Warning: Permanently added '[localhost]:34437' (ECDSA) to the list of known hosts.
2022/09/12 18:53:07 fuzzer started
2022/09/12 18:53:07 dialing manager at localhost:38027
syzkaller login: [   43.881573] cgroup: Unknown subsys name 'net'
[   43.973350] cgroup: Unknown subsys name 'rlimit'
2022/09/12 18:53:22 syscalls: 2215
2022/09/12 18:53:22 code coverage: enabled
2022/09/12 18:53:22 comparison tracing: enabled
2022/09/12 18:53:22 extra coverage: enabled
2022/09/12 18:53:22 setuid sandbox: enabled
2022/09/12 18:53:22 namespace sandbox: enabled
2022/09/12 18:53:22 Android sandbox: enabled
2022/09/12 18:53:22 fault injection: enabled
2022/09/12 18:53:22 leak checking: enabled
2022/09/12 18:53:22 net packet injection: enabled
2022/09/12 18:53:22 net device setup: enabled
2022/09/12 18:53:22 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/12 18:53:22 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/12 18:53:22 USB emulation: enabled
2022/09/12 18:53:22 hci packet injection: enabled
2022/09/12 18:53:22 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912                                          )
2022/09/12 18:53:22 802.15.4 emulation: enabled
2022/09/12 18:53:22 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/12 18:53:22 fetching corpus: 50, signal 28310/31904 (executing program)
2022/09/12 18:53:22 fetching corpus: 100, signal 41631/46771 (executing program)
2022/09/12 18:53:22 fetching corpus: 150, signal 49364/56017 (executing program)
2022/09/12 18:53:22 fetching corpus: 200, signal 60543/68433 (executing program)
2022/09/12 18:53:23 fetching corpus: 250, signal 67523/76693 (executing program)
2022/09/12 18:53:23 fetching corpus: 300, signal 73282/83685 (executing program)
2022/09/12 18:53:23 fetching corpus: 350, signal 78879/90428 (executing program)
2022/09/12 18:53:23 fetching corpus: 400, signal 84500/97082 (executing program)
2022/09/12 18:53:23 fetching corpus: 450, signal 88218/101892 (executing program)
2022/09/12 18:53:23 fetching corpus: 500, signal 91848/106625 (executing program)
2022/09/12 18:53:23 fetching corpus: 550, signal 97012/112694 (executing program)
2022/09/12 18:53:24 fetching corpus: 600, signal 100217/116867 (executing program)
2022/09/12 18:53:24 fetching corpus: 650, signal 103093/120778 (executing program)
2022/09/12 18:53:24 fetching corpus: 700, signal 105595/124305 (executing program)
2022/09/12 18:53:24 fetching corpus: 750, signal 108784/128398 (executing program)
2022/09/12 18:53:24 fetching corpus: 800, signal 112239/132699 (executing program)
2022/09/12 18:53:24 fetching corpus: 850, signal 113983/135427 (executing program)
2022/09/12 18:53:25 fetching corpus: 900, signal 117348/139557 (executing program)
2022/09/12 18:53:25 fetching corpus: 950, signal 120401/143309 (executing program)
2022/09/12 18:53:25 fetching corpus: 1000, signal 123552/147148 (executing program)
2022/09/12 18:53:25 fetching corpus: 1050, signal 125536/149940 (executing program)
2022/09/12 18:53:25 fetching corpus: 1100, signal 127934/153089 (executing program)
2022/09/12 18:53:25 fetching corpus: 1150, signal 130193/156059 (executing program)
2022/09/12 18:53:25 fetching corpus: 1200, signal 134166/160354 (executing program)
2022/09/12 18:53:26 fetching corpus: 1250, signal 135624/162642 (executing program)
2022/09/12 18:53:26 fetching corpus: 1300, signal 138733/166181 (executing program)
2022/09/12 18:53:26 fetching corpus: 1350, signal 140880/168886 (executing program)
2022/09/12 18:53:26 fetching corpus: 1400, signal 142636/171293 (executing program)
2022/09/12 18:53:26 fetching corpus: 1450, signal 145090/174178 (executing program)
2022/09/12 18:53:26 fetching corpus: 1500, signal 147032/176647 (executing program)
2022/09/12 18:53:27 fetching corpus: 1550, signal 148355/178627 (executing program)
2022/09/12 18:53:27 fetching corpus: 1600, signal 150736/181375 (executing program)
2022/09/12 18:53:27 fetching corpus: 1650, signal 153184/184265 (executing program)
2022/09/12 18:53:27 fetching corpus: 1700, signal 154731/186310 (executing program)
2022/09/12 18:53:27 fetching corpus: 1750, signal 156384/188444 (executing program)
2022/09/12 18:53:27 fetching corpus: 1800, signal 157415/190102 (executing program)
2022/09/12 18:53:27 fetching corpus: 1850, signal 159064/192243 (executing program)
2022/09/12 18:53:28 fetching corpus: 1900, signal 160464/194129 (executing program)
2022/09/12 18:53:28 fetching corpus: 1950, signal 161643/195798 (executing program)
2022/09/12 18:53:28 fetching corpus: 2000, signal 163288/197765 (executing program)
2022/09/12 18:53:28 fetching corpus: 2050, signal 165583/200251 (executing program)
2022/09/12 18:53:28 fetching corpus: 2100, signal 167032/202135 (executing program)
2022/09/12 18:53:28 fetching corpus: 2150, signal 168188/203793 (executing program)
2022/09/12 18:53:28 fetching corpus: 2200, signal 169337/205399 (executing program)
2022/09/12 18:53:28 fetching corpus: 2250, signal 170735/207113 (executing program)
2022/09/12 18:53:29 fetching corpus: 2300, signal 172433/209014 (executing program)
2022/09/12 18:53:29 fetching corpus: 2350, signal 173835/210731 (executing program)
2022/09/12 18:53:29 fetching corpus: 2400, signal 174778/212116 (executing program)
2022/09/12 18:53:29 fetching corpus: 2450, signal 175755/213537 (executing program)
2022/09/12 18:53:29 fetching corpus: 2500, signal 176638/214868 (executing program)
2022/09/12 18:53:29 fetching corpus: 2550, signal 177603/216212 (executing program)
2022/09/12 18:53:29 fetching corpus: 2600, signal 178794/217696 (executing program)
2022/09/12 18:53:30 fetching corpus: 2650, signal 179437/218843 (executing program)
2022/09/12 18:53:30 fetching corpus: 2700, signal 180171/220022 (executing program)
2022/09/12 18:53:30 fetching corpus: 2750, signal 181338/221510 (executing program)
2022/09/12 18:53:30 fetching corpus: 2800, signal 183070/223245 (executing program)
