Warning: Permanently added '[localhost]:13671' (ECDSA) to the list of known hosts. 2022/09/12 18:56:02 fuzzer started 2022/09/12 18:56:03 dialing manager at localhost:38027 syzkaller login: [ 36.509584] cgroup: Unknown subsys name 'net' [ 36.624360] cgroup: Unknown subsys name 'rlimit' 2022/09/12 18:56:17 syscalls: 2215 2022/09/12 18:56:17 code coverage: enabled 2022/09/12 18:56:17 comparison tracing: enabled 2022/09/12 18:56:17 extra coverage: enabled 2022/09/12 18:56:17 setuid sandbox: enabled 2022/09/12 18:56:17 namespace sandbox: enabled 2022/09/12 18:56:17 Android sandbox: enabled 2022/09/12 18:56:17 fault injection: enabled 2022/09/12 18:56:17 leak checking: enabled 2022/09/12 18:56:17 net packet injection: enabled 2022/09/12 18:56:17 net device setup: enabled 2022/09/12 18:56:17 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/12 18:56:17 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/12 18:56:17 USB emulation: enabled 2022/09/12 18:56:17 hci packet injection: enabled 2022/09/12 18:56:17 wifi device emulation: failed to parse kernel version (6.0.0-rc5-next-20220912) 2022/09/12 18:56:17 802.15.4 emulation: enabled 2022/09/12 18:56:17 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/12 18:56:17 fetching corpus: 50, signal 28766/32374 (executing program) 2022/09/12 18:56:17 fetching corpus: 100, signal 43405/48490 (executing program) 2022/09/12 18:56:17 fetching corpus: 150, signal 54667/61156 (executing program) 2022/09/12 18:56:17 fetching corpus: 200, signal 64275/72019 (executing program) 2022/09/12 18:56:17 fetching corpus: 250, signal 68591/77717 (executing program) 2022/09/12 18:56:18 fetching corpus: 300, signal 71971/82445 (executing program) 2022/09/12 18:56:18 fetching corpus: 350, signal 77795/89414 (executing program) 2022/09/12 18:56:18 fetching corpus: 400, signal 82846/95635 (executing program) 2022/09/12 18:56:18 fetching corpus: 450, signal 87368/101242 (executing program) 2022/09/12 18:56:18 fetching corpus: 500, signal 93382/108188 (executing program) 2022/09/12 18:56:18 fetching corpus: 550, signal 99187/114806 (executing program) 2022/09/12 18:56:19 fetching corpus: 600, signal 103966/120424 (executing program) 2022/09/12 18:56:19 fetching corpus: 650, signal 108100/125365 (executing program) 2022/09/12 18:56:19 fetching corpus: 700, signal 111041/129226 (executing program) 2022/09/12 18:56:19 fetching corpus: 750, signal 113615/132692 (executing program) 2022/09/12 18:56:19 fetching corpus: 800, signal 116746/136648 (executing program) 2022/09/12 18:56:19 fetching corpus: 850, signal 120485/141089 (executing program) 2022/09/12 18:56:20 fetching corpus: 900, signal 123186/144610 (executing program) 2022/09/12 18:56:20 fetching corpus: 950, signal 126020/148193 (executing program) 2022/09/12 18:56:20 fetching corpus: 1000, signal 128887/151691 (executing program) 2022/09/12 18:56:20 fetching corpus: 1050, signal 130490/154152 (executing program) 2022/09/12 18:56:20 fetching corpus: 1100, signal 131660/156190 (executing program) 2022/09/12 18:56:20 fetching corpus: 1150, signal 133481/158776 (executing program) 2022/09/12 18:56:20 fetching corpus: 1200, signal 134820/160897 (executing program) 2022/09/12 18:56:20 fetching corpus: 1250, signal 136576/163430 (executing program) 2022/09/12 18:56:21 fetching corpus: 1300, signal 138748/166269 (executing program) 2022/09/12 18:56:21 fetching corpus: 1350, signal 140968/169055 (executing program) 2022/09/12 18:56:21 fetching corpus: 1400, signal 142485/171288 (executing program) 2022/09/12 18:56:21 fetching corpus: 1450, signal 144684/173996 (executing program) 2022/09/12 18:56:21 fetching corpus: 1500, signal 146329/176249 (executing program) 2022/09/12 18:56:21 fetching corpus: 1550, signal 148611/179050 (executing program) 2022/09/12 18:56:21 fetching corpus: 1600, signal 150085/181122 (executing program) 2022/09/12 18:56:22 fetching corpus: 1650, signal 151559/183182 (executing program) 2022/09/12 18:56:22 fetching corpus: 1700, signal 153209/185357 (executing program) 2022/09/12 18:56:22 fetching corpus: 1750, signal 155294/187860 (executing program) 2022/09/12 18:56:22 fetching corpus: 1800, signal 157219/190139 (executing program) 2022/09/12 18:56:22 fetching corpus: 1850, signal 158585/192006 (executing program) 2022/09/12 18:56:22 fetching corpus: 1900, signal 161099/194743 (executing program) 2022/09/12 18:56:23 fetching corpus: 1950, signal 162804/196821 (executing program) 2022/09/12 18:56:23 fetching corpus: 2000, signal 164252/198698 (executing program) 2022/09/12 18:56:23 fetching corpus: 2050, signal 165670/200533 (executing program) 2022/09/12 18:56:23 fetching corpus: 2100, signal 167418/202562 (executing program) 2022/09/12 18:56:23 fetching corpus: 2150, signal 168644/204146 (executing program) 2022/09/12 18:56:23 fetching corpus: 2200, signal 170437/206232 (executing program) 2022/09/12 18:56:23 fetching corpus: 2250, signal 171450/207696 (executing program) 2022/09/12 18:56:23 fetching corpus: 2300, signal 172744/209357 (executing program) 2022/09/12 18:56:24 fetching corpus: 2350, signal 175437/211934 (executing program) 2022/09/12 18:56:24 fetching corpus: 2400, signal 176824/213596 (executing program) 2022/09/12 18:56:24 fetching corpus: 2450, signal 178995/215787 (executing program) 2022/09/12 18:56:24 fetching corpus: 2500, signal 180017/217219 (executing program) 2022/09/12 18:56:24 fetching corpus: 2550, signal 181955/219196 (executing program) 2022/09/12 18:56:24 fetching corpus: 2600, signal 182774/220427 (executing