Warning: Permanently added '[localhost]:65090' (ECDSA) to the list of known hosts.
2022/09/14 11:58:23 fuzzer started
2022/09/14 11:58:23 dialing manager at localhost:33849
syzkaller login: [   40.939527] cgroup: Unknown subsys name 'net'
[   41.037592] cgroup: Unknown subsys name 'rlimit'
2022/09/14 11:58:39 syscalls: 2215
2022/09/14 11:58:39 code coverage: enabled
2022/09/14 11:58:39 comparison tracing: enabled
2022/09/14 11:58:39 extra coverage: enabled
2022/09/14 11:58:39 setuid sandbox: enabled
2022/09/14 11:58:39 namespace sandbox: enabled
2022/09/14 11:58:39 Android sandbox: enabled
2022/09/14 11:58:39 fault injection: enabled
2022/09/14 11:58:39 leak checking: enabled
2022/09/14 11:58:39 net packet injection: enabled
2022/09/14 11:58:39 net device setup: enabled
2022/09/14 11:58:39 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/14 11:58:39 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/14 11:58:39 USB emulation: enabled
2022/09/14 11:58:39 hci packet injection: enabled
2022/09/14 11:58:39 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220914                                          )
2022/09/14 11:58:39 802.15.4 emulation: enabled
2022/09/14 11:58:39 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/14 11:58:39 fetching corpus: 49, signal 32239/35543 (executing program)
2022/09/14 11:58:40 fetching corpus: 99, signal 50285/54669 (executing program)
2022/09/14 11:58:40 fetching corpus: 149, signal 63314/68567 (executing program)
2022/09/14 11:58:40 fetching corpus: 199, signal 68591/74887 (executing program)
2022/09/14 11:58:40 fetching corpus: 248, signal 75743/82767 (executing program)
2022/09/14 11:58:40 fetching corpus: 298, signal 81055/88812 (executing program)
2022/09/14 11:58:40 fetching corpus: 348, signal 87022/95469 (executing program)
2022/09/14 11:58:41 fetching corpus: 398, signal 90574/99722 (executing program)
2022/09/14 11:58:41 fetching corpus: 448, signal 94996/104676 (executing program)
2022/09/14 11:58:41 fetching corpus: 498, signal 98552/108723 (executing program)
2022/09/14 11:58:41 fetching corpus: 548, signal 100870/111621 (executing program)
2022/09/14 11:58:41 fetching corpus: 598, signal 103642/114867 (executing program)
2022/09/14 11:58:42 fetching corpus: 648, signal 106838/118463 (executing program)
2022/09/14 11:58:42 fetching corpus: 698, signal 110977/122726 (executing program)
2022/09/14 11:58:42 fetching corpus: 748, signal 114015/125950 (executing program)
2022/09/14 11:58:42 fetching corpus: 798, signal 116349/128587 (executing program)
2022/09/14 11:58:42 fetching corpus: 848, signal 118688/131169 (executing program)
2022/09/14 11:58:42 fetching corpus: 898, signal 121134/133749 (executing program)
2022/09/14 11:58:42 fetching corpus: 948, signal 122936/135852 (executing program)
2022/09/14 11:58:43 fetching corpus: 998, signal 124891/137951 (executing program)
2022/09/14 11:58:43 fetching corpus: 1048, signal 127236/140309 (executing program)
2022/09/14 11:58:43 fetching corpus: 1098, signal 128759/142003 (executing program)
2022/09/14 11:58:43 fetching corpus: 1148, signal 130170/143628 (executing program)
2022/09/14 11:58:43 fetching corpus: 1198, signal 131858/145431 (executing program)
2022/09/14 11:58:43 fetching corpus: 1248, signal 133627/147210 (executing program)
2022/09/14 11:58:44 fetching corpus: 1298, signal 135232/148868 (executing program)
2022/09/14 11:58:44 fetching corpus: 1348, signal 137703/151122 (executing program)
2022/09/14 11:58:44 fetching corpus: 1398, signal 139483/152738 (executing program)
2022/09/14 11:58:44 fetching corpus: 1448, signal 141351/154543 (executing program)
2022/09/14 11:58:44 fetching corpus: 1498, signal 142976/156008 (executing program)
2022/09/14 11:58:44 fetching corpus: 1548, signal 144557/157432 (executing program)
2022/09/14 11:58:44 fetching corpus: 1598, signal 146276/158875 (executing program)
2022/09/14 11:58:45 fetching corpus: 1648, signal 147433/159966 (executing program)
2022/09/14 11:58:45 fetching corpus: 1698, signal 148716/161101 (executing program)
2022/09/14 11:58:45 fetching corpus: 1748, signal 149725/162012 (executing program)
2022/09/14 11:58:45 fetching corpus: 1798, signal 151129/163154 (executing program)
2022/09/14 11:58:45 fetching corpus: 1848, signal 152220/164093 (executing program)
