Warning: Permanently added '[localhost]:46589' (ECDSA) to the list of known hosts. 2022/10/01 03:18:42 fuzzer started 2022/10/01 03:18:42 dialing manager at localhost:35095 syzkaller login: [ 36.670285] cgroup: Unknown subsys name 'net' [ 36.760080] cgroup: Unknown subsys name 'rlimit' 2022/10/01 03:18:57 syscalls: 2215 2022/10/01 03:18:57 code coverage: enabled 2022/10/01 03:18:57 comparison tracing: enabled 2022/10/01 03:18:57 extra coverage: enabled 2022/10/01 03:18:57 setuid sandbox: enabled 2022/10/01 03:18:57 namespace sandbox: enabled 2022/10/01 03:18:57 Android sandbox: enabled 2022/10/01 03:18:57 fault injection: enabled 2022/10/01 03:18:57 leak checking: enabled 2022/10/01 03:18:57 net packet injection: enabled 2022/10/01 03:18:57 net device setup: enabled 2022/10/01 03:18:57 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 03:18:57 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 03:18:57 USB emulation: enabled 2022/10/01 03:18:57 hci packet injection: enabled 2022/10/01 03:18:57 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 03:18:57 802.15.4 emulation: enabled 2022/10/01 03:18:57 fetching corpus: 0, signal 0/2000 (executing program) 2022/10/01 03:18:57 fetching corpus: 50, signal 22305/25779 (executing program) 2022/10/01 03:18:57 fetching corpus: 100, signal 30228/35162 (executing program) 2022/10/01 03:18:57 fetching corpus: 150, signal 38869/45044 (executing program) 2022/10/01 03:18:58 fetching corpus: 200, signal 48018/55285 (executing program) 2022/10/01 03:18:58 fetching corpus: 250, signal 55103/63371 (executing program) 2022/10/01 03:18:58 fetching corpus: 300, signal 59307/68592 (executing program) 2022/10/01 03:18:58 fetching corpus: 350, signal 64930/75047 (executing program) 2022/10/01 03:18:58 fetching corpus: 400, signal 70606/81360 (executing program) 2022/10/01 03:18:58 fetching corpus: 450, signal 76507/87787 (executing program) 2022/10/01 03:18:58 fetching corpus: 500, signal 79508/91518 (executing program) 2022/10/01 03:18:58 fetching corpus: 550, signal 83030/95583 (executing program) 2022/10/01 03:18:59 fetching corpus: 600, signal 84937/98315 (executing program) 2022/10/01 03:18:59 fetching corpus: 650, signal 86625/100687 (executing program) 2022/10/01 03:18:59 fetching corpus: 700, signal 90391/104816 (executing program) 2022/10/01 03:18:59 fetching corpus: 750, signal 94423/109112 (executing program) 2022/10/01 03:18:59 fetching corpus: 800, signal 96238/111494 (executing program) 2022/10/01 03:18:59 fetching corpus: 850, signal 98542/114201 (executing program) 2022/10/01 03:18:59 fetching corpus: 900, signal 100329/116539 (executing program) 2022/10/01 03:18:59 fetching corpus: 950, signal 102754/119266 (executing program) 2022/10/01 03:19:00 fetching corpus: 1000, signal 105055/121817 (executing program) 2022/10/01 03:19:00 fetching corpus: 1050, signal 107143/124215 (executing program) 2022/10/01 03:19:00 fetching corpus: 1100, signal 108654/126087 (executing program) 2022/10/01 03:19:00 fetching corpus: 1150, signal 109693/127566 (executing program) 2022/10/01 03:19:00 fetching corpus: 1200, signal 110564/128935 (executing program) 2022/10/01 03:19:00 fetching corpus: 1250, signal 112189/130795 (executing program) 2022/10/01 03:19:00 fetching corpus: 1300, signal 113456/132379 (executing program) 2022/10/01 03:19:00 fetching corpus: 1350, signal 114774/133963 (executing program) 2022/10/01 03:19:01 fetching corpus: 1400, signal 116457/135794 (executing program) 2022/10/01 03:19:01 fetching corpus: 1450, signal 117641/137256 (executing program) 2022/10/01 03:19:01 fetching corpus: 1500, signal 120439/139684 (executing program) 2022/10/01 03:19:01 fetching corpus: 1550, signal 122109/141373 (executing program) 2022/10/01 03:19:01 fetching corpus: 1600, signal 123653/142905 (executing program) 2022/10/01 03:19:01 fetching corpus: 1650, signal 124817/144170 (executing program) 2022/10/01 03:19:01 fetching corpus: 1700, signal 125592/145227 (executing program) 2022/10/01 03:19:01 fetching corpus: 1750, signal 127049/146618 (executing program) 2022/10/01 03:19:02 fetching corpus: 1800, signal 129102/148341 (executing program) 2022/10/01 03:19:02 fetching corpus: 1850, signal 130641/149730 (executing program) 2022/10/01 03:19:02 fetching corpus: 1900, signal 131881/150967 (executing program) 2022/10/01 03:19:02 fetching corpus: 1950, signal 132877/151998 (executing program) 2022/10/01 03:19:02 fetching corpus: 2000, signal 134492/153263 (executing program) 2022/10/01 03:19:02 fetching corpus: 2050, signal 135605/154433 (executing program) 2022/10/01 03:19:02 fetching corpus: 2100, signal 136275/155196 (executing program) 2022/10/01 03:19:02 fetching corpus: 2150, signal 138607/156688 (executing program) 2022/10/01 03:19:02 fetching corpus: 2200, signal 139523/157528 (executing program) 2022/10/01 03:19:02 fetching corpus: 2250, signal 140981/158626 (executing