Debian GNU/Linux 11 syzkaller ttyS0 Warning: Permanently added '[localhost]:53309' (ECDSA) to the list of known hosts. 2022/09/23 13:27:07 fuzzer started 2022/09/23 13:27:07 dialing manager at localhost:38881 syzkaller login: [ 37.953664] cgroup: Unknown subsys name 'net' [ 38.056604] cgroup: Unknown subsys name 'rlimit' 2022/09/23 13:27:22 syscalls: 2215 2022/09/23 13:27:22 code coverage: enabled 2022/09/23 13:27:22 comparison tracing: enabled 2022/09/23 13:27:22 extra coverage: enabled 2022/09/23 13:27:22 setuid sandbox: enabled 2022/09/23 13:27:22 namespace sandbox: enabled 2022/09/23 13:27:22 Android sandbox: enabled 2022/09/23 13:27:22 fault injection: enabled 2022/09/23 13:27:22 leak checking: enabled 2022/09/23 13:27:22 net packet injection: enabled 2022/09/23 13:27:22 net device setup: enabled 2022/09/23 13:27:22 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/23 13:27:22 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/23 13:27:22 USB emulation: enabled 2022/09/23 13:27:22 hci packet injection: enabled 2022/09/23 13:27:22 wifi device emulation: failed to parse kernel version (6.0.0-rc6-next-20220923) 2022/09/23 13:27:22 802.15.4 emulation: enabled 2022/09/23 13:27:22 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/23 13:27:22 fetching corpus: 42, signal 21991/25563 (executing program) 2022/09/23 13:27:22 fetching corpus: 92, signal 37869/42861 (executing program) 2022/09/23 13:27:22 fetching corpus: 142, signal 52154/58231 (executing program) 2022/09/23 13:27:23 fetching corpus: 192, signal 59560/66805 (executing program) 2022/09/23 13:27:23 fetching corpus: 242, signal 68043/76209 (executing program) 2022/09/23 13:27:23 fetching corpus: 291, signal 72160/81389 (executing program) 2022/09/23 13:27:23 fetching corpus: 341, signal 75697/85984 (executing program) 2022/09/23 13:27:23 fetching corpus: 391, signal 79175/90447 (executing program) 2022/09/23 13:27:23 fetching corpus: 441, signal 82366/94611 (executing program) 2022/09/23 13:27:23 fetching corpus: 491, signal 85813/98919 (executing program) 2022/09/23 13:27:23 fetching corpus: 541, signal 88186/102226 (executing program) 2022/09/23 13:27:23 fetching corpus: 591, signal 90294/105257 (executing program) 2022/09/23 13:27:24 fetching corpus: 641, signal 91893/107800 (executing program) 2022/09/23 13:27:24 fetching corpus: 691, signal 93587/110437 (executing program) 2022/09/23 13:27:24 fetching corpus: 741, signal 95117/112870 (executing program) 2022/09/23 13:27:24 fetching corpus: 790, signal 97586/116032 (executing program) 2022/09/23 13:27:24 fetching corpus: 840, signal 100488/119588 (executing program) 2022/09/23 13:27:24 fetching corpus: 890, signal 103838/123408 (executing program) 2022/09/23 13:27:24 fetching corpus: 940, signal 106212/126378 (executing program) 2022/09/23 13:27:25 fetching corpus: 990, signal 108258/129064 (executing program) 2022/09/23 13:27:25 fetching corpus: 1040, signal 110873/132105 (executing program) 2022/09/23 13:27:25 fetching corpus: 1090, signal 112920/134678 (executing program) 2022/09/23 13:27:25 fetching corpus: 1140, signal 115360/137560 (executing program) 2022/09/23 13:27:25 fetching corpus: 1190, signal 117060/139778 (executing program) 2022/09/23 13:27:25 fetching corpus: 1240, signal 121813/144245 (executing program) 2022/09/23 13:27:25 fetching corpus: 1289, signal 123335/146181 (executing program) 2022/09/23 13:27:25 fetching corpus: 1339, signal 126872/149584 (executing program) 2022/09/23 13:27:26 fetching corpus: 1389, signal 127946/151200 (executing program) 2022/09/23 13:27:26 fetching corpus: 1439, signal 130077/153510 (executing program) 2022/09/23 13:27:26 fetching corpus: 1489, signal 132135/155707 (executing program) 2022/09/23 13:27:26 fetching corpus: 1539, signal 133651/157552 (executing program) 2022/09/23 13:27:26 fetching corpus: 1589, signal 135520/159646 (executing program) 2022/09/23 13:27:26 fetching corpus: 1639, signal 137305/161597 (executing program) 2022/09/23 13:27:26 fetching corpus: 1689, signal 138175/162889 (executing program) 2022/09/23 13:27:27 fetching corpus: 1739, signal 139588/164526 (executing program) 2022/09/23 13:27:27 fetching corpus: 1789, signal 141070/166186 (executing program) 2022/09/23 13:27:27 fetching corpus: 1839, signal 143004/168155 (executing program) 2022/09/23 13:27:27 fetching corpus: 1889, signal 144638/169901 (executing program) 2022/09/23 13:27:27 fetching corpus: 1939, signal 146330/171584 (executing program) 2022/09/23 13:27:27 fetching corpus: 1989, signal 147952/173247 (executing program) 2022/09/23 13:27:27 fetching corpus: 2039, signal 148520/174210 (executing program) 2022/09/23 13:27:27 fetching corpus: 2089, signal 149550/175390 (executing program) 2022/09/23 13:27:28 fetching corpus: 2139, signal 151155/176989 (executing program) 2022/09/23 13:27:28 fetching corpus: 2189, signal 152452/178376 (executing program) 2022/09/23 13:27:28 fetching corpus: 2238, signal 154208/179952 (executing program) 2022/09/23 13:27:28 fetching corpus: 2288, signal 155909/181451 (executing program) 2022/09/23 13:27:28 fetching corpus: 2338, signal 157365/182816 (executing program) 2022/09/23 13:27:28 fetching corpus: 2388, signal 158418/183929 (executing program) 2022/09/23 13:27:28 fetching corpus: 2438, signal 159207/184875 (executing program) 2022/09/23 