Warning: Permanently added '[localhost]:1846' (ECDSA) to the list of known hosts. 2022/09/12 14:36:47 fuzzer started 2022/09/12 14:36:48 dialing manager at localhost:38027 syzkaller login: [ 44.330684] cgroup: Unknown subsys name 'net' [ 44.451891] cgroup: Unknown subsys name 'rlimit' 2022/09/12 14:37:01 syscalls: 2215 2022/09/12 14:37:01 code coverage: enabled 2022/09/12 14:37:01 comparison tracing: enabled 2022/09/12 14:37:01 extra coverage: enabled 2022/09/12 14:37:01 setuid sandbox: enabled 2022/09/12 14:37:01 namespace sandbox: enabled 2022/09/12 14:37:01 Android sandbox: enabled 2022/09/12 14:37:01 fault injection: enabled 2022/09/12 14:37:01 leak checking: enabled 2022/09/12 14:37:01 net packet injection: enabled 2022/09/12 14:37:01 net device setup: enabled 2022/09/12 14:37:01 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/12 14:37:01 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/12 14:37:01 USB emulation: enabled 2022/09/12 14:37:01 hci packet injection: enabled 2022/09/12 14:37:01 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912) 2022/09/12 14:37:01 802.15.4 emulation: enabled 2022/09/12 14:37:01 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/12 14:37:01 fetching corpus: 30, signal 25194/28661 (executing program) 2022/09/12 14:37:01 fetching corpus: 74, signal 41088/45814 (executing program) 2022/09/12 14:37:02 fetching corpus: 124, signal 56257/61943 (executing program) 2022/09/12 14:37:02 fetching corpus: 174, signal 63342/70123 (executing program) 2022/09/12 14:37:02 fetching corpus: 224, signal 71611/79208 (executing program) 2022/09/12 14:37:02 fetching corpus: 274, signal 77198/85648 (executing program) 2022/09/12 14:37:02 fetching corpus: 324, signal 80930/90303 (executing program) 2022/09/12 14:37:02 fetching corpus: 374, signal 84770/94960 (executing program) 2022/09/12 14:37:02 fetching corpus: 424, signal 88028/99039 (executing program) 2022/09/12 14:37:02 fetching corpus: 474, signal 91392/103134 (executing program) 2022/09/12 14:37:02 fetching corpus: 524, signal 94029/106502 (executing program) 2022/09/12 14:37:03 fetching corpus: 574, signal 96687/109836 (executing program) 2022/09/12 14:37:03 fetching corpus: 624, signal 100782/114346 (executing program) 2022/09/12 14:37:03 fetching corpus: 674, signal 105561/119395 (executing program) 2022/09/12 14:37:03 fetching corpus: 724, signal 107779/122130 (executing program) 2022/09/12 14:37:03 fetching corpus: 774, signal 111515/126074 (executing program) 2022/09/12 14:37:03 fetching corpus: 824, signal 113722/128799 (executing program) 2022/09/12 14:37:03 fetching corpus: 874, signal 115863/131325 (executing program) 2022/09/12 14:37:04 fetching corpus: 924, signal 118118/133997 (executing program) 2022/09/12 14:37:04 fetching corpus: 974, signal 120072/136273 (executing program) 2022/09/12 14:37:04 fetching corpus: 1024, signal 121431/138142 (executing program) 2022/09/12 14:37:04 fetching corpus: 1074, signal 123204/140241 (executing program) 2022/09/12 14:37:04 fetching corpus: 1124, signal 124886/142280 (executing program) 2022/09/12 14:37:04 fetching corpus: 1174, signal 126940/144546 (executing program) 2022/09/12 14:37:04 fetching corpus: 1224, signal 128454/146356 (executing program) 2022/09/12 14:37:04 fetching corpus: 1274, signal 130571/148586 (executing program) 2022/09/12 14:37:05 fetching corpus: 1324, signal 132595/150723 (executing program) 2022/09/12 14:37:05 fetching corpus: 1374, signal 133891/152327 (executing program) 2022/09/12 14:37:05 fetching corpus: 1424, signal 136166/154498 (executing program) 2022/09/12 14:37:05 fetching corpus: 1474, signal 138252/156536 (executing program) 2022/09/12 14:37:05 fetching corpus: 1524, signal 139463/157926 (executing program) 2022/09/12 14:37:05 fetching corpus: 1574, signal 141435/159780 (executing program) 2022/09/12 14:37:05 fetching corpus: 1624, signal 142940/161445 (executing program) 2022/09/12 14:37:06 fetching corpus: 1674, signal 144487/162982 (executing program) 2022/09/12 14:37:06 fetching corpus: 1724, signal 145981/164562 (executing program) 2022/09/12 14:37:06 fetching corpus: 1774, signal 147594/166090 (executing