Warning: Permanently added '[localhost]:27454' (ECDSA) to the list of known hosts.
2022/09/29 03:13:28 fuzzer started
2022/09/29 03:13:29 dialing manager at localhost:45751
syzkaller login: [   40.931206] cgroup: Unknown subsys name 'net'
[   41.066190] cgroup: Unknown subsys name 'rlimit'
2022/09/29 03:13:43 syscalls: 2215
2022/09/29 03:13:43 code coverage: enabled
2022/09/29 03:13:43 comparison tracing: enabled
2022/09/29 03:13:43 extra coverage: enabled
2022/09/29 03:13:43 setuid sandbox: enabled
2022/09/29 03:13:43 namespace sandbox: enabled
2022/09/29 03:13:43 Android sandbox: enabled
2022/09/29 03:13:43 fault injection: enabled
2022/09/29 03:13:43 leak checking: enabled
2022/09/29 03:13:43 net packet injection: enabled
2022/09/29 03:13:43 net device setup: enabled
2022/09/29 03:13:43 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/29 03:13:43 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/29 03:13:43 USB emulation: enabled
2022/09/29 03:13:43 hci packet injection: enabled
2022/09/29 03:13:43 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220928                                          )
2022/09/29 03:13:43 802.15.4 emulation: enabled
2022/09/29 03:13:43 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/29 03:13:43 fetching corpus: 45, signal 26515/29849 (executing program)
2022/09/29 03:13:43 fetching corpus: 95, signal 38574/43151 (executing program)
2022/09/29 03:13:43 fetching corpus: 144, signal 47850/53570 (executing program)
2022/09/29 03:13:44 fetching corpus: 194, signal 56143/62813 (executing program)
2022/09/29 03:13:44 fetching corpus: 244, signal 61706/69341 (executing program)
2022/09/29 03:13:44 fetching corpus: 294, signal 64470/73109 (executing program)
2022/09/29 03:13:44 fetching corpus: 344, signal 67133/76762 (executing program)
2022/09/29 03:13:44 fetching corpus: 394, signal 70956/81399 (executing program)
2022/09/29 03:13:44 fetching corpus: 443, signal 73649/84888 (executing program)
2022/09/29 03:13:44 fetching corpus: 491, signal 77623/89475 (executing program)
2022/09/29 03:13:44 fetching corpus: 541, signal 81121/93608 (executing program)
2022/09/29 03:13:44 fetching corpus: 590, signal 83850/96959 (executing program)
2022/09/29 03:13:45 fetching corpus: 640, signal 85828/99612 (executing program)
2022/09/29 03:13:45 fetching corpus: 690, signal 88340/102632 (executing program)
2022/09/29 03:13:45 fetching corpus: 738, signal 91177/105874 (executing program)
2022/09/29 03:13:45 fetching corpus: 787, signal 93174/108373 (executing program)
2022/09/29 03:13:45 fetching corpus: 837, signal 94769/110601 (executing program)
2022/09/29 03:13:45 fetching corpus: 887, signal 97299/113456 (executing program)
2022/09/29 03:13:45 fetching corpus: 936, signal 99307/115847 (executing program)
2022/09/29 03:13:45 fetching corpus: 985, signal 101522/118374 (executing program)
2022/09/29 03:13:45 fetching corpus: 1035, signal 102815/120104 (executing program)
2022/09/29 03:13:46 fetching corpus: 1085, signal 104883/122346 (executing program)
2022/09/29 03:13:46 fetching corpus: 1134, signal 106059/123947 (executing program)
2022/09/29 03:13:46 fetching corpus: 1184, signal 107101/125442 (executing program)
2022/09/29 03:13:46 fetching corpus: 1234, signal 108847/127359 (executing program)
2022/09/29 03:13:46 fetching corpus: 1284, signal 111859/130127 (executing program)
2022/09/29 03:13:46 fetching corpus: 1334, signal 113322/131729 (executing program)
2022/09/29 03:13:46 fetching corpus: 1384, signal 114124/132917 (executing program)
2022/09/29 03:13:46 fetching corpus: 1434, signal 115917/134708 (executing program)
2022/09/29 03:13:47 fetching corpus: 1483, signal 117730/136483 (executing program)
2022/09/29 03:13:47 fetching corpus: 1533, signal 119242/138043 (executing program)
2022/09/29 03:13:47 fetching corpus: 1582, signal 120878/139639 (executing program)
2022/09/29 03:13:47 fetching corpus: 1632, signal 122611/141298 (executing program)
2022/09/29 03:13:47 fetching corpus: 1682, signal 123756/142546 (executing program)
