Warning: Permanently added '[localhost]:15018' (ECDSA) to the list of known hosts. 2022/09/15 11:45:26 fuzzer started 2022/09/15 11:45:26 dialing manager at localhost:36559 syzkaller login: [ 36.075948] cgroup: Unknown subsys name 'net' [ 36.175925] cgroup: Unknown subsys name 'rlimit' 2022/09/15 11:45:40 syscalls: 2215 2022/09/15 11:45:40 code coverage: enabled 2022/09/15 11:45:40 comparison tracing: enabled 2022/09/15 11:45:40 extra coverage: enabled 2022/09/15 11:45:40 setuid sandbox: enabled 2022/09/15 11:45:40 namespace sandbox: enabled 2022/09/15 11:45:40 Android sandbox: enabled 2022/09/15 11:45:40 fault injection: enabled 2022/09/15 11:45:40 leak checking: enabled 2022/09/15 11:45:40 net packet injection: enabled 2022/09/15 11:45:40 net device setup: enabled 2022/09/15 11:45:40 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/15 11:45:40 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/15 11:45:40 USB emulation: enabled 2022/09/15 11:45:40 hci packet injection: enabled 2022/09/15 11:45:40 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220915) 2022/09/15 11:45:40 802.15.4 emulation: enabled 2022/09/15 11:45:40 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/15 11:45:40 fetching corpus: 30, signal 23441/26863 (executing program) 2022/09/15 11:45:41 fetching corpus: 73, signal 34514/39217 (executing program) 2022/09/15 11:45:41 fetching corpus: 123, signal 46060/51788 (executing program) 2022/09/15 11:45:41 fetching corpus: 173, signal 52932/59664 (executing program) 2022/09/15 11:45:41 fetching corpus: 223, signal 63405/70693 (executing program) 2022/09/15 11:45:41 fetching corpus: 273, signal 71691/79592 (executing program) 2022/09/15 11:45:41 fetching corpus: 323, signal 76670/85239 (executing program) 2022/09/15 11:45:41 fetching corpus: 373, signal 81003/90158 (executing program) 2022/09/15 11:45:42 fetching corpus: 423, signal 84263/94084 (executing program) 2022/09/15 11:45:42 fetching corpus: 473, signal 88839/99017 (executing program) 2022/09/15 11:45:42 fetching corpus: 523, signal 91119/101859 (executing program) 2022/09/15 11:45:42 fetching corpus: 573, signal 94995/106071 (executing program) 2022/09/15 11:45:42 fetching corpus: 623, signal 97013/108650 (executing program) 2022/09/15 11:45:42 fetching corpus: 673, signal 99505/111518 (executing program) 2022/09/15 11:45:42 fetching corpus: 723, signal 101124/113743 (executing program) 2022/09/15 11:45:43 fetching corpus: 773, signal 104942/117578 (executing program) 2022/09/15 11:45:43 fetching corpus: 823, signal 108978/121431 (executing program) 2022/09/15 11:45:43 fetching corpus: 873, signal 111017/123758 (executing program) 2022/09/15 11:45:43 fetching corpus: 923, signal 112493/125515 (executing program) 2022/09/15 11:45:43 fetching corpus: 973, signal 115236/128238 (executing program) 2022/09/15 11:45:43 fetching corpus: 1023, signal 118030/130918 (executing program) 2022/09/15 11:45:44 fetching corpus: 1073, signal 119958/132944 (executing program) 2022/09/15 11:45:44 fetching corpus: 1123, signal 121479/134607 (executing program) 2022/09/15 11:45:44 fetching corpus: 1173, signal 124242/137091 (executing program) 2022/09/15 11:45:44 fetching corpus: 1223, signal 125514/138500 (executing program) 2022/09/15 11:45:44 fetching corpus: 1273, signal 127247/140220 (executing program) 2022/09/15 11:45:44 fetching corpus: 1323, signal 128701/141689 (executing program) 2022/09/15 11:45:45 fetching corpus: 1373, signal 129833/142922 (executing program) 2022/09/15 11:45:45 fetching corpus: 1423, signal 131624/144530 (executing program) 2022/09/15 11:45:45 fetching corpus: 1473, signal 133393/146060 (executing program) 2022/09/15 11:45:45 fetching corpus: 1523, signal 134990/147446 (executing program) 2022/09/15 11:45:45 fetching corpus: 1573, signal 137600/149527 (executing program) 2022/09/15 11:45:45 fetching corpus: 1623, signal 139412/151081 (executing program) 2022/09/15 11:45:45 fetching corpus: 1673, signal 141434/152600 (executing program) 2022/09/15 11:45:46 fetching corpus: 1723, signal 142502/153556 (executing program) 2022/09/15 11:45:46 fetching corpus: 1773, signal 144846/155177 (executing program) 2022/09/15 11:45:46 fetching corpus: 1823, signal 146245/156223 (executing program) 2022/09/15 11:45:46 fetching corpus: 1873, signal 147763/157293 (executing program) 2022/09/15 11:45:46 fetching corpus: 1923, signal 149538/158468 (executing program) 2022/09/15 11:45:46 fetching corpus: 1973, signal 150859/159428 (executing program) 2022/09/15 11:45:46 fetching corpus: 2023, signal 151946/160248 (executing program) 2022/09/15 11:45:47 fetching corpus: 2073, signal 153633/161350 (executing program) 2022/09/15 11:45:47 fetching corpus: 2123, signal 155932/162920 (executing program) 2022/09/15 11:45:47 fetching corpus: 2173, signal 156974/163560 (executing program) 2022/09/15 11:45:47 fetching corpus: 2223, signal 158046/164214 (executing program) 2022/09/15 11:45:47 fetching corpus: 2273, signal 158856/164705 (executing program) 2022/09/15 11:45:47 fetching corpus: 2323, signal 160241/165489 (executing program) 2022/09/15 11:45:48 fetching corpus: 2373, signal 161676/166157 (executing program) 2022/09/15 11:45:48 fetching corpus: 2422, signal 162823/166725 (executing program) 2022/09/15 11:45:48 fetching corpus: 2433, signal 163490/167056 (executing program) 2022/09/15 11:45:48 fetching corpus: 2433, signal 163490/167129 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167227 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167299 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167364 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167443 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167521 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167589 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167661 