Warning: Permanently added '[localhost]:38562' (ECDSA) to the list of known hosts.
2022/09/14 14:27:19 fuzzer started
2022/09/14 14:27:19 dialing manager at localhost:33849
syzkaller login: [   44.619143] cgroup: Unknown subsys name 'net'
[   44.794249] cgroup: Unknown subsys name 'rlimit'
2022/09/14 14:27:35 syscalls: 2215
2022/09/14 14:27:35 code coverage: enabled
2022/09/14 14:27:35 comparison tracing: enabled
2022/09/14 14:27:35 extra coverage: enabled
2022/09/14 14:27:35 setuid sandbox: enabled
2022/09/14 14:27:35 namespace sandbox: enabled
2022/09/14 14:27:35 Android sandbox: enabled
2022/09/14 14:27:35 fault injection: enabled
2022/09/14 14:27:35 leak checking: enabled
2022/09/14 14:27:35 net packet injection: enabled
2022/09/14 14:27:35 net device setup: enabled
2022/09/14 14:27:35 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/14 14:27:35 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/14 14:27:35 USB emulation: enabled
2022/09/14 14:27:35 hci packet injection: enabled
2022/09/14 14:27:35 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220914                                          )
2022/09/14 14:27:35 802.15.4 emulation: enabled
2022/09/14 14:27:35 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/14 14:27:35 fetching corpus: 49, signal 34666/38198 (executing program)
2022/09/14 14:27:35 fetching corpus: 99, signal 46802/51868 (executing program)
2022/09/14 14:27:36 fetching corpus: 149, signal 59839/66226 (executing program)
2022/09/14 14:27:36 fetching corpus: 199, signal 65078/72873 (executing program)
2022/09/14 14:27:36 fetching corpus: 249, signal 70843/79887 (executing program)
2022/09/14 14:27:36 fetching corpus: 299, signal 77139/87313 (executing program)
2022/09/14 14:27:36 fetching corpus: 349, signal 82652/93916 (executing program)
2022/09/14 14:27:36 fetching corpus: 399, signal 88522/100827 (executing program)
2022/09/14 14:27:36 fetching corpus: 449, signal 93255/106604 (executing program)
2022/09/14 14:27:37 fetching corpus: 499, signal 98425/112635 (executing program)
2022/09/14 14:27:37 fetching corpus: 549, signal 102564/117653 (executing program)
2022/09/14 14:27:37 fetching corpus: 599, signal 107445/123362 (executing program)
2022/09/14 14:27:37 fetching corpus: 649, signal 109349/126247 (executing program)
2022/09/14 14:27:37 fetching corpus: 699, signal 113436/131067 (executing program)
2022/09/14 14:27:37 fetching corpus: 749, signal 116793/135178 (executing program)
2022/09/14 14:27:38 fetching corpus: 799, signal 120758/139726 (executing program)
2022/09/14 14:27:38 fetching corpus: 849, signal 123247/142999 (executing program)
2022/09/14 14:27:38 fetching corpus: 899, signal 125855/146358 (executing program)
2022/09/14 14:27:38 fetching corpus: 949, signal 128213/149415 (executing program)
2022/09/14 14:27:38 fetching corpus: 999, signal 130236/152166 (executing program)
2022/09/14 14:27:38 fetching corpus: 1049, signal 132159/154819 (executing program)
2022/09/14 14:27:38 fetching corpus: 1099, signal 135405/158542 (executing program)
2022/09/14 14:27:38 fetching corpus: 1149, signal 137747/161451 (executing program)
2022/09/14 14:27:39 fetching corpus: 1199, signal 139613/163948 (executing program)
2022/09/14 14:27:39 fetching corpus: 1249, signal 141428/166358 (executing program)
2022/09/14 14:27:39 fetching corpus: 1299, signal 144423/169630 (executing program)
2022/09/14 14:27:39 fetching corpus: 1349, signal 146379/172057 (executing program)
2022/09/14 14:27:39 fetching corpus: 1399, signal 147706/173981 (executing program)
2022/09/14 14:27:39 fetching corpus: 1449, signal 148739/175642 (executing program)
2022/09/14 14:27:39 fetching corpus: 1499, signal 151953/178998 (executing program)
2022/09/14 14:27:39 fetching corpus: 1549, signal 153706/181266 (executing program)
2022/09/14 14:27:40 fetching corpus: 1599, signal 155533/183485 (executing program)
2022/09/14 14:27:40 fetching corpus: 1649, signal 157554/185784 (executing program)
2022/09/14 14:27:40 fetching corpus: 1699, signal 158613/187351 (executing program)
2022/09/14 14:27:40 fetching corpus: 1749, signal 160350/189454 (executing program)
2022/09/14 14:27:40 fetching corpus: 1799, signal 161887/191377 (executing program)
2022/09/14 14:27:40 fetching corpus: 1849, signal 163334/193186 (executing program)
2022/09/14 14:27:40 fetching corpus: 1899, signal 164173/194627 (executing program)
2022/09/14 14:27:40 fetching corpus: 1949, signal 165924/196616 (executing program)
2022/09/14 14:27:41 fetching corpus: 1999, signal 167357/198400 (executing program)
