Warning: Permanently added '[localhost]:54626' (ECDSA) to the list of known hosts.
2022/09/21 12:58:26 fuzzer started
2022/09/21 12:58:27 dialing manager at localhost:40289
syzkaller login: [   45.594709] cgroup: Unknown subsys name 'net'
[   45.693901] cgroup: Unknown subsys name 'rlimit'
2022/09/21 12:58:42 syscalls: 2215
2022/09/21 12:58:42 code coverage: enabled
2022/09/21 12:58:42 comparison tracing: enabled
2022/09/21 12:58:42 extra coverage: enabled
2022/09/21 12:58:42 setuid sandbox: enabled
2022/09/21 12:58:42 namespace sandbox: enabled
2022/09/21 12:58:42 Android sandbox: enabled
2022/09/21 12:58:42 fault injection: enabled
2022/09/21 12:58:42 leak checking: enabled
2022/09/21 12:58:42 net packet injection: enabled
2022/09/21 12:58:42 net device setup: enabled
2022/09/21 12:58:42 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/21 12:58:42 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/21 12:58:42 USB emulation: enabled
2022/09/21 12:58:42 hci packet injection: enabled
2022/09/21 12:58:42 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220921                                          )
2022/09/21 12:58:42 802.15.4 emulation: enabled
2022/09/21 12:58:42 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/21 12:58:43 fetching corpus: 29, signal 24683/27843 (executing program)
2022/09/21 12:58:43 fetching corpus: 79, signal 38553/42699 (executing program)
2022/09/21 12:58:43 fetching corpus: 128, signal 43177/48426 (executing program)
2022/09/21 12:58:43 fetching corpus: 178, signal 48777/54836 (executing program)
2022/09/21 12:58:43 fetching corpus: 228, signal 58948/65217 (executing program)
2022/09/21 12:58:43 fetching corpus: 277, signal 63995/70817 (executing program)
2022/09/21 12:58:44 fetching corpus: 327, signal 69685/76748 (executing program)
2022/09/21 12:58:44 fetching corpus: 375, signal 73121/80636 (executing program)
2022/09/21 12:58:44 fetching corpus: 424, signal 78957/86495 (executing program)
2022/09/21 12:58:44 fetching corpus: 473, signal 83521/90939 (executing program)
2022/09/21 12:58:44 fetching corpus: 522, signal 86325/93870 (executing program)
2022/09/21 12:58:44 fetching corpus: 571, signal 91175/98309 (executing program)
2022/09/21 12:58:44 fetching corpus: 620, signal 92741/100053 (executing program)
2022/09/21 12:58:45 fetching corpus: 668, signal 95266/102507 (executing program)
2022/09/21 12:58:45 fetching corpus: 718, signal 98156/105182 (executing program)
2022/09/21 12:58:45 fetching corpus: 768, signal 100080/107024 (executing program)
2022/09/21 12:58:45 fetching corpus: 817, signal 103047/109627 (executing program)
2022/09/21 12:58:45 fetching corpus: 867, signal 104233/110773 (executing program)
2022/09/21 12:58:45 fetching corpus: 917, signal 106354/112612 (executing program)
2022/09/21 12:58:45 fetching corpus: 967, signal 108466/114355 (executing program)
2022/09/21 12:58:45 fetching corpus: 1016, signal 110288/115860 (executing program)
2022/09/21 12:58:46 fetching corpus: 1064, signal 111985/117341 (executing program)
2022/09/21 12:58:46 fetching corpus: 1113, signal 113307/118377 (executing program)
2022/09/21 12:58:46 fetching corpus: 1162, signal 114787/119556 (executing program)
2022/09/21 12:58:46 fetching corpus: 1209, signal 116561/120830 (executing program)
2022/09/21 12:58:46 fetching corpus: 1257, signal 117889/121839 (executing program)
2022/09/21 12:58:46 fetching corpus: 1307, signal 120067/123188 (executing program)
2022/09/21 12:58:46 fetching corpus: 1356, signal 121007/123848 (executing program)
2022/09/21 12:58:47 fetching corpus: 1379, signal 122098/124577 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/124670 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/124747 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/124843 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/124919 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/125007 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/125090 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/125183 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/125259 (executing program)
2022/09/21 12:58:47 fetching corpus: 1381, signal 122104/125342 (executing program)
2022/09/21 12:58:47 fetching corpus: 1382, signal 122171/125477 (executing program)
2022/09/21 12:58:47 fetching corpus: 1382, signal 122171/125561 (executing program)
2022/09/21 12:58:47 fetching corpus: 1382, signal 122171/125638 (executing program)
2022/09/21 12:58:47 fetching corpus: 1383, signal 122212/125729 (executing program)
2022/09/21 12:58:47 fetching corpus: 1383, signal 122212/125802 (executing program)
2022/09/21 12:58:47 fetching corpus: 1383, signal 122212/125876 (executing program)
2022/09/21 12:58:47 fetching corpus: 1383, signal 122212/125958 (executing program)
2022/09/21 12:58:47 fetching corpus: 1384, signal 122217/126050 (executing program)
2022/09/21 12:58:47 fetching corpus: 1384, signal 122217/126115 (executing program)
2022/09/21 12:58:47 fetching corpus: 1384, signal 122217/126206 (executing program)
2022/09/21 12:58:47 fetching corpus: 1384, signal 122217/126289 (executing program)
2022/09/21 12:58:47 fetching corpus: 1385, signal 122219/126367 (executing program)
2022/09/21 12:58:47 fetching corpus: 1386, signal 122228/126451 (executing program)
2022/09/21 12:58:47 fetching corpus: 1387, signal 122231/126545 (executing program)
2022/09/21 12:58:47 fetching corpus: 1388, signal 122241/126621 (executing program)
2022/09/21 12:58:47 fetching corpus: 1388, signal 122241/126696 (executing program)
2022/09/21 12:58:47 fetching corpus: 1388, signal 122241/126780 (executing program)
2022/09/21 12:58:47 fetching corpus: 1388, signal 122241/126849 (executing program)
2022/09/21 12:58:47 fetching corpus: 1388, signal 122241/126942 (executing program)
2022/09/21 12:58:47 fetching corpus: 1388, signal 122241/127020 (executing program)
2022/09/21 12:58:47 fetching corpus: 1388, signal 122241/127044 (executing program)
2022/09/21 12:58:47 fetching corpus: 1388, signal 122241/127044 (executing program)
2022/09/21 12:58:50 starting 8 fuzzer processes
12:58:50 executing program 0:
r0 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key(&(0x7f0000000200)='id_resolver\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000400)="af", 0x1, r0)
add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$read(0xb, r1, 0x0, 0x0)

