Warning: Permanently added '[localhost]:63469' (ECDSA) to the list of known hosts.
2022/09/12 17:33:40 fuzzer started
2022/09/12 17:33:40 dialing manager at localhost:38027
syzkaller login: [   40.964806] cgroup: Unknown subsys name 'net'
[   41.067100] cgroup: Unknown subsys name 'rlimit'
2022/09/12 17:33:56 syscalls: 2215
2022/09/12 17:33:56 code coverage: enabled
2022/09/12 17:33:56 comparison tracing: enabled
2022/09/12 17:33:56 extra coverage: enabled
2022/09/12 17:33:56 setuid sandbox: enabled
2022/09/12 17:33:56 namespace sandbox: enabled
2022/09/12 17:33:56 Android sandbox: enabled
2022/09/12 17:33:56 fault injection: enabled
2022/09/12 17:33:56 leak checking: enabled
2022/09/12 17:33:56 net packet injection: enabled
2022/09/12 17:33:56 net device setup: enabled
2022/09/12 17:33:56 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/12 17:33:56 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/12 17:33:56 USB emulation: enabled
2022/09/12 17:33:56 hci packet injection: enabled
2022/09/12 17:33:56 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912                                          )
2022/09/12 17:33:56 802.15.4 emulation: enabled
2022/09/12 17:33:56 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/12 17:33:56 fetching corpus: 50, signal 25660/29292 (executing program)
2022/09/12 17:33:56 fetching corpus: 100, signal 41592/46645 (executing program)
2022/09/12 17:33:56 fetching corpus: 150, signal 52990/59361 (executing program)
2022/09/12 17:33:56 fetching corpus: 200, signal 63502/71044 (executing program)
2022/09/12 17:33:56 fetching corpus: 250, signal 68334/77157 (executing program)
2022/09/12 17:33:57 fetching corpus: 300, signal 74226/84231 (executing program)
2022/09/12 17:33:57 fetching corpus: 350, signal 78750/89931 (executing program)
2022/09/12 17:33:57 fetching corpus: 400, signal 82348/94608 (executing program)
2022/09/12 17:33:57 fetching corpus: 450, signal 86722/100012 (executing program)
2022/09/12 17:33:57 fetching corpus: 500, signal 92140/106333 (executing program)
2022/09/12 17:33:57 fetching corpus: 550, signal 95911/111034 (executing program)
2022/09/12 17:33:57 fetching corpus: 600, signal 100560/116483 (executing program)
2022/09/12 17:33:58 fetching corpus: 650, signal 105644/122204 (executing program)
2022/09/12 17:33:58 fetching corpus: 700, signal 107480/125002 (executing program)
2022/09/12 17:33:58 fetching corpus: 750, signal 109759/128218 (executing program)
2022/09/12 17:33:58 fetching corpus: 800, signal 112424/131661 (executing program)
2022/09/12 17:33:58 fetching corpus: 850, signal 115793/135700 (executing program)
2022/09/12 17:33:58 fetching corpus: 900, signal 117869/138571 (executing program)
2022/09/12 17:33:58 fetching corpus: 950, signal 120612/141944 (executing program)
2022/09/12 17:33:59 fetching corpus: 1000, signal 122782/144847 (executing program)
2022/09/12 17:33:59 fetching corpus: 1050, signal 124778/147544 (executing program)
2022/09/12 17:33:59 fetching corpus: 1100, signal 126878/150283 (executing program)
2022/09/12 17:33:59 fetching corpus: 1150, signal 128943/153010 (executing program)
2022/09/12 17:33:59 fetching corpus: 1200, signal 131355/156034 (executing program)
2022/09/12 17:33:59 fetching corpus: 1250, signal 133354/158592 (executing program)
2022/09/12 17:33:59 fetching corpus: 1300, signal 135517/161329 (executing program)
2022/09/12 17:33:59 fetching corpus: 1350, signal 136641/163177 (executing program)
2022/09/12 17:34:00 fetching corpus: 1400, signal 138026/165186 (executing program)
2022/09/12 17:34:00 fetching corpus: 1450, signal 139906/167577 (executing program)
2022/09/12 17:34:00 fetching corpus: 1500, signal 142344/170344 (executing program)
2022/09/12 17:34:00 fetching corpus: 1550, signal 144102/172641 (executing program)
2022/09/12 17:34:00 fetching corpus: 1600, signal 145950/174864 (executing program)
2022/09/12 17:34:00 fetching corpus: 1650, signal 147636/176980 (executing program)
2022/09/12 17:34:00 fetching corpus: 1700, signal 149276/179054 (executing program)
2022/09/12 17:34:01 fetching corpus: 1750, signal 150754/181005 (executing program)
2022/09/12 17:34:01 fetching corpus: 1800, signal 151959/182712 (executing program)
2022/09/12 17:34:01 fetching corpus: 1850, signal 153254/184384 (executing program)
2022/09/12 17:34:01 fetching corpus: 1900, signal 155613/186872 (executing program)
2022/09/12 17:34:01 fetching corpus: 1950, signal 156857/188601 (executing program)
2022/09/12 17:34:01 fetching corpus: 2000, signal 158722/190690 (executing program)
2022/09/12 17:34:01 fetching corpus: 2050, signal 159976/192309 (executing program)
2022/09/12 17:34:02 fetching corpus: 2100, signal 161355/193980 (executing program)
2022/09/12 17:34:02 fetching corpus: 2150, signal 162474/195472 (executing program)
2022/09/12 17:34:02 fetching corpus: 2200, signal 163692/197089 (executing program)
2022/09/12 17:34:02 fetching corpus: 2250, signal 164550/198388 (executing program)
2022/09/12 17:34:02 fetching corpus: 2300, signal 165526/199778 (executing program)
2022/09/12 17:34:02 fetching corpus: 2350, signal 166665/201235 (executing program)
2022/09/12 17:34:02 fetching corpus: 2400, signal 167286/202361 (executing program)
2022/09/12 17:34:03 fetching corpus: 2450, signal 168484/203865 (executing program)
