Warning: Permanently added '[localhost]:16454' (ECDSA) to the list of known hosts. 2022/09/20 11:30:13 fuzzer started 2022/09/20 11:30:13 dialing manager at localhost:34957 syzkaller login: [ 45.038499] cgroup: Unknown subsys name 'net' [ 45.137870] cgroup: Unknown subsys name 'rlimit' 2022/09/20 11:30:27 syscalls: 2215 2022/09/20 11:30:27 code coverage: enabled 2022/09/20 11:30:27 comparison tracing: enabled 2022/09/20 11:30:27 extra coverage: enabled 2022/09/20 11:30:27 setuid sandbox: enabled 2022/09/20 11:30:27 namespace sandbox: enabled 2022/09/20 11:30:27 Android sandbox: enabled 2022/09/20 11:30:27 fault injection: enabled 2022/09/20 11:30:27 leak checking: enabled 2022/09/20 11:30:27 net packet injection: enabled 2022/09/20 11:30:27 net device setup: enabled 2022/09/20 11:30:27 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/20 11:30:27 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/20 11:30:27 USB emulation: enabled 2022/09/20 11:30:27 hci packet injection: enabled 2022/09/20 11:30:27 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220920) 2022/09/20 11:30:27 802.15.4 emulation: enabled 2022/09/20 11:30:27 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/20 11:30:27 fetching corpus: 50, signal 32723/35621 (executing program) 2022/09/20 11:30:27 fetching corpus: 100, signal 41841/45682 (executing program) 2022/09/20 11:30:28 fetching corpus: 150, signal 51810/56288 (executing program) 2022/09/20 11:30:28 fetching corpus: 200, signal 57170/62312 (executing program) 2022/09/20 11:30:28 fetching corpus: 250, signal 63473/68944 (executing program) 2022/09/20 11:30:28 fetching corpus: 300, signal 69177/74884 (executing program) 2022/09/20 11:30:28 fetching corpus: 350, signal 71982/78109 (executing program) 2022/09/20 11:30:28 fetching corpus: 400, signal 75587/81900 (executing program) 2022/09/20 11:30:29 fetching corpus: 450, signal 80844/86958 (executing program) 2022/09/20 11:30:29 fetching corpus: 500, signal 86784/92395 (executing program) 2022/09/20 11:30:29 fetching corpus: 550, signal 89222/94874 (executing program) 2022/09/20 11:30:29 fetching corpus: 600, signal 92593/97907 (executing program) 2022/09/20 11:30:29 fetching corpus: 650, signal 95977/100874 (executing program) 2022/09/20 11:30:29 fetching corpus: 700, signal 98102/102783 (executing program) 2022/09/20 11:30:30 fetching corpus: 750, signal 100976/105300 (executing program) 2022/09/20 11:30:30 fetching corpus: 800, signal 103070/107047 (executing program) 2022/09/20 11:30:30 fetching corpus: 850, signal 104656/108370 (executing program) 2022/09/20 11:30:30 fetching corpus: 900, signal 106949/110144 (executing program) 2022/09/20 11:30:30 fetching corpus: 950, signal 109020/111657 (executing program) 2022/09/20 11:30:30 fetching corpus: 1000, signal 110971/113046 (executing program) 2022/09/20 11:30:30 fetching corpus: 1050, signal 112403/114047 (executing program) 2022/09/20 11:30:30 fetching corpus: 1097, signal 113923/115076 (executing program) 2022/09/20 11:30:30 fetching corpus: 1097, signal 113923/115123 (executing program) 2022/09/20 11:30:30 fetching corpus: 1097, signal 113923/115176 (executing program) 2022/09/20 11:30:30 fetching corpus: 1097, signal 113923/115220 (executing program) 2022/09/20 11:30:30 fetching corpus: 1097, signal 113923/115287 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115335 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115390 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115445 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115492 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115544 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115610 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115664 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115718 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115770 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115823 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115883 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115930 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/115997 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116059 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116119 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116168 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116220 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116278 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116331 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116379 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116434 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116479 