2022/09/14 14:27:41 fetching corpus: 2049, signal 169021/200229 (executing program)
2022/09/14 14:27:41 fetching corpus: 2099, signal 170229/201797 (executing program)
2022/09/14 14:27:41 fetching corpus: 2149, signal 171252/203172 (executing program)
2022/09/14 14:27:41 fetching corpus: 2199, signal 172575/204752 (executing program)
2022/09/14 14:27:41 fetching corpus: 2249, signal 174462/206616 (executing program)
2022/09/14 14:27:42 fetching corpus: 2299, signal 175829/208176 (executing program)
2022/09/14 14:27:42 fetching corpus: 2349, signal 177368/209857 (executing program)
2022/09/14 14:27:42 fetching corpus: 2399, signal 178630/211308 (executing program)
2022/09/14 14:27:42 fetching corpus: 2449, signal 179878/212790 (executing program)
2022/09/14 14:27:42 fetching corpus: 2499, signal 181088/214208 (executing program)
2022/09/14 14:27:42 fetching corpus: 2549, signal 182070/215468 (executing program)
2022/09/14 14:27:42 fetching corpus: 2599, signal 183107/216713 (executing program)
2022/09/14 14:27:42 fetching corpus: 2649, signal 183819/217786 (executing program)
2022/09/14 14:27:43 fetching corpus: 2699, signal 184791/219004 (executing program)
2022/09/14 14:27:43 fetching corpus: 2749, signal 186042/220374 (executing program)
2022/09/14 14:27:43 fetching corpus: 2799, signal 186908/221475 (executing program)
2022/09/14 14:27:43 fetching corpus: 2849, signal 188091/222755 (executing program)
2022/09/14 14:27:43 fetching corpus: 2899, signal 188975/223835 (executing program)
2022/09/14 14:27:43 fetching corpus: 2949, signal 190417/225176 (executing program)
2022/09/14 14:27:44 fetching corpus: 2999, signal 191288/226219 (executing program)
2022/09/14 14:27:44 fetching corpus: 3049, signal 192376/227308 (executing program)
2022/09/14 14:27:44 fetching corpus: 3099, signal 193277/228322 (executing program)
2022/09/14 14:27:44 fetching corpus: 3149, signal 194987/229717 (executing program)
2022/09/14 14:27:44 fetching corpus: 3199, signal 196272/230899 (executing program)
2022/09/14 14:27:44 fetching corpus: 3249, signal 197051/231825 (executing program)
2022/09/14 14:27:44 fetching corpus: 3299, signal 198281/232921 (executing program)
2022/09/14 14:27:45 fetching corpus: 3349, signal 199149/233841 (executing program)
2022/09/14 14:27:45 fetching corpus: 3399, signal 199946/234718 (executing program)
2022/09/14 14:27:45 fetching corpus: 3449, signal 201221/235802 (executing program)
2022/09/14 14:27:45 fetching corpus: 3499, signal 202245/236747 (executing program)
2022/09/14 14:27:45 fetching corpus: 3549, signal 203596/237834 (executing program)
2022/09/14 14:27:45 fetching corpus: 3598, signal 204661/238747 (executing program)
2022/09/14 14:27:45 fetching corpus: 3648, signal 205269/239439 (executing program)
2022/09/14 14:27:46 fetching corpus: 3698, signal 206028/240152 (executing program)
2022/09/14 14:27:46 fetching corpus: 3748, signal 206908/240960 (executing program)
2022/09/14 14:27:46 fetching corpus: 3798, signal 207855/241792 (executing program)
2022/09/14 14:27:46 fetching corpus: 3848, signal 209135/242738 (executing program)
2022/09/14 14:27:46 fetching corpus: 3898, signal 209895/243461 (executing program)
2022/09/14 14:27:46 fetching corpus: 3948, signal 210589/244163 (executing program)
2022/09/14 14:27:46 fetching corpus: 3998, signal 211314/244861 (executing program)
2022/09/14 14:27:47 fetching corpus: 4048, signal 212287/245585 (executing program)
2022/09/14 14:27:47 fetching corpus: 4098, signal 212895/246167 (executing program)
2022/09/14 14:27:47 fetching corpus: 4148, signal 213724/246902 (executing program)
2022/09/14 14:27:47 fetching corpus: 4198, signal 214654/247593 (executing program)
2022/09/14 14:27:47 fetching corpus: 4248, signal 215264/248164 (executing program)
2022/09/14 14:27:47 fetching corpus: 4298, signal 215978/248771 (executing program)
2022/09/14 14:27:47 fetching corpus: 4348, signal 216775/249430 (executing program)
2022/09/14 14:27:47 fetching corpus: 4398, signal 217604/250062 (executing program)
2022/09/14 14:27:48 fetching corpus: 4448, signal 218194/250575 (executing program)
2022/09/14 14:27:48 fetching corpus: 4498, signal 219461/251280 (executing program)
2022/09/14 14:27:48 fetching corpus: 4548, signal 220371/251879 (executing program)
2022/09/14 14:27:48 fetching corpus: 4598, signal 220816/252380 (executing program)
2022/09/14 14:27:48 fetching corpus: 4648, signal 221471/252920 (executing program)
2022/09/14 14:27:48 fetching corpus: 4698, signal 222006/253435 (executing program)
