Warning: Permanently added '[localhost]:50674' (ECDSA) to the list of known hosts.
2022/09/14 11:06:12 fuzzer started
2022/09/14 11:06:12 dialing manager at localhost:33849
syzkaller login: [   35.528831] cgroup: Unknown subsys name 'net'
[   35.624776] cgroup: Unknown subsys name 'rlimit'
2022/09/14 11:06:26 syscalls: 2215
2022/09/14 11:06:26 code coverage: enabled
2022/09/14 11:06:26 comparison tracing: enabled
2022/09/14 11:06:26 extra coverage: enabled
2022/09/14 11:06:26 setuid sandbox: enabled
2022/09/14 11:06:26 namespace sandbox: enabled
2022/09/14 11:06:26 Android sandbox: enabled
2022/09/14 11:06:26 fault injection: enabled
2022/09/14 11:06:26 leak checking: enabled
2022/09/14 11:06:26 net packet injection: enabled
2022/09/14 11:06:26 net device setup: enabled
2022/09/14 11:06:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/14 11:06:26 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/14 11:06:26 USB emulation: enabled
2022/09/14 11:06:26 hci packet injection: enabled
2022/09/14 11:06:26 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220914                                          )
2022/09/14 11:06:26 802.15.4 emulation: enabled
2022/09/14 11:06:26 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/14 11:06:26 fetching corpus: 50, signal 37437/39863 (executing program)
2022/09/14 11:06:27 fetching corpus: 100, signal 49876/52529 (executing program)
2022/09/14 11:06:27 fetching corpus: 150, signal 57186/60081 (executing program)
2022/09/14 11:06:27 fetching corpus: 200, signal 65980/68750 (executing program)
2022/09/14 11:06:27 fetching corpus: 250, signal 70493/73228 (executing program)
2022/09/14 11:06:27 fetching corpus: 300, signal 74430/77119 (executing program)
2022/09/14 11:06:28 fetching corpus: 350, signal 79913/82075 (executing program)
2022/09/14 11:06:28 fetching corpus: 400, signal 83835/85409 (executing program)
2022/09/14 11:06:28 fetching corpus: 450, signal 87233/88208 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89021 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89100 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89183 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89271 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89338 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89412 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89483 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89556 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89623 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89697 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89781 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89854 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89925 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/89999 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90073 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90144 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90216 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90290 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90365 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90424 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90488 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90571 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90659 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90743 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90834 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90915 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/90996 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/91068 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/91135 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/91181 (executing program)
2022/09/14 11:06:28 fetching corpus: 462, signal 88191/91181 (executing program)
2022/09/14 11:06:31 starting 8 fuzzer processes
11:06:31 executing program 0:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=@FILEID_UDF_WITHOUT_PARENT={0xc}, &(0x7f0000000180), 0x0)

11:06:31 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='cmdline\x00')
pread64(r0, 0x0, 0x0, 0x13e)

11:06:31 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1800}, {&(0x7f0000010400)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b7e770325132510000e770325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b7e770325132510000e770325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b7e770325132510000e770325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b7e770325132510000e77032510b0064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000b7e770325132510000e77032510300000000002e2e2020202020202020201000b7e770325132510000e770325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b7e770325132510000e770325104001a040000", 0x80, 0x3800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x4800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000010f00))

11:06:31 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x453, 0x0, 0x0, 0x0, "ff"}, 0x14}}, 0x0)

11:06:31 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0)
write(r1, &(0x7f0000000200)='E', 0x4000)
sendfile(r1, r0, &(0x7f0000000000)=0x200, 0x7fff)