2022/09/12 18:53:30 fetching corpus: 2850, signal 184242/224644 (executing program)
2022/09/12 18:53:30 fetching corpus: 2900, signal 185109/225851 (executing program)
2022/09/12 18:53:30 fetching corpus: 2950, signal 185990/227048 (executing program)
2022/09/12 18:53:31 fetching corpus: 3000, signal 186896/228247 (executing program)
2022/09/12 18:53:31 fetching corpus: 3050, signal 187756/229400 (executing program)
2022/09/12 18:53:31 fetching corpus: 3100, signal 188445/230481 (executing program)
2022/09/12 18:53:31 fetching corpus: 3150, signal 189464/231777 (executing program)
2022/09/12 18:53:31 fetching corpus: 3200, signal 190399/232958 (executing program)
2022/09/12 18:53:31 fetching corpus: 3250, signal 191090/234007 (executing program)
2022/09/12 18:53:31 fetching corpus: 3300, signal 191961/235096 (executing program)
2022/09/12 18:53:32 fetching corpus: 3350, signal 192819/236245 (executing program)
2022/09/12 18:53:32 fetching corpus: 3400, signal 193626/237302 (executing program)
2022/09/12 18:53:32 fetching corpus: 3450, signal 195076/238680 (executing program)
2022/09/12 18:53:32 fetching corpus: 3500, signal 196139/239803 (executing program)
2022/09/12 18:53:32 fetching corpus: 3550, signal 197617/241136 (executing program)
2022/09/12 18:53:32 fetching corpus: 3600, signal 198800/242347 (executing program)
2022/09/12 18:53:32 fetching corpus: 3650, signal 200042/243543 (executing program)
2022/09/12 18:53:32 fetching corpus: 3700, signal 201224/244668 (executing program)
2022/09/12 18:53:33 fetching corpus: 3750, signal 202103/245699 (executing program)
2022/09/12 18:53:33 fetching corpus: 3800, signal 202757/246580 (executing program)
2022/09/12 18:53:33 fetching corpus: 3850, signal 204144/247738 (executing program)
2022/09/12 18:53:33 fetching corpus: 3900, signal 204764/248525 (executing program)
2022/09/12 18:53:33 fetching corpus: 3950, signal 206194/249788 (executing program)
2022/09/12 18:53:33 fetching corpus: 4000, signal 207016/250669 (executing program)
2022/09/12 18:53:33 fetching corpus: 4050, signal 207519/251450 (executing program)
2022/09/12 18:53:34 fetching corpus: 4100, signal 208377/252346 (executing program)
2022/09/12 18:53:34 fetching corpus: 4150, signal 209065/253159 (executing program)
2022/09/12 18:53:34 fetching corpus: 4200, signal 209811/253974 (executing program)
2022/09/12 18:53:34 fetching corpus: 4250, signal 210701/254863 (executing program)
2022/09/12 18:53:34 fetching corpus: 4300, signal 212166/255949 (executing program)
2022/09/12 18:53:34 fetching corpus: 4350, signal 212740/256695 (executing program)
2022/09/12 18:53:34 fetching corpus: 4400, signal 213688/257547 (executing program)
2022/09/12 18:53:35 fetching corpus: 4450, signal 214748/258419 (executing program)
2022/09/12 18:53:35 fetching corpus: 4500, signal 215463/259180 (executing program)
2022/09/12 18:53:35 fetching corpus: 4550, signal 216306/259951 (executing program)
2022/09/12 18:53:35 fetching corpus: 4600, signal 217096/260691 (executing program)
2022/09/12 18:53:35 fetching corpus: 4650, signal 217588/261308 (executing program)
2022/09/12 18:53:35 fetching corpus: 4700, signal 217988/261920 (executing program)
2022/09/12 18:53:35 fetching corpus: 4750, signal 218586/262602 (executing program)
2022/09/12 18:53:36 fetching corpus: 4800, signal 219505/263332 (executing program)
2022/09/12 18:53:36 fetching corpus: 4850, signal 219984/263958 (executing program)
2022/09/12 18:53:36 fetching corpus: 4900, signal 220978/264707 (executing program)
2022/09/12 18:53:36 fetching corpus: 4950, signal 221669/265373 (executing program)
2022/09/12 18:53:36 fetching corpus: 5000, signal 222441/266044 (executing program)
2022/09/12 18:53:36 fetching corpus: 5050, signal 222940/266662 (executing program)
2022/09/12 18:53:36 fetching corpus: 5100, signal 223831/267319 (executing program)
2022/09/12 18:53:37 fetching corpus: 5150, signal 224604/267970 (executing program)
2022/09/12 18:53:37 fetching corpus: 5200, signal 224967/268495 (executing program)
2022/09/12 18:53:37 fetching corpus: 5250, signal 225436/268976 (executing program)
2022/09/12 18:53:37 fetching corpus: 5300, signal 226246/269581 (executing program)
2022/09/12 18:53:37 fetching corpus: 5350, signal 227013/270171 (executing program)
2022/09/12 18:53:37 fetching corpus: 5400, signal 228037/270755 (executing program)
2022/09/12 18:53:37 fetching corpus: 5450, signal 228571/271294 (executing program)
2022/09/12 18:53:37 fetching corpus: 5500, signal 229099/271769 (executing program)
2022/09/12 18:53:38 fetching corpus: 5550, signal 229694/272292 (executing program)
2022/09/12 18:53:38 fetching corpus: 5600, signal 230435/272841 (executing program)
2022/09/12 18:53:38 fetching corpus: 5650, signal 231079/273349 (executing program)
2022/09/12 18:53:38 fetching corpus: 5700, signal 231662/273908 (executing program)
2022/09/12 18:53:38 fetching corpus: 5750, signal 232520/274412 (executing program)
2022/09/12 18:53:38 fetching corpus: 5800, signal 233211/274913 (executing program)
2022/09/12 18:53:38 fetching corpus: 5850, signal 234044/275367 (executing program)
2022/09/12 18:53:39 fetching corpus: 5900, signal 234418/275749 (executing program)
2022/09/12 18:53:39 fetching corpus: 5950, signal 235029/276207 (executing program)
2022/09/12 18:53:39 fetching corpus: 6000, signal 235573/276606 (executing program)
2022/09/12 18:53:39 fetching corpus: 6050, signal 236175/277012 (executing program)
2022/09/12 18:53:39 fetching corpus: 6100, signal 236678/277416 (executing program)
2022/09/12 18:53:39 fetching corpus: 6150, signal 237102/277777 (executing program)
2022/09/12 18:53:39 fetching corpus: 6200, signal 237760/278201 (executing program)
2022/09/12 18:53:40 fetching corpus: 6250, signal 238347/278585 (executing program)
2022/09/12 18:53:40 fetching corpus: 6300, signal 238864/279019 (executing program)
2022/09/12 18:53:40 fetching corpus: 6350, signal 239204/279350 (executing program)
