Warning: Permanently added '[localhost]:9239' (ECDSA) to the list of known hosts. 2022/09/20 12:50:50 fuzzer started 2022/09/20 12:50:51 dialing manager at localhost:34957 syzkaller login: [ 37.051799] cgroup: Unknown subsys name 'net' [ 37.169137] cgroup: Unknown subsys name 'rlimit' 2022/09/20 12:51:05 syscalls: 2215 2022/09/20 12:51:05 code coverage: enabled 2022/09/20 12:51:05 comparison tracing: enabled 2022/09/20 12:51:05 extra coverage: enabled 2022/09/20 12:51:05 setuid sandbox: enabled 2022/09/20 12:51:05 namespace sandbox: enabled 2022/09/20 12:51:05 Android sandbox: enabled 2022/09/20 12:51:05 fault injection: enabled 2022/09/20 12:51:05 leak checking: enabled 2022/09/20 12:51:05 net packet injection: enabled 2022/09/20 12:51:05 net device setup: enabled 2022/09/20 12:51:05 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/20 12:51:05 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/20 12:51:05 USB emulation: enabled 2022/09/20 12:51:05 hci packet injection: enabled 2022/09/20 12:51:05 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220920) 2022/09/20 12:51:05 802.15.4 emulation: enabled 2022/09/20 12:51:05 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/20 12:51:06 fetching corpus: 50, signal 36329/39680 (executing program) 2022/09/20 12:51:06 fetching corpus: 100, signal 45798/50559 (executing program) 2022/09/20 12:51:06 fetching corpus: 150, signal 50857/57012 (executing program) 2022/09/20 12:51:06 fetching corpus: 200, signal 57449/64879 (executing program) 2022/09/20 12:51:06 fetching corpus: 250, signal 64545/73034 (executing program) 2022/09/20 12:51:06 fetching corpus: 300, signal 69055/78656 (executing program) 2022/09/20 12:51:06 fetching corpus: 350, signal 72658/83340 (executing program) 2022/09/20 12:51:07 fetching corpus: 400, signal 76709/88343 (executing program) 2022/09/20 12:51:07 fetching corpus: 450, signal 82071/94508 (executing program) 2022/09/20 12:51:07 fetching corpus: 500, signal 88243/101308 (executing program) 2022/09/20 12:51:07 fetching corpus: 550, signal 90990/104925 (executing program) 2022/09/20 12:51:07 fetching corpus: 600, signal 94340/109034 (executing program) 2022/09/20 12:51:07 fetching corpus: 650, signal 97202/112694 (executing program) 2022/09/20 12:51:07 fetching corpus: 700, signal 99534/115773 (executing program) 2022/09/20 12:51:08 fetching corpus: 750, signal 102441/119362 (executing program) 2022/09/20 12:51:08 fetching corpus: 800, signal 105376/122845 (executing program) 2022/09/20 12:51:08 fetching corpus: 850, signal 106523/124798 (executing program) 2022/09/20 12:51:08 fetching corpus: 900, signal 109169/127945 (executing program) 2022/09/20 12:51:08 fetching corpus: 950, signal 111113/130534 (executing program) 2022/09/20 12:51:08 fetching corpus: 1000, signal 113749/133590 (executing program) 2022/09/20 12:51:08 fetching corpus: 1050, signal 118430/138226 (executing program) 2022/09/20 12:51:08 fetching corpus: 1100, signal 121527/141532 (executing program) 2022/09/20 12:51:09 fetching corpus: 1150, signal 122809/143448 (executing program) 2022/09/20 12:51:09 fetching corpus: 1200, signal 125672/146475 (executing program) 2022/09/20 12:51:09 fetching corpus: 1250, signal 127358/148633 (executing program) 2022/09/20 12:51:09 fetching corpus: 1300, signal 129292/150903 (executing program) 2022/09/20 12:51:09 fetching corpus: 1350, signal 131676/153463 (executing program) 2022/09/20 12:51:09 fetching corpus: 1400, signal 133923/155854 (executing program) 2022/09/20 12:51:09 fetching corpus: 1450, signal 134855/157253 (executing program) 2022/09/20 12:51:09 fetching corpus: 1500, signal 136411/159107 (executing program) 2022/09/20 12:51:10 fetching corpus: 1550, signal 138471/161288 (executing program) 2022/09/20 12:51:10 fetching corpus: 1600, signal 139499/162672 (executing program) 2022/09/20 12:51:10 fetching corpus: 1650, signal 140499/164055 (executing program) 2022/09/20 12:51:10 fetching corpus: 1700, signal 142088/165818 (executing program) 2022/09/20 12:51:10 fetching corpus: 1750, signal 143585/167552 (executing program) 2022/09/20 12:51:10 fetching corpus: 1800, signal 144779/169008 (executing program) 2022/09/20 12:51:10 fetching corpus: 1850, signal 146765/170992 (executing program) 2022/09/20 12:51:10 fetching corpus: 1900, signal 147678/172223 (executing program) 2022/09/20 12:51:10 fetching corpus: 1950, signal 149075/173748 (executing program) 2022/09/20 12:51:11 fetching corpus: 2000, signal 150672/175333 (executing program) 2022/09/20 12:51:11 fetching corpus: 2050, signal 152952/177263 (executing program) 2022/09/20 12:51:11 fetching corpus: 2100, signal 153781/178297 (executing program) 2022/09/20 12:51:11 fetching corpus: 2150, signal 154411/179253 (executing program) 2022/09/20 12:51:11 fetching corpus: 2200, signal 156947/181275 (executing program) 2022/09/20 12:51:11 fetching corpus: 2250, signal 157743/182244 (executing program) 2022/09/20 12:51:11 fetching corpus: 2300, signal 158403/183130 (executing program) 2022/09/20 12:51:11 fetching corpus: 2350, signal 160220/184610 (executing program) 2022/09/20 12:51:11 fetching corpus: 2400, signal 161209/185615 (executing program) 2022/09/20 12:51:12 fetching corpus: 2450, signal 162116/186652 (executing program) 2022/09/20 12:51:12 fetching corpus: 2500, signal 162992/187637 (executing program) 2022/09/20 12:51:12 fetching corpus: 2550, signal 164346/188831 (executing program) 2022/09/20 12:51:12 fetching corpus: 2600, signal 165715/189967 (executing program) 2022/09/20 12:51:12 fetching corpus: 2650, signal 166688/190918 (executing program) 2022/09/20 