11:06:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$null(0xffffffffffffff9c, 0x0, 0x80800, 0x0)
openat$snapshot(0xffffffffffffff9c, 0x0, 0x202543, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000000201016f0200000000000000000000000008000340000010"], 0x1c}}, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, &(0x7f00000001c0))
openat(r0, &(0x7f0000000040)='./file1\x00', 0x50000, 0x8)
fcntl$getownex(r0, 0x10, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_complete(0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
pwrite64(r1, &(0x7f0000000340)="f49ed7af6b75172312f80cde19e5a724193b832a07e6a15f72ac82a86a843c655181d1db9a414a41360de9f5586796e56a505e737d87a4f87cd1696b4550044666e87ed874fa4166586552556b61fc8c79f2780930394f29dcb81ca96f99d06bed6b82b12427f8ac64ac76719cec1b571ba0eee993842ca726f4bc7ce69961d87aef8564dfa39be857645bf116c5a58b8bb4c664dd794bdd450db1a185809117ede16555c110718f89bd7bc7a124b759ddbfc7b48e77a52a654138d73b05c52ec2a6c445b043e67d88d1f869b7290b11ad5dc390c34787a490ea2a094e8212cfa9d1d3efc377ab9f405008afb8f7a39042943a876a6e176e63bc93be9696c4b61301e9b7f33f850accda97eee9f35d08ba2c9c390a04ffec5e031a3185e3735489afc2b3dd5cfa34b8339e8944093ed0c70cd446bc0a1367f4c387217aa74f099933b74e0c3d48ff02e3b1c4fc9a4c0fc2dfee8e92308f2bbb52d838db6d65ed53d3e493819678226bc1ce904fdd749a25d80a29f836ea03e58c28ff9604483a4548a5fe9e61b79601ed57b266dbaf579092094ecf4fc9211983434e948ed313d9d4b4a13c2cb30d37f9cd360a0ea515454558f11a24d0862c0679534c1c663cb411f6a74cc2a59d3485b88e92807b0b4c66fe1cca5f6d7eec25fd901476be6c8fff6d58174d5f8f3f311d9353fad61e144fbb62694d9952b153b765075cf8c50514d951f0bb9e4ba5002881ad323ca64ee58b83a1b020d3fb934b9c2cf8878796c90fad9fecc3834f9c607447f87633f0c105ab0c7be4dba893806f5a54bda18c98f5929d3341ffa0c2c00e223e2af9169187a46a7dc50315c3d493c3516240ad9a8f5904a953a223c830f11d83917f29d6fdeb7a22f5ebceed6a38158b42c51cf7b4a46b42782010cf8180672ceab28ba4bc2286435a33676a589d036b22153f0f6b7e4810b621876cd9afb0901a4c0552dde5db8c5590c553a23dd0da799280c7f77c1813d13433a377163f687481dca3fa892c7869cb91f0019e27f459f6fbd1cbdebf6547c4e348161355ba02492055644bd2632aa49cf1d2a213e511c4ff7aa47d73dadd23102c1b5989bfb5d684cdc968c896e5038cddd864877260ff4c132b3cc7872da9a4f3fc03c5380935e55a59d3f52690546d79a5aef659c81f04c4b0c923b71b242cb0423966fde4ff35c61f5f01b5a1a5bc348056a4e7f53efaff487be4f08891deacb2be87215a1c6d49d3995e0496b1a53efab6d591d71b2eeb89db487457ad1e6d77ae42535b09d2f03e70af7eaa6de498f0fc28b63583e643f2c960cf425c17192f55374f7ae4f52e9efdaed83c72745fa4b51d157e6d1fe9e55f7b54aec15294e4f11a45759e6b8bf1efb30216b7c15ba30d1b87a3baca82a299eae30e6ab9e9a2687ad64bea8805209a2d898761482796aba228cddb1ed4f7a1778671619d6928dcb0b8fa5709576bbfa243600a298a806876f0fc6ae77a75152a6e331a89446b6be4037ead664b2ff69b34061acea184117a83a4983452b2712154b5d0858a0df9a9cd77dd6ec0261916bd0acc78e3164a955ec2ea140f17101a9f0046a6e5b62e89e18d43248683e92b05c383252949dfb60ea8f1e67df773852187e54e05b241ae4bc4c8dc349796562c4fff419fdcd10200f5e7a2c783dca3f07e4b2fa4a6133a53b04c146ee85d4625d35820ecadf3a79990287f8587a2a7017a5f3aa450c238af94a7441cd56081703f7dafbcccf97c5c0b9196202f5c322b23278643dc0a3a053a2f5e87a429dc441776d51286a6d49cec8af9f38369abe3ab0ecd21d6463bbc74d22efbbad32dcd1637b53fa6f8b72a4b7a1e01d484d2737893ada1a0bfd0ea72d80de104a18d933ac50a8be3935f3df9797f3129ef5ce3f8e963e5b5d9cb7ccdc5ee989d84d44bf852c1582d20debb917757133d99f4f4e01af9943ca0094b3447b8dd77e0a700a38c237e493ea0e9e0da574fc24a7159ae6777222d0e17bf438e4b3f51ec9a1675f45ff4b3a99a776ac98d8dfdbb4e72517bb083d842cfe7ff2baec227849144953b7faffa4bfa3091ab4c5ce9cc4dcfb6b105d3aa341401b6fe72531ee5a63db31f9e355a255310cac293cef81ed4d91e5eeb276b0e4dd866dd82d490dfdbdd9907c0774004c170882172515004f91fa12f8f0567bdf64e81e2b997f13141e7551f", 0x618, 0x7f)
write$nbd(r1, &(0x7f0000000200)={0x67446698, 0x1, 0x3, 0x2, 0x4, "45273e5de994ab54b62137ffab381bfd2a506ab951ba85146bb03864ddf32cf63ef6a733af874e660500a5"}, 0x3b)

