Warning: Permanently added '[localhost]:11427' (ECDSA) to the list of known hosts. 2023/02/24 10:52:52 fuzzer started 2023/02/24 10:52:52 dialing manager at localhost:41417 syzkaller login: [ 43.859289] cgroup: Unknown subsys name 'net' [ 43.946157] cgroup: Unknown subsys name 'rlimit' 2023/02/24 10:53:06 syscalls: 2217 2023/02/24 10:53:06 code coverage: enabled 2023/02/24 10:53:06 comparison tracing: enabled 2023/02/24 10:53:06 extra coverage: enabled 2023/02/24 10:53:06 setuid sandbox: enabled 2023/02/24 10:53:06 namespace sandbox: enabled 2023/02/24 10:53:06 Android sandbox: enabled 2023/02/24 10:53:06 fault injection: enabled 2023/02/24 10:53:06 leak checking: enabled 2023/02/24 10:53:06 net packet injection: enabled 2023/02/24 10:53:06 net device setup: enabled 2023/02/24 10:53:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/02/24 10:53:06 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/02/24 10:53:06 USB emulation: enabled 2023/02/24 10:53:06 hci packet injection: enabled 2023/02/24 10:53:06 wifi device emulation: enabled 2023/02/24 10:53:06 802.15.4 emulation: enabled 2023/02/24 10:53:06 fetching corpus: 0, signal 0/2000 (executing program) 2023/02/24 10:53:06 fetching corpus: 22, signal 27166/29923 (executing program) 2023/02/24 10:53:06 fetching corpus: 53, signal 43461/46540 (executing program) 2023/02/24 10:53:07 fetching corpus: 101, signal 57892/60746 (executing program) 2023/02/24 10:53:07 fetching corpus: 149, signal 66336/68963 (executing program) 2023/02/24 10:53:07 fetching corpus: 198, signal 75521/77470 (executing program) 2023/02/24 10:53:07 fetching corpus: 246, signal 80506/81991 (executing program) 2023/02/24 10:53:08 fetching corpus: 293, signal 84431/85462 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87848/88351 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88450 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88509 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88564 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88630 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88687 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88731 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88803 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88851 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88904 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/88951 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/89002 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/89066 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/89135 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/89192 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/89244 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/89296 (executing program) 2023/02/24 10:53:08 fetching corpus: 321, signal 87911/89343 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89443 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89503 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89578 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89626 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89682 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89734 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89783 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89841 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89903 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/89958 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90021 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90070 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90122 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90171 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90236 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90293 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90365 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90427 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90479 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90496 (executing program) 2023/02/24 10:53:08 fetching corpus: 322, signal 87952/90496 (executing program) 2023/02/24 10:53:11 starting 8 fuzzer processes 10:53:11 executing program 0: syz_mount_image$tmpfs(&(0x7f0000002c00), &(0x7f0000002c40)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000002e80)={[{@nr_blocks={'nr_blocks', 0x3d, [0x67, 0x0]}}]}) 10:53:11 executing program 1: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, 0x0) sendfile(r0, 0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = socket$nl_audit(0x10, 0x3, 0x9) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$inet(r1, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @broadcast}}}], 0x20}, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x8000}, 0x4) 10:53:11 executing program 2: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0) ioctl$CDROMREADAUDIO(r0, 0x5310, &(0x7f0000000240)={@lba, 0x0, 0x0, 0x0}) 10:53:11 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x57aa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x40, &(0x7f0000000240)=0x0) io_destroy(r1) io_setup(0xffffffc1, &(0x7f0000000400)) r2 = eventfd2(0x8001, 0x0) io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) io_cancel(0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x8, 0x8000, 0xffffffffffffffff, 0x0, 0x0, 0x9}, &(0x7f0000000300)) io_destroy(r1) sync() io_setup(0xd29, &(0x7f0000000780)=0x0) r4 = memfd_create(&(0x7f0000000100)='/d\xb5>\xbb\xb3~\xa9\xa4O{\xc3\xad \xeb\xee\xeed\xf4\xaf\xf8\x81\xea|f\x1c\xe0\xc1\xd1\x19cr\xa1\x01\xc3g\x10#\xa1\xfa\xb2\xe7\xa4+\x9e\xd7\xa2\x04y\xc1\xcf-V\xc0\x18L\xce\xe2I\x19:\xe7\xc6F\x1a\x16!\x00\x9c*\x03\x1f\x94#\xf1\xcb\xc9\xf1\x16I\x85\xc8x\xe0\xc7\xc7z\xfa\t\x85\t\xfcM\b\x81\xd9d\xe25i\xe7\xb4M\xd1\xa4\xef\x0eW\x7f\x13\xa9>\xcf;+-\xf1gT\xd0\xcck\xb1Nq\xe2\x06\xdf\xc2\x01\x00\x00\x00\x00\x00\x00\x00\xe4\x9b\xab\xf7E\x1c\xb2,\xe4[|\xcc\x85{\xb3\x98\x139\xc4F\x9fE\xa7*\xed\x9b@\x8bH\xe5\xb5\xa7\xae\x11\xa7N\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3Ef\x88fM\xc3\xd7\xb2\aa\xe5?{\x18}\x9b\x87\x83^\xd5 a& \xd9\xa5\xa2\x85P\xdc\x8bO\xcbi\x1d-\x0e\xd9\xd5\xb1\x8d\x81da\xf89\xc4\xaa\x81\xad\xda\xef\x860\x19\xc4\xb3\vW\x19\xae:\a\x89\xb2\x87\xf0\x8ch\xc7r\xf6K\x96\x7f\x15?\xdb\x95\x82\xe8\x10\xa7qX\x8b\xc2 \xb0\xe5(\x87\xfd_\\\x17Y\xf6\vc\xa1JG\xc2\x88\xbc\xb1\xf3\"\x1a~t\xed\xed?\xad&\x11\x06\xc6!n\xb4\xf8\"W&\xf9|\xc9\xed\xde\xd6\xac\xd9\xea\xe6\xff\xf9\xeb\xa8\xd1\xb5\xf6N\xac\v\x88\xfcH\xd2\xe5UL\xfd\xd1gD\x99\x89M\xfbpe]A\x90\x81\xcb\x136;;\x9e\x0f\xa7\x92\xe3\x19O\n\xae{\x17\xa2\xec\x00\x9b/\xff\x02)z\x04\xb5\xf7\xafU\xa2D\"@j\x19\xa0D\x87Dc\n\x92', 0x0) io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x7, 0x0, r4, 0x0}]) r5 = syz_open_dev$evdev(&(0x7f0000000340), 0x4, 0x104c0) io_cancel(r3, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x5, 0xffff, r5, &(0x7f00000007c0)="455c740fd0df5336ca2d6827b47a26297e3415a9fe53ca92ac396f77a8345f3306c7c421f2b8a740d131606c88094ccc647a24ae98aa215068906c9c3e81b91b26ba2c299ded65f82768a62c950725199e08ab4440cf23a924f32a727ac4143328f1edcbea8efd0f065cc5c6fc5a7f9285e8b57d6a1e8495710c51bc326387097bed9c29d62bc6e61c8f40cd5a415ee44973e6ee7d0ab09aaa6133d877ab3b7e44577ffb0820ef8e05fc7364227c9890a502399961955205c31a540d6658f9cfe7c5b29f0987bc9dfc338baf0734df64df0835f4e1e463d052abed8aa50b02ca7fed428ae5941b4e890d668f70e5cf600c555d95e0a263d326953d433d8a63a6118bb91a2d5cf73d289a9b0e17e2d7b9ccf04998d8773d588aea91a000787baa8f90a2b794ab41ac96c2fe981e39dc7b9f278e8fbbc38bf23f287b77b0ecc7e298100ce581ca4460b80478b128e7121732b5b718d3c21ab3a7d7303c3cf9da2061651acb1f9ece8c142ea7cb45388f808a44f173d5834f92dc3f7a5358d6193f326e6a3a85011910d000d56ac31edd8260daa64fea1ca0fe78fd8cd8e29d479552fb16be83c0bb3ea96762b733a1cb33d0670af7ab1b51a3bd98c186b05170d307f0f267f3807fbe52067e313e1e7e1b5b127f8f8ee3a95e5d0cb9f27fa2e911af0cd63796a4ce54d607efc191dc265bc245b7a39e5b035d810a263d4f6bcfe484344b3cec67ad26627f0f63feac6cae8fee8285aa22812ecf10684aeddab36faa13d7b409c6dffc1817ea0155114a04ed32de7ea049821427d65182d687436bf69eb1f2db70ffd57a7ee2ff3da104d194d8387850f0eb42f50663ff233d2a5873a6c588f726f8e4e010fee5b762225954760e181ee9317ac583a55000a56b96474f66e42b7cc321c43cab025ca4a37eb9571d03e5a65282a13d9d13ec7c39033d8c04433c4f14c7671f2922df08b6e59efd40578da769df31d4dadc7c47d5f324be32f585a82b58ff825ebee02fe3f6bbbd6d5d867716f0caa3c3b195c527f908f73c55ba55cac5ed9dd91433dd87338496fb5342463