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167714 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167795 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163506/167850 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/167920 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/167990 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168053 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168115 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168180 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168249 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168306 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168365 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168427 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168503 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168573 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168637 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168704 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168780 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168859 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/168935 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/169009 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/169070 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/169122 (executing program) 2022/09/15 11:45:48 fetching corpus: 2434, signal 163517/169122 (executing program) 2022/09/15 11:45:51 starting 8 fuzzer processes 11:45:51 executing program 0: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x11, &(0x7f00000001c0)=ANY=[], 0x8) 11:45:51 executing program 1: ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000340)={'\x00', 0x80, 0x3f, 0x7fffffff, 0x0, 0x2, r2}) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000100)=0x0) r5 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x1, 0xd6c2}) ioctl$SCSI_IOCTL_DOORLOCK(r5, 0x5380) ioctl$BLKTRACETEARDOWN(r5, 0x1276, 0x0) syz_open_procfs(r4, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 11:45:51 executing program 2: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$selinux_attr(0xffffffffffffffff, &(0x7f0000000000)='/usr/sbin/cups-browsed\x00', 0x17) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r1, 0xc018937a, &(0x7f0000000200)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x8}}, './file0\x00'}) poll(&(0x7f00000001c0)=[{r0, 0x400}, {r0, 0x240}, {r0, 0x4}, {r0, 0x300}, {r1, 0x210}, {0xffffffffffffffff, 0x80}, {r2, 0x6600}], 0x7, 0x3) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff66, 0x0, @perf_config_ext, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x20010, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'rose0\x00'}) [ 60.804967] audit: type=1400 audit(1663242351.473:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:45:51 executing program 3: r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r0, &(0x7f00000019c0)={0x24, @long}, 0x6) 11:45:51 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000140)={@remote, @broadcast}, 0x8) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9d, 0x9}}, './file0\x00'}) 11:45:51 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$sock_int(r0, 0x1, 0x30, 0x0, &(0x7f0000000080)) 11:45:51 executing program 5: io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x2, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[]) r0 = openat$null(0xffffffffffffff9c, 0x0, 0x100000, 0x0) chdir(&(0x7f0000000140)='./file0\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000005e2c0)={0x0, 0x0, "d1f14792bb10750ea9e86f2109c85a306eac969c225abcf9542493077458dc50dd5546ef22c70a8bd6b5a45e86c81b77924f226ab6e09915cbe829241e71703056bc95c7386df10315c79284a94c638e15bb1a293b37fce9ccef990b6b10fb9c04f3786fecc4e7d36ad34a037174328cfbd507df8590cdb8df705efb63f6d543b899d97ca79e8c4414fd5da623d28f9252c13428af0998f63ad30f909619b043f0a7aa899a6d92a2a5e61460066587029f38eff5aeafc3e8b67b97ebf6c447380bd9fd03521069fdc0d128d6041c0c873b2d58b8881c4a4c74e260693309049d39b69a09df12caf88245f7f4dc058c0fb2295afbe717134ff663413f7d075e5e", "950b8bbc34bf9b44a5f783e82416e13437591aaea9e99d56d9fa2b62c996fb937ef8e5bb361a4eb72e3b338b3d456d93c2993fc14a84c9df4fca9a60ad24fe51c5a3fc272feb82e0053d62793dcbb53a9aac338c90f5cdae9589decd38f50a09d93770fe9fffa2570bae21a6c16607cb009087b6f6850ff959c7cde98a4e32896d4e19a961e665ed3624ef5c69dc0964b4e762a597e962c8f0c77006ae2c2e61c9d589d8075d51ad024b5e6af6d9ad992d0bf7c9b663e91485d32a9e7ee3febf65c5d7f7d8cf1d6ee7a1d12df1d9a056d2c44371e7d7376e0baa911ce2fb91f811506149e1b2bcf3dc0e9c94a294388d4636547a098e57bad5c0bf1ee2d21aabc22fc193ed1e85886abdeb6944ead2082984e3b7724633f58c76185a0e7814cf6745bb5ca89b88abdf102a0bcf9fb0c1b2eed6553ee3a0eab3b9bcebf70187adf95f5a2564a6d081679f6988f7e0fffda8c75027eec9fd9177d245704a2f1348f6aa2141357964efb85de30e3be48ba72b34f46a53c393aacb648b728316adf6edc89a128dac296e8022e3457cda709d3f4ee82e744910890ba79420b32572d19d21d965bb5f7be6713d2aff1c6a47589d00d173a4f7f75c191247fb6eea511c85f1f2ca3389aeec86fa05b79a53eadd44f6928fd6492e18d1de7614e68ab21dfd71508786e535de92de39236ea42fbaa81ae85784b5c24c89f6bee084493fc227b3c9f620efa3b7c13b48c1bd1bc20f5972f2a94a68b6717e2f0524741ee7d55a39eee078436f0af9a982a0953bd1cd57849007d08bfbf1dfe814c8448539baa1c5b8ced883da94c7b946cb9e205c83941172aa1bc8e710fe6efec7ef16639408348485e6890ea289fabb6a872c634aa21059ca2bd3cf3deae4bfada536780a9f11ef2a84a17bc2e5ffefc8b7f1aa708f2d89e496578b78381a82916a7a2b36413b76171af62915c76d20d2ec695f0d7dd0ae6a5a890e1070500a62f4267321900efe7073474e030a3ab8086275b552ac0ca8e94f438307b354e39005cddc582c5da0f3753b37643cc13bdff1efef66055f16e871e8ad26a502e5e7509d05f98f32f3f0b5d563c498e860b5b931e36ccd1e7d7f5a0904288aecd9c6a5bbda28d43169cb7967d69d124f5cf6fd1574ba9a9eabd5b8b0b27bb48ac5659c2734e21eb8cd71ba8c7fd8ff7b7cb65d7d127ff0f53fc25d2f3eb05586d7299eb8cb1eb255