Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:56225' (ECDSA) to the list of known hosts. 2022/09/14 13:30:49 fuzzer started 2022/09/14 13:30:50 dialing manager at localhost:33849 syzkaller login: [ 36.164572] cgroup: Unknown subsys name 'net' [ 36.260250] cgroup: Unknown subsys name 'rlimit' 2022/09/14 13:31:05 syscalls: 2215 2022/09/14 13:31:05 code coverage: enabled 2022/09/14 13:31:05 comparison tracing: enabled 2022/09/14 13:31:05 extra coverage: enabled 2022/09/14 13:31:05 setuid sandbox: enabled 2022/09/14 13:31:05 namespace sandbox: enabled 2022/09/14 13:31:05 Android sandbox: enabled 2022/09/14 13:31:05 fault injection: enabled 2022/09/14 13:31:05 leak checking: enabled 2022/09/14 13:31:05 net packet injection: enabled 2022/09/14 13:31:05 net device setup: enabled 2022/09/14 13:31:05 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/14 13:31:05 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/14 13:31:05 USB emulation: enabled 2022/09/14 13:31:05 hci packet injection: enabled 2022/09/14 13:31:05 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220914) 2022/09/14 13:31:05 802.15.4 emulation: enabled 2022/09/14 13:31:05 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/14 13:31:05 fetching corpus: 50, signal 36382/39900 (executing program) 2022/09/14 13:31:05 fetching corpus: 100, signal 43515/48645 (executing program) 2022/09/14 13:31:05 fetching corpus: 150, signal 51613/58157 (executing program) 2022/09/14 13:31:05 fetching corpus: 200, signal 59361/67223 (executing program) 2022/09/14 13:31:06 fetching corpus: 250, signal 68525/77465 (executing program) 2022/09/14 13:31:06 fetching corpus: 300, signal 75415/85423 (executing program) 2022/09/14 13:31:06 fetching corpus: 350, signal 81464/92532 (executing program) 2022/09/14 13:31:06 fetching corpus: 400, signal 85370/97484 (executing program) 2022/09/14 13:31:06 fetching corpus: 450, signal 90567/103642 (executing program) 2022/09/14 13:31:06 fetching corpus: 500, signal 95219/109176 (executing program) 2022/09/14 13:31:06 fetching corpus: 550, signal 99992/114691 (executing program) 2022/09/14 13:31:07 fetching corpus: 600, signal 102187/117890 (executing program) 2022/09/14 13:31:07 fetching corpus: 650, signal 105615/122092 (executing program) 2022/09/14 13:31:07 fetching corpus: 700, signal 108671/125904 (executing program) 2022/09/14 13:31:07 fetching corpus: 750, signal 111065/129117 (executing program) 2022/09/14 13:31:07 fetching corpus: 800, signal 115711/134236 (executing program) 2022/09/14 13:31:07 fetching corpus: 850, signal 119262/138322 (executing program) 2022/09/14 13:31:07 fetching corpus: 900, signal 121609/141336 (executing program) 2022/09/14 13:31:08 fetching corpus: 950, signal 123551/143983 (executing program) 2022/09/14 13:31:08 fetching corpus: 1000, signal 126333/147299 (executing program) 2022/09/14 13:31:08 fetching corpus: 1050, signal 127933/149556 (executing program) 2022/09/14 13:31:08 fetching corpus: 1100, signal 129502/151814 (executing program) 2022/09/14 13:31:08 fetching corpus: 1150, signal 131451/154334 (executing program) 2022/09/14 13:31:08 fetching corpus: 1200, signal 133528/156866 (executing program) 2022/09/14 13:31:08 fetching corpus: 1250, signal 135754/159553 (executing program) 2022/09/14 13:31:08 fetching corpus: 1300, signal 139072/163125 (executing program) 2022/09/14 13:31:09 fetching corpus: 1350, signal 141700/166020 (executing program) 2022/09/14 13:31:09 fetching corpus: 1400, signal 143423/168145 (executing program) 2022/09/14 13:31:09 fetching corpus: 1450, signal 145550/170617 (executing program) 2022/09/14 13:31:09 fetching corpus: 1500, signal 146929/172459 (executing program) 2022/09/14 13:31:09 fetching corpus: 1550, signal 148864/174674 (executing program) 2022/09/14 13:31:09 fetching corpus: 1600, signal 150448/176615 (executing program) 2022/09/14 13:31:10 fetching corpus: 1650, signal 152172/178633 (executing program) 2022/09/14 13:31:10 fetching corpus: 1700, signal 153499/180361 (executing program) 2022/09/14 13:31:10 fetching corpus: 1750, signal 155198/182292 (executing program) 2022/09/14 13:31:10 fetching corpus: 1800, signal 156298/183772 (executing program) 2022/09/14 13:31:10 fetching corpus: 1850, signal 157230/185184 (executing program) 2022/09/14 13:31:10 fetching corpus: 1900, signal 158782/186976 (executing program) 2022/09/14 13:31:10 fetching corpus: 1950, signal 160207/188596 (executing program) 2022/09/14 13:31:10 fetching corpus: 2000, signal 161375/190104 (executing program) 2022/09/14 13:31:10 fetching corpus: 2050, signal 162106/191241 (executing program) 