2022/09/29 03:13:47 fetching corpus: 1732, signal 125981/144342 (executing program)
2022/09/29 03:13:47 fetching corpus: 1782, signal 127202/145513 (executing program)
2022/09/29 03:13:47 fetching corpus: 1831, signal 128076/146514 (executing program)
2022/09/29 03:13:47 fetching corpus: 1880, signal 129074/147539 (executing program)
2022/09/29 03:13:48 fetching corpus: 1929, signal 131419/149384 (executing program)
2022/09/29 03:13:48 fetching corpus: 1979, signal 132718/150533 (executing program)
2022/09/29 03:13:48 fetching corpus: 2028, signal 135101/152162 (executing program)
2022/09/29 03:13:48 fetching corpus: 2077, signal 136187/153138 (executing program)
2022/09/29 03:13:48 fetching corpus: 2127, signal 137312/154102 (executing program)
2022/09/29 03:13:48 fetching corpus: 2177, signal 138719/155116 (executing program)
2022/09/29 03:13:48 fetching corpus: 2227, signal 139568/155854 (executing program)
2022/09/29 03:13:48 fetching corpus: 2277, signal 141170/156985 (executing program)
2022/09/29 03:13:48 fetching corpus: 2327, signal 141945/157659 (executing program)
2022/09/29 03:13:49 fetching corpus: 2377, signal 143049/158451 (executing program)
2022/09/29 03:13:49 fetching corpus: 2427, signal 144197/159225 (executing program)
2022/09/29 03:13:49 fetching corpus: 2477, signal 144886/159816 (executing program)
2022/09/29 03:13:49 fetching corpus: 2527, signal 146138/160607 (executing program)
2022/09/29 03:13:49 fetching corpus: 2577, signal 147023/161219 (executing program)
2022/09/29 03:13:49 fetching corpus: 2627, signal 147780/161825 (executing program)
2022/09/29 03:13:49 fetching corpus: 2677, signal 148924/162515 (executing program)
2022/09/29 03:13:49 fetching corpus: 2727, signal 149951/163105 (executing program)
2022/09/29 03:13:50 fetching corpus: 2777, signal 150903/163679 (executing program)
2022/09/29 03:13:50 fetching corpus: 2826, signal 152156/164301 (executing program)
2022/09/29 03:13:50 fetching corpus: 2876, signal 152967/164801 (executing program)
2022/09/29 03:13:50 fetching corpus: 2926, signal 153566/165210 (executing program)
2022/09/29 03:13:50 fetching corpus: 2976, signal 154926/165794 (executing program)
2022/09/29 03:13:50 fetching corpus: 3026, signal 155433/166136 (executing program)
2022/09/29 03:13:50 fetching corpus: 3076, signal 156345/166564 (executing program)
2022/09/29 03:13:50 fetching corpus: 3126, signal 156953/166875 (executing program)
2022/09/29 03:13:51 fetching corpus: 3176, signal 157950/167228 (executing program)
2022/09/29 03:13:51 fetching corpus: 3226, signal 158467/167489 (executing program)
2022/09/29 03:13:51 fetching corpus: 3276, signal 158999/167796 (executing program)
2022/09/29 03:13:51 fetching corpus: 3326, signal 159945/168106 (executing program)
2022/09/29 03:13:51 fetching corpus: 3376, signal 160627/168371 (executing program)
2022/09/29 03:13:51 fetching corpus: 3426, signal 161656/168647 (executing program)
2022/09/29 03:13:51 fetching corpus: 3476, signal 162095/168806 (executing program)
2022/09/29 03:13:51 fetching corpus: 3526, signal 162956/169009 (executing program)
2022/09/29 03:13:51 fetching corpus: 3576, signal 163619/169182 (executing program)
2022/09/29 03:13:51 fetching corpus: 3605, signal 164253/169366 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169439 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169508 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169574 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169654 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169723 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169788 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169861 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169911 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/169974 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/170035 (executing program)
2022/09/29 03:13:52 fetching corpus: 3605, signal 164253/170035 (executing program)
2022/09/29 03:13:54 starting 8 fuzzer processes
03:13:54 executing program 0:
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

