Warning: Permanently added '[localhost]:31852' (ECDSA) to the list of known hosts. 2022/09/23 13:10:58 fuzzer started 2022/09/23 13:10:58 dialing manager at localhost:38881 syzkaller login: [ 39.796930] cgroup: Unknown subsys name 'net' [ 39.926300] cgroup: Unknown subsys name 'rlimit' 2022/09/23 13:11:12 syscalls: 2215 2022/09/23 13:11:12 code coverage: enabled 2022/09/23 13:11:12 comparison tracing: enabled 2022/09/23 13:11:12 extra coverage: enabled 2022/09/23 13:11:12 setuid sandbox: enabled 2022/09/23 13:11:12 namespace sandbox: enabled 2022/09/23 13:11:12 Android sandbox: enabled 2022/09/23 13:11:12 fault injection: enabled 2022/09/23 13:11:12 leak checking: enabled 2022/09/23 13:11:12 net packet injection: enabled 2022/09/23 13:11:12 net device setup: enabled 2022/09/23 13:11:12 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/23 13:11:12 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/23 13:11:12 USB emulation: enabled 2022/09/23 13:11:12 hci packet injection: enabled 2022/09/23 13:11:12 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/23 13:11:12 802.15.4 emulation: enabled 2022/09/23 13:11:12 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/23 13:11:12 fetching corpus: 50, signal 30326/33764 (executing program) 2022/09/23 13:11:12 fetching corpus: 100, signal 40906/45723 (executing program) 2022/09/23 13:11:13 fetching corpus: 150, signal 52099/58063 (executing program) 2022/09/23 13:11:13 fetching corpus: 200, signal 59598/66721 (executing program) 2022/09/23 13:11:13 fetching corpus: 250, signal 64126/72406 (executing program) 2022/09/23 13:11:13 fetching corpus: 300, signal 70085/79314 (executing program) 2022/09/23 13:11:13 fetching corpus: 350, signal 75234/85335 (executing program) 2022/09/23 13:11:13 fetching corpus: 400, signal 79437/90438 (executing program) 2022/09/23 13:11:13 fetching corpus: 450, signal 84269/95995 (executing program) 2022/09/23 13:11:13 fetching corpus: 500, signal 87376/99949 (executing program) 2022/09/23 13:11:14 fetching corpus: 550, signal 92090/105256 (executing program) 2022/09/23 13:11:14 fetching corpus: 600, signal 94294/108301 (executing program) 2022/09/23 13:11:14 fetching corpus: 650, signal 97958/112530 (executing program) 2022/09/23 13:11:14 fetching corpus: 700, signal 100202/115508 (executing program) 2022/09/23 13:11:14 fetching corpus: 750, signal 102642/118556 (executing program) 2022/09/23 13:11:14 fetching corpus: 800, signal 104360/120995 (executing program) 2022/09/23 13:11:14 fetching corpus: 850, signal 106210/123518 (executing program) 2022/09/23 13:11:14 fetching corpus: 900, signal 108791/126582 (executing program) 2022/09/23 13:11:15 fetching corpus: 950, signal 111808/129876 (executing program) 2022/09/23 13:11:15 fetching corpus: 1000, signal 113188/131875 (executing program) 2022/09/23 13:11:15 fetching corpus: 1050, signal 114704/133967 (executing program) 2022/09/23 13:11:15 fetching corpus: 1100, signal 116698/136379 (executing program) 2022/09/23 13:11:15 fetching corpus: 1150, signal 118178/138380 (executing program) 2022/09/23 13:11:15 fetching corpus: 1200, signal 120167/140697 (executing program) 2022/09/23 13:11:15 fetching corpus: 1250, signal 121373/142427 (executing program) 2022/09/23 13:11:15 fetching corpus: 1300, signal 123023/144476 (executing program) 2022/09/23 13:11:16 fetching corpus: 1350, signal 125028/146721 (executing program) 2022/09/23 13:11:16 fetching corpus: 1400, signal 127827/149531 (executing program) 2022/09/23 13:11:16 fetching corpus: 1450, signal 128845/151020 (executing program) 2022/09/23 13:11:16 fetching corpus: 1500, signal 131108/153364 (executing program) 2022/09/23 13:11:16 fetching corpus: 1550, signal 132665/155182 (executing program) 2022/09/23 13:11:16 fetching corpus: 1600, signal 134095/156939 (executing program) 2022/09/23 13:11:16 fetching corpus: 1650, signal 136121/159000 (executing program) 2022/09/23 13:11:17 fetching corpus: 1700, signal 137685/160647 (executing program) 2022/09/23 13:11:17 fetching corpus: 1750, signal 138596/161869 (executing program) 2022/09/23 13:11:17 fetching corpus: 1800, signal 140457/163749 (executing program) 2022/09/23 13:11:17 fetching corpus: 1850, signal 141993/165336 (executing program) 2022/09/23 13:11:17 fetching corpus: 1900, signal 142773/166463 (executing program) 2022/09/23 13:11:17 fetching corpus: 1950, signal 