12:58:50 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$inet6_opts(r1, 0x29, 0x3b, &(0x7f00000001c0)=ANY=[], 0x8)
setsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000380)=@routing, 0x8)

12:58:50 executing program 2:
rt_sigpending(0xfffffffffffffffd, 0x0)

[   68.226901] audit: type=1400 audit(1663765130.395:6): avc:  denied  { execmem } for  pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:58:50 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80))
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
stat(&(0x7f0000001480)='./file0\x00', &(0x7f0000000080))

12:58:50 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, {0x2, 0x0, @broadcast}, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @broadcast}, 0x80})

12:58:50 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000380), 0x2}, 0x12354}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fallocate(r1, 0x0, 0x0, 0x87ffffc)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x220000, 0x0)
openat(r2, &(0x7f00000003c0)='./file1\x00', 0x402, 0x1bb)
pwritev(r1, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48", 0x50}], 0x1, 0x8d, 0x7bf6)
pwritev2(r0, &(0x7f0000000300)=[{&(0x7f0000000180)="3c05886344f6c1676463474261a3cd71268afe038e7d96f46fea5246194a21c0bca49aab4882c5e4b508f5caf019902800cc407c31ecca2126ec616e9ef51561c11fb6d5ad0dc0c03998e37daae333db1252ad0d6b210c26dc017bcd9eb7b3773f1ab930713c646093f3efac450fcd793d65bfca217cf1d1be3971f4b8bee2b4fd3876a9b065f04ff62603f3cffe0e3ead48226b756653faf696165c00c54890e8d4590f8c08e761926d1a367f7adaff0cd7a0a804aae86072e3866492eabdfbbf60d4a310dfda9cb5f679ca00946a01dd39236d72f2aa56bb3d9d47c042843926cfff2164e5df0e048b3a8d", 0xec}], 0x1, 0x6, 0x2, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4800)
ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0xb9)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0)
signalfd4(r4, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000)
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000340), 0x8, 0x0)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x1, 0x1, 0x5, 0x20, 0x0, 0x1, 0x62000, 0x8, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_config_ext={0x100000000, 0x401}, 0x800, 0xffffffffffff20aa, 0x9, 0x8, 0x6, 0x9, 0x8, 0x0, 0x6, 0x0, 0x232}, 0x0, 0xf, 0xffffffffffffffff, 0x2)
signalfd4(r5, &(0x7f00000007c0)={[0xa62]}, 0x8, 0x80000)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r4, 0xc0189374, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000001000000180000000600ce2abe7dff9f57274b43f1353697b34407715cdeb34fc91d21b36b05ab8e6849a60addf84907fea1d83f32ea8c047c2c9fcf81c09ab68e7ca44455c5a39613d2f427d25cd959487cd7dfcb465ea1cdf12da351f482ba4d373a590a168a483df324dfcbd87f059fd023fe84b20e4fbfedb5a8fac5f42be332abe17c09562ec2956f74f4434131b4a6c07e3b1d629a89eea1554c9b375e9a2c11af9824f75d8d023a024b68bee4a8c73318c168fe2427b4eff26aab7cb35e5ce0fef0ad17", @ANYRES32=r3, @ANYBLOB="0100ee2da88e0fd124a200000200800000"])

12:58:50 executing program 6:
prctl$PR_GET_TSC(0x19, &(0x7f0000000140))
prctl$PR_GET_TSC(0x19, &(0x7f0000000180))

12:58:50 executing program 7:
mq_open(&(0x7f0000000000)='\'\x00', 0x0, 0x0, &(0x7f0000000040))

[   69.558827] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   69.561474] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   69.562744] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   69.563505] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   69.565914] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   69.568734] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   69.569567] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   69.571926] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   69.573611] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   69.589595] Bluetooth: hci1: HCI_REQ-0x0c1a
[   69.594909] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   69.611934] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   69.613083] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   69.614523] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   69.616598] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   69.617690] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   69.623167] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   69.624936] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   69.626167] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   69.631282] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   69.632935] Bluetooth: hci2: HCI_REQ-0x0c1a
