Warning: Permanently added '[localhost]:26646' (ECDSA) to the list of known hosts.
2022/09/28 03:57:02 fuzzer started
2022/09/28 03:57:02 dialing manager at localhost:35827
syzkaller login: [   36.984077] cgroup: Unknown subsys name 'net'
[   37.088713] cgroup: Unknown subsys name 'rlimit'
2022/09/28 03:57:17 syscalls: 2215
2022/09/28 03:57:17 code coverage: enabled
2022/09/28 03:57:17 comparison tracing: enabled
2022/09/28 03:57:17 extra coverage: enabled
2022/09/28 03:57:17 setuid sandbox: enabled
2022/09/28 03:57:17 namespace sandbox: enabled
2022/09/28 03:57:17 Android sandbox: enabled
2022/09/28 03:57:17 fault injection: enabled
2022/09/28 03:57:17 leak checking: enabled
2022/09/28 03:57:17 net packet injection: enabled
2022/09/28 03:57:17 net device setup: enabled
2022/09/28 03:57:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/28 03:57:17 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/28 03:57:17 USB emulation: enabled
2022/09/28 03:57:17 hci packet injection: enabled
2022/09/28 03:57:17 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220927                                          )
2022/09/28 03:57:17 802.15.4 emulation: enabled
2022/09/28 03:57:17 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/28 03:57:17 fetching corpus: 42, signal 25557/29063 (executing program)
2022/09/28 03:57:18 fetching corpus: 92, signal 35550/40527 (executing program)
2022/09/28 03:57:18 fetching corpus: 142, signal 45040/51326 (executing program)
2022/09/28 03:57:18 fetching corpus: 192, signal 54404/61763 (executing program)
2022/09/28 03:57:18 fetching corpus: 242, signal 59318/67849 (executing program)
2022/09/28 03:57:18 fetching corpus: 292, signal 66854/76268 (executing program)
2022/09/28 03:57:18 fetching corpus: 342, signal 70517/80995 (executing program)
2022/09/28 03:57:18 fetching corpus: 392, signal 74052/85526 (executing program)
2022/09/28 03:57:18 fetching corpus: 442, signal 79098/91404 (executing program)
2022/09/28 03:57:19 fetching corpus: 492, signal 83836/96913 (executing program)
2022/09/28 03:57:19 fetching corpus: 542, signal 85981/99989 (executing program)
2022/09/28 03:57:19 fetching corpus: 592, signal 88086/103059 (executing program)
2022/09/28 03:57:19 fetching corpus: 642, signal 91876/107475 (executing program)
2022/09/28 03:57:19 fetching corpus: 692, signal 95485/111618 (executing program)
2022/09/28 03:57:19 fetching corpus: 742, signal 99234/115820 (executing program)
2022/09/28 03:57:19 fetching corpus: 792, signal 103149/120091 (executing program)
2022/09/28 03:57:19 fetching corpus: 842, signal 105638/123181 (executing program)
2022/09/28 03:57:20 fetching corpus: 892, signal 107718/125857 (executing program)
2022/09/28 03:57:20 fetching corpus: 941, signal 110031/128666 (executing program)
2022/09/28 03:57:20 fetching corpus: 991, signal 111243/130559 (executing program)
2022/09/28 03:57:20 fetching corpus: 1041, signal 112607/132539 (executing program)
2022/09/28 03:57:20 fetching corpus: 1091, signal 115738/135932 (executing program)
2022/09/28 03:57:20 fetching corpus: 1141, signal 117892/138532 (executing program)
2022/09/28 03:57:20 fetching corpus: 1191, signal 119343/140529 (executing program)
2022/09/28 03:57:20 fetching corpus: 1241, signal 120920/142602 (executing program)
2022/09/28 03:57:20 fetching corpus: 1291, signal 122466/144631 (executing program)
2022/09/28 03:57:21 fetching corpus: 1341, signal 124278/146783 (executing program)
2022/09/28 03:57:21 fetching corpus: 1391, signal 126020/148816 (executing program)
2022/09/28 03:57:21 fetching corpus: 1441, signal 128092/151073 (executing program)
2022/09/28 03:57:21 fetching corpus: 1491, signal 129591/152816 (executing program)
2022/09/28 03:57:21 fetching corpus: 1541, signal 130593/154279 (executing program)
2022/09/28 03:57:21 fetching corpus: 1591, signal 132203/156099 (executing program)
2022/09/28 03:57:21 fetching corpus: 1641, signal 134700/158597 (executing program)
2022/09/28 03:57:21 fetching corpus: 1691, signal 136258/160389 (executing program)
2022/09/28 03:57:21 fetching corpus: 1741, signal 137414/161763 (executing program)
2022/09/28 03:57:22 fetching corpus: 1791, signal 138708/163293 (executing program)
2022/09/28 03:57:22 fetching corpus: 1841, signal 140723/165170 (executing program)
2022/09/28 03:57:22 fetching corpus: 1891, signal 142166/166791 (executing program)
2022/09/28 03:57:22 fetching corpus: 1941, signal 143712/168331 (executing program)
2022/09/28 03:57:22 fetching corpus: 1991, signal 145051/169791 (executing program)
2022/09/28 03:57:22 fetching corpus: 2041, signal 146167/171057 (executing program)
2022/09/28 03:57:22 fetching corpus: 2091, signal 146800/171993 (executing program)
2022/09/28 03:57:22 fetching corpus: 2141, signal 147837/173173 (executing program)
2022/09/28 03:57:23 fetching corpus: 2191, signal 148866/174303 (executing program)
2022/09/28 03:57:23 fetching corpus: 2241, signal 150501/175772 (executing program)
2022/09/28 03:57:23 fetching corpus: 2291, signal 151889/177195 (executing program)
2022/09/28 03:57:23 fetching corpus: 2341, signal 152698/178207 (executing program)
2022/09/28 03:57:23 fetching corpus: 2391, signal 153946/179407 (executing program)
