Warning: Permanently added '[localhost]:8127' (ECDSA) to the list of known hosts.
2022/09/14 12:48:41 fuzzer started
2022/09/14 12:48:42 dialing manager at localhost:33849
syzkaller login: [   45.183995] cgroup: Unknown subsys name 'net'
[   45.279228] cgroup: Unknown subsys name 'rlimit'
2022/09/14 12:48:56 syscalls: 2215
2022/09/14 12:48:56 code coverage: enabled
2022/09/14 12:48:56 comparison tracing: enabled
2022/09/14 12:48:56 extra coverage: enabled
2022/09/14 12:48:56 setuid sandbox: enabled
2022/09/14 12:48:56 namespace sandbox: enabled
2022/09/14 12:48:56 Android sandbox: enabled
2022/09/14 12:48:56 fault injection: enabled
2022/09/14 12:48:56 leak checking: enabled
2022/09/14 12:48:56 net packet injection: enabled
2022/09/14 12:48:56 net device setup: enabled
2022/09/14 12:48:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/14 12:48:56 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/14 12:48:56 USB emulation: enabled
2022/09/14 12:48:56 hci packet injection: enabled
2022/09/14 12:48:56 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220914                                          )
2022/09/14 12:48:56 802.15.4 emulation: enabled
2022/09/14 12:48:56 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/14 12:48:56 fetching corpus: 43, signal 26060/29646 (executing program)
2022/09/14 12:48:57 fetching corpus: 93, signal 35788/40881 (executing program)
2022/09/14 12:48:57 fetching corpus: 143, signal 49181/55507 (executing program)
2022/09/14 12:48:57 fetching corpus: 193, signal 59992/67382 (executing program)
2022/09/14 12:48:57 fetching corpus: 243, signal 68063/76519 (executing program)
2022/09/14 12:48:57 fetching corpus: 293, signal 75508/84866 (executing program)
2022/09/14 12:48:57 fetching corpus: 343, signal 81373/91648 (executing program)
2022/09/14 12:48:58 fetching corpus: 393, signal 85649/96923 (executing program)
2022/09/14 12:48:58 fetching corpus: 443, signal 88107/100453 (executing program)
2022/09/14 12:48:58 fetching corpus: 493, signal 92854/105909 (executing program)
2022/09/14 12:48:58 fetching corpus: 543, signal 97078/110866 (executing program)
2022/09/14 12:48:58 fetching corpus: 593, signal 100721/115189 (executing program)
2022/09/14 12:48:58 fetching corpus: 643, signal 103303/118551 (executing program)
2022/09/14 12:48:59 fetching corpus: 693, signal 106629/122499 (executing program)
2022/09/14 12:48:59 fetching corpus: 743, signal 108963/125536 (executing program)
2022/09/14 12:48:59 fetching corpus: 793, signal 111028/128348 (executing program)
2022/09/14 12:48:59 fetching corpus: 843, signal 113968/131856 (executing program)
2022/09/14 12:48:59 fetching corpus: 893, signal 116007/134521 (executing program)
2022/09/14 12:48:59 fetching corpus: 943, signal 118320/137396 (executing program)
2022/09/14 12:48:59 fetching corpus: 993, signal 121267/140752 (executing program)
2022/09/14 12:49:00 fetching corpus: 1043, signal 123401/143349 (executing program)
2022/09/14 12:49:00 fetching corpus: 1093, signal 127598/147549 (executing program)
2022/09/14 12:49:00 fetching corpus: 1143, signal 130034/150272 (executing program)
2022/09/14 12:49:00 fetching corpus: 1193, signal 131741/152382 (executing program)
2022/09/14 12:49:00 fetching corpus: 1243, signal 133584/154645 (executing program)
2022/09/14 12:49:00 fetching corpus: 1293, signal 135695/157054 (executing program)
2022/09/14 12:49:00 fetching corpus: 1343, signal 137846/159464 (executing program)
2022/09/14 12:49:01 fetching corpus: 1393, signal 139739/161648 (executing program)
2022/09/14 12:49:01 fetching corpus: 1443, signal 141532/163787 (executing program)
2022/09/14 12:49:01 fetching corpus: 1493, signal 144389/166632 (executing program)
2022/09/14 12:49:01 fetching corpus: 1543, signal 146199/168679 (executing program)
2022/09/14 12:49:01 fetching corpus: 1593, signal 147586/170332 (executing program)
2022/09/14 12:49:01 fetching corpus: 1643, signal 149371/172291 (executing program)
2022/09/14 12:49:02 fetching corpus: 1693, signal 151003/174061 (executing program)
2022/09/14 12:49:02 fetching corpus: 1743, signal 153821/176506 (executing program)
2022/09/14 12:49:02 fetching corpus: 1793, signal 155024/177911 (executing program)
2022/09/14 12:49:02 fetching corpus: 1843, signal 156510/179509 (executing program)
2022/09/14 12:49:02 fetching corpus: 1893, signal 157576/180890 (executing program)
2022/09/14 12:49:02 fetching corpus: 1943, signal 158864/182255 (executing program)
2022/09/14 12:49:02 fetching corpus: 1993, signal 159592/183302 (executing program)
2022/09/14 12:49:02 fetching corpus: 2043, signal 160746/184635 (executing program)
2022/09/14 12:49:03 fetching corpus: 2093, signal 162208/186062 (executing program)
2022/09/14 12:49:03 fetching corpus: 2143, signal 163564/187405 (executing program)
2022/09/14 12:49:03 fetching corpus: 2193, signal 164642/188599 (executing program)
2022/09/14 12:49:03 fetching corpus: 2243, signal 165838/189799 (executing program)