program) 2022/09/12 18:56:24 fetching corpus: 2650, signal 183607/221654 (executing program) 2022/09/12 18:56:24 fetching corpus: 2700, signal 184564/222969 (executing program) 2022/09/12 18:56:25 fetching corpus: 2750, signal 185303/224162 (executing program) 2022/09/12 18:56:25 fetching corpus: 2800, signal 186762/225669 (executing program) 2022/09/12 18:56:25 fetching corpus: 2850, signal 187859/226987 (executing program) 2022/09/12 18:56:25 fetching corpus: 2900, signal 189065/228437 (executing program) 2022/09/12 18:56:25 fetching corpus: 2950, signal 189989/229654 (executing program) 2022/09/12 18:56:25 fetching corpus: 3000, signal 191083/230960 (executing program) 2022/09/12 18:56:25 fetching corpus: 3050, signal 192126/232306 (executing program) 2022/09/12 18:56:26 fetching corpus: 3100, signal 193693/233819 (executing program) 2022/09/12 18:56:26 fetching corpus: 3150, signal 194918/235072 (executing program) 2022/09/12 18:56:26 fetching corpus: 3200, signal 195824/236130 (executing program) 2022/09/12 18:56:26 fetching corpus: 3250, signal 197298/237535 (executing program) 2022/09/12 18:56:26 fetching corpus: 3300, signal 198145/238589 (executing program) 2022/09/12 18:56:26 fetching corpus: 3350, signal 198955/239629 (executing program) 2022/09/12 18:56:26 fetching corpus: 3400, signal 199871/240708 (executing program) 2022/09/12 18:56:27 fetching corpus: 3450, signal 200808/241768 (executing program) 2022/09/12 18:56:27 fetching corpus: 3500, signal 201938/242964 (executing program) 2022/09/12 18:56:27 fetching corpus: 3550, signal 202537/243827 (executing program) 2022/09/12 18:56:27 fetching corpus: 3600, signal 203497/244863 (executing program) 2022/09/12 18:56:27 fetching corpus: 3650, signal 204294/245832 (executing program) 2022/09/12 18:56:27 fetching corpus: 3700, signal 204943/246749 (executing program) 2022/09/12 18:56:27 fetching corpus: 3750, signal 205590/247616 (executing program) 2022/09/12 18:56:28 fetching corpus: 3800, signal 206403/248557 (executing program) 2022/09/12 18:56:28 fetching corpus: 3850, signal 207206/249472 (executing program) 2022/09/12 18:56:28 fetching corpus: 3900, signal 208114/250455 (executing program) 2022/09/12 18:56:28 fetching corpus: 3950, signal 208853/251315 (executing program) 2022/09/12 18:56:28 fetching corpus: 4000, signal 209960/252337 (executing program) 2022/09/12 18:56:28 fetching corpus: 4050, signal 210728/253196 (executing program) 2022/09/12 18:56:28 fetching corpus: 4100, signal 211414/253993 (executing program) 2022/09/12 18:56:29 fetching corpus: 4150, signal 212458/254881 (executing program) 2022/09/12 18:56:29 fetching corpus: 4200, signal 213307/255704 (executing program) 2022/09/12 18:56:29 fetching corpus: 4250, signal 214008/256486 (executing program) 2022/09/12 18:56:29 fetching corpus: 4300, signal 214445/257137 (executing program) 2022/09/12 18:56:29 fetching corpus: 4350, signal 215186/257898 (executing program) 2022/09/12 18:56:29 fetching corpus: 4400, signal 215848/258597 (executing program) 2022/09/12 18:56:29 fetching corpus: 4450, signal 216404/259305 (executing program) 2022/09/12 18:56:29 fetching corpus: 4500, signal 216946/260023 (executing program) 2022/09/12 18:56:30 fetching corpus: 4550, signal 217919/260836 (executing program) 2022/09/12 18:56:30 fetching corpus: 4600, signal 218761/261619 (executing program) 2022/09/12 18:56:30 fetching corpus: 4650, signal 219241/262233 (executing program) 2022/09/12 18:56:30 fetching corpus: 4700, signal 219972/262903 (executing program) 2022/09/12 18:56:30 fetching corpus: 4750, signal 220788/263592 (executing program) 2022/09/12 18:56:30 fetching corpus: 4800, signal 221764/264377 (executing program) 2022/09/12 18:56:31 fetching corpus: 4850, signal 222281/264944 (executing program) 2022/09/12 18:56:31 fetching corpus: 4900, signal 223299/265644 (executing program) 2022/09/12 18:56:31 fetching corpus: 4950, signal 223957/266222 (executing program) 2022/09/12 18:56:31 fetching corpus: 5000, signal 224409/266776 (executing program) 2022/09/12 18:56:31 fetching corpus: 5050, signal 225110/267397 (executing program) 2022/09/12 18:56:31 fetching corpus: 5100, signal 225928/268030 (executing program) 2022/09/12 18:56:32 fetching corpus: 5150, signal 226440/268542 (executing program) 2022/09/12 18:56:32 fetching corpus: 5200, signal 227318/269141 (executing program) 2022/09/12 18:56:32 fetching corpus: 5250, signal 228360/269877 (executing program) 2022/09/12 18:56:32 fetching corpus: 5300, signal 228949/270430 (executing program) 2022/09/12 18:56:32 fetching corpus: 5350, signal 229527/270930 (executing program) 2022/09/12 18:56:32 fetching corpus: 5400, signal 230031/271431 (executing program) 2022/09/12 18:56:32 fetching corpus: 5450, signal 230696/271996 (executing program) 2022/09/12 18:56:33 fetching corpus: 5500, signal 231269/272551 (executing program) 2022/09/12 18:56:33 fetching corpus: 5550, signal 231738/272988 (executing program) 2022/09/12 18:56:33 fetching corpus: 5600, signal 232299/273500 (executing program) 2022/09/12 18:56:33 fetching corpus: 5650, signal 233116/274010 (executing program) 2022/09/12 18:56:33 fetching corpus: 5700, signal 233802/274529 (executing program) 2022/09/12 18:56:33 fetching corpus: 5750, signal 234336/275047 (executing program) 2022/09/12 18:56:33 fetching corpus: 5800, signal 234805/275525 (executing program) 2022/09/12 18:56:33 fetching corpus: 5850, signal 235543/275986 (executing program) 2022/09/12 18:56:34 fetching corpus: 5900, signal 236331/276422 (executing program) 2022/09/12 18:56:34 fetching corpus: 5950, signal 236893/276807 (executing program) 2022/09/12 18:56:34 fetching corpus: 6000, signal 237320/277208 (executing program) 2022/09/12 18:56:34 fetching corpus: 6050, signal 237850/277618 (executing program) 2022/09/12 18:56:34 fetching corpus: 6100, signal 238297/278003 (executing program) 2022/09/12 18:56:34 fetching corpus: 6150, signal 238764/278363 (executing program) 2022/09/12 18:56:34 fetching corpus: 6200, signal 239484/278747 (executing program) 2022/09/12 18:56:35 fetching corpus: 6250, signal 239795/279123 (executing program) 2022/09/12 18:56:35 fetching corpus: 6300, signal 240125/279462 (executing program) 2022/09/12 18:56:35 fetching corpus: 6350, signal 240569/279820 (executing program) 2022/09/12 18:56:35 fetching corpus: 6400, signal 241391/280252 (executing program) 2022/09/12 18:56:35 fetching corpus: 6450, signal 242053/280598 (executing program) 2022/09/12 18:56:35 fetching corpus: 6500, signal 242427/280938 (executing program) 2022/09/12 18:56:35 fetching corpus: 6550, signal 242903/281257 (executing program) 2022/09/12 18:56:36 fetching corpus: 6600, signal 243428/281565 (executing program) 2022/09/12 18:56:36 fetching corpus: 6650, signal 243832/281866 (executing program) 2022/09/12 18:56:36 fetching corpus: 6700, signal 244118/282173 (executing program) 2022/09/12 18:56:36 fetching corpus: 6750, signal 244666/282539 (executing program) 2022/09/12 18:56:36 fetching corpus: 6800, signal 245134/282818 (executing program) 2022/09/12 18:56:36 fetching corpus: 6850, signal 245429/283153 (executing program) 2022/09/12 18:56:36 fetching corpus: 6900, signal 245972/283197 (executing program) 2022/09/12 18:56:36 fetching corpus: 6950, signal 246451/283278 (executing program) 2022/09/12 18:56:37 fetching corpus: 7000, signal 246902/283286 (executing program) 2022/09/12 18:56:37 fetching corpus: 7050, signal 247535/283287 (executing program) 2022/09/12 18:56:37 fetching corpus: 7100, signal 248212/283314 (executing program) 2022/09/12 18:56:37 fetching corpus: 7150, signal 248884/283330 (executing program) 2022/09/12 18:56:37 fetching corpus: 7200, signal 249504/283361 (executing program) 2022/09/12 18:56:37 fetching corpus: 7250, signal 250036/283367 (executing program) 2022/09/12 18:56:37 fetching corpus: 7300, signal 250810/283370 (executing program) 2022/09/12 18:56:38 fetching corpus: 7350, signal 251365/283391 (executing program) 2022/09/12 18:56:38 fetching corpus: 7400, signal 251719/283413 (executing program) 2022/09/12 18:56:38 fetching corpus: 7450, signal 252560/283427 (executing program) 2022/09/12 18:56:38 fetching corpus: 7500, signal 252912/283441 (executing program) 2022/09/12 18:56:38 fetching corpus: 7550, signal 254045/283624 (executing program) 2022/09/12 18:56:38 fetching corpus: 7600, signal 254543/283640 (executing program) 2022/09/12 18:56:38 fetching corpus: 7650, signal 254887/283669 (executing program) 2022/09/12 18:56:38 fetching corpus: 7700, signal 255443/283678 (executing program) 2022/09/12 18:56:39 fetching corpus: 7750, signal 255799/283678 (executing program) 2022/09/12 18:56:39 fetching corpus: 7800, signal 256146/283680 (executing program) 2022/09/12 18:56:39 fetching corpus: 7850, signal 256605/283688 (executing program) 2022/09/12 18:56:39 fetching corpus: 7900, signal 257802/283745 (executing program) 2022/09/12 18:56:39 fetching corpus: 7950, signal 258272/283759 (executing program) 2022/09/12 18:56:39 fetching corpus: 8000, signal 258840/283767 (executing program) 2022/09/12 18:56:39 fetching corpus: 8050, signal 259404/283771 (executing program) 2022/09/12 18:56:40 fetching corpus: 8100, signal 259829/283777 (executing program) 2022/09/12 18:56:40 fetching corpus: 8150, signal 260365/283781 (executing program) 2022/09/12 18:56:40 fetching corpus: 8200, signal 260874/283786 (executing program) 2022/09/12 18:56:40 fetching corpus: 8250, signal 261205/283787 (executing program) 2022/09/12 18:56:40 fetching corpus: 8300, signal 261484/283807 (executing program) 2022/09/12 18:56:40 fetching corpus: 8350, signal 261851/283842 (executing program) 2022/09/12 18:56:40 fetching corpus: 8400, signal 262361/283849 (executing program) 2022/09/12 18:56:40 fetching corpus: 8450, signal 262636/283872 (executing program) 2022/09/12 18:56:41 fetching corpus: 8500, signal 263288/283876 (executing program) 2022/09/12 18:56:41 fetching corpus: 8550, signal 263740/283929 (executing program) 2022/09/12 18:56:41 fetching corpus: 8600, signal 264219/283934 (executing program) 2022/09/12 18:56:41 fetching corpus: 8650, signal 264586/283965 (executing program) 2022/09/12 18:56:41 fetching corpus: 8700, signal 265082/283977 (executing program) 2022/09/12 18:56:41 fetching corpus: 8750, signal 265488/283991 (executing program) 2022/09/12 18:56:41 fetching corpus: 8800, signal 265791/284003 (executing program) 2022/09/12 18:56:41 fetching corpus: 8850, signal 266103/284003 (executing program) 2022/09/12 18:56:42 fetching corpus: 8900, signal 266537/284011 (executing program) 2022/09/12 18:56:42 fetching corpus: 8950, signal 267138/284012 (executing program) 2022/09/12 18:56:42 fetching corpus: 9000, signal 267695/284015 (executing program) 2022/09/12 18:56:42 fetching corpus: 9050, signal 267989/284053 (executing program) 2022/09/12 18:56:42 fetching corpus: 9100, signal 268352/284056 (executing program) 2022/09/12 18:56:42 fetching corpus: 9150, signal 268766/284084 (executing program) 2022/09/12 18:56:43 fetching corpus: 9200, signal 