Warning: Permanently added '[localhost]:62098' (ECDSA) to the list of known hosts.
2022/09/12 20:10:56 fuzzer started
2022/09/12 20:10:57 dialing manager at localhost:38027
syzkaller login: [   44.305868] cgroup: Unknown subsys name 'net'
[   44.395765] cgroup: Unknown subsys name 'rlimit'
2022/09/12 20:11:12 syscalls: 2215
2022/09/12 20:11:12 code coverage: enabled
2022/09/12 20:11:12 comparison tracing: enabled
2022/09/12 20:11:12 extra coverage: enabled
2022/09/12 20:11:12 setuid sandbox: enabled
2022/09/12 20:11:12 namespace sandbox: enabled
2022/09/12 20:11:12 Android sandbox: enabled
2022/09/12 20:11:12 fault injection: enabled
2022/09/12 20:11:12 leak checking: enabled
2022/09/12 20:11:12 net packet injection: enabled
2022/09/12 20:11:12 net device setup: enabled
2022/09/12 20:11:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/12 20:11:12 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/12 20:11:12 USB emulation: enabled
2022/09/12 20:11:12 hci packet injection: enabled
2022/09/12 20:11:12 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912                                          )
2022/09/12 20:11:12 802.15.4 emulation: enabled
2022/09/12 20:11:12 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/12 20:11:12 fetching corpus: 43, signal 26379/30041 (executing program)
2022/09/12 20:11:12 fetching corpus: 93, signal 42556/47699 (executing program)
2022/09/12 20:11:12 fetching corpus: 143, signal 57388/63818 (executing program)
2022/09/12 20:11:12 fetching corpus: 193, signal 64832/72617 (executing program)
2022/09/12 20:11:13 fetching corpus: 243, signal 73014/82057 (executing program)
2022/09/12 20:11:13 fetching corpus: 293, signal 80053/90298 (executing program)
2022/09/12 20:11:13 fetching corpus: 343, signal 87830/99135 (executing program)
2022/09/12 20:11:13 fetching corpus: 393, signal 92130/104602 (executing program)
2022/09/12 20:11:13 fetching corpus: 443, signal 97366/110878 (executing program)
2022/09/12 20:11:13 fetching corpus: 493, signal 100594/115211 (executing program)
2022/09/12 20:11:13 fetching corpus: 543, signal 105892/121420 (executing program)
2022/09/12 20:11:14 fetching corpus: 593, signal 108482/125077 (executing program)
2022/09/12 20:11:14 fetching corpus: 643, signal 111982/129544 (executing program)
2022/09/12 20:11:14 fetching corpus: 693, signal 115445/133865 (executing program)
2022/09/12 20:11:14 fetching corpus: 743, signal 118344/137690 (executing program)
2022/09/12 20:11:14 fetching corpus: 793, signal 119924/140307 (executing program)
2022/09/12 20:11:14 fetching corpus: 843, signal 122636/143912 (executing program)
2022/09/12 20:11:14 fetching corpus: 893, signal 125523/147645 (executing program)
2022/09/12 20:11:14 fetching corpus: 943, signal 128017/150937 (executing program)
2022/09/12 20:11:15 fetching corpus: 993, signal 131928/155466 (executing program)
2022/09/12 20:11:15 fetching corpus: 1043, signal 135208/159376 (executing program)
2022/09/12 20:11:15 fetching corpus: 1093, signal 137458/162369 (executing program)
2022/09/12 20:11:15 fetching corpus: 1142, signal 139991/165548 (executing program)
2022/09/12 20:11:15 fetching corpus: 1192, signal 141679/168027 (executing program)
2022/09/12 20:11:15 fetching corpus: 1241, signal 144108/171120 (executing program)
2022/09/12 20:11:15 fetching corpus: 1291, signal 146074/173723 (executing program)
2022/09/12 20:11:15 fetching corpus: 1341, signal 148314/176578 (executing program)
2022/09/12 20:11:16 fetching corpus: 1391, signal 150183/179097 (executing program)
2022/09/12 20:11:16 fetching corpus: 1441, signal 152209/181789 (executing program)
2022/09/12 20:11:16 fetching corpus: 1491, signal 154226/184366 (executing program)
2022/09/12 20:11:16 fetching corpus: 1541, signal 156041/186827 (executing program)
2022/09/12 20:11:16 fetching corpus: 1591, signal 157456/188915 (executing program)
2022/09/12 20:11:16 fetching corpus: 1641, signal 159177/191180 (executing program)
2022/09/12 20:11:16 fetching corpus: 1691, signal 161533/193956 (executing program)
2022/09/12 20:11:17 fetching corpus: 1741, signal 162916/195908 (executing program)
2022/09/12 20:11:17 fetching corpus: 1791, signal 164204/197770 (executing program)
2022/09/12 20:11:17 fetching corpus: 1841, signal 166063/200109 (executing program)
2022/09/12 20:11:17 fetching corpus: 1891, signal 168129/202496 (executing program)
2022/09/12 20:11:17 fetching corpus: 1941, signal 169507/204395 (executing program)
2022/09/12 20:11:17 fetching corpus: 1991, signal 170528/206035 (executing program)
2022/09/12 20:11:17 fetching corpus: 2041, signal 172043/208001 (executing program)
2022/09/12 20:11:18 fetching corpus: 2091, signal 173802/210117 (executing program)
2022/09/12 20:11:18 fetching corpus: 2141, signal 174981/211777 (executing program)
2022/09/12 20:11:18 fetching corpus: 2191, signal 175939/213299 (executing program)
2022/09/12 20:11:18 fetching corpus: 2241, signal 177629/215277 (executing program)
