Warning: Permanently added '[localhost]:18466' (ECDSA) to the list of known hosts.
2022/09/20 13:19:32 fuzzer started
2022/09/20 13:19:32 dialing manager at localhost:34957
syzkaller login: [   46.814164] cgroup: Unknown subsys name 'net'
[   46.910610] cgroup: Unknown subsys name 'rlimit'
2022/09/20 13:19:47 syscalls: 2215
2022/09/20 13:19:47 code coverage: enabled
2022/09/20 13:19:47 comparison tracing: enabled
2022/09/20 13:19:47 extra coverage: enabled
2022/09/20 13:19:47 setuid sandbox: enabled
2022/09/20 13:19:47 namespace sandbox: enabled
2022/09/20 13:19:47 Android sandbox: enabled
2022/09/20 13:19:47 fault injection: enabled
2022/09/20 13:19:47 leak checking: enabled
2022/09/20 13:19:47 net packet injection: enabled
2022/09/20 13:19:47 net device setup: enabled
2022/09/20 13:19:47 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/20 13:19:47 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/20 13:19:47 USB emulation: enabled
2022/09/20 13:19:47 hci packet injection: enabled
2022/09/20 13:19:47 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220920                                          )
2022/09/20 13:19:47 802.15.4 emulation: enabled
2022/09/20 13:19:47 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/20 13:19:47 fetching corpus: 50, signal 24297/27900 (executing program)
2022/09/20 13:19:47 fetching corpus: 100, signal 42754/47662 (executing program)
2022/09/20 13:19:47 fetching corpus: 150, signal 49228/55589 (executing program)
2022/09/20 13:19:47 fetching corpus: 200, signal 56411/64022 (executing program)
2022/09/20 13:19:47 fetching corpus: 250, signal 68230/76778 (executing program)
2022/09/20 13:19:48 fetching corpus: 300, signal 73641/83246 (executing program)
2022/09/20 13:19:48 fetching corpus: 350, signal 78185/88802 (executing program)
2022/09/20 13:19:48 fetching corpus: 400, signal 82488/94081 (executing program)
2022/09/20 13:19:48 fetching corpus: 450, signal 85954/98559 (executing program)
2022/09/20 13:19:48 fetching corpus: 500, signal 91535/104821 (executing program)
2022/09/20 13:19:48 fetching corpus: 550, signal 95004/109118 (executing program)
2022/09/20 13:19:48 fetching corpus: 600, signal 99576/114342 (executing program)
2022/09/20 13:19:49 fetching corpus: 650, signal 103804/119179 (executing program)
2022/09/20 13:19:49 fetching corpus: 700, signal 106368/122544 (executing program)
2022/09/20 13:19:49 fetching corpus: 750, signal 109346/126194 (executing program)
2022/09/20 13:19:49 fetching corpus: 799, signal 112728/130158 (executing program)
2022/09/20 13:19:49 fetching corpus: 849, signal 114951/133069 (executing program)
2022/09/20 13:19:49 fetching corpus: 899, signal 117907/136514 (executing program)
2022/09/20 13:19:50 fetching corpus: 948, signal 120383/139541 (executing program)
2022/09/20 13:19:50 fetching corpus: 997, signal 123532/143078 (executing program)
2022/09/20 13:19:50 fetching corpus: 1047, signal 124613/144884 (executing program)
2022/09/20 13:19:50 fetching corpus: 1097, signal 126289/147128 (executing program)
2022/09/20 13:19:50 fetching corpus: 1147, signal 128867/150062 (executing program)
2022/09/20 13:19:50 fetching corpus: 1197, signal 131527/153024 (executing program)
2022/09/20 13:19:50 fetching corpus: 1246, signal 132445/154589 (executing program)
2022/09/20 13:19:50 fetching corpus: 1296, signal 134543/157076 (executing program)
2022/09/20 13:19:51 fetching corpus: 1345, signal 137277/159985 (executing program)
2022/09/20 13:19:51 fetching corpus: 1393, signal 138570/161798 (executing program)
2022/09/20 13:19:51 fetching corpus: 1443, signal 141102/164462 (executing program)
2022/09/20 13:19:51 fetching corpus: 1492, signal 142549/166276 (executing program)
2022/09/20 13:19:51 fetching corpus: 1542, signal 143511/167701 (executing program)
2022/09/20 13:19:51 fetching corpus: 1592, signal 146121/170301 (executing program)
2022/09/20 13:19:51 fetching corpus: 1642, signal 147955/172313 (executing program)
2022/09/20 13:19:51 fetching corpus: 1692, signal 149442/174068 (executing program)
2022/09/20 13:19:52 fetching corpus: 1740, signal 151002/175863 (executing program)
2022/09/20 13:19:52 fetching corpus: 1790, signal 151997/177257 (executing program)
2022/09/20 13:19:52 fetching corpus: 1839, signal 153108/178721 (executing program)
2022/09/20 13:19:52 fetching corpus: 1888, signal 154537/180321 (executing program)
2022/09/20 13:19:52 fetching corpus: 1937, signal 155796/181846 (executing program)
2022/09/20 13:19:52 fetching corpus: 1987, signal 157249/183454 (executing program)
2022/09/20 13:19:52 fetching corpus: 2037, signal 158447/184863 (executing program)
2022/09/20 13:19:52 fetching corpus: 2087, signal 160129/186553 (executing program)
2022/09/20 13:19:52 fetching corpus: 2137, signal 161551/188064 (executing program)
2022/09/20 13:19:53 fetching corpus: 2187, signal 162610/189319 (executing program)
2022/09/20 13:19:53 fetching corpus: 2237, signal 164776/191174 (executing program)
2022/09/20 13:19:53 fetching corpus: 2287, signal 165840/192356 (executing program)
2022/09/20 13:19:53 fetching corpus: 2337, signal 167635/193923 (executing program)
2022/09/20 13:19:53 fetching corpus: 2387, signal 168659/195086 (executing program)
2022/09/20 13:19:53 fetching corpus: 2437, signal 169993/196386 (executing program)
2022/09/20 13:19:53 fetching corpus: 2487, signal 171412/197678 (executing program)
2022/09/20 13:19:54 fetching corpus: 2537, signal 173030/199105 (executing program)
2022/09/20 13:19:54 fetching corpus: 2587, signal 175561/201010 (executing program)
2022/09/20 13:19:54 fetching corpus: 2637, signal 176213/201896 (executing program)