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116541 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116587 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116633 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116673 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116736 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116791 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116846 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116893 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116916 (executing program) 2022/09/20 11:30:31 fetching corpus: 1097, signal 113923/116916 (executing program) 2022/09/20 11:30:34 starting 8 fuzzer processes 11:30:34 executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)='r', 0x1}], 0x1) fallocate(r0, 0x3, 0x0, 0x3) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x84482, 0x0) pwritev(r1, &(0x7f0000000240)=[{&(0x7f0000000200)='S', 0x1}, {&(0x7f0000001340)="b2", 0x1}], 0x2, 0x0, 0x0) 11:30:34 executing program 1: rt_sigtimedwait(&(0x7f0000000180), 0x0, &(0x7f0000000280), 0x8) 11:30:34 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40a81, 0x0) write$vga_arbiter(r0, &(0x7f0000000140), 0x9) [ 64.694127] audit: type=1400 audit(1663673434.191:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 11:30:34 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001840)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001800), 0xd}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) preadv(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x1, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x18, r1, 0x301, 0x0, 0x0, {0x4}, [@ETHTOOL_A_PAUSE_HEADER={0x4}]}, 0x18}}, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000001340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001300)={0x0}}, 0x800) 11:30:34 executing program 4: r0 = epoll_create(0x4) r1 = socket$netlink(0x10, 0x3, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0xf, r1, &(0x7f0000000000)={0x30000015}) 11:30:34 executing program 6: timer_create(0x8, &(0x7f00000000c0)={0x0, 0x0, 0x1}, &(0x7f0000000080)) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, r0+60000000}, {0x0, 0x989680}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{}, {0x77359400}}, &(0x7f0000000040)) 11:30:34 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000004040), 0x0, 0x0) ioctl$TCSETS(r0, 0x80045430, &(0x7f0000004080)={0x0, 0x0, 0x0, 0x0, 0x0, "53a14f361e559084047112d4b940ce874276eb"}) 11:30:34 executing program 7: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001280), 0x80c01, 0x0) write$P9_RWRITE(r0, 0x0, 0x0) [ 65.922859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 65.932466] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 65.933602] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 65.942135] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 65.943944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 65.948118] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 65.971736] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 65.972969] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 65.983290] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 65.983403] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 65.984669] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 65.987246] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 65.989120] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 65.992451] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 65.994494] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 65.996040] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 66.001424] Bluetooth: hci2: HCI_REQ-0x0c1a [ 66.014072] Bluetooth: hci1: HCI_REQ-0x0c1a [ 66.043434] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 66.045086] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 66.046901] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 66.063982] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.066099] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.071461] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 66.073513] Bluetooth: hci0: HCI_REQ-0x0c1a [ 66.077673] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 66.079733] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 66.086524] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 66.088346] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 66.088597] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 66.090102] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 66.090865] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 66.092115] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 66.096492] Bluetooth: hci5: HCI_REQ-0x0c1a [ 66.109420] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 66.110602] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 66.112716] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 66.113940] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 66.117251] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 66.118540] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 66.120381] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 66.123133] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 66.123815] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 66.125872] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 66.127139] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 66.134590] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 66.134631] Bluetooth: hci4: HCI_REQ-0x0c1a [ 66.135575] Bluetooth: hci3: HCI_REQ-0x0c1a [ 66.149531] Bluetooth: hci7: HCI_REQ-0x0c1a [ 68.065570] Bluetooth: hci1: command 0x0409 tx timeout [ 68.065821] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 68.066399] Bluetooth: hci2: command 0x0409 tx timeout [ 68.129285] Bluetooth: hci5: command 0x0409 tx timeout [ 68.129531] Bluetooth: hci0: command 0x0409 tx timeout [ 68.193567] Bluetooth: hci7: command 0x0409 tx timeout [ 68.193657] Bluetooth: hci3: command 0x0409 tx timeout [ 68.194345] Bluetooth: hci4: command 0x0409 tx timeout [ 70.113286] Bluetooth: hci2: command 0x041b tx timeout [ 70.113315] Bluetooth: hci1: command 0x041b tx timeout [ 70.177493] Bluetooth: hci5: command 0x041b tx timeout [ 70.177517] Bluetooth: hci0: command 0x041b tx timeout [ 70.241750] Bluetooth: hci4: command 0x041b tx timeout [ 70.243260] Bluetooth: hci3: command 0x041b tx timeout [ 70.243722] Bluetooth: hci7: command 0x041b tx timeout [ 71.358351] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 71.359946] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 71.360970] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 71.364288] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 71.365863] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 71.369724] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 71.373595] Bluetooth: hci6: HCI_REQ-0x0c1a [ 72.161223] Bluetooth: hci2: command 0x040f tx timeout [ 72.161248] Bluetooth: hci1: command 0x040f tx timeout [ 72.225454] Bluetooth: hci0: command 0x040f tx timeout [ 72.225473] Bluetooth: hci5: command 0x040f tx timeout [ 72.289233] Bluetooth: hci7: command 0x040f tx timeout [ 72.289703] Bluetooth: hci3: command 0x040f tx timeout [ 72.290114] Bluetooth: hci4: command 0x040f tx timeout [ 73.442290] Bluetooth: hci6: command 0x0409 tx timeout [ 74.209278] Bluetooth: hci1: command 0x0419 tx timeout [ 74.209791] Bluetooth: hci2: command 0x0419 tx timeout [ 74.273237] Bluetooth: hci0: command 0x0419 tx timeout [ 74.274259] Bluetooth: hci5: command 0x0419 tx timeout [ 74.338233] Bluetooth: hci4: command 0x0419 tx timeout [ 74.338666] Bluetooth: hci3: command 0x0419 tx timeout [ 74.339066] Bluetooth: hci7: command 0x0419 tx timeout [ 75.489213] Bluetooth: hci6: command 0x041b tx timeout [ 77.537244] Bluetooth: hci6: command 0x040f tx timeout [ 79.585251] Bluetooth: hci6: command 0x0419 tx timeout 11:31:30 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40a81, 0x0) write$vga_arbiter(r0, &(0x7f0000000140), 0x9) 11:31:30 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40a81, 0x0) write$vga_arbiter(r0, &(0x7f0000000140), 0x9) 11:31:30 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x40a81, 0x0) write$vga_arbiter(r0, &(0x7f0000000140), 0x9) 11:31:30 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000480)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)="7f64ff82a778ddbe4927448bf06ac66d95edf173febf4fafbe5071c288c37c6d2a3df417d89bf63cfafb0373f4aa1bee637845f5e190272a86e770218548ecd304aca3174e8d64ec1e76e433397e00baf563c0d9eee218ac3f73b6d4f6326bcc115ccf3481ad63d1ca6bdbe7e1d24c6caab37cff51c0e50d5819e571ea183c3a2e54ab6c4886614d56fad7e0839d7aca957040332947e2c430616e47deedf4ff150c5547db43cd548bb19be9dd384166c35a4367ae11a873abbb24f879ce48c40cbeaaffdc83d93214e7ca2c4aa0225c71c7835f33c13f45d5e0e1b75daf2a30405516772a0c27ac807b2b57e3c1356e03f8f93fcf85f6124a0d5ba104b244bf215c50f86a88a851a3a46ef83e5e06e10bd6dbb9ff9ec943ce923257ef25d8720261259acfdefd493802efcf00814fdf2dee9ca346428177b0fc7886f5991e549db25ac9094e1fb8e20c211bbea8b8498e18936f01bddcea5052ef8b48c2465776ef4e9564c476c83a788cef517753cebba8c836b364488b913aa369a69f751664339c13ca1218f3622a2838a3c0c55a2d6e417048048fe6e9999682370802e272151e81ea18f83b80ca7580850fca04b0219f4e148aff75720d550e70f95da630493d6a799ab002503ec798e1aa0bbdc6f0f072fe0139b694c6b3654023e80d2d36beec60bffb1b65398209d35815