2022/09/12 20:11:18 fetching corpus: 2291, signal 178445/216708 (executing program)
2022/09/12 20:11:18 fetching corpus: 2341, signal 180104/218623 (executing program)
2022/09/12 20:11:19 fetching corpus: 2391, signal 181189/220169 (executing program)
2022/09/12 20:11:19 fetching corpus: 2441, signal 182656/221948 (executing program)
2022/09/12 20:11:19 fetching corpus: 2491, signal 184407/223922 (executing program)
2022/09/12 20:11:19 fetching corpus: 2541, signal 185732/225571 (executing program)
2022/09/12 20:11:19 fetching corpus: 2591, signal 186802/226987 (executing program)
2022/09/12 20:11:19 fetching corpus: 2641, signal 187936/228427 (executing program)
2022/09/12 20:11:19 fetching corpus: 2691, signal 188849/229796 (executing program)
2022/09/12 20:11:19 fetching corpus: 2741, signal 189770/231213 (executing program)
2022/09/12 20:11:20 fetching corpus: 2790, signal 190986/232704 (executing program)
2022/09/12 20:11:20 fetching corpus: 2840, signal 191983/234031 (executing program)
2022/09/12 20:11:20 fetching corpus: 2890, signal 192751/235221 (executing program)
2022/09/12 20:11:20 fetching corpus: 2940, signal 193789/236534 (executing program)
2022/09/12 20:11:20 fetching corpus: 2990, signal 195212/238065 (executing program)
2022/09/12 20:11:20 fetching corpus: 3040, signal 196181/239353 (executing program)
2022/09/12 20:11:20 fetching corpus: 3090, signal 197089/240574 (executing program)
2022/09/12 20:11:21 fetching corpus: 3139, signal 198221/241947 (executing program)
2022/09/12 20:11:21 fetching corpus: 3189, signal 199509/243411 (executing program)
2022/09/12 20:11:21 fetching corpus: 3239, signal 200616/244692 (executing program)
2022/09/12 20:11:21 fetching corpus: 3289, signal 201915/246071 (executing program)
2022/09/12 20:11:21 fetching corpus: 3339, signal 202723/247177 (executing program)
2022/09/12 20:11:21 fetching corpus: 3389, signal 203756/248447 (executing program)
2022/09/12 20:11:21 fetching corpus: 3439, signal 204341/249434 (executing program)
2022/09/12 20:11:21 fetching corpus: 3489, signal 205308/250569 (executing program)
2022/09/12 20:11:22 fetching corpus: 3539, signal 206712/251900 (executing program)
2022/09/12 20:11:22 fetching corpus: 3589, signal 207485/252880 (executing program)
2022/09/12 20:11:22 fetching corpus: 3639, signal 207996/253784 (executing program)
2022/09/12 20:11:22 fetching corpus: 3689, signal 208550/254663 (executing program)
2022/09/12 20:11:22 fetching corpus: 3739, signal 209275/255600 (executing program)
2022/09/12 20:11:22 fetching corpus: 3789, signal 209839/256508 (executing program)
2022/09/12 20:11:22 fetching corpus: 3839, signal 211159/257766 (executing program)
2022/09/12 20:11:22 fetching corpus: 3889, signal 212055/258854 (executing program)
2022/09/12 20:11:22 fetching corpus: 3939, signal 212868/259830 (executing program)
2022/09/12 20:11:23 fetching corpus: 3989, signal 213591/260788 (executing program)
2022/09/12 20:11:23 fetching corpus: 4039, signal 214302/261661 (executing program)
2022/09/12 20:11:23 fetching corpus: 4089, signal 214941/262523 (executing program)
2022/09/12 20:11:23 fetching corpus: 4139, signal 215903/263558 (executing program)
2022/09/12 20:11:23 fetching corpus: 4189, signal 216919/264594 (executing program)
2022/09/12 20:11:23 fetching corpus: 4239, signal 217790/265477 (executing program)
2022/09/12 20:11:24 fetching corpus: 4289, signal 218745/266430 (executing program)
2022/09/12 20:11:24 fetching corpus: 4339, signal 219494/267256 (executing program)
2022/09/12 20:11:24 fetching corpus: 4389, signal 220100/268094 (executing program)
2022/09/12 20:11:24 fetching corpus: 4439, signal 220939/269010 (executing program)
2022/09/12 20:11:24 fetching corpus: 4489, signal 221733/269870 (executing program)
2022/09/12 20:11:24 fetching corpus: 4539, signal 222657/270803 (executing program)
2022/09/12 20:11:24 fetching corpus: 4589, signal 223551/271686 (executing program)
2022/09/12 20:11:24 fetching corpus: 4639, signal 224146/272449 (executing program)
2022/09/12 20:11:25 fetching corpus: 4689, signal 224598/273125 (executing program)
2022/09/12 20:11:25 fetching corpus: 4739, signal 225515/273945 (executing program)
2022/09/12 20:11:25 fetching corpus: 4789, signal 226461/274771 (executing program)
2022/09/12 20:11:25 fetching corpus: 4839, signal 227225/275512 (executing program)
2022/09/12 20:11:25 fetching corpus: 4889, signal 228043/276327 (executing program)
2022/09/12 20:11:25 fetching corpus: 4939, signal 228570/276987 (executing program)
2022/09/12 20:11:25 fetching corpus: 4989, signal 229584/277817 (executing program)
2022/09/12 20:11:26 fetching corpus: 5039, signal 230228/278525 (executing program)
2022/09/12 20:11:26 fetching corpus: 5089, signal 230954/279241 (executing program)
2022/09/12 20:11:26 fetching corpus: 5139, signal 231905/280019 (executing program)
2022/09/12 20:11:26 fetching corpus: 5189, signal 232479/280646 (executing program)
2022/09/12 20:11:26 fetching corpus: 5239, signal 233096/281282 (executing program)