f79b609e0676ccc5b6bb34241c0c38dea085af56f48bae7fc74e6becdacd13e6d7040b78c75bbf87b5473418e8b0d67bf7e625bbf707ecc3f9278df07b8996c9632a806a1900c58dcc9f22fbdc312bc970c218e66c168a5e750c0543391953f43256bb8c21f8aa148165d4ef265d4472e13dd91147be2fbf6f648bd3e9d00347e83cf72b0fe5d320db2e9f62ea3c35f96c83dc41bc389dc200bbdd6de21a8b76f03493fb45cef24873b8fc63d9fcd29070a8619eec5fbfe936bb9f4a5d7055702bc9f985b661bba28174bb8c95ff65c337d0dd8a020150cc85f3816320878d53b079779d5b794fa6e156426f7f25f9f88e6f19f0d86cf724788d4af4726715a5342c27975bcb27b73d92f9a547f13fd84e8e019c1130838ff2cd2bd39ecdb1431a8a11b7b1f992bbb0364d925c12d50fdbf77bfe8ca933a13d766f2d11d6fb6c51c8b1c4d3f1267ddef9f4e179d5d67c16c3998c8336c33b49e0faad25b1f161a191647ccb52d378a6b840c9020f84365a6a47a1cc1ccf64fd805dfd39d885676fe2446db0156966aa1091f724764df31979aba730510a737fae5c875ceec4674bd9f8e47f24bcc4817a96ec9ba91a88ce9822b3ff2fef3f51b14c83e8d90b86cfd10ea191203255607127e7d9cfdfe3ce3cc9d7d13c83e147d8e5ad1e84927d6f901b328a0c580a20fae9efb5e843cf6ff44437c325c3879286d8229dc99b1222a238eb2fa0309768415d9f284768622bb61ec9b55c4686111d76ff1e2267dddb5bdbbf63d5add2b24ea05b2bf95066d302affd95c4f7d2177c0d237ab394341c7633b707d90bb341ccfa2488b723a7bb2ba6531811c9a9b61859aa259e49ce0777619ff3400c89e67e1506a96e90a1e740e8590869d29ab702a52b9615f66b3a65d31efd7b9484ac21a936be10448d5d85ae3b659cd9628e28111d80bb4fa12d99d3c4a7f5eec712a29a28c888a8352954b0550af97321d096cdd005ff9d5cdf8a2444bc99346095269062d13d5becb498f2465fc0dfa1c9fc5501c7ed07c810b557c9cda45d5f1fe74bcfd9547dff013be1d77b17de68b60e68dbfa415f340403ff99f6b56e37408eeab21f606a1bca8441254aef996752f79bab0f8db7942c153bd53b710ed7faccaa1cfe73e5afaeb8e5ddb0b4a223c643b1d0d2b94d00e04aa00b76e56be93869db8c5964bc22a326770c13ff0d84408cb17c9b9e6c57c3e2c3021e3fc9074cafcda19b6576885c191382c076c00f571251a3c46ab1ab2c0908aa52ab1592d104a4f14e7b25c252b6546fb8311cd20b1b5ebb1db97ca6461f5a723c8c1ab85c73198ae367375674b71656fb7b2128b80d4fcfeac9ea49c69dd18bb7de6229ea215fcfef9a25f7b7272be0617c0e21f0e323da4b66a4bbcf08f6a26bc92789b26bf3798805e01131cc5c882ac817dd0d6c6e98beadbbc9d90a2050fc27ec5fd35ceaf47514ca2ddc26b7eeb9d5f4cff88d02c38b1ae729fcc925d2457d3509e87aef756aef6185c0f5ed0d01cf5256a0e079b89180f1554fb9eb7fea08cec32eb02377b92678bd05347273313a6cfe60008c6955f486dec4dc11a6bc448665c59e2be9b3f3f0981de2bc886e64b5ea24b3aeebd3f33351e437c887687e59824df77d8d9d24c184addbf6ae6f4a7d3d0eee281fa4e2bf4248866d5c48b3f45e9ef53fd772315137d1fc6262940635d0c0b62d3f292d254edde65709a707f51796cd03e93e7b6bd19abef6d9e58a79193c8f4cf5e5d5f5505d9a36296c0600aa539a29d1fa9fe3f2416d445c4f452ba5b1c3797424c7b70dbb1580f48e199f2a7fa795371166d2d51e996f2b5a7f49cce6a13ce0f41271a9a8007b7477ee4699f698ffe400d6f7abc2ef1f8593252f0ef63d7cb75272a7823b18cfaaa16f2e623dfca0530d1f80029121915687b86184c1978c2db9086a7cb0f4ce7928af71bd8d4ab29bd9c010416306015c8645bbd96d61392b677b882cad49b7f7f97d3cb0b6cec0ad6fc9a2e20ada05893c0aa22fc60fd84036ea35b1df5dd77d83db33a596da7a818461055268bf92715b463834eb5071cb75ee99252a94fe70926d0d72709e57b8a4afb58157e169278077074c39f870d843e02687da935949750b2d5a2dd1809b611ba84816a1f9fe6a78d80bc5a245478b77363a019bef70e869fd7828cb5e6cdb6c1e3bc4d17c8c6faf325737cf778ff10bb0a962f0151709bc9933ee46611c8b1a0a28d0d3e0dcf07610378d1a733b4aa592b6a4c9917b4ebaaed16ae9a704bd3293e94e87a0fa72c93c2bdeac856ef0b8d9590cc1728d7e740844d1bc8c0142832646a378d3785f2d6f7a3a901e4da6c0fa0d1a98e846d9bb4f94544ce6a41ad8f149229a46c9b75bc3eda12087623e612ee29be649ff820acdd0dff9878176bfa73ae651c108a7f0d993a61343d0861b3fda3e8a664ec5d1bc0dc3073a25cf7676a707e72d6cd5584732362f7a3bbbd7f1a9b92078c195da095543a7761dfd1564d463d131c893e2382c4855f1257e105de0de740e32b26ed777010589c778dcbf082663fe73772e3ace2e460a879a00aafc121bdb238464c6d9143bb8a5fb6cdd4b5859c9faa172d5c5c32b3c56f2707a57c3170d4cd2f12063d1b6ec7ddb2ea7d423f925d0b06a6060a4d45ddbcc74405f0ecf8c2f0401f3bbc373e3a6c5d39df7e26becdcfcc830fee61ead8023b42cde471efd5b6695b756132a742f24ae6cbcec2a1e7b7bf8ba35d1d0f44926c25b2c61e244f828d5ce01da51739471be63b0042d4cd1a7f38f9f686c274099d13c683fa4caf9a829ae56ee68af1da0965ca2d03fd6ec8471bb197f0c32a191479313e0cfdf26da0218fdf106ccd9f55eb9fc73cea9b4cc47f9df551bf7bcf822d744223b4ec5a3c787cf06c2d785967362b6a060f55988fa93c2c772c0ffa60201e9ad24e490e07490bb5c860