Warning: Permanently added '[localhost]:27397' (ECDSA) to the list of known hosts.
2022/09/12 14:02:29 fuzzer started
2022/09/12 14:02:29 dialing manager at localhost:38027
syzkaller login: [   36.399909] cgroup: Unknown subsys name 'net'
[   36.500794] cgroup: Unknown subsys name 'rlimit'
2022/09/12 14:02:43 syscalls: 2215
2022/09/12 14:02:43 code coverage: enabled
2022/09/12 14:02:43 comparison tracing: enabled
2022/09/12 14:02:43 extra coverage: enabled
2022/09/12 14:02:43 setuid sandbox: enabled
2022/09/12 14:02:43 namespace sandbox: enabled
2022/09/12 14:02:43 Android sandbox: enabled
2022/09/12 14:02:43 fault injection: enabled
2022/09/12 14:02:43 leak checking: enabled
2022/09/12 14:02:43 net packet injection: enabled
2022/09/12 14:02:43 net device setup: enabled
2022/09/12 14:02:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/12 14:02:43 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/12 14:02:43 USB emulation: enabled
2022/09/12 14:02:43 hci packet injection: enabled
2022/09/12 14:02:43 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912                                          )
2022/09/12 14:02:43 802.15.4 emulation: enabled
2022/09/12 14:02:43 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/12 14:02:43 fetching corpus: 50, signal 31452/34720 (executing program)
2022/09/12 14:02:44 fetching corpus: 100, signal 42388/46878 (executing program)
2022/09/12 14:02:44 fetching corpus: 150, signal 52465/58006 (executing program)
2022/09/12 14:02:44 fetching corpus: 200, signal 61105/67497 (executing program)
2022/09/12 14:02:44 fetching corpus: 250, signal 68306/75394 (executing program)
2022/09/12 14:02:44 fetching corpus: 300, signal 73061/80978 (executing program)
2022/09/12 14:02:44 fetching corpus: 350, signal 78135/86746 (executing program)
2022/09/12 14:02:45 fetching corpus: 400, signal 84688/93626 (executing program)
2022/09/12 14:02:45 fetching corpus: 450, signal 89970/99282 (executing program)
2022/09/12 14:02:45 fetching corpus: 500, signal 94084/103808 (executing program)
2022/09/12 14:02:45 fetching corpus: 550, signal 96581/106858 (executing program)
2022/09/12 14:02:45 fetching corpus: 600, signal 100252/110817 (executing program)
2022/09/12 14:02:45 fetching corpus: 650, signal 103432/114287 (executing program)
2022/09/12 14:02:46 fetching corpus: 700, signal 107070/118040 (executing program)
2022/09/12 14:02:46 fetching corpus: 750, signal 110812/121879 (executing program)
2022/09/12 14:02:46 fetching corpus: 800, signal 114227/125291 (executing program)
2022/09/12 14:02:46 fetching corpus: 850, signal 116011/127353 (executing program)
2022/09/12 14:02:46 fetching corpus: 900, signal 119426/130629 (executing program)
2022/09/12 14:02:47 fetching corpus: 950, signal 121279/132577 (executing program)
2022/09/12 14:02:47 fetching corpus: 1000, signal 122683/134167 (executing program)
2022/09/12 14:02:47 fetching corpus: 1050, signal 124146/135827 (executing program)
2022/09/12 14:02:47 fetching corpus: 1100, signal 125858/137619 (executing program)
2022/09/12 14:02:47 fetching corpus: 1150, signal 127731/139469 (executing program)
2022/09/12 14:02:47 fetching corpus: 1200, signal 129745/141368 (executing program)
2022/09/12 14:02:47 fetching corpus: 1250, signal 131398/142976 (executing program)
2022/09/12 14:02:48 fetching corpus: 1300, signal 133085/144555 (executing program)
2022/09/12 14:02:48 fetching corpus: 1350, signal 135009/146295 (executing program)
2022/09/12 14:02:48 fetching corpus: 1400, signal 136754/147880 (executing program)
2022/09/12 14:02:48 fetching corpus: 1450, signal 139046/149814 (executing program)
2022/09/12 14:02:48 fetching corpus: 1500, signal 140226/150909 (executing program)
2022/09/12 14:02:48 fetching corpus: 1550, signal 141465/152077 (executing program)
2022/09/12 14:02:48 fetching corpus: 1600, signal 143001/153470 (executing program)
2022/09/12 14:02:49 fetching corpus: 1650, signal 144366/154616 (executing program)
2022/09/12 14:02:49 fetching corpus: 1700, signal 146768/156265 (executing program)
2022/09/12 14:02:49 fetching corpus: 1750, signal 148386/157490 (executing program)
2022/09/12 14:02:49 fetching corpus: 1800, signal 150037/158635 (executing program)
2022/09/12 14:02:49 fetching corpus: 1850, signal 150976/159377 (executing program)
2022/09/12 14:02:50 fetching corpus: 1900, signal 151879/160133 (executing program)
2022/09/12 14:02:50 fetching corpus: 1950, signal 153158/161028 (executing program)
2022/09/12 14:02:50 fetching corpus: 2000, signal 154547/161925 (executing program)
2022/09/12 14:02:50 fetching corpus: 2050, signal 155842/162798 (executing program)
2022/09/12 14:02:50 fetching corpus: 2100, signal 156474/163325 (executing program)
2022/09/12 14:02:50 fetching corpus: 2150, signal 158146/164325 (executing program)
2022/09/12 14:02:50 fetching corpus: 2200, signal 160019/165341 (executing program)
2022/09/12 14:02:51 fetching corpus: 2250, signal 160973/165941 (executing program)
2022/09/12 14:02:51 fetching corpus: 2300, signal 161913/166449 (executing program)
2022/09/12 14:02:51 fetching corpus: 2350, signal 162741/166938 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167077 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167162 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167261 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167352 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167444 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167522 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167593 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167678 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167770 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167857 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/167921 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168013 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168103 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168198 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168303 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168405 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168487 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168568 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168656 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168742 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168803 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168882 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/168966 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169055 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169143 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169235 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169321 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169394 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169492 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169571 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169671 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169748 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169825 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169908 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169982 (executing program)
2022/09/12 14:02:51 fetching corpus: 2359, signal 162900/169982 (executing program)
2022/09/12 14:02:54 starting 8 fuzzer processes
14:02:54 executing program 0:
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f00000000c0))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
unlink(&(0x7f0000000000)='./file0\x00')
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)={0x200017e})
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
close(r0)
socket$inet6_udp(0xa, 0x2, 0x0)