2022/09/14 12:49:03 fetching corpus: 2293, signal 166692/190792 (executing program)
2022/09/14 12:49:03 fetching corpus: 2343, signal 167869/191940 (executing program)
2022/09/14 12:49:03 fetching corpus: 2393, signal 169063/193114 (executing program)
2022/09/14 12:49:03 fetching corpus: 2443, signal 169906/194086 (executing program)
2022/09/14 12:49:04 fetching corpus: 2493, signal 170797/195043 (executing program)
2022/09/14 12:49:04 fetching corpus: 2543, signal 171592/195884 (executing program)
2022/09/14 12:49:04 fetching corpus: 2593, signal 173122/197071 (executing program)
2022/09/14 12:49:04 fetching corpus: 2643, signal 173982/197926 (executing program)
2022/09/14 12:49:04 fetching corpus: 2693, signal 175254/199042 (executing program)
2022/09/14 12:49:04 fetching corpus: 2743, signal 176154/199895 (executing program)
2022/09/14 12:49:04 fetching corpus: 2793, signal 177376/200883 (executing program)
2022/09/14 12:49:04 fetching corpus: 2843, signal 178820/201885 (executing program)
2022/09/14 12:49:05 fetching corpus: 2893, signal 179994/202773 (executing program)
2022/09/14 12:49:05 fetching corpus: 2943, signal 181779/203887 (executing program)
2022/09/14 12:49:05 fetching corpus: 2993, signal 182823/204655 (executing program)
2022/09/14 12:49:05 fetching corpus: 3043, signal 183829/205459 (executing program)
2022/09/14 12:49:05 fetching corpus: 3093, signal 184993/206319 (executing program)
2022/09/14 12:49:05 fetching corpus: 3143, signal 185579/206870 (executing program)
2022/09/14 12:49:06 fetching corpus: 3193, signal 186170/207437 (executing program)
2022/09/14 12:49:06 fetching corpus: 3243, signal 187304/208261 (executing program)
2022/09/14 12:49:06 fetching corpus: 3293, signal 188672/209044 (executing program)
2022/09/14 12:49:06 fetching corpus: 3343, signal 189449/209615 (executing program)
2022/09/14 12:49:06 fetching corpus: 3393, signal 190385/210264 (executing program)
2022/09/14 12:49:06 fetching corpus: 3443, signal 191181/210827 (executing program)
2022/09/14 12:49:07 fetching corpus: 3493, signal 191794/211324 (executing program)
2022/09/14 12:49:07 fetching corpus: 3543, signal 192210/211729 (executing program)
2022/09/14 12:49:07 fetching corpus: 3593, signal 192847/212175 (executing program)
2022/09/14 12:49:07 fetching corpus: 3643, signal 193728/212699 (executing program)
2022/09/14 12:49:07 fetching corpus: 3693, signal 194515/213224 (executing program)
2022/09/14 12:49:07 fetching corpus: 3743, signal 195201/213686 (executing program)
2022/09/14 12:49:07 fetching corpus: 3793, signal 196219/214220 (executing program)
2022/09/14 12:49:08 fetching corpus: 3843, signal 197037/214663 (executing program)
2022/09/14 12:49:08 fetching corpus: 3893, signal 197821/215070 (executing program)
2022/09/14 12:49:08 fetching corpus: 3943, signal 198479/215472 (executing program)
2022/09/14 12:49:08 fetching corpus: 3993, signal 199114/215870 (executing program)
2022/09/14 12:49:08 fetching corpus: 4043, signal 199622/216174 (executing program)
2022/09/14 12:49:08 fetching corpus: 4093, signal 200464/216537 (executing program)
2022/09/14 12:49:08 fetching corpus: 4143, signal 201133/216922 (executing program)
2022/09/14 12:49:08 fetching corpus: 4193, signal 202534/217455 (executing program)
2022/09/14 12:49:09 fetching corpus: 4243, signal 203632/217885 (executing program)
2022/09/14 12:49:09 fetching corpus: 4293, signal 204691/218279 (executing program)
2022/09/14 12:49:09 fetching corpus: 4343, signal 205410/218550 (executing program)
2022/09/14 12:49:09 fetching corpus: 4393, signal 206103/218864 (executing program)
2022/09/14 12:49:09 fetching corpus: 4443, signal 207957/219246 (executing program)
2022/09/14 12:49:09 fetching corpus: 4493, signal 208915/219471 (executing program)
2022/09/14 12:49:09 fetching corpus: 4543, signal 210569/219778 (executing program)
2022/09/14 12:49:09 fetching corpus: 4593, signal 211381/219965 (executing program)
2022/09/14 12:49:10 fetching corpus: 4643, signal 211803/220090 (executing program)
2022/09/14 12:49:10 fetching corpus: 4693, signal 212407/220219 (executing program)
2022/09/14 12:49:10 fetching corpus: 4743, signal 213022/220348 (executing program)
2022/09/14 12:49:10 fetching corpus: 4787, signal 213635/220467 (executing program)
2022/09/14 12:49:10 fetching corpus: 4787, signal 213635/220521 (executing program)
2022/09/14 12:49:10 fetching corpus: 4787, signal 213635/220600 (executing program)
2022/09/14 12:49:10 fetching corpus: 4787, signal 213635/220664 (executing program)
2022/09/14 12:49:10 fetching corpus: 4787, signal 213635/220737 (executing program)
2022/09/14 12:49:10 fetching corpus: 4787, signal 213635/220789 (executing program)
2022/09/14 12:49:10 fetching corpus: 4787, signal 213635/220789 (executing program)
2022/09/14 12:49:13 starting 8 fuzzer processes
12:49:13 executing program 0:
socket$netlink(0x10, 0x3, 0x17)

