Warning: Permanently added '[localhost]:12265' (ECDSA) to the list of known hosts.
2022/09/21 12:56:11 fuzzer started
2022/09/21 12:56:11 dialing manager at localhost:40289
syzkaller login: [   43.899508] cgroup: Unknown subsys name 'net'
[   44.011368] cgroup: Unknown subsys name 'rlimit'
2022/09/21 12:56:26 syscalls: 2215
2022/09/21 12:56:26 code coverage: enabled
2022/09/21 12:56:26 comparison tracing: enabled
2022/09/21 12:56:26 extra coverage: enabled
2022/09/21 12:56:26 setuid sandbox: enabled
2022/09/21 12:56:26 namespace sandbox: enabled
2022/09/21 12:56:26 Android sandbox: enabled
2022/09/21 12:56:26 fault injection: enabled
2022/09/21 12:56:26 leak checking: enabled
2022/09/21 12:56:26 net packet injection: enabled
2022/09/21 12:56:26 net device setup: enabled
2022/09/21 12:56:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/21 12:56:26 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/21 12:56:26 USB emulation: enabled
2022/09/21 12:56:26 hci packet injection: enabled
2022/09/21 12:56:26 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220921                                          )
2022/09/21 12:56:26 802.15.4 emulation: enabled
2022/09/21 12:56:26 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/21 12:56:26 fetching corpus: 50, signal 21753/25029 (executing program)
2022/09/21 12:56:26 fetching corpus: 100, signal 40843/44751 (executing program)
2022/09/21 12:56:26 fetching corpus: 150, signal 48461/53211 (executing program)
2022/09/21 12:56:26 fetching corpus: 200, signal 55361/60700 (executing program)
2022/09/21 12:56:26 fetching corpus: 250, signal 62198/67885 (executing program)
2022/09/21 12:56:26 fetching corpus: 300, signal 65082/71431 (executing program)
2022/09/21 12:56:26 fetching corpus: 350, signal 70025/76737 (executing program)
2022/09/21 12:56:26 fetching corpus: 400, signal 75321/82056 (executing program)
2022/09/21 12:56:27 fetching corpus: 450, signal 79783/86515 (executing program)
2022/09/21 12:56:27 fetching corpus: 500, signal 83446/90226 (executing program)
2022/09/21 12:56:27 fetching corpus: 550, signal 85472/92432 (executing program)
2022/09/21 12:56:27 fetching corpus: 600, signal 87707/94752 (executing program)
2022/09/21 12:56:27 fetching corpus: 650, signal 90164/97124 (executing program)
2022/09/21 12:56:27 fetching corpus: 700, signal 92929/99657 (executing program)
2022/09/21 12:56:27 fetching corpus: 750, signal 96292/102698 (executing program)
2022/09/21 12:56:28 fetching corpus: 800, signal 98621/104867 (executing program)
2022/09/21 12:56:28 fetching corpus: 850, signal 101593/107308 (executing program)
2022/09/21 12:56:28 fetching corpus: 900, signal 103339/108727 (executing program)
2022/09/21 12:56:28 fetching corpus: 950, signal 107000/111389 (executing program)
2022/09/21 12:56:28 fetching corpus: 1000, signal 109229/113180 (executing program)
2022/09/21 12:56:28 fetching corpus: 1050, signal 111112/114546 (executing program)
2022/09/21 12:56:29 fetching corpus: 1100, signal 112931/115811 (executing program)
2022/09/21 12:56:29 fetching corpus: 1150, signal 114564/117032 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/117578 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/117661 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/117757 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/117851 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/117952 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118044 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118124 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118222 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118320 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118405 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118505 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118600 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118684 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118782 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118863 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/118979 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119069 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119156 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119268 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119347 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119458 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119539 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119633 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119727 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119808 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/119910 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/120008 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/120088 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/120186 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/120274 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/120362 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/120463 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/120473 (executing program)
2022/09/21 12:56:29 fetching corpus: 1174, signal 115246/120473 (executing program)
2022/09/21 12:56:31 starting 8 fuzzer processes
12:56:31 executing program 0:
syz_io_uring_setup(0x0, &(0x7f0000000040), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

