
Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:11792' (ECDSA) to the list of known hosts.
2022/09/12 19:26:59 fuzzer started
2022/09/12 19:26:59 dialing manager at localhost:38027
syzkaller login: [   37.640983] cgroup: Unknown subsys name 'net'
[   37.712825] cgroup: Unknown subsys name 'rlimit'
2022/09/12 19:27:13 syscalls: 2215
2022/09/12 19:27:13 code coverage: enabled
2022/09/12 19:27:13 comparison tracing: enabled
2022/09/12 19:27:13 extra coverage: enabled
2022/09/12 19:27:13 setuid sandbox: enabled
2022/09/12 19:27:13 namespace sandbox: enabled
2022/09/12 19:27:13 Android sandbox: enabled
2022/09/12 19:27:13 fault injection: enabled
2022/09/12 19:27:13 leak checking: enabled
2022/09/12 19:27:13 net packet injection: enabled
2022/09/12 19:27:13 net device setup: enabled
2022/09/12 19:27:13 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/12 19:27:13 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/12 19:27:13 USB emulation: enabled
2022/09/12 19:27:13 hci packet injection: enabled
2022/09/12 19:27:13 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912                                          )
2022/09/12 19:27:13 802.15.4 emulation: enabled
2022/09/12 19:27:13 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/12 19:27:13 fetching corpus: 50, signal 35472/38969 (executing program)
2022/09/12 19:27:13 fetching corpus: 100, signal 47523/52535 (executing program)
2022/09/12 19:27:14 fetching corpus: 150, signal 55175/61659 (executing program)
2022/09/12 19:27:14 fetching corpus: 200, signal 62809/70665 (executing program)
2022/09/12 19:27:14 fetching corpus: 250, signal 71871/80955 (executing program)
2022/09/12 19:27:14 fetching corpus: 300, signal 77842/88136 (executing program)
2022/09/12 19:27:14 fetching corpus: 350, signal 81260/92837 (executing program)
2022/09/12 19:27:14 fetching corpus: 400, signal 86215/98943 (executing program)
2022/09/12 19:27:14 fetching corpus: 450, signal 93271/106913 (executing program)
2022/09/12 19:27:14 fetching corpus: 500, signal 96300/111046 (executing program)
2022/09/12 19:27:15 fetching corpus: 550, signal 99821/115627 (executing program)
2022/09/12 19:27:15 fetching corpus: 600, signal 103834/120646 (executing program)
2022/09/12 19:27:15 fetching corpus: 650, signal 108360/125986 (executing program)
2022/09/12 19:27:15 fetching corpus: 700, signal 111852/130318 (executing program)
2022/09/12 19:27:15 fetching corpus: 750, signal 114602/133957 (executing program)
2022/09/12 19:27:15 fetching corpus: 800, signal 117245/137546 (executing program)
2022/09/12 19:27:16 fetching corpus: 850, signal 120364/141426 (executing program)
2022/09/12 19:27:16 fetching corpus: 900, signal 122852/144740 (executing program)
2022/09/12 19:27:16 fetching corpus: 950, signal 125285/148031 (executing program)
2022/09/12 19:27:16 fetching corpus: 1000, signal 127090/150708 (executing program)
2022/09/12 19:27:16 fetching corpus: 1050, signal 129231/153633 (executing program)
2022/09/12 19:27:16 fetching corpus: 1100, signal 131898/157002 (executing program)
2022/09/12 19:27:16 fetching corpus: 1150, signal 134795/160535 (executing program)
2022/09/12 19:27:17 fetching corpus: 1200, signal 138109/164391 (executing program)
2022/09/12 19:27:17 fetching corpus: 1250, signal 140059/167029 (executing program)
2022/09/12 19:27:17 fetching corpus: 1300, signal 143241/170687 (executing program)
2022/09/12 19:27:17 fetching corpus: 1350, signal 144801/172979 (executing program)
2022/09/12 19:27:17 fetching corpus: 1400, signal 146912/175670 (executing program)
2022/09/12 19:27:17 fetching corpus: 1450, signal 148484/177867 (executing program)
2022/09/12 19:27:18 fetching corpus: 1500, signal 149707/179783 (executing program)
2022/09/12 19:27:18 fetching corpus: 1550, signal 152207/182718 (executing program)
2022/09/12 19:27:18 fetching corpus: 1600, signal 153983/185051 (executing program)
2022/09/12 19:27:18 fetching corpus: 1650, signal 156103/187609 (executing program)
2022/09/12 19:27:18 fetching corpus: 1700, signal 158251/190215 (executing program)
2022/09/12 19:27:18 fetching corpus: 1750, signal 160173/192543 (executing program)
2022/09/12 19:27:18 fetching corpus: 1800, signal 161399/194367 (executing program)
2022/09/12 19:27:19 fetching corpus: 1850, signal 162430/196006 (executing program)
2022/09/12 19:27:19 fetching corpus: 1900, signal 163552/197727 (executing program)
2022/09/12 19:27:19 fetching corpus: 1950, signal 165359/199918 (executing program)
2022/09/12 19:27:19 fetching corpus: 2000, signal 167611/202352 (executing program)
2022/09/12 19:27:19 fetching corpus: 2050, signal 169489/204551 (executing program)
2022/09/12 19:27:19 fetching corpus: 2100, signal 170623/206220 (executing program)