program) 2022/09/12 14:37:06 fetching corpus: 1824, signal 149160/167549 (executing program) 2022/09/12 14:37:06 fetching corpus: 1874, signal 149960/168493 (executing program) 2022/09/12 14:37:06 fetching corpus: 1924, signal 151340/169754 (executing program) 2022/09/12 14:37:06 fetching corpus: 1974, signal 152530/170962 (executing program) 2022/09/12 14:37:06 fetching corpus: 2024, signal 154013/172248 (executing program) 2022/09/12 14:37:07 fetching corpus: 2074, signal 155331/173420 (executing program) 2022/09/12 14:37:07 fetching corpus: 2124, signal 156916/174755 (executing program) 2022/09/12 14:37:07 fetching corpus: 2174, signal 157731/175642 (executing program) 2022/09/12 14:37:07 fetching corpus: 2224, signal 159095/176767 (executing program) 2022/09/12 14:37:07 fetching corpus: 2274, signal 160429/177849 (executing program) 2022/09/12 14:37:07 fetching corpus: 2324, signal 161772/178956 (executing program) 2022/09/12 14:37:08 fetching corpus: 2374, signal 162960/179929 (executing program) 2022/09/12 14:37:08 fetching corpus: 2424, signal 164410/180964 (executing program) 2022/09/12 14:37:08 fetching corpus: 2474, signal 165524/181836 (executing program) 2022/09/12 14:37:08 fetching corpus: 2524, signal 167152/182864 (executing program) 2022/09/12 14:37:08 fetching corpus: 2574, signal 167843/183496 (executing program) 2022/09/12 14:37:08 fetching corpus: 2624, signal 168990/184418 (executing program) 2022/09/12 14:37:08 fetching corpus: 2674, signal 169797/185047 (executing program) 2022/09/12 14:37:09 fetching corpus: 2724, signal 171182/185960 (executing program) 2022/09/12 14:37:09 fetching corpus: 2774, signal 172095/186714 (executing program) 2022/09/12 14:37:09 fetching corpus: 2824, signal 173323/187454 (executing program) 2022/09/12 14:37:09 fetching corpus: 2873, signal 174505/188186 (executing program) 2022/09/12 14:37:09 fetching corpus: 2923, signal 175468/188857 (executing program) 2022/09/12 14:37:09 fetching corpus: 2973, signal 176350/189390 (executing program) 2022/09/12 14:37:10 fetching corpus: 3023, signal 177398/190068 (executing program) 2022/09/12 14:37:10 fetching corpus: 3073, signal 178307/190587 (executing program) 2022/09/12 14:37:10 fetching corpus: 3122, signal 179012/191032 (executing program) 2022/09/12 14:37:10 fetching corpus: 3172, signal 179862/191531 (executing program) 2022/09/12 14:37:10 fetching corpus: 3222, signal 180884/192074 (executing program) 2022/09/12 14:37:10 fetching corpus: 3272, signal 181527/192488 (executing program) 2022/09/12 14:37:11 fetching corpus: 3322, signal 182507/192969 (executing program) 2022/09/12 14:37:11 fetching corpus: 3372, signal 183409/193380 (executing program) 2022/09/12 14:37:11 fetching corpus: 3422, signal 184666/193909 (executing program) 2022/09/12 14:37:11 fetching corpus: 3472, signal 185904/194394 (executing program) 2022/09/12 14:37:11 fetching corpus: 3522, signal 186917/194781 (executing program) 2022/09/12 14:37:11 fetching corpus: 3572, signal 188308/195187 (executing program) 2022/09/12 14:37:12 fetching corpus: 3622, signal 189146/195454 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/195692 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/195769 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/195841 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/195923 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/195993 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196058 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196129 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196199 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196263 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196355 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196427 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196496 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196590 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196667 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196765 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196844 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196912 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/196989 