12:49:13 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
fchmodat(0xffffffffffffffff, 0x0, 0x0)

12:49:13 executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0x19, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000100000005000000000004000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000e0f4655f000000000000000001000000000000000b0000000001000018000000c28500002b0200000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e30313738333335313800"/192, 0xc0, 0x400}, {&(0x7f0000010100)="0000000000000000000000003aa2ac8103a046169889a50d8894c561010040000c00000000000000e0f4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000500400000000000000000000000000000004300000000000000", 0x40, 0x540}, {&(0x7f0000010300)="02000000030000000400000019000f0003000400"/32, 0x20, 0x800}, {&(0x7f0000010400)="7f000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000e0f4655fe0f4655fe0f4655f00"/4128, 0x1020, 0x1000}, {&(0x7f0000011500)="ed41000000080000e0f4655fe0f4655fe0f4655f00000000000004004000000000000800050000000af301000400000000000000000000000100000010000000", 0x40, 0x2100}, {&(0x7f0000011600)="20000000688aa2d2688aa2d200000000e0f4655f00"/32, 0x20, 0x2180}, {&(0x7f0000011700)="8081000000601020e0f4655fe0f4655fe0f4655f00000000000001004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000e0f4655f00"/160, 0xa0, 0x2600}, {&(0x7f0000011800)="c041000000380000e0f4655fe0f4655fe0f4655f00000000000002004000000000000800000000000af301000400000000000000000000000700000020000000", 0x40, 0x2a00}, {&(0x7f0000011900)="20000000000000000000000000000000e0f4655f000000000000000000000000000002ea00"/64, 0x40, 0x2a80}, {&(0x7f0000011a00)="ed4100003c000000e0f4655fe0f4655fe0f4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c653100000000000000000000000000000000000000000000000000000001fb537300000000000000000000000000000000000000000000000020000000688aa2d2688aa2d2688aa2d2e0f4655f688aa2d20000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x2b00}, {&(0x7f0000011b00)="ed8100001a040000e0f4655fe0f4655fe0f4655f00000000000001004000000000000800010000000af301000400000000000000000000000100000050000000000000000000000000000000000000000000000000000000000000000000000000000000c6914ad800000000000000000000000000000000000000000000000020000000688aa2d2688aa2d2688aa2d2e0f4655f688aa2d20000000000000000", 0xa0, 0x2c00}, {&(0x7f0000011c00)="ffa1000026000000e0f4655fe0f4655fe0f4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3031373833333531382f66696c65302f66696c6530000000000000000000000000000000000000000000001f44752800000000000000000000000000000000000000000000000020000000688aa2d2688aa2d2688aa2d2e0f4655f688aa2d20000000000000000", 0xa0, 0x2d00}, {&(0x7f0000011d00)="ed8100000a000000e0f4655fe0f4655fe0f4655f000000000000010000000000000000100100000073797a6b616c6c65727300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008035a09700000000000000000000000000000000000000000000000020000000688aa2d2688aa2d2688aa2d2e0f4655f688aa2d20000000000000000000002ea040700000000000000000000000000006461746106015400000000000600000000000000786174747231000006014c000000000006000000000000007861747472320000000000000000000078617474723200007861747472310000ed81000028230000e0f4655fe0f4655fe0f4655f00000000000002004000000000000800010000000af301000400000000000000000000000500000060000000000000000000000000000000000000000000000000000000000000000000000000000000ae380fef00000000000000000000000000000000000000000000000020000000688aa2d2688aa2d2688aa2d2e0f4655f688aa2d20000000000000000", 0x1a0, 0x2e00}, {&(0x7f0000011f00)="ed81000064000000e0f4655fe0f4655fe0f4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c0514d06100000000000000000000000000000000000000000000000020000000688aa2d2688aa2d2688aa2d2e0f4655f688aa2d20000000000000000000002ea040734000000000028000000000000006461746100000000000000000000000000000000000000000000000000000000000000006c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273", 0x100, 0x3000}, {&(0x7f0000012000)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009407090166696c652e636f6c64000000", 0x80, 0x8000}, {&(0x7f0000012100)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8070000", 0x20, 0x10000}, {&(0x7f0000012200)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x10800}, {&(0x7f0000012300)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11000}, {&(0x7f0000012400)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x11800}, {&(0x7f0000012500)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12000}, {&(0x7f0000012600)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x12800}, {&(0x7f0000012700)='\x00\x00\x00\x00\x00\b\x00'/32, 0x20, 0x13000}, {&(0x7f0000012800)="504d4d00504d4dffe0f4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033310075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/128, 0x80, 0x20000}, {&(0x7f0000012900)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x28000}], 0x0, &(0x7f0000012e00))