14:02:54 executing program 3:
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r0, &(0x7f00000001c0)={0x7}, 0x7)

14:02:54 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)={0x0, 0x0, 0x2c}, 0x18)

14:02:54 executing program 2:
r0 = msgget$private(0x0, 0x445)
msgctl$IPC_INFO(r0, 0x3, &(0x7f00000005c0)=""/168)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0xa, &(0x7f0000000000)={0x14, 0x0}, 0x10)
fstatfs(0xffffffffffffffff, &(0x7f0000000100)=""/172)
perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x80, 0x9, 0x1, 0x8, 0x0, 0x1, 0x40002, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff, 0x0, @perf_config_ext={0xffffffff, 0x6}, 0x204, 0x401, 0x30735316, 0x8, 0x0, 0x20, 0x7ff, 0x0, 0x892, 0x0, 0x4}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x9)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x32261, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000680)={&(0x7f0000000240)={0x20, 0x1, 0x4, 0x201, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFULA_CFG_MODE={0xa, 0x2, {0x5}}]}, 0x20}, 0x1, 0x0, 0x0, 0x40801}, 0x4000080)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
msgctl$IPC_RMID(0x0, 0x0)

14:02:54 executing program 4:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r0, 0xff, 0x0, 0x0, 0x0)

14:02:54 executing program 5:
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)

14:02:54 executing program 6:
syz_emit_ethernet(0x32e, &(0x7f0000000000)={@random="bd99d58573e9", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2f8, 0x3a, 0xff, @private2, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00', [{0x0, 0x3, "57b3d04771900b492d6d099be51a6565f38f408a18f7b360"}, {0x0, 0x17, "6645aeee840c8050ddbe2c178fdae1cf69ae9412478d79d0c60d7a1af59bc0b7aa0cc3533d18460617841b6a324d1eb9ccd0e0aeaaa350a5dd6b3865a39256659b63512d24da4755a2991e03cc66eaf77c680f893c83942735d2c5e5ea9d676fe8cd49e4836da45c7adf15c843f651a1a176452b67be0a514b45e707d8cf2680fc7721d1f2803c76a0c092b23d1e8a7c68073e11b8ba7cbc0f0706302faf05b8958fee428406f0403a9e7f91fceb36c0dd7f2e14f444cb8a"}, {0x0, 0x19, "190671b067ef39d88ee6c687b9627c1f9bfb214392a097c6ab8c3037c41462ce5eb2603c2a0e0446944b5528325716c8d39503cdd72d8c53325179d0ce7f81de52f0352500510e071da16b4c6f2429e67164ec37983d615699b5bc72f1f7d4f531dc51660c0daa90a29fac27c1bf1406d79ceded356ab878eb6e6d4f4c7d0b12639aa31bf90cc6a2955a1e96bf63a5c14ae3756c9e1fcd51fb4b2c606896dd984296b432e5b701f0907ce6f18dcce6cc0c1fe4a46d3aacefa99977e931eb2149f4c52c101b707b233474d7"}, {0x0, 0x13, "dbb1e5498f50147514c42255261b84abcde773320435d1373386f9142444920a195205fc4745476b25c8c36fb220e7af6298f8f0edd9d49fdb21ccbe66c9b010a197274982debcad43f1c9fa67eed093544073b09985b5f9a4e6cc0662c211b756546866dfe45d678e6ea377ebd00153a61e302c397a62fe097cc8dd7e36952591647eaf1d3fc83263ba7c58e0bc64b8ed44770432a9c04364"}, {0x1, 0x15, "51ec4405ebf6af44b69f3d19af64d4a8aef9b545a106b12908f6b89bbd5519f02cc9ff96aa3a97de9a49bb1437467a7b7ab028245a232c4ea1d90a5878f770be68ac4448452c457ac05789600b8367a684b62ca8f7aa52f3f5c11d925464394002c1960cbec514cbc911df10d9fec93f2f353f02126d6a986918ade326218d057c2735f7fd6f88caf96d064cdefec2ac02f2e69cea7fb5eaa3e605de8cb3a9718851d8dd2457"}]}}}}}}, 0x0)

