Warning: Permanently added '[localhost]:40989' (ECDSA) to the list of known hosts. 2022/09/13 16:04:54 fuzzer started 2022/09/13 16:04:54 dialing manager at localhost:36597 syzkaller login: [ 46.217053] cgroup: Unknown subsys name 'net' [ 46.314463] cgroup: Unknown subsys name 'rlimit' 2022/09/13 16:05:10 syscalls: 2215 2022/09/13 16:05:10 code coverage: enabled 2022/09/13 16:05:10 comparison tracing: enabled 2022/09/13 16:05:10 extra coverage: enabled 2022/09/13 16:05:10 setuid sandbox: enabled 2022/09/13 16:05:10 namespace sandbox: enabled 2022/09/13 16:05:10 Android sandbox: enabled 2022/09/13 16:05:10 fault injection: enabled 2022/09/13 16:05:10 leak checking: enabled 2022/09/13 16:05:10 net packet injection: enabled 2022/09/13 16:05:10 net device setup: enabled 2022/09/13 16:05:10 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/13 16:05:10 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/13 16:05:10 USB emulation: enabled 2022/09/13 16:05:10 hci packet injection: enabled 2022/09/13 16:05:10 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220913) 2022/09/13 16:05:10 802.15.4 emulation: enabled 2022/09/13 16:05:10 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/13 16:05:11 fetching corpus: 42, signal 29577/33111 (executing program) 2022/09/13 16:05:11 fetching corpus: 92, signal 43481/48409 (executing program) 2022/09/13 16:05:11 fetching corpus: 142, signal 54312/60543 (executing program) 2022/09/13 16:05:11 fetching corpus: 192, signal 63611/71076 (executing program) 2022/09/13 16:05:11 fetching corpus: 242, signal 70660/79289 (executing program) 2022/09/13 16:05:12 fetching corpus: 292, signal 78744/88368 (executing program) 2022/09/13 16:05:12 fetching corpus: 342, signal 83886/94578 (executing program) 2022/09/13 16:05:12 fetching corpus: 392, signal 88287/100037 (executing program) 2022/09/13 16:05:12 fetching corpus: 442, signal 93568/106219 (executing program) 2022/09/13 16:05:12 fetching corpus: 492, signal 97539/111085 (executing program) 2022/09/13 16:05:13 fetching corpus: 542, signal 100619/115125 (executing program) 2022/09/13 16:05:13 fetching corpus: 592, signal 103564/118962 (executing program) 2022/09/13 16:05:13 fetching corpus: 642, signal 106168/122454 (executing program) 2022/09/13 16:05:13 fetching corpus: 692, signal 107838/125143 (executing program) 2022/09/13 16:05:13 fetching corpus: 742, signal 110490/128588 (executing program) 2022/09/13 16:05:13 fetching corpus: 791, signal 114335/133033 (executing program) 2022/09/13 16:05:14 fetching corpus: 841, signal 116240/135741 (executing program) 2022/09/13 16:05:14 fetching corpus: 891, signal 119497/139588 (executing program) 2022/09/13 16:05:14 fetching corpus: 941, signal 121579/142405 (executing program) 2022/09/13 16:05:14 fetching corpus: 991, signal 125329/146593 (executing program) 2022/09/13 16:05:14 fetching corpus: 1041, signal 128019/149864 (executing program) 2022/09/13 16:05:14 fetching corpus: 1091, signal 130918/153194 (executing program) 2022/09/13 16:05:15 fetching corpus: 1141, signal 132972/155817 (executing program) 2022/09/13 16:05:15 fetching corpus: 1191, signal 135681/158914 (executing program) 2022/09/13 16:05:15 fetching corpus: 1241, signal 136891/160791 (executing program) 2022/09/13 16:05:15 fetching corpus: 1291, signal 138622/163057 (executing program) 2022/09/13 16:05:15 fetching corpus: 1341, signal 141058/165851 (executing program) 2022/09/13 16:05:16 fetching corpus: 1391, signal 142869/168161 (executing program) 2022/09/13 16:05:16 fetching corpus: 1441, signal 144618/170371 (executing program) 2022/09/13 16:05:16 fetching corpus: 1491, signal 146543/172697 (executing program) 2022/09/13 16:05:16 fetching corpus: 1541, signal 148289/174873 (executing program) 2022/09/13 16:05:16 fetching corpus: 1591, signal 150906/177647 (executing program) 2022/09/13 16:05:17 fetching corpus: 1641, signal 152534/179640 (executing program) 2022/09/13 16:05:17 fetching corpus: 1691, signal 154153/181611 (executing program) 2022/09/13 16:05:17 fetching corpus: 1741, signal 155490/183319 (executing program) 2022/09/13 16:05:17 fetching corpus: 1791, signal 157269/185346 (executing program) 2022/09/13 16:05:17 fetching corpus: 1841, signal 158616/187078 (executing program) 2022/09/13 16:05:17 fetching corpus: 1891, signal 159945/188762 (executing program) 2022/09/13 16:05:17 fetching corpus: 1941, signal 160970/190160 (executing program) 2022/09/13 16:05:18 fetching corpus: 1991, signal 162407/191856 (executing program) 2022/09/13 16:05:18 fetching corpus: 2041, signal 163794/193527 (executing program) 2022/09/13 16:05:18 fetching corpus: 2091, signal 165040/195054 (executing program) 2022/09/13 16:05:18 fetching corpus: 2141, signal 166535/196763 (executing program) 2022/09/13 16:05:18 fetching corpus: 2191, signal 167470/198048 (executing program) 2022/09/13 16:05:19 fetching corpus: 2241, signal 168532/199424 (executing program) 2022/09/13 16:05:19 fetching corpus: 2291, signal 170061/201021 (executing program) 2022/09/13 16:05:19 fetching corpus: 2341, signal 171384/202565 (executing program) 2022/09/13 16:05:19 fetching corpus: 2391, signal 172586/204014 (executing program) 2022/09/13 16:05:19 fetching corpus: 2441, signal 173614/205277 (executing program) 2022/09/13 16:05:19 fetching corpus: 2491, signal 174979/206707 (executing program) 2022/09/13 16:05:20 fetching corpus: 2541, signal 176638/208310 (executing program) 2022/09/13 16:05:20 fetching corpus: 2591, signal 177800/209581 (executing program) 2022/09/13 16:05:20 fetching corpus: 2641, signal 178615/210632 (executing program) 2022/09/13 16:05:20 fetching corpus: 2691, signal 180350/212218 (executing program) 2022/09/13 16:05:20 fetching corpus: 2741, signal 181235/213232 (executing program) 2022/09/13 16:05:20 fetching corpus: 2791, signal 182123/214413 (executing program) 2022/09/13 16:05:21 fetching corpus: 2841, signal 