12:56:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc0189436, &(0x7f0000000000))

12:56:31 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100), 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x8000}, 0x4)

12:56:31 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x2)
ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5)

12:56:31 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x80489439, &(0x7f0000000140))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r4 = fcntl$dupfd(r2, 0x0, r0)
getsockopt$bt_BT_SNDMTU(r4, 0x112, 0xc, &(0x7f0000000000)=0x4, &(0x7f00000001c0)=0x2)
fallocate(r3, 0x10, 0x0, 0x7ffc)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(0xffffffffffffffff, 0x0)
shutdown(r5, 0x1)
lseek(0xffffffffffffffff, 0x4, 0x6b417b1c08756aa5)
r6 = fcntl$dupfd(r3, 0x0, r2)
sendfile(r2, r6, 0x0, 0x1ff)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fcntl$dupfd(r8, 0x0, r7)
perf_event_open$cgroup(&(0x7f0000000400)={0x1, 0x80, 0x45, 0xfe, 0x80, 0x4, 0x0, 0x4, 0x80000, 0xc, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x81, 0x4, @perf_bp={&(0x7f0000000200), 0x2}, 0x100b2, 0x5, 0x0, 0x7, 0x81f5, 0x8000, 0x81, 0x0, 0x5, 0x0, 0x7}, r6, 0xe, r8, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000480)=ANY=[@ANYRES16=r7, @ANYRES64, @ANYRESOCT=r0, @ANYRES16=r7])

12:56:31 executing program 5:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x80000)

[   63.745599] audit: type=1400 audit(1663764991.970:6): avc:  denied  { execmem } for  pid=287 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:56:31 executing program 6:
openat$nvram(0xffffffffffffff9c, &(0x7f0000000f00), 0x141880, 0x0)