program) 2022/10/01 03:19:03 fetching corpus: 2300, signal 141889/159452 (executing program) 2022/10/01 03:19:03 fetching corpus: 2350, signal 142357/159994 (executing program) 2022/10/01 03:19:03 fetching corpus: 2400, signal 144099/161094 (executing program) 2022/10/01 03:19:03 fetching corpus: 2450, signal 145939/162223 (executing program) 2022/10/01 03:19:03 fetching corpus: 2500, signal 146883/162915 (executing program) 2022/10/01 03:19:03 fetching corpus: 2550, signal 148471/163875 (executing program) 2022/10/01 03:19:03 fetching corpus: 2600, signal 149658/164604 (executing program) 2022/10/01 03:19:04 fetching corpus: 2650, signal 150538/165249 (executing program) 2022/10/01 03:19:04 fetching corpus: 2700, signal 151935/166014 (executing program) 2022/10/01 03:19:04 fetching corpus: 2750, signal 153028/166654 (executing program) 2022/10/01 03:19:04 fetching corpus: 2800, signal 154806/167476 (executing program) 2022/10/01 03:19:04 fetching corpus: 2850, signal 155846/168019 (executing program) 2022/10/01 03:19:04 fetching corpus: 2900, signal 156326/168343 (executing program) 2022/10/01 03:19:04 fetching corpus: 2950, signal 157420/168880 (executing program) 2022/10/01 03:19:05 fetching corpus: 3000, signal 157821/169182 (executing program) 2022/10/01 03:19:05 fetching corpus: 3050, signal 158359/169535 (executing program) 2022/10/01 03:19:05 fetching corpus: 3100, signal 158923/169873 (executing program) 2022/10/01 03:19:05 fetching corpus: 3150, signal 159965/170271 (executing program) 2022/10/01 03:19:05 fetching corpus: 3200, signal 160642/170590 (executing program) 2022/10/01 03:19:05 fetching corpus: 3250, signal 161404/170904 (executing program) 2022/10/01 03:19:05 fetching corpus: 3300, signal 162294/171280 (executing program) 2022/10/01 03:19:05 fetching corpus: 3350, signal 163116/171551 (executing program) 2022/10/01 03:19:06 fetching corpus: 3400, signal 163768/171785 (executing program) 2022/10/01 03:19:06 fetching corpus: 3450, signal 164403/172026 (executing program) 2022/10/01 03:19:06 fetching corpus: 3500, signal 165175/172269 (executing program) 2022/10/01 03:19:06 fetching corpus: 3550, signal 165967/172511 (executing program) 2022/10/01 03:19:06 fetching corpus: 3600, signal 166587/172676 (executing program) 2022/10/01 03:19:06 fetching corpus: 3650, signal 167304/172885 (executing program) 2022/10/01 03:19:06 fetching corpus: 3700, signal 168052/173025 (executing program) 2022/10/01 03:19:06 fetching corpus: 3750, signal 168647/173142 (executing program) 2022/10/01 03:19:06 fetching corpus: 3800, signal 169389/173266 (executing program) 2022/10/01 03:19:07 fetching corpus: 3850, signal 169748/173342 (executing program) 2022/10/01 03:19:07 fetching corpus: 3891, signal 169999/173407 (executing program) 2022/10/01 03:19:07 fetching corpus: 3891, signal 169999/173446 (executing program) 2022/10/01 03:19:07 fetching corpus: 3891, signal 169999/173491 (executing program) 2022/10/01 03:19:07 fetching corpus: 3891, signal 169999/173547 (executing program) 2022/10/01 03:19:07 fetching corpus: 3891, signal 169999/173589 (executing program) 2022/10/01 03:19:07 fetching corpus: 3891, signal 169999/173638 (executing program) 2022/10/01 03:19:07 fetching corpus: 3891, signal 169999/173663 (executing program) 2022/10/01 03:19:07 fetching corpus: 3891, signal 169999/173663 (executing program) 2022/10/01 03:19:10 starting 8 fuzzer processes 03:19:10 executing program 0: syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff) socketpair(0x0, 0x0, 0x0, &(0x7f0000000300)) 03:19:10 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000003380)={0x0, 0x0, &(0x7f0000003340)={&(0x7f0000003300)={0x14, 0x4, 0x1, 0x101}, 0x14}}, 0x0) recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 03:19:10 executing program 2: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r0, 0x112, 0x10, 0x0, 0x0) 03:19:10 executing program 3: timer_create(0x0, 0x0, &(0x7f00000003c0)) timer_delete(0x0) [ 63.682726] audit: type=1400 audit(1664594350.080:6): avc: denied { execmem } for pid=287 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 03:19:10 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}, 0x40, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x40, &(0x7f0000000240)=0x0) r1 = eventfd2(0x8001, 0x0) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) io_cancel(0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x8, 0x8000, 0xffffffffffffffff, 0x0, 0x0, 0x9}, &(0x7f0000000300)) sync() 03:19:10 executing program 5: keyctl$reject(0x13, 0x0, 0x0, 0x200, 0x0) 03:19:10 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000007c00)=[{{&(0x7f0000000d40)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x8000) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000240), 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) setsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000180)={@multicast2, @private=0xac141400}, 