2022/09/28 03:57:23 fetching corpus: 2441, signal 155009/180503 (executing program)
2022/09/28 03:57:23 fetching corpus: 2491, signal 156559/181790 (executing program)
2022/09/28 03:57:24 fetching corpus: 2541, signal 157283/182609 (executing program)
2022/09/28 03:57:24 fetching corpus: 2591, signal 158062/183504 (executing program)
2022/09/28 03:57:24 fetching corpus: 2641, signal 159193/184543 (executing program)
2022/09/28 03:57:24 fetching corpus: 2691, signal 160375/185552 (executing program)
2022/09/28 03:57:24 fetching corpus: 2741, signal 161218/186435 (executing program)
2022/09/28 03:57:24 fetching corpus: 2791, signal 162500/187459 (executing program)
2022/09/28 03:57:24 fetching corpus: 2841, signal 163569/188325 (executing program)
2022/09/28 03:57:24 fetching corpus: 2891, signal 164244/188990 (executing program)
2022/09/28 03:57:24 fetching corpus: 2941, signal 164691/189553 (executing program)
2022/09/28 03:57:25 fetching corpus: 2991, signal 166043/190557 (executing program)
2022/09/28 03:57:25 fetching corpus: 3041, signal 167154/191415 (executing program)
2022/09/28 03:57:25 fetching corpus: 3091, signal 168685/192438 (executing program)
2022/09/28 03:57:25 fetching corpus: 3141, signal 169232/193043 (executing program)
2022/09/28 03:57:25 fetching corpus: 3191, signal 170455/193815 (executing program)
2022/09/28 03:57:25 fetching corpus: 3241, signal 171404/194539 (executing program)
2022/09/28 03:57:25 fetching corpus: 3291, signal 172370/195209 (executing program)
2022/09/28 03:57:25 fetching corpus: 3341, signal 173481/195950 (executing program)
2022/09/28 03:57:26 fetching corpus: 3391, signal 174517/196657 (executing program)
2022/09/28 03:57:26 fetching corpus: 3441, signal 175188/197150 (executing program)
2022/09/28 03:57:26 fetching corpus: 3491, signal 176166/197777 (executing program)
2022/09/28 03:57:26 fetching corpus: 3541, signal 177271/198439 (executing program)
2022/09/28 03:57:26 fetching corpus: 3591, signal 178110/198955 (executing program)
2022/09/28 03:57:26 fetching corpus: 3641, signal 179485/199593 (executing program)
2022/09/28 03:57:26 fetching corpus: 3691, signal 180464/200124 (executing program)
2022/09/28 03:57:26 fetching corpus: 3741, signal 180973/200519 (executing program)
2022/09/28 03:57:27 fetching corpus: 3791, signal 181744/200968 (executing program)
2022/09/28 03:57:27 fetching corpus: 3841, signal 182316/201374 (executing program)
2022/09/28 03:57:27 fetching corpus: 3891, signal 183016/201754 (executing program)
2022/09/28 03:57:27 fetching corpus: 3941, signal 183786/202147 (executing program)
2022/09/28 03:57:27 fetching corpus: 3990, signal 184262/202467 (executing program)
2022/09/28 03:57:27 fetching corpus: 4039, signal 185248/202954 (executing program)
2022/09/28 03:57:27 fetching corpus: 4089, signal 186160/203319 (executing program)
2022/09/28 03:57:27 fetching corpus: 4139, signal 186910/203660 (executing program)
2022/09/28 03:57:28 fetching corpus: 4189, signal 187449/203979 (executing program)
2022/09/28 03:57:28 fetching corpus: 4238, signal 187999/204265 (executing program)
2022/09/28 03:57:28 fetching corpus: 4288, signal 188974/204559 (executing program)
2022/09/28 03:57:28 fetching corpus: 4338, signal 189289/204787 (executing program)
2022/09/28 03:57:28 fetching corpus: 4388, signal 190105/205052 (executing program)
2022/09/28 03:57:28 fetching corpus: 4438, signal 190756/205320 (executing program)
2022/09/28 03:57:28 fetching corpus: 4488, signal 191341/205563 (executing program)
2022/09/28 03:57:28 fetching corpus: 4538, signal 192588/205940 (executing program)
2022/09/28 03:57:28 fetching corpus: 4588, signal 193079/206136 (executing program)
2022/09/28 03:57:29 fetching corpus: 4638, signal 194222/206498 (executing program)
2022/09/28 03:57:29 fetching corpus: 4688, signal 194799/206689 (executing program)
2022/09/28 03:57:29 fetching corpus: 4738, signal 195513/206864 (executing program)
2022/09/28 03:57:29 fetching corpus: 4788, signal 196131/207030 (executing program)
2022/09/28 03:57:29 fetching corpus: 4838, signal 196536/207166 (executing program)
2022/09/28 03:57:29 fetching corpus: 4888, signal 197124/207306 (executing program)
2022/09/28 03:57:29 fetching corpus: 4938, signal 197808/207485 (executing program)
2022/09/28 03:57:29 fetching corpus: 4988, signal 198478/207584 (executing program)
2022/09/28 03:57:30 fetching corpus: 5038, signal 199380/207642 (executing program)
2022/09/28 03:57:30 fetching corpus: 5088, signal 200044/207643 (executing program)
2022/09/28 03:57:30 fetching corpus: 5138, signal 200796/207647 (executing program)
2022/09/28 03:57:30 fetching corpus: 5188, signal 201094/207651 (executing program)
2022/09/28 03:57:30 fetching corpus: 5238, signal 201657/207651 (executing program)
2022/09/28 03:57:30 fetching corpus: 5243, signal 201739/207651 (executing program)
2022/09/28 03:57:30 fetching corpus: 5243, signal 201739/207651 (executing program)
2022/09/28 03:57:32 starting 8 fuzzer processes
03:57:32 executing program 0:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$tmpfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400))
name_to_handle_at(r0, &(0x7f0000000180)='\x00', &(0x7f00000001c0)=@ceph_nfs_fh={0x8}, 0x0, 0x1400)

