Warning: Permanently added '[localhost]:64405' (ECDSA) to the list of known hosts. 2022/09/15 12:51:14 fuzzer started 2022/09/15 12:51:15 dialing manager at localhost:36559 syzkaller login: [ 46.063985] cgroup: Unknown subsys name 'net' [ 46.167431] cgroup: Unknown subsys name 'rlimit' 2022/09/15 12:51:29 syscalls: 2215 2022/09/15 12:51:29 code coverage: enabled 2022/09/15 12:51:29 comparison tracing: enabled 2022/09/15 12:51:29 extra coverage: enabled 2022/09/15 12:51:29 setuid sandbox: enabled 2022/09/15 12:51:29 namespace sandbox: enabled 2022/09/15 12:51:29 Android sandbox: enabled 2022/09/15 12:51:29 fault injection: enabled 2022/09/15 12:51:29 leak checking: enabled 2022/09/15 12:51:29 net packet injection: enabled 2022/09/15 12:51:29 net device setup: enabled 2022/09/15 12:51:29 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/15 12:51:29 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/15 12:51:29 USB emulation: enabled 2022/09/15 12:51:29 hci packet injection: enabled 2022/09/15 12:51:29 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220915) 2022/09/15 12:51:29 802.15.4 emulation: enabled 2022/09/15 12:51:29 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/15 12:51:29 fetching corpus: 38, signal 30791/34219 (executing program) 2022/09/15 12:51:30 fetching corpus: 88, signal 44061/48829 (executing program) 2022/09/15 12:51:30 fetching corpus: 138, signal 54325/60255 (executing program) 2022/09/15 12:51:30 fetching corpus: 188, signal 60844/67991 (executing program) 2022/09/15 12:51:30 fetching corpus: 238, signal 65549/73864 (executing program) 2022/09/15 12:51:30 fetching corpus: 288, signal 70499/79938 (executing program) 2022/09/15 12:51:30 fetching corpus: 338, signal 74721/85224 (executing program) 2022/09/15 12:51:30 fetching corpus: 388, signal 81165/92458 (executing program) 2022/09/15 12:51:30 fetching corpus: 438, signal 85456/97615 (executing program) 2022/09/15 12:51:30 fetching corpus: 488, signal 89507/102592 (executing program) 2022/09/15 12:51:31 fetching corpus: 538, signal 94299/108022 (executing program) 2022/09/15 12:51:31 fetching corpus: 588, signal 97986/112428 (executing program) 2022/09/15 12:51:31 fetching corpus: 638, signal 100600/115786 (executing program) 2022/09/15 12:51:31 fetching corpus: 688, signal 103637/119435 (executing program) 2022/09/15 12:51:31 fetching corpus: 738, signal 105573/122111 (executing program) 2022/09/15 12:51:31 fetching corpus: 788, signal 107152/124445 (executing program) 2022/09/15 12:51:31 fetching corpus: 838, signal 110154/127924 (executing program) 2022/09/15 12:51:32 fetching corpus: 888, signal 112501/130835 (executing program) 2022/09/15 12:51:32 fetching corpus: 938, signal 114413/133325 (executing program) 2022/09/15 12:51:32 fetching corpus: 988, signal 117246/136538 (executing program) 2022/09/15 12:51:32 fetching corpus: 1038, signal 120409/139952 (executing program) 2022/09/15 12:51:32 fetching corpus: 1088, signal 123311/143178 (executing program) 2022/09/15 12:51:32 fetching corpus: 1138, signal 124579/145015 (executing program) 2022/09/15 12:51:32 fetching corpus: 1188, signal 126723/147525 (executing program) 2022/09/15 12:51:32 fetching corpus: 1238, signal 129169/150215 (executing program) 2022/09/15 12:51:33 fetching corpus: 1288, signal 131404/152666 (executing program) 2022/09/15 12:51:33 fetching corpus: 1338, signal 132759/154478 (executing program) 2022/09/15 12:51:33 fetching corpus: 1388, signal 135432/157269 (executing program) 2022/09/15 12:51:33 fetching corpus: 1438, signal 136552/158847 (executing program) 2022/09/15 12:51:33 fetching corpus: 1488, signal 139147/161406 (executing program) 2022/09/15 12:51:33 fetching corpus: 1538, signal 141318/163656 (executing program) 2022/09/15 12:51:33 fetching corpus: 1588, signal 143178/165657 (executing program) 2022/09/15 12:51:34 fetching corpus: 1638, signal 144592/167286 (executing program) 2022/09/15 12:51:34 fetching corpus: 1688, signal 145825/168778 (executing program) 2022/09/15 12:51:34 fetching corpus: 1738, signal 147159/170353 (executing program) 2022/09/15 12:51:34 fetching corpus: 1788, signal 148909/172177 (executing program) 2022/09/15 12:51:34 fetching corpus: 1838, signal 150051/173547 (executing program) 2022/09/15 12:51:34 fetching corpus: 1888, signal 151482/175097 (executing program) 2022/09/15 12:51:34 fetching corpus: 1938, signal 153023/176705 (executing program) 2022/09/15 12:51:34 fetching corpus: 1988, signal 153882/177806 (executing program) 2022/09/15 12:51:35 fetching corpus: 2038, signal 155086/179108 (executing program) 2022/09/15 12:51:35 fetching corpus: 2088, signal 156246/180381 (executing program) 2022/09/15 12:51:35 fetching corpus: 2138, signal 157640/181779 (executing program) 2022/09/15 12:51:35 fetching corpus: 2188, signal 158995/183136 (executing program) 2022/09/15 12:51:35 fetching corpus: 2238, signal 160180/184424 (executing program) 2022/09/15 12:51:35 fetching corpus: 2288, signal 162222/186064 (executing program) 2022/09/15 12:51:35 fetching corpus: 2338, signal 163700/187514 (executing program) 2022/09/15 12:51:35 fetching corpus: 2388, signal 164816/188658 (executing program) 2022/09/15 12:51:36 fetching corpus: 2438, signal 165898/189780 (executing program) 2022/09/15 12:51:36 