
Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:17576' (ECDSA) to the list of known hosts.
2022/09/13 14:26:41 fuzzer started
2022/09/13 14:26:42 dialing manager at localhost:36597
syzkaller login: [   40.070242] cgroup: Unknown subsys name 'net'
[   40.165776] cgroup: Unknown subsys name 'rlimit'
2022/09/13 14:26:57 syscalls: 2215
2022/09/13 14:26:57 code coverage: enabled
2022/09/13 14:26:57 comparison tracing: enabled
2022/09/13 14:26:57 extra coverage: enabled
2022/09/13 14:26:57 setuid sandbox: enabled
2022/09/13 14:26:57 namespace sandbox: enabled
2022/09/13 14:26:57 Android sandbox: enabled
2022/09/13 14:26:57 fault injection: enabled
2022/09/13 14:26:57 leak checking: enabled
2022/09/13 14:26:57 net packet injection: enabled
2022/09/13 14:26:57 net device setup: enabled
2022/09/13 14:26:57 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/13 14:26:57 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/13 14:26:57 USB emulation: enabled
2022/09/13 14:26:57 hci packet injection: enabled
2022/09/13 14:26:57 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220913                                          )
2022/09/13 14:26:57 802.15.4 emulation: enabled
2022/09/13 14:26:57 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/13 14:26:57 fetching corpus: 39, signal 25079/28568 (executing program)
2022/09/13 14:26:58 fetching corpus: 89, signal 45765/50419 (executing program)
2022/09/13 14:26:58 fetching corpus: 139, signal 54646/60491 (executing program)
2022/09/13 14:26:58 fetching corpus: 189, signal 62329/69230 (executing program)
2022/09/13 14:26:58 fetching corpus: 239, signal 67872/75860 (executing program)
2022/09/13 14:26:58 fetching corpus: 289, signal 73446/82348 (executing program)
2022/09/13 14:26:58 fetching corpus: 339, signal 76441/86397 (executing program)
2022/09/13 14:26:59 fetching corpus: 388, signal 82722/93365 (executing program)
2022/09/13 14:26:59 fetching corpus: 436, signal 88263/99560 (executing program)
2022/09/13 14:26:59 fetching corpus: 486, signal 92942/104880 (executing program)
2022/09/13 14:26:59 fetching corpus: 536, signal 98269/110657 (executing program)
2022/09/13 14:26:59 fetching corpus: 586, signal 102012/114986 (executing program)
2022/09/13 14:26:59 fetching corpus: 636, signal 105625/119155 (executing program)
2022/09/13 14:27:00 fetching corpus: 686, signal 107659/121877 (executing program)
2022/09/13 14:27:00 fetching corpus: 736, signal 109631/124458 (executing program)
2022/09/13 14:27:00 fetching corpus: 786, signal 112098/127439 (executing program)
2022/09/13 14:27:00 fetching corpus: 836, signal 113704/129640 (executing program)
2022/09/13 14:27:00 fetching corpus: 886, signal 115516/132011 (executing program)
2022/09/13 14:27:00 fetching corpus: 936, signal 118068/134881 (executing program)
2022/09/13 14:27:00 fetching corpus: 986, signal 121627/138621 (executing program)
2022/09/13 14:27:01 fetching corpus: 1036, signal 123842/141185 (executing program)
2022/09/13 14:27:01 fetching corpus: 1086, signal 125214/143080 (executing program)
2022/09/13 14:27:01 fetching corpus: 1136, signal 126277/144655 (executing program)
2022/09/13 14:27:01 fetching corpus: 1186, signal 128086/146767 (executing program)
2022/09/13 14:27:01 fetching corpus: 1236, signal 130273/149133 (executing program)
2022/09/13 14:27:01 fetching corpus: 1286, signal 132700/151619 (executing program)
2022/09/13 14:27:01 fetching corpus: 1336, signal 134696/153725 (executing program)
2022/09/13 14:27:01 fetching corpus: 1386, signal 137279/156226 (executing program)
2022/09/13 14:27:02 fetching corpus: 1436, signal 139712/158609 (executing program)
2022/09/13 14:27:02 fetching corpus: 1486, signal 141212/160322 (executing program)
2022/09/13 14:27:02 fetching corpus: 1536, signal 143098/162223 (executing program)
2022/09/13 14:27:02 fetching corpus: 1586, signal 145794/164628 (executing program)
2022/09/13 14:27:02 fetching corpus: 1636, signal 147607/166435 (executing program)
2022/09/13 14:27:02 fetching corpus: 1686, signal 149368/168247 (executing program)
2022/09/13 14:27:03 fetching corpus: 1736, signal 150575/169560 (executing program)
2022/09/13 14:27:03 fetching corpus: 1786, signal 152106/171014 (executing program)
2022/09/13 14:27:03 fetching corpus: 1836, signal 153691/172545 (executing program)
2022/09/13 14:27:03 fetching corpus: 1886, signal 155394/174075 (executing program)
2022/09/13 14:27:03 fetching corpus: 1936, signal 156703/175426 (executing program)
2022/09/13 14:27:03 fetching corpus: 1986, signal 157854/176582 (executing program)
