Warning: Permanently added '[localhost]:51099' (ECDSA) to the list of known hosts.
2022/09/12 15:40:40 fuzzer started
2022/09/12 15:40:41 dialing manager at localhost:38027
syzkaller login: [   48.686512] cgroup: Unknown subsys name 'net'
[   48.777623] cgroup: Unknown subsys name 'rlimit'
2022/09/12 15:40:57 syscalls: 2215
2022/09/12 15:40:57 code coverage: enabled
2022/09/12 15:40:57 comparison tracing: enabled
2022/09/12 15:40:57 extra coverage: enabled
2022/09/12 15:40:57 setuid sandbox: enabled
2022/09/12 15:40:57 namespace sandbox: enabled
2022/09/12 15:40:57 Android sandbox: enabled
2022/09/12 15:40:57 fault injection: enabled
2022/09/12 15:40:57 leak checking: enabled
2022/09/12 15:40:57 net packet injection: enabled
2022/09/12 15:40:57 net device setup: enabled
2022/09/12 15:40:57 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/12 15:40:57 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/12 15:40:57 USB emulation: enabled
2022/09/12 15:40:57 hci packet injection: enabled
2022/09/12 15:40:57 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912                                          )
2022/09/12 15:40:57 802.15.4 emulation: enabled
2022/09/12 15:40:57 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/12 15:40:57 fetching corpus: 49, signal 31650/35118 (executing program)
2022/09/12 15:40:58 fetching corpus: 99, signal 40800/45742 (executing program)
2022/09/12 15:40:58 fetching corpus: 149, signal 50802/57065 (executing program)
2022/09/12 15:40:58 fetching corpus: 199, signal 58719/66156 (executing program)
2022/09/12 15:40:58 fetching corpus: 249, signal 68737/77133 (executing program)
2022/09/12 15:40:58 fetching corpus: 299, signal 75326/84721 (executing program)
2022/09/12 15:40:58 fetching corpus: 349, signal 80818/91200 (executing program)
2022/09/12 15:40:58 fetching corpus: 399, signal 86704/97908 (executing program)
2022/09/12 15:40:59 fetching corpus: 449, signal 91283/103271 (executing program)
2022/09/12 15:40:59 fetching corpus: 499, signal 95458/108243 (executing program)
2022/09/12 15:40:59 fetching corpus: 549, signal 98196/111828 (executing program)
2022/09/12 15:40:59 fetching corpus: 599, signal 100993/115452 (executing program)
2022/09/12 15:40:59 fetching corpus: 649, signal 104585/119747 (executing program)
2022/09/12 15:40:59 fetching corpus: 699, signal 108091/123867 (executing program)
2022/09/12 15:40:59 fetching corpus: 748, signal 110949/127366 (executing program)
2022/09/12 15:41:00 fetching corpus: 797, signal 112551/129718 (executing program)
2022/09/12 15:41:00 fetching corpus: 846, signal 114804/132630 (executing program)
2022/09/12 15:41:00 fetching corpus: 895, signal 117231/135677 (executing program)
2022/09/12 15:41:00 fetching corpus: 945, signal 119395/138440 (executing program)
2022/09/12 15:41:00 fetching corpus: 995, signal 121606/141209 (executing program)
2022/09/12 15:41:00 fetching corpus: 1045, signal 123765/143901 (executing program)
2022/09/12 15:41:00 fetching corpus: 1095, signal 125574/146234 (executing program)
2022/09/12 15:41:01 fetching corpus: 1145, signal 128177/149155 (executing program)
2022/09/12 15:41:01 fetching corpus: 1195, signal 129664/151240 (executing program)
2022/09/12 15:41:01 fetching corpus: 1242, signal 131900/153864 (executing program)
2022/09/12 15:41:01 fetching corpus: 1290, signal 133203/155736 (executing program)
2022/09/12 15:41:01 fetching corpus: 1340, signal 134946/157916 (executing program)
2022/09/12 15:41:01 fetching corpus: 1388, signal 137088/160457 (executing program)
2022/09/12 15:41:01 fetching corpus: 1438, signal 138618/162402 (executing program)
2022/09/12 15:41:01 fetching corpus: 1488, signal 140030/164228 (executing program)
2022/09/12 15:41:01 fetching corpus: 1538, signal 141389/165965 (executing program)
2022/09/12 15:41:02 fetching corpus: 1587, signal 142801/167734 (executing program)
2022/09/12 15:41:02 fetching corpus: 1637, signal 144802/169862 (executing program)
2022/09/12 15:41:02 fetching corpus: 1687, signal 146238/171564 (executing program)
2022/09/12 15:41:02 fetching corpus: 1737, signal 147549/173197 (executing program)
2022/09/12 15:41:02 fetching corpus: 1787, signal 149701/175361 (executing program)
2022/09/12 15:41:02 fetching corpus: 1837, signal 151468/177290 (executing program)
2022/09/12 15:41:03 fetching corpus: 1887, signal 152664/178838 (executing program)
2022/09/12 15:41:03 fetching corpus: 1937, signal 154384/180629 (executing program)
2022/09/12 15:41:03 fetching corpus: 1987, signal 155467/181955 (executing program)
2022/09/12 15:41:03 fetching corpus: 2037, signal 156691/183424 (executing program)
2022/09/12 15:41:03 fetching corpus: 2087, signal 158170/185004 (executing program)
2022/09/12 15:41:03 fetching corpus: 2137, signal 159778/186635 (executing program)
2022/09/12 15:41:03 fetching corpus: 2187, signal 160998/187977 (executing program)
2022/09/12 15:41:04 fetching corpus: 2237, signal 162678/189605 (executing program)
2022/09/12 15:41:04 fetching corpus: 2287, signal 163863/190885 (executing program)
2022/09/12 15:41:04 fetching corpus: 2337, signal 164965/192113 (executing program)
2022/09/12 15:41:04 fetching corpus: 2387, signal 166027/193320 (executing program)
2022/09/12 15:41:04 fetching corpus: 2437, signal 167242/194617 (executing program)
2022/09/12 15:41:04 fetching corpus: 2487, signal 168626/195931 (executing program)
2022/09/12 15:41:04 fetching corpus: 2537, signal 170132/197309 (executing program)
2022/09/12 15:41:05 fetching corpus: 2587, signal 171323/198445 (executing program)
2022/09/12 15:41:05 fetching corpus: 2637, signal 172326/199461 (executing program)
2022/09/12 15:41:05 fetching corpus: 2687, signal 173581/200603 (executing program)
2022/09/12 15:41:05 fetching corpus: 2737, signal 174692/201716 (executing program)
2022/09/12 15:41:05 fetching corpus: 2787, signal 175735/202764 (executing program)
2022/09/12 15:41:05 fetching corpus: 2837, signal 177020/203905 (executing program)
2022/09/12 15:41:05 fetching corpus: 2887, signal 178273/204955 (executing program)
2022/09/12 15:41:06 fetching corpus: 2937, signal 179320/205921 (executing program)
2022/09/12 15:41:06 fetching corpus: 2987, signal 179959/206636 (executing program)
2022/09/12 15:41:06 fetching corpus: 3037, signal 180750/207463 (executing program)
2022/09/12 15:41:06 fetching corpus: 3086, signal 181525/208243 (executing program)
2022/09/12 15:41:06 fetching corpus: 3136, signal 182468/209121 (executing program)