fetching corpus: 2488, signal 168017/191503 (executing program) 2022/09/15 12:51:36 fetching corpus: 2538, signal 169133/192552 (executing program) 2022/09/15 12:51:36 fetching corpus: 2588, signal 169780/193374 (executing program) 2022/09/15 12:51:36 fetching corpus: 2638, signal 170734/194305 (executing program) 2022/09/15 12:51:36 fetching corpus: 2688, signal 171704/195243 (executing program) 2022/09/15 12:51:36 fetching corpus: 2738, signal 172623/196070 (executing program) 2022/09/15 12:51:37 fetching corpus: 2788, signal 173583/196953 (executing program) 2022/09/15 12:51:37 fetching corpus: 2838, signal 174654/197842 (executing program) 2022/09/15 12:51:37 fetching corpus: 2888, signal 175485/198623 (executing program) 2022/09/15 12:51:37 fetching corpus: 2938, signal 176662/199510 (executing program) 2022/09/15 12:51:37 fetching corpus: 2988, signal 177485/200258 (executing program) 2022/09/15 12:51:37 fetching corpus: 3038, signal 178358/201021 (executing program) 2022/09/15 12:51:37 fetching corpus: 3088, signal 179222/201738 (executing program) 2022/09/15 12:51:37 fetching corpus: 3138, signal 179952/202367 (executing program) 2022/09/15 12:51:38 fetching corpus: 3188, signal 181066/203142 (executing program) 2022/09/15 12:51:38 fetching corpus: 3238, signal 182639/204166 (executing program) 2022/09/15 12:51:38 fetching corpus: 3288, signal 183864/204977 (executing program) 2022/09/15 12:51:38 fetching corpus: 3338, signal 184592/205553 (executing program) 2022/09/15 12:51:38 fetching corpus: 3388, signal 186284/206661 (executing program) 2022/09/15 12:51:38 fetching corpus: 3438, signal 187069/207202 (executing program) 2022/09/15 12:51:38 fetching corpus: 3488, signal 187798/207735 (executing program) 2022/09/15 12:51:39 fetching corpus: 3538, signal 188484/208252 (executing program) 2022/09/15 12:51:39 fetching corpus: 3587, signal 189174/208767 (executing program) 2022/09/15 12:51:39 fetching corpus: 3637, signal 189979/209226 (executing program) 2022/09/15 12:51:39 fetching corpus: 3687, signal 191313/209894 (executing program) 2022/09/15 12:51:39 fetching corpus: 3737, signal 192265/210426 (executing program) 2022/09/15 12:51:39 fetching corpus: 3787, signal 192928/210876 (executing program) 2022/09/15 12:51:39 fetching corpus: 3837, signal 193699/211463 (executing program) 2022/09/15 12:51:40 fetching corpus: 3887, signal 194523/211926 (executing program) 2022/09/15 12:51:40 fetching corpus: 3937, signal 195277/212373 (executing program) 2022/09/15 12:51:40 fetching corpus: 3987, signal 196004/212750 (executing program) 2022/09/15 12:51:40 fetching corpus: 4037, signal 196532/213059 (executing program) 2022/09/15 12:51:40 fetching corpus: 4087, signal 196983/213375 (executing program) 2022/09/15 12:51:40 fetching corpus: 4137, signal 197948/213769 (executing program) 2022/09/15 12:51:40 fetching corpus: 4187, signal 198885/214115 (executing program) 2022/09/15 12:51:41 fetching corpus: 4237, signal 199242/214366 (executing program) 2022/09/15 12:51:41 fetching corpus: 4287, signal 200070/214692 (executing program) 2022/09/15 12:51:41 fetching corpus: 4337, signal 200934/214983 (executing program) 2022/09/15 12:51:41 fetching corpus: 4387, signal 201307/215216 (executing program) 2022/09/15 12:51:41 fetching corpus: 4437, signal 201926/215490 (executing program) 2022/09/15 12:51:41 fetching corpus: 4486, signal 202500/215739 (executing program) 2022/09/15 12:51:41 fetching corpus: 4536, signal 203389/216003 (executing program) 2022/09/15 12:51:42 fetching corpus: 4586, signal 204231/216227 (executing program) 2022/09/15 12:51:42 fetching corpus: 4636, signal 204606/216390 (executing program) 2022/09/15 12:51:42 fetching corpus: 4686, signal 205559/216929 (executing program) 2022/09/15 12:51:42 fetching corpus: 4736, signal 205989/217107 (executing program) 2022/09/15 12:51:42 fetching corpus: 4786, signal 206807/217283 (executing program) 2022/09/15 12:51:42 fetching corpus: 4836, signal 207273/217429 (executing program) 2022/09/15 12:51:42 fetching corpus: 4886, signal 207806/217657 (executing program) 2022/09/15 12:51:42 fetching corpus: 4936, signal 208342/217820 (executing program) 2022/09/15 12:51:43 fetching corpus: 4986, signal 208965/217955 (executing program) 2022/09/15 12:51:43 fetching corpus: 5036, signal 209485/218069 (executing program) 2022/09/15 12:51:43 fetching corpus: 5086, signal 210030/218167 (executing program) 2022/09/15 12:51:43 fetching corpus: 5136, signal 210389/218289 (executing program) 2022/09/15 12:51:43 fetching corpus: 5186, signal 211078/218432 (executing program) 2022/09/15 12:51:43 fetching corpus: 5236, signal 211655/218454 (executing program) 2022/09/15 12:51:43 fetching corpus: 5254, signal 211828/218454 (executing program) 2022/09/15 12:51:43 fetching corpus: 5254, signal 211828/218454 (executing program) 2022/09/15 12:51:46 starting 8 fuzzer processes 12:51:46 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$msdos(0x0, 0x0, 0x100000001, 