2022/09/12 17:34:03 fetching corpus: 2500, signal 169573/205285 (executing program)
2022/09/12 17:34:03 fetching corpus: 2550, signal 170546/206636 (executing program)
2022/09/12 17:34:03 fetching corpus: 2600, signal 172098/208311 (executing program)
2022/09/12 17:34:03 fetching corpus: 2650, signal 172763/209372 (executing program)
2022/09/12 17:34:03 fetching corpus: 2700, signal 174034/210767 (executing program)
2022/09/12 17:34:03 fetching corpus: 2750, signal 174817/211908 (executing program)
2022/09/12 17:34:03 fetching corpus: 2800, signal 176580/213513 (executing program)
2022/09/12 17:34:04 fetching corpus: 2850, signal 177670/214786 (executing program)
2022/09/12 17:34:04 fetching corpus: 2900, signal 179140/216200 (executing program)
2022/09/12 17:34:04 fetching corpus: 2950, signal 180235/217420 (executing program)
2022/09/12 17:34:04 fetching corpus: 3000, signal 181261/218589 (executing program)
2022/09/12 17:34:04 fetching corpus: 3050, signal 182559/219910 (executing program)
2022/09/12 17:34:04 fetching corpus: 3100, signal 183547/221054 (executing program)
2022/09/12 17:34:04 fetching corpus: 3150, signal 184353/222072 (executing program)
2022/09/12 17:34:05 fetching corpus: 3200, signal 185746/223388 (executing program)
2022/09/12 17:34:05 fetching corpus: 3250, signal 186443/224340 (executing program)
2022/09/12 17:34:05 fetching corpus: 3300, signal 187559/225539 (executing program)
2022/09/12 17:34:05 fetching corpus: 3350, signal 188418/226521 (executing program)
2022/09/12 17:34:05 fetching corpus: 3400, signal 189078/227341 (executing program)
2022/09/12 17:34:05 fetching corpus: 3450, signal 190310/228465 (executing program)
2022/09/12 17:34:05 fetching corpus: 3500, signal 190776/229230 (executing program)
2022/09/12 17:34:06 fetching corpus: 3550, signal 191762/230197 (executing program)
2022/09/12 17:34:06 fetching corpus: 3600, signal 192499/231085 (executing program)
2022/09/12 17:34:06 fetching corpus: 3650, signal 193159/231865 (executing program)
2022/09/12 17:34:06 fetching corpus: 3700, signal 194083/232787 (executing program)
2022/09/12 17:34:06 fetching corpus: 3750, signal 195180/233792 (executing program)
2022/09/12 17:34:06 fetching corpus: 3800, signal 195943/234602 (executing program)
2022/09/12 17:34:06 fetching corpus: 3850, signal 196451/235335 (executing program)
2022/09/12 17:34:06 fetching corpus: 3900, signal 197449/236204 (executing program)
2022/09/12 17:34:07 fetching corpus: 3950, signal 198236/237012 (executing program)
2022/09/12 17:34:07 fetching corpus: 4000, signal 199232/237968 (executing program)
2022/09/12 17:34:07 fetching corpus: 4050, signal 199820/238662 (executing program)
2022/09/12 17:34:07 fetching corpus: 4100, signal 200407/239321 (executing program)
2022/09/12 17:34:07 fetching corpus: 4150, signal 201616/240263 (executing program)
2022/09/12 17:34:07 fetching corpus: 4200, signal 202265/240953 (executing program)
2022/09/12 17:34:07 fetching corpus: 4250, signal 202840/241657 (executing program)
2022/09/12 17:34:08 fetching corpus: 4300, signal 203729/242413 (executing program)
2022/09/12 17:34:08 fetching corpus: 4350, signal 204512/243119 (executing program)
2022/09/12 17:34:08 fetching corpus: 4400, signal 205533/243886 (executing program)
2022/09/12 17:34:08 fetching corpus: 4450, signal 206321/244560 (executing program)
2022/09/12 17:34:08 fetching corpus: 4500, signal 206888/245129 (executing program)
2022/09/12 17:34:08 fetching corpus: 4550, signal 208219/245908 (executing program)
2022/09/12 17:34:08 fetching corpus: 4600, signal 208909/246477 (executing program)
2022/09/12 17:34:08 fetching corpus: 4650, signal 209585/247102 (executing program)
2022/09/12 17:34:09 fetching corpus: 4700, signal 210395/247756 (executing program)
2022/09/12 17:34:09 fetching corpus: 4750, signal 211225/248366 (executing program)
2022/09/12 17:34:09 fetching corpus: 4800, signal 211867/248954 (executing program)
2022/09/12 17:34:09 fetching corpus: 4850, signal 212394/249473 (executing program)
2022/09/12 17:34:09 fetching corpus: 4900, signal 212750/250000 (executing program)
2022/09/12 17:34:09 fetching corpus: 4950, signal 213151/250486 (executing program)
2022/09/12 17:34:09 fetching corpus: 5000, signal 214164/251110 (executing program)
2022/09/12 17:34:10 fetching corpus: 5050, signal 214822/251587 (executing program)
2022/09/12 17:34:10 fetching corpus: 5100, signal 215649/252187 (executing program)
2022/09/12 17:34:10 fetching corpus: 5150, signal 216290/252682 (executing program)
2022/09/12 17:34:10 fetching corpus: 5200, signal 216745/253142 (executing program)
2022/09/12 17:34:10 fetching corpus: 5250, signal 217650/253642 (executing program)
2022/09/12 17:34:10 fetching corpus: 5300, signal 218214/254118 (executing program)
2022/09/12 17:34:10 fetching corpus: 5350, signal 218749/254517 (executing program)
2022/09/12 17:34:10 fetching corpus: 5400, signal 219520/254971 (executing program)
2022/09/12 17:34:11 fetching corpus: 5450, signal 220274/255356 (executing program)
2022/09/12 17:34:11 fetching corpus: 5500, signal 220874/255747 (executing program)
2022/09/12 17:34:11 fetching corpus: 5550, signal 221356/256154 (executing program)
2022/09/12 17:34:11 fetching corpus: 5600, signal 221978/256573 (executing program)