2022/09/12 19:27:19 fetching corpus: 2150, signal 171537/207653 (executing program)
2022/09/12 19:27:19 fetching corpus: 2200, signal 172775/209265 (executing program)
2022/09/12 19:27:20 fetching corpus: 2250, signal 173728/210755 (executing program)
2022/09/12 19:27:20 fetching corpus: 2300, signal 174707/212208 (executing program)
2022/09/12 19:27:20 fetching corpus: 2350, signal 176143/213972 (executing program)
2022/09/12 19:27:20 fetching corpus: 2400, signal 177206/215456 (executing program)
2022/09/12 19:27:20 fetching corpus: 2450, signal 178408/217050 (executing program)
2022/09/12 19:27:20 fetching corpus: 2500, signal 179523/218574 (executing program)
2022/09/12 19:27:20 fetching corpus: 2550, signal 181170/220372 (executing program)
2022/09/12 19:27:21 fetching corpus: 2600, signal 182709/222104 (executing program)
2022/09/12 19:27:21 fetching corpus: 2650, signal 183877/223584 (executing program)
2022/09/12 19:27:21 fetching corpus: 2700, signal 184837/224903 (executing program)
2022/09/12 19:27:21 fetching corpus: 2750, signal 185694/226179 (executing program)
2022/09/12 19:27:21 fetching corpus: 2800, signal 186868/227605 (executing program)
2022/09/12 19:27:21 fetching corpus: 2850, signal 187834/228888 (executing program)
2022/09/12 19:27:21 fetching corpus: 2900, signal 188852/230159 (executing program)
2022/09/12 19:27:22 fetching corpus: 2950, signal 189770/231439 (executing program)
2022/09/12 19:27:22 fetching corpus: 3000, signal 190971/232872 (executing program)
2022/09/12 19:27:22 fetching corpus: 3050, signal 192253/234318 (executing program)
2022/09/12 19:27:22 fetching corpus: 3100, signal 192865/235322 (executing program)
2022/09/12 19:27:22 fetching corpus: 3150, signal 193868/236624 (executing program)
2022/09/12 19:27:22 fetching corpus: 3200, signal 195202/238027 (executing program)
2022/09/12 19:27:22 fetching corpus: 3250, signal 196201/239259 (executing program)
2022/09/12 19:27:22 fetching corpus: 3300, signal 196775/240196 (executing program)
2022/09/12 19:27:23 fetching corpus: 3350, signal 197665/241303 (executing program)
2022/09/12 19:27:23 fetching corpus: 3400, signal 199352/242779 (executing program)
2022/09/12 19:27:23 fetching corpus: 3450, signal 200199/243881 (executing program)
2022/09/12 19:27:23 fetching corpus: 3500, signal 201332/245120 (executing program)
2022/09/12 19:27:23 fetching corpus: 3550, signal 202432/246264 (executing program)
2022/09/12 19:27:23 fetching corpus: 3600, signal 203124/247208 (executing program)
2022/09/12 19:27:24 fetching corpus: 3650, signal 204051/248245 (executing program)
2022/09/12 19:27:24 fetching corpus: 3700, signal 204593/249132 (executing program)
2022/09/12 19:27:24 fetching corpus: 3750, signal 205151/249995 (executing program)
2022/09/12 19:27:24 fetching corpus: 3800, signal 206084/251063 (executing program)
2022/09/12 19:27:24 fetching corpus: 3850, signal 206631/251888 (executing program)
2022/09/12 19:27:24 fetching corpus: 3900, signal 207307/252834 (executing program)
2022/09/12 19:27:24 fetching corpus: 3950, signal 208207/253830 (executing program)
2022/09/12 19:27:24 fetching corpus: 4000, signal 208920/254734 (executing program)
2022/09/12 19:27:24 fetching corpus: 4050, signal 209691/255693 (executing program)
2022/09/12 19:27:25 fetching corpus: 4100, signal 210570/256598 (executing program)
2022/09/12 19:27:25 fetching corpus: 4150, signal 211290/257438 (executing program)
2022/09/12 19:27:25 fetching corpus: 4200, signal 212127/258334 (executing program)
2022/09/12 19:27:25 fetching corpus: 4250, signal 213081/259264 (executing program)
2022/09/12 19:27:25 fetching corpus: 4300, signal 213767/260095 (executing program)
2022/09/12 19:27:25 fetching corpus: 4350, signal 214637/260951 (executing program)
2022/09/12 19:27:26 fetching corpus: 4400, signal 215763/261928 (executing program)
2022/09/12 19:27:26 fetching corpus: 4450, signal 216653/262798 (executing program)
2022/09/12 19:27:26 fetching corpus: 4500, signal 217606/263698 (executing program)
2022/09/12 19:27:26 fetching corpus: 4550, signal 218183/264405 (executing program)
2022/09/12 19:27:26 fetching corpus: 4600, signal 219287/265279 (executing program)
2022/09/12 19:27:26 fetching corpus: 4650, signal 220304/266132 (executing program)
2022/09/12 19:27:26 fetching corpus: 4700, signal 220969/266851 (executing program)
2022/09/12 19:27:27 fetching corpus: 4750, signal 221638/267561 (executing program)
2022/09/12 19:27:27 fetching corpus: 4800, signal 222661/268374 (executing program)
2022/09/12 19:27:27 fetching corpus: 4850, signal 223298/269081 (executing program)
2022/09/12 19:27:27 fetching corpus: 4900, signal 224238/269841 (executing program)