a460c9a05151ceead842b1c21e8c19ebecf6cb1a7f9a19a254c9e39bfbcb905d6d0265b37fae4d15ef8e4c56f82bf976662e0d258c2e7ba2ebe6ca3e9ea3d0ea52ee8b67d8f318a2a27a716977d4fe916264e11788a1e80dde6a0100b156b89f11e4e3bf78c66d535e46477fcd9f568578523406f21a6796ac3c1e0f6ba31a471f359579b103299799606a766a1ca7148c153d85c5420bd1e1ee0564c08c88dec5d248eccf1f63cf01015197f6a3fa61a598e8ad327cd6dfe3cf9f0b4e685dc0e9b10908f68b2290a3741a90991e1f67c04015a780a87c89644280b032722ceb2531bbed8e4459edad3409cbe1ddfd071052277cd908cebe5c00009c3f3a33b9ec60b200e700eb9d48954461c82591a5ffeec87f12d081d30e4c61999879c607cc653a3b2478439b42ea05b469534f20653d8d61a55e9761dd331386109af0b2453eb2e8ba54e7c16e890727c133b442956db67278d661166a9290d4fe8008821649eeefba119ba3776597654a546611693db7b3fc63aa2d01047dbf8a6db146b0fcf3afc8d819575f642dc87ffbd0a42bb68c20f1ea1dac2804db95adab571d2ca60c679a8db02ba3cd5765713e5c3748205b56fd3f6f6e32f628c5b986b1f9d218df36b03db78ee74544555dfa7506a939f48c10a9df0620a841f7e9c67cbf5b367c4c0bbd69b76956326f1737d143d49619691433473fd5fed20fc5710ff0f7c6288a4071f02f741532e3080d59b039466ab62972ecc563ee511e8a9d56fa7179569f1d2420ddc90c62d654331771dd8515ecb6d9030901de113996870c1d921fca0d39a5da13183ab12506008f3074a26ef1990fdabfea0d42d346748959a35e0e07c447c03a591c54ae61186cf579e2636e89d3b3f06c5a019330dbb2d313cff036624a789abb4d5a76ea83e31774be2280de447a053e29a2cb6c4fe62292b61e6513098cc0269a6d526aab3dba820ebe9408839a8f96a5cd09bb29dd6e1b2bdfd31d6b93ceb47976f6650f0c294b061fd25118d364cb0654b0f87741953c3fb2a590394179678b1fab1390db08d599bc418f168f4aa56ebbf3fc9f1597151c83e989770349402695c8b2bfd2b488e0735a071650d4fe1420804c66ce4261424f60424c0390397e7eea3ca904173b8620d74799ae84204abc9548801f3ca29973a33110c6b13d0aaaf316948e1d6fb99ca3150864361418d7f05f39ba7b9026a356f185ad23542e6f0af8d71989486bde21d7451acf86bab6ed27271f395ab31e88e6cd6ff6da710e6ae680fc1711a1319694f9ac56cdcfd46a10db35295627a7dcd4c605e98e455164ff21927b904929973b7520f752b76e6cd3732e540371fd78a5a42611f42d0b185d213a47abd2dfdc37c79894d3323900631655bc263fb5e8aa6b6f32c9f8ced4acc81c6d4bc95fa48faee5697d4221cc576bae07afe10057cf40423318fcd32c3158d65eb770728028f8e5354069ec4f4f63b9a4cd68172397bfa5371a43697e7bc26d777c55ce5f0a225324397a7567b0b969604db7d32c95b05017db53bad3cc1ac3f3d3bc0287d7794f9baf0f1a7064258586e39743dc150637d84c47fce0feb9e9f3c1fbddcdc9de4a1011a54cf9a74fd28b029f0bfb45f723e4dbe9910a203e98fdbe6fa0d562ead671d5ecaba5f2f29d8e37dcae6b3b6e0cc4917ef4da6b9f0baacbc51840ebaf85f0f7d11897d8887a35d99f50eedefcb07913a665d0843f68a73767df874c5995936bf5c03bf40ff54e179c094127af6254e22da82484472eca7a48bf932c2470ad5c6bc43b2392ebae24692e73ae1c6e0c03eb958b78952531156d7509da69cfd9d8e5068e560fc7f28a974490ecbbc79aafb65f525e5b8d04aaed3b683c6b23703d6ff361f5bd57a9b62ffa5e994b9bbaaf582688f78bc13ef909f9634324fbf6859646b673e2b1d80f56a58bffdac390c245d8cc3036da0e6656f24af365da36ec6cc74847ccfb4a36115c1f19cc6e848f909089a2ac660d1223765295f37c442f987ed98b3f7b3b963213d2e6289b147c80dfc239800f0d48d37fc4739fa521dd686f5413261a9cd06f1c09c598d3d91e66db106ef212c3a1b8c02834f9cc3634ca938df7a478c25b55f0c654bc4f70057a60a7bbf02706f048329d3ad3052f23b698b8ffb97085f121249359320efff2add0c35db60e7cf74e0169e9cf13c0c3725768fea6e928a213e61bae007bc307e4fe63b0905772c469747b5884509acce8b7c368b417b44460d6e5d3ab9dec690c43a029122ba37216d48a0d7eb519fcd0257df3a693711ffa60c8a3855713f359c3780f4a40694982d7ce84e40f03faaf942730e9daa8777d7a8909999df47955ea430bb443789f047066426df0a7fe04f741420b0db3c5e54f0b03e60b5897e96c4bf34f324ef899b9ea4b36c44b2496f043e7be07f3a58bb094caab78f168d9486d0dfd1adc97ae3ce5e710a9e47e6b5f8360417d1462acb4062057dda820c5d4b4cc90a13732fc2b52b12b2d255cb01f529a597e5ee29eb36e0c479896ae189103580a633c4a09621043df2205d00b45a84cd8ebe81c483cdf66994827672942dba7674e2090829a33744394e7b9c81ff273a5df6e0eceaa9b2abad932c8740d3b0b977e91fc03f4020a4459fa582d48673215c14f0da08a82a67b8bb804915c9d1218d7a9de94033a32725f30f9f9e81987d63cca018d12c3894b7fbeb95901f382bdee8595b2e6b7f42d0ada636db6e000625dfaa79a6309b2dd279fff258cefcc044a06bdbe489230ffdd90efdda0df2da52742a59e24b8c50ec68790fc62207ac2cd6d4997d6a4faa5e2645e30228f39094750eef3ce56b1569438750ff50130c64e8f37d8ff49fa9d9c0d409e9f60f347cb386946ce117b4c40a9a53c7359d3a966c7326263270eb16876ff1e6da42a73a634ac661327a916b8416bac1bb49a5e9b8da0dc7170d833d07df1fab73a7f202aaa768049efefc4b399611a6fdbe29aaccfb6416be56f30e9fce9602d0cf57c1c70b321974e3518434ca828f1a51d4191b99e0e0a7451ba3b4f2b5cf95b44fc417abcc5b0b13bae366614f75c98aade49013475086a48d9e64ba7701d6aa7997132e56b97b962921a73e7a70de0f32c06d0117b24708867f7247024a28096607669001e87ec188812d0eab256b0296e0f70c47c6ca89dd511c1362523930a546a44ebc421e03e979a5bba49732d437d82e7555e5a10c4a1fd933c6c50380d3d7a147586e4033005f533f7ade992af2696c4d122311a473f97644095805a18da9d0b52e2f72dd386a3d14f478c7ba144503ee2e94bfb3853fb37adca2f7bf51872fd3a54e392c8b6dbf142c6ae83ca21575ca6a1d3fa1b1de90f4a816d093561f88f6e6aaf782d08c798147a64851759b8667a1531da2d571e1457edd13d7d0929ae02daed710e9ae1a2796e38a1c2921dd2fd57f825f4cf95f02e34e9cf3e894d57cfde113224210caec0b4ab2901262b6e36d96ea1febc8c73a12f0e40f6b47b13709cfecbec1420fcb5cdc2b5986d0a54fe0459ba5f77b90bc9d2cbdd86663910fed740f6f41d94cb1b3818a550f8da00f6d17b150e4872fec8712a7490a1782a82b9680ceeeb41fdb8c95c1d3d574437d3bd1915020d96e411978c1738d7683b62f5dbf6280dc72860a2b6fa1de548e6a22987f1d3b5eb010172d7c684e9943e32b140fc51cd8c7046a2cc604244a7aad63a9edd2f64c31c8fe127a2cb965ac0a374b24e475bc78f4cbdda40b39b282af1d192bd2a967fc6b7811f8ef8be8d65cd8d3ddbf1e69989c073a16c9c1896ca8a734bc6a4df17d39d30a8b8c1ec3d93534747e8e9a769f60a9e10cc69ea5903993bc481630e1df50eedc1a1a51d96de8fcd27a3ba4108349c92d52b81886d19217b10508527634c58af2806b2dae8c71aaeb6946896decd03266a75bccf676d86064188d0da683b3b38a3c03fc22bbf6c8d8bdea829bc5aa5d5521da096718aa6a629f174e510b1215b49f27db3c145555baa329d15de80976748b68648482cb8cf9e79cc3acefe4d8436c04e882934abc30ac5886d10a54b759f1b4407d1ea9d8cc1049e4f60c9dc96dbda9dbc581d31bb3dcfe32598bac97974d6c8625a2be3d48ef98edfbf0725cc18f21b50a67b0de8ff6544cd67ce0d43fcc1d248"}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x301c03, 