[   61.694720] audit: type=1400 audit(1662991374.800:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
14:02:54 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x73)
openat$hpet(0xffffffffffffff9c, 0x0, 0x0, 0x0)

[   63.033318] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   63.036133] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   63.037598] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   63.041318] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   63.043329] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   63.045055] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   63.052777] Bluetooth: hci0: HCI_REQ-0x0c1a
[   63.094785] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   63.099222] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   63.100567] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   63.105230] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   63.114484] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   63.116353] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   63.117886] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   63.119670] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   63.121279] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   63.122748] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   63.124404] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   63.125968] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   63.127023] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   63.128208] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   63.129354] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   63.131666] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   63.133124] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   63.134215] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   63.135108] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   63.135410] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   63.139606] Bluetooth: hci7: HCI_REQ-0x0c1a
[   63.148180] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   63.148275] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   63.149370] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   63.151119] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   63.151863] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   63.152827] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   63.153563] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   63.157092] Bluetooth: hci6: HCI_REQ-0x0c1a
[   63.158239] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   63.163050] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   63.164836] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   63.166339] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   63.167938] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   63.169334] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   63.169456] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   63.174047] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   63.177876] Bluetooth: hci3: HCI_REQ-0x0c1a
[   63.183124] Bluetooth: hci4: HCI_REQ-0x0c1a
[   63.189342] Bluetooth: hci2: HCI_REQ-0x0c1a
[   63.207538] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   63.222170] Bluetooth: hci5: HCI_REQ-0x0c1a
[   65.105841] Bluetooth: hci1: Opcode 0x c03 failed: -110
[   65.106456] Bluetooth: hci0: command 0x0409 tx timeout
[   65.169771] Bluetooth: hci7: command 0x0409 tx timeout
[   65.169807] Bluetooth: hci6: command 0x0409 tx timeout
[   65.233802] Bluetooth: hci5: command 0x0409 tx timeout
[   65.233840] Bluetooth: hci2: command 0x0409 tx timeout
[   65.234978] Bluetooth: hci4: command 0x0409 tx timeout
[   65.235566] Bluetooth: hci3: command 0x0409 tx timeout
[   67.154254] Bluetooth: hci0: command 0x041b tx timeout
[   67.217816] Bluetooth: hci6: command 0x041b tx timeout
[   67.220007] Bluetooth: hci7: command 0x041b tx timeout
[   67.282030] Bluetooth: hci3: command 0x041b tx timeout
[   67.283317] Bluetooth: hci4: command 0x041b tx timeout
[   67.285551] Bluetooth: hci2: command 0x041b tx timeout
[   67.286576] Bluetooth: hci5: command 0x041b tx timeout
[   68.118639] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   68.121566] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   68.123249] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   68.126348] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   68.128329] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   68.129668] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   68.134407] Bluetooth: hci1: HCI_REQ-0x0c1a
[   69.201805] Bluetooth: hci0: command 0x040f tx timeout
[   69.265752] Bluetooth: hci7: command 0x040f tx timeout
[   69.266288] Bluetooth: hci6: command 0x040f tx timeout
[   69.329822] Bluetooth: hci5: command 0x040f tx timeout
[   69.330332] Bluetooth: hci2: command 0x040f tx timeout
[   69.331424] Bluetooth: hci4: command 0x040f tx timeout
[   69.332230] Bluetooth: hci3: command 0x040f tx timeout
[   70.161769] Bluetooth: hci1: command 0x0409 tx timeout
[   71.249767] Bluetooth: hci0: command 0x0419 tx timeout
[   71.313761] Bluetooth: hci6: command 0x0419 tx timeout
[   71.314225] Bluetooth: hci7: command 0x0419 tx timeout
[   71.377986] Bluetooth: hci3: command 0x0419 tx timeout
[   71.378449] Bluetooth: hci4: command 0x0419 tx timeout
[   71.378877] Bluetooth: hci2: command 0x0419 tx timeout
[   71.379278] Bluetooth: hci5: command 0x0419 tx timeout
[   72.209955] Bluetooth: hci1: command 0x041b tx timeout
[   74.257820] Bluetooth: hci1: command 0x040f tx timeout
[   76.305817] Bluetooth: hci1: command 0x0419 tx timeout
14:03:53 executing program 6:
syz_emit_ethernet(0x32e, &(0x7f0000000000)={@random="bd99d58573e9", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2f8, 0x3a, 0xff, @private2, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00', [{0x0, 0x3, "57b3d04771900b492d6d099be51a6565f38f408a18f7b360"}, {0x0, 0x17, "6645aeee840c8050ddbe2c178fdae1cf69ae9412478d79d0c60d7a1af59bc0b7aa0cc3533d18460617841b6a324d1eb9ccd0e0aeaaa350a5dd6b3865a39256659b63512d24da4755a2991e03cc66eaf77c680f893c83942735d2c5e5ea9d676fe8cd49e4836da45c7adf15c843f651a1a176452b67be0a514b45e707d8cf2680fc7721d1f2803c76a0c092b23d1e8a7c68073e11b8ba7cbc0f0706302faf05b8958fee428406f0403a9e7f91fceb36c0dd7f2e14f444cb8a"}, {0x0, 0x19, "190671b067ef39d88ee6c687b9627c1f9bfb214392a097c6ab8c3037c41462ce5eb2603c2a0e0446944b5528325716c8d39503cdd72d8c53325179d0ce7f81de52f0352500510e071da16b4c6f2429e67164ec37983d615699b5bc72f1f7d4f531dc51660c0daa90a29fac27c1bf1406d79ceded356ab878eb6e6d4f4c7d0b12639aa31bf90cc6a2955a1e96bf63a5c14ae3756c9e1fcd51fb4b2c606896dd984296b432e5b701f0907ce6f18dcce6cc0c1fe4a46d3aacefa99977e931eb2149f4c52c101b707b233474d7"}, {0x0, 0x13, "dbb1e5498f50147514c42255261b84abcde773320435d1373386f9142444920a195205fc4745476b25c8c36fb220e7af6298f8f0edd9d49fdb21ccbe66c9b010a197274982debcad43f1c9fa67eed093544073b09985b5f9a4e6cc0662c211b756546866dfe45d678e6ea377ebd00153a61e302c397a62fe097cc8dd7e36952591647eaf1d3fc83263ba7c58e0bc64b8ed44770432a9c04364"}, {0x1, 0x15, "51ec4405ebf6af44b69f3d19af64d4a8aef9b545a106b12908f6b89bbd5519f02cc9ff96aa3a97de9a49bb1437467a7b7ab028245a232c4ea1d90a5878f770be68ac4448452c457ac05789600b8367a684b62ca8f7aa52f3f5c11d925464394002c1960cbec514cbc911df10d9fec93f2f353f02126d6a986918ade326218d057c2735f7fd6f88caf96d064cdefec2ac02f2e69cea7fb5eaa3e605de8cb3a9718851d8dd2457"}]}}}}}}, 0x0)