2022/09/12 17:34:11 fetching corpus: 5650, signal 222660/256980 (executing program)
2022/09/12 17:34:11 fetching corpus: 5700, signal 223169/257358 (executing program)
2022/09/12 17:34:11 fetching corpus: 5750, signal 223808/257738 (executing program)
2022/09/12 17:34:12 fetching corpus: 5800, signal 224555/258133 (executing program)
2022/09/12 17:34:12 fetching corpus: 5850, signal 225066/258409 (executing program)
2022/09/12 17:34:12 fetching corpus: 5900, signal 225419/258723 (executing program)
2022/09/12 17:34:12 fetching corpus: 5950, signal 225897/259017 (executing program)
2022/09/12 17:34:12 fetching corpus: 6000, signal 226652/259328 (executing program)
2022/09/12 17:34:12 fetching corpus: 6050, signal 227294/259619 (executing program)
2022/09/12 17:34:12 fetching corpus: 6100, signal 228140/259954 (executing program)
2022/09/12 17:34:13 fetching corpus: 6150, signal 228676/260232 (executing program)
2022/09/12 17:34:13 fetching corpus: 6200, signal 229340/260511 (executing program)
2022/09/12 17:34:13 fetching corpus: 6250, signal 230306/260795 (executing program)
2022/09/12 17:34:13 fetching corpus: 6300, signal 230686/261051 (executing program)
2022/09/12 17:34:13 fetching corpus: 6350, signal 231410/261126 (executing program)
2022/09/12 17:34:13 fetching corpus: 6400, signal 232024/261127 (executing program)
2022/09/12 17:34:13 fetching corpus: 6450, signal 232613/261135 (executing program)
2022/09/12 17:34:14 fetching corpus: 6500, signal 233122/261149 (executing program)
2022/09/12 17:34:14 fetching corpus: 6550, signal 233584/261168 (executing program)
2022/09/12 17:34:14 fetching corpus: 6600, signal 234102/261177 (executing program)
2022/09/12 17:34:14 fetching corpus: 6650, signal 234760/261305 (executing program)
2022/09/12 17:34:14 fetching corpus: 6700, signal 235285/261388 (executing program)
2022/09/12 17:34:14 fetching corpus: 6750, signal 236590/261396 (executing program)
2022/09/12 17:34:15 fetching corpus: 6800, signal 237096/261403 (executing program)
2022/09/12 17:34:15 fetching corpus: 6850, signal 237689/261450 (executing program)
2022/09/12 17:34:15 fetching corpus: 6900, signal 238227/261465 (executing program)
2022/09/12 17:34:15 fetching corpus: 6950, signal 238607/261471 (executing program)
2022/09/12 17:34:15 fetching corpus: 7000, signal 239029/261494 (executing program)
2022/09/12 17:34:15 fetching corpus: 7050, signal 239675/261542 (executing program)
2022/09/12 17:34:15 fetching corpus: 7100, signal 240061/261563 (executing program)
2022/09/12 17:34:15 fetching corpus: 7150, signal 240476/261633 (executing program)
2022/09/12 17:34:16 fetching corpus: 7200, signal 240931/261640 (executing program)
2022/09/12 17:34:16 fetching corpus: 7250, signal 241553/261650 (executing program)
2022/09/12 17:34:16 fetching corpus: 7300, signal 242204/261666 (executing program)
2022/09/12 17:34:16 fetching corpus: 7350, signal 242679/261666 (executing program)
2022/09/12 17:34:16 fetching corpus: 7400, signal 243200/261684 (executing program)
2022/09/12 17:34:16 fetching corpus: 7450, signal 243582/261685 (executing program)
2022/09/12 17:34:17 fetching corpus: 7500, signal 244381/261686 (executing program)
2022/09/12 17:34:17 fetching corpus: 7550, signal 244932/261737 (executing program)
2022/09/12 17:34:17 fetching corpus: 7600, signal 245361/261779 (executing program)
2022/09/12 17:34:17 fetching corpus: 7650, signal 245940/261808 (executing program)
2022/09/12 17:34:17 fetching corpus: 7700, signal 246286/261808 (executing program)
2022/09/12 17:34:17 fetching corpus: 7750, signal 246695/261811 (executing program)
2022/09/12 17:34:17 fetching corpus: 7800, signal 247062/261825 (executing program)
2022/09/12 17:34:18 fetching corpus: 7850, signal 247588/261866 (executing program)
2022/09/12 17:34:18 fetching corpus: 7900, signal 248084/261873 (executing program)
2022/09/12 17:34:18 fetching corpus: 7950, signal 248576/261879 (executing program)
2022/09/12 17:34:18 fetching corpus: 8000, signal 248994/261881 (executing program)
2022/09/12 17:34:18 fetching corpus: 8050, signal 249490/261884 (executing program)
2022/09/12 17:34:18 fetching corpus: 8100, signal 250042/261886 (executing program)
2022/09/12 17:34:19 fetching corpus: 8150, signal 250618/261890 (executing program)
2022/09/12 17:34:19 fetching corpus: 8195, signal 250989/261907 (executing program)
2022/09/12 17:34:19 fetching corpus: 8195, signal 250989/261907 (executing program)
2022/09/12 17:34:21 starting 8 fuzzer processes
17:34:21 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1010c2, 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000480))
r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0)
ioctl$SG_EMULATED_HOST(r2, 0x2, &(0x7f0000002340))
fcntl$dupfd(r2, 0x0, r1)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r3, 0x0, 0x10000027f)
readv(r1, &(0x7f0000000380)=[{&(0x7f0000000040)=""/17, 0x11}, {&(0x7f0000000100)=""/224, 0xe0}, {&(0x7f0000000200)}, {&(0x7f0000000240)=""/64, 0x40}, {&(0x7f0000000300)=""/81, 0x51}], 0x5)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)=ANY=[@ANYBLOB="01480b071ddc59ca3c000000", @ANYRES32=r0, @ANYBLOB='\x00!\x00\x00\x00\x00\x00\x00./file0\x00'])
clone3(&(0x7f0000000640)={0x123363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
gettid()