0x0) sendfile(r0, r2, &(0x7f0000000240)=0x4, 0x8001) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) write$binfmt_aout(r3, &(0x7f0000001180)=ANY=[], 0x220) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040), 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) sendfile(r3, r1, 0x0, 0xfffffdef) 11:45:51 executing program 7: mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x0, 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001180)='numa_maps\x00') preadv(r0, &(0x7f0000001140)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1, 0x0, 0x0) [ 62.228423] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 62.232390] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 62.233689] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 62.243015] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 62.244212] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 62.252352] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 62.257217] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 62.298389] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 62.301002] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 62.305293] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 62.306635] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 62.308121] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 62.309506] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 62.311544] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 62.313324] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 62.314975] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 62.316973] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 62.318296] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 62.319790] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 62.320938] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 62.322525] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 62.323827] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 62.325282] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 62.326439] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 62.331156] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 62.337428] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 62.338348] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 62.339945] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 62.341619] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 62.342675] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 62.343648] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 62.346074] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 62.347549] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 62.349197] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 62.350141] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 62.350951] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 62.352109] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 62.352975] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 62.353759] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 62.355572] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 62.357165] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 62.358229] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 62.361854] Bluetooth: hci1: HCI_REQ-0x0c1a [ 62.362229] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 62.366785] Bluetooth: hci4: HCI_REQ-0x0c1a [ 62.375191] Bluetooth: hci5: HCI_REQ-0x0c1a [ 62.375939] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 62.376912] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 62.379871] Bluetooth: hci0: HCI_REQ-0x0c1a [ 62.380109] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 62.386324] Bluetooth: hci7: HCI_REQ-0x0c1a [ 62.388359] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 62.393888] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 62.394440] Bluetooth: hci3: HCI_REQ-0x0c1a [ 62.405444] Bluetooth: hci6: HCI_REQ-0x0c1a [ 62.420031] Bluetooth: hci2: HCI_REQ-0x0c1a [ 64.435369] Bluetooth: hci2: command 0x0409 tx timeout [ 64.435758] Bluetooth: hci4: command 0x0409 tx timeout [ 64.436168] Bluetooth: hci6: command 0x0409 tx timeout [ 64.436315] Bluetooth: hci5: command 0x0409 tx timeout [ 64.437208] Bluetooth: hci1: command 0x0409 tx timeout [ 64.439390] Bluetooth: hci3: command 0x0409 tx timeout [ 64.439895] Bluetooth: hci0: command 0x0409 tx timeout [ 64.440349] Bluetooth: hci7: command 0x0409 tx timeout [ 66.482863] Bluetooth: hci7: command 0x041b tx timeout [ 66.483449] Bluetooth: hci0: command 0x041b tx timeout [ 66.484888] Bluetooth: hci3: command 0x041b tx timeout [ 66.485451] Bluetooth: hci1: command 0x041b tx timeout [ 66.486682] Bluetooth: hci5: command 0x041b tx timeout [ 66.487562] Bluetooth: hci6: command 0x041b tx timeout [ 66.488749] Bluetooth: hci4: command 0x041b tx timeout [ 66.489188] Bluetooth: hci2: command 0x041b tx timeout [ 68.530892] Bluetooth: hci2: command 0x040f tx timeout [ 68.531368] Bluetooth: hci4: command 0x040f tx timeout [ 68.531820] Bluetooth: hci6: command 0x040f tx timeout [ 68.532217] Bluetooth: hci5: command 0x040f tx timeout [ 68.532645] Bluetooth: hci1: command 0x040f tx timeout [ 68.533734] Bluetooth: hci3: command 0x040f tx timeout [ 68.537219] Bluetooth: hci0: command 0x040f tx timeout [ 68.540318] Bluetooth: hci7: command 0x040f tx timeout [ 70.578855] Bluetooth: hci7: command 0x0419 tx timeout [ 70.579474] Bluetooth: hci0: command 0x0419 tx timeout [ 70.580264] Bluetooth: hci3: command 0x0419 tx timeout [ 70.582357] Bluetooth: hci1: command 0x0419 tx timeout [ 70.583089] Bluetooth: hci5: command 0x0419 tx timeout [ 