[   75.165179] audit: type=1400 audit(1663159753.442:6): avc:  denied  { execmem } for  pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:49:13 executing program 3:
syz_mount_image$iso9660(&(0x7f0000000640), &(0x7f0000000680)='./file0\x00', 0x0, 0x0, &(0x7f0000000a00), 0x0, &(0x7f0000000a80)={[{@utf8}, {@utf8}, {@overriderock}], [{@euid_eq={'euid', 0x3d, 0xee01}}]})

12:49:13 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r0, 0x0, &(0x7f0000000040))

12:49:13 executing program 7:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r0, 0x5606, 0x0)

12:49:13 executing program 5:
semtimedop(0x0, 0x0, 0x1f4, 0x0)

12:49:13 executing program 6:
io_setup(0x5, &(0x7f0000000140))
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000200)={0x77359400}, 0x10)

[   76.508575] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.512016] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.513619] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.516774] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.519150] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   76.520876] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.525844] Bluetooth: hci0: HCI_REQ-0x0c1a
[   76.555297] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   76.558181] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   76.559564] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   76.562615] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   76.565003] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   76.566652] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   76.570806] Bluetooth: hci1: HCI_REQ-0x0c1a
[   76.581496] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   76.594329] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   76.596902] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   76.608609] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   76.637454] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   76.648828] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   76.650334] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   76.651893] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   76.653003] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   76.654684] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   76.657111] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   76.658210] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   76.659913] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   76.661535] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   76.666514] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   76.667595] Bluetooth: hci2: HCI_REQ-0x0c1a
[   76.668316] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   76.668806] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   76.671146] Bluetooth: hci3: HCI_REQ-0x0c1a
[   76.681929] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   76.683545] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   76.686481] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   76.687836] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   76.695823] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   76.698149] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   76.699605] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   76.705316] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   76.707498] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   76.709271] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   76.729238] Bluetooth: hci6: HCI_REQ-0x0c1a
[   76.741762] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   76.750348] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   76.767706] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   76.771239] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   76.772271] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   76.774245] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   76.795552] Bluetooth: hci5: HCI_REQ-0x0c1a
[   76.796349] Bluetooth: hci7: HCI_REQ-0x0c1a
[   76.832286] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   76.839672] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   76.845983] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   76.862135] Bluetooth: hci4: HCI_REQ-0x0c1a
[   78.593446] Bluetooth: hci1: command 0x0409 tx timeout
[   78.594255] Bluetooth: hci0: command 0x0409 tx timeout
[   78.721104] Bluetooth: hci2: command 0x0409 tx timeout
[   78.721691] Bluetooth: hci3: command 0x0409 tx timeout
[   78.784099] Bluetooth: hci6: command 0x0409 tx timeout
[   78.848131] Bluetooth: hci7: command 0x0409 tx timeout
[   78.849152] Bluetooth: hci5: command 0x0409 tx timeout
[   78.913079] Bluetooth: hci4: command 0x0409 tx timeout
[   80.641075] Bluetooth: hci0: command 0x041b tx timeout
[   80.641600] Bluetooth: hci1: command 0x041b tx timeout
[   80.768088] Bluetooth: hci3: command 0x041b tx timeout
[   80.768609] Bluetooth: hci2: command 0x041b tx timeout
[   80.833073] Bluetooth: hci6: command 0x041b tx timeout
[   80.897470] Bluetooth: hci5: command 0x041b tx timeout
[   80.897952] Bluetooth: hci7: command 0x041b tx timeout
[   80.960124] Bluetooth: hci4: command 0x041b tx timeout
[   82.689147] Bluetooth: hci1: command 0x040f tx timeout
[   82.689679] Bluetooth: hci0: command 0x040f tx timeout
[   82.817083] Bluetooth: hci2: command 0x040f tx timeout
[   82.817565] Bluetooth: hci3: command 0x040f tx timeout
[   82.880108] Bluetooth: hci6: command 0x040f tx timeout
[   82.945295] Bluetooth: hci7: command 0x040f tx timeout
[   82.945752] Bluetooth: hci5: command 0x040f tx timeout
[   83.009088] Bluetooth: hci4: command 0x040f tx timeout
[   84.737118] Bluetooth: hci0: command 0x0419 tx timeout
[   84.738162] Bluetooth: hci1: command 0x0419 tx timeout
[   84.865081] Bluetooth: hci3: command 0x0419 tx timeout
[   84.865538] Bluetooth: hci2: command 0x0419 tx timeout
[   84.929336] Bluetooth: hci6: command 0x0419 tx timeout
[   84.992281] Bluetooth: hci5: command 0x0419 tx timeout
[   84.992734] Bluetooth: hci7: command 0x0419 tx timeout
[   85.056151] Bluetooth: hci4: command 0x0419 tx timeout
12:50:13 executing program 4:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x41)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0, @time={0x9}, {}, {}, @control}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x1bb, @time})