2022/09/12 19:27:27 fetching corpus: 4950, signal 224973/270535 (executing program)
2022/09/12 19:27:27 fetching corpus: 5000, signal 225512/271129 (executing program)
2022/09/12 19:27:27 fetching corpus: 5050, signal 226033/271706 (executing program)
2022/09/12 19:27:28 fetching corpus: 5100, signal 226506/272339 (executing program)
2022/09/12 19:27:28 fetching corpus: 5150, signal 227283/273033 (executing program)
2022/09/12 19:27:28 fetching corpus: 5200, signal 228117/273721 (executing program)
2022/09/12 19:27:28 fetching corpus: 5250, signal 228768/274362 (executing program)
2022/09/12 19:27:28 fetching corpus: 5300, signal 229887/275089 (executing program)
2022/09/12 19:27:28 fetching corpus: 5350, signal 230627/275713 (executing program)
2022/09/12 19:27:28 fetching corpus: 5400, signal 231597/276375 (executing program)
2022/09/12 19:27:29 fetching corpus: 5450, signal 232287/276970 (executing program)
2022/09/12 19:27:29 fetching corpus: 5500, signal 232895/277552 (executing program)
2022/09/12 19:27:29 fetching corpus: 5550, signal 233534/278181 (executing program)
2022/09/12 19:27:29 fetching corpus: 5600, signal 233936/278658 (executing program)
2022/09/12 19:27:29 fetching corpus: 5650, signal 234326/279184 (executing program)
2022/09/12 19:27:29 fetching corpus: 5700, signal 234881/279700 (executing program)
2022/09/12 19:27:29 fetching corpus: 5750, signal 235361/280240 (executing program)
2022/09/12 19:27:30 fetching corpus: 5800, signal 235873/280738 (executing program)
2022/09/12 19:27:30 fetching corpus: 5850, signal 236290/281204 (executing program)
2022/09/12 19:27:30 fetching corpus: 5900, signal 237144/281742 (executing program)
2022/09/12 19:27:30 fetching corpus: 5950, signal 237564/282200 (executing program)
2022/09/12 19:27:30 fetching corpus: 6000, signal 238149/282690 (executing program)
2022/09/12 19:27:30 fetching corpus: 6050, signal 238742/283144 (executing program)
2022/09/12 19:27:30 fetching corpus: 6100, signal 239289/283626 (executing program)
2022/09/12 19:27:30 fetching corpus: 6150, signal 239643/284025 (executing program)
2022/09/12 19:27:30 fetching corpus: 6200, signal 240033/284411 (executing program)
2022/09/12 19:27:31 fetching corpus: 6250, signal 240634/284839 (executing program)
2022/09/12 19:27:31 fetching corpus: 6300, signal 241281/285243 (executing program)
2022/09/12 19:27:31 fetching corpus: 6350, signal 241827/285691 (executing program)
2022/09/12 19:27:31 fetching corpus: 6400, signal 242345/286102 (executing program)
2022/09/12 19:27:31 fetching corpus: 6450, signal 243396/286548 (executing program)
2022/09/12 19:27:31 fetching corpus: 6500, signal 243895/286937 (executing program)
2022/09/12 19:27:32 fetching corpus: 6550, signal 244332/287318 (executing program)
2022/09/12 19:27:32 fetching corpus: 6600, signal 245029/287686 (executing program)
2022/09/12 19:27:32 fetching corpus: 6650, signal 245643/288058 (executing program)
2022/09/12 19:27:32 fetching corpus: 6700, signal 246342/288417 (executing program)
2022/09/12 19:27:32 fetching corpus: 6750, signal 247269/288765 (executing program)
2022/09/12 19:27:32 fetching corpus: 6800, signal 248114/289127 (executing program)
2022/09/12 19:27:32 fetching corpus: 6850, signal 248889/289550 (executing program)
2022/09/12 19:27:33 fetching corpus: 6900, signal 249497/289967 (executing program)
2022/09/12 19:27:33 fetching corpus: 6950, signal 250353/290381 (executing program)
2022/09/12 19:27:33 fetching corpus: 7000, signal 251015/290690 (executing program)
2022/09/12 19:27:33 fetching corpus: 7050, signal 251385/290971 (executing program)
2022/09/12 19:27:33 fetching corpus: 7100, signal 251805/291023 (executing program)
2022/09/12 19:27:33 fetching corpus: 7150, signal 252088/291030 (executing program)
2022/09/12 19:27:34 fetching corpus: 7200, signal 252670/291056 (executing program)
2022/09/12 19:27:34 fetching corpus: 7250, signal 253362/291077 (executing program)
2022/09/12 19:27:34 fetching corpus: 7300, signal 254140/291090 (executing program)
2022/09/12 19:27:34 fetching corpus: 7350, signal 254517/291113 (executing program)
2022/09/12 19:27:34 fetching corpus: 7400, signal 254828/291131 (executing program)
2022/09/12 19:27:34 fetching corpus: 7450, signal 255527/291148 (executing program)
2022/09/12 19:27:34 fetching corpus: 7500, signal 256051/291161 (executing program)
2022/09/12 19:27:34 fetching corpus: 7550, signal 256894/291180 (executing program)
2022/09/12 19:27:35 fetching corpus: 7600, signal 257329/291185 (executing program)
2022/09/12 19:27:35 fetching corpus: 7650, signal 257593/291197 (executing program)
2022/09/12 19:27:35 fetching corpus: 7700, signal 258094/291204 (executing program)
2022/09/12 19:27:35 fetching corpus: 7750, signal 258700/291208 (executing program)