def6b0b898973e79b730fa7c89487746b9b23151e1b1beb7f945085e85e44532ca23a53e1e9dca0c67dc6f7959eee497cc6f6d9720b17cf2b19dfa9a8e5d91476b47ebad2a7022f4f9963cc7b906978f284673271b4f97fece413e00c4d0e72d1dcc38502946fcf8f42178087651057937ae8e9a3ae7df7b251294dee0f60e30db4568624d54b4743418ab3a15b2cee57e0cafc0a1d1aaa1438795ad9714c28ed98fa9297da4f23d9fdad24bae819094c907d18690fdadf0ae5dcecccf0037c3f84533ee0d6302c438ae379f6bb3f1dbdb607f5520fc775ccae14ef437e1bc66075aac488e2a5fa8081b36b0b1b01ee53a12715c39f8604f8fb06ba73702bbee7d7e6e6ae73442832c7cd38160f7c7582beb4cf794dc64930469cce35ac18ade0a14f698fff2593262b56900d7542c0a3e88cda41ba277fc204fa79bc4f911410894f2cccbe2f1c2c8927fb1f83d88c287c05e63d73798cf7575c194ab7b3b06922140b2f7a146aa49dc9ddf057715a64f791c31bbb2ef4d9c99907046d558e7840e8a4899d9b12249b845eccd06cf80323d6a02322b52fead37087b3b9601ad136ca85206e35221523f001ca33032172b8bea7232cbc3ab1fabfbee095639da22e19a40874dda9840014d5a1492468f39e793c853d1d9cafeb03b26f0e306c0978429b509854503ed0484b79bd657d3ca3bf6c013a143520b33436e5472767813a854e1a53d8846382847edde40059d61"}) 11:31:30 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000480)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)="7f64ff82a778ddbe4927448bf06ac66d95edf173febf4fafbe5071c288c37c6d2a3df417d89bf63cfafb0373f4aa1bee637845f5e190272a86e770218548ecd304aca3174e8d64ec1e76e433397e00baf563c0d9eee218ac3f73b6d4f6326bcc115ccf3481ad63d1ca6bdbe7e1d24c6caab37cff51c0e50d5819e571ea183c3a2e54ab6c4886614d56fad7e0839d7aca957040332947e2c430616e47deedf4ff150c5547db43cd548bb19be9dd384166c35a4367ae11a873abbb24f879ce48c40cbeaaffdc83d93214e7ca2c4aa0225c71c7835f33c13f45d5e0e1b75daf2a30405516772a0c27ac807b2b57e3c1356e03f8f93fcf85f6124a0d5ba104b244bf215c50f86a88a851a3a46ef83e5e06e10bd6dbb9ff9ec943ce923257ef25d8720261259acfdefd493802efcf00814fdf2dee9ca346428177b0fc7886f5991e549db25ac9094e1fb8e20c211bbea8b8498e18936f01bddcea5052ef8b48c2465776ef4e9564c476c83a788cef517753cebba8c836b364488b913aa369a69f751664339c13ca1218f3622a2838a3c0c55a2d6e417048048fe6e9999682370802e272151e81ea18f83b80ca7580850fca04b0219f4e148aff75720d550e70f95da630493d6a799ab002503ec798e1aa0bbdc6f0f072fe0139b694c6b3654023e80d2d36beec60bffb1b65398209d35815def6b0b898973e79b730fa7c89487746b9b23151e1b1beb7f945085e85e44532ca23a53e1e9dca0c67dc6f7959eee497cc6f6d9720b17cf2b19dfa9a8e5d91476b47ebad2a7022f4f9963cc7b906978f284673271b4f97fece413e00c4d0e72d1dcc38502946fcf8f42178087651057937ae8e9a3ae7df7b251294dee0f60e30db4568624d54b4743418ab3a15b2cee57e0cafc0a1d1aaa1438795ad9714c28ed98fa9297da4f23d9fdad24bae819094c907d18690fdadf0ae5dcecccf0037c3f84533ee0d6302c438ae379f6bb3f1dbdb607f5520fc775ccae14ef437e1bc66075aac488e2a5fa8081b36b0b1b01ee53a12715c39f8604f8fb06ba73702bbee7d7e6e6ae73442832c7cd38160f7c7582beb4cf794dc64930469cce35ac18ade0a14f698fff2593262b56900d7542c0a3e88cda41ba277fc204fa79bc4f911410894f2cccbe2f1c2c8927fb1f83d88c287c05e63d73798cf7575c194ab7b3b06922140b2f7a146aa49dc9ddf057715a64f791c31bbb2ef4d9c99907046d558e7840e8a4899d9b12249b845eccd06cf80323d6a02322b52fead37087b3b9601ad136ca85206e35221523f001ca33032172b8bea7232cbc3ab1fabfbee095639da22e19a40874dda9840014d5a1492468f39e793c853d1d9cafeb03b26f0e306c0978429b509854503ed0484b79bd657d3ca3bf6c013a143520b33436e5472767813a854e1a53d8846382847edde40059d61"}) 11:31:30 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000480)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)="7f64ff82a778ddbe4927448bf06ac66d95edf173febf4fafbe5071c288c37c6d2a3df417d89bf63cfafb0373f4aa1bee637845f5e190272a86e770218548ecd304aca3174e8d64ec1e76e433397e00baf563c0d9eee218ac3f73b6d4f6326bcc115ccf3481ad63d1ca6bdbe7e1d24c6caab37cff51c0e50d5819e571ea183c3a2e54ab6c4886614d56fad7e0839d7aca957040332947e2c430616e47deedf4ff150c5547db43cd548bb19be9dd384166c35a4367ae11a873abbb24f879ce48c40cbeaaffdc83d93214e7ca2c4aa0225c71c7835f33c13f45d5e0e1b75daf2a30405516772a0c27ac807b2b57e3c1356e03f8f93fcf85f6124a0d5ba104b244bf215c50f86a88a851a3a46ef83e5e06e10bd6dbb9ff9ec943ce923257ef25d8720261259acfdefd493802efcf00814fdf2dee9ca346428177b0fc7886f5991e549db25ac9094e1fb8e20c211bbea8b8498e18936f01bddcea5052ef8b48c2465776ef4e9564c476c83a788cef517753cebba8c836b364488b913aa369a69f751664339c13ca1218f3622a2838a3c0c55a2d6e417048048fe6e9999682370802e272151e81ea18f83b80ca7580850fca04b0219f4e148aff75720d550e70f95da630493d6a799ab002503ec798e1aa0bbdc6f0f072fe0139b694c6b3654023e80d2d36beec60bffb1b65398209d35815def6b0b898973e79b730fa7c89487746b9b23151e1b1beb7f945085e85e44532ca23a53e1e9dca0c67dc6f7959eee497cc6f6d9720b17cf2b19dfa9a8e5d91476b47ebad2a7022f4f9963cc7b906978f284673271b4f97fece413e00c4d0e72d1dcc38502946fcf8f42178087651057937ae8e9a3ae7df7b251294dee0f60e30db4568624d54b4743418ab3a15b2cee57e0cafc0a1d1aaa1438795