2022/09/12 15:41:06 fetching corpus: 3186, signal 183608/210040 (executing program)
2022/09/12 15:41:06 fetching corpus: 3234, signal 184631/210883 (executing program)
2022/09/12 15:41:07 fetching corpus: 3284, signal 185384/211636 (executing program)
2022/09/12 15:41:07 fetching corpus: 3333, signal 186231/212411 (executing program)
2022/09/12 15:41:07 fetching corpus: 3383, signal 186994/213123 (executing program)
2022/09/12 15:41:07 fetching corpus: 3432, signal 187721/213789 (executing program)
2022/09/12 15:41:07 fetching corpus: 3481, signal 188484/214521 (executing program)
2022/09/12 15:41:07 fetching corpus: 3529, signal 189118/215109 (executing program)
2022/09/12 15:41:07 fetching corpus: 3578, signal 190012/215856 (executing program)
2022/09/12 15:41:08 fetching corpus: 3627, signal 191147/216611 (executing program)
2022/09/12 15:41:08 fetching corpus: 3676, signal 192079/217369 (executing program)
2022/09/12 15:41:08 fetching corpus: 3726, signal 192580/217906 (executing program)
2022/09/12 15:41:08 fetching corpus: 3775, signal 193264/218422 (executing program)
2022/09/12 15:41:08 fetching corpus: 3825, signal 194132/219040 (executing program)
2022/09/12 15:41:08 fetching corpus: 3875, signal 194788/219515 (executing program)
2022/09/12 15:41:08 fetching corpus: 3925, signal 195697/220133 (executing program)
2022/09/12 15:41:08 fetching corpus: 3975, signal 196356/220683 (executing program)
2022/09/12 15:41:09 fetching corpus: 4025, signal 197084/221169 (executing program)
2022/09/12 15:41:09 fetching corpus: 4074, signal 197993/221754 (executing program)
2022/09/12 15:41:09 fetching corpus: 4124, signal 198976/222287 (executing program)
2022/09/12 15:41:09 fetching corpus: 4174, signal 199686/222786 (executing program)
2022/09/12 15:41:09 fetching corpus: 4224, signal 200462/223257 (executing program)
2022/09/12 15:41:09 fetching corpus: 4274, signal 201206/223716 (executing program)
2022/09/12 15:41:09 fetching corpus: 4321, signal 202492/224301 (executing program)
2022/09/12 15:41:09 fetching corpus: 4371, signal 203121/224710 (executing program)
2022/09/12 15:41:10 fetching corpus: 4421, signal 203843/225166 (executing program)
2022/09/12 15:41:10 fetching corpus: 4470, signal 204629/225543 (executing program)
2022/09/12 15:41:10 fetching corpus: 4520, signal 205308/225915 (executing program)
2022/09/12 15:41:10 fetching corpus: 4569, signal 206185/226305 (executing program)
2022/09/12 15:41:10 fetching corpus: 4619, signal 206796/226644 (executing program)
2022/09/12 15:41:10 fetching corpus: 4669, signal 207430/226970 (executing program)
2022/09/12 15:41:10 fetching corpus: 4719, signal 208066/227387 (executing program)
2022/09/12 15:41:11 fetching corpus: 4769, signal 208598/227654 (executing program)
2022/09/12 15:41:11 fetching corpus: 4819, signal 209166/227918 (executing program)
2022/09/12 15:41:11 fetching corpus: 4869, signal 210084/228247 (executing program)
2022/09/12 15:41:11 fetching corpus: 4919, signal 210494/228513 (executing program)
2022/09/12 15:41:11 fetching corpus: 4969, signal 211208/228766 (executing program)
2022/09/12 15:41:11 fetching corpus: 5019, signal 211824/229010 (executing program)
2022/09/12 15:41:11 fetching corpus: 5069, signal 212517/229234 (executing program)
2022/09/12 15:41:12 fetching corpus: 5119, signal 213197/229470 (executing program)
2022/09/12 15:41:12 fetching corpus: 5169, signal 213751/229672 (executing program)
2022/09/12 15:41:12 fetching corpus: 5219, signal 214583/229902 (executing program)
2022/09/12 15:41:12 fetching corpus: 5269, signal 214921/230040 (executing program)
2022/09/12 15:41:12 fetching corpus: 5319, signal 215469/230261 (executing program)
2022/09/12 15:41:12 fetching corpus: 5369, signal 216214/230522 (executing program)
2022/09/12 15:41:12 fetching corpus: 5419, signal 216599/230688 (executing program)
2022/09/12 15:41:13 fetching corpus: 5469, signal 217352/231031 (executing program)
2022/09/12 15:41:13 fetching corpus: 5519, signal 218141/231184 (executing program)
2022/09/12 15:41:13 fetching corpus: 5569, signal 218778/231211 (executing program)
2022/09/12 15:41:13 fetching corpus: 5619, signal 219436/231245 (executing program)
2022/09/12 15:41:13 fetching corpus: 5669, signal 219883/231303 (executing program)
2022/09/12 15:41:13 fetching corpus: 5719, signal 220269/231304 (executing program)
2022/09/12 15:41:14 fetching corpus: 5768, signal 220954/231366 (executing program)
2022/09/12 15:41:14 fetching corpus: 5818, signal 221497/231366 (executing program)
2022/09/12 15:41:14 fetching corpus: 5868, signal 222204/231399 (executing program)
2022/09/12 15:41:14 fetching corpus: 5899, signal 222854/231422 (executing program)
2022/09/12 15:41:14 fetching corpus: 5899, signal 222854/231422 (executing program)
2022/09/12 15:41:16 starting 8 fuzzer processes
15:41:16 executing program 0:
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x0)
accept$unix(r0, &(0x7f0000000200), &(0x7f0000000300)=0x6e)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x131001, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000004200)={0x0, 0x0, &(0x7f00000029c0)={&(0x7f0000001880)=@getspdinfo={0x14, 0x25, 0x1}, 0x14}}, 0x0)
ioctl$FAT_IOCTL_GET_VOLUME_ID(r2, 0x80047213, &(0x7f0000000340))
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ipv6_route\x00')
pwrite64(r0, &(0x7f00000003c0)="9323ece8e7f12ef2620f91613379b4fd32f72b332c9da21bc02d51c136079254ae298b0c5c6a749c3c6da3e255860295159cc91676760f52379f258dfb8dbe44525d87d9ecf07d170aad8013c178e094d2d9917b4dcbb5a273c02e86a5f52a8749a6db299a90642429cac744e87536b134a71d7ed75a6de7a23daac9d2e35ba8be08078a9734ec4bf407602552f9068589775eed9d77761bb65da075efb769", 0x9f, 0x4)
read$hiddev(r3, &(0x7f0000000040)=""/169, 0x200000e9)
setsockopt$inet6_int(r1, 0x29, 0x3e, &(0x7f0000000480)=0x8, 0x4)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20010}, 0xc, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB='&\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000426bd7000ffdbdf256300000008000300", @ANYRES32=0x0, @ANYBLOB="3900006635832bf2efba4d2407f12022a00c81a91a0e042ce6cbc5112810b011854dacb66ecae10d6b06cede6979f62e65d7262bccefd1c12a94a7975fa7cdb21eff48552f090cc97cce12b24475ef232278657e8ea50de9469efab07e515907367ef883c2d9cd86d1be"], 0x28}, 0x1, 0x0, 0x0, 0x8004}, 0x20000014)
getdents64(0xffffffffffffffff, 0x0, 0x0)
pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000)