12:56:31 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x1d, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000dff4655fdff4655f0100ffff53ef010001000000def4655f000000000000000001000000000000000b0000000002000028020000028401001b0000000000000000000000000000000000000073797a6b616c6c6572000000000000002f746d702f73797a2d696d61676567656e33393232303833393500"/192, 0xc0, 0x400}, {&(0x7f0000010100)="000000000000000000000000a5a61a17476642268b9f70cd9d05b303010000000c00000000000000def4655f00"/64, 0x40, 0x4e0}, {&(0x7f0000010200)="00000000000000000000000000000000000000000000000000000000200020000100000000000000000000000000000000000000000000002600000000000000", 0x40, 0x540}, {&(0x7f0000010300)="0000000000000000000000000000000000000000010400"/32, 0x20, 0x640}, {&(0x7f0000010400)="030000000400000005000000d4000f000300040000000000000000000f00c7e0", 0x20, 0x800}, {&(0x7f0000010500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0100ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000000000def4655fdef4655fdef4655f00"/2080, 0x820, 0xc00}, {&(0x7f0000010e00)="ed41000000040000def4655fdff4655fdff4655f00000000000004000200000000000000050000001500"/64, 0x40, 0x1600}, {&(0x7f0000010f00)="20000000706b0911706b091100000000def4655f00"/32, 0x20, 0x1680}, {&(0x7f0000011000)="c0410000002c0000def4655fdef4655fdef4655f0000000000000200160000000000000000000000160000001700000018000000190000001a0000001b0000001c0000001d0000001e0000001f00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000def4655f000000000000000000000000000002ea00"/192, 0xc0, 0x2800}, {&(0x7f0000011100)="ed4100003c000000dff4655fdff4655fdff4655f0000000000000200000000000000001003000000020000000d0000001000050166696c65300000000e0000002800050766696c65310000000000000000000000000000000000000000000000000000003330002500000000000000000000000000000000000000000000000020000000706b0911706b0911706b0911dff4655f706b09110000000000000000000002ea04070000000000000000000000000000646174610000000000000000", 0xc0, 0x2a00}, {&(0x7f0000011200)="ed8100001a040000dff4655fdff4655fdff4655f0000000000000100040000000000000001000000210000002200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000507d044100000000000000000000000000000000000000000000000020000000706b0911706b0911706b0911dff4655f706b09110000000000000000", 0xa0, 0x2c00}, {&(0x7f0000011300)="ffa1000026000000dff4655fdff4655fdff4655f00000000000001000000000000000000010000002f746d702f73797a2d696d61676567656e3339323230383339352f66696c65302f66696c6530000000000000000000000000000000000000000000005300b05d00000000000000000000000000000000000000000000000020000000706b0911706b0911706b0911dff4655f706b09110000000000000000", 0xa0, 0x2e00}, {&(0x7f0000011400)="ed8100000a000000dff4655fdff4655fdff4655f000000000000010000000000000000100100000073797a6b616c6c6572730000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d02741e300000000000000000000000000000000000000000000000020000000706b0911706b0911706b0911dff4655f706b09110000000000000000000002ea040700000000000000000000000000006461746106015401000000000600000000000000786174747231000006014c0100000000060000000000000078617474723200"/256, 0x100, 0x3000}, {&(0x7f0000011500)="0000000000000000000000000000000078617474723200007861747472310000ed81000028230000dff4655fdff4655fdff4655f0000000000000200120000000000000001000000230000002400000025000000260000002700000028000000290000002a0000002b0000000000000000000000000000000000000000000000000000002fe9e02200000000000000000000000000000000000000000000000020000000706b0911706b0911706b0911dff4655f706b09110000000000000000", 0xc0, 0x31e0}, {&(0x7f0000011600)="ed81000064000000dff4655fdff4655fdff4655f000000000000010000000000000000100100000073797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616c6c657273797a6b616cbaee901500000000000000000000000000000000000000000000000020000000706b0911706b0911706b0911dff4655f706b09110000000000000000000002ea04073401000000002800000000000000646174610000000000000000", 0xc0, 0x3400}, {&(0x7f0000011700)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00lersyzkallersyzkallersyzkallersyzkallers', 0x40, 0x35c0}, {&(0x7f0000011800)="020000000c0001022e000000020000000c0002022e2e00000b00000014000a026c6f73742b666f756e6400000c0000001000050266696c65300000000f0000001000050166696c6531000000100000001000050166696c6532000000100000001000050166696c6533000000110000009403090166696c652e636f6c64000000", 0x80, 0x5400}, {&(0x7f0000011900)="0b0000000c0001022e000000020000000c0002022e2e000000000000e8030000", 0x20, 0x5800}, {&(0x7f0000011a00)="00000000000400"/32, 0x20, 0x5c00}, {&(0x7f0000011b00)="00000000000400"/32, 0x20, 0x6000}, {&(0x7f0000011c00)="00000000000400"/32, 0x20, 0x6400}, {&(0x7f0000011d00)="00000000000400"/32, 0x20, 0x6800}, {&(0x7f0000011e00)="00000000000400"/32, 0x20, 0x6c00}, {&(0x7f0000011f00)="00000000000400"/32, 0x20, 0x7000}, {&(0x7f0000012000)="00000000000400"/32, 0x20, 0x7400}, {&(0x7f0000012100)="00000000000400"/32, 0x20, 0x7800}, {&(0x7f0000012200)="00000000000400"/32, 0x20, 0x7c00}, {&(0x7f0000012300)="00000000000400"/32, 0x20, 0x8000}, {&(0x7f0000012400)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x8400}], 0x0, &(0x7f0000012900))