183148/215575 (executing program) 2022/09/13 16:05:21 fetching corpus: 2891, signal 183955/216587 (executing program) 2022/09/13 16:05:21 fetching corpus: 2941, signal 184827/217613 (executing program) 2022/09/13 16:05:21 fetching corpus: 2991, signal 185579/218556 (executing program) 2022/09/13 16:05:21 fetching corpus: 3041, signal 186246/219417 (executing program) 2022/09/13 16:05:21 fetching corpus: 3091, signal 186900/220275 (executing program) 2022/09/13 16:05:22 fetching corpus: 3141, signal 188132/221483 (executing program) 2022/09/13 16:05:22 fetching corpus: 3191, signal 188950/222416 (executing program) 2022/09/13 16:05:22 fetching corpus: 3241, signal 189800/223337 (executing program) 2022/09/13 16:05:22 fetching corpus: 3291, signal 190633/224277 (executing program) 2022/09/13 16:05:22 fetching corpus: 3341, signal 192015/225451 (executing program) 2022/09/13 16:05:23 fetching corpus: 3391, signal 192900/226425 (executing program) 2022/09/13 16:05:23 fetching corpus: 3441, signal 194127/227446 (executing program) 2022/09/13 16:05:23 fetching corpus: 3491, signal 195190/228402 (executing program) 2022/09/13 16:05:23 fetching corpus: 3540, signal 196022/229274 (executing program) 2022/09/13 16:05:23 fetching corpus: 3590, signal 196760/230017 (executing program) 2022/09/13 16:05:23 fetching corpus: 3640, signal 197597/230830 (executing program) 2022/09/13 16:05:24 fetching corpus: 3690, signal 198276/231541 (executing program) 2022/09/13 16:05:24 fetching corpus: 3740, signal 199537/232479 (executing program) 2022/09/13 16:05:24 fetching corpus: 3790, signal 200431/233293 (executing program) 2022/09/13 16:05:24 fetching corpus: 3840, signal 201341/234092 (executing program) 2022/09/13 16:05:24 fetching corpus: 3890, signal 202411/234907 (executing program) 2022/09/13 16:05:25 fetching corpus: 3940, signal 203673/235748 (executing program) 2022/09/13 16:05:25 fetching corpus: 3990, signal 204428/236414 (executing program) 2022/09/13 16:05:25 fetching corpus: 4040, signal 205334/237136 (executing program) 2022/09/13 16:05:25 fetching corpus: 4090, signal 206523/238009 (executing program) 2022/09/13 16:05:25 fetching corpus: 4140, signal 207301/238632 (executing program) 2022/09/13 16:05:25 fetching corpus: 4189, signal 207908/239218 (executing program) 2022/09/13 16:05:26 fetching corpus: 4239, signal 208592/239776 (executing program) 2022/09/13 16:05:26 fetching corpus: 4289, signal 209216/240319 (executing program) 2022/09/13 16:05:26 fetching corpus: 4339, signal 209974/240907 (executing program) 2022/09/13 16:05:26 fetching corpus: 4389, signal 210455/241381 (executing program) 2022/09/13 16:05:26 fetching corpus: 4439, signal 211349/242022 (executing program) 2022/09/13 16:05:26 fetching corpus: 4489, signal 212127/242563 (executing program) 2022/09/13 16:05:27 fetching corpus: 4539, signal 213000/243125 (executing program) 2022/09/13 16:05:27 fetching corpus: 4589, signal 213801/243679 (executing program) 2022/09/13 16:05:27 fetching corpus: 4639, signal 214505/244161 (executing program) 2022/09/13 16:05:27 fetching corpus: 4689, signal 215191/244601 (executing program) 2022/09/13 16:05:27 fetching corpus: 4739, signal 215851/245093 (executing program) 2022/09/13 16:05:27 fetching corpus: 4789, signal 216385/245524 (executing program) 2022/09/13 16:05:28 fetching corpus: 4839, signal 217079/246018 (executing program) 2022/09/13 16:05:28 fetching corpus: 4889, signal 217540/246446 (executing program) 2022/09/13 16:05:28 fetching corpus: 4939, signal 218101/246836 (executing program) 2022/09/13 16:05:28 fetching corpus: 4989, signal 219123/247323 (executing program) 2022/09/13 16:05:28 fetching corpus: 5039, signal 221013/247960 (executing program) 2022/09/13 16:05:28 fetching corpus: 5089, signal 221750/248371 (executing program) 2022/09/13 16:05:28 fetching corpus: 5139, signal 222343/248700 (executing program) 2022/09/13 16:05:29 fetching corpus: 5189, signal 222879/249052 (executing program) 2022/09/13 16:05:29 fetching corpus: 5239, signal 223845/249440 (executing program) 2022/09/13 16:05:29 fetching corpus: 5289, signal 224645/249793 (executing program) 2022/09/13 16:05:29 fetching corpus: 5339, signal 225305/250118 (executing program) 2022/09/13 16:05:30 fetching corpus: 5389, signal 225902/250457 (executing program) 2022/09/13 16:05:30 fetching corpus: 5439, signal 226807/250772 (executing program) 2022/09/13 16:05:30 fetching corpus: 5489, signal 227401/251098 (executing program) 2022/09/13 16:05:30 fetching corpus: 5539, signal 228021/251411 (executing program) 2022/09/13 16:05:30 fetching corpus: 5589, signal 229205/251714 (executing program) 2022/09/13 16:05:30 fetching corpus: 5636, signal 229828/252000 (executing program) 2022/09/13 16:05:31 fetching corpus: 5686, signal 230329/252211 (executing program) 2022/09/13 16:05:31 fetching corpus: 5736, signal 230782/252435 (executing program) 2022/09/13 16:05:31 fetching corpus: 5786, signal 231393/252666 (executing program) 2022/09/13 16:05:31 fetching corpus: 5836, signal 231790/252867 (executing program) 2022/09/13 16:05:31 fetching corpus: 5886, signal 232559/253086 (executing program) 2022/09/13 16:05:32 fetching corpus: 5935, signal 233047/253306 (executing program) 2022/09/13 16:05:32 fetching corpus: 5985, signal 233701/253562 (executing program) 2022/09/13 16:05:32 fetching corpus: 6035, signal 234090/253732 (executing program) 2022/09/13 16:05:32 fetching corpus: 6085, signal 234628/253923 (executing program) 2022/09/13 16:05:32 fetching corpus: 6134, signal 235227/254063 (executing program) 2022/09/13 16:05:32 fetching corpus: 6184, signal 235771/254098 (executing program) 2022/09/13 16:05:32 fetching corpus: 6233, signal 236388/254102 (executing program) 2022/09/13 16:05:33 fetching corpus: 6283, signal 236980/254132 (executing program) 2022/09/13 16:05:33 fetching corpus: 6331, signal 237397/254146 (executing program) 