2022/09/20 13:19:54 fetching corpus: 2687, signal 177533/203017 (executing program)
2022/09/20 13:19:54 fetching corpus: 2736, signal 178510/203989 (executing program)
2022/09/20 13:19:54 fetching corpus: 2785, signal 179235/204820 (executing program)
2022/09/20 13:19:54 fetching corpus: 2835, signal 180560/205908 (executing program)
2022/09/20 13:19:55 fetching corpus: 2885, signal 181345/206738 (executing program)
2022/09/20 13:19:55 fetching corpus: 2935, signal 181936/207407 (executing program)
2022/09/20 13:19:55 fetching corpus: 2985, signal 182839/208231 (executing program)
2022/09/20 13:19:55 fetching corpus: 3034, signal 183937/209115 (executing program)
2022/09/20 13:19:55 fetching corpus: 3083, signal 184606/209842 (executing program)
2022/09/20 13:19:55 fetching corpus: 3133, signal 185443/210668 (executing program)
2022/09/20 13:19:55 fetching corpus: 3183, signal 186347/211468 (executing program)
2022/09/20 13:19:55 fetching corpus: 3233, signal 186827/212033 (executing program)
2022/09/20 13:19:55 fetching corpus: 3283, signal 187511/212692 (executing program)
2022/09/20 13:19:56 fetching corpus: 3332, signal 188375/213429 (executing program)
2022/09/20 13:19:56 fetching corpus: 3382, signal 189480/214284 (executing program)
2022/09/20 13:19:56 fetching corpus: 3432, signal 190296/214956 (executing program)
2022/09/20 13:19:56 fetching corpus: 3482, signal 191064/215597 (executing program)
2022/09/20 13:19:56 fetching corpus: 3532, signal 192445/216413 (executing program)
2022/09/20 13:19:56 fetching corpus: 3582, signal 193677/217182 (executing program)
2022/09/20 13:19:56 fetching corpus: 3632, signal 194434/217783 (executing program)
2022/09/20 13:19:57 fetching corpus: 3682, signal 195342/218443 (executing program)
2022/09/20 13:19:57 fetching corpus: 3732, signal 196135/219032 (executing program)
2022/09/20 13:19:57 fetching corpus: 3782, signal 196972/219601 (executing program)
2022/09/20 13:19:57 fetching corpus: 3832, signal 198098/220409 (executing program)
2022/09/20 13:19:57 fetching corpus: 3882, signal 198657/220877 (executing program)
2022/09/20 13:19:57 fetching corpus: 3932, signal 199569/221445 (executing program)
2022/09/20 13:19:57 fetching corpus: 3982, signal 200094/221874 (executing program)
2022/09/20 13:19:57 fetching corpus: 4032, signal 201287/222516 (executing program)
2022/09/20 13:19:57 fetching corpus: 4082, signal 202470/223097 (executing program)
2022/09/20 13:19:58 fetching corpus: 4132, signal 202932/223484 (executing program)
2022/09/20 13:19:58 fetching corpus: 4182, signal 203394/223863 (executing program)
2022/09/20 13:19:58 fetching corpus: 4232, signal 204216/224344 (executing program)
2022/09/20 13:19:58 fetching corpus: 4282, signal 204919/224726 (executing program)
2022/09/20 13:19:58 fetching corpus: 4332, signal 205496/225081 (executing program)
2022/09/20 13:19:58 fetching corpus: 4382, signal 206254/225483 (executing program)
2022/09/20 13:19:58 fetching corpus: 4432, signal 207180/225939 (executing program)
2022/09/20 13:19:58 fetching corpus: 4482, signal 208236/226506 (executing program)
2022/09/20 13:19:59 fetching corpus: 4532, signal 208905/226883 (executing program)
2022/09/20 13:19:59 fetching corpus: 4582, signal 209800/227232 (executing program)
2022/09/20 13:19:59 fetching corpus: 4632, signal 210502/227581 (executing program)
2022/09/20 13:19:59 fetching corpus: 4682, signal 211114/227865 (executing program)
2022/09/20 13:19:59 fetching corpus: 4732, signal 211811/228127 (executing program)
2022/09/20 13:19:59 fetching corpus: 4782, signal 212778/228521 (executing program)
2022/09/20 13:20:00 fetching corpus: 4832, signal 213802/228815 (executing program)
2022/09/20 13:20:00 fetching corpus: 4882, signal 214380/229033 (executing program)
2022/09/20 13:20:00 fetching corpus: 4932, signal 214837/229212 (executing program)
2022/09/20 13:20:00 fetching corpus: 4982, signal 215572/229421 (executing program)
2022/09/20 13:20:00 fetching corpus: 5032, signal 216246/229666 (executing program)
2022/09/20 13:20:00 fetching corpus: 5082, signal 216701/229842 (executing program)
2022/09/20 13:20:00 fetching corpus: 5132, signal 217103/230026 (executing program)
2022/09/20 13:20:00 fetching corpus: 5182, signal 217698/230188 (executing program)
2022/09/20 13:20:01 fetching corpus: 5232, signal 218249/230347 (executing program)
2022/09/20 13:20:01 fetching corpus: 5282, signal 219019/230496 (executing program)
2022/09/20 13:20:01 fetching corpus: 5332, signal 219673/230642 (executing program)
2022/09/20 13:20:01 fetching corpus: 5382, signal 220245/230796 (executing program)
2022/09/20 13:20:01 fetching corpus: 5432, signal 220860/230946 (executing program)
2022/09/20 13:20:01 fetching corpus: 5482, signal 221439/231079 (executing program)
2022/09/20 13:20:01 fetching corpus: 5532, signal 221961/231167 (executing program)
2022/09/20 13:20:01 fetching corpus: 5582, signal 223037/231270 (executing program)
2022/09/20 13:20:02 fetching corpus: 5632, signal 223768/231300 (executing program)
2022/09/20 13:20:02 fetching corpus: 5681, signal 224171/231301 (executing program)
2022/09/20 13:20:02 fetching corpus: 5731, signal 224940/231306 (executing program)
2022/09/20 13:20:02 fetching corpus: 5763, signal 225279/231306 (executing program)
2022/09/20 13:20:02 fetching corpus: 5763, signal 225279/231306 (executing program)
2022/09/20 13:20:05 starting 8 fuzzer processes
13:20:05 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
getxattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_access\x00', 0x0, 0x0)