143534/167524 (executing program) 2022/09/23 13:11:17 fetching corpus: 2000, signal 144242/168524 (executing program) 2022/09/23 13:11:17 fetching corpus: 2050, signal 145200/169654 (executing program) 2022/09/23 13:11:18 fetching corpus: 2100, signal 146244/170824 (executing program) 2022/09/23 13:11:18 fetching corpus: 2150, signal 147492/172068 (executing program) 2022/09/23 13:11:18 fetching corpus: 2200, signal 148613/173252 (executing program) 2022/09/23 13:11:18 fetching corpus: 2250, signal 149793/174433 (executing program) 2022/09/23 13:11:18 fetching corpus: 2300, signal 150336/175275 (executing program) 2022/09/23 13:11:18 fetching corpus: 2350, signal 151545/176480 (executing program) 2022/09/23 13:11:18 fetching corpus: 2400, signal 152452/177422 (executing program) 2022/09/23 13:11:18 fetching corpus: 2450, signal 153447/178428 (executing program) 2022/09/23 13:11:18 fetching corpus: 2500, signal 154189/179325 (executing program) 2022/09/23 13:11:18 fetching corpus: 2550, signal 155398/180397 (executing program) 2022/09/23 13:11:19 fetching corpus: 2600, signal 156140/181223 (executing program) 2022/09/23 13:11:19 fetching corpus: 2650, signal 158669/182825 (executing program) 2022/09/23 13:11:19 fetching corpus: 2700, signal 159552/183720 (executing program) 2022/09/23 13:11:19 fetching corpus: 2750, signal 161059/184818 (executing program) 2022/09/23 13:11:19 fetching corpus: 2800, signal 162024/185723 (executing program) 2022/09/23 13:11:19 fetching corpus: 2850, signal 163579/186954 (executing program) 2022/09/23 13:11:19 fetching corpus: 2900, signal 165172/188024 (executing program) 2022/09/23 13:11:20 fetching corpus: 2950, signal 167626/189406 (executing program) 2022/09/23 13:11:20 fetching corpus: 3000, signal 168355/190046 (executing program) 2022/09/23 13:11:20 fetching corpus: 3050, signal 169175/190729 (executing program) 2022/09/23 13:11:20 fetching corpus: 3100, signal 170166/191429 (executing program) 2022/09/23 13:11:20 fetching corpus: 3150, signal 171195/192127 (executing program) 2022/09/23 13:11:20 fetching corpus: 3200, signal 171712/192627 (executing program) 2022/09/23 13:11:21 fetching corpus: 3250, signal 172836/193346 (executing program) 2022/09/23 13:11:21 fetching corpus: 3300, signal 174070/194104 (executing program) 2022/09/23 13:11:21 fetching corpus: 3350, signal 174776/194619 (executing program) 2022/09/23 13:11:21 fetching corpus: 3400, signal 176052/195358 (executing program) 2022/09/23 13:11:21 fetching corpus: 3450, signal 177672/196080 (executing program) 2022/09/23 13:11:21 fetching corpus: 3500, signal 178434/196595 (executing program) 2022/09/23 13:11:21 fetching corpus: 3550, signal 179358/197085 (executing program) 2022/09/23 13:11:21 fetching corpus: 3600, signal 180259/197607 (executing program) 2022/09/23 13:11:22 fetching corpus: 3650, signal 181068/198060 (executing program) 2022/09/23 13:11:22 fetching corpus: 3700, signal 181845/198539 (executing program) 2022/09/23 13:11:22 fetching corpus: 3750, signal 182358/198942 (executing program) 2022/09/23 13:11:22 fetching corpus: 3800, signal 183214/199369 (executing program) 2022/09/23 13:11:22 fetching corpus: 3850, signal 183995/199772 (executing program) 2022/09/23 13:11:22 fetching corpus: 3900, signal 184680/200118 (executing program) 2022/09/23 13:11:22 fetching corpus: 3950, signal 185214/200417 (executing program) 2022/09/23 13:11:22 fetching corpus: 4000, signal 186091/200759 (executing program) 2022/09/23 13:11:22 fetching corpus: 4050, signal 186534/201030 (executing program) 2022/09/23 13:11:23 fetching corpus: 4100, signal 187366/201306 (executing program) 2022/09/23 13:11:23 fetching corpus: 4150, signal 187959/201583 (executing program) 2022/09/23 13:11:23 fetching corpus: 4200, signal 188621/201851 (executing program) 2022/09/23 13:11:23 fetching corpus: 4250, signal 189115/202113 (executing program) 2022/09/23 13:11:23 fetching corpus: 4300, signal 190030/202440 (executing program) 2022/09/23 13:11:23 fetching corpus: 4350, signal 190733/202660 (executing program) 2022/09/23 13:11:23 fetching corpus: 4400, signal 191275/202858 (executing program) 2022/09/23 13:11:23 fetching corpus: 4450, signal 191840/203070 (executing program) 2022/09/23 13:11:24 fetching corpus: 4500, signal 192368/203317 (executing program) 2022/09/23 13:11:24 fetching corpus: 4550, signal 193639/203552 (executing program) 2022/09/23 13:11:24 fetching corpus: 4600, signal 194495/203783 (executing program) 2022/09/23 13:11:24 fetching corpus: 4650, signal 194842/203918 (executing program) 2022/09/23 13:11:24 fetching corpus: 4700, signal 195570/204064 (executing program) 2022/09/23 13:11:24 fetching corpus: 4750, signal 196217/204177 (executing program) 2022/09/23 13:11:24 fetching corpus: 4800, signal 196566/204272 (executing program) 2022/09/23 13:11:24 fetching corpus: 4850, signal 197382/204372 (executing program) 2022/09/23 13:11:25 fetching corpus: 4900, signal 198421/204453 (executing program) 2022/09/23 13:11:25 fetching corpus: 4921, signal 198844/204512 (executing program) 2022/09/23 13:11:25 fetching corpus: 4921, signal 198844/204512 (executing program) 2022/09/23 13:11:27 starting 8 fuzzer processes 13:11:27 executing program 0: syz_open_dev$hiddev(&(0x7f00000001c0), 0x0, 0x200800) 13:11:27 executing program 1: r0 = syz_io_uring_setup(0xfa7, &(0x7f0000000080), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_RECVMSG={0xa, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000740)={&(0x7f0000000180)=@ax25={{0x3, @rose}, [@netrom, @remote, @default, @rose, @bcast, @default, @rose, @null]}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000200)=""/12, 0xc}, {&(0x7f0000000280)=""/53, 0x35}, {&(0x7f0000000300)=""/78, 0x4e}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000480)=""/4, 0x4}, {&(0x7f00000004c0)}, {&(0x7f0000000500)=""/209, 0xd1}], 0x100000000000027f, &(0x7f0000000680)=""/165, 0xb5}}, 0x0) io_uring_enter(r0, 0x100001, 0x0, 0x0, 0x0, 0x0) 13:11:27 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x2400) 13:11:27 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x10, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x3c}}}, 0xe8) sendmmsg$inet6(r0, &(0x7f00000015c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @dev}, 0x1c, 0x0}}], 0x2, 0x0) [ 68.085599] audit: type=1400 audit(1663938687.290:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:11:27 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="001100000000000000010007"], 0x90) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0) 13:11:27 executing program 4: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fed000/0x13000)=nil, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000040)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) finit_module(r0, &(0x7f0000000140)='/dev/loop-control\x00', 0x3) r2 = openat2(r1, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0xb) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000440), 0x20001, 0x0) ioctl$SNAPSHOT_FREE(r3, 0x3305) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) mremap(&(0x7f0000fee000/0x3000)=nil, 0x3000, 0x4000, 0x4, &(0x7f0000ffa000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x54000000, &(0x7f0000ff5000/0x2000)=nil) 13:11:27 executing program 6: openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc042, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2, 0x0) pwrite64(r0, &(0x7f00000000c0)='9', 0x1, 0x8040000) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendfile(r2, r1, 0x0, 0xffff) 13:11:27 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) [ 69.405042] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.406928] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.409050] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.411416] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.413123] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.414409] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.415760] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.417762] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.420892] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.422696] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.425389] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.443798] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.445619] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 69.450385] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.451562] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 69.452755] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.454038] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.457895] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 69.459676] Bluetooth: hci2: HCI_REQ-0x0c1a [ 