
Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:62581' (ECDSA) to the list of known hosts.
2022/09/23 13:13:09 fuzzer started
2022/09/23 13:13:09 dialing manager at localhost:38881
syzkaller login: [   36.181725] cgroup: Unknown subsys name 'net'
[   36.286729] cgroup: Unknown subsys name 'rlimit'
2022/09/23 13:13:24 syscalls: 2215
2022/09/23 13:13:24 code coverage: enabled
2022/09/23 13:13:24 comparison tracing: enabled
2022/09/23 13:13:24 extra coverage: enabled
2022/09/23 13:13:24 setuid sandbox: enabled
2022/09/23 13:13:24 namespace sandbox: enabled
2022/09/23 13:13:24 Android sandbox: enabled
2022/09/23 13:13:24 fault injection: enabled
2022/09/23 13:13:24 leak checking: enabled
2022/09/23 13:13:24 net packet injection: enabled
2022/09/23 13:13:24 net device setup: enabled
2022/09/23 13:13:24 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/23 13:13:24 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/23 13:13:24 USB emulation: enabled
2022/09/23 13:13:24 hci packet injection: enabled
2022/09/23 13:13:24 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923                                          )
2022/09/23 13:13:24 802.15.4 emulation: enabled
2022/09/23 13:13:24 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/23 13:13:24 fetching corpus: 34, signal 25251/28761 (executing program)
2022/09/23 13:13:24 fetching corpus: 74, signal 36454/41381 (executing program)
2022/09/23 13:13:24 fetching corpus: 124, signal 44138/50395 (executing program)
2022/09/23 13:13:25 fetching corpus: 174, signal 53494/60844 (executing program)
2022/09/23 13:13:25 fetching corpus: 224, signal 58540/67055 (executing program)
2022/09/23 13:13:25 fetching corpus: 274, signal 66576/75971 (executing program)
2022/09/23 13:13:25 fetching corpus: 323, signal 69610/80124 (executing program)
2022/09/23 13:13:25 fetching corpus: 372, signal 73695/85191 (executing program)
2022/09/23 13:13:25 fetching corpus: 421, signal 76273/88796 (executing program)
2022/09/23 13:13:25 fetching corpus: 471, signal 79347/92817 (executing program)
2022/09/23 13:13:25 fetching corpus: 521, signal 82425/96790 (executing program)
2022/09/23 13:13:25 fetching corpus: 571, signal 85528/100667 (executing program)
2022/09/23 13:13:26 fetching corpus: 621, signal 89031/104845 (executing program)
2022/09/23 13:13:26 fetching corpus: 670, signal 94553/110706 (executing program)
2022/09/23 13:13:26 fetching corpus: 719, signal 96486/113371 (executing program)
2022/09/23 13:13:26 fetching corpus: 768, signal 99105/116605 (executing program)
2022/09/23 13:13:26 fetching corpus: 818, signal 102647/120523 (executing program)
2022/09/23 13:13:26 fetching corpus: 868, signal 106472/124691 (executing program)
2022/09/23 13:13:26 fetching corpus: 918, signal 110922/129250 (executing program)
2022/09/23 13:13:27 fetching corpus: 968, signal 113854/132473 (executing program)
2022/09/23 13:13:27 fetching corpus: 1018, signal 116457/135417 (executing program)
2022/09/23 13:13:27 fetching corpus: 1067, signal 119365/138550 (executing program)
2022/09/23 13:13:27 fetching corpus: 1117, signal 120438/140228 (executing program)
2022/09/23 13:13:27 fetching corpus: 1167, signal 122093/142329 (executing program)
2022/09/23 13:13:27 fetching corpus: 1217, signal 123498/144185 (executing program)
2022/09/23 13:13:27 fetching corpus: 1267, signal 124936/146039 (executing program)
2022/09/23 13:13:27 fetching corpus: 1317, signal 126823/148203 (executing program)
2022/09/23 13:13:28 fetching corpus: 1367, signal 127834/149722 (executing program)
2022/09/23 13:13:28 fetching corpus: 1417, signal 129674/151800 (executing program)
2022/09/23 13:13:28 fetching corpus: 1467, signal 130844/153330 (executing program)
2022/09/23 13:13:28 fetching corpus: 1517, signal 132097/154876 (executing program)
2022/09/23 13:13:28 fetching corpus: 1567, signal 133354/156432 (executing program)
2022/09/23 13:13:28 fetching corpus: 1616, signal 134430/157870 (executing program)
2022/09/23 13:13:28 fetching corpus: 1666, signal 135550/159360 (executing program)
2022/09/23 13:13:28 fetching corpus: 1716, signal 136435/160624 (executing program)
2022/09/23 13:13:29 fetching corpus: 1766, signal 138304/162502 (executing program)
2022/09/23 13:13:29 fetching corpus: 1816, signal 139609/163972 (executing program)
2022/09/23 13:13:29 fetching corpus: 1866, signal 140623/165235 (executing program)
2022/09/23 13:13:29 fetching corpus: 1916, signal 141381/166364 (executing program)
2022/09/23 13:13:29 fetching corpus: 1966, signal 141881/167236 (executing program)
2022/09/23 13:13:29 fetching corpus: 2016, signal 143250/168717 (executing program)
2022/09/23 13:13:29 fetching corpus: 2066, signal 144247/169932 (executing program)
2022/09/23 13:13:29 fetching corpus: 2116, signal 146471/171798 (executing program)
2022/09/23 13:13:30 fetching corpus: 2166, signal 147351/172887 (executing program)
