Warning: Permanently added '[localhost]:29787' (ECDSA) to the list of known hosts.
2022/09/23 12:16:30 fuzzer started
2022/09/23 12:16:31 dialing manager at localhost:38881
syzkaller login: [   36.252172] cgroup: Unknown subsys name 'net'
[   36.373251] cgroup: Unknown subsys name 'rlimit'
2022/09/23 12:16:46 syscalls: 2215
2022/09/23 12:16:46 code coverage: enabled
2022/09/23 12:16:46 comparison tracing: enabled
2022/09/23 12:16:46 extra coverage: enabled
2022/09/23 12:16:46 setuid sandbox: enabled
2022/09/23 12:16:46 namespace sandbox: enabled
2022/09/23 12:16:46 Android sandbox: enabled
2022/09/23 12:16:46 fault injection: enabled
2022/09/23 12:16:46 leak checking: enabled
2022/09/23 12:16:46 net packet injection: enabled
2022/09/23 12:16:46 net device setup: enabled
2022/09/23 12:16:46 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/23 12:16:46 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/23 12:16:46 USB emulation: enabled
2022/09/23 12:16:46 hci packet injection: enabled
2022/09/23 12:16:46 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923                                          )
2022/09/23 12:16:46 802.15.4 emulation: enabled
2022/09/23 12:16:46 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/23 12:16:46 fetching corpus: 31, signal 19875/23354 (executing program)
2022/09/23 12:16:46 fetching corpus: 72, signal 30650/35447 (executing program)
2022/09/23 12:16:46 fetching corpus: 122, signal 44379/50100 (executing program)
2022/09/23 12:16:46 fetching corpus: 172, signal 49308/56105 (executing program)
2022/09/23 12:16:46 fetching corpus: 222, signal 55953/63602 (executing program)
2022/09/23 12:16:47 fetching corpus: 272, signal 63481/71719 (executing program)
2022/09/23 12:16:47 fetching corpus: 322, signal 67202/76231 (executing program)
2022/09/23 12:16:47 fetching corpus: 372, signal 72823/82290 (executing program)
2022/09/23 12:16:47 fetching corpus: 422, signal 77395/87331 (executing program)
2022/09/23 12:16:47 fetching corpus: 472, signal 80062/90640 (executing program)
2022/09/23 12:16:47 fetching corpus: 522, signal 82451/93596 (executing program)
2022/09/23 12:16:47 fetching corpus: 572, signal 87926/99020 (executing program)
2022/09/23 12:16:47 fetching corpus: 622, signal 89949/101521 (executing program)
2022/09/23 12:16:48 fetching corpus: 672, signal 93015/104809 (executing program)
2022/09/23 12:16:48 fetching corpus: 722, signal 96000/107906 (executing program)
2022/09/23 12:16:48 fetching corpus: 772, signal 98424/110562 (executing program)
2022/09/23 12:16:48 fetching corpus: 822, signal 99318/111951 (executing program)
2022/09/23 12:16:48 fetching corpus: 872, signal 100830/113805 (executing program)
2022/09/23 12:16:48 fetching corpus: 922, signal 103905/116757 (executing program)
2022/09/23 12:16:48 fetching corpus: 972, signal 105851/118817 (executing program)
2022/09/23 12:16:49 fetching corpus: 1022, signal 107861/120858 (executing program)
2022/09/23 12:16:49 fetching corpus: 1072, signal 109779/122784 (executing program)
2022/09/23 12:16:49 fetching corpus: 1122, signal 111298/124396 (executing program)
2022/09/23 12:16:49 fetching corpus: 1172, signal 112293/125629 (executing program)
2022/09/23 12:16:49 fetching corpus: 1222, signal 113022/126658 (executing program)
2022/09/23 12:16:49 fetching corpus: 1271, signal 114530/128164 (executing program)
2022/09/23 12:16:49 fetching corpus: 1321, signal 115728/129438 (executing program)
2022/09/23 12:16:49 fetching corpus: 1371, signal 118906/131980 (executing program)
2022/09/23 12:16:50 fetching corpus: 1421, signal 120389/133335 (executing program)
2022/09/23 12:16:50 fetching corpus: 1471, signal 122351/134881 (executing program)
2022/09/23 12:16:50 fetching corpus: 1521, signal 123493/135932 (executing program)
2022/09/23 12:16:50 fetching corpus: 1571, signal 125541/137512 (executing program)
2022/09/23 12:16:50 fetching corpus: 1621, signal 126803/138574 (executing program)
2022/09/23 12:16:50 fetching corpus: 1671, signal 128329/139725 (executing program)
2022/09/23 12:16:50 fetching corpus: 1721, signal 129926/140920 (executing program)
2022/09/23 12:16:51 fetching corpus: 1771, signal 131582/142071 (executing program)
2022/09/23 12:16:51 fetching corpus: 1821, signal 132634/142858 (executing program)
2022/09/23 12:16:51 fetching corpus: 1871, signal 134094/143907 (executing program)
2022/09/23 12:16:51 fetching corpus: 1920, signal 135790/145148 (executing program)
2022/09/23 12:16:51 fetching corpus: 1970, signal 137297/146029 (executing program)
2022/09/23 12:16:51 fetching corpus: 2020, signal 137895/146521 (executing program)
2022/09/23 12:16:51 fetching corpus: 2070, signal 140019/147597 (executing program)
2022/09/23 12:16:51 fetching corpus: 2120, signal 140861/148102 (executing program)
2022/09/23 12:16:52 fetching corpus: 2170, signal 141909/148702 (executing program)
2022/09/23 12:16:52 fetching corpus: 2220, signal 143579/149515 (executing program)
2022/09/23 12:16:52 fetching corpus: 2270, signal 144647/150062 (executing program)
2022/09/23 12:16:52 fetching corpus: 2320, signal 145459/150470 (executing program)
2022/09/23 12:16:52 fetching corpus: 2370, signal 146663/151055 (executing program)
2022/09/23 12:16:52 fetching corpus: 2420, signal 148032/151609 (executing program)
2022/09/23 12:16:52 fetching corpus: 2470, signal 149186/152061 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152191 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152239 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152291 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152341 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152406 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152466 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152518 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152581 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152628 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152669 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152723 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152776 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152822 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152871 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152921 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/152968 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153022 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153088 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153154 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153201 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153257 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153314 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153365 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153399 (executing program)
2022/09/23 12:16:53 fetching corpus: 2486, signal 149456/153399 (executing program)
2022/09/23 12:16:56 starting 8 fuzzer processes
12:16:56 executing program 0:
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0xc0f85403, &(0x7f00000000c0)={{0x1}})