13:27:28 fetching corpus: 2488, signal 160306/185975 (executing program) 2022/09/23 13:27:29 fetching corpus: 2538, signal 162486/187555 (executing program) 2022/09/23 13:27:29 fetching corpus: 2588, signal 163924/188760 (executing program) 2022/09/23 13:27:29 fetching corpus: 2637, signal 165330/189933 (executing program) 2022/09/23 13:27:29 fetching corpus: 2687, signal 166225/190810 (executing program) 2022/09/23 13:27:29 fetching corpus: 2737, signal 168200/192199 (executing program) 2022/09/23 13:27:29 fetching corpus: 2787, signal 169659/193295 (executing program) 2022/09/23 13:27:29 fetching corpus: 2837, signal 170372/194013 (executing program) 2022/09/23 13:27:29 fetching corpus: 2887, signal 171320/194882 (executing program) 2022/09/23 13:27:30 fetching corpus: 2937, signal 172304/195742 (executing program) 2022/09/23 13:27:30 fetching corpus: 2987, signal 173028/196417 (executing program) 2022/09/23 13:27:30 fetching corpus: 3037, signal 173483/196979 (executing program) 2022/09/23 13:27:30 fetching corpus: 3087, signal 174184/197614 (executing program) 2022/09/23 13:27:30 fetching corpus: 3137, signal 175570/198551 (executing program) 2022/09/23 13:27:30 fetching corpus: 3187, signal 176462/199336 (executing program) 2022/09/23 13:27:30 fetching corpus: 3236, signal 177250/199994 (executing program) 2022/09/23 13:27:30 fetching corpus: 3286, signal 177936/200601 (executing program) 2022/09/23 13:27:30 fetching corpus: 3336, signal 178729/201222 (executing program) 2022/09/23 13:27:31 fetching corpus: 3386, signal 179776/201892 (executing program) 2022/09/23 13:27:31 fetching corpus: 3436, signal 180567/202485 (executing program) 2022/09/23 13:27:31 fetching corpus: 3486, signal 181693/203155 (executing program) 2022/09/23 13:27:31 fetching corpus: 3536, signal 182482/203679 (executing program) 2022/09/23 13:27:31 fetching corpus: 3586, signal 183125/204181 (executing program) 2022/09/23 13:27:31 fetching corpus: 3636, signal 183617/204581 (executing program) 2022/09/23 13:27:31 fetching corpus: 3686, signal 184489/205141 (executing program) 2022/09/23 13:27:31 fetching corpus: 3736, signal 185287/205631 (executing program) 2022/09/23 13:27:32 fetching corpus: 3786, signal 185917/206095 (executing program) 2022/09/23 13:27:32 fetching corpus: 3836, signal 186879/206632 (executing program) 2022/09/23 13:27:32 fetching corpus: 3886, signal 187894/207139 (executing program) 2022/09/23 13:27:32 fetching corpus: 3936, signal 188627/207599 (executing program) 2022/09/23 13:27:32 fetching corpus: 3986, signal 189170/207946 (executing program) 2022/09/23 13:27:32 fetching corpus: 4034, signal 190055/208411 (executing program) 2022/09/23 13:27:32 fetching corpus: 4084, signal 190802/208804 (executing program) 2022/09/23 13:27:32 fetching corpus: 4134, signal 191123/209084 (executing program) 2022/09/23 13:27:33 fetching corpus: 4184, signal 191840/209484 (executing program) 2022/09/23 13:27:33 fetching corpus: 4234, signal 192769/209873 (executing program) 2022/09/23 13:27:33 fetching corpus: 4284, signal 193935/210415 (executing program) 2022/09/23 13:27:33 fetching corpus: 4334, signal 194414/210703 (executing program) 2022/09/23 13:27:33 fetching corpus: 4384, signal 195308/211020 (executing program) 2022/09/23 13:27:33 fetching corpus: 4434, signal 195843/211261 (executing program) 2022/09/23 13:27:33 fetching corpus: 4484, signal 196928/211615 (executing program) 2022/09/23 13:27:33 fetching corpus: 4533, signal 198169/211940 (executing program) 2022/09/23 13:27:34 fetching corpus: 4583, signal 198816/212174 (executing program) 2022/09/23 13:27:34 fetching corpus: 4633, signal 199402/212379 (executing program) 2022/09/23 13:27:34 fetching corpus: 4683, signal 200444/212687 (executing program) 2022/09/23 13:27:34 fetching corpus: 4732, signal 201300/212932 (executing program) 2022/09/23 13:27:34 fetching corpus: 4782, signal 202017/213116 (executing program) 2022/09/23 13:27:34 fetching corpus: 4832, signal 202442/213248 (executing program) 2022/09/23 13:27:34 fetching corpus: 4882, signal 203500/213430 (executing program) 2022/09/23 13:27:34 fetching corpus: 4932, signal 204186/213575 (executing program) 2022/09/23 13:27:35 fetching corpus: 4982, signal 204685/213699 (executing program) 2022/09/23 13:27:35 fetching corpus: 5032, signal 205271/213808 (executing program) 2022/09/23 13:27:35 fetching corpus: 5082, signal 205901/213908 (executing program) 2022/09/23 13:27:35 fetching corpus: 5132, signal 206440/213973 (executing program) 2022/09/23 13:27:35 fetching corpus: 5182, signal 207093/214015 (executing program) 2022/09/23 13:27:35 fetching corpus: 5232, signal 207608/214024 (executing program) 2022/09/23 13:27:35 fetching corpus: 5270, signal 208021/214029 (executing program) 2022/09/23 13:27:35 fetching corpus: 5270, signal 208021/214029 (executing program) 2022/09/23 13:27:38 starting 8 fuzzer processes 13:27:38 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) getsockname(r0, &(0x7f0000000840)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c}, &(0x7f00000008c0)=0x80) 13:27:38 executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000001400)=@req3={0x0, 0x0, 0x0, 0x3f}, 0x1c) 13:27:38 executing program 2: mlock2(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0) shmat(0xffffffffffffffff, &(0x7f0000ff8000/0x3000)=nil, 