2022/09/14 13:31:11 fetching corpus: 2100, signal 163044/192498 (executing program) 2022/09/14 13:31:11 fetching corpus: 2150, signal 164437/194016 (executing program) 2022/09/14 13:31:11 fetching corpus: 2200, signal 165333/195217 (executing program) 2022/09/14 13:31:11 fetching corpus: 2250, signal 167144/196905 (executing program) 2022/09/14 13:31:11 fetching corpus: 2300, signal 169020/198642 (executing program) 2022/09/14 13:31:11 fetching corpus: 2350, signal 170695/200305 (executing program) 2022/09/14 13:31:12 fetching corpus: 2400, signal 172066/201659 (executing program) 2022/09/14 13:31:12 fetching corpus: 2450, signal 173673/203205 (executing program) 2022/09/14 13:31:12 fetching corpus: 2500, signal 174525/204274 (executing program) 2022/09/14 13:31:12 fetching corpus: 2550, signal 175616/205424 (executing program) 2022/09/14 13:31:12 fetching corpus: 2600, signal 177039/206754 (executing program) 2022/09/14 13:31:12 fetching corpus: 2650, signal 178700/208228 (executing program) 2022/09/14 13:31:12 fetching corpus: 2700, signal 179270/209049 (executing program) 2022/09/14 13:31:13 fetching corpus: 2750, signal 180819/210408 (executing program) 2022/09/14 13:31:13 fetching corpus: 2800, signal 181718/211407 (executing program) 2022/09/14 13:31:13 fetching corpus: 2850, signal 182622/212382 (executing program) 2022/09/14 13:31:13 fetching corpus: 2900, signal 183938/213525 (executing program) 2022/09/14 13:31:13 fetching corpus: 2950, signal 185014/214568 (executing program) 2022/09/14 13:31:13 fetching corpus: 3000, signal 185726/215426 (executing program) 2022/09/14 13:31:13 fetching corpus: 3050, signal 186747/216390 (executing program) 2022/09/14 13:31:14 fetching corpus: 3100, signal 188226/217556 (executing program) 2022/09/14 13:31:14 fetching corpus: 3150, signal 189407/218574 (executing program) 2022/09/14 13:31:14 fetching corpus: 3200, signal 190870/219706 (executing program) 2022/09/14 13:31:14 fetching corpus: 3250, signal 191911/220606 (executing program) 2022/09/14 13:31:14 fetching corpus: 3300, signal 193592/221839 (executing program) 2022/09/14 13:31:14 fetching corpus: 3350, signal 194541/222614 (executing program) 2022/09/14 13:31:15 fetching corpus: 3400, signal 195481/223382 (executing program) 2022/09/14 13:31:15 fetching corpus: 3450, signal 196548/224183 (executing program) 2022/09/14 13:31:15 fetching corpus: 3500, signal 197856/225049 (executing program) 2022/09/14 13:31:15 fetching corpus: 3550, signal 199118/225892 (executing program) 2022/09/14 13:31:15 fetching corpus: 3600, signal 199764/226491 (executing program) 2022/09/14 13:31:15 fetching corpus: 3650, signal 200593/227220 (executing program) 2022/09/14 13:31:15 fetching corpus: 3700, signal 201361/227858 (executing program) 2022/09/14 13:31:16 fetching corpus: 3750, signal 202594/228638 (executing program) 2022/09/14 13:31:16 fetching corpus: 3800, signal 203524/229322 (executing program) 2022/09/14 13:31:16 fetching corpus: 3850, signal 204327/229899 (executing program) 2022/09/14 13:31:16 fetching corpus: 3900, signal 204835/230387 (executing program) 2022/09/14 13:31:16 fetching corpus: 3950, signal 205495/230912 (executing program) 2022/09/14 13:31:16 fetching corpus: 4000, signal 206423/231558 (executing program) 2022/09/14 13:31:16 fetching corpus: 4050, signal 207363/232169 (executing program) 2022/09/14 13:31:17 fetching corpus: 4100, signal 207990/232631 (executing program) 2022/09/14 13:31:17 fetching corpus: 4150, signal 208757/233106 (executing program) 2022/09/14 13:31:17 fetching corpus: 4200, signal 209681/233614 (executing program) 2022/09/14 13:31:17 fetching corpus: 4250, signal 210487/234111 (executing program) 2022/09/14 13:31:17 fetching corpus: 4300, signal 210931/234478 (executing program) 2022/09/14 13:31:17 fetching corpus: 4350, signal 211339/234870 (executing program) 2022/09/14 13:31:17 fetching corpus: 4400, signal 212173/235344 (executing program) 2022/09/14 13:31:18 fetching corpus: 4450, signal 212898/235769 (executing program) 2022/09/14 13:31:18 fetching corpus: 4500, signal 214108/236263 (executing program) 2022/09/14 13:31:18 fetching corpus: 4550, signal 214898/236712 (executing program) 2022/09/14 13:31:18 fetching corpus: 4600, signal 215622/237095 (executing program) 2022/09/14 13:31:18 fetching corpus: 4650, signal 216291/237452 (executing program) 2022/09/14 13:31:18 fetching corpus: 4700, signal 217293/237924 (executing program) 2022/09/14 13:31:18 fetching corpus: 4750, signal 218193/238322 (executing program) 2022/09/14 13:31:19 fetching corpus: 4800, signal 219119/238675 (executing program) 