2022/09/23 13:13:30 fetching corpus: 2216, signal 148312/173939 (executing program)
2022/09/23 13:13:30 fetching corpus: 2265, signal 149067/174937 (executing program)
2022/09/23 13:13:30 fetching corpus: 2314, signal 150307/176159 (executing program)
2022/09/23 13:13:30 fetching corpus: 2363, signal 151763/177446 (executing program)
2022/09/23 13:13:30 fetching corpus: 2413, signal 153376/178801 (executing program)
2022/09/23 13:13:30 fetching corpus: 2463, signal 154374/179827 (executing program)
2022/09/23 13:13:30 fetching corpus: 2513, signal 155707/180962 (executing program)
2022/09/23 13:13:31 fetching corpus: 2562, signal 156893/182057 (executing program)
2022/09/23 13:13:31 fetching corpus: 2611, signal 158229/183196 (executing program)
2022/09/23 13:13:31 fetching corpus: 2661, signal 159397/184201 (executing program)
2022/09/23 13:13:31 fetching corpus: 2710, signal 160404/185087 (executing program)
2022/09/23 13:13:31 fetching corpus: 2760, signal 161082/185856 (executing program)
2022/09/23 13:13:31 fetching corpus: 2810, signal 162289/186773 (executing program)
2022/09/23 13:13:31 fetching corpus: 2860, signal 162992/187543 (executing program)
2022/09/23 13:13:31 fetching corpus: 2910, signal 163766/188283 (executing program)
2022/09/23 13:13:31 fetching corpus: 2960, signal 164431/189000 (executing program)
2022/09/23 13:13:32 fetching corpus: 3010, signal 165308/189737 (executing program)
2022/09/23 13:13:32 fetching corpus: 3059, signal 165887/190356 (executing program)
2022/09/23 13:13:32 fetching corpus: 3109, signal 167303/191279 (executing program)
2022/09/23 13:13:32 fetching corpus: 3159, signal 168396/192002 (executing program)
2022/09/23 13:13:32 fetching corpus: 3209, signal 170568/193129 (executing program)
2022/09/23 13:13:32 fetching corpus: 3259, signal 171250/193702 (executing program)
2022/09/23 13:13:32 fetching corpus: 3309, signal 172014/194303 (executing program)
2022/09/23 13:13:33 fetching corpus: 3359, signal 173031/194947 (executing program)
2022/09/23 13:13:33 fetching corpus: 3409, signal 174081/195565 (executing program)
2022/09/23 13:13:33 fetching corpus: 3459, signal 175318/196232 (executing program)
2022/09/23 13:13:33 fetching corpus: 3509, signal 177577/197199 (executing program)
2022/09/23 13:13:33 fetching corpus: 3559, signal 178241/197633 (executing program)
2022/09/23 13:13:33 fetching corpus: 3609, signal 178984/198139 (executing program)
2022/09/23 13:13:33 fetching corpus: 3659, signal 180019/198707 (executing program)
2022/09/23 13:13:34 fetching corpus: 3709, signal 180737/199142 (executing program)
2022/09/23 13:13:34 fetching corpus: 3759, signal 181802/199656 (executing program)
2022/09/23 13:13:34 fetching corpus: 3809, signal 182646/200098 (executing program)
2022/09/23 13:13:34 fetching corpus: 3859, signal 183665/200619 (executing program)
2022/09/23 13:13:34 fetching corpus: 3909, signal 184540/201036 (executing program)
2022/09/23 13:13:34 fetching corpus: 3959, signal 185478/201435 (executing program)
2022/09/23 13:13:34 fetching corpus: 4006, signal 186425/201823 (executing program)
2022/09/23 13:13:34 fetching corpus: 4056, signal 187080/202135 (executing program)
2022/09/23 13:13:35 fetching corpus: 4106, signal 187647/202403 (executing program)
2022/09/23 13:13:35 fetching corpus: 4155, signal 188203/202677 (executing program)
2022/09/23 13:13:35 fetching corpus: 4205, signal 189037/202971 (executing program)
2022/09/23 13:13:35 fetching corpus: 4255, signal 189501/203182 (executing program)
2022/09/23 13:13:35 fetching corpus: 4305, signal 190424/203475 (executing program)
2022/09/23 13:13:35 fetching corpus: 4355, signal 191347/203735 (executing program)
2022/09/23 13:13:35 fetching corpus: 4405, signal 192087/203965 (executing program)
2022/09/23 13:13:35 fetching corpus: 4455, signal 192976/204312 (executing program)
2022/09/23 13:13:36 fetching corpus: 4505, signal 193731/204532 (executing program)
2022/09/23 13:13:36 fetching corpus: 4555, signal 194186/204694 (executing program)
2022/09/23 13:13:36 fetching corpus: 4604, signal 194868/204882 (executing program)
2022/09/23 13:13:36 fetching corpus: 4653, signal 195448/205012 (executing program)
2022/09/23 13:13:36 fetching corpus: 4703, signal 195949/205121 (executing program)
2022/09/23 13:13:36 fetching corpus: 4753, signal 196541/205231 (executing program)
2022/09/23 13:13:36 fetching corpus: 4803, signal 197655/205414 (executing program)
2022/09/23 13:13:36 fetching corpus: 4853, signal 198579/205510 (executing program)
2022/09/23 13:13:37 fetching corpus: 4903, signal 199262/205623 (executing program)
2022/09/23 13:13:37 fetching corpus: 4952, signal 199824/205662 (executing program)
2022/09/23 13:13:37 fetching corpus: 4970, signal 199978/205662 (executing program)
2022/09/23 13:13:37 fetching corpus: 4970, signal 199978/205662 (executing program)
2022/09/23 13:13:40 starting 8 fuzzer processes
13:13:40 executing program 0:
keyctl$clear(0x7, 0x0)