2022/09/12 19:27:35 fetching corpus: 7800, signal 259829/291371 (executing program)
2022/09/12 19:27:35 fetching corpus: 7850, signal 260239/291410 (executing program)
2022/09/12 19:27:35 fetching corpus: 7900, signal 260526/291423 (executing program)
2022/09/12 19:27:35 fetching corpus: 7950, signal 261049/291465 (executing program)
2022/09/12 19:27:36 fetching corpus: 8000, signal 261539/291480 (executing program)
2022/09/12 19:27:36 fetching corpus: 8050, signal 261931/291487 (executing program)
2022/09/12 19:27:36 fetching corpus: 8100, signal 262377/291496 (executing program)
2022/09/12 19:27:36 fetching corpus: 8150, signal 262913/291506 (executing program)
2022/09/12 19:27:36 fetching corpus: 8200, signal 263207/291603 (executing program)
2022/09/12 19:27:36 fetching corpus: 8250, signal 263491/291604 (executing program)
2022/09/12 19:27:37 fetching corpus: 8300, signal 264053/291661 (executing program)
2022/09/12 19:27:37 fetching corpus: 8350, signal 264338/291667 (executing program)
2022/09/12 19:27:37 fetching corpus: 8400, signal 264870/291671 (executing program)
2022/09/12 19:27:37 fetching corpus: 8450, signal 265393/291713 (executing program)
2022/09/12 19:27:37 fetching corpus: 8500, signal 266147/291758 (executing program)
2022/09/12 19:27:37 fetching corpus: 8550, signal 266586/291795 (executing program)
2022/09/12 19:27:37 fetching corpus: 8600, signal 267022/291802 (executing program)
2022/09/12 19:27:38 fetching corpus: 8650, signal 267488/291812 (executing program)
2022/09/12 19:27:38 fetching corpus: 8700, signal 267935/291815 (executing program)
2022/09/12 19:27:38 fetching corpus: 8750, signal 268424/291822 (executing program)
2022/09/12 19:27:38 fetching corpus: 8800, signal 269033/291838 (executing program)
2022/09/12 19:27:38 fetching corpus: 8850, signal 269567/291857 (executing program)
2022/09/12 19:27:38 fetching corpus: 8900, signal 269920/291879 (executing program)
2022/09/12 19:27:38 fetching corpus: 8950, signal 270400/291900 (executing program)
2022/09/12 19:27:39 fetching corpus: 9000, signal 270672/291901 (executing program)
2022/09/12 19:27:39 fetching corpus: 9050, signal 271003/291908 (executing program)
2022/09/12 19:27:39 fetching corpus: 9100, signal 271384/291919 (executing program)
2022/09/12 19:27:39 fetching corpus: 9150, signal 271825/291949 (executing program)
2022/09/12 19:27:39 fetching corpus: 9200, signal 272122/291960 (executing program)
2022/09/12 19:27:39 fetching corpus: 9250, signal 272563/291961 (executing program)
2022/09/12 19:27:39 fetching corpus: 9300, signal 272983/291970 (executing program)
2022/09/12 19:27:39 fetching corpus: 9350, signal 273452/291974 (executing program)
2022/09/12 19:27:40 fetching corpus: 9400, signal 273928/291980 (executing program)
2022/09/12 19:27:40 fetching corpus: 9450, signal 274226/291994 (executing program)
2022/09/12 19:27:40 fetching corpus: 9500, signal 274618/292024 (executing program)
2022/09/12 19:27:40 fetching corpus: 9550, signal 274954/292029 (executing program)
2022/09/12 19:27:40 fetching corpus: 9600, signal 275461/292109 (executing program)
2022/09/12 19:27:40 fetching corpus: 9650, signal 275798/292126 (executing program)
2022/09/12 19:27:40 fetching corpus: 9700, signal 276308/292126 (executing program)
2022/09/12 19:27:41 fetching corpus: 9750, signal 276531/292128 (executing program)
2022/09/12 19:27:41 fetching corpus: 9800, signal 276811/292130 (executing program)
2022/09/12 19:27:41 fetching corpus: 9850, signal 277424/292147 (executing program)
2022/09/12 19:27:41 fetching corpus: 9900, signal 277686/292147 (executing program)
2022/09/12 19:27:41 fetching corpus: 9950, signal 277915/292163 (executing program)
2022/09/12 19:27:41 fetching corpus: 10000, signal 278377/292164 (executing program)
2022/09/12 19:27:41 fetching corpus: 10050, signal 278600/292186 (executing program)
2022/09/12 19:27:42 fetching corpus: 10100, signal 279029/292195 (executing program)
2022/09/12 19:27:42 fetching corpus: 10150, signal 279405/292203 (executing program)
2022/09/12 19:27:42 fetching corpus: 10200, signal 279759/292288 (executing program)
2022/09/12 19:27:42 fetching corpus: 10250, signal 280030/292310 (executing program)
2022/09/12 19:27:42 fetching corpus: 10300, signal 280351/292385 (executing program)
2022/09/12 19:27:42 fetching corpus: 10350, signal 280640/292387 (executing program)
2022/09/12 19:27:42 fetching corpus: 10366, signal 280881/292388 (executing program)
2022/09/12 19:27:42 fetching corpus: 10366, signal 280881/292388 (executing program)
2022/09/12 19:27:45 starting 8 fuzzer processes
19:27:45 executing program 0:
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, 0x0, 0x0)