0x2, &(0x7f0000000240)=[{&(0x7f0000000680)="8100ff7937b28c79eb7e6bc4f64888eb46d6fff57519be3fa018a7e08512e9490b2cb48a31d0fd665d810c39c1ecd29300d1d8ac3e1dddd4c21dd7ab59ae05f3494e1192d169840a41ae6e090a8947c21226295a8110d1a8cb4042be4c41459c159761f3168be6735b7c2fbf9fdf7dbeba560257ee6cb634e37b45cd6ed1f3fcbb6fb461cfb28193b8b3d7695196f50a4d0edb0cfb561242ac078abed877502f43e056236cb23f18d981cde7e5b59abf566f15650345385ae471b9a49e88b45167a0f4e36ce568ac65e67d01fb82c94c74c238101e352450e612195e1c10b42155287f84e363545da5cd176551a1a29d89a851405dd807f578eff67f14f26ef470d11c01129ac1c657580626cabf621667a4c6cfe5a2d424a056e94573b24ad3dee9ae74d7ea3a7447aa0e64e4c485829807c0e8df339eaa094c06f91a45b1390dceebd7e78394e26e0f23a278b79f4661441336f1f00226333d468a0ef9de70da5134b667b189b7f1fa92136c9d23e8a027f2b558a758af31d39d4309de4e3e6baaf0a22c6df21b0de69143be05cd7dcfe8e0ac1fc7d0dcf0383afd8252eb5a0f71733d4db91df51b77081e9953c6e16e4b71d86ffe944238963cb2c27dde897282c7235283db274b4ef9a14804c637e8b6c7bc830b93727c5a3822837a28ce60369692148cca5f314ba62a0956e8a6ada7f98b66dc9e278ec73cbcd8fc78bf03f91867835ab901722bb48254beedf8ad7b130eb5641d02e1f46ea710c488953f481c6e7180477a41a7411541054292df608abafc3194c1ee1966b50fa9b2e1822d904b9a004e9460212209916f2248fa047a76ce59725b626099e7a7e656214660bd4ae87e6aeda59f013cd297e42447da47a9cf26f12ad098da172656e72e1555b12385550eb6313e0d5e30dc724e0f43572ebf0a41b538e591ebf2c4f816cbe07bb216a3d1128a5e424586c914fe8138cbf54e1e61e8365d365460dff0dc78d03e87645671f0be6855dc92403b98e075dab68f08b7bfa2901c68723b0182a79d18966e049e4c2554c48ab8788575dd3b4292e926cf7767bb097ea159852b8704ca653ea5f477a85caf227172bccf2e185e1badbcb49d732bcf520b08105498a25f7ff31e1182e85ff66a2ada10fd5878583aa495d02d8c5b055d25f62798bb5ee46e1d518f398e067fb857b1463c89d46eed23a1f6c78356a037fc0063931916068c10901fcab3688664a609fcbec50d30a2edbda20a448ee575ef1d6bc30df64e1e930a9a38d5defdbedcacd88035d63e905624001802383828a3e1167f1cfb1a3eb154ecafc55b8709a2910a595bdf166ca318ca054fd1e9513f653aef50b5ef33a7d7d553e2c871a2f283c891036a85962fbd06a3c45bac5fbae17ea742d01707238224c5a534d3da6d3fb9d06a874a375e3fe08f85605246dca4d394e750798f4b061ceaef6fdaa3d2683af476f9dd3a63d3e82d0de50e71a04ffc2f51f53cb09f89e300eb6ccd1856d140f90b605ee28b87908ddd21817ae552a87133ee0a6dc76ef5017833850eb30d9dd43fb4ea4a4abc781d01cbc257b4d0704a35a13cf147dca268f237d8f4f6e9f8110f2d24bbf12d9201bf221097282f9f3b06e17ca2223437e4b285a4267a31b04a2398b04a5027cc89523b940d678f8d5badc521d891a5b860392542ca97c62910849771e99824af4e105f432ef0f9b350ba1829ffea0d056fa4510ebbe9248a81ca975fbe599801a5ecbde098f8d9b2dde7b48e0aec3d7338e1d1badc3c2c308eeb9afed71164385daa3620c59e665684b1e63a60db30526bedc7a5d90ff1a355cdb346c7aeadef534825c33a82c244b2c4b5804190d5c3a69663c1a1b2dce7dca42cabcbb95748869008d43f535853e79724f7cde62ad3b6e2a1ab39f26ac885ad7681f39496e65cbd82b12768393825d80a1a28f03e33217ab0ee34ca719f9f6394bdeaaefc7a1594c28ae4fd073e90b46ead18d902b07a60b68c3a71382cf7b45f1c2038f361c440b8e3c91ca1ca6ba90706ce9ce0615b90d1f4ecbeaecc162f1cb34479886c3cb7d95d3ecafb5943278a248279b8ee63b796c3ea38ecb7785eebbb16bd8d1849fe89c6fdd954e7987819b6f2c9f3d0d684ea7bbc44d159e7b32545e42fec55767019f95ebd52ac4d8a06d9af2cfe14fdb83140c357a8bfb164c852dd78a535a23dd619e43e4ae1f30bbce6ed9f8300d21cbac8b6be4a54471d494baffe9678870242c37c8331832aacbc33cf4edd1cedba64e2417f0c28be6fe15b550dc7b9581634e787dec6ffb0d62606ccfab181d5cb97258390a32daf1eb5447dfbd86c410688228e84c6a0f0949f455c7391fc658161dbe1b53d0049f1125138a06a908d9ce130718d19aa60e6becce38e2df4d9f7c5c797d6ba7509209352518b15fe62275329a9bc2ff801b86c0efa201cf05f7390ce5427c20c68714c4615b00cb9ae85c72deb19d728bd5ada8dde4bf572cacfa2b0412f899f0a302964071a967d231219f7e34cd12d07add4fdd78ae74d8e9cb3e49024e76230e4fcef71d4dc4d245cfc6031bc0af97aca8dc83deb7e15d9f34b920208c8cbac8a6a7b3f85a129ed8ffc53c08f70283bfcab5438ed72ce5a59bc1fffa8b3bf6ec5aa934534863ac724db2a81a7d691d9a4a94237855f32a620bc0df779811bcc631ceeb47ae904cafb8fd2a846d555f2649ef7d553bf7f02a5c82ad46a6ca2451d406bfeb3bb178c6e56a12e390924976de8e038627420722e471b22dc559e57d767b26079758ab15ca9ed2fd00fdf4e143abc438fbe3678131587f31a5bcf5c967556bcf69a328522fe74cb5b6553c1d71e64201760861a6411029f2446cfdc1c76fac5d1acb9b283b26bcde2f9f5491236f700e77cf10df40605b59118e85c246019775ff6230568f9f2ae8c7e2b89ba087e6929c23f04bb20e6981d7383576585a485cb03c81363ba496c57f06044c5415d45335678add70ab99792e957dc604290832442e83f74531add5154004a749e5ac0434884f3f8659e81296788f5a2f787bbddbb026f7d39a14b415b74268949098e377bbb2084c34590f39a1d733baf4ef66ccb4682456844ad06ed974f01510fb9dcd0a9d2f15097213b61c79379c93eedff1ccd36a616cff9e9db05747edd33ac11fa4b5549812c7dd2febefd0459b8b81cfc003d0135a30cb9ba4c63fbdbd1c94ef300b4e7fddf2a085baf44d32857058aa7ed22fb94838fb8cea7b59be85989f3c686b1784a494287580316dc65878215e6df18601dafc2e58a1aa1c9325b3a9450569795364d1a7199e69cd6011d2f75e371c4cce90b00704530dd32f264ef7a3ece97b613fb79f6f6fa916d294878dbb0798ac6ceed0569bff105b15e1a1a6b72d185f358e43fc4b484e44664102e9c916de0f059965a8c23e152836a357239f294f6bb103ca9140d07ff9105898f2f61684a1dd884d5011bd5191f90e83b683b26a03e6467ed61c65c5cfa959643401797cead1bd13ff8cd3b6c3dbb01c44d32c3edf3b40d487b04a869916c92ae9615c446e51c2a735228f0229bfc2e0b779bfea5052c0a0e785c0069a467da8585667f6e0a892c18332df31d2db460ba79aa1a1b6a17b75fe557267f1c4d49d2fe7d78e25a65791a5166a7185099a817414c5ef22de810ca1db4e6b0161fee52d5c6d679950a01a980c45abebb3b21358ffcfdd5d6ce8830463f224d532cb8359b34f1514a21e0de73eb400dc765292ff4ccbd6d91cc847f1e521c1566cad579118e77397fe50770bdf03e3fedc5cd39f1db952900d6f2b3cd107b46d727ef00760205f7b0057c939a7551cc40ee4abce5a70e3f55d67016be59f7365caf130c7e517b9af35941b9426110d0fb5455da8cc40b90334c9dfba680c3dd64c476de7f4fa2402794004fa4ef2b31b29bfaca295236490a2bad1d0d6f9b2cd2eaf29bd7be1d440e4ad910fc0fac02bbb421b7552f3870bfa2ab6879fbc06de76ba160d646e1c0323911a03bebcca45c50fa5acd49d3c26487e34c181063ab710851c51442896027d1f4ca856a18e28ce8e93c45d67abd76743409052f082de61340abdd7c1ff96a5a5e41feeef4bd36acb5abfb22e5699c9464673677011c724fe83f16d3e51e8b418e6a0938f3e547c1046aca68260c70cdff7809a48c14400af4421c62a061120cd662f9feedad393c176a3e449abb0bac7f738a9406bef58866256c5f32d50d43dcd9d5b05ea89476ca7e7e50d76ef3d799066dc74657340b83f26bf9a5fbe9caa6291f88d246489936b0d013455d51633e145cabefbc363c2a2a2b919d53218e00ae38e389babcba265bd6fd5e5ca875373bd6586ba69751f761ceecfde68c91e1a335b568fe28e82fef929934d47540828ca5e3545d10effe91709190b8de8efa36740932ffa7a013c86012e88f8c32df6c2785d4bd4a676d6fa2c5458447a38c6836f84d36e247cdba56f798891021b94398246d110b7f7fb429740440cf15afb5cddd8f52b51b67298b74c613069c0bac1ef0e909043613da30a0e1bc177176803c6362484f6240833e1a3876309b3c1da21b4b41d9f271b29e2f96e5ddeb8af25ecaa2ce231fb85bf22acdc4a191c2fa2cf2c5c5736af0dc0df68a5654fa4856f6ac06331d024475cd0023a6d1db7e74399acfaa6e3899adb2d60bf662cef6d889ae772fab81f810d139d0f22a91a5bf083019e66ad0c7a4ad529852b6ea2f799de72966fbed2b8426d97c3032298d8823f893ccc29fc7ae3e34da5c68758f267cd11507f80bb927e3a7db9ae38cac08a6103505e99a3beb867e57f6da6642dc7bd3878f716b1fc39edb350426f20b0663f76535a183a7a40137b8cac222c2f52e64c9ca6106da4cfefc3669c7b362c8c63089005a06e07b6c15d5eee5fa66901637d376f2ee7358b0aa5e57304c7b7baf4591485b900d1d005e13a2d08edc3b0c96d981ee8f9e6dd5849932794153c16960e7141e0b5ece2ed848580630fbcc331fd70d8678d4ba443403fa24547251fb83c1473e124461d86d6235b2a83e7772274709e685a2d8f14d9217a3e141816c906d6db812a7646f040fdd36076b7b6f67d8ae5d344e46f584c08b2a50f19d40e33e5e727ee0967ecbd566fbd953ac10f53edb65f94f97c284922cbfa78aecd16c8d4c432235e4b880fbfc29e43be4eb2fcbf1c00ff512e8e5db006c12a11934e77a1fe069cdeeaf9bc2c296089540bbccf68e1ed1723a3e350c2d0a45ae68d983c1d9b95f974ade8eb414f7c2e9d6d1f83031a16ecf418e54a56120c5668e16eaf41edd605d161df62fa5fbbdb4b274fd7b7390294a641598e724c48ad2756079a7e4006d43c8e2d9c4694829f7209ff9b39c308535e943f5eb4ef412dc1abd1c29dc449a52055a25f01a6c9ad4aeb55dcc10a97f96837c10e493d1efc6e193be6821fc58374108883270022dd4a04b0f5e908c706d998e3cc8b16ff902976d352c4c194d105c3c7fdb158572a7e84947175b60b7f4ad97a171a642794e8d46e0a0ac13fea6026ece7bf4fab67f149b499b39ce3b33071e8973258ecfa44315051635c187b4a365813792ea9b8b3e005d4e750d0cedf3c82cccf5eb2390b9384e98b82de57fb16e199175a39a6b2b39ef8abae573877af2b92998a0a3ca8fe707fe19cbdd5a55c0e54b7fc763a1e2629d7a6689fd23fbf253fb569706c318a9da321df737ce4b9bcd63aa46868000da294409eadbba41c418428c1caaf1bd5128fa0ea31101a2ff18e3d0485ba3f25291921b", 0x1000}, {&(0x7f0000000200)="84f446a627a0b79c96e18fb3b522ae2bd2776c4056b0", 0x16, 0x8}], 0x41400, &(0x7f0000001780)=ANY=[@ANYBLOB="732c646f74732c646d61736b3d3030303030303030303030303030303030313733362231000000007375722c726f6f74636f6e746578743d756e636e65645f752c686173682c7569643d116a46d91ba23992bf654af6281b675f3237d16e1686110600"/114, @ANYRESDEC=0x0, @ANYBLOB=',euid>', @ANYRESDEC=0x0, @ANYBLOB=',smackfsdef=vfat\x00,pcr=00000000000000000025,\x00']) creat(&(0x7f0000000100)='./file0\x00', 0x80) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = getpid() sched_setaffinity(r1, 0x0, 0x0) perf_event_open(&(0x7f0000000600)={0x4, 0x80, 0x1f, 0xff, 0x5, 0x7, 0x0, 0x4f0, 0xa, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x8, 0x9}, 0x10000, 0xbf, 0x0, 0x3, 0x6d, 0x80, 0x2, 0x0, 0x2, 0x0, 0x8}, r1, 0x5, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup(r2) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x9d, 0x9}}, './file0\x00'}) fcntl$setpipe(r3, 0x407, 0x6) fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000340)=0x4) 12:51:46 executing program 1: syz_emit_ethernet(0x2a, &(0x7f0000000000)={@link_local, @local, @void, {@arp={0x806, @ether_ipv4={0x6, 0x800, 0x6, 0x4, 0x0, @empty, @rand_addr, @link_local, @local}}}}, 0x0) 12:51:46 executing program 2: r0 = io_uring_setup(0x5766, &(0x7f0000000040)) io_uring_register$IORING_REGISTER_FILES(r0, 0x9, 0x0, 0xfffffeed) 12:51:46 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r3 = socket$inet_udp(0x2, 0x2, 0x0) connect(r3, &(0x7f0000000000)=@nl=@unspec, 0x80) pwritev(r2, &(0x7f00000007c0)=[{&(0x7f0000000140)="23fcc8ea3e434e7e938b5362ac0ab8493cc4861db3cab77f43c19b96ef4e3748fda88a31501ba1aef5d007ecd44d98e2b854302c772d11a1", 0x38}, {0x0}, {&(0x7f0000000440)}], 0x3, 0xf01, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00') lseek(r5, 0x0, 0x1) preadv(r5, &(0x7f00000005c0)=[{&(0x7f0000000080)=""/114, 0x72}, {&(0x7f0000000180)=""/138, 0x8a}, {&(0x7f0000000240)=""/4, 0x4}, {0x0}, {&(0x7f0000000540)=""/125, 0x7d}], 0x5, 0x1, 0x3) sendfile(r1, r4, 0x0, 0x409afb) sendfile(r4, r0, 0x0, 0x409afb) [ 77.354249] audit: type=1400 audit(1663246306.584:6): avc: denied { execmem } for pid=287 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:51:46 executing program 4: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, &(0x7f0000000380)) 12:51:46 executing program 5: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$P9_RVERSION(r1, &(0x7f00000005c0)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.u'}, 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 12:51:46 executing program 6: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000000)) 