Warning: Permanently added '[localhost]:47834' (ECDSA) to the list of known hosts. 2023/02/24 11:20:47 fuzzer started 2023/02/24 11:20:48 dialing manager at localhost:41417 syzkaller login: [ 35.630265] cgroup: Unknown subsys name 'net' [ 35.720109] cgroup: Unknown subsys name 'rlimit' 2023/02/24 11:21:01 syscalls: 2217 2023/02/24 11:21:01 code coverage: enabled 2023/02/24 11:21:01 comparison tracing: enabled 2023/02/24 11:21:01 extra coverage: enabled 2023/02/24 11:21:01 setuid sandbox: enabled 2023/02/24 11:21:01 namespace sandbox: enabled 2023/02/24 11:21:01 Android sandbox: enabled 2023/02/24 11:21:01 fault injection: enabled 2023/02/24 11:21:01 leak checking: enabled 2023/02/24 11:21:01 net packet injection: enabled 2023/02/24 11:21:01 net device setup: enabled 2023/02/24 11:21:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/02/24 11:21:01 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/02/24 11:21:01 USB emulation: enabled 2023/02/24 11:21:01 hci packet injection: enabled 2023/02/24 11:21:01 wifi device emulation: enabled 2023/02/24 11:21:01 802.15.4 emulation: enabled 2023/02/24 11:21:01 fetching corpus: 0, signal 0/2000 (executing program) 2023/02/24 11:21:01 fetching corpus: 33, signal 24681/28299 (executing program) 2023/02/24 11:21:02 fetching corpus: 71, signal 36486/41641 (executing program) 2023/02/24 11:21:02 fetching corpus: 110, signal 45535/52158 (executing program) 2023/02/24 11:21:02 fetching corpus: 153, signal 57608/65427 (executing program) 2023/02/24 11:21:02 fetching corpus: 203, signal 64141/73157 (executing program) 2023/02/24 11:21:02 fetching corpus: 253, signal 69550/79759 (executing program) 2023/02/24 11:21:02 fetching corpus: 303, signal 74709/86061 (executing program) 2023/02/24 11:21:02 fetching corpus: 353, signal 80740/93072 (executing program) 2023/02/24 11:21:02 fetching corpus: 403, signal 87536/100675 (executing program) 2023/02/24 11:21:02 fetching corpus: 452, signal 91484/105594 (executing program) 2023/02/24 11:21:03 fetching corpus: 502, signal 95051/110115 (executing program) 2023/02/24 11:21:03 fetching corpus: 552, signal 98122/114145 (executing program) 2023/02/24 11:21:03 fetching corpus: 602, signal 100466/117530 (executing program) 2023/02/24 11:21:03 fetching corpus: 652, signal 104593/122438 (executing program) 2023/02/24 11:21:03 fetching corpus: 702, signal 107946/126569 (executing program) 2023/02/24 11:21:03 fetching corpus: 752, signal 112153/131381 (executing program) 2023/02/24 11:21:03 fetching corpus: 802, signal 114456/134471 (executing program) 2023/02/24 11:21:03 fetching corpus: 852, signal 117602/138269 (executing program) 2023/02/24 11:21:04 fetching corpus: 902, signal 120882/142128 (executing program) 2023/02/24 11:21:04 fetching corpus: 952, signal 122846/144873 (executing program) 2023/02/24 11:21:04 fetching corpus: 1002, signal 125496/148043 (executing program) 2023/02/24 11:21:04 fetching corpus: 1052, signal 128037/151132 (executing program) 2023/02/24 11:21:04 fetching corpus: 1102, signal 130822/154395 (executing program) 2023/02/24 11:21:04 fetching corpus: 1152, signal 132605/156870 (executing program) 2023/02/24 11:21:04 fetching corpus: 1202, signal 134365/159290 (executing program) 2023/02/24 11:21:04 fetching corpus: 1252, signal 137162/162451 (executing program) 2023/02/24 11:21:04 fetching corpus: 1302, signal 139158/164973 (executing program) 2023/02/24 11:21:05 fetching corpus: 1352, signal 141126/167415 (executing program) 2023/02/24 11:21:05 fetching corpus: 1402, signal 142810/169624 (executing program) 2023/02/24 11:21:05 fetching corpus: 1452, signal 144122/171474 (executing program) 2023/02/24 11:21:05 fetching corpus: 1502, signal 147098/174520 (executing program) 2023/02/24 11:21:05 fetching corpus: 1552, signal 148761/176595 (executing program) 2023/02/24 11:21:05 fetching corpus: 1602, signal 150425/178646 (executing program) 2023/02/24 11:21:05 fetching corpus: 1652, signal 152308/180814 (executing program) 2023/02/24 11:21:05 fetching corpus: 1702, signal 153693/182584 (executing program) 2023/02/24 11:21:06 fetching corpus: 1752, signal 155222/184481 (executing program) 2023/02/24 11:21:06 fetching corpus: 1802, signal 157010/186577 (executing program) 2023/02/24 11:21:06 fetching corpus: 1852, signal 158434/188408 (executing program) 2023/02/24 11:21:06 fetching corpus: 1901, signal 160029/190227 (executing program) 2023/02/24 11:21:06 fetching corpus: 1951, signal 160969/191612 (executing program) 2023/02/24 11:21:06 fetching corpus: 2001, signal 162543/193414 (executing program) 2023/02/24 11:21:06 fetching corpus: 2051, signal 163656/194905 (executing program) 2023/02/24 11:21:06 fetching corpus: 2101, signal 165508/196868 (executing program) 2023/02/24 11:21:07 fetching corpus: 2151, signal 167025/198560 (executing program) 2023/02/24 11:21:07 fetching corpus: 2201, signal 168052/199928 (executing program) 2023/02/24 11:21:07 fetching corpus: 2251, signal 169216/201374 (executing program) 2023/02/24 11:21:07 fetching corpus: 2300, signal 170336/202760 (executing program) 2023/02/24 11:21:07 fetching corpus: 2350, signal 171171/203959 (executing program) 2023/02/24 11:21:07 fetching corpus: 2400, signal 172593/205480 (executing program) 2023/02/24 11:21:07 fetching corpus: 2450, signal 173487/206658 (executing program) 2023/02/24 11:21:07 fetching corpus: 2500, signal 175284/208330 (executing program) 2023/02/24 11:21:08 fetching corpus: 2549, signal 176033/209405 (executing program) 2023/02/24 11:21:08 fetching corpus: 2599, signal 176803/210486 (executing program) 2023/02/24 11:21:08 fetching corpus: 2649, signal 177673/211632 (executing program) 2023/02/24 11:21:08 fetching corpus: 2699, signal 178878/212963 (executing program) 2023/02/24 11:21:08 fetching corpus: 2749, signal 179728/214035 (executing program) 2023/02/24 11:21:08 fetching corpus: 2797, signal 180565/215134 (executing program) 2023/02/24 11:21:08 fetching corpus: 2847, signal 181691/216287 (executing program) 2023/02/24 11:21:08 fetching corpus: 2897, signal 182333/217185 (executing program) 2023/02/24 11:21:09 fetching corpus: 2947, signal 183199/218225 (executing program) 2023/02/24 11:21:09 fetching corpus: 2997, signal 184137/219237 (executing program) 2023/02/24 11:21:09 fetching corpus: 3047, signal 184915/220156 (executing program) 2023/02/24 11:21:09 fetching corpus: 3097, signal 185800/221205 (executing program) 2023/02/24 11:21:09 fetching corpus: 3147, signal 186627/222228 (executing program) 2023/02/24 11:21:09 fetching corpus: 3195, signal 187166/223087 (executing program) 2023/02/24 11:21:09 fetching corpus: 3245, signal 188259/224136 (executing program) 2023/02/24 11:21:09 fetching corpus: 3295, signal 188979/225048 (executing program) 2023/02/24 11:21:10 fetching corpus: 3345, signal 189718/225929 (executing program) 2023/02/24 11:21:10 fetching corpus: 3395, signal 190822/226916 (executing program) 2023/02/24 11:21:10 fetching corpus: 3445, signal 191751/227858 (executing program) 2023/02/24 11:21:10 fetching corpus: 3495, signal 192399/228682 (executing program) 2023/02/24 11:21:10 fetching corpus: 3544, signal 193047/229469 (executing program) 2023/02/24 11:21:10 fetching corpus: 3594, signal 193687/230212 (executing program) 2023/02/24 11:21:10 fetching corpus: 3644, signal 194694/231111 (executing program) 2023/02/24 11:21:10 fetching corpus: 3693, signal 195433/231918 (executing program) 2023/02/24 11:21:10 fetching corpus: 3743, signal 196736/232900 (executing program) 2023/02/24 11:21:11 fetching corpus: 3793, signal 197534/233716 (executing program) 2023/02/24 11:21:11 fetching corpus: 3843, signal 198355/234508 (executing program) 2023/02/24 11:21:11 fetching corpus: 3893, signal 199162/235297 (executing