ad9714c28ed98fa9297da4f23d9fdad24bae819094c907d18690fdadf0ae5dcecccf0037c3f84533ee0d6302c438ae379f6bb3f1dbdb607f5520fc775ccae14ef437e1bc66075aac488e2a5fa8081b36b0b1b01ee53a12715c39f8604f8fb06ba73702bbee7d7e6e6ae73442832c7cd38160f7c7582beb4cf794dc64930469cce35ac18ade0a14f698fff2593262b56900d7542c0a3e88cda41ba277fc204fa79bc4f911410894f2cccbe2f1c2c8927fb1f83d88c287c05e63d73798cf7575c194ab7b3b06922140b2f7a146aa49dc9ddf057715a64f791c31bbb2ef4d9c99907046d558e7840e8a4899d9b12249b845eccd06cf80323d6a02322b52fead37087b3b9601ad136ca85206e35221523f001ca33032172b8bea7232cbc3ab1fabfbee095639da22e19a40874dda9840014d5a1492468f39e793c853d1d9cafeb03b26f0e306c0978429b509854503ed0484b79bd657d3ca3bf6c013a143520b33436e5472767813a854e1a53d8846382847edde40059d61"}) 11:31:30 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000480)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)="7f64ff82a778ddbe4927448bf06ac66d95edf173febf4fafbe5071c288c37c6d2a3df417d89bf63cfafb0373f4aa1bee637845f5e190272a86e770218548ecd304aca3174e8d64ec1e76e433397e00baf563c0d9eee218ac3f73b6d4f6326bcc115ccf3481ad63d1ca6bdbe7e1d24c6caab37cff51c0e50d5819e571ea183c3a2e54ab6c4886614d56fad7e0839d7aca957040332947e2c430616e47deedf4ff150c5547db43cd548bb19be9dd384166c35a4367ae11a873abbb24f879ce48c40cbeaaffdc83d93214e7ca2c4aa0225c71c7835f33c13f45d5e0e1b75daf2a30405516772a0c27ac807b2b57e3c1356e03f8f93fcf85f6124a0d5ba104b244bf215c50f86a88a851a3a46ef83e5e06e10bd6dbb9ff9ec943ce923257ef25d8720261259acfdefd493802efcf00814fdf2dee9ca346428177b0fc7886f5991e549db25ac9094e1fb8e20c211bbea8b8498e18936f01bddcea5052ef8b48c2465776ef4e9564c476c83a788cef517753cebba8c836b364488b913aa369a69f751664339c13ca1218f3622a2838a3c0c55a2d6e417048048fe6e9999682370802e272151e81ea18f83b80ca7580850fca04b0219f4e148aff75720d550e70f95da630493d6a799ab002503ec798e1aa0bbdc6f0f072fe0139b694c6b3654023e80d2d36beec60bffb1b65398209d35815def6b0b898973e79b730fa7c89487746b9b23151e1b1beb7f945085e85e44532ca23a53e1e9dca0c67dc6f7959eee497cc6f6d9720b17cf2b19dfa9a8e5d91476b47ebad2a7022f4f9963cc7b906978f284673271b4f97fece413e00c4d0e72d1dcc38502946fcf8f42178087651057937ae8e9a3ae7df7b251294dee0f60e30db4568624d54b4743418ab3a15b2cee57e0cafc0a1d1aaa1438795ad9714c28ed98fa9297da4f23d9fdad24bae819094c907d18690fdadf0ae5dcecccf0037c3f84533ee0d6302c438ae379f6bb3f1dbdb607f5520fc775ccae14ef437e1bc66075aac488e2a5fa8081b36b0b1b01ee53a12715c39f8604f8fb06ba73702bbee7d7e6e6ae73442832c7cd38160f7c7582beb4cf794dc64930469cce35ac18ade0a14f698fff2593262b56900d7542c0a3e88cda41ba277fc204fa79bc4f911410894f2cccbe2f1c2c8927fb1f83d88c287c05e63d73798cf7575c194ab7b3b06922140b2f7a146aa49dc9ddf057715a64f791c31bbb2ef4d9c99907046d558e7840e8a4899d9b12249b845eccd06cf80323d6a02322b52fead37087b3b9601ad136ca85206e35221523f001ca33032172b8bea7232cbc3ab1fabfbee095639da22e19a40874dda9840014d5a1492468f39e793c853d1d9cafeb03b26f0e306c0978429b509854503ed0484b79bd657d3ca3bf6c013a143520b33436e5472767813a854e1a53d8846382847edde40059d61"}) 11:31:31 executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000480)={0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)="7f64ff82a778ddbe4927448bf06ac66d95edf173febf4fafbe5071c288c37c6d2a3df417d89bf63cfafb0373f4aa1bee637845f5e190272a86e770218548ecd304aca3174e8d64ec1e76e433397e00baf563c0d9eee218ac3f73b6d4f6326bcc115ccf3481ad63d1ca6bdbe7e1d24c6caab37cff51c0e50d5819e571ea183c3a2e54ab6c4886614d56fad7e0839d7aca957040332947e2c430616e47deedf4ff150c5547db43cd548bb19be9dd384166c35a4367ae11a873abbb24f879ce48c40cbeaaffdc83d93214e7ca2c4aa0225c71c7835f33c13f45d5e0e1b75daf2a30405516772a0c27ac807b2b57e3c1356e03f8f93fcf85f6124a0d5ba104b244bf215c50f86a88a851a3a46ef83e5e06e10bd6dbb9ff9ec943ce923257ef25d8720261259acfdefd493802efcf00814fdf2dee9ca346428177b0fc7886f5991e549db25ac9094e1fb8e20c211bbea8b8498e18936f01bddcea5052ef8b48c2465776ef4e9564c476c83a788cef517753cebba8c836b364488b913aa369a69f751664339c13ca1218f3622a2838a3c0c55a2d6e417048048fe6e9999682370802e272151e81ea18f83b80ca7580850fca04b0219f4e148aff75720d550e70f95da630493d6a799ab002503ec798e1aa0bbdc6f0f072fe0139b694c6b3654023e80d2d36beec60bffb1b65398209d35815def6b0b898973e79b730fa7c89487746b9b23151e1b1beb7f945085e85e44532ca23a53e1e9dca0c67dc6f7959eee497cc6f6d9720b17cf2b19dfa9a8e5d91476b47ebad2a7022f4f9963cc7b906978f284673271b4f97fece413e00c4d0e72d1dcc38502946fcf8f42178087651057937ae8e9a3ae7df7b251294dee0f60e30db4568624d54b4743418ab3a15b2cee57e0cafc0a1d1aaa1438795ad9714c28ed98fa9297da4f23d9fdad24bae819094c907d18690fdadf0ae5dcecccf0037c3f84533ee0d6302c438ae379f6bb3f1dbdb607f5520fc775ccae14ef437e1bc66075aac488e2a5fa8081b36b0b1b01ee53a12715c39f8604f8fb06ba73702bbee7d7e6e6ae73442832c7cd38160f7c7582beb4cf794dc64930469cce35ac18ade0a14f698fff2593262b56900d7542c0a3e88cda41ba277fc204fa79bc4f911410894f2cccbe2f1c2c8927fb1f83d88c287c05e63d73798cf7575c194ab7b3b06922140b2f7a146aa49dc9ddf057715a64f791c31bbb2ef4d9c99907046d558e7840e8a4899d9b12249b845eccd06cf80323d6a02322b52fead37087b3b9601ad136ca85206e35221523f001ca33032172b8bea7232cbc3ab1fabfbee095639da22e19a40874dda9840014d5a1492468f39e793c853d1d9cafeb03b26f0e306c0978429b509854503ed0484b79bd657d3ca3bf6c013a143520b33436e5472767813a854e1a53d8846382847edde40059d61"}) [ 