Warning: Permanently added '[localhost]:3972' (ECDSA) to the list of known hosts. 2022/09/12 17:23:01 fuzzer started 2022/09/12 17:23:01 dialing manager at localhost:38027 syzkaller login: [ 45.754313] cgroup: Unknown subsys name 'net' [ 45.840619] cgroup: Unknown subsys name 'rlimit' 2022/09/12 17:23:15 syscalls: 2215 2022/09/12 17:23:15 code coverage: enabled 2022/09/12 17:23:15 comparison tracing: enabled 2022/09/12 17:23:15 extra coverage: enabled 2022/09/12 17:23:15 setuid sandbox: enabled 2022/09/12 17:23:15 namespace sandbox: enabled 2022/09/12 17:23:15 Android sandbox: enabled 2022/09/12 17:23:15 fault injection: enabled 2022/09/12 17:23:15 leak checking: enabled 2022/09/12 17:23:15 net packet injection: enabled 2022/09/12 17:23:15 net device setup: enabled 2022/09/12 17:23:15 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/12 17:23:15 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/12 17:23:15 USB emulation: enabled 2022/09/12 17:23:15 hci packet injection: enabled 2022/09/12 17:23:15 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912) 2022/09/12 17:23:15 802.15.4 emulation: enabled 2022/09/12 17:23:15 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/12 17:23:15 fetching corpus: 41, signal 22093/25723 (executing program) 2022/09/12 17:23:15 fetching corpus: 91, signal 37521/42640 (executing program) 2022/09/12 17:23:15 fetching corpus: 141, signal 46741/53310 (executing program) 2022/09/12 17:23:15 fetching corpus: 190, signal 55864/63675 (executing program) 2022/09/12 17:23:15 fetching corpus: 240, signal 63082/72150 (executing program) 2022/09/12 17:23:16 fetching corpus: 290, signal 72249/82266 (executing program) 2022/09/12 17:23:16 fetching corpus: 339, signal 75847/87064 (executing program) 2022/09/12 17:23:16 fetching corpus: 389, signal 81098/93348 (executing program) 2022/09/12 17:23:16 fetching corpus: 439, signal 84953/98278 (executing program) 2022/09/12 17:23:16 fetching corpus: 488, signal 89097/103405 (executing program) 2022/09/12 17:23:16 fetching corpus: 538, signal 91931/107285 (executing program) 2022/09/12 17:23:16 fetching corpus: 588, signal 95129/111403 (executing program) 2022/09/12 17:23:16 fetching corpus: 638, signal 97495/114803 (executing program) 2022/09/12 17:23:17 fetching corpus: 688, signal 103220/121007 (executing program) 2022/09/12 17:23:17 fetching corpus: 738, signal 106580/125121 (executing program) 2022/09/12 17:23:17 fetching corpus: 788, signal 109300/128640 (executing program) 2022/09/12 17:23:17 fetching corpus: 838, signal 112928/132868 (executing program) 2022/09/12 17:23:17 fetching corpus: 888, signal 115087/135821 (executing program) 2022/09/12 17:23:17 fetching corpus: 938, signal 118483/139814 (executing program) 2022/09/12 17:23:18 fetching corpus: 988, signal 121494/143394 (executing program) 2022/09/12 17:23:18 fetching corpus: 1038, signal 123771/146375 (executing program) 2022/09/12 17:23:18 fetching corpus: 1088, signal 126223/149406 (executing program) 2022/09/12 17:23:18 fetching corpus: 1138, signal 127353/151310 (executing program) 2022/09/12 17:23:18 fetching corpus: 1188, signal 129285/153869 (executing program) 2022/09/12 17:23:18 fetching corpus: 1238, signal 131476/156615 (executing program) 2022/09/12 17:23:18 fetching corpus: 1288, signal 133687/159325 (executing program) 2022/09/12 17:23:18 fetching corpus: 1338, signal 135146/161485 (executing program) 2022/09/12 17:23:19 fetching corpus: 1388, signal 136403/163421 (executing program) 2022/09/12 17:23:19 fetching corpus: 1438, signal 138291/165760 (executing program) 2022/09/12 17:23:19 fetching corpus: 1488, signal 139948/167976 (executing program) 2022/09/12 17:23:19 fetching corpus: 1538, signal 142560/170881 (executing program) 2022/09/12 17:23:19 fetching corpus: 1588, signal 144148/172950 (executing program) 2022/09/12 17:23:19 fetching corpus: 1638, signal 146292/175373 (executing program) 2022/09/12 17:23:19 fetching corpus: 1688, signal 147626/177244 (executing program) 2022/09/12 17:23:20 fetching corpus: 1738, signal 149028/179120 (executing program) 2022/09/12 17:23:20 fetching corpus: 1788, signal 150604/181107 (executing program) 2022/09/12 17:23:20 fetching corpus: 1838, signal 151860/182842 (executing program) 2022/09/12 17:23:20 fetching corpus: 1888, signal 153523/184804 (executing program) 2022/09/12 17:23:20 fetching corpus: 1938, signal 154944/186650 (executing program) 2022/09/12 17:23:20 fetching corpus: 1988, signal 156019/188203 (executing program) 2022/09/12 17:23:20 