[   53.824635] audit: type=1400 audit(1663153591.245:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:06:31 executing program 5:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_PAGE={0x5}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0)

11:06:31 executing program 7:
r0 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r0, 0x29, 0x30, 0x0, &(0x7f0000000080)=0x1b00)

[   54.940599] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   54.943156] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   54.944905] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   54.947767] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   54.949642] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   54.951024] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   54.956231] Bluetooth: hci0: HCI_REQ-0x0c1a
[   55.067089] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   55.069236] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   55.072916] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   55.081565] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   55.084126] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   55.086067] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   55.094092] Bluetooth: hci1: HCI_REQ-0x0c1a
[   55.144807] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   55.147527] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   55.149454] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   55.152418] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   55.154160] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   55.155640] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   55.164431] Bluetooth: hci4: HCI_REQ-0x0c1a
[   55.188245] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   55.193251] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   55.194896] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   55.201546] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   55.205184] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   55.208051] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   55.214804] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   55.216142] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   55.222892] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   55.224457] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   55.225448] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   55.227912] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   55.232171] Bluetooth: hci3: HCI_REQ-0x0c1a
[   55.243016] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   55.254556] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   55.255887] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   55.258266] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   55.260421] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   55.261657] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   55.263032] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   55.264858] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   55.266440] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   55.268787] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   55.270388] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   55.278545] Bluetooth: hci5: HCI_REQ-0x0c1a
[   55.278872] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   55.282046] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   55.284230] Bluetooth: hci2: HCI_REQ-0x0c1a
[   55.296810] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   55.306521] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   55.316506] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   55.317776] Bluetooth: hci7: HCI_REQ-0x0c1a
[   55.322141] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   55.355700] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   55.376580] Bluetooth: hci6: HCI_REQ-0x0c1a
[   57.027794] Bluetooth: hci0: command 0x0409 tx timeout
[   57.155387] Bluetooth: hci1: command 0x0409 tx timeout
[   57.218384] Bluetooth: hci4: command 0x0409 tx timeout
[   57.282390] Bluetooth: hci3: command 0x0409 tx timeout
[   57.346434] Bluetooth: hci2: command 0x0409 tx timeout
[   57.347461] Bluetooth: hci7: command 0x0409 tx timeout
[   57.348037] Bluetooth: hci5: command 0x0409 tx timeout
[   57.410369] Bluetooth: hci6: command 0x0409 tx timeout
[   59.074378] Bluetooth: hci0: command 0x041b tx timeout
[   59.202523] Bluetooth: hci1: command 0x041b tx timeout
[   59.266392] Bluetooth: hci4: command 0x041b tx timeout
[   59.330455] Bluetooth: hci3: command 0x041b tx timeout
[   59.394471] Bluetooth: hci5: command 0x041b tx timeout
[   59.395952] Bluetooth: hci7: command 0x041b tx timeout
[   59.396816] Bluetooth: hci2: command 0x041b tx timeout
[   59.458415] Bluetooth: hci6: command 0x041b tx timeout
[   61.122457] Bluetooth: hci0: command 0x040f tx timeout
[   61.250422] Bluetooth: hci1: command 0x040f tx timeout
[   61.314515] Bluetooth: hci4: command 0x040f tx timeout
[   61.378448] Bluetooth: hci3: command 0x040f tx timeout
[   61.442415] Bluetooth: hci2: command 0x040f tx timeout
[   61.443123] Bluetooth: hci7: command 0x040f tx timeout
[   61.444391] Bluetooth: hci5: command 0x040f tx timeout
[   61.506440] Bluetooth: hci6: command 0x040f tx timeout
[   63.170362] Bluetooth: hci0: command 0x0419 tx timeout
[   63.298406] Bluetooth: hci1: command 0x0419 tx timeout
[   63.362454] Bluetooth: hci4: command 0x0419 tx timeout
[   63.426360] Bluetooth: hci3: command 0x0419 tx timeout
[   63.490460] Bluetooth: hci5: command 0x0419 tx timeout
[   63.490943] Bluetooth: hci7: command 0x0419 tx timeout
[   63.492001] Bluetooth: hci2: command 0x0419 tx timeout
[   63.554378] Bluetooth: hci6: command 0x0419 tx timeout
[  112.033560] loop2: detected capacity change from 0 to 128
11:07:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1800}, {&(0x7f0000010400)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b7e770325132510000e770325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b7e770325132510000e770325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b7e770325132510000e770325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b7e770325132510000e77032510b0064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000b7e770325132510000e77032510300000000002e2e2020202020202020201000b7e770325132510000e770325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b7e770325132510000e770325104001a040000", 0x80, 0x3800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x4800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000010f00))