12:51:46 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x2}}, 0x43e180) [ 78.572673] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.576733] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.578380] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.582055] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.584262] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 78.585954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.591237] Bluetooth: hci0: HCI_REQ-0x0c1a [ 78.614481] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 78.617478] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 78.622157] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 78.627025] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 78.633996] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 78.635605] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 78.649497] Bluetooth: hci1: HCI_REQ-0x0c1a [ 78.738010] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.739725] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 78.741575] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 78.743002] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 78.744701] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 78.746364] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 78.751618] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 78.752992] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 78.754180] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 78.755495] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 78.756853] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.758217] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 78.760959] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 78.761926] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 78.762322] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 78.770023] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.772156] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 78.777489] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.777611] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 78.779513] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 78.779657] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 78.782092] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 78.782354] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 78.784690] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 78.786121] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 78.788017] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 78.789223] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 78.789991] Bluetooth: hci3: HCI_REQ-0x0c1a [ 78.790554] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 78.792316] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 78.793709] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 78.793828] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 78.795985] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 78.796134] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 78.801639] Bluetooth: hci5: HCI_REQ-0x0c1a [ 78.804023] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 78.814553] Bluetooth: hci2: HCI_REQ-0x0c1a [ 78.815701] Bluetooth: hci4: HCI_REQ-0x0c1a [ 78.816046] Bluetooth: hci6: HCI_REQ-0x0c1a [ 78.838660] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 78.840278] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 78.845940] Bluetooth: hci7: HCI_REQ-0x0c1a [ 80.670902] Bluetooth: hci0: command 0x0409 tx timeout [ 80.772305] Bluetooth: hci1: command 0x0409 tx timeout [ 80.849804] Bluetooth: hci5: command 0x0409 tx timeout [ 80.879903] Bluetooth: hci6: command 0x0409 tx timeout [ 80.880756] Bluetooth: hci4: command 0x0409 tx timeout [ 80.882421] Bluetooth: hci2: command 0x0409 tx timeout [ 80.883343] Bluetooth: hci3: command 0x0409 tx timeout [ 80.913832] Bluetooth: hci7: command 0x0409 tx timeout [ 82.705839] Bluetooth: hci0: command 0x041b tx timeout [ 82.834950] Bluetooth: hci1: command 0x041b tx timeout [ 82.897863] Bluetooth: hci4: command 0x041b tx timeout [ 82.898336] Bluetooth: hci5: command 0x041b tx timeout [ 82.898862] Bluetooth: hci3: command 0x041b tx timeout [ 82.900259] Bluetooth: hci2: command 0x041b tx timeout [ 82.900709] Bluetooth: hci6: command 0x041b tx timeout [ 82.962809] Bluetooth: hci7: command 0x041b tx timeout [ 84.754808] Bluetooth: hci0: command 0x040f tx timeout [ 84.882870] Bluetooth: hci1: command 0x040f tx timeout [ 84.946840] Bluetooth: hci6: command 0x040f tx timeout [ 84.947334] Bluetooth: hci2: command 0x040f tx timeout [ 84.947757] Bluetooth: hci3: command 0x040f tx timeout [ 84.948395] Bluetooth: hci5: command 0x040f tx timeout [ 84.948847] Bluetooth: hci4: command 0x040f tx timeout [ 85.010909] Bluetooth: hci7: command 0x040f tx timeout [ 86.802858] Bluetooth: hci0: command 0x0419 tx timeout [ 86.930881] Bluetooth: hci1: command 0x0419 tx timeout [ 86.994838] Bluetooth: hci4: command 0x0419 tx timeout [ 86.995307] Bluetooth: hci5: command 0x0419 tx timeout [ 86.995720] Bluetooth: hci3: command 0x0419 tx timeout [ 86.996158] Bluetooth: hci2: command 0x0419 tx timeout [ 86.996569] Bluetooth: hci6: command 0x0419 tx timeout [ 87.057823] Bluetooth: hci7: command 0x0419 tx timeout 12:52:45 executing