[   65.032028] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   65.035532] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   65.037168] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   65.039915] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   65.043970] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   65.046464] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   65.048119] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   65.050580] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   65.052108] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   65.056669] Bluetooth: hci0: HCI_REQ-0x0c1a
[   65.060182] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   65.063998] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   65.065588] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   65.103601] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   65.105455] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   65.107485] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   65.110035] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   65.111996] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   65.113452] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   65.115526] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   65.116832] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   65.116967] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   65.119649] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   65.120473] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   65.120879] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   65.122397] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   65.123684] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   65.126719] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   65.131369] Bluetooth: hci3: HCI_REQ-0x0c1a
[   65.136511] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   65.136736] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   65.139797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   65.140822] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   65.141102] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   65.144557] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   65.146104] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   65.149364] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   65.150439] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   65.151619] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   65.159081] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   65.160188] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   65.161764] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   65.169772] Bluetooth: hci1: HCI_REQ-0x0c1a
[   65.170883] Bluetooth: hci4: HCI_REQ-0x0c1a
[   65.170976] Bluetooth: hci2: HCI_REQ-0x0c1a
[   65.183020] Bluetooth: hci5: HCI_REQ-0x0c1a
[   65.184118] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   65.187747] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   65.205496] Bluetooth: hci7: HCI_REQ-0x0c1a
[   65.224208] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   65.229142] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   65.234222] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   65.250590] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   65.258692] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   65.261110] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   65.271849] Bluetooth: hci6: HCI_REQ-0x0c1a
[   67.113716] Bluetooth: hci0: command 0x0409 tx timeout
[   67.241388] Bluetooth: hci5: command 0x0409 tx timeout
[   67.241439] Bluetooth: hci3: command 0x0409 tx timeout
[   67.242453] Bluetooth: hci7: command 0x0409 tx timeout
[   67.243737] Bluetooth: hci1: command 0x0409 tx timeout
[   67.244025] Bluetooth: hci4: command 0x0409 tx timeout
[   67.245061] Bluetooth: hci2: command 0x0409 tx timeout
[   67.305379] Bluetooth: hci6: command 0x0409 tx timeout
[   69.161338] Bluetooth: hci0: command 0x041b tx timeout
[   69.289561] Bluetooth: hci4: command 0x041b tx timeout
[   69.289587] Bluetooth: hci1: command 0x041b tx timeout
[   69.290004] Bluetooth: hci7: command 0x041b tx timeout
[   69.290464] Bluetooth: hci2: command 0x041b tx timeout
[   69.290495] Bluetooth: hci3: command 0x041b tx timeout
[   69.290882] Bluetooth: hci5: command 0x041b tx timeout
[   69.353342] Bluetooth: hci6: command 0x041b tx timeout
[   71.210313] Bluetooth: hci0: command 0x040f tx timeout
[   71.337526] Bluetooth: hci3: command 0x040f tx timeout
[   71.337767] Bluetooth: hci7: command 0x040f tx timeout
[   71.337949] Bluetooth: hci5: command 0x040f tx timeout
[   71.338394] Bluetooth: hci2: command 0x040f tx timeout
[   71.338415] Bluetooth: hci1: command 0x040f tx timeout
[   71.338787] Bluetooth: hci4: command 0x040f tx timeout
[   71.401442] Bluetooth: hci6: command 0x040f tx timeout
[   73.257364] Bluetooth: hci0: command 0x0419 tx timeout
[   73.385343] Bluetooth: hci4: command 0x0419 tx timeout
[   73.386458] Bluetooth: hci1: command 0x0419 tx timeout
[   73.386479] Bluetooth: hci5: command 0x0419 tx timeout
[   73.387102] Bluetooth: hci2: command 0x0419 tx timeout
[   73.387808] Bluetooth: hci7: command 0x0419 tx timeout
[   73.387828] Bluetooth: hci3: command 0x0419 tx timeout
[   73.449459] Bluetooth: hci6: command 0x0419 tx timeout
12:57:28 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc0189436, &(0x7f0000000000))

12:57:29 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc0189436, &(0x7f0000000000))

12:57:29 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc0189436, &(0x7f0000000000))

12:57:29 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x0, 0x0, 0x0)

12:57:29 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x0, 0x0, 0x0)

12:57:29 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x0, 0x0, 0x0)

12:57:29 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x0, 0x0, 0x0)

12:57:29 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = getpid()
r1 = pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x0, 0x0, 0x0)