0xc) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) setsockopt$inet_mreqn(r2, 0x0, 0x24, &(0x7f0000000180)={@multicast2, @private=0xac141400}, 0xc) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000700)={0x0, 0x0, 0x4, 0x0, '\x00', [{0x2780, 0x7f, 0x5, 0x4, 0x6c, 0x9}, {0x8, 0x2, 0x9, 0x3f, 0xe69, 0x4}], ['\x00', '\x00', '\x00', '\x00']}) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r3, 0x0, 0x24, &(0x7f0000000180)={@multicast2, @private=0xac141400}, 0xc) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000d80)={{r3}, 0x0, 0x6, @inherit={0x48, &(0x7f0000000900)={0x0, 0x0, 0x6b527d9c, 0x800, {0x0, 0x100000000, 0x81, 0x80}}}, @name="b9f21eb4ca3ae7833822c808c1467df2ac2cafb7f496b6c422b2801af668eb61bef33a332d73b1f4c3d4e9066bdf894e0f74fb92c0995618ef37c1eea9e540ad732c2608e7fde1c7ebd4a8b71b4f49735ecaa913f63248dd317e90dd2192594a8a967ba6ac1fedc70c2427b88bba7d5a2b7fd046371930c36845d6a0bb005c0396ce98f9db0211e235fd83d70df39a3392957c3133992bfde6c6f2b645e724eba7fd73529aa53a0204170d69550a6c99c3d628b9deb803e1ddcafb55caa56f4ce8a4f76072383b9339dec8b286d1a156ed7144be25da41b854ea1413cbd6f4d0eaea9f8d14026d3617261c199b2a27975f6a3ccd445aab514c4a1d36bf451ad3325174f563d3028cc159401f7c5798baf3f46f240b7802100e61f7070055e14b4135ec9e3474e6e4f17566f1bd4d7801583fcc5a125d4df613ede12d50df448750833eb1b011aca0d65f3cf873d13a0181807567aa23c887bf31cd394d826d7c42952bcc2ef8fc543cfccbf729ca98c269008018d5d179189b19d2fc2659e46ccfe36efa6fa9260f21df9c9d19e27752969470ede9d0d017afef390f952664f0996bfa00af3331e763637581f97b10643d9b4759b67e529555a78ade359d5526892fb275e5fc98f025c6a75078c4528b2fd5848df82576b0c2492ff5f9b81930d5c79a0432febf88f730c877f732ab29bed873ab310119482b2772ef45b526c181aa4a83a1c212a45109337cb4293a81e9d9fde091c61714882aba90247d6961bea85c2a06e63336a3f2ec78fa0d2eae93be30b3f20aaab32c985684f59980efbc2303759ff3872ccd8c01d66af9d7fab680edc3784316c00406a795afb7e3f4f39f343fa192a701a987398f80cb751aa8f24c1f62e4bd1f06bc16c260152b57b5a334ad8b86c53ced841f3ddcb0a7f4e1cb762f94c6c21546e3cd4683598fea7ebc9d57ebca97bcec58a6545fdf99c2ba437ef132f8116365f441961452c59afab941f478a3465fba7d5f1599b3f881a55a75e98f16c00036fc676251d4c7e859c8cf60900908acad45213de993ebabc551f8ce9e5dfca54eeae70e5e1b1e5227322b0d516b041d5f3991c8fab24eea98aa64283ba4a4f06e4d5efe2223762325e1397019cd5a50f351dd4162c5d457d203678204489f8821b805b74eefdd1898334b44b65f40c1da49b2f1ae1c31e059f8f047d04b45d376eac3c11b85cd0a4c2b7651967ad0d819452623ec4771d6e862c440b7a4a2b662a08f3ae46216b6509591819348c9ae946dadd40fd916849782fe460bd87cd82aceb2701d2037f877207d26404067987583db4018be5a116bf323487bb35256edb991f4d7cd5bdc57e60face92f4d4d5f31ec6a61ac152e9b7bd117c5f1bce2788c79866e7d20c8651455e593b525e1e0d29a8045c8265d7dcab6b9306021b89be655b7634d848516c052a802cf456009c46ce1896e7f5bed6f8be18ca40159c5ea17c66550d8d8194a1f4924d495cab7159ed6c375aea6f9aa6f32968f7d1c9a2247d6f97cf5a91e6d079981c3d197b8ea2ffce9fa199cf00bdf7c46cfa76be94d38f8a6d5deb38aa37c920ae2ef97dcaa6777eb5606b6e44a0b0718ad8f5902d4d64aa156a8307f448dca27ebdb46a84e198a471210aa758149838b3dfcf647ebf1a36e90c9d3a79af79d3992044a652ca41d69f51aee7865e3f56a57006c9e1d188bf8fbb24eb0a032c5da22b5fbde274912bf4ce704cea4057191a64e530a76f34d7f8c03cad2d0285c9d8b2ea96797ca553616720193db43e9ac55cb6cc5ad191dd9d5b3a41a1b21a184c71d0d10423bb496fc0f3ec895b184a11432aa554a5b80344e097a152f630485d203bbd62400b1795dd17d328f34ae60e5d4cbc61e78efaa8a5d086ec90aff3c9e3b2a62bb5f306ae528bbfb173ca6f67e691f81a0f88e18084c40ce1b1930e84aed07a47a1532aaf5c0775deeccb737aed35ee43ba88a9b61792b981dba24d472fe82aae015390f76ad7b33e6c79113c673fcfead06677a242aa9dec0c500e2cbffd73ffadca0bfa07122cb97e1c8e87f657b3529edbfa236ff6719eeb77a703a2f1ab1c44105d26ad29ab174e0ea697dd8189c6e612d74d603389a5f2598b95a55e3c1b74a032696109a4dd11634351a6459771907e8766e0fea211001842a13ee41efa1ee31db34e61f973d639d55d61e0ac7a1361282f2d86724d7419bb3ee6192dc41b5bc2c497da5f5e64729f641b47b4850ab6f2f9a2536918874c76485c7b49e609ebdb8d1e8dbd225823a605d56d711b872c37dee6a3f7b4ebf3e753bde72e4ee8282fd97633ab05afda5d4e9a4b2f2bc417b8282cedac17d38f18bcc788a7483126bff4a0773d5075050b4528f98a5f2b70fb50520cbe93b7f4854e45e2ce62eaaef6293c11bb5bd3d0cd08a37e92477f283769e53fbc6472aecaad81642259ca1d916a8ede3b124f5cf28ff9331ee880fe35b7b9b51df3e3f07d644c48166b5f8a840848178b9e3e3b1d6b6509dceb25bb994ef69b834456e50c63a65ca851c3771dd905c874f05066cdb2b7f8d5e082ce72d8e8297bfca033ec00ad2fd3210b3f65f6af6a70c2a49d24102426c08d08e3448301350751e43e4b425ea1b1313a6e285a19bb911d571201d30f28c62b77e78936c7502f6f4c607027d6b661a4c6d09c08d2d33d42dd26153a8e633bd3f6eb6d00712796a135f8277d7a57bd7f26dbad854000069f52c99d660973fa8ec73bdf65d52763ce0068ceff07cf154052221f4ddc01ce325e176c6be04e0cddfbdc2f7aed48f37ceed2657bd92dc633aaa9c793615b1ea93ff619a7d36fb7ecd273c3a90d485016c49ca4226823e1204c21e5909f7ce37a6cf53ce4a41c22e6c1d72cd6b2e5f397fe4c67cd58d8f97ab531b5a05123550160d57cf2cb59af373dcd9a8ddf87575077f76a70a4531529f0efe52ff28330ca0b56cbb98226f6b933e28cc63a2900731