69.461858] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.461891] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.471764] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.475650] Bluetooth: hci1: HCI_REQ-0x0c1a [ 69.479905] Bluetooth: hci0: HCI_REQ-0x0c1a [ 69.484699] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 69.488770] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.490353] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 69.492608] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 69.494209] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 69.506827] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 69.508830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 69.510388] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 69.511511] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 69.512833] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 69.514096] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 69.518949] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 69.520104] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 69.526187] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 69.527425] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 69.529071] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 69.530276] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 69.535348] Bluetooth: hci5: HCI_REQ-0x0c1a [ 69.544388] Bluetooth: hci4: HCI_REQ-0x0c1a [ 69.544568] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 69.546752] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.552895] Bluetooth: hci6: HCI_REQ-0x0c1a [ 69.567801] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 69.570432] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.581858] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 69.584317] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 69.605792] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 69.619902] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.624823] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 69.626193] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.627719] Bluetooth: hci7: HCI_REQ-0x0c1a [ 69.666885] Bluetooth: hci3: HCI_REQ-0x0c1a [ 71.475827] Bluetooth: hci2: command 0x0409 tx timeout [ 71.539604] Bluetooth: hci0: command 0x0409 tx timeout [ 71.539631] Bluetooth: hci1: command 0x0409 tx timeout [ 71.603632] Bluetooth: hci6: command 0x0409 tx timeout [ 71.605900] Bluetooth: hci4: command 0x0409 tx timeout [ 71.605942] Bluetooth: hci5: command 0x0409 tx timeout [ 71.667586] Bluetooth: hci7: command 0x0409 tx timeout [ 71.731562] Bluetooth: hci3: command 0x0409 tx timeout [ 73.524599] Bluetooth: hci2: command 0x041b tx timeout [ 73.587802] Bluetooth: hci1: command 0x041b tx timeout [ 73.588572] Bluetooth: hci0: command 0x041b tx timeout [ 73.651609] Bluetooth: hci5: command 0x041b tx timeout [ 73.653533] Bluetooth: hci4: command 0x041b tx timeout [ 73.653697] Bluetooth: hci6: command 0x041b tx timeout [ 73.715604] Bluetooth: hci7: command 0x041b tx timeout [ 73.779559] Bluetooth: hci3: command 0x041b tx timeout [ 75.571822] Bluetooth: hci2: command 0x040f tx timeout [ 75.635678] Bluetooth: hci1: command 0x040f tx timeout [ 75.636551] Bluetooth: hci0: command 0x040f tx timeout [ 75.699766] Bluetooth: hci6: command 0x040f tx timeout [ 75.700589] Bluetooth: hci4: command 0x040f tx timeout [ 75.700610] Bluetooth: hci5: command 0x040f tx timeout [ 75.763559] Bluetooth: hci7: command 0x040f tx timeout [ 75.827631] Bluetooth: hci3: command 0x040f tx timeout [ 77.619583] Bluetooth: hci2: command 0x0419 tx timeout [ 77.683656] Bluetooth: hci0: command 0x0419 tx timeout [ 77.684130] Bluetooth: hci1: command 0x0419 tx timeout [ 77.747589] Bluetooth: hci4: command 0x0419 tx timeout [ 77.748048] Bluetooth: hci6: command 0x0419 tx timeout [ 77.749669] Bluetooth: hci5: command 0x0419 tx timeout [ 77.812535] Bluetooth: hci7: command 0x0419 tx timeout [ 77.876551] Bluetooth: hci3: command 0x0419 tx timeout [ 122.764150] audit: type=1400 audit(1663938741.968:7): avc: denied { open } for pid=3718 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.765714] audit: type=1400 audit(1663938741.970:8): avc: denied { kernel } for pid=3718 comm="syz-executor.7" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 122.778926] ------------[ cut here ]------------ [ 122.778946] [ 