Warning: Permanently added '[localhost]:38455' (ECDSA) to the list of known hosts. 2023/02/24 11:22:13 fuzzer started 2023/02/24 11:22:13 dialing manager at localhost:41417 syzkaller login: [ 39.261508] cgroup: Unknown subsys name 'net' [ 39.358313] cgroup: Unknown subsys name 'rlimit' 2023/02/24 11:22:30 syscalls: 2217 2023/02/24 11:22:30 code coverage: enabled 2023/02/24 11:22:30 comparison tracing: enabled 2023/02/24 11:22:30 extra coverage: enabled 2023/02/24 11:22:30 setuid sandbox: enabled 2023/02/24 11:22:30 namespace sandbox: enabled 2023/02/24 11:22:30 Android sandbox: enabled 2023/02/24 11:22:30 fault injection: enabled 2023/02/24 11:22:30 leak checking: enabled 2023/02/24 11:22:30 net packet injection: enabled 2023/02/24 11:22:30 net device setup: enabled 2023/02/24 11:22:30 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/02/24 11:22:30 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/02/24 11:22:30 USB emulation: enabled 2023/02/24 11:22:30 hci packet injection: enabled 2023/02/24 11:22:30 wifi device emulation: enabled 2023/02/24 11:22:30 802.15.4 emulation: enabled 2023/02/24 11:22:30 fetching corpus: 0, signal 0/2000 (executing program) 2023/02/24 11:22:30 fetching corpus: 34, signal 25430/29003 (executing program) 2023/02/24 11:22:30 fetching corpus: 84, signal 40163/45207 (executing program) 2023/02/24 11:22:30 fetching corpus: 133, signal 51019/57450 (executing program) 2023/02/24 11:22:30 fetching corpus: 182, signal 60558/68237 (executing program) 2023/02/24 11:22:30 fetching corpus: 231, signal 65540/74511 (executing program) 2023/02/24 11:22:31 fetching corpus: 281, signal 71913/82021 (executing program) 2023/02/24 11:22:31 fetching corpus: 331, signal 76136/87414 (executing program) 2023/02/24 11:22:31 fetching corpus: 380, signal 81677/93976 (executing program) 2023/02/24 11:22:31 fetching corpus: 430, signal 84951/98347 (executing program) 2023/02/24 11:22:31 fetching corpus: 480, signal 89953/104278 (executing program) 2023/02/24 11:22:31 fetching corpus: 530, signal 93160/108483 (executing program) 2023/02/24 11:22:31 fetching corpus: 580, signal 96993/113212 (executing program) 2023/02/24 11:22:31 fetching corpus: 630, signal 100903/117914 (executing program) 2023/02/24 11:22:32 fetching corpus: 680, signal 103991/121857 (executing program) 2023/02/24 11:22:32 fetching corpus: 730, signal 106855/125536 (executing program) 2023/02/24 11:22:32 fetching corpus: 780, signal 110058/129542 (executing program) 2023/02/24 11:22:32 fetching corpus: 830, signal 112861/133117 (executing program) 2023/02/24 11:22:32 fetching corpus: 880, signal 114550/135660 (executing program) 2023/02/24 11:22:32 fetching corpus: 930, signal 117262/139097 (executing program) 2023/02/24 11:22:32 fetching corpus: 980, signal 121163/143381 (executing program) 2023/02/24 11:22:32 fetching corpus: 1030, signal 122992/145942 (executing program) 2023/02/24 11:22:32 fetching corpus: 1080, signal 125278/148868 (executing program) 2023/02/24 11:22:32 fetching corpus: 1130, signal 126958/151254 (executing program) 2023/02/24 11:22:33 fetching corpus: 1180, signal 128710/153696 (executing program) 2023/02/24 11:22:33 fetching corpus: 1230, signal 131312/156768 (executing program) 2023/02/24 11:22:33 fetching corpus: 1280, signal 133879/159758 (executing program) 2023/02/24 11:22:33 fetching corpus: 1330, signal 135378/161852 (executing program) 2023/02/24 11:22:33 fetching corpus: 1380, signal 137280/164327 (executing program) 2023/02/24 11:22:33 fetching corpus: 1430, signal 139146/166692 (executing program) 2023/02/24 11:22:33 fetching corpus: 1480, signal 141720/169626 (executing program) 2023/02/24 11:22:33 fetching corpus: 1530, signal 143862/172147 (executing program) 2023/02/24 11:22:33 fetching corpus: 1580, signal 144978/173876 (executing program) 2023/02/24 11:22:34 fetching corpus: 1630, signal 146652/175929 (executing program) 2023/02/24 11:22:34 fetching corpus: 1680, signal 148478/178158 (executing program) 2023/02/24 11:22:34 fetching corpus: 