03:57:32 executing program 2:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x4a, &(0x7f00000000c0)={@remote}, 0x20)

03:57:32 executing program 1:
syz_io_uring_setup(0x460c, &(0x7f0000000080), &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100), 0x0)
remap_file_pages(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x0, 0x0, 0x0)

03:57:32 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x19)

03:57:32 executing program 5:
setresgid(0xffffffffffffffff, 0xffffffffffffffff, 0xee01)

03:57:32 executing program 4:
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000840), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000880)={{}, {0x0, 0x3}})

[   66.823791] audit: type=1400 audit(1664337452.745:6): avc:  denied  { execmem } for  pid=287 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
03:57:32 executing program 6:
r0 = perf_event_open$cgroup(&(0x7f0000000040)={0x2, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000000c0)='\x00')
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f0000000180)='journal_checksum')
close(r0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = accept(r1, &(0x7f00000001c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000000)=0x80)
fsetxattr$security_selinux(r2, &(0x7f0000000140), &(0x7f0000000240)='system_u:object_r:tpm_device_t:s0\x00', 0x22, 0x1)
r3 = dup(r1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x6)
ioctl$VFAT_IOCTL_READDIR_BOTH(r3, 0x82307201, &(0x7f0000000280)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000001, 0x50, r3, 0x8)

03:57:32 executing program 7:
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)