2022/09/14 11:58:45 fetching corpus: 1898, signal 153705/165227 (executing program)
2022/09/14 11:58:45 fetching corpus: 1948, signal 154720/166103 (executing program)
2022/09/14 11:58:46 fetching corpus: 1998, signal 155850/167061 (executing program)
2022/09/14 11:58:46 fetching corpus: 2048, signal 157696/168319 (executing program)
2022/09/14 11:58:46 fetching corpus: 2098, signal 158630/169038 (executing program)
2022/09/14 11:58:46 fetching corpus: 2148, signal 159494/169687 (executing program)
2022/09/14 11:58:46 fetching corpus: 2198, signal 160435/170365 (executing program)
2022/09/14 11:58:46 fetching corpus: 2248, signal 161399/171019 (executing program)
2022/09/14 11:58:46 fetching corpus: 2298, signal 162571/171745 (executing program)
2022/09/14 11:58:47 fetching corpus: 2348, signal 164044/172668 (executing program)
2022/09/14 11:58:47 fetching corpus: 2398, signal 165067/173258 (executing program)
2022/09/14 11:58:47 fetching corpus: 2448, signal 166797/174137 (executing program)
2022/09/14 11:58:47 fetching corpus: 2498, signal 169022/175129 (executing program)
2022/09/14 11:58:47 fetching corpus: 2548, signal 170138/175653 (executing program)
2022/09/14 11:58:47 fetching corpus: 2598, signal 170921/176074 (executing program)
2022/09/14 11:58:48 fetching corpus: 2648, signal 172172/176581 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177123 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177188 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177259 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177318 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177391 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177468 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177533 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177601 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177677 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177748 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177813 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177871 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/177938 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178002 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178076 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178153 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178215 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178289 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178354 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178419 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178501 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178568 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178640 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178704 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178762 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178812 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178876 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178914 (executing program)
2022/09/14 11:58:48 fetching corpus: 2698, signal 173465/178914 (executing program)
2022/09/14 11:58:50 starting 8 fuzzer processes
11:58:50 executing program 0:
syz_open_dev$tty1(0xc, 0x4, 0x1)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$FAT_IOCTL_GET_VOLUME_ID(0xffffffffffffffff, 0x80047213, &(0x7f00000004c0))
ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f0000000040)=0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x10400, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

11:58:50 executing program 1:
r0 = syz_io_uring_setup(0x403, &(0x7f0000000100), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x1000000)

11:58:50 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001740)=@delpolicy={0x64, 0x14, 0x68d496793982c553, 0x0, 0x0, {{@in=@local, @in=@dev}}, [@XFRMA_IF_ID={0x8}, @sec_ctx={0xc, 0x8, {0x8}}]}, 0x64}}, 0x0)

11:58:50 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x20, 0x7, 0xff, 0x39, 0x0, 0x4, 0x20, 0x6, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x8}, 0x800, 0x7, 0x5, 0x4, 0x1, 0x2, 0xfc, 0x0, 0x0, 0x0, 0x80000001}, 0xffffffffffffffff, 0xb, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000300)={0xffffffffffffffe5, 0x2})