17:34:21 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
pivot_root(0x0, 0x0)

17:34:21 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)={[{@mpol={'mpol', 0x3d, {'interleave', '=static', @val={0x3a, [0x36, 0x2d, 0x36, 0x2c, 0x38]}}}}]})

[   79.265014] audit: type=1400 audit(1663004061.823:6): avc:  denied  { execmem } for  pid=285 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
17:34:21 executing program 3:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3ff}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0)
acct(&(0x7f0000001200)='./file1\x00')
pwrite64(0xffffffffffffffff, &(0x7f00000000c0)='9', 0x1, 0x8040000)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0xffffffffffffffff, 0xee00}}, './file1/file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r2, 0xc0189372, &(0x7f0000001280)=ANY=[@ANYBLOB="010000000100000100f89cd4b96f72ee55d852658668bafdff69402631", @ANYRES32=r1, @ANYBLOB="00000080000000002e2f66696c653100"])
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000540)={@in6={{0xa, 0x4e20, 0xffff, @mcast2, 0x4}}, 0x0, 0x0, 0x15, 0x0, "b25da62d685a38083e45ab1950001ca46105939b4b3d83bd945bed03b30b62897693132cb6e12788b1d58f9b2fff886055bea488ee0e2918a8c961a2684924dfa9841132b1916476e31d06d76d34a918"}, 0xd8)
openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000001240)='./file1/file0\x00', 0x101042, 0x80)
fcntl$addseals(r0, 0x409, 0x8)
openat$sr(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000040c0))
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001180)='/proc/vmallocinfo\x00', 0x0, 0x0)
preadv(r3, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x7, 0x0)

