Warning: Permanently added '[localhost]:48704' (ECDSA) to the list of known hosts. 2023/02/24 11:23:50 fuzzer started 2023/02/24 11:23:50 dialing manager at localhost:41417 syzkaller login: [ 35.852631] cgroup: Unknown subsys name 'net' [ 35.931406] cgroup: Unknown subsys name 'rlimit' 2023/02/24 11:24:02 syscalls: 2217 2023/02/24 11:24:02 code coverage: enabled 2023/02/24 11:24:02 comparison tracing: enabled 2023/02/24 11:24:02 extra coverage: enabled 2023/02/24 11:24:02 setuid sandbox: enabled 2023/02/24 11:24:02 namespace sandbox: enabled 2023/02/24 11:24:02 Android sandbox: enabled 2023/02/24 11:24:02 fault injection: enabled 2023/02/24 11:24:02 leak checking: enabled 2023/02/24 11:24:02 net packet injection: enabled 2023/02/24 11:24:02 net device setup: enabled 2023/02/24 11:24:02 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/02/24 11:24:02 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/02/24 11:24:02 USB emulation: enabled 2023/02/24 11:24:02 hci packet injection: enabled 2023/02/24 11:24:02 wifi device emulation: enabled 2023/02/24 11:24:02 802.15.4 emulation: enabled 2023/02/24 11:24:02 fetching corpus: 0, signal 0/2000 (executing program) 2023/02/24 11:24:03 fetching corpus: 38, signal 23507/27142 (executing program) 2023/02/24 11:24:03 fetching corpus: 88, signal 42134/47188 (executing program) 2023/02/24 11:24:03 fetching corpus: 138, signal 52309/58747 (executing program) 2023/02/24 11:24:03 fetching corpus: 188, signal 60256/67970 (executing program) 2023/02/24 11:24:03 fetching corpus: 238, signal 64207/73263 (executing program) 2023/02/24 11:24:03 fetching corpus: 288, signal 71172/81360 (executing program) 2023/02/24 11:24:03 fetching corpus: 338, signal 76632/87903 (executing program) 2023/02/24 11:24:03 fetching corpus: 388, signal 81825/94190 (executing program) 2023/02/24 11:24:03 fetching corpus: 438, signal 86850/100248 (executing program) 2023/02/24 11:24:04 fetching corpus: 488, signal 91290/105637 (executing program) 2023/02/24 11:24:04 fetching corpus: 538, signal 96772/111913 (executing program) 2023/02/24 11:24:04 fetching corpus: 588, signal 99080/115257 (executing program) 2023/02/24 11:24:04 fetching corpus: 638, signal 103482/120456 (executing program) 2023/02/24 11:24:04 fetching corpus: 688, signal 106701/124490 (executing program) 2023/02/24 11:24:04 fetching corpus: 737, signal 109000/127690 (executing program) 2023/02/24 11:24:04 fetching corpus: 787, signal 111995/131485 (executing program) 2023/02/24 11:24:04 fetching corpus: 837, signal 114984/135219 (executing program) 2023/02/24 11:24:05 fetching corpus: 887, signal 116681/137788 (executing program) 2023/02/24 11:24:05 fetching corpus: 937, signal 118982/140805 (executing program) 2023/02/24 11:24:05 fetching corpus: 987, signal 121142/143711 (executing program) 2023/02/24 11:24:05 fetching corpus: 1037, signal 123725/146984 (executing program) 2023/02/24 11:24:05 fetching corpus: 1087, signal 125493/149480 (executing program) 2023/02/24 11:24:05 fetching corpus: 1137, signal 128506/152956 (executing program) 2023/02/24 11:24:05 fetching corpus: 1187, signal 130583/155674 (executing program) 2023/02/24 11:24:05 fetching corpus: 1237, signal 132693/158337 (executing program) 2023/02/24 11:24:05 fetching corpus: 1287, signal 134880/161100 (executing program) 2023/02/24 11:24:06 fetching corpus: 1337, signal 136719/163511 (executing program) 2023/02/24 11:24:06 fetching corpus: 1387, signal 139567/166708 (executing program) 2023/02/24 11:24:06 fetching corpus: 1437, signal 141712/169261 (executing program) 2023/02/24 11:24:06 fetching corpus: 1487, signal 143274/171365 (executing program) 2023/02/24 11:24:06 fetching corpus: 1537, signal 145425/173919 (executing program) 2023/02/24 11:24:06 fetching corpus: 1587, signal 