12:16:56 executing program 1:
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f00000013c0)={0x1050, 0x12, 0x0, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x1004, 0x1, "62f17a77b6f0960efc6ca2d062e35f53663539a38486b3feba7659b2e6f243ca00c6c606b15edd6f1c6c9a45c1ed97e74fef6e456957c9e23751c5a3d6cab6fab9c13af5e4bcb92c94d4198383f8af398c8a80713c6842dd942e0da94014c1b63fadda7346dbee82ccc588ab6cc615e0f369788faf41fcd0c29a8833a15fcd363e0bcfe3e6ecc4ebaf1759bcb59d6eeb66eca8db0d375a8566090d5b52f176133c9856aad1ecdf8c538d6b58f5c40ecd5069268b9d94c66dc63fe726a6ccbe692fb254b8fc892537b9beb7fed87300a50f9a24cf30c2e1bb3841273d1bfa1f4da68fb0d79dcb093983ac868755f00b1c0451c17319346e679ae50d9f9565e256cd154ee78549d0c0f698d8b6288c0f8b86d2b4f3a81d6ae52770debc37fe4ea401acd8d88e885390b37423c523f47d5bde908a4de64ad5a806d559537a948994257a67da52be8ab0a64c6296c5ed0020a10c7d6d7b96d4f4eb003886a3960e58b0438e05cf449fe4afc05df00107374c94a13cac508edc33ffeebd3cd5f5c3ab2f8424700cf5c512e6c75e8956554592926dbf696986ddcef8b54971df333641c036c931904bb67654a6e10ca34f323f126f049dc1a06e0559fd36f8a7022f79a511e350518a0696a14346744c8c3eeca71e8e8e7a409ab6b61ff3af912e3134089c8bcf7ffb0084f09ea22c8b0a2918b49d99d7a4f05ce282cedf4a5ef7dcf4bb4b8260cc86d54cd22323ffb0baf1b58d462567a276c6110d966237fd5d72d6c5b3af6f4e6d8c65d30fa0a5387463d875cb71f2d68b954861029a35c10c7ea0be93e5320beb891881f5687c5e21acc5bccf71a98dd747bba9b441c1d7c7a063121b83335e12a5d0618ed09b6a03e9748de9e6128b83435a5b097344e345d238125aa7ee0b2dfef89f9a347f296cdd139a9eca8dc8d6d7fd63ac6b35540d4fff54cd63a32622b271a31138cd698e6cc3cb40a8069ad3284aa462502221640672edede24a78b0223bcbe2a9a3bebde323e21da093914e5bc9312a76e8d319c37df87701757a3f2c49ce0fdba84c00199821b0779806d980668dfdf9f41e021e66b00b476ac4837cb06fed27d50e6cc52c5de1d61ff493f39c8cba49cacc6e242067e2ff21f0c8ad80d0c4953baafd038270e983df323029c4a7fb4dbc9f58c2096826a20fbee0c419f5e789f025cd2983f27f06ff677a5223fe8f94fee141777ada0bb7f7f35d973d54816b694de6532635c60e2c50c8f8cc413f4a0899b9a8eb2166c2749adf13f6ce7ece973960a1b0c99da78d38e1d604cef9edae13b301038d01781c4b53877e4ac5423122552ef00bd13adf3afa179e72db98dc6477e61c065946774b3ab7d80a0252512a58b09a132a9933d954e4212a881e7e98826813a7078ead88566042918fb4cd3d19ac56eab7e06afb570d24ff1880badb8341dacfeae208e3bc4fd50d6f0a9d44504130d5b5a9090b3289d6aea6e5cfd83ee66a3e413228aafb2a95dfd32e96560b5acc3ff6707a628b7f649fc3742769dc310c1efbb802da32b519624927d8c6c97076a602fd46001ac346e8d431e7e802c1e4ce74e0d3853dc72546218f44b8d3f604c10073596dba6fa5d4b6b968c7c0bd18dae4365d99dd2ecbdce2e5837cfc921db693599800302774f969b490a4b7006044afcfb379c2f958f937754ccfc078bed2ffab06f3930f31328b8619f8c2b8400c8f0598f1dfcb782c427602df4eec7406ed6bd2fa8e9412e17e463597fc90c3f4ba18a561d74d84bb5e0747ea769503b1729456836054c3eefdc408db8d1801234e5a078daec9b13638e6ea4948460c1a77f07cdb0c06f4375d912c014ac32f1db80021ba2e6e54b8574aa48dbb61c987dfd5c37606c55bbf56bb01af1a885343406beab98ed54e737a6bc027837452bc9594bedc5a9943175c3e45dbe52f2082ee6dc2c97dca32340faa3f54ad2f1fc6a494d46679d954df90eb5bb3ddf45ee7c02264211b3b3f6a69f16366ca422e025dc3698ec2a2d5c6299e84db3e06fa4358a31779c5491c5b835ada5dcd3bf3df4aae372dcce5f7e78d35578d473a53c98af69f638bd063b39ef4d4004be9ed061bbb5661eaab0cb8774a10bb87390ddbc86205b10e856391b015809639ad59609b47518637dc1c7da90c1bfbec7922052a8ee0aa0ade9e89302ee75d097e24d25e2d9502a44c3b8dce144b6230654d6661ef3bb793e411f68aafbb84b2e4d659b7ebd9769e4f98ddd6d5e226f6cf08d0158c5e1ad64856ea7324f91b5c70720a24ab6642c7b3d466f4354644695d443d9f9e777b2c30a7b222f982961d1505d52bf878f5535378d919df827d3b176e60f8cd3fd0900eb9270e2642660ea93354573b84efa07fda02de905b3f98d6612aba609e9b43dc041eee02644e4bb5acfd419fa3323c0b31f18c6b42dc1eb20967bf1e3374f5f12c1976d2ed2a844cfb533de3635ad331a5196c07bc95bd64c3d23d7855338fb688ee9dfac70d4da5f0a034616235d8827ecd4540b9389699f109304fc114808fd553f3f5dcdb73aa4c22b1308274b93b1129104a26aa15498ab4d7f71f74cd1d787d03d1f4994ea56b3ad133e9ca4ba5c68f3dbf47b71576d990725d4cb1c4220bf6e51ec059bcfa807a656c10be6e9a3753af7cff86335d94c0652b38140b78e90c4ddf7f8e8b7678bb2d1c798381206704444efbcd594c33bed54db2a663a70cd023bd6c3ede049f4d36bc434595ebcd10e310d65def61ec73c041f413c5eff3556d9fb8deb4eb93f7be793cf93586f4615d34dd497d6b379a6a036820fd6f3f419bccbff00c3e79aefc9484ac4e49d1bc05d286cb1ee333bc75a1057f95129c0e0bcf6d86d8ec662196a60618d5647db28c22d5051348e848434cdb277ff5dd02271f9d87738a783cb7687d8df9787663884a832315c774d61850940e441ceeaf1ee54a72930350a6702d580920d9d5efc8148c7cd25b80349cd7e4f74faf3776a5be5680656fd775d8c4e4848de0a0b502001aacd2dfffab0945161a9c0d23688296d908055830f2eefa2edd614705b7219841b0f3d8dcd9ab69d30d689317f1b4ffd3aeb130a6eba9afc451f6fb85e3a606e4630de7d4b5da94d6198eecd64134dc2b32ce616b101f2684bcc79956e88bb4e4223bf828329535f46829dc38165bdfcbfb5f83416393e2f8bc74764959201e4afa077b9e727b3b6515ba0871e0e24839947452388af7fa91a6ff70157b9f660f055c39162081344249f5da836cb5f17020bbc0452ae7e67e1733b1e76a6d6afcbc397df1385aeadc727f2692ed3676750870111bb1ba7cab6740e9365ab6da7a08d657d68d1ec661e7c0a8c873e98f21da21c3fcb496fe0dbd7ace7c7cb75ff6ed19567808c499d86413633493abdedb8e561f01b0db8cbad056ad3733b2a840ef52900d07e90d6ffbfadac50989153190555f12ae0c95331fb32e2355b1fbb7e9248bc01948f660887402f16a026660a15d8e623a21eb5245b3c63f85bd34635f906222d13c573b9034b0a6a3c70b436f98b4b4564e0fb9768990e17d6557ad2547934116b145885b6380466c178d5c29ffa6c9d52ebe81fa00881854f0b8a528f661c6f8ccec0e5695f2c5831b5744c3f0f030d59abe2d78d0e93be0a0933bee8cf35bb02e50077c8773f283372d5a09fbb32beecdde962bbc50e397c0bc4194eba3ce9153bffb417adcf8412a246153f53d796c3425de374c3d5b5595bf953523090b400171258cb358d0a49c55e66a7792922f704126d2dd8ac7bcde2e02f155cbf51a016f9bfeec455d5518fd1bd4f3a2367d3542178fd5d0c98d1e159104ebd594ae85f18d83ceeaa5c813077c1c59fc0098dd2c7bee6915b7f46a1c1333815c396c803806ef52d72ec21c963c69b7c05510cc6a349dd73a68c73c09bb3648758d5fbf211c210aa082967d38055f55ee7eebc675977f57e963ec73fcf06910d45ba36904d810e6d7c94c311beb738a6272e51f51a8d5f0ebdb5137ff7980bc1922c60b8f26565509ff97c06c8e9b71ce56ee92270c7bf2d0cc13a1812762849a25a62932f351332d31c5dffa51b6e6232ec58be466fbb18f5897a7392abe8c0c5dfaa0776fd311d0a9104706df50f66934f3277f89593d9ac33d0e981220e769caed1a4cb4a5f86f78fd3353377203707cb096add7dbe8229f14309306f22cc9305543972ad7389d44b31d40f0b2c7e88a2bad93ae07524b665c270af49573d204c532b5918e529da862d246aa6a52820d15f83a085c9d890ae16a5d868ef9c4c83f1d3b662f779d44f1dd6e9910965a239af4f340cf502df5339234222aea1607c7e126fd0b8148536653d39d4df7730e7d8ebb498cd6265d8680957b7cd6ad33ae3c5be1dd85968fa25c7b6f1235706f71d5c405b0e7378664ee6d92d62eb2e507341b8270fb383de3a1fdaa27094d6f5365ab2df4d94b81217e85234717ac1cfab19a3bfbed771373efecfd1baebde1f8b9cdf03fbd4db14aa383f46c43511962442efb10cc301dfa6b69a20dd3125798cbb17870f6db0639ba75e72316d102cf6f92ee51b8e164ca3992e6fc2fa535647a22ce771493f3da72b27513bcd3288b9dd320615f22ef03b10e746b280602740658876e19195a8691d5380035489d0f859439f5a1fadf23df863179312f42fe8134ca3bff412a62076e7385e52b09a98b81760fb9f5f6093a0e517b26eaafe5f45d156620393cbe8266061eaa31df8eb694ab9c6305e87a1dbdfe333d2bbdff1971f8b917ee5ecbac17b2b787c2d02f92f1e6105069cd039df4cce7c4ad9dab7dcb9ada5a5f25b0df9266bbfb65f1d8583ebb13cca398b33d6af9ada989913b4b5a6f2be7c8c84b72696db934d083ec87e0244548bce471b6311e653a993fab8951a9ede09843be7c92cb26a7f9b981cabf02ab9d27a1e6330b2bcd4644978db4d58d9fe110790c03635072088da0d5dce9f6df47bea43ae052026b7cf0c74f0a262c5efc2360fe9cc42f5cd4f2f31cc1bbfe80de91178dd9c9473b71b1f833bc5c702218410f0fb6e6785e4261848595ac0c03d843f447a2f7213b6e7056b73d3a89c85a20521d142fa4c54d2ab0e19a85eb6704c99c0f042dd159a1b846d8c8bff148256ee653d7a44cf7f8056adb3a7fa16f565bdf3b3946284812ab5dc522d3c1363d469c5f38bf1eb7fdcc747fd27ad71c22adc578847de05e2e09e28094a2ca923a292a1948b8e6cf5bdc38ce972d37f5c2766b25c6e27ba22aa34159b18d900b7ccf21d3df48074d181fa174c70cc2a5261d7ce5bc27bad473164c1f2cf7b4dcf61f48206c57524279633f4928efd17b17f48468f8007efe30e98559a3cc29b32cf80847bdd4bf45bd96530c7e0636f88e191dcb673ed1026f2c8bbfcd392bf45ce4cbd203c1ec5d0d738167c6abad29037c0b48a19ce2a80377c6ffa863232097cc1d67f9180bdd0f96fbf38a5d9ce9eb4a23042c899bcccb4f9eb63922f405815e502de43d2e06a13ec7cb6c01b493430491c6da091d7d273a03ec1005baa1b080bee7a9accb0e741c55e94799e37b2c3350d76d8a3b44a2adb168dce7e1f8555f6b48df8b9b8a900e9799153f3e2e9723a347d646eb23fa18dc51408fe64ee42041183d78990365fbd2d44b979de07549d2bfc7ac30ccfab5ca1e3f62e61c054cce5c7723e3b53965eea55de80b817f8ed2868a6505fbcc0b9f8ba3971bb844e03ff6d266bab2cfb4d60d39c7117270116abf79dc3af9dffd41dc5d28f41791d2d89a5e326578fc29ad"}]}, 0x1050}}, 0x40)