eaf275f9202dd8b436b9a8ba0f0c195140c8621f4a7eeb1a34f05cedcf3a743b69d629ac88109bd0567c5bb0ce61626fe77e50158b960036a1e4abde2992c03413937eaa005207b5bfbde46692b7b3af3d4a2767d00e80782e68985fc1f35572b289a3decfda237fbedc176dd44708665cec4b76511867da55d361ada252f88d5b17bcabb99b402dcc7c164f1acae5fb0644d4b07707186babb45b048614bf47d69c3b017efd1032d1a171793e8e70ca655de9a93673bb886b0a7c4160f6665b04d7a9280b5be379986729defba2e8868fb3b144155e2cdbe3bbf9a18d9c8ecad6e6c9f6dbd95e343f6c67d6b3de24a935d90c64da14106bfcb3b450866ca019890661cb909c0da81c9f937a6c6eac6b1ba8728f94b33565ce935a3e0f4a847a30111faf65879208a47314dfb1549a87924adb08b96f517ffc7d69d220debafee675494198f2d6e86d13c857c00ef368adb39e2d6c2210baed050a51f8d6723d0ff317fc1d56ab20224696f5bbf4a61be2d990495a004af74deeef1eaaefb6cf430fd6c8b890aac5e55c7968b7f098d549235bc19ba694021d0c9b520b51081f67637eb42f9ec6e53a78376af3e7fe974911de08e6f0ede6e83bfde7db7036b2bcaf44b578f914a33f2a96209e7d05aaed71fc5bef2a7f32fc26c409fca0b921cdab9aed455832f9f663f3f297135e02d373fa8f79d6250ecfc1074d449a6916833f3fd692dd117e3343cf65e77630ca339d8093099d9aff15bdc0225a7ddb7a0b71931257d19ed0b19213f7346109ff4ab33f93f1893c7e62e1ec91cf1e8212e0fa810772c07fa6188b26a6ff970bcaf9479567dc6a401ff6755dd40c896ede5b22acbe5b44d6467496c0195e1127b2067112627a0971df107f33663030300ff10c851859f6d1a174a99ebd800d5e9d4e9425615eb8c74caa913aa3fb7724ab69c7cd5c13a35b53c001722e0abf0146698fcb4fc2af16f44ed3d8f95e495ab120ecf0aee3096fabc200a8d12ee3d7929e072596cde0d36a77a1d73872970b61c2a91cb6f72f574bae1375ded4e19cc066a25c12f55dc3dead52677907565a359e0f75788d8a08f7af403b46dcb464ce746de8754a4e657c89b085305b4ed235a1dcc68ceeed1633673f9cbcc443036b2ebcb5a97083ad828bab33a094c22be0e613aa1a6d50bd7bebcab79f6ff4c7b8eced5e5c1b832b7b5accdbad129fb194d05a122604e9135cbe89f0ca42b9f58a86cdb2417290a9a4daced4d064e28b58c4252077ea0c121553245ee5bbcab7c35acd143f88aa76cd1edd7cbe9c3a0b451297d6bd5434a0345f72e8fbb1eedfd15e08f43a7e245d4959ca536a047cfc103a818be9a56dcf393be5c994ed04643c8bb0354aaf2e00bd9ab11f53c1e4b31aa275d0dd2778a5b9c7f1098f280a6d54841e6ab75c8b3275584a658130dd010424e4568bb1bb43fe57e5bd5a6006eda4467d185b687a70f132ad2716b61267217eb922616f5ef2a4a71fd124ae61f8bfa69e38b5b66e2012592b49985c7e64d016c9aafb01a37da3e57f9dcbb4f3c4ff54e0a324f1935e8d3df317fc39d80a4bf72bc3f1392d025fbf2932c324436ae43251ee1cc39ee9291a7fac4b471d3400fb1adf091210605b37eec608316ee2d60c03b91200268b74f63fb52d033ddd97bddcd587ff08518e5945847b56a804048ca8feb227945496aabc46f4841fcd3af30bc74f7e556bd1e019e4b27c2c2f02824ce306f3164de0b96f4cf9c41d14", 0x1000, 0x80000001, 0x0, 0x7, r2}, &(0x7f00000003c0)) io_setup(0xd29, &(0x7f0000000780)=0x0) r7 = memfd_create(&(0x7f0000000100)='/d\xb5>\xbb\xb3~\xa9\xa4O{\xc3\xad \xeb\xee\xeed\xf4\xaf\xf8\x81\xea|f\x1c\xe0\xc1\xd1\x19cr\xa1\x01\xc3g\x10#\xa1\xfa\xb2\xe7\xa4+\x9e\xd7\xa2\x04y\xc1\xcf-V\xc0\x18L\xce\xe2I\x19:\xe7\xc6F\x1a\x16!\x00\x9c*\x03\x1f\x94#\xf1\xcb\xc9\xf1\x16I\x85\xc8x\xe0\xc7\xc7z\xfa\t\x85\t\xfcM\b\x81\xd9d\xe25i\xe7\xb4M\xd1\xa4\xef\x0eW\x7f\x13\xa9>\xcf;+-\xf1gT\xd0\xcck\xb1Nq\xe2\x06\xdf\xc2\x01\x00\x00\x00\x00\x00\x00\x00\xe4\x9b\xab\xf7E\x1c\xb2,\xe4[|\xcc\x85{\xb3\x98\x139\xc4F\x9fE\xa7*\xed\x9b@\x8bH\xe5\xb5\xa7\xae\x11\xa7N\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3Ef\x88fM\xc3\xd7\xb2\aa\xe5?{\x18}\x9b\x87\x83^\xd5 a& \xd9\xa5\xa2\x85P\xdc\x8bO\xcbi\x1d-\x0e\xd9\xd5\xb1\x8d\x81da\xf89\xc4\xaa\x81\xad\xda\xef\x860\x19\xc4\xb3\vW\x19\xae:\a\x89\xb2\x87\xf0\x8ch\xc7r\xf6K\x96\x7f\x15?\xdb\x95\x82\xe8\x10\xa7qX\x8b\xc2 \xb0\xe5(\x87\xfd_\\\x17Y\xf6\vc\xa1JG\xc2\x88\xbc\xb1\xf3\"\x1a~t\xed\xed?\xad&\x11\x06\xc6!n\xb4\xf8\"W&\xf9|\xc9\xed\xde\xd6\xac\xd9\xea\xe6\xff\xf9\xeb\xa8\xd1\xb5\xf6N\xac\v\x88\xfcH\xd2\xe5UL\xfd\xd1gD\x99\x89M\xfbpe]A\x90\x81\xcb\x136;;\x9e\x0f\xa7\x92\xe3\x19O\n\xae{\x17\xa2\xec\x00\x9b/\xff\x02)z\x04\xb5\xf7\xafU\xa2D\"@j\x19\xa0D\x87Dc\n\x92', 0x0) io_submit(r6, 0x1, &(0x7f0000000040)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}]) io_cancel(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xff, r0, &(0x7f0000000100)="0d92dd065f6826a22652c3c3369cd833645c034cfa05c63f48e976a7e8a4dd2ee6aa61f478e7fff25d14d63f130a29668d663ec6e7ff63476fa78cdb18d56e6d5a5419488571b357c321783526de06979fceeefed60784f699e8d98d6091e9861eabe30d4fb3a4f61785e6f48d720a7ef48e81fa3e45fec0202e9738e09d3f61fa53388b73c2f8affa2448edfbada6c1d486edd80482d693fa446bbecf6d1fa87d111c16ca6f83656086b5793c64ff57f638d2b354c2766d8b7a027fe7554fdb5df4ffbc9abffc1244fc6d859ccfc2", 