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x88, 0x8, 0x5d, 0x4, 0x0, 0x0, 0x10, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x44000, 0x2, 0x20, 0x4, 0x40, 0x0, 0x8, 0x0, 0x2}, 0x0, 0xb, 0xffffffffffffffff, 0x3)
sendmmsg$inet6(r2, &(0x7f0000002880), 0x4000101, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000003b00))

11:58:50 executing program 4:
r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ff4000/0x3000)=nil)
shmat(r0, &(0x7f0000ffb000/0x4000)=nil, 0x4000)
shmat(r0, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
madvise(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x17)
madvise(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x14)

11:58:50 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000100)={0x69})
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x44}}}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2})
syz_io_uring_submit(0x0, 0x0, 0x0, 0xf9a)
socket$unix(0x1, 0x5, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
openat(0xffffffffffffffff, 0x0, 0x400000, 0x8)

11:58:50 executing program 5:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x87d27e71721737b5, 0x0, 0x0, {{0x32}, {@void, @val={0x8}, @val={0x2f}}}}, 0x28}}, 0x0)

[   67.815725] audit: type=1400 audit(1663156730.906:6): avc:  denied  { execmem } for  pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:58:50 executing program 7:
r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ff9000/0x3000)=nil)
shmat(r0, &(0x7f0000400000/0xc00000)=nil, 0xcf3caed3d8c7cb92)
mremap(&(0x7f0000ce7000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000cf2000/0x3000)=nil)

[   69.149933] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   69.159348] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   69.160799] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   69.162752] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   69.164346] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   69.165855] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   69.167791] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   69.169921] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   69.171311] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   69.172531] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   69.174149] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   69.175351] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   69.176759] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   69.178470] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   69.179798] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   69.181136] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   69.182377] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   69.183706] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   69.184937] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   69.186328] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   69.188075] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   69.194791] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   69.197824] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   69.199190] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   69.200485] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   69.201701] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   69.203078] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   69.206534] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   69.207888] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   69.209217] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   69.211029] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.212378] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   69.213685] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   69.213742] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   69.216350] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   69.216827] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   69.218646] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   69.223707] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   69.226081] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   69.232019] Bluetooth: hci1: HCI_REQ-0x0c1a
[   69.235076] Bluetooth: hci4: HCI_REQ-0x0c1a
[   69.238929] Bluetooth: hci3: HCI_REQ-0x0c1a
[   69.240943] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   69.242599] Bluetooth: hci0: HCI_REQ-0x0c1a