12:51:12 fetching corpus: 2700, signal 168203/192062 (executing program) 2022/09/20 12:51:12 fetching corpus: 2750, signal 169286/192971 (executing program) 2022/09/20 12:51:13 fetching corpus: 2800, signal 170534/193992 (executing program) 2022/09/20 12:51:13 fetching corpus: 2850, signal 171844/195021 (executing program) 2022/09/20 12:51:13 fetching corpus: 2900, signal 172972/195856 (executing program) 2022/09/20 12:51:13 fetching corpus: 2950, signal 174109/196798 (executing program) 2022/09/20 12:51:13 fetching corpus: 3000, signal 174626/197404 (executing program) 2022/09/20 12:51:13 fetching corpus: 3050, signal 176239/198543 (executing program) 2022/09/20 12:51:13 fetching corpus: 3100, signal 177266/199324 (executing program) 2022/09/20 12:51:13 fetching corpus: 3150, signal 178248/200068 (executing program) 2022/09/20 12:51:14 fetching corpus: 3200, signal 179360/200889 (executing program) 2022/09/20 12:51:14 fetching corpus: 3250, signal 180382/201599 (executing program) 2022/09/20 12:51:14 fetching corpus: 3300, signal 180982/202155 (executing program) 2022/09/20 12:51:14 fetching corpus: 3350, signal 182251/202914 (executing program) 2022/09/20 12:51:14 fetching corpus: 3400, signal 183309/203598 (executing program) 2022/09/20 12:51:14 fetching corpus: 3450, signal 185167/204545 (executing program) 2022/09/20 12:51:14 fetching corpus: 3500, signal 185882/205057 (executing program) 2022/09/20 12:51:14 fetching corpus: 3550, signal 186452/205544 (executing program) 2022/09/20 12:51:15 fetching corpus: 3600, signal 187695/206230 (executing program) 2022/09/20 12:51:15 fetching corpus: 3650, signal 188611/206737 (executing program) 2022/09/20 12:51:15 fetching corpus: 3700, signal 189735/207327 (executing program) 2022/09/20 12:51:15 fetching corpus: 3750, signal 190486/207813 (executing program) 2022/09/20 12:51:15 fetching corpus: 3800, signal 191060/208163 (executing program) 2022/09/20 12:51:15 fetching corpus: 3850, signal 191892/208607 (executing program) 2022/09/20 12:51:15 fetching corpus: 3900, signal 192504/208966 (executing program) 2022/09/20 12:51:15 fetching corpus: 3950, signal 193275/209345 (executing program) 2022/09/20 12:51:16 fetching corpus: 4000, signal 193877/209685 (executing program) 2022/09/20 12:51:16 fetching corpus: 4050, signal 194661/210124 (executing program) 2022/09/20 12:51:16 fetching corpus: 4100, signal 195247/210477 (executing program) 2022/09/20 12:51:16 fetching corpus: 4150, signal 196302/210936 (executing program) 2022/09/20 12:51:16 fetching corpus: 4200, signal 197187/211287 (executing program) 2022/09/20 12:51:16 fetching corpus: 4250, signal 197869/211609 (executing program) 2022/09/20 12:51:16 fetching corpus: 4300, signal 198693/211935 (executing program) 2022/09/20 12:51:16 fetching corpus: 4350, signal 199563/212233 (executing program) 2022/09/20 12:51:17 fetching corpus: 4400, signal 200722/212542 (executing program) 2022/09/20 12:51:17 fetching corpus: 4450, signal 201090/212794 (executing program) 2022/09/20 12:51:17 fetching corpus: 4500, signal 201651/213032 (executing program) 2022/09/20 12:51:17 fetching corpus: 4550, signal 202336/213260 (executing program) 2022/09/20 12:51:17 fetching corpus: 4600, signal 202962/213441 (executing program) 2022/09/20 12:51:17 fetching corpus: 4650, signal 203342/213583 (executing program) 2022/09/20 12:51:17 fetching corpus: 4700, signal 203798/213728 (executing program) 2022/09/20 12:51:17 fetching corpus: 4750, signal 204554/213938 (executing program) 2022/09/20 12:51:18 fetching corpus: 4800, signal 205694/214155 (executing program) 2022/09/20 12:51:18 fetching corpus: 4850, signal 206157/214285 (executing program) 2022/09/20 12:51:18 fetching corpus: 4900, signal 207078/214418 (executing program) 2022/09/20 12:51:18 fetching corpus: 4950, signal 207475/214550 (executing program) 2022/09/20 12:51:18 fetching corpus: 5000, signal 208049/214644 (executing program) 2022/09/20 12:51:18 fetching corpus: 5050, signal 208672/214728 (executing program) 2022/09/20 12:51:18 fetching corpus: 5100, signal 209076/214781 (executing program) 2022/09/20 12:51:18 fetching corpus: 5120, signal 209337/214847 (executing program) 2022/09/20 12:51:18 fetching corpus: 5120, signal 209337/214900 (executing program) 2022/09/20 12:51:18 fetching corpus: 5120, signal 209337/214925 (executing program) 2022/09/20 12:51:18 fetching corpus: 5120, signal 209337/214925 (executing program) 2022/09/20 12:51:21 starting 8 fuzzer processes 12:51:21 executing program 0: syz_io_uring_setup(0x29d9, &(0x7f0000000440)={0x0, 0x628e}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000004c0), &(0x7f0000000500)) 12:51:21 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() 12:51:21 executing program 2: write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000140)=0x3f, 0x4) [ 67.448865] audit: type=1400 audit(1663678281.655:6): avc: denied { execmem } for pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 12:51:21 executing program 3: eventfd2(0x0, 0x0) pipe(&(0x7f0000000000)) socket$netlink(0x10, 0x3, 0x0) pselect6(0x40, &(0x7f0000000100)={0x5f}, 0x0, 0x0, 0x0, 0x0) 12:51:21 executing program 4: r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000007c0), 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_register$IORING_UNREGISTER_BUFFERS(0xffffffffffffffff, 0x1, 0x1000000, 0x0) r1 = syz_io_uring_setup(0x4cdd, &(0x7f0000000140)={0x0, 0x6c4c, 0x10, 0x3, 0x20f}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000300)) syz_io_uring_setup(0x2c86, &(0x7f0000000600)={0x0, 0x501c, 0x2, 0x2, 