14:03:53 executing program 6:
syz_emit_ethernet(0x32e, &(0x7f0000000000)={@random="bd99d58573e9", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2f8, 0x3a, 0xff, @private2, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00', [{0x0, 0x3, "57b3d04771900b492d6d099be51a6565f38f408a18f7b360"}, {0x0, 0x17, "6645aeee840c8050ddbe2c178fdae1cf69ae9412478d79d0c60d7a1af59bc0b7aa0cc3533d18460617841b6a324d1eb9ccd0e0aeaaa350a5dd6b3865a39256659b63512d24da4755a2991e03cc66eaf77c680f893c83942735d2c5e5ea9d676fe8cd49e4836da45c7adf15c843f651a1a176452b67be0a514b45e707d8cf2680fc7721d1f2803c76a0c092b23d1e8a7c68073e11b8ba7cbc0f0706302faf05b8958fee428406f0403a9e7f91fceb36c0dd7f2e14f444cb8a"}, {0x0, 0x19, "190671b067ef39d88ee6c687b9627c1f9bfb214392a097c6ab8c3037c41462ce5eb2603c2a0e0446944b5528325716c8d39503cdd72d8c53325179d0ce7f81de52f0352500510e071da16b4c6f2429e67164ec37983d615699b5bc72f1f7d4f531dc51660c0daa90a29fac27c1bf1406d79ceded356ab878eb6e6d4f4c7d0b12639aa31bf90cc6a2955a1e96bf63a5c14ae3756c9e1fcd51fb4b2c606896dd984296b432e5b701f0907ce6f18dcce6cc0c1fe4a46d3aacefa99977e931eb2149f4c52c101b707b233474d7"}, {0x0, 0x13, "dbb1e5498f50147514c42255261b84abcde773320435d1373386f9142444920a195205fc4745476b25c8c36fb220e7af6298f8f0edd9d49fdb21ccbe66c9b010a197274982debcad43f1c9fa67eed093544073b09985b5f9a4e6cc0662c211b756546866dfe45d678e6ea377ebd00153a61e302c397a62fe097cc8dd7e36952591647eaf1d3fc83263ba7c58e0bc64b8ed44770432a9c04364"}, {0x1, 0x15, "51ec4405ebf6af44b69f3d19af64d4a8aef9b545a106b12908f6b89bbd5519f02cc9ff96aa3a97de9a49bb1437467a7b7ab028245a232c4ea1d90a5878f770be68ac4448452c457ac05789600b8367a684b62ca8f7aa52f3f5c11d925464394002c1960cbec514cbc911df10d9fec93f2f353f02126d6a986918ade326218d057c2735f7fd6f88caf96d064cdefec2ac02f2e69cea7fb5eaa3e605de8cb3a9718851d8dd2457"}]}}}}}}, 0x0)