c2022d96e5032353d3b5cb59ca60218c5279ff197e62351afb1c50958bbdca13599c330b72e12d51e95aad798b0d4059911cde21883308505feffb99f4520b15c8864fb53ac37572fb9bff4eac075fb13c56c42c52eecc82619c54fe8a9289debd911e9d15369f47aa2b8edf38249cbf1a66ea45c88ea9c7c89f0f5f1c3b6aa26457b2a530e9ce5061ba5a5be984ea3574c210fc708498a4b52d1f4710d72f23848b2d1208ab7e913926864203a98d52bcfe1cd1bf2731c913772479d4e00ab7ee24382c7728f1d95c7f068e86e31c778bb450b4bfb207892ec9b9ad01d97d7a02b730e56fda37944cf28295c1a99a6bd7a7753b3c34b961826a7aed5007714ca88cb180198925643b7eac4ddc5b74eae299b97e34b3b57e0c68a53511ffa590dc19b364e3047e6c8cd9adad1cdbc2d07f34c7b398d0ea593816e830104bd843975126b11eba44bc46bf59f140007c54e809889121439303a744cb139e2125a396f17bae4765017265e73ef0b89c68faffdac1112a77ed1ebf3d9804e22f1962c61de456ace2db17d0882d3c93f0683c04b80099d9ed283c0632c16cd4549749b8ec99b5774776065f8e8120487acc5bbc5becc551b097f14e3083d8b83f8a93deacee99c3142c53ea0855e495b806ec2eb5e23d0c4407ae9c542eda1ebeb20a9ee272e29022ecb226a8ffcf5fec6c7ddb9d3567e0eea85ed08682561bc315e43619cef8794e387b80dc7371bb88ae419f76d6f24248f642d709e9dbad16db58b05f6f470ecb5f099a676db86b6116b2e7ac4669fed6775a4634b6a52291e24246263e0de4ea70f9588a1611631dec8eb053ea4920894d82e41323fb8247323e5716a06e94449667b8729d9674bfae781c950afa107d80fc8fb67cc9ad82b0c19733e534f357c8d7786db723122289aa7fa43e6c89b5323b06cb21218e9e0631c3536d3b5c4e5f24d806816e743406d4a07c18eca344cad8a3b48d0cb2d15889ecdbf901fcf1f8421ddd0fbcfd54fea4fac9f2b6276ddbf4f3fa687120ff5b6b43e05b1226db946969f7b0185e09f326ccaedfe26729c7a1df45ef10a68e0ff10909af3d125f7fe28457c98600a915d2e252ea8e1faa174cf3a4554852c6409c65d8a34d1a342253c2dd9870bec98e660d01132ef916548dd253146e91e8db196a1892b544366bc34dc8ca784ebdfdb9eabc617b419d4cf363d3786718d569941a61d404d245ee89019160ff57f63215d81095d4224ac3a3cf5ea8af961a4f8a91d0faeefe8fea0dd63c6398a570522ff65ee67e04ddb101ee619dc86feb6621fca5555c26cd7179fa5fbd61220af2ef3a4ce48e7eef520668a31a20909ad89cc51b2a6052a5b62fbfe1a545a81acc5763aeec2378ea10b880b5e2f2eb16b7c5c2de1f9e980384ab7d2037fb62893c5f23437934004f179b9b2a63856cf653ab1266645629de30272f6065388a72eacc4df5cf01eeaa51ce12082f82c68a3cf47ed0ecada24cfe02554889eb0059b26e524715b09222e2bfa7f0b7b72f70d42c497fe4a450e5c87a35d122745afe66b7b6a07f73a4ed943c4ad01ee63b64a133d2b9b4dbc97a19ccd0d64534efc617090af154164dc987c592eb6c0d15334fe2744757a39f81535d0a3c161310adcd3737d73af9c576ea30428ce1862a87b39956356bca6975d7098c047201e55b791775e6ef75e67350568c1d5b3fa954494906daba79d314570b79063a8edf3e12f532d0163bddd3a246e63cab53c758dc638b49e2df7b41c1892537d9f41475c13769004aa854cb3e8a779e42c59a69baffb2907fd6826073f0a21d99d8b972cbf3282b53089af4b6d3dbbc6d180ae2fcd7a846f6cbf3e6ed6eac22c42dd6c52f37bd7187141a7e41f2fdbebaa9eb5bc5f64ead5a3c8b278b4bb6580916c02297a1da28614bcd1887a7c025e1c8036af06fc066dd92d223cf199313561e8f50368386bd47d486e1c70d71251e97fa2f637ce2ad3f6e4b701c4aa22b5b2bd7a3995ce4887550b9f40f26b11faba8fcecc63850c98d7f2f303a38f90c04304428419d56b8b0ad68b5693adc046b8bd64eef947849ebc2bbd4fd51e8ed1db336db69215a9bafdcc496b8266921b5d1a92fc8a4c52dbe15cbc8e0788249d550c31a88d2c271c7e7bd2c43afeac2ff49df7b96bdddbf5d7176c64539ea340064d08c59f54b971ffdc6d467dc93bc3d2972920f900f528ba5ad512476b580011633d63a6086956a6fb5039e6d248e14b0448e8af116dd1020179e2abe1234ba1d3327bae83ac8e15b8ba2c227761add750d13ceaa083e7f8b29fd3fb608265d6c3bed373d648f68cc3c24f2e121c3951da8cc45b554726bea2185e41c55fa111ef1ac9eb6c4f85dd2902d2fc43b5ae28b9cacd0e3dcc82dc636816f44f8d49306a662a37dd8d03c316cc46d840817f24094e55b14560b947a278282391021385b52ed58fa86cd60398b4399903c54fa33e685bede69b23f4f5e18f4c3637f35c67e7667007c0026838bb6f8220564d000d877b4df082d3b305d9435cfb45dc3e4a459920ba4cc3443e5c61cd2574574aab81ad660d00611f2121de0e0e3ce4b1d6785874161258e69794f970ab260d3c96e103ac5aa6975e5b1768cc3a4fe83292505c5f3f2618664eb5529a25d54f95486ed276c79b99e64bbff9364440ff397e8d807f6d55b461a80e0d11a73753f674e38c4e0845b5a5bb229"}) 03:19:10 executing program 7: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c240)={0x0, 0x0, &(0x7f000000c200)={&(0x7f000000c180)={{0x14}, [], {0x14}}, 0x28}}, 0x0) [ 65.077582] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 65.079710] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 65.081563] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 65.083738] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 65.085413] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 65.087256] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 65.105471] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 65.107246] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 65.109561] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 65.110948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 65.112920] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 65.114278] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 65.115866] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 65.117973] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 