0x2000) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x80000001}, 0x0, 0x7ff, 0x0, 0x0, 0x3ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x4) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') sendmsg$SOCK_DESTROY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="300100001500040028bd7000fcdbdf252b083d000100a45ae428936b6a4b1162cfed7ad73ce5ff1fd9835f01c4216ba72de85642df2d031dbc586692b80da0d695b7bbd5c4c8d0328a0c7fd0bfc37a0000003800010024f73f3912cab6c6c6372f527412174e5fa68fcb7ab51a7be90dcf202e775e73bd43ca8c09273a81bd853449efd85556ef776903a1000100d79ab5874484a6dcca3971ce1dcc6cc5acc0488e1a45e38f2ec8ab3d5483a97f270b929a207edf05b207fefb3203a4354c4e041ccda50f4d485bcabdb3e218bd3ffe7ae3535d1eebcbc41cd329b13ebd56a6ae6b0323cdf2acdbed5128c6f3e8d081b46cb344d96a07cf42d378ac67949e8ae1c2f908c886711083e12b4b7281c6b01e9425199330d0c0a4edc034a68687a1fd30a230dd7501538a83b0000000000067f36cd7b866300ba3eed81383dcbef2b47da17a0dee570179ae0b7f82847989c6b6e2d20cb3ae755cee324faaac46a818"], 0x130}, 0x1, 0x0, 0x0, 0x4}, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0x6}, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = openat2(r0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000300)={0x200, 0x21, 0x1b}, 0x18) ioctl$LOOP_CTL_ADD(r2, 0x4c80, 0xb) r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3) ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305) mremap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffe000/0x2000)=nil) pipe2(&(0x7f0000000300)={0xffffffffffffffff}, 0x0) r5 = epoll_create1(0x0) io_submit(0x0, 0x3, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x2, 0x7f, r2, &(0x7f0000000780)="663ee659442f41341bf0583251f35ad70001261bfaad4ef872cea8b67b3d1dd999b7adbd2cac017e5b51656b903703fe8c0d7a4b894d2331de3a36a928637a5d5b03602975a307537503de0f6beaf6224cbc6e7180eccbcbee7654244480a65e2c0bfce99361e4ae7aa5c43e52d10488c4bf75d6543658f4eb86767df7aed9a91cc191f4df1a7e6668dadce3920bc737cb76b66d542fa1907928bf9952626eafdbbefcddf5642011bbe3e89162a96daea0ee833aff7f29ddacd7de0a8c61bd1bb341080e4fa3b19a860ba97cee165533635879f32593a784998312f4e0fe86db37a2e6d0d12df44410383814eb9545e9d42f4e88f770bf2d8b8d7e125de3c00a36183b11aa6596ee41e881d38aa61c5a08ac1168ffafeb64195f7ae58fc981b22a1664e62a5aa23c6d59a474323fee8346b5ef9442c3ea500bc9182ec730516626340e057a48c38be1479af25e5a3c9033b5c60bba3849897f2a4b5d94b33b096bbb3c05d2d2b8c9ba5a2eb5ee36e08923a737b79027ff58d75851e3e68cbc93902df795495e32358fcc4bd5a7b86105c0244ca29614e621e31165b16255b784929faf8e89e2979a808d30471caa45c39cdd0b0e33b8cdedca5d9482c8ddf52158415df50c92999c42c57b5d39f2539602f986a709aa3f0e9a148e9a6f61297051d85f1e6929f0d2b2d25aaf62cfab8296acbdeb67274083b2f392fe3479c61a7fdaa2187e9c5cf303233d0b3ab0f422328ee34f15d5cf13b3f6009ffc295bc977c4e3bc988c2dd79f585e854a6db48eda3b068aca5cf2f1db95cf94764bd1ffd6d61c853f3248e0e67682f3cf6959e39e8aaf08604c9aa71b4d738b4ed1a7a3cf190e0a3afb6c647ad75c9c50ef8a3b0b91d737b221ca2a976310aaf30b107941d164636491a55ba93dc3e21ae98a49a10a7980e36d8f1170c67674382116bc09204ec2469e675b25c121d19b5877034101112f7a55ae8511d5b175c7c20872cf98c79e70176647938f9ce754cd65b9e1ce17b12b65868523b943730b129b705793ee65c28710a8e876f720a63699f5e60845b44d0aba6afa726bad11d07e8741938ab24f8739fc669a84f4a8a22867080214a298a77a08cbe22ec96df8cba7633b9d32f2c66f551e5c72eeb5525cbe21f0b709504010c75ab14d3f84d148eb30c10cd8b8bea0032a13a9bb29bb34a62e245e14f5fe5fd46d6489e0d78f7490fcd99c5a6df63adb8f9d20fe326b2bb050e0820dba265f86c4f5bcec66d2a1b45270770291555d37843bd742eae18e562e3066a7264ee2b024c16b8b126b50b07daf10f4c9a7f970590ab8d4ce75b24a72cf2b08fa8f28e785701fb584d762e3bf7d07e401331e69df408b9faca74c2c19065058c5706f3ea0e57282731061f6e7d86361105e9b16526e8eea2b6d175c94a4358479a8a9f4b94e285a765dbb2c959596cf97e4a53af72bb9885757931a654ca2bd6b1d750359fb1d4dd19dc480a966f821343243bccd464067bcc08fcda0eae3a6dd32d50969adf7e150dfc2ae97810e20324012c399b561af0e3054df98eeac7400f94252f6bc12de34f0d6b480d03dddb051f263f8ab6fc490cbb1a61fe028b12f3c0aeed28f3c1d288e34a274339d1a99e7fdffdf227a07591a617cf059fb425e844738cd53cf4d8dbce0652d4bb5a5d96f2fc827a7b53af56c4fee3b2db87140634e15becd9607a67519816480da660367f4a3bee20d6fa50f136d7596b5ba05cc5eb5ccf0ea7eaabc208efe7e6ab4ea6acb187b63c78d6cfd590201605947cf9f700bdcc8e2c60c412a207ce2667c23e104ceb5db1fc3b3ed61fc2ea7c51124466ab610a8a0804b60c962b32ceb13d5d2650993f6e2711b3756a54ec0182386bab7667511ba4b795830e7618f4fa62deedabe8061ce9d18e9d4a9b7dd365b2becaa0d350562737f8cb8957322a1fcfc39f5a8ed7bb1bb815c58dfb79472d6842a59bd462674ddbd5c7215e2bc131b779e91294a447ef26f854d56932b3ced5baaae58b02c61ffd9a205923dfd31b300ff87714c770ef909c2620f8a8b5faaa339439d2cb1888cc969fd4cc8d78725677b3fdeb2dfcbc872d2256962e68d948c63edb8987bcf734246c465deec98470f6204e2f1a332d56039134fbe64269103cc1bf0dae7efdaf9bcaed7b2115422eec810c916949db13cbe8b9cf0a7ea610b4bc8893fd491a49a15d1217a358bc64543af4af69b484c28988ce3690384b083441005ee067855827c2d3d7db122288222d00ad403fbe5b890b4c48b9613c94ed6e2940da8bb44fbd316693e4eacce40d027a238ef8dbaca13a71de216e00d1a713d4fa40ac8835845dd0145afb6a608c8e72704868d319d4c2a13ffc562f04d4da8fbd64225ced13134e4d8a14c6f2e6d6d480d12dc6f2f2d829e80ea7132ad42517e2e5f5643eadf77e3dfc76910fc959d3b489c7618577b101c2df088b6627169116eeefcf456a7749a9dff01277c8a63cddb1383288ea3c2b5bed92ff7cb579bd236c0f1c091419e409b740a0000329442978f22e44749abe9046a8295853cddce96ac9b4327553fef1cca0eeec800ee876c4d4