2022/09/13 14:27:03 fetching corpus: 2036, signal 159036/177763 (executing program)
2022/09/13 14:27:04 fetching corpus: 2086, signal 160624/179123 (executing program)
2022/09/13 14:27:04 fetching corpus: 2136, signal 161897/180278 (executing program)
2022/09/13 14:27:04 fetching corpus: 2186, signal 162932/181335 (executing program)
2022/09/13 14:27:04 fetching corpus: 2236, signal 163507/182037 (executing program)
2022/09/13 14:27:04 fetching corpus: 2286, signal 164484/182993 (executing program)
2022/09/13 14:27:04 fetching corpus: 2336, signal 165758/184088 (executing program)
2022/09/13 14:27:05 fetching corpus: 2386, signal 167455/185388 (executing program)
2022/09/13 14:27:05 fetching corpus: 2436, signal 168196/186195 (executing program)
2022/09/13 14:27:05 fetching corpus: 2486, signal 169188/187053 (executing program)
2022/09/13 14:27:05 fetching corpus: 2536, signal 171064/188347 (executing program)
2022/09/13 14:27:05 fetching corpus: 2586, signal 172363/189326 (executing program)
2022/09/13 14:27:05 fetching corpus: 2636, signal 174108/190549 (executing program)
2022/09/13 14:27:06 fetching corpus: 2686, signal 175285/191413 (executing program)
2022/09/13 14:27:06 fetching corpus: 2736, signal 178092/192969 (executing program)
2022/09/13 14:27:06 fetching corpus: 2786, signal 179491/193793 (executing program)
2022/09/13 14:27:06 fetching corpus: 2836, signal 180258/194412 (executing program)
2022/09/13 14:27:06 fetching corpus: 2886, signal 180891/194910 (executing program)
2022/09/13 14:27:06 fetching corpus: 2936, signal 181594/195478 (executing program)
2022/09/13 14:27:06 fetching corpus: 2986, signal 182871/196236 (executing program)
2022/09/13 14:27:07 fetching corpus: 3036, signal 183863/196834 (executing program)
2022/09/13 14:27:07 fetching corpus: 3086, signal 184425/197277 (executing program)
2022/09/13 14:27:07 fetching corpus: 3136, signal 184913/197647 (executing program)
2022/09/13 14:27:07 fetching corpus: 3186, signal 185606/198084 (executing program)
2022/09/13 14:27:07 fetching corpus: 3236, signal 186450/198648 (executing program)
2022/09/13 14:27:07 fetching corpus: 3286, signal 187777/199304 (executing program)
2022/09/13 14:27:07 fetching corpus: 3336, signal 188754/199822 (executing program)
2022/09/13 14:27:08 fetching corpus: 3386, signal 189526/200247 (executing program)
2022/09/13 14:27:08 fetching corpus: 3436, signal 190371/200658 (executing program)
2022/09/13 14:27:08 fetching corpus: 3486, signal 191282/201086 (executing program)
2022/09/13 14:27:08 fetching corpus: 3536, signal 193152/201780 (executing program)
2022/09/13 14:27:08 fetching corpus: 3586, signal 194480/202310 (executing program)
2022/09/13 14:27:08 fetching corpus: 3636, signal 195763/202774 (executing program)
2022/09/13 14:27:09 fetching corpus: 3686, signal 196484/203075 (executing program)
2022/09/13 14:27:09 fetching corpus: 3736, signal 197244/203350 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/203474 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/203543 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/203614 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/203683 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/203767 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/203852 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/203942 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204012 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204091 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204175 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204257 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204327 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204408 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204488 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204560 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204625 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204713 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204797 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204870 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/204957 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/205036 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/205106 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/205184 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/205242 (executing program)
2022/09/13 14:27:09 fetching corpus: 3759, signal 197394/205242 (executing program)
2022/09/13 14:27:12 starting 8 fuzzer processes
14:27:12 executing program 0:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
memfd_secret(0x0)

