Warning: Permanently added '[localhost]:13366' (ECDSA) to the list of known hosts.
2022/09/12 14:54:27 fuzzer started
2022/09/12 14:54:27 dialing manager at localhost:38027
syzkaller login: [   36.246688] cgroup: Unknown subsys name 'net'
[   36.313915] cgroup: Unknown subsys name 'rlimit'
2022/09/12 14:54:41 syscalls: 2215
2022/09/12 14:54:41 code coverage: enabled
2022/09/12 14:54:41 comparison tracing: enabled
2022/09/12 14:54:41 extra coverage: enabled
2022/09/12 14:54:41 setuid sandbox: enabled
2022/09/12 14:54:41 namespace sandbox: enabled
2022/09/12 14:54:41 Android sandbox: enabled
2022/09/12 14:54:41 fault injection: enabled
2022/09/12 14:54:41 leak checking: enabled
2022/09/12 14:54:41 net packet injection: enabled
2022/09/12 14:54:41 net device setup: enabled
2022/09/12 14:54:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/12 14:54:41 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/12 14:54:41 USB emulation: enabled
2022/09/12 14:54:41 hci packet injection: enabled
2022/09/12 14:54:41 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912                                          )
2022/09/12 14:54:41 802.15.4 emulation: enabled
2022/09/12 14:54:41 fetching corpus: 0, signal 0/2000 (executing program)
2022/09/12 14:54:41 fetching corpus: 50, signal 24610/28095 (executing program)
2022/09/12 14:54:41 fetching corpus: 100, signal 38752/43564 (executing program)
2022/09/12 14:54:41 fetching corpus: 150, signal 51369/57305 (executing program)
2022/09/12 14:54:41 fetching corpus: 200, signal 60217/67240 (executing program)
2022/09/12 14:54:41 fetching corpus: 250, signal 69976/77786 (executing program)
2022/09/12 14:54:42 fetching corpus: 300, signal 75346/84128 (executing program)
2022/09/12 14:54:42 fetching corpus: 350, signal 80850/90478 (executing program)
2022/09/12 14:54:42 fetching corpus: 400, signal 85872/96214 (executing program)
2022/09/12 14:54:42 fetching corpus: 450, signal 90714/101748 (executing program)
2022/09/12 14:54:42 fetching corpus: 500, signal 95221/106885 (executing program)
2022/09/12 14:54:42 fetching corpus: 550, signal 98533/110917 (executing program)
2022/09/12 14:54:43 fetching corpus: 600, signal 101843/114812 (executing program)
2022/09/12 14:54:43 fetching corpus: 650, signal 103887/117571 (executing program)
2022/09/12 14:54:43 fetching corpus: 700, signal 106148/120488 (executing program)
2022/09/12 14:54:43 fetching corpus: 750, signal 108658/123512 (executing program)
2022/09/12 14:54:43 fetching corpus: 800, signal 110733/126119 (executing program)
2022/09/12 14:54:43 fetching corpus: 850, signal 113732/129560 (executing program)
2022/09/12 14:54:43 fetching corpus: 900, signal 115716/132055 (executing program)
2022/09/12 14:54:44 fetching corpus: 950, signal 118515/135166 (executing program)
2022/09/12 14:54:44 fetching corpus: 1000, signal 120377/137448 (executing program)
2022/09/12 14:54:44 fetching corpus: 1050, signal 122327/139764 (executing program)
2022/09/12 14:54:44 fetching corpus: 1100, signal 124723/142422 (executing program)
2022/09/12 14:54:44 fetching corpus: 1150, signal 126574/144646 (executing program)
2022/09/12 14:54:44 fetching corpus: 1200, signal 129227/147385 (executing program)
2022/09/12 14:54:44 fetching corpus: 1250, signal 131278/149724 (executing program)
2022/09/12 14:54:45 fetching corpus: 1300, signal 133505/152069 (executing program)
2022/09/12 14:54:45 fetching corpus: 1350, signal 135475/154274 (executing program)
2022/09/12 14:54:45 fetching corpus: 1400, signal 136803/155903 (executing program)
2022/09/12 14:54:45 fetching corpus: 1450, signal 138333/157653 (executing program)
2022/09/12 14:54:45 fetching corpus: 1500, signal 139860/159359 (executing program)
2022/09/12 14:54:45 fetching corpus: 1550, signal 141067/160803 (executing program)
2022/09/12 14:54:45 fetching corpus: 1600, signal 142788/162701 (executing program)
2022/09/12 14:54:45 fetching corpus: 1650, signal 144724/164601 (executing program)
2022/09/12 14:54:46 fetching corpus: 1700, signal 146514/166432 (executing program)
2022/09/12 14:54:46 fetching corpus: 1750, signal 147546/167645 (executing program)
2022/09/12 14:54:46 fetching corpus: 1800, signal 149699/169708 (executing program)