1730, signal 149964/180077 (executing program) 2023/02/24 11:22:34 fetching corpus: 1780, signal 151974/182373 (executing program) 2023/02/24 11:22:34 fetching corpus: 1830, signal 153653/184397 (executing program) 2023/02/24 11:22:34 fetching corpus: 1880, signal 155165/186246 (executing program) 2023/02/24 11:22:34 fetching corpus: 1930, signal 156345/187885 (executing program) 2023/02/24 11:22:34 fetching corpus: 1980, signal 157819/189658 (executing program) 2023/02/24 11:22:34 fetching corpus: 2030, signal 159557/191594 (executing program) 2023/02/24 11:22:35 fetching corpus: 2080, signal 161269/193502 (executing program) 2023/02/24 11:22:35 fetching corpus: 2130, signal 162666/195174 (executing program) 2023/02/24 11:22:35 fetching corpus: 2180, signal 163436/196430 (executing program) 2023/02/24 11:22:35 fetching corpus: 2230, signal 164340/197744 (executing program) 2023/02/24 11:22:35 fetching corpus: 2280, signal 165514/199240 (executing program) 2023/02/24 11:22:35 fetching corpus: 2330, signal 166301/200445 (executing program) 2023/02/24 11:22:35 fetching corpus: 2380, signal 167732/202092 (executing program) 2023/02/24 11:22:35 fetching corpus: 2430, signal 168987/203565 (executing program) 2023/02/24 11:22:36 fetching corpus: 2480, signal 170200/205001 (executing program) 2023/02/24 11:22:36 fetching corpus: 2530, signal 171083/206254 (executing program) 2023/02/24 11:22:36 fetching corpus: 2580, signal 172061/207477 (executing program) 2023/02/24 11:22:36 fetching corpus: 2630, signal 173416/208901 (executing program) 2023/02/24 11:22:36 fetching corpus: 2680, signal 174325/210115 (executing program) 2023/02/24 11:22:36 fetching corpus: 2730, signal 175497/211434 (executing program) 2023/02/24 11:22:36 fetching corpus: 2780, signal 176612/212673 (executing program) 2023/02/24 11:22:36 fetching corpus: 2830, signal 177536/213849 (executing program) 2023/02/24 11:22:37 fetching corpus: 2880, signal 178814/215214 (executing program) 2023/02/24 11:22:37 fetching corpus: 2930, signal 179534/216175 (executing program) 2023/02/24 11:22:37 fetching corpus: 2980, signal 180877/217523 (executing program) 2023/02/24 11:22:37 fetching corpus: 3030, signal 182128/218827 (executing program) 2023/02/24 11:22:37 fetching corpus: 3080, signal 182914/219833 (executing program) 2023/02/24 11:22:37 fetching corpus: 3130, signal 184302/221101 (executing program) 2023/02/24 11:22:37 fetching corpus: 3180, signal 185449/222277 (executing program) 2023/02/24 11:22:37 fetching corpus: 3230, signal 186145/223217 (executing program) 2023/02/24 11:22:38 fetching corpus: 3280, signal 187044/224200 (executing program) 2023/02/24 11:22:38 fetching corpus: 3330, signal 187710/225075 (executing program) 2023/02/24 11:22:38 fetching corpus: 3380, signal 188493/225964 (executing program) 2023/02/24 11:22:38 fetching corpus: 3430, signal 189601/227056 (executing program) 2023/02/24 11:22:38 fetching corpus: 3480, signal 190122/227808 (executing program) 2023/02/24 11:22:38 fetching corpus: 3530, signal 191053/228745 (executing program) 2023/02/24 11:22:38 fetching corpus: 3580, signal 191866/229677 (executing program) 2023/02/24 11:22:39 fetching corpus: 3630, signal 192990/230655 (executing program) 2023/02/24 11:22:39 fetching corpus: 3680, signal 193822/231546 (executing program) 2023/02/24 11:22:39 fetching corpus: 3730, signal 194890/232492 (executing program) 2023/02/24 11:22:39 fetching corpus: 3780, signal 195809/233366 (executing program) 2023/02/24 11:22:39 fetching corpus: 3830, signal 196393/234122 (executing program) 2023/02/24 11:22:39 fetching corpus: 3880, signal 197705/235121 (executing program) 2023/02/24 11:22:39 fetching corpus: 3930, signal 198397/235861 (executing program) 2023/02/24 11:22:40 fetching corpus: 3980, signal 199526/236822 (executing program) 2023/02/24 11:22:40 fetching corpus: 4030, signal 200238/237553 (executing program) 2023/02/24 11:22:40 fetching corpus: 4080, signal 200887/238233 (executing program) 2023/02/24 11:22:40 fetching corpus: 