[   69.635048] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   69.637121] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   69.641460] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   69.642716] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   69.646478] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   69.650746] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   69.653446] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   69.655037] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   69.656599] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   69.661071] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   69.662498] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   69.663713] Bluetooth: hci3: HCI_REQ-0x0c1a
[   69.666114] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   69.667519] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   69.677877] Bluetooth: hci6: HCI_REQ-0x0c1a
[   69.703495] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   69.704956] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   69.708007] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   69.710474] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.713907] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   69.715800] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   69.717344] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   69.725309] Bluetooth: hci0: HCI_REQ-0x0c1a
[   69.725630] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   69.731325] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   69.737145] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   69.745397] Bluetooth: hci4: HCI_REQ-0x0c1a
[   69.745414] Bluetooth: hci7: HCI_REQ-0x0c1a
[   71.627334] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   71.627718] Bluetooth: hci1: command 0x0409 tx timeout
[   71.692395] Bluetooth: hci3: command 0x0409 tx timeout
[   71.693106] Bluetooth: hci2: command 0x0409 tx timeout
[   71.755313] Bluetooth: hci4: command 0x0409 tx timeout
[   71.756088] Bluetooth: hci6: command 0x0409 tx timeout
[   71.757115] Bluetooth: hci0: command 0x0409 tx timeout
[   71.819344] Bluetooth: hci7: command 0x0409 tx timeout
[   73.675365] Bluetooth: hci1: command 0x041b tx timeout
[   73.739283] Bluetooth: hci2: command 0x041b tx timeout
[   73.739707] Bluetooth: hci3: command 0x041b tx timeout
[   73.803422] Bluetooth: hci0: command 0x041b tx timeout
[   73.803844] Bluetooth: hci6: command 0x041b tx timeout
[   73.804306] Bluetooth: hci4: command 0x041b tx timeout
[   73.867240] Bluetooth: hci7: command 0x041b tx timeout
[   75.723327] Bluetooth: hci1: command 0x040f tx timeout
[   75.787262] Bluetooth: hci3: command 0x040f tx timeout
[   75.787281] Bluetooth: hci2: command 0x040f tx timeout
[   75.851261] Bluetooth: hci4: command 0x040f tx timeout
[   75.851289] Bluetooth: hci6: command 0x040f tx timeout
[   75.851754] Bluetooth: hci0: command 0x040f tx timeout
[   75.915274] Bluetooth: hci7: command 0x040f tx timeout
[   76.683258] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   77.771274] Bluetooth: hci1: command 0x0419 tx timeout
[   77.835301] Bluetooth: hci3: command 0x0419 tx timeout
[   77.837292] Bluetooth: hci2: command 0x0419 tx timeout
[   77.899279] Bluetooth: hci6: command 0x0419 tx timeout
[   77.899733] Bluetooth: hci4: command 0x0419 tx timeout
[   77.900254] Bluetooth: hci0: command 0x0419 tx timeout
[   77.964317] Bluetooth: hci7: command 0x0419 tx timeout
[   81.227257] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   83.749973] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   83.758540] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   83.762572] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   83.766169] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   83.767313] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   83.768738] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   83.778756] Bluetooth: hci5: HCI_REQ-0x0c1a
[   85.836319] Bluetooth: hci5: command 0x0409 tx timeout
[   87.883245] Bluetooth: hci5: command 0x041b tx timeout
[   89.931254] Bluetooth: hci5: command 0x040f tx timeout
[   91.979261] Bluetooth: hci5: command 0x0419 tx timeout
12:59:48 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80))
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
stat(&(0x7f0000001480)='./file0\x00', &(0x7f0000000080))