[   68.073758] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   68.076928] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   68.079122] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   68.082255] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   68.083925] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   68.085384] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   68.089915] Bluetooth: hci0: HCI_REQ-0x0c1a
[   68.130532] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   68.132030] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   68.134045] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   68.135128] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   68.136772] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   68.137757] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   68.143253] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   68.144216] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   68.146858] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   68.148017] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   68.149317] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   68.150526] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   68.156887] Bluetooth: hci2: HCI_REQ-0x0c1a
[   68.160566] Bluetooth: hci1: HCI_REQ-0x0c1a
[   68.195455] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   68.197609] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   68.199486] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   68.203376] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   68.206384] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   68.207600] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   68.226202] Bluetooth: hci4: HCI_REQ-0x0c1a
[   68.243188] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   68.244786] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   68.246301] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   68.250242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   68.265839] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   68.267461] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   68.268497] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   68.270114] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   68.271249] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   68.277589] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   68.279421] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   68.280808] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   68.287693] Bluetooth: hci7: HCI_REQ-0x0c1a
[   68.288437] Bluetooth: hci3: HCI_REQ-0x0c1a
[   68.341768] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   68.344570] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   68.346276] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   68.367602] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   68.382555] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   68.388746] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   68.401305] Bluetooth: hci6: HCI_REQ-0x0c1a
[   70.101419] Bluetooth: hci0: command 0x0409 tx timeout
[   70.229056] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   70.229169] Bluetooth: hci1: command 0x0409 tx timeout
[   70.230480] Bluetooth: hci2: command 0x0409 tx timeout
[   70.293069] Bluetooth: hci4: command 0x0409 tx timeout
[   70.358097] Bluetooth: hci3: command 0x0409 tx timeout
[   70.358355] Bluetooth: hci7: command 0x0409 tx timeout
[   70.421054] Bluetooth: hci6: command 0x0409 tx timeout
[   72.150486] Bluetooth: hci0: command 0x041b tx timeout
[   72.277028] Bluetooth: hci2: command 0x041b tx timeout
[   72.278162] Bluetooth: hci1: command 0x041b tx timeout
[   72.341153] Bluetooth: hci4: command 0x041b tx timeout
[   72.405021] Bluetooth: hci7: command 0x041b tx timeout
[   72.406070] Bluetooth: hci3: command 0x041b tx timeout
[   72.469017] Bluetooth: hci6: command 0x041b tx timeout
[   73.264094] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   73.267214] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   73.270299] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   73.277085] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   73.282124] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   73.282900] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   73.291016] Bluetooth: hci5: HCI_REQ-0x0c1a
[   74.197110] Bluetooth: hci0: command 0x040f tx timeout
[   74.325080] Bluetooth: hci1: command 0x040f tx timeout
[   74.325096] Bluetooth: hci2: command 0x040f tx timeout
[   74.389025] Bluetooth: hci4: command 0x040f tx timeout
[   74.453097] Bluetooth: hci3: command 0x040f tx timeout
[   74.453575] Bluetooth: hci7: command 0x040f tx timeout
[   74.518045] Bluetooth: hci6: command 0x040f tx timeout
[   75.349098] Bluetooth: hci5: command 0x0409 tx timeout
[   76.245063] Bluetooth: hci0: command 0x0419 tx timeout
[   76.373137] Bluetooth: hci2: command 0x0419 tx timeout
[   76.373927] Bluetooth: hci1: command 0x0419 tx timeout
[   76.437124] Bluetooth: hci4: command 0x0419 tx timeout
[   76.501101] Bluetooth: hci7: command 0x0419 tx timeout
[   76.501834] Bluetooth: hci3: command 0x0419 tx timeout
[   76.565057] Bluetooth: hci6: command 0x0419 tx timeout
[   77.397010] Bluetooth: hci5: command 0x041b tx timeout
[   79.446105] Bluetooth: hci5: command 0x040f tx timeout
[   81.494059] Bluetooth: hci5: command 0x0419 tx timeout
03:58:28 executing program 3:
r0 = inotify_init()
inotify_add_watch(r0, 0x0, 0x20)

03:58:28 executing program 3:
r0 = memfd_create(&(0x7f0000000000)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLK\xa4g?K)\xa0\xf0\x9b8Y\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x05\x00\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\xff#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x80L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x04\xd5i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb621p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\x01\x00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xee\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\x01\x01\x00\x00\x00\x00\x00\x00\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/\\\x01\xe2\xba\x0e\xe3\xf95\x1d\x10\xa7\x97\xbf\x8e\xac\x81\xc9\x13\x8e\xb3\xf3\xb5d\xa1\xcf\x1d\x92\x9b\x9b\xa7\x12F\xa0\xe0\xff\x1a\x8e\xe2ae^=\n\xe1\xa6\xb8\xe9v\x8f2\xf4\xac\xe5\xdf\xffi`Mo\x1e\x1cMN<\x1b\xd8\xfe\xd6P\xcdQ\x83\xfa\xe7\x1d\xd5\x01n\xa7~\x8b\x90/62\xff;.S\xf7\x0flwa\x16\xf0\xf2(\x96V,\xd7s\xaaOE\xd3H\xfd`}\xd8\xbc\x9a\xca\xe3\n\xd7fCe\xd8\xbb\xdao\xb0\x85\xcc\xedv\x94\xb5\xc4\xb6[>\xb9,\xfch_-s\x94,F\x15\xd8m5>\x94\x84\xf5\x00\xc3\xf6m\xc7B\t{\xe0d\xc65(\x18\x9c\xad\x13b6\xca\x16\x95\xcb^zF\xd0\x1a\x8dP\x94\x19\xa4\xbfr=\xb6\xae', 0x7)
ftruncate(r0, 0x2000000)
preadv(r0, &(0x7f0000001300)=[{&(0x7f0000001240)=""/98, 0x62}], 0x1, 0x1fffffe, 0x0)