70.583640] Bluetooth: hci6: command 0x0419 tx timeout [ 70.585345] Bluetooth: hci4: command 0x0419 tx timeout [ 70.586106] Bluetooth: hci2: command 0x0419 tx timeout [ 119.745139] audit: type=1400 audit(1663242410.414:7): avc: denied { open } for pid=3747 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.746652] audit: type=1400 audit(1663242410.414:8): avc: denied { kernel } for pid=3747 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 119.768183] ------------[ cut here ]------------ [ 119.768204] [ 119.768207] ====================================================== [ 119.768211] WARNING: possible circular locking dependency detected [ 119.768215] 6.0.0-rc5-next-20220915 #1 Not tainted [ 119.768221] ------------------------------------------------------ [ 119.768224] syz-executor.4/3748 is trying to acquire lock: [ 119.768230] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 119.768266] [ 119.768266] but task is already holding lock: [ 119.768268] ffff88800eef2c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.768295] [ 119.768295] which lock already depends on the new lock. [ 119.768295] [ 119.768298] [ 119.768298] the existing dependency chain (in reverse order) is: [ 119.768301] [ 119.768301] -> #3 (&ctx->lock){....}-{2:2}: [ 119.768315] _raw_spin_lock+0x2a/0x40 [ 119.768332] __perf_event_task_sched_out+0x53b/0x18d0 [ 119.768344] __schedule+0xedd/0x2470 [ 119.768354] schedule+0xda/0x1b0 [ 119.768364] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.768383] syscall_exit_to_user_mode+0x19/0x40 [ 119.768400] do_syscall_64+0x48/0x90 [ 119.768414] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.768431] [ 119.768431] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 119.768445] _raw_spin_lock_nested+0x30/0x40 [ 119.768459] raw_spin_rq_lock_nested+0x1e/0x30 [ 119.768472] task_fork_fair+0x63/0x4d0 [ 119.768488] sched_cgroup_fork+0x3d0/0x540 [ 119.768501] copy_process+0x4183/0x6e20 [ 119.768512] kernel_clone+0xe7/0x890 [ 119.768521] user_mode_thread+0xad/0xf0 [ 119.768531] rest_init+0x24/0x250 [ 119.768547] arch_call_rest_init+0xf/0x14 [ 119.768559] start_kernel+0x4c1/0x4e6 [ 119.768568] secondary_startup_64_no_verify+0xe0/0xeb [ 119.768582] [ 119.768582] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 119.768595] _raw_spin_lock_irqsave+0x39/0x60 [ 119.768610] try_to_wake_up+0xab/0x1920 [ 119.768623] up+0x75/0xb0 [ 119.768634] __up_console_sem+0x6e/0x80 [ 119.768649] console_unlock+0x46a/0x590 [ 119.768664] do_con_write+0xc05/0x1d50 [ 119.768675] con_write+0x21/0x40 [ 119.768685] n_tty_write+0x4d4/0xfe0 [ 119.768700] file_tty_write.constprop.0+0x49c/0x8f0 [ 119.768712] vfs_write+0x9c3/0xd90 [ 119.768730] ksys_write+0x127/0x250 [ 119.768746] do_syscall_64+0x3b/0x90 [ 119.768759] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.768776] [ 119.768776] -> #0 ((console_sem).lock){....}-{2:2}: [ 119.768789] __lock_acquire+0x2a02/0x5e70 [ 119.768805] lock_acquire+0x1a2/0x530 [ 119.768820] _raw_spin_lock_irqsave+0x39/0x60 [ 119.768835] down_trylock+0xe/0x70 [ 119.768847] __down_trylock_console_sem+0x3b/0xd0 [ 119.768862] vprintk_emit+0x16b/0x560 [ 119.768878] vprintk+0x84/0xa0 [ 119.768894] _printk+0xba/0xf1 [ 119.768910] report_bug.cold+0x72/0xab [ 119.768923] handle_bug+0x3c/0x70 [ 119.768935] exc_invalid_op+0x14/0x50 [ 119.768949] asm_exc_invalid_op+0x16/0x20 [ 119.768965] group_sched_out.part.0+0x2c7/0x460 [ 119.768975] ctx_sched_out+0x8f1/0xc10 [ 119.768984] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.768996] __schedule+0xedd/0x2470 [ 119.769006] schedule+0xda/0x1b0 [ 119.769016] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.769034] syscall_exit_to_user_mode+0x19/0x40 [ 119.769051] do_syscall_64+0x48/0x90 [ 119.769064] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.769081] [ 119.769081] other info that might help us debug this: [ 119.769081] [ 119.769083] Chain exists of: [ 119.769083] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 119.769083] [ 119.769098] Possible unsafe locking scenario: [ 119.769098] [ 119.769100] CPU0 CPU1 [ 119.769102] ---- ---- [ 119.769104] lock(&ctx->lock); [ 119.769110] lock(&rq->__lock); [ 119.769116] lock(&ctx->lock); [ 119.769122] lock((console_sem).lock); [ 119.769128] [ 119.769128] *** DEADLOCK *** [ 119.769128] [ 119.769129] 2 locks held by syz-executor.4/3748: [ 119.769136] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 119.769162] #1: ffff88800eef2c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 119.769189] [ 119.769189] stack backtrace: [ 119.769192] CPU: 1 PID: 3748 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220915 #1 [ 119.769204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 119.769212] Call Trace: [ 119.769216] [ 119.769220] dump_stack_lvl+0x8b/0xb3 [ 119.769234] check_noncircular+0x263/0x2e0 [ 119.769250] ? format_decode+0x26c/0xb50 [ 119.769265] ? print_circular_bug+0x450/0x450 [ 119.769282] ? enable_ptr_key_workfn+0x20/0x20 [ 119.769297] ? format_decode+0x26c/0xb50 [ 119.769313] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 119.769330] __lock_acquire+0x2a02/0x5e70 [ 119.769351] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 119.769373] lock_acquire+0x1a2/0x530 [ 119.769389] ? down_trylock+0xe/0x70 [ 119.769403] ? rcu_read_unlock+0x40/0x40 [ 119.769423] ? vprintk+0x84/0xa0 [ 119.769441] _raw_spin_lock_irqsave+0x39/0x60 [ 119.769456] ? down_trylock+0xe/0x70 [ 119.769469] down_trylock+0xe/0x70 [ 119.769482] ? vprintk+0x84/0xa0 [ 119.769499] __down_trylock_console_sem+0x3b/0xd0 [ 119.769516] vprintk_emit+0x16b/0x560 [ 119.769534] vprintk+0x84/0xa0 [ 119.769551] _printk+0xba/0xf1 [ 119.769568] ? record_print_text.cold+0x16/0x16 [ 119.769590] ? report_bug.cold+0x66/0xab [ 119.769604] ? group_sched_out.part.0+0x2c7/0x460 [ 119.769616] report_bug.cold+0x72/0xab [ 