65.119447] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 65.120830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 65.122727] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 65.124085] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 65.130916] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 65.133174] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 65.135842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 65.138472] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 65.140016] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 65.141390] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 65.142709] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 65.144762] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 65.147634] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 65.149449] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 65.149771] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 65.152167] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 65.152268] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 65.153640] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 65.155872] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 65.155953] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 65.162069] Bluetooth: hci0: HCI_REQ-0x0c1a [ 65.165099] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 65.169935] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 65.169992] Bluetooth: hci1: HCI_REQ-0x0c1a [ 65.171741] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 65.177046] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 65.177300] Bluetooth: hci4: HCI_REQ-0x0c1a [ 65.178263] Bluetooth: hci5: HCI_REQ-0x0c1a [ 65.183451] Bluetooth: hci3: HCI_REQ-0x0c1a [ 65.184958] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 65.207220] Bluetooth: hci2: HCI_REQ-0x0c1a [ 65.225022] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 65.225098] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 65.227977] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 65.231203] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 65.233458] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 65.234888] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 65.236750] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 65.238206] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 65.240092] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 65.245657] Bluetooth: hci6: HCI_REQ-0x0c1a [ 65.254630] Bluetooth: hci7: HCI_REQ-0x0c1a [ 67.189086] Bluetooth: hci0: command 0x0409 tx timeout [ 67.252649] Bluetooth: hci2: command 0x0409 tx timeout [ 67.254022] Bluetooth: hci5: command 0x0409 tx timeout [ 67.255151] Bluetooth: hci4: command 0x0409 tx timeout [ 67.256264] Bluetooth: hci3: command 0x0409 tx timeout [ 67.257357] Bluetooth: hci1: command 0x0409 tx timeout [ 67.316630] Bluetooth: hci7: command 0x0409 tx timeout [ 67.317869] Bluetooth: hci6: command 0x0409 tx timeout [ 69.237568] Bluetooth: hci0: command 0x041b tx timeout [ 69.301599] Bluetooth: hci1: command 0x041b tx timeout [ 69.302073] Bluetooth: hci3: command 0x041b tx timeout [ 69.302465] Bluetooth: hci4: command 0x041b tx timeout [ 69.302899] Bluetooth: hci5: command 0x041b tx timeout [ 69.303299] Bluetooth: hci2: command 0x041b tx timeout [ 69.365585] Bluetooth: hci6: command 0x041b tx timeout [ 69.366060] Bluetooth: hci7: command 0x041b tx timeout [ 71.285554] Bluetooth: hci0: command 0x040f tx timeout [ 71.349669] Bluetooth: hci2: command 0x040f tx timeout [ 71.350146] Bluetooth: hci5: command 0x040f tx timeout [ 71.350567] Bluetooth: hci4: command 0x040f tx timeout [ 71.350961] Bluetooth: hci3: command 0x040f tx timeout [ 71.351353] Bluetooth: hci1: command 0x040f tx timeout [ 71.413566] Bluetooth: hci7: command 0x040f tx timeout [ 71.414048] Bluetooth: hci6: command 0x040f tx timeout [ 73.333599] Bluetooth: hci0: command 0x0419 tx timeout [ 73.396614] Bluetooth: hci1: command 0x0419 tx timeout [ 73.397084] Bluetooth: hci3: command 0x0419 tx timeout [ 73.397481] Bluetooth: hci4: command 0x0419 tx timeout [ 73.397915] Bluetooth: hci5: command 0x0419 tx timeout [ 73.398306] Bluetooth: hci2: command 0x0419 tx timeout [ 73.461628] Bluetooth: hci6: command 0x0419 tx timeout [ 73.462110] Bluetooth: hci7: command 0x0419 tx timeout 03:20:05 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000003380)={0x0, 0x0, &(0x7f0000003340)={&(0x7f0000003300)={0x14, 0x4, 0x1, 0x101}, 0x14}}, 0x0) recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 03:20:05 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000003380)={0x0, 0x0, &(0x7f0000003340)={&(0x7f0000003300)={0x14, 0x4, 0x1, 0x101}, 0x14}}, 0x0) recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 03:20:06 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000003380)={0x0, 0x0, &(0x7f0000003340)={&(0x7f0000003300)={0x14, 