2022/09/14 14:27:48 fetching corpus: 4748, signal 222913/254168 (executing program)
2022/09/14 14:27:49 fetching corpus: 4798, signal 223628/254672 (executing program)
2022/09/14 14:27:49 fetching corpus: 4848, signal 224391/255179 (executing program)
2022/09/14 14:27:49 fetching corpus: 4898, signal 224968/255620 (executing program)
2022/09/14 14:27:49 fetching corpus: 4948, signal 225522/256037 (executing program)
2022/09/14 14:27:49 fetching corpus: 4998, signal 226256/256489 (executing program)
2022/09/14 14:27:49 fetching corpus: 5048, signal 227031/256940 (executing program)
2022/09/14 14:27:49 fetching corpus: 5098, signal 227573/257345 (executing program)
2022/09/14 14:27:50 fetching corpus: 5148, signal 228087/257694 (executing program)
2022/09/14 14:27:50 fetching corpus: 5198, signal 229086/258157 (executing program)
2022/09/14 14:27:50 fetching corpus: 5248, signal 229778/258528 (executing program)
2022/09/14 14:27:50 fetching corpus: 5298, signal 230442/258912 (executing program)
2022/09/14 14:27:50 fetching corpus: 5348, signal 231436/259298 (executing program)
2022/09/14 14:27:50 fetching corpus: 5398, signal 232016/259639 (executing program)
2022/09/14 14:27:50 fetching corpus: 5448, signal 232825/260021 (executing program)
2022/09/14 14:27:51 fetching corpus: 5498, signal 233539/260350 (executing program)
2022/09/14 14:27:51 fetching corpus: 5548, signal 234099/260645 (executing program)
2022/09/14 14:27:51 fetching corpus: 5598, signal 234795/261004 (executing program)
2022/09/14 14:27:51 fetching corpus: 5648, signal 235442/261293 (executing program)
2022/09/14 14:27:51 fetching corpus: 5698, signal 236066/261570 (executing program)
2022/09/14 14:27:51 fetching corpus: 5748, signal 236683/261866 (executing program)
2022/09/14 14:27:51 fetching corpus: 5798, signal 237574/262141 (executing program)
2022/09/14 14:27:52 fetching corpus: 5848, signal 238099/262380 (executing program)
2022/09/14 14:27:52 fetching corpus: 5898, signal 238887/262651 (executing program)
2022/09/14 14:27:52 fetching corpus: 5948, signal 239555/262896 (executing program)
2022/09/14 14:27:52 fetching corpus: 5998, signal 240417/263123 (executing program)
2022/09/14 14:27:52 fetching corpus: 6048, signal 240772/263297 (executing program)
2022/09/14 14:27:52 fetching corpus: 6098, signal 241835/263469 (executing program)
2022/09/14 14:27:52 fetching corpus: 6148, signal 242474/263472 (executing program)
2022/09/14 14:27:53 fetching corpus: 6198, signal 242999/263552 (executing program)
2022/09/14 14:27:53 fetching corpus: 6248, signal 243399/263573 (executing program)
2022/09/14 14:27:53 fetching corpus: 6298, signal 244205/263580 (executing program)
2022/09/14 14:27:53 fetching corpus: 6348, signal 244862/263580 (executing program)
2022/09/14 14:27:53 fetching corpus: 6398, signal 245425/263626 (executing program)
2022/09/14 14:27:53 fetching corpus: 6448, signal 246172/263627 (executing program)
2022/09/14 14:27:54 fetching corpus: 6498, signal 246689/263630 (executing program)
2022/09/14 14:27:54 fetching corpus: 6548, signal 247152/263678 (executing program)
2022/09/14 14:27:54 fetching corpus: 6598, signal 247771/263698 (executing program)
2022/09/14 14:27:54 fetching corpus: 6648, signal 248401/263736 (executing program)
2022/09/14 14:27:54 fetching corpus: 6698, signal 249307/263737 (executing program)
2022/09/14 14:27:54 fetching corpus: 6748, signal 249715/263760 (executing program)
2022/09/14 14:27:54 fetching corpus: 6798, signal 250358/263764 (executing program)
2022/09/14 14:27:55 fetching corpus: 6848, signal 250763/263793 (executing program)
2022/09/14 14:27:55 fetching corpus: 6898, signal 251427/263797 (executing program)
2022/09/14 14:27:55 fetching corpus: 6948, signal 251959/263828 (executing program)
2022/09/14 14:27:55 fetching corpus: 6998, signal 252384/263845 (executing program)
2022/09/14 14:27:55 fetching corpus: 7048, signal 252963/263876 (executing program)
2022/09/14 14:27:55 fetching corpus: 7098, signal 253557/263909 (executing program)
2022/09/14 14:27:55 fetching corpus: 7148, signal 254241/263919 (executing program)
2022/09/14 14:27:56 fetching corpus: 7198, signal 254751/263919 (executing program)
2022/09/14 14:27:56 fetching corpus: 7240, signal 255319/263965 (executing program)
2022/09/14 14:27:56 fetching corpus: 7240, signal 255319/263965 (executing program)
2022/09/14 14:27:58 starting 8 fuzzer processes
14:27:58 executing program 0:
perf_event_open(&(0x7f0000000400)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