14:27:12 executing program 1:
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
name_to_handle_at(r0, &(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x4, 0x401}}, &(0x7f0000000180), 0x1000)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000480)}}, 0x0, 0xffffffefffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x100000, 0xe, &(0x7f0000000200)=[{&(0x7f0000010000)="200000000002000019000000500100000f000000000000000100000005000000000004000040000020000000dbf4655fdbf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000008000000018000000c20500002b0200"/116, 0x74, 0x400}, {&(0x7f0000010100)="000000000000000000000000244b8e9b57f04b59aa229cc218853f9501004000", 0x20, 0x4e0}, {&(0x7f0000010200)="010000000000050040", 0x9, 0x560}, {&(0x7f0000010300)="020000000300000004000000", 0xc, 0x800}, {&(0x7f0000010400), 0x0, 0x1000}, {&(0x7f0000011500)="ed41000000080000dbf4655fdbf4655fdbf4655f00000000000004004000", 0x1e, 0x2080}, {0x0}, {0x0}, {&(0x7f0000011c00)="0b0000000c0001022e00000002000000f40702022e2e0000000000", 0x1b, 0x10000}, {0x0}, {0x0}, {&(0x7f0000012400)="504d4d00504d4dffdbf4655f00000000647679756b6f762d676c6170746f70320000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006c6f6f7033340075782f746573742f73797a5f6d6f756e745f696d6167655f650500"/123, 0x7b, 0x20000}, {0x0}, {0x0, 0x0, 0x38000}], 0x0, &(0x7f0000012f00))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup3(r1, r2, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_sset_info={0x13}})