13:13:40 executing program 1:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_SETSEL(r0, 0x4b4c, &(0x7f00000001c0))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000002, 0x13, r2, 0x0)
fadvise64(r2, 0x0, 0x0, 0x4)
fallocate(r2, 0x0, 0x0, 0x2000008800000)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000a80)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x4b4c, &(0x7f00000001c0))
open(&(0x7f0000000040)='./file0\x00', 0x8500, 0x122)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000c00)}, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000140)="02b2dccad213e1e6cf54b7a797f8f22a47f25b7658fb110b2e76f95b0f318b8fa745e6ffba4414d29a42bfab524bc5bffb17decc4540a6f00b9772f5f9789a9525790df8d989b23530d0a1398f2ad734c7ff47961be476ffeec81efa3d3aa64b8ea329261dfc2e1047a68670f0e5950d6a5414956bddd09e101b5b66e5742fe843413e065e3b86a242b37bc58c68153a45015f6f1ea67762c302e461e0c84bbb7f8d464f5a72d9fad56dac0c5028a4012a93dbc7da640786e3c9898cdd8fe091b166bfcd66e6257abc923ceaf90e994deded3fe8a59c2105f5caf366d32170ef51299dbf441bc3cddda352a2e07375fb44e75fed8082f3e960015d9bcddb0c834feda68d113a9a9fc0d1c30153685caf43b176219b666d74e67b6192cfd8a561c6c4aadcc80ed8c469bc41b028f1db515d699e45ad3379f9b1edb8de4bb2f8615d6716297baac7e45073fcecf31e51ec78c40edd78f245bced04414f849fb961fbbe79ff2ed7c48ec1b5331f9755d7094986fc8da198ce4a12f9ddfb43e565bc4fed618da9a693d03c3e7ec4b3014dfc022103e277c1b12efb03ef8b197f3a931f6cbe238cf8a4e7639b409b4586f66da41b94eed69d52ba9fde5aa1ee774d4e626932dc3511b10ae3bc3e8688a7a83b0467dfbf92951747396735c9f47ad4552e7bdf4f8e7998a1266a360beb2ec1527390452139f9ab91ee250efcf3413e72a6b2688d8b6a4748ccc165bbf886573ccdd03bd93f32a866cd878ec246e06f31d4d7f7ec9836b7305ee0c1b9fa75cd6e4ca5cc2f107b654f15a2442cd9c8eaf581d093639fe35e0da49394c5ed66ad29bc2b863649e16c1951d0d3dd6f1048539e558ee1f059d91510a5acd84777ca01545635d2fb40e2f205bb11435023e47e4e2f85b6d1b56b688dd1a4304708a561d32dbaa6cd4f969e67af33773d4e9772751019dc6c2af7e2fe9d3c7eb6f1b401926603d90802f792b081957dd5ebd18410cd42b2ea05ae9a61254e4b878384b8a376fe9eba06afc1253f2224fab88feb7c426e3dfb19385afbb42cc13209b419568eeafdf505dc5ca30acc17d337e941e0badf9f9413f381fe9a315e2597426805827943f193f02a12554d434bd91708a28d9da1bf64ad64f80a7287d1e02d5d1f14bf9d89ba3badfa524694db6a651e97ea64104ad34942f36745259f4ec32fdce0bd13e693ccbe0e012e61a1fae9fc1662b99871e3812cea14d12646ccc08b0514762a475ecdbf9071377bb1ecd891c6fe32fde1d3044caf466b3a342b7541e8ed7432e94baf1d5546aff0e23f6a03c9ea5635519533e712639c27958e3a0f3684ed91cfb2e6e4e63fecc01e7053afc00c6631b0cc91b948e3a02dd2adf51b0a0c5be44bb950c0933e219131ec40d3a50403a7454dd6ecffa404d62647b4920c8025e5ffad47335dea4046416c9cd38614b276f599ed3ff7e3a5119dcaa48e5c74a9b63de6cd925f593c20d672e6a5d1385faf54a39ed4e751dcd6ebf3141b70814d3036d7ace6cb2ed46601a6355bd8fe634d17215b6118315d32c39dbdd9aedd0b9e0af664376801643866ddc16ae1446d497d2ddb988074bd27e8f837b7cd513cf8ca19494eb478d71707b5fd9462fc010f60ff8e2ca0522b31f17e5b2536922e437947231aeff47245031f21f6117b501415485853b0e90b9d578f69262e4f21a017bdae85b8e6410b38dee2d964c466deeaa8c7f68a92183437e871a706f5de617293bf96745a27f151b72b444a8fc32c99b722dd92386e6899d64e14015fabd1f7dcec3e9c331b4124bdba2aa3255c9210f68f46d19968f637f56e2f3a89eeba79ed2c9ec18c617bfd6f4eb55c9f2794bbeb812fb8ada5c3a45a2b891ccfd719b50465c3140975d68e7bde915edebf48496f31a79bf8f0066fb5bf8ceac2fb5853f37eff6ce4483169adde9d938e7c9fb2fe7763d29a5f89d0a845c7ec5a875fdd6e58eeeeceb70800ff01d9446bf3fc5d787e42582600a9f734131ca822998bca9bac897ee6e6079c569df20f9ba37817c289168234191294c74ffdd6cf8f37a7e2066755df4bad98408b7f89e7e8928398ea999a890d88d7f86ae8eddbefae3db8675868c20eca21107a37a639f3c03576df6edcdf955b1cc6f81431bfc2ad7849d47823422951a803d917ff5895fc662bc4fea2385bb1d05fcdf0af91b72b44f6db7586bd5986668aa42e3ba1bb9e870aa6758162ba3428f38b59c1b883724d0bac146dd93ed6b0e52ed08d1f771c668cf0646818df9b1e420eea1184c4bef691a38e91db3e31730c8946a19c39f1f2413375e212f5e6fb0d3c3a123c44b9868090d6bd0eba36fcb74e16ff4c09db027b423f3fcaa4a3fb151b725b919b2ad3095e4a702c8c014f2d90eb1a0c70b0ad25fdc4badc19aaa45a2f4ccf1b39ad6f7cf9f217e76d7fef5531304243180d64837b87db130634a5cff858d1c5dfb3accce69e1271a0143ed58dcde4efeb4fadcbe408ab94f300487c35b0cad47c6c075891cf624f25997b3dbc0a9082d4d8f5d19c85612fdf80e01129086720f8acba14b07ce5e343938fb23831b5156fa2d30ced65089ef2916fd832ab241a032d3246a01ad0a9530beb5437d5e885e51d296fe93f4ddc42d7adfefa303039f16ef853ca8d98835a0459d96db1106e16d4b485d77427fad17626e23cc3cf8f56b2de1edff402448ef35649c299da3ad0ffa507af498363d25f9027406ae6d765bfe0673f5749b4a1321ed9a779501bdae59904b1fa426033fcb70fb97aad1665c4a42b246aa8030d835782f7c3da4cbaebabe6e0cb8c77703e28351c1e8bcaa3f67bbd716955931b0733a7a83cc4c4c13d2b2a0e3fc5121a984851f136ef7e7ab5eb5a5563ef919b9056e66e454b6e4d932e916f14037c62b960ca3b93d91fb97cbafc39f264addc77c16c91b2ef4fb37b44a5ad4a05f26c1b8cf99a260da4c4ac5a3b655627166913a1e910d8e418da38a412b47dfa650470d2e4696995ab335d66fee70c81772deadb8716f988c5355799bd526cc5f4342a6326c91c42c7995bcb90fb5e3281813801cb1178648b2eddbd84946156bd79b7e6e1a384515dac1d0b521c1d23c2398244bff8ce8a5df3cc4bd1cca76f2950c0752cc4b8fd14d9d0763c9242d58192a70940555a16e7075705d7a0077c9ee9099093bd0aff1e06416c3cbc9eda47ad6df5764c1c6a94a6a571befcb034f936161d4e1904ce5fee944689747e6c51136ac5d93c0c425f2f27dbe91e103f08", 0x90a}], 0x1)