11:07:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1800}, {&(0x7f0000010400)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b7e770325132510000e770325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b7e770325132510000e770325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b7e770325132510000e770325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b7e770325132510000e77032510b0064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000b7e770325132510000e77032510300000000002e2e2020202020202020201000b7e770325132510000e770325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b7e770325132510000e770325104001a040000", 0x80, 0x3800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x4800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000010f00))

[  112.301098] loop2: detected capacity change from 0 to 128
11:07:29 executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0xa, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801002000400003000000000000008000"/64, 0x40}, {&(0x7f0000010100)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x800}, {&(0x7f0000010200)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1000}, {&(0x7f0000010300)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x1800}, {&(0x7f0000010400)="f8ffff00f0ffffffff07800009a000ffffff00"/32, 0x20, 0x2000}, {&(0x7f0000010500)="53595a4b414c4c45522020080000e780325132510000e780325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000b7e770325132510000e770325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000b7e770325132510000e770325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000b7e770325132510000e770325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000b7e770325132510000e77032510b0064000000", 0x120, 0x2800}, {&(0x7f0000010700)="2e202020202020202020201000b7e770325132510000e77032510300000000002e2e2020202020202020201000b7e770325132510000e770325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000b7e770325132510000e770325104001a040000", 0x80, 0x3800}, {&(0x7f0000010800)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x4000}, {&(0x7f0000010d00)='syzkallers\x00'/32, 0x20, 0x4800}, {&(0x7f0000010e00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7800}], 0x0, &(0x7f0000010f00))

[  112.454171] loop2: detected capacity change from 0 to 128
11:07:30 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1d, &(0x7f00000000c0)={@dev}, 0x20)

11:07:30 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1d, &(0x7f00000000c0)={@dev}, 0x20)

11:07:30 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1d, &(0x7f00000000c0)={@dev}, 0x20)

11:07:30 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1d, &(0x7f00000000c0)={@dev}, 0x20)