fetching corpus: 2038, signal 157627/190088 (executing program) 2022/09/12 17:23:20 fetching corpus: 2088, signal 158664/191573 (executing program) 2022/09/12 17:23:21 fetching corpus: 2138, signal 160177/193467 (executing program) 2022/09/12 17:23:21 fetching corpus: 2188, signal 162243/195562 (executing program) 2022/09/12 17:23:21 fetching corpus: 2238, signal 163300/196969 (executing program) 2022/09/12 17:23:21 fetching corpus: 2288, signal 164430/198467 (executing program) 2022/09/12 17:23:21 fetching corpus: 2338, signal 165447/199816 (executing program) 2022/09/12 17:23:21 fetching corpus: 2388, signal 166434/201096 (executing program) 2022/09/12 17:23:21 fetching corpus: 2438, signal 167816/202657 (executing program) 2022/09/12 17:23:22 fetching corpus: 2488, signal 169173/204188 (executing program) 2022/09/12 17:23:22 fetching corpus: 2538, signal 170000/205329 (executing program) 2022/09/12 17:23:22 fetching corpus: 2588, signal 171298/206767 (executing program) 2022/09/12 17:23:22 fetching corpus: 2638, signal 172624/208223 (executing program) 2022/09/12 17:23:22 fetching corpus: 2688, signal 174300/209839 (executing program) 2022/09/12 17:23:22 fetching corpus: 2738, signal 175639/211273 (executing program) 2022/09/12 17:23:22 fetching corpus: 2788, signal 176837/212608 (executing program) 2022/09/12 17:23:23 fetching corpus: 2838, signal 177785/213738 (executing program) 2022/09/12 17:23:23 fetching corpus: 2888, signal 178372/214681 (executing program) 2022/09/12 17:23:23 fetching corpus: 2938, signal 179193/215797 (executing program) 2022/09/12 17:23:23 fetching corpus: 2988, signal 180241/216979 (executing program) 2022/09/12 17:23:23 fetching corpus: 3038, signal 181098/218070 (executing program) 2022/09/12 17:23:23 fetching corpus: 3088, signal 182121/219185 (executing program) 2022/09/12 17:23:23 fetching corpus: 3138, signal 183298/220398 (executing program) 2022/09/12 17:23:23 fetching corpus: 3188, signal 184184/221421 (executing program) 2022/09/12 17:23:24 fetching corpus: 3238, signal 185443/222577 (executing program) 2022/09/12 17:23:24 fetching corpus: 3288, signal 186218/223489 (executing program) 2022/09/12 17:23:24 fetching corpus: 3338, signal 186989/224431 (executing program) 2022/09/12 17:23:24 fetching corpus: 3388, signal 187832/225395 (executing program) 2022/09/12 17:23:24 fetching corpus: 3438, signal 188630/226310 (executing program) 2022/09/12 17:23:24 fetching corpus: 3488, signal 190505/227698 (executing program) 2022/09/12 17:23:25 fetching corpus: 3538, signal 191320/228609 (executing program) 2022/09/12 17:23:25 fetching corpus: 3588, signal 192057/229460 (executing program) 2022/09/12 17:23:25 fetching corpus: 3638, signal 192943/230293 (executing program) 2022/09/12 17:23:25 fetching corpus: 3688, signal 193840/231202 (executing program) 2022/09/12 17:23:25 fetching corpus: 3738, signal 194487/231968 (executing program) 2022/09/12 17:23:25 fetching corpus: 3788, signal 195364/232851 (executing program) 2022/09/12 17:23:25 fetching corpus: 3838, signal 196393/233775 (executing program) 2022/09/12 17:23:25 fetching corpus: 3888, signal 197244/234588 (executing program) 2022/09/12 17:23:26 fetching corpus: 3938, signal 197888/235312 (executing program) 2022/09/12 17:23:26 fetching corpus: 3988, signal 198481/235996 (executing program) 2022/09/12 17:23:26 fetching corpus: 4038, signal 199174/236729 (executing program) 2022/09/12 17:23:26 fetching corpus: 4088, signal 200662/237778 (executing program) 2022/09/12 17:23:26 fetching corpus: 4137, signal 201264/238466 (executing program) 2022/09/12 17:23:26 fetching corpus: 4187, signal 202171/239215 (executing program) 2022/09/12 17:23:26 fetching corpus: 4237, signal 203078/239930 (executing program) 2022/09/12 17:23:27 fetching corpus: 4287, signal 203918/240671 (executing program) 2022/09/12 17:23:27 fetching corpus: 4337, signal 204551/241323 (executing program) 2022/09/12 17:23:27 fetching corpus: 4387, signal 205186/241909 (executing program) 2022/09/12 17:23:27 fetching corpus: 4437, signal 205960/242572 (executing program) 2022/09/12 17:23:27 fetching corpus: 4487, signal 206355/243070 (executing program) 2022/09/12 17:23:27 fetching corpus: 4537, signal 207425/243804 (executing program) 2022/09/12 17:23:27 fetching corpus: 4586, signal 208241/244443 (executing program) 2022/09/12 17:23:28 fetching corpus: 4636, signal 208893/245010 (executing program) 2022/09/12 17:23:28 fetching corpus: 4686, signal 209902/245686 (executing program) 2022/09/12 17:23:28 