14:27:12 executing program 2:
r0 = syz_mount_image$tmpfs(&(0x7f00000006c0), &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[])
r1 = openat(r0, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
fallocate(r1, 0x0, 0x0, 0x6)
write$9p(r1, &(0x7f0000000280)='S', 0x1)

14:27:12 executing program 3:
request_key(&(0x7f00000000c0)='cifs.spnego\x00', &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000140)='@0\'{#.!}!\\\x00', 0xfffffffffffffffa)

14:27:12 executing program 4:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getpgrp(0x0)

[   68.751236] audit: type=1400 audit(1663079232.319:6): avc:  denied  { execmem } for  pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
14:27:12 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x1e, 0x1, 0x0, 0x0, "", [@typed={0x2, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

14:27:12 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}, 0x18292}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

14:27:12 executing program 7:
r0 = socket$packet(0x11, 0x3, 0x300)
getpeername(r0, 0x0, 0x0)

[   70.032844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   70.035473] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   70.037018] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   70.040862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   70.043196] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   70.045267] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   70.051749] Bluetooth: hci0: HCI_REQ-0x0c1a
[   70.084207] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   70.088075] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   70.090644] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   70.096378] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   70.098822] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   70.100090] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   70.101610] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   70.115607] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   70.118793] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   70.120198] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   70.125806] Bluetooth: hci2: HCI_REQ-0x0c1a
[   70.156192] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   70.157976] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   70.160520] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   70.162965] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   70.165500] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   70.167509] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   70.173460] Bluetooth: hci1: HCI_REQ-0x0c1a
[   70.185882] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   70.188578] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   70.190381] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   70.193905] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   70.194277] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   70.196279] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   70.199673] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   70.200880] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   70.207609] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   70.207908] Bluetooth: hci4: HCI_REQ-0x0c1a
[   70.210116] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   70.211627] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   70.211773] Bluetooth: hci5: HCI_REQ-0x0c1a
[   70.214834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   70.216467] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   70.217657] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   70.221770] Bluetooth: hci3: HCI_REQ-0x0c1a
[   70.239045] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   70.241008] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   70.242471] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   70.245433] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   70.247114] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   70.248519] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   70.256437] Bluetooth: hci6: HCI_REQ-0x0c1a
[   72.113871] Bluetooth: hci0: command 0x0409 tx timeout
[   72.177363] Bluetooth: hci2: command 0x0409 tx timeout
[   72.241398] Bluetooth: hci3: command 0x0409 tx timeout
[   72.241414] Bluetooth: hci7: Opcode 0x c03 failed: -110
[   72.241998] Bluetooth: hci5: command 0x0409 tx timeout
[   72.243052] Bluetooth: hci4: command 0x0409 tx timeout
[   72.243701] Bluetooth: hci1: command 0x0409 tx timeout
[   72.305348] Bluetooth: hci6: command 0x0409 tx timeout
[   74.161985] Bluetooth: hci0: command 0x041b tx timeout
[   74.225381] Bluetooth: hci2: command 0x041b tx timeout
[   74.289375] Bluetooth: hci1: command 0x041b tx timeout
[   74.289842] Bluetooth: hci4: command 0x041b tx timeout
[   74.291091] Bluetooth: hci5: command 0x041b tx timeout
[   74.292246] Bluetooth: hci3: command 0x041b tx timeout
[   74.353410] Bluetooth: hci6: command 0x041b tx timeout
[   74.997395] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   74.998922] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   74.999663] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   75.001509] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   75.002699] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   75.003600] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   75.007372] Bluetooth: hci7: HCI_REQ-0x0c1a
[   76.209373] Bluetooth: hci0: command 0x040f tx timeout
[   76.273400] Bluetooth: hci2: command 0x040f tx timeout
[   76.337455] Bluetooth: hci3: command 0x040f tx timeout
[   76.338286] Bluetooth: hci5: command 0x040f tx timeout
[   76.338752] Bluetooth: hci4: command 0x040f tx timeout
[   76.339176] Bluetooth: hci1: command 0x040f tx timeout
[   76.401376] Bluetooth: hci6: command 0x040f tx timeout
[   77.041430] Bluetooth: hci7: command 0x0409 tx timeout
[   78.257479] Bluetooth: hci0: command 0x0419 tx timeout
[   78.321720] Bluetooth: hci2: command 0x0419 tx timeout
[   78.385454] Bluetooth: hci1: command 0x0419 tx timeout