0xcf, 0xb55, 0x0, 0x0, r2}, &(0x7f0000000200)) ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, &(0x7f0000000480)=0x1) 10:53:11 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xcc80, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r0 = getpid() perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) getpriority(0x0, r0) fallocate(r1, 0x0, 0x0, 0x87ffffc) pidfd_open(0x0, 0x0) [ 62.469755] audit: type=1400 audit(1677235991.370:6): avc: denied { execmem } for pid=260 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 10:53:11 executing program 5: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket(0x26, 0x7, 0x3) r0 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup(r1) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000002880), 0x4000101, 0x10) perf_event_open$cgroup(&(0x7f0000002780)={0x2, 0x80, 0x7, 0x20, 0x3f, 0x6, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x1, @perf_config_ext={0x13c, 0xaf5}, 0x10200, 0x7f, 0x9, 0x6, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8001}, r2, 0x2, 0xffffffffffffffff, 0x3) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000340)) add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffb) keyctl$KEYCTL_RESTRICT_KEYRING(0xb, r0, &(0x7f0000000080)='asymmetric\x00', &(0x7f0000000040)=@secondary) 10:53:11 executing program 6: syz_io_uring_setup(0x1735, &(0x7f00000000c0), &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000400)) pipe2(&(0x7f0000000300), 0x0) perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x428, 0x1, 0x0, 0x0, 0x6, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x4) sendmsg$NFT_BATCH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001a00010212c91e1bbeb3f02a250800ff085e762ac6053f295d4ffc20d6fdbe18dbfb1af3e0dd6a380e71c4fcaceb384300007d26af18e26c51db155af69e0000000000000000000000000000df63a36fd407eb99643bb3409a86448396cd1499fc9043822e14cf2dbe93dedf4e77766175ac5c31d7d34cf911e24917654cb8d3c73e60c6c12f77588b76a9611ccb029fc621b6ceb9d769a0fd5f80013ce142ab97f6cfd7af9248f226653936edf77d1aa9ed4cda7d70b7bb0a05793218fdea0b2b6af1994611b97ea56ac55eb8b1a5e89b8ffe573f0f99f7cf0a626c766766a541251eaa0e9b961180ff4eb66fa0dbde48b225eeae593d844d0b1ebeffd68c9a35652395a46640157a4502edd10ecc2aa9e1b770c70a57034e8decd18d02aa59d80d6d7ffcdcc5a1933e045792f8d4dd800f2c8b2370af3bb4023ddf1a63c7398d08b8425066510abbcecec54358e1487ba614c84442961dda172711d5425eaf2809215c4d1cb2f7d83b3e4387d3f8c147e3ee17d50ef4df0bb84f660e5f6350832e413d31f2046438c703e165852750e87dce8c34a0ae85373cb24f4adcded80f1742ad658685a980d7c600afda27ab15c5c6c216f4f6ba173c6322c71da755b1c623225db0b00bdafa91fac6b0017a88b59d868b000017a41224ec19ccc80a626e6778224cefdb0029f1dfd280499b1b3f507f5542b880036b710000000000007b5c58c0cfb3297c995f4178eaaaf7733f93e168e39d2d99fbef413997ba880e5ae333cb3fe4e68b1dcd3b0249d8b791b2a58695b334072f415a69d069813302c7c26cc230654dd6be81b5d8a0e949f04cb1e5ef02a274a6e026274b3bd218779b2b573ecdd6975725ade5b8e2c1462fa5ee016a06272044214c24994bcecda8063a195166be4f42270f78d0a46f22a201a4b3866c4cc0d22af1b84b2bebe292779660965480230bec6f7426634a5e1e17173ac64f722a14dc1d3b90cd0137fd1b05dd521d406119482977b2bc4f5310c214c809a817abfc1059cbce5864371315f281b5894c08d6e4685175964201a084d1c682c7e4f88c2f8a38488e0b07de7638019654be28174e9392d700830880b6bdac79ca10d764990be27ed5f44ebf6d8c544d684ee9c2d7c50facef17661b5f2da34c5a4e5bac5565111144996ae8d7fc043fc2fd0f20ac294ac9afa9db8bb105c6e5928b1aff9971fa6d0e320cb4994ce21f6aaf1f3494605a8a432d4cc2b5a30f7413f3184611ca5ee72c325d0a8b590c242d8a1e731fb525d5c64ef11444eeb95e9e8d04ee50e0bcb2cf078566ca7a6307d70e8d138069d24194589ab8be46058cfe067d693bd664c5e6d4b49ec6bff98ace270009555c950c996c827e009e0d1c62433a094a320eeb6f5012941d4b6098af68810746f92fd2c8fa792d03ee890e0c5871848b3837b4af16ec688707f32486c9681829e7945602595bdfd992c8c52c7056414594ffc53dfa09f52349e8d77e0a79b4ed7863bc35226416cbc9a3fdebf0b7b7eb6e7b21f2dff4237978bcd4052d2d2b11c11fc12e431c872f"], 0x28}}, 