436b3ad8346b82fef9093a3f87c3ae11af30949268a61d4b76e1b4e5d8c69b693e553dc7e2e9ed7f9f2c8f22dadd3b7ca0727e2b131a7f21237ab53a5986f2c6c6e325dcf45110460d115ab87374bd86fd91a93765a4acd29b6df7f7bd046867ce4baafea2bc25ed33d61c02f5c38bed2078acd348ba24f6b90de280b295da5df3eb8a6dbebc10ffd775cd97aa34e6f855bfce7c2f6c122e66d6ba3eb3ffadf1ad7a042be2e78529eee3b5653e362bd793475ca91f2d9400c0055f49ab455ece06b79a4fe08c5daed5cd22be213fa3c135ccb943500b2f08d2ff653c8e74945bafa83f45029ccfb1fad3944cfc0f41f1ceb4d459573c08b90ea11c41b8fae62740e154cbfa2d6aa5f9b52b6b987023bc1877c771361335177fff39785ea1f6db67a2d1c99e5ef8765bb3a363e377458918ca201b33140f3f9e7bad8bb4441706806c5b37ea1d892531e8273dde46d00d10784037e4a7a9ccba514c4f57dd393259871a776df5ecf7eacfaef846ad6bfdcfe60e8ed68dde486555f32ca046034a38a983f92bf22b619ba66c1bc18d219e9db11ce10193a6ddd3d48837bb292dc2a4f6fa305a50da12f00dfa9f38f4ac362721d7d4304de2ef9a6b6227d576aefee16809fdd91b83b31594dfdef71f67bbab29dad88d7a912491bc93f73ef26d6ac42894e32b6ea24223a7248d1f646a088a4dafad730f0350b1c43d780175c6a3874675e61c2644942f25c7bd6897eaa56cbb68ae75ca2d7d1db25b583949a86644f2a3f2cd13a624842568e69bcab112e48bbcc5d3459f98866edcf79d6c7963cd8d64deab79bc3887e2498a752f0ddb48f5c05a29b6ce7811b1f70fa4931b13785b5074a377a6a2c5e480d40305eed872ee19732d8b4163e99fb587ced206aa42fdadf178b3fd6d64e478ddf9dbb2b3ccb6d49703ab235edc40d0b592c453e881c38e114211e9b3ff2e9cfbbc68b02b544e3e5fd4f7237570e805b793916c6a71d2208a80662b16b5b66e57fb6153cf679e4b52a80e023cc108259264d17d6b97259789949e6a78aa6f543e3c25fab31a82a4c44f3d8d1928ede5e87ccd6607728e799294f838e23477296bae3d5d59ead3ef8513b03714997e6f72f2b755f16cf6fb492ad368f33a30608c97dd1ade32fe36040dfc2c8923f951f75b301650cb13c0cf5292f79a7c1abbd8f6df5e4818a1d6bc1ab432bad99433f2855b464eccadc1ba77845cb82d3d2d8f8fd85f339b4fcc8687d88f1691ff6cef7609d1567b44b7b7c226019d179cf3a90f046b1f746318d10587e39bd912703d1210e2331027eeceb49cc05537037eaf0c62d17460c20b72b8ebee94054b7de4d8e5ab19a27ec5ac55c1ff1e452fe04c550f8f2c407060f7085ebe906ca8e31e9dfeab9c78eb877744c36fade32d13e72f96600b1cb416992d3b7c4e5d22970f6759f8afaa14b30f1519507d27137d1edd18f39d394a52b9d077d7c35da69f0ee25d2c3ec1f4c1b89097734ca9794d66826a72f11b47df78b3cbf80abfce37af8ef537ef06c7d16162b03e40204876716bc538a0ae6ab143ce65f3b95eb982cd5ecd72e58e9e97f2e26f4851e0a1419c8a6000b30a255c378495017a6a888556d9284e94263f4299aa3dfd133c0ae608ba272cc5d2380a8afd61be880bf4848105786838acd941b45ab1b06b7e229cf55c1ffc2b38e07218757304d2173e132342278649cfb136aeea5f9eb478961f80fac7be1df7cbe1f3279725d8adfaa7bf2e5ba9c229ee61d9ab05cc1384e586dcea50a268435d828b1278124beeb3e2b6bb838ee1deaad558bb06ef7b7cea2e537817754cede86497f6489ed1652ccb00a04983656f59c4e3100b8e9d79cbfe8a60361c93dd0d4779c6a2d43444df0bb2380fc61a26a2c164172e34926a040c63c579a85261bb9c209eefd9572e1620f33ec1dcbb3f180d463bf7483820781530faac276db96e23abb31973e1c040144453d0516db9f56e770afd983bbacb052d33f40671926c334095c6b7210c9df23138c087e7d9a2f75d2df50c2aa2b7dd7b6053c080da83956c789d7c9a0fb2151250a26eb8d8fa9af99cd23b321f34cd930b915b11899c47ce77797620b3d585959adc1e2962bf73b41929243d65a193a6b3897b1e3532cf67518e91a5360512a8fddc83c280221c3727e2dd594f5d62ef198cf7efa3da2d8e44999af4b6eacef739232127bbb384ba59f556d3f1457920103f75c3d5c040dd41ceabfb466cda9c891bd2958f54849c4d2640b76168b62b48980ae2ce3d4bfeaf936c81b5011363cdbe19526724bab149ef6cf07aab250e1c225f060591c1edce13caa5decf87079e26eae9628b26b44326662d5b1db6a6aec6d17cb5897e2242f2f85809e27a84126bd31d4973cda5f0c416e769831f5e06716126529ae6c5b321be5ad425752c48e3494f2f728677cbc0ef5d3b514e9f82616568de25222f9eae4c95baa49ba6cb4a257150cc35e1fc748cb23b99de3fccc791e0616d4a7125c7b13021ea32992f2bb227f776f72a2911fa1fc7c2fa7ec8e9f7bca3024a91ba2cc4e4975280a516afd6b7a0ea7917edd34e139ad67bc9bef74128f3ada6ac517fce04cea8f4977bba01afb247a9fbe30de220e0cd39c4ed2b8425e311efa7046f722f7b441f61bec789e98d9385f7059f0ed96be3649b8b430b073adbccb0f9d8b0d22d45bbd5579f97ce6fda74e1e94cb14461dd49f73daabab7f6aa04ed67175abafc56cfeea674d0f82f86fd85408785626c1656300dcace44c8d5945c95ca2b44fd9a765e2fd32c904e6fe122cd0b59ded2f9666fd8604102ad431e39914fa2bf9d5f95a27fd3df1f6e4cac3d1d26d9f760cfc1cf9ac1cbc7ed941ccbb8b39599403dcb170044bf6b9368ca686621f253e7ff6592fcefbc9cbb8ce37fb795bc09c1dce55b212792c0b74e0bd763e55ed42954f59c4661c15053e8a8f0816403f1f9106c1695cd20a3e86761bfd575bd23a6625fb820f6d836d271af0b8a84a318360366379170fe1457ff590789d1c8c18cee3338fea6b72db3ab21da90a093b5c43adaadcebc6ac6cabf8616a650acb2179665cc04cd537d9ea0a7c6a09547f7a14c69c31310404a1c7b465213b7cecc13b2821886b157af256b75ad18bd094a737f8a13fe271d35698386ee4bf2caa5e012a892708ee92232004daf469", 0x1000, 0x80000000000000, 0x0, 0x1a48439b19faf2c1, r4}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x6, 0x0, r5, &(0x7f0000000340)="0a1b9f88aa1e010ca789430e179de2c48cde1d086520f8f72508904db424c353d46539822b8a775e1715ae658a1963a7fe084c0e526414d8cc27f7187472de330f8859f095db1a48e25951641467ed4f1012d3cd16c637d4ab172580b1554ea80dc39715c724bebed06f6ef93ab1fbf392323ade1b2a142b4f1252c7f6026793eeffa553136905486bd4fc536f7c2e5bb713fe389a4f21bcc69d9bd665c52a6f5bd9c0fd19cd06be9f8e71bd77705b132d9394fc971977d2bbcfe204e3", 0xbd, 0x3}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x2, 0x800, r0, &(0x7f0000000440)="597aff2ccbf0131b559cf580a3a2e3278f2be99538fe2b397ebc11f5b8f4f239a4674d38ab0555df3467ce81da2e3a2305a74d680df7ab02217746f8b099c3e81dad4e2590660913d8a0ddf504ab105c16292dae6b30119858e7d8ef9dd24940c5c70c4b", 