03:58:28 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x80102, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0)
write$rfkill(r0, 0x0, 0x0)

03:58:29 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x80102, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0)
write$rfkill(r0, 0x0, 0x0)

03:58:29 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x80102, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0)
write$rfkill(r0, 0x0, 0x0)

03:58:29 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x80102, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x0, 0x0, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0, 0x0)
write$rfkill(r0, 0x0, 0x0)

03:58:29 executing program 3:
mlock(&(0x7f0000ffb000/0x1000)=nil, 0x1000)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil)

03:58:29 executing program 3:
ptrace(0x10, 0x1)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0)

[  125.705341] mmap: syz-executor.1 (3944) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  125.902377] audit: type=1400 audit(1664337511.823:7): avc:  denied  { open } for  pid=3955 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  125.903986] audit: type=1400 audit(1664337511.824:8): avc:  denied  { kernel } for  pid=3955 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  125.994800] ------------[ cut here ]------------
[  125.995790] WARNING: CPU: 0 PID: 3958 at kernel/events/core.c:2233 event_filter_match+0x422/0x660
[  125.997088] Modules linked in:
[  125.997605] CPU: 0 PID: 3958 Comm: syz-executor.0 Not tainted 6.0.0-rc7-next-20220927 #1
[  125.998910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  126.001289] RIP: 0010:event_filter_match+0x422/0x660
[  126.002056] Code: 00 00 00 e9 7c fc ff ff e8 bb 2e f1 ff 65 8b 2d 30 94 ad 7e 31 ff 89 ee e8 5b 2b f1 ff 85 ed 0f 84 ef 00 00 00 e8 9e 2e f1 ff <0f> 0b eb 9f e8 45 a5 23 00 e9 17 fc ff ff e8 8b 2e f1 ff 48 8d 7b
[  126.005354] RSP: 0018:ffff88806ce09c70 EFLAGS: 00010046
[  126.006348] RAX: 0000000080010001 RBX: ffff88803cca8b90 RCX: 0000000000000000
[  126.007725] RDX: ffff88800894b580 RSI: ffffffff8154e1a2 RDI: 0000000000000005
[  126.009079] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000001
[  126.010438] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88803cca8db0
[  126.011823] R13: 0000000000000000 R14: ffff88803cca8c38 R15: ffff88803cca8db0
[  126.013168] FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  126.014719] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  126.015816] CR2: 0000560aced6c2b0 CR3: 000000003e298000 CR4: 0000000000350ef0
[  126.017154] Call Trace:
[  126.017668]  <IRQ>
[  126.018098]  merge_sched_in+0x107/0x1110
[  126.018894]  visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0
[  126.020026]  ? merge_sched_in+0x1110/0x1110
[  126.020848]  ? lock_is_held_type+0xd7/0x130
[  126.021711]  ctx_sched_in+0x2e6/0x770
[  126.022456]  ? lock_acquire+0x1b2/0x530
[  126.023235]  ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0
[  126.024418]  ? lock_is_held_type+0xd7/0x130
[  126.025291]  perf_event_sched_in+0x75/0x80
[  126.026118]  ctx_resched+0x1ce/0x390
[  126.026842]  __perf_install_in_context+0x285/0x9c0
[  126.027799]  ? ctx_resched+0x390/0x390
[  126.028564]  remote_function+0x125/0x1b0
[  126.029382]  __flush_smp_call_function_queue+0x1df/0x5a0
[  126.030419]  ? perf_duration_warn+0x40/0x40
[  126.031261]  __sysvec_call_function_single+0x92/0x3a0
[  126.032008]  sysvec_call_function_single+0x89/0xc0
[  126.032716]  </IRQ>
[  126.033047]  <TASK>
[  126.033394]  asm_sysvec_call_function_single+0x16/0x20
[  126.034130] RIP: 0010:kasan_addr_to_slab+0x47/0xa0
[  126.034829] Code: 80 48 01 fb 72 6d 48 c7 c7 00 00 00 80 48 2b 3d 5f 48 9d 03 48 01 fb 48 c1 eb 0c 48 c1 e3 06 48 03 1d 3d 48 9d 03 48 8b 53 08 <48> 89 d8 f6 c2 01 75 3b 66 90 48 8b 10 5b 80 e6 02 ba 00 00 00 00