14:27:58 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpid()
r1 = gettid()
r2 = io_uring_setup(0x77e9, &(0x7f0000000240)={0x0, 0x200b})
r3 = epoll_create(0x2)
kcmp$KCMP_EPOLL_TFD(r0, r1, 0x7, r2, &(0x7f0000000140)={r3})

14:27:58 executing program 3:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fgetxattr(r0, &(0x7f0000000240)=@known='system.sockprotoname\x00', 0x0, 0x0)

14:27:58 executing program 2:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x0}, 0x0, 0x0, r0)
keyctl$revoke(0x3, r0)

14:27:58 executing program 4:
setpgid(0xffffffffffffffff, 0xffffffffffffffff)

[   83.342616] audit: type=1400 audit(1663165678.547:6): avc:  denied  { execmem } for  pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
14:27:58 executing program 6:
waitid(0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)

14:27:58 executing program 5:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000004, 0x11, r0, 0x10000000)

14:27:58 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040))
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffffe, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x7fffffff)
sendfile(r0, r0, 0x0, 0x100000)

[   84.626142] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   84.627241] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   84.628605] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   84.629568] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   84.630542] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   84.631360] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   84.634399] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   84.635169] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   84.636709] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   84.637716] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   84.638634] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   84.639620] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   84.651833] Bluetooth: hci0: HCI_REQ-0x0c1a
[   84.652605] Bluetooth: hci2: HCI_REQ-0x0c1a
[   84.692416] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   84.696983] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   84.698463] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   84.702231] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   84.715937] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   84.721632] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   84.732331] Bluetooth: hci1: HCI_REQ-0x0c1a
[   84.772415] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   84.799121] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   84.800366] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   84.801896] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   84.803171] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   84.805332] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   84.806676] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   84.807476] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   84.811068] Bluetooth: hci7: HCI_REQ-0x0c1a
[   84.832834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   84.834635] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   84.836603] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   84.837653] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   84.840453] Bluetooth: hci3: HCI_REQ-0x0c1a
[   84.859586] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   84.862237] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   84.863565] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   84.865895] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   84.868315] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   84.869161] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   84.881993] Bluetooth: hci6: HCI_REQ-0x0c1a
[   84.942574] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   84.955487] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   84.972466] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   84.988199] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   84.996205] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   85.003714] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   85.040326] Bluetooth: hci4: HCI_REQ-0x0c1a
[   86.696614] Bluetooth: hci2: command 0x0409 tx timeout
[   86.696733] Bluetooth: hci0: command 0x0409 tx timeout
[   86.759838] Bluetooth: hci1: command 0x0409 tx timeout
[   86.823869] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   86.823946] Bluetooth: hci7: command 0x0409 tx timeout
[   86.887834] Bluetooth: hci6: command 0x0409 tx timeout
[   86.887979] Bluetooth: hci3: command 0x0409 tx timeout
[   87.143842] Bluetooth: hci4: command 0x0409 tx timeout
[   88.743811] Bluetooth: hci0: command 0x041b tx timeout
[   88.744825] Bluetooth: hci2: command 0x041b tx timeout
[   88.807926] Bluetooth: hci1: command 0x041b tx timeout
[   88.871947] Bluetooth: hci7: command 0x041b tx timeout
[   88.935824] Bluetooth: hci3: command 0x041b tx timeout
[   88.936346] Bluetooth: hci6: command 0x041b tx timeout
[   89.191827] Bluetooth: hci4: command 0x041b tx timeout
[   90.377391] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   90.385373] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   90.393098] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   90.396207] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   90.397532] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   90.398472] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   90.411815] Bluetooth: hci5: HCI_REQ-0x0c1a
[   90.791863] Bluetooth: hci2: command 0x040f tx timeout
[   90.793400] Bluetooth: hci0: command 0x040f tx timeout
[   90.855889] Bluetooth: hci1: command 0x040f tx timeout
[   90.919830] Bluetooth: hci7: command 0x040f tx timeout
[   90.983893] Bluetooth: hci6: command 0x040f tx timeout
[   90.985515] Bluetooth: hci3: command 0x040f tx timeout
[   91.239842] Bluetooth: hci4: command 0x040f tx timeout
[   92.456902] Bluetooth: hci5: command 0x0409 tx timeout
[   92.840858] Bluetooth: hci0: command 0x0419 tx timeout
[   92.841566] Bluetooth: hci2: command 0x0419 tx timeout
[   92.904803] Bluetooth: hci1: command 0x0419 tx timeout
[   92.968808] Bluetooth: hci7: command 0x0419 tx timeout
[   93.033099] Bluetooth: hci3: command 0x0419 tx timeout
[   93.033582] Bluetooth: hci6: command 0x0419 tx timeout
[   93.287846] Bluetooth: hci4: command 0x0419 tx timeout
[   94.504964] Bluetooth: hci5: command 0x041b tx timeout
[   96.551817] Bluetooth: hci5: command 0x040f tx timeout
[   98.600873] Bluetooth: hci5: command 0x0419 tx timeout
14:29:00 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_int(r0, 0x0, 0x30, 0x0, &(0x7f0000000400))