0x213}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000680), &(0x7f0000000800)) syz_io_uring_setup(0xf95, 0x0, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000540), &(0x7f0000000580)) pidfd_open(0x0, 0x0) syz_io_uring_setup(0x2037bc, &(0x7f0000000400)={0x0, 0x82bf, 0x20, 0x1, 0x1f}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000480), &(0x7f00000006c0)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xb}, 0x0, 0x20, 0x0, 0x0, 0x8}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x2) r2 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r2, 0x0) ftruncate(r1, 0xfffffffffffffff7) close(r2) syz_io_uring_setup(0xaaf, &(0x7f0000000200)={0x0, 0x0, 0x1, 0x3, 0x0, 0x0, r1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000380)) r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000001c0)='ns/time_for_children\x00') ioctl$BTRFS_IOC_SNAP_DESTROY(0xffffffffffffffff, 0x5000940f, &(0x7f0000000b40)={{r3}, "f5643471d6de7648c661b4b46cf183dab7042838cf0fb7f1c3441bec7c2e2f4cfefc1e555f453de379962932a6f34f2b0d6b618939bc50f7cc8617c3a9b27fc2b25529fa49054730536b5dad19ca59984d32d135fe36cb7b98379bf54e603a360335e779d090df4d42f92ca039570ad86dba52e1d693be4d1e45c9049e351ee56cdbda16bcf1233e0af2597d3b093b2dad52e56aeea52c1ae8d89f46dcba79bec998b6bd70ba406b84e7b5ef10f4049b52256246d436f24a830f2944399de790376aeba18b6b17cf3a7d5521b8c442d17d0d579af2f2e7c931c6fbfd8ecf91c386c439ef5138ce327ab077bc0ac36d078eb0c840a34e492d844051f83ea951dba410a42f51bcaa0f732930acc7d514efecc0bca61e1496c94bf2676861bbb8adb97b555f9fa4ecd64c66c219b7777c680c4507d614adc46b9e9e7f45ba377aea8219b92920d9160f020dd14edf010fd77418fb321c83a585f47c454f0b6d26c9910935ec0c8e7ffaa489d208c9fe820ffa4d558c1b97ad05df8169a82cd5e326a98bdde2cf5eb438399155309b2f779e7a7eef76290c6bf856ad469921bb08ed64d5ce7e38d44149f1e9f5c66bdfed398ac2f7819996a46e5ed3f31af23eedf3c322d435c93306e85b7b681068c02cef14ee4e3817177a1b71b56d44fbf2d3dd17643328425c5f4a54d41d07f96dcb68ba9550248f4d5629ae22617e77a32377326a64a72426fccfb4ff2db570f26528607f09dc5bcc264a2fb1b17db62c5b7901c82068367fcc10a808e4940622ad87b7376fa99ac8a0d3888ebb2c207de3f4e4ca1f24455de70b4f882cfa6af4dc90daedf8824d9f4f82caffc312f650eb043ba889d11193cc6be6a930b1408e47ddceba4104fbc47f433fbf764f36f94b810c18a3b4d1597b269b09b4109c7c01f1920b15169e205681bf5054ffe21af12af4a379397b703cbf64b35b5f637a54551f350bcdb5034fd9808cde4427a616f16e723bc71278e3e6688b732d71fd165aad1603abc98881252e257f074686a699caef040b293b55840ecb32a84e361f812ffccf21ce6e764722f41bfac1722b94007152c1dfd0b8da10631171737b3f759d94b138de16707fdedd44675258839d924b209448729c61c884d26941f8fed9875963125a1e48fdd7a405726398e5344bf127c1e269fb1a83ff4ac6ef8d8572a4ac0ac2738e8a6b4ba1806ba4bccf81a17f1c4a3ff8afc2acfaab8be80a3fd7c5f84fa8e6a85d175e4e11926cf93c01582319e1a9e89accaa01d92dc6b26158c614efb76296c419c41b4e6e471666830b4b3436f0b42f598e919e3400f2f26542f0d695bd21f6313ba90266cd8a44e65f5521185b34fef3635294a842a9b6103fc3ff575fc07dc368d134a0025524c0e68af8d30a7ec1bab683551a36be252017ba662d179534ab315464546456248457fe7a07f610b8673018ba86d9afacb657f7f3eb57833e17ae047e04b0606e029772ca7b6ce5ffccfa47eeac287f48978be18338abc28e0d1635c9ce5c15d5153eba82a56eba689dd2f5abfee02e00a0c99c16b60e3893a93de57ec16a1204b7dc08542fe96f5e3e6a7956f15e09e42f00aa5b78176542de745d7762b7438441a0e5608527b2b8052042e218b41a81f338c8cdb4aa4abb225a652ef9aaaaa74522e639341449a114a1f115b96224a7417003ce81d63f37f95852a39484ecf62d0ecbc2e729898cdcda6c5b43f4146712a0a0591ddcdb773db3d9a2caa18d2ac229e278d1b0dae619cc1ce2d01c0446b6cbfca197f361ff810a0a82383528e819c491f4e29e5454985f8cb4c8ceb9ac44ba62cb300b46e939f30f5ce12defa11b2892bf06643a6aa7a32231ef01c7bb1b189b1d9403ed0a2df17a4f3533ce1813878fecad7401469dd949de17057c9605110ddc5114e5028b91edef6d710cc301121b5ef587c613a40d4f57f13da988a24c8e4133465aef3d1cafe0a94ae1a7777b213ea3ebb3c70a6347c7b95ab61c0b9b03f7bba36fb090a925b546b09a4ecde56089af1ea5653f22a52c1d872f1c4bf22ca9acc39fb4ecb5225cb97532a548c08d4d0d798502e4f304de8b9fc4c3bb255d73a98f86a1ea2becfec73d3015bf36b982030576a8223f8d06687d02e5f1d6199ada6774f4aa341b8a29e6838751010033914c22ba8e12a93f832a278d2a0a9a27b10394858f4262f28152129f0b99db7b27640a394c8c88b89e8be3ffe0de27ea1ec6e2fed278d7c234452587a2a6116e2712c5a8c0b1479485f359ef30ceedbd0342a8ad78f23d9d436e2900ed048c15d261cc4d33a34b74c81d1dc21af90506b578c6dec1a88b540752acac20141609ae184526ea850a5b082992793258ff59ea667ac1de402c1523ce30cb5ac61da966750c0d828554239675b13b1769fc1697e7b14ea224a16796308ce7f954475c921c22dd1f650c13bac35962a6f21c056473bc6476426b6795cf230564a186e39b5c488bc12d0e04b3e1be244e88036e2c4dc19902876d87b113244807d70f4daf230888959b4ad4ed4d8dc5f855cf8109d1841c13e0b63ec46f21559cf6cc82503a907160fb9da6e796b9243facf3f95703dc47ed262e52592cb5a629c257f89af9acfbcaef5aa7df388cdb539e48a961881146b2cb347fcaaddb73b3c1c2cf5b5896410d04a6066cfc1a6dba50d0bc20184a054043002da1b7be38eaadb80b6af0e26d81e3da7b56ce0ec7c5bb32aa0d9b23731864d4408fd742a600c244adceebac179b271e441a9f6436dc68a26fbd4b77989e7074c294a239b24d32c7f19e5efa555cf27b93a43fb92e3387957ba2ec0b60face46b65d9b6bd0dec731c0f1183ac6c8be0924c14beb2ea0689941870b0cd935e6e354b54d308b0aae11b38cd2b200bca7b38b0ee12f703b3480bc114ed8f53eb8f8044a20f3d68686a3ddfb8fd3680f18be41dd8833dc7af96a7512d6db7b9c4dfa65e317ac795bf92ef6ffceabfe877b2d97d05b11a77d425d315f0fed5730e57a848e62c0dedd54d1daf58443a0595c0bb7a9f23b067d4ee873d2efdd26846ff728587e9b250696cbf8212a529791c9fb9fb885b79e171297d7d14deeb5e658a60ec07b56b06ed62a5abcd244e4245ff95a33e8c67374ed7f48ef76992409d8c562b343a0513a697d75d08998ab3ceae43ddfb26453ab52397d6a643cbcfee74782e650ebd94349914494e813f6e5052a4fe0f0159e29dd211b266bda1806f5d42cf2f21746f5be11ffb693188f5e8a0a79ca668947f506c5a99a3e2155245d0e49bc9ac829c4839013d8342cf85b4bcbb2c7a48299c8a28b0850b