0x4, 0x1, 0x101}, 0x14}}, 0x0) recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 03:20:06 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000003380)={0x0, 0x0, &(0x7f0000003340)={&(0x7f0000003300)={0x14, 0x4, 0x1, 0x101}, 0x14}}, 0x0) recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 03:20:06 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000003380)={0x0, 0x0, &(0x7f0000003340)={&(0x7f0000003300)={0x14, 0x4, 0x1, 0x101}, 0x14}}, 0x0) recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 03:20:06 executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000003380)={0x0, 0x0, &(0x7f0000003340)={&(0x7f0000003300)={0x14, 0x4, 0x1, 0x101}, 0x14}}, 0x0) recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0) 03:20:07 executing program 1: syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x21, 0x0, @multicast1, @multicast1}, {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, "6c5ea7"}}}}}}, 0x0) 03:20:07 executing program 1: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000003e80), 0x8) [ 123.532538] audit: type=1400 audit(1664594409.930:7): avc: denied { open } for pid=3950 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.534386] audit: type=1400 audit(1664594409.930:8): avc: denied { kernel } for pid=3950 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 123.545129] ------------[ cut here ]------------ [ 123.545150] [ 123.545153] ====================================================== [ 123.545157] WARNING: possible circular locking dependency detected [ 123.545161] 6.0.0-rc7-next-20220930 #1 Not tainted [ 123.545168] ------------------------------------------------------ [ 123.545171] syz-executor.4/3951 is trying to acquire lock: [ 123.545178] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 123.545220] [ 123.545220] but task is already holding lock: [ 123.545223] ffff8880183f0020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 123.545250] [ 123.545250] which lock already depends on the new lock. [ 123.545250] [ 123.545253] [ 123.545253] the existing dependency chain (in reverse order) is: [ 123.545256] [ 123.545256] -> #3 (&ctx->lock){....}-{2:2}: [ 123.545270] _raw_spin_lock+0x2a/0x40 [ 123.545282] __perf_event_task_sched_out+0x53b/0x18d0 [ 123.545293] __schedule+0xedd/0x2470 [ 123.545307] schedule+0xda/0x1b0 [ 123.545320] futex_wait_queue+0xf5/0x1e0 [ 123.545333] futex_wait+0x28e/0x690 [ 123.545343] do_futex+0x2ff/0x380 [ 123.545352] __x64_sys_futex+0x1c6/0x4d0 [ 123.545362] do_syscall_64+0x3b/0x90 [ 123.545380] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.545392] [ 123.545392] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 123.545406] _raw_spin_lock_nested+0x30/0x40 [ 123.545416] raw_spin_rq_lock_nested+0x1e/0x30 [ 123.545430] task_fork_fair+0x63/0x4d0 [ 123.545446] sched_cgroup_fork+0x3d0/0x540 [ 123.545461] copy_process+0x4183/0x6e20 [ 123.545471] kernel_clone+0xe7/0x890 [ 123.545481] user_mode_thread+0xad/0xf0 [ 123.545491] rest_init+0x24/0x250 [ 123.545502] arch_call_rest_init+0xf/0x14 [ 123.545520] start_kernel+0x4c6/0x4eb [ 123.545535] secondary_startup_64_no_verify+0xe0/0xeb [ 123.545550] [ 123.545550] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 123.545563] _raw_spin_lock_irqsave+0x39/0x60 [ 123.545574] try_to_wake_up+0xab/0x1930 [ 123.545587] up+0x75/0xb0 [ 123.545600] __up_console_sem+0x6e/0x80 [ 123.545617] console_unlock+0x46a/0x590 [ 123.545632] vt_ioctl+0x2822/0x2ca0 [ 123.545644] tty_ioctl+0x785/0x16b0 [ 123.545655] __x64_sys_ioctl+0x19a/0x210 [ 123.545669] do_syscall_64+0x3b/0x90 [ 123.545685] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.545697] [ 123.545697] -> #0 ((console_sem).lock){....}-{2:2}: [ 123.545711] __lock_acquire+0x2a02/0x5e70 [ 123.545728] lock_acquire+0x1a2/0x530 [ 123.545744] _raw_spin_lock_irqsave+0x39/0x60 [ 123.545754] down_trylock+0xe/0x70 [ 123.545769] __down_trylock_console_sem+0x3b/0xd0 [ 123.545785] vprintk_emit+0x16b/0x560 [ 123.545806] vprintk+0x84/0xa0 [ 123.545828] _printk+0xba/0xf1 [ 123.545844] report_bug.cold+0x72/0xab [ 123.545866] handle_bug+0x3c/0x70 [ 123.545889] exc_invalid_op+0x14/0x50 [ 123.545906] asm_exc_invalid_op+0x16/0x20 [ 123.545918] group_sched_out.part.0+0x2c7/0x460 [ 123.545936] ctx_sched_out+0x8f1/0xc10 [ 123.545953] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.545963] __schedule+0xedd/0x2470 [ 123.545977] schedule+0xda/0x1b0 [ 123.545990] futex_wait_queue+0xf5/0x1e0 [ 123.546000] futex_wait+0x28e/0x690 [ 123.546010] do_futex+0x2ff/0x380 [ 123.546019] __x64_sys_futex+0x1c6/0x4d0 [ 123.546029] do_syscall_64+0x3b/0x90 [ 123.546046] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.546058] [ 123.546058] other info that might help us debug this: [ 123.546058] [ 123.546061] Chain exists of: [ 123.546061] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 123.546061] [ 123.546076] Possible unsafe locking scenario: [ 123.546076] [ 123.546079] CPU0 