fetching corpus: 4736, signal 210612/246258 (executing program) 2022/09/12 17:23:28 fetching corpus: 4786, signal 211170/246809 (executing program) 2022/09/12 17:23:28 fetching corpus: 4836, signal 211877/247336 (executing program) 2022/09/12 17:23:28 fetching corpus: 4886, signal 212504/247853 (executing program) 2022/09/12 17:23:28 fetching corpus: 4936, signal 213159/248478 (executing program) 2022/09/12 17:23:29 fetching corpus: 4986, signal 214073/249061 (executing program) 2022/09/12 17:23:29 fetching corpus: 5036, signal 214600/249514 (executing program) 2022/09/12 17:23:29 fetching corpus: 5086, signal 215299/249990 (executing program) 2022/09/12 17:23:29 fetching corpus: 5136, signal 215774/250441 (executing program) 2022/09/12 17:23:29 fetching corpus: 5185, signal 216318/250888 (executing program) 2022/09/12 17:23:29 fetching corpus: 5235, signal 217030/251392 (executing program) 2022/09/12 17:23:29 fetching corpus: 5285, signal 217868/251868 (executing program) 2022/09/12 17:23:30 fetching corpus: 5335, signal 218950/252369 (executing program) 2022/09/12 17:23:30 fetching corpus: 5385, signal 219487/252779 (executing program) 2022/09/12 17:23:30 fetching corpus: 5435, signal 220208/253263 (executing program) 2022/09/12 17:23:30 fetching corpus: 5483, signal 220742/253690 (executing program) 2022/09/12 17:23:30 fetching corpus: 5533, signal 221191/254021 (executing program) 2022/09/12 17:23:30 fetching corpus: 5582, signal 221564/254363 (executing program) 2022/09/12 17:23:30 fetching corpus: 5632, signal 222204/254729 (executing program) 2022/09/12 17:23:31 fetching corpus: 5682, signal 222803/255105 (executing program) 2022/09/12 17:23:31 fetching corpus: 5732, signal 223269/255460 (executing program) 2022/09/12 17:23:31 fetching corpus: 5782, signal 224079/255859 (executing program) 2022/09/12 17:23:31 fetching corpus: 5832, signal 224538/256163 (executing program) 2022/09/12 17:23:31 fetching corpus: 5882, signal 225230/256493 (executing program) 2022/09/12 17:23:31 fetching corpus: 5931, signal 225768/256839 (executing program) 2022/09/12 17:23:31 fetching corpus: 5980, signal 226429/257250 (executing program) 2022/09/12 17:23:32 fetching corpus: 6030, signal 227191/257634 (executing program) 2022/09/12 17:23:32 fetching corpus: 6080, signal 227798/257997 (executing program) 2022/09/12 17:23:32 fetching corpus: 6130, signal 228460/258262 (executing program) 2022/09/12 17:23:32 fetching corpus: 6180, signal 229108/258523 (executing program) 2022/09/12 17:23:32 fetching corpus: 6229, signal 229575/258693 (executing program) 2022/09/12 17:23:32 fetching corpus: 6278, signal 229854/258726 (executing program) 2022/09/12 17:23:32 fetching corpus: 6328, signal 230822/258742 (executing program) 2022/09/12 17:23:33 fetching corpus: 6378, signal 231336/258749 (executing program) 2022/09/12 17:23:33 fetching corpus: 6427, signal 231737/258753 (executing program) 2022/09/12 17:23:33 fetching corpus: 6476, signal 232248/258763 (executing program) 2022/09/12 17:23:33 fetching corpus: 6526, signal 232715/258787 (executing program) 2022/09/12 17:23:33 fetching corpus: 6576, signal 233081/258792 (executing program) 2022/09/12 17:23:33 fetching corpus: 6625, signal 233782/258806 (executing program) 2022/09/12 17:23:33 fetching corpus: 6673, signal 234162/258855 (executing program) 2022/09/12 17:23:33 fetching corpus: 6721, signal 234502/258858 (executing program) 2022/09/12 17:23:33 fetching corpus: 6771, signal 235086/258873 (executing program) 2022/09/12 17:23:34 fetching corpus: 6821, signal 235817/258876 (executing program) 2022/09/12 17:23:34 fetching corpus: 6868, signal 236673/258893 (executing program) 2022/09/12 17:23:34 fetching corpus: 6918, signal 237535/258895 (executing program) 2022/09/12 17:23:34 fetching corpus: 6968, signal 238102/258895 (executing program) 2022/09/12 17:23:34 fetching corpus: 7018, signal 238633/258911 (executing program) 2022/09/12 17:23:34 fetching corpus: 7068, signal 239131/258915 (executing program) 2022/09/12 17:23:34 fetching corpus: 7118, signal 239625/258930 (executing program) 2022/09/12 17:23:35 fetching corpus: 7168, signal 240224/258938 (executing program) 2022/09/12 17:23:35 fetching corpus: 7217, signal 240841/258949 (executing program) 2022/09/12 17:23:35 fetching corpus: 7267, signal 241165/258956 (executing program) 2022/09/12 17:23:35 fetching corpus: 7316, signal 242018/259082 (executing program) 2022/09/12 17:23:35 fetching corpus: 7366, signal 242306/259098 (executing program) 2022/09/12 