122.486950] audit: type=1400 audit(1663673491.984:7): avc: denied { block_suspend } for pid=3883 comm="syz-executor.4" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [ 124.936304] audit: type=1400 audit(1663673494.432:8): avc: denied { open } for pid=3963 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.937856] audit: type=1400 audit(1663673494.432:9): avc: denied { kernel } for pid=3963 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 124.950882] ------------[ cut here ]------------ [ 124.950902] [ 124.950905] ====================================================== [ 124.950909] WARNING: possible circular locking dependency detected [ 124.950913] 6.0.0-rc6-next-20220920 #1 Not tainted [ 124.950920] ------------------------------------------------------ [ 124.950923] syz-executor.3/3964 is trying to acquire lock: [ 124.950930] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 124.950969] [ 124.950969] but task is already holding lock: [ 124.950972] ffff888008d20420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.950999] [ 124.950999] which lock already depends on the new lock. [ 124.950999] [ 124.951002] [ 124.951002] the existing dependency chain (in reverse order) is: [ 124.951006] [ 124.951006] -> #3 (&ctx->lock){....}-{2:2}: [ 124.951020] _raw_spin_lock+0x2a/0x40 [ 124.951039] __perf_event_task_sched_out+0x53b/0x18d0 [ 124.951052] __schedule+0xedd/0x2470 [ 124.951065] schedule+0xda/0x1b0 [ 124.951078] futex_wait_queue+0xf5/0x1e0 [ 124.951091] futex_wait+0x28e/0x690 [ 124.951103] do_futex+0x2ff/0x380 [ 124.951113] __x64_sys_futex+0x1c6/0x4d0 [ 124.951123] do_syscall_64+0x3b/0x90 [ 124.951138] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.951160] [ 124.951160] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 124.951174] _raw_spin_lock_nested+0x30/0x40 [ 124.951191] raw_spin_rq_lock_nested+0x1e/0x30 [ 124.951203] task_fork_fair+0x63/0x4d0 [ 124.951220] sched_cgroup_fork+0x3d0/0x540 [ 124.951234] copy_process+0x4183/0x6e20 [ 124.951244] kernel_clone+0xe7/0x890 [ 124.951254] user_mode_thread+0xad/0xf0 [ 124.951264] rest_init+0x24/0x250 [ 124.951274] arch_call_rest_init+0xf/0x14 [ 124.951288] start_kernel+0x4c1/0x4e6 [ 124.951300] secondary_startup_64_no_verify+0xe0/0xeb [ 124.951314] [ 124.951314] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 124.951328] _raw_spin_lock_irqsave+0x39/0x60 [ 124.951345] try_to_wake_up+0xab/0x1930 [ 124.951358] up+0x75/0xb0 [ 124.951369] __up_console_sem+0x6e/0x80 [ 124.951384] console_unlock+0x46a/0x590 [ 124.951400] vprintk_emit+0x1bd/0x560 [ 124.951416] vprintk+0x84/0xa0 [ 124.951432] _printk+0xba/0xf1 [ 124.951442] kauditd_hold_skb.cold+0x3f/0x4e [ 124.951458] kauditd_send_queue+0x233/0x290 [ 124.951472] kauditd_thread+0x5da/0x9a0 [ 124.951486] kthread+0x2ed/0x3a0 [ 124.951500] ret_from_fork+0x22/0x30 [ 124.951512] [ 124.951512] -> #0 ((console_sem).lock){....}-{2:2}: [ 124.951526] __lock_acquire+0x2a02/0x5e70 [ 124.951542] lock_acquire+0x1a2/0x530 [ 124.951557] _raw_spin_lock_irqsave+0x39/0x60 [ 124.951574] down_trylock+0xe/0x70 [ 124.951586] __down_trylock_console_sem+0x3b/0xd0 [ 124.951602] vprintk_emit+0x16b/0x560 [ 124.951618] vprintk+0x84/0xa0 [ 124.951634] _printk+0xba/0xf1 [ 124.951643] report_bug.cold+0x72/0xab [ 124.951658] handle_bug+0x3c/0x70 [ 124.951672] exc_invalid_op+0x14/0x50 [ 124.951688] asm_exc_invalid_op+0x16/0x20 [ 124.951698] group_sched_out.part.0+0x2c7/0x460 [ 124.951709] ctx_sched_out+0x8f1/0xc10 [ 124.951719] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.951731] __schedule+0xedd/0x2470 [ 124.951743] schedule+0xda/0x1b0 [ 124.951755] futex_wait_queue+0xf5/0x1e0 [ 124.951765] futex_wait+0x28e/0x690 [ 124.951775] do_futex+0x2ff/0x380 [ 124.951784] __x64_sys_futex+0x1c6/0x4d0 [ 124.951794] do_syscall_64+0x3b/0x90 [ 124.951809] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.951828] [ 124.951828] other info that might help us debug this: [ 124.951828] [ 124.951830] Chain exists of: [ 124.951830] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 124.951830] [ 124.951845] Possible unsafe locking scenario: [ 124.951845] [ 124.951847] CPU0 CPU1 [ 124.951850] ---- ---- [ 124.951852] lock(&ctx->lock); [ 124.951858] lock(&rq->__lock); [ 