2022/09/12 18:53:40 fetching corpus: 6400, signal 239599/279707 (executing program)
2022/09/12 18:53:40 fetching corpus: 6450, signal 240129/280049 (executing program)
2022/09/12 18:53:40 fetching corpus: 6500, signal 240633/280412 (executing program)
2022/09/12 18:53:40 fetching corpus: 6550, signal 241282/280755 (executing program)
2022/09/12 18:53:40 fetching corpus: 6600, signal 241856/281057 (executing program)
2022/09/12 18:53:41 fetching corpus: 6650, signal 242522/281389 (executing program)
2022/09/12 18:53:41 fetching corpus: 6700, signal 243087/281727 (executing program)
2022/09/12 18:53:41 fetching corpus: 6750, signal 243995/282068 (executing program)
2022/09/12 18:53:41 fetching corpus: 6800, signal 244419/282375 (executing program)
2022/09/12 18:53:41 fetching corpus: 6850, signal 244823/282673 (executing program)
2022/09/12 18:53:41 fetching corpus: 6900, signal 245300/282710 (executing program)
2022/09/12 18:53:42 fetching corpus: 6950, signal 246090/282717 (executing program)
2022/09/12 18:53:42 fetching corpus: 7000, signal 246493/282720 (executing program)
2022/09/12 18:53:42 fetching corpus: 7050, signal 247148/282760 (executing program)
2022/09/12 18:53:42 fetching corpus: 7100, signal 247802/282762 (executing program)
2022/09/12 18:53:42 fetching corpus: 7150, signal 248164/282766 (executing program)
2022/09/12 18:53:42 fetching corpus: 7200, signal 248562/282802 (executing program)
2022/09/12 18:53:42 fetching corpus: 7250, signal 248956/282825 (executing program)
2022/09/12 18:53:42 fetching corpus: 7300, signal 249308/282831 (executing program)
2022/09/12 18:53:43 fetching corpus: 7350, signal 249883/282896 (executing program)
2022/09/12 18:53:43 fetching corpus: 7400, signal 250661/282926 (executing program)
2022/09/12 18:53:43 fetching corpus: 7450, signal 251239/282929 (executing program)
2022/09/12 18:53:43 fetching corpus: 7500, signal 251608/282935 (executing program)
2022/09/12 18:53:43 fetching corpus: 7550, signal 252363/282940 (executing program)
2022/09/12 18:53:43 fetching corpus: 7600, signal 252842/282951 (executing program)
2022/09/12 18:53:43 fetching corpus: 7650, signal 253309/283009 (executing program)
2022/09/12 18:53:44 fetching corpus: 7700, signal 253815/283011 (executing program)
2022/09/12 18:53:44 fetching corpus: 7750, signal 254237/283012 (executing program)
2022/09/12 18:53:44 fetching corpus: 7800, signal 254740/283017 (executing program)
2022/09/12 18:53:44 fetching corpus: 7850, signal 255267/283035 (executing program)
2022/09/12 18:53:44 fetching corpus: 7900, signal 255751/283050 (executing program)
2022/09/12 18:53:44 fetching corpus: 7950, signal 256118/283074 (executing program)
2022/09/12 18:53:44 fetching corpus: 8000, signal 257179/283094 (executing program)
2022/09/12 18:53:45 fetching corpus: 8050, signal 257790/283101 (executing program)
2022/09/12 18:53:45 fetching corpus: 8100, signal 258168/283107 (executing program)
2022/09/12 18:53:45 fetching corpus: 8150, signal 258757/283134 (executing program)
2022/09/12 18:53:45 fetching corpus: 8200, signal 259182/283164 (executing program)
2022/09/12 18:53:45 fetching corpus: 8250, signal 259817/283178 (executing program)
2022/09/12 18:53:45 fetching corpus: 8300, signal 260170/283191 (executing program)
2022/09/12 18:53:45 fetching corpus: 8350, signal 260804/283191 (executing program)
2022/09/12 18:53:45 fetching corpus: 8400, signal 261151/283205 (executing program)
2022/09/12 18:53:46 fetching corpus: 8450, signal 262235/283253 (executing program)
2022/09/12 18:53:46 fetching corpus: 8500, signal 262924/283322 (executing program)
2022/09/12 18:53:46 fetching corpus: 8550, signal 263358/283333 (executing program)
2022/09/12 18:53:46 fetching corpus: 8600, signal 264165/283551 (executing program)
2022/09/12 18:53:46 fetching corpus: 8650, signal 264488/283564 (executing program)
2022/09/12 18:53:46 fetching corpus: 8700, signal 264765/283573 (executing program)
2022/09/12 18:53:47 fetching corpus: 8750, signal 265124/283577 (executing program)
2022/09/12 18:53:47 fetching corpus: 8800, signal 265489/283607 (executing program)
2022/09/12 18:53:47 fetching corpus: 8850, signal 265994/283608 (executing program)
2022/09/12 18:53:47 fetching corpus: 8900, signal 266339/283637 (executing program)
2022/09/12 18:53:47 fetching corpus: 8950, signal 266860/283643 (executing program)
2022/09/12 18:53:47 fetching corpus: 9000, signal 267171/283646 (executing program)
2022/09/12 18:53:47 fetching corpus: 9050, signal 267779/283661 (executing program)
2022/09/12 18:53:47 fetching corpus: 9100, signal 268186/283771 (executing program)
2022/09/12 18:53:48 fetching corpus: 9150, signal 268789/283771 (executing program)
2022/09/12 18:53:48 fetching corpus: 9200, signal 269277/283771 (executing program)
2022/09/12 18:53:48 fetching corpus: 9250, signal 269671/283778 (executing program)
2022/09/12 18:53:48 fetching corpus: 9300, signal 270097/283780 (executing program)
2022/09/12 18:53:48 fetching corpus: 9350, signal 270653/283808 (executing program)
2022/09/12 18:53:48 fetching corpus: 9400, signal 270959/283825 (executing program)
2022/09/12 18:53:48 fetching corpus: 9450, signal 271449/283833 (executing program)
2022/09/12 18:53:49 fetching corpus: 9500, signal 271733/283847 (executing program)
2022/09/12 18:53:49 fetching corpus: 9550, signal 272062/283880 (executing program)
2022/09/12 18:53:49 fetching corpus: 9600, signal 272464/283911 (executing program)
2022/09/12 18:53:49 fetching corpus: 9650, signal 272804/283915 (executing program)
2022/09/12 18:53:49 fetching corpus: 9662, signal 272967/283916 (executing program)
2022/09/12 18:53:49 fetching corpus: 9662, signal 272967/283916 (executing program)
2022/09/12 18:53:52 starting 8 fuzzer processes
18:53:52 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x32, &(0x7f0000000000)={0x0, {{0x2, 0x0, @dev}}}, 0x4)