11:07:30 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="200000004000000003000000320000000f000000000000000200000002000000008000000080400020000000e1f4655fe1f4655f0100ffff53ef010001000000e0f4655f000000000000000001000000000000000b0000000001008406000000028400001b80", 0x66, 0x400}, {&(0x7f0000010300)="02000000030000000400000032000f000300040000000000000000000f002f7c", 0x20, 0x1000}], 0x0, &(0x7f0000013800))

[  113.102102] loop2: detected capacity change from 0 to 512
[  113.387995] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  113.400745] loop2: detected capacity change from 0 to 512
[  113.440176] audit: type=1400 audit(1663153650.861:7): avc:  denied  { open } for  pid=3885 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  113.441876] audit: type=1400 audit(1663153650.861:8): avc:  denied  { kernel } for  pid=3885 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  113.467398] ------------[ cut here ]------------
[  113.467435] 
[  113.467441] ======================================================
[  113.467448] WARNING: possible circular locking dependency detected
[  113.467455] 6.0.0-rc5-next-20220914 #1 Not tainted
[  113.467468] ------------------------------------------------------
[  113.467474] syz-executor.6/3886 is trying to acquire lock:
[  113.467487] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  113.467556] 
[  113.467556] but task is already holding lock:
[  113.467562] ffff88800e179020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  113.467616] 
[  113.467616] which lock already depends on the new lock.
[  113.467616] 
[  113.467622] 
[  113.467622] the existing dependency chain (in reverse order) is:
[  113.467628] 
[  113.467628] -> #3 (&ctx->lock){....}-{2:2}:
[  113.467657]        _raw_spin_lock+0x2a/0x40
[  113.467689]        __perf_event_task_sched_out+0x53b/0x18d0
[  113.467715]        __schedule+0xedd/0x2470
[  113.467736]        schedule+0xda/0x1b0
[  113.467756]        futex_wait_queue+0xf5/0x1e0
[  113.467778]        futex_wait+0x28e/0x690
[  113.467798]        do_futex+0x2ff/0x380
[  113.467816]        __x64_sys_futex+0x1c6/0x4d0
[  113.467835]        do_syscall_64+0x3b/0x90
[  113.467863]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  113.467899] 
[  113.467899] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  113.467927]        _raw_spin_lock_nested+0x30/0x40
[  113.467958]        raw_spin_rq_lock_nested+0x1e/0x30
[  113.467984]        task_fork_fair+0x63/0x4d0
[  113.468018]        sched_cgroup_fork+0x3d0/0x540
[  113.468047]        copy_process+0x4183/0x6e20
[  113.468068]        kernel_clone+0xe7/0x890
[  113.468087]        user_mode_thread+0xad/0xf0
[  113.468107]        rest_init+0x24/0x250
[  113.468142]        arch_call_rest_init+0xf/0x14
[  113.468164]        start_kernel+0x4c1/0x4e6
[  113.468183]        secondary_startup_64_no_verify+0xe0/0xeb
[  113.468211] 
[  113.468211] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  113.468239]        _raw_spin_lock_irqsave+0x39/0x60
[  113.468271]        try_to_wake_up+0xab/0x1920
[  113.468298]        up+0x75/0xb0
[  113.468322]        __up_console_sem+0x6e/0x80
[  113.468354]        console_unlock+0x46a/0x590
[  113.468387]        vt_ioctl+0x2822/0x2ca0
[  113.468420]        tty_ioctl+0x7c4/0x1700
[  113.468442]        __x64_sys_ioctl+0x19a/0x210
[  113.468472]        do_syscall_64+0x3b/0x90
[  113.468499]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  113.468535] 
[  113.468535] -> #0 ((console_sem).lock){....}-{2:2}:
[  113.468563]        __lock_acquire+0x2a02/0x5e70
[  113.468598]        lock_acquire+0x1a2/0x530
[  113.468631]        _raw_spin_lock_irqsave+0x39/0x60
[  113.468663]        down_trylock+0xe/0x70
[  113.468688]        __down_trylock_console_sem+0x3b/0xd0
[  113.468722]        vprintk_emit+0x16b/0x560
[  113.468756]        vprintk+0x84/0xa0
[  113.468790]        _printk+0xba/0xf1
[  113.468826]        report_bug.cold+0x72/0xab
[  113.468852]        handle_bug+0x3c/0x70