147225/176175 (executing program) 2023/02/24 11:24:06 fetching corpus: 1637, signal 148883/178310 (executing program) 2023/02/24 11:24:06 fetching corpus: 1687, signal 150329/180238 (executing program) 2023/02/24 11:24:07 fetching corpus: 1737, signal 151718/182112 (executing program) 2023/02/24 11:24:07 fetching corpus: 1787, signal 153421/184149 (executing program) 2023/02/24 11:24:07 fetching corpus: 1837, signal 154552/185764 (executing program) 2023/02/24 11:24:07 fetching corpus: 1887, signal 157091/188407 (executing program) 2023/02/24 11:24:07 fetching corpus: 1937, signal 158267/190063 (executing program) 2023/02/24 11:24:07 fetching corpus: 1987, signal 159643/191839 (executing program) 2023/02/24 11:24:07 fetching corpus: 2037, signal 161233/193697 (executing program) 2023/02/24 11:24:07 fetching corpus: 2087, signal 162403/195229 (executing program) 2023/02/24 11:24:08 fetching corpus: 2137, signal 164045/197142 (executing program) 2023/02/24 11:24:08 fetching corpus: 2187, signal 165602/198942 (executing program) 2023/02/24 11:24:08 fetching corpus: 2237, signal 166469/200226 (executing program) 2023/02/24 11:24:08 fetching corpus: 2287, signal 168129/202041 (executing program) 2023/02/24 11:24:08 fetching corpus: 2337, signal 169431/203537 (executing program) 2023/02/24 11:24:08 fetching corpus: 2387, signal 171144/205272 (executing program) 2023/02/24 11:24:08 fetching corpus: 2437, signal 172421/206718 (executing program) 2023/02/24 11:24:08 fetching corpus: 2487, signal 173477/208063 (executing program) 2023/02/24 11:24:08 fetching corpus: 2537, signal 174374/209290 (executing program) 2023/02/24 11:24:09 fetching corpus: 2587, signal 175706/210769 (executing program) 2023/02/24 11:24:09 fetching corpus: 2637, signal 176648/212036 (executing program) 2023/02/24 11:24:09 fetching corpus: 2687, signal 177483/213169 (executing program) 2023/02/24 11:24:09 fetching corpus: 2737, signal 178191/214213 (executing program) 2023/02/24 11:24:09 fetching corpus: 2786, signal 179388/215563 (executing program) 2023/02/24 11:24:09 fetching corpus: 2836, signal 180310/216703 (executing program) 2023/02/24 11:24:09 fetching corpus: 2885, signal 181296/217833 (executing program) 2023/02/24 11:24:10 fetching corpus: 2933, signal 182189/218978 (executing program) 2023/02/24 11:24:10 fetching corpus: 2983, signal 182856/219925 (executing program) 2023/02/24 11:24:10 fetching corpus: 3033, signal 183794/221023 (executing program) 2023/02/24 11:24:10 fetching corpus: 3083, signal 184745/222165 (executing program) 2023/02/24 11:24:10 fetching corpus: 3133, signal 185363/223074 (executing program) 2023/02/24 11:24:10 fetching corpus: 3183, signal 186676/224322 (executing program) 2023/02/24 11:24:10 fetching corpus: 3233, signal 187746/225480 (executing program) 2023/02/24 11:24:10 fetching corpus: 3283, signal 188655/226525 (executing program) 2023/02/24 11:24:10 fetching corpus: 3333, signal 189466/227434 (executing program) 2023/02/24 11:24:11 fetching corpus: 3383, signal 190161/228351 (executing program) 2023/02/24 11:24:11 fetching corpus: 3433, signal 190895/229214 (executing program) 2023/02/24 11:24:11 fetching corpus: 3483, signal 191780/230195 (executing program) 2023/02/24 11:24:11 fetching corpus: 3533, signal 192509/231047 (executing program) 2023/02/24 11:24:11 fetching corpus: 3583, signal 193394/231927 (executing program) 2023/02/24 11:24:11 fetching corpus: 3633, signal 194114/232749 (executing program) 2023/02/24 11:24:11 fetching corpus: 3683, signal 195042/233654 (executing program) 2023/02/24 11:24:12 fetching corpus: 3733, signal 195880/234481 (executing program) 2023/02/24 11:24:12 fetching corpus: 3783, signal 196688/235322 (executing program) 2023/02/24 11:24:12 fetching corpus: 3833, signal 