7f34aaa7b7f5410018e987e01dc05d15a619da8ab52ad47a13cfb015e685b44c068ae86f502deaaf5a4197e8c900c55689883f27aba67d21c28b833add5dbab79a057800f9acf27ca47d7fc49d039ad62603e222115debf12a3dbd2fa8f23fbfd7240bdc01c54cb6e2be0606e0a32d07d48b8a5400086474c57aa4eb6808be2ce19f6af58dfc4070f5b7a3536bddaa086b8a629b0de315ecdb15aa20b269d8e1b8fd9ee3c1785f49deb4f01645ea46e4dd1bda0d8629d51f418b09575f49edfb75b2c5ab945b926229615606d8aef06d38275402539eecc5728f4ae972dce4b2e2cb6ffd34c9f1b0319d67abdf8640795937d489ff1b38975c9fbb159fe3300e39426c6a201294e32746060f9627d218a7dbb08b39f41a0fc302f0017426310de3497848cff07fb772d46aa1311f42ef7c024563a8011c0da65df4eff48a25a2e5ed73beb7e0488c5f2ae3ed78ad16a7ee2b0703f5077585ba7c2d166bee20f89defd8b1c87f9f66b8cfed500f08ff1a7fcf9bbea57ecb0dd15a823bda06a42bdd4799e1fc58ee9072a35fe2090750f266e7353bb1089b64315d8c81ea98fca7ead3c1520d937affaf3b7f16d0347c8e1b220a2e9dbd00aac3b0261993b2ff15c03b71646e62219a8a48787bfcfb171239b808c541478a2ec960b03dfb67a669ff78b4e0587ec326da9635d2b0dfe58e4d968a0e3102b528056c429b43a63c8445292648f22d704754f0c45429d921c14da7a2bf1f1e11964d09e3e811589e8fca384b0dde09233b84225ee1117f9f7286d92218f06c96e84bf224d6fbcac334f4ce58264843dac88042962df1321d68626ba22079e46a80a5ebb51cadfda885ec98c2bef946179e7f325c3ae6c903d712787a8ddc9cf9a33668d5d3e5c354f595582efbec901e154f79435b3caf5d3da40c7f4588797aa11c05ee2d4fb3befb07eef82ed8b3854fe1b1222995757f22abccf5e2bff984953d6c5b28190ff453b2270e0be3da73f358d9c716bcb0bad3a15a8f816cc2e6f7053f33d074bb27f8b1a4bd96c181b87fe67cb41c0ba57011f46213c2d36e6bae4c84b6e84c99b19e7bec8a4b86905c83dcf58288758a8b09a02f26ac62d74cc1c25e5823ae17d497840353470ab1704b07a310bc8711c5c6a72e3aaeaccade95bacf1bc1ce0622823df6d666d2e21cc875b39df45d4c442c6cc958473180db37584b583601213046baced5c2330ec791d6bbeb5b3470165061ad240cb31355da917f33d06127d6e7108ab13a8e5c546c87a10a16f338a2c107eabbc6fcf89dc463445947e56242332b27bb3725d0f5c9cbffe356ca566bad260ee2fd365e393fbc1ec79e17c66e1d02848ebe624f503d552abc6a21082a64135de5b38abed8455deb05a11d60ec982b3b4c7bda5b5359aa65213ce7d5bd9eefe6e06e9f5cf5e9dd72fe9eb5084d5ae5b5b411564e6e0ad9bb9b972cb917dcc0861b1808974b1044030f164b64a05b451183951e9461d70a3ada552eb52a1e5f8cd8948e94e049bbb7d11c243d8bb54f6c0e932d7ff1a93bf0a1cca1a3846028c8051769980a2234c84ed1aa89c0995593025a74b1c820382caf821f32f28dfe5d8de4d054a514abba940ca3d2ffd088bcbaf215d64eda0ce060554ff0aa6db04293a1972534905eac7805e1c66d979f5001040ad7b12e0709724a79f2daa4aecd48251b90519ba5810c915472dc4845e8bdec435decb8621859ae571b9d70857d026b5b5bf296a63afea23d860dbfcc3249c25398d427bea13642407aae9094aa70c4e554fc7f5f888260f0a6d0b57de815b912149ce79aff9c8414343af927eba8740adae39b6734e3b4a7110cd9f3de920ef28c9aa3ea0b19cbd7064841b5c4a2e067f59b77063e1b5f1046bddbc31d239a263714c6b66fd3ecb1944f7017532ee1f1991e3e2de2d8ee665341f04ca3138ba7b61be717b750b46c359360b87c3f7521b1739a8e80504d99e3da76914194889640afbcb7bc772b2e6999a6fec35b57bce47c099918a22e5b6272e85486a96693b3fdba43fca0c54235e2ca60f7974294e60f19695f3f837bba498573748f8b33d332284790dc41117ac34df569f560ff99287e27a5e8cad63df2bdfb36b780b7afc87a37b051e1dad047059a880946cae16d476c07e91ba482bdc9b85fd1a695db1ec86f42ef5cc75c53f6c450e54c175b544906628da44a72414d7db69a0ac36b1848c6239f04bcc1852027d9821cbddac1e88eefbc373cb39e638cf2408d3bcb5f35dc277af324cde5adc2a38bc2e72c20e239b50e98f50eff3525db6475306f93f7f9c97a05977e30127667bb1c22f2c66fea16dd9c290c90d8823c115e1983888dc568e57ef2b4023a0369d6132d769a5b7488d8ab58aa2ed9030d6688d7ae9da7fa3ae553d1dfd2aba0599e12fe9dd6227292ce4b5f12cf386d73421"}) close(0xffffffffffffffff) finit_module(r0, &(0x7f00000005c0)='\x00', 0x0) 12:51:21 executing program 6: r0 = socket(0x2, 0x3, 0xe4) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, 0x0, 0x0) 12:51:21 executing program 5: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) read(r0, 0x0, 0x0) 12:51:21 executing program 7: r0 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x2040}, 0x0) io_uring_enter(r0, 0x58df, 0x0, 0x0, 0x0, 0x0) [ 68.777022] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.778693] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.783493] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.784823] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.788467] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.789633] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.797505] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.799283] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.800942] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.803206] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.804512] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.822703] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.825130] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.828089] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.828190] Bluetooth: hci1: HCI_REQ-0x0c1a [ 68.830560] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.834240] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.837017] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.839849] Bluetooth: hci0: HCI_REQ-0x0c1a [ 68.843929] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.851736] Bluetooth: hci3: HCI_REQ-0x0c1a [ 68.891564] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 68.893889] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 68.895579] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 68.899599] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 68.901655] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 68.903871] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 68.905354] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 