[  113.468878]        exc_invalid_op+0x14/0x50
[  113.468906]        asm_exc_invalid_op+0x16/0x20
[  113.468940]        group_sched_out.part.0+0x2c7/0x460
[  113.468962]        ctx_sched_out+0x8f1/0xc10
[  113.468982]        __perf_event_task_sched_out+0x6d0/0x18d0
[  113.469007]        __schedule+0xedd/0x2470
[  113.469027]        schedule+0xda/0x1b0
[  113.469046]        futex_wait_queue+0xf5/0x1e0
[  113.469068]        futex_wait+0x28e/0x690
[  113.469088]        do_futex+0x2ff/0x380
[  113.469106]        __x64_sys_futex+0x1c6/0x4d0
[  113.469126]        do_syscall_64+0x3b/0x90
[  113.469153]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  113.469189] 
[  113.469189] other info that might help us debug this:
[  113.469189] 
[  113.469194] Chain exists of:
[  113.469194]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  113.469194] 
[  113.469225]  Possible unsafe locking scenario:
[  113.469225] 
[  113.469230]        CPU0                    CPU1
[  113.469234]        ----                    ----
[  113.469239]   lock(&ctx->lock);
[  113.469250]                                lock(&rq->__lock);
[  113.469263]                                lock(&ctx->lock);
[  113.469276]   lock((console_sem).lock);
[  113.469287] 
[  113.469287]  *** DEADLOCK ***
[  113.469287] 
[  113.469291] 2 locks held by syz-executor.6/3886:
[  113.469305]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  113.469358]  #1: ffff88800e179020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  113.469416] 
[  113.469416] stack backtrace:
[  113.469421] CPU: 0 PID: 3886 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220914 #1
[  113.469447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  113.469462] Call Trace:
[  113.469468]  <TASK>
[  113.469477]  dump_stack_lvl+0x8b/0xb3
[  113.469507]  check_noncircular+0x263/0x2e0
[  113.469542]  ? format_decode+0x26c/0xb50
[  113.469573]  ? print_circular_bug+0x450/0x450
[  113.469609]  ? enable_ptr_key_workfn+0x20/0x20
[  113.469641]  ? format_decode+0x26c/0xb50
[  113.469675]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  113.469713]  __lock_acquire+0x2a02/0x5e70
[  113.469762]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  113.469801]  ? __mutex_add_waiter+0x120/0x120
[  113.469841]  lock_acquire+0x1a2/0x530
[  113.469876]  ? down_trylock+0xe/0x70
[  113.469908]  ? rcu_read_unlock+0x40/0x40
[  113.469955]  ? vprintk+0x84/0xa0
[  113.469994]  _raw_spin_lock_irqsave+0x39/0x60
[  113.470026]  ? down_trylock+0xe/0x70
[  113.470055]  down_trylock+0xe/0x70
[  113.470083]  ? vprintk+0x84/0xa0
[  113.470119]  __down_trylock_console_sem+0x3b/0xd0
[  113.470156]  vprintk_emit+0x16b/0x560
[  113.470198]  vprintk+0x84/0xa0
[  113.470235]  _printk+0xba/0xf1
[  113.470273]  ? record_print_text.cold+0x16/0x16
[  113.470322]  ? report_bug.cold+0x66/0xab
[  113.470353]  ? group_sched_out.part.0+0x2c7/0x460
[  113.470376]  report_bug.cold+0x72/0xab
[  113.470409]  handle_bug+0x3c/0x70
[  113.470438]  exc_invalid_op+0x14/0x50
[  113.470469]  asm_exc_invalid_op+0x16/0x20
[  113.470505] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  113.470532] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  113.470555] RSP: 0018:ffff88800db778f8 EFLAGS: 00010006
[  113.470573] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  113.470589] RDX: ffff88801ed45040 RSI: ffffffff81566027 RDI: 0000000000000005
[  113.470605] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  113.470620] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88800e179000
[  113.470635] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  113.470660]  ? group_sched_out.part.0+0x2c7/0x460
[  113.470689]  ? group_sched_out.part.0+0x2c7/0x460
[  113.470716]  ctx_sched_out+0x8f1/0xc10
[  113.470744]  __perf_event_task_sched_out+0x6d0/0x18d0
[  113.470778]  ? lock_is_held_type+0xd7/0x130
[  113.470817]  ? __perf_cgroup_move+0x160/0x160
[  113.470842]  ? set_next_entity+0x304/0x550