13:20:05 executing program 1:
r0 = socket$unix(0x1, 0x2, 0x0)
sendmmsg$unix(r0, 0x0, 0x0, 0x0)

13:20:05 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c)

[   79.041557] audit: type=1400 audit(1663680005.189:6): avc:  denied  { execmem } for  pid=288 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
13:20:05 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='devpts\x00', 0x0, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f0000000300)={[{@mode={'mode', 0x3d, 0x8cffffff}}]})

13:20:05 executing program 5:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
timer_create(0x0, 0x0, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000100), 0x0)

13:20:05 executing program 3:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x80, 0x0, 0x7, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(0x0, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0x81}, 0x603, 0x0, 0x0, 0x1}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x20000010000}], 0x0, &(0x7f0000000040)=ANY=[])
perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x4, 0x1, 0x5, 0x3f, 0x0, 0xffffffff, 0x80008, 0x6, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000180)}, 0xbc0, 0x8, 0xa0, 0x7, 0x401, 0x1, 0x4, 0x0, 0xfffffffd, 0x0, 0x1d5}, 0xffffffffffffffff, 0x8, r1, 0xb)
r3 = open_tree(0xffffffffffffffff, &(0x7f0000000140)='./file0/file0\x00', 0x1)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, &(0x7f0000000100))
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0xc, 0xa0, 0xba, 0x7, 0x0, 0x7, 0x8, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x100000000, 0x5}, 0x1000, 0x0, 0x101, 0x4, 0x3, 0x0, 0x3, 0x0, 0x6, 0x0, 0xffffffff}, 0x0, 0x1, r3, 0x2)
fcntl$getflags(0xffffffffffffffff, 0x3)
ioctl$FS_IOC_GETVERSION(r2, 0x80087601, &(0x7f0000000200))
r4 = dup(0xffffffffffffffff)
fcntl$dupfd(r4, 0x0, 0xffffffffffffffff)
write(0xffffffffffffffff, &(0x7f0000000400)="b2e74091ab71798740fbb16ea25e0c853e1907fc621f26bf9c8842cebe74bb1f247fbb52b4122ec66f15b753bac80e4a5acff03ed11665e3ff56117769801ccd947592f759", 0x45)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f00000001c0)={0xf0000005})

13:20:05 executing program 4:
dup2(0xffffffffffffffff, 0xffffffffffffffff)

13:20:05 executing program 7:
syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX, @ANYBLOB='d'])

[   80.345765] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.348797] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.352462] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.358077] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.361094] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   80.363192] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.375171] Bluetooth: hci0: HCI_REQ-0x0c1a
[   80.458530] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.465327] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.466394] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.473386] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.478066] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.479434] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   80.480886] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.485384] Bluetooth: hci1: HCI_REQ-0x0c1a
[   80.507062] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   80.507968] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   80.517287] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   80.519155] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   80.519851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   80.524742] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   80.526624] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   80.527658] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   80.533532] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   80.534780] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   80.535802] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   80.540234] Bluetooth: hci3: HCI_REQ-0x0c1a
[   80.557038] Bluetooth: hci2: HCI_REQ-0x0c1a
[   80.618591] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   80.620750] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   80.622077] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   80.627870] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   80.629347] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   80.630228] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   80.634210] Bluetooth: hci5: HCI_REQ-0x0c1a
[   80.725583] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   80.734623] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   80.742846] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   80.757080] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   80.770001] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   80.778389] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   80.793850] Bluetooth: hci4: HCI_REQ-0x0c1a
[   82.424477] Bluetooth: hci0: command 0x0409 tx timeout
[   82.552070] Bluetooth: hci3: command 0x0409 tx timeout
[   82.552173] Bluetooth: hci1: command 0x0409 tx timeout
[   82.616353] Bluetooth: hci6: Opcode 0x c03 failed: -110
[   82.616731] Bluetooth: hci2: command 0x0409 tx timeout
[   82.618168] Bluetooth: hci7: Opcode 0x c03 failed: -110
[   82.680088] Bluetooth: hci5: command 0x0409 tx timeout
[   82.807999] Bluetooth: hci4: command 0x0409 tx timeout
[   84.472055] Bluetooth: hci0: command 0x041b tx timeout
[   84.600114] Bluetooth: hci3: command 0x041b tx timeout
[   84.601446] Bluetooth: hci1: command 0x041b tx timeout
[   84.664002] Bluetooth: hci2: command 0x041b tx timeout
[   84.728050] Bluetooth: hci5: command 0x041b tx timeout
[   84.855973] Bluetooth: hci4: command 0x041b tx timeout
[   85.972743] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   85.977931] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   85.979183] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   85.982251] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   85.983389] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   85.984380] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   85.989764] Bluetooth: hci6: HCI_REQ-0x0c1a
[   86.185930] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   86.192730] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   86.207083] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   86.219038] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   86.227102] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   86.242112] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   86.263449] Bluetooth: hci7: HCI_REQ-0x0c1a
[   86.521004] Bluetooth: hci0: command 0x040f tx timeout
[   86.647974] Bluetooth: hci1: command 0x040f tx timeout
[   86.648404] Bluetooth: hci3: command 0x040f tx timeout
[   86.711948] Bluetooth: hci2: command 0x040f tx timeout
[   86.777471] Bluetooth: hci5: command 0x040f tx timeout
[   86.904979] Bluetooth: hci4: command 0x040f tx timeout
[   87.992006] Bluetooth: hci6: command 0x0409 tx timeout
[   88.312143] Bluetooth: hci7: command 0x0409 tx timeout
[   88.567983] Bluetooth: hci0: command 0x0419 tx timeout
[   88.696049] Bluetooth: hci3: command 0x0419 tx timeout
[   88.696672] Bluetooth: hci1: command 0x0419 tx timeout
[   88.759969] Bluetooth: hci2: command 0x0419 tx timeout
[   88.823962] Bluetooth: hci5: command 0x0419 tx timeout
[   88.952091] Bluetooth: hci4: command 0x0419 tx timeout
[   90.040111] Bluetooth: hci6: command 0x041b tx timeout
[   90.360081] Bluetooth: hci7: command 0x041b tx timeout
[   92.088097] Bluetooth: hci6: command 0x040f tx timeout
[   92.408023] Bluetooth: hci7: command 0x040f tx timeout
[   94.136140] Bluetooth: hci6: command 0x0419 tx timeout
[   94.456113] Bluetooth: hci7: command 0x0419 tx timeout
13:20:57 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='ext2\x00', 0x849000, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x6)