program) 2023/02/24 11:21:11 fetching corpus: 3943, signal 199646/235915 (executing program) 2023/02/24 11:21:11 fetching corpus: 3993, signal 200248/236619 (executing program) 2023/02/24 11:21:11 fetching corpus: 4043, signal 200936/237325 (executing program) 2023/02/24 11:21:11 fetching corpus: 4093, signal 201983/238088 (executing program) 2023/02/24 11:21:11 fetching corpus: 4143, signal 202685/238754 (executing program) 2023/02/24 11:21:12 fetching corpus: 4193, signal 203442/239456 (executing program) 2023/02/24 11:21:12 fetching corpus: 4243, signal 204089/240062 (executing program) 2023/02/24 11:21:12 fetching corpus: 4293, signal 204471/240602 (executing program) 2023/02/24 11:21:12 fetching corpus: 4343, signal 205435/241327 (executing program) 2023/02/24 11:21:12 fetching corpus: 4393, signal 205933/241876 (executing program) 2023/02/24 11:21:12 fetching corpus: 4443, signal 206706/242507 (executing program) 2023/02/24 11:21:12 fetching corpus: 4493, signal 207405/243116 (executing program) 2023/02/24 11:21:12 fetching corpus: 4543, signal 208272/243782 (executing program) 2023/02/24 11:21:13 fetching corpus: 4593, signal 208903/244327 (executing program) 2023/02/24 11:21:13 fetching corpus: 4643, signal 209742/244927 (executing program) 2023/02/24 11:21:13 fetching corpus: 4693, signal 210307/245423 (executing program) 2023/02/24 11:21:13 fetching corpus: 4743, signal 210992/245958 (executing program) 2023/02/24 11:21:13 fetching corpus: 4793, signal 211625/246515 (executing program) 2023/02/24 11:21:13 fetching corpus: 4843, signal 212313/247053 (executing program) 2023/02/24 11:21:13 fetching corpus: 4893, signal 212862/247528 (executing program) 2023/02/24 11:21:13 fetching corpus: 4943, signal 213489/247980 (executing program) 2023/02/24 11:21:14 fetching corpus: 4993, signal 214031/248426 (executing program) 2023/02/24 11:21:14 fetching corpus: 5043, signal 214683/248910 (executing program) 2023/02/24 11:21:14 fetching corpus: 5093, signal 215510/249366 (executing program) 2023/02/24 11:21:14 fetching corpus: 5143, signal 216270/249820 (executing program) 2023/02/24 11:21:14 fetching corpus: 5193, signal 217111/250286 (executing program) 2023/02/24 11:21:14 fetching corpus: 5243, signal 217655/250714 (executing program) 2023/02/24 11:21:14 fetching corpus: 5293, signal 218391/251137 (executing program) 2023/02/24 11:21:15 fetching corpus: 5343, signal 218892/251536 (executing program) 2023/02/24 11:21:15 fetching corpus: 5391, signal 219855/252008 (executing program) 2023/02/24 11:21:15 fetching corpus: 5441, signal 220593/252397 (executing program) 2023/02/24 11:21:15 fetching corpus: 5491, signal 221073/252792 (executing program) 2023/02/24 11:21:15 fetching corpus: 5541, signal 221507/253122 (executing program) 2023/02/24 11:21:15 fetching corpus: 5591, signal 222007/253435 (executing program) 2023/02/24 11:21:15 fetching corpus: 5641, signal 222553/253726 (executing program) 2023/02/24 11:21:15 fetching corpus: 5691, signal 222946/254055 (executing program) 2023/02/24 11:21:15 fetching corpus: 5741, signal 223247/254391 (executing program) 2023/02/24 11:21:16 fetching corpus: 5791, signal 223706/254695 (executing program) 2023/02/24 11:21:16 fetching corpus: 5841, signal 224192/255024 (executing program) 2023/02/24 11:21:16 fetching corpus: 5891, signal 224601/255304 (executing program) 2023/02/24 11:21:16 fetching corpus: 5941, signal 225230/255600 (executing program) 2023/02/24 11:21:16 fetching corpus: 5991, signal 225744/255859 (executing program) 2023/02/24 11:21:16 fetching corpus: 6041, signal 226171/256124 (executing program) 2023/02/24 11:21:16 fetching corpus: 6091, signal 226562/256389 (executing program) 2023/02/24 11:21:16 fetching corpus: 6141, signal 226976/256633 (executing program) 2023/02/24 11:21:17 fetching corpus: 6191, signal 227423/256871 (executing program) 2023/02/24 