18:53:52 executing program 1:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x35, 0x0, 0x0, 0xfffffffd}, {0x6}]})
syz_open_procfs(0x0, 0x0)

18:53:52 executing program 2:
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x4, 0x0, 0xfffffeed)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, @buffer={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000001340)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0xc0}}, './file1\x00'})
ioctl$LOOP_SET_FD(r1, 0x4c00, 0xffffffffffffffff)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwritev(r3, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r2, r2, 0x0, 0x100000)

18:53:52 executing program 3:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{0x6}]})

18:53:52 executing program 4:
r0 = syz_io_uring_setup(0x4efe, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x800}, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9829fe3)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd_index}, 0x0)
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

18:53:52 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001a00010212c91e1bbeb3f02a250800ff085e762ac65f7d91053f295d4ffc20d65892ef07d227fdbe18dbfb1af3e0dd6a380e71c4fcf7eb3843a0a27d26af18e26c51db155af69e0000000000000000000000000000df63a36fd407eb99643b749f82e446ef63c21499fc9022822e14cf2dbe93dedf4e77766175ac5c31d7d34cf901e24917654cb8d3c73e60c6c12f77588b76a9611ccb029fc621b6cee12eb8459bf1b75803ac062baa94cd7dfdf5af4315b56bc0b876e61fa3a5d8f3ac20a51e8f575c1d589000"/215], 0x28}}, 0x0)
recvmmsg(r0, &(0x7f0000003980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
pwritev2(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = gettid()
rt_sigqueueinfo(r3, 0x11, &(0x7f0000000000)={0x0, 0x0, 0xfffffffe})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r1, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x3c, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x5, 0x10}}}}, [@NL80211_ATTR_FRAME={0x18, 0x33, @ctrl_frame=@bar={{}, {0x8}, @device_b, @device_b, @compressed={{0x1, 0x0, 0x1, 0x0, 0x6}, {0x2, 0x8}}}}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48a1}, 0x400c890)
sendmmsg$unix(r4, &(0x7f0000001fc0)=[{{&(0x7f0000000040)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000240)=[{&(0x7f00000000c0)="2a4999f1ced3a04d3e945455e6cab8493379abc3d5c2d89b792050158475106b14ac9b07e08fb2384b519262b6", 0x2d}, {&(0x7f0000000140)="e9", 0x1}, {0x0}], 0x3, 0xfffffffffffffffc}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}], 0x40, 0x20040401}}], 0x2, 0x0)
sendmmsg$unix(r2, &(0x7f0000001fc0)=[{{&(0x7f0000000040)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000000240)=[{&(0x7f00000000c0)="2a4999f1ced3a04d3e945455e6cab8493379abc3d5c2d89b792050158475106b14ac9b07e08fb2384b519262b6", 0x2d}, {&(0x7f0000000140)="e9", 0x1}, {0x0}], 0x3, 0xfffffffffffffffc, 0x0, 0x804}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f00)=[@rights={{0x14, 0x1, 0x1, [r4]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}], 0x38, 0x20040401}}], 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2, {0x3}}, './file1\x00'})
r5 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_buf(r5, 0x29, 0x6, 0x0, &(0x7f0000000140))
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0xffffffc4})