15:41:16 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f00000016c0), 0x6, 0x0)
inotify_add_watch(r0, 0x0, 0x81000094)

15:41:16 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="18000000300049b677a392cb0af30000bd801ba2040001"], 0x18}], 0x1}, 0x0)
recvmmsg$unix(r0, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

15:41:16 executing program 3:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x4b, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x0, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02']}, 0x18)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)

[   82.653250] audit: type=1400 audit(1662997276.768:6): avc:  denied  { execmem } for  pid=287 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
15:41:16 executing program 7:
waitid$P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)

15:41:16 executing program 4:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000001880)={0x1, &(0x7f0000001840)=[{}]})

15:41:16 executing program 5:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x10000, 0x8, &(0x7f0000000200)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020801000240008000f80100200040000000000000000000800029600c6cf153595a4b414c4c4552202046415431322020200e1fbe5b7cac22c0740b56b40ebb0700cd105eebf032e4cd16cd19ebfe54686973206973206e6f74206120626f6f7461626c65206469736b2e2020506c6561736520696e73657274206120626f6f7461626c6520666c6f70707920616e640d0a707265737320616e79206b657920746f2074727920616761696e202e2e2e200d0a00", 0xc0}, {&(0x7f0000010100)="00000000000000000000000000000000000000000000000000000000000055aaf8ffff00f0ffffffff078000ffffff00"/64, 0x40, 0x1e0}, {&(0x7f0000010200)="f8ffff00f0ffffffff078000ffffff00"/32, 0x20, 0x400}, {&(0x7f0000010300)="53595a4b414c4c45522020080000e980325132510000e980325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020201000a5e970325132510000e970325103000000000041660069006c00650031000f00100000ffffffffffffffffffff0000ffffffff46494c45312020202020202000a5e970325132510000e970325105000a00000041660069006c00650032000f00140000ffffffffffffffffffff0000ffffffff46494c45322020202020202000a5e970325132510000e970325106002823000041660069006c0065002e000f00d263006f006c0064000000ffff0000ffffffff46494c457e312020434f4c2000a5e970325132510000e9703251090064000000", 0x120, 0x600}, {&(0x7f0000010500)="2e202020202020202020201000a5e970325132510000e97032510300000000002e2e2020202020202020201000a5e970325132510000e970325100000000000041660069006c00650030000f00fc0000ffffffffffffffffffff0000ffffffff46494c45302020202020202000a5e970325132510000e970325104001a040000", 0x80, 0x1e00}, {&(0x7f0000010600)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkal\x00\x00\x00\x00\x00\x00', 0x420, 0x2e00}, {&(0x7f0000010b00)='syzkallers\x00'/32, 0x20, 0x3e00}, {&(0x7f0000010c00)='syzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallersyzkallers\x00'/128, 0x80, 0x7e00}], 0x0, &(0x7f0000010d00))

15:41:16 executing program 6:
r0 = getpgid(0x0)
r1 = perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
r2 = getpgid(0x0)
perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r2, 0x0, r1, 0x0)