program 1: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = dup(r1) bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0x0, 0x1}, 0x6) ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000000)) [ 136.313598] audit: type=1400 audit(1663246365.543:7): avc: denied { open } for pid=3840 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 136.317051] audit: type=1400 audit(1663246365.543:8): avc: denied { kernel } for pid=3840 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 136.341295] ------------[ cut here ]------------ [ 136.341317] [ 136.341321] ====================================================== [ 136.341324] WARNING: possible circular locking dependency detected [ 136.341328] 6.0.0-rc5-next-20220915 #1 Not tainted [ 136.341335] ------------------------------------------------------ [ 136.341338] syz-executor.1/3843 is trying to acquire lock: [ 136.341344] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 136.341383] [ 136.341383] but task is already holding lock: [ 136.341386] ffff88800efb6420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 136.341414] [ 136.341414] which lock already depends on the new lock. [ 136.341414] [ 136.341417] [ 136.341417] the existing dependency chain (in reverse order) is: [ 136.341421] [ 136.341421] -> #3 (&ctx->lock){....}-{2:2}: [ 136.341435] _raw_spin_lock+0x2a/0x40 [ 136.341452] __perf_event_task_sched_out+0x53b/0x18d0 [ 136.341464] __schedule+0xedd/0x2470 [ 136.341475] schedule+0xda/0x1b0 [ 136.341485] exit_to_user_mode_prepare+0x114/0x1a0 [ 136.341506] syscall_exit_to_user_mode+0x19/0x40 [ 136.341525] do_syscall_64+0x48/0x90 [ 136.341539] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 136.341558] [ 136.341558] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 136.341571] _raw_spin_lock_nested+0x30/0x40 [ 136.341587] raw_spin_rq_lock_nested+0x1e/0x30 [ 136.341600] task_fork_fair+0x63/0x4d0 [ 136.341617] sched_cgroup_fork+0x3d0/0x540 [ 136.341632] copy_process+0x4183/0x6e20 [ 136.341642] kernel_clone+0xe7/0x890 [ 136.341652] user_mode_thread+0xad/0xf0 [ 136.341662] rest_init+0x24/0x250 [ 136.341679] arch_call_rest_init+0xf/0x14 [ 136.341691] start_kernel+0x4c1/0x4e6 [ 136.341701] secondary_startup_64_no_verify+0xe0/0xeb [ 136.341716] [ 136.341716] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 136.341730] _raw_spin_lock_irqsave+0x39/0x60 [ 136.341745] try_to_wake_up+0xab/0x1920 [ 136.341761] up+0x75/0xb0 [ 136.341773] __up_console_sem+0x6e/0x80 [ 136.341790] console_unlock+0x46a/0x590 [ 136.341806] vt_ioctl+0x2822/0x2ca0 [ 136.341819] tty_ioctl+0x7c4/0x1700 [ 136.341831] __x64_sys_ioctl+0x19a/0x210 [ 136.341847] do_syscall_64+0x3b/0x90 [ 136.341860] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 136.341878] [ 136.341878] -> #0 ((console_sem).lock){....}-{2:2}: [ 136.341892] __lock_acquire+0x2a02/0x5e70 [ 136.341909] lock_acquire+0x1a2/0x530 [ 136.341925] _raw_spin_lock_irqsave+0x39/0x60 [ 136.341940] down_trylock+0xe/0x70 [ 136.341952] __down_trylock_console_sem+0x3b/0xd0 [ 136.341969] vprintk_emit+0x16b/0x560 [ 136.341986] vprintk+0x84/0xa0 [ 136.342002] _printk+0xba/0xf1 [ 136.342021] report_bug.cold+0x72/0xab [ 136.342034] handle_bug+0x3c/0x70 [ 136.342047] exc_invalid_op+0x14/0x50 [ 136.342061] asm_exc_invalid_op+0x16/0x20 [ 136.342078] group_sched_out.part.0+0x2c7/0x460 [ 136.342089] ctx_sched_out+0x8f1/0xc10 [ 136.342098] __perf_event_task_sched_out+0x6d0/0x18d0 [ 136.342110] __schedule+0xedd/0x2470 [ 136.342120] schedule+0xda/0x1b0 [ 136.342130] exit_to_user_mode_prepare+0x114/0x1a0 [ 136.342150] syscall_exit_to_user_mode+0x19/0x40 [ 136.342167] do_syscall_64+0x48/0x90 [ 136.342181] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 136.342198] [ 136.342198] other info that might help us debug this: [ 136.342198] [ 136.342201] Chain exists of: [ 136.342201] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 136.342201] [ 136.342216] Possible unsafe locking scenario: [ 136.342216] [ 136.342218] CPU0 CPU1 [ 136.342221] ---- ---- [ 136.342223] lock(&ctx->lock); [ 136.342229] lock(&rq->__lock); [ 136.342235] lock(&ctx->lock); [ 136.342241] lock((console_sem).lock); [ 136.342247] [ 136.342247] *** DEADLOCK *** [ 136.342247] [ 136.342249] 2 locks held by syz-executor.1/3843: [ 136.342256] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 136.342281] #1: ffff88800efb6420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 136.342309] [ 136.342309] stack backtrace: [ 136.342312] CPU: 0 PID: 3843 Comm: syz-executor.1 Not tainted 6.0.0-rc5-next-20220915 #1 [ 136.342325] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 136.342333] Call Trace: [ 136.342336] [ 136.342341] dump_stack_lvl+0x8b/0xb3 [ 136.342356] check_noncircular+0x263/0x2e0 [ 136.342373] ? format_decode+0x26c/0xb50 [ 136.342389] ? print_circular_bug+0x450/0x450 [ 136.342407] ? enable_ptr_key_workfn+0x20/0x20 [ 136.342423] ? format_decode+0x26c/0xb50 [ 136.342440] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 136.342458] __lock_acquire+0x2a02/0x5e70 [ 136.342482] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 136.342500] ? __mutex_add_waiter+0x120/0x120 [ 136.342520] lock_acquire+0x1a2/0x530 [ 136.342537] ? down_trylock+0xe/0x70 [ 136.342553] ? rcu_read_unlock+0x40/0x40 [ 136.342575] ? vprintk+0x84/0xa0 [ 