[  135.253262] audit: type=1400 audit(1663159813.530:7): avc:  denied  { open } for  pid=3864 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  135.255138] audit: type=1400 audit(1663159813.530:8): avc:  denied  { kernel } for  pid=3864 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  135.270637] ------------[ cut here ]------------
[  135.270658] 
[  135.270661] ======================================================
[  135.270665] WARNING: possible circular locking dependency detected
[  135.270669] 6.0.0-rc5-next-20220914 #1 Not tainted
[  135.270676] ------------------------------------------------------
[  135.270680] syz-executor.6/3866 is trying to acquire lock:
[  135.270686] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  135.270727] 
[  135.270727] but task is already holding lock:
[  135.270730] ffff88800e3e7420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  135.270760] 
[  135.270760] which lock already depends on the new lock.
[  135.270760] 
[  135.270763] 
[  135.270763] the existing dependency chain (in reverse order) is:
[  135.270767] 
[  135.270767] -> #3 (&ctx->lock){....}-{2:2}:
[  135.270782]        _raw_spin_lock+0x2a/0x40
[  135.270801]        __perf_event_task_sched_out+0x53b/0x18d0
[  135.270815]        __schedule+0xedd/0x2470
[  135.270827]        schedule+0xda/0x1b0
[  135.270837]        futex_wait_queue+0xf5/0x1e0
[  135.270850]        futex_wait+0x28e/0x690
[  135.270861]        do_futex+0x2ff/0x380
[  135.270871]        __x64_sys_futex+0x1c6/0x4d0
[  135.270882]        do_syscall_64+0x3b/0x90
[  135.270897]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.270916] 
[  135.270916] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  135.270932]        _raw_spin_lock_nested+0x30/0x40
[  135.270948]        raw_spin_rq_lock_nested+0x1e/0x30
[  135.270962]        task_fork_fair+0x63/0x4d0
[  135.270983]        sched_cgroup_fork+0x3d0/0x540
[  135.270999]        copy_process+0x4183/0x6e20
[  135.271010]        kernel_clone+0xe7/0x890
[  135.271023]        user_mode_thread+0xad/0xf0
[  135.271034]        rest_init+0x24/0x250
[  135.271052]        arch_call_rest_init+0xf/0x14
[  135.271065]        start_kernel+0x4c1/0x4e6
[  135.271076]        secondary_startup_64_no_verify+0xe0/0xeb
[  135.271091] 
[  135.271091] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  135.271107]        _raw_spin_lock_irqsave+0x39/0x60
[  135.271123]        try_to_wake_up+0xab/0x1920
[  135.271138]        up+0x75/0xb0
[  135.271150]        __up_console_sem+0x6e/0x80
[  135.271167]        console_unlock+0x46a/0x590
[  135.271185]        vt_ioctl+0x2822/0x2ca0
[  135.271198]        tty_ioctl+0x7c4/0x1700
[  135.271210]        __x64_sys_ioctl+0x19a/0x210
[  135.271227]        do_syscall_64+0x3b/0x90
[  135.271241]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.271260] 
[  135.271260] -> #0 ((console_sem).lock){....}-{2:2}:
[  135.271275]        __lock_acquire+0x2a02/0x5e70
[  135.271293]        lock_acquire+0x1a2/0x530
[  135.271311]        _raw_spin_lock_irqsave+0x39/0x60
[  135.271327]        down_trylock+0xe/0x70
[  135.271341]        __down_trylock_console_sem+0x3b/0xd0
[  135.271358]        vprintk_emit+0x16b/0x560
[  135.271376]        vprintk+0x84/0xa0
[  135.271394]        _printk+0xba/0xf1
[  135.271413]        report_bug.cold+0x72/0xab
[  135.271426]        handle_bug+0x3c/0x70
[  135.271440]        exc_invalid_op+0x14/0x50
[  135.271455]        asm_exc_invalid_op+0x16/0x20
[  135.271473]        group_sched_out.part.0+0x2c7/0x460
[  135.271484]        ctx_sched_out+0x8f1/0xc10
[  135.271495]        __perf_event_task_sched_out+0x6d0/0x18d0
[  135.271509]        __schedule+0xedd/0x2470
[  135.271519]        schedule+0xda/0x1b0
[  135.271530]        futex_wait_queue+0xf5/0x1e0
[  135.271541]        futex_wait+0x28e/0x690
[  135.271552]        do_futex+0x2ff/0x380
[  135.271562]        __x64_sys_futex+0x1c6/0x4d0
[  135.271573]        do_syscall_64+0x3b/0x90
[  135.271587]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.271606] 
[  135.271606] other info that might help us debug this:
[  135.271606] 
[  135.271609] Chain exists of:
[  135.271609]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  135.271609] 
[  135.271626]  Possible unsafe locking scenario:
[  135.271626] 
[  135.271628]        CPU0                    CPU1
[  135.271631]        ----                    ----
[  135.271633]   lock(&ctx->lock);
[  135.271640]                                lock(&rq->__lock);
[  135.271647]                                lock(&ctx->lock);
[  135.271654]   lock((console_sem).lock);
[  135.271660] 
[  135.271660]  *** DEADLOCK ***
[  135.271660] 
[  135.271662] 2 locks held by syz-executor.6/3866:
[  135.271670]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  135.271699]  #1: ffff88800e3e7420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  135.271730] 
[  135.271730] stack backtrace:
[  135.271733] CPU: 0 PID: 3866 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220914 #1
[  135.271747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  135.271756] Call Trace:
[  135.271760]  <TASK>
[  135.271764]  dump_stack_lvl+0x8b/0xb3
[  135.271781]  check_noncircular+0x263/0x2e0
[  135.271800]  ? format_decode+0x26c/0xb50
[  135.271817]  ? print_circular_bug+0x450/0x450
[  135.271836]  ? enable_ptr_key_workfn+0x20/0x20
[  135.271852]  ? perf_trace_lock+0x308/0x560
[  135.271867]  ? format_decode+0x26c/0xb50
[  135.271885]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  135.271906]  __lock_acquire+0x2a02/0x5e70
[  135.271932]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  135.271958]  lock_acquire+0x1a2/0x530
[  135.271977]  ? down_trylock+0xe/0x70
[  135.271994]  ? rcu_read_unlock+0x40/0x40
[  135.272019]  ? vprintk+0x84/0xa0
[  135.272039]  _raw_spin_lock_irqsave+0x39/0x60
[  135.272056]  ? down_trylock+0xe/0x70
[  135.272072]  down_trylock+0xe/0x70
[  135.272086]  ? vprintk+0x84/0xa0
[  135.272105]  __down_trylock_console_sem+0x3b/0xd0
[  135.272125]  vprintk_emit+0x16b/0x560
[  135.272146]  vprintk+0x84/0xa0
[  135.272166]  _printk+0xba/0xf1
[  135.272185]  ? record_print_text.cold+0x16/0x16
[  135.272211]  ? report_bug.cold+0x66/0xab
[  135.272228]  ? group_sched_out.part.0+0x2c7/0x460
[  135.272241]  report_bug.cold+0x72/0xab
[  135.272258]  handle_bug+0x3c/0x70
[  135.272273]  exc_invalid_op+0x14/0x50
[  135.272290]  asm_exc_invalid_op+0x16/0x20
[  135.272309] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  135.272325] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  135.272337] RSP: 0018:ffff8880403c78f8 EFLAGS: 00010006
[  135.272348] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  135.272356] RDX: ffff888010065040 RSI: ffffffff81566027 RDI: 0000000000000005
[  135.272365] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  135.272373] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88800e3e7400
[  135.272382] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  135.272395]  ? group_sched_out.part.0+0x2c7/0x460
[  135.272411]  ? group_sched_out.part.0+0x2c7/0x460
[  135.272426]  ctx_sched_out+0x8f1/0xc10
[  135.272441]  __perf_event_task_sched_out+0x6d0/0x18d0
[  135.272459]  ? lock_is_held_type+0xd7/0x130
[  135.272480]  ? __perf_cgroup_move+0x160/0x160
[  135.272493]  ? set_next_entity+0x304/0x550
[  135.272516]  ? lock_is_held_type+0xd7/0x130
[  135.272537]  __schedule+0xedd/0x2470
[  135.272553]  ? io_schedule_timeout+0x150/0x150
[  135.272567]  ? futex_wait_setup+0x166/0x230
[  135.272584]  schedule+0xda/0x1b0
[  135.272597]  futex_wait_queue+0xf5/0x1e0
[  135.272611]  futex_wait+0x28e/0x690
[  135.272625]  ? futex_wait_setup+0x230/0x230
[  135.272641]  ? wake_up_q+0x8b/0xf0
[  135.272655]  ? do_raw_spin_unlock+0x4f/0x220
[  135.272677]  ? futex_wake+0x158/0x490
[  135.272697]  ? fd_install+0x1f9/0x640
[  135.272716]  do_futex+0x2ff/0x380
[  135.272729]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  135.272748]  __x64_sys_futex+0x1c6/0x4d0
[  135.272763]  ? __x64_sys_futex_time32+0x480/0x480
[  135.272778]  ? syscall_enter_from_user_mode+0x1d/0x50
[  135.272798]  ? syscall_enter_from_user_mode+0x1d/0x50
[  135.272822]  do_syscall_64+0x3b/0x90
[  135.272838]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.272857] RIP: 0033:0x7f2a068c5b19