[   83.931895] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.933491] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.934189] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.936777] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.937630] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   83.938930] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.941631] Bluetooth: hci1: HCI_REQ-0x0c1a
[   83.946041] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   83.951349] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   83.956479] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.957412] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.958154] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   83.958777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.976141] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.977458] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   83.979455] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.979458] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   83.980961] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   83.981716] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.982511] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   83.983562] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   83.983582] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   83.984442] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   83.985304] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   83.986728] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   83.987528] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   83.989676] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   83.990371] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   83.991125] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   83.992291] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   83.992969] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.996582] Bluetooth: hci7: HCI_REQ-0x0c1a
[   83.998084] Bluetooth: hci5: HCI_REQ-0x0c1a
[   84.001674] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   84.017747] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   84.021139] Bluetooth: hci2: HCI_REQ-0x0c1a
[   84.036408] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   84.052605] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   84.068164] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   84.069274] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   84.070254] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   84.072085] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   84.072923] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   84.075721] Bluetooth: hci4: HCI_REQ-0x0c1a
[   84.076884] Bluetooth: hci0: HCI_REQ-0x0c1a
[   84.105582] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   84.106505] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   84.108491] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   84.114481] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   84.116228] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   84.118000] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   84.124575] Bluetooth: hci3: HCI_REQ-0x0c1a
[   84.145007] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   84.154202] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   84.156072] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   84.166591] Bluetooth: hci6: HCI_REQ-0x0c1a
[   86.006218] Bluetooth: hci7: command 0x0409 tx timeout
[   86.007933] Bluetooth: hci1: command 0x0409 tx timeout
[   86.069968] Bluetooth: hci2: command 0x0409 tx timeout
[   86.070967] Bluetooth: hci5: command 0x0409 tx timeout
[   86.133893] Bluetooth: hci0: command 0x0409 tx timeout
[   86.134372] Bluetooth: hci4: command 0x0409 tx timeout
[   86.197893] Bluetooth: hci6: command 0x0409 tx timeout
[   86.198396] Bluetooth: hci3: command 0x0409 tx timeout
[   88.053971] Bluetooth: hci1: command 0x041b tx timeout
[   88.054691] Bluetooth: hci7: command 0x041b tx timeout
[   88.117913] Bluetooth: hci5: command 0x041b tx timeout
[   88.118538] Bluetooth: hci2: command 0x041b tx timeout
[   88.181911] Bluetooth: hci4: command 0x041b tx timeout
[   88.182579] Bluetooth: hci0: command 0x041b tx timeout
[   88.245851] Bluetooth: hci3: command 0x041b tx timeout
[   88.246283] Bluetooth: hci6: command 0x041b tx timeout
[   90.101916] Bluetooth: hci7: command 0x040f tx timeout
[   90.102420] Bluetooth: hci1: command 0x040f tx timeout
[   90.165851] Bluetooth: hci2: command 0x040f tx timeout
[   90.166345] Bluetooth: hci5: command 0x040f tx timeout
[   90.229865] Bluetooth: hci0: command 0x040f tx timeout
[   90.230353] Bluetooth: hci4: command 0x040f tx timeout
[   90.294177] Bluetooth: hci6: command 0x040f tx timeout
[   90.294663] Bluetooth: hci3: command 0x040f tx timeout
[   92.149949] Bluetooth: hci1: command 0x0419 tx timeout
[   92.150778] Bluetooth: hci7: command 0x0419 tx timeout
[   92.213977] Bluetooth: hci5: command 0x0419 tx timeout
[   92.214849] Bluetooth: hci2: command 0x0419 tx timeout
[   92.278028] Bluetooth: hci4: command 0x0419 tx timeout
[   92.278862] Bluetooth: hci0: command 0x0419 tx timeout
[   92.342014] Bluetooth: hci3: command 0x0419 tx timeout
[   92.342866] Bluetooth: hci6: command 0x0419 tx timeout