12:16:56 executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
pwritev(r0, &(0x7f0000000340)=[{&(0x7f0000000080)="8d2dc2b9fcac", 0x6}], 0x1, 0x0, 0x0)
fallocate(r0, 0x10, 0x0, 0x6)

12:16:56 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x4d, 0x0, &(0x7f00000002c0))

[   61.408929] audit: type=1400 audit(1663935416.363:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
12:16:56 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000fc8e0b4946704d25a0f18393550c433b010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="0300000004", 0x5, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e1f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {0x0}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {0x0}, {&(0x7f0000013f00)="2719c0d901", 0x5, 0x40000}], 0x0, &(0x7f0000014a00))

12:16:56 executing program 4:
clock_settime(0x3, 0x0)

12:16:56 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0xe57d)
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0xa, 0x7f, 0x4, 0xe0, 0x0, 0xffffffffffffff01, 0x8, 0x1e, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800, 0x4, @perf_config_ext={0x3, 0xf3}, 0x40030, 0x7, 0x7fff, 0x4, 0x0, 0x3343, 0x401, 0x0, 0x5, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r0, 0xb)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf70f0a5ea4736221, 0x80010, 0xffffffffffffffff, 0x10000000)
setsockopt$sock_timeval(r1, 0x1, 0x49, &(0x7f0000000000)={0x77359400}, 0x10)

12:16:56 executing program 7:
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000ec0), 0x40040, 0x0)