2022/09/12 20:11:26 fetching corpus: 5289, signal 233563/281904 (executing program)
2022/09/12 20:11:26 fetching corpus: 5339, signal 233967/282459 (executing program)
2022/09/12 20:11:26 fetching corpus: 5389, signal 234628/283124 (executing program)
2022/09/12 20:11:27 fetching corpus: 5439, signal 235070/283709 (executing program)
2022/09/12 20:11:27 fetching corpus: 5489, signal 235813/284402 (executing program)
2022/09/12 20:11:27 fetching corpus: 5539, signal 236269/284939 (executing program)
2022/09/12 20:11:27 fetching corpus: 5589, signal 236919/285564 (executing program)
2022/09/12 20:11:27 fetching corpus: 5639, signal 237848/286205 (executing program)
2022/09/12 20:11:27 fetching corpus: 5689, signal 238886/286863 (executing program)
2022/09/12 20:11:28 fetching corpus: 5739, signal 239626/287474 (executing program)
2022/09/12 20:11:28 fetching corpus: 5789, signal 240279/288029 (executing program)
2022/09/12 20:11:28 fetching corpus: 5839, signal 241200/288637 (executing program)
2022/09/12 20:11:28 fetching corpus: 5889, signal 241586/289135 (executing program)
2022/09/12 20:11:28 fetching corpus: 5939, signal 242220/289622 (executing program)
2022/09/12 20:11:28 fetching corpus: 5989, signal 243100/290233 (executing program)
2022/09/12 20:11:28 fetching corpus: 6039, signal 243612/290736 (executing program)
2022/09/12 20:11:29 fetching corpus: 6089, signal 244149/291187 (executing program)
2022/09/12 20:11:29 fetching corpus: 6139, signal 244933/291683 (executing program)
2022/09/12 20:11:29 fetching corpus: 6189, signal 245430/292162 (executing program)
2022/09/12 20:11:29 fetching corpus: 6239, signal 245739/292566 (executing program)
2022/09/12 20:11:29 fetching corpus: 6289, signal 246231/293113 (executing program)
2022/09/12 20:11:29 fetching corpus: 6339, signal 246782/293534 (executing program)
2022/09/12 20:11:29 fetching corpus: 6388, signal 247503/294012 (executing program)
2022/09/12 20:11:29 fetching corpus: 6438, signal 247950/294485 (executing program)
2022/09/12 20:11:29 fetching corpus: 6488, signal 248590/294930 (executing program)
2022/09/12 20:11:30 fetching corpus: 6538, signal 249190/295378 (executing program)
2022/09/12 20:11:30 fetching corpus: 6588, signal 249847/295792 (executing program)
2022/09/12 20:11:30 fetching corpus: 6638, signal 250563/296198 (executing program)
2022/09/12 20:11:30 fetching corpus: 6688, signal 251385/296613 (executing program)
2022/09/12 20:11:30 fetching corpus: 6738, signal 251877/296974 (executing program)
2022/09/12 20:11:30 fetching corpus: 6788, signal 252318/297358 (executing program)
2022/09/12 20:11:30 fetching corpus: 6838, signal 252848/297736 (executing program)
2022/09/12 20:11:31 fetching corpus: 6888, signal 253497/298105 (executing program)
2022/09/12 20:11:31 fetching corpus: 6938, signal 253991/298470 (executing program)
2022/09/12 20:11:31 fetching corpus: 6988, signal 254748/298817 (executing program)
2022/09/12 20:11:31 fetching corpus: 7038, signal 255227/299149 (executing program)
2022/09/12 20:11:31 fetching corpus: 7088, signal 256300/299524 (executing program)
2022/09/12 20:11:31 fetching corpus: 7138, signal 256758/299839 (executing program)
2022/09/12 20:11:32 fetching corpus: 7188, signal 257377/300195 (executing program)
2022/09/12 20:11:32 fetching corpus: 7238, signal 257823/300531 (executing program)
2022/09/12 20:11:32 fetching corpus: 7288, signal 258344/300780 (executing program)
2022/09/12 20:11:32 fetching corpus: 7338, signal 259029/300782 (executing program)
2022/09/12 20:11:32 fetching corpus: 7388, signal 260109/300785 (executing program)
2022/09/12 20:11:33 fetching corpus: 7438, signal 260551/300852 (executing program)
2022/09/12 20:11:33 fetching corpus: 7488, signal 261093/300863 (executing program)
2022/09/12 20:11:33 fetching corpus: 7538, signal 261668/300964 (executing program)
2022/09/12 20:11:33 fetching corpus: 7588, signal 262127/300982 (executing program)
2022/09/12 20:11:33 fetching corpus: 7638, signal 262628/301015 (executing program)
2022/09/12 20:11:33 fetching corpus: 7688, signal 262978/301057 (executing program)
2022/09/12 20:11:33 fetching corpus: 7738, signal 263298/301072 (executing program)
2022/09/12 20:11:34 fetching corpus: 7788, signal 263703/301079 (executing program)
2022/09/12 20:11:34 fetching corpus: 7838, signal 264204/301081 (executing program)
2022/09/12 20:11:34 fetching corpus: 7887, signal 264560/301092 (executing program)
2022/09/12 20:11:34 fetching corpus: 7937, signal 264936/301102 (executing program)
2022/09/12 20:11:34 fetching corpus: 7987, signal 265435/301116 (executing program)
2022/09/12 20:11:34 fetching corpus: 8037, signal 265892/301116 (executing program)
2022/09/12 20:11:34 fetching corpus: 8087, signal 266538/301120 (executing program)
2022/09/12 20:11:34 fetching corpus: 8137, signal 266968/301128 (executing program)
2022/09/12 20:11:35 fetching corpus: 8187, signal 267356/301133 (executing program)
2022/09/12 20:11:35 fetching corpus: 8237, signal 267807/301139 (executing program)