197591/236173 (executing program) 2023/02/24 11:24:12 fetching corpus: 3883, signal 198444/236973 (executing program) 2023/02/24 11:24:12 fetching corpus: 3933, signal 199884/238065 (executing program) 2023/02/24 11:24:12 fetching corpus: 3983, signal 200786/238877 (executing program) 2023/02/24 11:24:12 fetching corpus: 4033, signal 201389/239537 (executing program) 2023/02/24 11:24:13 fetching corpus: 4083, signal 201844/240168 (executing program) 2023/02/24 11:24:13 fetching corpus: 4133, signal 202464/240848 (executing program) 2023/02/24 11:24:13 fetching corpus: 4183, signal 203193/241568 (executing program) 2023/02/24 11:24:13 fetching corpus: 4233, signal 203959/242268 (executing program) 2023/02/24 11:24:13 fetching corpus: 4283, signal 204563/242899 (executing program) 2023/02/24 11:24:13 fetching corpus: 4333, signal 204942/243452 (executing program) 2023/02/24 11:24:13 fetching corpus: 4383, signal 205466/244078 (executing program) 2023/02/24 11:24:13 fetching corpus: 4433, signal 206010/244709 (executing program) 2023/02/24 11:24:13 fetching corpus: 4483, signal 206732/245402 (executing program) 2023/02/24 11:24:14 fetching corpus: 4533, signal 207458/246080 (executing program) 2023/02/24 11:24:14 fetching corpus: 4583, signal 208323/246736 (executing program) 2023/02/24 11:24:14 fetching corpus: 4633, signal 208873/247276 (executing program) 2023/02/24 11:24:14 fetching corpus: 4683, signal 209695/247888 (executing program) 2023/02/24 11:24:14 fetching corpus: 4733, signal 210530/248495 (executing program) 2023/02/24 11:24:14 fetching corpus: 4783, signal 211333/249086 (executing program) 2023/02/24 11:24:14 fetching corpus: 4833, signal 212093/249658 (executing program) 2023/02/24 11:24:14 fetching corpus: 4883, signal 212686/250164 (executing program) 2023/02/24 11:24:15 fetching corpus: 4933, signal 213100/250645 (executing program) 2023/02/24 11:24:15 fetching corpus: 4983, signal 213644/251116 (executing program) 2023/02/24 11:24:15 fetching corpus: 5033, signal 214234/251647 (executing program) 2023/02/24 11:24:15 fetching corpus: 5083, signal 214944/252197 (executing program) 2023/02/24 11:24:15 fetching corpus: 5133, signal 215276/252632 (executing program) 2023/02/24 11:24:15 fetching corpus: 5183, signal 215790/253127 (executing program) 2023/02/24 11:24:15 fetching corpus: 5233, signal 216191/253559 (executing program) 2023/02/24 11:24:15 fetching corpus: 5283, signal 216738/254006 (executing program) 2023/02/24 11:24:15 fetching corpus: 5333, signal 217254/254478 (executing program) 2023/02/24 11:24:16 fetching corpus: 5383, signal 217910/254908 (executing program) 2023/02/24 11:24:16 fetching corpus: 5432, signal 218494/255339 (executing program) 2023/02/24 11:24:16 fetching corpus: 5482, signal 218952/255738 (executing program) 2023/02/24 11:24:16 fetching corpus: 5532, signal 219412/256115 (executing program) 2023/02/24 11:24:16 fetching corpus: 5582, signal 220159/256538 (executing program) 2023/02/24 11:24:16 fetching corpus: 5632, signal 220736/256920 (executing program) 2023/02/24 11:24:16 fetching corpus: 5682, signal 221369/257285 (executing program) 2023/02/24 11:24:16 fetching corpus: 5732, signal 221879/257658 (executing program) 2023/02/24 11:24:17 fetching corpus: 5782, signal 222430/258032 (executing program) 2023/02/24 11:24:17 fetching corpus: 5831, signal 222976/258401 (executing program) 2023/02/24 11:24:17 fetching corpus: 5881, signal 223513/258740 (executing program) 2023/02/24 11:24:17 fetching corpus: 5931, signal 223859/259067 (executing program) 2023/02/24 11:24:17 fetching corpus: 5981, signal 224499/259404 (executing program) 2023/02/24 11:24:17 fetching corpus: 6031, signal 224974/259750 (executing program) 2023/02/24 11:24:17 fetching corpus: 6081, signal 225667/260054 (executing program) 2023/02/24 11:24:17 fetching corpus: 6131, signal 226290/260379 (executing program) 2023/02/24 11:24:18 fetching corpus: 6181, signal 226709/260674 (executing program) 2023/02/24 11:24:18 fetching corpus: 6231, signal 227172/260966 (executing program) 2023/02/24 11:24:18 fetching corpus: 6281, signal 227730/261247 (executing program) 2023/02/24 11:24:18 fetching corpus: 6331, signal 228106/261481 (executing program) 2023/02/24 11:24:18 fetching corpus: 6381, signal 228820/261740 (executing program) 2023/02/24 11:24:18 fetching corpus: 6431, signal 229303/261976 (executing program) 2023/02/24 11:24:18 fetching corpus: 6481, signal 229698/262215 (executing program) 2023/02/24 11:24:18 fetching corpus: 6531, signal 230206/262240 (executing program) 2023/02/24 11:24:18 fetching corpus: 6581, signal 230775/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 6631, signal 231135/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 6681, signal 231572/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 6731, signal 232104/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 6781, signal 232534/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 6831, signal 232953/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 6881, signal 233538/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 6931, signal 234165/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 6981, signal 234588/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 7031, signal 234940/262240 (executing program) 2023/02/24 11:24:19 fetching corpus: 7081, signal 235339/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7131, signal 235953/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7181, signal 236292/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7231, signal 236833/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7281, signal 237251/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7331, signal 237761/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7381, signal 238226/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7431, signal 238855/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7481, signal 239245/262240 (executing program) 2023/02/24 11:24:20 fetching corpus: 7531, signal 239595/262240 (executing program) 2023/02/24 11:24:21 fetching corpus: 7581, signal 239982/262240 (executing program) 2023/02/24 11:24:21 fetching corpus: 7631, signal 240373/262240 (executing program) 2023/02/24 11:24:21 fetching corpus: 7681, signal 240706/262240 (executing program) 2023/02/24 11:24:21 fetching corpus: 7731, signal 241259/262240 (executing program) 2023/02/24 11:24:21 fetching corpus: 7781, signal 242064/262240 (executing program) 2023/02/24 11:24:21 fetching corpus: 7831, signal 242617/262240 (executing program) 2023/02/24 11:24:21 fetching corpus: 7881, signal 242951/262240 (executing program) 2023/02/24 11:24:21 fetching corpus: 7931, signal 243278/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 7981, signal 243631/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 8031, signal 244092/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 8081, signal 244469/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 8131, signal 244725/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 8181, signal 245262/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 8231, signal 245541/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 8281, signal 245911/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 8331, signal 246257/262240 (executing program) 2023/02/24 11:24:22 fetching corpus: 8381, signal 246638/262240 (executing program) 2023/02/24 11:24:23 fetching corpus: 8431, signal 247064/262240 (executing program) 2023/02/24 11:24:23 fetching corpus: 8481, signal 247362/262240 (executing program) 