2022/09/14 13:31:19 fetching corpus: 4850, signal 219565/238956 (executing program) 2022/09/14 13:31:19 fetching corpus: 4900, signal 220219/239319 (executing program) 2022/09/14 13:31:19 fetching corpus: 4950, signal 220839/239614 (executing program) 2022/09/14 13:31:19 fetching corpus: 5000, signal 221432/239891 (executing program) 2022/09/14 13:31:19 fetching corpus: 5050, signal 222011/240163 (executing program) 2022/09/14 13:31:19 fetching corpus: 5100, signal 222751/240457 (executing program) 2022/09/14 13:31:20 fetching corpus: 5150, signal 223290/240665 (executing program) 2022/09/14 13:31:20 fetching corpus: 5200, signal 224189/240918 (executing program) 2022/09/14 13:31:20 fetching corpus: 5250, signal 224581/241126 (executing program) 2022/09/14 13:31:20 fetching corpus: 5300, signal 225293/241326 (executing program) 2022/09/14 13:31:20 fetching corpus: 5350, signal 225731/241481 (executing program) 2022/09/14 13:31:20 fetching corpus: 5400, signal 226161/241685 (executing program) 2022/09/14 13:31:20 fetching corpus: 5450, signal 226716/241865 (executing program) 2022/09/14 13:31:21 fetching corpus: 5500, signal 227088/242016 (executing program) 2022/09/14 13:31:21 fetching corpus: 5550, signal 227851/242204 (executing program) 2022/09/14 13:31:21 fetching corpus: 5600, signal 228606/242387 (executing program) 2022/09/14 13:31:21 fetching corpus: 5650, signal 229072/242424 (executing program) 2022/09/14 13:31:21 fetching corpus: 5700, signal 229673/242438 (executing program) 2022/09/14 13:31:21 fetching corpus: 5750, signal 230212/242473 (executing program) 2022/09/14 13:31:21 fetching corpus: 5800, signal 230842/242482 (executing program) 2022/09/14 13:31:22 fetching corpus: 5850, signal 231873/242925 (executing program) 2022/09/14 13:31:22 fetching corpus: 5900, signal 232659/242930 (executing program) 2022/09/14 13:31:22 fetching corpus: 5950, signal 233220/242948 (executing program) 2022/09/14 13:31:22 fetching corpus: 6000, signal 233589/242949 (executing program) 2022/09/14 13:31:22 fetching corpus: 6050, signal 234399/242955 (executing program) 2022/09/14 13:31:22 fetching corpus: 6098, signal 234787/242964 (executing program) 2022/09/14 13:31:22 fetching corpus: 6098, signal 234787/242964 (executing program) 2022/09/14 13:31:25 starting 8 fuzzer processes 13:31:25 executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_group_source_req(r0, 0x0, 0x30, &(0x7f0000000000)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast2}}}, 0x108) 13:31:25 executing program 1: perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') 13:31:25 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) fsetxattr$trusted_overlay_upper(r0, &(0x7f0000000040), 0x0, 0x0, 0x0) 13:31:25 executing program 4: syz_io_uring_setup(0x2, &(0x7f00000064c0)={0x0, 0xc398, 0x8}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000006540), 0x0) fork() 13:31:25 executing program 3: syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @dev, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b0e0ee", 0x0, 0x2b, 0x0, @private0, @mcast2}}}}, 0x0) [ 71.453614] audit: type=1400 audit(1663162285.733:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:31:25 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r0, 0x0, 0x0) keyctl$join(0x1, 0x0) keyctl$join(0x12, 0x0) 13:31:25 executing program 6: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x156363be49a4198b, 0x12, r0, 0x0) 13:31:25 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'lo\x00'}) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xc}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random="94031c855deb"}, 0x14) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00'}) [ 72.668828] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.672561] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.674021] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.678784] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.690553] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 72.691941] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.698050] Bluetooth: hci0: HCI_REQ-0x0c1a [ 72.862450] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.863616] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.866686] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.868124] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.868432] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.871411] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.873358] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.877452] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.878120] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.881232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.884417] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.890182] Bluetooth: hci4: HCI_REQ-0x0c1a [ 72.894936] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.896206] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.898516] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.900239] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.903766] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.903851] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.909756] Bluetooth: hci5: HCI_REQ-0x0c1a [ 72.909769] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.928647] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.931073] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.935718] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.935799] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.938494] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.944645] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 72.945702] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.947851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.964737] Bluetooth: hci2: HCI_REQ-0x0c1a [ 72.966032] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.980599] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.985624] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.991962] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.994349] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 73.000555] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 73.003477] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 73.004521] Bluetooth: hci3: HCI_REQ-0x0c1a [ 73.006233] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 73.010622] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 73.013647] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 73.015021] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 73.023236] Bluetooth: hci7: HCI_REQ-0x0c1a [ 74.746942] Bluetooth: hci0: command 0x0409 tx timeout [ 74.810365] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 74.938565] Bluetooth: hci5: command 0x0409 tx timeout [ 74.939869] Bluetooth: hci4: command 0x0409 tx timeout [ 75.002392] Bluetooth: hci2: command 0x0409 tx timeout [ 75.003396] Bluetooth: hci6: command 0x0409 tx timeout [ 75.066421] Bluetooth: hci7: command 0x0409 tx timeout [ 75.067438] Bluetooth: hci3: command 0x0409 tx timeout [ 76.794361] Bluetooth: hci0: command 0x041b tx timeout [ 76.987455] Bluetooth: hci4: command 0x041b tx timeout [ 76.989168] Bluetooth: hci5: command 0x041b tx timeout [ 77.050403] Bluetooth: hci6: command 0x041b tx timeout [ 77.050956] Bluetooth: hci2: command 0x041b tx timeout [ 77.114357] Bluetooth: hci3: command 0x041b tx timeout [ 77.114919] Bluetooth: hci7: command 0x041b tx timeout [ 77.936719] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.937844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.939388] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.945919] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.951439] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 77.955833] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 77.963735] Bluetooth: hci1: HCI_REQ-0x0c1a [ 78.842496] Bluetooth: hci0: command 0x040f tx timeout [ 79.034584] Bluetooth: hci5: command 0x040f tx timeout [ 79.035929] Bluetooth: hci4: command 0x040f tx timeout [ 79.098745] Bluetooth: hci2: command 0x040f tx timeout [ 79.099854] Bluetooth: hci6: command 0x040f tx timeout [ 79.162411] Bluetooth: hci7: command 0x040f tx timeout [ 79.166597] Bluetooth: hci3: command 0x040f tx timeout [ 79.994412] Bluetooth: hci1: command 0x0409 tx timeout [ 80.891347] Bluetooth: hci0: command 0x0419 tx timeout [ 81.082414] Bluetooth: hci4: command 0x0419 tx timeout [ 81.083014] Bluetooth: hci5: command 0x0419 tx timeout [ 81.146378] Bluetooth: hci6: command 0x0419 tx timeout [ 81.146972] Bluetooth: hci2: command 0x0419 tx timeout [ 81.211427] Bluetooth: hci3: command 0x0419 tx timeout [ 81.212025] Bluetooth: hci7: command 0x0419 tx timeout [ 82.042466] Bluetooth: hci1: command 0x041b tx timeout [ 84.091339] Bluetooth: hci1: command 0x040f tx timeout [ 86.139412] Bluetooth: hci1: command 0x0419 tx timeout [ 134.464079] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 134.467400] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 134.469260] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 134.472197] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 134.474115] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 