4130, signal 202033/239083 (executing program) 2023/02/24 11:22:40 fetching corpus: 4180, signal 202695/239746 (executing program) 2023/02/24 11:22:40 fetching corpus: 4230, signal 203240/240383 (executing program) 2023/02/24 11:22:40 fetching corpus: 4280, signal 203691/240971 (executing program) 2023/02/24 11:22:40 fetching corpus: 4330, signal 204411/241619 (executing program) 2023/02/24 11:22:40 fetching corpus: 4380, signal 205089/242241 (executing program) 2023/02/24 11:22:41 fetching corpus: 4430, signal 205852/242886 (executing program) 2023/02/24 11:22:41 fetching corpus: 4480, signal 206427/243488 (executing program) 2023/02/24 11:22:41 fetching corpus: 4530, signal 206937/244048 (executing program) 2023/02/24 11:22:41 fetching corpus: 4580, signal 207701/244699 (executing program) 2023/02/24 11:22:41 fetching corpus: 4630, signal 208308/245264 (executing program) 2023/02/24 11:22:41 fetching corpus: 4680, signal 209157/245901 (executing program) 2023/02/24 11:22:41 fetching corpus: 4730, signal 209980/246524 (executing program) 2023/02/24 11:22:41 fetching corpus: 4780, signal 210833/247148 (executing program) 2023/02/24 11:22:42 fetching corpus: 4830, signal 211350/247659 (executing program) 2023/02/24 11:22:42 fetching corpus: 4880, signal 211993/248191 (executing program) 2023/02/24 11:22:42 fetching corpus: 4930, signal 212444/248678 (executing program) 2023/02/24 11:22:42 fetching corpus: 4980, signal 213181/249216 (executing program) 2023/02/24 11:22:42 fetching corpus: 5030, signal 213694/249660 (executing program) 2023/02/24 11:22:42 fetching corpus: 5080, signal 214327/250142 (executing program) 2023/02/24 11:22:42 fetching corpus: 5130, signal 214852/250596 (executing program) 2023/02/24 11:22:42 fetching corpus: 5180, signal 215488/251062 (executing program) 2023/02/24 11:22:43 fetching corpus: 5230, signal 215927/251501 (executing program) 2023/02/24 11:22:43 fetching corpus: 5280, signal 216523/251938 (executing program) 2023/02/24 11:22:43 fetching corpus: 5330, signal 217168/252381 (executing program) 2023/02/24 11:22:43 fetching corpus: 5380, signal 217793/252809 (executing program) 2023/02/24 11:22:43 fetching corpus: 5430, signal 218555/253224 (executing program) 2023/02/24 11:22:43 fetching corpus: 5480, signal 219507/253666 (executing program) 2023/02/24 11:22:43 fetching corpus: 5530, signal 219974/254031 (executing program) 2023/02/24 11:22:43 fetching corpus: 5580, signal 220459/254372 (executing program) 2023/02/24 11:22:44 fetching corpus: 5630, signal 220888/254727 (executing program) 2023/02/24 11:22:44 fetching corpus: 5679, signal 221394/255087 (executing program) 2023/02/24 11:22:44 fetching corpus: 5729, signal 221886/255429 (executing program) 2023/02/24 11:22:44 fetching corpus: 5778, signal 222510/255790 (executing program) 2023/02/24 11:22:44 fetching corpus: 5828, signal 222955/256125 (executing program) 2023/02/24 11:22:44 fetching corpus: 5878, signal 223322/256457 (executing program) 2023/02/24 11:22:44 fetching corpus: 5928, signal 223757/256768 (executing program) 2023/02/24 11:22:44 fetching corpus: 5978, signal 224299/257089 (executing program) 2023/02/24 11:22:44 fetching corpus: 6028, signal 224851/257394 (executing program) 2023/02/24 11:22:45 fetching corpus: 6078, signal 225542/257715 (executing program) 2023/02/24 11:22:45 fetching corpus: 6128, signal 226030/257997 (executing program) 2023/02/24 11:22:45 fetching corpus: 6177, signal 226649/258294 (executing program) 2023/02/24 11:22:45 fetching corpus: 6227, signal 227248/258552 (executing program) 2023/02/24 11:22:45 fetching corpus: 6276, signal 227948/258813 (executing program) 2023/02/24 11:22:45 fetching corpus: 6326, signal 228460/259053 (executing program) 2023/02/24 11:22:45 fetching corpus: 6376, signal 228977/259294 (executing program) 2023/02/24 11:22:46 fetching corpus: 6426, signal 229442/259470 (executing program) 2023/02/24 11:22:46 fetching corpus: 6476, signal 229857/259470 (executing program) 2023/02/24 11:22:46 fetching corpus: 