17:23:35 fetching corpus: 7415, signal 242609/259115 (executing program) 2022/09/12 17:23:35 fetching corpus: 7464, signal 243230/259178 (executing program) 2022/09/12 17:23:36 fetching corpus: 7514, signal 243423/259200 (executing program) 2022/09/12 17:23:36 fetching corpus: 7563, signal 244261/259200 (executing program) 2022/09/12 17:23:36 fetching corpus: 7612, signal 244730/259200 (executing program) 2022/09/12 17:23:36 fetching corpus: 7661, signal 245048/259222 (executing program) 2022/09/12 17:23:36 fetching corpus: 7711, signal 245487/259277 (executing program) 2022/09/12 17:23:36 fetching corpus: 7760, signal 245854/259285 (executing program) 2022/09/12 17:23:36 fetching corpus: 7810, signal 246456/259291 (executing program) 2022/09/12 17:23:37 fetching corpus: 7860, signal 246857/259310 (executing program) 2022/09/12 17:23:37 fetching corpus: 7910, signal 247172/259332 (executing program) 2022/09/12 17:23:37 fetching corpus: 7960, signal 247481/259346 (executing program) 2022/09/12 17:23:37 fetching corpus: 8006, signal 248173/259414 (executing program) 2022/09/12 17:23:37 fetching corpus: 8038, signal 248360/259416 (executing program) 2022/09/12 17:23:37 fetching corpus: 8038, signal 248360/259416 (executing program) 2022/09/12 17:23:40 starting 8 fuzzer processes 17:23:40 executing program 0: times(&(0x7f0000000040)) 17:23:40 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)={0x1c, 0x1e, 0x1, 0x0, 0x0, "", [@typed={0xa, 0x0, 0x0, 0x0, @binary="d8c9310200"}]}, 0x1c}], 0x1}, 0x0) [ 84.120874] audit: type=1400 audit(1663003420.201:6): avc: denied { execmem } for pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 17:23:40 executing program 2: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_proto_private(r0, 0x89e0, &(0x7f0000000000)) 17:23:40 executing program 3: syz_mount_image$nfs4(0x0, &(0x7f0000001440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) lchown(&(0x7f00000032c0)='./file2\x00', 0x0, 0x0) 17:23:40 executing program 4: mkdir(&(0x7f0000003b80)='./file0\x00', 0x0) stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r0, 0x0) acct(0x0) 17:23:40 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000b40)=@acquire={0x128, 0x17, 0x1, 0x0, 0x0, {{@in6=@mcast1}, @in6=@rand_addr=' \x01\x00', {@in6=@local, @in6=@mcast2}, {{@in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}}, 0x128}}, 0x0) 17:23:40 executing program 7: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @any, 0x0, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) 17:23:40 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000e80)=""/113) [ 85.281246] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.282269] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.283061] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.285194] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.286533] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.287369] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.295057] Bluetooth: hci0: HCI_REQ-0x0c1a [ 85.388342] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.409915] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.425147] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.439404] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 85.441479] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.442954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.444686] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.445342] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 85.457074] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 85.464074] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.465415] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.466504] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 85.467543] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 85.468940] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 85.470274] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.474967] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.475394] Bluetooth: hci4: HCI_REQ-0x0c1a [ 85.477146] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.478063] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.482480] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.483209] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.485969] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.490019] Bluetooth: hci3: HCI_REQ-0x0c1a [ 85.490053] Bluetooth: hci2: HCI_REQ-0x0c1a [ 85.505089] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.505999] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 