[  141.801754] audit: type=1400 audit(1662997335.916:7): avc:  denied  { open } for  pid=3736 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  141.807505] audit: type=1400 audit(1662997335.916:8): avc:  denied  { kernel } for  pid=3736 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  141.817523] ------------[ cut here ]------------
[  141.818302] WARNING: CPU: 0 PID: 3736 at kernel/events/core.c:2233 event_filter_match+0x422/0x660
[  141.819410] Modules linked in:
[  141.819810] CPU: 0 PID: 3736 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220912 #1
[  141.820776] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  141.822338] RIP: 0010:event_filter_match+0x422/0x660
[  141.823368] Code: 00 00 00 e9 7c fc ff ff e8 4b 15 f1 ff 65 8b 2d c0 73 ad 7e 31 ff 89 ee e8 eb 11 f1 ff 85 ed 0f 84 ef 00 00 00 e8 2e 15 f1 ff <0f> 0b eb 9f e8 15 80 23 00 e9 17 fc ff ff e8 1b 15 f1 ff 48 8d 7b
[  141.825810] RSP: 0018:ffff8880177ff700 EFLAGS: 00010012
[  141.826453] RAX: 0000000040000000 RBX: ffff888008660000 RCX: 0000000000000000
[  141.827287] RDX: ffff888020029ac0 RSI: ffffffff81550212 RDI: 0000000000000005
[  141.828120] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000001
[  141.828965] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff888008660220
[  141.829806] R13: 0000000000000000 R14: ffff8880086600a8 R15: ffff888008660220
[  141.830660] FS:  0000555555c39400(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  141.831606] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  141.832289] CR2: 00007f42509e9170 CR3: 000000000ec64000 CR4: 0000000000350ef0
[  141.833161] Call Trace:
[  141.833474]  <TASK>
[  141.833761]  merge_sched_in+0x107/0x1110
[  141.834266]  visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0
[  141.834965]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  141.835620]  ? merge_sched_in+0x1110/0x1110
[  141.836163]  ctx_sched_in+0x2e6/0x770
[  141.836653]  ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0
[  141.837379]  ? amd_pmu_check_overflow+0x17b/0x1c0
[  141.837990]  perf_event_sched_in+0x58/0x80
[  141.838511]  __perf_event_task_sched_in+0x408/0x6e0
[  141.839129]  ? perf_mux_hrtimer_handler+0xe80/0xe80
[  141.839742]  ? lock_is_held_type+0xd7/0x130
[  141.840289]  finish_task_switch.isra.0+0x46d/0x8a0
[  141.840899]  ? __switch_to+0x5bf/0xf20
[  141.841387]  __schedule+0x89b/0x2470
[  141.841860]  ? io_schedule_timeout+0x150/0x150
[  141.842425]  ? _raw_spin_unlock_irqrestore+0x28/0x60
[  141.843053]  schedule+0xda/0x1b0
[  141.843477]  futex_wait_queue+0xf5/0x1e0
[  141.843983]  futex_wait+0x28e/0x690
[  141.844440]  ? futex_wait_setup+0x230/0x230
[  141.845000]  ? __hrtimer_init+0x270/0x270
[  141.845540]  ? lock_release+0x3b2/0x750
[  141.846040]  ? __x64_sys_futex+0x3a9/0x4d0
[  141.846563]  do_futex+0x2ff/0x380
[  141.846997]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  141.847716]  ? lockdep_hardirqs_on+0x79/0x100
[  141.848282]  ? recalibrate_cpu_khz+0x10/0x10
[  141.848856]  ? ktime_get+0x153/0x1f0
[  141.849328]  __x64_sys_futex+0x1c6/0x4d0
[  141.849842]  ? __x64_sys_futex_time32+0x480/0x480
[  141.850453]  ? syscall_enter_from_user_mode+0x1d/0x50
[  141.851128]  do_syscall_64+0x3b/0x90
[  141.851614]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  141.852265] RIP: 0033:0x7f571673ab19
[  141.852740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  141.854882] RSP: 002b:00007ffcb9d1d2e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  141.855795] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007f571673ab19
[  141.856662] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f571684df6c
[  141.857525] RBP: 00007f571684df6c R08: 00007ffcb9dbd080 R09: 0000000000000000
[  141.858387] R10: 00007ffcb9d1d3c0 R11: 0000000000000246 R12: 0000000000022928
[  141.859246] R13: 00000000000003e8 R14: 00007f571684df60 R15: 0000000000022920
[  141.860117]  </TASK>
[  141.860411] irq event stamp: 2610
[  141.860847] hardirqs last  enabled at (2609): [<ffffffff8425ea08>] _raw_spin_unlock_irqrestore+0x28/0x60
[  141.861965] hardirqs last disabled at (2610): [<ffffffff84247a45>] __schedule+0x1225/0x2470
[  141.862961] softirqs last  enabled at (2290): [<ffffffff8109e782>] fpu_clone+0x3c2/0xb00
[  141.863945] softirqs last disabled at (2288): [<ffffffff8109e6f5>] fpu_clone+0x335/0xb00
[  141.864926] ---[ end trace 0000000000000000 ]---
[  141.865562] ------------[ cut here ]------------
[  141.866139] WARNING: CPU: 0 PID: 3736 at kernel/events/core.c:2557 merge_sched_in+0xadb/0x1110
[  141.867180] Modules linked in:
[  141.867580] CPU: 0 PID: 3736 Comm: syz-executor.6 Tainted: G        W          6.0.0-rc5-next-20220912 #1
[  141.868721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  141.870073] RIP: 0010:merge_sched_in+0xadb/0x1110
[  141.870661] Code: ff ff e8 78 16 ef ff 65 8b 05 ed 74 ab 7e 31 ff 89 c6 89 04 24 e8 15 13 ef ff 8b 04 24 85 c0 0f 84 13 02 00 00 e8 55 16 ef ff <0f> 0b e9 c4 fb ff ff e8 49 16 ef ff 4c 89 e8 48 05 18 01 00 00 e9
[  141.872829] RSP: 0018:ffff8880177ff740 EFLAGS: 00010012
[  141.873475] RAX: 0000000040000000 RBX: ffff88806ce3ef00 RCX: 0000000000000000
[  141.874336] RDX: ffff888020029ac0 RSI: ffffffff815700eb RDI: 0000000000000005
[  141.875198] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  141.876061] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff8880417dac00
[  141.876954] R13: 0000000000000001 R14: ffff8880086600a8 R15: ffff888008660220