[  113.470886]  ? lock_is_held_type+0xd7/0x130
[  113.470926]  __schedule+0xedd/0x2470
[  113.470955]  ? io_schedule_timeout+0x150/0x150
[  113.470979]  ? futex_wait_setup+0x166/0x230
[  113.471011]  schedule+0xda/0x1b0
[  113.471035]  futex_wait_queue+0xf5/0x1e0
[  113.471061]  futex_wait+0x28e/0x690
[  113.471087]  ? futex_wait_setup+0x230/0x230
[  113.471116]  ? wake_up_q+0x8b/0xf0
[  113.471144]  ? do_raw_spin_unlock+0x4f/0x220
[  113.471186]  ? futex_wake+0x158/0x490
[  113.471223]  ? fd_install+0x1f9/0x640
[  113.471257]  do_futex+0x2ff/0x380
[  113.471281]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  113.471316]  __x64_sys_futex+0x1c6/0x4d0
[  113.471343]  ? __x64_sys_futex_time32+0x480/0x480
[  113.471370]  ? syscall_enter_from_user_mode+0x1d/0x50
[  113.471410]  ? syscall_enter_from_user_mode+0x1d/0x50
[  113.471454]  do_syscall_64+0x3b/0x90
[  113.471484]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  113.471521] RIP: 0033:0x7f6348ce3b19
[  113.471538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  113.471560] RSP: 002b:00007f6346259218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  113.471582] RAX: ffffffffffffffda RBX: 00007f6348df6f68 RCX: 00007f6348ce3b19
[  113.471599] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6348df6f68
[  113.471614] RBP: 00007f6348df6f60 R08: 0000000000000000 R09: 0000000000000000
[  113.471629] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6348df6f6c
[  113.471644] R13: 00007ffdc35b1fff R14: 00007f6346259300 R15: 0000000000022000
[  113.471674]  </TASK>
[  113.589627] WARNING: CPU: 0 PID: 3886 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  113.591000] Modules linked in:
[  113.591486] CPU: 0 PID: 3886 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220914 #1
[  113.592677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  113.594318] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  113.595111] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  113.597754] RSP: 0018:ffff88800db778f8 EFLAGS: 00010006
[  113.598532] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  113.599560] RDX: ffff88801ed45040 RSI: ffffffff81566027 RDI: 0000000000000005
[  113.600615] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  113.601648] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88800e179000
[  113.602707] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  113.603756] FS:  00007f6346259700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  113.604936] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  113.605788] CR2: 00007fb828c0de38 CR3: 000000001b196000 CR4: 0000000000350ef0
[  113.606831] Call Trace:
[  113.607218]  <TASK>
[  113.607561]  ctx_sched_out+0x8f1/0xc10
[  113.608151]  __perf_event_task_sched_out+0x6d0/0x18d0
[  113.608905]  ? lock_is_held_type+0xd7/0x130
[  113.609551]  ? __perf_cgroup_move+0x160/0x160
[  113.610207]  ? set_next_entity+0x304/0x550
[  113.610850]  ? lock_is_held_type+0xd7/0x130
[  113.611440]  __schedule+0xedd/0x2470
[  113.611941]  ? io_schedule_timeout+0x150/0x150
[  113.612562]  ? futex_wait_setup+0x166/0x230
[  113.613136]  schedule+0xda/0x1b0
[  113.613592]  futex_wait_queue+0xf5/0x1e0
[  113.614127]  futex_wait+0x28e/0x690
[  113.614625]  ? futex_wait_setup+0x230/0x230
[  113.615192]  ? wake_up_q+0x8b/0xf0
[  113.615677]  ? do_raw_spin_unlock+0x4f/0x220
[  113.616275]  ? futex_wake+0x158/0x490
[  113.616818]  ? fd_install+0x1f9/0x640
[  113.617421]  do_futex+0x2ff/0x380
[  113.617978]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  113.618882]  __x64_sys_futex+0x1c6/0x4d0
[  113.619520]  ? __x64_sys_futex_time32+0x480/0x480
[  113.620269]  ? syscall_enter_from_user_mode+0x1d/0x50
[  113.621097]  ? syscall_enter_from_user_mode+0x1d/0x50
[  113.621915]  do_syscall_64+0x3b/0x90
[  113.622508]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  113.623318] RIP: 0033:0x7f6348ce3b19