11:21:17 fetching corpus: 6241, signal 227891/257135 (executing program) 2023/02/24 11:21:17 fetching corpus: 6291, signal 228377/257368 (executing program) 2023/02/24 11:21:17 fetching corpus: 6341, signal 228900/257541 (executing program) 2023/02/24 11:21:17 fetching corpus: 6391, signal 229183/257541 (executing program) 2023/02/24 11:21:17 fetching corpus: 6441, signal 229675/257541 (executing program) 2023/02/24 11:21:17 fetching corpus: 6491, signal 230136/257541 (executing program) 2023/02/24 11:21:17 fetching corpus: 6541, signal 230549/257541 (executing program) 2023/02/24 11:21:18 fetching corpus: 6591, signal 231066/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 6641, signal 231443/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 6691, signal 231849/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 6741, signal 232193/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 6791, signal 232575/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 6841, signal 232943/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 6891, signal 233335/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 6941, signal 233878/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 6991, signal 234326/257588 (executing program) 2023/02/24 11:21:18 fetching corpus: 7041, signal 234923/257588 (executing program) 2023/02/24 11:21:19 fetching corpus: 7091, signal 235286/257588 (executing program) 2023/02/24 11:21:19 fetching corpus: 7141, signal 235738/257588 (executing program) 2023/02/24 11:21:19 fetching corpus: 7191, signal 236220/257588 (executing program) 2023/02/24 11:21:19 fetching corpus: 7241, signal 236617/257588 (executing program) 2023/02/24 11:21:19 fetching corpus: 7291, signal 237066/257588 (executing program) 2023/02/24 11:21:19 fetching corpus: 7341, signal 237440/257588 (executing program) 2023/02/24 11:21:19 fetching corpus: 7391, signal 237781/257593 (executing program) 2023/02/24 11:21:19 fetching corpus: 7441, signal 238160/257593 (executing program) 2023/02/24 11:21:19 fetching corpus: 7491, signal 238513/257593 (executing program) 2023/02/24 11:21:19 fetching corpus: 7540, signal 238775/257593 (executing program) 2023/02/24 11:21:20 fetching corpus: 7590, signal 239185/257593 (executing program) 2023/02/24 11:21:20 fetching corpus: 7640, signal 239716/257593 (executing program) 2023/02/24 11:21:20 fetching corpus: 7690, signal 240163/257593 (executing program) 2023/02/24 11:21:20 fetching corpus: 7740, signal 240392/257593 (executing program) 2023/02/24 11:21:20 fetching corpus: 7790, signal 240769/257593 (executing program) 2023/02/24 11:21:20 fetching corpus: 7840, signal 241244/257593 (executing program) 2023/02/24 11:21:20 fetching corpus: 7890, signal 241774/257593 (executing program) 2023/02/24 11:21:20 fetching corpus: 7940, signal 242229/257593 (executing program) 2023/02/24 11:21:21 fetching corpus: 7990, signal 242550/257595 (executing program) 2023/02/24 11:21:21 fetching corpus: 8040, signal 242864/257595 (executing program) 2023/02/24 11:21:21 fetching corpus: 8090, signal 243445/257595 (executing program) 2023/02/24 11:21:21 fetching corpus: 8139, signal 243872/257595 (executing program) 2023/02/24 11:21:21 fetching corpus: 8189, signal 244134/257595 (executing program) 2023/02/24 11:21:21 fetching corpus: 8239, signal 244669/257595 (executing program) 2023/02/24 11:21:21 fetching corpus: 8289, signal 245029/257595 (executing program) 2023/02/24 11:21:21 fetching corpus: 8339, signal 245658/257595 (executing program) 2023/02/24 11:21:21 fetching corpus: 8389, signal 245890/257595 (executing program) 2023/02/24 11:21:22 fetching corpus: 8439, signal 246296/257595 (executing program) 2023/02/24 11:21:22 fetching corpus: 8489, signal 246685/257598 (executing program) 2023/02/24 11:21:22 fetching corpus: 8539, signal 247249/257598 (executing program) 2023/02/24 11:21:22 fetching