68.909011] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 68.910236] Bluetooth: hci5: HCI_REQ-0x0c1a [ 68.913491] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 68.916551] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 68.918668] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 68.920106] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 68.924807] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 68.925575] Bluetooth: hci6: HCI_REQ-0x0c1a [ 68.928863] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 68.934851] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.944921] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 68.946226] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.947988] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.953491] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 68.956329] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.957816] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.958966] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 68.963272] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.964435] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.970820] Bluetooth: hci2: HCI_REQ-0x0c1a [ 68.978981] Bluetooth: hci4: HCI_REQ-0x0c1a [ 69.009616] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 69.011854] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 69.013928] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 69.017933] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 69.021313] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 69.022749] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 69.031218] Bluetooth: hci7: HCI_REQ-0x0c1a [ 70.857337] Bluetooth: hci0: command 0x0409 tx timeout [ 70.921310] Bluetooth: hci1: command 0x0409 tx timeout [ 70.921947] Bluetooth: hci3: command 0x0409 tx timeout [ 70.922638] Bluetooth: hci5: command 0x0409 tx timeout [ 70.985162] Bluetooth: hci2: command 0x0409 tx timeout [ 70.985814] Bluetooth: hci6: command 0x0409 tx timeout [ 71.049180] Bluetooth: hci7: command 0x0409 tx timeout [ 71.049792] Bluetooth: hci4: command 0x0409 tx timeout [ 72.905686] Bluetooth: hci0: command 0x041b tx timeout [ 72.969323] Bluetooth: hci5: command 0x041b tx timeout [ 72.970171] Bluetooth: hci3: command 0x041b tx timeout [ 72.970891] Bluetooth: hci1: command 0x041b tx timeout [ 73.033343] Bluetooth: hci6: command 0x041b tx timeout [ 73.034264] Bluetooth: hci2: command 0x041b tx timeout [ 73.097481] Bluetooth: hci4: command 0x041b tx timeout [ 73.098346] Bluetooth: hci7: command 0x041b tx timeout [ 74.953150] Bluetooth: hci0: command 0x040f tx timeout [ 75.017111] Bluetooth: hci1: command 0x040f tx timeout [ 75.017555] Bluetooth: hci3: command 0x040f tx timeout [ 75.017953] Bluetooth: hci5: command 0x040f tx timeout [ 75.081123] Bluetooth: hci2: command 0x040f tx timeout [ 75.081567] Bluetooth: hci6: command 0x040f tx timeout [ 75.145139] Bluetooth: hci7: command 0x040f tx timeout [ 75.145579] Bluetooth: hci4: command 0x040f tx timeout [ 77.001135] Bluetooth: hci0: command 0x0419 tx timeout [ 77.065275] Bluetooth: hci5: command 0x0419 tx timeout [ 77.065708] Bluetooth: hci3: command 0x0419 tx timeout [ 77.066158] Bluetooth: hci1: command 0x0419 tx timeout [ 77.129106] Bluetooth: hci6: command 0x0419 tx timeout [ 77.129532] Bluetooth: hci2: command 0x0419 tx timeout [ 77.193269] Bluetooth: hci4: command 0x0419 tx timeout [ 77.193685] Bluetooth: hci7: command 0x0419 tx timeout [ 124.845564] syz-executor.2 (3805) used greatest stack depth: 24520 bytes left 12:52:19 executing program 2: write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000140)=0x3f, 0x4) [ 125.042260] audit: type=1400 audit(1663678339.248:7): avc: denied { open } for pid=3851 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.045407] audit: type=1400 audit(1663678339.249:8): avc: denied { kernel } for pid=3851 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.058754] ------------[ cut here ]------------ [ 125.058777] [ 125.058781] ====================================================== [ 125.058785] WARNING: possible circular locking dependency detected [ 125.058789] 6.0.0-rc6-next-20220920 #1 Not tainted [ 125.058795] ------------------------------------------------------ [ 125.058799] syz-executor.4/3854 is trying to acquire lock: [ 125.058805] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 125.058843] [ 125.058843] but task is already holding lock: [ 125.058846] ffff8880187eb820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 125.058874] [ 125.058874] which lock already depends on the new lock. [ 125.058874] [ 125.058878] [ 125.058878] the existing dependency chain (in reverse order) is: [ 125.058881] [ 125.058881] -> #3 (&ctx->lock){....}-{2:2}: [ 125.058895] _raw_spin_lock+0x2a/0x40 [ 125.058915] __perf_event_task_sched_out+0x53b/0x18d0 [ 125.058928] __schedule+0xedd/0x2470 [ 125.058941] schedule+0xda/0x1b0 [ 125.058954] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.058966] syscall_exit_to_user_mode+0x19/0x40 [ 125.058977] do_syscall_64+0x48/0x90 [ 125.058994] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.059013] [ 125.059013] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 125.059027] _raw_spin_lock_nested+0x30/0x40 [ 125.059046] raw_spin_rq_lock_nested+0x1e/0x30 [ 125.059060] task_fork_fair+0x63/0x4d0 [ 125.059077] sched_cgroup_fork+0x3d0/0x540 [ 125.059091] copy_process+0x4183/0x6e20 [ 125.059101] kernel_clone+0xe7/0x890 [ 125.059111] user_mode_thread+0xad/0xf0 [ 125.059121] rest_init+0x24/0x250 [ 125.059132] arch_call_rest_init+0xf/0x14 [ 125.059147] start_kernel+0x4c1/0x4e6 [ 125.059159] secondary_startup_64_no_verify+0xe0/0xeb [ 125.059174] [ 125.059174] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 125.059188] _raw_spin_lock_irqsave+0x39/0x60 [ 125.059205] try_to_wake_up+0xab/0x1930 [ 125.059218] up+0x75/0xb0 [ 125.059229] __up_console_sem+0x6e/0x80 [ 125.059246] console_unlock+0x46a/0x590 [ 125.059261] con_install+0x14e/0x5d0 [ 125.059273] tty_init_dev.part.0+0xa0/0x610 [ 125.059287] tty_open+0xbc0/0x1370 [ 125.059298] chrdev_open+0x268/0x6e0 [ 125.059313] do_dentry_open+0x6ca/0x12b0 [ 125.059327] path_openat+0x19e1/0x2800 [ 125.059339] do_filp_open+0x1b6/0x410 [ 125.059350] do_sys_openat2+0x171/0x4c0 [ 125.059365] __x64_sys_openat+0x13f/0x1f0 [ 125.059380] do_syscall_64+0x3b/0x90 [ 125.059395] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.059414] [ 125.059414] -> #0 ((console_sem).lock){....