13:20:57 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='ext2\x00', 0x849000, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x6)

13:20:57 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='ext2\x00', 0x849000, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x6)

13:20:57 executing program 1:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4c0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00')
pread64(r2, &(0x7f0000001980)=""/146, 0x92, 0x8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r3=>r0, {0xee01}}, '\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100000001002b795fbd68b2df8094e39ddc46d7bad4592cd2f37ee0507418f77c27cc10136fb3f75cd32c0d885af555f361a2344862a6d9c271576d20f348887a40a28ce946d2cea2250896ba4166a134df0fb853f9d8eec40fd5be08f8d40704ce6ce44555869f36ef416b190bab21921fa3d6193421b6c8a663df82e39e98d0964625ad7c778eb4a3c6c4d5c17d9aa1ae5fe4e9c3241898d199888619f3af6356d5fd0a8363f6dbbda4b6", @ANYRES32=r3, @ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00./cgroup/cgroup.procs\x00'])
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x311201, 0x0)
dup(r4)
io_setup(0x9, &(0x7f0000000140)=<r5=>0x0)
r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0)
io_submit(r5, 0x1, &(0x7f00000005c0)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, r6, &(0x7f00000001c0)=')', 0x1}])
read(0xffffffffffffffff, &(0x7f0000000000), 0xfffffdef)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r7, &(0x7f0000002980)=[{{&(0x7f0000000140)={0x2, 0x4e23, @remote}, 0x10, 0x0}}, {{&(0x7f0000001540)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000002900)=[@ip_pktinfo={{0x1c, 0x11, 0x8, {0x0, @private, @private}}}], 0x20}}], 0x2, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)
read(r8, &(0x7f0000000000), 0xfffffdef)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0)