12:59:48 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80))
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
stat(&(0x7f0000001480)='./file0\x00', &(0x7f0000000080))

12:59:48 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80))
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
stat(&(0x7f0000001480)='./file0\x00', &(0x7f0000000080))

12:59:49 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80))
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
stat(&(0x7f0000001480)='./file0\x00', &(0x7f0000000080))

12:59:49 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80))
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
stat(&(0x7f0000001480)='./file0\x00', &(0x7f0000000080))

12:59:49 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000700)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80))
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
stat(&(0x7f0000001480)='./file0\x00', &(0x7f0000000080))

12:59:49 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1/../file0\x00', 0x101042, 0x40)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0x4, 0xd4, 0x20, 0x0, 0x0, 0x800, 0x2000, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000340), 0x2}, 0x10000, 0xffffffffffff8001, 0x9, 0x7, 0x80000000, 0x1, 0x4006, 0x0, 0x2}, r1, 0x0, r0, 0x0)
io_setup(0x7, &(0x7f0000000000)=<r2=>0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='personality\x00')
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000f00)='mountinfo\x00')
timer_create(0xfffffff1, 0x0, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f0000000080)={<r4=>0x0, <r5=>0x0})
timer_create(0x6, &(0x7f0000000380)={0x0, 0x1c, 0x1, @thr={&(0x7f00000001c0)="7b54d93735e580da4d4b2b1e5b24a25a8bcaf2bc41f8356ec6fa12c71614249af8fe1716f91df35223852725637e0bd619f0a83761463849c1941d2e8e5d3cd891ff19e667251cf607586223f573de3c87e5bcfc1b0efdc1170f8b091408913297abe8ae0133b2ac2e9d432e7e4284ea931c2f138bcda97300df764704007edce14f397f8338c2da279f6640d7c262142c8a996a16d4fb4d5f51d4e5423e0d355e2c2c6fcd182ca6e9f884a4332012c3a1fae0b6fe4c1e5ca7834b10477ce1f489e414b3f293504e6bbbf8a633e5918331f89f9fd30d030bda984dfedbd5adf06715", &(0x7f00000002c0)="e8688df451238387d527607ff86f50345f9daa5b2393bc2ee69dad33498d331e4521010841f5c772701aa08d344c122aee2fcb69cb53d9c4a3e4f4385e483af1f93949b6b0c52b5d2a7660371ea32859657afa5a48652841b683aec70010ae4ebce053ab6b3e521c2cd89875319b74a5ac5863cf475383afccbf06b87b93028341c6fedb1e0937cc4b5cba4b8de113999f3e3542f4391f71ce74c6c3b250f243843e1a8d54dfd0419af205f03fc3fe7407d6c4bd7808"}}, &(0x7f00000003c0)=<r6=>0x0)
timer_gettime(r6, &(0x7f0000000400))
clock_gettime(0x0, &(0x7f00000000c0)={<r7=>0x0, <r8=>0x0})
timer_settime(0x0, 0x0, &(0x7f0000000100)={{r4, r5+60000000}, {r7, r8+60000000}}, &(0x7f0000000180))
timer_delete(0x0)
fsetxattr$security_selinux(r3, &(0x7f0000000180), &(0x7f0000000300)='system_u:object_r:modem_device_t:s0\x00', 0x24, 0x1)
read$hiddev(r3, &(0x7f0000000040)=""/169, 0x200000e9)
io_submit(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)="0a64c8716b203053fc54e7491aa00a3e1d051b888b5740f00737cb0e42db455a392813b7130b6a0d792d5e5a2c03799b80b2bc4b836790e05e6739915a09db97762936f4c49f9de4c82ca1c691628be42492f9f1b1bf63906e02cd551feed4b8f616a7b7b1b8c06fa9c396c580e88a6757fbd1858fdfb08cdfd49a62fe1f2395dc2525518f2343817d3314653cf98daeff4526ba174e32e99369e99c81cc191cd0c6cd9c6a318b608676f0cff38fccf3696c5faff7fda22edc5007fa69fc2bc5ae9fab42d7869d03ec3240cf2592f8e0a550ff", 0xd3, 0x2901, 0x0, 0x1, r3}])