14:03:53 executing program 6:
syz_emit_ethernet(0x32e, &(0x7f0000000000)={@random="bd99d58573e9", @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x2f8, 0x3a, 0xff, @private2, @local, {[], @ndisc_ns={0x87, 0x0, 0x0, @rand_addr=' \x01\x00', [{0x0, 0x3, "57b3d04771900b492d6d099be51a6565f38f408a18f7b360"}, {0x0, 0x17, "6645aeee840c8050ddbe2c178fdae1cf69ae9412478d79d0c60d7a1af59bc0b7aa0cc3533d18460617841b6a324d1eb9ccd0e0aeaaa350a5dd6b3865a39256659b63512d24da4755a2991e03cc66eaf77c680f893c83942735d2c5e5ea9d676fe8cd49e4836da45c7adf15c843f651a1a176452b67be0a514b45e707d8cf2680fc7721d1f2803c76a0c092b23d1e8a7c68073e11b8ba7cbc0f0706302faf05b8958fee428406f0403a9e7f91fceb36c0dd7f2e14f444cb8a"}, {0x0, 0x19, "190671b067ef39d88ee6c687b9627c1f9bfb214392a097c6ab8c3037c41462ce5eb2603c2a0e0446944b5528325716c8d39503cdd72d8c53325179d0ce7f81de52f0352500510e071da16b4c6f2429e67164ec37983d615699b5bc72f1f7d4f531dc51660c0daa90a29fac27c1bf1406d79ceded356ab878eb6e6d4f4c7d0b12639aa31bf90cc6a2955a1e96bf63a5c14ae3756c9e1fcd51fb4b2c606896dd984296b432e5b701f0907ce6f18dcce6cc0c1fe4a46d3aacefa99977e931eb2149f4c52c101b707b233474d7"}, {0x0, 0x13, "dbb1e5498f50147514c42255261b84abcde773320435d1373386f9142444920a195205fc4745476b25c8c36fb220e7af6298f8f0edd9d49fdb21ccbe66c9b010a197274982debcad43f1c9fa67eed093544073b09985b5f9a4e6cc0662c211b756546866dfe45d678e6ea377ebd00153a61e302c397a62fe097cc8dd7e36952591647eaf1d3fc83263ba7c58e0bc64b8ed44770432a9c04364"}, {0x1, 0x15, "51ec4405ebf6af44b69f3d19af64d4a8aef9b545a106b12908f6b89bbd5519f02cc9ff96aa3a97de9a49bb1437467a7b7ab028245a232c4ea1d90a5878f770be68ac4448452c457ac05789600b8367a684b62ca8f7aa52f3f5c11d925464394002c1960cbec514cbc911df10d9fec93f2f353f02126d6a986918ade326218d057c2735f7fd6f88caf96d064cdefec2ac02f2e69cea7fb5eaa3e605de8cb3a9718851d8dd2457"}]}}}}}}, 0x0)

14:03:54 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)={0x0, 0x0, 0x2c}, 0x18)

14:03:54 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000180)='.\x00', 0x808)
dup2(r0, r1)

[  121.086258] audit: type=1400 audit(1662991434.192:7): avc:  denied  { open } for  pid=3885 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.087787] audit: type=1400 audit(1662991434.193:8): avc:  denied  { kernel } for  pid=3885 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
14:03:54 executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000140)={0x0, 0x0, 0x2c}, 0x18)