[  131.631167] audit: type=1400 audit(1663680057.778:7): avc:  denied  { open } for  pid=3697 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  131.632645] audit: type=1400 audit(1663680057.779:8): avc:  denied  { kernel } for  pid=3697 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  131.649799] ------------[ cut here ]------------
[  131.649820] 
[  131.649823] ======================================================
[  131.649826] WARNING: possible circular locking dependency detected
[  131.649830] 6.0.0-rc6-next-20220920 #1 Not tainted
[  131.649837] ------------------------------------------------------
[  131.649840] syz-executor.1/3698 is trying to acquire lock:
[  131.649846] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  131.649889] 
[  131.649889] but task is already holding lock:
[  131.649892] ffff88800f9eac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  131.649920] 
[  131.649920] which lock already depends on the new lock.
[  131.649920] 
[  131.649923] 
[  131.649923] the existing dependency chain (in reverse order) is:
[  131.649926] 
[  131.649926] -> #3 (&ctx->lock){....}-{2:2}:
[  131.649940]        _raw_spin_lock+0x2a/0x40
[  131.649960]        __perf_event_task_sched_out+0x53b/0x18d0
[  131.649973]        __schedule+0xedd/0x2470
[  131.649986]        schedule+0xda/0x1b0
[  131.649998]        exit_to_user_mode_prepare+0x114/0x1a0
[  131.650010]        syscall_exit_to_user_mode+0x19/0x40
[  131.650021]        do_syscall_64+0x48/0x90
[  131.650037]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.650056] 
[  131.650056] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  131.650070]        _raw_spin_lock_nested+0x30/0x40
[  131.650087]        raw_spin_rq_lock_nested+0x1e/0x30
[  131.650100]        task_fork_fair+0x63/0x4d0
[  131.650117]        sched_cgroup_fork+0x3d0/0x540
[  131.650131]        copy_process+0x4183/0x6e20
[  131.650141]        kernel_clone+0xe7/0x890
[  131.650151]        user_mode_thread+0xad/0xf0
[  131.650161]        rest_init+0x24/0x250
[  131.650171]        arch_call_rest_init+0xf/0x14
[  131.650187]        start_kernel+0x4c1/0x4e6
[  131.650199]        secondary_startup_64_no_verify+0xe0/0xeb
[  131.650213] 
[  131.650213] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  131.650227]        _raw_spin_lock_irqsave+0x39/0x60
[  131.650244]        try_to_wake_up+0xab/0x1930
[  131.650257]        up+0x75/0xb0
[  131.650268]        __up_console_sem+0x6e/0x80
[  131.650284]        console_unlock+0x46a/0x590
[  131.650300]        vprintk_emit+0x1bd/0x560
[  131.650316]        vprintk+0x84/0xa0
[  131.650332]        _printk+0xba/0xf1
[  131.650342]        kauditd_hold_skb.cold+0x3f/0x4e
[  131.650358]        kauditd_send_queue+0x233/0x290
[  131.650374]        kauditd_thread+0x5da/0x9a0
[  131.650387]        kthread+0x2ed/0x3a0
[  131.650402]        ret_from_fork+0x22/0x30
[  131.650415] 
[  131.650415] -> #0 ((console_sem).lock){....}-{2:2}:
[  131.650428]        __lock_acquire+0x2a02/0x5e70
[  131.650445]        lock_acquire+0x1a2/0x530
[  131.650460]        _raw_spin_lock_irqsave+0x39/0x60
[  131.650477]        down_trylock+0xe/0x70
[  131.650489]        __down_trylock_console_sem+0x3b/0xd0
[  131.650505]        vprintk_emit+0x16b/0x560
13:20:57 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='ext2\x00', 0x849000, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x6)