6526, signal 230316/259470 (executing program) 2023/02/24 11:22:46 fetching corpus: 6576, signal 230867/259470 (executing program) 2023/02/24 11:22:46 fetching corpus: 6626, signal 231166/259470 (executing program) 2023/02/24 11:22:46 fetching corpus: 6676, signal 231557/259470 (executing program) 2023/02/24 11:22:46 fetching corpus: 6726, signal 231903/259470 (executing program) 2023/02/24 11:22:46 fetching corpus: 6776, signal 232288/259470 (executing program) 2023/02/24 11:22:46 fetching corpus: 6826, signal 232736/259470 (executing program) 2023/02/24 11:22:47 fetching corpus: 6876, signal 233268/259470 (executing program) 2023/02/24 11:22:47 fetching corpus: 6926, signal 233727/259470 (executing program) 2023/02/24 11:22:47 fetching corpus: 6976, signal 234157/259470 (executing program) 2023/02/24 11:22:47 fetching corpus: 7026, signal 234500/259470 (executing program) 2023/02/24 11:22:47 fetching corpus: 7076, signal 235081/259470 (executing program) 2023/02/24 11:22:47 fetching corpus: 7126, signal 235589/259470 (executing program) 2023/02/24 11:22:47 fetching corpus: 7176, signal 236156/259551 (executing program) 2023/02/24 11:22:47 fetching corpus: 7226, signal 236426/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7276, signal 236894/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7326, signal 237274/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7376, signal 237731/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7426, signal 238156/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7476, signal 238547/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7525, signal 239160/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7575, signal 239715/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7625, signal 240051/259551 (executing program) 2023/02/24 11:22:48 fetching corpus: 7675, signal 240412/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 7725, signal 240870/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 7775, signal 241268/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 7825, signal 241734/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 7875, signal 242236/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 7925, signal 242573/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 7975, signal 243001/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 8025, signal 243338/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 8075, signal 243698/259555 (executing program) 2023/02/24 11:22:49 fetching corpus: 8125, signal 244116/259555 (executing program) 2023/02/24 11:22:50 fetching corpus: 8174, signal 244580/259555 (executing program) 2023/02/24 11:22:50 fetching corpus: 8224, signal 244992/259555 (executing program) 2023/02/24 11:22:50 fetching corpus: 8274, signal 245254/259555 (executing program) 2023/02/24 11:22:50 fetching corpus: 8324, signal 245681/259555 (executing program) 2023/02/24 11:22:50 fetching corpus: 8374, signal 246317/259555 (executing program) 2023/02/24 11:22:50 fetching corpus: 8424, signal 246713/259555 (executing program) 2023/02/24 11:22:50 fetching corpus: 8474, signal 246933/259555 (executing program) 2023/02/24 11:22:50 fetching corpus: 8524, signal 247303/259580 (executing program) 2023/02/24 11:22:50 fetching corpus: 8574, signal 247692/259580 (executing program) 2023/02/24 11:22:50 fetching corpus: 8624, signal 248046/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 8674, signal 248501/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 8724, signal 248864/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 8774, signal 249265/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 8824, signal 249627/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 8874, signal 250191/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 8924, signal 250508/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 8974, signal 250790/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 9024, signal 251121/259580 (executing program) 2023/02/24 11:22:51 fetching