2022/09/12 14:54:46 fetching corpus: 1850, signal 151779/171626 (executing program)
2022/09/12 14:54:46 fetching corpus: 1900, signal 153039/172915 (executing program)
2022/09/12 14:54:46 fetching corpus: 1950, signal 154139/174092 (executing program)
2022/09/12 14:54:47 fetching corpus: 2000, signal 155662/175545 (executing program)
2022/09/12 14:54:47 fetching corpus: 2050, signal 156942/176847 (executing program)
2022/09/12 14:54:47 fetching corpus: 2100, signal 158730/178325 (executing program)
2022/09/12 14:54:47 fetching corpus: 2150, signal 160053/179505 (executing program)
2022/09/12 14:54:47 fetching corpus: 2200, signal 161577/180814 (executing program)
2022/09/12 14:54:47 fetching corpus: 2250, signal 162131/181542 (executing program)
2022/09/12 14:54:47 fetching corpus: 2300, signal 163206/182581 (executing program)
2022/09/12 14:54:47 fetching corpus: 2350, signal 164177/183517 (executing program)
2022/09/12 14:54:48 fetching corpus: 2400, signal 165153/184430 (executing program)
2022/09/12 14:54:48 fetching corpus: 2450, signal 166560/185568 (executing program)
2022/09/12 14:54:48 fetching corpus: 2500, signal 167495/186397 (executing program)
2022/09/12 14:54:48 fetching corpus: 2550, signal 168366/187208 (executing program)
2022/09/12 14:54:48 fetching corpus: 2600, signal 169497/188112 (executing program)
2022/09/12 14:54:48 fetching corpus: 2650, signal 170670/188995 (executing program)
2022/09/12 14:54:49 fetching corpus: 2700, signal 171346/189640 (executing program)
2022/09/12 14:54:49 fetching corpus: 2750, signal 172516/190546 (executing program)
2022/09/12 14:54:49 fetching corpus: 2800, signal 173682/191394 (executing program)
2022/09/12 14:54:49 fetching corpus: 2850, signal 175172/192332 (executing program)
2022/09/12 14:54:49 fetching corpus: 2900, signal 176006/192969 (executing program)
2022/09/12 14:54:49 fetching corpus: 2950, signal 176778/193536 (executing program)
2022/09/12 14:54:49 fetching corpus: 3000, signal 177721/194264 (executing program)
2022/09/12 14:54:50 fetching corpus: 3050, signal 179112/195080 (executing program)
2022/09/12 14:54:50 fetching corpus: 3100, signal 179943/195653 (executing program)
2022/09/12 14:54:50 fetching corpus: 3150, signal 180791/196201 (executing program)
2022/09/12 14:54:50 fetching corpus: 3200, signal 181482/196720 (executing program)
2022/09/12 14:54:50 fetching corpus: 3250, signal 182682/197378 (executing program)
2022/09/12 14:54:50 fetching corpus: 3300, signal 183209/197754 (executing program)
2022/09/12 14:54:50 fetching corpus: 3350, signal 184447/198438 (executing program)
2022/09/12 14:54:51 fetching corpus: 3400, signal 185234/198950 (executing program)
2022/09/12 14:54:51 fetching corpus: 3450, signal 185994/199437 (executing program)
2022/09/12 14:54:51 fetching corpus: 3500, signal 187034/199950 (executing program)
2022/09/12 14:54:51 fetching corpus: 3550, signal 188032/200425 (executing program)
2022/09/12 14:54:51 fetching corpus: 3600, signal 189040/200922 (executing program)
2022/09/12 14:54:51 fetching corpus: 3650, signal 189710/201238 (executing program)
2022/09/12 14:54:51 fetching corpus: 3700, signal 190402/201584 (executing program)
2022/09/12 14:54:52 fetching corpus: 3750, signal 190858/201868 (executing program)
2022/09/12 14:54:52 fetching corpus: 3800, signal 191680/202283 (executing program)
2022/09/12 14:54:52 fetching corpus: 3850, signal 192438/202590 (executing program)
2022/09/12 14:54:52 fetching corpus: 3900, signal 193619/202982 (executing program)
2022/09/12 14:54:52 fetching corpus: 3950, signal 194523/203329 (executing program)
2022/09/12 14:54:52 fetching corpus: 4000, signal 195327/203601 (executing program)
2022/09/12 14:54:53 fetching corpus: 4050, signal 195909/203823 (executing program)
2022/09/12 14:54:53 fetching corpus: 4100, signal 196828/204072 (executing program)