[   78.385950] Bluetooth: hci4: command 0x0419 tx timeout
[   78.386398] Bluetooth: hci5: command 0x0419 tx timeout
[   78.386818] Bluetooth: hci3: command 0x0419 tx timeout
[   78.449369] Bluetooth: hci6: command 0x0419 tx timeout
[   79.089350] Bluetooth: hci7: command 0x041b tx timeout
[   81.137405] Bluetooth: hci7: command 0x040f tx timeout
[   83.185504] Bluetooth: hci7: command 0x0419 tx timeout
[  126.641892] audit: type=1400 audit(1663079290.210:7): avc:  denied  { open } for  pid=3693 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  126.643469] audit: type=1400 audit(1663079290.210:8): avc:  denied  { kernel } for  pid=3693 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  126.668304] ------------[ cut here ]------------
[  126.668326] 
[  126.668329] ======================================================
[  126.668333] WARNING: possible circular locking dependency detected
[  126.668337] 6.0.0-rc5-next-20220913 #1 Not tainted
[  126.668344] ------------------------------------------------------
[  126.668347] syz-executor.6/3694 is trying to acquire lock:
[  126.668354] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  126.668393] 
[  126.668393] but task is already holding lock:
[  126.668396] ffff88803d78ec20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  126.668423] 
[  126.668423] which lock already depends on the new lock.
[  126.668423] 
[  126.668426] 
[  126.668426] the existing dependency chain (in reverse order) is:
[  126.668429] 
[  126.668429] -> #3 (&ctx->lock){....}-{2:2}:
[  126.668443]        _raw_spin_lock+0x2a/0x40
[  126.668460]        __perf_event_task_sched_out+0x53b/0x18d0
[  126.668473]        __schedule+0xedd/0x2470
[  126.668483]        schedule+0xda/0x1b0
[  126.668492]        exit_to_user_mode_prepare+0x114/0x1a0
[  126.668513]        syscall_exit_to_user_mode+0x19/0x40
[  126.668531]        do_syscall_64+0x48/0x90
[  126.668545]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.668562] 
[  126.668562] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  126.668576]        _raw_spin_lock_nested+0x30/0x40
[  126.668591]        raw_spin_rq_lock_nested+0x1e/0x30
[  126.668604]        task_fork_fair+0x63/0x4d0
[  126.668621]        sched_cgroup_fork+0x3d0/0x540
[  126.668635]        copy_process+0x3f9e/0x6df0
[  126.668646]        kernel_clone+0xe7/0x890
[  126.668655]        user_mode_thread+0xad/0xf0
[  126.668665]        rest_init+0x24/0x250
[  126.668682]        arch_call_rest_init+0xf/0x14
[  126.668701]        start_kernel+0x4c1/0x4e6
[  126.668718]        secondary_startup_64_no_verify+0xe0/0xeb
[  126.668733] 
[  126.668733] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  126.668746]        _raw_spin_lock_irqsave+0x39/0x60
[  126.668761]        try_to_wake_up+0xab/0x1920
[  126.668775]        up+0x75/0xb0
[  126.668786]        __up_console_sem+0x6e/0x80
[  126.668802]        console_unlock+0x46a/0x590
[  126.668819]        vprintk_emit+0x1bd/0x560
[  126.668835]        vprintk+0x84/0xa0
[  126.668852]        _printk+0xba/0xf1
[  126.668870]        kauditd_hold_skb.cold+0x3f/0x4e
[  126.668884]        kauditd_send_queue+0x233/0x290
[  126.668898]        kauditd_thread+0x5da/0x9a0
[  126.668912]        kthread+0x2ed/0x3a0
[  126.668927]        ret_from_fork+0x22/0x30
[  126.668940] 
[  126.668940] -> #0 ((console_sem).lock){....}-{2:2}:
[  126.668953]        __lock_acquire+0x2a02/0x5e70
[  126.668970]        lock_acquire+0x1a2/0x530
[  126.668986]        _raw_spin_lock_irqsave+0x39/0x60
[  126.669001]        down_trylock+0xe/0x70
[  126.669013]        __down_trylock_console_sem+0x3b/0xd0
[  126.669030]        vprintk_emit+0x16b/0x560
[  126.669046]        vprintk+0x84/0xa0
[  126.669062]        _printk+0xba/0xf1
[  126.669079]        report_bug.cold+0x72/0xab
[  126.669091]        handle_bug+0x3c/0x70
[  126.669104]        exc_invalid_op+0x14/0x50
[  126.669117]        asm_exc_invalid_op+0x16/0x20
[  126.669133]        group_sched_out.part.0+0x2c7/0x460
[  126.669144]        ctx_sched_out+0x8f1/0xc10
[  126.669153]        __perf_event_task_sched_out+0x6d0/0x18d0
[  126.669165]        __schedule+0xedd/0x2470
[  126.669175]        schedule+0xda/0x1b0
[  126.669184]        exit_to_user_mode_prepare+0x114/0x1a0
[  126.669203]        syscall_exit_to_user_mode+0x19/0x40
[  126.669220]        do_syscall_64+0x48/0x90
[  126.669233]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.669250] 
[  126.669250] other info that might help us debug this:
[  126.669250] 
[  126.669253] Chain exists of:
[  126.669253]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  126.669253] 
[  126.669268]  Possible unsafe locking scenario:
[  126.669268] 
[  126.669270]        CPU0                    CPU1
[  126.669273]        ----                    ----
[  126.669275]   lock(&ctx->lock);
[  126.669281]                                lock(&rq->__lock);
[  126.669287]                                lock(&ctx->lock);
[  126.669293]   lock((console_sem).lock);
[  126.669299] 
[  126.669299]  *** DEADLOCK ***
[  126.669299] 
[  126.669301] 2 locks held by syz-executor.6/3694:
[  126.669308]  #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  126.669333]  #1: ffff88803d78ec20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  126.669361] 
[  126.669361] stack backtrace:
[  126.669364] CPU: 1 PID: 3694 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220913 #1
[  126.669376] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  126.669385] Call Trace:
[  126.669388]  <TASK>
[  126.669392]  dump_stack_lvl+0x8b/0xb3
[  126.669407]  check_noncircular+0x263/0x2e0
[  126.669424]  ? format_decode+0x26c/0xb50
[  126.669440]  ? print_circular_bug+0x450/0x450
[  126.669457]  ? enable_ptr_key_workfn+0x20/0x20
[  126.669471]  ? __lockdep_reset_lock+0x180/0x180
[  126.669488]  ? format_decode+0x26c/0xb50
[  126.669503]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  126.669521]  __lock_acquire+0x2a02/0x5e70
[  126.669542]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  126.669565]  lock_acquire+0x1a2/0x530
[  126.669582]  ? down_trylock+0xe/0x70
[  126.669597]  ? rcu_read_unlock+0x40/0x40