0x64, 0x8001, 0x0, 0x2, r2}]) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) shmget$private(0x0, 0x2000, 0x54000000, &(0x7f0000ff5000/0x2000)=nil) [ 67.406039] audit: type=1400 audit(1663939658.608:6): avc: denied { execmem } for pid=285 comm="syz-executor.1" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 13:27:38 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000340)=0xeed, 0x4) setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0) 13:27:38 executing program 4: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@random="dda978731a96", @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @empty, @broadcast}, @source_quench={0xd, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0) 13:27:38 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00') preadv(r0, &(0x7f0000000680)=[{&(0x7f0000000340)=""/249, 0xf9}], 0x1, 0x2, 0x0) 13:27:38 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) munlockall() 13:27:38 executing program 7: openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0) openat2(0xffffffffffffffff, &(0x7f0000000040)='./file2\x00', 0x0, 0x0) symlink(&(0x7f00000001c0)='.\x00', &(0x7f0000000200)='./file0\x00') r0 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) utimensat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={{}, {0x0, 0x2710}}, 0x0) [ 68.652141] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.653727] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.655545] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.658476] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.660190] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.661554] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.666103] Bluetooth: hci0: HCI_REQ-0x0c1a [ 68.735831] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.737697] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.739516] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.741613] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.743106] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.744497] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.747463] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.749595] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.752708] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.759683] Bluetooth: hci3: HCI_REQ-0x0c1a [ 68.768973] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.772989] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.775158] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 68.781437] Bluetooth: hci2: HCI_REQ-0x0c1a [ 68.803390] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 68.838265] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 68.840504] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 68.843651] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 68.851974] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 68.854038] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 68.866530] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 68.877052] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 68.878549] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 68.883937] Bluetooth: hci6: HCI_REQ-0x0c1a [ 68.898992] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 68.901669] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 68.903639] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.913860] Bluetooth: hci4: HCI_REQ-0x0c1a [ 68.957651] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 68.959631] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 68.970807] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 68.981973] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 68.983681] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 68.985663] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 69.021982] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 69.023327] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 69.035101] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 69.036650] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 69.038941] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 69.047195] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 69.059046] Bluetooth: hci5: HCI_REQ-0x0c1a [ 69.067845] Bluetooth: hci7: HCI_REQ-0x0c1a [ 70.738120] Bluetooth: hci1: Opcode 0x c03 failed: -110 [ 70.738144] Bluetooth: hci0: command 0x0409 tx timeout [ 70.801939] Bluetooth: hci2: command 0x0409 tx timeout [ 70.801968] Bluetooth: hci3: command 0x0409 tx timeout [ 70.929870] Bluetooth: hci6: command 0x0409 tx timeout [ 70.929931] Bluetooth: hci4: command 0x0409 tx timeout [ 71.121891] Bluetooth: hci7: command 0x0409 tx timeout [ 71.122596] Bluetooth: hci5: command 0x0409 tx timeout [ 72.785872] Bluetooth: hci0: command 0x041b tx timeout [ 72.849832] Bluetooth: hci3: command 0x041b tx timeout [ 72.851510] Bluetooth: hci2: command 0x041b tx timeout [ 72.977834] Bluetooth: hci4: command 0x041b tx timeout [ 72.978991] Bluetooth: hci6: command 0x041b tx timeout [ 73.169923] Bluetooth: hci5: command 0x041b tx timeout [ 73.170866] Bluetooth: hci7: command 0x041b tx timeout [ 73.687134] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 73.689209] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 73.691211] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 