2022/09/12 14:54:53 fetching corpus: 4150, signal 197491/204260 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204370 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204439 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204530 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204599 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204693 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204774 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204851 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204912 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/204985 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/205059 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/205145 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/205217 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/205283 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/205356 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/205435 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/205497 (executing program)
2022/09/12 14:54:53 fetching corpus: 4157, signal 197675/205497 (executing program)
2022/09/12 14:54:56 starting 8 fuzzer processes
14:54:56 executing program 0:
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x5}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
pwrite64(r0, &(0x7f0000000340)="f49ed7af6b75172312f80cde19e5a724193b832a07e6a15f72ac82a86a843c655181d1db9a414a41360de9f5586796e56a505e737d87a4f87cd1696b4550044666e87ed874fa4166586552556b61fc8c79f2780930394f29dcb81ca96f99d06bed6b82b12427f8ac64ac76719cec1b571ba0eee993842ca726f4bc7ce69961d87aef8564dfa39be857645bf116c5a58b8bb4c664dd794bdd450db1a185809117ede16555c110718f89bd7bc7a124b759ddbfc7b48e77a52a654138d73b05c52ec2a6c445b043e67d88d1f869b7290b11ad5dc390c34787a490ea2a094e8212cfa9d1d3efc377ab9f405008afb8f7a39042943a876a6e176e63bc93be9696c4b61301e9b7f33f850accda97eee9f35d08ba2c9c390a04ffec5e031a3185e3735489afc2b3dd5cfa34b8339e8944093ed0c70cd446bc0a1367f4c387217aa74f099933b74e0c3d48ff02e3b1c4fc9a4c0fc2dfee8e92308f2bbb52d838db6d65ed53d3e493819678226bc1ce904fdd749a25d80a29f836ea03e58c28ff9604483a4548a5fe9e61b79601ed57b266dbaf579092094ecf4fc9211983434e948ed313d9d4b4a13c2cb30d37f9cd360a0ea515454558f11a24d0862c0679534c1c663cb411f6a74cc2a59d3485b88e92807b0b4c66fe1cca5f6d7eec25fd901476be6c8fff6d58174d5f8f3f311d9353fad61e144fbb62694d9952b153b765075cf8c50514d951f0bb9e4ba5002881ad323ca64ee58b83a1b020d3fb934b9c2cf8878796c90fad9fecc3834f9c607447f87633f0c105ab0c7be4dba893806f5a54bda18c98f5929d3341ffa0c2c00e223e2af9169187a46a7dc50315c3d493c3516240ad9a8f5904a953a223c830f11d83917f29d6fdeb7a22f5ebceed6a38158b42c51cf7b4a46b42782010cf8180672ceab28ba4bc2286435a33676a589d036b22153f0f6b7e4810b621876cd9afb0901a4c0552dde5db8c5590c553a23dd0da799280c7f77c1813d13433a377163f687481dca3fa892c7869cb91f0019e27f459f6fbd1cbdebf6547c4e348161355ba02492055644bd2632aa49cf1d2a213e511c4ff7aa47d73dadd23102c1b5989bfb5d684cdc968c896e5038cddd864877260ff4c132b3cc7872da9a4f3fc03c5380935e55a59d3f52690546d79a5aef659c81f04c4b0c923b71b242cb0423966fde4ff35c61f5f01b5a1a5bc348056a4e7f53efaff487be4f08891deacb2be87215a1c6d49d3995e0496b1a53efab6d591d71b2eeb89db487457ad1e6d77ae42535b09d2f03e70af7eaa6de498f0fc28b63583e643f2c960cf425c17192f55374f7ae4f52e9efdaed83c72745fa4b51d157e6d1fe9e55f7b54aec15294e4f11a45759e6b8bf1efb30216b7c15ba30d1b87a3baca82a299eae30e6ab9e9a2687ad64bea8805209a2d898761482796aba228cddb1ed4f7a1778671619d6928dcb0b8fa5709576bbfa243600a298a806876f0fc6ae77a75152a6e331a89446b6be4037ead664b2ff69b34061acea184117a83a4983452b2712154b5d0858a0df9a9cd77dd6ec0261916bd0acc78e3164a955ec2ea140f17101a9f0046a6e5b62e89e18d43248683e92b05c383252949dfb60ea8f1e67df773852187e54e05b241ae4bc4c8dc349796562c4fff419fdcd10200f5e7a2c783dca3f07e4b2fa4a6133a53b04c146ee85d4625d35820ecadf3a79990287f8587a2a7017a5f3aa450c238af94a7441cd56081703f7dafbcccf97c5c0b9196202f5c322b23278643dc0a3a053a2f5e87a429dc441776d51286a6d49cec8af9f38369abe3ab0ecd21d6463bbc74d22efbbad32dcd1637b53fa6f8b72a4b7a1e01d484d2737893ada1a0bfd0ea72d80de104a18d933ac50a8be3935f3df9797f3129ef5ce3f8e963e5b5d9cb7ccdc5ee989d84d44bf852c1582d20debb917757133d99f4f4e01af9943ca0094b3447b8dd77e0a700a38c237e493ea0e9e0da574fc24a7159ae6777222d0e17bf438e4b3f51ec9a1675f45ff4b3a99a776ac98d8dfdbb4e72517bb083d842cfe7ff2baec227849144953b7faffa4bfa3091ab4c5ce9cc4dcfb6b105d3aa341401b6fe72531ee5a63db31f9e355a255310cac293cef81ed4d91e5eeb276b0e4dd866dd82d490dfdbdd9907c0774004c170882172515004f91fa12f8f0567bdf64e81e2b9", 0x611, 0x0)