85.506351] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.507757] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.509554] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 85.511509] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 85.512920] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 85.515411] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 85.517249] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 85.518720] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 85.530851] Bluetooth: hci7: HCI_REQ-0x0c1a [ 85.545483] Bluetooth: hci1: HCI_REQ-0x0c1a [ 85.548795] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 85.553709] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 85.556796] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 85.558560] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 85.560011] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 85.574267] Bluetooth: hci5: HCI_REQ-0x0c1a [ 87.368448] Bluetooth: hci0: command 0x0409 tx timeout [ 87.495858] Bluetooth: hci4: command 0x0409 tx timeout [ 87.496441] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 87.558892] Bluetooth: hci7: command 0x0409 tx timeout [ 87.559406] Bluetooth: hci2: command 0x0409 tx timeout [ 87.559878] Bluetooth: hci3: command 0x0409 tx timeout [ 87.622857] Bluetooth: hci1: command 0x0409 tx timeout [ 87.623925] Bluetooth: hci5: command 0x0409 tx timeout [ 89.415954] Bluetooth: hci0: command 0x041b tx timeout [ 89.542891] Bluetooth: hci4: command 0x041b tx timeout [ 89.606880] Bluetooth: hci3: command 0x041b tx timeout [ 89.608064] Bluetooth: hci2: command 0x041b tx timeout [ 89.610023] Bluetooth: hci7: command 0x041b tx timeout [ 89.671156] Bluetooth: hci5: command 0x041b tx timeout [ 89.672037] Bluetooth: hci1: command 0x041b tx timeout [ 91.154464] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 91.172244] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 91.178946] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 91.205548] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 91.223511] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 91.239530] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 91.270942] Bluetooth: hci6: HCI_REQ-0x0c1a [ 91.464655] Bluetooth: hci0: command 0x040f tx timeout [ 91.590817] Bluetooth: hci4: command 0x040f tx timeout [ 91.655825] Bluetooth: hci7: command 0x040f tx timeout [ 91.656679] Bluetooth: hci2: command 0x040f tx timeout [ 91.657528] Bluetooth: hci3: command 0x040f tx timeout [ 91.719820] Bluetooth: hci1: command 0x040f tx timeout [ 91.720615] Bluetooth: hci5: command 0x040f tx timeout [ 93.318849] Bluetooth: hci6: command 0x0409 tx timeout [ 93.510876] Bluetooth: hci0: command 0x0419 tx timeout [ 93.638823] Bluetooth: hci4: command 0x0419 tx timeout [ 93.702858] Bluetooth: hci3: command 0x0419 tx timeout [ 93.703614] Bluetooth: hci2: command 0x0419 tx timeout [ 93.704817] Bluetooth: hci7: command 0x0419 tx timeout [ 93.766915] Bluetooth: hci5: command 0x0419 tx timeout [ 93.767688] Bluetooth: hci1: command 0x0419 tx timeout [ 95.366861] Bluetooth: hci6: command 0x041b tx timeout [ 97.415791] Bluetooth: hci6: command 0x040f tx timeout [ 99.462790] Bluetooth: hci6: command 0x0419 tx timeout 17:24:37 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo\x00') getdents64(r0, &(0x7f0000000200)=""/4096, 0x1000) 17:24:37 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo\x00') getdents64(r0, &(0x7f0000000200)=""/4096, 0x1000) 17:24:38 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo\x00') getdents64(r0, &(0x7f0000000200)=""/4096, 0x1000) 17:24:38 executing program 3: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo\x00') getdents64(r0, &(0x7f0000000200)=""/4096, 0x1000) 17:24:38 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000002a80)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0) 17:24:38 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x227f, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x1015, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'lo\x00'}) [ 142.645879] audit: type=1400 audit(1663003478.726:7): avc: denied { open } for pid=3732 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 142.649200] audit: type=1400 audit(1663003478.727:8): avc: denied { kernel } for pid=3732 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 142.667663] ------------[ cut here ]------------ [ 142.667689] [ 142.667693] ====================================================== [ 142.667697] WARNING: possible circular locking dependency detected [ 142.667702] 6.0.0-rc5-next-20220912 #1 Not tainted [ 142.667709] ------------------------------------------------------ [ 142.667713] syz-executor.3/3733 is trying to acquire lock: [ 142.667720] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 142.667765] [ 142.667765] but task is already holding lock: [ 142.667769] ffff88800efb1c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 142.667800] [ 142.667800] which lock already depends on the new lock. [ 142.667800] [ 142.667804] [ 142.667804] the existing dependency chain (in reverse order) is: [ 142.667808] [ 142.667808] -> #3 (&ctx->lock){....