03:13:54 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x2)
r1 = getpid()
r2 = pidfd_open(r1, 0x0)
pidfd_getfd(r2, r2, 0x0)

[   66.366257] audit: type=1400 audit(1664421234.912:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
03:13:54 executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000140)={'security\x00', 0x4, "fa82c8f7"}, &(0x7f0000000280)=0x28)

03:13:54 executing program 4:
close(0xffffffffffffffff)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f0000000080), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

03:13:54 executing program 3:
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)

03:13:54 executing program 5:
epoll_create1(0x0)

03:13:54 executing program 6:
io_uring_setup(0x4bfa, &(0x7f0000000600))
syz_genetlink_get_family_id$tipc(&(0x7f0000000780), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)

03:13:54 executing program 7:
add_key$fscrypt_v1(&(0x7f00000002c0), 0xfffffffffffffffe, 0x0, 0x0, 0x0)

[   67.704082] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.705781] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.709250] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.714441] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.717115] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   67.718941] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   67.729883] Bluetooth: hci0: HCI_REQ-0x0c1a
[   67.755596] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   67.766565] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   67.775426] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   67.783693] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   67.786500] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   67.787575] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   67.790741] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   67.792500] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   67.795233] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   67.802452] Bluetooth: hci1: HCI_REQ-0x0c1a
[   67.825511] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   67.832097] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   67.833217] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   67.834451] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   67.836421] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   67.838563] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   67.839657] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   67.842921] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   67.845149] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   67.848142] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   67.852087] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   67.853852] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   67.853990] Bluetooth: hci3: HCI_REQ-0x0c1a
[   67.855462] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   67.859562] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   67.861166] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   67.861236] Bluetooth: hci6: HCI_REQ-0x0c1a
[   67.872121] Bluetooth: hci7: HCI_REQ-0x0c1a
[   67.942405] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   67.942655] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   67.947084] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   67.948288] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   67.950238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   67.951675] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   67.959335] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   67.960971] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   67.962763] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   67.966189] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   67.967429] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   67.969979] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   67.977467] Bluetooth: hci5: HCI_REQ-0x0c1a
[   67.979454] Bluetooth: hci4: HCI_REQ-0x0c1a
[   69.786902] Bluetooth: hci2: Opcode 0x c03 failed: -110
[   69.788435] Bluetooth: hci0: command 0x0409 tx timeout
[   69.850977] Bluetooth: hci1: command 0x0409 tx timeout
[   69.915125] Bluetooth: hci3: command 0x0409 tx timeout
[   69.915153] Bluetooth: hci6: command 0x0409 tx timeout
[   69.916929] Bluetooth: hci7: command 0x0409 tx timeout
[   70.043025] Bluetooth: hci4: command 0x0409 tx timeout
[   70.044233] Bluetooth: hci5: command 0x0409 tx timeout
[   71.834984] Bluetooth: hci0: command 0x041b tx timeout
[   71.898845] Bluetooth: hci1: command 0x041b tx timeout
[   71.963087] Bluetooth: hci6: command 0x041b tx timeout
[   71.963515] Bluetooth: hci7: command 0x041b tx timeout
[   71.963957] Bluetooth: hci3: command 0x041b tx timeout
[   72.090901] Bluetooth: hci5: command 0x041b tx timeout
[   72.091346] Bluetooth: hci4: command 0x041b tx timeout
[   73.503307] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   73.511016] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   73.525061] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   73.550137] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   73.551515] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   73.552449] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   73.586864] Bluetooth: hci2: HCI_REQ-0x0c1a
[   73.882850] Bluetooth: hci0: command 0x040f tx timeout
[   73.946836] Bluetooth: hci1: command 0x040f tx timeout
[   74.011012] Bluetooth: hci3: command 0x040f tx timeout
[   74.011429] Bluetooth: hci7: command 0x040f tx timeout
[   74.011872] Bluetooth: hci6: command 0x040f tx timeout
[   74.138852] Bluetooth: hci4: command 0x040f tx timeout
[   74.139274] Bluetooth: hci5: command 0x040f tx timeout
[   75.611533] Bluetooth: hci2: command 0x0409 tx timeout
[   75.930840] Bluetooth: hci0: command 0x0419 tx timeout
[   75.994891] Bluetooth: hci1: command 0x0419 tx timeout
[   76.058861] Bluetooth: hci6: command 0x0419 tx timeout
[   76.059267] Bluetooth: hci7: command 0x0419 tx timeout
[   76.059662] Bluetooth: hci3: command 0x0419 tx timeout
[   76.186905] Bluetooth: hci5: command 0x0419 tx timeout
[   76.187324] Bluetooth: hci4: command 0x0419 tx timeout
[   77.658846] Bluetooth: hci2: command 0x041b tx timeout
[   79.706897] Bluetooth: hci2: command 0x040f tx timeout
[   81.754894] Bluetooth: hci2: command 0x0419 tx timeout
[  121.672531] process 'syz-executor.4' launched './file1' with NULL argv: empty string added
03:14:50 executing program 4:
close(0xffffffffffffffff)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f0000000080), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

03:14:50 executing program 4:
close(0xffffffffffffffff)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f0000000080), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

03:14:50 executing program 4:
close(0xffffffffffffffff)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f0000000080), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

03:14:51 executing program 4:
close(0xffffffffffffffff)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f0000000080), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

03:14:51 executing program 4:
close(0xffffffffffffffff)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f0000000080), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