[   69.243402] Bluetooth: hci5: HCI_REQ-0x0c1a
[   69.243671] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   69.247652] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   69.255275] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   69.256681] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   69.258028] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   69.264178] Bluetooth: hci2: HCI_REQ-0x0c1a
[   69.269108] Bluetooth: hci6: HCI_REQ-0x0c1a
[   69.288759] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   69.300096] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   69.302337] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   69.308979] Bluetooth: hci7: HCI_REQ-0x0c1a
[   71.280312] Bluetooth: hci5: command 0x0409 tx timeout
[   71.344051] Bluetooth: hci7: command 0x0409 tx timeout
[   71.344677] Bluetooth: hci6: command 0x0409 tx timeout
[   71.345259] Bluetooth: hci2: command 0x0409 tx timeout
[   71.345749] Bluetooth: hci0: command 0x0409 tx timeout
[   71.346336] Bluetooth: hci3: command 0x0409 tx timeout
[   71.346833] Bluetooth: hci1: command 0x0409 tx timeout
[   71.347361] Bluetooth: hci4: command 0x0409 tx timeout
[   73.328084] Bluetooth: hci5: command 0x041b tx timeout
[   73.392083] Bluetooth: hci4: command 0x041b tx timeout
[   73.392872] Bluetooth: hci1: command 0x041b tx timeout
[   73.394423] Bluetooth: hci3: command 0x041b tx timeout
[   73.394860] Bluetooth: hci0: command 0x041b tx timeout
[   73.396474] Bluetooth: hci2: command 0x041b tx timeout
[   73.396923] Bluetooth: hci6: command 0x041b tx timeout
[   73.398131] Bluetooth: hci7: command 0x041b tx timeout
[   75.376032] Bluetooth: hci5: command 0x040f tx timeout
[   75.440082] Bluetooth: hci7: command 0x040f tx timeout
[   75.440767] Bluetooth: hci6: command 0x040f tx timeout
[   75.441465] Bluetooth: hci2: command 0x040f tx timeout
[   75.442110] Bluetooth: hci0: command 0x040f tx timeout
[   75.444900] Bluetooth: hci3: command 0x040f tx timeout
[   75.445702] Bluetooth: hci1: command 0x040f tx timeout
[   75.447489] Bluetooth: hci4: command 0x040f tx timeout
[   77.424169] Bluetooth: hci5: command 0x0419 tx timeout
[   77.488108] Bluetooth: hci4: command 0x0419 tx timeout
[   77.489849] Bluetooth: hci1: command 0x0419 tx timeout
[   77.490707] Bluetooth: hci3: command 0x0419 tx timeout
[   77.493267] Bluetooth: hci0: command 0x0419 tx timeout
[   77.494617] Bluetooth: hci2: command 0x0419 tx timeout
[   77.497031] Bluetooth: hci6: command 0x0419 tx timeout
[   77.497802] Bluetooth: hci7: command 0x0419 tx timeout
[  125.122030] audit: type=1400 audit(1663156788.212:7): avc:  denied  { open } for  pid=3743 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  125.123694] audit: type=1400 audit(1663156788.212:8): avc:  denied  { kernel } for  pid=3743 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  125.148113] ------------[ cut here ]------------
[  125.148134] 
[  125.148137] ======================================================
[  125.148141] WARNING: possible circular locking dependency detected
[  125.148145] 6.0.0-rc5-next-20220914 #1 Not tainted
[  125.148152] ------------------------------------------------------
[  125.148155] syz-executor.3/3745 is trying to acquire lock:
[  125.148161] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  125.148201] 
[  125.148201] but task is already holding lock:
[  125.148203] ffff88800d24a820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  125.148231] 
[  125.148231] which lock already depends on the new lock.
[  125.148231] 
[  125.148234] 
[  125.148234] the existing dependency chain (in reverse order) is:
[  125.148238] 
[  125.148238] -> #3 (&ctx->lock){....}-{2:2}:
[  125.148252]        _raw_spin_lock+0x2a/0x40
[  125.148269]        __perf_event_task_sched_out+0x53b/0x18d0
[  125.148281]        __schedule+0xedd/0x2470
[  125.148292]        schedule+0xda/0x1b0
[  125.148302]        exit_to_user_mode_prepare+0x114/0x1a0
[  125.148322]        syscall_exit_to_user_mode+0x19/0x40
[  125.148339]        do_syscall_64+0x48/0x90
[  125.148352]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.148370] 
[  125.148370] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  125.148384]        _raw_spin_lock_nested+0x30/0x40
[  125.148398]        raw_spin_rq_lock_nested+0x1e/0x30