134.475610] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 134.481625] Bluetooth: hci0: HCI_REQ-0x0c1a [ 134.725163] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 134.728003] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 134.729496] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 134.732627] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 134.734764] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 134.736273] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 134.748426] Bluetooth: hci2: HCI_REQ-0x0c1a [ 134.844901] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 134.849535] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 134.850866] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 134.853641] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 134.854770] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 134.857800] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 134.862933] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 134.864840] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 134.866520] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 134.872679] Bluetooth: hci5: HCI_REQ-0x0c1a [ 134.890135] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 134.892592] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 134.894832] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 134.899261] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 134.903274] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 134.905464] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 134.916444] Bluetooth: hci7: HCI_REQ-0x0c1a [ 134.955476] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 134.968741] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 134.974398] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 134.994425] Bluetooth: hci4: HCI_REQ-0x0c1a [ 136.507467] Bluetooth: hci0: command 0x0409 tx timeout [ 136.763373] Bluetooth: hci2: command 0x0409 tx timeout [ 136.827374] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 136.828594] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 136.890373] Bluetooth: hci5: command 0x0409 tx timeout [ 136.955353] Bluetooth: hci7: command 0x0409 tx timeout [ 137.018372] Bluetooth: hci4: command 0x0409 tx timeout [ 138.554364] Bluetooth: hci0: command 0x041b tx timeout [ 138.810386] Bluetooth: hci2: command 0x041b tx timeout [ 138.938465] Bluetooth: hci5: command 0x041b tx timeout [ 139.002435] Bluetooth: hci7: command 0x041b tx timeout [ 139.067754] Bluetooth: hci4: command 0x041b tx timeout [ 139.483291] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 139.490694] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 139.494626] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 139.500541] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 139.504572] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 139.506253] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 139.513395] Bluetooth: hci1: HCI_REQ-0x0c1a [ 139.774909] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 139.779553] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 139.782934] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 139.785891] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 139.788165] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 139.794674] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 139.802411] Bluetooth: hci3: HCI_REQ-0x0c1a [ 140.057156] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 140.058825] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 140.059724] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 140.062856] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 140.064597] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 140.065560] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 140.075384] Bluetooth: hci6: HCI_REQ-0x0c1a [ 140.602446] Bluetooth: hci0: command 0x040f tx timeout [ 140.867323] Bluetooth: hci2: command 0x040f tx timeout [ 141.002331] Bluetooth: hci5: command 0x040f tx timeout [ 141.051394] Bluetooth: hci7: command 0x040f tx timeout [ 141.114576] Bluetooth: hci4: command 0x040f tx timeout [ 141.562356] Bluetooth: hci1: command 0x0409 tx timeout [ 141.818513] Bluetooth: hci3: command 0x0409 tx timeout [ 142.138385] Bluetooth: hci6: command 0x0409 tx timeout [ 142.650430] Bluetooth: hci0: command 0x0419 tx timeout [ 142.907154] Bluetooth: hci2: command 0x0419 tx timeout [ 143.034495] Bluetooth: hci5: command 0x0419 tx timeout [ 143.098451] Bluetooth: hci7: command 0x0419 tx timeout [ 143.162658] Bluetooth: hci4: command 0x0419 tx timeout [ 143.610388] Bluetooth: hci1: command 0x041b