19:27:45 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000000), 0x8)
shutdown(0xffffffffffffffff, 0x0)
connect$bt_sco(r0, &(0x7f0000000040), 0x8)

19:27:45 executing program 2:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
write$binfmt_aout(r1, &(0x7f0000001180)=ANY=[], 0x220)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0xfffffdef)

19:27:45 executing program 3:
r0 = syz_io_uring_setup(0x4f02, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x0, 0x0}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, r4, 0x0, 0x0}, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SEND={0x1a, 0x4, 0x0, r5, 0x0, 0x0}, 0x2)
io_uring_enter(r0, 0x6c64, 0x0, 0x0, 0x0, 0x0)

19:27:45 executing program 4:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmat(0x0, &(0x7f0000ff6000/0x4000)=nil, 0x0)
shmctl$IPC_STAT(0x0, 0x2, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000480)={&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000011c0)=0x14)

19:27:45 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000018c0), 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x4, &(0x7f0000000000), 0x4)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x100000001})
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
ftruncate(0xffffffffffffffff, 0x0)

19:27:45 executing program 6:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0)

[   83.387147] audit: type=1400 audit(1663010865.482:6): avc:  denied  { execmem } for  pid=283 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
19:27:45 executing program 7:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETSHIFTSTATE(r0, 0x541c, &(0x7f0000000080))

[   84.635789] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   84.636905] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   84.637641] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   84.640812] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   84.641528] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   84.642135] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   84.647676] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   84.656655] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   84.659468] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   84.661206] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   84.662753] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   84.671707] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   84.673486] Bluetooth: hci1: HCI_REQ-0x0c1a
[   84.685517] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   84.686793] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   84.697635] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   84.700921] Bluetooth: hci0: HCI_REQ-0x0c1a
[   84.723240] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   84.725687] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   84.749839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   84.750746] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   84.751349] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   84.758686] Bluetooth: hci2: HCI_REQ-0x0c1a
[   84.780616] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   84.781268] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   84.782471] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   84.785277] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   84.785925] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   84.794121] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   84.798669] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   84.799221] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   84.799892] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   84.837423] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   84.838023] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   84.840644] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   84.841188] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   84.847327] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   84.854499] Bluetooth: hci5: HCI_REQ-0x0c1a
[   84.854525] Bluetooth: hci4: HCI_REQ-0x0c1a
[   84.857311] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   84.858875] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   84.860548] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   84.863223] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   84.865731] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   84.867111] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   84.874497] Bluetooth: hci7: HCI_REQ-0x0c1a
[   84.910640] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   84.911778] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   84.919462] Bluetooth: hci6: HCI_REQ-0x0c1a
[   86.714207] Bluetooth: hci0: command 0x0409 tx timeout
[   86.714206] Bluetooth: hci1: command 0x0409 tx timeout
[   86.715407] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   86.777463] Bluetooth: hci2: command 0x0409 tx timeout
[   86.905432] Bluetooth: hci7: command 0x0409 tx timeout
[   86.905924] Bluetooth: hci5: command 0x0409 tx timeout
[   86.969541] Bluetooth: hci4: command 0x0409 tx timeout
[   86.970025] Bluetooth: hci6: command 0x0409 tx timeout
[   88.761450] Bluetooth: hci0: command 0x041b tx timeout
[   88.762490] Bluetooth: hci1: command 0x041b tx timeout
[   88.826589] Bluetooth: hci2: command 0x041b tx timeout
[   88.954480] Bluetooth: hci5: command 0x041b tx timeout
[   88.955352] Bluetooth: hci7: command 0x041b tx timeout
[   89.017464] Bluetooth: hci6: command 0x041b tx timeout
[   89.018303] Bluetooth: hci4: command 0x041b tx timeout
[   90.809569] Bluetooth: hci1: command 0x040f tx timeout
[   90.810446] Bluetooth: hci0: command 0x040f tx timeout
[   90.873492] Bluetooth: hci2: command 0x040f tx timeout
[   91.001552] Bluetooth: hci7: command 0x040f tx timeout
[   91.002860] Bluetooth: hci5: command 0x040f tx timeout
[   91.065454] Bluetooth: hci4: command 0x040f tx timeout
[   91.066325] Bluetooth: hci6: command 0x040f tx timeout
[   92.793461] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   92.857447] Bluetooth: hci0: command 0x0419 tx timeout
[   92.858107] Bluetooth: hci1: command 0x0419 tx timeout
[   92.921516] Bluetooth: hci2: command 0x0419 tx timeout
[   93.049808] Bluetooth: hci5: command 0x0419 tx timeout
[   93.050891] Bluetooth: hci7: command 0x0419 tx timeout
[   93.113514] Bluetooth: hci6: command 0x0419 tx timeout
[   93.114070] Bluetooth: hci4: command 0x0419 tx timeout
[   96.002945] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   96.015584] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   96.017492] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   96.020007] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   96.028120] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   96.033585] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   96.038263] Bluetooth: hci3: HCI_REQ-0x0c1a
[   98.106405] Bluetooth: hci3: command 0x0409 tx timeout
[  100.153431] Bluetooth: hci3: command 0x041b tx timeout
[  102.202445] Bluetooth: hci3: command 0x040f tx timeout
[  104.249522] Bluetooth: hci3: command 0x0419 tx timeout
19:28:45 executing program 6:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000540))