122.778949] ====================================================== [ 122.778952] WARNING: possible circular locking dependency detected [ 122.778956] 6.0.0-rc6-next-20220923 #1 Not tainted [ 122.778962] ------------------------------------------------------ [ 122.778965] syz-executor.7/3721 is trying to acquire lock: [ 122.778971] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 122.779009] [ 122.779009] but task is already holding lock: [ 122.779012] ffff88800f55d020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 122.779039] [ 122.779039] which lock already depends on the new lock. [ 122.779039] [ 122.779042] [ 122.779042] the existing dependency chain (in reverse order) is: [ 122.779045] [ 122.779045] -> #3 (&ctx->lock){....}-{2:2}: [ 122.779058] _raw_spin_lock+0x2a/0x40 [ 122.779077] __perf_event_task_sched_out+0x53b/0x18d0 [ 122.779089] __schedule+0xedd/0x2470 [ 122.779102] schedule+0xda/0x1b0 [ 122.779114] futex_wait_queue+0xf5/0x1e0 [ 122.779126] futex_wait+0x28e/0x690 [ 122.779136] do_futex+0x2ff/0x380 [ 122.779145] __x64_sys_futex+0x1c6/0x4d0 [ 122.779155] do_syscall_64+0x3b/0x90 [ 122.779171] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.779183] [ 122.779183] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 122.779196] _raw_spin_lock_nested+0x30/0x40 [ 122.779214] raw_spin_rq_lock_nested+0x1e/0x30 [ 122.779226] task_fork_fair+0x63/0x4d0 [ 122.779242] sched_cgroup_fork+0x3d0/0x540 [ 122.779256] copy_process+0x4183/0x6e20 [ 122.779266] kernel_clone+0xe7/0x890 [ 122.779275] user_mode_thread+0xad/0xf0 [ 122.779285] rest_init+0x24/0x250 [ 122.779296] arch_call_rest_init+0xf/0x14 [ 122.779313] start_kernel+0x4c1/0x4e6 [ 122.779328] secondary_startup_64_no_verify+0xe0/0xeb [ 122.779342] [ 122.779342] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 122.779355] _raw_spin_lock_irqsave+0x39/0x60 [ 122.779373] try_to_wake_up+0xab/0x1930 [ 122.779386] up+0x75/0xb0 [ 122.779399] __up_console_sem+0x6e/0x80 [ 122.779415] console_unlock+0x46a/0x590 [ 122.779430] do_con_write+0xc05/0x1d50 [ 122.779442] con_write+0x21/0x40 [ 122.779452] n_tty_write+0x4d4/0xfe0 [ 122.779468] file_tty_write.constprop.0+0x49c/0x8f0 [ 122.779481] vfs_write+0x9c3/0xd90 [ 122.779498] ksys_write+0x127/0x250 [ 122.779515] do_syscall_64+0x3b/0x90 [ 122.779531] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.779543] [ 122.779543] -> #0 ((console_sem).lock){....}-{2:2}: [ 122.779556] __lock_acquire+0x2a02/0x5e70 [ 122.779573] lock_acquire+0x1a2/0x530 [ 122.779588] _raw_spin_lock_irqsave+0x39/0x60 [ 122.779606] down_trylock+0xe/0x70 [ 122.779620] __down_trylock_console_sem+0x3b/0xd0 [ 122.779636] vprintk_emit+0x16b/0x560 [ 122.779651] vprintk+0x84/0xa0 [ 122.779667] _printk+0xba/0xf1 [ 122.779677] report_bug.cold+0x72/0xab [ 122.779693] handle_bug+0x3c/0x70 [ 122.779708] exc_invalid_op+0x14/0x50 [ 122.779724] asm_exc_invalid_op+0x16/0x20 [ 122.779736] group_sched_out.part.0+0x2c7/0x460 [ 122.779746] ctx_sched_out+0x8f1/0xc10 [ 122.779756] __perf_event_task_sched_out+0x6d0/0x18d0 [ 122.779768] __schedule+0xedd/0x2470 [ 122.779781] schedule+0xda/0x1b0 [ 122.779794] futex_wait_queue+0xf5/0x1e0 [ 122.779804] futex_wait+0x28e/0x690 [ 122.779814] do_futex+0x2ff/0x380 [ 122.779823] __x64_sys_futex+0x1c6/0x4d0 [ 122.779832] do_syscall_64+0x3b/0x90 [ 122.779848] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.779861] [ 122.779861] other info that might help us debug this: [ 122.779861] [ 122.779863] Chain exists of: [ 122.779863] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 122.779863] [ 122.779878] Possible unsafe locking scenario: [ 122.779878] [ 122.779880] CPU0 CPU1 [ 122.779882] ---- ---- [ 122.779884] lock(&ctx->lock); [ 122.779890] lock(&rq->__lock); [ 122.779896] lock(&ctx->lock); [ 122.779902] lock((console_sem).lock); [ 122.779908] [ 122.779908] *** DEADLOCK *** [ 122.779908] [ 122.779909] 2 locks held by syz-executor.7/3721: [ 122.779916] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 122.779944] #1: ffff88800f55d020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 122.779972] [ 122.779972] stack backtrace: [ 122.779974] CPU: 0 PID: 3721 Comm: syz-executor.7 Not tainted 6.0.0-rc6-next-20220923 #1 [ 122.779986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 122.779995] Call Trace: [ 122.779998] [ 122.780002] dump_stack_lvl+0x8b/0xb3 [ 122.780019] check_noncircular+0x263/0x2e0 [ 122.780036] ? format_decode+0x26c/0xb50 [ 122.780074] ? print_circular_bug+0x450/0x450 [ 122.780090] ? enable_ptr_key_workfn+0x20/0x20 [ 122.780106] ? format_decode+0x26c/0xb50 [ 122.780123] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 122.780140] __lock_acquire+0x2a02/0x5e70 [ 122.780162] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 122.780184] lock_acquire+0x1a2/0x530 [ 122.780200] ? down_trylock+0xe/0x70 [ 122.780216] ? lock_release+0x750/0x750 [ 122.780236] ? vprintk+0x84/0xa0 [ 122.780253] _raw_spin_lock_irqsave+0x39/0x60 [ 122.780272] ? down_trylock+0xe/0x70 [ 122.780288] down_trylock+0xe/0x70 [ 122.780303] ? vprintk+0x84/0xa0 [ 122.780319] __down_trylock_console_sem+0x3b/0xd0 [ 122.780336] vprintk_emit+0x16b/0x560 [ 122.780354] vprintk+0x84/0xa0 [ 122.780371] _printk+0xba/0xf1 [ 122.780382] ? record_print_text.cold+0x16/0x16 [ 122.780398] ? report_bug.cold+0x66/0xab [ 122.780415] ? group_sched_out.part.0+0x2c7/0x460 [ 122.780426] report_bug.cold+0x72/0xab [ 122.780444] handle_bug+0x3c/0x70 [ 122.780461] exc_invalid_op+0x14/0x50 [ 122.780479] asm_exc_invalid_op+0x16/0x20 [ 122.780490] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 122.780504] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 122.780515] RSP: 0018:ffff88801de5f8f8 EFLAGS: 00010006 [ 122.780524] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.780532] RDX: ffff88801d168000 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 122.780539] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 122.780546] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88800f55d000 [ 122.780554] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 122.780565] ? group_sched_out.part.0+0x2c7/0x460 [ 122.780578] ? group_sched_out.part.0+0x2c7/0x460 [ 122.780591] ctx_sched_out+0x8f1/0xc10 [ 122.780603] __perf_event_task_sched_out+0x6d0/0x18d0 [ 122.780619] ? lock_is_held_type+0xd7/0x130 [ 122.780632] ? __perf_cgroup_move+0x160/0x160 [ 122.780644] ? set_next_entity+0x304/0x550 [ 122.780663] ? lock_is_held_type+0xd7/0x130 [ 122.780676] __schedule+0xedd/0x2470 [ 122.780692] ? io_schedule_timeout+0x150/0x150 [ 122.780707] ? futex_wait_setup+0x166/0x230 [ 122.780721] schedule+0xda/0x1b0 [ 122.780736] futex_wait_queue+0xf5/0x1e0 [ 122.780748] futex_wait+0x28e/0x690 [ 122.780760] ? futex_wait_setup+0x230/0x230 [ 122.780773] ? wake_up_q+0x8b/0xf0 [ 122.780786] ? do_raw_spin_unlock+0x4f/0x220 [ 122.780804] ? futex_wake+0x158/0x490 [ 122.780820] ? fd_install+0x1f9/0x640 [ 122.780836] do_futex+0x2ff/0x380 [ 122.780847] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 122.780863] __x64_sys_futex+0x1c6/0x4d0 [ 122.780875] ? __x64_sys_futex_time32+0x480/0x480 [ 122.780888] ? syscall_enter_from_user_mode+0x1d/0x50 [ 122.780901] ? syscall_enter_from_user_mode+0x1d/0x50 [ 122.780916] do_syscall_64+0x3b/0x90 [ 122.780933] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.780945] RIP: 0033:0x7f7ebff54b19 [ 122.780954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.780964] RSP: 002b:00007f7ebd4ca218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.780975] RAX: ffffffffffffffda RBX: 00007f7ec0067f68 RCX: 00007f7ebff54b19 [ 122.780983] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7ec0067f68 [ 122.780990] RBP: 00007f7ec0067f60 R08: 0000000000000000 R09: 0000000000000000 [ 122.780997] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7ec0067f6c [ 122.781004] R13: 00007fff9be763cf R14: 00007f7ebd4ca300 R15: 0000000000022000 [ 122.781017] [ 122.837627] WARNING: CPU: 0 PID: 3721 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 122.838223] Modules linked in: [ 122.838442] CPU: 0 PID: 3721 Comm: syz-executor.7 Not tainted 6.0.0-rc6-next-20220923 #1 [ 122.838963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 122.839690] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 122.840047] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 122.841235] RSP: 0018:ffff88801de5f8f8 EFLAGS: 00010006 [ 122.841583] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 122.842047] RDX: ffff88801d168000 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 122.842512] RBP: ffff8880086685c8 R08: 0000000000000005 R09: 0000000000000001 [ 122.842977] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88800f55d000 [ 122.843443] R13: ffff88806ce3d140 R14: ffffffff8547d040 R15: 0000000000000002 [ 122.843912] FS: 00007f7ebd4ca700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 