17:34:21 executing program 4:
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_TIOCOUTQ(r0, 0x5411, &(0x7f0000000040))

17:34:21 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open$dir(&(0x7f0000000040)='./file0\x00', 0x4040, 0x0)

17:34:21 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
finit_module(0xffffffffffffffff, 0x0, 0x0)

17:34:21 executing program 7:
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000140)="02b2dccad213e1e6cf54b7a797f8f22a47f25b7658fb110b2e76f95b0f318b8fa745e6ffba4414d29a42bfab524bc5bffb17decc4540a6f00b9772f5f9789a9525790df8d989b23530d0a1398f2ad734c7ff47961be476ffeec81efa3d3aa64b8ea329261dfc2e1047a68670f0e5950d6a5414956bddd09e101b5b66", 0x7c}], 0x1)

[   80.626249] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.627764] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.631314] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.633190] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   80.634346] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.637886] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.650738] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.651772] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   80.654165] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.658292] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.659797] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.660908] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   80.663073] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   80.664452] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   80.666166] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   80.666279] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   80.669088] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   80.670608] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   80.671685] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.672593] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.677426] Bluetooth: hci2: HCI_REQ-0x0c1a
[   80.681564] Bluetooth: hci0: HCI_REQ-0x0c1a
[   80.696019] Bluetooth: hci1: HCI_REQ-0x0c1a
[   80.711740] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   80.712942] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   80.713049] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   80.715184] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   80.718295] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   80.718410] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   80.725555] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   80.726805] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   80.728046] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   80.731665] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   80.738724] Bluetooth: hci4: HCI_REQ-0x0c1a
[   80.746666] Bluetooth: hci3: HCI_REQ-0x0c1a
[   80.779145] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   80.780887] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   80.785807] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   80.786803] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   80.794811] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   80.798411] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   80.817746] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   80.819011] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   80.837984] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   80.840319] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   80.850254] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   80.851373] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   80.871635] Bluetooth: hci5: HCI_REQ-0x0c1a
[   80.872293] Bluetooth: hci7: HCI_REQ-0x0c1a
[   82.746390] Bluetooth: hci4: command 0x0409 tx timeout
[   82.746447] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   82.747180] Bluetooth: hci1: command 0x0409 tx timeout
[   82.748665] Bluetooth: hci0: command 0x0409 tx timeout
[   82.749602] Bluetooth: hci2: command 0x0409 tx timeout
[   82.809533] Bluetooth: hci3: command 0x0409 tx timeout
[   82.937687] Bluetooth: hci7: command 0x0409 tx timeout
[   82.938629] Bluetooth: hci5: command 0x0409 tx timeout
[   84.794576] Bluetooth: hci2: command 0x041b tx timeout
[   84.795092] Bluetooth: hci0: command 0x041b tx timeout
[   84.795558] Bluetooth: hci1: command 0x041b tx timeout
[   84.795990] Bluetooth: hci4: command 0x041b tx timeout
[   84.857536] Bluetooth: hci3: command 0x041b tx timeout
[   84.985586] Bluetooth: hci5: command 0x041b tx timeout
[   84.986126] Bluetooth: hci7: command 0x041b tx timeout
[   86.841602] Bluetooth: hci4: command 0x040f tx timeout
[   86.843466] Bluetooth: hci1: command 0x040f tx timeout
[   86.844671] Bluetooth: hci0: command 0x040f tx timeout
[   86.845465] Bluetooth: hci2: command 0x040f tx timeout
[   86.905765] Bluetooth: hci3: command 0x040f tx timeout
[   87.033615] Bluetooth: hci7: command 0x040f tx timeout
[   87.034543] Bluetooth: hci5: command 0x040f tx timeout
[   87.929588] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   88.889615] Bluetooth: hci2: command 0x0419 tx timeout
[   88.890329] Bluetooth: hci0: command 0x0419 tx timeout
[   88.891754] Bluetooth: hci1: command 0x0419 tx timeout
[   88.892170] Bluetooth: hci4: command 0x0419 tx timeout
[   88.953652] Bluetooth: hci3: command 0x0419 tx timeout
[   89.081602] Bluetooth: hci5: command 0x0419 tx timeout
[   89.082269] Bluetooth: hci7: command 0x0419 tx timeout
[   92.793858] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   97.785623] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  102.906619] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  107.705570] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  112.633539] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  115.371624] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  115.401894] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  115.403264] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  115.419382] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  115.427017] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  115.428007] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  115.455571] Bluetooth: hci6: HCI_REQ-0x0c1a
[  117.497722] Bluetooth: hci6: command 0x0409 tx timeout
[  119.545634] Bluetooth: hci6: command 0x041b tx timeout
[  121.594542] Bluetooth: hci6: command 0x040f tx timeout
[  123.642938] Bluetooth: hci6: command 0x0419 tx timeout
17:35:12 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x50000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