corpus: 9074, signal 251471/259583 (executing program) 2023/02/24 11:22:52 fetching corpus: 9124, signal 251833/259583 (executing program) 2023/02/24 11:22:52 fetching corpus: 9174, signal 252275/259583 (executing program) 2023/02/24 11:22:52 fetching corpus: 9224, signal 252781/259583 (executing program) 2023/02/24 11:22:52 fetching corpus: 9274, signal 253323/259583 (executing program) 2023/02/24 11:22:52 fetching corpus: 9324, signal 253613/259583 (executing program) 2023/02/24 11:22:52 fetching corpus: 9374, signal 253861/259584 (executing program) 2023/02/24 11:22:52 fetching corpus: 9424, signal 254216/259585 (executing program) 2023/02/24 11:22:52 fetching corpus: 9472, signal 254590/259604 (executing program) 2023/02/24 11:22:53 fetching corpus: 9521, signal 254994/259622 (executing program) 2023/02/24 11:22:53 fetching corpus: 9571, signal 255237/259622 (executing program) 2023/02/24 11:22:53 fetching corpus: 9621, signal 255660/259622 (executing program) 2023/02/24 11:22:53 fetching corpus: 9671, signal 255897/259622 (executing program) 2023/02/24 11:22:53 fetching corpus: 9675, signal 255912/259622 (executing program) 2023/02/24 11:22:53 fetching corpus: 9675, signal 255912/259622 (executing program) 2023/02/24 11:22:56 starting 8 fuzzer processes 11:22:56 executing program 0: r0 = syz_io_uring_setup(0x46ac, &(0x7f0000000200), &(0x7f00000a0000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_SEND={0x1a, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x0) io_uring_enter(r0, 0x1, 0x0, 0x0, 0x0, 0x0) 11:22:56 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x19, 0x0, &(0x7f00000001c0)) 11:22:56 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() prlimit64(r1, 0x0, 0x0, 0x0) r2 = perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x1, 0x2, 0x8, 0x8, 0x0, 0x0, 0x40000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1, @perf_bp={&(0x7f0000000380), 0x4}, 0x10, 0xb1, 0x4, 0x6, 0x40, 0x0, 0x4000, 0x0, 0xffff0000, 0x0, 0x20000000000}, r1, 0xf, 0xffffffffffffffff, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, r0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f0000000080)={0x0, 0x0, 0x4d, 0x0, '\x00', [{}, {0x800, 0x0, 0x80000000000}]}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0) perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x7f, 0x8, 0x0, 0x9, 0x0, 0x7db8, 0x100, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x0, 0x6}, 0x8040, 0x8f1, 0x1, 0x6, 0x100000004, 0x2, 0x3ff, 0x0, 0xffff, 0x0, 0x1}, 0x0, 0xffffffffffff3fa9, r2, 0x3) 11:22:56 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) setresgid(0xffffffffffffffff, 0x0, 0x0) 11:22:56 executing program 3: r0 = socket$unix(0x1, 0x5, 0x0) io_setup(0x3, &(0x7f0000000040)=0x0) io_submit(r1, 0x2, &(0x7f00000001c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x3}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x6, 0x0, r0, 0x0}]) 11:22:56 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$FS_IOC_GETVERSION(r0, 0x80087601, 0x0) [ 79.000272] audit: type=1400 audit(1677237776.275:6): avc: denied { execmem } for pid=259 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:22:56 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x68, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x3c, 0x33, @deauth={@with_ht={{{}, {}, @broadcast, @device_b, @random="a88a3895a744"}}, 0x0, @val={0x8c, 0x18, {0x0, "e09d3b1b8667", @long="240d64c482f59bf4c8ba117c1d59f494"}}}}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}]]}, 0x68}}, 0x0) 11:22:56 executing program 7: socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x6e, &(0x7f0000000000)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "2ddc20", 0x38, 0x3a, 0x0, @empty, @local, {[@dstopts], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "f2e2a6", 0x0, 0x0, 0x0, @mcast2, @remote}}}}}}}, 0x0) [ 80.273978] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.274879] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 80.277288] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 