2022/09/13 16:05:33 fetching corpus: 6380, signal 238011/254154 (executing program) 2022/09/13 16:05:33 fetching corpus: 6429, signal 238492/254171 (executing program) 2022/09/13 16:05:33 fetching corpus: 6478, signal 238945/254327 (executing program) 2022/09/13 16:05:34 fetching corpus: 6527, signal 239555/254364 (executing program) 2022/09/13 16:05:34 fetching corpus: 6577, signal 239990/254418 (executing program) 2022/09/13 16:05:34 fetching corpus: 6627, signal 240701/254558 (executing program) 2022/09/13 16:05:34 fetching corpus: 6677, signal 241220/254575 (executing program) 2022/09/13 16:05:34 fetching corpus: 6725, signal 242223/254621 (executing program) 2022/09/13 16:05:35 fetching corpus: 6772, signal 242723/254649 (executing program) 2022/09/13 16:05:35 fetching corpus: 6822, signal 243096/254666 (executing program) 2022/09/13 16:05:35 fetching corpus: 6872, signal 243655/254687 (executing program) 2022/09/13 16:05:35 fetching corpus: 6922, signal 244124/254689 (executing program) 2022/09/13 16:05:35 fetching corpus: 6972, signal 244640/254690 (executing program) 2022/09/13 16:05:35 fetching corpus: 7020, signal 245265/254704 (executing program) 2022/09/13 16:05:35 fetching corpus: 7047, signal 245573/254737 (executing program) 2022/09/13 16:05:35 fetching corpus: 7047, signal 245573/254737 (executing program) 2022/09/13 16:05:38 starting 8 fuzzer processes 16:05:38 executing program 0: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x3) 16:05:38 executing program 1: r0 = syz_mount_image$vfat(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$cgroup2(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100), 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') chdir(&(0x7f00000001c0)='./file0/../file0/../file0\x00') mount$9p_unix(0xffffffffffffffff, &(0x7f00000000c0)='./file0/../file0/../file0\x00', &(0x7f0000000140), 0x18880ac, &(0x7f0000000200)={'trans=unix,', {[{@version_u}], [{@smackfstransmute={'smackfstransmute', 0x3d, '!'}}, {@seclabel}, {@context={'context', 0x3d, 'root'}}, {@subj_user={'subj_user', 0x3d, '-+'}}]}}) dup2(r0, 0xffffffffffffffff) rmdir(&(0x7f0000000280)='./file0/../file0/../file0\x00') 16:05:38 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=0xee00], 0x38}}], 0x2, 0x0) 16:05:38 executing program 3: r0 = syz_open_procfs$userns(0x0, &(0x7f0000000040)) ioctl$BTRFS_IOC_DEFRAG(r0, 0x50009402, 0x0) 16:05:38 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) gettid() sendmsg$netlink(r0, &(0x7f00000013c0)={&(0x7f00000007c0), 0xc, &(0x7f0000001100)=[{0x0}, {0x0}], 0x2, &(0x7f0000001300)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @rights={{0x10}}], 0x30}, 0x0) 16:05:38 executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000000)={0x28, 0x10, 0x1, 0x0, 0x0, "", [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x4, 0x0, 0x0, 0x0, @binary}, @typed={0x8, 0x3a, 0x0, 0x0, @fd}]}, 0x28}], 0x1}, 0x0) [ 87.097724] audit: type=1400 audit(1663085138.251:6): avc: denied { execmem } for pid=288 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 16:05:38 executing program 6: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8955, &(0x7f0000002440)={{0x2, 0x0, @loopback}, {0x0, @dev}, 0x18, {0x2, 0x0, @empty}, 'sit0\x00'}) 16:05:38 executing program 7: openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = syz_io_uring_setup(0x7969, &(0x7f00000001c0)={0x0, 0xfc32, 0x0, 0x3, 0x109}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000240)) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0xea, 0x0, 0x6, 0x2020, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x2, @perf_bp={&(0x7f0000000300), 0xd}, 0x14844, 0xc03, 0x7f, 0x4, 0x4, 0x8, 0x80, 0x0, 0x0, 0x0, 0x8001}, 0xffffffffffffffff, 0xc, r1, 0x8) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x6df0000000000000}, 0x0, 0xc00000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r2, 0xd000943d, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_EVENTFD(r0, 0x5, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000001200)) r3 = syz_open_procfs(0x0, &(0x7f00000011c0)='mountinfo\x00') preadv(r3, &(0x7f0000001140)=[{0x0}], 0x1, 0x0, 0x0) sendfile(r0, r3, &(0x7f0000000140)=0x8, 0x9) openat(0xffffffffffffffff, &(0x7f0000001180)='./file0\x00', 0x100, 0x8) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x650881, 0x0) [ 88.437286] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 88.438379] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 88.441994] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 88.443165] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 88.453576] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 88.459306] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 88.460821] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 88.462187] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 88.463022] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 88.465304] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 88.466487] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 88.467557] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 88.469016] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 88.469861] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 88.471233] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 88.472043] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 88.473632] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 88.474372] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 88.478833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 88.479585] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 88.480367] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 88.481775] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 88.482556] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 88.483442] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 88.484216] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 