14:29:01 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x64}, {0x6}]}, 0x10)

14:29:01 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x64}, {0x6}]}, 0x10)

14:29:01 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x64}, {0x6}]}, 0x10)

14:29:01 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x64}, {0x6}]}, 0x10)

14:29:01 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x0, &(0x7f0000000040)}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = dup(r0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{&(0x7f0000000280)={0xa, 0x4e22, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x40}, 0x0, &(0x7f00000004c0)=[{&(0x7f00000002c0)="840ed7cb019cc4c626bd522b9b297ab0228f"}, {&(0x7f0000000440)="f117c9546fdf673e848c4c40aae7d578e6a70ca6261a43b646cf390b39b5b5f8e490cbc2954c666512f0df544eee3737d7dfed7d929427a7110deb7349410be3c1ce5c55ab6187bb39dc6908fd34b3b34203a5184310cdcb173d03bad191e46181"}, {&(0x7f0000000300)="9fb8735a86"}]}}], 0x63, 0x24048894)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000140)={'bridge_slave_1\x00'})
signalfd4(r2, &(0x7f0000000000)={[0x6]}, 0x8, 0x800)

[  146.086553] audit: type=1400 audit(1663165741.291:7): avc:  denied  { open } for  pid=3887 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  146.089936] audit: type=1400 audit(1663165741.291:8): avc:  denied  { kernel } for  pid=3887 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  146.094713] audit: type=1400 audit(1663165741.299:9): avc:  denied  { tracepoint } for  pid=3887 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  146.104537] ------------[ cut here ]------------
[  146.104570] 
[  146.104574] ======================================================
[  146.104581] WARNING: possible circular locking dependency detected
[  146.104588] 6.0.0-rc5-next-20220914 #1 Not tainted
[  146.104600] ------------------------------------------------------
[  146.104606] syz-executor.5/3888 is trying to acquire lock:
[  146.104618] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  146.104683] 
[  146.104683] but task is already holding lock:
[  146.104688] ffff8880414c5c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  146.104746] 
[  146.104746] which lock already depends on the new lock.
[  146.104746] 
[  146.104752] 
[  146.104752] the existing dependency chain (in reverse order) is:
[  146.104757] 
[  146.104757] -> #3 (&ctx->lock){....}-{2:2}:
[  146.104785]        _raw_spin_lock+0x2a/0x40
[  146.104817]        __perf_event_task_sched_out+0x53b/0x18d0
[  146.104841]        __schedule+0xedd/0x2470
[  146.104861]        schedule+0xda/0x1b0
[  146.104880]        exit_to_user_mode_prepare+0x114/0x1a0
[  146.104920]        syscall_exit_to_user_mode+0x19/0x40
[  146.104955]        do_syscall_64+0x48/0x90
[  146.104981]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  146.105016] 
[  146.105016] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  146.105043]        _raw_spin_lock_nested+0x30/0x40
[  146.105073]        raw_spin_rq_lock_nested+0x1e/0x30
[  146.105098]        task_fork_fair+0x63/0x4d0
[  146.105131]        sched_cgroup_fork+0x3d0/0x540
[  146.105159]        copy_process+0x4183/0x6e20
[  146.105179]        kernel_clone+0xe7/0x890
[  146.105197]        user_mode_thread+0xad/0xf0
[  146.105218]        rest_init+0x24/0x250
[  146.105251]        arch_call_rest_init+0xf/0x14
[  146.105273]        start_kernel+0x4c1/0x4e6
[  146.105292]        secondary_startup_64_no_verify+0xe0/0xeb
[  146.105319] 
[  146.105319] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  146.105346]        _raw_spin_lock_irqsave+0x39/0x60
[  146.105377]        try_to_wake_up+0xab/0x1920
[  146.105403]        up+0x75/0xb0
[  146.105426]        __up_console_sem+0x6e/0x80
[  146.105457]        console_unlock+0x46a/0x590
[  146.105489]        vt_ioctl+0x2822/0x2ca0
[  146.105512]        tty_ioctl+0x7c4/0x1700
[  146.105533]        __x64_sys_ioctl+0x19a/0x210
[  146.105562]        do_syscall_64+0x3b/0x90
[  146.105588]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  146.105622] 
[  146.105622] -> #0 ((console_sem).lock){....}-{2:2}:
[  146.105650]        __lock_acquire+0x2a02/0x5e70
[  146.105683]        lock_acquire+0x1a2/0x530
[  146.105715]        _raw_spin_lock_irqsave+0x39/0x60
[  146.105746]        down_trylock+0xe/0x70
[  146.105771]        __down_trylock_console_sem+0x3b/0xd0
[  146.105803]        vprintk_emit+0x16b/0x560
[  146.105836]        vprintk+0x84/0xa0