13:13:40 executing program 2:
shmget(0x1, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil)

13:13:40 executing program 3:
fstatfs(0xffffffffffffffff, 0x0)

[   66.692316] audit: type=1400 audit(1663938820.293:6): avc:  denied  { execmem } for  pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
13:13:40 executing program 4:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x46}})

13:13:40 executing program 5:
syz_emit_ethernet(0x3a, &(0x7f0000000140)={@local, @random="1b149ebfa3d3", @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @dev, {[@timestamp_addr={0x44, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)

13:13:40 executing program 7:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000080)={'sit0\x00', 0x0})

13:13:40 executing program 6:
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), 0xffffffffffffffff)

[   68.131603] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   68.133155] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   68.143947] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   68.146428] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   68.147798] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   68.149483] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   68.150835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   68.152361] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   68.153406] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   68.154525] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   68.156343] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   68.158294] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   68.161711] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   68.162809] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   68.165112] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   68.166191] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   68.167497] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   68.168707] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   68.169011] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   68.170257] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   68.171635] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   68.172361] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   68.175107] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   68.176937] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   68.178780] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   68.180205] Bluetooth: hci2: HCI_REQ-0x0c1a
[   68.185661] Bluetooth: hci1: HCI_REQ-0x0c1a
[   68.186752] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   68.192219] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   68.193747] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   68.195512] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   68.197531] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   68.199535] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   68.200837] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   68.202316] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   68.203534] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   68.206217] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   68.207950] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   68.209292] Bluetooth: hci3: HCI_REQ-0x0c1a
[   68.210294] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   68.214268] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   68.224326] Bluetooth: hci0: HCI_REQ-0x0c1a
[   68.225136] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   68.239414] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   68.242538] Bluetooth: hci5: HCI_REQ-0x0c1a
[   68.243381] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   68.244636] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   68.247203] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   68.252840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   68.252850] Bluetooth: hci6: HCI_REQ-0x0c1a
[   68.255657] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   68.261204] Bluetooth: hci7: HCI_REQ-0x0c1a
[   68.268845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   68.274150] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   68.275660] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   68.280882] Bluetooth: hci4: HCI_REQ-0x0c1a
[   70.225318] Bluetooth: hci1: command 0x0409 tx timeout
[   70.225383] Bluetooth: hci3: command 0x0409 tx timeout
[   70.289087] Bluetooth: hci6: command 0x0409 tx timeout
[   70.290127] Bluetooth: hci4: command 0x0409 tx timeout
[   70.291077] Bluetooth: hci0: command 0x0409 tx timeout
[   70.291960] Bluetooth: hci7: command 0x0409 tx timeout
[   70.292806] Bluetooth: hci5: command 0x0409 tx timeout
[   70.293700] Bluetooth: hci2: command 0x0409 tx timeout
[   72.272983] Bluetooth: hci1: command 0x041b tx timeout
[   72.274215] Bluetooth: hci3: command 0x041b tx timeout
[   72.338285] Bluetooth: hci2: command 0x041b tx timeout
[   72.338725] Bluetooth: hci5: command 0x041b tx timeout
[   72.339522] Bluetooth: hci7: command 0x041b tx timeout
[   72.339931] Bluetooth: hci0: command 0x041b tx timeout
[   72.340310] Bluetooth: hci4: command 0x041b tx timeout
[   72.340689] Bluetooth: hci6: command 0x041b tx timeout
[   74.321964] Bluetooth: hci3: command 0x040f tx timeout
[   74.322424] Bluetooth: hci1: command 0x040f tx timeout
[   74.386037] Bluetooth: hci6: command 0x040f tx timeout
[   74.386488] Bluetooth: hci4: command 0x040f tx timeout
[   74.387270] Bluetooth: hci0: command 0x040f tx timeout
[   74.387653] Bluetooth: hci7: command 0x040f tx timeout
[   74.388049] Bluetooth: hci5: command 0x040f tx timeout
[   74.388429] Bluetooth: hci2: command 0x040f tx timeout
[   76.369960] Bluetooth: hci1: command 0x0419 tx timeout
[   76.370419] Bluetooth: hci3: command 0x0419 tx timeout
[   76.433976] Bluetooth: hci2: command 0x0419 tx timeout
[   76.434383] Bluetooth: hci5: command 0x0419 tx timeout
[   76.434772] Bluetooth: hci7: command 0x0419 tx timeout
[   76.435489] Bluetooth: hci0: command 0x0419 tx timeout
[   76.435873] Bluetooth: hci4: command 0x0419 tx timeout
[   76.436269] Bluetooth: hci6: command 0x0419 tx timeout
13:14:37 executing program 6:
r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fcntl$addseals(r0, 0x40a, 0x0)

13:14:37 executing program 6:
r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fcntl$addseals(r0, 0x40a, 0x0)

13:14:37 executing program 6:
r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fcntl$addseals(r0, 0x40a, 0x0)

13:14:37 executing program 6:
r0 = memfd_create(&(0x7f0000000400)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9\xbb\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x1cD\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x91\x17\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\xa4\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=\xa1bw\xc5I\xb1\x00'/549, 0x0)
fcntl$addseals(r0, 0x40a, 0x0)

13:14:37 executing program 6:
mincore(&(0x7f0000ff9000/0x2000)=nil, 0x2000, &(0x7f0000000440)=""/155)