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/197085 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/197170 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/197238 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/197304 (executing program) 2022/09/12 14:37:12 fetching corpus: 3653, signal 189683/197304 (executing program) 2022/09/12 14:37:14 starting 8 fuzzer processes 14:37:14 executing program 0: pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) fcntl$getflags(r0, 0xb) 14:37:14 executing program 1: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x5}]}) 14:37:14 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) readv(r0, &(0x7f0000001600)=[{&(0x7f0000001200)=""/12, 0x7d0}, {&(0x7f0000001240)=""/103, 0x67}, {&(0x7f00000012c0)=""/126, 0x7e}, {&(0x7f0000001340)=""/171, 0xab}, {&(0x7f0000001400)=""/18, 0x12}, {&(0x7f0000001440)=""/245, 0xf5}, {&(0x7f0000001540)=""/177, 0xb1}], 0x7) 14:37:14 executing program 3: syz_mount_image$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x161941, 0x2) openat2(0xffffffffffffffff, 0x0, 0x0, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000006c0)={'sit0\x00', &(0x7f0000000640)={'ip6_vti0\x00', 0x0, 0x4, 0x7, 0x81, 0x2, 0x10, @private1, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x0, 0x10000, 0x7ff}}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000180)='./file1\x00', 0x0) 14:37:14 executing program 4: r0 = perf_event_open(&(0x7f0000000280)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ppoll(&(0x7f00000000c0)=[{r0}], 0x1, 0x0, 0x0, 0x0) 14:37:14 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x161941, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) truncate(&(0x7f0000000180)='./file1\x00', 0x0) 14:37:14 executing program 5: syz_io_uring_setup(0x7323, &(0x7f00000001c0)={0x0, 0xfc1b}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000240), &(0x7f0000000280)) r0 = epoll_create1(0x0) epoll_pwait2(r0, &(0x7f0000000440)=[{}], 0x1, 0x0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x15) syz_io_uring_setup(0x4715, &(0x7f0000000600), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000680), &(0x7f00000006c0)) [ 70.686793] audit: type=1400 audit(1662993434.751:6): avc: denied { execmem } for pid=288 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:37:14 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000, 0x3ff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000540)={@in6={{0xa, 0x4e20, 0xffff, @mcast2, 0x4}}, 0x0, 0x0, 0x15, 0x0, "b25da62d685a38083e45ab1950001ca46105939b4b3d83bd945bed03b30b62897693132cb6e12788b1d58f9b2fff886055bea488ee0e2918a8c961a2684924dfa9841132b1916476e31d06d76d34a918"}, 0xd8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) sendfile(r1, r2, 0x0, 0xffff) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r3, 0x5390, &(0x7f0000002340)) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x3709, 0x3, &(0x7f0000000380)=[{&(0x7f0000000180)="1c2fe7f4768bbb4726372f7ae4f19dbebc055e338ef75483d768ff9661c6", 0x1e, 0x84a}, {&(0x7f00000001c0)="388cbf3d90953f6ab40ff6a75acbbf53880ed5b66aa541ae9a5f42fefb047436d6c2416285793361f23ace0e3666e47dac410a1047a20710ad0bc8781024d37ef2e3456ac7178fd2ea26d75d963423678b55bee32c0fc2696cb52f45a60b8e3635a982bbc6f643c54cfc4212fd717170f75e6fe08c5e2d007e43209704cc1e15c14da4db99a8a00e75", 0x89, 0x8}, {&(0x7f0000000300)="adbf3a6c6f8ced403e4d167f1835f0831b4a1878501e444d3fc569adb2d8dd01585c75b45e2624610b7f", 0x2a, 0xe9}], 0x200480c, &(0x7f0000000400)={[{@rodir}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}], [{@uid_eq}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}]}) utimensat(0xffffffffffffffff, &(0x7f0000000480)='./file1\x00', &(0x7f0000000500)={{}, {0x77359400}}, 0x100) [ 72.069930] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.072147] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 72.075265] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.076857] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.078377] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.080435] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.083275] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.085419] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.086923] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 