88.485132] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 88.486326] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 88.487258] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 88.488380] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 88.493266] Bluetooth: hci2: HCI_REQ-0x0c1a [ 88.501149] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 88.502228] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 88.502923] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 88.504143] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 88.513454] Bluetooth: hci0: HCI_REQ-0x0c1a [ 88.519757] Bluetooth: hci3: HCI_REQ-0x0c1a [ 88.520365] Bluetooth: hci1: HCI_REQ-0x0c1a [ 88.532311] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 88.534316] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 88.535630] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.539803] Bluetooth: hci4: HCI_REQ-0x0c1a [ 88.541016] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 88.548390] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 88.549448] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 88.554467] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 88.556197] Bluetooth: hci5: HCI_REQ-0x0c1a [ 88.556861] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 88.563959] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 88.565626] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 88.566629] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 88.570444] Bluetooth: hci7: HCI_REQ-0x0c1a [ 88.592929] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 88.596979] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 88.602950] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 88.604502] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 88.609858] Bluetooth: hci6: HCI_REQ-0x0c1a [ 90.550478] Bluetooth: hci4: command 0x0409 tx timeout [ 90.551569] Bluetooth: hci3: command 0x0409 tx timeout [ 90.552246] Bluetooth: hci0: command 0x0409 tx timeout [ 90.553162] Bluetooth: hci1: command 0x0409 tx timeout [ 90.554755] Bluetooth: hci2: command 0x0409 tx timeout [ 90.612725] Bluetooth: hci6: command 0x0409 tx timeout [ 90.612746] Bluetooth: hci7: command 0x0409 tx timeout [ 90.613343] Bluetooth: hci5: command 0x0409 tx timeout [ 92.597431] Bluetooth: hci2: command 0x041b tx timeout [ 92.598009] Bluetooth: hci1: command 0x041b tx timeout [ 92.598477] Bluetooth: hci0: command 0x041b tx timeout [ 92.601247] Bluetooth: hci3: command 0x041b tx timeout [ 92.602022] Bluetooth: hci4: command 0x041b tx timeout [ 92.661279] Bluetooth: hci5: command 0x041b tx timeout [ 92.661748] Bluetooth: hci7: command 0x041b tx timeout [ 92.665235] Bluetooth: hci6: command 0x041b tx timeout [ 94.644836] Bluetooth: hci4: command 0x040f tx timeout [ 94.645361] Bluetooth: hci3: command 0x040f tx timeout [ 94.645913] Bluetooth: hci0: command 0x040f tx timeout [ 94.646417] Bluetooth: hci1: command 0x040f tx timeout [ 94.646957] Bluetooth: hci2: command 0x040f tx timeout [ 94.709234] Bluetooth: hci6: command 0x040f tx timeout [ 94.709936] Bluetooth: hci7: command 0x040f tx timeout [ 94.710400] Bluetooth: hci5: command 0x040f tx timeout [ 96.693868] Bluetooth: hci2: command 0x0419 tx timeout [ 96.696424] Bluetooth: hci1: command 0x0419 tx timeout [ 96.696997] Bluetooth: hci0: command 0x0419 tx timeout [ 96.697531] Bluetooth: hci3: command 0x0419 tx timeout [ 96.699597] Bluetooth: hci4: command 0x0419 tx timeout [ 96.756796] Bluetooth: hci5: command 0x0419 tx timeout [ 96.757952] Bluetooth: hci7: command 0x0419 tx timeout [ 96.758504] Bluetooth: hci6: command 0x0419 tx timeout [ 147.803492] syz-executor.3 (299) used greatest stack depth: 24776 bytes left [ 150.351229] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 150.353557] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 150.355141] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 150.358565] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 150.360385] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 150.363141] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 150.368889] Bluetooth: hci0: HCI_REQ-0x0c1a [ 150.437206] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 150.440431] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 150.441815] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 150.443933] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 150.445231] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 150.447597] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 150.450111] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 150.479841] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 150.482046] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 150.487017] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 150.490498] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 150.503089] Bluetooth: hci2: HCI_REQ-0x0c1a [ 150.506121] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 150.521845] Bluetooth: hci3: HCI_REQ-0x0c1a [ 150.525493] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 150.530466] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 150.533229] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 150.535325] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 150.537806] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 150.540543] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 150.542375] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 150.545447] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 150.550185] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 150.552196] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 150.553990] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 150.557547] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 150.559410] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 150.561490] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 