269119/284089 (executing program) 2022/09/12 18:56:43 fetching corpus: 9250, signal 269536/284091 (executing program) 2022/09/12 18:56:43 fetching corpus: 9300, signal 269917/284143 (executing program) 2022/09/12 18:56:43 fetching corpus: 9350, signal 270496/284164 (executing program) 2022/09/12 18:56:43 fetching corpus: 9400, signal 270938/284188 (executing program) 2022/09/12 18:56:43 fetching corpus: 9450, signal 271517/284190 (executing program) 2022/09/12 18:56:43 fetching corpus: 9500, signal 271791/284212 (executing program) 2022/09/12 18:56:43 fetching corpus: 9550, signal 272147/284225 (executing program) 2022/09/12 18:56:44 fetching corpus: 9600, signal 272509/284229 (executing program) 2022/09/12 18:56:44 fetching corpus: 9650, signal 272975/284234 (executing program) 2022/09/12 18:56:44 fetching corpus: 9696, signal 273249/284241 (executing program) 2022/09/12 18:56:44 fetching corpus: 9696, signal 273249/284241 (executing program) 2022/09/12 18:56:46 starting 8 fuzzer processes 18:56:46 executing program 0: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/handlers\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000140)=[{&(0x7f00000017c0)=""/4096, 0x1000}], 0x1, 0x417, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) close(r1) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)={0x13, 0x65, 0xffff, 0x6, 0x6, '9P2000'}, 0x13) io_setup(0x5, &(0x7f00000003c0)=0x0) r3 = socket$inet6(0xa, 0x2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e24, @local}, {0x2, 0x4e21, @remote}, {0x2, 0x4e28, @multicast2}, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb52, 0x4}) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000080)={0x0, {0x2, 0x4e20, @local}, {0x2, 0x4e23, @local}, {0x2, 0x4e20, @broadcast}, 0x186, 0x0, 0x0, 0x0, 0x100, 0x0, 0x80000000, 0x9, 0xfffe}) setsockopt$inet6_int(r3, 0x29, 0xd1, &(0x7f0000000000)=0x5e, 0xfffffffffffffe2e) sendto(r4, &(0x7f0000000280)="ee3bc48c71ffa43c048897aef8d277337f04332ffb70654305187a1a01f94cf6a3218494667c7b5693e61b624e4a6a2de76244610545c7daa91f32b2550409e9e430359ba094da74e03f64690a8cb3ac93f1e81a26c00a8796b42d46a77d17267a923f700d2c4f69bae83624692d7cd3f5c8df9cf0cfa2873de584b66c4840b22c2365d9208c98d91c668a2862d689d0cb8cb39e", 0x94, 0xc010, &(0x7f0000000340)=@caif=@rfm={0x25, 0x5, "01770911920fa6b0cf9a6f6b2b34fce1"}, 0x80) ioctl$FICLONE(r3, 0x40049409, r4) setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000000400)=0xfffffff8, 0x4) r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) io_cancel(r2, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x8, 0x1, r3, &(0x7f0000000040)="ddbd67ed99e3adaebcfce31cdfefd8aa2bd036e9da9befc85953675f2755440408d1ce5ae2dce9c86a0ef3ecfc39f81e455511fd12ffda6622d37f01e08a89eeee8c7e04bd024feb85f4311aa508d291c0318c49c38586cf774ac595fb83506273982d3d208992c247884c7f1ae1cdbd1018a1871aaf40177b1469101c2e30eb1928eef8e957c55f955fd40c8672dd19109f4acb6a490d4f7e44be394951a2d411f52574165272f568e31e6405661ab4f9b0c73eadee42a615390e4d294c054cca1c6a4839cad3ce638b53330d933603b78c28032c640196a076b2", 0xdb, 0x101, 0x0, 0x1, r5}, &(0x7f00000001c0)) r6 = socket$inet_tcp(0x2, 0x1, 0x0) fsetxattr(r6, &(0x7f00000002c0)=@known='security.selinux\x00', &(0x7f0000000000)='\xf4\xf2\xc5\xa1\xe3\xad\x19\xdcE\xc5\xcc6\x19\xabw\xbcE\xf4\x11\xf5\xb4\xb2\xd2\xb1\xcd\xd6\xa9\xea\xba\x90\x8e=\xec0%9*=Gw\x92t\x1b\xa2\xdd\xe6?\"I\x039o\xc2\xc3j\xe7\xc2s\xef}\xbe\xf8L c\x85v\x7fg\xbe\xf3\xb8\xce', 0x49, 0x0) io_cancel(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x3, 0x9, r6, &(0x7f0000000180)="4a3d565607804ea56b6df1401bf2c9ec05912fd74e9b6aba9764e29e726b782f686949f044ae5187accdf8622ff50723a8e28958eabe391447bec75451d476e57594c1a9731fceeaac5cbf827be3ca8b6ab1d215040ba28bb26edfb943db45e457008786e0474f91c94ab754b0e09d07c5a3fb2619e2dcf085d7b078afba53e749e4e09716059851eead4661c5b4e7ed44096df252e7f8521d7a5fd77008c2f8c08cf76fa282db9ecf08dd614d19f802d00a1b85f7feb3bf8ae800d9958c1ca6e7af75d2fffe8f93eecf050008c1e9c9f62058180dc6a6338620f92e70003dbdff389af97fdd415c3aae579f84a110e9a1b1aa4f54", 0xf5, 0x92, 0x0, 0x4, r0}, &(0x7f0000000280)) 18:56:46 executing program 3: ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x2}) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001a000102"], 0x28}}, 0x0) recvmmsg(r0, &(0x7f0000003980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 18:56:46 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_setup(0x9, &(0x7f0000000140)=0x0) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0) r2 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0xb) dup2(r3, r2) io_submit(r0, 0x1, &(0x7f00000005c0)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00000001c0)=')', 0x1}]) syz_open_procfs(0x0, &(0x7f0000000100)='net/dev\x00') ioctl$HIDIOCGVERSION(r1, 0x80044801, &(0x7f0000000180)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file1\x00'}) dup(r5) write$cgroup_subtree(r4, &(0x7f0000000200)={[{0x2b, 'freezer'}, {0x2b, 'cpuacct'}, {0x77, 'net'}, {0x2b, 'memory'}, {0x0, 'freezer'}, {0x2d, 'rdma'}, {0x2d, 'hugetlb'}, {0x2d, 'net'}, {0x2b, 'pids'}, {0x2b, 'perf_event'}]}, 0x4e) 18:56:46 executing program 2: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000300)='numa_maps\x00') pread64(r0, 0x0, 0x0, 0x0) [ 79.920358] audit: type=1400 audit(1663009006.574:6): avc: denied { execmem } for pid=282 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 18:56:46 executing program 4: mlock2(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x0) mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000fef000/0x4000)=nil) 18:56:46 