119.769631] handle_bug+0x3c/0x70 [ 119.769645] exc_invalid_op+0x14/0x50 [ 119.769659] asm_exc_invalid_op+0x16/0x20 [ 119.769676] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.769689] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.769701] RSP: 0018:ffff88801d9d7c48 EFLAGS: 00010006 [ 119.769709] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.769717] RDX: ffff888015eb8000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 119.769725] RBP: ffff88801f688000 R08: 0000000000000005 R09: 0000000000000001 [ 119.769732] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800eef2c00 [ 119.769740] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 119.769751] ? group_sched_out.part.0+0x2c7/0x460 [ 119.769764] ? group_sched_out.part.0+0x2c7/0x460 [ 119.769776] ctx_sched_out+0x8f1/0xc10 [ 119.769789] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.769804] ? lock_is_held_type+0xd7/0x130 [ 119.769822] ? __perf_cgroup_move+0x160/0x160 [ 119.769849] ? set_next_entity+0x304/0x550 [ 119.769866] ? update_curr+0x267/0x740 [ 119.769884] ? lock_is_held_type+0xd7/0x130 [ 119.769902] __schedule+0xedd/0x2470 [ 119.769916] ? io_schedule_timeout+0x150/0x150 [ 119.769929] ? rcu_read_lock_sched_held+0x3e/0x80 [ 119.769948] schedule+0xda/0x1b0 [ 119.769960] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.769979] syscall_exit_to_user_mode+0x19/0x40 [ 119.769997] do_syscall_64+0x48/0x90 [ 119.770012] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.770029] RIP: 0033:0x7fa23aea1b19 [ 119.770038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.770048] RSP: 002b:00007fa238417218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.770059] RAX: 0000000000000001 RBX: 00007fa23afb4f68 RCX: 00007fa23aea1b19 [ 119.770067] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa23afb4f6c [ 119.770074] RBP: 00007fa23afb4f60 R08: 000000000000000e R09: 0000000000000000 [ 119.770081] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fa23afb4f6c [ 119.770088] R13: 00007ffd5d9f0d2f R14: 00007fa238417300 R15: 0000000000022000 [ 119.770101] [ 119.826487] WARNING: CPU: 1 PID: 3748 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 119.827183] Modules linked in: [ 119.827432] CPU: 1 PID: 3748 Comm: syz-executor.4 Not tainted 6.0.0-rc5-next-20220915 #1 [ 119.828047] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 119.828919] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 119.829339] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 119.830711] RSP: 0018:ffff88801d9d7c48 EFLAGS: 00010006 [ 119.831127] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 119.831686] RDX: ffff888015eb8000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 119.832235] RBP: ffff88801f688000 R08: 0000000000000005 R09: 0000000000000001 [ 119.832779] R10: 0000000000000000 R11: ffffffff865ac05b R12: ffff88800eef2c00 [ 119.833312] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 119.833860] FS: 00007fa238417700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 119.834462] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 119.834882] CR2: 00007f7fa124f8e0 CR3: 000000003e13c000 CR4: 0000000000350ee0 [ 119.835389] Call Trace: [ 119.835576] [ 119.835742] ctx_sched_out+0x8f1/0xc10 [ 119.836026] __perf_event_task_sched_out+0x6d0/0x18d0 [ 119.836422] ? lock_is_held_type+0xd7/0x130 [ 119.836747] ? __perf_cgroup_move+0x160/0x160 [ 119.837071] ? set_next_entity+0x304/0x550 [ 119.837384] ? update_curr+0x267/0x740 [ 119.837678] ? lock_is_held_type+0xd7/0x130 [ 119.838011] __schedule+0xedd/0x2470 [ 119.838288] ? io_schedule_timeout+0x150/0x150 [ 119.838621] ? rcu_read_lock_sched_held+0x3e/0x80 [ 119.838976] schedule+0xda/0x1b0 [ 119.839239] exit_to_user_mode_prepare+0x114/0x1a0 [ 119.839626] syscall_exit_to_user_mode+0x19/0x40 [ 119.839995] do_syscall_64+0x48/0x90 [ 119.840286] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 119.840696] RIP: 0033:0x7fa23aea1b19 [ 119.840984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 119.842378] RSP: 002b:00007fa238417218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 119.842963] RAX: 0000000000000001 RBX: 00007fa23afb4f68 RCX: 00007fa23aea1b19 [ 119.843504] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa23afb4f6c [ 119.844042] RBP: 00007fa23afb4f60 R08: 000000000000000e R09: 0000000000000000 [ 119.844587] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fa23afb4f6c [ 119.845132] R13: 00007ffd5d9f0d2f R14: 00007fa238417300 R15: 0000000000022000 [ 119.845678] [ 119.845869] irq event stamp: 1014 [ 119.846126] hardirqs last enabled at (1013): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 119.846822] hardirqs last disabled at (1014): [] __schedule+0x1225/0x2470 [ 119.847444] softirqs last enabled at (886): [] __irq_exit_rcu+0x11b/0x180 [ 119.848086] softirqs last disabled at (583): [] __irq_exit_rcu+0x11b/0x180 [ 119.848712] ---[ end trace 0000000000000000 ]--- [ 120.203479] perf: interrupt took too long (5490 > 5435), lowering kernel.perf_event_max_sample_rate to 36000 [ 120.207582] perf: interrupt took too long (11054 > 11032), lowering kernel.perf_event_max_sample_rate to 18000 11:46:51 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000140)={@remote, @broadcast}, 0x8) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9d, 0x9}}, './file0\x00'}) 11:46:51 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000140)={@remote, @broadcast}, 0x8) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9d, 0x9}}, './file0\x00'}) 11:46:51 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(0x0, 0x0) perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000140)={@remote, @broadcast}, 0x8) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9d, 0x9}}, './file0\x00'}) 11:46:51 executing program 4: ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000000480)={0x0, 