0x0) recvmmsg(r1, &(0x7f0000003980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) dup3(r0, 0xffffffffffffffff, 0x80000) sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000020}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="7ae9ec44", @ANYRES16, @ANYRES64], 0x50}}, 0x885) socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x100, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) epoll_create(0x4) eventfd2(0x5, 0x80000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000080)) pwritev(r2, &(0x7f0000000380)=[{&(0x7f0000000140)='\x00', 0x1}], 0x1, 0x7fffff8, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x3, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xf09, 0x9}, 0x8, 0x0, 0x0, 0x2}, 0x0, 0x4, 0xffffffffffffffff, 0xa) creat(&(0x7f0000000240)='./file1\x00', 0x119) 10:53:11 executing program 7: clone3(&(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, {}, &(0x7f0000000380)=""/13, 0x7ffffffff000, &(0x7f00000003c0)=""/78, &(0x7f0000000780)=[0x0], 0x1}, 0x58) [ 63.695994] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 63.699284] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 63.702007] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 63.710113] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 63.712876] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 63.715897] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 63.751350] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 63.752746] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 63.759075] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 63.769694] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 63.771211] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 63.774065] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 63.783580] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 63.786412] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 63.787316] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 63.789083] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 63.790976] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 63.792323] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 63.793603] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 63.795548] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 63.796696] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 63.808976] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 63.810762] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 63.812660] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 63.822012] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 63.824112] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 63.828032] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 63.835619] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 63.837433] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 63.841728] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 63.862250] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 63.868862] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 63.876739] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 63.893862] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 63.897135] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 63.902672] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 65.786045] Bluetooth: hci0: command 0x0409 tx timeout [ 65.848549] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 65.848701] Bluetooth: hci1: command 0x0409 tx timeout [ 65.850692] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 65.852432] [ 65.852612] ====================================================== [ 65.853187] WARNING: possible circular locking dependency detected [ 65.853771] 6.2.0-next-20230224 #1 Not tainted [ 65.854199] ------------------------------------------------------ [ 65.858289] syz-executor.6/275 is trying to acquire lock: [ 65.858809] ffff888015bb8880 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: __flush_work+0xdd/0xd80 [ 65.859848] [ 65.859848] but task is already holding lock: [ 65.860400] ffff888015bb8920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 65.861334] [ 65.861334] which lock already depends on the new lock. [ 65.861334] [ 