[  122.374688] audit: type=1400 audit(1663765050.598:7): avc:  denied  { open } for  pid=3893 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  122.376108] audit: type=1400 audit(1663765050.598:8): avc:  denied  { kernel } for  pid=3893 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  122.410773] ------------[ cut here ]------------
[  122.410795] 
[  122.410799] ======================================================
[  122.410803] WARNING: possible circular locking dependency detected
[  122.410807] 6.0.0-rc6-next-20220921 #1 Not tainted
[  122.410814] ------------------------------------------------------
[  122.410817] syz-executor.4/3894 is trying to acquire lock:
[  122.410823] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  122.410862] 
[  122.410862] but task is already holding lock:
[  122.410865] ffff8880103aac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  122.410894] 
[  122.410894] which lock already depends on the new lock.
[  122.410894] 
[  122.410897] 
[  122.410897] the existing dependency chain (in reverse order) is:
[  122.410901] 
[  122.410901] -> #3 (&ctx->lock){....}-{2:2}:
[  122.410916]        _raw_spin_lock+0x2a/0x40
[  122.410936]        __perf_event_task_sched_out+0x53b/0x18d0
[  122.410949]        __schedule+0xedd/0x2470
[  122.410962]        schedule+0xda/0x1b0
[  122.410976]        futex_wait_queue+0xf5/0x1e0
[  122.410988]        futex_wait+0x28e/0x690
[  122.410998]        do_futex+0x2ff/0x380
[  122.411008]        __x64_sys_futex+0x1c6/0x4d0
[  122.411018]        do_syscall_64+0x3b/0x90
[  122.411035]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.411048] 
[  122.411048] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  122.411062]        _raw_spin_lock_nested+0x30/0x40
[  122.411081]        raw_spin_rq_lock_nested+0x1e/0x30
[  122.411095]        task_fork_fair+0x63/0x4d0
[  122.411113]        sched_cgroup_fork+0x3d0/0x540
[  122.411128]        copy_process+0x4183/0x6e20
[  122.411139]        kernel_clone+0xe7/0x890
[  122.411149]        user_mode_thread+0xad/0xf0
[  122.411159]        rest_init+0x24/0x250
[  122.411170]        arch_call_rest_init+0xf/0x14
[  122.411187]        start_kernel+0x4c1/0x4e6
[  122.411205]        secondary_startup_64_no_verify+0xe0/0xeb
[  122.411222] 
[  122.411222] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  122.411240]        _raw_spin_lock_irqsave+0x39/0x60
[  122.411265]        try_to_wake_up+0xab/0x1930
[  122.411279]        up+0x75/0xb0
[  122.411293]        __up_console_sem+0x6e/0x80
[  122.411310]        console_unlock+0x46a/0x590
[  122.411328]        do_con_write+0xc05/0x1d50
[  122.411340]        con_write+0x21/0x40
[  122.411350]        n_tty_write+0x4d4/0xfe0
[  122.411365]        file_tty_write.constprop.0+0x49c/0x8f0
[  122.411378]        vfs_write+0x9c3/0xd90
[  122.411397]        ksys_write+0x127/0x250
[  122.411416]        do_syscall_64+0x3b/0x90
[  122.411433]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.411445] 
[  122.411445] -> #0 ((console_sem).lock){....}-{2:2}:
[  122.411460]        __lock_acquire+0x2a02/0x5e70
[  122.411478]        lock_acquire+0x1a2/0x530
[  122.411496]        _raw_spin_lock_irqsave+0x39/0x60
[  122.411515]        down_trylock+0xe/0x70
[  122.411531]        __down_trylock_console_sem+0x3b/0xd0
[  122.411548]        vprintk_emit+0x16b/0x560
[  122.411566]        vprintk+0x84/0xa0
[  122.411584]        _printk+0xba/0xf1
[  122.411594]        report_bug.cold+0x72/0xab
[  122.411611]        handle_bug+0x3c/0x70
[  122.411628]        exc_invalid_op+0x14/0x50
[  122.411646]        asm_exc_invalid_op+0x16/0x20