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_buf(r0, 0x29, 0x4b, 0x0, &(0x7f0000000600)) 18:56:46 executing program 7: ioctl$CDROMREADMODE1(0xffffffffffffffff, 0x530d, 0x0) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x3, @perf_bp={&(0x7f0000000240), 0x4}, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000300)=0x0) r2 = clone3(&(0x7f0000000440)={0x80000800, &(0x7f0000000000), 0x0, &(0x7f0000000100)=0x0, {0x37}, &(0x7f0000000180)=""/79, 0x4f, &(0x7f0000004c80)=""/102400, &(0x7f0000000380)=[r1, 0x0, r1], 0x3}, 0x58) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) ioctl$FAT_IOCTL_GET_VOLUME_ID(r4, 0x80047213, &(0x7f00000004c0)) r5 = epoll_create(0x4) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r0, &(0x7f0000000200)={0x30000004}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) epoll_pwait(0xffffffffffffffff, &(0x7f0000000340)=[{}, {}], 0x2, 0x7, &(0x7f0000000500)={[0x103]}, 0x8) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560c, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000880)=ANY=[@ANYBLOB="b80200003d0000022bbd7000fbdbdf25ce6ada373823eb97372cfcdd7e60c2179c0e1c65d65dcf26bec0b614c53e42b0df478c893afad537a5a06e602dc4649d9827aa10ef36c8ac2bf9f6b1e5800352e7b03ab9f6000c356c9ca85dbf854d31a79f224c72d0f80b3e9b70ccb546fa48d96e7177e7e51b57f308d30cd56ac6ed9e7d56c386961f642e642bb1b20e0f9c44d1e93bcbececed68cc189712211f658754e8fa2655df7da2bfcb498913128ec6dead565c41d60e4e2c4d8a156b194dfb8ca78e45de1a848b84a68a8fe7bd2bf5988a37afc822884c8a7555d18c376144f735631e8b78db20e6c53dd83dd7e8758aef6f07b2a760f8d68a287df1b70757c5e33c313fe5ae9c8bf0bcdc02f60be2b2221d4c981ea7a2505218c466db6efa333ec5e6555025e4fb8a8b2cb0b251d9347d7cf96f73af41c65c12d946814c68ca1fe5ea53eacb4f92d7a91c026b9be5a281ce54ca0f822024d506c5f11f3490f2a8d73f55a1d59cb9a8e9419d73cbf11eb4fbf48ca2dc6c36a5e28d02026f39bb53db7ab46a5008007c00", @ANYRES32=r2, @ANYBLOB="abec77abbd16a69fa2cf5628e04552285217787a0908a32749ad37af1f072c51d2087b06e4bb265a14a11e552f9595ccf9f42339c12ab921490a99b22c24d47aeab3050d2274097f737e27963e030585ac5f614f9e421ede1cd2bc48cda779e7cec75c1c64ad6753f3a056a8ef5f465370f22167d56c2e6fcf6b74ab873832410f65b29ec554b375be08fd0027c2994b3a476b2f8d031c91da556d12b951ce2a2e2a583821eb0e24bb5877f3f91483a4c6e7b10e7dcf54796943a54cdd22d3581fe9d1d52fcc576db3de3f0e6c527e53fd7bc0854fbad8a14eeedbb9b442b7a2aa7856c1d48f8baa33908b811b23cb7e9b43b469fdfd14001d00fe8000000000000000000000000000aa14000e00ff02000000000000000000000000000100"/296], 0x2b8}], 0x1}, 0x4) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1c5042, 0x0) write(r6, &(0x7f0000000180)='E', 0x1) kcmp$KCMP_EPOLL_TFD(0x0, r3, 0x7, 0xffffffffffffffff, &(0x7f0000000580)={r6, 0xffffffffffffffff, 0x1}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000004c00)={0xc0002100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$TIOCEXCL(0xffffffffffffffff, 0x540c) 18:56:46 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000080)) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000001c0)={0x0, 0x7, 0x7}) [ 81.139522] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 81.141506] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 81.143246] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 81.146092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 81.148211] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 81.149709] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.153331] Bluetooth: hci0: HCI_REQ-0x0c1a [ 81.176200] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 81.180157] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 81.181266] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 81.182477] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.183908] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 81.184148] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.186146] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.186147] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 81.191871] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 81.201270] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.203857] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 81.205062] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.207145] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 81.207578] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 81.208817] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.210713] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 81.210725] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 81.215846] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.219179] Bluetooth: hci2: HCI_REQ-0x0c1a [ 81.235443] Bluetooth: hci3: HCI_REQ-0x0c1a [ 81.269702] Bluetooth: hci1: HCI_REQ-0x0c1a [ 81.308063] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 81.313415] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 81.315163] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 81.318925] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 81.334295] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 81.334959] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 81.335882] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 81.336879] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 81.337478] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 81.341296] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 81.343331] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 81.343344] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 81.344130] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 