[  130.486882] audit: type=1326 audit(1663004113.044:7): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.500361] audit: type=1326 audit(1663004113.058:8): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.502312] audit: type=1326 audit(1663004113.060:9): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.504713] audit: type=1326 audit(1663004113.063:10): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.507739] audit: type=1326 audit(1663004113.065:11): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.509880] audit: type=1326 audit(1663004113.065:12): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.523858] audit: type=1326 audit(1663004113.065:13): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.528561] audit: type=1326 audit(1663004113.065:14): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.536641] audit: type=1326 audit(1663004113.065:15): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
[  130.544336] audit: type=1326 audit(1663004113.065:16): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3489 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe3de128b19 code=0x50000
17:35:13 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
pivot_root(0x0, 0x0)

17:35:13 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x50000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

17:35:13 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
pivot_root(0x0, 0x0)

17:35:13 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x50000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

17:35:13 executing program 1:
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
pivot_root(0x0, 0x0)

17:35:13 executing program 7:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x50000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

17:35:13 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x25}})

[  132.247489] ------------[ cut here ]------------
[  132.247529] 
[  132.247535] ======================================================
[  132.247542] WARNING: possible circular locking dependency detected
[  132.247549] 6.0.0-rc5-next-20220912 #1 Not tainted
[  132.247563] ------------------------------------------------------
[  132.247569] syz-executor.3/3598 is trying to acquire lock:
[  132.247582] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  132.247652] 
[  132.247652] but task is already holding lock:
[  132.247657] ffff88800fe23420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  132.247712] 
[  132.247712] which lock already depends on the new lock.
[  132.247712] 
[  132.247718] 
[  132.247718] the existing dependency chain (in reverse order) is:
[  132.247724] 
[  132.247724] -> #3 (&ctx->lock){....}-{2:2}:
[  132.247751]        _raw_spin_lock+0x2a/0x40
[  132.247783]        __perf_event_task_sched_out+0x53b/0x18d0
[  132.247808]        __schedule+0xedd/0x2470
[  132.247828]        schedule+0xda/0x1b0
[  132.247846]        futex_wait_queue+0xf5/0x1e0
[  132.247869]        futex_wait+0x28e/0x690
[  132.247889]        do_futex+0x2ff/0x380
[  132.247907]        __x64_sys_futex+0x1c6/0x4d0
[  132.247927]        do_syscall_64+0x3b/0x90
[  132.247963]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.248005] 
[  132.248005] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  132.248033]        _raw_spin_lock_nested+0x30/0x40
[  132.248063]        raw_spin_rq_lock_nested+0x1e/0x30
[  132.248088]        task_fork_fair+0x63/0x4d0
[  132.248123]        sched_cgroup_fork+0x3d0/0x540
[  132.248152]        copy_process+0x3f9e/0x6df0
[  132.248172]        kernel_clone+0xe7/0x890
[  132.248191]        user_mode_thread+0xad/0xf0
[  132.248212]        rest_init+0x24/0x250
[  132.248245]        arch_call_rest_init+0xf/0x14
[  132.248282]        start_kernel+0x4c1/0x4e6
[  132.248316]        secondary_startup_64_no_verify+0xe0/0xeb
[  132.248344] 
[  132.248344] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  132.248372]        _raw_spin_lock_irqsave+0x39/0x60
[  132.248402]        try_to_wake_up+0xab/0x1920
[  132.248429]        up+0x75/0xb0
[  132.248452]        __up_console_sem+0x6e/0x80
[  132.248485]        console_unlock+0x46a/0x590
[  132.248518]        do_con_write+0xc05/0x1d50
[  132.248539]        con_write+0x21/0x40
[  132.248558]        n_tty_write+0x4d4/0xfe0
[  132.248583]        file_tty_write.constprop.0+0x49c/0x8f0
[  132.248607]        vfs_write+0x9c3/0xd90
[  132.248643]        ksys_write+0x127/0x250
[  132.248678]        do_syscall_64+0x3b/0x90
[  132.248717]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.248751] 
[  132.248751] -> #0 ((console_sem).lock){....}-{2:2}:
[  132.248779]        __lock_acquire+0x2a02/0x5e70
[  132.248813]        lock_acquire+0x1a2/0x530
[  132.248846]        _raw_spin_lock_irqsave+0x39/0x60
[  132.248876]        down_trylock+0xe/0x70
[  132.248901]        __down_trylock_console_sem+0x3b/0xd0
[  132.248935]        vprintk_emit+0x16b/0x560