[  126.669614]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  126.669636]  ? vprintk+0x84/0xa0
[  126.669654]  _raw_spin_lock_irqsave+0x39/0x60
[  126.669670]  ? down_trylock+0xe/0x70
[  126.669683]  down_trylock+0xe/0x70
[  126.669696]  ? vprintk+0x84/0xa0
[  126.669714]  __down_trylock_console_sem+0x3b/0xd0
[  126.669731]  vprintk_emit+0x16b/0x560
[  126.669749]  ? lock_downgrade+0x6d0/0x6d0
[  126.669767]  vprintk+0x84/0xa0
[  126.669785]  _printk+0xba/0xf1
[  126.669803]  ? record_print_text.cold+0x16/0x16
[  126.669823]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  126.669837]  ? lock_downgrade+0x6d0/0x6d0
[  126.669855]  ? report_bug.cold+0x66/0xab
[  126.669869]  ? group_sched_out.part.0+0x2c7/0x460
[  126.669880]  report_bug.cold+0x72/0xab
[  126.669895]  handle_bug+0x3c/0x70
[  126.669909]  exc_invalid_op+0x14/0x50
[  126.669923]  asm_exc_invalid_op+0x16/0x20
[  126.669941] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  126.669954] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  126.669966] RSP: 0018:ffff88801e19fc48 EFLAGS: 00010006
[  126.669975] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  126.669983] RDX: ffff88800dd68000 RSI: ffffffff81566027 RDI: 0000000000000005
[  126.669990] RBP: ffff88800eb785c8 R08: 0000000000000005 R09: 0000000000000001
[  126.669998] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803d78ec00
[  126.670005] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002
[  126.670016]  ? group_sched_out.part.0+0x2c7/0x460
[  126.670029]  ? group_sched_out.part.0+0x2c7/0x460
[  126.670042]  ctx_sched_out+0x8f1/0xc10
[  126.670055]  __perf_event_task_sched_out+0x6d0/0x18d0
[  126.670070]  ? lock_is_held_type+0xd7/0x130
[  126.670088]  ? __perf_cgroup_move+0x160/0x160
[  126.670100]  ? set_next_entity+0x304/0x550
[  126.670118]  ? update_curr+0x267/0x740
[  126.670137]  ? lock_is_held_type+0xd7/0x130
[  126.670156]  __schedule+0xedd/0x2470
[  126.670169]  ? io_schedule_timeout+0x150/0x150
[  126.670181]  ? rcu_read_lock_sched_held+0x3e/0x80
[  126.670202]  schedule+0xda/0x1b0
[  126.670213]  exit_to_user_mode_prepare+0x114/0x1a0
[  126.670234]  syscall_exit_to_user_mode+0x19/0x40
[  126.670252]  do_syscall_64+0x48/0x90
[  126.670266]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.670284] RIP: 0033:0x7f5971f17b19
[  126.670292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  126.670303] RSP: 002b:00007f596f48d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.670314] RAX: 0000000000000001 RBX: 00007f597202af68 RCX: 00007f5971f17b19
[  126.670322] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f597202af6c
[  126.670329] RBP: 00007f597202af60 R08: 000000000000000e R09: 0000000000000000
[  126.670336] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f597202af6c
[  126.670343] R13: 00007fff9528265f R14: 00007f596f48d300 R15: 0000000000022000
[  126.670356]  </TASK>
[  126.727920] WARNING: CPU: 1 PID: 3694 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  126.728595] Modules linked in:
[  126.728838] CPU: 1 PID: 3694 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220913 #1
[  126.729414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  126.730222] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  126.730618] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  126.731931] RSP: 0018:ffff88801e19fc48 EFLAGS: 00010006
[  126.732322] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  126.732839] RDX: ffff88800dd68000 RSI: ffffffff81566027 RDI: 0000000000000005
[  126.733362] RBP: ffff88800eb785c8 R08: 0000000000000005 R09: 0000000000000001
[  126.733881] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88803d78ec00
[  126.734406] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002
[  126.734927] FS:  00007f596f48d700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[  126.735533] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  126.735961] CR2: 0000001b2de24000 CR3: 000000003d7b8000 CR4: 0000000000350ee0
[  126.736481] Call Trace:
[  126.736674]  <TASK>
[  126.736845]  ctx_sched_out+0x8f1/0xc10
[  126.737136]  __perf_event_task_sched_out+0x6d0/0x18d0
[  126.737517]  ? lock_is_held_type+0xd7/0x130
[  126.737838]  ? __perf_cgroup_move+0x160/0x160
[  126.738174]  ? set_next_entity+0x304/0x550
[  126.738492]  ? update_curr+0x267/0x740
[  126.738788]  ? lock_is_held_type+0xd7/0x130
[  126.739118]  __schedule+0xedd/0x2470
[  126.739394]  ? io_schedule_timeout+0x150/0x150
[  126.739732]  ? rcu_read_lock_sched_held+0x3e/0x80
[  126.740092]  schedule+0xda/0x1b0
[  126.740347]  exit_to_user_mode_prepare+0x114/0x1a0
[  126.740719]  syscall_exit_to_user_mode+0x19/0x40
[  126.741075]  do_syscall_64+0x48/0x90
[  126.741355]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  126.741736] RIP: 0033:0x7f5971f17b19
[  126.742010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  126.743319] RSP: 002b:00007f596f48d218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  126.743864] RAX: 0000000000000001 RBX: 00007f597202af68 RCX: 00007f5971f17b19
[  126.744379] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f597202af6c
[  126.744897] RBP: 00007f597202af60 R08: 000000000000000e R09: 0000000000000000
[  126.745410] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f597202af6c
[  126.745932] R13: 00007fff9528265f R14: 00007f596f48d300 R15: 0000000000022000
[  126.746455]  </TASK>
[  126.746632] irq event stamp: 1436
[  126.746883] hardirqs last  enabled at (1435): [<ffffffff8133ffc9>] exit_to_user_mode_prepare+0x109/0x1a0
[  126.747596] hardirqs last disabled at (1436): [<ffffffff8424b1d5>] __schedule+0x1225/0x2470
[  126.748195] softirqs last  enabled at (996): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  126.748814] softirqs last disabled at (987): [<ffffffff8117060b>] __irq_exit_rcu+0x11b/0x180
[  126.749435] ---[ end trace 0000000000000000 ]---
[  127.076242] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  127.174889] syz-executor.6 (3694) used greatest stack depth: 22872 bytes left
14:28:10 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}, 0x18292}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