150.568010] Bluetooth: hci6: HCI_REQ-0x0c1a [ 150.570218] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 150.579756] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 150.603296] Bluetooth: hci5: HCI_REQ-0x0c1a [ 150.640260] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 150.643093] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 150.650637] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 150.654540] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 150.654596] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 150.658388] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 150.661902] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 150.666615] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 150.691063] Bluetooth: hci4: HCI_REQ-0x0c1a [ 150.704833] Bluetooth: hci7: HCI_REQ-0x0c1a [ 152.436781] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 152.438536] Bluetooth: hci0: command 0x0409 tx timeout [ 152.565960] Bluetooth: hci2: command 0x0409 tx timeout [ 152.628803] Bluetooth: hci5: command 0x0409 tx timeout [ 152.629850] Bluetooth: hci3: command 0x0409 tx timeout [ 152.630713] Bluetooth: hci6: command 0x0409 tx timeout [ 152.757728] Bluetooth: hci7: command 0x0409 tx timeout [ 152.758435] Bluetooth: hci4: command 0x0409 tx timeout [ 154.484734] Bluetooth: hci0: command 0x041b tx timeout [ 154.613771] Bluetooth: hci2: command 0x041b tx timeout [ 154.677735] Bluetooth: hci6: command 0x041b tx timeout [ 154.678254] Bluetooth: hci3: command 0x041b tx timeout [ 154.678879] Bluetooth: hci5: command 0x041b tx timeout [ 154.805772] Bluetooth: hci4: command 0x041b tx timeout [ 154.806291] Bluetooth: hci7: command 0x041b tx timeout [ 155.545507] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 155.547730] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 155.549332] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 155.552651] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 155.555891] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 155.557282] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 155.587774] Bluetooth: hci1: HCI_REQ-0x0c1a [ 156.533719] Bluetooth: hci0: command 0x040f tx timeout [ 156.661872] Bluetooth: hci2: command 0x040f tx timeout [ 156.725721] Bluetooth: hci5: command 0x040f tx timeout [ 156.726216] Bluetooth: hci3: command 0x040f tx timeout [ 156.726612] Bluetooth: hci6: command 0x040f tx timeout [ 156.852734] Bluetooth: hci7: command 0x040f tx timeout [ 156.853391] Bluetooth: hci4: command 0x040f tx timeout [ 157.621719] Bluetooth: hci1: command 0x0409 tx timeout [ 158.581706] Bluetooth: hci0: command 0x0419 tx timeout [ 158.709716] Bluetooth: hci2: command 0x0419 tx timeout [ 158.772795] Bluetooth: hci6: command 0x0419 tx timeout [ 158.773311] Bluetooth: hci3: command 0x0419 tx timeout [ 158.774306] Bluetooth: hci5: command 0x0419 tx timeout [ 158.901772] Bluetooth: hci4: command 0x0419 tx timeout [ 158.902322] Bluetooth: hci7: command 0x0419 tx timeout [ 159.670373] Bluetooth: hci1: command 0x041b tx timeout [ 161.717761] Bluetooth: hci1: command 0x040f tx timeout [ 163.764715] Bluetooth: hci1: command 0x0419 tx timeout 16:07:42 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8917, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8916, &(0x7f0000000000)={'lo\x00'}) 16:07:42 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8917, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8916, &(0x7f0000000000)={'lo\x00'}) 16:07:42 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8917, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8916, &(0x7f0000000000)={'lo\x00'}) 16:07:42 executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8917, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8916, &(0x7f0000000000)={'lo\x00'}) 16:07:42 executing program 4: r0 = memfd_create(&(0x7f0000000040)='/dev/vcsa\x00', 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000002, 0x401a012, r0, 0x0) 16:07:42 executing program 4: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') sendmsg$SOCK_DESTROY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="300100001500040028bd7000fcdbdf252b083d000100a45ae428936b6a4b1162cfed7ad73ce5ff1fd9835f01c4216ba72de85642df2d031dbc586692b80da0d695b7bbd5c4c8d0328a0c7fd0bfc37a0000003800010024f73f3912cab6c6c6372f527412174e5fa68fcb7ab51a7be90dcf202e775e73bd43ca8c09273a81bd853449efd85556ef776903a1000100d79ab5a4bf43fedcca3971ce1dcc6cc5acc0488e1a45e38f2ec8ab3d5483a97f270b929a207edf05b226fefb3203a4354c4e041ccda50f4d485bcabdb3e218bd3ffe7ae3535d1eebcbc41cd329b13ebd56a6ae6b0323cdf2acdbed5128c6f3e8d081b46cb344d96a07cf42d378ac67949e8ae1c2f908c886711083e12b4b7281c6b01e9425199330d0c0a4edc034a68687a1fd30a230dd7501538a83b0000000000067f3238979cb4c52a3f86cd7b866300ba3eed81383dcbef2b47da17a0dee570179ae0b7f82847989c6b6e2d20cb3ae755cee324faaac46a818"], 0x130}, 0x1, 0x0, 0x0, 0x4}, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = openat2(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0xb) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) ioctl$SNAPSHOT_FREE(r4, 0x3305) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) shmget$private(0x0, 0x2000, 0x54000000, &(0x7f0000ff5000/0x2000)=nil) [ 211.834357] audit: type=1400 audit(1663085262.988:7): avc: denied { open } for pid=7039 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 211.838396] audit: type=1400 audit(1663085262.988:8): avc: denied { kernel } for pid=7039 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 211.849346] ------------[ cut here ]------------ [ 211.849369] [ 211.849372] ====================================================== [ 211.849377] WARNING: possible circular locking dependency detected [ 211.849382] 6.0.0-rc5-next-20220913 #1 Not tainted [ 211.849390] ------------------------------------------------------ [ 211.849393] syz-executor.4/7040 is trying to acquire lock: [ 211.849401] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 211.849448] [ 211.849448] but task is already holding lock: [ 211.849451] ffff888018796c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 211.849485] [ 211.849485] which lock already depends on the new lock. [ 211.849485] [ 211.849489] [ 211.849489] the existing dependency chain (in reverse order) is: [ 211.849494] [ 211.849494] -> #3 (&ctx->lock){....