tx timeout [ 143.866491] Bluetooth: hci3: command 0x041b tx timeout [ 144.186396] Bluetooth: hci6: command 0x041b tx timeout [ 145.658585] Bluetooth: hci1: command 0x040f tx timeout [ 145.914376] Bluetooth: hci3: command 0x040f tx timeout [ 146.234507] Bluetooth: hci6: command 0x040f tx timeout [ 147.706394] Bluetooth: hci1: command 0x0419 tx timeout [ 147.962378] Bluetooth: hci3: command 0x0419 tx timeout [ 148.282388] Bluetooth: hci6: command 0x0419 tx timeout 13:33:23 executing program 6: personality(0x400000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x9, 0x80032, 0xffffffffffffffff, 0x0) 13:33:23 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'veth1_to_bridge\x00'}) 13:33:24 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$bt_hci(r0, 0x0, 0x0, 0x0, 0x0) 13:33:24 executing program 6: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0xbbf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x200000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x1200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x44142, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x800, 0x0) readv(r1, &(0x7f0000000300)=[{&(0x7f0000000140)=""/147, 0x93}, {&(0x7f0000000200)=""/116, 0x74}], 0x2) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) io_setup(0x20, &(0x7f0000000000)=0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) io_submit(r3, 0x1, &(0x7f0000000080)=[&(0x7f0000000040)={0x0, 0x0, 0x8, 0x0, 0x0, r4, 0x0, 0x7ffffffff000}]) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x1f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x1, 0x40008}, 0x0, 0x0, 0x41, 0x0, 0x2, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) read$hiddev(0xffffffffffffffff, &(0x7f0000000040)=""/169, 0x200000e9) [ 190.457171] audit: type=1400 audit(1663162404.737:7): avc: denied { open } for pid=7122 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 190.461414] audit: type=1400 audit(1663162404.737:8): avc: denied { kernel } for pid=7122 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 190.503449] ------------[ cut here ]------------ [ 190.503484] [ 190.503489] ====================================================== [ 190.503496] WARNING: possible circular locking dependency detected [ 190.503503] 6.0.0-rc5-next-20220914 #1 Not tainted [ 190.503514] ------------------------------------------------------ [ 190.503520] syz-executor.6/7123 is trying to acquire lock: [ 190.503532] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 190.503595] [ 190.503595] but task is already holding lock: [ 190.503600] ffff8880175acc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 190.503649] [ 190.503649] which lock already depends on the new lock. [ 190.503649] [ 190.503655] [ 190.503655] the existing dependency chain (in reverse order) is: [ 190.503661] [ 190.503661] -> #3 (&ctx->lock){....}-{2:2}: [ 190.503687] _raw_spin_lock+0x2a/0x40 [ 190.503716] __perf_event_task_sched_out+0x53b/0x18d0 [ 190.503739] __schedule+0xedd/0x2470 [ 190.503758] schedule+0xda/0x1b0 [ 190.503776] exit_to_user_mode_prepare+0x114/0x1a0 [ 190.503812] syscall_exit_to_user_mode+0x19/0x40 [ 190.503843] do_syscall_64+0x48/0x90 [ 190.503868] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 190.503899] [ 190.503899] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 190.503925] _raw_spin_lock_nested+0x30/0x40 [ 190.503952] raw_spin_rq_lock_nested+0x1e/0x30 [ 190.503975] task_fork_fair+0x63/0x4d0 [ 190.504005] sched_cgroup_fork+0x3d0/0x540 [ 190.504030] copy_process+0x4183/0x6e20 [ 190.504049] kernel_clone+0xe7/0x890 [ 190.504066] user_mode_thread+0xad/0xf0 [ 190.504085] rest_init+0x24/0x250 [ 190.504114] arch_call_rest_init+0xf/0x14 [ 190.504135] start_kernel+0x4c1/0x4e6 [ 190.504153] secondary_startup_64_no_verify+0xe0/0xeb [ 190.504178] [ 190.504178] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 190.504203] _raw_spin_lock_irqsave+0x39/0x60 [ 190.504231] try_to_wake_up+0xab/0x1920 [ 190.504255] up+0x75/0xb0 [ 190.504275] __up_console_sem+0x6e/0x80 [ 190.504304] console_unlock+0x46a/0x590 [ 190.504332] do_con_write+0xc05/0x1d50 [ 190.504352] con_write+0x21/0x40 [ 190.504369] n_tty_write+0x4d4/0xfe0 [ 190.504393] file_tty_write.constprop.0+0x49c/0x8f0 [ 190.504418] vfs_write+0x9c3/0xd90 [ 190.504450] ksys_write+0x127/0x250 [ 190.504480] do_syscall_64+0x3b/0x90 [ 190.504503] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 190.504534] [ 190.504534] -> #0 ((console_sem).lock){....