14:03:54 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000180)='.\x00', 0x808)
dup2(r0, r1)

[  121.206544] ------------[ cut here ]------------
[  121.206578] 
[  121.206581] ======================================================
[  121.206585] WARNING: possible circular locking dependency detected
[  121.206589] 6.0.0-rc5-next-20220912 #1 Not tainted
[  121.206595] ------------------------------------------------------
[  121.206598] syz-executor.6/3897 is trying to acquire lock:
[  121.206605] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  121.206642] 
[  121.206642] but task is already holding lock:
[  121.206645] ffff888019f2f820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  121.206672] 
[  121.206672] which lock already depends on the new lock.
[  121.206672] 
[  121.206675] 
[  121.206675] the existing dependency chain (in reverse order) is:
[  121.206678] 
[  121.206678] -> #3 (&ctx->lock){....}-{2:2}:
[  121.206695]        _raw_spin_lock+0x2a/0x40
[  121.206713]        __perf_event_task_sched_out+0x53b/0x18d0
[  121.206725]        __schedule+0xedd/0x2470
[  121.206735]        schedule+0xda/0x1b0
[  121.206744]        futex_wait_queue+0xf5/0x1e0
[  121.206757]        futex_wait+0x28e/0x690
[  121.206767]        do_futex+0x2ff/0x380
[  121.206776]        __x64_sys_futex+0x1c6/0x4d0
[  121.206786]        do_syscall_64+0x3b/0x90
[  121.206800]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.206817] 
[  121.206817] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  121.206831]        _raw_spin_lock_nested+0x30/0x40
[  121.206846]        raw_spin_rq_lock_nested+0x1e/0x30
[  121.206859]        task_fork_fair+0x63/0x4d0
[  121.206876]        sched_cgroup_fork+0x3d0/0x540
[  121.206891]        copy_process+0x3f9e/0x6df0
[  121.206901]        kernel_clone+0xe7/0x890
[  121.206911]        user_mode_thread+0xad/0xf0
[  121.206921]        rest_init+0x24/0x250
[  121.206937]        arch_call_rest_init+0xf/0x14
[  121.206957]        start_kernel+0x4c1/0x4e6
[  121.206974]        secondary_startup_64_no_verify+0xe0/0xeb
[  121.206988] 
[  121.206988] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  121.207002]        _raw_spin_lock_irqsave+0x39/0x60
[  121.207017]        try_to_wake_up+0xab/0x1920
[  121.207031]        up+0x75/0xb0
[  121.207043]        __up_console_sem+0x6e/0x80
[  121.207059]        console_unlock+0x46a/0x590
[  121.207076]        vt_ioctl+0x2822/0x2ca0
[  121.207089]        tty_ioctl+0x7c4/0x1700
[  121.207101]        __x64_sys_ioctl+0x19a/0x210
[  121.207116]        do_syscall_64+0x3b/0x90
[  121.207130]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.207147] 
[  121.207147] -> #0 ((console_sem).lock){....}-{2:2}:
[  121.207161]        __lock_acquire+0x2a02/0x5e70
[  121.207178]        lock_acquire+0x1a2/0x530
[  121.207194]        _raw_spin_lock_irqsave+0x39/0x60
[  121.207209]        down_trylock+0xe/0x70
[  121.207222]        __down_trylock_console_sem+0x3b/0xd0
[  121.207238]        vprintk_emit+0x16b/0x560
[  121.207255]        vprintk+0x84/0xa0
[  121.207272]        _printk+0xba/0xf1
[  121.207290]        report_bug.cold+0x72/0xab
[  121.207303]        handle_bug+0x3c/0x70
[  121.207315]        exc_invalid_op+0x14/0x50
[  121.207329]        asm_exc_invalid_op+0x16/0x20
[  121.207345]        group_sched_out.part.0+0x2c7/0x460
[  121.207356]        ctx_sched_out+0x8f1/0xc10
[  121.207366]        __perf_event_task_sched_out+0x6d0/0x18d0
[  121.207378]        __schedule+0xedd/0x2470
[  121.207388]        schedule+0xda/0x1b0
[  121.207397]        exit_to_user_mode_prepare+0x114/0x1a0
[  121.207417]        syscall_exit_to_user_mode+0x19/0x40
[  121.207435]        do_syscall_64+0x48/0x90
[  121.207447]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.207464] 
[  121.207464] other info that might help us debug this:
[  121.207464] 
[  121.207467] Chain exists of:
[  121.207467]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  121.207467] 
[  121.207482]  Possible unsafe locking scenario:
[  121.207482] 
[  121.207484]        CPU0                    CPU1
[  121.207487]        ----                    ----
[  121.207489]   lock(&ctx->lock);
[  121.207494]                                lock(&rq->__lock);
[  121.207500]                                lock(&ctx->lock);
[  121.207507]   lock((console_sem).lock);
[  121.207512] 
[  121.207512]  *** DEADLOCK ***
[  121.207512] 
[  121.207514] 2 locks held by syz-executor.6/3897:
[  121.207521]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  121.207547]  #1: ffff888019f2f820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  121.207575] 
[  121.207575] stack backtrace:
[  121.207578] CPU: 0 PID: 3897 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220912 #1
[  121.207591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  121.207600] Call Trace:
[  121.207603]  <TASK>
[  121.207608]  dump_stack_lvl+0x8b/0xb3
[  121.207623]  check_noncircular+0x263/0x2e0
[  121.207640]  ? format_decode+0x26c/0xb50
[  121.207656]  ? print_circular_bug+0x450/0x450
[  121.207674]  ? enable_ptr_key_workfn+0x20/0x20
[  121.207689]  ? format_decode+0x26c/0xb50
[  121.207706]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  121.207725]  __lock_acquire+0x2a02/0x5e70
[  121.207749]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  121.207768]  ? __mutex_add_waiter+0x120/0x120
[  121.207788]  lock_acquire+0x1a2/0x530
[  121.207805]  ? down_trylock+0xe/0x70
[  121.207821]  ? rcu_read_unlock+0x40/0x40
[  121.207842]  ? __lock_acquire+0x164d/0x5e70
[  121.207861]  ? vprintk+0x84/0xa0
[  121.207881]  _raw_spin_lock_irqsave+0x39/0x60