2022/09/12 20:11:35 fetching corpus: 8287, signal 268360/301142 (executing program)
2022/09/12 20:11:35 fetching corpus: 8337, signal 268774/301146 (executing program)
2022/09/12 20:11:35 fetching corpus: 8387, signal 269372/301166 (executing program)
2022/09/12 20:11:35 fetching corpus: 8437, signal 269637/301175 (executing program)
2022/09/12 20:11:36 fetching corpus: 8487, signal 269907/301187 (executing program)
2022/09/12 20:11:36 fetching corpus: 8537, signal 270523/301197 (executing program)
2022/09/12 20:11:36 fetching corpus: 8587, signal 270909/301239 (executing program)
2022/09/12 20:11:36 fetching corpus: 8637, signal 271307/301305 (executing program)
2022/09/12 20:11:36 fetching corpus: 8687, signal 271826/301320 (executing program)
2022/09/12 20:11:36 fetching corpus: 8737, signal 272366/301346 (executing program)
2022/09/12 20:11:36 fetching corpus: 8787, signal 272675/301350 (executing program)
2022/09/12 20:11:37 fetching corpus: 8837, signal 273112/301353 (executing program)
2022/09/12 20:11:37 fetching corpus: 8887, signal 273465/301368 (executing program)
2022/09/12 20:11:37 fetching corpus: 8937, signal 273756/301391 (executing program)
2022/09/12 20:11:37 fetching corpus: 8987, signal 274174/301392 (executing program)
2022/09/12 20:11:37 fetching corpus: 9037, signal 274578/301392 (executing program)
2022/09/12 20:11:37 fetching corpus: 9087, signal 274974/301397 (executing program)
2022/09/12 20:11:37 fetching corpus: 9137, signal 275297/301398 (executing program)
2022/09/12 20:11:37 fetching corpus: 9187, signal 275682/301406 (executing program)
2022/09/12 20:11:38 fetching corpus: 9237, signal 276105/301428 (executing program)
2022/09/12 20:11:38 fetching corpus: 9287, signal 276729/301428 (executing program)
2022/09/12 20:11:38 fetching corpus: 9337, signal 277194/301453 (executing program)
2022/09/12 20:11:38 fetching corpus: 9387, signal 277544/301457 (executing program)
2022/09/12 20:11:38 fetching corpus: 9437, signal 277966/301461 (executing program)
2022/09/12 20:11:38 fetching corpus: 9487, signal 278279/301490 (executing program)
2022/09/12 20:11:39 fetching corpus: 9537, signal 278686/301494 (executing program)
2022/09/12 20:11:39 fetching corpus: 9587, signal 279240/301519 (executing program)
2022/09/12 20:11:39 fetching corpus: 9637, signal 279472/301529 (executing program)
2022/09/12 20:11:39 fetching corpus: 9687, signal 279800/301535 (executing program)
2022/09/12 20:11:39 fetching corpus: 9737, signal 280117/301543 (executing program)
2022/09/12 20:11:39 fetching corpus: 9787, signal 280384/301546 (executing program)
2022/09/12 20:11:39 fetching corpus: 9837, signal 280692/301546 (executing program)
2022/09/12 20:11:39 fetching corpus: 9887, signal 281040/301554 (executing program)
2022/09/12 20:11:39 fetching corpus: 9937, signal 281442/301557 (executing program)
2022/09/12 20:11:39 fetching corpus: 9987, signal 281748/301570 (executing program)
2022/09/12 20:11:40 fetching corpus: 10037, signal 281996/301576 (executing program)
2022/09/12 20:11:40 fetching corpus: 10087, signal 282516/301644 (executing program)
2022/09/12 20:11:40 fetching corpus: 10137, signal 283118/301648 (executing program)
2022/09/12 20:11:40 fetching corpus: 10187, signal 283404/301652 (executing program)
2022/09/12 20:11:40 fetching corpus: 10237, signal 283760/301661 (executing program)
2022/09/12 20:11:40 fetching corpus: 10287, signal 284136/301662 (executing program)
2022/09/12 20:11:40 fetching corpus: 10337, signal 284372/301670 (executing program)
2022/09/12 20:11:41 fetching corpus: 10387, signal 284684/301674 (executing program)
2022/09/12 20:11:41 fetching corpus: 10437, signal 285119/301732 (executing program)
2022/09/12 20:11:41 fetching corpus: 10487, signal 285436/301742 (executing program)
2022/09/12 20:11:41 fetching corpus: 10537, signal 285895/301750 (executing program)
2022/09/12 20:11:41 fetching corpus: 10587, signal 286326/301774 (executing program)
2022/09/12 20:11:41 fetching corpus: 10637, signal 286702/301779 (executing program)
2022/09/12 20:11:42 fetching corpus: 10687, signal 287088/301788 (executing program)
2022/09/12 20:11:42 fetching corpus: 10736, signal 287745/301791 (executing program)
2022/09/12 20:11:42 fetching corpus: 10786, signal 288108/301799 (executing program)
2022/09/12 20:11:42 fetching corpus: 10836, signal 288433/301803 (executing program)
2022/09/12 20:11:42 fetching corpus: 10886, signal 288783/301812 (executing program)
2022/09/12 20:11:42 fetching corpus: 10936, signal 289127/301835 (executing program)
2022/09/12 20:11:42 fetching corpus: 10986, signal 289481/301835 (executing program)
2022/09/12 20:11:43 fetching corpus: 11036, signal 289826/301839 (executing program)
2022/09/12 20:11:43 fetching corpus: 11081, signal 290059/301849 (executing program)
2022/09/12 20:11:43 fetching corpus: 11081, signal 290059/301849 (executing program)
2022/09/12 20:11:45 starting 8 fuzzer processes
20:11:45 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)