corpus: 8589, signal 247533/257598 (executing program) 2023/02/24 11:21:22 fetching corpus: 8639, signal 247860/257598 (executing program) 2023/02/24 11:21:22 fetching corpus: 8689, signal 248249/257598 (executing program) 2023/02/24 11:21:22 fetching corpus: 8739, signal 248576/257598 (executing program) 2023/02/24 11:21:22 fetching corpus: 8789, signal 249052/257598 (executing program) 2023/02/24 11:21:22 fetching corpus: 8839, signal 249414/257598 (executing program) 2023/02/24 11:21:23 fetching corpus: 8889, signal 249991/257598 (executing program) 2023/02/24 11:21:23 fetching corpus: 8939, signal 250315/257615 (executing program) 2023/02/24 11:21:23 fetching corpus: 8989, signal 250779/257615 (executing program) 2023/02/24 11:21:23 fetching corpus: 9039, signal 251090/257615 (executing program) 2023/02/24 11:21:23 fetching corpus: 9089, signal 251381/257615 (executing program) 2023/02/24 11:21:23 fetching corpus: 9139, signal 251899/257632 (executing program) 2023/02/24 11:21:23 fetching corpus: 9188, signal 252304/257632 (executing program) 2023/02/24 11:21:23 fetching corpus: 9238, signal 252598/257632 (executing program) 2023/02/24 11:21:24 fetching corpus: 9288, signal 252999/257632 (executing program) 2023/02/24 11:21:24 fetching corpus: 9337, signal 253344/257644 (executing program) 2023/02/24 11:21:24 fetching corpus: 9387, signal 253738/257644 (executing program) 2023/02/24 11:21:24 fetching corpus: 9437, signal 254051/257644 (executing program) 2023/02/24 11:21:24 fetching corpus: 9461, signal 254131/257644 (executing program) 2023/02/24 11:21:24 fetching corpus: 9462, signal 254138/257644 (executing program) 2023/02/24 11:21:24 fetching corpus: 9462, signal 254138/257644 (executing program) 2023/02/24 11:21:27 starting 8 fuzzer processes 11:21:27 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f00000009c0)={&(0x7f0000000900), 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x14, r1, 0x1}, 0x14}}, 0x0) 11:21:27 executing program 1: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = signalfd(r0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netstat\x00') pread64(r2, &(0x7f00000000c0)=""/98, 0x62, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = socket$nl_audit(0x10, 0x3, 0x9) fcntl$setsig(r1, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) getresgid(0xffffffffffffffff, 0x0, 0x0) 11:21:27 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) bind$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e23}, 0x6e) syz_open_dev$tty20(0xc, 0x4, 0x0) [ 74.720459] audit: type=1400 audit(1677237687.388:6): avc: denied { execmem } for pid=259 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:21:27 executing program 3: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000), 0x6) r1 = dup(r0) write$bt_hci(r1, &(0x7f0000000040)={0x1, @remote_name_req={{0x419, 0xa}, {@fixed}}}, 0xe) 11:21:27 executing program 5: mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x4d031, 0xffffffffffffffff, 0x0) mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)) 11:21:27 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000014c0)={0x18, 0x31, 0x1, 0x0, 0x0, "", [@nested={0x8, 0x0, 0x0, 0x1, [@typed={0x4, 0x1, 0x0, 0x0, @binary}]}]}, 0x18}], 0x1}, 0x0) 11:21:27 executing program 6: perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 11:21:27 executing program 7: syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x841, &(0x7f0000000b80)) open(&(0x7f0000000000)='./file0\x00', 0x535081, 0x0) [ 75.994685] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.997132] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.998533] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 76.002495] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 76.003799] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 76.004657] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 