14:54:56 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[], [{@obj_role={'obj_role', 0x3d, '\''}}]})
mount(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0)

14:54:56 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x5, &(0x7f00000005c0), 0x4)

14:54:56 executing program 3:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f7366d8a02b00080101000440002000f801", 0x17}, {0x0, 0x0, 0x2800}], 0x0, &(0x7f0000000140)=ANY=[])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
openat(r0, 0x0, 0x9c800, 0x124)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x1, 0x1, 0x8001})

14:54:56 executing program 4:
r0 = epoll_create(0x4)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x4, r1, &(0x7f0000000000))

14:54:56 executing program 5:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=@updsa={0xf0, 0x1a, 0x1, 0x0, 0x0, {{@in=@empty, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0xa0}, {@in6=@private2}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}}, 0x0)

[   64.974264] audit: type=1400 audit(1662994496.491:6): avc:  denied  { execmem } for  pid=282 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
14:54:56 executing program 7:
clone3(&(0x7f0000000640)={0x133363500, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

14:54:56 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'syz_tun\x00', 0x0})
setresuid(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000440)=0x1)

[   66.322916] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   66.325658] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.328284] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   66.329974] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   66.332113] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   66.333723] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   66.339137] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   66.341617] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   66.343695] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   66.346196] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   66.348550] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   66.357783] Bluetooth: hci1: HCI_REQ-0x0c1a
[   66.383045] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   66.395965] Bluetooth: hci0: HCI_REQ-0x0c1a
[   66.407149] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   66.409355] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   66.411678] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   66.421657] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   66.423069] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   66.424824] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   66.426278] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   66.428161] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   66.431325] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   66.433340] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   66.435985] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   66.444689] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   66.446139] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   66.449306] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   66.453766] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   66.455884] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   66.455961] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   66.459564] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   66.459567] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   66.465840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   66.465883] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   66.468265] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   66.470157] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   66.472944] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   66.474943] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   66.477883] Bluetooth: hci6: HCI_REQ-0x0c1a
[   66.479964] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   66.481247] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   66.482379] Bluetooth: hci5: HCI_REQ-0x0c1a
[   66.487248] Bluetooth: hci3: HCI_REQ-0x0c1a
[   66.495658] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   66.508828] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   66.511722] Bluetooth: hci4: HCI_REQ-0x0c1a
[   66.512307] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   66.527316] Bluetooth: hci7: HCI_REQ-0x0c1a
[   68.397530] Bluetooth: hci2: Opcode 0x c03 failed: -110
[   68.398036] Bluetooth: hci1: command 0x0409 tx timeout
[   68.461628] Bluetooth: hci0: command 0x0409 tx timeout
[   68.525607] Bluetooth: hci4: command 0x0409 tx timeout
[   68.526508] Bluetooth: hci3: command 0x0409 tx timeout
[   68.526561] Bluetooth: hci5: command 0x0409 tx timeout
[   68.531130] Bluetooth: hci6: command 0x0409 tx timeout
[   68.589815] Bluetooth: hci7: command 0x0409 tx timeout
[   70.445921] Bluetooth: hci1: command 0x041b tx timeout
[   70.509521] Bluetooth: hci0: command 0x041b tx timeout
[   70.573461] Bluetooth: hci6: command 0x041b tx timeout
[   70.573921] Bluetooth: hci4: command 0x041b tx timeout
[   70.574369] Bluetooth: hci5: command 0x041b tx timeout
[   70.575801] Bluetooth: hci3: command 0x041b tx timeout
[   70.637527] Bluetooth: hci7: command 0x041b tx timeout
[   71.879484] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   71.880958] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   71.881733] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   71.884132] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   71.885102] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   71.885967] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   71.888636] Bluetooth: hci2: HCI_REQ-0x0c1a
[   72.493442] Bluetooth: hci1: command 0x040f tx timeout
[   72.557434] Bluetooth: hci0: command 0x040f tx timeout
[   72.621465] Bluetooth: hci3: command 0x040f tx timeout
[   72.621961] Bluetooth: hci5: command 0x040f tx timeout
[   72.622994] Bluetooth: hci4: command 0x040f tx timeout
[   72.623494] Bluetooth: hci6: command 0x040f tx timeout
[   72.685455] Bluetooth: hci7: command 0x040f tx timeout
[   73.901899] Bluetooth: hci2: command 0x0409 tx timeout
[   74.541440] Bluetooth: hci1: command 0x0419 tx timeout
[   74.605451] Bluetooth: hci0: command 0x0419 tx timeout
[   74.669450] Bluetooth: hci6: command 0x0419 tx timeout
[   74.669894] Bluetooth: hci4: command 0x0419 tx timeout
[   74.670317] Bluetooth: hci5: command 0x0419 tx timeout
[   74.670791] Bluetooth: hci3: command 0x0419 tx timeout
[   74.733458] Bluetooth: hci7: command 0x0419 tx timeout
[   75.949482] Bluetooth: hci2: command 0x041b tx timeout
[   77.997480] Bluetooth: hci2: command 0x040f tx timeout
[   80.045492] Bluetooth: hci2: command 0x0419 tx timeout
14:55:54 executing program 4:
r0 = epoll_create(0x4)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x4, r1, &(0x7f0000000000))