73.694612] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 73.697489] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 73.699135] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 73.705211] Bluetooth: hci1: HCI_REQ-0x0c1a [ 74.834292] Bluetooth: hci0: command 0x040f tx timeout [ 74.897888] Bluetooth: hci2: command 0x040f tx timeout [ 74.897906] Bluetooth: hci3: command 0x040f tx timeout [ 75.025797] Bluetooth: hci6: command 0x040f tx timeout [ 75.026241] Bluetooth: hci4: command 0x040f tx timeout [ 75.217836] Bluetooth: hci7: command 0x040f tx timeout [ 75.218260] Bluetooth: hci5: command 0x040f tx timeout [ 75.729877] Bluetooth: hci1: command 0x0409 tx timeout [ 76.881934] Bluetooth: hci0: command 0x0419 tx timeout [ 76.945804] Bluetooth: hci3: command 0x0419 tx timeout [ 76.945879] Bluetooth: hci2: command 0x0419 tx timeout [ 77.073804] Bluetooth: hci4: command 0x0419 tx timeout [ 77.073865] Bluetooth: hci6: command 0x0419 tx timeout [ 77.265874] Bluetooth: hci5: command 0x0419 tx timeout [ 77.265928] Bluetooth: hci7: command 0x0419 tx timeout [ 77.777876] Bluetooth: hci1: command 0x041b tx timeout [ 79.825866] Bluetooth: hci1: command 0x040f tx timeout [ 81.873896] Bluetooth: hci1: command 0x0419 tx timeout 13:28:36 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') getdents(r0, &(0x7f0000000100)=""/101, 0x65) 13:28:36 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') getdents(r0, &(0x7f0000000100)=""/101, 0x65) 13:28:36 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') getdents(r0, &(0x7f0000000100)=""/101, 0x65) 13:28:36 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') getdents(r0, &(0x7f0000000100)=""/101, 0x65) 13:28:36 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002c80)=[{&(0x7f0000003fc0)={0x20, 0x12, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x2}, @typed={0x8, 0x0, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x20}], 0x1}, 0x0) 13:28:36 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000140)=[{&(0x7f00000017c0)=""/4096, 0x1000}], 0x1, 0x417, 0x0) 13:28:37 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000140)=[{&(0x7f00000017c0)=""/4096, 0x1000}], 0x1, 0x417, 0x0) 13:28:37 executing program 3: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmstat\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000140)=[{&(0x7f00000017c0)=""/4096, 0x1000}], 0x1, 0x417, 0x0) [ 128.037425] audit: type=1400 audit(1663939719.238:7): avc: denied { open } for pid=3938 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.039005] audit: type=1400 audit(1663939719.238:8): avc: denied { kernel } for pid=3938 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 128.042358] ------------[ cut here ]------------ [ 128.042379] [ 128.042383] ====================================================== [ 128.042386] WARNING: possible circular locking dependency detected [ 128.042390] 6.0.0-rc6-next-20220923 #1 Not tainted [ 128.042397] ------------------------------------------------------ [ 128.042400] syz-executor.2/3939 is trying to acquire lock: [ 128.042406] ffffffff853faaf8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 128.042444] [ 128.042444] but task is already holding lock: [ 128.042446] ffff88800e14bc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.042474] [ 128.042474] which lock already depends on the new lock. [ 128.042474] [ 128.042476] [ 128.042476] the existing dependency chain (in reverse order) is: [ 128.042479] [ 128.042479] -> #3 (&ctx->lock){....}-{2:2}: [ 128.042493] _raw_spin_lock+0x2a/0x40 [ 128.042511] __perf_event_task_sched_out+0x53b/0x18d0 [ 128.042523] __schedule+0xedd/0x2470 [ 128.042540] schedule+0xda/0x1b0 [ 128.042553] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.042566] syscall_exit_to_user_mode+0x19/0x40 [ 128.042578] do_syscall_64+0x48/0x90 [ 128.042595] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.042608] [ 128.042608] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 128.042623] _raw_spin_lock_nested+0x30/0x40 [ 128.042641] raw_spin_rq_lock_nested+0x1e/0x30 [ 128.042655] task_fork_fair+0x63/0x4d0 [ 128.042673] sched_cgroup_fork+0x3d0/0x540 [ 128.042687] copy_process+0x4183/0x6e20 [ 128.042697] kernel_clone+0xe7/0x890 [ 128.042706] user_mode_thread+0xad/0xf0 [ 128.042716] rest_init+0x24/0x250 [ 128.042729] arch_call_rest_init+0xf/0x14 [ 128.042747] start_kernel+0x4c1/0x4e6 [ 128.042762] secondary_startup_64_no_verify+0xe0/0xeb [ 128.042776] [ 128.042776] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 128.042791] _raw_spin_lock_irqsave+0x39/0x60 [ 128.042810] try_to_wake_up+0xab/0x1930 [ 128.042824] up+0x75/0xb0 [ 128.042837] __up_console_sem+0x6e/0x80 [ 128.042853] console_unlock+0x46a/0x590 [ 128.042870] vt_ioctl+0x2822/0x2ca0 [ 128.042883] tty_ioctl+0x7c4/0x1700 [ 128.042896] __x64_sys_ioctl+0x19a/0x210 [ 128.042911] do_syscall_64+0x3b/0x90 [ 128.042929] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.042941] [ 128.042941] -> #0 ((console_sem).lock){....