72.088164] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.089625] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 72.093121] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.095454] Bluetooth: hci0: HCI_REQ-0x0c1a [ 72.112920] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 72.126143] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 72.127887] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 72.129185] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 72.131326] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 72.137669] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 72.138929] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 72.145329] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 72.146326] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 72.151690] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 72.152838] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 72.154935] Bluetooth: hci3: HCI_REQ-0x0c1a [ 72.156443] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 72.160143] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.162696] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.165280] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 72.167101] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.169117] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 72.170400] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 72.174243] Bluetooth: hci2: HCI_REQ-0x0c1a [ 72.175695] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.179726] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 72.190761] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 72.194434] Bluetooth: hci1: HCI_REQ-0x0c1a [ 72.199003] Bluetooth: hci7: HCI_REQ-0x0c1a [ 72.205056] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 72.205131] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 72.206292] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 72.208561] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 72.214427] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 72.217435] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 72.220384] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 72.221992] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 72.223286] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 72.225903] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 72.227705] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 72.229056] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 72.230753] Bluetooth: hci4: HCI_REQ-0x0c1a [ 72.236869] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 72.236943] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 72.239600] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 72.246434] Bluetooth: hci5: HCI_REQ-0x0c1a [ 72.248827] Bluetooth: hci6: HCI_REQ-0x0c1a [ 74.202167] Bluetooth: hci1: command 0x0409 tx timeout [ 74.203148] Bluetooth: hci2: command 0x0409 tx timeout [ 74.204383] Bluetooth: hci3: command 0x0409 tx timeout [ 74.205706] Bluetooth: hci0: command 0x0409 tx timeout [ 74.265648] Bluetooth: hci6: command 0x0409 tx timeout [ 74.266294] Bluetooth: hci4: command 0x0409 tx timeout [ 74.266551] Bluetooth: hci5: command 0x0409 tx timeout [ 74.267943] Bluetooth: hci7: command 0x0409 tx timeout [ 76.250732] Bluetooth: hci0: command 0x041b tx timeout [ 76.251572] Bluetooth: hci3: command 0x041b tx timeout [ 76.252309] Bluetooth: hci2: command 0x041b tx timeout [ 76.255559] Bluetooth: hci1: command 0x041b tx timeout [ 76.313658] Bluetooth: hci5: command 0x041b tx timeout [ 76.313877] Bluetooth: hci7: command 0x041b tx timeout [ 76.314385] Bluetooth: hci6: command 0x041b tx timeout [ 76.315738] Bluetooth: hci4: command 0x041b tx timeout [ 78.297570] Bluetooth: hci1: command 0x040f tx timeout [ 78.298092] Bluetooth: hci2: command 0x040f tx timeout [ 78.298602] Bluetooth: hci3: command 0x040f tx timeout [ 78.299055] Bluetooth: hci0: command 0x040f tx timeout [ 78.361531] Bluetooth: hci4: command 0x040f tx timeout [ 78.362007] Bluetooth: hci7: command 0x040f tx timeout [ 78.362438] Bluetooth: hci5: command 0x040f tx timeout [ 78.362557] Bluetooth: hci6: command 0x040f tx timeout [ 80.345557] Bluetooth: hci0: command 0x0419 tx timeout [ 80.346043] Bluetooth: hci3: command 0x0419 tx timeout [ 80.346503] Bluetooth: hci2: command 0x0419 tx timeout [ 80.346928] Bluetooth: hci1: command 0x0419 tx timeout [ 80.409531] Bluetooth: hci6: command 0x0419 tx timeout [ 80.410001] Bluetooth: hci5: command 0x0419 tx timeout [ 80.410412] Bluetooth: hci7: command 0x0419 tx timeout [ 80.411073] Bluetooth: hci4: command 0x0419 tx timeout [ 128.354782] audit: type=1400 audit(1662993492.418:7): avc: denied { open } for pid=3776 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.356695] audit: type=1400 audit(1662993492.419:8): avc: denied { kernel } for pid=3776 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.374046] ------------[ cut here ]------------ [ 128.374066] [ 128.374068] ====================================================== [ 128.374072] WARNING: possible circular locking dependency detected [ 128.374076] 6.0.0-rc5-next-20220912 #1 Not tainted [ 128.374083] ------------------------------------------------------ [ 128.374086] syz-executor.7/3779 is trying to acquire lock: [ 128.374093] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 128.374132] [ 128.374132] but task is already holding lock: [ 128.374135] ffff88803f66cc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.374164] [ 128.374164] which lock already depends on the new lock. [ 128.374164] [ 128.374167] [ 128.374167] the existing dependency chain (in reverse order) is: [ 128.374171] [ 128.374171] -> #3 (&ctx->lock){....}-{2:2}: [ 128.374185] _raw_spin_lock+0x2a/0x40 [ 128.374202] __perf_event_task_sched_out+0x53b/0x18d0 [ 128.374214] __schedule+0xedd/0x2470 [ 128.374224] schedule+0xda/0x1b0 [ 128.374233] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.374255] syscall_exit_to_user_mode+0x19/0x40 [ 128.374273] do_syscall_64+0x48/0x90 [ 128.374287] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.374304] [ 128.374304] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 128.374318] _raw_spin_lock_nested+0x30/0x40 [ 128.374333] raw_spin_rq_lock_nested+0x1e/0x30 [ 128.374347] task_fork_fair+0x63/0x4d0 [ 128.374364] sched_cgroup_fork+0x3d0/0x540 [ 128.374378] copy_process+0x3f9e/0x6df0 [ 128.374389] kernel_clone+0xe7/0x890 [ 128.374398] user_mode_thread+0xad/0xf0 [ 128.374409] rest_init+0x24/0x250 [ 128.374425] arch_call_rest_init+0xf/0x14 [ 128.374445] start_kernel+0x4c1/0x4e6 [ 128.374464] secondary_startup_64_no_verify+0xe0/0xeb [ 128.374479] [ 128.374479] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 128.374493] _raw_spin_lock_irqsave+0x39/0x60 [ 128.374507] try_to_wake_up+0xab/0x1920 [ 128.374521] up+0x75/0xb0 [ 128.374532] __up_console_sem+0x6e/0x80 [ 128.374549] console_unlock+0x46a/0x590 [ 128.374565] con_install+0x14e/0x5d0 [ 128.374585] tty_init_dev.part.0+0xa0/0x610 [ 128.374599] tty_open+0xbc0/0x1370 [ 128.374609] chrdev_open+0x268/0x6e0 [ 128.374623] do_dentry_open+0x6ca/0x12b0 [ 128.374637] path_openat+0x19e1/0x2800 [ 128.374649] do_filp_open+0x1b6/0x410 [ 128.374660] do_sys_openat2+0x171/0x4c0 [ 128.374675] __x64_sys_openat+0x13f/0x1f0 [ 128.374690] do_syscall_64+0x3b/0x90 [ 128.374702] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.374719] [ 128.374719] -> #0 ((console_sem).lock){....}-{2:2}: [ 128.374733] __lock_acquire+0x2a02/0x5e70 [ 128.374750] lock_acquire+0x1a2/0x530 [ 128.374766] _raw_spin_lock_irqsave+0x39/0x60 [ 128.374780] down_trylock+0xe/0x70 [ 128.374793] __down_trylock_console_sem+0x3b/0xd0 [ 128.374809] vprintk_emit+0x16b/0x560 [ 128.374826] vprintk+0x84/0xa0 [ 128.374843] _printk+0xba/0xf1 [ 128.374860] report_bug.cold+0x72/0xab [ 128.374873] handle_bug+0x3c/0x70 [ 128.374885] exc_invalid_op+0x14/0x50 [ 128.374898] asm_exc_invalid_op+0x16/0x20 [ 128.374915] group_sched_out.part.0+0x2c7/0x460 [ 128.374925] ctx_sched_out+0x8f1/0xc10 [ 128.374935] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.374947] __schedule+0xedd/0x2470 [ 128.374956] schedule+0xda/0x1b0 [ 