}-{2:2}: [ 142.667823] _raw_spin_lock+0x2a/0x40 [ 142.667842] __perf_event_task_sched_out+0x53b/0x18d0 [ 142.667856] __schedule+0xedd/0x2470 [ 142.667867] preempt_schedule_common+0x45/0xc0 [ 142.667879] __cond_resched+0x17/0x30 [ 142.667890] __mutex_lock+0xa3/0x14d0 [ 142.667902] __do_sys_perf_event_open+0x1eec/0x32c0 [ 142.667917] do_syscall_64+0x3b/0x90 [ 142.667932] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 142.667952] [ 142.667952] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 142.667967] _raw_spin_lock_nested+0x30/0x40 [ 142.667983] raw_spin_rq_lock_nested+0x1e/0x30 [ 142.667998] task_fork_fair+0x63/0x4d0 [ 142.668017] sched_cgroup_fork+0x3d0/0x540 [ 142.668033] copy_process+0x3f9e/0x6df0 [ 142.668045] kernel_clone+0xe7/0x890 [ 142.668055] user_mode_thread+0xad/0xf0 [ 142.668066] rest_init+0x24/0x250 [ 142.668085] arch_call_rest_init+0xf/0x14 [ 142.668106] start_kernel+0x4c1/0x4e6 [ 142.668125] secondary_startup_64_no_verify+0xe0/0xeb [ 142.668141] [ 142.668141] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 142.668156] _raw_spin_lock_irqsave+0x39/0x60 [ 142.668172] try_to_wake_up+0xab/0x1920 [ 142.668187] up+0x75/0xb0 [ 142.668199] __up_console_sem+0x6e/0x80 [ 142.668218] console_unlock+0x46a/0x590 [ 142.668236] vt_ioctl+0x2822/0x2ca0 [ 142.668250] tty_ioctl+0x7c4/0x1700 [ 142.668263] __x64_sys_ioctl+0x19a/0x210 [ 142.668280] do_syscall_64+0x3b/0x90 [ 142.668294] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 142.668312] [ 142.668312] -> #0 ((console_sem).lock){....}-{2:2}: [ 142.668327] __lock_acquire+0x2a02/0x5e70 [ 142.668346] lock_acquire+0x1a2/0x530 [ 142.668364] _raw_spin_lock_irqsave+0x39/0x60 [ 142.668380] down_trylock+0xe/0x70 [ 142.668394] __down_trylock_console_sem+0x3b/0xd0 [ 142.668412] vprintk_emit+0x16b/0x560 [ 142.668431] vprintk+0x84/0xa0 [ 142.668449] _printk+0xba/0xf1 [ 142.668468] report_bug.cold+0x72/0xab [ 142.668482] handle_bug+0x3c/0x70 [ 142.668496] exc_invalid_op+0x14/0x50 [ 142.668510] asm_exc_invalid_op+0x16/0x20 [ 142.668528] group_sched_out.part.0+0x2c7/0x460 [ 142.668540] ctx_sched_out+0x8f1/0xc10 [ 142.668550] __perf_event_task_sched_out+0x6d0/0x18d0 [ 142.668564] __schedule+0xedd/0x2470 [ 142.668574] preempt_schedule_common+0x45/0xc0 [ 142.668586] __cond_resched+0x17/0x30 [ 142.668596] __mutex_lock+0xa3/0x14d0 [ 142.668608] __do_sys_perf_event_open+0x1eec/0x32c0 [ 142.668622] do_syscall_64+0x3b/0x90 [ 142.668636] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 142.668655] [ 142.668655] other info that might help us debug this: [ 142.668655] [ 142.668658] Chain exists of: [ 142.668658] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 142.668658] [ 142.668674] Possible unsafe locking scenario: [ 142.668674] [ 142.668677] CPU0 CPU1 [ 142.668679] ---- ---- [ 142.668682] lock(&ctx->lock); [ 142.668688] lock(&rq->__lock); [ 142.668695] lock(&ctx->lock); [ 142.668702] lock((console_sem).lock); [ 142.668708] [ 142.668708] *** DEADLOCK *** [ 142.668708] [ 142.668711] 2 locks held by syz-executor.3/3733: [ 142.668718] #0: ffff88806ce37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 142.668746] #1: ffff88800efb1c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 142.668777] [ 142.668777] stack backtrace: [ 142.668780] CPU: 0 PID: 3733 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220912 #1 [ 142.668794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 142.668803] Call Trace: [ 142.668807] [ 142.668812] dump_stack_lvl+0x8b/0xb3 [ 142.668828] check_noncircular+0x263/0x2e0 [ 142.668847] ? format_decode+0x26c/0xb50 [ 142.668863] ? print_circular_bug+0x450/0x450 [ 142.668883] ? enable_ptr_key_workfn+0x20/0x20 [ 142.668898] ? perf_trace_lock+0x308/0x560 [ 142.668914] ? format_decode+0x26c/0xb50 [ 142.668932] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 142.668952] __lock_acquire+0x2a02/0x5e70 [ 