[  122.411657]        group_sched_out.part.0+0x2c7/0x460
[  122.411668]        ctx_sched_out+0x8f1/0xc10
[  122.411678]        __perf_event_task_sched_out+0x6d0/0x18d0
[  122.411692]        __schedule+0xedd/0x2470
[  122.411705]        schedule+0xda/0x1b0
[  122.411718]        futex_wait_queue+0xf5/0x1e0
[  122.411729]        futex_wait+0x28e/0x690
[  122.411740]        do_futex+0x2ff/0x380
[  122.411749]        __x64_sys_futex+0x1c6/0x4d0
[  122.411759]        do_syscall_64+0x3b/0x90
[  122.411777]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.411788] 
[  122.411788] other info that might help us debug this:
[  122.411788] 
[  122.411791] Chain exists of:
[  122.411791]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  122.411791] 
[  122.411807]  Possible unsafe locking scenario:
[  122.411807] 
[  122.411810]        CPU0                    CPU1
[  122.411812]        ----                    ----
[  122.411814]   lock(&ctx->lock);
[  122.411820]                                lock(&rq->__lock);
[  122.411827]                                lock(&ctx->lock);
[  122.411834]   lock((console_sem).lock);
[  122.411840] 
[  122.411840]  *** DEADLOCK ***
[  122.411840] 
[  122.411842] 2 locks held by syz-executor.4/3894:
[  122.411849]  #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  122.411879]  #1: ffff8880103aac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  122.411908] 
[  122.411908] stack backtrace:
[  122.411911] CPU: 0 PID: 3894 Comm: syz-executor.4 Not tainted 6.0.0-rc6-next-20220921 #1
[  122.411924] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  122.411932] Call Trace:
[  122.411936]  <TASK>
[  122.411940]  dump_stack_lvl+0x8b/0xb3
[  122.411959]  check_noncircular+0x263/0x2e0
[  122.411977]  ? format_decode+0x26c/0xb50
[  122.411994]  ? print_circular_bug+0x450/0x450
[  122.412013]  ? enable_ptr_key_workfn+0x20/0x20
[  122.412030]  ? format_decode+0x26c/0xb50
[  122.412047]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  122.412066]  __lock_acquire+0x2a02/0x5e70
[  122.412090]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  122.412114]  lock_acquire+0x1a2/0x530
[  122.412133]  ? down_trylock+0xe/0x70
[  122.412150]  ? lock_release+0x750/0x750
[  122.412173]  ? vprintk+0x84/0xa0
[  122.412192]  _raw_spin_lock_irqsave+0x39/0x60
[  122.412213]  ? down_trylock+0xe/0x70
[  122.412232]  down_trylock+0xe/0x70
[  122.412251]  ? vprintk+0x84/0xa0
[  122.412269]  __down_trylock_console_sem+0x3b/0xd0
[  122.412288]  vprintk_emit+0x16b/0x560
[  122.412309]  vprintk+0x84/0xa0
[  122.412328]  _printk+0xba/0xf1
[  122.412339]  ? record_print_text.cold+0x16/0x16
[  122.412355]  ? report_bug.cold+0x66/0xab
[  122.412374]  ? group_sched_out.part.0+0x2c7/0x460
[  122.412386]  report_bug.cold+0x72/0xab
[  122.412405]  handle_bug+0x3c/0x70
[  122.412423]  exc_invalid_op+0x14/0x50
[  122.412442]  asm_exc_invalid_op+0x16/0x20
[  122.412455] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  122.412469] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 2b 12 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  122.412481] RSP: 0018:ffff88801b6078f8 EFLAGS: 00010006
[  122.412490] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  122.412498] RDX: ffff88803f2f9ac0 RSI: ffffffff815663a7 RDI: 0000000000000005
[  122.412507] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001
[  122.412514] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff8880103aac00
[  122.412522] R13: ffff88806ce3d140 R14: ffffffff8547cf80 R15: 0000000000000002
[  122.412534]  ? group_sched_out.part.0+0x2c7/0x460
[  122.412548]  ? group_sched_out.part.0+0x2c7/0x460