[  146.105869]        _printk+0xba/0xf1
[  146.105904]        report_bug.cold+0x72/0xab
[  146.105929]        handle_bug+0x3c/0x70
[  146.105955]        exc_invalid_op+0x14/0x50
[  146.105981]        asm_exc_invalid_op+0x16/0x20
[  146.106014]        group_sched_out.part.0+0x2c7/0x460
[  146.106035]        ctx_sched_out+0x8f1/0xc10
[  146.106054]        __perf_event_task_sched_out+0x6d0/0x18d0
[  146.106079]        __schedule+0xedd/0x2470
[  146.106098]        schedule+0xda/0x1b0
[  146.106117]        exit_to_user_mode_prepare+0x114/0x1a0
[  146.106156]        syscall_exit_to_user_mode+0x19/0x40
[  146.106190]        do_syscall_64+0x48/0x90
[  146.106216]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  146.106251] 
[  146.106251] other info that might help us debug this:
[  146.106251] 
[  146.106256] Chain exists of:
[  146.106256]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  146.106256] 
[  146.106286]  Possible unsafe locking scenario:
[  146.106286] 
[  146.106290]        CPU0                    CPU1
[  146.106295]        ----                    ----
[  146.106299]   lock(&ctx->lock);
[  146.106310]                                lock(&rq->__lock);
[  146.106323]                                lock(&ctx->lock);
[  146.106335]   lock((console_sem).lock);
[  146.106346] 
[  146.106346]  *** DEADLOCK ***
[  146.106346] 
[  146.106350] 2 locks held by syz-executor.5/3888:
[  146.106364]  #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  146.106415]  #1: ffff8880414c5c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  146.106470] 
[  146.106470] stack backtrace:
[  146.106475] CPU: 1 PID: 3888 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220914 #1
[  146.106500] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  146.106515] Call Trace:
[  146.106521]  <TASK>
[  146.106528]  dump_stack_lvl+0x8b/0xb3
[  146.106558]  check_noncircular+0x263/0x2e0
[  146.106591]  ? format_decode+0x26c/0xb50
[  146.106620]  ? print_circular_bug+0x450/0x450
[  146.106655]  ? enable_ptr_key_workfn+0x20/0x20
[  146.106685]  ? format_decode+0x26c/0xb50
[  146.106713]  ? memcpy+0x39/0x60
[  146.106752]  ? vsnprintf+0x4ba/0x1600
[  146.106785]  __lock_acquire+0x2a02/0x5e70
[  146.106831]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  146.106878]  lock_acquire+0x1a2/0x530
[  146.106912]  ? down_trylock+0xe/0x70
[  146.106942]  ? rcu_read_unlock+0x40/0x40
[  146.106984]  ? vprintk+0x84/0xa0
[  146.107021]  _raw_spin_lock_irqsave+0x39/0x60
[  146.107052]  ? down_trylock+0xe/0x70
[  146.107080]  down_trylock+0xe/0x70
[  146.107106]  ? vprintk+0x84/0xa0
[  146.107141]  __down_trylock_console_sem+0x3b/0xd0
[  146.107177]  vprintk_emit+0x16b/0x560
[  146.107215]  vprintk+0x84/0xa0
[  146.107251]  _printk+0xba/0xf1
[  146.107287]  ? record_print_text.cold+0x16/0x16
[  146.107332]  ? report_bug.cold+0x66/0xab
[  146.107361]  ? group_sched_out.part.0+0x2c7/0x460
[  146.107384]  report_bug.cold+0x72/0xab
[  146.107414]  handle_bug+0x3c/0x70
[  146.107442]  exc_invalid_op+0x14/0x50
[  146.107471]  asm_exc_invalid_op+0x16/0x20
[  146.107506] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  146.107532] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  146.107555] RSP: 0018:ffff8880348c7c48 EFLAGS: 00010006
[  146.107572] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  146.107587] RDX: ffff888017575040 RSI: ffffffff81566027 RDI: 0000000000000005
[  146.107603] RBP: ffff8880348c8000 R08: 0000000000000005 R09: 0000000000000001
[  146.107617] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff8880414c5c00
[  146.107632] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  146.107654]  ? group_sched_out.part.0+0x2c7/0x460
[  146.107680]  ? group_sched_out.part.0+0x2c7/0x460
[  146.107705]  ctx_sched_out+0x8f1/0xc10
[  146.107730]  __perf_event_task_sched_out+0x6d0/0x18d0
[  146.107761]  ? lock_is_held_type+0xd7/0x130
[  146.107799]  ? __perf_cgroup_move+0x160/0x160
[  146.107822]  ? set_next_entity+0x304/0x550
[  146.107858]  ? update_curr+0x267/0x740
[  146.107896]  ? lock_is_held_type+0xd7/0x130
[  146.107934]  __schedule+0xedd/0x2470
[  146.107960]  ? io_schedule_timeout+0x150/0x150
[  146.107986]  ? rcu_read_lock_sched_held+0x3e/0x80
[  146.108026]  schedule+0xda/0x1b0
[  146.108049]  exit_to_user_mode_prepare+0x114/0x1a0
[  146.108091]  syscall_exit_to_user_mode+0x19/0x40
[  146.108137]  do_syscall_64+0x48/0x90