20:11:45 executing program 3:
r0 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000006, 0x11, r0, 0x0)
r1 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0)

20:11:45 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f00000015c0)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0}, 0x2000c040)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=0x40)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

20:11:45 executing program 2:
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0x0)
ioctl$BLKIOMIN(r0, 0x1278, &(0x7f0000000000))

20:11:45 executing program 4:
clock_gettime(0x0, 0x0)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})
sched_yield()
clock_nanosleep(0x7, 0x0, &(0x7f0000000140)={0x0, 0x3938700}, 0x0)

20:11:45 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x1c3c00, 0x0)
ioctl$CDROM_DISC_STATUS(r0, 0x2284)

20:11:45 executing program 6:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

[   92.454766] audit: type=1400 audit(1663013505.454:6): avc:  denied  { execmem } for  pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
20:11:45 executing program 7:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
flistxattr(r0, 0x0, 0x0)

[   93.780067] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   93.782982] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   93.787917] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   93.789361] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   93.793439] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   93.796443] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   93.799841] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   93.801069] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   93.807191] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   93.807709] Bluetooth: hci0: HCI_REQ-0x0c1a
[   93.812546] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   93.843818] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   93.847857] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   93.853750] Bluetooth: hci1: HCI_REQ-0x0c1a
[   93.860938] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   93.862790] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   93.869296] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   93.875673] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   93.878001] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   93.881313] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   93.885963] Bluetooth: hci7: HCI_REQ-0x0c1a
[   93.886425] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   93.894108] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   93.895501] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   93.898989] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   93.900327] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   93.902407] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   93.904226] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   93.905814] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   93.907259] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   93.908138] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   93.910089] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   93.911175] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   93.912288] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   93.913317] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   93.914658] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   93.918430] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   93.919862] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   93.920860] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   93.922436] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   93.923177] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   93.925126] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   93.926531] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   93.929158] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   93.930411] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   93.931860] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   93.935978] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   93.937553] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   93.944367] Bluetooth: hci6: HCI_REQ-0x0c1a
[   93.952901] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   93.953986] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   93.955956] Bluetooth: hci5: HCI_REQ-0x0c1a
[   93.959244] Bluetooth: hci3: HCI_REQ-0x0c1a
[   93.961667] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   93.986433] Bluetooth: hci2: HCI_REQ-0x0c1a
[   93.989210] Bluetooth: hci4: HCI_REQ-0x0c1a
[   95.862999] Bluetooth: hci1: command 0x0409 tx timeout
[   95.863828] Bluetooth: hci0: command 0x0409 tx timeout
[   95.926724] Bluetooth: hci7: command 0x0409 tx timeout
[   95.989646] Bluetooth: hci6: command 0x0409 tx timeout
[   95.990686] Bluetooth: hci3: command 0x0409 tx timeout
[   95.991246] Bluetooth: hci5: command 0x0409 tx timeout
[   96.054649] Bluetooth: hci4: command 0x0409 tx timeout
[   96.055166] Bluetooth: hci2: command 0x0409 tx timeout
[   97.909735] Bluetooth: hci0: command 0x041b tx timeout
[   97.911415] Bluetooth: hci1: command 0x041b tx timeout
[   97.975724] Bluetooth: hci7: command 0x041b tx timeout
[   98.037796] Bluetooth: hci5: command 0x041b tx timeout
[   98.038793] Bluetooth: hci3: command 0x041b tx timeout
[   98.041350] Bluetooth: hci6: command 0x041b tx timeout
[   98.101784] Bluetooth: hci2: command 0x041b tx timeout
[   98.103080] Bluetooth: hci4: command 0x041b tx timeout
[   99.957696] Bluetooth: hci1: command 0x040f tx timeout
[   99.958580] Bluetooth: hci0: command 0x040f tx timeout
[  100.021997] Bluetooth: hci7: command 0x040f tx timeout
[  100.085862] Bluetooth: hci6: command 0x040f tx timeout
[  100.087319] Bluetooth: hci3: command 0x040f tx timeout
[  100.090930] Bluetooth: hci5: command 0x040f tx timeout
[  100.149688] Bluetooth: hci4: command 0x040f tx timeout
[  100.150549] Bluetooth: hci2: command 0x040f tx timeout
[  102.005689] Bluetooth: hci0: command 0x0419 tx timeout
[  102.006493] Bluetooth: hci1: command 0x0419 tx timeout
[  102.070842] Bluetooth: hci7: command 0x0419 tx timeout
[  102.133785] Bluetooth: hci5: command 0x0419 tx timeout
[  102.135859] Bluetooth: hci3: command 0x0419 tx timeout
[  102.136586] Bluetooth: hci6: command 0x0419 tx timeout
[  102.197690] Bluetooth: hci2: command 0x0419 tx timeout
[  102.198398] Bluetooth: hci4: command 0x0419 tx timeout
[  150.694492] audit: type=1400 audit(1663013563.695:7): avc:  denied  { open } for  pid=3596 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  150.696078] audit: type=1400 audit(1663013563.695:8): avc:  denied  { kernel } for  pid=3596 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
20:12:43 executing program 6:
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x18)