}-{2:2}: [ 125.059428] __lock_acquire+0x2a02/0x5e70 [ 125.059444] lock_acquire+0x1a2/0x530 [ 125.059460] _raw_spin_lock_irqsave+0x39/0x60 [ 125.059477] down_trylock+0xe/0x70 [ 125.059489] __down_trylock_console_sem+0x3b/0xd0 [ 125.059505] vprintk_emit+0x16b/0x560 [ 125.059522] vprintk+0x84/0xa0 [ 125.059537] _printk+0xba/0xf1 [ 125.059548] report_bug.cold+0x72/0xab [ 125.059563] handle_bug+0x3c/0x70 [ 125.059578] exc_invalid_op+0x14/0x50 [ 125.059593] asm_exc_invalid_op+0x16/0x20 [ 125.059604] group_sched_out.part.0+0x2c7/0x460 [ 125.059615] ctx_sched_out+0x8f1/0xc10 [ 125.059625] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.059637] __schedule+0xedd/0x2470 [ 125.059650] schedule+0xda/0x1b0 [ 125.059661] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.059672] syscall_exit_to_user_mode+0x19/0x40 [ 125.059683] do_syscall_64+0x48/0x90 [ 125.059698] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.059717] [ 125.059717] other info that might help us debug this: [ 125.059717] [ 125.059720] Chain exists of: [ 125.059720] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 125.059720] [ 125.059735] Possible unsafe locking scenario: [ 125.059735] [ 125.059737] CPU0 CPU1 [ 125.059739] ---- ---- [ 125.059742] lock(&ctx->lock); [ 125.059748] lock(&rq->__lock); [ 125.059754] lock(&ctx->lock); [ 125.059760] lock((console_sem).lock); [ 125.059766] [ 125.059766] *** DEADLOCK *** [ 125.059766] [ 125.059768] 2 locks held by syz-executor.4/3854: [ 125.059775] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 125.059803] #1: ffff8880187eb820 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 125.059830] [ 125.059830] stack backtrace: [ 125.059833] CPU: 0 PID: 3854 Comm: syz-executor.4 Not tainted 6.0.0-rc6-next-20220920 #1 [ 125.059846] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.059854] Call Trace: [ 125.059858] [ 125.059863] dump_stack_lvl+0x8b/0xb3 [ 125.059879] check_noncircular+0x263/0x2e0 [ 125.059896] ? format_decode+0x26c/0xb50 [ 125.059912] ? print_circular_bug+0x450/0x450 [ 125.059928] ? enable_ptr_key_workfn+0x20/0x20 [ 125.059943] ? perf_swevent_event+0x6c/0x550 [ 125.059962] ? format_decode+0x26c/0xb50 [ 125.059978] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 125.059995] __lock_acquire+0x2a02/0x5e70 [ 125.060017] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 125.060039] lock_acquire+0x1a2/0x530 [ 125.060055] ? down_trylock+0xe/0x70 [ 125.060070] ? lock_release+0x750/0x750 [ 125.060090] ? vprintk+0x84/0xa0 [ 125.060108] _raw_spin_lock_irqsave+0x39/0x60 [ 125.060125] ? down_trylock+0xe/0x70 [ 125.060139] down_trylock+0xe/0x70 [ 125.060152] ? vprintk+0x84/0xa0 [ 125.060168] __down_trylock_console_sem+0x3b/0xd0 [ 125.060185] vprintk_emit+0x16b/0x560 [ 125.060204] vprintk+0x84/0xa0 [ 125.060221] _printk+0xba/0xf1 [ 125.060231] ? record_print_text.cold+0x16/0x16 [ 125.060246] ? report_bug.cold+0x66/0xab [ 125.060262] ? group_sched_out.part.0+0x2c7/0x460 [ 125.060274] report_bug.cold+0x72/0xab [ 125.060291] handle_bug+0x3c/0x70 [ 125.060307] exc_invalid_op+0x14/0x50 [ 125.060323] asm_exc_invalid_op+0x16/0x20 [ 125.060334] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 125.060348] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 0b 13 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 125.060359] RSP: 0018:ffff88801db37c48 EFLAGS: 00010006 [ 125.060368] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.060376] RDX: ffff88803f039ac0 RSI: ffffffff815662c7 RDI: 0000000000000005 [ 125.060384] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 125.060392] R10: 0000000000000000 R11: ffffffff865ae01b R12: ffff8880187eb800 [ 125.060399] R13: ffff88806ce3d140 R14: ffffffff8547cec0 R15: 0000000000000002 [ 125.060410] ? group_sched_out.part.0+0x2c7/0x460 [ 125.060424] ? group_sched_out.part.0+0x2c7/0x460 [ 125.060437] ctx_sched_out+0x8f1/0xc10 [ 125.060450] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.060465] ? lock_is_held_type+0xd7/0x130 [ 125.060477] ? __perf_cgroup_move+0x160/0x160 [ 125.060489] ? set_next_entity+0x304/0x550 [ 125.060507] ? update_curr+0x267/0x740 [ 125.060525] ? lock_is_held_type+0xd7/0x130 [ 125.060537] __schedule+0xedd/0x2470 [ 125.060553] ? io_schedule_timeout+0x150/0x150 [ 125.060567] ? trace_rcu_dyntick+0x1a7/0x250 [ 125.060589] schedule+0xda/0x1b0 [ 125.060602] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.060614] syscall_exit_to_user_mode+0x19/0x40 [ 125.060626] do_syscall_64+0x48/0x90 [ 125.060642] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.060662] RIP: 0033:0x7f60688e6b19 [ 125.060670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.060681] RSP: 002b:00007f6065e5c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.060692] RAX: 0000000000000001 RBX: 00007f60689f9f68 RCX: 00007f60688e6b19 [ 125.060699] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f60689f9f6c [ 125.060707] RBP: 00007f60689f9f60 R08: 000000000000000e R09: 0000000000000000 [ 125.060714] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f60689f9f6c [ 125.060721] R13: 00007ffc3807351f R14: 00007f6065e5c300 R15: 0000000000022000 [ 125.060734] [ 125.118487] WARNING: CPU: 0 PID: 3854 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 125.119168] Modules linked in: [ 125.119410] CPU: 0 PID: 3854 Comm: syz-executor.4 Not tainted 6.0.0-rc6-next-20220920 #1 [ 125.120000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.120813] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 125.121214] Code: 5e 41 5f e9 9b b9 ef ff e8 96 b9 ef ff 65 8b 1d 0b 13 ac 7e 31 ff 89 de e8 36 b6 ef ff 85 db 0f 84 8a 00 00 00 e8 79 b9 ef ff <0f> 0b e9 a5 fe ff ff e8 6d b9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 125.122524] RSP: 0018:ffff88801db37c48 EFLAGS: 00010006 [ 125.122908] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.123432] RDX: ffff88803f039ac0 RSI: ffffffff815662c7 RDI: 0000000000000005 [ 125.123958] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 125.124479] R10: 0000000000000000 R11: ffffffff865ae01b R12: ffff8880187eb800 [ 125.124996] R13: ffff88806ce3d140 R14: ffffffff8547cec0 R15: 0000000000000002 [ 125.125518] FS: 00007f6065e5c700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 125.126109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.126542] CR2: 00007f9f8cdfb8e0 CR3: 0000000015844000 CR4: 0000000000350ef0 [ 125.127082] Call Trace: [ 125.127273] [ 125.127447] ctx_sched_out+0x8f1/0xc10 [ 125.127742] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.128123] ? lock_is_held_type+0xd7/0x130 [ 125.128445] ? __perf_cgroup_move+0x160/0x160 [ 125.128784] ? set_next_entity+0x304/0x550 [ 125.129106] ? update_curr+0x267/0x740 [ 125.129402] ? lock_is_held_type+0xd7/0x130 [ 125.129726] __schedule+0xedd/0x2470 [ 125.130011] ? io_schedule_timeout+0x150/0x150 [ 125.130363] ? trace_rcu_dyntick+0x1a7/0x250 [ 125.130705] schedule+0xda/0x1b0 [ 125.130964] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.131332] syscall_exit_to_user_mode+0x19/0x40 [ 125.131687] do_syscall_64+0x48/0x90 [ 125.131973] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.132363] RIP: 0033:0x7f60688e6b19 [ 125.132640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.133955] RSP: 002b:00007f6065e5c218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.134515] RAX: 0000000000000001 RBX: 00007f60689f9f68 RCX: 00007f60688e6b19 [ 125.135032] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f60689f9f6c [ 125.135540] RBP: 00007f60689f9f60 R08: 000000000000000e R09: 0000000000000000 [ 125.136055] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f60689f9f6c [ 125.136569] R13: 00007ffc3807351f R14: 00007f6065e5c300 R15: 0000000000022000 [ 125.137082] [ 125.137258] irq event stamp: 440 [ 125.137504] hardirqs last enabled at (439): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 125.138168] hardirqs last disabled at (440): [] __schedule+0x1225/0x2470 [ 125.138763] softirqs last enabled at (182): [] __irq_exit_rcu+0x11b/0x180 [ 125.139372] softirqs last disabled at (173): [] __irq_exit_rcu+0x11b/0x180 [ 125.139993] ---[ end trace 0000000000000000 ]--- 12:52:19 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() 12:52:19 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() 12:52:19 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() 12:52:19 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() 12:52:19 executing program 2: write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = dup(r0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c) connect$inet6(r1, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000002880), 0x4000101, 0x0) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000140)=0x3f, 0x4) [ 125.502790] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 125.503616] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 125.504113] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 125.504576] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 125.505116] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 2 [ 125.506516] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.506931] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.507532] Buffer I/O error on dev sr0, logical block 0, async page read [ 125.508223] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.508612] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.509306] Buffer I/O error on dev sr0, logical block 1, async page read [ 125.509952] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.510362] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.510954] Buffer I/O error on dev sr0, logical block 2, async page read [ 125.511745] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.512150] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.512747] Buffer I/O error on dev sr0, logical block 3, async page read [ 125.513426] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.513828] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.514455] Buffer I/O error on dev sr0, logical block 4, async page read [ 125.515236] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.515641] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.516264] Buffer I/O error on dev sr0, logical block 5, async page read [ 125.516955] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.517398] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.518032] Buffer I/O error on dev sr0, logical block 6, async page read [ 