[  141.877810] FS:  0000555555c39400(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  141.878765] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  141.879460] CR2: 00007f42509e9170 CR3: 000000000ec64000 CR4: 0000000000350ef0
[  141.880329] Call Trace:
[  141.880658]  <TASK>
[  141.880962]  visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0
[  141.881668]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  141.882342]  ? merge_sched_in+0x1110/0x1110
[  141.882891]  ctx_sched_in+0x2e6/0x770
[  141.883372]  ? visit_groups_merge.constprop.0.isra.0+0xef0/0xef0
[  141.884115]  ? amd_pmu_check_overflow+0x17b/0x1c0
[  141.884749]  perf_event_sched_in+0x58/0x80
[  141.885288]  __perf_event_task_sched_in+0x408/0x6e0
[  141.885929]  ? perf_mux_hrtimer_handler+0xe80/0xe80
[  141.886545]  ? lock_is_held_type+0xd7/0x130
[  141.887084]  finish_task_switch.isra.0+0x46d/0x8a0
[  141.887684]  ? __switch_to+0x5bf/0xf20
[  141.888177]  __schedule+0x89b/0x2470
[  141.888655]  ? io_schedule_timeout+0x150/0x150
[  141.889215]  ? _raw_spin_unlock_irqrestore+0x28/0x60
[  141.889838]  schedule+0xda/0x1b0
[  141.890262]  futex_wait_queue+0xf5/0x1e0
[  141.890757]  futex_wait+0x28e/0x690
[  141.891213]  ? futex_wait_setup+0x230/0x230
[  141.891747]  ? __hrtimer_init+0x270/0x270
[  141.892282]  ? lock_release+0x3b2/0x750
[  141.892797]  ? __x64_sys_futex+0x3a9/0x4d0
[  141.893322]  do_futex+0x2ff/0x380
[  141.893763]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  141.894468]  ? lockdep_hardirqs_on+0x79/0x100
[  141.895034]  ? recalibrate_cpu_khz+0x10/0x10
[  141.895586]  ? ktime_get+0x153/0x1f0
[  141.896059]  __x64_sys_futex+0x1c6/0x4d0
[  141.896568]  ? __x64_sys_futex_time32+0x480/0x480
[  141.897181]  ? syscall_enter_from_user_mode+0x1d/0x50
[  141.897827]  do_syscall_64+0x3b/0x90
[  141.898300]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  141.898939] RIP: 0033:0x7f571673ab19
[  141.899406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  141.901542] RSP: 002b:00007ffcb9d1d2e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  141.902447] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007f571673ab19
[  141.903308] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f571684df6c
[  141.904161] RBP: 00007f571684df6c R08: 00007ffcb9dbd080 R09: 0000000000000000
[  141.905020] R10: 00007ffcb9d1d3c0 R11: 0000000000000246 R12: 0000000000022928
[  141.905866] R13: 00000000000003e8 R14: 00007f571684df60 R15: 0000000000022920
[  141.906737]  </TASK>
[  141.907038] irq event stamp: 2610
[  141.907455] hardirqs last  enabled at (2609): [<ffffffff8425ea08>] _raw_spin_unlock_irqrestore+0x28/0x60
[  141.908688] hardirqs last disabled at (2610): [<ffffffff84247a45>] __schedule+0x1225/0x2470
[  141.909735] softirqs last  enabled at (2290): [<ffffffff8109e782>] fpu_clone+0x3c2/0xb00
[  141.910745] softirqs last disabled at (2288): [<ffffffff8109e6f5>] fpu_clone+0x335/0xb00
[  141.911764] ---[ end trace 0000000000000000 ]---
[  141.933096] 
[  141.933433] ======================================================
[  141.934381] WARNING: possible circular locking dependency detected
[  141.935325] 6.0.0-rc5-next-20220912 #1 Tainted: G        W         
[  141.936288] ------------------------------------------------------
[  141.937289] syz-executor.6/3736 is trying to acquire lock:
[  141.938055] ffff8880417dac20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  141.939266] 
[  141.939266] but task is already holding lock:
[  141.940019] ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  141.941073] 
[  141.941073] which lock already depends on the new lock.
[  141.941073] 
[  141.942143] 
[  141.942143] the existing dependency chain (in reverse order) is:
[  141.943104] 
[  141.943104] -> #3 (&rq->__lock){-.-.}-{2:2}:
[  141.943887]        _raw_spin_lock_nested+0x30/0x40
[  141.944549]        raw_spin_rq_lock_nested+0x1e/0x30
[  141.945267]        task_fork_fair+0x63/0x4d0
[  141.945871]        sched_cgroup_fork+0x3d0/0x540
[  141.946515]        copy_process+0x3f9e/0x6df0
[  141.947149]        kernel_clone+0xe7/0x890
[  141.947714]        user_mode_thread+0xad/0xf0
[  141.948314]        rest_init+0x24/0x250
[  141.948889]        arch_call_rest_init+0xf/0x14
[  141.949527]        start_kernel+0x4c1/0x4e6
[  141.950138]        secondary_startup_64_no_verify+0xe0/0xeb
[  141.950884] 
[  141.950884] -> #2 (&p->pi_lock){-.-.}-{2:2}:
[  141.951671]        _raw_spin_lock_irqsave+0x39/0x60
[  141.952331]        try_to_wake_up+0xab/0x1920
[  141.952968]        up+0x75/0xb0
[  141.953416]        __up_console_sem+0x6e/0x80
[  141.954021]        console_unlock+0x46a/0x590
[  141.954624]        vprintk_emit+0x1bd/0x560
[  141.955206]        vprintk+0x84/0xa0
[  141.955714]        _printk+0xba/0xf1
[  141.956223]        kauditd_hold_skb.cold+0x3f/0x4e
[  141.956928]        kauditd_send_queue+0x233/0x290
[  141.957568]        kauditd_thread+0x5da/0x9a0
[  141.958165]        kthread+0x2ed/0x3a0
[  141.958684]        ret_from_fork+0x22/0x30
[  141.959244] 
[  141.959244] -> #1 ((console_sem).lock){....}-{2:2}:
[  141.960100]        _raw_spin_lock_irqsave+0x39/0x60
[  141.960786]        down_trylock+0xe/0x70
[  141.961325]        __down_trylock_console_sem+0x3b/0xd0
[  141.962025]        vprintk_emit+0x16b/0x560
[  141.962597]        vprintk+0x84/0xa0
[  141.963098]        _printk+0xba/0xf1
[  141.963606]        report_bug.cold+0x72/0xab
[  141.964192]        handle_bug+0x3c/0x70
[  141.964749]        exc_invalid_op+0x14/0x50