[  125.148412]        task_fork_fair+0x63/0x4d0
[  125.148428]        sched_cgroup_fork+0x3d0/0x540
[  125.148442]        copy_process+0x4183/0x6e20
[  125.148452]        kernel_clone+0xe7/0x890
[  125.148462]        user_mode_thread+0xad/0xf0
[  125.148472]        rest_init+0x24/0x250
[  125.148488]        arch_call_rest_init+0xf/0x14
[  125.148500]        start_kernel+0x4c1/0x4e6
[  125.148509]        secondary_startup_64_no_verify+0xe0/0xeb
[  125.148523] 
[  125.148523] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  125.148537]        _raw_spin_lock_irqsave+0x39/0x60
[  125.148552]        try_to_wake_up+0xab/0x1920
[  125.148565]        up+0x75/0xb0
[  125.148576]        __up_console_sem+0x6e/0x80
[  125.148591]        console_unlock+0x46a/0x590
[  125.148607]        vt_ioctl+0x2822/0x2ca0
[  125.148620]        tty_ioctl+0x7c4/0x1700
[  125.148631]        __x64_sys_ioctl+0x19a/0x210
[  125.148646]        do_syscall_64+0x3b/0x90
[  125.148658]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.148675] 
[  125.148675] -> #0 ((console_sem).lock){....}-{2:2}:
[  125.148689]        __lock_acquire+0x2a02/0x5e70
[  125.148705]        lock_acquire+0x1a2/0x530
[  125.148720]        _raw_spin_lock_irqsave+0x39/0x60
[  125.148735]        down_trylock+0xe/0x70
[  125.148746]        __down_trylock_console_sem+0x3b/0xd0
[  125.148762]        vprintk_emit+0x16b/0x560
[  125.148778]        vprintk+0x84/0xa0
[  125.148794]        _printk+0xba/0xf1
[  125.148811]        report_bug.cold+0x72/0xab
[  125.148823]        handle_bug+0x3c/0x70
[  125.148836]        exc_invalid_op+0x14/0x50
[  125.148849]        asm_exc_invalid_op+0x16/0x20
[  125.148864]        group_sched_out.part.0+0x2c7/0x460
[  125.148875]        ctx_sched_out+0x8f1/0xc10
[  125.148884]        __perf_event_task_sched_out+0x6d0/0x18d0
[  125.148896]        __schedule+0xedd/0x2470
[  125.148906]        schedule+0xda/0x1b0
[  125.148916]        exit_to_user_mode_prepare+0x114/0x1a0
[  125.148934]        syscall_exit_to_user_mode+0x19/0x40
[  125.148950]        do_syscall_64+0x48/0x90
[  125.148963]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.148979] 
[  125.148979] other info that might help us debug this:
[  125.148979] 
[  125.148982] Chain exists of:
[  125.148982]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  125.148982] 
[  125.148997]  Possible unsafe locking scenario:
[  125.148997] 
[  125.149000]        CPU0                    CPU1
[  125.149003]        ----                    ----
[  125.149005]   lock(&ctx->lock);
[  125.149011]                                lock(&rq->__lock);
[  125.149017]                                lock(&ctx->lock);
[  125.149023]   lock((console_sem).lock);
[  125.149029] 
[  125.149029]  *** DEADLOCK ***
[  125.149029] 
[  125.149031] 2 locks held by syz-executor.3/3745:
[  125.149038]  #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  125.149064]  #1: ffff88800d24a820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  125.149092] 
[  125.149092] stack backtrace:
[  125.149094] CPU: 1 PID: 3745 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220914 #1
[  125.149107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  125.149116] Call Trace:
[  125.149119]  <TASK>
[  125.149123]  dump_stack_lvl+0x8b/0xb3
[  125.149138]  check_noncircular+0x263/0x2e0
[  125.149154]  ? format_decode+0x26c/0xb50
[  125.149169]  ? print_circular_bug+0x450/0x450
[  125.149186]  ? enable_ptr_key_workfn+0x20/0x20
[  125.149200]  ? format_decode+0x26c/0xb50
[  125.149215]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  125.149233]  __lock_acquire+0x2a02/0x5e70
[  125.149254]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  125.149276]  lock_acquire+0x1a2/0x530
[  125.149292]  ? down_trylock+0xe/0x70
[  125.149306]  ? rcu_read_unlock+0x40/0x40
[  125.149326]  ? vprintk+0x84/0xa0
[  125.149344]  _raw_spin_lock_irqsave+0x39/0x60
[  125.149359]  ? down_trylock+0xe/0x70
[  125.149372]  down_trylock+0xe/0x70
[  125.149385]  ? vprintk+0x84/0xa0
[  125.149402]  __down_trylock_console_sem+0x3b/0xd0
[  125.149419]  vprintk_emit+0x16b/0x560
[  125.149437]  vprintk+0x84/0xa0
[  125.149454]  _printk+0xba/0xf1
[  125.149471]  ? record_print_text.cold+0x16/0x16
[  125.149492]  ? report_bug.cold+0x66/0xab