03:14:51 executing program 4:
close(0xffffffffffffffff)
clone3(&(0x7f0000000640)={0x123363500, &(0x7f0000000080), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0, 0x0, 0x0)

03:14:51 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, 0x5, 0x1, 0x801}, 0x14}}, 0x0)

03:14:51 executing program 4:
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_SETSEL(r0, 0x4b4c, &(0x7f00000001c0))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000002, 0x13, r2, 0x0)
fadvise64(r2, 0x0, 0x0, 0x4)
fallocate(r2, 0x0, 0x0, 0x2000008800000)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000a80)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x4b4c, &(0x7f00000001c0))
open(&(0x7f0000000040)='./file0\x00', 0x8500, 0x122)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000c00)}, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000140)="02b2dccad213e1e6cf54b7a797f8f22a47f25b7658fb110b2e76f95b0f318b8fa745e6ffba4414d29a42bfab524bc5bffb17decc4540a6f00b9772f5f9789a9525790df8d989b23530d0a1398f2ad734c7ff47961be476ffeec81efa3d3aa64b8ea329261dfc2e1047a68670f0e5950d6a5414956bddd09e101b5b66e5742fe843413e065e3b86a242b37bc58c68153a45015f6f1ea67762c302e461e0c84bbb7f8d464f5a72d9fad56dac0c5028a4012a93dbc7da640786e3c9898cdd8fe091b166bfcd66e6257abc923ceaf90e994deded3fe8a59c2105f5caf366d32170ef51299dbf441bc3cddda352a2e07375fb44e75fed8082f3e960015d9bcddb0c834feda68d113a9a9fc0d1c30153685caf43b176219b666d74e67b6192cfd8a561c6c4aadcc80ed8c469bc41b028f1db515d699e45ad3379f9b1edb8de4bb2f8615d6716297baac7e45073fcecf31e51ec78c40edd78f245bced04414f849fb961fbbe79ff2ed7c48ec1b5331f9755d7094986fc8da198ce4a12f9ddfb43e565bc4fed618da9a693d03c3e7ec4b3014dfc022103e277c1b12efb03ef8b197f3a931f6cbe238cf8a4e7639b409b4586f66da41b94eed69d52ba9fde5aa1ee774d4e626932dc3511b10ae3bc3e8688a7a83b0467dfbf92951747396735c9f47ad4552e7bdf4f8e7998a1266a360beb2ec1527390452139f9ab91ee250efcf3413e72a6b2688d8b6a4748ccc165bbf886573ccdd03bd93f32a866cd878ec246e06f31d4d7f7ec9836b7305ee0c1b9fa75cd6e4ca5cc2f107b654f15a2442cd9c8eaf581d093639fe35e0da49394c5ed66ad29bc2b863649e16c1951d0d3dd6f1048539e558ee1f059d91510a5acd84777ca01545635d2fb40e2f205bb11435023e47e4e2f85b6d1b56b688dd1a4304708a561d32dbaa6cd4f969e67af33773d4e9772751019dc6c2af7e2fe9d3c7eb6f1b401926603d90802f792b081957dd5ebd18410cd42b2ea05ae9a61254e4b878384b8a376fe9eba06afc1253f2224fab88feb7c426e3dfb19385afbb42cc13209b419568eeafdf505dc5ca30acc17d337e941e0badf9f9413f381fe9a315e2597426805827943f193f02a12554d434bd91708a28d9da1bf64ad64f80a7287d1e02d5d1f14bf9d89ba3badfa524694db6a651e97ea64104ad34942f36745259f4ec32fdce0bd13e693ccbe0e012e61a1fae9fc1662b99871e3812cea14d12646ccc08b0514762a475ecdbf9071377bb1ecd891c6fe32fde1d3044caf466b3a342b7541e8ed7432e94baf1d5546aff0e23f6a03c9ea5635519533e712639c27958e3a0f3684ed91cfb2e6e4e63fecc01e7053afc00c6631b0cc91b948e3a02dd2adf51b0a0c5be44bb950c0933e219131ec40d3a50403a7454dd6ecffa404d62647b4920c8025e5ffad47335dea4046416c9cd38614b276f599ed3ff7e3a5119dcaa48e5c74a9b63de6cd925f593c20d672e6a5d1385faf54a39ed4e751dcd6ebf3141b70814d3036d7ace6cb2ed46601a6355bd8fe634d17215b6118315d32c39dbdd9aedd0b9e0af664376801643866ddc16ae1446d497d2ddb988074bd27e8f837b7cd513cf8ca19494eb478d71707b5fd9462fc010f60ff8e2ca0522b31f17e5b2536922e437947231aeff47245031f21f6117b501415485853b0e90b9d578f69262e4f21a017bdae85b8e6410b38dee2d964c466deeaa8c7f68a92183437e871a706f5de617293bf96745a27f151b72b444a8fc32c99b722dd92386e6899d64e14015fabd1f7dcec3e9c331b4124bdba2aa3255c9210f68f46d19968f637f56e2f3a89eeba79ed2c9ec18c617bfd6f4eb55c9f2794bbeb812fb8ada5c3a45a2b891ccfd719b50465c3140975d68e7bde915edebf48496f31a79bf8f0066fb5bf8ceac2fb5853f37eff6ce4483169adde9d938e7c9fb2fe7763d29a5f89d0a845c7ec5a875fdd6e58eeeeceb70800ff01d9446bf3fc5d787e42582600a9f734131ca822998bca9bac897ee6e6079c569df20f9ba37817c289168234191294c74ffdd6cf8f37a7e2066755df4bad98408b7f89e7e8928398ea999a890d88d7f86ae8eddbefae3db8675868c20eca21107a37a639f3c03576df6edcdf955b1cc6f81431bfc2ad7849d47823422951a803d917ff5895fc662bc4fea2385bb1d05fcdf0af91b72b44f6db7586bd5986668aa42e3ba1bb9e870aa6758162ba3428f38b59c1b883724d0bac146dd93ed6b0e52ed08d1f771c668cf0646818df9b1e420eea1184c4bef691a38e91db3e31730c8946a19c39f1f2413375e212f5e6fb0d3c3a123c44b9868090d6bd0eba36fcb74e16ff4c09db027b423f3fcaa4a3fb151b725b919b2ad3095e4a702c8c014f2d90eb1a0c70b0ad25fdc4badc19aaa45a2f4ccf1b39ad6f7cf9f217e76d7fef5531304243180d64837b87db130634a5cff858d1c5dfb3accce69e1271a0143ed58dcde4efeb4fadcbe408ab94f300487c35b0cad47c6c075891cf624f25997b3dbc0a9082d4d8f5d19c85612fdf80e01129086720f8acba14b07ce5e343938fb23831b5156fa2d30ced65089ef2916fd832ab241a032d3246a01ad0a9530beb5437d5e885e51d296fe93f4ddc42d7adfefa303039f16ef853ca8d98835a0459d96db1106e16d4b485d77427fad17626e23cc3cf8f56b2de1edff402448ef35649c299da3ad0ffa507af498363d25f9027406ae6d765bfe0673f5749b4a1321ed9a779501bdae59904b1fa426033fcb70fb97aad1665c4a42b246aa8030d835782f7c3da4cbaebabe6e0cb8c77703e28351c1e8bcaa3f67bbd716955931b0733a7a83cc4c4c13d2b2a0e3fc5121a984851f136ef7e7ab5eb5a5563ef919b9056e66e454b6e4d932e916f14037c62b960ca3b93d91fb97cbafc39f264addc77c16c91b2ef4fb37b44a5ad4a05f26c1b8cf99a260da4c4ac5a3b655627166913a1e910d8e418da38a412b47dfa650470d2e4696995ab335d66fee70c81772deadb8716f988c5355799bd526cc5f4342a6326c91c42c7995bcb90fb5e3281813801cb1178648b2eddbd84946156bd79b7e6e1a384515dac1d0b521c1d23c2398244bff8ce8a5df3cc4bd1cca76f2950c0752cc4b8fd14d9d0763c9242d58192a70940555a16e7075705d7a0077c9ee9099093bd0aff1e06416c3cbc9eda47ad6df5764c1c6a94a6a571befcb034f936161d4e1904ce5fee944689747e6c51136ac5d93c0c425f2f27dbe91e103f08", 0x90a}], 0x1)