[  121.207897]  ? down_trylock+0xe/0x70
[  121.207911]  down_trylock+0xe/0x70
[  121.207925]  ? vprintk+0x84/0xa0
[  121.207943]  __down_trylock_console_sem+0x3b/0xd0
[  121.207961]  vprintk_emit+0x16b/0x560
[  121.207981]  vprintk+0x84/0xa0
[  121.208000]  _printk+0xba/0xf1
[  121.208018]  ? record_print_text.cold+0x16/0x16
[  121.208042]  ? report_bug.cold+0x66/0xab
[  121.208057]  ? group_sched_out.part.0+0x2c7/0x460
[  121.208069]  report_bug.cold+0x72/0xab
[  121.208085]  handle_bug+0x3c/0x70
[  121.208099]  exc_invalid_op+0x14/0x50
[  121.208114]  asm_exc_invalid_op+0x16/0x20
[  121.208131] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  121.208145] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  121.208157] RSP: 0018:ffff888040067c48 EFLAGS: 00010006
[  121.208166] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  121.208174] RDX: ffff88800fe03580 RSI: ffffffff81566027 RDI: 0000000000000005
[  121.208183] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  121.208190] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff888019f2f800
[  121.208198] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  121.208211]  ? group_sched_out.part.0+0x2c7/0x460
[  121.208225]  ? group_sched_out.part.0+0x2c7/0x460
[  121.208239]  ctx_sched_out+0x8f1/0xc10
[  121.208253]  __perf_event_task_sched_out+0x6d0/0x18d0
[  121.208270]  ? lock_is_held_type+0xd7/0x130
[  121.208289]  ? __perf_cgroup_move+0x160/0x160
[  121.208301]  ? set_next_entity+0x304/0x550
[  121.208320]  ? update_curr+0x267/0x740
[  121.208340]  ? lock_is_held_type+0xd7/0x130
[  121.208360]  __schedule+0xedd/0x2470
[  121.208374]  ? io_schedule_timeout+0x150/0x150
[  121.208387]  ? __x64_sys_futex_time32+0x480/0x480
[  121.208402]  schedule+0xda/0x1b0
[  121.208413]  exit_to_user_mode_prepare+0x114/0x1a0
[  121.208435]  syscall_exit_to_user_mode+0x19/0x40
[  121.208453]  do_syscall_64+0x48/0x90
[  121.208468]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.208486] RIP: 0033:0x7f8782c88b19
[  121.208494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  121.208506] RSP: 002b:00007f87801fe218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  121.208517] RAX: 0000000000000001 RBX: 00007f8782d9bf68 RCX: 00007f8782c88b19
[  121.208525] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8782d9bf6c
[  121.208533] RBP: 00007f8782d9bf60 R08: 000000000000000e R09: 0000000000000000
[  121.208540] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8782d9bf6c
[  121.208548] R13: 00007fff2b90510f R14: 00007f87801fe300 R15: 0000000000022000
[  121.208563]  </TASK>
[  121.265582] WARNING: CPU: 0 PID: 3897 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  121.266271] Modules linked in:
[  121.266533] CPU: 0 PID: 3897 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220912 #1
[  121.267139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  121.267961] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  121.268360] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  121.269684] RSP: 0018:ffff888040067c48 EFLAGS: 00010006
[  121.270081] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  121.270617] RDX: ffff88800fe03580 RSI: ffffffff81566027 RDI: 0000000000000005
[  121.271147] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  121.271676] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff888019f2f800
[  121.272206] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  121.272737] FS:  00007f87801fe700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  121.273336] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  121.273773] CR2: 00007f8782d9c018 CR3: 000000003fe04000 CR4: 0000000000350ef0
[  121.274319] Call Trace:
[  121.274509]  <TASK>
[  121.274689]  ctx_sched_out+0x8f1/0xc10
[  121.274986]  __perf_event_task_sched_out+0x6d0/0x18d0
[  121.275376]  ? lock_is_held_type+0xd7/0x130
[  121.275705]  ? __perf_cgroup_move+0x160/0x160
[  121.276052]  ? set_next_entity+0x304/0x550
[  121.276379]  ? update_curr+0x267/0x740
[  121.276689]  ? lock_is_held_type+0xd7/0x130
[  121.277027]  __schedule+0xedd/0x2470
[  121.277311]  ? io_schedule_timeout+0x150/0x150
[  121.277664]  ? __x64_sys_futex_time32+0x480/0x480
[  121.278029]  schedule+0xda/0x1b0
[  121.278292]  exit_to_user_mode_prepare+0x114/0x1a0
[  121.278673]  syscall_exit_to_user_mode+0x19/0x40
[  121.279035]  do_syscall_64+0x48/0x90
[  121.279316]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.279712] RIP: 0033:0x7f8782c88b19
[  121.279997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  121.281327] RSP: 002b:00007f87801fe218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  121.281893] RAX: 0000000000000001 RBX: 00007f8782d9bf68 RCX: 00007f8782c88b19
[  121.282427] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8782d9bf6c
[  121.282964] RBP: 00007f8782d9bf60 R08: 000000000000000e R09: 0000000000000000
[  121.283467] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8782d9bf6c
[  121.284004] R13: 00007fff2b90510f R14: 00007f87801fe300 R15: 0000000000022000
[  121.284554]  </TASK>
[  121.284740] irq event stamp: 216
[  121.285001] hardirqs last  enabled at (215): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  121.285725] hardirqs last disabled at (216): [<ffffffff84247a45>] __schedule+0x1225/0x2470
[  121.286370] softirqs last  enabled at (0): [<ffffffff811500ce>] copy_process+0x1dfe/0x6df0
[  121.287020] softirqs last disabled at (0): [<0000000000000000>] 0x0
[  121.287493] ---[ end trace 0000000000000000 ]---
14:03:54 executing program 6:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f0000000180)='.\x00', 0x808)
dup2(r0, r1)