128.374965] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.374985] syscall_exit_to_user_mode+0x19/0x40 [ 128.375002] do_syscall_64+0x48/0x90 [ 128.375014] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.375031] [ 128.375031] other info that might help us debug this: [ 128.375031] [ 128.375034] Chain exists of: [ 128.375034] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 128.375034] [ 128.375049] Possible unsafe locking scenario: [ 128.375049] [ 128.375051] CPU0 CPU1 [ 128.375054] ---- ---- [ 128.375056] lock(&ctx->lock); [ 128.375062] lock(&rq->__lock); [ 128.375068] lock(&ctx->lock); [ 128.375074] lock((console_sem).lock); [ 128.375080] [ 128.375080] *** DEADLOCK *** [ 128.375080] [ 128.375082] 2 locks held by syz-executor.7/3779: [ 128.375089] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 128.375114] #1: ffff88803f66cc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.375142] [ 128.375142] stack backtrace: [ 128.375145] CPU: 1 PID: 3779 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220912 #1 [ 128.375158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.375166] Call Trace: [ 128.375170] [ 128.375173] dump_stack_lvl+0x8b/0xb3 [ 128.375188] check_noncircular+0x263/0x2e0 [ 128.375204] ? format_decode+0x26c/0xb50 [ 128.375219] ? print_circular_bug+0x450/0x450 [ 128.375237] ? enable_ptr_key_workfn+0x20/0x20 [ 128.375252] ? format_decode+0x26c/0xb50 [ 128.375267] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 128.375285] __lock_acquire+0x2a02/0x5e70 [ 128.375307] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.375330] lock_acquire+0x1a2/0x530 [ 128.375365] ? down_trylock+0xe/0x70 [ 128.375380] ? rcu_read_unlock+0x40/0x40 [ 128.375402] ? vprintk+0x84/0xa0 [ 128.375420] _raw_spin_lock_irqsave+0x39/0x60 [ 128.375435] ? down_trylock+0xe/0x70 [ 128.375449] down_trylock+0xe/0x70 [ 128.375463] ? vprintk+0x84/0xa0 [ 128.375480] __down_trylock_console_sem+0x3b/0xd0 [ 128.375498] vprintk_emit+0x16b/0x560 [ 128.375517] vprintk+0x84/0xa0 [ 128.375535] _printk+0xba/0xf1 [ 128.375553] ? record_print_text.cold+0x16/0x16 [ 128.375575] ? report_bug.cold+0x66/0xab [ 128.375589] ? group_sched_out.part.0+0x2c7/0x460 [ 128.375601] report_bug.cold+0x72/0xab [ 128.375615] handle_bug+0x3c/0x70 [ 128.375629] exc_invalid_op+0x14/0x50 [ 128.375643] asm_exc_invalid_op+0x16/0x20 [ 128.375660] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.375674] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.375685] RSP: 0018:ffff888015ee7c48 EFLAGS: 00010006 [ 128.375694] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.375702] RDX: ffff88803f531ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 128.375710] RBP: ffff88803f930000 R08: 0000000000000005 R09: 0000000000000001 [ 128.375717] R10: 0000000000000000 R11: ffffffff865aa05b R12: ffff88803f66cc00 [ 128.375725] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 128.375736] ? group_sched_out.part.0+0x2c7/0x460 [ 128.375749] ? group_sched_out.part.0+0x2c7/0x460 [ 128.375762] ctx_sched_out+0x8f1/0xc10 [ 128.375775] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.375791] ? lock_is_held_type+0xd7/0x130 [ 128.375809] ? __perf_cgroup_move+0x160/0x160 [ 128.375821] ? set_next_entity+0x304/0x550 [ 128.375839] ? update_curr+0x267/0x740 [ 128.375858] ? lock_is_held_type+0xd7/0x130 [ 128.375876] __schedule+0xedd/0x2470 [ 128.375889] ? io_schedule_timeout+0x150/0x150 [ 128.375902] ? rcu_read_lock_sched_held+0x3e/0x80 [ 128.375923] schedule+0xda/0x1b0 [ 128.375934] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.375955] syscall_exit_to_user_mode+0x19/0x40 [ 128.375973] do_syscall_64+0x48/0x90 [ 128.375987] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.376004] RIP: 0033:0x7fc4031aeb19 [ 128.376012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.376023] RSP: 002b:00007fc400724218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.376034] RAX: 0000000000000001 RBX: 00007fc4032c1f68 RCX: 00007fc4031aeb19 [ 128.376042] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc4032c1f6c [ 128.376050] RBP: 00007fc4032c1f60 R08: 000000000000000e R09: 0000000000000000 [ 128.376057] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc4032c1f6c [ 128.376064] R13: 00007fff7103af9f