[  123.474684] audit: type=1400 audit(1664421292.020:7): avc:  denied  { open } for  pid=3735 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.478110] audit: type=1400 audit(1664421292.020:8): avc:  denied  { kernel } for  pid=3735 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  123.504995] ------------[ cut here ]------------
[  123.505018] 
[  123.505022] ======================================================
[  123.505026] WARNING: possible circular locking dependency detected
[  123.505030] 6.0.0-rc7-next-20220928 #1 Not tainted
[  123.505037] ------------------------------------------------------
[  123.505041] syz-executor.4/3736 is trying to acquire lock:
[  123.505048] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  123.505094] 
[  123.505094] but task is already holding lock:
[  123.505097] ffff88800e318020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  123.505127] 
[  123.505127] which lock already depends on the new lock.
[  123.505127] 
[  123.505131] 
[  123.505131] the existing dependency chain (in reverse order) is:
[  123.505134] 
[  123.505134] -> #3 (&ctx->lock){....}-{2:2}:
[  123.505149]        _raw_spin_lock+0x2a/0x40
[  123.505162]        __perf_event_task_sched_out+0x53b/0x18d0
[  123.505176]        __schedule+0xedd/0x2470
[  123.505194]        schedule+0xda/0x1b0
[  123.505211]        exit_to_user_mode_prepare+0x114/0x1a0
[  123.505224]        syscall_exit_to_user_mode+0x19/0x40
[  123.505239]        do_syscall_64+0x48/0x90
[  123.505251]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.505266] 
[  123.505266] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  123.505281]        _raw_spin_lock_nested+0x30/0x40
[  123.505294]        raw_spin_rq_lock_nested+0x1e/0x30
[  123.505308]        task_fork_fair+0x63/0x4d0
[  123.505327]        sched_cgroup_fork+0x3d0/0x540
[  123.505343]        copy_process+0x4183/0x6e20
[  123.505354]        kernel_clone+0xe7/0x890
[  123.505364]        user_mode_thread+0xad/0xf0
[  123.505375]        rest_init+0x24/0x250
[  123.505389]        arch_call_rest_init+0xf/0x14
[  123.505410]        start_kernel+0x4c6/0x4eb
[  123.505428]        secondary_startup_64_no_verify+0xe0/0xeb
[  123.505443] 
[  123.505443] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  123.505457]        _raw_spin_lock_irqsave+0x39/0x60
[  123.505470]        try_to_wake_up+0xab/0x1930
[  123.505485]        up+0x75/0xb0
[  123.505503]        __up_console_sem+0x6e/0x80
[  123.505520]        console_unlock+0x46a/0x590
[  123.505538]        vt_ioctl+0x2822/0x2ca0
[  123.505553]        tty_ioctl+0x785/0x16b0
[  123.505566]        __x64_sys_ioctl+0x19a/0x210
[  123.505584]        do_syscall_64+0x3b/0x90
[  123.505594]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.505610] 
[  123.505610] -> #0 ((console_sem).lock){....}-{2:2}:
[  123.505624]        __lock_acquire+0x2a02/0x5e70
[  123.505643]        lock_acquire+0x1a2/0x530
[  123.505661]        _raw_spin_lock_irqsave+0x39/0x60
[  123.505674]        down_trylock+0xe/0x70
[  123.505692]        __down_trylock_console_sem+0x3b/0xd0
[  123.505710]        vprintk_emit+0x16b/0x560
[  123.505728]        vprintk+0x84/0xa0
[  123.505746]        _printk+0xba/0xf1
[  123.505761]        report_bug.cold+0x72/0xab
[  123.505771]        handle_bug+0x3c/0x70
[  123.505781]        exc_invalid_op+0x14/0x50
[  123.505792]        asm_exc_invalid_op+0x16/0x20
[  123.505807]        group_sched_out.part.0+0x2c7/0x460
[  123.505819]        ctx_sched_out+0x8f1/0xc10
[  123.505829]        __perf_event_task_sched_out+0x6d0/0x18d0
[  123.505843]        __schedule+0xedd/0x2470
[  123.505860]        schedule+0xda/0x1b0
[  123.505877]        exit_to_user_mode_prepare+0x114/0x1a0
[  123.505888]        syscall_exit_to_user_mode+0x19/0x40
[  123.505903]        do_syscall_64+0x48/0x90
[  123.505914]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.505929] 
[  123.505929] other info that might help us debug this:
[  123.505929] 
[  123.505932] Chain exists of:
[  123.505932]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  123.505932] 
[  123.505948]  Possible unsafe locking scenario:
[  123.505948] 