}-{2:2}: [ 211.849511] _raw_spin_lock+0x2a/0x40 [ 211.849532] __perf_event_task_sched_out+0x53b/0x18d0 [ 211.849547] __schedule+0xedd/0x2470 [ 211.849560] schedule+0xda/0x1b0 [ 211.849571] futex_wait_queue+0xf5/0x1e0 [ 211.849586] futex_wait+0x28e/0x690 [ 211.849598] do_futex+0x2ff/0x380 [ 211.849609] __x64_sys_futex+0x1c6/0x4d0 [ 211.849621] do_syscall_64+0x3b/0x90 [ 211.849639] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 211.849664] [ 211.849664] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 211.849681] _raw_spin_lock_nested+0x30/0x40 [ 211.849703] raw_spin_rq_lock_nested+0x1e/0x30 [ 211.849719] task_fork_fair+0x63/0x4d0 [ 211.849740] sched_cgroup_fork+0x3d0/0x540 [ 211.849758] copy_process+0x3f9e/0x6df0 [ 211.849771] kernel_clone+0xe7/0x890 [ 211.849783] user_mode_thread+0xad/0xf0 [ 211.849796] rest_init+0x24/0x250 [ 211.849823] arch_call_rest_init+0xf/0x14 [ 211.849848] start_kernel+0x4c1/0x4e6 [ 211.849870] secondary_startup_64_no_verify+0xe0/0xeb [ 211.849888] [ 211.849888] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 211.849905] _raw_spin_lock_irqsave+0x39/0x60 [ 211.849924] try_to_wake_up+0xab/0x1920 [ 211.849941] up+0x75/0xb0 [ 211.849955] __up_console_sem+0x6e/0x80 [ 211.849975] console_unlock+0x46a/0x590 [ 211.849995] do_con_write+0xc05/0x1d50 [ 211.850009] con_write+0x21/0x40 [ 211.850021] n_tty_write+0x4d4/0xfe0 [ 211.850037] file_tty_write.constprop.0+0x49c/0x8f0 [ 211.850052] vfs_write+0x9c3/0xd90 [ 211.850075] ksys_write+0x127/0x250 [ 211.850096] do_syscall_64+0x3b/0x90 [ 211.850112] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 211.850133] [ 211.850133] -> #0 ((console_sem).lock){....}-{2:2}: [ 211.850150] __lock_acquire+0x2a02/0x5e70 [ 211.850172] lock_acquire+0x1a2/0x530 [ 211.850192] _raw_spin_lock_irqsave+0x39/0x60 [ 211.850210] down_trylock+0xe/0x70 [ 211.850226] __down_trylock_console_sem+0x3b/0xd0 [ 211.850246] vprintk_emit+0x16b/0x560 [ 211.850267] vprintk+0x84/0xa0 [ 211.850288] _printk+0xba/0xf1 [ 211.850310] report_bug.cold+0x72/0xab [ 211.850325] handle_bug+0x3c/0x70 [ 211.850341] exc_invalid_op+0x14/0x50 [ 211.850358] asm_exc_invalid_op+0x16/0x20 [ 211.850378] group_sched_out.part.0+0x2c7/0x460 [ 211.850391] ctx_sched_out+0x8f1/0xc10 [ 211.850403] __perf_event_task_sched_out+0x6d0/0x18d0 [ 211.850418] __schedule+0xedd/0x2470 [ 211.850430] schedule+0xda/0x1b0 [ 211.850442] futex_wait_queue+0xf5/0x1e0 [ 211.850455] futex_wait+0x28e/0x690 [ 211.850467] do_futex+0x2ff/0x380 [ 211.850478] __x64_sys_futex+0x1c6/0x4d0 [ 211.850490] do_syscall_64+0x3b/0x90 [ 211.850506] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 211.850527] [ 211.850527] other info that might help us debug this: [ 211.850527] [ 211.850531] Chain exists of: [ 211.850531] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 211.850531] [ 211.850550] Possible unsafe locking scenario: [ 211.850550] [ 211.850553] CPU0 CPU1 [ 211.850556] ---- ---- [ 211.850559] lock(&ctx->lock); [ 211.850566] lock(&rq->__lock); [ 211.850575] lock(&ctx->lock); [ 211.850583] lock((console_sem).lock); [ 211.850590] [ 211.850590] *** DEADLOCK *** [ 211.850590] [ 211.850592] 2 locks held by syz-executor.4/7040: [ 211.850601] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x1e/0x30 [ 211.850635] #1: ffff888018796c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 211.850670] [ 211.850670] stack backtrace: [ 211.850673] CPU: 1 PID: 7040 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220913 #1 [ 211.850689] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 211.850700] Call Trace: [ 211.850704] [ 211.850709] dump_stack_lvl+0x8b/0xb3 [ 211.850727] check_noncircular+0x263/0x2e0 [ 211.850748] ? format_decode+0x26c/0xb50 [ 211.850767] ? print_circular_bug+0x450/0x450 [ 211.850789] ? enable_ptr_key_workfn+0x20/0x20 [ 211.850807] ? format_decode+0x26c/0xb50 [ 211.850825] ? memcpy+0x39/0x60 [ 211.850850] ? vsnprintf+0x4ba/0x1600 [ 211.850870] __lock_acquire+0x2a02/0x5e70 [ 211.850898] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 211.850926] lock_acquire+0x1a2/0x530 [ 211.850948] ? down_trylock+0xe/0x70 [ 211.850966] ? rcu_read_unlock+0x40/0x40 [ 211.850992] ? vprintk+0x84/0xa0 [ 211.851015] _raw_spin_lock_irqsave+0x39/0x60 [ 211.851035] ? down_trylock+0xe/0x70 [ 211.851052] down_trylock+0xe/0x70 [ 211.851068] ? vprintk+0x84/0xa0 [ 211.851090] __down_trylock_console_sem+0x3b/0xd0 [ 211.851112] vprintk_emit+0x16b/0x560 [ 211.851136] vprintk+0x84/0xa0 [ 211.851159] _printk+0xba/0xf1 [ 211.851181] ? record_print_text.cold+0x16/0x16 [ 211.851208] ? report_bug.cold+0x66/0xab [ 211.851226] ? group_sched_out.part.0+0x2c7/0x460 [ 211.851240] report_bug.cold+0x72/0xab [ 211.851259] handle_bug+0x3c/0x70 [ 211.851276] exc_invalid_op+0x14/0x50 [ 211.851294] asm_exc_invalid_op+0x16/0x20 [ 211.851316] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 211.851333] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 211.851347] RSP: 0018:ffff888031ed78f8 EFLAGS: 00010006 [ 211.851359] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.851368] RDX: ffff888036915040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 211.851378] RBP: ffff888033c30000 R08: 0000000000000005 R09: 0000000000000001 [ 211.851388] R10: 0000000000000000 R11: ffffffff865aa05b R12: ffff888018796c00 [ 211.851397] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002 [ 211.851411] ? group_sched_out.part.0+0x2c7/0x460 [ 211.851427] ? group_sched_out.part.0+0x2c7/0x460 [ 211.851443] ctx_sched_out+0x8f1/0xc10 [ 211.851459] __perf_event_task_sched_out+0x6d0/0x18d0 [ 211.851478] ? load_balance+0x2750/0x2750 [ 211.851504] ? __perf_cgroup_move+0x160/0x160 [ 211.851519] ? lock_is_held_type+0xd7/0x130 [ 211.851543] ? lock_is_held_type+0xd7/0x130 [ 211.851566] __schedule+0xedd/0x2470 [ 211.851582] ? io_schedule_timeout+0x150/0x150 [ 211.851599] ? futex_wait_setup+0x166/0x230 [ 211.851618] schedule+0xda/0x1b0 [ 211.851632] futex_wait_queue+0xf5/0x1e0 [ 211.851647] futex_wait+0x28e/0x690 [ 211.851662] ? futex_wait_setup+0x230/0x230 [ 211.851679] ? wake_up_q+0x8b/0xf0 [ 211.851696] ? do_raw_spin_unlock+0x4f/0x220 [ 211.851720] ? futex_wake+0x158/0x490 [ 211.851740] ? fd_install+0x1f9/0x640 [ 211.851761] do_futex+0x2ff/0x380 [ 211.851774] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 211.851794] __x64_sys_futex+0x1c6/0x4d0 [ 211.851809] ? __x64_sys_futex_time32+0x480/0x480 [ 211.851825] ? syscall_enter_from_user_mode+0x1d/0x50 [ 211.851848] ? syscall_enter_from_user_mode+0x1d/0x50 [ 211.851874] do_syscall_64+0x3b/0x90 [ 211.851891] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 211.851913] RIP: 0033:0x7f2aa5bb0b19 [ 211.851924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 211.851938] RSP: 002b:00007f2aa3126218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 211.851952] RAX: ffffffffffffffda RBX: 00007f2aa5cc3f68 RCX: 00007f2aa5bb0b19 [ 211.851962] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2aa5cc3f68 [ 211.851971] RBP: 00007f2aa5cc3f60 R08: 0000000000000000 R09: 0000000000000000 [ 211.851980] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2aa5cc3f6c [ 211.851989] R13: 00007ffe9302cb3f R14: 00007f2aa3126300 R15: 0000000000022000 [ 211.852005] [ 211.912707] WARNING: CPU: 1 PID: 7040 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 211.913440] Modules linked in: [ 211.913693] CPU: 1 PID: 7040 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220913 #1 [ 211.914342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 211.915250] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 211.915703] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 211.917150] RSP: 0018:ffff888031ed78f8 EFLAGS: 00010006 [ 211.917571] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 211.918141] RDX: ffff888036915040 RSI: ffffffff81566027 RDI: 0000000000000005 [ 211.918714] RBP: ffff888033c30000 R08: 0000000000000005 R09: 0000000000000001 [ 211.919312] R10: 0000000000000000 R11: ffffffff865aa05b R12: ffff888018796c00 [ 211.919837] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002 [ 211.920350] FS: 00007f2aa3126700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 211.920971] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 211.921391] CR2: 00007fb5f7d50820 CR3: 0000000010352000 CR4: 0000000000350ee0 [ 211.921921] Call Trace: [ 211.922128] [ 211.922310] ctx_sched_out+0x8f1/0xc10 [ 211.922606] __perf_event_task_sched_out+0x6d0/0x18d0 [ 211.923019] ? load_balance+0x2750/0x2750 [ 211.923358] ? __perf_cgroup_move+0x160/0x160 [ 211.923696] ? lock_is_held_type+0xd7/0x130 [ 211.924046] ? lock_is_held_type+0xd7/0x130 [ 211.924365] __schedule+0xedd/0x2470 [ 211.924649] ? io_schedule_timeout+0x150/0x150 [ 211.925010] ? futex_wait_setup+0x166/0x230 [ 211.925357] schedule+0xda/0x1b0 [ 211.925637] futex_wait_queue+0xf5/0x1e0 [ 211.925971] futex_wait+0x28e/0x690 [ 211.926259] ? futex_wait_setup+0x230/0x230 [ 211.926603] ? wake_up_q+0x8b/0xf0 [ 211.926900] ? do_raw_spin_unlock+0x4f/0x220 [ 211.927255] ? futex_wake+0x158/0x490 [ 211.927551] ? fd_install+0x1f9/0x640 [ 211.927848] do_futex+0x2ff/0x380 [ 211.928116] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 211.928564] __x64_sys_futex+0x1c6/0x4d0 [ 211.928901] ? __x64_sys_futex_time32+0x480/0x480 [ 211.929272] ? syscall_enter_from_user_mode+0x1d/0x50 [ 211.929679] ? syscall_enter_from_user_mode+0x1d/0x50 [ 211.930097] do_syscall_64+0x3b/0x90 [ 211.930384] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 211.930781] RIP: 0033:0x7f2aa5bb0b19 [ 211.931070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 211.932423] RSP: 002b:00007f2aa3126218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 211.933011] RAX: ffffffffffffffda RBX: 00007f2aa5cc3f68 RCX: 00007f2aa5bb0b19 [ 211.933573] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2aa5cc3f68 [ 211.934137] RBP: 00007f2aa5cc3f60 R08: 0000000000000000 R09: 0000000000000000 [ 211.934691] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2aa5cc3f6c [ 211.935261] R13: 00007ffe9302cb3f R14: 00007f2aa3126300 R15: 0000000000022000 [ 211.935809] [ 211.935999] irq event stamp: 1022 [ 211.936248] hardirqs last enabled at (1021): [] syscall_enter_from_user_mode+0x1d/0x50 [ 211.937007] hardirqs last disabled at (1022): [] __schedule+0x1225/0x2470 [ 211.937669] softirqs last enabled at (710): [] __irq_exit_rcu+0x11b/0x180 [ 211.938314] softirqs last disabled at (693): [] __irq_exit_rcu+0x11b/0x180 [ 211.938969] ---[ end trace 0000000000000000 ]--- [ 211.965904] random: crng reseeded on system resumption [ 211.968598] Restarting kernel threads ... done. [ 211.987127] random: crng reseeded on system resumption [ 211.990845] Restarting kernel threads ... done. 16:07:43 executing program 4: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') sendmsg$SOCK_DESTROY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="300100001500040028bd7000fcdbdf252b083d000100a45ae428936b6a4b1162cfed7ad73ce5ff1fd9835f01c4216ba72de85642df2d031dbc586692b80da0d695b7bbd5c4c8d0328a0c7fd0bfc37a0000003800010024f73f3912cab6c6c6372f527412174e5fa68fcb7ab51a7be90dcf202e775e73bd43ca8c09273a81bd853449efd85556ef776903a1000100d79ab5a4bf43fedcca3971ce1dcc6cc5acc0488e1a45e38f2ec8ab3d5483a97f270b929a207edf05b226fefb3203a4354c4e041ccda50f4d485bcabdb3e218bd3ffe7ae3535d1eebcbc41cd329b13ebd56a6ae6b0323cdf2acdbed5128c6f3e8d081b46cb344d96a07cf42d378ac67949e8ae1c2f908c886711083e12b4b7281c6b01e9425199330d0c0a4edc034a68687a1fd30a230dd7501538a83b0000000000067f3238979cb4c52a3f86cd7b866300ba3eed81383dcbef2b47da17a0dee570179ae0b7f82847989c6b6e2d20cb3ae755cee324faaac46a818"], 