[  122.888885] audit: type=1400 audit(1662994554.406:7): avc:  denied  { open } for  pid=3783 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[  122.890471] audit: type=1400 audit(1662994554.406:8): avc:  denied  { kernel } for  pid=3783 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
14:55:54 executing program 4:
r0 = epoll_create(0x4)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x4, r1, &(0x7f0000000000))

[  122.904418] ------------[ cut here ]------------
[  122.904447] 
[  122.904451] ======================================================
[  122.904457] WARNING: possible circular locking dependency detected
[  122.904462] 6.0.0-rc5-next-20220912 #1 Not tainted
[  122.904472] ------------------------------------------------------
[  122.904477] syz-executor.0/3784 is trying to acquire lock:
[  122.904486] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70
[  122.904536] 
[  122.904536] but task is already holding lock:
[  122.904540] ffff88800fcaf420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  122.904580] 
[  122.904580] which lock already depends on the new lock.
[  122.904580] 
[  122.904584] 
[  122.904584] the existing dependency chain (in reverse order) is:
[  122.904589] 
[  122.904589] -> #3 (&ctx->lock){....}-{2:2}:
[  122.904609]        _raw_spin_lock+0x2a/0x40
[  122.904633]        __perf_event_task_sched_out+0x53b/0x18d0
[  122.904651]        __schedule+0xedd/0x2470
[  122.904665]        preempt_schedule_common+0x45/0xc0
[  122.904681]        __cond_resched+0x17/0x30
[  122.904696]        __mutex_lock+0xa3/0x14d0
[  122.904712]        __do_sys_perf_event_open+0x1eec/0x32c0
[  122.904731]        do_syscall_64+0x3b/0x90
[  122.904751]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.904776] 
[  122.904776] -> #2 (&rq->__lock){-.-.}-{2:2}:
[  122.904797]        _raw_spin_lock_nested+0x30/0x40
[  122.904818]        raw_spin_rq_lock_nested+0x1e/0x30
[  122.904837]        task_fork_fair+0x63/0x4d0
[  122.904862]        sched_cgroup_fork+0x3d0/0x540
[  122.904883]        copy_process+0x3f9e/0x6df0
[  122.904898]        kernel_clone+0xe7/0x890
[  122.904912]        user_mode_thread+0xad/0xf0
[  122.904927]        rest_init+0x24/0x250
[  122.904951]        arch_call_rest_init+0xf/0x14
[  122.904979]        start_kernel+0x4c1/0x4e6
[  122.905004]        secondary_startup_64_no_verify+0xe0/0xeb
[  122.905024] 
[  122.905024] -> #1 (&p->pi_lock){-.-.}-{2:2}:
[  122.905045]        _raw_spin_lock_irqsave+0x39/0x60
[  122.905069]        try_to_wake_up+0xab/0x1920
[  122.905090]        up+0x75/0xb0
[  122.905108]        __up_console_sem+0x6e/0x80
[  122.905131]        console_unlock+0x46a/0x590
[  122.905155]        do_con_write+0xc05/0x1d50
[  122.905171]        con_write+0x21/0x40
[  122.905185]        n_tty_write+0x4d4/0xfe0
[  122.905204]        file_tty_write.constprop.0+0x49c/0x8f0
[  122.905221]        vfs_write+0x9c3/0xd90
[  122.905247]        ksys_write+0x127/0x250
[  122.905273]        do_syscall_64+0x3b/0x90
[  122.905292]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.905317] 
[  122.905317] -> #0 ((console_sem).lock){....}-{2:2}:
[  122.905337]        __lock_acquire+0x2a02/0x5e70
[  122.905362]        lock_acquire+0x1a2/0x530
[  122.905387]        _raw_spin_lock_irqsave+0x39/0x60
[  122.905409]        down_trylock+0xe/0x70
[  122.905427]        __down_trylock_console_sem+0x3b/0xd0
[  122.905452]        vprintk_emit+0x16b/0x560
[  122.905477]        vprintk+0x84/0xa0
[  122.905501]        _printk+0xba/0xf1
[  122.905527]        report_bug.cold+0x72/0xab
[  122.905545]        handle_bug+0x3c/0x70
[  122.905563]        exc_invalid_op+0x14/0x50
[  122.905583]        asm_exc_invalid_op+0x16/0x20
[  122.905607]        group_sched_out.part.0+0x2c7/0x460
[  122.905622]        ctx_sched_out+0x8f1/0xc10
[  122.905637]        __perf_event_task_sched_out+0x6d0/0x18d0
[  122.905655]        __schedule+0xedd/0x2470
[  122.905669]        preempt_schedule_common+0x45/0xc0
[  122.905685]        __cond_resched+0x17/0x30
[  122.905699]        __mutex_lock+0xa3/0x14d0
[  122.905715]        __do_sys_perf_event_open+0x1eec/0x32c0
[  122.905734]        do_syscall_64+0x3b/0x90
[  122.905753]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.905778] 
[  122.905778] other info that might help us debug this:
[  122.905778] 
[  122.905782] Chain exists of:
[  122.905782]   (console_sem).lock --> &rq->__lock --> &ctx->lock