13:14:37 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000240)={0x5, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private0}}}, 0x108)

13:14:37 executing program 6:
r0 = io_uring_setup(0x439c, &(0x7f00000004c0))
io_uring_register$IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x0)

13:14:38 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x19, 0x1, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

[  125.954942] audit: type=1400 audit(1663938879.556:7): avc:  denied  { open } for  pid=3919 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  125.956545] audit: type=1400 audit(1663938879.556:8): avc:  denied  { kernel } for  pid=3919 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  125.962848] ------------[ cut here ]------------
[  125.962867] 
[  125.962870] ======================================================
[  125.962874] WARNING: possible circular locking dependency detected
[  125.962878] 6.0.0-rc6-next-20220923 #1 Not tainted
[  125.962884] ------------------------------------------------------
[  125.962887] syz-executor.1/3920 is trying to acquire lock:
[  125.962894] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  125.962931] 
[  125.962931] but task is already holding lock:
[  125.962934] ffff88800edc0820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  125.962963] 
[  125.962963] which lock already depends on the new lock.
[  125.962963] 
[  125.962966] 
[  125.962966] the existing dependency chain (in reverse order) is:
[  125.962969] 
[  125.962969] -> #3 (&ctx->lock){....}-{2:2}:
[  125.962982]        _raw_spin_lock+0x2a/0x40
[  125.963001]        __perf_event_task_sched_out+0x53b/0x18d0
[  125.963014]        __schedule+0xedd/0x2470
[  125.963027]        schedule+0xda/0x1b0
[  125.963039]        exit_to_user_mode_prepare+0x114/0x1a0
[  125.963051]        syscall_exit_to_user_mode+0x19/0x40
[  125.963063]        do_syscall_64+0x48/0x90
[  125.963079]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.963091] 
[  125.963091] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  125.963105]        _raw_spin_lock_nested+0x30/0x40
[  125.963122]        raw_spin_rq_lock_nested+0x1e/0x30
[  125.963136]        task_fork_fair+0x63/0x4d0
[  125.963152]        sched_cgroup_fork+0x3d0/0x540
[  125.963166]        copy_process+0x4183/0x6e20
[  125.963176]        kernel_clone+0xe7/0x890
[  125.963185]        user_mode_thread+0xad/0xf0
[  125.963195]        rest_init+0x24/0x250
[  125.963206]        arch_call_rest_init+0xf/0x14
[  125.963223]        start_kernel+0x4c1/0x4e6
[  125.963238]        secondary_startup_64_no_verify+0xe0/0xeb
[  125.963252] 
[  125.963252] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  125.963265]        _raw_spin_lock_irqsave+0x39/0x60
[  125.963283]        try_to_wake_up+0xab/0x1930
[  125.963296]        up+0x75/0xb0
[  125.963309]        __up_console_sem+0x6e/0x80
[  125.963324]        console_unlock+0x46a/0x590
[  125.963340]        vt_ioctl+0x2822/0x2ca0
[  125.963353]        tty_ioctl+0x7c4/0x1700
[  125.963365]        __x64_sys_ioctl+0x19a/0x210
[  125.963396]        do_syscall_64+0x3b/0x90
[  125.963412]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.963424] 
[  125.963424] -> #0 ((console_sem).lock){....}-{2:2}:
[  125.963437]        __lock_acquire+0x2a02/0x5e70
[  125.963454]        lock_acquire+0x1a2/0x530
[  125.963469]        _raw_spin_lock_irqsave+0x39/0x60
[  125.963487]        down_trylock+0xe/0x70
[  125.963501]        __down_trylock_console_sem+0x3b/0xd0
[  125.963517]        vprintk_emit+0x16b/0x560
[  125.963533]        vprintk+0x84/0xa0
[  125.963548]        _printk+0xba/0xf1
[  125.963558]        report_bug.cold+0x72/0xab
[  125.963574]        handle_bug+0x3c/0x70
[  125.963589]        exc_invalid_op+0x14/0x50
[  125.963605]        asm_exc_invalid_op+0x16/0x20
[  125.963617]        group_sched_out.part.0+0x2c7/0x460
[  125.963627]        ctx_sched_out+0x8f1/0xc10
[  125.963637]        __perf_event_task_sched_out+0x6d0/0x18d0
[  125.963649]        __schedule+0xedd/0x2470
[  125.963662]        schedule+0xda/0x1b0
[  125.963674]        exit_to_user_mode_prepare+0x114/0x1a0