20:12:43 executing program 6:
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x18)

20:12:44 executing program 6:
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x18)

20:12:44 executing program 6:
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x18)

20:12:44 executing program 6:
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xb220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
fallocate(r0, 0x0, 0x0, 0x87ffffc)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_WAITACTIVE(r1, 0x5607)

[  151.388089] ------------[ cut here ]------------
[  151.388113] 
[  151.388116] ======================================================
[  151.388120] WARNING: possible circular locking dependency detected
[  151.388124] 6.0.0-rc5-next-20220912 #1 Not tainted
[  151.388131] ------------------------------------------------------
[  151.388134] syz-executor.6/3643 is trying to acquire lock:
[  151.388140] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  151.388177] 
[  151.388177] but task is already holding lock:
[  151.388180] ffff88800f125020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  151.388208] 
[  151.388208] which lock already depends on the new lock.
[  151.388208] 
[  151.388211] 
[  151.388211] the existing dependency chain (in reverse order) is:
[  151.388214] 
[  151.388214] -> #3 (&ctx->lock){....}-{2:2}:
[  151.388228]        _raw_spin_lock+0x2a/0x40
[  151.388245]        __perf_event_task_sched_out+0x53b/0x18d0
[  151.388260]        __schedule+0xedd/0x2470
[  151.388269]        schedule+0xda/0x1b0
[  151.388278]        exit_to_user_mode_prepare+0x114/0x1a0
[  151.388298]        syscall_exit_to_user_mode+0x19/0x40
[  151.388316]        do_syscall_64+0x48/0x90
[  151.388329]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.388346] 
[  151.388346] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  151.388360]        _raw_spin_lock_nested+0x30/0x40
[  151.388375]        raw_spin_rq_lock_nested+0x1e/0x30
[  151.388388]        task_fork_fair+0x63/0x4d0
[  151.388405]        sched_cgroup_fork+0x3d0/0x540
[  151.388419]        copy_process+0x3f9e/0x6df0
[  151.388429]        kernel_clone+0xe7/0x890
[  151.388439]        user_mode_thread+0xad/0xf0
[  151.388449]        rest_init+0x24/0x250
[  151.388465]        arch_call_rest_init+0xf/0x14
[  151.388484]        start_kernel+0x4c1/0x4e6
[  151.388501]        secondary_startup_64_no_verify+0xe0/0xeb
[  151.388515] 
[  151.388515] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  151.388529]        _raw_spin_lock_irqsave+0x39/0x60
[  151.388543]        try_to_wake_up+0xab/0x1920
[  151.388557]        up+0x75/0xb0
[  151.388568]        __up_console_sem+0x6e/0x80
[  151.388585]        console_unlock+0x46a/0x590
[  151.388601]        do_con_write+0xc05/0x1d50
[  151.388612]        con_write+0x21/0x40
[  151.388621]        n_tty_write+0x4d4/0xfe0
[  151.388634]        file_tty_write.constprop.0+0x49c/0x8f0
[  151.388646]        vfs_write+0x9c3/0xd90
[  151.388664]        ksys_write+0x127/0x250
[  151.388681]        do_syscall_64+0x3b/0x90
[  151.388694]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.388710] 
[  151.388710] -> #0 ((console_sem).lock){....}-{2:2}:
[  151.388724]        __lock_acquire+0x2a02/0x5e70
[  151.388741]        lock_acquire+0x1a2/0x530
[  151.388757]        _raw_spin_lock_irqsave+0x39/0x60
[  151.388772]        down_trylock+0xe/0x70
[  151.388784]        __down_trylock_console_sem+0x3b/0xd0
[  151.388800]        vprintk_emit+0x16b/0x560
[  151.388817]        vprintk+0x84/0xa0
[  151.388833]        _printk+0xba/0xf1
[  151.388851]        report_bug.cold+0x72/0xab
[  151.388863]        handle_bug+0x3c/0x70
[  151.388875]        exc_invalid_op+0x14/0x50
[  151.388888]        asm_exc_invalid_op+0x16/0x20
[  151.388904]        group_sched_out.part.0+0x2c7/0x460
[  151.388915]        ctx_sched_out+0x8f1/0xc10
[  151.388924]        __perf_event_task_sched_out+0x6d0/0x18d0
[  151.388936]        __schedule+0xedd/0x2470
[  151.388946]        schedule+0xda/0x1b0
[  151.388954]        exit_to_user_mode_prepare+0x114/0x1a0
[  151.388974]        syscall_exit_to_user_mode+0x19/0x40
[  151.388991]        do_syscall_64+0x48/0x90
[  151.389003]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.389023] 
[  151.389023] other info that might help us debug this:
[  151.389023] 
[  151.389025] Chain exists of:
[  151.389025]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  151.389025] 
[  151.389042]  Possible unsafe locking scenario:
[  151.389042] 
[  151.389045]        CPU0                    CPU1
[  151.389047]        ----                    ----
[  151.389049]   lock(&ctx->lock);
[  151.389055]                                lock(&rq->__lock);
[  151.389061]                                lock(&ctx->lock);
[  151.389067]   lock((console_sem).lock);
[  151.389073] 
[  151.389073]  *** DEADLOCK ***
[  151.389073] 
[  151.389075] 2 locks held by syz-executor.6/3643:
[  151.389082]  #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  151.389107]  #1: ffff88800f125020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  151.389135] 
[  151.389135] stack backtrace:
[  151.389138] CPU: 1 PID: 3643 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220912 #1
[  151.389150] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  151.389158] Call Trace:
[  151.389161]  <TASK>
[  151.389166]  dump_stack_lvl+0x8b/0xb3
[  151.389180]  check_noncircular+0x263/0x2e0
[  151.389197]  ? format_decode+0x26c/0xb50
[  151.389212]  ? print_circular_bug+0x450/0x450
[  151.389229]  ? enable_ptr_key_workfn+0x20/0x20
[  151.389243]  ? __lockdep_reset_lock+0x180/0x180
[  151.389260]  ? format_decode+0x26c/0xb50
[  151.389275]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  151.389293]  __lock_acquire+0x2a02/0x5e70
[  151.389315]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  151.389338]  lock_acquire+0x1a2/0x530
[  151.389355]  ? down_trylock+0xe/0x70
[  151.389370]  ? rcu_read_unlock+0x40/0x40