80.277909] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 80.280267] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 80.281024] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 80.281896] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.283037] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.285197] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 80.286523] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.287851] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 80.288608] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 80.324919] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 80.327750] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 80.340116] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 80.342536] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 80.343150] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 80.343643] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 80.351834] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 80.352625] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 80.353128] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 80.353607] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 80.358371] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 80.365530] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 80.366061] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 80.367473] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 80.367967] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 80.373713] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 80.374461] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 80.374934] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 80.376308] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 80.376866] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 80.377621] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 80.378124] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 80.390208] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 80.433438] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 80.496958] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 80.503052] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 80.509914] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 80.523302] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 80.533838] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 80.539118] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 82.346442] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 82.346471] Bluetooth: hci0: command 0x0409 tx timeout [ 82.348012] Bluetooth: hci1: command 0x0409 tx timeout [ 82.348917] [ 82.349097] ====================================================== [ 82.349594] WARNING: possible circular locking dependency detected [ 82.350024] 6.2.0-next-20230224 #1 Not tainted [ 82.350327] ------------------------------------------------------ [ 82.351693] syz-executor.3/275 is trying to acquire lock: [ 82.353597] ffff88800dd14880 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: __flush_work+0xdd/0xd80 [ 82.355346] [ 82.355346] but task is already holding lock: [ 82.355862] ffff88800dd14920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 82.356717] [ 82.356717] which lock already depends on the new lock. [ 82.356717] [ 82.357424] [ 82.357424] the existing dependency chain (in reverse order) is: [ 82.358083] [ 82.358083] -> #1 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}: [ 82.358741] __mutex_lock+0x133/0x14a0 [ 82.359170] hci_cmd_sync_work+0x1e6/0x320 [ 82.359623] process_one_work+0xa0f/0x1790 [ 82.360077] worker_thread+0x63b/0x1260 [ 82.360511] kthread+0x2e9/0x3a0 [ 82.360880] ret_from_fork+0x2c/0x50 [ 82.361289] [ 82.361289] -> #0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}: [ 82.362055] __lock_acquire+0x2d56/0x6380 [ 82.362508] lock_acquire.part.0+0xea/0x320 [ 82.362970] __flush_work+0x109/0xd80 [ 82.363386] __cancel_work_timer+0x39c/0x4e0 [ 82.363841] hci_cmd_sync_clear+0x52/0x250 [ 82.364296] hci_unregister_dev+0xf9/0x410 [ 82.364751] vhci_release+0x80/0x100 [ 82.365160] __fput+0x263/0xa40 [ 82.365527] task_work_run+0x174/0x280 [ 82.365953] do_exit+0xad8/0x2800 [ 82.366349] do_group_exit+0xd4/0x2a0 [ 82.366665] __x64_sys_exit_group+0x3e/0x50 [ 82.366996] do_syscall_64+0x3f/0x90 [ 82.367300] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.367694] [ 82.367694] other info that might help us debug this: [ 82.367694] [ 82.368229] Possible unsafe locking scenario: [ 82.368229] [ 82.368643] CPU0 CPU1 [ 82.368964] ---- ---- [ 82.369284] lock(&hdev->cmd_sync_work_lock); [ 82.369608] lock((work_completion)(&hdev->cmd_sync_work)); [ 82.370164] lock(&hdev->cmd_sync_work_lock); [ 82.370641] lock((work_completion)(&hdev->cmd_sync_work)); [ 82.371035] [ 82.371035] *** DEADLOCK *** [ 82.371035] [ 82.371439] 1 lock held by syz-executor.3/275: [ 82.371741] #0: ffff88800dd14920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 82.372404] [ 82.372404] stack backtrace: [ 82.372699] CPU: 0 PID: 275 Comm: syz-executor.3 Not tainted 6.2.0-next-20230224 #1 [ 82.373205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 82.373742] Call Trace: [ 82.373918] [ 82.374088] dump_stack_lvl+0x91/0xf0 [ 82.374356] check_noncircular+0x263/0x2e0 [ 82.374657] ? __pfx_check_noncircular+0x10/0x10 [ 82.374993] __lock_acquire+0x2d56/0x6380 [ 82.375284] ? lock_is_held_type+0x9f/0x120 [ 82.375581] ? __pfx___lock_acquire+0x10/0x10 [ 82.375895] ? __pfx_register_lock_class+0x10/0x10 [ 82.376239] ? __wait_for_common+0x394/0x550 [ 82.376544] ? __pfx_lock_release+0x10/0x10 [ 82.376844] lock_acquire.part.0+0xea/0x320 [ 82.377149] ? __flush_work+0xdd/0xd80 [ 82.377425] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 82.377761] ? __flush_work+0xdd/0xd80 [ 82.378043] ? rcu_read_lock_sched_held+0x42/0x80 [ 82.378371] ? trace_lock_acquire+0x170/0x1e0 [ 82.378682] ? __flush_work+0xdd/0xd80 [ 82.378953] ? lock_acquire+0x32/0xc0 [ 82.379222] ? __flush_work+0xdd/0xd80 [ 82.379496] __flush_work+0x109/0xd80 [ 82.379767] ? __flush_work+0xdd/0xd80 [ 82.380046] ? __pfx_mark_lock.part.0+0x10/0x10 [ 82.380371] ? __pfx___flush_work+0x10/0x10 [ 82.380673] ? lock_acquire.part.0+0xea/0x320 [ 82.380991] ? hci_cmd_sync_clear+0x45/0x250 [ 82.381301] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 82.381640] ? hci_cmd_sync_clear+0x45/0x250 [ 82.381943] ? rcu_read_lock_sched_held+0x42/0x80 [ 82.382280] ? trace_lock_acquire+0x170/0x1e0 [ 82.382590] ? lock_is_held_type+0x9f/0x120 [ 82.382894] ? mark_held_locks+0x9e/0xe0 [ 82.383178] __cancel_work_timer+0x39c/0x4e0 [ 82.383477] ? __pfx___cancel_work_timer+0x10/0x10 [ 82.383807] ? __cancel_work_timer+0x2aa/0x4e0 [ 82.384117] ? __pfx___cancel_work_timer+0x10/0x10 [ 82.384448] ? lock_release+0x1e3/0x710 [ 82.384730] ? __pfx_lock_release+0x10/0x10 [ 82.385036] ? do_raw_write_lock+0x11e/0x3b0 [ 82.385341] ? __pfx_vhci_release+0x10/0x10 [ 82.385644] hci_cmd_sync_clear+0x52/0x250 [ 82.385936] ? __pfx_vhci_release+0x10/0x10 [ 82.386241] hci_unregister_dev+0xf9/0x410 [ 82.386533] vhci_release+0x80/0x100 [ 82.386798] __fput+0x263/0xa40 [ 82.387033] task_work_run+0x174/0x280 [ 82.387309] ? __pfx_task_work_run+0x10/0x10 [ 82.387618] ? do_raw_spin_unlock+0x53/0x220 [ 82.387924] do_exit+0xad8/0x2800 [ 82.388167] ? lock_release+0x1e3/0x710 [ 82.388447] ? __pfx_lock_release+0x10/0x10 [ 82.388745] ? do_raw_spin_lock+0x125/0x270 [ 82.389037] ? __pfx_do_exit+0x10/0x10 [ 82.389310] do_group_exit+0xd4/0x2a0 [ 82.389571] __x64_sys_exit_group+0x3e/0x50 [ 82.389864] do_syscall_64+0x3f/0x90 [ 82.390129] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 82.390487] RIP: 0033:0x7ffbb8342b19 [ 82.390745] Code: Unable to access opcode bytes at 0x7ffbb8342aef. [ 82.391165] RSP: 002b:00007ffd915609e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 82.391678] RAX: ffffffffffffffda RBX: 00007ffd915611c8 RCX: 00007ffbb8342b19 [ 82.392161] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 82.392644] RBP: 0000000000000000 R08: 0000000000000026 R09: 00007ffd915611c8 [ 82.393128] R10: 0000000000000020 