[  125.963685]        syscall_exit_to_user_mode+0x19/0x40
[  125.963697]        do_syscall_64+0x48/0x90
[  125.963713]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.963725] 
[  125.963725] other info that might help us debug this:
[  125.963725] 
[  125.963727] Chain exists of:
[  125.963727]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  125.963727] 
[  125.963742]  Possible unsafe locking scenario:
[  125.963742] 
[  125.963744]        CPU0                    CPU1
[  125.963746]        ----                    ----
[  125.963749]   lock(&ctx->lock);
[  125.963754]                                lock(&rq->__lock);
[  125.963760]                                lock(&ctx->lock);
[  125.963766]   lock((console_sem).lock);
[  125.963772] 
[  125.963772]  *** DEADLOCK ***
[  125.963772] 
[  125.963774] 2 locks held by syz-executor.1/3920:
[  125.963781]  #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  125.963809]  #1: ffff88800edc0820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  125.963836] 
[  125.963836] stack backtrace:
[  125.963839] CPU: 1 PID: 3920 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220923 #1
[  125.963851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  125.963859] Call Trace:
[  125.963862]  <TASK>
[  125.963866]  dump_stack_lvl+0x8b/0xb3
[  125.963884]  check_noncircular+0x263/0x2e0
[  125.963900]  ? format_decode+0x26c/0xb50
[  125.963917]  ? print_circular_bug+0x450/0x450
[  125.963933]  ? enable_ptr_key_workfn+0x20/0x20
[  125.963948]  ? __lockdep_reset_lock+0x180/0x180
[  125.963965]  ? format_decode+0x26c/0xb50
[  125.963981]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  125.963998]  __lock_acquire+0x2a02/0x5e70
[  125.964020]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  125.964042]  lock_acquire+0x1a2/0x530
[  125.964058]  ? down_trylock+0xe/0x70
[  125.964074]  ? lock_release+0x750/0x750
[  125.964092]  ? find_held_lock+0x2c/0x110
[  125.964109]  ? vprintk+0x84/0xa0
[  125.964126]  _raw_spin_lock_irqsave+0x39/0x60
[  125.964145]  ? down_trylock+0xe/0x70
[  125.964160]  down_trylock+0xe/0x70
[  125.964175]  ? vprintk+0x84/0xa0
[  125.964192]  __down_trylock_console_sem+0x3b/0xd0
[  125.964209]  vprintk_emit+0x16b/0x560
[  125.964227]  vprintk+0x84/0xa0
[  125.964244]  _printk+0xba/0xf1
[  125.964255]  ? record_print_text.cold+0x16/0x16
[  125.964269]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  125.964282]  ? lock_downgrade+0x6d0/0x6d0
[  125.964299]  ? report_bug.cold+0x66/0xab
[  125.964316]  ? group_sched_out.part.0+0x2c7/0x460
[  125.964328]  report_bug.cold+0x72/0xab
[  125.964346]  handle_bug+0x3c/0x70
[  125.964363]  exc_invalid_op+0x14/0x50
[  125.964380]  asm_exc_invalid_op+0x16/0x20
[  125.964392] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  125.964406] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  125.964417] RSP: 0018:ffff8880410f7c48 EFLAGS: 00010006
[  125.964426] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  125.964434] RDX: ffff888018989ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005
[  125.964441] RBP: ffff88803f478000 R08: 0000000000000005 R09: 0000000000000001
[  125.964449] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800edc0800
[  125.964456] R13: ffff88806cf3d140 R14: ffffffff8547c9a0 R15: 0000000000000002
[  125.964467]  ? group_sched_out.part.0+0x2c7/0x460
[  125.964480]  ? group_sched_out.part.0+0x2c7/0x460
[  125.964493]  ctx_sched_out+0x8f1/0xc10
[  125.964506]  __perf_event_task_sched_out+0x6d0/0x18d0
[  125.964521]  ? lock_is_held_type+0xd7/0x130
[  125.964534]  ? __perf_cgroup_move+0x160/0x160
[  125.964546]  ? set_next_entity+0x304/0x550
[  125.964563]  ? update_curr+0x267/0x740
[  125.964581]  ? lock_is_held_type+0xd7/0x130
[  125.964594]  __schedule+0xedd/0x2470
[  125.964611]  ? io_schedule_timeout+0x150/0x150
[  125.964627]  ? __x64_sys_futex_time32+0x480/0x480
[  125.964640]  schedule+0xda/0x1b0
[  125.964654]  exit_to_user_mode_prepare+0x114/0x1a0
[  125.964666]  syscall_exit_to_user_mode+0x19/0x40
[  125.964679]  do_syscall_64+0x48/0x90
[  125.964696]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  125.964709] RIP: 0033:0x7f8868b30b19