[  127.545366] audit: type=1400 audit(1663765189.713:7): avc:  denied  { open } for  pid=3746 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  127.547000] audit: type=1400 audit(1663765189.714:8): avc:  denied  { kernel } for  pid=3746 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  127.573955] ------------[ cut here ]------------
[  127.573989] 
[  127.573995] ======================================================
[  127.574001] WARNING: possible circular locking dependency detected
[  127.574008] 6.0.0-rc6-next-20220921 #1 Not tainted
[  127.574020] ------------------------------------------------------
[  127.574026] syz-executor.3/3748 is trying to acquire lock:
[  127.574038] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  127.574106] 
[  127.574106] but task is already holding lock:
[  127.574111] ffff8880089a8420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  127.574173] 
[  127.574173] which lock already depends on the new lock.
[  127.574173] 
[  127.574178] 
[  127.574178] the existing dependency chain (in reverse order) is:
[  127.574185] 
[  127.574185] -> #3 (&ctx->lock){....}-{2:2}:
[  127.574212]        _raw_spin_lock+0x2a/0x40
[  127.574249]        __perf_event_task_sched_out+0x53b/0x18d0
[  127.574273]        __schedule+0xedd/0x2470
[  127.574299]        schedule+0xda/0x1b0
[  127.574323]        exit_to_user_mode_prepare+0x114/0x1a0
[  127.574345]        syscall_exit_to_user_mode+0x19/0x40
[  127.574367]        do_syscall_64+0x48/0x90
[  127.574399]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.574421] 
[  127.574421] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  127.574448]        _raw_spin_lock_nested+0x30/0x40
[  127.574484]        raw_spin_rq_lock_nested+0x1e/0x30
[  127.574509]        task_fork_fair+0x63/0x4d0
[  127.574542]        sched_cgroup_fork+0x3d0/0x540
[  127.574571]        copy_process+0x4183/0x6e20
[  127.574590]        kernel_clone+0xe7/0x890
[  127.574608]        user_mode_thread+0xad/0xf0
[  127.574628]        rest_init+0x24/0x250
[  127.574649]        arch_call_rest_init+0xf/0x14
[  127.574679]        start_kernel+0x4c1/0x4e6
[  127.574706]        secondary_startup_64_no_verify+0xe0/0xeb
[  127.574733] 
[  127.574733] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  127.574760]        _raw_spin_lock_irqsave+0x39/0x60
[  127.574796]        try_to_wake_up+0xab/0x1930
[  127.574823]        up+0x75/0xb0
[  127.574849]        __up_console_sem+0x6e/0x80
[  127.574880]        console_unlock+0x46a/0x590
[  127.574913]        do_con_write+0xc05/0x1d50
[  127.574934]        con_write+0x21/0x40
[  127.574954]        n_tty_write+0x4d4/0xfe0
[  127.574979]        file_tty_write.constprop.0+0x49c/0x8f0
[  127.575003]        vfs_write+0x9c3/0xd90
[  127.575039]        ksys_write+0x127/0x250
[  127.575074]        do_syscall_64+0x3b/0x90
[  127.575106]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.575128] 
[  127.575128] -> #0 ((console_sem).lock){....}-{2:2}:
[  127.575155]        __lock_acquire+0x2a02/0x5e70
[  127.575189]        lock_acquire+0x1a2/0x530
[  127.575221]        _raw_spin_lock_irqsave+0x39/0x60
[  127.575258]        down_trylock+0xe/0x70
[  127.575286]        __down_trylock_console_sem+0x3b/0xd0
[  127.575319]        vprintk_emit+0x16b/0x560
[  127.575354]        vprintk+0x84/0xa0
[  127.575389]        _printk+0xba/0xf1
[  127.575408]        report_bug.cold+0x72/0xab
[  127.575439]        handle_bug+0x3c/0x70
[  127.575471]        exc_invalid_op+0x14/0x50
[  127.575503]        asm_exc_invalid_op+0x16/0x20
[  127.575524]        group_sched_out.part.0+0x2c7/0x460
[  127.575545]        ctx_sched_out+0x8f1/0xc10
[  127.575564]        __perf_event_task_sched_out+0x6d0/0x18d0
[  127.575589]        __schedule+0xedd/0x2470
[  127.575614]        schedule+0xda/0x1b0
[  127.575638]        exit_to_user_mode_prepare+0x114/0x1a0