[   62.748865] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   62.751312] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   62.753827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   62.755324] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   62.758044] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   62.764779] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   62.768103] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   62.787166] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   62.795916] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   62.801441] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   62.802469] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   62.807209] Bluetooth: hci0: HCI_REQ-0x0c1a
[   62.808734] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   62.811187] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   62.823360] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   62.824817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   62.825954] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   62.828157] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   62.832527] Bluetooth: hci1: HCI_REQ-0x0c1a
[   62.832953] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   62.834567] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   62.835947] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   62.843606] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   62.845320] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   62.846810] Bluetooth: hci2: HCI_REQ-0x0c1a
[   62.847627] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   62.849654] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   62.851247] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   62.857969] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   62.860528] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   62.862740] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   62.865322] Bluetooth: hci5: HCI_REQ-0x0c1a
[   62.873691] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   62.875703] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   62.881955] Bluetooth: hci7: HCI_REQ-0x0c1a
[   62.893049] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   62.895734] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   62.897916] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   62.903611] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   62.905040] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   62.906263] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   62.906678] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   62.910808] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   62.912634] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   62.916543] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   62.921706] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   62.923011] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   62.923243] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   62.925723] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   62.933670] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   62.935203] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   62.937284] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   62.941533] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   62.943545] Bluetooth: hci3: HCI_REQ-0x0c1a
[   62.955718] Bluetooth: hci4: HCI_REQ-0x0c1a
[   62.989245] Bluetooth: hci6: HCI_REQ-0x0c1a
[   64.881039] Bluetooth: hci5: command 0x0409 tx timeout
[   64.881494] Bluetooth: hci2: command 0x0409 tx timeout
[   64.881867] Bluetooth: hci1: command 0x0409 tx timeout
[   64.882482] Bluetooth: hci0: command 0x0409 tx timeout
[   64.946438] Bluetooth: hci7: command 0x0409 tx timeout
[   65.008480] Bluetooth: hci6: command 0x0409 tx timeout
[   65.009463] Bluetooth: hci4: command 0x0409 tx timeout
[   65.009958] Bluetooth: hci3: command 0x0409 tx timeout
[   66.928521] Bluetooth: hci1: command 0x041b tx timeout
[   66.929009] Bluetooth: hci2: command 0x041b tx timeout
[   66.929442] Bluetooth: hci5: command 0x041b tx timeout
[   66.930366] Bluetooth: hci0: command 0x041b tx timeout
[   66.993494] Bluetooth: hci7: command 0x041b tx timeout
[   67.057482] Bluetooth: hci3: command 0x041b tx timeout
[   67.057914] Bluetooth: hci4: command 0x041b tx timeout
[   67.058325] Bluetooth: hci6: command 0x041b tx timeout
[   68.976468] Bluetooth: hci0: command 0x040f tx timeout
[   68.976963] Bluetooth: hci5: command 0x040f tx timeout
[   68.977413] Bluetooth: hci2: command 0x040f tx timeout
[   68.977831] Bluetooth: hci1: command 0x040f tx timeout
[   69.041464] Bluetooth: hci7: command 0x040f tx timeout
[   69.104478] Bluetooth: hci6: command 0x040f tx timeout
[   69.104983] Bluetooth: hci4: command 0x040f tx timeout
[   69.105482] Bluetooth: hci3: command 0x040f tx timeout
[   71.026120] Bluetooth: hci1: command 0x0419 tx timeout
[   71.026633] Bluetooth: hci2: command 0x0419 tx timeout
[   71.027069] Bluetooth: hci5: command 0x0419 tx timeout
[   71.027530] Bluetooth: hci0: command 0x0419 tx timeout
[   71.089485] Bluetooth: hci7: command 0x0419 tx timeout
[   71.153478] Bluetooth: hci3: command 0x0419 tx timeout
[   71.153975] Bluetooth: hci4: command 0x0419 tx timeout
[   71.154438] Bluetooth: hci6: command 0x0419 tx timeout
[  116.762530] loop5: detected capacity change from 0 to 4096
[  116.792621] Quota error (device loop5): v2_read_file_info: Free block number too big (0 >= 0).
[  116.793568] EXT4-fs warning (device loop5): ext4_enable_quotas:6818: Failed to enable quota tracking (type=1, err=-117). Please run e2fsck to fix.
[  116.807810] EXT4-fs (loop5): mount failed
[  116.829535] loop5: detected capacity change from 0 to 4096
[  116.853525] Quota error (device loop5): v2_read_file_info: Free block number too big (0 >= 0).
[  116.854246] EXT4-fs warning (device loop5): ext4_enable_quotas:6818: Failed to enable quota tracking (type=1, err=-117). Please run e2fsck to fix.
[  116.865040] EXT4-fs (loop5): mount failed
12:17:51 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000fc8e0b4946704d25a0f18393550c433b010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="0300000004", 0x5, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e1f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {0x0}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {0x0}, {&(0x7f0000013f00)="2719c0d901", 0x5, 0x40000}], 0x0, &(0x7f0000014a00))

12:17:52 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000fc8e0b4946704d25a0f18393550c433b010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="0300000004", 0x5, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e1f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {0x0}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {0x0}, {&(0x7f0000013f00)="2719c0d901", 0x5, 0x40000}], 0x0, &(0x7f0000014a00))

[  117.111784] loop5: detected capacity change from 0 to 4096
[  117.135596] Quota error (device loop5): v2_read_file_info: Free block number too big (0 >= 0).
[  117.136280] EXT4-fs warning (device loop5): ext4_enable_quotas:6818: Failed to enable quota tracking (type=1, err=-117). Please run e2fsck to fix.
[  117.146289] EXT4-fs (loop5): mount failed
12:17:52 executing program 5:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0xc, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000fc8e0b4946704d25a0f18393550c433b010040", 0x1f, 0x4e0}, {&(0x7f0000010200)="0000000000000000000000000000000000000000000000000000000020002000010000000000000000000000000000000000000004", 0x35, 0x540}, {&(0x7f0000010300)="0300000004", 0x5, 0x640}, {&(0x7f0000010400)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1000}, {&(0x7f0000012600)="ed41000000100000e1f4655fe2f4655fe2f4655f000000000000040080", 0x1d, 0x4400}, {&(0x7f0000012800)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000030", 0x3d, 0x4800}, {&(0x7f0000012a00)="8081000000180000e1f4655fe1f4655fe1f4655f00000000000001008000000010000800000000000af301000400000000000000000000000200000040", 0x3d, 0x4c00}, {0x0}, {&(0x7f0000013900)="111fc0d901000000803a0900803a09000000000006", 0x15, 0x30000}, {0x0}, {&(0x7f0000013f00)="2719c0d901", 0x5, 0x40000}], 0x0, &(0x7f0000014a00))