[  125.964717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  125.964728] RSP: 002b:00007f88660a6218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  125.964739] RAX: 0000000000000001 RBX: 00007f8868c43f68 RCX: 00007f8868b30b19
[  125.964746] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8868c43f6c
[  125.964753] RBP: 00007f8868c43f60 R08: 000000000000000e R09: 0000000000000000
[  125.964760] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f8868c43f6c
[  125.964767] R13: 00007ffecd03cfff R14: 00007f88660a6300 R15: 0000000000022000
[  125.964780]  </TASK>
[  126.020257] WARNING: CPU: 1 PID: 3920 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  126.020895] Modules linked in:
[  126.021125] CPU: 1 PID: 3920 Comm: syz-executor.1 Not tainted 6.0.0-rc6-next-20220923 #1
[  126.021685] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  126.022461] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  126.022841] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  126.024098] RSP: 0018:ffff8880410f7c48 EFLAGS: 00010006
[  126.024469] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  126.024963] RDX: ffff888018989ac0 RSI: ffffffff81564fb7 RDI: 0000000000000005
[  126.025465] RBP: ffff88803f478000 R08: 0000000000000005 R09: 0000000000000001
[  126.025960] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800edc0800
[  126.026455] R13: ffff88806cf3d140 R14: ffffffff8547c9a0 R15: 0000000000000002
[  126.026954] FS:  00007f88660a6700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  126.027514] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  126.027923] CR2: 00007ff9be4b0028 CR3: 000000001834c000 CR4: 0000000000350ee0
[  126.028417] Call Trace:
[  126.028601]  <TASK>
[  126.028764]  ctx_sched_out+0x8f1/0xc10
[  126.029050]  __perf_event_task_sched_out+0x6d0/0x18d0
[  126.029421]  ? lock_is_held_type+0xd7/0x130
[  126.029738]  ? __perf_cgroup_move+0x160/0x160
[  126.030065]  ? set_next_entity+0x304/0x550
[  126.030376]  ? update_curr+0x267/0x740
[  126.030659]  ? lock_is_held_type+0xd7/0x130
[  126.030969]  __schedule+0xedd/0x2470
[  126.031242]  ? io_schedule_timeout+0x150/0x150
[  126.031587]  ? __x64_sys_futex_time32+0x480/0x480
[  126.031930]  schedule+0xda/0x1b0
[  126.032182]  exit_to_user_mode_prepare+0x114/0x1a0
[  126.032528]  syscall_exit_to_user_mode+0x19/0x40
[  126.032866]  do_syscall_64+0x48/0x90
[  126.033143]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.033507] RIP: 0033:0x7f8868b30b19
[  126.033769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  126.035015] RSP: 002b:00007f88660a6218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.035576] RAX: 0000000000000001 RBX: 00007f8868c43f68 RCX: 00007f8868b30b19
[  126.036104] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8868c43f6c
[  126.036629] RBP: 00007f8868c43f60 R08: 000000000000000e R09: 0000000000000000
[  126.037152] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f8868c43f6c
[  126.037684] R13: 00007ffecd03cfff R14: 00007f88660a6300 R15: 0000000000022000
[  126.038219]  </TASK>
[  126.038396] irq event stamp: 2704
[  126.038654] hardirqs last  enabled at (2703): [<ffffffff8133e999>] exit_to_user_mode_prepare+0x109/0x1a0
[  126.039358] hardirqs last disabled at (2704): [<ffffffff84259645>] __schedule+0x1225/0x2470
[  126.039991] softirqs last  enabled at (2118): [<ffffffff8116fa8b>] __irq_exit_rcu+0x11b/0x180
[  126.040634] softirqs last disabled at (2091): [<ffffffff8116fa8b>] __irq_exit_rcu+0x11b/0x180
[  126.041264] ---[ end trace 0000000000000000 ]---
[  131.473068] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  133.662206] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  133.663589] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  133.665524] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  133.668749] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  133.670832] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  133.673473] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  133.677067] Bluetooth: hci2: HCI_REQ-0x0c1a
[  135.696937] Bluetooth: hci2: command 0x0409 tx timeout