[  135.272866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.272879] RSP: 002b:00007f2a03e3b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  135.272891] RAX: ffffffffffffffda RBX: 00007f2a069d8f68 RCX: 00007f2a068c5b19
[  135.272900] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2a069d8f68
[  135.272908] RBP: 00007f2a069d8f60 R08: 0000000000000000 R09: 0000000000000000
[  135.272916] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2a069d8f6c
[  135.272924] R13: 00007ffc48bddd9f R14: 00007f2a03e3b300 R15: 0000000000022000
[  135.272941]  </TASK>
[  135.338670] WARNING: CPU: 0 PID: 3866 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  135.339402] Modules linked in:
[  135.339664] CPU: 0 PID: 3866 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220914 #1
[  135.340306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  135.341189] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  135.341629] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  135.343040] RSP: 0018:ffff8880403c78f8 EFLAGS: 00010006
[  135.343466] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  135.344047] RDX: ffff888010065040 RSI: ffffffff81566027 RDI: 0000000000000005
[  135.344618] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  135.345182] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88800e3e7400
[  135.345768] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  135.346328] FS:  00007f2a03e3b700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  135.346967] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  135.347436] CR2: 00007ffac88623c0 CR3: 0000000040936000 CR4: 0000000000350ef0
[  135.348007] Call Trace:
[  135.348216]  <TASK>
[  135.348401]  ctx_sched_out+0x8f1/0xc10
[  135.348720]  __perf_event_task_sched_out+0x6d0/0x18d0
[  135.349135]  ? lock_is_held_type+0xd7/0x130
[  135.349505]  ? __perf_cgroup_move+0x160/0x160
[  135.349866]  ? set_next_entity+0x304/0x550
[  135.350208]  ? lock_is_held_type+0xd7/0x130
[  135.350559]  __schedule+0xedd/0x2470
[  135.350870]  ? io_schedule_timeout+0x150/0x150
[  135.351243]  ? futex_wait_setup+0x166/0x230
[  135.351596]  schedule+0xda/0x1b0
[  135.351872]  futex_wait_queue+0xf5/0x1e0
[  135.352197]  futex_wait+0x28e/0x690
[  135.352491]  ? futex_wait_setup+0x230/0x230
[  135.352840]  ? wake_up_q+0x8b/0xf0
[  135.353134]  ? do_raw_spin_unlock+0x4f/0x220
[  135.353511]  ? futex_wake+0x158/0x490
[  135.353841]  ? fd_install+0x1f9/0x640
[  135.354161]  do_futex+0x2ff/0x380
[  135.354455]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  135.354915]  __x64_sys_futex+0x1c6/0x4d0
[  135.355246]  ? __x64_sys_futex_time32+0x480/0x480
[  135.355643]  ? syscall_enter_from_user_mode+0x1d/0x50
[  135.356066]  ? syscall_enter_from_user_mode+0x1d/0x50
[  135.356490]  do_syscall_64+0x3b/0x90
[  135.356796]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  135.357228] RIP: 0033:0x7f2a068c5b19
[  135.357533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  135.358983] RSP: 002b:00007f2a03e3b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  135.359581] RAX: ffffffffffffffda RBX: 00007f2a069d8f68 RCX: 00007f2a068c5b19
[  135.360152] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2a069d8f68
[  135.360711] RBP: 00007f2a069d8f60 R08: 0000000000000000 R09: 0000000000000000
[  135.361289] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2a069d8f6c
[  135.361866] R13: 00007ffc48bddd9f R14: 00007f2a03e3b300 R15: 0000000000022000
[  135.362443]  </TASK>
[  135.362646] irq event stamp: 1284
[  135.362919] hardirqs last  enabled at (1283): [<ffffffff84242a1d>] syscall_enter_from_user_mode+0x1d/0x50
[  135.363687] hardirqs last disabled at (1284): [<ffffffff8424bcf5>] __schedule+0x1225/0x2470
[  135.364343] softirqs last  enabled at (1052): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  135.365038] softirqs last disabled at (1003): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  135.365747] ---[ end trace 0000000000000000 ]---
12:50:13 executing program 4:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x41)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0, @time={0x9}, {}, {}, @control}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x1bb, @time})