[  122.905782] 
[  122.905804]  Possible unsafe locking scenario:
[  122.905804] 
[  122.905807]        CPU0                    CPU1
[  122.905811]        ----                    ----
[  122.905814]   lock(&ctx->lock);
[  122.905822]                                lock(&rq->__lock);
[  122.905831]                                lock(&ctx->lock);
[  122.905841]   lock((console_sem).lock);
[  122.905849] 
[  122.905849]  *** DEADLOCK ***
[  122.905849] 
[  122.905852] 2 locks held by syz-executor.0/3784:
[  122.905862]  #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470
[  122.905900]  #1: ffff88800fcaf420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0
[  122.905941] 
[  122.905941] stack backtrace:
[  122.905945] CPU: 0 PID: 3784 Comm: syz-executor.0 Not tainted 6.0.0-rc5-next-20220912 #1
[  122.905964] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  122.905976] Call Trace:
[  122.905980]  <TASK>
[  122.905986]  dump_stack_lvl+0x8b/0xb3
[  122.906007]  check_noncircular+0x263/0x2e0
[  122.906032]  ? format_decode+0x26c/0xb50
[  122.906055]  ? print_circular_bug+0x450/0x450
[  122.906083]  ? enable_ptr_key_workfn+0x20/0x20
[  122.906103]  ? __lockdep_reset_lock+0x180/0x180
[  122.906129]  ? format_decode+0x26c/0xb50
[  122.906152]  ? alloc_chain_hlocks+0x1ec/0x5a0
[  122.906179]  __lock_acquire+0x2a02/0x5e70
[  122.906212]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  122.906246]  lock_acquire+0x1a2/0x530
[  122.906271]  ? down_trylock+0xe/0x70
[  122.906293]  ? rcu_read_unlock+0x40/0x40
[  122.906320]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[  122.906352]  ? vprintk+0x84/0xa0
[  122.906380]  _raw_spin_lock_irqsave+0x39/0x60
[  122.906403]  ? down_trylock+0xe/0x70
[  122.906423]  down_trylock+0xe/0x70
[  122.906443]  ? vprintk+0x84/0xa0
[  122.906469]  __down_trylock_console_sem+0x3b/0xd0
[  122.906496]  vprintk_emit+0x16b/0x560
[  122.906522]  ? lock_downgrade+0x6d0/0x6d0
[  122.906550]  vprintk+0x84/0xa0
[  122.906577]  _printk+0xba/0xf1
[  122.906603]  ? record_print_text.cold+0x16/0x16
[  122.906633]  ? hrtimer_try_to_cancel+0x163/0x2c0
[  122.906654]  ? lock_downgrade+0x6d0/0x6d0
[  122.906689]  ? report_bug.cold+0x66/0xab
[  122.906710]  ? group_sched_out.part.0+0x2c7/0x460
[  122.906727]  report_bug.cold+0x72/0xab
[  122.906749]  handle_bug+0x3c/0x70
[  122.906769]  exc_invalid_op+0x14/0x50
[  122.906791]  asm_exc_invalid_op+0x16/0x20
[  122.906816] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  122.906836] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  122.906853] RSP: 0018:ffff88801f4e7978 EFLAGS: 00010006
[  122.906866] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  122.906878] RDX: ffff88803f4f8000 RSI: ffffffff81566027 RDI: 0000000000000005
[  122.906889] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  122.906900] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800fcaf400
[  122.906911] R13: ffff88806ce3d100 R14: ffffffff8547bfc0 R15: 0000000000000002
[  122.906928]  ? group_sched_out.part.0+0x2c7/0x460
[  122.906947]  ? group_sched_out.part.0+0x2c7/0x460
[  122.906966]  ctx_sched_out+0x8f1/0xc10
[  122.906985]  __perf_event_task_sched_out+0x6d0/0x18d0
[  122.907008]  ? lock_is_held_type+0xd7/0x130
[  122.907036]  ? __perf_cgroup_move+0x160/0x160
[  122.907053]  ? set_next_entity+0x304/0x550
[  122.907081]  ? update_curr+0x267/0x740
[  122.907113]  ? lock_is_held_type+0xd7/0x130
[  122.907140]  __schedule+0xedd/0x2470
[  122.907159]  ? io_schedule_timeout+0x150/0x150
[  122.907176]  ? find_held_lock+0x2c/0x110
[  122.907200]  ? lock_is_held_type+0xd7/0x130
[  122.907227]  ? __cond_resched+0x17/0x30
[  122.907243]  preempt_schedule_common+0x45/0xc0
[  122.907262]  __cond_resched+0x17/0x30
[  122.907277]  __mutex_lock+0xa3/0x14d0
[  122.907296]  ? lock_is_held_type+0xd7/0x130
[  122.907322]  ? __do_sys_perf_event_open+0x1eec/0x32c0
[  122.907344]  ? mutex_lock_io_nested+0x1310/0x1310
[  122.907363]  ? lock_release+0x3b2/0x750
[  122.907389]  ? __up_read+0x192/0x730
[  122.907412]  ? up_write+0x480/0x480
[  122.907437]  __do_sys_perf_event_open+0x1eec/0x32c0
[  122.907463]  ? perf_compat_ioctl+0x130/0x130
[  122.907482]  ? xfd_validate_state+0x59/0x180
[  122.907516]  ? syscall_enter_from_user_mode+0x1d/0x50
[  122.907544]  ? syscall_enter_from_user_mode+0x1d/0x50
[  122.907574]  do_syscall_64+0x3b/0x90