[  146.108165]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  146.108201] RIP: 0033:0x7f9a207c8b19
[  146.108218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  146.108239] RSP: 002b:00007f9a1dd3e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  146.108261] RAX: 0000000000000001 RBX: 00007f9a208dbf68 RCX: 00007f9a207c8b19
[  146.108276] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9a208dbf6c
[  146.108290] RBP: 00007f9a208dbf60 R08: 000000000000000e R09: 0000000000000000
[  146.108305] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f9a208dbf6c
[  146.108319] R13: 00007ffcfbe61fbf R14: 00007f9a1dd3e300 R15: 0000000000022000
[  146.108344]  </TASK>
[  146.225645] WARNING: CPU: 1 PID: 3888 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  146.227003] Modules linked in:
[  146.227477] CPU: 1 PID: 3888 Comm: syz-executor.5 Not tainted 6.0.0-rc5-next-20220914 #1
[  146.228670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  146.230299] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  146.231096] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  146.233742] RSP: 0018:ffff8880348c7c48 EFLAGS: 00010006
[  146.234514] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  146.235556] RDX: ffff888017575040 RSI: ffffffff81566027 RDI: 0000000000000005
[  146.236619] RBP: ffff8880348c8000 R08: 0000000000000005 R09: 0000000000000001
[  146.237656] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff8880414c5c00
[  146.238692] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  146.239735] FS:  00007f9a1dd3e700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  146.240927] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  146.241787] CR2: 00007f9a208dc018 CR3: 0000000041654000 CR4: 0000000000350ee0
[  146.242823] Call Trace:
[  146.243213]  <TASK>
[  146.243556]  ctx_sched_out+0x8f1/0xc10
[  146.244150]  __perf_event_task_sched_out+0x6d0/0x18d0
[  146.244919]  ? lock_is_held_type+0xd7/0x130
[  146.245581]  ? __perf_cgroup_move+0x160/0x160
[  146.246254]  ? set_next_entity+0x304/0x550
[  146.246903]  ? update_curr+0x267/0x740
[  146.247498]  ? lock_is_held_type+0xd7/0x130
[  146.248154]  __schedule+0xedd/0x2470
[  146.248687]  ? io_schedule_timeout+0x150/0x150
[  146.249367]  ? rcu_read_lock_sched_held+0x3e/0x80
[  146.250100]  schedule+0xda/0x1b0
[  146.250610]  exit_to_user_mode_prepare+0x114/0x1a0
[  146.251353]  syscall_exit_to_user_mode+0x19/0x40
[  146.252062]  do_syscall_64+0x48/0x90
[  146.252654]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  146.253425] RIP: 0033:0x7f9a207c8b19
[  146.253976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  146.256606] RSP: 002b:00007f9a1dd3e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  146.257705] RAX: 0000000000000001 RBX: 00007f9a208dbf68 RCX: 00007f9a207c8b19
[  146.258734] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9a208dbf6c
[  146.259777] RBP: 00007f9a208dbf60 R08: 000000000000000e R09: 0000000000000000
[  146.260825] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f9a208dbf6c
[  146.261871] R13: 00007ffcfbe61fbf R14: 00007f9a1dd3e300 R15: 0000000000022000
[  146.262916]  </TASK>
[  146.263271] irq event stamp: 742
[  146.263766] hardirqs last  enabled at (741): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  146.265163] hardirqs last disabled at (742): [<ffffffff8424bcf5>] __schedule+0x1225/0x2470
[  146.266358] softirqs last  enabled at (592): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  146.267606] softirqs last disabled at (545): [<ffffffff8117063b>] __irq_exit_rcu+0x11b/0x180
[  146.268845] ---[ end trace 0000000000000000 ]---
[  146.324772] hrtimer: interrupt took 15920 ns
14:29:01 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x0, &(0x7f0000000040)}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = dup(r0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{&(0x7f0000000280)={0xa, 0x4e22, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x40}, 0x0, &(0x7f00000004c0)=[{&(0x7f00000002c0)="840ed7cb019cc4c626bd522b9b297ab0228f"}, {&(0x7f0000000440)="f117c9546fdf673e848c4c40aae7d578e6a70ca6261a43b646cf390b39b5b5f8e490cbc2954c666512f0df544eee3737d7dfed7d929427a7110deb7349410be3c1ce5c55ab6187bb39dc6908fd34b3b34203a5184310cdcb173d03bad191e46181"}, {&(0x7f0000000300)="9fb8735a86"}]}}], 0x63, 0x24048894)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000140)={'bridge_slave_1\x00'})
signalfd4(r2, &(0x7f0000000000)={[0x6]}, 0x8, 0x800)