122.844444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.844829] CR2: 00007f1f5b17a8e0 CR3: 000000004029a000 CR4: 0000000000350ef0 [ 122.845293] Call Trace: [ 122.845465] [ 122.845622] ctx_sched_out+0x8f1/0xc10 [ 122.845888] __perf_event_task_sched_out+0x6d0/0x18d0 [ 122.846238] ? lock_is_held_type+0xd7/0x130 [ 122.846526] ? __perf_cgroup_move+0x160/0x160 [ 122.846829] ? set_next_entity+0x304/0x550 [ 122.847122] ? lock_is_held_type+0xd7/0x130 [ 122.847412] __schedule+0xedd/0x2470 [ 122.847673] ? io_schedule_timeout+0x150/0x150 [ 122.847987] ? futex_wait_setup+0x166/0x230 [ 122.848289] schedule+0xda/0x1b0 [ 122.848524] futex_wait_queue+0xf5/0x1e0 [ 122.848801] futex_wait+0x28e/0x690 [ 122.849050] ? futex_wait_setup+0x230/0x230 [ 122.849342] ? wake_up_q+0x8b/0xf0 [ 122.849590] ? do_raw_spin_unlock+0x4f/0x220 [ 122.849895] ? futex_wake+0x158/0x490 [ 122.850159] ? fd_install+0x1f9/0x640 [ 122.850421] do_futex+0x2ff/0x380 [ 122.850658] ? __ia32_compat_sys_get_robust_list+0x3b0/0x3b0 [ 122.851043] __x64_sys_futex+0x1c6/0x4d0 [ 122.851317] ? __x64_sys_futex_time32+0x480/0x480 [ 122.851638] ? syscall_enter_from_user_mode+0x1d/0x50 [ 122.851981] ? syscall_enter_from_user_mode+0x1d/0x50 [ 122.852334] do_syscall_64+0x3b/0x90 [ 122.852591] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 122.852933] RIP: 0033:0x7f7ebff54b19 [ 122.853184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 122.854360] RSP: 002b:00007f7ebd4ca218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 122.854855] RAX: ffffffffffffffda RBX: 00007f7ec0067f68 RCX: 00007f7ebff54b19 [ 122.855320] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7ec0067f68 [ 122.855784] RBP: 00007f7ec0067f60 R08: 0000000000000000 R09: 0000000000000000 [ 122.856264] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7ec0067f6c [ 122.856735] R13: 00007fff9be763cf R14: 00007f7ebd4ca300 R15: 0000000000022000 [ 122.857203] [ 122.857364] irq event stamp: 750 [ 122.857589] hardirqs last enabled at (749): [] syscall_enter_from_user_mode+0x1d/0x50 [ 122.858197] hardirqs last disabled at (750): [] __schedule+0x1225/0x2470 [ 122.858739] softirqs last enabled at (480): [] __irq_exit_rcu+0x11b/0x180 [ 122.859294] softirqs last disabled at (379): [] __irq_exit_rcu+0x11b/0x180 [ 122.859851] ---[ end trace 0000000000000000 ]--- 13:12:22 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) 13:12:22 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) 13:12:22 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) 13:12:22 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) 13:12:23 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) 13:12:23 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) 13:12:23 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) 13:12:23 executing program 7: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2006, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000040)={r0, 0xb58a, 0x100000001, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) socket$unix(0x1, 0x5, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) openat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x400000, 0x102) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x181c00, 0x0) memfd_create(&(0x7f0000000200)='-%@,/.(\x00', 0x6) ftruncate(r0, 0x1) [ 125.159815] random: crng reseeded on system resumption [ 125.182486] Restarting kernel threads ... done. [ 125.220161] random: crng reseeded on system resumption [ 125.446282] BUG: unable to handle page fault for address: ffffebde00000848 [ 125.446888] #PF: supervisor read access in kernel mode [ 125.447274] #PF: error_code(0x0000) - not-present page [ 125.447653] PGD 0 P4D 0 [ 125.447861] Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 125.448244] CPU: 0 PID: 3966 Comm: syz-executor.1 Tainted: G W 6.0.0-rc6-next-20220923 #1 [ 125.448932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.449753] RIP: 0010:kfree+0x5d/0x190 [ 125.450051] Code: 80 48 01 e8 0f 82 39 01 00 00 48 c7 c2 00 00 00 80 48 2b 15 05 3f b0 03 48 01 d0 48 c1 e8 0c 48 c1 e0 06 48 03 05 e3 3e b0 03 <48> 8b 50 08 48 89 c7 f6 c2 01 0f 85 f7 00 00 00 66 90 48 8b 07 f6 [ 125.451395] RSP: 0018:ffff8880409a7be8 EFLAGS: 00010282 [ 125.451790] RAX: ffffebde00000840 RBX: ffff88800d0f78c0 RCX: ffffc900025e2000 [ 125.452321] RDX: 0000777f80000000 RSI: ffffffff8204e598 RDI: 0000000000021000 [ 125.452848] RBP: 