2023/02/24 11:24:23 fetching corpus: 8531, signal 247924/262240 (executing program) 2023/02/24 11:24:23 fetching corpus: 8581, signal 248558/262240 (executing program) 2023/02/24 11:24:23 fetching corpus: 8631, signal 248860/262240 (executing program) 2023/02/24 11:24:23 fetching corpus: 8681, signal 249191/262241 (executing program) 2023/02/24 11:24:23 fetching corpus: 8731, signal 249628/262241 (executing program) 2023/02/24 11:24:23 fetching corpus: 8781, signal 250021/262241 (executing program) 2023/02/24 11:24:23 fetching corpus: 8831, signal 250321/262241 (executing program) 2023/02/24 11:24:24 fetching corpus: 8881, signal 250759/262241 (executing program) 2023/02/24 11:24:24 fetching corpus: 8931, signal 251167/262241 (executing program) 2023/02/24 11:24:24 fetching corpus: 8981, signal 251467/262241 (executing program) 2023/02/24 11:24:24 fetching corpus: 9031, signal 251789/262241 (executing program) 2023/02/24 11:24:24 fetching corpus: 9081, signal 252033/262241 (executing program) 2023/02/24 11:24:24 fetching corpus: 9131, signal 252302/262241 (executing program) 2023/02/24 11:24:24 fetching corpus: 9181, signal 252787/262241 (executing program) 2023/02/24 11:24:24 fetching corpus: 9231, signal 253252/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9281, signal 253558/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9331, signal 253869/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9381, signal 254238/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9431, signal 254661/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9481, signal 254997/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9531, signal 255464/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9581, signal 255734/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9631, signal 256112/262241 (executing program) 2023/02/24 11:24:25 fetching corpus: 9681, signal 256557/262241 (executing program) 2023/02/24 11:24:26 fetching corpus: 9731, signal 257059/262241 (executing program) 2023/02/24 11:24:26 fetching corpus: 9781, signal 257798/262241 (executing program) 2023/02/24 11:24:26 fetching corpus: 9831, signal 258021/262241 (executing program) 2023/02/24 11:24:26 fetching corpus: 9881, signal 258335/262241 (executing program) 2023/02/24 11:24:26 fetching corpus: 9925, signal 258724/262241 (executing program) 2023/02/24 11:24:26 fetching corpus: 9925, signal 258724/262241 (executing program) 2023/02/24 11:24:28 starting 8 fuzzer processes 11:24:28 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x14, 0x0, 0x0) 11:24:28 executing program 1: r0 = gettid() setpriority(0x1, r0, 0x0) [ 73.846524] audit: type=1400 audit(1677237868.811:6): avc: denied { execmem } for pid=258 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:24:28 executing program 2: syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ftruncate(r0, 0x2) 11:24:28 executing program 3: creat(&(0x7f0000000000)='./file0\x00', 0x0) setxattr$security_selinux(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000300)='system_u:object_r:hald_log_t:s0\x00', 0x20, 0x0) 11:24:28 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) quotactl(0x0, 0x0, 0xee00, 0x0) 11:24:28 executing program 5: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x40800, 0x0) ioctl$BLKFRASET(r0, 0x1278, 0x0) 11:24:28 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_pgetevents(0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000300)=[{0x20, 0x0, 0x0, 0x3}, {0x6}]}, 0x10) 11:24:28 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x2a, 0x0, "76e67ed465702fea8894065981e3921f72ece3e5cbaa694c0dd5aa08ac7194507750a155ae9f8371365fd733baabf57d2e14bbada41a2b08ceea2929ad215839c2414502dbb7fbd52c5fce47538018d9"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) sendfile(r0, r1, 