[  125.149521]  ? group_sched_out.part.0+0x2c7/0x460
[  125.149533]  report_bug.cold+0x72/0xab
[  125.149547]  handle_bug+0x3c/0x70
[  125.149561]  exc_invalid_op+0x14/0x50
[  125.149575]  asm_exc_invalid_op+0x16/0x20
[  125.149592] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  125.149605] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  125.149616] RSP: 0018:ffff88801832fc48 EFLAGS: 00010006
[  125.149626] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  125.149633] RDX: ffff888018b7b580 RSI: ffffffff81566027 RDI: 0000000000000005
[  125.149641] RBP: ffff88801d4c0000 R08: 0000000000000005 R09: 0000000000000001
[  125.149648] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800d24a800
[  125.149656] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  125.149668]  ? group_sched_out.part.0+0x2c7/0x460
[  125.149680]  ? group_sched_out.part.0+0x2c7/0x460
[  125.149693]  ctx_sched_out+0x8f1/0xc10
[  125.149706]  __perf_event_task_sched_out+0x6d0/0x18d0
[  125.149721]  ? lock_is_held_type+0xd7/0x130
[  125.149739]  ? __perf_cgroup_move+0x160/0x160
[  125.149750]  ? set_next_entity+0x304/0x550
[  125.149767]  ? update_curr+0x267/0x740
[  125.149785]  ? lock_is_held_type+0xd7/0x130
[  125.149803]  __schedule+0xedd/0x2470
[  125.149817]  ? io_schedule_timeout+0x150/0x150
[  125.149829]  ? rcu_read_lock_sched_held+0x3e/0x80
[  125.149850]  schedule+0xda/0x1b0
[  125.149861]  exit_to_user_mode_prepare+0x114/0x1a0
[  125.149881]  syscall_exit_to_user_mode+0x19/0x40
[  125.149898]  do_syscall_64+0x48/0x90
[  125.149912]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.149929] RIP: 0033:0x7f49766c9b19
[  125.149938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  125.149949] RSP: 002b:00007f4973c3f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  125.149959] RAX: 0000000000000001 RBX: 00007f49767dcf68 RCX: 00007f49766c9b19
[  125.149967] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f49767dcf6c
[  125.149974] RBP: 00007f49767dcf60 R08: 000000000000000e R09: 0000000000000000
[  125.149981] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f49767dcf6c
[  125.149989] R13: 00007ffd2b76e54f R14: 00007f4973c3f300 R15: 0000000000022000
[  125.150001]  </TASK>
[  125.205051] WARNING: CPU: 1 PID: 3745 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  125.205720] Modules linked in:
[  125.205962] CPU: 1 PID: 3745 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220914 #1
[  125.206540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  125.207349] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  125.207741] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  125.209042] RSP: 0018:ffff88801832fc48 EFLAGS: 00010006
[  125.209440] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  125.209975] RDX: ffff888018b7b580 RSI: ffffffff81566027 RDI: 0000000000000005
[  125.210498] RBP: ffff88801d4c0000 R08: 0000000000000005 R09: 0000000000000001
[  125.211024] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800d24a800
[  125.211565] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  125.212094] FS:  00007f4973c3f700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  125.212685] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  125.213113] CR2: 00007f8bd59de310 CR3: 000000003fdb2000 CR4: 0000000000350ee0
[  125.213644] Call Trace:
[  125.213842]  <TASK>
[  125.214015]  ctx_sched_out+0x8f1/0xc10
[  125.214313]  __perf_event_task_sched_out+0x6d0/0x18d0
[  125.214699]  ? lock_is_held_type+0xd7/0x130
[  125.215028]  ? __perf_cgroup_move+0x160/0x160
[  125.215365]  ? set_next_entity+0x304/0x550
[  125.215690]  ? update_curr+0x267/0x740
[  125.215989]  ? lock_is_held_type+0xd7/0x130
[  125.216315]  __schedule+0xedd/0x2470
[  125.216597]  ? io_schedule_timeout+0x150/0x150
[  125.216939]  ? rcu_read_lock_sched_held+0x3e/0x80
[  125.217314]  schedule+0xda/0x1b0
[  125.217577]  exit_to_user_mode_prepare+0x114/0x1a0
[  125.217952]  syscall_exit_to_user_mode+0x19/0x40
[  125.218313]  do_syscall_64+0x48/0x90
[  125.218597]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.218982] RIP: 0033:0x7f49766c9b19
[  125.219264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  125.220595] RSP: 002b:00007f4973c3f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  125.221158] RAX: 0000000000000001 RBX: 00007f49767dcf68 RCX: 00007f49766c9b19