0000000000021000 R08: 0000000000000005 R09: 0000000000000000 [ 125.453368] R10: 0000000000200000 R11: 0000000000000001 R12: ffff88800d0f7904 [ 125.453888] R13: ffff88800d0f7910 R14: 00000000ffffffa6 R15: ffff88800a11f880 [ 125.454414] FS: 00007f16123d2700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 125.455007] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.455440] CR2: ffffebde00000848 CR3: 000000000dd62000 CR4: 0000000000350ef0 [ 125.455967] Call Trace: [ 125.456165] [ 125.456338] io_sendrecv_fail+0x2a8/0x3e0 [ 125.456651] ? io_sendmsg_zc+0xb70/0xb70 [ 125.456956] io_req_complete_failed+0x167/0x1d0 [ 125.457313] io_queue_sqe_fallback+0x155/0x190 [ 125.457662] io_submit_sqes+0x17a3/0x1c40 [ 125.457979] __do_sys_io_uring_enter+0xac3/0x22b0 [ 125.458349] ? rcu_read_lock_sched_held+0xd/0x80 [ 125.458711] ? lock_release+0x547/0x750 [ 125.459017] ? io_submit_sqes+0x1c40/0x1c40 [ 125.459337] ? lock_downgrade+0x6d0/0x6d0 [ 125.459653] ? rwlock_bug.part.0+0x90/0x90 [ 125.459976] ? trace_hardirqs_on+0x2d/0x110 [ 125.460314] ? rcu_read_lock_sched_held+0xd/0x80 [ 125.460678] ? kfree+0x110/0x190 [ 125.460939] ? fpregs_assert_state_consistent+0xbc/0xe0 [ 125.461338] do_syscall_64+0x3b/0x90 [ 125.461630] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.462014] RIP: 0033:0x7f1614e7db19 [ 125.462295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.463615] RSP: 002b:00007f16123d2188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 125.464174] RAX: ffffffffffffffda RBX: 00007f1614f91020 RCX: 00007f1614e7db19 [ 125.464698] RDX: 0000000000000000 RSI: 0000000000100001 RDI: 0000000000000003 [ 125.465230] RBP: 00007f1614ed7f6d R08: 0000000000000000 R09: 0000000000000000 [ 125.465747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.466271] R13: 00007ffe39e688af R14: 00007f16123d2300 R15: 0000000000022000 [ 125.466806] [ 125.466986] Modules linked in: [ 125.467227] CR2: ffffebde00000848 [ 125.467487] ---[ end trace 0000000000000000 ]--- [ 125.467827] RIP: 0010:kfree+0x5d/0x190 [ 125.468135] Code: 80 48 01 e8 0f 82 39 01 00 00 48 c7 c2 00 00 00 80 48 2b 15 05 3f b0 03 48 01 d0 48 c1 e8 0c 48 c1 e0 06 48 03 05 e3 3e b0 03 <48> 8b 50 08 48 89 c7 f6 c2 01 0f 85 f7 00 00 00 66 90 48 8b 07 f6 [ 125.469462] RSP: 0018:ffff8880409a7be8 EFLAGS: 00010282 [ 125.469861] RAX: ffffebde00000840 RBX: ffff88800d0f78c0 RCX: ffffc900025e2000 [ 125.470385] RDX: 0000777f80000000 RSI: ffffffff8204e598 RDI: 0000000000021000 [ 125.470902] RBP: 0000000000021000 R08: 0000000000000005 R09: 0000000000000000 [ 125.471419] R10: 0000000000200000 R11: 0000000000000001 R12: ffff88800d0f7904 [ 125.471942] R13: ffff88800d0f7910 R14: 00000000ffffffa6 R15: ffff88800a11f880 [ 125.472463] FS: 00007f16123d2700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 125.473046] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.473471] CR2: ffffebde00000848 CR3: 000000000dd62000 CR4: 0000000000350ef0 VM DIAGNOSIS: 13:12:22 Registers: info registers vcpu 0 RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88801de5f348 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000069 R11=0000000000000001 R12=0000000000000069 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f7ebd4ca700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f1f5b17a8e0 CR3=000000004029a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f7ec003b7c0 00007f7ec003b7c8 YMM02=0000000000000000 0000000000000000 00007f7ec003b7e0 00007f7ec003b7c0 YMM03=0000000000000000 0000000000000000 00007f7ec003b7c8 00007f7ec003b7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffff88806ce3eee0 RCX=0000000000000000 RDX=ffff88803f481ac0 RSI=ffffffff813bbc04 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888019fb7948 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffed100d9c7ddd R13=0000000000000001 R14=ffff88806ce3eee8 R15=dffffc0000000000 RIP=ffffffff813bbc06 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 00000000 00000000 DS =0000 0000000000000000 00000000 00000000 FS =0000 0000555557419400 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f7ec006155c CR3=000000004029a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f7ec003b7c0 00007f7ec003b7c8 YMM02=0000000000000000 0000000000000000 00007f7ec003b7e0 00007f7ec003b7c0 YMM03=0000000000000000 0000000000000000 00007f7ec003b7c8 00007f7ec003b7c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000