65.862074] [ 65.862074] the existing dependency chain (in reverse order) is: [ 65.862757] [ 65.862757] -> #1 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}: [ 65.863434] __mutex_lock+0x133/0x14a0 [ 65.863877] hci_cmd_sync_work+0x1e6/0x320 [ 65.864332] process_one_work+0xa0f/0x1790 [ 65.864799] worker_thread+0x63b/0x1260 [ 65.865232] kthread+0x2e9/0x3a0 [ 65.865605] ret_from_fork+0x2c/0x50 [ 65.866015] [ 65.866015] -> #0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}: [ 65.866788] __lock_acquire+0x2d56/0x6380 [ 65.867255] lock_acquire.part.0+0xea/0x320 [ 65.867723] __flush_work+0x109/0xd80 [ 65.868146] __cancel_work_timer+0x39c/0x4e0 [ 65.868612] hci_cmd_sync_clear+0x52/0x250 [ 65.869074] hci_unregister_dev+0xf9/0x410 [ 65.869537] vhci_release+0x80/0x100 [ 65.869954] __fput+0x263/0xa40 [ 65.870328] task_work_run+0x174/0x280 [ 65.870755] do_exit+0xad8/0x2800 [ 65.871140] do_group_exit+0xd4/0x2a0 [ 65.871582] __x64_sys_exit_group+0x3e/0x50 [ 65.872048] do_syscall_64+0x3f/0x90 [ 65.872450] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 65.872987] [ 65.872987] other info that might help us debug this: [ 65.872987] [ 65.873721] Possible unsafe locking scenario: [ 65.873721] [ 65.874271] CPU0 CPU1 [ 65.874695] ---- ---- [ 65.875117] lock(&hdev->cmd_sync_work_lock); [ 65.875559] lock((work_completion)(&hdev->cmd_sync_work)); [ 65.876313] lock(&hdev->cmd_sync_work_lock); [ 65.876948] lock((work_completion)(&hdev->cmd_sync_work)); [ 65.877472] [ 65.877472] *** DEADLOCK *** [ 65.877472] [ 65.878013] 1 lock held by syz-executor.6/275: [ 65.878444] #0: ffff888015bb8920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 65.879377] [ 65.879377] stack backtrace: [ 65.879789] CPU: 0 PID: 275 Comm: syz-executor.6 Not tainted 6.2.0-next-20230224 #1 [ 65.880494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 65.881251] Call Trace: [ 65.881499] [ 65.881718] dump_stack_lvl+0x91/0xf0 [ 65.882081] check_noncircular+0x263/0x2e0 [ 65.882494] ? __pfx_check_noncircular+0x10/0x10 [ 65.882964] ? __pfx_mark_lock.part.0+0x10/0x10 [ 65.883439] __lock_acquire+0x2d56/0x6380 [ 65.883855] ? __pfx___lock_acquire+0x10/0x10 [ 65.884298] ? __pfx_register_lock_class+0x10/0x10 [ 65.884777] lock_acquire.part.0+0xea/0x320 [ 65.885198] ? __flush_work+0xdd/0xd80 [ 65.885587] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 65.886065] ? __flush_work+0xdd/0xd80 [ 65.886446] ? rcu_read_lock_sched_held+0x42/0x80 [ 65.886910] ? trace_lock_acquire+0x170/0x1e0 [ 65.887368] ? __flush_work+0xdd/0xd80 [ 65.887753] ? lock_acquire+0x32/0xc0 [ 65.888127] ? __flush_work+0xdd/0xd80 [ 65.888513] __flush_work+0x109/0xd80 [ 65.888888] ? __flush_work+0xdd/0xd80 [ 65.889273] ? __pfx_mark_lock.part.0+0x10/0x10 [ 65.889724] ? __pfx___flush_work+0x10/0x10 [ 65.890142] ? lock_acquire.part.0+0xea/0x320 [ 65.890584] ? hci_cmd_sync_clear+0x45/0x250 [ 65.891012] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 65.891499] ? hci_cmd_sync_clear+0x45/0x250 [ 65.891925] ? rcu_read_lock_sched_held+0x42/0x80 [ 65.892387] ? trace_lock_acquire+0x170/0x1e0 [ 65.892824] ? lock_is_held_type+0x9f/0x120 [ 65.893244] ? mark_held_locks+0x9e/0xe0 [ 65.893637] __cancel_work_timer+0x39c/0x4e0 [ 65.894056] ? __pfx___cancel_work_timer+0x10/0x10 [ 65.894513] ? __cancel_work_timer+0x2aa/0x4e0 [ 65.894943] ? __pfx___cancel_work_timer+0x10/0x10 [ 65.895401] ? lock_release+0x1e3/0x710 [ 65.895785] ? __pfx_lock_release+0x10/0x10 [ 65.896205] ? do_raw_write_lock+0x11e/0x3b0 [ 65.896624] ? __pfx_vhci_release+0x10/0x10 [ 65.897038] hci_cmd_sync_clear+0x52/0x250 [ 65.897451] ? __pfx_vhci_release+0x10/0x10 [ 65.897863] hci_unregister_dev+0xf9/0x410 [ 65.898268] vhci_release+0x80/0x100 [ 65.898633] __fput+0x263/0xa40 [ 65.898962] task_work_run+0x174/0x280 [ 65.899343] ? __pfx_task_work_run+0x10/0x10 [ 65.899770] ? do_raw_spin_unlock+0x53/0x220 [ 65.900192] do_exit+0xad8/0x2800 [ 65.900534] ? lock_release+0x1e3/0x710 [ 65.900921] ? __pfx_lock_release+0x10/0x10 [ 65.901344] ? do_raw_spin_lock+0x125/0x270 [ 65.901750] ? __pfx_do_exit+0x10/0x10 [ 65.902129] do_group_exit+0xd4/0x2a0 [ 65.902496] __x64_sys_exit_group+0x3e/0x50 [ 65.902897] do_syscall_64+0x3f/0x90 [ 