R14: 00007fc400724300 R15: 0000000000022000 [ 128.376077] [ 128.435011] WARNING: CPU: 1 PID: 3779 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 128.435744] Modules linked in: [ 128.436007] CPU: 1 PID: 3779 Comm: syz-executor.7 Not tainted 6.0.0-rc5-next-20220912 #1 [ 128.436596] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.437432] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.437869] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.439254] RSP: 0018:ffff888015ee7c48 EFLAGS: 00010006 [ 128.439664] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.440195] RDX: ffff88803f531ac0 RSI: ffffffff81566027 RDI: 0000000000000005 [ 128.440721] RBP: ffff88803f930000 R08: 0000000000000005 R09: 0000000000000001 [ 128.441241] R10: 0000000000000000 R11: ffffffff865aa05b R12: ffff88803f66cc00 [ 128.441770] R13: ffff88806cf3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 128.442298] FS: 00007fc400724700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 128.442893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.443324] CR2: 00007f43300216f4 CR3: 000000001ee5a000 CR4: 0000000000350ee0 [ 128.443865] Call Trace: [ 128.444057] [ 128.444230] ctx_sched_out+0x8f1/0xc10 [ 128.444528] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.444917] ? lock_is_held_type+0xd7/0x130 [ 128.445245] ? __perf_cgroup_move+0x160/0x160 [ 128.445589] ? set_next_entity+0x304/0x550 [ 128.445918] ? update_curr+0x267/0x740 [ 128.446220] ? lock_is_held_type+0xd7/0x130 [ 128.446553] __schedule+0xedd/0x2470 [ 128.446837] ? io_schedule_timeout+0x150/0x150 [ 128.447183] ? rcu_read_lock_sched_held+0x3e/0x80 [ 128.447559] schedule+0xda/0x1b0 [ 128.447815] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.448190] syscall_exit_to_user_mode+0x19/0x40 [ 128.448556] do_syscall_64+0x48/0x90 [ 128.448837] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.449229] RIP: 0033:0x7fc4031aeb19 [ 128.449510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.450841] RSP: 002b:00007fc400724218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.451420] RAX: 0000000000000001 RBX: 00007fc4032c1f68 RCX: 00007fc4031aeb19 [ 128.451958] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc4032c1f6c [ 128.452495] RBP: 00007fc4032c1f60 R08: 000000000000000e R09: 0000000000000000 [ 128.453020] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc4032c1f6c [ 128.453540] R13: 00007fff7103af9f R14: 00007fc400724300 R15: 0000000000022000 [ 128.454058] [ 128.454231] irq event stamp: 616 [ 128.454479] hardirqs last enabled at (615): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 128.455155] hardirqs last disabled at (616): [] __schedule+0x1225/0x2470 [ 128.455760] softirqs last enabled at (306): [] __irq_exit_rcu+0x11b/0x180 [ 128.456379] softirqs last disabled at (301): [] __irq_exit_rcu+0x11b/0x180 [ 128.456988] ---[ end trace 0000000000000000 ]--- [ 128.807735] loop7: detected capacity change from 0 to 27 [ 128.809412] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 128.900547] loop7: detected capacity change from 0 to 27 [ 128.901154] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 14:38:13 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000, 0x3ff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000540)={@in6={{0xa, 0x4e20, 0xffff, @mcast2, 0x4}}, 0x0, 0x0, 0x15, 0x0, "b25da62d685a38083e45ab1950001ca46105939b4b3d83bd945bed03b30b62897693132cb6e12788b1d58f9b2fff886055bea488ee0e2918a8c961a2684924dfa9841132b1916476e31d06d76d34a918"}, 0xd8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) sendfile(r1, r2, 0x0, 0xffff) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r3, 0x5390, &(0x7f0000002340)) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x3709, 0x3, &(0x7f0000000380)=[{&(0x7f0000000180)="1c2fe7f4768bbb4726372f7ae4f19dbebc055e338ef75483d768ff9661c6", 0x1e, 0x84a}, {&(0x7f00000001c0)="388cbf3d90953f6ab40ff6a75acbbf53880ed5b66aa541ae9a5f42fefb047436d6c2416285793361f23ace0e3666e47dac410a1047a20710ad0bc8781024d37ef2e3456ac7178fd2ea26d75d963423678b55bee32c0fc2696cb52f45a60b8e3635a982bbc6f643c54cfc4212fd717170f75e6fe08c5e2d007e43209704cc1e15c14da4db99a8a00e75", 0x89, 