R11: 0000000000000246 R12: 00007ffbb839c233 [ 82.393605] R13: 0000000000000002 R14: 0000000000000000 R15: 00000000000000f8 [ 82.394100] [ 82.410234] Bluetooth: hci4: command 0x0409 tx timeout [ 82.410666] Bluetooth: hci3: command 0x0409 tx timeout [ 82.411033] Bluetooth: hci6: command 0x0409 tx timeout [ 82.474144] Bluetooth: hci5: command 0x0409 tx timeout [ 82.602258] Bluetooth: hci7: command 0x0409 tx timeout [ 84.394682] Bluetooth: hci1: command 0x041b tx timeout [ 84.395233] Bluetooth: hci0: command 0x041b tx timeout [ 84.458190] Bluetooth: hci6: command 0x041b tx timeout [ 84.458661] Bluetooth: hci3: command 0x041b tx timeout [ 84.459112] Bluetooth: hci4: command 0x041b tx timeout [ 84.522172] Bluetooth: hci5: command 0x041b tx timeout [ 84.650119] Bluetooth: hci7: command 0x041b tx timeout [ 85.492628] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.493367] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.493889] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.495550] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.496901] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.497465] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 86.443181] Bluetooth: hci0: command 0x040f tx timeout [ 86.443585] Bluetooth: hci1: command 0x040f tx timeout [ 86.506143] Bluetooth: hci4: command 0x040f tx timeout [ 86.506507] Bluetooth: hci3: command 0x040f tx timeout [ 86.506825] Bluetooth: hci6: command 0x040f tx timeout [ 86.570158] Bluetooth: hci5: command 0x040f tx timeout [ 86.698119] Bluetooth: hci7: command 0x040f tx timeout [ 87.530150] Bluetooth: hci2: command 0x0409 tx timeout [ 88.490848] Bluetooth: hci1: command 0x0419 tx timeout [ 88.491624] Bluetooth: hci0: command 0x0419 tx timeout [ 88.554169] Bluetooth: hci6: command 0x0419 tx timeout [ 88.554874] Bluetooth: hci3: command 0x0419 tx timeout [ 88.555544] Bluetooth: hci4: command 0x0419 tx timeout [ 88.618124] Bluetooth: hci5: command 0x0419 tx timeout [ 88.746243] Bluetooth: hci7: command 0x0419 tx timeout [ 89.578131] Bluetooth: hci2: command 0x041b tx timeout [ 91.627143] Bluetooth: hci2: command 0x040f tx timeout VM DIAGNOSIS: 11:22:59 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82502865 RDI=ffffffff87f10da0 RBP=ffffffff87f10d60 RSP=ffff888006b9f190 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff87f10d60 R14=0000000000000010 R15=ffffffff82502850 RIP=ffffffff825028bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe637ffa9000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe637ffa7000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f41fbc889c8 CR3=000000000dc42000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=746f6f7465756c423d4547415353454d XMM01=2078302065646f63704f203a32696368 XMM02=ffffffffffffffffffffffffffffffff XMM03=2f6c616e72756f6a2f676f6c2f6e7572 XMM04=56a27f4168a48c9200000000000ae988 XMM05=bf60b5f3ee62f094000000000012c1b8 XMM06=6098c19552daab49000000000010bb30 XMM07=00000000000000000000000000000000 XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000 XMM10=00000000000000000020000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=ffffffff817fa004 RCX=0000000000000000 RDX=0000000000007fa0 RSI=0000000000007fa0 RDI=ffffffff864e5528 RBP=ffff88801584f628 RSP=ffff88801584f560 R8 =0000000000000001 R9 =ffff88801584f610 R10=0000000000038001 R11=0000000000000001 R12=ffff88801584f630 R13=ffff88801584f5d0 R14=ffff88801584f611 R15=0000000000000001 RIP=ffffffff8113270f RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f45c5eff540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe5876fd7000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe5876fd5000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f45c5fd0710 CR3=0000000040c20000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000ff0000000000000000000000ff00 XMM01=ffff00ffffffffffffffffffffff00ff XMM02=4c4700362e322e325f4342494c470035 XMM03=00000000000000000000000000470035 XMM04=4342494c4700362e322e325f4342494c XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000