CPU1 [ 123.546081] ---- ---- [ 123.546084] lock(&ctx->lock); [ 123.546089] lock(&rq->__lock); [ 123.546096] lock(&ctx->lock); [ 123.546102] lock((console_sem).lock); [ 123.546107] [ 123.546107] *** DEADLOCK *** [ 123.546107] [ 123.546109] 2 locks held by syz-executor.4/3951: [ 123.546116] #0: ffff88806cf37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 123.546145] #1: ffff8880183f0020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 123.546171] [ 123.546171] stack backtrace: [ 123.546174] CPU: 1 PID: 3951 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220930 #1 [ 123.546187] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.546195] Call Trace: [ 123.546198] [ 123.546202] dump_stack_lvl+0x8b/0xb3 [ 123.546221] check_noncircular+0x263/0x2e0 [ 123.546237] ? format_decode+0x26c/0xb50 [ 123.546254] ? print_circular_bug+0x450/0x450 [ 123.546270] ? simple_strtoul+0x30/0x30 [ 123.546286] ? format_decode+0x26c/0xb50 [ 123.546303] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 123.546320] __lock_acquire+0x2a02/0x5e70 [ 123.546342] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 123.546371] lock_acquire+0x1a2/0x530 [ 123.546387] ? down_trylock+0xe/0x70 [ 123.546404] ? lock_release+0x750/0x750 [ 123.546425] ? vprintk+0x84/0xa0 [ 123.546442] _raw_spin_lock_irqsave+0x39/0x60 [ 123.546454] ? down_trylock+0xe/0x70 [ 123.546469] down_trylock+0xe/0x70 [ 123.546485] ? vprintk+0x84/0xa0 [ 123.546502] __down_trylock_console_sem+0x3b/0xd0 [ 123.546519] vprintk_emit+0x16b/0x560 [ 123.546538] vprintk+0x84/0xa0 [ 123.546555] _printk+0xba/0xf1 [ 123.546566] ? record_print_text.cold+0x16/0x16 [ 123.546582] ? report_bug.cold+0x66/0xab [ 123.546600] ? group_sched_out.part.0+0x2c7/0x460 [ 123.546618] report_bug.cold+0x72/0xab [ 123.546637] handle_bug+0x3c/0x70 [ 123.546654] exc_invalid_op+0x14/0x50 [ 123.546672] asm_exc_invalid_op+0x16/0x20 [ 123.546685] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.546705] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.546717] RSP: 0018:ffff88803da5f8f8 EFLAGS: 00010006 [ 123.546726] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.546734] RDX: ffff888015cc9ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 123.546741] RBP: ffff88803f248000 R08: 0000000000000005 R09: 0000000000000001 [ 123.546749] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff8880183f0000 [ 123.546756] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 123.546767] ? group_sched_out.part.0+0x2c7/0x460 [ 123.546787] ? group_sched_out.part.0+0x2c7/0x460 [ 123.546807] ctx_sched_out+0x8f1/0xc10 [ 123.546826] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.546840] ? lock_is_held_type+0xd7/0x130 [ 123.546854] ? __perf_cgroup_move+0x160/0x160 [ 123.546865] ? set_next_entity+0x304/0x550 [ 123.546885] ? lock_is_held_type+0xd7/0x130 [ 123.546899] __schedule+0xedd/0x2470 [ 123.546915] ? io_schedule_timeout+0x150/0x150 [ 123.546931] ? futex_wait_setup+0x166/0x230 [ 123.546945] schedule+0xda/0x1b0 [ 123.546960] futex_wait_queue+0xf5/0x1e0 [ 123.546972] futex_wait+0x28e/0x690 [ 123.546985] ? futex_wait_setup+0x230/0x230 [ 123.546998] ? wake_up_q+0x8b/0xf0 [ 123.547011] ? do_raw_spin_unlock+0x4f/0x220 [ 123.547030] ? futex_wake+0x158/0x490 [ 123.547047] ? fd_install+0x1f9/0x640 [ 123.547062] do_futex+0x2ff/0x380 [ 123.547073] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 123.547089] __x64_sys_futex+0x1c6/0x4d0 [ 123.547102] ? __x64_sys_futex_time32+0x480/0x480 [ 123.547115] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.547129] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.547144] do_syscall_64+0x3b/0x90 [ 123.547162] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.547175] RIP: 0033:0x7f3c336a8b19 [ 123.547183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.547194] RSP: 002b:00007f3c30c1e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.547205] RAX: ffffffffffffffda RBX: 00007f3c337bbf68 RCX: 00007f3c336a8b19 [ 123.547212] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3c337bbf68 [ 123.547219] RBP: 00007f3c337bbf60 R08: 0000000000000000 R09: 0000000000000000 [ 123.547226] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3c337bbf6c [ 123.547233] R13: 00007ffd3814a56f R14: 00007f3c30c1e300 R15: 0000000000022000 [ 123.547246] [ 123.660089] WARNING: CPU: 1 PID: 3951 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 123.661394] Modules linked in: [ 123.661877] CPU: 1 PID: 3951 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220930 #1 [ 123.663109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 123.664800] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 123.665629] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 0b 18 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 123.668254] RSP: 0018:ffff88803da5f8f8 EFLAGS: 00010006 [ 123.669018] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 123.670021] RDX: ffff888015cc9ac0 RSI: ffffffff81565dc7 RDI: 0000000000000005 [ 123.671119] RBP: ffff88803f248000 R08: 0000000000000005 R09: 0000000000000001 [ 123.672205] R10: 0000000000000000 R11: ffffffff865b405b R12: ffff8880183f0000 [ 123.673298] R13: ffff88806cf3d2c0 R14: ffffffff8547d000 R15: 0000000000000002 [ 123.674412] FS: 00007f3c30c1e700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 123.675517] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 123.676410] CR2: 00007fd23f80ba40 CR3: 000000001def8000 CR4: 0000000000350ee0 [ 123.677515] Call Trace: [ 123.677882] [ 123.678207] ctx_sched_out+0x8f1/0xc10 [ 123.678810] __perf_event_task_sched_out+0x6d0/0x18d0 [ 123.679609] ? lock_is_held_type+0xd7/0x130 [ 123.680279] ? __perf_cgroup_move+0x160/0x160 [ 123.680946] ? set_next_entity+0x304/0x550 [ 123.681554] ? lock_is_held_type+0xd7/0x130 [ 123.682228] __schedule+0xedd/0x2470 [ 123.682837] ? io_schedule_timeout+0x150/0x150 [ 123.683553] ? futex_wait_setup+0x166/0x230 [ 123.684233] schedule+0xda/0x1b0 [ 123.684780] futex_wait_queue+0xf5/0x1e0 [ 123.685417] futex_wait+0x28e/0x690 [ 123.685960] ? futex_wait_setup+0x230/0x230 [ 123.686585] ? wake_up_q+0x8b/0xf0 [ 123.687154] ? do_raw_spin_unlock+0x4f/0x220 [ 123.687868] ? futex_wake+0x158/0x490 [ 123.688476] ? fd_install+0x1f9/0x640 [ 123.689082] do_futex+0x2ff/0x380 [ 123.689641] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 123.690461] __x64_sys_futex+0x1c6/0x4d0 [ 123.691092] ? __x64_sys_futex_time32+0x480/0x480 [ 123.691849] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.692657] ? syscall_enter_from_user_mode+0x1d/0x50 [ 123.693379] do_syscall_64+0x3b/0x90 [ 123.693963] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 123.694775] RIP: 0033:0x7f3c336a8b19 [ 123.695359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 123.698038] RSP: 002b:00007f3c30c1e218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 123.699217] RAX: ffffffffffffffda RBX: 00007f3c337bbf68 RCX: 00007f3c336a8b19 [ 123.700319] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3c337bbf68 [ 123.701315] RBP: 00007f3c337bbf60 R08: 0000000000000000 R09: 0000000000000000 [ 123.702390] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3c337bbf6c [ 123.703490] R13: 00007ffd3814a56f R14: 00007f3c30c1e300 R15: 0000000000022000 [ 123.704609] [ 123.704936] irq event stamp: 672 [ 123.705386] hardirqs last enabled at (671): [] syscall_enter_from_user_mode+0x1d/0x50 [ 123.706827] hardirqs last disabled at (672): [] __schedule+0x1225/0x2470 [ 123.708119] softirqs last enabled at (494): [] __irq_exit_rcu+0x11b/0x180 [ 123.709341] softirqs last disabled at (485): [] __irq_exit_rcu+0x11b/0x180 [ 123.710511] ---[ end trace 0000000000000000 ]--- [ 126.270722] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 126.275902] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 126.279398] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 126.290959] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 126.293909] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 126.295265] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 126.299655] Bluetooth: hci3: HCI_REQ-0x0c1a [ 128.308549] Bluetooth: hci3: command 0x0409 tx timeout [ 128.372574] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 128.373709] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 130.356569] Bluetooth: hci3: command 0x041b tx timeout [ 132.404559] Bluetooth: hci3: command 0x040f tx timeout [ 132.596549] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 132.660537] Bluetooth: hci5: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 03:20:10 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88806cf3d5e0 RCX=0000000000000000 RDX=ffff88803daa8000 RSI=ffffffff813bbaa7 RDI=0000000000000005 RBP=0000000000000001 RSP=ffff88803f2ef958 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=0000000000000003 R13=ffffed100d9e7abd R14=ffff88806cf3d5e8 R15=0000000000000001 RIP=ffffffff813bbaa9 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00005555572fc400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f3c337b0d5c CR3=000000001def8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f3c3378f7c0 00007f3c3378f7c8 YMM02=0000000000000000 0000000000000000 00007f3c3378f7e0 00007f3c3378f7c0 YMM03=0000000000000000 0000000000000000 00007f3c3378f7c8 00007f3c3378f7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88803da5f340 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000038 R11=0000000000000001 R12=0000000000000038 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3c30c1e700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd23f80ba40 CR3=000000001def8000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f3c3378f7c0 00007f3c3378f7c8 YMM02=0000000000000000 0000000000000000 00007f3c3378f7e0 00007f3c3378f7c0 YMM03=0000000000000000 0000000000000000 00007f3c3378f7c8 00007f3c3378f7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000