}-{2:2}: [ 190.504560] __lock_acquire+0x2a02/0x5e70 [ 190.504590] lock_acquire+0x1a2/0x530 [ 190.504618] _raw_spin_lock_irqsave+0x39/0x60 [ 190.504645] down_trylock+0xe/0x70 [ 190.504668] __down_trylock_console_sem+0x3b/0xd0 [ 190.504697] vprintk_emit+0x16b/0x560 [ 190.504727] vprintk+0x84/0xa0 [ 190.504756] _printk+0xba/0xf1 [ 190.504786] report_bug.cold+0x72/0xab [ 190.504809] handle_bug+0x3c/0x70 [ 190.504832] exc_invalid_op+0x14/0x50 [ 190.504856] asm_exc_invalid_op+0x16/0x20 [ 190.504885] group_sched_out.part.0+0x2c7/0x460 [ 190.504905] ctx_sched_out+0x8f1/0xc10 [ 190.504922] __perf_event_task_sched_out+0x6d0/0x18d0 [ 190.504945] __schedule+0xedd/0x2470 [ 190.504963] schedule+0xda/0x1b0 [ 190.504980] exit_to_user_mode_prepare+0x114/0x1a0 [ 190.505014] syscall_exit_to_user_mode+0x19/0x40 [ 190.505045] do_syscall_64+0x48/0x90 [ 190.505068] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 190.505109] [ 190.505109] other info that might help us debug this: [ 190.505109] [ 190.505114] Chain exists of: [ 190.505114] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 190.505114] [ 190.505141] Possible unsafe locking scenario: [ 190.505141] [ 190.505146] CPU0 CPU1 [ 190.505150] ---- ---- [ 190.505154] lock(&ctx->lock); [ 190.505164] lock(&rq->__lock); [ 190.505176] lock(&ctx->lock); [ 190.505188] lock((console_sem).lock); [ 190.505198] [ 190.505198] *** DEADLOCK *** [ 190.505198] [ 190.505202] 2 locks held by syz-executor.6/7123: [ 190.505215] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 190.505262] #1: ffff8880175acc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 190.505314] [ 190.505314] stack backtrace: [ 190.505318] CPU: 1 PID: 7123 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220914 #1 [ 190.505342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 190.505357] Call Trace: [ 190.505363] [ 190.505369] dump_stack_lvl+0x8b/0xb3 [ 190.505397] check_noncircular+0x263/0x2e0 [ 190.505427] ? format_decode+0x26c/0xb50 [ 190.505453] ? print_circular_bug+0x450/0x450 [ 190.505485] ? enable_ptr_key_workfn+0x20/0x20 [ 190.505512] ? format_decode+0x26c/0xb50 [ 190.505540] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 190.505573] __lock_acquire+0x2a02/0x5e70 [ 190.505612] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 190.505653] lock_acquire+0x1a2/0x530 [ 190.505683] ? down_trylock+0xe/0x70 [ 190.505710] ? rcu_read_unlock+0x40/0x40 [ 190.505748] ? vprintk+0x84/0xa0 [ 190.505780] _raw_spin_lock_irqsave+0x39/0x60 [ 190.505809] ? down_trylock+0xe/0x70 [ 190.505833] down_trylock+0xe/0x70 [ 190.505857] ? vprintk+0x84/0xa0 [ 190.505888] __down_trylock_console_sem+0x3b/0xd0 [ 190.505920] vprintk_emit+0x16b/0x560 [ 190.505954] vprintk+0x84/0xa0 [ 190.505986] _printk+0xba/0xf1 [ 190.506018] ? record_print_text.cold+0x16/0x16 [ 190.506058] ? report_bug.cold+0x66/0xab [ 190.506084] ? group_sched_out.part.0+0x2c7/0x460 [ 190.506105] report_bug.cold+0x72/0xab [ 190.506133] handle_bug+0x3c/0x70 [ 190.506158] exc_invalid_op+0x14/0x50 [ 190.506184] asm_exc_invalid_op+0x16/0x20 [ 190.506215] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 190.506240] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 190.506261] RSP: 0018:ffff88803b47fc48 EFLAGS: 00010006 [ 190.506277] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.506291] RDX: ffff888032e11ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 190.506306] RBP: ffff88803b5e0000 R08: 0000000000000005 R09: 0000000000000001 [ 190.506319] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff8880175acc00 [ 190.506334] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 190.506355] ? group_sched_out.part.0+0x2c7/0x460 [ 190.506379] ? group_sched_out.part.0+0x2c7/0x460 [ 190.506403] ctx_sched_out+0x8f1/0xc10 [ 190.506426] __perf_event_task_sched_out+0x6d0/0x18d0 [ 190.506454] ? lock_is_held_type+0xd7/0x130 [ 190.506487] ? __perf_cgroup_move+0x160/0x160 [ 190.506509] ? set_next_entity+0x304/0x550 [ 190.506541] ? update_curr+0x267/0x740 [ 190.506574] ? lock_is_held_type+0xd7/0x130 [ 190.506608] __schedule+0xedd/0x2470 [ 190.506633] ? io_schedule_timeout+0x150/0x150 [ 190.506656] ? rcu_read_lock_sched_held+0x3e/0x80 [ 190.506693] schedule+0xda/0x1b0 [ 190.506714] exit_to_user_mode_prepare+0x114/0x1a0 [ 190.506751] syscall_exit_to_user_mode+0x19/0x40 [ 190.506783] do_syscall_64+0x48/0x90 [ 190.506809] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 190.506841] RIP: 0033:0x7fce35a2bb19 [ 190.506857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 190.506877] RSP: 002b:00007fce32fa1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 190.506897] RAX: 0000000000000001 RBX: 00007fce35b3ef68 RCX: 00007fce35a2bb19 [ 190.506911] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fce35b3ef6c [ 190.506924] RBP: 00007fce35b3ef60 R08: 