0x8}, {&(0x7f0000000300)="adbf3a6c6f8ced403e4d167f1835f0831b4a1878501e444d3fc569adb2d8dd01585c75b45e2624610b7f", 0x2a, 0xe9}], 0x200480c, &(0x7f0000000400)={[{@rodir}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}], [{@uid_eq}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}]}) utimensat(0xffffffffffffffff, &(0x7f0000000480)='./file1\x00', &(0x7f0000000500)={{}, {0x77359400}}, 0x100) [ 129.062163] loop7: detected capacity change from 0 to 27 [ 129.063428] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 14:38:13 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x2080000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000, 0x3ff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10005}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r1, &(0x7f00000000c0)='9', 0x1, 0x8040000) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000540)={@in6={{0xa, 0x4e20, 0xffff, @mcast2, 0x4}}, 0x0, 0x0, 0x15, 0x0, "b25da62d685a38083e45ab1950001ca46105939b4b3d83bd945bed03b30b62897693132cb6e12788b1d58f9b2fff886055bea488ee0e2918a8c961a2684924dfa9841132b1916476e31d06d76d34a918"}, 0xd8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0) sendfile(r1, r2, 0x0, 0xffff) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000100), 0x44b43, 0x0) ioctl$SG_EMULATED_HOST(r3, 0x5390, &(0x7f0000002340)) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x3709, 0x3, &(0x7f0000000380)=[{&(0x7f0000000180)="1c2fe7f4768bbb4726372f7ae4f19dbebc055e338ef75483d768ff9661c6", 0x1e, 0x84a}, {&(0x7f00000001c0)="388cbf3d90953f6ab40ff6a75acbbf53880ed5b66aa541ae9a5f42fefb047436d6c2416285793361f23ace0e3666e47dac410a1047a20710ad0bc8781024d37ef2e3456ac7178fd2ea26d75d963423678b55bee32c0fc2696cb52f45a60b8e3635a982bbc6f643c54cfc4212fd717170f75e6fe08c5e2d007e43209704cc1e15c14da4db99a8a00e75", 0x89, 0x8}, {&(0x7f0000000300)="adbf3a6c6f8ced403e4d167f1835f0831b4a1878501e444d3fc569adb2d8dd01585c75b45e2624610b7f", 0x2a, 0xe9}], 0x200480c, &(0x7f0000000400)={[{@rodir}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}], [{@uid_eq}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}]}) utimensat(0xffffffffffffffff, &(0x7f0000000480)='./file1\x00', &(0x7f0000000500)={{}, {0x77359400}}, 0x100) [ 129.291117] loop7: detected capacity change from 0 to 27 [ 129.292690] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 135.385568] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 135.385578] Bluetooth: hci2: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 14:38:12 Registers: info registers vcpu 0 RAX=1ffff110037c729b RBX=ffff888008bb3d28 RCX=1ffff1100112a1fa RDX=dffffc0000000000 RSI=ffff88800da1b0c0 RDI=ffff88801be394d8 RBP=ffff88800da1b000 RSP=ffff888017d87910 R8 =0000000000000001 R9 =0000000000000246 R10=ffffed1002fb0f10 R11=0000000000000001 R12=ffff88800d3d6048 R13=0000000000000000 R14=ffff88801be394a8 R15=ffff88800d3d6000 RIP=ffffffff817bd186 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f9aa4d348c0 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f88064064a1 CR3=0000000008940000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 YMM02=0000000000000000 0000000000000000 2e76656475006c65 76656c5f676f6c2e YMM03=0000000000000000 0000000000000000 7267630073636f72 702e70756f726763 YMM04=0000000000000000 0000000000000000 0000000300000001 000055b6d5833ca0 YMM05=0000000000000000 0000000000000000 000055b6d582dbd0 000055b6d57f6290 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000400000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 2f63697361622f63 72732f2e2e000d0a YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888015ee7698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000035 R11=0000000000000001 R12=0000000000000035 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30 RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc400724700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f43300216f4 CR3=000000001ee5a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fc4032957c0 00007fc4032957c8 YMM02=0000000000000000 0000000000000000 00007fc4032957e0 00007fc4032957c0 YMM03=0000000000000000 0000000000000000 00007fc4032957c8 00007fc4032957c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000