[  127.575659]        syscall_exit_to_user_mode+0x19/0x40
[  127.575681]        do_syscall_64+0x48/0x90
[  127.575713]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.575735] 
[  127.575735] other info that might help us debug this:
[  127.575735] 
[  127.575740] Chain exists of:
[  127.575740]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  127.575740] 
[  127.575770]  Possible unsafe locking scenario:
[  127.575770] 
[  127.575774]        CPU0                    CPU1
[  127.575779]        ----                    ----
[  127.575783]   lock(&ctx->lock);
[  127.575794]                                lock(&rq->__lock);
[  127.575807]                                lock(&ctx->lock);
[  127.575819]   lock((console_sem).lock);
[  127.575831] 
[  127.575831]  *** DEADLOCK ***
[  127.575831] 
[  127.575834] 2 locks held by syz-executor.3/3748:
[  127.575847]  #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  127.575904]  #1: ffff8880089a8420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  127.575959] 
[  127.575959] stack backtrace:
[  127.575964] CPU: 0 PID: 3748 Comm: syz-executor.3 Not tainted 6.0.0-rc6-next-20220921 #1
[  127.575988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  127.576003] Call Trace:
[  127.576009]  <TASK>
[  127.576017]  dump_stack_lvl+0x8b/0xb3
[  127.576052]  check_noncircular+0x263/0x2e0
[  127.576085]  ? format_decode+0x26c/0xb50
[  127.576115]  ? print_circular_bug+0x450/0x450
[  127.576150]  ? enable_ptr_key_workfn+0x20/0x20
[  127.576182]  ? format_decode+0x26c/0xb50
[  127.576216]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  127.576251]  __lock_acquire+0x2a02/0x5e70
[  127.576296]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  127.576343]  lock_acquire+0x1a2/0x530
[  127.576377]  ? down_trylock+0xe/0x70
[  127.576410]  ? lock_release+0x750/0x750
[  127.576452]  ? vprintk+0x84/0xa0
[  127.576489]  _raw_spin_lock_irqsave+0x39/0x60
[  127.576527]  ? down_trylock+0xe/0x70
[  127.576557]  down_trylock+0xe/0x70
[  127.576587]  ? vprintk+0x84/0xa0
[  127.576622]  __down_trylock_console_sem+0x3b/0xd0
[  127.576657]  vprintk_emit+0x16b/0x560
[  127.576696]  vprintk+0x84/0xa0
[  127.576732]  _printk+0xba/0xf1
[  127.576753]  ? record_print_text.cold+0x16/0x16
[  127.576783]  ? report_bug.cold+0x66/0xab
[  127.576818]  ? group_sched_out.part.0+0x2c7/0x460
[  127.576840]  report_bug.cold+0x72/0xab
[  127.576885]  handle_bug+0x3c/0x70
[  127.576919]  exc_invalid_op+0x14/0x50
[  127.576954]  asm_exc_invalid_op+0x16/0x20
[  127.576977] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  127.577003] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 2b 12 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  127.577024] RSP: 0018:ffff88803f6bfc48 EFLAGS: 00010006
[  127.577042] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  127.577057] RDX: ffff88803f80d040 RSI: ffffffff815663a7 RDI: 0000000000000005
[  127.577072] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001
[  127.577086] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff8880089a8400
[  127.577101] R13: ffff88806ce3d140 R14: ffffffff8547d0e0 R15: 0000000000000002
[  127.577124]  ? group_sched_out.part.0+0x2c7/0x460
[  127.577150]  ? group_sched_out.part.0+0x2c7/0x460
[  127.577175]  ctx_sched_out+0x8f1/0xc10
[  127.577201]  __perf_event_task_sched_out+0x6d0/0x18d0
[  127.577232]  ? lock_is_held_type+0xd7/0x130
[  127.577257]  ? __perf_cgroup_move+0x160/0x160
[  127.577280]  ? set_next_entity+0x304/0x550
[  127.577316]  ? update_curr+0x267/0x740
[  127.577354]  ? lock_is_held_type+0xd7/0x130
[  127.577380]  __schedule+0xedd/0x2470
[  127.577412]  ? io_schedule_timeout+0x150/0x150
[  127.577443]  ? rcu_read_lock_sched_held+0x3e/0x80
[  127.577484]  schedule+0xda/0x1b0
[  127.577512]  exit_to_user_mode_prepare+0x114/0x1a0
[  127.577535]  syscall_exit_to_user_mode+0x19/0x40