12:50:13 executing program 4:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x41)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0, @time={0x9}, {}, {}, @control}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x1bb, @time})

12:50:13 executing program 6:
io_setup(0x5, &(0x7f0000000140))
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000200)={0x77359400}, 0x10)

12:50:13 executing program 4:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x41)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0, @time={0x9}, {}, {}, @control}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x1bb, @time})

12:50:14 executing program 6:
io_setup(0x5, &(0x7f0000000140))
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x49, &(0x7f0000000200)={0x77359400}, 0x10)

12:50:14 executing program 4:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x41)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0, @time={0x9}, {}, {}, @control}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x1bb, @time})

12:50:14 executing program 4:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x41)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000080)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x0, @time={0x9}, {}, {}, @control}], 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x1bb, @time})

[  138.280298] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  138.281797] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  138.283186] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  138.287442] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  138.288771] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  138.289759] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  138.293009] Bluetooth: hci5: HCI_REQ-0x0c1a
[  140.160064] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  140.288078] Bluetooth: hci7: Opcode 0x c03 failed: -110
[  140.288122] Bluetooth: hci3: Opcode 0x c03 failed: -110
[  140.289454] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  140.289946] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  140.352070] Bluetooth: hci5: command 0x0409 tx timeout
[  142.405183] Bluetooth: hci5: command 0x041b tx timeout
[  144.448076] Bluetooth: hci5: command 0x040f tx timeout
[  144.448099] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  144.640081] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  144.768061] Bluetooth: hci3: Opcode 0x c03 failed: -110
[  144.768095] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  144.832129] Bluetooth: hci7: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
12:50:13  Registers:
info registers vcpu 0
RAX=0000000000000029 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b24f1 RDI=ffffffff87641b60 RBP=ffffffff87641b20 RSP=ffff8880403c7348
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000029 R11=0000000000000001
R12=0000000000000029 R13=ffffffff87641b20 R14=0000000000000010 R15=ffffffff822b24e0
RIP=ffffffff822b2549 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f2a03e3b700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffac88623c0 CR3=0000000040936000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f2a069ac7c0 00007f2a069ac7c8
YMM02=0000000000000000 0000000000000000 00007f2a069ac7e0 00007f2a069ac7c0
YMM03=0000000000000000 0000000000000000 00007f2a069ac7c8 00007f2a069ac7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000080000001 RBX=0000000000000001 RCX=1ffffffff0e0b0e0 RDX=0000000000000000
RSI=ffffffff816c7fa8 RDI=0000000000000001 RBP=ffff88803f29f620 RSP=ffff88803f29f530
R8 =ffffffff85ecb728 R9 =ffffffff85ecb72c R10=ffffed1007e53ec6 R11=ffff88803f29f608
R12=ffff88803f29f690 R13=0000000000000000 R14=ffff88803f29f5c8 R15=0000000000000dc0
RIP=ffffffff8120521a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fa9e8e0b260 CR3=000000000ee16000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 2e6f747079726362 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 00312e312e6f732e 6f74707972636269
YMM03=0000000000000000 0000000000000000 6c2f756e672d7875 6e696c2d34365f36
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000