[  141.965323]        asm_exc_invalid_op+0x16/0x20
[  141.965946]        event_filter_match+0x422/0x660
[  141.966588]        merge_sched_in+0x107/0x1110
[  141.967193]        visit_groups_merge.constprop.0.isra.0+0x4fc/0xef0
[  141.968030]        ctx_sched_in+0x2e6/0x770
[  141.968595]        perf_event_sched_in+0x58/0x80
[  141.969268]        __perf_event_task_sched_in+0x408/0x6e0
[  141.969985]        finish_task_switch.isra.0+0x46d/0x8a0
[  141.970687]        __schedule+0x89b/0x2470
[  141.971239]        schedule+0xda/0x1b0
[  141.971749]        futex_wait_queue+0xf5/0x1e0
[  141.972351]        futex_wait+0x28e/0x690
[  141.972919]        do_futex+0x2ff/0x380
[  141.973433]        __x64_sys_futex+0x1c6/0x4d0
[  141.974039]        do_syscall_64+0x3b/0x90
[  141.974594]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  141.975340] 
[  141.975340] -> #0 (&ctx->lock){....}-{2:2}:
[  141.976113]        __lock_acquire+0x2a02/0x5e70
[  141.976777]        lock_acquire+0x1a2/0x530
[  141.977354]        _raw_spin_lock+0x2a/0x40
[  141.977922]        __perf_event_task_sched_out+0x53b/0x18d0
[  141.978651]        __schedule+0xedd/0x2470
[  141.979204]        schedule+0xda/0x1b0
[  141.979711]        futex_wait_queue+0xf5/0x1e0
[  141.980311]        futex_wait+0x28e/0x690
[  141.980890]        do_futex+0x2ff/0x380
[  141.981407]        __x64_sys_futex+0x1c6/0x4d0
[  141.982004]        do_syscall_64+0x3b/0x90
[  141.982560]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  141.983303] 
[  141.983303] other info that might help us debug this:
[  141.983303] 
[  141.984320] Chain exists of:
[  141.984320]   &ctx->lock --> &p->pi_lock --> &rq->__lock
[  141.984320] 
[  141.985619]  Possible unsafe locking scenario:
[  141.985619] 
[  141.986426]        CPU0                    CPU1
[  141.987035]        ----                    ----
[  141.987628]   lock(&rq->__lock);
[  141.988081]                                lock(&p->pi_lock);
[  141.988870]                                lock(&rq->__lock);
[  141.989621]   lock(&ctx->lock);
[  141.990059] 
[  141.990059]  *** DEADLOCK ***
[  141.990059] 
[  141.990824] 1 lock held by syz-executor.6/3736:
[  141.991428]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  141.992520] 
[  141.992520] stack backtrace:
[  141.993139] CPU: 0 PID: 3736 Comm: syz-executor.6 Tainted: G        W          6.0.0-rc5-next-20220912 #1
[  141.994367] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  141.995854] Call Trace:
[  141.996211]  <TASK>
[  141.996524]  dump_stack_lvl+0x8b/0xb3
[  141.997103]  check_noncircular+0x263/0x2e0
[  141.997686]  ? print_circular_bug+0x450/0x450
[  141.998322]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  141.998950]  __lock_acquire+0x2a02/0x5e70
[  141.999535]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  142.000267]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  142.001019]  lock_acquire+0x1a2/0x530
[  142.001558]  ? __perf_event_task_sched_out+0x53b/0x18d0
[  142.002285]  ? rcu_read_unlock+0x40/0x40
[  142.002848]  ? lock_release+0x3b2/0x750
[  142.003405]  ? __perf_event_task_sched_out+0xb0c/0x18d0
[  142.004132]  ? lock_downgrade+0x6d0/0x6d0
[  142.004735]  ? rcu_read_lock_sched_held+0x3e/0x80
[  142.005410]  ? __update_load_avg_se+0x6b5/0xc70
[  142.006057]  _raw_spin_lock+0x2a/0x40
[  142.006585]  ? __perf_event_task_sched_out+0x53b/0x18d0
[  142.007314]  __perf_event_task_sched_out+0x53b/0x18d0
[  142.008024]  ? lock_is_held_type+0xd7/0x130
[  142.008661]  ? __perf_cgroup_move+0x160/0x160
[  142.009286]  ? set_next_entity+0x304/0x550
[  142.009881]  ? update_curr+0x188/0x740
[  142.010435]  ? lock_is_held_type+0xd7/0x130
[  142.011040]  __schedule+0xedd/0x2470
[  142.011556]  ? io_schedule_timeout+0x150/0x150
[  142.012188]  ? _raw_spin_unlock_irqrestore+0x28/0x60
[  142.012928]  schedule+0xda/0x1b0
[  142.013399]  futex_wait_queue+0xf5/0x1e0
[  142.013958]  futex_wait+0x28e/0x690
[  142.014462]  ? futex_wait_setup+0x230/0x230
[  142.015054]  ? __hrtimer_init+0x270/0x270
[  142.015636]  ? lock_release+0x3b2/0x750
[  142.016197]  ? __x64_sys_futex+0x3a9/0x4d0
[  142.016825]  do_futex+0x2ff/0x380
[  142.017308]  ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0
[  142.018093]  ? lockdep_hardirqs_on+0x79/0x100
[  142.018720]  ? recalibrate_cpu_khz+0x10/0x10
[  142.019336]  ? ktime_get+0x153/0x1f0
[  142.019859]  __x64_sys_futex+0x1c6/0x4d0
[  142.020424]  ? __x64_sys_futex_time32+0x480/0x480
[  142.021119]  ? syscall_enter_from_user_mode+0x1d/0x50
[  142.021832]  do_syscall_64+0x3b/0x90
[  142.022351]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  142.023066] RIP: 0033:0x7f571673ab19
[  142.023579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  142.026050] RSP: 002b:00007ffcb9d1d2e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  142.027076] RAX: ffffffffffffffda RBX: 0000000000000032 RCX: 00007f571673ab19
[  142.028042] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f571684df6c
[  142.029047] RBP: 00007f571684df6c R08: 00007ffcb9dbd080 R09: 0000000000000000
[  142.029927] R10: 00007ffcb9d1d3c0 R11: 0000000000000246 R12: 0000000000022928
[  142.030799] R13: 00000000000003e8 R14: 00007f571684df60 R15: 0000000000022920
[  142.031680]  </TASK>
15:42:16 executing program 6:
r0 = getpgid(0x0)
r1 = perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
r2 = getpgid(0x0)
perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r2, 0x0, r1, 0x0)