[  127.237883] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
14:28:10 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}, 0x18292}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

[  127.348493] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
14:28:10 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x1e, 0x1, 0x0, 0x0, "", [@typed={0x2, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

14:28:10 executing program 6:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7}, 0x18292}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

[  127.475815] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
14:28:11 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x1e, 0x1, 0x0, 0x0, "", [@typed={0x2, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

14:28:11 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x1e, 0x1, 0x0, 0x0, "", [@typed={0x2, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0)

14:28:11 executing program 6:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$inet_int(r0, 0x0, 0x19, 0x0, &(0x7f0000000400))

14:28:11 executing program 5:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001d0001"], 0x1c}}, 0x0)

[  127.718559] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
[  127.742567] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'.
[  133.105493] Bluetooth: hci0: Opcode 0x c03 failed: -110
[  133.169383] Bluetooth: hci2: Opcode 0x c03 failed: -110
[  133.233331] Bluetooth: hci5: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
14:28:10  Registers:
info registers vcpu 0
RAX=dffffc0000000000 RBX=0000000000000001 RCX=0000000000000001 RDX=1ffff11007be6e74
RSI=ffff88803df37f10 RDI=ffff88803df373a0 RBP=ffff88803df37f48 RSP=ffff88803df372d0
R8 =ffffffff85eca214 R9 =ffffffff85eca218 R10=ffffed1007be6e77 R11=ffff88803df37390
R12=ffff88803df37391 R13=ffff88803df373b0 R14=ffff88803df37350 R15=0000000000000001
RIP=ffffffff8111c0ac RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fd689da01f0 CR3=000000001560e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 6461657268747062 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 00302e6f732e6461 657268747062696c
YMM03=0000000000000000 0000000000000000 2f756e672d78756e 696c2d34365f3638
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff822b253c RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff88801e19f640
R8 =0000000000000004 R9 =0000000000000010 R10=0000000000000010 R11=0000000000000001
R12=0000000000002710 R13=0000000000000020 R14=fffffbfff0ec7fab R15=dffffc0000000000
RIP=ffffffff822b2591 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f596f48d700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2de24000 CR3=000000003d7b8000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 ffffffffffffffff ff00000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM03=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000