[  113.623904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  113.626677] RSP: 002b:00007f6346259218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  113.627844] RAX: ffffffffffffffda RBX: 00007f6348df6f68 RCX: 00007f6348ce3b19
[  113.628944] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6348df6f68
[  113.630025] RBP: 00007f6348df6f60 R08: 0000000000000000 R09: 0000000000000000
[  113.631108] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6348df6f6c
[  113.632191] R13: 00007ffdc35b1fff R14: 00007f6346259300 R15: 0000000000022000
[  113.633293]  </TASK>
[  113.633662] irq event stamp: 762
[  113.634180] hardirqs last  enabled at (761): [<ffffffff84242a1d>] syscall_enter_from_user_mode+0x1d/0x50
[  113.635622] hardirqs last disabled at (762): [<ffffffff8424bcf5>] __schedule+0x1225/0x2470
[  113.636887] softirqs last  enabled at (554): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  113.638186] softirqs last disabled at (367): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  113.639477] ---[ end trace 0000000000000000 ]---
[  113.640622] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  114.150131] audit: type=1107 audit(1663153651.571:9): pid=3885 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 msg='�'
[  114.159174] audit: type=1107 audit(1663153651.580:10): pid=3885 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 msg='�'
[  116.461766] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  116.470670] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  116.471979] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  116.476036] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  116.478682] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  116.480043] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  116.500332] Bluetooth: hci2: HCI_REQ-0x0c1a
[  118.466369] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  118.466374] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  118.466896] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  118.530330] Bluetooth: hci2: command 0x0409 tx timeout
[  118.530850] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  120.578414] Bluetooth: hci2: command 0x041b tx timeout
[  122.626474] Bluetooth: hci2: command 0x040f tx timeout
[  122.754396] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  122.818340] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  122.882350] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  122.882359] Bluetooth: hci5: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
11:07:31  Registers:
info registers vcpu 0
RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b24f1 RDI=ffffffff87641b60 RBP=ffffffff87641b20 RSP=ffff88800db77348
R8 =0000000000000001 R9 =000000000000000a R10=000000000000002e R11=0000000000000001
R12=000000000000002e R13=ffffffff87641b20 R14=0000000000000010 R15=ffffffff822b24e0
RIP=ffffffff822b2549 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f6346259700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb828c0de38 CR3=000000001b196000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f6348dca7c0 00007f6348dca7c8
YMM02=0000000000000000 0000000000000000 00007f6348dca7e0 00007f6348dca7c0
YMM03=0000000000000000 0000000000000000 00007f6348dca7c8 00007f6348dca7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3eda0 RCX=0000000000000000 RDX=ffff88801ed41ac0
RSI=ffffffff813bccdb RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88801756f960
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffffed100d9c7db5 R13=ffff88806ce3eda8 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff813bccdd RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555555591400 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f6348dec6dc CR3=000000001b196000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f6348dca7c0 00007f6348dca7c8
YMM02=0000000000000000 0000000000000000 00007f6348dca7e0 00007f6348dca7c0
YMM03=0000000000000000 0000000000000000 00007f6348dca7c8 00007f6348dca7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000