[  131.650522]        vprintk+0x84/0xa0
[  131.650537]        _printk+0xba/0xf1
[  131.650546]        report_bug.cold+0x72/0xab
[  131.650562]        handle_bug+0x3c/0x70
[  131.650577]        exc_invalid_op+0x14/0x50
[  131.650592]        asm_exc_invalid_op+0x16/0x20
[  131.650602]        group_sched_out.part.0+0x2c7/0x460
[  131.650613]        ctx_sched_out+0x8f1/0xc10
[  131.650623]        __perf_event_task_sched_out+0x6d0/0x18d0
[  131.650636]        __schedule+0xedd/0x2470
[  131.650648]        schedule+0xda/0x1b0
[  131.650659]        exit_to_user_mode_prepare+0x114/0x1a0
[  131.650670]        syscall_exit_to_user_mode+0x19/0x40
[  131.650681]        do_syscall_64+0x48/0x90
[  131.650696]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.650715] 
[  131.650715] other info that might help us debug this:
[  131.650715] 
[  131.650717] Chain exists of:
[  131.650717]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  131.650717] 
[  131.650732]  Possible unsafe locking scenario:
[  131.650732] 
[  131.650735]        CPU0                    CPU1
[  131.650737]        ----                    ----
[  131.650740]   lock(&ctx->lock);
[  131.650746]                                lock(&rq->__lock);
[  131.650752]                                lock(&ctx->lock);
[  131.650758]   lock((console_sem).lock);
[  131.650764] 
[  131.650764]  *** DEADLOCK ***
[  131.650764] 
[  131.650766] 2 locks held by syz-executor.1/3698:
[  131.650773]  #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  131.650801]  #1: ffff88800f9eac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  131.650829] 
[  131.650829] stack backtrace:
[  131.650832] CPU: 1 PID: 3698 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220920 #1
[  131.650844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  131.650853] Call Trace:
[  131.650856]  <TASK>
[  131.650861]  dump_stack_lvl+0x8b/0xb3
[  131.650877]  check_noncircular+0x263/0x2e0
[  131.650894]  ? format_decode+0x26c/0xb50
[  131.650910]  ? print_circular_bug+0x450/0x450
[  131.650927]  ? enable_ptr_key_workfn+0x20/0x20
[  131.650942]  ? format_decode+0x26c/0xb50
[  131.650958]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  131.650976]  __lock_acquire+0x2a02/0x5e70
[  131.650997]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  131.651019]  lock_acquire+0x1a2/0x530
[  131.651036]  ? down_trylock+0xe/0x70
[  131.651050]  ? lock_release+0x750/0x750
[  131.651071]  ? vprintk+0x84/0xa0
[  131.651088]  _raw_spin_lock_irqsave+0x39/0x60
[  131.651106]  ? down_trylock+0xe/0x70
[  131.651119]  down_trylock+0xe/0x70
[  131.651132]  ? vprintk+0x84/0xa0
[  131.651149]  __down_trylock_console_sem+0x3b/0xd0
[  131.651176]  vprintk_emit+0x16b/0x560
[  131.651195]  vprintk+0x84/0xa0
[  131.651212]  _printk+0xba/0xf1
[  131.651222]  ? record_print_text.cold+0x16/0x16
[  131.651237]  ? report_bug.cold+0x66/0xab
[  131.651253]  ? group_sched_out.part.0+0x2c7/0x460
[  131.651265]  report_bug.cold+0x72/0xab
[  131.651282]  handle_bug+0x3c/0x70
[  131.651298]  exc_invalid_op+0x14/0x50
[  131.651314]  asm_exc_invalid_op+0x16/0x20
[  131.651325] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  131.651339] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 0b 13 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  131.651351] RSP: 0018:ffff8880416efc48 EFLAGS: 00010006
[  131.651360] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  131.651368] RDX: ffff88801b15d040 RSI: ffffffff815662c7 RDI: 0000000000000005
[  131.651376] RBP: ffff888041728000 R08: 0000000000000005 R09: 0000000000000001
[  131.651383] R10: 0000000000000000 R11: ffffffff865ae05b R12: ffff88800f9eac00
[  131.651391] R13: ffff88806cf3d140 R14: ffffffff8547cec0 R15: 0000000000000002
[  131.651402]  ? group_sched_out.part.0+0x2c7/0x460
[  131.651415]  ? group_sched_out.part.0+0x2c7/0x460
[  131.651428]  ctx_sched_out+0x8f1/0xc10
[  131.651441]  __perf_event_task_sched_out+0x6d0/0x18d0
[  131.651456]  ? lock_is_held_type+0xd7/0x130
[  131.651469]  ? __perf_cgroup_move+0x160/0x160
[  131.651481]  ? set_next_entity+0x304/0x550
[  131.651498]  ? update_curr+0x267/0x740
[  131.651516]  ? lock_is_held_type+0xd7/0x130