18:53:52 executing program 6:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f00000004c0)={{0x77359400}}, &(0x7f0000000500))

[   88.960255] audit: type=1400 audit(1663008832.617:6): avc:  denied  { execmem } for  pid=287 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
18:53:52 executing program 7:
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=<r0=>0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = openat(r2, &(0x7f0000000000)='./file0\x00', 0x200, 0xd5)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000380)=ANY=[@ANYBLOB="0100000001000017fff60000", @ANYRES32=r1, @ANYBLOB="e21067a2109b54c5cb8c607e68e95bae8b3cb791754286c3c582f338c9d4201690efa7e53cb877443a9d5441cddc1a15484946f035dea0b56a54387c20f6db0c6cf2f79734a66ebb1398721d1bcda8b9cc2677e28405616db2e0c7a209ba942d64493173971cc0856047f3d2e98bc80d6049914eb772ba9b3a0fb4a253faa05a41d52369b96486766e6397a5055b5675d7d2aa0ad2ba1c90a6c883e2674633df2a95b6205780f91859cb46dc8c2c46e0759fdcdc192ba01389545f3c1cb07b53085400ef1e852351cbd0f4b27dae3fae61b81be4ce553834e1dbb682d2fb7f423d3ddd98d25858f0b71d2831e52decac384ebd6b2bd6cd4b4482292852f055ed6839"])
syz_open_procfs(r0, &(0x7f0000000200)='net/nf_conntrack\x00')
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x20000000, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f0000000180)=0x1)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r5=>r3, {0x6}}, './file0\x00'})
write$nbd(r5, &(0x7f0000000500)=ANY=[@ANYBLOB="67446698000000000300040002000000377c4b0f5cd0f38be4578cb7f48c1670acb32fcad4df77b7ba44869bb6d0bed01461aa6c3ef14e4220ae8556ca6324b9cc28e5177d364ca5d05f300b790041ad29e6e4f3db7a265e04e34349514d90fbd3817e22cb671197bd52353ca4d8f81e839dcc45a85bd372ec263ce934ead21bca6e647ff36e8ddfaa0a2600d974300e47c6f6c960002fddd0bb84315917536d11cca15dcff8f3ed6e4e6162cb9f90a42c6a17380aa3493a42f798c943079ae949d13fe8de1507effac70cb4650c609c094504ffbc5c48dcea73605f954160e2415994111b620b1faa4b5dfe3cc86ed5f9368bd221ba2cd61d5515a4bae891607ff8010a3b42e2c56466664f7a2a68272f3b5c6958da9d6355fa41d0561a6a12aef0c1843fd575f5da8cc0b910ae09398c17c6233e35932c27e6c075e09d2d6c3f81791d549d31f1227eee354a1dd961e89875c84beba3ada801b447278e1b0de1899c57a4ecda49232bc1fec2d24f840f65c598896c66be9680dfaab1156e48fae888caaf9a9d2848c973def46dcc091d9c86dcdc3ad5fb2a744906d4bcc6b2881b05a4"], 0xe1)
r6 = getpid()
r7 = gettid()
rt_tgsigqueueinfo(r6, r7, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x8000b2d3})
ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305)