[  151.389387]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  151.389409]  ? vprintk+0x84/0xa0
[  151.389427]  _raw_spin_lock_irqsave+0x39/0x60
[  151.389443]  ? down_trylock+0xe/0x70
[  151.389456]  down_trylock+0xe/0x70
[  151.389470]  ? vprintk+0x84/0xa0
[  151.389487]  __down_trylock_console_sem+0x3b/0xd0
[  151.389505]  vprintk_emit+0x16b/0x560
[  151.389522]  ? lock_downgrade+0x6d0/0x6d0
[  151.389541]  vprintk+0x84/0xa0
[  151.389559]  _printk+0xba/0xf1
[  151.389577]  ? record_print_text.cold+0x16/0x16
[  151.389597]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  151.389610]  ? lock_downgrade+0x6d0/0x6d0
[  151.389628]  ? report_bug.cold+0x66/0xab
[  151.389642]  ? group_sched_out.part.0+0x2c7/0x460
[  151.389654]  report_bug.cold+0x72/0xab
[  151.389668]  handle_bug+0x3c/0x70
[  151.389682]  exc_invalid_op+0x14/0x50
[  151.389696]  asm_exc_invalid_op+0x16/0x20
[  151.389713] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  151.389727] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  151.389738] RSP: 0018:ffff888043d47c48 EFLAGS: 00010006
[  151.389747] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  151.389755] RDX: ffff8880185f5040 RSI: ffffffff81566027 RDI: 0000000000000005
[  151.389762] RBP: ffff888018b30b90 R08: 0000000000000005 R09: 0000000000000001
[  151.389770] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800f125000
[  151.389777] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002
[  151.389788]  ? group_sched_out.part.0+0x2c7/0x460
[  151.389801]  ? group_sched_out.part.0+0x2c7/0x460
[  151.389814]  ctx_sched_out+0x8f1/0xc10
[  151.389826]  __perf_event_task_sched_out+0x6d0/0x18d0
[  151.389842]  ? lock_is_held_type+0xd7/0x130
[  151.389860]  ? __perf_cgroup_move+0x160/0x160
[  151.389872]  ? set_next_entity+0x304/0x550
[  151.389890]  ? update_curr+0x267/0x740
[  151.389909]  ? lock_is_held_type+0xd7/0x130
[  151.389927]  __schedule+0xedd/0x2470
[  151.389940]  ? io_schedule_timeout+0x150/0x150
[  151.389952]  ? __x64_sys_futex_time32+0x480/0x480
[  151.389966]  schedule+0xda/0x1b0
[  151.389977]  exit_to_user_mode_prepare+0x114/0x1a0
[  151.389998]  syscall_exit_to_user_mode+0x19/0x40
[  151.390016]  do_syscall_64+0x48/0x90
[  151.390030]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.390047] RIP: 0033:0x7f8068bfcb19
[  151.390056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  151.390066] RSP: 002b:00007f8066172218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  151.390077] RAX: 0000000000000001 RBX: 00007f8068d0ff68 RCX: 00007f8068bfcb19
[  151.390085] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8068d0ff6c
[  151.390092] RBP: 00007f8068d0ff60 R08: 000000000000000e R09: 0000000000000000
[  151.390099] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8068d0ff6c
[  151.390107] R13: 00007ffc8c1328af R14: 00007f8066172300 R15: 0000000000022000
[  151.390120]  </TASK>
[  151.446283] WARNING: CPU: 1 PID: 3643 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  151.446964] Modules linked in:
[  151.447210] CPU: 1 PID: 3643 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220912 #1
[  151.447815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  151.448640] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  151.449045] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  151.450361] RSP: 0018:ffff888043d47c48 EFLAGS: 00010006
[  151.450748] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  151.451279] RDX: ffff8880185f5040 RSI: ffffffff81566027 RDI: 0000000000000005
[  151.451806] RBP: ffff888018b30b90 R08: 0000000000000005 R09: 0000000000000001
[  151.452330] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800f125000
[  151.452853] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002
[  151.453383] FS:  00007f8066172700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  151.453967] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  151.454389] CR2: 00007ff4b9d28368 CR3: 00000000092f2000 CR4: 0000000000350ee0
[  151.454907] Call Trace:
[  151.455099]  <TASK>
[  151.455270]  ctx_sched_out+0x8f1/0xc10
[  151.455569]  __perf_event_task_sched_out+0x6d0/0x18d0
[  151.455975]  ? lock_is_held_type+0xd7/0x130
[  151.456312]  ? __perf_cgroup_move+0x160/0x160
[  151.456646]  ? set_next_entity+0x304/0x550
[  151.456968]  ? update_curr+0x267/0x740
[  151.457264]  ? lock_is_held_type+0xd7/0x130
[  151.457589]  __schedule+0xedd/0x2470
[  151.457867]  ? io_schedule_timeout+0x150/0x150
[  151.458211]  ? __x64_sys_futex_time32+0x480/0x480
[  151.458572]  schedule+0xda/0x1b0
[  151.458811]  exit_to_user_mode_prepare+0x114/0x1a0
[  151.459151]  syscall_exit_to_user_mode+0x19/0x40
[  151.459482]  do_syscall_64+0x48/0x90
[  151.459738]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  151.460096] RIP: 0033:0x7f8068bfcb19
[  151.460347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  151.461529] RSP: 002b:00007f8066172218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  151.462028] RAX: 0000000000000001 RBX: 00007f8068d0ff68 RCX: 00007f8068bfcb19
[  151.462497] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8068d0ff6c
[  151.462967] RBP: 00007f8068d0ff60 R08: 000000000000000e R09: 0000000000000000
[  151.463436] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f8068d0ff6c
[  151.463914] R13: 00007ffc8c1328af R14: 00007f8066172300 R15: 0000000000022000
[  151.464385]  </TASK>
[  151.464545] irq event stamp: 1658
[  151.464774] hardirqs last  enabled at (1657): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  151.465398] hardirqs last disabled at (1658): [<ffffffff84247a45>] __schedule+0x1225/0x2470
[  151.465941] softirqs last  enabled at (1628): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  151.466503] softirqs last disabled at (1619): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  151.467067] ---[ end trace 0000000000000000 ]---
20:12:44 executing program 6:
ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff6000/0x2000)=nil, 0x0, 0x0)
remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0)