124.951865] lock(&ctx->lock); [ 124.951871] lock((console_sem).lock); [ 124.951877] [ 124.951877] *** DEADLOCK *** [ 124.951877] [ 124.951878] 2 locks held by syz-executor.3/3964: [ 124.951885] #0: ffff88806cf37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 124.951913] #1: ffff888008d20420 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 124.951940] [ 124.951940] stack backtrace: [ 124.951943] CPU: 1 PID: 3964 Comm: syz-executor.3 Not tainted 6.0.0-rc6-next-20220920 #1 [ 124.951956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 124.951964] Call Trace: [ 124.951968] [ 124.951972] dump_stack_lvl+0x8b/0xb3 [ 124.951989] check_noncircular+0x263/0x2e0 [ 124.952005] ? format_decode+0x26c/0xb50 [ 124.952022] ? print_circular_bug+0x450/0x450 [ 124.952038] ? enable_ptr_key_workfn+0x20/0x20 [ 124.952054] ? format_decode+0x26c/0xb50 [ 124.952070] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 124.952088] __lock_acquire+0x2a02/0x5e70 [ 124.952109] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 124.952131] lock_acquire+0x1a2/0x530 [ 124.952148] ? down_trylock+0xe/0x70 [ 124.952163] ? lock_release+0x750/0x750 [ 124.952183] ? vprintk+0x84/0xa0 [ 124.952201] _raw_spin_lock_irqsave+0x39/0x60 [ 124.952218] ? down_trylock+0xe/0x70 [ 124.952232] down_trylock+0xe/0x70 [ 124.952245] ? vprintk+0x84/0xa0 [ 124.952262] __down_trylock_console_sem+0x3b/0xd0 [ 124.952279] vprintk_emit+0x16b/0x560 [ 124.952298] vprintk+0x84/0xa0 [ 124.952315] _printk+0xba/0xf1 [ 124.952325] ? record_print_text.cold+0x16/0x16 [ 124.952340] ? report_bug.cold+0x66/0xab [ 124.952356] ? group_sched_out.part.0+0x2c7/0x460 [ 124.952368] report_bug.cold+0x72/0xab [ 124.952385] handle_bug+0x3c/0x70 [ 124.952401] exc_invalid_op+0x14/0x50 [ 124.952418] asm_exc_invalid_op+0x16/0x20 [ 124.952429] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 124.952443] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 0b 13 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 124.952454] RSP: 0018:ffff888018bc78f8 EFLAGS: 00010006 [ 124.952464] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 124.952472] RDX: ffff888017ecd040 RSI: ffffffff815662c7 RDI: 0000000000000005 [ 124.952480] RBP: ffff88802e428000 R08: 0000000000000005 R09: 0000000000000001 [ 124.952487] R10: 0000000000000000 R11: ffffffff865ae05b R12: ffff888008d20400 [ 124.952495] R13: ffff88806cf3d140 R14: ffffffff8547cec0 R15: 0000000000000002 [ 124.952506] ? group_sched_out.part.0+0x2c7/0x460 [ 124.952519] ? group_sched_out.part.0+0x2c7/0x460 [ 124.952532] ctx_sched_out+0x8f1/0xc10 [ 124.952545] __perf_event_task_sched_out+0x6d0/0x18d0 [ 124.952561] ? lock_is_held_type+0xd7/0x130 [ 124.952573] ? __perf_cgroup_move+0x160/0x160 [ 124.952585] ? set_next_entity+0x304/0x550 [ 124.952605] ? lock_is_held_type+0xd7/0x130 [ 124.952617] __schedule+0xedd/0x2470 [ 124.952632] ? io_schedule_timeout+0x150/0x150 [ 124.952647] ? futex_wait_setup+0x166/0x230 [ 124.952661] schedule+0xda/0x1b0 [ 124.952674] futex_wait_queue+0xf5/0x1e0 [ 124.952686] futex_wait+0x28e/0x690 [ 124.952699] ? futex_wait_setup+0x230/0x230 [ 124.952712] ? wake_up_q+0x8b/0xf0 [ 124.952725] ? do_raw_spin_unlock+0x4f/0x220 [ 124.952744] ? futex_wake+0x158/0x490 [ 124.952760] ? fd_install+0x1f9/0x640 [ 124.952777] do_futex+0x2ff/0x380 [ 124.952788] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 124.952804] __x64_sys_futex+0x1c6/0x4d0 [ 124.952817] ? __x64_sys_futex_time32+0x480/0x480 [ 124.952830] ? syscall_enter_from_user_mode+0x1d/0x50 [ 124.952842] ? syscall_enter_from_user_mode+0x1d/0x50 [ 124.952856] do_syscall_64+0x3b/0x90 [ 124.952873] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 124.952892] RIP: 0033:0x7fa130bd5b19 [ 124.952900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 124.952911] RSP: 002b:00007fa12e14b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.952922] RAX: ffffffffffffffda RBX: 00007fa130ce8f68 RCX: 00007fa130bd5b19 [ 124.952930] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa130ce8f68 [ 124.952937] RBP: 00007fa130ce8f60 R08: 0000000000000000 R09: 0000000000000000 [ 124.952944] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa130ce8f6c [ 124.952952] R13: 00007ffeb029326f R14: 00007fa12e14b300 R15: 0000000000022000 [ 124.952964] [ 125.012658] WARNING: CPU: 1 PID: 3964 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 125.013335] Modules linked in: [ 125.013568] CPU: 1 PID: 3964 Comm: syz-executor.3 Not tainted 6.0.0-rc6-next-20220920 #1 [ 125.014155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.014959] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 125.015337] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 0b 13 