[  127.577559]  do_syscall_64+0x48/0x90
[  127.577594]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.577617] RIP: 0033:0x7fbe51a91b19
[  127.577633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  127.577654] RSP: 002b:00007fbe4f007218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  127.577676] RAX: 0000000000000001 RBX: 00007fbe51ba4f68 RCX: 00007fbe51a91b19
[  127.577690] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbe51ba4f6c
[  127.577705] RBP: 00007fbe51ba4f60 R08: 000000000000000e R09: 0000000000000000
[  127.577719] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fbe51ba4f6c
[  127.577733] R13: 00007ffea089e31f R14: 00007fbe4f007300 R15: 0000000000022000
[  127.577760]  </TASK>
[  127.681769] WARNING: CPU: 0 PID: 3748 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  127.683076] Modules linked in:
[  127.683542] CPU: 0 PID: 3748 Comm: syz-executor.3 Not tainted 6.0.0-rc6-next-20220921 #1
[  127.684661] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  127.686244] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  127.687018] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 2b 12 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  127.689566] RSP: 0018:ffff88803f6bfc48 EFLAGS: 00010006
[  127.690325] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  127.691329] RDX: ffff88803f80d040 RSI: ffffffff815663a7 RDI: 0000000000000005
[  127.692323] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001
[  127.693350] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff8880089a8400
[  127.694327] R13: ffff88806ce3d140 R14: ffffffff8547d0e0 R15: 0000000000000002
[  127.695343] FS:  00007fbe4f007700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  127.696473] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  127.697308] CR2: 00007fb10e179de0 CR3: 000000000f6c2000 CR4: 0000000000350ef0
[  127.698308] Call Trace:
[  127.698682]  <TASK>
[  127.699018]  ctx_sched_out+0x8f1/0xc10
[  127.699595]  __perf_event_task_sched_out+0x6d0/0x18d0
[  127.700338]  ? lock_is_held_type+0xd7/0x130
[  127.700947]  ? __perf_cgroup_move+0x160/0x160
[  127.701599]  ? set_next_entity+0x304/0x550
[  127.702203]  ? update_curr+0x267/0x740
[  127.702784]  ? lock_is_held_type+0xd7/0x130
[  127.703408]  __schedule+0xedd/0x2470
[  127.703955]  ? io_schedule_timeout+0x150/0x150
[  127.704624]  ? rcu_read_lock_sched_held+0x3e/0x80
[  127.705311]  schedule+0xda/0x1b0
[  127.705781]  exit_to_user_mode_prepare+0x114/0x1a0
[  127.706421]  syscall_exit_to_user_mode+0x19/0x40
[  127.707042]  do_syscall_64+0x48/0x90
[  127.707558]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  127.708230] RIP: 0033:0x7fbe51a91b19
[  127.708714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  127.711034] RSP: 002b:00007fbe4f007218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  127.712042] RAX: 0000000000000001 RBX: 00007fbe51ba4f68 RCX: 00007fbe51a91b19
[  127.713005] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbe51ba4f6c
[  127.713951] RBP: 00007fbe51ba4f60 R08: 000000000000000e R09: 0000000000000000
[  127.714900] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fbe51ba4f6c
[  127.715842] R13: 00007ffea089e31f R14: 00007fbe4f007300 R15: 0000000000022000
[  127.716804]  </TASK>
[  127.717127] irq event stamp: 964
[  127.717584] hardirqs last  enabled at (963): [<ffffffff8133f9d9>] exit_to_user_mode_prepare+0x109/0x1a0
[  127.718815] hardirqs last disabled at (964): [<ffffffff84259305>] __schedule+0x1225/0x2470
[  127.719915] softirqs last  enabled at (876): [<ffffffff811709ab>] __irq_exit_rcu+0x11b/0x180
[  127.721061] softirqs last disabled at (867): [<ffffffff811709ab>] __irq_exit_rcu+0x11b/0x180
[  127.722204] ---[ end trace 0000000000000000 ]---
12:59:50 executing program 6:
prctl$PR_GET_TSC(0x19, &(0x7f0000000140))
prctl$PR_GET_TSC(0x19, &(0x7f0000000180))