[  122.907595]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  122.907621] RIP: 0033:0x7fede6986b19
[  122.907634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  122.907650] RSP: 002b:00007fede3efc188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  122.907666] RAX: ffffffffffffffda RBX: 00007fede6a99f60 RCX: 00007fede6986b19
[  122.907678] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280
[  122.907689] RBP: 00007fede69e0f6d R08: 0000000000000000 R09: 0000000000000000
[  122.907699] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  122.907710] R13: 00007ffc0b4d817f R14: 00007fede3efc300 R15: 0000000000022000
[  122.907730]  </TASK>
[  122.999648] WARNING: CPU: 0 PID: 3784 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460
[  123.000641] Modules linked in:
[  123.000994] CPU: 0 PID: 3784 Comm: syz-executor.0 Not tainted 6.0.0-rc5-next-20220912 #1
[  123.001849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  123.003022] RIP: 0010:group_sched_out.part.0+0x2c7/0x460
[  123.003599] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00
[  123.005528] RSP: 0018:ffff88801f4e7978 EFLAGS: 00010006
[  123.006108] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000
[  123.006887] RDX: ffff88803f4f8000 RSI: ffffffff81566027 RDI: 0000000000000005
[  123.007641] RBP: ffff888008660000 R08: 0000000000000005 R09: 0000000000000001
[  123.008397] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88800fcaf400
[  123.009161] R13: ffff88806ce3d100 R14: ffffffff8547bfc0 R15: 0000000000000002
[  123.009922] FS:  00007fede3efc700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[  123.010779] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  123.011407] CR2: 00007f2ad71738e0 CR3: 000000003c8be000 CR4: 0000000000350ef0
[  123.012193] Call Trace:
[  123.012485]  <TASK>
[  123.012747]  ctx_sched_out+0x8f1/0xc10
[  123.013192]  __perf_event_task_sched_out+0x6d0/0x18d0
[  123.013774]  ? lock_is_held_type+0xd7/0x130
[  123.014274]  ? __perf_cgroup_move+0x160/0x160
[  123.014799]  ? set_next_entity+0x304/0x550
[  123.015285]  ? update_curr+0x267/0x740
[  123.015737]  ? lock_is_held_type+0xd7/0x130
[  123.016234]  __schedule+0xedd/0x2470
[  123.016670]  ? io_schedule_timeout+0x150/0x150
[  123.017218]  ? find_held_lock+0x2c/0x110
[  123.017706]  ? lock_is_held_type+0xd7/0x130
[  123.018225]  ? __cond_resched+0x17/0x30
[  123.018703]  preempt_schedule_common+0x45/0xc0
[  123.019254]  __cond_resched+0x17/0x30
[  123.019706]  __mutex_lock+0xa3/0x14d0
[  123.020168]  ? lock_is_held_type+0xd7/0x130
[  123.020683]  ? __do_sys_perf_event_open+0x1eec/0x32c0
[  123.021313]  ? mutex_lock_io_nested+0x1310/0x1310
[  123.021902]  ? lock_release+0x3b2/0x750
[  123.022381]  ? __up_read+0x192/0x730
[  123.022842]  ? up_write+0x480/0x480
[  123.023296]  __do_sys_perf_event_open+0x1eec/0x32c0
[  123.023898]  ? perf_compat_ioctl+0x130/0x130
[  123.024431]  ? xfd_validate_state+0x59/0x180
[  123.024947]  ? syscall_enter_from_user_mode+0x1d/0x50
[  123.025532]  ? syscall_enter_from_user_mode+0x1d/0x50
[  123.026131]  do_syscall_64+0x3b/0x90
[  123.026579]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  123.027214] RIP: 0033:0x7fede6986b19
[  123.027667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  123.029817] RSP: 002b:00007fede3efc188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  123.030726] RAX: ffffffffffffffda RBX: 00007fede6a99f60 RCX: 00007fede6986b19
[  123.031578] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280
[  123.032427] RBP: 00007fede69e0f6d R08: 0000000000000000 R09: 0000000000000000
[  123.033274] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  123.034131] R13: 00007ffc0b4d817f R14: 00007fede3efc300 R15: 0000000000022000
[  123.034990]  </TASK>
[  123.035276] irq event stamp: 494
[  123.035666] hardirqs last  enabled at (493): [<ffffffff84400d06>] asm_sysvec_apic_timer_interrupt+0x16/0x20
[  123.036833] hardirqs last disabled at (494): [<ffffffff84247a45>] __schedule+0x1225/0x2470
[  123.037809] softirqs last  enabled at (0): [<ffffffff811500ce>] copy_process+0x1dfe/0x6df0
[  123.038793] softirqs last disabled at (0): [<0000000000000000>] 0x0
[  123.039528] ---[ end trace 0000000000000000 ]---
[  123.117280] tmpfs: Unknown parameter 'obj_role'
14:55:54 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[], [{@obj_role={'obj_role', 0x3d, '\''}}]})
mount(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0)