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 125.016575] RSP: 0018:ffff888018bc78f8 EFLAGS: 00010006 [ 125.016944] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.017430] RDX: ffff888017ecd040 RSI: ffffffff815662c7 RDI: 0000000000000005 [ 125.017921] RBP: ffff88802e428000 R08: 0000000000000005 R09: 0000000000000001 [ 125.018459] R10: 0000000000000000 R11: ffffffff865ae05b R12: ffff888008d20400 [ 125.018980] R13: ffff88806cf3d140 R14: ffffffff8547cec0 R15: 0000000000000002 [ 125.019488] FS: 00007fa12e14b700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 125.020080] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.020497] CR2: 00007fc6f6d20298 CR3: 000000001d516000 CR4: 0000000000350ee0 [ 125.021009] Call Trace: [ 125.021205] [ 125.021381] ctx_sched_out+0x8f1/0xc10 [ 125.021675] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.022054] ? lock_is_held_type+0xd7/0x130 [ 125.022373] ? __perf_cgroup_move+0x160/0x160 [ 125.022719] ? set_next_entity+0x304/0x550 [ 125.023043] ? lock_is_held_type+0xd7/0x130 [ 125.023362] __schedule+0xedd/0x2470 [ 125.023643] ? io_schedule_timeout+0x150/0x150 [ 125.023982] ? futex_wait_setup+0x166/0x230 [ 125.024302] schedule+0xda/0x1b0 [ 125.024557] futex_wait_queue+0xf5/0x1e0 [ 125.024859] futex_wait+0x28e/0x690 [ 125.025128] ? futex_wait_setup+0x230/0x230 [ 125.025454] ? wake_up_q+0x8b/0xf0 [ 125.025721] ? do_raw_spin_unlock+0x4f/0x220 [ 125.026060] ? futex_wake+0x158/0x490 [ 125.026352] ? fd_install+0x1f9/0x640 [ 125.026649] do_futex+0x2ff/0x380 [ 125.026910] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 125.027335] __x64_sys_futex+0x1c6/0x4d0 [ 125.027638] ? __x64_sys_futex_time32+0x480/0x480 [ 125.027996] ? syscall_enter_from_user_mode+0x1d/0x50 [ 125.028376] ? syscall_enter_from_user_mode+0x1d/0x50 [ 125.028752] do_syscall_64+0x3b/0x90 [ 125.029036] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.029420] RIP: 0033:0x7fa130bd5b19 [ 125.029695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.031036] RSP: 002b:00007fa12e14b218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.031598] RAX: ffffffffffffffda RBX: 00007fa130ce8f68 RCX: 00007fa130bd5b19 [ 125.032132] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa130ce8f68 [ 125.032663] RBP: 00007fa130ce8f60 R08: 0000000000000000 R09: 0000000000000000 [ 125.033189] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa130ce8f6c [ 125.033713] R13: 00007ffeb029326f R14: 00007fa12e14b300 R15: 0000000000022000 [ 125.034250] [ 125.034418] irq event stamp: 664 [ 125.034663] hardirqs last enabled at (663): [] syscall_enter_from_user_mode+0x1d/0x50 [ 125.035367] hardirqs last disabled at (664): [] __schedule+0x1225/0x2470 [ 125.035959] softirqs last enabled at (302): [] __irq_exit_rcu+0x11b/0x180 [ 125.036548] softirqs last disabled at (297): [] __irq_exit_rcu+0x11b/0x180 [ 125.037143] ---[ end trace 0000000000000000 ]--- [ 128.993383] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 133.217271] Bluetooth: hci1: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 11:31:34 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=ffff88806cf3d460 RCX=ffffffff813bcd7d RDX=0000000000000001 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff88802dbbf940 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffed100d9e7a8d R13=0000000000000001 R14=ffff88806cf3d468 R15=dffffc0000000000 RIP=ffffffff814617a6 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555556b79400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa130cde8dc CR3=000000001d516000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fa130cbc7c0 00007fa130cbc7c8 YMM02=0000000000000000 0000000000000000 00007fa130cbc7e0 00007fa130cbc7c0 YMM03=0000000000000000 0000000000000000 00007fa130cbc7c8 00007fa130cbc7c0 YMM04=0000000000000000 0000000000000000 ff00000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=000000000000005d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1551 RDI=ffffffff87643ba0 RBP=ffffffff87643b60 RSP=ffff888018bc7348 R8 =0000000000000001 R9 =000000000000000a R10=000000000000005d R11=0000000000000001 R12=000000000000005d R13=ffffffff87643b60 R14=0000000000000010 R15=ffffffff822b1540 RIP=ffffffff822b15a9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fa12e14b700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fc6f6d20298 CR3=000000001d516000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fa130cbc7c0 00007fa130cbc7c8 YMM02=0000000000000000 0000000000000000 00007fa130cbc7e0 00007fa130cbc7c0 YMM03=0000000000000000 0000000000000000 00007fa130cbc7c8 00007fa130cbc7c0 YMM04=0000000000000000 0000000000000000 ff00000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000