0x9, 0x4, 0xfffffffd, 0x2, [{0x1, 0x7, 0x6}, {0x1, 0x1000, 0x1, '\x00', 0x480}]}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xb220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = getpid() r3 = gettid() rt_tgsigqueueinfo(r2, r3, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x6}) get_robust_list(r2, &(0x7f00000005c0)=&(0x7f0000000580)={&(0x7f0000000540)={&(0x7f0000000340)}}, &(0x7f0000000600)=0x18) perf_event_open(0x0, r3, 0xb, 0xffffffffffffffff, 0xb) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000000201010200000000000000000202000008001a40000000003a3e542a333d5d2fbfc41c2a1ec3ab6a9d700e3025fd0ef2a7ea99265fe27afa1d8992a2eeb358651aa5eb43f4597d7ddd01b42729df2d75bc250c06f8c1f337bc65e07d69c151693119623da895c3b72c235a3ca657b3dea436c7a69b5abf6acdf362faf13bdf6c0f3df0e42eb88c4e693781c65d1dbe3bdfa6a83624b18491ede1b480a93226bea675b25784ae28ae2373dcb1c4968fe6f4e5cd108e42ef8bdf364b697e91b2b546a2b528299929bfa256c876a1e410ae03a24c7036417c7f109e706a95eb45c766c690c7445eab1cbd071ba55685b10fcea5041b2f74f98fe84ff60c04881ef4e919915f9d26715356d806edfcccb3b3cb9cf1a6f8bd691c5b3b7aab7aae72381cf5933050c263afce0ed800000080000000004fa8eea1826f56b44ea4eb8c96e456aca1c195d4034f6f1e0cfa70ef4ff1dcf3edaa9c95262b44faba986dd564795b15b0f693ca9e1222bc21f86d59c86da7146630563aaa24e26153551c9ca6df8a06ca4aa2632c58eb579c0f7b7b8b96bd424ec892151010d9a365d4634163b9802a96601143534919f5dfdc26dd0ba83300000000"], 0x1c}}, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_WAITACTIVE(r4, 0x5607) 11:46:51 executing program 4: ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000000480)={0x0, 0x9, 0x4, 0xfffffffd, 0x2, [{0x1, 0x7, 0x6}, {0x1, 0x1000, 0x1, '\x00', 0x480}]}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xb220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = getpid() r3 = gettid() rt_tgsigqueueinfo(r2, r3, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x6}) get_robust_list(r2, &(0x7f00000005c0)=&(0x7f0000000580)={&(0x7f0000000540)={&(0x7f0000000340)}}, &(0x7f0000000600)=0x18) perf_event_open(0x0, r3, 0xb, 0xffffffffffffffff, 0xb) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000000201010200000000000000000202000008001a40000000003a3e542a333d5d2fbfc41c2a1ec3ab6a9d700e3025fd0ef2a7ea99265fe27afa1d8992a2eeb358651aa5eb43f4597d7ddd01b42729df2d75bc250c06f8c1f337bc65e07d69c151693119623da895c3b72c235a3ca657b3dea436c7a69b5abf6acdf362faf13bdf6c0f3df0e42eb88c4e693781c65d1dbe3bdfa6a83624b18491ede1b480a93226bea675b25784ae28ae2373dcb1c4968fe6f4e5cd108e42ef8bdf364b697e91b2b546a2b528299929bfa256c876a1e410ae03a24c7036417c7f109e706a95eb45c766c690c7445eab1cbd071ba55685b10fcea5041b2f74f98fe84ff60c04881ef4e919915f9d26715356d806edfcccb3b3cb9cf1a6f8bd691c5b3b7aab7aae72381cf5933050c263afce0ed800000080000000004fa8eea1826f56b44ea4eb8c96e456aca1c195d4034f6f1e0cfa70ef4ff1dcf3edaa9c95262b44faba986dd564795b15b0f693ca9e1222bc21f86d59c86da7146630563aaa24e26153551c9ca6df8a06ca4aa2632c58eb579c0f7b7b8b96bd424ec892151010d9a365d4634163b9802a96601143534919f5dfdc26dd0ba83300000000"], 0x1c}}, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_WAITACTIVE(r4, 0x5607) [ 121.131864] syz-executor.2 (296) used greatest stack depth: 24448 bytes left 11:46:51 executing program 4: ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000000480)={0x0, 0x9, 0x4, 0xfffffffd, 0x2, [{0x1, 0x7, 0x6}, {0x1, 0x1000, 0x1, '\x00', 0x480}]}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xb220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = getpid() r3 = gettid() rt_tgsigqueueinfo(r2, r3, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x6}) get_robust_list(r2, &(0x7f00000005c0)=&(0x7f0000000580)={&(0x7f0000000540)={&(0x7f0000000340)}}, &(0x7f0000000600)=0x18) perf_event_open(0x0, r3, 0xb, 0xffffffffffffffff, 0xb) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000000201010200000000000000000202000008001a40000000003a3e542a333d5d2fbfc41c2a1ec3ab6a9d700e3025fd0ef2a7ea99265fe27afa1d8992a2eeb358651aa5eb43f4597d7ddd01b42729df2d75bc250c06f8c1f337bc65e07d69c151693119623da895c3b72c235a3ca657b3dea436c7a69b5abf6acdf362faf13bdf6c0f3df0e42eb88c4e693781c65d1dbe3bdfa6a83624b18491ede1b480a93226bea675b25784ae28ae2373dcb1c4968fe6f4e5cd108e42ef8bdf364b697e91b2b546a2b528299929bfa256c876a1e410ae03a24c7036417c7f109e706a95eb45c766c690c7445eab1cbd071ba55685b10fcea5041b2f74f98fe84ff60c04881ef4e919915f9d26715356d806edfcccb3b3cb9cf1a6f8bd691c5b3b7aab7aae72381cf5933050c263afce0ed800000080000000004fa8eea1826f56b44ea4eb8c96e456aca1c195d4034f6f1e0cfa70ef4ff1dcf3edaa9c95262b44faba986dd564795b15b0f693ca9e1222bc21f86d59c86da7146630563aaa24e26153551c9ca6df8a06ca4aa2632c58eb579c0f7b7b8b96bd424ec892151010d9a365d4634163b9802a96601143534919f5dfdc26dd0ba83300000000"], 0x1c}}, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_WAITACTIVE(r4, 0x5607) 11:46:51 executing program 4: ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000000480)={0x0, 0x9, 0x4, 0xfffffffd, 0x2, [{0x1, 0x7, 0x6}, {0x1, 0x1000, 0x1, '\x00', 0x480}]}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xb220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = getpid() r3 = gettid() rt_tgsigqueueinfo(r2, r3, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x6}) get_robust_list(r2, &(0x7f00000005c0)=&(0x7f0000000580)={&(0x7f0000000540)={&(0x7f0000000340)}}, &(0x7f0000000600)=0x18) perf_event_open(0x0, r3, 0xb, 0xffffffffffffffff, 