19:28:45 executing program 6:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000540))

19:28:46 executing program 6:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000540))

19:28:46 executing program 6:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000540))

19:28:46 executing program 6:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)={0x13, 0x43, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0)

19:28:46 executing program 6:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x7, 0x0, 0x0)

19:28:46 executing program 6:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_mtu(r0, 0x29, 0x11, &(0x7f0000000180), 0x4)

19:28:46 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x201100a0}, 0xc)

[  146.824205] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  146.825813] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  146.827616] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  146.832547] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  146.834239] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  146.838586] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  146.851001] Bluetooth: hci0: HCI_REQ-0x0c1a
[  146.993471] loop2: detected capacity change from 0 to 40
[  147.020089] audit: type=1400 audit(1663010929.115:7): avc:  denied  { open } for  pid=3807 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  147.023193] audit: type=1400 audit(1663010929.115:8): avc:  denied  { kernel } for  pid=3807 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  147.031191] ------------[ cut here ]------------
[  147.031225] 
[  147.031230] ======================================================
[  147.031236] WARNING: possible circular locking dependency detected
[  147.031243] 6.0.0-rc5-next-20220912 #1 Not tainted
[  147.031255] ------------------------------------------------------
[  147.031261] syz-executor.2/3809 is trying to acquire lock:
[  147.031272] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  147.031334] 
[  147.031334] but task is already holding lock:
[  147.031340] ffff88800f016820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  147.031395] 
[  147.031395] which lock already depends on the new lock.
[  147.031395] 
[  147.031400] 
[  147.031400] the existing dependency chain (in reverse order) is:
[  147.031406] 
[  147.031406] -> #3 (&ctx->lock){....}-{2:2}:
[  147.031431]        _raw_spin_lock+0x2a/0x40
[  147.031461]        __perf_event_task_sched_out+0x53b/0x18d0
[  147.031484]        __schedule+0xedd/0x2470
[  147.031502]        schedule+0xda/0x1b0
[  147.031519]        exit_to_user_mode_prepare+0x114/0x1a0
[  147.031556]        syscall_exit_to_user_mode+0x19/0x40
[  147.031589]        do_syscall_64+0x48/0x90
[  147.031613]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.031645] 
[  147.031645] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  147.031670]        _raw_spin_lock_nested+0x30/0x40
[  147.031697]        raw_spin_rq_lock_nested+0x1e/0x30
[  147.031721]        task_fork_fair+0x63/0x4d0
[  147.031752]        sched_cgroup_fork+0x3d0/0x540
[  147.031779]        copy_process+0x3f9e/0x6df0
[  147.031797]        kernel_clone+0xe7/0x890
[  147.031815]        user_mode_thread+0xad/0xf0
[  147.031834]        rest_init+0x24/0x250
[  147.031864]        arch_call_rest_init+0xf/0x14
[  147.031898]        start_kernel+0x4c1/0x4e6
[  147.031929]        secondary_startup_64_no_verify+0xe0/0xeb
[  147.031955] 
[  147.031955] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  147.031980]        _raw_spin_lock_irqsave+0x39/0x60
[  147.032007]        try_to_wake_up+0xab/0x1920
[  147.032032]        up+0x75/0xb0
[  147.032053]        __up_console_sem+0x6e/0x80
[  147.032083]        console_unlock+0x46a/0x590
[  147.032113]        vt_ioctl+0x2822/0x2ca0
[  147.032135]        tty_ioctl+0x7c4/0x1700
[  147.032155]        __x64_sys_ioctl+0x19a/0x210
[  147.032183]        do_syscall_64+0x3b/0x90
[  147.032206]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.032237] 
[  147.032237] -> #0 ((console_sem).lock){....}-{2:2}:
[  147.032263]        __lock_acquire+0x2a02/0x5e70
[  147.032294]        lock_acquire+0x1a2/0x530
[  147.032324]        _raw_spin_lock_irqsave+0x39/0x60
[  147.032351]        down_trylock+0xe/0x70
[  147.032374]        __down_trylock_console_sem+0x3b/0xd0
[  147.032405]        vprintk_emit+0x16b/0x560
[  147.032436]        vprintk+0x84/0xa0
[  147.032466]        _printk+0xba/0xf1
[  147.032498]        report_bug.cold+0x72/0xab
[  147.032520]        handle_bug+0x3c/0x70
[  147.032543]        exc_invalid_op+0x14/0x50
[  147.032568]        asm_exc_invalid_op+0x16/0x20
[  147.032598]        group_sched_out.part.0+0x2c7/0x460
[  147.032617]        ctx_sched_out+0x8f1/0xc10
[  147.032635]        __perf_event_task_sched_out+0x6d0/0x18d0
[  147.032657]        __schedule+0xedd/0x2470
[  147.032675]        schedule+0xda/0x1b0
[  147.032691]        exit_to_user_mode_prepare+0x114/0x1a0
[  147.032727]        syscall_exit_to_user_mode+0x19/0x40
[  147.032758]        do_syscall_64+0x48/0x90