81.346188] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 81.347374] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 81.348455] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 81.349546] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 81.358004] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 81.358603] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 81.359970] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 81.362040] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 81.376309] Bluetooth: hci6: HCI_REQ-0x0c1a [ 81.378420] Bluetooth: hci4: HCI_REQ-0x0c1a [ 81.384686] Bluetooth: hci5: HCI_REQ-0x0c1a [ 81.399033] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 81.405855] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 81.410875] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 81.431254] Bluetooth: hci7: HCI_REQ-0x0c1a [ 83.215123] Bluetooth: hci0: command 0x0409 tx timeout [ 83.278794] Bluetooth: hci1: command 0x0409 tx timeout [ 83.279214] Bluetooth: hci2: command 0x0409 tx timeout [ 83.279255] Bluetooth: hci3: command 0x0409 tx timeout [ 83.406868] Bluetooth: hci6: command 0x0409 tx timeout [ 83.407304] Bluetooth: hci5: command 0x0409 tx timeout [ 83.408228] Bluetooth: hci4: command 0x0409 tx timeout [ 83.470719] Bluetooth: hci7: command 0x0409 tx timeout [ 85.262750] Bluetooth: hci0: command 0x041b tx timeout [ 85.326873] Bluetooth: hci2: command 0x041b tx timeout [ 85.327717] Bluetooth: hci3: command 0x041b tx timeout [ 85.327800] Bluetooth: hci1: command 0x041b tx timeout [ 85.454750] Bluetooth: hci4: command 0x041b tx timeout [ 85.455798] Bluetooth: hci5: command 0x041b tx timeout [ 85.456238] Bluetooth: hci6: command 0x041b tx timeout [ 85.518875] Bluetooth: hci7: command 0x041b tx timeout [ 87.310887] Bluetooth: hci0: command 0x040f tx timeout [ 87.374843] Bluetooth: hci3: command 0x040f tx timeout [ 87.375622] Bluetooth: hci2: command 0x040f tx timeout [ 87.375753] Bluetooth: hci1: command 0x040f tx timeout [ 87.503753] Bluetooth: hci6: command 0x040f tx timeout [ 87.504291] Bluetooth: hci5: command 0x040f tx timeout [ 87.504766] Bluetooth: hci4: command 0x040f tx timeout [ 87.567695] Bluetooth: hci7: command 0x040f tx timeout [ 89.358732] Bluetooth: hci0: command 0x0419 tx timeout [ 89.422891] Bluetooth: hci1: command 0x0419 tx timeout [ 89.423829] Bluetooth: hci2: command 0x0419 tx timeout [ 89.424625] Bluetooth: hci3: command 0x0419 tx timeout [ 89.550757] Bluetooth: hci4: command 0x0419 tx timeout [ 89.552877] Bluetooth: hci5: command 0x0419 tx timeout [ 89.553778] Bluetooth: hci6: command 0x0419 tx timeout [ 89.615543] Bluetooth: hci7: command 0x0419 tx timeout [ 139.436300] audit: type=1400 audit(1663009066.090:7): avc: denied { open } for pid=3818 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 139.437998] audit: type=1400 audit(1663009066.090:8): avc: denied { kernel } for pid=3818 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 139.458332] ------------[ cut here ]------------ [ 139.458351] [ 139.458354] ====================================================== [ 139.458357] WARNING: possible circular locking dependency detected [ 139.458362] 6.0.0-rc5-next-20220912 #1 Not tainted [ 139.458368] ------------------------------------------------------ [ 139.458372] syz-executor.0/3819 is trying to acquire lock: [ 139.458378] ffffffff853fa878 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 139.458417] [ 139.458417] but task is already holding lock: [ 139.458420] ffff88800dfa7c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 139.458448] [ 139.458448] which lock already depends on the new lock. [ 139.458448] [ 139.458451] [ 139.458451] the existing dependency chain (in reverse order) is: [ 139.458454] [ 139.458454] -> #3 (&ctx->lock){....}-{2:2}: [ 139.458468] _raw_spin_lock+0x2a/0x40 [ 139.458485] __perf_event_task_sched_out+0x53b/0x18d0 [ 139.458498] __schedule+0xedd/0x2470 [ 139.458507] schedule+0xda/0x1b0 [ 139.458516] exit_to_user_mode_prepare+0x114/0x1a0 [ 139.458538] syscall_exit_to_user_mode+0x19/0x40 [ 139.458556] do_syscall_64+0x48/0x90 [ 139.458569] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.458587] [ 139.458587] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 139.458601] _raw_spin_lock_nested+0x30/0x40 [ 139.458615] raw_spin_rq_lock_nested+0x1e/0x30 [ 139.458629] task_fork_fair+0x63/0x4d0 [ 139.458647] sched_cgroup_fork+0x3d0/0x540 [ 139.458661] copy_process+0x3f9e/0x6df0 [ 139.458672] kernel_clone+0xe7/0x890 [ 139.458682] user_mode_thread+0xad/0xf0 [ 139.458692] rest_init+0x24/0x250 [ 139.458708] arch_call_rest_init+0xf/0x14 [ 139.458728] start_kernel+0x4c1/0x4e6 [ 139.458745] secondary_startup_64_no_verify+0xe0/0xeb [ 139.458760] [ 139.458760] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 139.458774] _raw_spin_lock_irqsave+0x39/0x60 [ 139.458788] try_to_wake_up+0xab/0x1920 [ 139.458802] up+0x75/0xb0 [ 139.458813] __up_console_sem+0x6e/0x80 [ 139.458830] console_unlock+0x46a/0x590 [ 139.458847] vt_ioctl+0x2822/0x2ca0 [ 139.458859] tty_ioctl+0x7c4/0x1700 [ 139.458871] __x64_sys_ioctl+0x19a/0x210 [ 139.458886] do_syscall_64+0x3b/0x90 [ 139.458899] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.458916] [ 139.458916] -> #0 ((console_sem).lock){....