[   90.293261] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   90.295692] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   90.303668] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   90.305537] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   90.306678] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   90.307992] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   90.312821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   90.313946] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   90.315968] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   90.317251] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   90.323123] Bluetooth: hci1: HCI_REQ-0x0c1a
[   90.349797] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   90.353964] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   90.359218] Bluetooth: hci0: HCI_REQ-0x0c1a
[   90.413170] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   90.414833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   90.416982] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   90.417767] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   90.420849] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   90.423725] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   90.424709] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   90.432077] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   90.432715] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   90.435939] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   90.436659] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   90.438493] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   90.445002] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   90.447637] Bluetooth: hci7: HCI_REQ-0x0c1a
[   90.461587] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   90.463023] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   90.465145] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   90.467127] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   90.468577] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   90.477431] Bluetooth: hci3: HCI_REQ-0x0c1a
[   90.500686] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   90.500739] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   90.505801] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   90.507118] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   90.507202] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   90.520684] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   90.530530] Bluetooth: hci2: HCI_REQ-0x0c1a
[   90.568436] Bluetooth: hci6: HCI_REQ-0x0c1a
[   92.361485] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   92.362168] Bluetooth: hci1: command 0x0409 tx timeout
[   92.363728] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   92.425448] Bluetooth: hci0: command 0x0409 tx timeout
[   92.489432] Bluetooth: hci3: command 0x0409 tx timeout
[   92.490274] Bluetooth: hci7: command 0x0409 tx timeout
[   92.553394] Bluetooth: hci2: command 0x0409 tx timeout
[   92.618537] Bluetooth: hci6: command 0x0409 tx timeout
[   94.409407] Bluetooth: hci1: command 0x041b tx timeout
[   94.473418] Bluetooth: hci0: command 0x041b tx timeout
[   94.537481] Bluetooth: hci7: command 0x041b tx timeout
[   94.539699] Bluetooth: hci3: command 0x041b tx timeout
[   94.601420] Bluetooth: hci2: command 0x041b tx timeout
[   94.666233] Bluetooth: hci6: command 0x041b tx timeout
[   96.087923] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   96.088998] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   96.091238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   96.093378] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   96.096925] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   96.097862] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   96.102505] Bluetooth: hci4: HCI_REQ-0x0c1a
[   96.457358] Bluetooth: hci1: command 0x040f tx timeout
[   96.470192] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   96.471230] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   96.474756] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   96.478575] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   96.481498] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   96.482187] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   96.485352] Bluetooth: hci5: HCI_REQ-0x0c1a
[   96.521363] Bluetooth: hci0: command 0x040f tx timeout
[   96.585408] Bluetooth: hci3: command 0x040f tx timeout
[   96.585998] Bluetooth: hci7: command 0x040f tx timeout
[   96.649380] Bluetooth: hci2: command 0x040f tx timeout
[   96.713463] Bluetooth: hci6: command 0x040f tx timeout
[   98.185503] Bluetooth: hci4: command 0x0409 tx timeout
[   98.505373] Bluetooth: hci5: command 0x0409 tx timeout
[   98.505880] Bluetooth: hci1: command 0x0419 tx timeout
[   98.569370] Bluetooth: hci0: command 0x0419 tx timeout
[   98.633561] Bluetooth: hci7: command 0x0419 tx timeout
[   98.634901] Bluetooth: hci3: command 0x0419 tx timeout
[   98.697405] Bluetooth: hci2: command 0x0419 tx timeout
[   98.761359] Bluetooth: hci6: command 0x0419 tx timeout
[  100.233417] Bluetooth: hci4: command 0x041b tx timeout
[  100.553422] Bluetooth: hci5: command 0x041b tx timeout
[  102.281367] Bluetooth: hci4: command 0x040f tx timeout
[  102.601420] Bluetooth: hci5: command 0x040f tx timeout
[  104.329489] Bluetooth: hci4: command 0x0419 tx timeout
[  104.649408] Bluetooth: hci5: command 0x0419 tx timeout
18:54:50 executing program 6:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f00000004c0)={{0x77359400}}, &(0x7f0000000500))

18:54:50 executing program 6:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f00000004c0)={{0x77359400}}, &(0x7f0000000500))

18:54:50 executing program 6:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f00000004c0)={{0x77359400}}, &(0x7f0000000500))

18:54:50 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setfsuid(0x0)

[  146.977656] audit: type=1400 audit(1663008890.634:7): avc:  denied  { open } for  pid=3651 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  146.979167] audit: type=1400 audit(1663008890.635:8): avc:  denied  { kernel } for  pid=3651 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
18:54:50 executing program 6:
pselect6(0x40, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x929}, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000140)={&(0x7f0000000100)={[0xffff]}, 0x8})

18:54:50 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = mq_open(&(0x7f00000056c0)='syz1\x00', 0x0, 0x0, 0x0)
mq_notify(r0, 0x0)