[  122.412561]  ctx_sched_out+0x8f1/0xc10
[  122.412575]  __perf_event_task_sched_out+0x6d0/0x18d0
[  122.412591]  ? lock_is_held_type+0xd7/0x130
[  122.412605]  ? __perf_cgroup_move+0x160/0x160
[  122.412617]  ? set_next_entity+0x304/0x550
[  122.412639]  ? lock_is_held_type+0xd7/0x130
[  122.412653]  __schedule+0xedd/0x2470
[  122.412670]  ? io_schedule_timeout+0x150/0x150
[  122.412685]  ? futex_wait_setup+0x166/0x230
[  122.412700]  schedule+0xda/0x1b0
[  122.412715]  futex_wait_queue+0xf5/0x1e0
[  122.412728]  futex_wait+0x28e/0x690
[  122.412741]  ? futex_wait_setup+0x230/0x230
[  122.412755]  ? wake_up_q+0x8b/0xf0
[  122.412769]  ? do_raw_spin_unlock+0x4f/0x220
[  122.412791]  ? futex_wake+0x158/0x490
[  122.412808]  ? fd_install+0x1f9/0x640
[  122.412825]  do_futex+0x2ff/0x380
[  122.412837]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  122.412853]  __x64_sys_futex+0x1c6/0x4d0
[  122.412867]  ? __x64_sys_futex_time32+0x480/0x480
[  122.412880]  ? syscall_enter_from_user_mode+0x1d/0x50
[  122.412893]  ? syscall_enter_from_user_mode+0x1d/0x50
[  122.412908]  do_syscall_64+0x3b/0x90
[  122.412927]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.412940] RIP: 0033:0x7f9a34183b19
[  122.412948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  122.412960] RSP: 002b:00007f9a316f9218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  122.412971] RAX: ffffffffffffffda RBX: 00007f9a34296f68 RCX: 00007f9a34183b19
[  122.412979] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9a34296f68
[  122.412987] RBP: 00007f9a34296f60 R08: 0000000000000000 R09: 0000000000000000
[  122.412995] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a34296f6c
[  122.413002] R13: 00007fffe2ad07bf R14: 00007f9a316f9300 R15: 0000000000022000
[  122.413016]  </TASK>
[  122.473033] WARNING: CPU: 0 PID: 3894 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  122.473714] Modules linked in:
[  122.473956] CPU: 0 PID: 3894 Comm: syz-executor.4 Not tainted 6.0.0-rc6-next-20220921 #1
[  122.474546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  122.475389] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  122.475793] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 2b 12 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  122.477123] RSP: 0018:ffff88801b6078f8 EFLAGS: 00010006
[  122.477520] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  122.478051] RDX: ffff88803f2f9ac0 RSI: ffffffff815663a7 RDI: 0000000000000005
[  122.478574] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001
[  122.479099] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff8880103aac00
[  122.479630] R13: ffff88806ce3d140 R14: ffffffff8547cf80 R15: 0000000000000002
[  122.480157] FS:  00007f9a316f9700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  122.480748] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.481173] CR2: 00007fb426d1c1f0 CR3: 0000000017f5a000 CR4: 0000000000350ef0
[  122.481698] Call Trace:
[  122.481889]  <TASK>
[  122.482061]  ctx_sched_out+0x8f1/0xc10
[  122.482357]  __perf_event_task_sched_out+0x6d0/0x18d0
[  122.482748]  ? lock_is_held_type+0xd7/0x130
[  122.483076]  ? __perf_cgroup_move+0x160/0x160
[  122.483429]  ? set_next_entity+0x304/0x550
[  122.483756]  ? lock_is_held_type+0xd7/0x130
[  122.484079]  __schedule+0xedd/0x2470
[  122.484366]  ? io_schedule_timeout+0x150/0x150
[  122.484714]  ? futex_wait_setup+0x166/0x230
[  122.485038]  schedule+0xda/0x1b0
[  122.485299]  futex_wait_queue+0xf5/0x1e0
[  122.485609]  futex_wait+0x28e/0x690
[  122.485890]  ? futex_wait_setup+0x230/0x230
[  122.486216]  ? wake_up_q+0x8b/0xf0