[  126.037271] RSP: 0018:ffff88803e5976b8 EFLAGS: 00000282
[  126.038005] RAX: 0000000000000000 RBX: ffffea000035d740 RCX: 0000000000000000
[  126.038982] RDX: ffffea000035d701 RSI: ffffffff81129e3e RDI: 0000777f80000000
[  126.039950] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  126.040986] R10: 0000000000000008 R11: 0000000000000001 R12: ffffffff817bc0a0
[  126.042038] R13: ffffffff81127dc4 R14: 0000001b2ed1ffff R15: ffff888007c4fa00
[  126.043068]  ? ___pmd_free_tlb+0xa4/0x1f0
[  126.043690]  ? hugetlb_cgroup_migrate+0xf60/0xf60
[  126.044414]  ? __virt_addr_valid+0xfe/0x340
[  126.045055]  ? kasan_addr_to_slab+0x9/0xa0
[  126.045747]  __kasan_record_aux_stack+0xe/0xb0
[  126.046462]  ? hugetlb_cgroup_migrate+0xf60/0xf60
[  126.047196]  call_rcu+0x6a/0xa30
[  126.047707]  ? _raw_spin_unlock_irqrestore+0x33/0x60
[  126.048451]  ? ___pmd_free_tlb+0xa4/0x1f0
[  126.049068]  kmem_cache_free+0xbd/0x610
[  126.049691]  ? ___pte_free_tlb+0xe4/0x110
[  126.050323]  ___pmd_free_tlb+0xa4/0x1f0
[  126.050921]  free_pgd_range+0xa05/0x1330
[  126.051584]  free_pgtables+0x2d2/0x420
[  126.052185]  ? free_pgd_range+0x1330/0x1330
[  126.052860]  exit_mmap+0x1b4/0x680
[  126.053446]  ? __ia32_sys_remap_file_pages+0x150/0x150
[  126.054256]  ? delayed_uprobe_remove+0x27/0x230
[  126.054967]  mmput+0xd1/0x390
[  126.055459]  do_exit+0xa2e/0x27f0
[  126.055993]  ? lock_release+0x3b2/0x750
[  126.056587]  ? get_signal+0x88b/0x22d0
[  126.057177]  ? mm_update_next_owner+0x7e0/0x7e0
[  126.057901]  ? lock_is_held_type+0xd7/0x130
[  126.058545]  do_group_exit+0xd0/0x2a0
[  126.059123]  get_signal+0x2195/0x22d0
[  126.059710]  ? wake_up_q+0x8b/0xf0
[  126.060268]  ? exit_signals+0x8b0/0x8b0
[  126.060905]  arch_do_signal_or_restart+0x89/0x1be0
[  126.061682]  ? do_futex+0x136/0x380
[  126.062388]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  126.063248]  ? get_sigframe_size+0x10/0x10
[  126.063880]  ? kmem_cache_free+0xf7/0x610
[  126.064506]  ? lock_downgrade+0x6d0/0x6d0
[  126.065145]  ? __x64_sys_futex+0x1c6/0x4d0
[  126.065823]  ? __x64_sys_futex_time32+0x480/0x480
[  126.066552]  ? exit_to_user_mode_prepare+0x109/0x1a0
[  126.067322]  exit_to_user_mode_prepare+0x131/0x1a0
[  126.068060]  syscall_exit_to_user_mode+0x19/0x40
[  126.068774]  do_syscall_64+0x48/0x90
[  126.069368]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.070140] RIP: 0033:0x7f3f0b6eeb19
[  126.070701] Code: Unable to access opcode bytes at 0x7f3f0b6eeaef.
[  126.071607] RSP: 002b:00007f3f08c43218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.072724] RAX: fffffffffffffe00 RBX: 00007f3f0b802028 RCX: 00007f3f0b6eeb19
[  126.073802] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3f0b802028
[  126.074851] RBP: 00007f3f0b802020 R08: 0000000000000000 R09: 0000000000000000
[  126.075893] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3f0b80202c
[  126.076932] R13: 00007ffc7f89d30f R14: 00007f3f08c43300 R15: 0000000000022000
[  126.078029]  </TASK>
[  126.078389] irq event stamp: 1450
[  126.078902] hardirqs last  enabled at (1449): [<ffffffff84270c38>] _raw_spin_unlock_irqrestore+0x28/0x60
[  126.080278] hardirqs last disabled at (1450): [<ffffffff8424f74b>] sysvec_call_function_single+0xb/0xc0
[  126.081677] softirqs last  enabled at (744): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  126.082924] softirqs last disabled at (661): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  126.084168] ---[ end trace 0000000000000000 ]---
[  126.084979] ------------[ cut here ]------------
[  126.085694] WARNING: CPU: 0 PID: 3958 at kernel/events/core.c:2557 merge_sched_in+0xadb/0x1110
[  126.086963] Modules linked in:
[  126.087455] CPU: 0 PID: 3958 Comm: syz-executor.0 Tainted: G        W          6.0.0-rc7-next-20220927 #1
[  126.088830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  126.090486] RIP: 0010:merge_sched_in+0xadb/0x1110
[  126.091211] Code: ff ff e8 e8 08 ef ff 65 8b 05 5d 6e ab 7e 31 ff 89 c6 89 04 24 e8 85 05 ef ff 8b 04 24 85 c0 0f 84 13 02 00 00 e8 c5 08 ef ff <0f> 0b e9 c4 fb ff ff e8 b9 08 ef ff 4c 89 e8 48 05 18 01 00 00 e9
[  126.093852] RSP: 0018:ffff88806ce09cb0 EFLAGS: 00010046
[  126.094637] RAX: 0000000080010001 RBX: ffff88806ce3d140 RCX: 0000000000000000
[  126.095680] RDX: ffff88800894b580 RSI: ffffffff8157077b RDI: 0000000000000005
[  126.096722] RBP: ffff88803cca8b90 R08: 0000000000000005 R09: 0000000000000001
[  126.097796] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff88806ce3d140
[  126.098838] R13: ffff88806ce00000 R14: ffff88803cca8c38 R15: ffff88803cca8db0
[  126.099880] FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  126.101050] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  126.101947] CR2: 0000560aced6c2b0 CR3: 000000003e298000 CR4: 0000000000350ef0
[  126.102993] Call Trace:
[  126.103387]  <IRQ>
[  126.103738]  visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0
[  126.104634]  ? merge_sched_in+0x1110/0x1110
[  126.105294]  ? lock_is_held_type+0xd7/0x130
[  126.105964]  ctx_sched_in+0x2e6/0x770
[  126.106548]  ? lock_acquire+0x1b2/0x530
[  126.107161]  ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0
[  126.108061]  ? lock_is_held_type+0xd7/0x130
[  126.108727]  perf_event_sched_in+0x75/0x80
[  126.109403]  ctx_resched+0x1ce/0x390
[  126.109980]  __perf_install_in_context+0x285/0x9c0
[  126.110718]  ? ctx_resched+0x390/0x390
[  126.111309]  remote_function+0x125/0x1b0
[  126.111932]  __flush_smp_call_function_queue+0x1df/0x5a0
[  126.112735]  ? perf_duration_warn+0x40/0x40
[  126.113419]  __sysvec_call_function_single+0x92/0x3a0
[  126.114198]  sysvec_call_function_single+0x89/0xc0
[  126.114931]  </IRQ>
[  126.115279]  <TASK>
[  126.115627]  asm_sysvec_call_function_single+0x16/0x20
[  126.116410] RIP: 0010:kasan_addr_to_slab+0x47/0xa0
[  126.117151] Code: 80 48 01 fb 72 6d 48 c7 c7 00 00 00 80 48 2b 3d 5f 48 9d 03 48 01 fb 48 c1 eb 0c 48 c1 e3 06 48 03 1d 3d 48 9d 03 48 8b 53 08 <48> 89 d8 f6 c2 01 75 3b 66 90 48 8b 10 5b 80 e6 02 ba 00 00 00 00
[  126.119802] RSP: 0018:ffff88803e5976b8 EFLAGS: 00000282
[  126.120588] RAX: 0000000000000000 RBX: ffffea000035d740 RCX: 0000000000000000
[  126.121659] RDX: ffffea000035d701 RSI: ffffffff81129e3e RDI: 0000777f80000000
[  126.122703] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  126.123743] R10: 0000000000000008 R11: 0000000000000001 R12: ffffffff817bc0a0
[  126.124780] R13: ffffffff81127dc4 R14: 0000001b2ed1ffff R15: ffff888007c4fa00
[  126.125850]  ? ___pmd_free_tlb+0xa4/0x1f0
[  126.126485]  ? hugetlb_cgroup_migrate+0xf60/0xf60
[  126.127222]  ? __virt_addr_valid+0xfe/0x340
[  126.127874]  ? kasan_addr_to_slab+0x9/0xa0
[  126.128516]  __kasan_record_aux_stack+0xe/0xb0
[  126.129217]  ? hugetlb_cgroup_migrate+0xf60/0xf60
[  126.129970]  call_rcu+0x6a/0xa30
[  126.130533]  ? _raw_spin_unlock_irqrestore+0x33/0x60
[  126.131292]  ? ___pmd_free_tlb+0xa4/0x1f0
[  126.131923]  kmem_cache_free+0xbd/0x610
[  126.132520]  ? ___pte_free_tlb+0xe4/0x110
[  126.133150]  ___pmd_free_tlb+0xa4/0x1f0
[  126.133786]  free_pgd_range+0xa05/0x1330
[  126.134439]  free_pgtables+0x2d2/0x420
[  126.135043]  ? free_pgd_range+0x1330/0x1330
[  126.135722]  exit_mmap+0x1b4/0x680
[  126.136273]  ? __ia32_sys_remap_file_pages+0x150/0x150
[  126.137090]  ? delayed_uprobe_remove+0x27/0x230
[  126.137836]  mmput+0xd1/0x390
[  126.138334]  do_exit+0xa2e/0x27f0
[  126.138872]  ? lock_release+0x3b2/0x750
[  126.139473]  ? get_signal+0x88b/0x22d0
[  126.140066]  ? mm_update_next_owner+0x7e0/0x7e0