[  151.548728] mmap: syz-executor.6 (3648) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
20:12:44 executing program 6:
ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff6000/0x2000)=nil, 0x0, 0x0)
remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0)

20:12:44 executing program 6:
ioctl$SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff6000/0x2000)=nil, 0x0, 0x0)
remap_file_pages(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0)

[  157.237785] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  157.301637] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  157.365660] Bluetooth: hci5: Opcode 0x c03 failed: -110
[  157.366668] Bluetooth: hci7: Opcode 0x c03 failed: -110
[  157.367495] Bluetooth: hci4: Opcode 0x c03 failed: -110
[  157.367748] Bluetooth: hci3: Opcode 0x c03 failed: -110
[  157.369400] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  159.841394] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  159.843230] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  159.844568] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  159.846868] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  159.848433] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  159.850823] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  159.855568] Bluetooth: hci5: HCI_REQ-0x0c1a

VM DIAGNOSIS:
20:12:44  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff8425f1a7 RDX=ffffed100d9e6f99
RSI=0000000000000004 RDI=ffff88806cf37cc0 RBP=ffff88806cf37cc0 RSP=ffff888017537498
R8 =0000000000000000 R9 =ffff88806cf37cc3 R10=ffffed100d9e6f98 R11=0000000000000001
R12=0000000000000003 R13=ffffed100d9e6f98 R14=0000000000000001 R15=1ffff11002ea6e94
RIP=ffffffff8425f224 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4fb0031260 CR3=000000000ec64000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 2e6f747079726362 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 00312e312e6f732e 6f74707972636269
YMM03=0000000000000000 0000000000000000 6c2f756e672d7875 6e696c2d34365f36
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=000000000000006b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888043d47698
R8 =0000000000000001 R9 =000000000000000a R10=000000000000006b R11=0000000000000001
R12=000000000000006b R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30
RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f8066172700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff4b9d28368 CR3=00000000092f2000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f8068ce37c0 00007f8068ce37c8
YMM02=0000000000000000 0000000000000000 00007f8068ce37e0 00007f8068ce37c0
YMM03=0000000000000000 0000000000000000 00007f8068ce37c8 00007f8068ce37c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000