[  147.032782]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.032813] 
[  147.032813] other info that might help us debug this:
[  147.032813] 
[  147.032818] Chain exists of:
[  147.032818]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  147.032818] 
[  147.032845]  Possible unsafe locking scenario:
[  147.032845] 
[  147.032850]        CPU0                    CPU1
[  147.032854]        ----                    ----
[  147.032858]   lock(&ctx->lock);
[  147.032868]                                lock(&rq->__lock);
[  147.032880]                                lock(&ctx->lock);
[  147.032891]   lock((console_sem).lock);
[  147.032902] 
[  147.032902]  *** DEADLOCK ***
[  147.032902] 
[  147.032906] 2 locks held by syz-executor.2/3809:
[  147.032918]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  147.032964]  #1: ffff88800f016820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  147.033015] 
[  147.033015] stack backtrace:
[  147.033020] CPU: 0 PID: 3809 Comm: syz-executor.2 Not tainted 6.0.0-rc5-next-20220912 #1
[  147.033043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  147.033057] Call Trace:
[  147.033063]  <TASK>
[  147.033070]  dump_stack_lvl+0x8b/0xb3
[  147.033111]  check_noncircular+0x263/0x2e0
[  147.033142]  ? format_decode+0x26c/0xb50
[  147.033169]  ? print_circular_bug+0x450/0x450
[  147.033201]  ? enable_ptr_key_workfn+0x20/0x20
[  147.033228]  ? format_decode+0x26c/0xb50
[  147.033254]  ? memcpy+0x39/0x60
[  147.033290]  ? vsnprintf+0x4ba/0x1600
[  147.033321]  __lock_acquire+0x2a02/0x5e70
[  147.033361]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  147.033404]  lock_acquire+0x1a2/0x530
[  147.033436]  ? down_trylock+0xe/0x70
[  147.033463]  ? rcu_read_unlock+0x40/0x40
[  147.033503]  ? vprintk+0x84/0xa0
[  147.033537]  _raw_spin_lock_irqsave+0x39/0x60
[  147.033565]  ? down_trylock+0xe/0x70
[  147.033591]  down_trylock+0xe/0x70
[  147.033616]  ? vprintk+0x84/0xa0
[  147.033648]  __down_trylock_console_sem+0x3b/0xd0
[  147.033681]  vprintk_emit+0x16b/0x560
[  147.033717]  vprintk+0x84/0xa0
[  147.033750]  _printk+0xba/0xf1
[  147.033783]  ? record_print_text.cold+0x16/0x16
[  147.033824]  ? report_bug.cold+0x66/0xab
[  147.033850]  ? group_sched_out.part.0+0x2c7/0x460
[  147.033871]  report_bug.cold+0x72/0xab
[  147.033898]  handle_bug+0x3c/0x70
[  147.033923]  exc_invalid_op+0x14/0x50
[  147.033950]  asm_exc_invalid_op+0x16/0x20
[  147.033981] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  147.034005] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  147.034026] RSP: 0018:ffff888033407c48 EFLAGS: 00010006
[  147.034043] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  147.034057] RDX: ffff88801bba1ac0 RSI: ffffffff81566027 RDI: 0000000000000005
[  147.034071] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  147.034085] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800f016800
[  147.034099] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  147.034120]  ? group_sched_out.part.0+0x2c7/0x460
[  147.034144]  ? group_sched_out.part.0+0x2c7/0x460
[  147.034168]  ctx_sched_out+0x8f1/0xc10
[  147.034191]  __perf_event_task_sched_out+0x6d0/0x18d0
[  147.034220]  ? lock_is_held_type+0xd7/0x130
[  147.034254]  ? __perf_cgroup_move+0x160/0x160
[  147.034276]  ? set_next_entity+0x304/0x550
[  147.034309]  ? update_curr+0x267/0x740
[  147.034344]  ? lock_is_held_type+0xd7/0x130
[  147.034378]  __schedule+0xedd/0x2470
[  147.034402]  ? io_schedule_timeout+0x150/0x150
[  147.034425]  ? rcu_read_lock_sched_held+0x3e/0x80
[  147.034463]  schedule+0xda/0x1b0
[  147.034483]  exit_to_user_mode_prepare+0x114/0x1a0
[  147.034522]  syscall_exit_to_user_mode+0x19/0x40
[  147.034555]  do_syscall_64+0x48/0x90
[  147.034580]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.034613] RIP: 0033:0x7f8bee48db19
[  147.034628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  147.034649] RSP: 002b:00007f8beba03218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  147.034669] RAX: 0000000000000001 RBX: 00007f8bee5a0f68 RCX: 00007f8bee48db19
[  147.034683] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8bee5a0f6c
[  147.034696] RBP: 00007f8bee5a0f60 R08: 000000000000000e R09: 0000000000000000
[  147.034710] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f8bee5a0f6c
[  147.034723] R13: 00007fff0f31817f R14: 00007f8beba03300 R15: 0000000000022000
[  147.034747]  </TASK>
[  147.138434] WARNING: CPU: 0 PID: 3809 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  147.139660] Modules linked in:
[  147.140086] CPU: 0 PID: 3809 Comm: syz-executor.2 Not tainted 6.0.0-rc5-next-20220912 #1
[  147.141169] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  147.142604] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  147.143311] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  147.145637] RSP: 0018:ffff888033407c48 EFLAGS: 00010006
[  147.146333] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  147.147253] RDX: ffff88801bba1ac0 RSI: ffffffff81566027 RDI: 0000000000000005