76.042008] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 76.043670] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 76.044626] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 76.046562] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 76.048137] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 76.048918] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 76.123501] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 76.125777] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 76.127371] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 76.131885] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 76.132940] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 76.134054] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 76.134613] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 76.135269] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 76.135976] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 76.136479] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 76.137237] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 76.140388] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 76.141492] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 76.142268] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 76.143580] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 76.144665] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 76.146221] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 76.147517] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 76.149833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 76.150451] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 76.151017] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 76.151958] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 76.153502] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 76.154408] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 76.387838] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 76.391288] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 76.396562] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 76.409200] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 76.412161] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 76.413370] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 78.080147] Bluetooth: hci1: command 0x0409 tx timeout [ 78.080164] Bluetooth: hci0: command 0x0409 tx timeout [ 78.207852] Bluetooth: hci5: command 0x0409 tx timeout [ 78.207878] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 78.208632] Bluetooth: hci2: command 0x0409 tx timeout [ 78.210377] [ 78.210510] ====================================================== [ 78.210909] WARNING: possible circular locking dependency detected [ 78.211304] 6.2.0-next-20230224 #1 Not tainted [ 78.211604] ------------------------------------------------------ [ 78.212804] syz-executor.4/275 is trying to acquire lock: [ 78.215837] ffff888006a44880 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: __flush_work+0xdd/0xd80 [ 78.216802] [ 78.216802] but task is already holding lock: [ 78.217182] ffff888006a44920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 78.217807] [ 78.217807] which lock already depends on the new lock. [ 78.217807] [ 78.218341] [ 78.218341] the existing dependency chain (in reverse order) is: [ 78.218823] [ 78.218823] -> #1 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}: [ 78.219295] __mutex_lock+0x133/0x14a0 [ 78.219599] hci_cmd_sync_work+0x1e6/0x320 [ 78.219926] process_one_work+0xa0f/0x1790 [ 78.220245] worker_thread+0x63b/0x1260 [ 78.220553] kthread+0x2e9/0x3a0 [ 78.220824] ret_from_fork+0x2c/0x50 [ 78.221110] [ 78.221110] -> #0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}: [ 78.221656] __lock_acquire+0x2d56/0x6380 [ 78.221973] lock_acquire.part.0+0xea/0x320 [ 78.222296] __flush_work+0x109/0xd80 [ 78.222587] __cancel_work_timer+0x39c/0x4e0 [ 78.222911] hci_cmd_sync_clear+0x52/0x250 [ 78.223229] hci_unregister_dev+0xf9/0x410 [ 78.223545] vhci_release+0x80/0x100 [ 78.223838] __fput+0x263/0xa40 [ 78.224099] task_work_run+0x174/0x280 [ 78.224399] do_exit+0xad8/0x2800 [ 78.224668] do_group_exit+0xd4/0x2a0 [ 78.224974] __x64_sys_exit_group+0x3e/0x50 [ 78.225295] do_syscall_64+0x3f/0x90 [ 78.225571] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.226010] [ 78.226010] other info that might help us debug this: [ 78.226010] [ 78.226761] Possible unsafe locking scenario: [ 78.226761] [ 78.227328] CPU0 CPU1 [ 78.227773] ---- ---- [ 78.228221] lock(&hdev->cmd_sync_work_lock); [ 78.228671] lock((work_completion)(&hdev->cmd_sync_work)); [ 78.229458] lock(&hdev->cmd_sync_work_lock); [ 78.230124] lock((work_completion)(&hdev->cmd_sync_work)); [ 78.230690] [ 78.230690] *** DEADLOCK *** [ 78.230690] [ 78.231258] 1 lock held by syz-executor.4/275: [ 78.231703] #0: ffff888006a44920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 78.232685] [ 78.232685] stack backtrace: [ 78.233127] CPU: 0 PID: 275 Comm: syz-executor.4 Not tainted 6.2.0-next-20230224 #1 [ 78.233872] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 78.234662] Call Trace: [ 78.234921] [ 78.235149] dump_stack_lvl+0x91/0xf0 [ 78.235534] check_noncircular+0x263/0x2e0 [ 78.235968] ? __pfx_check_noncircular+0x10/0x10 [ 78.236466] __lock_acquire+0x2d56/0x6380 [ 78.236915] ? lock_is_held_type+0x9f/0x120 [ 78.237362] ? __pfx___lock_acquire+0x10/0x10 [ 78.237833] ? __pfx_register_lock_class+0x10/0x10 [ 78.238222] ? __wait_for_common+0x394/0x550 [ 78.238524] ? __pfx_lock_release+0x10/0x10 [ 78.238822] lock_acquire.part.0+0xea/0x320 [ 78.239117] ? __flush_work+0xdd/0xd80 [ 78.239388] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 78.239720] ? __flush_work+0xdd/0xd80 [ 78.239989] ? rcu_read_lock_sched_held+0x42/0x80 [ 78.240313] ? trace_lock_acquire+0x170/0x1e0 [ 78.240619] ? __flush_work+0xdd/0xd80 [ 78.240911] ? lock_acquire+0x32/0xc0 [ 78.241172] ? __flush_work+0xdd/0xd80 [ 78.241441] __flush_work+0x109/0xd80 [ 78.241705] ? __flush_work+0xdd/0xd80 [ 78.241983] ? __pfx_mark_lock.part.0+0x10/0x10 [ 78.242303] ? __pfx___flush_work+0x10/0x10 [ 78.242594] ? lock_acquire.part.0+0xea/0x320 [ 78.242902] ? hci_cmd_sync_clear+0x45/0x250 [ 78.243199] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 78.243531] ? hci_cmd_sync_clear+0x45/0x250 [ 78.243833] ? rcu_read_lock_sched_held+0x42/0x80 [ 78.244172] ? trace_lock_acquire+0x170/0x1e0 [ 78.244499] ? lock_is_held_type+0x9f/0x120 [ 78.244828] ? mark_held_locks+0x9e/0xe0 [ 78.245131] __cancel_work_timer+0x39c/0x4e0 [ 78.245448] ? __pfx___cancel_work_timer+0x10/0x10 [ 78.245793] ? __cancel_work_timer+0x2aa/0x4e0 [ 78.246115] ? __pfx___cancel_work_timer+0x10/0x10 [ 78.246465] ? lock_release+0x1e3/0x710 [ 78.246769] ? __pfx_lock_release+0x10/0x10 [ 78.247091] ? do_raw_write_lock+0x11e/0x3b0 [ 78.247418] ? __pfx_vhci_release+0x10/0x10 [ 78.247744] hci_cmd_sync_clear+0x52/0x250 [ 78.248053] ? __pfx_vhci_release+0x10/0x10 [ 78.248365] hci_unregister_dev+0xf9/0x410 [ 78.248680] vhci_release+0x80/0x100 [ 78.248969] __fput+0x263/0xa40 [ 78.249221] task_work_run+0x174/0x280 [ 78.249514] ? __pfx_task_work_run+0x10/0x10 [ 78.249833] ? do_raw_spin_unlock+0x53/0x220 [ 78.250142] do_exit+0xad8/0x2800 [ 78.250401] ? lock_release+0x1e3/0x710 [ 78.250697] ? __pfx_lock_release+0x10/0x10 [ 78.250997] ? do_raw_spin_lock+0x125/0x270 [ 78.251283] ? __pfx_do_exit+0x10/0x10 [ 78.251549] do_group_exit+0xd4/0x2a0 [ 78.251809] __x64_sys_exit_group+0x3e/0x50 [ 78.252098] do_syscall_64+0x3f/0x90 [ 78.252348] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 78.252684] RIP: 0033:0x7f281fe31b19 [ 78.252938] Code: Unable to access opcode bytes at 0x7f281fe31aef. [ 78.253334] RSP: 002b:00007ffd6b7cc0a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 78.253822] RAX: ffffffffffffffda RBX: 00007ffd6b7cc888 RCX: 00007f281fe31b19 [ 78.254278] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 78.254732] RBP: 0000000000000000 R08: 0000000000000026 R09: 00007ffd6b7cc888 [ 78.255192] R10: 0000000000000020 R11: 0000000000000246 R12: 00007f281fe8b233 [ 78.255644] R13: 0000000000000002 R14: 0000000000000000 R15: 00000000000000f8 [ 78.256107] [ 78.271749] Bluetooth: hci3: command 0x0409 tx timeout [ 78.335773] Bluetooth: hci4: command 0x0409 tx timeout [ 78.463773] Bluetooth: hci6: command 0x0409 tx timeout [ 80.127755] Bluetooth: hci1: command 0x041b tx timeout [ 80.128870] Bluetooth: hci0: command 0x041b tx timeout [ 80.255757] Bluetooth: hci2: command 0x041b tx timeout [ 80.255780] Bluetooth: hci5: command 0x041b tx timeout [ 80.320773] Bluetooth: hci3: command 0x041b tx timeout [ 80.383759] Bluetooth: hci4: command 0x041b tx timeout [ 80.512776] Bluetooth: hci6: command 0x041b tx timeout [ 81.161729] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 81.164098] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 81.165823] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 81.170105] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 81.173820] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 81.174827] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 82.175779] Bluetooth: hci0: command 0x040f tx timeout [ 82.175801] Bluetooth: hci1: command 0x040f tx timeout [ 82.303776] Bluetooth: hci2: command 0x040f tx timeout [ 82.303807] Bluetooth: hci5: command 0x040f tx timeout [ 82.367768] Bluetooth: hci3: command 0x040f tx timeout [ 82.431744] Bluetooth: hci4: command 0x040f tx timeout [ 82.559784] Bluetooth: hci6: command 0x040f tx timeout [ 83.199792] Bluetooth: hci7: command 0x0409 tx timeout [ 84.223766] Bluetooth: hci1: command 0x0419 tx timeout [ 84.224208] Bluetooth: hci0: command 0x0419 tx timeout [ 84.351756] Bluetooth: hci2: command 0x0419 tx timeout [ 84.352793] Bluetooth: hci5: command 0x0419 tx timeout [ 84.415825] Bluetooth: hci3: command 0x0419 tx timeout [ 84.479761] Bluetooth: hci4: command 0x0419 tx timeout [ 84.607738] Bluetooth: hci6: command 0x0419 tx timeout [ 85.247753] Bluetooth: hci7: command 0x041b tx timeout [ 87.296775] Bluetooth: hci7: command 0x040f tx timeout VM DIAGNOSIS: 11:21:31 Registers: info registers vcpu 0 RAX=0000000000000073 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82502865 RDI=ffffffff87f10da0 RBP=ffffffff87f10d60 RSP=ffff888019757190 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000073 R11=0000000000000001 R12=0000000000000073 R13=ffffffff87f10d60 R14=0000000000000010 R15=ffffffff82502850 RIP=ffffffff825028bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe76dae5f000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe76dae5d000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb769d91090 CR3=000000001e5c0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=00362e6f732e6362696c2f756e672d78 XMM02=ffff0000000000ffffffffffffffffff XMM03=ffffffffffffffffffffffffffffffff XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=1ffffffff0c21438 RBX=0000000000000001 RCX=ffffffff8610a1c4 RDX=0000000000000000 RSI=dffffc0000000000 RDI=ffffffff8610a1c6 RBP=ffff888040a7f648 RSP=ffff888040a7f580 R8 =ffffffff8610a1c8 R9 =ffff888040a7f630 R10=0000000000038001 R11=0000000000000001 R12=ffff888040a7f650 R13=ffff888040a7f5f0 R14=ffff888040a7ff40 R15=0000000000000001 RIP=ffffffff81133a75 RFL=00000213 [----A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0806d2c000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0806d2a000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fab7c7f61f0 CR3=0000000016e68000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=6461657268747062696c2f756e672d78 XMM02=00302e6f732e6461657268747062696c XMM03=2f756e672d78756e696c2d34365f3638 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000