VM DIAGNOSIS:
13:14:39  Registers:
info registers vcpu 0
RAX=dffffc0000000000 RBX=ffffffff81359dc0 RCX=0000000000000000 RDX=1ffff110030bdf24
RSI=ffffffff817bbb19 RDI=ffff8880185ef990 RBP=ffff8880185ef960 RSP=ffff8880185ef8b8
R8 =ffffffff85e7d4e0 R9 =ffffffff85e7d4e4 R10=ffffed10030bdf26 R11=ffff8880185ef908
R12=ffff8880185ef990 R13=0000000000000000 R14=ffff88801003d040 R15=ffff888009818000
RIP=ffffffff81359dcb RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f91df3bc8c0 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f9a36faf4a1 CR3=0000000008f62000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 000000000000002f 002f2e2e2f002e2e
YMM01=0000000000000000 0000000000000000 0000000000000000 696c61766e49002f
YMM02=0000000000000000 0000000000000000 ffffffffffffff0f 0e0d0c0b0a090807
YMM03=0000000000000000 0000000000000000 0000000000000000 6c6175747269762f
YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
YMM05=0000000000000000 0000000000000000 000055cd626cd120 000055cd626cd100
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000400000003
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 2f63697361622f63 72732f2e2e000d0a
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff8880410f7698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001
R12=0000000000000020 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0
RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f88660a6700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff9be4b0028 CR3=000000001834c000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM01=0000000000000000 0000000000000000 2525252525252525 2525252525252525
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000