65.903268] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 65.903745] RIP: 0033:0x7fab4e84bb19 [ 65.904087] Code: Unable to access opcode bytes at 0x7fab4e84baef. [ 65.904650] RSP: 002b:00007ffdc971f808 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 65.905337] RAX: ffffffffffffffda RBX: 00007ffdc971ffe8 RCX: 00007fab4e84bb19 [ 65.905983] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 65.906624] RBP: 0000000000000000 R08: 0000000000000026 R09: 00007ffdc971ffe8 [ 65.907272] R10: 0000000000000020 R11: 0000000000000246 R12: 00007fab4e8a5233 [ 65.907912] R13: 0000000000000002 R14: 0000000000000000 R15: 00000000000000f8 [ 65.908564] [ 65.912438] Bluetooth: hci3: command 0x0409 tx timeout [ 65.912958] Bluetooth: hci7: command 0x0409 tx timeout [ 65.913485] Bluetooth: hci2: command 0x0409 tx timeout [ 65.976523] Bluetooth: hci4: command 0x0409 tx timeout [ 67.832419] Bluetooth: hci0: command 0x041b tx timeout [ 67.896741] Bluetooth: hci1: command 0x041b tx timeout [ 67.960434] Bluetooth: hci2: command 0x041b tx timeout [ 67.960812] Bluetooth: hci7: command 0x041b tx timeout [ 67.961161] Bluetooth: hci3: command 0x041b tx timeout [ 68.024434] Bluetooth: hci4: command 0x041b tx timeout [ 69.881416] Bluetooth: hci0: command 0x040f tx timeout [ 69.945565] Bluetooth: hci1: command 0x040f tx timeout [ 70.008494] Bluetooth: hci3: command 0x040f tx timeout [ 70.009314] Bluetooth: hci7: command 0x040f tx timeout [ 70.010071] Bluetooth: hci2: command 0x040f tx timeout [ 70.072866] Bluetooth: hci4: command 0x040f tx timeout [ 70.585449] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 70.713433] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 71.928422] Bluetooth: hci0: command 0x0419 tx timeout [ 71.992430] Bluetooth: hci1: command 0x0419 tx timeout [ 72.056448] Bluetooth: hci2: command 0x0419 tx timeout [ 72.056830] Bluetooth: hci7: command 0x0419 tx timeout [ 72.057176] Bluetooth: hci3: command 0x0419 tx timeout [ 72.120429] Bluetooth: hci4: command 0x0419 tx timeout [ 72.896581] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.913613] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.914865] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.917505] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.918955] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.920319] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 74.936440] Bluetooth: hci5: command 0x0409 tx timeout [ 75.128431] Bluetooth: hci6: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 10:53:14 Registers: info registers vcpu 0 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82502865 RDI=ffffffff87f10da0 RBP=ffffffff87f10d60 RSP=ffff88800e47f190 R8 =0000000000000001 R9 =000000000000000a R10=000000000000005b R11=0000000000000001 R12=000000000000005b R13=ffffffff87f10d60 R14=0000000000000010 R15=ffffffff82502850 RIP=ffffffff825028bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe2b2e50e000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe2b2e50c000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fe01642c028 CR3=000000000f5c6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6f732e616d7a6c62696c2f756e672d78 XMM02=00352e6f732e616d7a6c62696c2f756e XMM03=672d78756e696c2d34365f3638782f62 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff811072d0 RBX=0000000000000000 RCX=0000000000000019 RDX=1ffff1100d9e5029 RSI=ffff88806cf28140 RDI=0000000000053c27 RBP=ffff88806cf28140 RSP=ffff88806cf09ee0 R8 =0000000000000007 R9 =0000000000000000 R10=00000000000efc36 R11=0000000000000001 R12=0000000000053c27 R13=0000000000000000 R14=0000000000000000 R15=ffff88806cf2b8c0 RIP=ffffffff811072d7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe6fe40bc000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe6fe40ba000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005613c9f4e080 CR3=00000000158da000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffffffffffffffffff XMM01=2f7273752f3a6e6962732f3d48544150 XMM02=000000000000000000ff000000000000 XMM03=00000000000000000000ff00000000ff XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=5f45424f5250444f4d0068563a623a6b XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000