0x0, 0xffffffff) [ 75.161075] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.170265] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.171771] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.183689] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.185813] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.198518] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.204608] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 75.207019] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 75.212356] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 75.213824] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 75.215140] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 75.234215] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 75.244286] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 75.248166] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 75.249571] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 75.263594] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 75.267046] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 75.283316] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 75.340570] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 75.342066] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 75.342976] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 75.344614] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 75.345371] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 75.348126] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 75.349627] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 75.350602] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 75.351513] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 75.355664] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 75.357451] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 75.361599] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 75.362202] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 75.362953] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 75.366104] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 75.368111] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 75.368633] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 75.369322] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 75.373731] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 75.374366] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 75.375299] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 75.408217] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 75.416277] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 75.418073] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 77.239307] Bluetooth: hci0: command 0x0409 tx timeout [ 77.302924] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 77.304992] [ 77.305215] ====================================================== [ 77.305922] WARNING: possible circular locking dependency detected [ 77.306646] 6.2.0-next-20230224 #1 Not tainted [ 77.307174] ------------------------------------------------------ [ 77.311436] syz-executor.4/272 is trying to acquire lock: [ 77.312069] ffff8880147d4880 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: __flush_work+0xdd/0xd80 [ 77.313334] [ 77.313334] but task is already holding lock: [ 77.313999] ffff8880147d4920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 77.315092] [ 77.315092] which lock already depends on the new lock. [ 77.315092] [ 77.315994] [ 77.315994] the existing dependency chain (in reverse order) is: [ 77.316830] [ 77.316830] -> #1 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}: [ 77.317628] __mutex_lock+0x133/0x14a0 [ 77.318165] hci_cmd_sync_work+0x1e6/0x320 [ 77.318714] process_one_work+0xa0f/0x1790 [ 77.319275] worker_thread+0x63b/0x1260 [ 77.319807] kthread+0x2e9/0x3a0 [ 77.320263] ret_from_fork+0x2c/0x50 [ 77.320763] [ 77.320763] -> #0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}: [ 77.321692] __lock_acquire+0x2d56/0x6380 [ 77.322241] lock_acquire.part.0+0xea/0x320 [ 77.322823] __flush_work+0x109/0xd80 [ 77.323334] __cancel_work_timer+0x39c/0x4e0 [ 77.323898] hci_cmd_sync_clear+0x52/0x250 [ 77.324452] hci_unregister_dev+0xf9/0x410 [ 77.325021] vhci_release+0x80/0x100 [ 77.325533] __fput+0x263/0xa40 [ 77.325985] task_work_run+0x174/0x280 [ 77.326512] do_exit+0xad8/0x2800 [ 77.326985] do_group_exit+0xd4/0x2a0 [ 77.327487] __x64_sys_exit_group+0x3e/0x50 [ 77.328061] do_syscall_64+0x3f/0x90 [ 77.328544] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.329205] [ 77.329205] other info that might help us debug this: [ 77.329205] [ 77.330085] Possible unsafe locking scenario: [ 77.330085] [ 77.330784] CPU0 CPU1 [ 77.331296] ---- ---- [ 77.331813] lock(&hdev->cmd_sync_work_lock); [ 77.332341] lock((work_completion)(&hdev->cmd_sync_work)); [ 77.333283] lock(&hdev->cmd_sync_work_lock); [ 77.334107] lock((work_completion)(&hdev->cmd_sync_work)); [ 77.334768] [ 77.334768] *** DEADLOCK *** [ 77.334768] [ 77.335431] 1 lock held by syz-executor.4/272: [ 77.335951] #0: ffff8880147d4920 (&hdev->cmd_sync_work_lock){+.+.}-{3:3}, at: hci_cmd_sync_clear+0x45/0x250 [ 77.337109] [ 77.337109] stack backtrace: [ 77.337604] CPU: 0 PID: 272 Comm: syz-executor.4 Not tainted 6.2.0-next-20230224 #1 [ 77.338475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 77.339381] Call Trace: [ 77.339680] [ 77.339954] dump_stack_lvl+0x91/0xf0 [ 77.340393] check_noncircular+0x263/0x2e0 [ 77.340919] ? __pfx_check_noncircular+0x10/0x10 [ 77.341491] ? __pfx_mark_lock.part.0+0x10/0x10 [ 77.342060] __lock_acquire+0x2d56/0x6380 [ 77.342561] ? __pfx___lock_acquire+0x10/0x10 [ 77.343111] ? __pfx_register_lock_class+0x10/0x10 [ 77.343718] lock_acquire.part.0+0xea/0x320 [ 77.344233] ? __flush_work+0xdd/0xd80 [ 77.344727] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 77.345323] ? __flush_work+0xdd/0xd80 [ 77.345796] ? rcu_read_lock_sched_held+0x42/0x80 [ 77.346367] ? trace_lock_acquire+0x170/0x1e0 [ 77.346911] ? __flush_work+0xdd/0xd80 [ 77.347396] ? lock_acquire+0x32/0xc0 [ 77.347855] ? __flush_work+0xdd/0xd80 [ 77.348331] __flush_work+0x109/0xd80 [ 77.348806] ? __flush_work+0xdd/0xd80 [ 77.349282] ? __pfx_mark_lock.part.0+0x10/0x10 [ 77.349840] ? __pfx___flush_work+0x10/0x10 [ 77.350353] ? lock_acquire.part.0+0xea/0x320 [ 77.350899] ? hci_cmd_sync_clear+0x45/0x250 [ 77.351427] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 77.352022] ? hci_cmd_sync_clear+0x45/0x250 [ 77.352567] ? rcu_read_lock_sched_held+0x42/0x80 [ 77.353171] ? trace_lock_acquire+0x170/0x1e0 [ 77.353725] ? lock_is_held_type+0x9f/0x120 [ 77.354254] ? mark_held_locks+0x9e/0xe0 [ 77.354756] __cancel_work_timer+0x39c/0x4e0 [ 77.355285] ? __pfx___cancel_work_timer+0x10/0x10 [ 77.355864] ? __cancel_work_timer+0x2aa/0x4e0 [ 77.356386] ? __pfx___cancel_work_timer+0x10/0x10 [ 77.356971] ? lock_release+0x1e3/0x710 [ 77.357462] ? __pfx_lock_release+0x10/0x10 [ 77.357959] ? do_raw_write_lock+0x11e/0x3b0 [ 77.358484] ? __pfx_vhci_release+0x10/0x10 [ 77.359017] hci_cmd_sync_clear+0x52/0x250 [ 77.359524] ? __pfx_vhci_release+0x10/0x10 [ 77.360045] hci_unregister_dev+0xf9/0x410 [ 77.360550] vhci_release+0x80/0x100 [ 77.361021] __fput+0x263/0xa40 [ 77.361417] task_work_run+0x174/0x280 [ 77.361876] ? __pfx_task_work_run+0x10/0x10 [ 77.362403] ? do_raw_spin_unlock+0x53/0x220 [ 77.362931] do_exit+0xad8/0x2800 [ 77.363346] ? lock_release+0x1e3/0x710 [ 77.363843] ? __pfx_lock_release+0x10/0x10 [ 77.364368] ? do_raw_spin_lock+0x125/0x270 [ 77.364889] ? __pfx_do_exit+0x10/0x10 [ 77.365362] do_group_exit+0xd4/0x2a0 [ 