[  126.140772]  ? lock_is_held_type+0xd7/0x130
[  126.141458]  do_group_exit+0xd0/0x2a0
[  126.142044]  get_signal+0x2195/0x22d0
[  126.142620]  ? wake_up_q+0x8b/0xf0
[  126.143177]  ? exit_signals+0x8b0/0x8b0
[  126.143797]  arch_do_signal_or_restart+0x89/0x1be0
[  126.144530]  ? do_futex+0x136/0x380
[  126.145081]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  126.145952]  ? get_sigframe_size+0x10/0x10
[  126.146578]  ? kmem_cache_free+0xf7/0x610
[  126.147203]  ? lock_downgrade+0x6d0/0x6d0
[  126.147838]  ? __x64_sys_futex+0x1c6/0x4d0
[  126.148476]  ? __x64_sys_futex_time32+0x480/0x480
[  126.149194]  ? exit_to_user_mode_prepare+0x109/0x1a0
[  126.149986]  exit_to_user_mode_prepare+0x131/0x1a0
[  126.150714]  syscall_exit_to_user_mode+0x19/0x40
[  126.151421]  do_syscall_64+0x48/0x90
[  126.151978]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.152737] RIP: 0033:0x7f3f0b6eeb19
[  126.153308] Code: Unable to access opcode bytes at 0x7f3f0b6eeaef.
[  126.154208] RSP: 002b:00007f3f08c43218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.155309] RAX: fffffffffffffe00 RBX: 00007f3f0b802028 RCX: 00007f3f0b6eeb19
[  126.156341] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3f0b802028
[  126.157412] RBP: 00007f3f0b802020 R08: 0000000000000000 R09: 0000000000000000
[  126.158444] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3f0b80202c
[  126.159474] R13: 00007ffc7f89d30f R14: 00007f3f08c43300 R15: 0000000000022000
[  126.160535]  </TASK>
[  126.160889] irq event stamp: 1450
[  126.161422] hardirqs last  enabled at (1449): [<ffffffff84270c38>] _raw_spin_unlock_irqrestore+0x28/0x60
[  126.162788] hardirqs last disabled at (1450): [<ffffffff8424f74b>] sysvec_call_function_single+0xb/0xc0
[  126.164142] softirqs last  enabled at (744): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  126.165412] softirqs last disabled at (661): [<ffffffff8116fa0b>] __irq_exit_rcu+0x11b/0x180
[  126.166642] ---[ end trace 0000000000000000 ]---
[  126.202663] audit: type=1400 audit(1664337512.124:9): avc:  denied  { write } for  pid=3959 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  126.214934] Bluetooth: MGMT ver 1.22

VM DIAGNOSIS:
03:58:32  Registers:
info registers vcpu 0
RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff823ba0b1 RDI=ffffffff8765a980 RBP=ffffffff8765a940 RSP=ffff88806ce09638
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000064 R11=0000000000000001
R12=0000000000000064 R13=ffffffff8765a940 R14=0000000000000010 R15=ffffffff823ba0a0
RIP=ffffffff823ba109 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000560aced6c2b0 CR3=000000003e298000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
YMM01=0000000000000000 0000000000000000 000000ff00000000 000000ff000000ff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 696e656420737365 636341002f737973
YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
YMM05=0000000000000000 0000000000000000 0000000800000003 0000560ace509090
YMM06=0000000000000000 0000000000000000 0000560acedb3b10 0000000300000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 7269762f73656369 7665642f7379732f
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=00000000000237af RBX=1ffff11007c9ff84 RCX=ffffc90007a58000 RDX=0000000000040000
RSI=ffffffff813bb5b3 RDI=0000000000000005 RBP=ffff88803e4ffcc8 RSP=ffff88803e4ffc00
R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001
R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000200
RIP=ffffffff813bb5b5 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fb67f2c6700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fb681e64018 CR3=000000000db1a000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 00524f5252450040 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000