000000000000000e R09: 0000000000000000 [ 190.506938] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fce35b3ef6c [ 190.506951] R13: 00007ffc4b38d3ef R14: 00007fce32fa1300 R15: 0000000000022000 [ 190.506975] [ 190.619070] WARNING: CPU: 1 PID: 7123 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 190.620279] Modules linked in: [ 190.620706] CPU: 1 PID: 7123 Comm: syz-executor.6 Not tainted 6.0.0-rc5-next-20220914 #1 [ 190.621781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 190.623227] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 190.623927] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 190.626283] RSP: 0018:ffff88803b47fc48 EFLAGS: 00010006 [ 190.626984] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 190.627919] RDX: ffff888032e11ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 190.628852] RBP: ffff88803b5e0000 R08: 0000000000000005 R09: 0000000000000001 [ 190.629811] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff8880175acc00 [ 190.630741] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 190.631685] FS: 00007fce32fa1700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 190.632751] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.633542] CR2: 00007f38658d9000 CR3: 000000000e92a000 CR4: 0000000000350ee0 [ 190.634485] Call Trace: [ 190.634833] [ 190.635146] ctx_sched_out+0x8f1/0xc10 [ 190.635668] __perf_event_task_sched_out+0x6d0/0x18d0 [ 190.636363] ? lock_is_held_type+0xd7/0x130 [ 190.636956] ? __perf_cgroup_move+0x160/0x160 [ 190.637569] ? set_next_entity+0x304/0x550 [ 190.638152] ? update_curr+0x267/0x740 [ 190.638687] ? lock_is_held_type+0xd7/0x130 [ 190.639274] __schedule+0xedd/0x2470 [ 190.639778] ? io_schedule_timeout+0x150/0x150 [ 190.640394] ? rcu_read_lock_sched_held+0x3e/0x80 [ 190.641050] schedule+0xda/0x1b0 [ 190.641533] exit_to_user_mode_prepare+0x114/0x1a0 [ 190.642215] syscall_exit_to_user_mode+0x19/0x40 [ 190.642873] do_syscall_64+0x48/0x90 [ 190.643391] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 190.644092] RIP: 0033:0x7fce35a2bb19 [ 190.644591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 190.646969] RSP: 002b:00007fce32fa1218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 190.647960] RAX: 0000000000000001 RBX: 00007fce35b3ef68 RCX: 00007fce35a2bb19 [ 190.648898] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fce35b3ef6c [ 190.649839] RBP: 00007fce35b3ef60 R08: 000000000000000e R09: 0000000000000000 [ 190.650788] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fce35b3ef6c [ 190.651724] R13: 00007ffc4b38d3ef R14: 00007fce32fa1300 R15: 0000000000022000 [ 190.652683] [ 190.653003] irq event stamp: 888 [ 190.653469] hardirqs last enabled at (887): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 190.654710] hardirqs last disabled at (888): [] __schedule+0x1225/0x2470 [ 190.655790] softirqs last enabled at (756): [] __irq_exit_rcu+0x11b/0x180 [ 190.656904] softirqs last disabled at (747): [] __irq_exit_rcu+0x11b/0x180 [ 190.658041] ---[ end trace 0000000000000000 ]--- [ 191.803310] hrtimer: interrupt took 15839 ns [ 197.882450] Bluetooth: hci2: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 13:33:25 Registers: info registers vcpu 0 RAX=ffff888040838001 RBX=ffff888040837e00 RCX=0000000000000001 RDX=ffff888040837e08 RSI=ffff888040837dd0 RDI=ffff888040837750 RBP=ffff888040830000 RSP=ffff8880408376c0 R8 =ffffffff85ecb7e8 R9 =ffffffff85ecb7ec R10=ffffed1008106ef5 R11=ffff888040837780 R12=ffff888040837781 R13=ffff8880408377a0 R14=ffff888040837740 R15=0000000000000005 RIP=ffffffff8111c0cc RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff05c43f028 CR3=000000003b418000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 6f732e616d7a6c62 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00352e6f732e616d 7a6c62696c2f756e YMM03=0000000000000000 0000000000000000 672d78756e696c2d 34365f3638782f62 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff822b246c RDI=ffffffff87641b60 RBP=ffffffff87641b20 RSP=ffff88803b47f6a0 R8 =0000000000000001 R9 =ffff88803b47f62b R10=ffffed100768fec5 R11=0000000000000001 R12=000000000000005c R13=ffffffff87641b20 R14=ffffffff87641b70 R15=ffffffff87641dc8 RIP=ffffffff822b24c1 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fce32fa1700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f38658d9000 CR3=000000000e92a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fce35b127c0 00007fce35b127c8 YMM02=0000000000000000 0000000000000000 00007fce35b127e0 00007fce35b127c0 YMM03=0000000000000000 0000000000000000 00007fce35b127c8 00007fce35b127c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000