142.668979] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 142.669006] lock_acquire+0x1a2/0x530 [ 142.669025] ? down_trylock+0xe/0x70 [ 142.669042] ? rcu_read_unlock+0x40/0x40 [ 142.669067] ? vprintk+0x84/0xa0 [ 142.669088] _raw_spin_lock_irqsave+0x39/0x60 [ 142.669105] ? down_trylock+0xe/0x70 [ 142.669120] down_trylock+0xe/0x70 [ 142.669136] ? vprintk+0x84/0xa0 [ 142.669155] __down_trylock_console_sem+0x3b/0xd0 [ 142.669175] vprintk_emit+0x16b/0x560 [ 142.669197] vprintk+0x84/0xa0 [ 142.669218] _printk+0xba/0xf1 [ 142.669237] ? record_print_text.cold+0x16/0x16 [ 142.669263] ? report_bug.cold+0x66/0xab [ 142.669279] ? group_sched_out.part.0+0x2c7/0x460 [ 142.669292] report_bug.cold+0x72/0xab [ 142.669309] handle_bug+0x3c/0x70 [ 142.669324] exc_invalid_op+0x14/0x50 [ 142.669340] asm_exc_invalid_op+0x16/0x20 [ 142.669359] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 142.669374] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 142.669386] RSP: 0018:ffff8880420bf978 EFLAGS: 00010006 [ 142.669396] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.669405] RDX: ffff888041db3580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 142.669414] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 142.669422] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800efb1c00 [ 142.669431] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 142.669444] ? group_sched_out.part.0+0x2c7/0x460 [ 142.669459] ? group_sched_out.part.0+0x2c7/0x460 [ 142.669474] ctx_sched_out+0x8f1/0xc10 [ 142.669489] __perf_event_task_sched_out+0x6d0/0x18d0 [ 142.669507] ? lock_is_held_type+0xd7/0x130 [ 142.669529] ? __perf_cgroup_move+0x160/0x160 [ 142.669542] ? set_next_entity+0x304/0x550 [ 142.669562] ? update_curr+0x267/0x740 [ 142.669584] ? lock_is_held_type+0xd7/0x130 [ 142.669605] __schedule+0xedd/0x2470 [ 142.669620] ? io_schedule_timeout+0x150/0x150 [ 142.669634] ? lock_is_held_type+0xd7/0x130 [ 142.669654] ? __cond_resched+0x17/0x30 [ 142.669667] preempt_schedule_common+0x45/0xc0 [ 142.669681] __cond_resched+0x17/0x30 [ 142.669692] __mutex_lock+0xa3/0x14d0 [ 142.669707] ? lock_is_held_type+0xd7/0x130 [ 142.669726] ? __do_sys_perf_event_open+0x1eec/0x32c0 [ 142.669743] ? mutex_lock_io_nested+0x1310/0x1310 [ 142.669757] ? lock_release+0x3b2/0x750 [ 142.669780] ? __up_read+0x192/0x730 [ 142.669797] ? up_write+0x480/0x480 [ 142.669814] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 142.669835] __do_sys_perf_event_open+0x1eec/0x32c0 [ 142.669855] ? __up_read+0x192/0x730 [ 142.669871] ? perf_compat_ioctl+0x130/0x130 [ 142.669885] ? up_write+0x480/0x480 [ 142.669907] ? syscall_enter_from_user_mode+0x1d/0x50 [ 142.669928] ? syscall_enter_from_user_mode+0x1d/0x50 [ 142.669951] do_syscall_64+0x3b/0x90 [ 142.669967] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 142.669986] RIP: 0033:0x7f6f9ca24b19 [ 142.669995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.670007] RSP: 002b:00007f6f99f9a188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 142.670020] RAX: ffffffffffffffda RBX: 00007f6f9cb37f60 RCX: 00007f6f9ca24b19 [ 142.670028] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000080 [ 142.670037] RBP: 00007f6f9ca7ef6d R08: 0000000000000000 R09: 0000000000000000 [ 142.670045] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 142.670053] R13: 00007ffdee170dff R14: 00007f6f99f9a300 R15: 0000000000022000 [ 142.670072] [ 142.734758] WARNING: CPU: 0 PID: 3733 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 142.735488] Modules linked in: [ 142.735738] CPU: 0 PID: 3733 Comm: syz-executor.3 Not tainted 6.0.0-rc5-next-20220912 #1 [ 142.736353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 142.737199] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 142.737616] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 142.738987] RSP: 0018:ffff8880420bf978 EFLAGS: 00010006 [ 142.739389] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 142.739929] RDX: ffff888041db3580 RSI: ffffffff81566027 RDI: 0000000000000005 [ 142.740467] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 142.741011] R10: 0000000000000000 R11: ffffffff865aa01b R12: ffff88800efb1c00 [ 142.741557] R13: ffff88806ce3d100 R14: ffffffff8547c660 R15: 0000000000000002 [ 142.742095] FS: 00007f6f99f9a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 142.742707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 142.743166] CR2: 00005610086564c8 CR3: 000000004111a000 CR4: 0000000000350ef0 [ 142.743703] Call Trace: [ 142.743903] [ 142.744087] ctx_sched_out+0x8f1/0xc10 [ 