[  147.221648] ------------[ cut here ]------------
[  147.221682] 
[  147.221686] ======================================================
[  147.221689] WARNING: possible circular locking dependency detected
[  147.221694] 6.0.0-rc5-next-20220912 #1 Not tainted
[  147.221701] ------------------------------------------------------
[  147.221704] syz-executor.6/3669 is trying to acquire lock:
[  147.221710] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  147.221746] 
[  147.221746] but task is already holding lock:
[  147.221749] ffff88801ae9bc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  147.221777] 
[  147.221777] which lock already depends on the new lock.
[  147.221777] 
[  147.221780] 
[  147.221780] the existing dependency chain (in reverse order) is:
[  147.221783] 
[  147.221783] -> #3 (&ctx->lock){....}-{2:2}:
[  147.221798]        _raw_spin_lock+0x2a/0x40
[  147.221814]        __perf_event_task_sched_out+0x53b/0x18d0
[  147.221827]        __schedule+0xedd/0x2470
[  147.221836]        schedule+0xda/0x1b0
[  147.221845]        exit_to_user_mode_prepare+0x114/0x1a0
[  147.221867]        syscall_exit_to_user_mode+0x19/0x40
[  147.221885]        do_syscall_64+0x48/0x90
[  147.221898]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.221915] 
[  147.221915] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  147.221929]        _raw_spin_lock_nested+0x30/0x40
[  147.221944]        raw_spin_rq_lock_nested+0x1e/0x30
[  147.221957]        task_fork_fair+0x63/0x4d0
[  147.221975]        sched_cgroup_fork+0x3d0/0x540
[  147.221989]        copy_process+0x3f9e/0x6df0
[  147.222000]        kernel_clone+0xe7/0x890
[  147.222009]        user_mode_thread+0xad/0xf0
[  147.222020]        rest_init+0x24/0x250
[  147.222036]        arch_call_rest_init+0xf/0x14
[  147.222055]        start_kernel+0x4c1/0x4e6
[  147.222072]        secondary_startup_64_no_verify+0xe0/0xeb
[  147.222087] 
[  147.222087] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  147.222101]        _raw_spin_lock_irqsave+0x39/0x60
[  147.222116]        try_to_wake_up+0xab/0x1920
[  147.222129]        up+0x75/0xb0
[  147.222141]        __up_console_sem+0x6e/0x80
[  147.222157]        console_unlock+0x46a/0x590
[  147.222173]        vprintk_emit+0x1bd/0x560
[  147.222191]        vprintk+0x84/0xa0
[  147.222207]        _printk+0xba/0xf1
[  147.222225]        kauditd_hold_skb.cold+0x3f/0x4e
[  147.222240]        kauditd_send_queue+0x233/0x290
[  147.222255]        kauditd_thread+0x5da/0x9a0
[  147.222269]        kthread+0x2ed/0x3a0
[  147.222284]        ret_from_fork+0x22/0x30
[  147.222296] 
[  147.222296] -> #0 ((console_sem).lock){....}-{2:2}:
[  147.222313]        __lock_acquire+0x2a02/0x5e70
[  147.222330]        lock_acquire+0x1a2/0x530
[  147.222346]        _raw_spin_lock_irqsave+0x39/0x60
[  147.222361]        down_trylock+0xe/0x70
[  147.222373]        __down_trylock_console_sem+0x3b/0xd0
[  147.222390]        vprintk_emit+0x16b/0x560
[  147.222406]        vprintk+0x84/0xa0
[  147.222423]        _printk+0xba/0xf1
[  147.222439]        report_bug.cold+0x72/0xab
[  147.222451]        handle_bug+0x3c/0x70
[  147.222463]        exc_invalid_op+0x14/0x50
[  147.222476]        asm_exc_invalid_op+0x16/0x20
[  147.222493]        group_sched_out.part.0+0x2c7/0x460
[  147.222503]        ctx_sched_out+0x8f1/0xc10
[  147.222513]        __perf_event_task_sched_out+0x6d0/0x18d0
[  147.222525]        __schedule+0xedd/0x2470
[  147.222534]        schedule+0xda/0x1b0
[  147.222543]        exit_to_user_mode_prepare+0x114/0x1a0
[  147.222563]        syscall_exit_to_user_mode+0x19/0x40
[  147.222579]        do_syscall_64+0x48/0x90
[  147.222592]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.222609] 
[  147.222609] other info that might help us debug this:
[  147.222609] 
[  147.222611] Chain exists of:
[  147.222611]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  147.222611] 
[  147.222626]  Possible unsafe locking scenario:
[  147.222626] 
[  147.222629]        CPU0                    CPU1
[  147.222631]        ----                    ----
[  147.222633]   lock(&ctx->lock);
[  147.222638]                                lock(&rq->__lock);
[  147.222645]                                lock(&ctx->lock);
[  147.222651]   lock((console_sem).lock);
[  147.222657] 
[  147.222657]  *** DEADLOCK ***
[  147.222657] 
[  147.222659] 2 locks held by syz-executor.6/3669:
[  147.222666]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  147.222691]  #1: ffff88801ae9bc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  147.222719] 
[  147.222719] stack backtrace:
[  147.222721] CPU: 0 PID: 3669 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220912 #1
[  147.222734] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  147.222743] Call Trace:
[  147.222746]  <TASK>
[  147.222750]  dump_stack_lvl+0x8b/0xb3
[  147.222765]  check_noncircular+0x263/0x2e0
[  147.222782]  ? format_decode+0x26c/0xb50
[  147.222797]  ? print_circular_bug+0x450/0x450
[  147.222814]  ? enable_ptr_key_workfn+0x20/0x20
[  147.222828]  ? perf_swevent_event+0x6c/0x550
[  147.222847]  ? format_decode+0x26c/0xb50
[  147.222863]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  147.222880]  __lock_acquire+0x2a02/0x5e70
[  147.222902]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  147.222925]  lock_acquire+0x1a2/0x530
[  147.222942]  ? down_trylock+0xe/0x70
[  147.222957]  ? rcu_read_unlock+0x40/0x40
[  147.222976]  ? __lock_acquire+0x164d/0x5e70
[  147.222995]  ? vprintk+0x84/0xa0
[  147.223013]  _raw_spin_lock_irqsave+0x39/0x60
[  147.223028]  ? down_trylock+0xe/0x70
[  147.223042]  down_trylock+0xe/0x70
[  147.223056]  ? vprintk+0x84/0xa0
[  147.223073]  __down_trylock_console_sem+0x3b/0xd0
[  147.223091]  vprintk_emit+0x16b/0x560
[  147.223110]  vprintk+0x84/0xa0
[  147.223128]  _printk+0xba/0xf1
[  147.223145]  ? record_print_text.cold+0x16/0x16
[  147.223167]  ? report_bug.cold+0x66/0xab
[  147.223181]  ? group_sched_out.part.0+0x2c7/0x460
[  147.223193]  report_bug.cold+0x72/0xab
[  147.223207]  handle_bug+0x3c/0x70
[  147.223221]  exc_invalid_op+0x14/0x50
[  147.223235]  asm_exc_invalid_op+0x16/0x20
[  147.223252] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  147.223265] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  147.223277] RSP: 0018:ffff888042bf7c48 EFLAGS: 00010006
[  147.223286] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  147.223301] RDX: ffff88801034b580 RSI: ffffffff81566027 RDI: 0000000000000005
[  147.223309] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  147.223316] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88801ae9bc00
[  147.223324] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  147.223335]  ? group_sched_out.part.0+0x2c7/0x460
[  147.223348]  ? group_sched_out.part.0+0x2c7/0x460
[  147.223361]  ctx_sched_out+0x8f1/0xc10
[  147.223373]  __perf_event_task_sched_out+0x6d0/0x18d0
[  147.223389]  ? lock_is_held_type+0xd7/0x130
[  147.223407]  ? __perf_cgroup_move+0x160/0x160
[  147.223419]  ? set_next_entity+0x304/0x550
[  147.223437]  ? update_curr+0x267/0x740
[  147.223456]  ? lock_is_held_type+0xd7/0x130
[  147.223474]  __schedule+0xedd/0x2470
[  147.223487]  ? io_schedule_timeout+0x150/0x150
[  147.223499]  ? trace_rcu_dyntick+0x1a7/0x250
[  147.223521]  schedule+0xda/0x1b0
[  147.223531]  exit_to_user_mode_prepare+0x114/0x1a0
[  147.223552]  syscall_exit_to_user_mode+0x19/0x40
[  147.223570]  do_syscall_64+0x48/0x90
[  147.223584]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.223601] RIP: 0033:0x7fb243087b19
[  147.223610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  147.223622] RSP: 002b:00007fb2405fd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  147.223632] RAX: 0000000000000001 RBX: 00007fb24319af68 RCX: 00007fb243087b19
[  147.223640] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb24319af6c
[  147.223648] RBP: 00007fb24319af60 R08: 000000000000000e R09: 0000000000000000
[  147.223655] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fb24319af6c
[  147.223662] R13: 00007ffd1445a2cf R14: 00007fb2405fd300 R15: 0000000000022000
[  147.223675]  </TASK>
[  147.279685] WARNING: CPU: 0 PID: 3669 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  147.280350] Modules linked in:
[  147.280587] CPU: 0 PID: 3669 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220912 #1
[  147.281164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  147.281958] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  147.282352] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  147.283652] RSP: 0018:ffff888042bf7c48 EFLAGS: 00010006
[  147.284037] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  147.284571] RDX: ffff88801034b580 RSI: ffffffff81566027 RDI: 0000000000000005
[  147.285101] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  147.285613] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88801ae9bc00
[  147.286147] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  147.286679] FS:  00007fb2405fd700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  147.287270] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  147.287696] CR2: 00007fb24319b018 CR3: 000000000e26e000 CR4: 0000000000350ef0
[  147.288203] Call Trace:
[  147.288398]  <TASK>
[  147.288577]  ctx_sched_out+0x8f1/0xc10
[  147.288875]  __perf_event_task_sched_out+0x6d0/0x18d0
[  147.289266]  ? lock_is_held_type+0xd7/0x130
[  147.289599]  ? __perf_cgroup_move+0x160/0x160
[  147.289943]  ? set_next_entity+0x304/0x550
[  147.290270]  ? update_curr+0x267/0x740
[  147.290571]  ? lock_is_held_type+0xd7/0x130
[  147.290904]  __schedule+0xedd/0x2470
[  147.291186]  ? io_schedule_timeout+0x150/0x150
[  147.291539]  ? trace_rcu_dyntick+0x1a7/0x250
[  147.291885]  schedule+0xda/0x1b0
[  147.292140]  exit_to_user_mode_prepare+0x114/0x1a0
[  147.292518]  syscall_exit_to_user_mode+0x19/0x40
[  147.292887]  do_syscall_64+0x48/0x90
[  147.293172]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.293570] RIP: 0033:0x7fb243087b19
[  147.293854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  147.295204] RSP: 002b:00007fb2405fd218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  147.295788] RAX: 0000000000000001 RBX: 00007fb24319af68 RCX: 00007fb243087b19
[  147.296314] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb24319af6c
[  147.296845] RBP: 00007fb24319af60 R08: 000000000000000e R09: 0000000000000000
[  147.297372] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fb24319af6c
[  147.297904] R13: 00007ffd1445a2cf R14: 00007fb2405fd300 R15: 0000000000022000
[  147.298433]  </TASK>
[  147.298615] irq event stamp: 350
[  147.298870] hardirqs last  enabled at (349): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  147.299580] hardirqs last disabled at (350): [<ffffffff84247a45>] __schedule+0x1225/0x2470
[  147.300199] softirqs last  enabled at (256): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  147.300843] softirqs last disabled at (189): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  147.301478] ---[ end trace 0000000000000000 ]---
18:54:51 executing program 6:
setgroups(0x2, &(0x7f0000000300)=[0x0, 0x0])
getgroups(0x2, &(0x7f0000002180)=[0x0, 0x0])

