870397] 
[  132.870399] 2 locks held by syz-executor.6/3689:
[  132.870406]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  132.870431]  #1: ffff88800f341820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  132.870458] 
[  132.870458] stack backtrace:
[  132.870461] CPU: 0 PID: 3689 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220913 #1
[  132.870473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  132.870482] Call Trace:
[  132.870485]  <TASK>
[  132.870490]  dump_stack_lvl+0x8b/0xb3
[  132.870505]  check_noncircular+0x263/0x2e0
[  132.870521]  ? format_decode+0x26c/0xb50
[  132.870537]  ? print_circular_bug+0x450/0x450
[  132.870555]  ? enable_ptr_key_workfn+0x20/0x20
[  132.870569]  ? format_decode+0x26c/0xb50
[  132.870585]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  132.870602]  __lock_acquire+0x2a02/0x5e70
[  132.870624]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  132.870647]  lock_acquire+0x1a2/0x530
[  132.870664]  ? down_trylock+0xe/0x70
[  132.870679]  ? rcu_read_unlock+0x40/0x40
[  132.870699]  ? vprintk+0x84/0xa0
[  132.870718]  _raw_spin_lock_irqsave+0x39/0x60
[  132.870733]  ? down_trylock+0xe/0x70
[  132.870747]  down_trylock+0xe/0x70
[  132.870760]  ? vprintk+0x84/0xa0
[  132.870777]  __down_trylock_console_sem+0x3b/0xd0
[  132.870795]  vprintk_emit+0x16b/0x560
[  132.870815]  vprintk+0x84/0xa0
[  132.870832]  _printk+0xba/0xf1
[  132.870850]  ? record_print_text.cold+0x16/0x16
[  132.870872]  ? report_bug.cold+0x66/0xab
[  132.870886]  ? group_sched_out.part.0+0x2c7/0x460
[  132.870898]  report_bug.cold+0x72/0xab
[  132.870913]  handle_bug+0x3c/0x70
[  132.870926]  exc_invalid_op+0x14/0x50
[  132.870941]  asm_exc_invalid_op+0x16/0x20
[  132.870958] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  132.870972] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  132.870983] RSP: 0018:ffff8880183c78f8 EFLAGS: 00010006
[  132.870992] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  132.871000] RDX: ffff888018773580 RSI: ffffffff81566027 RDI: 0000000000000005
[  132.871008] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  132.871015] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800f341800
[  132.871023] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  132.871034]  ? group_sched_out.part.0+0x2c7/0x460
[  132.871047]  ? group_sched_out.part.0+0x2c7/0x460
[  132.871060]  ctx_sched_out+0x8f1/0xc10
[  132.871072]  __perf_event_task_sched_out+0x6d0/0x18d0
[  132.871087]  ? lock_is_held_type+0xd7/0x130
[  132.871106]  ? __perf_cgroup_move+0x160/0x160
[  132.871118]  ? set_next_entity+0x304/0x550
[  132.871138]  ? lock_is_held_type+0xd7/0x130
[  132.871156]  __schedule+0xedd/0x2470
[  132.871169]  ? io_schedule_timeout+0x150/0x150
[  132.871187]  ? futex_wait_setup+0x166/0x230
[  132.871201]  schedule+0xda/0x1b0
[  132.871212]  futex_wait_queue+0xf5/0x1e0
[  132.871227]  futex_wait+0x28e/0x690
[  132.871240]  ? futex_wait_setup+0x230/0x230
[  132.871253]  ? wake_up_q+0x8b/0xf0
[  132.871266]  ? do_raw_spin_unlock+0x4f/0x220
[  132.871286]  ? futex_wake+0x158/0x490
[  132.871304]  ? fd_install+0x1f9/0x640
[  132.871321]  do_futex+0x2ff/0x380
[  132.871332]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  132.871348]  __x64_sys_futex+0x1c6/0x4d0
[  132.871360]  ? __x64_sys_futex_time32+0x480/0x480
[  132.871372]  ? syscall_enter_from_user_mode+0x1d/0x50
[  132.871390]  ? syscall_enter_from_user_mode+0x1d/0x50
[  132.871410]  do_syscall_64+0x3b/0x90
[  132.871424]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.871441] RIP: 0033:0x7f6514904b19
[  132.871449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  132.871461] RSP: 002b:00007f6511e7a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  132.871472] RAX: ffffffffffffffda RBX: 00007f6514a17f68 RCX: 00007f6514904b19
[  132.871480] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6514a17f68
[  132.871487] RBP: 00007f6514a17f60 R08: 0000000000000000 R09: 0000000000000000
[  132.871495] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6514a17f6c
[  132.871502] R13: 00007ffcc831082f R14: 00007f6511e7a300 R15: 0000000000022000
[  132.871515]  </TASK>
[  132.931131] WARNING: CPU: 0 PID: 3689 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  132.931841] Modules linked in:
[  132.932093] CPU: 0 PID: 3689 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220913 #1
[  132.932700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  132.933537] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  132.933944] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  132.935301] RSP: 0018:ffff8880183c78f8 EFLAGS: 00010006
[  132.935699] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  132.936230] RDX: ffff888018773580 RSI: ffffffff81566027 RDI: 0000000000000005
[  132.936765] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  132.937290] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800f341800
[  132.937827] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  132.938365] FS:  00007f6511e7a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  132.938972] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  132.939418] CR2: 00007f5c3f5fa028 CR3: 0000000034e7e000 CR4: 0000000000350ef0
[  132.939941] Call Trace:
[  132.940142]  <TASK>
[  132.940318]  ctx_sched_out+0x8f1/0xc10
[  132.940621]  __perf_event_task_sched_out+0x6d0/0x18d0
[  132.941029]  ? lock_is_held_type+0xd7/0x130
[  132.941370]  ? __perf_cgroup_move+0x160/0x160
[  132.941714]  ? set_next_entity+0x304/0x550
[  132.942039]  ? lock_is_held_type+0xd7/0x130
[  132.942374]  __schedule+0xedd/0x2470
[  132.942660]  ? io_schedule_timeout+0x150/0x150
[  132.943011]  ? futex_wait_setup+0x166/0x230
[  132.943358]  schedule+0xda/0x1b0
[  132.943618]  futex_wait_queue+0xf5/0x1e0
[  132.943926]  futex_wait+0x28e/0x690
[  132.944206]  ? futex_wait_setup+0x230/0x230
[  132.944540]  ? wake_up_q+0x8b/0xf0
[  132.944821]  ? do_raw_spin_unlock+0x4f/0x220
[  132.945167]  ? futex_wake+0x158/0x490
[  132.945458]  ? fd_install+0x1f9/0x640
[  132.945748]  do_futex+0x2ff/0x380
[  132.946020]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  132.946462]  __x64_sys_futex+0x1c6/0x4d0
[  132.946770]  ? __x64_sys_futex_time32+0x480/0x480
[  132.947134]  ? syscall_enter_from_user_mode+0x1d/0x50
[  132.947531]  ? syscall_enter_from_user_mode+0x1d/0x50
[  132.947921]  do_syscall_64+0x3b/0x90
[  132.948180]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.948530] RIP: 0033:0x7f6514904b19
[  132.948781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  132.949968] RSP: 002b:00007f6511e7a218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  132.950469] RAX: ffffffffffffffda RBX: 00007f6514a17f68 RCX: 00007f6514904b19
[  132.950935] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6514a17f68
[  132.951415] RBP: 00007f6514a17f60 R08: 0000000000000000 R09: 0000000000000000
[  132.951884] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6514a17f6c
[  132.952355] R13: 00007ffcc831082f R14: 00007f6511e7a300 R15: 0000000000022000
[  132.952825]  </TASK>
[  132.952985] irq event stamp: 1112
[  132.953215] hardirqs last  enabled at (1111): [<ffffffff84241efd>] syscall_enter_from_user_mode+0x1d/0x50
[  132.953842] hardirqs last disabled at (1112): [<ffffffff8424b1d5>] __schedule+0x1225/0x2470
[  132.954385] softirqs last  enabled at (850): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  132.954944] softirqs last disabled at (841): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  132.955507] ---[ end trace 0000000000000000 ]---
[  132.957264] loop6: detected capacity change from 0 to 256
[  132.983384] loop6: detected capacity change from 0 to 256
17:22:16 executing program 6:
unshare(0x8040100)
unshare(0x12000300)
unshare(0x40000100)
unshare(0x200)
unshare(0xe000180)
unshare(0x2000300)
unshare(0x8040180)
unshare(0x200)
unshare(0x4060000)
unshare(0x80)
unshare(0xe000500)
unshare(0x320c0980)
unshare(0x10000000)
unshare(0x8000280)
unshare(0x10000000)