[  128.372575] syz-executor.0 (297) used greatest stack depth: 24504 bytes left
[  130.829202] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  130.829947] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  130.830756] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  130.834745] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  130.835830] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  130.836537] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  130.838505] Bluetooth: hci1: HCI_REQ-0x0c1a
[  130.969882] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  130.969917] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  130.973397] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  130.973915] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  130.974916] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  130.975614] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  130.976500] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  130.977183] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  130.978107] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  130.984422] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  130.992079] Bluetooth: hci6: HCI_REQ-0x0c1a
[  130.996591] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  131.003071] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  131.018748] Bluetooth: hci7: HCI_REQ-0x0c1a
[  132.811253] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  132.875228] Bluetooth: hci1: command 0x0409 tx timeout
[  132.939222] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  133.004470] Bluetooth: hci6: command 0x0409 tx timeout
[  133.067282] Bluetooth: hci7: command 0x0409 tx timeout
[  134.923217] Bluetooth: hci1: command 0x041b tx timeout
[  135.052383] Bluetooth: hci6: command 0x041b tx timeout
[  135.070014] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  135.072458] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  135.073920] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  135.076639] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  135.078098] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  135.079014] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  135.081328] Bluetooth: hci0: HCI_REQ-0x0c1a
[  135.115220] Bluetooth: hci7: command 0x041b tx timeout
[  136.971336] Bluetooth: hci1: command 0x040f tx timeout
[  137.099296] Bluetooth: hci0: command 0x0409 tx timeout
[  137.099820] Bluetooth: hci6: command 0x040f tx timeout
[  137.163234] Bluetooth: hci7: command 0x040f tx timeout
[  137.227223] Bluetooth: hci2: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
12:59:50  Registers:
info registers vcpu 0
RAX=0000000000000033 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1c91 RDI=ffffffff87645ba0 RBP=ffffffff87645b60 RSP=ffff88803f6bf698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000033 R11=0000000000000001
R12=0000000000000033 R13=ffffffff87645b60 R14=0000000000000010 R15=ffffffff822b1c80
RIP=ffffffff822b1ce9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fbe4f007700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb10e179de0 CR3=000000000f6c2000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fbe51b787c0 00007fbe51b787c8
YMM02=0000000000000000 0000000000000000 00007fbe51b787e0 00007fbe51b787c0
YMM03=0000000000000000 0000000000000000 00007fbe51b787c8 00007fbe51b787c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffffffff85453040 RCX=0000000000000000 RDX=ffff88801d245040
RSI=0000000000000000 RDI=ffffffff85453040 RBP=0000000000000000 RSP=ffff88801d8bf5e8
R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffffffff84270712 R13=ffff888007c4edc8 R14=ffff888007c4ed80 R15=0000000000000002
RIP=ffffffff8130d3de RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb14b6b74a1 CR3=0000000020568000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 00362e6f732e6362 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 ffff0000000000ff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000