142.744394] __perf_event_task_sched_out+0x6d0/0x18d0 [ 142.744796] ? lock_is_held_type+0xd7/0x130 [ 142.745136] ? __perf_cgroup_move+0x160/0x160 [ 142.745488] ? set_next_entity+0x304/0x550 [ 142.745819] ? update_curr+0x267/0x740 [ 142.746127] ? lock_is_held_type+0xd7/0x130 [ 142.746468] __schedule+0xedd/0x2470 [ 142.746759] ? io_schedule_timeout+0x150/0x150 [ 142.747127] ? lock_is_held_type+0xd7/0x130 [ 142.747463] ? __cond_resched+0x17/0x30 [ 142.747766] preempt_schedule_common+0x45/0xc0 [ 142.748118] __cond_resched+0x17/0x30 [ 142.748408] __mutex_lock+0xa3/0x14d0 [ 142.748701] ? lock_is_held_type+0xd7/0x130 [ 142.749038] ? __do_sys_perf_event_open+0x1eec/0x32c0 [ 142.749432] ? mutex_lock_io_nested+0x1310/0x1310 [ 142.749803] ? lock_release+0x3b2/0x750 [ 142.750118] ? __up_read+0x192/0x730 [ 142.750410] ? up_write+0x480/0x480 [ 142.750697] ? _raw_spin_unlock_irqrestore+0x28/0x60 [ 142.751111] __do_sys_perf_event_open+0x1eec/0x32c0 [ 142.751496] ? __up_read+0x192/0x730 [ 142.751784] ? perf_compat_ioctl+0x130/0x130 [ 142.752124] ? up_write+0x480/0x480 [ 142.752417] ? syscall_enter_from_user_mode+0x1d/0x50 [ 142.752818] ? syscall_enter_from_user_mode+0x1d/0x50 [ 142.753223] do_syscall_64+0x3b/0x90 [ 142.753519] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 142.753920] RIP: 0033:0x7f6f9ca24b19 [ 142.754210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 142.755555] RSP: 002b:00007f6f99f9a188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 142.756151] RAX: ffffffffffffffda RBX: 00007f6f9cb37f60 RCX: 00007f6f9ca24b19 [ 142.756698] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000080 [ 142.757264] RBP: 00007f6f9ca7ef6d R08: 0000000000000000 R09: 0000000000000000 [ 142.757833] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 142.758387] R13: 00007ffdee170dff R14: 00007f6f99f9a300 R15: 0000000000022000 [ 142.758945] [ 142.759125] irq event stamp: 550 [ 142.759390] hardirqs last enabled at (549): [] _raw_spin_unlock_irqrestore+0x28/0x60 [ 142.760099] hardirqs last disabled at (550): [] __schedule+0x1225/0x2470 [ 142.760719] softirqs last enabled at (0): [] copy_process+0x1dfe/0x6df0 [ 142.761339] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 142.761814] ---[ end trace 0000000000000000 ]--- 17:24:39 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x227f, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x1015, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'lo\x00'}) 17:24:39 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SG_GET_REQUEST_TABLE(r0, 0x227f, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @dev}, 0xc) fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x1015, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'lo\x00'}) [ 148.870832] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 149.062804] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 149.062837] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 149.063706] Bluetooth: hci4: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 17:24:38 Registers: info registers vcpu 0 RAX=0000000000000078 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff8880420bf3c8 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000078 R11=0000000000000001 R12=0000000000000078 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30 RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f6f99f9a700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005610086564c8 CR3=000000004111a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 6461657268747062 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00302e6f732e6461 657268747062696c YMM03=0000000000000000 0000000000000000 2f756e672d78756e 696c2d34365f3638 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=dffffc0000000000 RBX=ffffe8ffffd20648 RCX=0000000000000003 RDX=1ffffd1ffffa40c9 RSI=1ffffffff0a2b515 RDI=ffffffff8530af20 RBP=ffff8880420c7ca8 RSP=ffff8880420c7bd0 R8 =0000000000000000 R9 =ffffffff85b01f17 R10=0000000000000013 R11=0000000000000001 R12=1ffff11008418f80 R13=ffffffff85406ee0 R14=ffff8880420c7c80 R15=ffffffff8530aea0 RIP=ffffffff81289ac3 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f517b281540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055d5eae044c8 CR3=000000000e162000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM01=0000000000000000 0000000000000000 00642e65626f7270 646f6d2f6374652f YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff YMM03=0000000000000000 0000000000000000 0000000000000000 0000ff00000000ff YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000