125.518721] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.519162] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.519780] Buffer I/O error on dev sr0, logical block 7, async page read [ 125.520564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.520971] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.521603] Buffer I/O error on dev sr0, logical block 0, async page read [ 125.522316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.522722] Buffer I/O error on dev sr0, logical block 1, async page read [ 125.523421] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.523977] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.524575] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.525182] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.525763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.526350] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.526986] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.527562] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.528308] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.528854] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.529457] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.530020] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.530633] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.531228] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.531860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.532457] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.533017] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.533592] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.534322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.535433] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.544194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.551256] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.551906] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.552510] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.553330] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.553884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.554441] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.555017] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.555690] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.556285] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 125.595052] hrtimer: interrupt took 16160 ns 12:52:19 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() 12:52:20 executing program 3: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x0) perf_event_open(&(0x7f00000015c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = dup(r0) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) gettid() [ 126.815598] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s [ 126.816922] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] [ 126.817869] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present [ 126.818793] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00 [ 126.824115] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 126.824942] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 126.825753] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 126.827409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 126.830181] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 126.830961] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 126.832184] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 126.833722] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 129.813747] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 129.817288] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 129.819885] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 129.822747] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 129.825194] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 129.826928] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 129.830166] Bluetooth: hci1: HCI_REQ-0x0c1a [ 131.849220] Bluetooth: hci1: command 0x0409 tx timeout [ 131.977079] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 133.897079] Bluetooth: hci1: command 0x041b tx timeout VM DIAGNOSIS: 12:52:19 Registers: info registers vcpu 0 RAX=000000000000003e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1551 RDI=ffffffff87643ba0 RBP=ffffffff87643b60 RSP=ffff88801db37698 R8 =0000000000000001 R9 =000000000000000a R10=000000000000003e R11=0000000000000001 R12=000000000000003e R13=ffffffff87643b60 R14=0000000000000010 R15=ffffffff822b1540 RIP=ffffffff822b15a9 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f6065e5c700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f9f8cdfb8e0 CR3=0000000015844000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f60689cd7c0 00007f60689cd7c8 YMM02=0000000000000000 0000000000000000 00007f60689cd7e0 00007f60689cd7c0 YMM03=0000000000000000 0000000000000000 00007f60689cd7c8 00007f60689cd7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000000 RDX=0000000000000002 RSI=ffffffff8410dd8c RDI=dffffc0000000000 RBP=0000000000000030 RSP=ffff88801ab3f5b0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffff88801ab3f93a R13=0000000000000005 R14=ffff88809ab3f932 R15=ffff88801ab3f93a RIP=ffffffff81461c40 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f11bfeca700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fba24392000 CR3=000000000ea3c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffff00ffffffffff ffffffffffff00ff YMM02=0000000000000000 0000000000000000 4c4700362e322e32 5f4342494c470035 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000470035 YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000