[  117.301798] loop5: detected capacity change from 0 to 4096
[  117.346304] Quota error (device loop5): v2_read_file_info: Free block number too big (0 >= 0).
[  117.354893] EXT4-fs warning (device loop5): ext4_enable_quotas:6818: Failed to enable quota tracking (type=1, err=-117). Please run e2fsck to fix.
[  117.363256] EXT4-fs (loop5): mount failed
12:17:52 executing program 5:
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ff2000/0xe000)=nil, 0xe003)

12:17:53 executing program 5:
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ff2000/0xe000)=nil, 0xe003)

12:17:53 executing program 5:
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ff2000/0xe000)=nil, 0xe003)

12:17:53 executing program 7:
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ff2000/0xe000)=nil, 0xe003)

12:17:53 executing program 5:
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ff2000/0xe000)=nil, 0xe003)

[  121.118193] audit: type=1400 audit(1663935476.071:7): avc:  denied  { open } for  pid=3956 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.119948] audit: type=1400 audit(1663935476.072:8): avc:  denied  { kernel } for  pid=3956 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  121.130681] ------------[ cut here ]------------
[  121.130702] 
[  121.130705] ======================================================
[  121.130709] WARNING: possible circular locking dependency detected
[  121.130713] 6.0.0-rc6-next-20220923 #1 Not tainted
[  121.130720] ------------------------------------------------------
[  121.130723] syz-executor.6/3957 is trying to acquire lock:
[  121.130729] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  121.130770] 
[  121.130770] but task is already holding lock:
[  121.130773] ffff88800edbd020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  121.130801] 
[  121.130801] which lock already depends on the new lock.
[  121.130801] 
[  121.130804] 
[  121.130804] the existing dependency chain (in reverse order) is:
[  121.130807] 
[  121.130807] -> #3 (&ctx->lock){....}-{2:2}:
[  121.130821]        _raw_spin_lock+0x2a/0x40
[  121.130840]        __perf_event_task_sched_out+0x53b/0x18d0
[  121.130853]        __schedule+0xedd/0x2470
[  121.130866]        schedule+0xda/0x1b0
[  121.130879]        futex_wait_queue+0xf5/0x1e0
[  121.130891]        futex_wait+0x28e/0x690
[  121.130901]        do_futex+0x2ff/0x380
[  121.130910]        __x64_sys_futex+0x1c6/0x4d0
[  121.130920]        do_syscall_64+0x3b/0x90
[  121.130937]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.130949] 
[  121.130949] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  121.130962]        _raw_spin_lock_nested+0x30/0x40
[  121.130980]        raw_spin_rq_lock_nested+0x1e/0x30
[  121.130994]        task_fork_fair+0x63/0x4d0
[  121.131010]        sched_cgroup_fork+0x3d0/0x540
[  121.131024]        copy_process+0x4183/0x6e20
[  121.131035]        kernel_clone+0xe7/0x890
[  121.131044]        user_mode_thread+0xad/0xf0
[  121.131054]        rest_init+0x24/0x250
[  121.131066]        arch_call_rest_init+0xf/0x14
[  121.131083]        start_kernel+0x4c1/0x4e6
[  121.131098]        secondary_startup_64_no_verify+0xe0/0xeb
[  121.131112] 
[  121.131112] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  121.131126]        _raw_spin_lock_irqsave+0x39/0x60
[  121.131144]        try_to_wake_up+0xab/0x1930
[  121.131156]        up+0x75/0xb0
[  121.131170]        __up_console_sem+0x6e/0x80
[  121.131189]        console_unlock+0x46a/0x590
[  121.131204]        vprintk_emit+0x1bd/0x560
[  121.131220]        vprintk+0x84/0xa0
[  121.131236]        _printk+0xba/0xf1
[  121.131247]        kauditd_hold_skb.cold+0x3f/0x4e
[  121.131272]        kauditd_send_queue+0x233/0x290
[  121.131287]        kauditd_thread+0x5da/0x9a0
[  121.131301]        kthread+0x2ed/0x3a0
[  121.131315]        ret_from_fork+0x22/0x30
[  121.131327] 
[  121.131327] -> #0 ((console_sem).lock){....}-{2:2}:
[  121.131341]        __lock_acquire+0x2a02/0x5e70
[  121.131357]        lock_acquire+0x1a2/0x530
[  121.131373]        _raw_spin_lock_irqsave+0x39/0x60
[  121.131391]        down_trylock+0xe/0x70
[  121.131405]        __down_trylock_console_sem+0x3b/0xd0
[  121.131421]        vprintk_emit+0x16b/0x560
[  121.131436]        vprintk+0x84/0xa0
[  121.131452]        _printk+0xba/0xf1
[  121.131462]        report_bug.cold+0x72/0xab
[  121.131478]        handle_bug+0x3c/0x70
[  121.131493]        exc_invalid_op+0x14/0x50
[  121.131510]        asm_exc_invalid_op+0x16/0x20
[  121.131521]        group_sched_out.part.0+0x2c7/0x460
[  121.131532]        ctx_sched_out+0x8f1/0xc10
[  121.131542]        __perf_event_task_sched_out+0x6d0/0x18d0
[  121.131554]        __schedule+0xedd/0x2470
[  121.131567]        schedule+0xda/0x1b0
[  121.131580]        futex_wait_queue+0xf5/0x1e0
[  121.131590]        futex_wait+0x28e/0x690
[  121.131600]        do_futex+0x2ff/0x380
[  121.131609]        __x64_sys_futex+0x1c6/0x4d0
[  121.131619]        do_syscall_64+0x3b/0x90
[  121.131635]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.131647] 
[  121.131647] other info that might help us debug this:
[  121.131647] 
[  121.131649] Chain exists of:
[  121.131649]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  121.131649] 
[  121.131664]  Possible unsafe locking scenario:
[  121.131664] 
[  121.131667]        CPU0                    CPU1
[  121.131669]        ----                    ----
[  121.131671]   lock(&ctx->lock);
[  121.131677]                                lock(&rq->__lock);
[  121.131684]                                lock(&ctx->lock);
[  121.131690]   lock((console_sem).lock);
[  121.131695] 
[  121.131695]  *** DEADLOCK ***
[  121.131695] 
[  121.131697] 2 locks held by syz-executor.6/3957:
[  121.131705]  #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  121.131733]  #1: ffff88800edbd020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  121.131761] 
[  121.131761] stack backtrace:
[  121.131764] CPU: 1 PID: 3957 Comm: syz-executor.6 Not tainted 6.0.0-rc6-next-20220923 #1
[  121.131776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  121.131785] Call Trace:
[  121.131788]  <TASK>
[  121.131792]  dump_stack_lvl+0x8b/0xb3
[  121.131810]  check_noncircular+0x263/0x2e0
[  121.131826]  ? format_decode+0x26c/0xb50
[  121.131843]  ? print_circular_bug+0x450/0x450
[  121.131859]  ? enable_ptr_key_workfn+0x20/0x20
[  121.131876]  ? format_decode+0x26c/0xb50
[  121.131892]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  121.131910]  __lock_acquire+0x2a02/0x5e70
[  121.131931]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  121.131953]  lock_acquire+0x1a2/0x530
[  121.131969]  ? down_trylock+0xe/0x70
[  121.131986]  ? lock_release+0x750/0x750
[  121.132006]  ? vprintk+0x84/0xa0
[  121.132023]  _raw_spin_lock_irqsave+0x39/0x60
[  121.132042]  ? down_trylock+0xe/0x70
[  121.132057]  down_trylock+0xe/0x70
[  121.132073]  ? vprintk+0x84/0xa0
[  121.132089]  __down_trylock_console_sem+0x3b/0xd0
[  121.132106]  vprintk_emit+0x16b/0x560
[  121.132125]  vprintk+0x84/0xa0
[  121.132142]  _printk+0xba/0xf1
[  121.132153]  ? record_print_text.cold+0x16/0x16
[  121.132168]  ? report_bug.cold+0x66/0xab
[  121.132186]  ? group_sched_out.part.0+0x2c7/0x460
[  121.132197]  report_bug.cold+0x72/0xab
[  121.132215]  handle_bug+0x3c/0x70
[  121.132232]  exc_invalid_op+0x14/0x50
[  121.132250]  asm_exc_invalid_op+0x16/0x20
[  121.132262] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  121.132276] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  121.132287] RSP: 0018:ffff88801bf7f8f8 EFLAGS: 00010006
[  121.132296] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  121.132304] RDX: ffff88803ec00000 RSI: ffffffff81564fb7 RDI: 0000000000000005
[  121.132312] RBP: ffff88803fe78000 R08: 0000000000000005 R09: 0000000000000001
[  121.132319] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800edbd000
[  121.132327] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002
[  121.132338]  ? group_sched_out.part.0+0x2c7/0x460
[  121.132351]  ? group_sched_out.part.0+0x2c7/0x460
[  121.132364]  ctx_sched_out+0x8f1/0xc10
[  121.132377]  __perf_event_task_sched_out+0x6d0/0x18d0
[  121.132392]  ? lock_is_held_type+0xd7/0x130
[  121.132406]  ? __perf_cgroup_move+0x160/0x160
[  121.132418]  ? set_next_entity+0x304/0x550
[  121.132437]  ? lock_is_held_type+0xd7/0x130
[  121.132450]  __schedule+0xedd/0x2470
[  121.132467]  ? io_schedule_timeout+0x150/0x150
[  121.132481]  ? futex_wait_setup+0x166/0x230
[  121.132496]  schedule+0xda/0x1b0
[  121.132510]  futex_wait_queue+0xf5/0x1e0
[  121.132522]  futex_wait+0x28e/0x690
[  121.132534]  ? futex_wait_setup+0x230/0x230
[  121.132547]  ? wake_up_q+0x8b/0xf0
[  121.132560]  ? do_raw_spin_unlock+0x4f/0x220
[  121.132579]  ? futex_wake+0x158/0x490
[  121.132595]  ? fd_install+0x1f9/0x640
[  121.132612]  do_futex+0x2ff/0x380
[  121.132623]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  121.132639]  __x64_sys_futex+0x1c6/0x4d0
[  121.132651]  ? __x64_sys_futex_time32+0x480/0x480
[  121.132664]  ? syscall_enter_from_user_mode+0x1d/0x50
[  121.132678]  ? syscall_enter_from_user_mode+0x1d/0x50
[  121.132692]  do_syscall_64+0x3b/0x90
[  121.132710]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.132722] RIP: 0033:0x7f2bfc3d1b19
[  121.132731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  121.132742] RSP: 002b:00007f2bf9947218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  121.132753] RAX: ffffffffffffffda RBX: 00007f2bfc4e4f68 RCX: 00007f2bfc3d1b19
[  121.132760] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2bfc4e4f68
[  121.132768] RBP: 00007f2bfc4e4f60 R08: 0000000000000000 R09: 0000000000000000
[  121.132775] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2bfc4e4f6c
[  121.132782] R13: 00007ffe394c8a7f R14: 00007f2bf9947300 R15: 0000000000022000
[  121.132795]  </TASK>
[  121.193532] WARNING: CPU: 1 PID: 3957 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  121.194223] Modules linked in:
[  121.194465] CPU: 1 PID: 3957 Comm: syz-executor.6 Not tainted 6.0.0-rc6-next-20220923 #1
[  121.195064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  121.195910] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  121.196319] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  121.197679] RSP: 0018:ffff88801bf7f8f8 EFLAGS: 00010006