[  131.651528]  __schedule+0xedd/0x2470
[  131.651544]  ? io_schedule_timeout+0x150/0x150
[  131.651559]  ? rcu_read_lock_sched_held+0x3e/0x80
[  131.651579]  schedule+0xda/0x1b0
[  131.651592]  exit_to_user_mode_prepare+0x114/0x1a0
[  131.651604]  syscall_exit_to_user_mode+0x19/0x40
[  131.651616]  do_syscall_64+0x48/0x90
[  131.651632]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.651652] RIP: 0033:0x7f04e385bb19
[  131.651660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  131.651671] RSP: 002b:00007f04e0dd1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  131.651681] RAX: 0000000000000001 RBX: 00007f04e396ef68 RCX: 00007f04e385bb19
[  131.651689] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f04e396ef6c
[  131.651697] RBP: 00007f04e396ef60 R08: 000000000000000e R09: 0000000000000000
[  131.651704] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f04e396ef6c
[  131.651711] R13: 00007ffe0622ba1f R14: 00007f04e0dd1300 R15: 0000000000022000
[  131.651724]  </TASK>
[  131.708464] WARNING: CPU: 1 PID: 3698 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  131.709144] Modules linked in:
[  131.709380] CPU: 1 PID: 3698 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220920 #1
[  131.709946] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  131.710737] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  131.711125] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 0b 13 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  131.712430] RSP: 0018:ffff8880416efc48 EFLAGS: 00010006
[  131.712819] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  131.713326] RDX: ffff88801b15d040 RSI: ffffffff815662c7 RDI: 0000000000000005
[  131.713847] RBP: ffff888041728000 R08: 0000000000000005 R09: 0000000000000001
[  131.714364] R10: 0000000000000000 R11: ffffffff865ae05b R12: ffff88800f9eac00
[  131.714881] R13: ffff88806cf3d140 R14: ffffffff8547cec0 R15: 0000000000000002
[  131.715403] FS:  00007f04e0dd1700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  131.715985] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.716417] CR2: 00007f0206e5c610 CR3: 0000000017db0000 CR4: 0000000000350ee0
[  131.716940] Call Trace:
[  131.717135]  <TASK>
[  131.717311]  ctx_sched_out+0x8f1/0xc10
[  131.717606]  __perf_event_task_sched_out+0x6d0/0x18d0
[  131.717981]  ? lock_is_held_type+0xd7/0x130
[  131.718296]  ? __perf_cgroup_move+0x160/0x160
[  131.718639]  ? set_next_entity+0x304/0x550
[  131.718969]  ? update_curr+0x267/0x740
[  131.719265]  ? lock_is_held_type+0xd7/0x130
[  131.719576]  __schedule+0xedd/0x2470
[  131.719852]  ? io_schedule_timeout+0x150/0x150
[  131.720202]  ? rcu_read_lock_sched_held+0x3e/0x80
[  131.720572]  schedule+0xda/0x1b0
[  131.720831]  exit_to_user_mode_prepare+0x114/0x1a0
[  131.721186]  syscall_exit_to_user_mode+0x19/0x40
[  131.721533]  do_syscall_64+0x48/0x90
[  131.721820]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  131.722215] RIP: 0033:0x7f04e385bb19
[  131.722487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  131.723781] RSP: 002b:00007f04e0dd1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  131.724336] RAX: 0000000000000001 RBX: 00007f04e396ef68 RCX: 00007f04e385bb19
[  131.724842] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f04e396ef6c
[  131.725382] RBP: 00007f04e396ef60 R08: 000000000000000e R09: 0000000000000000
[  131.725918] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f04e396ef6c
[  131.726454] R13: 00007ffe0622ba1f R14: 00007f04e0dd1300 R15: 0000000000022000
[  131.726992]  </TASK>
[  131.727191] irq event stamp: 646
[  131.727448] hardirqs last  enabled at (645): [<ffffffff8133f8f9>] exit_to_user_mode_prepare+0x109/0x1a0
[  131.728141] hardirqs last disabled at (646): [<ffffffff8424c195>] __schedule+0x1225/0x2470
[  131.728756] softirqs last  enabled at (50): [<ffffffff811709ab>] __irq_exit_rcu+0x11b/0x180
[  131.729395] softirqs last disabled at (35): [<ffffffff811709ab>] __irq_exit_rcu+0x11b/0x180
[  131.730019] ---[ end trace 0000000000000000 ]---
13:20:58 executing program 4:
mknod(&(0x7f0000008d80)='./file0\x00', 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x6)