15:42:16 executing program 6:
r0 = getpgid(0x0)
r1 = perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
r2 = getpgid(0x0)
perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r2, 0x0, r1, 0x0)

15:42:16 executing program 6:
r0 = getpgid(0x0)
r1 = perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
r2 = getpgid(0x0)
perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r2, 0x0, r1, 0x0)

15:42:17 executing program 6:
r0 = getpgid(0x0)
r1 = perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
r2 = getpgid(0x0)
perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r2, 0x0, r1, 0x0)

15:42:17 executing program 6:
r0 = getpgid(0x0)
r1 = perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
r2 = getpgid(0x0)
perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r2, 0x0, r1, 0x0)

15:42:17 executing program 6:
r0 = getpgid(0x0)
r1 = perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
r2 = getpgid(0x0)
perf_event_open(&(0x7f00000038c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r2, 0x0, r1, 0x0)

15:42:17 executing program 6:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f00000000c0)=0x7, 0x4)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/175, 0xaf}], 0x1)

15:42:17 executing program 6:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f00000000c0)=0x7, 0x4)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/175, 0xaf}], 0x1)

[  143.624415] syz-executor.3 (298) used greatest stack depth: 24528 bytes left
[  147.957934] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  148.085863] Bluetooth: hci4: Opcode 0x c03 failed: -110
[  148.085873] Bluetooth: hci6: Opcode 0x c03 failed: -110
[  148.086757] Bluetooth: hci3: Opcode 0x c03 failed: -110
[  148.087556] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  148.088261] Bluetooth: hci1: Opcode 0x c03 failed: -110
[  148.088961] Bluetooth: hci7: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
15:42:16  Registers:
info registers vcpu 0
RAX=0000000000000049 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff8880177ff078
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000049 R11=0000000000000001
R12=0000000000000049 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30
RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000555555c39400 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f42509e9170 CR3=000000000ec64000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007f57168217c0 00007f57168217c8
YMM02=0000000000000000 0000000000000000 00007f57168217e0 00007f57168217c0
YMM03=0000000000000000 0000000000000000 00007f57168217c8 00007f57168217c0
YMM04=0000000000000000 0000000000000000 ff00000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=1ffff11001e9df83 RCX=0000000000000001 RDX=0000000000000000
RSI=00000000ffffffff RDI=ffffffff85406ee0 RBP=ffffffff85406ee0 RSP=ffff88800f4efbb8
R8 =0000000000000000 R9 =ffffffff85b01f17 R10=fffffbfff0b603e2 R11=0000000000000001
R12=ffff88804053d040 R13=00000000ffffffff R14=00000000ffffffff R15=0000000000000000
RIP=ffffffff8423e524 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fcec48b1540 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000558ecd5144c8 CR3=0000000019db8000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 000000000000ff00 0000000000000000
YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff
YMM03=0000000000000000 0000000000000000 0000000000000000 0000ff00000000ff
YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000