}-{2:2}: [ 139.458930] __lock_acquire+0x2a02/0x5e70 [ 139.458947] lock_acquire+0x1a2/0x530 [ 139.458963] _raw_spin_lock_irqsave+0x39/0x60 [ 139.458978] down_trylock+0xe/0x70 [ 139.458990] __down_trylock_console_sem+0x3b/0xd0 [ 139.459006] vprintk_emit+0x16b/0x560 [ 139.459024] vprintk+0x84/0xa0 [ 139.459040] _printk+0xba/0xf1 [ 139.459058] report_bug.cold+0x72/0xab [ 139.459070] handle_bug+0x3c/0x70 [ 139.459083] exc_invalid_op+0x14/0x50 [ 139.459096] asm_exc_invalid_op+0x16/0x20 [ 139.459112] group_sched_out.part.0+0x2c7/0x460 [ 139.459123] ctx_sched_out+0x8f1/0xc10 [ 139.459132] __perf_event_task_sched_out+0x6d0/0x18d0 [ 139.459145] __schedule+0xedd/0x2470 [ 139.459154] schedule+0xda/0x1b0 [ 139.459163] exit_to_user_mode_prepare+0x114/0x1a0 [ 139.459182] syscall_exit_to_user_mode+0x19/0x40 [ 139.459199] do_syscall_64+0x48/0x90 [ 139.459212] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.459228] [ 139.459228] other info that might help us debug this: [ 139.459228] [ 139.459231] Chain exists of: [ 139.459231] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 139.459231] [ 139.459246] Possible unsafe locking scenario: [ 139.459246] [ 139.459249] CPU0 CPU1 [ 139.459251] ---- ---- [ 139.459253] lock(&ctx->lock); [ 139.459259] lock(&rq->__lock); [ 139.459266] lock(&ctx->lock); [ 139.459272] lock((console_sem).lock); [ 139.459277] [ 139.459277] *** DEADLOCK *** [ 139.459277] [ 139.459279] 2 locks held by syz-executor.0/3819: [ 139.459286] #0: ffff88806cf37cd8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 139.459311] #1: ffff88800dfa7c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 139.459339] [ 139.459339] stack backtrace: [ 139.459342] CPU: 1 PID: 3819 Comm: syz-executor.0 Not tainted 6.0.0-rc5-next-20220912 #1 [ 139.459354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 139.459362] Call Trace: [ 139.459366] [ 139.459370] dump_stack_lvl+0x8b/0xb3 [ 139.459384] check_noncircular+0x263/0x2e0 [ 139.459401] ? format_decode+0x26c/0xb50 [ 139.459416] ? print_circular_bug+0x450/0x450 [ 139.459434] ? enable_ptr_key_workfn+0x20/0x20 [ 139.459450] ? format_decode+0x26c/0xb50 [ 139.459466] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 139.459485] __lock_acquire+0x2a02/0x5e70 [ 139.459509] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 139.459527] ? __mutex_add_waiter+0x120/0x120 [ 139.459547] lock_acquire+0x1a2/0x530 [ 139.459565] ? down_trylock+0xe/0x70 [ 139.459580] ? rcu_read_unlock+0x40/0x40 [ 139.459603] ? vprintk+0x84/0xa0 [ 139.459622] _raw_spin_lock_irqsave+0x39/0x60 [ 139.459637] ? down_trylock+0xe/0x70 [ 139.459651] down_trylock+0xe/0x70 [ 139.459665] ? vprintk+0x84/0xa0 [ 139.459683] __down_trylock_console_sem+0x3b/0xd0 [ 139.459703] vprintk_emit+0x16b/0x560 [ 139.459726] vprintk+0x84/0xa0 [ 139.459744] _printk+0xba/0xf1 [ 139.459762] ? record_print_text.cold+0x16/0x16 [ 139.459785] ? report_bug.cold+0x66/0xab [ 139.459800] ? group_sched_out.part.0+0x2c7/0x460 [ 139.459811] report_bug.cold+0x72/0xab [ 139.459827] handle_bug+0x3c/0x70 [ 139.459841] exc_invalid_op+0x14/0x50 [ 139.459855] asm_exc_invalid_op+0x16/0x20 [ 139.459872] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 139.459885] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 139.459897] RSP: 0018:ffff888015dd7c48 EFLAGS: 00010006 [ 139.459906] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.459914] RDX: ffff888015c58000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 139.459922] RBP: ffff88801b628000 R08: 0000000000000005 R09: 0000000000000001 [ 139.459929] R10: 0000000000000000 R11: ffffffff865aa05b R12: ffff88800dfa7c00 [ 139.459937] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002 [ 139.459950] ? group_sched_out.part.0+0x2c7/0x460 [ 139.459963] ? group_sched_out.part.0+0x2c7/0x460 [ 139.459977] ctx_sched_out+0x8f1/0xc10 [ 139.459990] __perf_event_task_sched_out+0x6d0/0x18d0 [ 139.460007] ? lock_is_held_type+0xd7/0x130 [ 139.460026] ? __perf_cgroup_move+0x160/0x160 [ 139.460038] ? set_next_entity+0x304/0x550 [ 139.460056] ? update_curr+0x267/0x740 [ 139.460076] ? lock_is_held_type+0xd7/0x130 [ 139.460095] __schedule+0xedd/0x2470 [ 139.460109] ? io_schedule_timeout+0x150/0x150 [ 139.460122] ? __x64_sys_futex_time32+0x480/0x480 [ 139.460137] schedule+0xda/0x1b0 [ 139.460148] exit_to_user_mode_prepare+0x114/0x1a0 [ 139.460169] syscall_exit_to_user_mode+0x19/0x40 [ 139.460187] do_syscall_64+0x48/0x90 [ 139.460201] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.460219] RIP: 0033:0x7f3979f8bb19 [ 139.460227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.460238] RSP: 002b:00007f3977501218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 139.460249] RAX: 0000000000000001 RBX: 00007f397a09ef68 RCX: 00007f3979f8bb19 [ 139.460257] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f397a09ef6c [ 139.460264] RBP: 00007f397a09ef60 R08: 000000000000000e R09: 0000000000000000 [ 139.460272] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f397a09ef6c [ 139.460279] R13: 00007ffc05a26aff R14: 00007f3977501300 R15: 0000000000022000 [ 139.460294] [ 139.516034] WARNING: CPU: 1 PID: 3819 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 139.516689] Modules linked in: [ 139.516925] CPU: 1 PID: 3819 Comm: syz-executor.0 Not tainted 6.0.0-rc5-next-20220912 #1 [ 139.517493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 139.518289] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 139.518688] Code: 5e 41 5f e9 3b b7 ef ff e8 36 b7 ef ff 65 8b 1d ab 15 ac 7e 31 ff 89 de e8 d6 b3 ef ff 85 db 0f 84 8a 00 00 00 e8 19 b7 ef ff <0f> 0b e9 a5 fe ff ff e8 0d b7 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 139.519951] RSP: 0018:ffff888015dd7c48 EFLAGS: 00010006 [ 139.520331] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 139.520834] RDX: ffff888015c58000 RSI: ffffffff81566027 