13:20:58 executing program 4:
umount2(&(0x7f0000000040)='./file0\x00', 0x6)

13:20:58 executing program 4:
umount2(&(0x7f0000000040)='./file0\x00', 0x6)

[  132.326458] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  132.327219] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  132.327723] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  132.328244] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 08 00
[  132.328797] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 2
[  134.801520] tmpfs: Bad value for 'gid'
[  134.804274] tmpfs: Bad value for 'gid'
[  136.528906] hrtimer: interrupt took 19166 ns
[  136.648529] audit: type=1400 audit(1663680062.792:9): avc:  denied  { write } for  pid=3975 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  136.837908] loop3: detected capacity change from 0 to 264192
[  137.366095] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)

VM DIAGNOSIS:
13:20:58  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff888041697c60 RCX=ffffffff815b6021 RDX=ffff88801d843580
RSI=0000000000000000 RDI=0000000000000001 RBP=ffffea0001b3a040 RSP=ffff888041697b40
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000001 R13=dffffc0000000000 R14=ffffea0001b3a074 R15=000000000000007f
RIP=ffffffff81461c40 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f8ba0ab2540 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f8ba0d10000 CR3=000000003e2fa000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffff00ffffffffff ffffffffffff00ff
YMM02=0000000000000000 0000000000000000 4c4700362e322e32 5f4342494c470035
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000470035
YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1551 RDI=ffffffff87643ba0 RBP=ffffffff87643b60 RSP=ffff8880416ef698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001
R12=0000000000000020 R13=ffffffff87643b60 R14=0000000000000010 R15=ffffffff822b1540
RIP=ffffffff822b15a9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f04e0dd1700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0206e5c610 CR3=0000000017db0000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f04e39427c0 00007f04e39427c8
YMM02=0000000000000000 0000000000000000 00007f04e39427e0 00007f04e39427c0
YMM03=0000000000000000 0000000000000000 00007f04e39427c8 00007f04e39427c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000