[  121.198080] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  121.198611] RDX: ffff88803ec00000 RSI: ffffffff81564fb7 RDI: 0000000000000005
[  121.199145] RBP: ffff88803fe78000 R08: 0000000000000005 R09: 0000000000000001
[  121.199690] R10: 0000000000000000 R11: ffffffff865b005b R12: ffff88800edbd000
[  121.200228] R13: ffff88806cf3d140 R14: ffffffff8547d040 R15: 0000000000000002
[  121.200765] FS:  00007f2bf9947700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  121.201369] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  121.201803] CR2: 00007f424e0a0e50 CR3: 000000001d58e000 CR4: 0000000000350ee0
[  121.202331] Call Trace:
[  121.202532]  <TASK>
[  121.202704]  ctx_sched_out+0x8f1/0xc10
[  121.203003]  __perf_event_task_sched_out+0x6d0/0x18d0
[  121.203417]  ? lock_is_held_type+0xd7/0x130
[  121.203746]  ? __perf_cgroup_move+0x160/0x160
[  121.204093]  ? set_next_entity+0x304/0x550
[  121.204422]  ? lock_is_held_type+0xd7/0x130
[  121.204755]  __schedule+0xedd/0x2470
[  121.205044]  ? io_schedule_timeout+0x150/0x150
[  121.205394]  ? futex_wait_setup+0x166/0x230
[  121.205724]  schedule+0xda/0x1b0
[  121.205991]  futex_wait_queue+0xf5/0x1e0
[  121.206301]  futex_wait+0x28e/0x690
[  121.206588]  ? futex_wait_setup+0x230/0x230
[  121.206915]  ? wake_up_q+0x8b/0xf0
[  121.207191]  ? do_raw_spin_unlock+0x4f/0x220
[  121.207543]  ? futex_wake+0x158/0x490
[  121.207838]  ? fd_install+0x1f9/0x640
[  121.208137]  do_futex+0x2ff/0x380
[  121.208406]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  121.208843]  __x64_sys_futex+0x1c6/0x4d0
[  121.209152]  ? __x64_sys_futex_time32+0x480/0x480
[  121.209526]  ? syscall_enter_from_user_mode+0x1d/0x50
[  121.209913]  ? syscall_enter_from_user_mode+0x1d/0x50
[  121.210302]  do_syscall_64+0x3b/0x90
[  121.210596]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  121.210985] RIP: 0033:0x7f2bfc3d1b19
[  121.211275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  121.212644] RSP: 002b:00007f2bf9947218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  121.213207] RAX: ffffffffffffffda RBX: 00007f2bfc4e4f68 RCX: 00007f2bfc3d1b19
[  121.213737] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2bfc4e4f68
[  121.214262] RBP: 00007f2bfc4e4f60 R08: 0000000000000000 R09: 0000000000000000
[  121.214794] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2bfc4e4f6c
[  121.215342] R13: 00007ffe394c8a7f R14: 00007f2bf9947300 R15: 0000000000022000
[  121.215876]  </TASK>
[  121.216055] irq event stamp: 628
[  121.216315] hardirqs last  enabled at (627): [<ffffffff8425030d>] syscall_enter_from_user_mode+0x1d/0x50
[  121.217024] hardirqs last disabled at (628): [<ffffffff84259645>] __schedule+0x1225/0x2470
[  121.217653] softirqs last  enabled at (368): [<ffffffff8116fa8b>] __irq_exit_rcu+0x11b/0x180
[  121.218297] softirqs last disabled at (359): [<ffffffff8116fa8b>] __irq_exit_rcu+0x11b/0x180
[  121.218944] ---[ end trace 0000000000000000 ]---
[  121.226257] audit: type=1400 audit(1663935476.180:9): avc:  denied  { write } for  pid=3956 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  124.417568] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  124.419121] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  124.422599] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  124.425979] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  124.428999] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  124.430267] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  124.436681] Bluetooth: hci5: HCI_REQ-0x0c1a
[  126.448504] Bluetooth: hci5: command 0x0409 tx timeout
[  128.496446] Bluetooth: hci5: command 0x041b tx timeout
[  130.544550] Bluetooth: hci5: command 0x040f tx timeout

VM DIAGNOSIS:
12:17:56  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=ffff88806cf3d460 RCX=0000000000000000 RDX=ffff88803ec05040
RSI=ffffffff813bbc04 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88801801f948
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=ffffed100d9e7a8d R13=0000000000000001 R14=ffff88806cf3d468 R15=dffffc0000000000
RIP=ffffffff813bbc06 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555566ca400 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2bfc4de55c CR3=000000001d58e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f2bfc4b87c0 00007f2bfc4b87c8
YMM02=0000000000000000 0000000000000000 00007f2bfc4b87e0 00007f2bfc4b87c0
YMM03=0000000000000000 0000000000000000 00007f2bfc4b87c8 00007f2bfc4b87c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000062 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88801bf7f348
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000062 R11=0000000000000001
R12=0000000000000062 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0
RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f2bf9947700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f424e0a0e50 CR3=000000001d58e000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f2bfc4b87c0 00007f2bfc4b87c8
YMM02=0000000000000000 0000000000000000 00007f2bfc4b87e0 00007f2bfc4b87c0
YMM03=0000000000000000 0000000000000000 00007f2bfc4b87c8 00007f2bfc4b87c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000