[  147.148158] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  147.149061] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800f016800
[  147.149984] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002
[  147.150890] FS:  00007f8beba03700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  147.151916] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  147.152660] CR2: 00007fde63f432b0 CR3: 000000001036a000 CR4: 0000000000350ef0
[  147.153588] Call Trace:
[  147.153926]  <TASK>
[  147.154234]  ctx_sched_out+0x8f1/0xc10
[  147.154748]  __perf_event_task_sched_out+0x6d0/0x18d0
[  147.155423]  ? lock_is_held_type+0xd7/0x130
[  147.155997]  ? __perf_cgroup_move+0x160/0x160
[  147.156599]  ? set_next_entity+0x304/0x550
[  147.157197]  ? update_curr+0x267/0x740
[  147.157744]  ? lock_is_held_type+0xd7/0x130
[  147.158372]  __schedule+0xedd/0x2470
[  147.158958]  ? io_schedule_timeout+0x150/0x150
[  147.159674]  ? rcu_read_lock_sched_held+0x3e/0x80
[  147.160440]  schedule+0xda/0x1b0
[  147.160976]  exit_to_user_mode_prepare+0x114/0x1a0
[  147.161777]  syscall_exit_to_user_mode+0x19/0x40
[  147.162528]  do_syscall_64+0x48/0x90
[  147.163117]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  147.163923] RIP: 0033:0x7f8bee48db19
[  147.164502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  147.167257] RSP: 002b:00007f8beba03218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  147.168409] RAX: 0000000000000001 RBX: 00007f8bee5a0f68 RCX: 00007f8bee48db19
[  147.169516] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8bee5a0f6c
[  147.170602] RBP: 00007f8bee5a0f60 R08: 000000000000000e R09: 0000000000000000
[  147.171676] R10: 0000000000000004 R11: 0000000000000246 R12: 00007f8bee5a0f6c
[  147.172756] R13: 00007fff0f31817f R14: 00007f8beba03300 R15: 0000000000022000
[  147.173848]  </TASK>
[  147.174214] irq event stamp: 2870
[  147.174742] hardirqs last  enabled at (2869): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  147.176183] hardirqs last disabled at (2870): [<ffffffff84247a45>] __schedule+0x1225/0x2470
[  147.177458] softirqs last  enabled at (2734): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  147.178760] softirqs last disabled at (2717): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  147.180063] ---[ end trace 0000000000000000 ]---
[  147.201383] hrtimer: interrupt took 18595 ns
[  147.832945] syz-executor.2: attempt to access beyond end of device
[  147.832945] loop2: rw=2049, sector=40, nr_sectors = 4 limit=40
[  147.834752] Buffer I/O error on dev loop2, logical block 10, lost async page write
[  148.858761] Bluetooth: hci0: command 0x0409 tx timeout
[  149.241398] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  149.241418] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  149.242054] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  149.243024] Bluetooth: hci4: Opcode 0x c03 failed: -110
[  149.244495] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  150.905437] Bluetooth: hci0: command 0x041b tx timeout
[  152.953516] Bluetooth: hci0: command 0x040f tx timeout
[  153.593516] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  153.849412] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  153.849416] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  153.849546] Bluetooth: hci4: Opcode 0x c03 failed: -110
[  153.850448] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  155.001419] Bluetooth: hci0: command 0x0419 tx timeout
[  156.445794] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  156.447338] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  156.449312] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  156.451557] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  156.453299] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  156.455150] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  156.458512] Bluetooth: hci6: HCI_REQ-0x0c1a

VM DIAGNOSIS:
19:28:49  Registers:
info registers vcpu 0
RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888033407698
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000034 R11=0000000000000001
R12=0000000000000034 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30
RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f8beba03700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fde63f432b0 CR3=000000001036a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=ffff888038b28001 RBX=0000000000000001 RCX=0000000000000001 RDX=ffff888038b27f01
RSI=ffff888038b27f50 RDI=ffff888038b27730 RBP=ffff888038b27778 RSP=ffff888038b27688
R8 =ffffffff8623ad64 R9 =ffffffff8623ad68 R10=ffffed1007164ef1 R11=000000000003603d
R12=ffff888038b27761 R13=ffff888038b20000 R14=ffff888038b27720 R15=ffffffff8623ad69
RIP=ffffffff8111b1e1 RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f54d8bed1f0 CR3=000000001865c000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 6461657268747062 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 00302e6f732e6461 657268747062696c
YMM03=0000000000000000 0000000000000000 2f756e672d78756e 696c2d34365f3638
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000