77.365828] __x64_sys_exit_group+0x3e/0x50 [ 77.366355] do_syscall_64+0x3f/0x90 [ 77.366808] entry_SYSCALL_64_after_hwframe+0x72/0xdc [ 77.367410] RIP: 0033:0x7f258ef99b19 [ 77.367840] Code: Unable to access opcode bytes at 0x7f258ef99aef. [ 77.368537] RSP: 002b:00007ffe1378d078 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 77.369409] RAX: ffffffffffffffda RBX: 00007ffe1378d858 RCX: 00007f258ef99b19 [ 77.370201] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043 [ 77.371003] RBP: 0000000000000000 R08: 0000000000000026 R09: 00007ffe1378d858 [ 77.371779] R10: 0000000000000020 R11: 0000000000000246 R12: 00007f258eff3233 [ 77.372606] R13: 0000000000000002 R14: 0000000000000000 R15: 00000000000000f8 [ 77.373418] [ 77.374087] Bluetooth: hci6: command 0x0409 tx timeout [ 77.374712] Bluetooth: hci1: command 0x0409 tx timeout [ 77.375340] Bluetooth: hci2: command 0x0409 tx timeout [ 77.431014] Bluetooth: hci4: command 0x0409 tx timeout [ 77.431656] Bluetooth: hci7: command 0x0409 tx timeout [ 77.494875] Bluetooth: hci5: command 0x0409 tx timeout [ 79.286907] Bluetooth: hci0: command 0x041b tx timeout [ 79.414932] Bluetooth: hci2: command 0x041b tx timeout [ 79.415575] Bluetooth: hci1: command 0x041b tx timeout [ 79.416655] Bluetooth: hci6: command 0x041b tx timeout [ 79.478908] Bluetooth: hci7: command 0x041b tx timeout [ 79.479560] Bluetooth: hci4: command 0x041b tx timeout [ 79.542893] Bluetooth: hci5: command 0x041b tx timeout [ 81.334869] Bluetooth: hci0: command 0x040f tx timeout [ 81.462949] Bluetooth: hci6: command 0x040f tx timeout [ 81.463366] Bluetooth: hci1: command 0x040f tx timeout [ 81.463728] Bluetooth: hci2: command 0x040f tx timeout [ 81.526905] Bluetooth: hci4: command 0x040f tx timeout [ 81.527301] Bluetooth: hci7: command 0x040f tx timeout [ 81.590867] Bluetooth: hci5: command 0x040f tx timeout [ 82.806981] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 83.382893] Bluetooth: hci0: command 0x0419 tx timeout [ 83.510907] Bluetooth: hci2: command 0x0419 tx timeout [ 83.511631] Bluetooth: hci1: command 0x0419 tx timeout [ 83.512334] Bluetooth: hci6: command 0x0419 tx timeout [ 83.574979] Bluetooth: hci7: command 0x0419 tx timeout [ 83.575679] Bluetooth: hci4: command 0x0419 tx timeout [ 83.638950] Bluetooth: hci5: command 0x0419 tx timeout VM DIAGNOSIS: 11:24:32 Registers: info registers vcpu 0 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82502865 RDI=ffffffff87f10da0 RBP=ffffffff87f10d60 RSP=ffff8880169d7190 R8 =0000000000000001 R9 =000000000000000a R10=000000000000002d R11=0000000000000001 R12=000000000000002d R13=ffffffff87f10d60 R14=0000000000000010 R15=ffffffff82502850 RIP=ffffffff825028bd RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe17a972c000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe17a972a000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2a4564e790 CR3=00000000407d8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000ff000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806cf3dc80 RCX=00000000800d000d RDX=00000000800d000c RSI=ffffea00004e3100 RDI=ffffea00004e3100 RBP=ffff88800844f780 RSP=ffff888016b5f678 R8 =0000000000000000 R9 =00000000800d000d R10=ffff88800844f780 R11=0000000000000001 R12=00000000ffffffff R13=0000000000000246 R14=ffff8880138c4850 R15=ffff8880138c4850 RIP=ffffffff817f6eb7 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe02d66a8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe02d66a6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fddd21b2260 CR3=0000000016292000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=756e696c2d34365f3638782f62696c2f XMM01=2e6f747079726362696c2f756e672d78 XMM02=00312e312e6f732e6f74707972636269 XMM03=6c2f756e672d78756e696c2d34365f36 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000