17:22:16 executing program 6:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000600)=ANY=[@ANYBLOB="fc0100001300010000000000000000000c0000000200000000000000d100838008002e"], 0x1fc}], 0x1}, 0x0)

[  133.128786] netlink: 468 bytes leftover after parsing attributes in process `syz-executor.6'.
17:22:16 executing program 6:
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={<r2=>r0, 0xb58a, 0x100000001, 0x2})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r2, 0x0, &(0x7f0000000200)="9a6e4a0f82a69a9b6d6c36ab6fc0172c1b05a155ad281d3fe5d8b72754a9eb2fee3ca7319c34a0775b01ad34d1f2ea300a", 0x31, 0x8000}, 0xf9a)
socket$unix(0x1, 0x5, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fallocate(r3, 0x0, 0x0, 0x87ffffc)
r4 = openat(0xffffffffffffffff, 0x0, 0x400000, 0x8)
openat(r4, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0)
mmap$perf(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000000, 0x810, 0xffffffffffffffff, 0x4)

[  133.223737] hrtimer: interrupt took 18424 ns
[  139.402959] Bluetooth: hci0: command 0x0406 tx timeout
[  140.234938] Bluetooth: hci7: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
17:22:16  Registers:
info registers vcpu 0
RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff822b253c RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff8880183c7350
R8 =0000000000000001 R9 =ffff8880183c72db R10=ffffed1003078e5b R11=0000000000000001
R12=0000000000000041 R13=ffffffff8763faa0 R14=ffffffff8763faf0 R15=ffffffff8763fd48
RIP=ffffffff822b2591 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f6511e7a700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5c3f5fa028 CR3=0000000034e7e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f65149eb7c0 00007f65149eb7c8
YMM02=0000000000000000 0000000000000000 00007f65149eb7e0 00007f65149eb7c0
YMM03=0000000000000000 0000000000000000 00007f65149eb7c8 00007f65149eb7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000080000001 RBX=000000000000005d RCX=ffffffff815b9bf3 RDX=ffff88801a160000
RSI=0000000000000000 RDI=0000000000000001 RBP=ffffea0000190e00 RSP=ffff88801db87bb8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffffea0000190e00 R13=0000000000000000 R14=000000000000006c R15=dffffc0000000000
RIP=ffffffff81461747 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f5edf885540 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5edfad0000 CR3=000000000ea4a000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffff00ffffffffff ffffffffffff00ff
YMM02=0000000000000000 0000000000000000 4c4700362e322e32 5f4342494c470035
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000470035
YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000