136.342594] _raw_spin_lock_irqsave+0x39/0x60 [ 136.342610] ? down_trylock+0xe/0x70 [ 136.342624] down_trylock+0xe/0x70 [ 136.342638] ? vprintk+0x84/0xa0 [ 136.342655] __down_trylock_console_sem+0x3b/0xd0 [ 136.342673] vprintk_emit+0x16b/0x560 [ 136.342693] vprintk+0x84/0xa0 [ 136.342711] _printk+0xba/0xf1 [ 136.342730] ? record_print_text.cold+0x16/0x16 [ 136.342754] ? report_bug.cold+0x66/0xab [ 136.342769] ? group_sched_out.part.0+0x2c7/0x460 [ 136.342781] report_bug.cold+0x72/0xab [ 136.342797] handle_bug+0x3c/0x70 [ 136.342811] exc_invalid_op+0x14/0x50 [ 136.342827] asm_exc_invalid_op+0x16/0x20 [ 136.342845] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 136.342858] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 136.342870] RSP: 0018:ffff88801b48fc48 EFLAGS: 00010006 [ 136.342879] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.342886] RDX: ffff888018211ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 136.342894] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 136.342901] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88800efb6400 [ 136.342909] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 136.342921] ? group_sched_out.part.0+0x2c7/0x460 [ 136.342935] ? group_sched_out.part.0+0x2c7/0x460 [ 136.342948] ctx_sched_out+0x8f1/0xc10 [ 136.342962] __perf_event_task_sched_out+0x6d0/0x18d0 [ 136.342978] ? lock_is_held_type+0xd7/0x130 [ 136.342998] ? __perf_cgroup_move+0x160/0x160 [ 136.343010] ? set_next_entity+0x304/0x550 [ 136.343028] ? update_curr+0x267/0x740 [ 136.343048] ? lock_is_held_type+0xd7/0x130 [ 136.343067] __schedule+0xedd/0x2470 [ 136.343082] ? io_schedule_timeout+0x150/0x150 [ 136.343096] ? __x64_sys_futex_time32+0x480/0x480 [ 136.343110] schedule+0xda/0x1b0 [ 136.343122] exit_to_user_mode_prepare+0x114/0x1a0 [ 136.343143] syscall_exit_to_user_mode+0x19/0x40 [ 136.343162] do_syscall_64+0x48/0x90 [ 136.343177] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 136.343196] RIP: 0033:0x7f0d3ade9b19 [ 136.343204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.343215] RSP: 002b:00007f0d3835f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 136.343226] RAX: 0000000000000001 RBX: 00007f0d3aefcf68 RCX: 00007f0d3ade9b19 [ 136.343233] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0d3aefcf6c [ 136.343240] RBP: 00007f0d3aefcf60 R08: 000000000000000e R09: 0000000000000000 [ 136.343248] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0d3aefcf6c [ 136.343255] R13: 00007ffcc8933ecf R14: 00007f0d3835f300 R15: 0000000000022000 [ 136.343270] [ 136.397605] WARNING: CPU: 0 PID: 3843 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 136.398290] Modules linked in: [ 136.398538] CPU: 0 PID: 3843 Comm: syz-executor.1 Not tainted 6.0.0-rc5-next-20220915 #1 [ 136.399151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 136.399983] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 136.400390] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 136.401749] RSP: 0018:ffff88801b48fc48 EFLAGS: 00010006 [ 136.402154] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 136.402691] RDX: ffff888018211ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 136.403223] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001 [ 136.403762] R10: 0000000000000000 R11: ffffffff865ac01b R12: ffff88800efb6400 [ 136.404301] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 136.404838] FS: 00007f0d3835f700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 136.405455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.405903] CR2: 00007f4724976000 CR3: 0000000017488000 CR4: 0000000000350ef0 [ 136.406444] Call Trace: [ 136.406640] [ 136.406814] ctx_sched_out+0x8f1/0xc10 [ 136.407108] __perf_event_task_sched_out+0x6d0/0x18d0 [ 136.407515] ? lock_is_held_type+0xd7/0x130 [ 136.407856] ? __perf_cgroup_move+0x160/0x160 [ 136.408206] ? set_next_entity+0x304/0x550 [ 136.408546] ? update_curr+0x267/0x740 [ 136.408853] ? lock_is_held_type+0xd7/0x130 [ 136.409193] __schedule+0xedd/0x2470 [ 136.409504] ? io_schedule_timeout+0x150/0x150 [ 136.409862] ? __x64_sys_futex_time32+0x480/0x480 [ 136.410229] schedule+0xda/0x1b0 [ 136.410495] exit_to_user_mode_prepare+0x114/0x1a0 [ 136.410884] syscall_exit_to_user_mode+0x19/0x40 [ 136.411258] do_syscall_64+0x48/0x90 [ 136.411558] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 136.411968] RIP: 0033:0x7f0d3ade9b19 [ 136.412258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 136.413633] RSP: 002b:00007f0d3835f218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 136.414207] RAX: 0000000000000001 RBX: 00007f0d3aefcf68 RCX: 00007f0d3ade9b19 [ 136.414729] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0d3aefcf6c [ 136.415275] RBP: 00007f0d3aefcf60 R08: 000000000000000e R09: 0000000000000000 [ 136.415776] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f0d3aefcf6c [ 136.416274] R13: 00007ffcc8933ecf R14: 00007f0d3835f300 R15: 0000000000022000 [ 136.416784] [ 136.416954] irq event stamp: 608 [ 136.417196] hardirqs last enabled at (607): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 136.417870] hardirqs last disabled at (608): [] __schedule+0x1225/0x2470 [ 136.418450] softirqs last enabled at (0): [] copy_process+0x1e15/0x6e20 [ 136.419030] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 136.419479] ---[ end trace 