[  132.248983]        vprintk+0x84/0xa0
[  132.249023]        _printk+0xba/0xf1
[  132.249058]        report_bug.cold+0x72/0xab
[  132.249083]        handle_bug+0x3c/0x70
[  132.249108]        exc_invalid_op+0x14/0x50
[  132.249134]        asm_exc_invalid_op+0x16/0x20
[  132.249167]        group_sched_out.part.0+0x2c7/0x460
[  132.249189]        ctx_sched_out+0x8f1/0xc10
[  132.249208]        __perf_event_task_sched_out+0x6d0/0x18d0
[  132.249233]        __schedule+0xedd/0x2470
[  132.249252]        schedule+0xda/0x1b0
[  132.249270]        exit_to_user_mode_prepare+0x114/0x1a0
[  132.249310]        syscall_exit_to_user_mode+0x19/0x40
[  132.249345]        do_syscall_64+0x48/0x90
[  132.249371]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.249405] 
[  132.249405] other info that might help us debug this:
[  132.249405] 
[  132.249410] Chain exists of:
[  132.249410]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  132.249410] 
[  132.249441]  Possible unsafe locking scenario:
[  132.249441] 
[  132.249446]        CPU0                    CPU1
[  132.249450]        ----                    ----
[  132.249455]   lock(&ctx->lock);
[  132.249466]                                lock(&rq->__lock);
[  132.249479]                                lock(&ctx->lock);
[  132.249492]   lock((console_sem).lock);
[  132.249504] 
[  132.249504]  *** DEADLOCK ***
[  132.249504] 
[  132.249507] 2 locks held by syz-executor.3/3598:
[  132.249521]  #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  132.249573]  #1: ffff88800fe23420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  132.249631] 
[  132.249631] stack backtrace:
[  132.249636] CPU: 1 PID: 3598 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220912 #1
[  132.249663] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  132.249678] Call Trace:
[  132.249685]  <TASK>
[  132.249693]  dump_stack_lvl+0x8b/0xb3
[  132.249722]  check_noncircular+0x263/0x2e0
[  132.249756]  ? format_decode+0x26c/0xb50
[  132.249785]  ? print_circular_bug+0x450/0x450
[  132.249820]  ? enable_ptr_key_workfn+0x20/0x20
[  132.249847]  ? __lockdep_reset_lock+0x180/0x180
[  132.249883]  ? format_decode+0x26c/0xb50
[  132.249913]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  132.249958]  __lock_acquire+0x2a02/0x5e70
[  132.250025]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  132.250080]  lock_acquire+0x1a2/0x530
[  132.250115]  ? down_trylock+0xe/0x70
[  132.250145]  ? rcu_read_unlock+0x40/0x40
[  132.250180]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  132.250224]  ? vprintk+0x84/0xa0
[  132.250261]  _raw_spin_lock_irqsave+0x39/0x60
[  132.250293]  ? down_trylock+0xe/0x70
[  132.250320]  down_trylock+0xe/0x70
[  132.250348]  ? vprintk+0x84/0xa0
[  132.250383]  __down_trylock_console_sem+0x3b/0xd0
[  132.250419]  vprintk_emit+0x16b/0x560
[  132.250454]  ? lock_downgrade+0x6d0/0x6d0
[  132.250492]  vprintk+0x84/0xa0
[  132.250529]  _printk+0xba/0xf1
[  132.250565]  ? record_print_text.cold+0x16/0x16
[  132.250606]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  132.250633]  ? lock_downgrade+0x6d0/0x6d0
[  132.250669]  ? report_bug.cold+0x66/0xab
[  132.250698]  ? group_sched_out.part.0+0x2c7/0x460
[  132.250720]  report_bug.cold+0x72/0xab
[  132.250750]  handle_bug+0x3c/0x70
[  132.250778]  exc_invalid_op+0x14/0x50
[  132.250807]  asm_exc_invalid_op+0x16/0x20
[  132.250842] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  132.250869] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  132.250892] RSP: 0018:ffff8880431d7c48 EFLAGS: 00010006
[  132.250911] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  132.250926] RDX: ffff888041301ac0 RSI: ffffffff81566027 RDI: 0000000000000005
[  132.250946] RBP: ffff8880432e05c8 R08: 0000000000000005 R09: 0000000000000001
[  132.250969] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800fe23400
[  132.250988] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002
[  132.251010]  ? group_sched_out.part.0+0x2c7/0x460
[  132.251037]  ? group_sched_out.part.0+0x2c7/0x460
[  132.251063]  ctx_sched_out+0x8f1/0xc10
[  132.251089]  __perf_event_task_sched_out+0x6d0/0x18d0
[  132.251120]  ? lock_is_held_type+0xd7/0x130
[  132.251157]  ? __perf_cgroup_move+0x160/0x160
[  132.251181]  ? set_next_entity+0x304/0x550
[  132.251218]  ? update_curr+0x267/0x740
[  132.251256]  ? lock_is_held_type+0xd7/0x130
[  132.251294]  __schedule+0xedd/0x2470
[  132.251320]  ? io_schedule_timeout+0x150/0x150
[  132.251349]  schedule+0xda/0x1b0
[  132.251371]  exit_to_user_mode_prepare+0x114/0x1a0
[  132.251413]  syscall_exit_to_user_mode+0x19/0x40
[  132.251450]  do_syscall_64+0x48/0x90
[  132.251478]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.251513] RIP: 0033:0x7fa8c1851b19
[  132.251531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  132.251553] RSP: 002b:00007fa8bedc7188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  132.251576] RAX: 0000000000000004 RBX: 00007fa8c1964f60 RCX: 00007fa8c1851b19