[  122.486497]  ? do_raw_spin_unlock+0x4f/0x220
[  122.486837]  ? futex_wake+0x158/0x490
[  122.487129]  ? fd_install+0x1f9/0x640
[  122.487429]  do_futex+0x2ff/0x380
[  122.487696]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  122.488132]  __x64_sys_futex+0x1c6/0x4d0
[  122.488443]  ? __x64_sys_futex_time32+0x480/0x480
[  122.488814]  ? syscall_enter_from_user_mode+0x1d/0x50
[  122.489198]  ? syscall_enter_from_user_mode+0x1d/0x50
[  122.489583]  do_syscall_64+0x3b/0x90
[  122.489875]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.490265] RIP: 0033:0x7f9a34183b19
[  122.490547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  122.491899] RSP: 002b:00007f9a316f9218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  122.492458] RAX: ffffffffffffffda RBX: 00007f9a34296f68 RCX: 00007f9a34183b19
[  122.492985] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9a34296f68
[  122.493509] RBP: 00007f9a34296f60 R08: 0000000000000000 R09: 0000000000000000
[  122.494030] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a34296f6c
[  122.494558] R13: 00007fffe2ad07bf R14: 00007f9a316f9300 R15: 0000000000022000
[  122.495088]  </TASK>
[  122.495275] irq event stamp: 2000
[  122.495535] hardirqs last  enabled at (1999): [<ffffffff8424ffad>] syscall_enter_from_user_mode+0x1d/0x50
[  122.496228] hardirqs last disabled at (2000): [<ffffffff84259305>] __schedule+0x1225/0x2470
[  122.496836] softirqs last  enabled at (336): [<ffffffff811709ab>] __irq_exit_rcu+0x11b/0x180
[  122.497469] softirqs last disabled at (231): [<ffffffff811709ab>] __irq_exit_rcu+0x11b/0x180
[  122.498092] ---[ end trace 0000000000000000 ]---
[  122.623377] loop7: detected capacity change from 0 to 512
[  122.641186] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  122.665411] EXT4-fs (loop7): unmounting filesystem.
[  122.719027] syz-executor.4 (3894) used greatest stack depth: 24536 bytes left
[  123.129951] program syz-executor.3 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  128.681404] Bluetooth: hci6: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
12:57:30  Registers:
info registers vcpu 0
RAX=0000000000000067 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1c91 RDI=ffffffff87645ba0 RBP=ffffffff87645b60 RSP=ffff88801b607348
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000067 R11=0000000000000001
R12=0000000000000067 R13=ffffffff87645b60 R14=0000000000000010 R15=ffffffff822b1c80
RIP=ffffffff822b1ce9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f9a316f9700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb426d1c1f0 CR3=0000000017f5a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f9a3426a7c0 00007f9a3426a7c8
YMM02=0000000000000000 0000000000000000 00007f9a3426a7e0 00007f9a3426a7c0
YMM03=0000000000000000 0000000000000000 00007f9a3426a7c8 00007f9a3426a7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffff88806ce3eee0 RCX=0000000000000000 RDX=ffff888010049ac0
RSI=ffffffff813bce37 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88803ebb7948
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffffed100d9c7ddd R13=0000000000000001 R14=ffff88806ce3eee8 R15=dffffc0000000000
RIP=ffffffff813bce39 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555556892400 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9a3429155c CR3=0000000017f5a000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f9a3426a7c0 00007f9a3426a7c8
YMM02=0000000000000000 0000000000000000 00007f9a3426a7e0 00007f9a3426a7c0
YMM03=0000000000000000 0000000000000000 00007f9a3426a7c8 00007f9a3426a7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000