0000000000000000 ]--- 12:52:45 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) timer_create(0x0, 0x0, &(0x7f0000000400)) timer_getoverrun(0x0) [ 136.706226] audit: type=1400 audit(1663246365.936:9): avc: denied { write } for pid=3840 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 12:52:45 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f0000000640)='2', 0x1, 0x0) preadv2(r0, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/75, 0x4b}], 0x1, 0x0, 0x0, 0x8) 12:52:46 executing program 6: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, 0x0, 0x200000000000000, 0x0, &(0x7f0000000200), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x2}}, 0x267055344c79a707) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) [ 136.848046] loop6: detected capacity change from 0 to 264192 12:52:46 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f0000000640)='2', 0x1, 0x0) preadv2(r0, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/75, 0x4b}], 0x1, 0x0, 0x0, 0x8) 12:52:46 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f0000000640)='2', 0x1, 0x0) preadv2(r0, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/75, 0x4b}], 0x1, 0x0, 0x0, 0x8) 12:52:46 executing program 6: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, 0x0, 0x200000000000000, 0x0, &(0x7f0000000200), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x2}}, 0x267055344c79a707) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 12:52:46 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, 0x0, 0x200000000000000, 0x0, &(0x7f0000000200), 0x0, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_confh={0x10, 0x2, {0x2}}, 0x267055344c79a707) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) [ 137.055407] loop6: detected capacity change from 0 to 264192 [ 137.072183] loop2: detected capacity change from 0 to 264192 [ 139.862743] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 139.864324] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 139.866167] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 139.868577] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 139.870290] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 139.871588] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 139.875278] Bluetooth: hci0: HCI_REQ-0x0c1a [ 139.931044] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 139.932599] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 139.934077] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 139.936274] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 139.938223] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 139.939821] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 139.943315] Bluetooth: hci5: HCI_REQ-0x0c1a [ 139.991220] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 139.999415] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 140.005960] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 140.013534] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 140.021929] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 140.025054] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 140.032441] Bluetooth: hci6: HCI_REQ-0x0c1a [ 141.905821] Bluetooth: hci0: command 0x0409 tx timeout [ 141.969870] Bluetooth: hci5: command 0x0409 tx timeout [ 141.970823] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 142.097817] Bluetooth: hci6: command 0x0409 tx timeout [ 143.953835] Bluetooth: hci0: command 0x041b tx timeout [ 144.018820] Bluetooth: hci5: command 0x041b tx timeout [ 144.146832] Bluetooth: hci6: command 0x041b tx timeout [ 146.001806] Bluetooth: hci0: command 0x040f tx timeout [ 146.068817] Bluetooth: hci5: command 0x040f tx timeout [ 146.198841] Bluetooth: hci6: command 0x040f tx timeout [ 146.258795] Bluetooth: hci4: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 12:52:45 Registers: info registers vcpu 0 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b29f1 RDI=ffffffff87641ba0 RBP=ffffffff87641b60 RSP=ffff88801b48f698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000031 R11=0000000000000001 R12=0000000000000031 R13=ffffffff87641b60 R14=0000000000000010 R15=ffffffff822b29e0 RIP=ffffffff822b2a49 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f0d3835f700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f4724976000 CR3=0000000017488000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f0d3aed07c0 00007f0d3aed07c8 YMM02=0000000000000000 0000000000000000 00007f0d3aed07e0 00007f0d3aed07c0 YMM03=0000000000000000 0000000000000000 00007f0d3aed07c8 00007f0d3aed07c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=1ffff1100348eebb RCX=1ffffd1ffffa4ccc RDX=0000000000000006 RSI=0000000000000000 RDI=ffffffff81468ec0 RBP=0000000000000000 RSP=ffff88801a4775c8 R8 =0000000000000002 R9 =0000000000000000 R10=fffffbfff0b605ea R11=0000000000000001 R12=0000000000000002 R13=0000000000000000 R14=ffffffff85406fa0 R15=0000000000000000 RIP=ffffffff812a433c RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f27483b34a1 CR3=000000000ee2e000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 2525252525252525 2525252525252525 YMM01=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff YMM03=0000000000000000 0000000000000000 2d646c6f2074736f 0065736100006266 YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000