RDI: 0000000000000005 [ 139.521335] RBP: ffff88801b628000 R08: 0000000000000005 R09: 0000000000000001 [ 139.521837] R10: 0000000000000000 R11: ffffffff865aa05b R12: ffff88800dfa7c00 [ 139.522355] R13: ffff88806cf3d100 R14: ffffffff8547c7c0 R15: 0000000000000002 [ 139.522868] FS: 00007f3977501700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 139.523436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.523869] CR2: 00007f8344d4f310 CR3: 0000000018544000 CR4: 0000000000350ee0 [ 139.524388] Call Trace: [ 139.524585] [ 139.524768] ctx_sched_out+0x8f1/0xc10 [ 139.525067] __perf_event_task_sched_out+0x6d0/0x18d0 [ 139.525460] ? lock_is_held_type+0xd7/0x130 [ 139.525800] ? __perf_cgroup_move+0x160/0x160 [ 139.526164] ? set_next_entity+0x304/0x550 [ 139.526528] ? update_curr+0x267/0x740 [ 139.526832] ? lock_is_held_type+0xd7/0x130 [ 139.527182] __schedule+0xedd/0x2470 [ 139.527477] ? io_schedule_timeout+0x150/0x150 [ 139.527822] ? __x64_sys_futex_time32+0x480/0x480 [ 139.528188] schedule+0xda/0x1b0 [ 139.528447] exit_to_user_mode_prepare+0x114/0x1a0 [ 139.528822] syscall_exit_to_user_mode+0x19/0x40 [ 139.529177] do_syscall_64+0x48/0x90 [ 139.529521] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 139.529965] RIP: 0033:0x7f3979f8bb19 [ 139.530288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 139.531570] RSP: 002b:00007f3977501218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 139.532113] RAX: 0000000000000001 RBX: 00007f397a09ef68 RCX: 00007f3979f8bb19 [ 139.532630] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f397a09ef6c [ 139.533134] RBP: 00007f397a09ef60 R08: 000000000000000e R09: 0000000000000000 [ 139.533642] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f397a09ef6c [ 139.534161] R13: 00007ffc05a26aff R14: 00007f3977501300 R15: 0000000000022000 [ 139.534679] [ 139.534854] irq event stamp: 646 [ 139.535096] hardirqs last enabled at (645): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 139.535849] hardirqs last disabled at (646): [] __schedule+0x1225/0x2470 [ 139.536537] softirqs last enabled at (426): [] __irq_exit_rcu+0x11b/0x180 [ 139.537371] softirqs last disabled at (359): [] __irq_exit_rcu+0x11b/0x180 [ 139.538138] ---[ end trace 0000000000000000 ]--- [ 139.826239] audit: type=1400 audit(1663009066.479:9): avc: denied { block_suspend } for pid=3842 comm="syz-executor.7" capability=36 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [ 139.842512] SELinux: Context šE6wEұ֩꺐=0%9*=Gwt?"I9ojs}L cvg is not valid (left unmapped). [ 139.843833] audit: type=1400 audit(1663009066.497:10): avc: denied { relabelto } for pid=3818 comm="syz-executor.0" name="TCP" dev="sockfs" ino=13595 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=tcp_socket permissive=1 trawcon=F4F2C5A1E3AD19DC45C5CC3619AB77BC45F411F5B4B2D2B1CDD6A9EABA908E3DEC3025392A3D477792741BA2DDE63F224903396FC2C36AE7C273EF7DBEF84C206385767F67BEF3B8CE [ 139.890650] hrtimer: interrupt took 17863 ns [ 143.259778] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 143.261306] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 143.264238] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 143.266543] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 143.268337] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 143.269882] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 143.273339] Bluetooth: hci7: HCI_REQ-0x0c1a [ 145.102680] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 145.166686] Bluetooth: hci3: Opcode 0x c03 failed: -110 [ 145.166833] Bluetooth: hci4: Opcode 0x c03 failed: -110 [ 145.230737] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 145.294717] Bluetooth: hci7: command 0x0409 tx timeout [ 145.295557] Bluetooth: hci6: Opcode 0x c03 failed: -110 [ 147.342693] Bluetooth: hci7: command 0x041b tx timeout [ 149.390683] Bluetooth: hci7: command 0x040f tx timeout VM DIAGNOSIS: 18:57:46 Registers: info registers vcpu 0 RAX=dffffc0000000000 RBX=ffffea000011a500 RCX=ffffffff8174760b RDX=1ffffd40000234a0 RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffff88801c0cf8b0 R8 =0000000000000000 R9 =ffffea000011a507 R10=fffff940000234a0 R11=0000000000000001 R12=ffffea000011a508 R13=ffff8880094f34e0 R14=0000000000000000 R15=ffffea000011a500 RIP=ffffffff814613b0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f2630235c70 CR3=000000001db68000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0070656474666f73 2e73656c75646f6d YMM01=0000000000000000 0000000000000000 0070656474666f73 2e73656c75646f6d YMM02=0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff YMM03=0000000000000000 0000000000000000 0000000000000000 0000ff00000000ff YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 676f6c206d6f7473 7563000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000065 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822b1e41 RDI=ffffffff8763fae0 RBP=ffffffff8763faa0 RSP=ffff888015dd7698 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000065 R11=0000000000000001 R12=0000000000000065 R13=ffffffff8763faa0 R14=0000000000000010 R15=ffffffff822b1e30 RIP=ffffffff822b1e99 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3977501700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f8344d4f310 CR3=0000000018544000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007f397a0727c0 00007f397a0727c8 YMM02=0000000000000000 0000000000000000 00007f397a0727e0 00007f397a0727c0 YMM03=0000000000000000 0000000000000000 00007f397a0727c8 00007f397a0727c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000