[  132.251591] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000280
[  132.251606] RBP: 00007fa8c18abf6d R08: 0000000000000000 R09: 0000000000000000
[  132.251621] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  132.251636] R13: 00007ffc6ab38c2f R14: 00007fa8bedc7300 R15: 0000000000022000
[  132.251662]  </TASK>
[  132.364798] WARNING: CPU: 1 PID: 3598 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  132.366163] Modules linked in:
[  132.366635] CPU: 1 PID: 3598 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220912 #1
[  132.367794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  132.369445] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  132.370261] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  132.373027] RSP: 0018:ffff8880431d7c48 EFLAGS: 00010006
[  132.373926] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  132.375113] RDX: ffff888041301ac0 RSI: ffffffff81566027 RDI: 0000000000000005
[  132.376300] RBP: ffff8880432e05c8 R08: 0000000000000005 R09: 0000000000000001
[  132.377498] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800fe23400
[  132.378654] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002
[  132.379809] FS:  00007fa8bedc7700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  132.381112] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  132.382100] CR2: 000056022078ffa8 CR3: 000000000ea84000 CR4: 0000000000350ee0
[  132.383312] Call Trace:
[  132.383759]  <TASK>
[  132.384155]  ctx_sched_out+0x8f1/0xc10
[  132.384856]  __perf_event_task_sched_out+0x6d0/0x18d0
[  132.385740]  ? lock_is_held_type+0xd7/0x130
[  132.386494]  ? __perf_cgroup_move+0x160/0x160
[  132.387279]  ? set_next_entity+0x304/0x550
[  132.388030]  ? update_curr+0x267/0x740
[  132.388698]  ? lock_is_held_type+0xd7/0x130
[  132.389537]  __schedule+0xedd/0x2470
[  132.390148]  ? io_schedule_timeout+0x150/0x150
[  132.390822]  schedule+0xda/0x1b0
[  132.391327]  exit_to_user_mode_prepare+0x114/0x1a0
[  132.392061]  syscall_exit_to_user_mode+0x19/0x40
[  132.392785]  do_syscall_64+0x48/0x90
[  132.393350]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  132.394122] RIP: 0033:0x7fa8c1851b19
[  132.394672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  132.397306] RSP: 002b:00007fa8bedc7188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  132.398396] RAX: 0000000000000004 RBX: 00007fa8c1964f60 RCX: 00007fa8c1851b19
[  132.399414] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000280
[  132.400441] RBP: 00007fa8c18abf6d R08: 0000000000000000 R09: 0000000000000000
[  132.401503] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  132.402603] R13: 00007ffc6ab38c2f R14: 00007fa8bedc7300 R15: 0000000000022000
[  132.403643]  </TASK>
[  132.404001] irq event stamp: 1244
[  132.404514] hardirqs last  enabled at (1243): [<ffffffff84400d06>] asm_sysvec_apic_timer_interrupt+0x16/0x20
[  132.405961] hardirqs last disabled at (1244): [<ffffffff84247a45>] __schedule+0x1225/0x2470
[  132.407190] softirqs last  enabled at (1228): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  132.408439] softirqs last disabled at (779): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  132.409672] ---[ end trace 0000000000000000 ]---
[  132.467501] hrtimer: interrupt took 17683 ns
[  132.755386] tmpfs: Bad value for 'mpol'
[  132.756916] tmpfs: Bad value for 'mpol'
[  133.071068] Process accounting resumed
[  133.110012] Process accounting resumed

VM DIAGNOSIS:
17:35:15  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=0000000000033b60 RCX=0000000000000000 RDX=ffff888041b19ac0
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffffff84de55a0 RSP=ffff8880437e7ca0
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=ffffffff848cc160 R14=ffff88800d51aa18 R15=ffff888008479280
RIP=ffffffff8423f0ee RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f9edcd05540 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9edcea04a1 CR3=00000000386d4000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 2525252525252525 2525252525252525
YMM01=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff
YMM03=0000000000000000 0000000000000000 2d646c6f2074736f 0065736100006266
YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff822b1dbc RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff8880431d7640
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000002710 R13=0000000000000020 R14=fffffbfff0ec7fab R15=dffffc0000000000
RIP=ffffffff822b1e11 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fa8bedc7700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000056022078ffa8 CR3=000000000ea84000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fa8c19387c0 00007fa8c19387c8
YMM02=0000000000000000 0000000000000000 00007fa8c19387e0 00007fa8c19387c0
YMM03=0000000000000000 0000000000000000 00007fa8c19387c8 00007fa8c19387c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000