0x130}, 0x1, 0x0, 0x0, 0x4}, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = openat2(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0xb) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) ioctl$SNAPSHOT_FREE(r4, 0x3305) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) shmget$private(0x0, 0x2000, 0x54000000, &(0x7f0000ff5000/0x2000)=nil) [ 212.098799] random: crng reseeded on system resumption [ 212.116670] hrtimer: interrupt took 15560 ns [ 212.195964] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 212.197413] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 212.199944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 212.202861] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 212.204418] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 212.207035] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 212.210290] Bluetooth: hci0: HCI_REQ-0x0c1a 16:07:43 executing program 4: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') sendmsg$SOCK_DESTROY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="300100001500040028bd7000fcdbdf252b083d000100a45ae428936b6a4b1162cfed7ad73ce5ff1fd9835f01c4216ba72de85642df2d031dbc586692b80da0d695b7bbd5c4c8d0328a0c7fd0bfc37a0000003800010024f73f3912cab6c6c6372f527412174e5fa68fcb7ab51a7be90dcf202e775e73bd43ca8c09273a81bd853449efd85556ef776903a1000100d79ab5a4bf43fedcca3971ce1dcc6cc5acc0488e1a45e38f2ec8ab3d5483a97f270b929a207edf05b226fefb3203a4354c4e041ccda50f4d485bcabdb3e218bd3ffe7ae3535d1eebcbc41cd329b13ebd56a6ae6b0323cdf2acdbed5128c6f3e8d081b46cb344d96a07cf42d378ac67949e8ae1c2f908c886711083e12b4b7281c6b01e9425199330d0c0a4edc034a68687a1fd30a230dd7501538a83b0000000000067f3238979cb4c52a3f86cd7b866300ba3eed81383dcbef2b47da17a0dee570179ae0b7f82847989c6b6e2d20cb3ae755cee324faaac46a818"], 0x130}, 0x1, 0x0, 0x0, 0x4}, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = openat2(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0xb) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) ioctl$SNAPSHOT_FREE(r4, 0x3305) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil) shmget$private(0x0, 0x2000, 0x54000000, &(0x7f0000ff5000/0x2000)=nil) [ 212.478003] random: crng reseeded on system resumption [ 212.489165] Restarting kernel threads ... done. [ 212.732942] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 212.738134] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 212.745300] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 212.762812] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 212.772640] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 212.784219] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 212.791024] Bluetooth: hci7: HCI_REQ-0x0c1a [ 214.261729] Bluetooth: hci0: command 0x0409 tx timeout [ 214.389706] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 214.708698] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 214.709251] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 214.709356] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 214.710207] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 214.836808] Bluetooth: hci7: command 0x0409 tx timeout [ 216.308690] Bluetooth: hci0: command 0x041b tx timeout [ 216.884689] Bluetooth: hci7: command 0x041b tx timeout [ 218.356850] Bluetooth: hci0: command 0x040f tx timeout [ 218.612680] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 218.932727] Bluetooth: hci7: command 0x040f tx timeout [ 218.996675] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 219.124683] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 219.125202] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 219.125634] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 220.404688] Bluetooth: hci0: command 0x0419 tx timeout [ 220.808179] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 220.809395] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 220.810524] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 220.811584] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 220.812473] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 220.813209] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 220.815169] Bluetooth: hci2: HCI_REQ-0x0c1a [ 220.980756] Bluetooth: hci7: command 0x0419 tx timeout VM DIAGNOSIS: 16:07:43 Registers: info registers vcpu 0 RAX=ffffffff84260530 RBX=ffffffff85232980 RCX=ffffffff842423c2 RDX=ffffed100d9c676d RSI=0000000000000001 RDI=ffffffff842609e3 RBP=0000000000000000 RSP=ffffffff85207e18 R8 =0000000000000000 R9 =ffff88806ce33b63 R10=ffffed100d9c676c R11=0000000000000001 R12=fffffbfff0a46530 R13=ffffffff85b02310 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff8426053b RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000001b31a23000 CR3=0000000010352000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 000000000000ff00 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000100 0000000000000000 YMM02=0000000000000000 0000000000000000 7463656a6e695f31 313230385f7a7973 YMM03=0000000000000000 0000000000000000 00007f2aa5c977c8 00007f2aa5c977c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000078 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b25c1 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888031ed7348 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000078 R11=0000000000000001 R12=0000000000000078 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b25b0 RIP=ffffffff822b2619 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f2aa3126700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb5f7d50820 CR3=0000000010352000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f2aa5c977c0 00007f2aa5c977c8 YMM02=0000000000000000 0000000000000000 00007f2aa5c977e0 00007f2aa5c977c0 YMM03=0000000000000000 0000000000000000 00007f2aa5c977c8 00007f2aa5c977c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000