[  124.062985] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  124.063952] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  124.064753] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  124.066361] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  124.067609] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  124.068428] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  124.075567] Bluetooth: hci4: HCI_REQ-0x0c1a
[  124.115436] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  124.116219] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  124.117239] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  124.118624] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  124.119583] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  124.120405] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  124.123892] Bluetooth: hci7: HCI_REQ-0x0c1a
[  126.097775] Bluetooth: hci4: command 0x0409 tx timeout
[  126.099373] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  126.161786] Bluetooth: hci7: command 0x0409 tx timeout
[  128.146156] Bluetooth: hci4: command 0x041b tx timeout
[  128.209754] Bluetooth: hci7: command 0x041b tx timeout
[  130.195041] Bluetooth: hci4: command 0x040f tx timeout
[  130.258745] Bluetooth: hci7: command 0x040f tx timeout
[  130.322711] Bluetooth: hci2: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
14:03:54  Registers:
info registers vcpu 0
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888040067698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000034 R11=0000000000000001
R12=0000000000000034 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30
RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f87801fe700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8782d9c018 CR3=000000003fe04000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f8782d6f7c0 00007f8782d6f7c8
YMM02=0000000000000000 0000000000000000 00007f8782d6f7e0 00007f8782d6f7c0
YMM03=0000000000000000 0000000000000000 00007f8782d6f7c8 00007f8782d6f7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff812a3828 RDX=0000000000000000
RSI=0000000000000008 RDI=ffffffff85b01f10 RBP=ffff8880080d0000 RSP=ffff88804008fa30
R8 =0000000000000000 R9 =ffffffff85b01f17 R10=0000000000000000 R11=0000000000000001
R12=ffff8880080d0090 R13=ffffffff81840bd5 R14=0000000000000001 R15=ffff88804008fc30
RIP=ffffffff812a3ba3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f8794cf2540 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8794e8d4a1 CR3=000000001b4aa000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 0000ffff00000000 0000000000000000
YMM02=0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
YMM03=0000000000000000 0000000000000000 756e20796d6d7564 20736e6f6974706f
YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000