[  123.505950]        CPU0                    CPU1
[  123.505953]        ----                    ----
[  123.505955]   lock(&ctx->lock);
[  123.505961]                                lock(&rq->__lock);
[  123.505968]                                lock(&ctx->lock);
[  123.505975]   lock((console_sem).lock);
[  123.505981] 
[  123.505981]  *** DEADLOCK ***
[  123.505981] 
[  123.505983] 2 locks held by syz-executor.4/3736:
[  123.505990]  #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  123.506024]  #1: ffff88800e318020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  123.506054] 
[  123.506054] stack backtrace:
[  123.506057] CPU: 0 PID: 3736 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220928 #1
[  123.506070] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  123.506078] Call Trace:
[  123.506082]  <TASK>
[  123.506086]  dump_stack_lvl+0x8b/0xb3
[  123.506099]  check_noncircular+0x263/0x2e0
[  123.506117]  ? format_decode+0x26c/0xb50
[  123.506137]  ? print_circular_bug+0x450/0x450
[  123.506156]  ? enable_ptr_key_workfn+0x20/0x20
[  123.506175]  ? __lockdep_reset_lock+0x180/0x180
[  123.506194]  ? format_decode+0x26c/0xb50
[  123.506215]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  123.506234]  __lock_acquire+0x2a02/0x5e70
[  123.506258]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  123.506283]  lock_acquire+0x1a2/0x530
[  123.506302]  ? down_trylock+0xe/0x70
[  123.506323]  ? lock_release+0x750/0x750
[  123.506343]  ? find_held_lock+0x2c/0x110
[  123.506362]  ? vprintk+0x84/0xa0
[  123.506382]  _raw_spin_lock_irqsave+0x39/0x60
[  123.506396]  ? down_trylock+0xe/0x70
[  123.506419]  down_trylock+0xe/0x70
[  123.506438]  ? vprintk+0x84/0xa0
[  123.506457]  __down_trylock_console_sem+0x3b/0xd0
[  123.506476]  vprintk_emit+0x16b/0x560
[  123.506497]  vprintk+0x84/0xa0
[  123.506517]  _printk+0xba/0xf1
[  123.506531]  ? record_print_text.cold+0x16/0x16
[  123.506548]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  123.506563]  ? lock_downgrade+0x6d0/0x6d0
[  123.506583]  ? report_bug.cold+0x66/0xab
[  123.506595]  ? group_sched_out.part.0+0x2c7/0x460
[  123.506607]  report_bug.cold+0x72/0xab
[  123.506620]  handle_bug+0x3c/0x70
[  123.506632]  exc_invalid_op+0x14/0x50
[  123.506644]  asm_exc_invalid_op+0x16/0x20
[  123.506660] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  123.506674] Code: 5e 41 5f e9 cb a9 ef ff e8 c6 a9 ef ff 65 8b 1d db 12 ac 7e 31 ff 89 de e8 66 a6 ef ff 85 db 0f 84 8a 00 00 00 e8 a9 a9 ef ff <0f> 0b e9 a5 fe ff ff e8 9d a9 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  123.506687] RSP: 0018:ffff88803fa77c48 EFLAGS: 00010006
[  123.506696] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  123.506704] RDX: ffff88800d648000 RSI: ffffffff815662f7 RDI: 0000000000000005
[  123.506712] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  123.506720] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800e318000
[  123.506728] R13: ffff88806ce3d140 R14: ffffffff8547c860 R15: 0000000000000002
[  123.506740]  ? group_sched_out.part.0+0x2c7/0x460
[  123.506754]  ? group_sched_out.part.0+0x2c7/0x460
[  123.506768]  ctx_sched_out+0x8f1/0xc10
[  123.506782]  __perf_event_task_sched_out+0x6d0/0x18d0
[  123.506800]  ? lock_is_held_type+0xd7/0x130
[  123.506816]  ? __perf_cgroup_move+0x160/0x160
[  123.506830]  ? set_next_entity+0x304/0x550
[  123.506849]  ? update_curr+0x267/0x740
[  123.506870]  ? lock_is_held_type+0xd7/0x130
[  123.506887]  __schedule+0xedd/0x2470
[  123.506907]  ? io_schedule_timeout+0x150/0x150
[  123.506928]  ? __x64_sys_futex_time32+0x480/0x480
[  123.506943]  schedule+0xda/0x1b0
[  123.506961]  exit_to_user_mode_prepare+0x114/0x1a0
[  123.506974]  syscall_exit_to_user_mode+0x19/0x40
[  123.506991]  do_syscall_64+0x48/0x90
[  123.507003]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.507019] RIP: 0033:0x7fb3dac01b19
[  123.507027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.507039] RSP: 002b:00007fb3d8177218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.507050] RAX: 0000000000000001 RBX: 00007fb3dad14f68 RCX: 00007fb3dac01b19
[  123.507058] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb3dad14f6c