14:55:54 executing program 4:
r0 = epoll_create(0x4)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000200), 0x8, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x4, r1, &(0x7f0000000000))

14:55:54 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[], [{@obj_role={'obj_role', 0x3d, '\''}}]})
mount(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0)

14:55:54 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x7a3, &(0x7f00000001c0))

14:55:54 executing program 1:
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={[], [{@obj_role={'obj_role', 0x3d, '\''}}]})
mount(0x0, &(0x7f00000000c0)='./file1\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0)

14:55:54 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x163008, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x7a3, &(0x7f00000001c0))

[  123.121955] tmpfs: Unknown parameter 'obj_role'
[  123.225972] tmpfs: Unknown parameter 'obj_role'
[  123.313323] tmpfs: Unknown parameter 'obj_role'
[  123.400554] tmpfs: Unknown parameter 'obj_role'
[  124.438402] hrtimer: interrupt took 18505 ns
[  124.842356] loop3: detected capacity change from 0 to 40
[  129.325493] Bluetooth: hci1: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
14:55:54  Registers:
info registers vcpu 0
RAX=0000000000000028 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff88801f4e73c8
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000028 R11=0000000000000001
R12=0000000000000028 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30
RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fede3efc700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f2ad71738e0 CR3=000000003c8be000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 00524f5252450040 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff8425f1a7 RDX=ffffed100d9c6f99
RSI=0000000000000004 RDI=ffff88806ce37cc0 RBP=ffff88806ce37cc0 RSP=ffff88802e0f7a98
R8 =0000000000000000 R9 =ffff88806ce37cc3 R10=ffffed100d9c6f98 R11=0000000000000001
R12=0000000000000003 R13=ffffed100d9c6f98 R14=0000000000000001 R15=1ffff11005c1ef54
RIP=ffffffff8425f224 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00005555563a2400 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005555563a3c18 CR3=000000000f024000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 00007fd2051e97c0 00007fd2051e97c8
YMM02=0000000000000000 0000000000000000 00007fd2051e97e0 00007fd2051e97c0
YMM03=0000000000000000 0000000000000000 00007fd2051e97c8 00007fd2051e97c0
YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000