}-{2:2}: [ 128.042957] __lock_acquire+0x2a02/0x5e70 [ 128.042974] lock_acquire+0x1a2/0x530 [ 128.042990] _raw_spin_lock_irqsave+0x39/0x60 [ 128.043009] down_trylock+0xe/0x70 [ 128.043023] __down_trylock_console_sem+0x3b/0xd0 [ 128.043040] vprintk_emit+0x16b/0x560 [ 128.043056] vprintk+0x84/0xa0 [ 128.043073] _printk+0xba/0xf1 [ 128.043083] report_bug.cold+0x72/0xab [ 128.043101] handle_bug+0x3c/0x70 [ 128.043117] exc_invalid_op+0x14/0x50 [ 128.043135] asm_exc_invalid_op+0x16/0x20 [ 128.043146] group_sched_out.part.0+0x2c7/0x460 [ 128.043158] ctx_sched_out+0x8f1/0xc10 [ 128.043168] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.043182] __schedule+0xedd/0x2470 [ 128.043197] schedule+0xda/0x1b0 [ 128.043210] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.043221] syscall_exit_to_user_mode+0x19/0x40 [ 128.043233] do_syscall_64+0x48/0x90 [ 128.043251] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.043263] [ 128.043263] other info that might help us debug this: [ 128.043263] [ 128.043266] Chain exists of: [ 128.043266] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 128.043266] [ 128.043284] Possible unsafe locking scenario: [ 128.043284] [ 128.043286] CPU0 CPU1 [ 128.043289] ---- ---- [ 128.043291] lock(&ctx->lock); [ 128.043296] lock(&rq->__lock); [ 128.043303] lock(&ctx->lock); [ 128.043310] lock((console_sem).lock); [ 128.043316] [ 128.043316] *** DEADLOCK *** [ 128.043316] [ 128.043318] 2 locks held by syz-executor.2/3939: [ 128.043326] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 128.043356] #1: ffff88800e14bc20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 128.043385] [ 128.043385] stack backtrace: [ 128.043388] CPU: 0 PID: 3939 Comm: syz-executor.2 Not tainted 6.0.0-rc6-next-20220923 #1 [ 128.043401] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.043410] Call Trace: [ 128.043414] [ 128.043419] dump_stack_lvl+0x8b/0xb3 [ 128.043438] check_noncircular+0x263/0x2e0 [ 128.043454] ? format_decode+0x26c/0xb50 [ 128.043471] ? print_circular_bug+0x450/0x450 [ 128.043489] ? enable_ptr_key_workfn+0x20/0x20 [ 128.043506] ? format_decode+0x26c/0xb50 [ 128.043521] ? memcpy+0x39/0x60 [ 128.043534] ? vsnprintf+0x4ba/0x1600 [ 128.043552] __lock_acquire+0x2a02/0x5e70 [ 128.043574] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 128.043597] lock_acquire+0x1a2/0x530 [ 128.043614] ? down_trylock+0xe/0x70 [ 128.043632] ? lock_release+0x750/0x750 [ 128.043652] ? vprintk+0x84/0xa0 [ 128.043670] _raw_spin_lock_irqsave+0x39/0x60 [ 128.043690] ? down_trylock+0xe/0x70 [ 128.043706] down_trylock+0xe/0x70 [ 128.043722] ? vprintk+0x84/0xa0 [ 128.043738] __down_trylock_console_sem+0x3b/0xd0 [ 128.043757] vprintk_emit+0x16b/0x560 [ 128.043776] vprintk+0x84/0xa0 [ 128.043794] _printk+0xba/0xf1 [ 128.043806] ? record_print_text.cold+0x16/0x16 [ 128.043822] ? report_bug.cold+0x66/0xab [ 128.043841] ? group_sched_out.part.0+0x2c7/0x460 [ 128.043853] report_bug.cold+0x72/0xab [ 128.043872] handle_bug+0x3c/0x70 [ 128.043890] exc_invalid_op+0x14/0x50 [ 128.043909] asm_exc_invalid_op+0x16/0x20 [ 128.043921] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.043936] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.043948] RSP: 0018:ffff88802f2c7c48 EFLAGS: 00010006 [ 128.043958] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.043966] RDX: ffff8880204d8000 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 128.043974] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001 [ 128.043982] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88800e14bc00 [ 128.043990] R13: ffff88806ce3d140 R14: ffffffff8547d1a0 R15: 0000000000000002 [ 128.044002] ? group_sched_out.part.0+0x2c7/0x460 [ 128.044016] ? group_sched_out.part.0+0x2c7/0x460 [ 128.044030] ctx_sched_out+0x8f1/0xc10 [ 128.044043] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.044059] ? lock_is_held_type+0xd7/0x130 [ 128.044073] ? __perf_cgroup_move+0x160/0x160 [ 128.044086] ? set_next_entity+0x304/0x550 [ 128.044104] ? update_curr+0x267/0x740 [ 128.044123] ? lock_is_held_type+0xd7/0x130 [ 128.044138] __schedule+0xedd/0x2470 [ 128.044154] ? io_schedule_timeout+0x150/0x150 [ 128.044172] ? rcu_read_lock_sched_held+0x3e/0x80 [ 128.044192] schedule+0xda/0x1b0 [ 128.044207] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.044220] syscall_exit_to_user_mode+0x19/0x40 [ 128.044234] do_syscall_64+0x48/0x90 [ 128.044252] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.044265] RIP: 0033:0x7fc497eddb19 [ 128.044274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.044285] RSP: 002b:00007fc495453218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.044298] RAX: 0000000000000001 RBX: 00007fc497ff0f68 RCX: 00007fc497eddb19 [ 128.044307] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc497ff0f6c [ 128.044314] RBP: 00007fc497ff0f60 R08: 000000000000000e R09: 0000000000000000 [ 128.044321] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc497ff0f6c [ 128.044329] R13: 00007ffd9ad9032f R14: 00007fc495453300 R15: 0000000000022000 [ 128.044343] [ 128.100569] WARNING: CPU: 0 PID: 3939 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 128.101266] Modules linked in: [ 128.101515] CPU: 0 PID: 3939 Comm: syz-executor.2 Not tainted 6.0.0-rc6-next-20220923 #1 [ 128.102126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 128.102960] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 128.103364] Code: 5e 41 5f e9 5b bb ef ff e8 56 bb ef ff 65 8b 1d 1b 26 ac 7e 31 ff 89 de e8 f6 b7 ef ff 85 db 0f 84 8a 00 00 00 e8 39 bb ef ff <0f> 0b e9 a5 fe ff ff e8 2d bb ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 128.104705] RSP: 0018:ffff88802f2c7c48 EFLAGS: 00010006 [ 128.105111] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 