[  123.507066] RBP: 00007fb3dad14f60 R08: 000000000000000e R09: 0000000000000000
[  123.507074] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fb3dad14f6c
[  123.507081] R13: 00007fff3c19182f R14: 00007fb3d8177300 R15: 0000000000022000
[  123.507095]  </TASK>
[  123.564585] WARNING: CPU: 0 PID: 3736 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  123.565278] Modules linked in:
[  123.565531] CPU: 0 PID: 3736 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220928 #1
[  123.566151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  123.567000] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  123.567412] Code: 5e 41 5f e9 cb a9 ef ff e8 c6 a9 ef ff 65 8b 1d db 12 ac 7e 31 ff 89 de e8 66 a6 ef ff 85 db 0f 84 8a 00 00 00 e8 a9 a9 ef ff <0f> 0b e9 a5 fe ff ff e8 9d a9 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  123.568809] RSP: 0018:ffff88803fa77c48 EFLAGS: 00010006
[  123.569237] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  123.569772] RDX: ffff88800d648000 RSI: ffffffff815662f7 RDI: 0000000000000005
[  123.570319] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  123.570823] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800e318000
[  123.571355] R13: ffff88806ce3d140 R14: ffffffff8547c860 R15: 0000000000000002
[  123.571877] FS:  00007fb3d8177700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  123.572479] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.572915] CR2: 00007f35d171cc70 CR3: 000000001dba0000 CR4: 0000000000350ef0
[  123.573427] Call Trace:
[  123.573629]  <TASK>
[  123.573808]  ctx_sched_out+0x8f1/0xc10
[  123.574102]  __perf_event_task_sched_out+0x6d0/0x18d0
[  123.574487]  ? lock_is_held_type+0xd7/0x130
[  123.574808]  ? __perf_cgroup_move+0x160/0x160
[  123.575144]  ? set_next_entity+0x304/0x550
[  123.575460]  ? update_curr+0x267/0x740
[  123.575758]  ? lock_is_held_type+0xd7/0x130
[  123.576080]  __schedule+0xedd/0x2470
[  123.576362]  ? io_schedule_timeout+0x150/0x150
[  123.576703]  ? __x64_sys_futex_time32+0x480/0x480
[  123.577066]  schedule+0xda/0x1b0
[  123.577335]  exit_to_user_mode_prepare+0x114/0x1a0
[  123.577694]  syscall_exit_to_user_mode+0x19/0x40
[  123.578045]  do_syscall_64+0x48/0x90
[  123.578323]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.578703] RIP: 0033:0x7fb3dac01b19
[  123.578978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.580300] RSP: 002b:00007fb3d8177218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  123.580861] RAX: 0000000000000001 RBX: 00007fb3dad14f68 RCX: 00007fb3dac01b19
[  123.581369] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb3dad14f6c
[  123.581877] RBP: 00007fb3dad14f60 R08: 000000000000000e R09: 0000000000000000
[  123.582400] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fb3dad14f6c
[  123.582947] R13: 00007fff3c19182f R14: 00007fb3d8177300 R15: 0000000000022000
[  123.583488]  </TASK>
[  123.583669] irq event stamp: 3984
[  123.583936] hardirqs last  enabled at (3983): [<ffffffff8133e8b9>] exit_to_user_mode_prepare+0x109/0x1a0
[  123.584629] hardirqs last disabled at (3984): [<ffffffff842598f5>] __schedule+0x1225/0x2470
[  123.585261] softirqs last  enabled at (2030): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  123.585909] softirqs last disabled at (2021): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  123.586530] ---[ end trace 0000000000000000 ]---
[  123.899814] hrtimer: interrupt took 19637 ns
[  129.016023] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  129.017524] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  129.018503] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  129.021202] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  129.022238] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  129.023227] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  129.025650] Bluetooth: hci1: HCI_REQ-0x0c1a
[  130.906819] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  131.034862] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  131.034877] Bluetooth: hci1: command 0x0409 tx timeout
[  133.082891] Bluetooth: hci1: command 0x041b tx timeout