[  125.221685] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f49767dcf6c
[  125.222209] RBP: 00007f49767dcf60 R08: 000000000000000e R09: 0000000000000000
[  125.222730] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f49767dcf6c
[  125.223259] R13: 00007ffd2b76e54f R14: 00007f4973c3f300 R15: 0000000000022000
[  125.223785]  </TASK>
[  125.223960] irq event stamp: 624
[  125.224210] hardirqs last  enabled at (623): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  125.224906] hardirqs last disabled at (624): [<ffffffff8424bcf5>] __schedule+0x1225/0x2470
[  125.225520] softirqs last  enabled at (348): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  125.226148] softirqs last disabled at (339): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  125.226783] ---[ end trace 0000000000000000 ]---
11:59:49 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x20, 0x7, 0xff, 0x39, 0x0, 0x4, 0x20, 0x6, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x8}, 0x800, 0x7, 0x5, 0x4, 0x1, 0x2, 0xfc, 0x0, 0x0, 0x0, 0x80000001}, 0xffffffffffffffff, 0xb, r0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000300)={0xffffffffffffffe5, 0x2})
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x88, 0x8, 0x5d, 0x4, 0x0, 0x0, 0x10, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x44000, 0x2, 0x20, 0x4, 0x40, 0x0, 0x8, 0x0, 0x2}, 0x0, 0xb, 0xffffffffffffffff, 0x3)
sendmmsg$inet6(r2, &(0x7f0000002880), 0x4000101, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000003b00))

[  127.605518] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
[  130.303870] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  130.308322] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  130.309448] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  130.313563] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  130.314852] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  130.317309] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  130.320768] Bluetooth: hci1: HCI_REQ-0x0c1a
[  130.358032] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  130.361061] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  130.362801] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  130.367359] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  130.369600] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  130.371140] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  130.374976] Bluetooth: hci6: HCI_REQ-0x0c1a
[  132.335979] Bluetooth: hci1: command 0x0409 tx timeout
[  132.401014] Bluetooth: hci6: command 0x0409 tx timeout
[  134.384074] Bluetooth: hci1: command 0x041b tx timeout
[  134.447979] Bluetooth: hci6: command 0x041b tx timeout

VM DIAGNOSIS:
11:59:48  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=0000000000033b60 RCX=0000000000000000 RDX=ffff888033bc8000
RSI=ffffffff848cc160 RDI=ffffffff84de67a0 RBP=ffff88806ce33b60 RSP=ffff888017467840
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffffffff81780466 R13=0000000000000200 R14=ffff888033bc8000 R15=0000000000000246
RIP=ffffffff84243514 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f41c52f4540 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2d5f8438b0 CR3=000000001b8c0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 ff00ffffffffffff 0000000000000000
YMM01=0000000000000000 0000000000000000 0100010001000000 ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0500050005000000 455441564952505f
YMM03=0000000000000000 0000000000000000 0000000000000000 000000564952505f
YMM04=0000000000000000 0000000000000000 0003000500050005 0005000000455441
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b24f1 RDI=ffffffff87641b60 RBP=ffffffff87641b20 RSP=ffff88801832f698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001
R12=0000000000000020 R13=ffffffff87641b20 R14=0000000000000010 R15=ffffffff822b24e0
RIP=ffffffff822b2549 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f4973c3f700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8bd59de310 CR3=000000003fdb2000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f49767b07c0 00007f49767b07c8
YMM02=0000000000000000 0000000000000000 00007f49767b07e0 00007f49767b07c0
YMM03=0000000000000000 0000000000000000 00007f49767b07c8 00007f49767b07c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000