14:29:01 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x84758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000100)={0x0, &(0x7f0000000040)}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = dup(r0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{&(0x7f0000000280)={0xa, 0x4e22, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x40}, 0x0, &(0x7f00000004c0)=[{&(0x7f00000002c0)="840ed7cb019cc4c626bd522b9b297ab0228f"}, {&(0x7f0000000440)="f117c9546fdf673e848c4c40aae7d578e6a70ca6261a43b646cf390b39b5b5f8e490cbc2954c666512f0df544eee3737d7dfed7d929427a7110deb7349410be3c1ce5c55ab6187bb39dc6908fd34b3b34203a5184310cdcb173d03bad191e46181"}, {&(0x7f0000000300)="9fb8735a86"}]}}], 0x63, 0x24048894)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000140)={'bridge_slave_1\x00'})
signalfd4(r2, &(0x7f0000000000)={[0x6]}, 0x8, 0x800)

[  146.946030] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  146.947306] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  146.948579] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  146.950688] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  146.951972] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  146.952967] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  146.955797] Bluetooth: hci3: HCI_REQ-0x0c1a
[  147.057539] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  147.058516] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  147.059406] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  147.060501] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  147.061421] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  147.062276] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  147.064134] Bluetooth: hci7: HCI_REQ-0x0c1a
[  148.583797] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  148.903782] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  148.903787] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  148.967846] Bluetooth: hci3: command 0x0409 tx timeout
[  149.031788] Bluetooth: hci4: Opcode 0x c03 failed: -110
[  149.031790] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  149.095824] Bluetooth: hci7: command 0x0409 tx timeout
[  151.017120] Bluetooth: hci3: command 0x041b tx timeout
[  151.143792] Bluetooth: hci7: command 0x041b tx timeout
[  151.424605] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  151.425329] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  151.427129] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  151.435621] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  151.436404] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  151.437671] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  151.440441] Bluetooth: hci6: HCI_REQ-0x0c1a
[  152.871809] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  153.064822] Bluetooth: hci3: command 0x040f tx timeout
[  153.191796] Bluetooth: hci7: command 0x040f tx timeout
[  153.319786] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  153.383821] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  153.447818] Bluetooth: hci4: Opcode 0x c03 failed: -110
[  153.448842] Bluetooth: hci6: command 0x0409 tx timeout
[  155.111922] Bluetooth: hci3: command 0x0419 tx timeout
[  155.177999] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  155.178716] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  155.183523] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  155.188554] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  155.189381] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  155.190160] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  155.193095] Bluetooth: hci0: HCI_REQ-0x0c1a
[  155.239882] Bluetooth: hci7: command 0x0419 tx timeout
[  155.495809] Bluetooth: hci6: command 0x041b tx timeout

VM DIAGNOSIS:
14:29:01  Registers:
info registers vcpu 0
RAX=1ffff1100278ee9b RBX=ffff888013c774a8 RCX=ffffffff811da5f7 RDX=0000000000000000
RSI=0000000000000001 RDI=ffff888013c774d8 RBP=ffff888013aabeb0 RSP=ffff88800fd47d78
R8 =0000000000000000 R9 =ffff88800e844807 R10=ffffed1001d08900 R11=0000000000000001
R12=dffffc0000000000 R13=ffff888013aabc08 R14=ffff888013aabc08 R15=0000000000000092
RIP=ffffffff817bc282 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7f30c90748 CR3=000000001b84e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 5d3331373439302e 36343120205b203a
YMM01=0000000000000000 0000000000000000 3735363133363631 2874696475612030
YMM02=0000000000000000 0000000000000000 6563617274207b20 206465696e656420
YMM03=0000000000000000 0000000000000000 2d7a7973223d6d6d 6f6320373838333d
YMM04=0000000000000000 0000000000000000 2031303a39323a34 3120343120706553
YMM05=0000000000000000 0000000000000000 6576655f66726570 3d7373616c637420
YMM06=0000000000000000 0000000000000000 747379733a755f6d 65747379733d7478
YMM07=0000000000000000 0000000000000000 656b3a725f6d6574 7379733a755f6d65
YMM08=0000000000000000 0000000000000000 2e726f7475636578 652d7a7973223d6d
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b24f1 RDI=ffffffff87641b60 RBP=ffffffff87641b20 RSP=ffff8880348c7698
R8 =0000000000000001 R9 =000000000000000a R10=000000000000003a R11=0000000000000001
R12=000000000000003a R13=ffffffff87641b20 R14=0000000000000010 R15=ffffffff822b24e0
RIP=ffffffff822b2549 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f9a1dd3e700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9a208dc018 CR3=0000000041654000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f9a208af7c0 00007f9a208af7c8
YMM02=0000000000000000 0000000000000000 00007f9a208af7e0 00007f9a208af7c0
YMM03=0000000000000000 0000000000000000 00007f9a208af7c8 00007f9a208af7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000