18:54:51 executing program 6:
unshare(0x20020400)
unshare(0x8000000)
unshare(0x4050400)
unshare(0x4010280)
unshare(0xa040000)
unshare(0x60000000)
unshare(0x40000)
semget$private(0x0, 0x3, 0x141)
unshare(0x10000200)
unshare(0x2010000)
unshare(0x2000000)

[  148.770495] audit: type=1326 audit(1663008892.427:9): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=3819 comm="syz-executor.3" exe="/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f20e7a3cb19 code=0x0
[  153.481433] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  153.609367] Bluetooth: hci7: Opcode 0x c03 failed: -110
[  153.609374] Bluetooth: hci3: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
18:54:51  Registers:
info registers vcpu 0
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888042bf7698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000061 R11=0000000000000001
R12=0000000000000061 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30
RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fb2405fd700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb24319b018 CR3=000000000e26e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fb24316e7c0 00007fb24316e7c8
YMM02=0000000000000000 0000000000000000 00007fb24316e7e0 00007fb24316e7c0
YMM03=0000000000000000 0000000000000000 00007fb24316e7c8 00007fb24316e7c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=dffffc0000000000 RBX=0000000000000001 RCX=0000000000000001 RDX=1ffff11008598eef
RSI=ffff888042cc7ac8 RDI=ffff888042cc7778 RBP=ffff88802017c800 RSP=ffff888042cc76a8
R8 =ffffffff85ed8a72 R9 =ffffffff85ed8a76 R10=ffffed1008598ef2 R11=ffff888042cc7768
R12=ffff888042cc7769 R13=ffff888042cc7788 R14=ffff888042cc7728 R15=0000000000000007
RIP=ffffffff8111c0a2 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fede0d84368 CR3=0000000036be0000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000