VM DIAGNOSIS:
03:14:52  Registers:
info registers vcpu 0
RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823ba131 RDI=ffffffff8765a980 RBP=ffffffff8765a940 RSP=ffff88803fa77690
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000063 R11=0000000000000001
R12=0000000000000063 R13=ffffffff8765a940 R14=0000000000000010 R15=ffffffff823ba120
RIP=ffffffff823ba189 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fb3d8177700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f35d171cc70 CR3=000000001dba0000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM01=0000000000000000 0000000000000000 2525252525252525 2525252525252525
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=dffffc0000000000 RBX=ffff88801842a000 RCX=1ffffffff0b60ec1 RDX=0000000000000000
RSI=0000000000000000 RDI=ffff88801842a054 RBP=ffff888008ee3680 RSP=ffff88803df6fb60
R8 =0000000000000000 R9 =0000000000000000 R10=fffff940001f0c98 R11=0000000000000001
R12=0000000000000000 R13=0000000000000cc0 R14=000000000000658d R15=ffffea0000f864c0
RIP=ffffffff817b28e0 RFL=00000217 [----APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 00000000 00000000
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fb2e53ce8c0 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000559f881c0cd0 CR3=0000000037b74000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM01=0000000000000000 0000000000000000 00007fb2e53e9e90 00007fb2e53e9e80
YMM02=0000000000000000 0000000000000000 ffffffffffffff00 0000000000000000
YMM03=0000000000000000 0000000000000000 696e656420737365 636341002f737973
YMM04=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000
YMM05=0000000000000000 0000000000000000 ffffffffffff0000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000006561 6124242f6867632f
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000038 327363762f766564
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000