0xb) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000000201010200000000000000000202000008001a40000000003a3e542a333d5d2fbfc41c2a1ec3ab6a9d700e3025fd0ef2a7ea99265fe27afa1d8992a2eeb358651aa5eb43f4597d7ddd01b42729df2d75bc250c06f8c1f337bc65e07d69c151693119623da895c3b72c235a3ca657b3dea436c7a69b5abf6acdf362faf13bdf6c0f3df0e42eb88c4e693781c65d1dbe3bdfa6a83624b18491ede1b480a93226bea675b25784ae28ae2373dcb1c4968fe6f4e5cd108e42ef8bdf364b697e91b2b546a2b528299929bfa256c876a1e410ae03a24c7036417c7f109e706a95eb45c766c690c7445eab1cbd071ba55685b10fcea5041b2f74f98fe84ff60c04881ef4e919915f9d26715356d806edfcccb3b3cb9cf1a6f8bd691c5b3b7aab7aae72381cf5933050c263afce0ed800000080000000004fa8eea1826f56b44ea4eb8c96e456aca1c195d4034f6f1e0cfa70ef4ff1dcf3edaa9c95262b44faba986dd564795b15b0f693ca9e1222bc21f86d59c86da7146630563aaa24e26153551c9ca6df8a06ca4aa2632c58eb579c0f7b7b8b96bd424ec892151010d9a365d4634163b9802a96601143534919f5dfdc26dd0ba83300000000"], 0x1c}}, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_WAITACTIVE(r4, 0x5607) 11:46:52 executing program 4: ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f0000000480)={0x0, 0x9, 0x4, 0xfffffffd, 0x2, [{0x1, 0x7, 0x6}, {0x1, 0x1000, 0x1, '\x00', 0x480}]}) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xb220}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) fallocate(r0, 0x0, 0x0, 0x87ffffc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = getpid() r3 = gettid() rt_tgsigqueueinfo(r2, r3, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x6}) get_robust_list(r2, &(0x7f00000005c0)=&(0x7f0000000580)={&(0x7f0000000540)={&(0x7f0000000340)}}, &(0x7f0000000600)=0x18) perf_event_open(0x0, r3, 0xb, 0xffffffffffffffff, 0xb) sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000000201010200000000000000000202000008001a40000000003a3e542a333d5d2fbfc41c2a1ec3ab6a9d700e3025fd0ef2a7ea99265fe27afa1d8992a2eeb358651aa5eb43f4597d7ddd01b42729df2d75bc250c06f8c1f337bc65e07d69c151693119623da895c3b72c235a3ca657b3dea436c7a69b5abf6acdf362faf13bdf6c0f3df0e42eb88c4e693781c65d1dbe3bdfa6a83624b18491ede1b480a93226bea675b25784ae28ae2373dcb1c4968fe6f4e5cd108e42ef8bdf364b697e91b2b546a2b528299929bfa256c876a1e410ae03a24c7036417c7f109e706a95eb45c766c690c7445eab1cbd071ba55685b10fcea5041b2f74f98fe84ff60c04881ef4e919915f9d26715356d806edfcccb3b3cb9cf1a6f8bd691c5b3b7aab7aae72381cf5933050c263afce0ed800000080000000004fa8eea1826f56b44ea4eb8c96e456aca1c195d4034f6f1e0cfa70ef4ff1dcf3edaa9c95262b44faba986dd564795b15b0f693ca9e1222bc21f86d59c86da7146630563aaa24e26153551c9ca6df8a06ca4aa2632c58eb579c0f7b7b8b96bd424ec892151010d9a365d4634163b9802a96601143534919f5dfdc26dd0ba83300000000"], 0x1c}}, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000140), 0xd40, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_WAITACTIVE(r4, 0x5607) [ 123.894540] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 123.895226] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 123.895991] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 123.896544] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 123.897376] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 123.898067] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 123.900108] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 123.900952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 123.901574] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 123.902340] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 123.903125] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 123.903887] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 123.905590] Bluetooth: hci3: HCI_REQ-0x0c1a [ 123.906090] Bluetooth: hci2: HCI_REQ-0x0c1a [ 123.955793] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 123.958213] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 123.960469] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 123.963145] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 123.966082] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 123.967537] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 123.973057] Bluetooth: hci7: HCI_REQ-0x0c1a [ 125.810740] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 125.874764] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 125.938755] Bluetooth: hci3: command 0x0409 tx timeout [ 125.938898] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 125.940001] Bluetooth: hci2: command 0x0409 tx timeout [ 125.940735] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 126.002723] Bluetooth: hci7: command 0x0409 tx timeout [ 127.986821] Bluetooth: hci3: command 0x041b tx timeout [ 127.987732] Bluetooth: hci2: command 0x041b tx timeout [ 128.054792] Bluetooth: hci7: command 0x041b tx timeout VM DIAGNOSIS: 11:46:50 Registers: info registers vcpu 0 RAX=0000000080000001 RBX=ffff888018277d88 RCX=ffffffff8169a079 RDX=8000000000000025 RSI=8000000000000025 RDI=0000000000000006 RBP=ffffea0000f55700 RSP=ffff888018277c60 R8 =0000000000000006 R9 =8000000000000025 R10=8000000000000025 R11=0000000000000001 R12=000000003d55c000 R13=ffff88801851fc30 R14=8000000000000025 R15=0000000000000001 RIP=ffffffff814612b0 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f1f8de7b540 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f1f8e330000 CR3=000000001c33e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffff00ffffffffff ffffffffffff00ff YMM02=0000000000000000 0000000000000000 4c4700362e322e32 5f4342494c470035 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000470035 YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000036 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b29f1 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff88801d9d7698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000036 R11=0000000000000001 R12=0000000000000036 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b29e0 RIP=ffffffff822b2a49 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa238417700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f7fa124f8e0 CR3=000000003e13c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fa23af887c0 00007fa23af887c8 YMM02=0000000000000000 0000000000000000 00007fa23af887e0 00007fa23af887c0 YMM03=0000000000000000 0000000000000000 00007fa23af887c8 00007fa23af887c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000