128.105639] RDX: ffff8880204d8000 RSI: ffffffff81564fb7 RDI: 0000000000000005 [ 128.106178] RBP: ffff888008668000 R08: 0000000000000005 R09: 0000000000000001 [ 128.106707] R10: 0000000000000000 R11: ffffffff865b001b R12: ffff88800e14bc00 [ 128.107244] R13: ffff88806ce3d140 R14: ffffffff8547d1a0 R15: 0000000000000002 [ 128.107772] FS: 00007fc495453700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 128.108365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 128.108806] CR2: 00007fdcc88cc340 CR3: 000000001da00000 CR4: 0000000000350ef0 [ 128.109338] Call Trace: [ 128.109538] [ 128.109720] ctx_sched_out+0x8f1/0xc10 [ 128.110021] __perf_event_task_sched_out+0x6d0/0x18d0 [ 128.110428] ? lock_is_held_type+0xd7/0x130 [ 128.110751] ? __perf_cgroup_move+0x160/0x160 [ 128.111090] ? set_next_entity+0x304/0x550 [ 128.111421] ? update_curr+0x267/0x740 [ 128.111723] ? lock_is_held_type+0xd7/0x130 [ 128.112048] __schedule+0xedd/0x2470 [ 128.112342] ? io_schedule_timeout+0x150/0x150 [ 128.112690] ? rcu_read_lock_sched_held+0x3e/0x80 [ 128.113062] schedule+0xda/0x1b0 [ 128.113326] exit_to_user_mode_prepare+0x114/0x1a0 [ 128.113702] syscall_exit_to_user_mode+0x19/0x40 [ 128.114063] do_syscall_64+0x48/0x90 [ 128.114376] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 128.114763] RIP: 0033:0x7fc497eddb19 [ 128.115049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 128.116387] RSP: 002b:00007fc495453218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 128.116956] RAX: 0000000000000001 RBX: 00007fc497ff0f68 RCX: 00007fc497eddb19 [ 128.117485] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc497ff0f6c [ 128.118008] RBP: 00007fc497ff0f60 R08: 000000000000000e R09: 0000000000000000 [ 128.118551] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc497ff0f6c [ 128.119074] R13: 00007ffd9ad9032f R14: 00007fc495453300 R15: 0000000000022000 [ 128.119606] [ 128.119786] irq event stamp: 1142 [ 128.120047] hardirqs last enabled at (1141): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 128.120746] hardirqs last disabled at (1142): [] __schedule+0x1225/0x2470 [ 128.121366] softirqs last enabled at (892): [] __irq_exit_rcu+0x11b/0x180 [ 128.122001] softirqs last disabled at (883): [] __irq_exit_rcu+0x11b/0x180 [ 128.122648] ---[ end trace 0000000000000000 ]--- [ 131.921800] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 132.177826] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 132.177826] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 132.305775] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 132.369796] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 136.145882] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 136.401864] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 136.401864] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 136.465765] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 136.593801] Bluetooth: hci6: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 13:28:39 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b17e1 RDI=ffffffff87645be0 RBP=ffffffff87645ba0 RSP=ffff88802f2c7698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff87645ba0 R14=0000000000000010 R15=ffffffff822b17d0 RIP=ffffffff822b1839 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fc495453700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdcc88cc340 CR3=000000001da00000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fc497fc47c0 00007fc497fc47c8 YMM02=0000000000000000 0000000000000000 00007fc497fc47e0 00007fc497fc47c0 YMM03=0000000000000000 0000000000000000 00007fc497fc47c8 00007fc497fc47c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000203000 RBX=00007f1e683e1461 RCX=0000000000000003 RDX=0000000000000030 RSI=0000000000000003 RDI=000000c0002eae00 RBP=000000c00003bf28 RSP=000000c00003bea8 R8 =00007f1e684fefff R9 =000000c001c48c30 R10=000000c000021e98 R11=0000000000000008 R12=0000000000000059 R13=000000c000000f00 R14=000000c000082240 R15=0000000000000000 RIP=000000000041f870 RFL=00000247 [---Z-PC] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000000c000030790 00000000 00000000 GS =0000 0000000000000000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005602eeb3df20 CR3=0000000015fbe000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 3fd3333333333333 YMM01=0000000000000000 0000000000000000 0000000000000000 3fbaeacdaa658f13 YMM02=0000000000000000 0000000000000000 0000000000000000 41822f9b60000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 3fd3333333333333 YMM05=0000000000000000 0000000000000000 a1e43c3308e5924e 2c3626246c49bfcc YMM06=0000000000000000 0000000000000000 6240202c34783020 2c667830202c3172 YMM07=0000000000000000 0000000000000000 36aac4e8608107f9 bca31e9ea043cfda YMM08=0000000000000000 0000000000000000 af5cfe4d8530ca96 18965ca773671f68 YMM09=0000000000000000 0000000000000000 0000000300000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0c0d0e0f08090a0b 0405060700010203 YMM11=0000000000000000 0000000000000000 726240202c347830 202c667830202c31 YMM12=0000000000000000 0000000000000000 2b89b49666d8481d 3fc7bdce85564d7a YMM13=0000000000000000 0000000000000000 801358c3fceaea8f 56f9b13e97859ec0 YMM14=0000000000000000 0000000000000000 552e1071cd54b250 7f4490dd1e4d1d6c YMM15=0000000000000000 0000000000000000 c4635dbf07a0c135 6bfa70d8502a723f