Warning: Permanently added '[localhost]:1446' (ECDSA) to the list of known hosts. 2022/09/28 02:42:07 fuzzer started 2022/09/28 02:42:07 dialing manager at localhost:35827 syzkaller login: [ 44.544081] cgroup: Unknown subsys name 'net' [ 44.639305] cgroup: Unknown subsys name 'rlimit' 2022/09/28 02:42:23 syscalls: 2215 2022/09/28 02:42:23 code coverage: enabled 2022/09/28 02:42:23 comparison tracing: enabled 2022/09/28 02:42:23 extra coverage: enabled 2022/09/28 02:42:23 setuid sandbox: enabled 2022/09/28 02:42:23 namespace sandbox: enabled 2022/09/28 02:42:23 Android sandbox: enabled 2022/09/28 02:42:23 fault injection: enabled 2022/09/28 02:42:23 leak checking: enabled 2022/09/28 02:42:23 net packet injection: enabled 2022/09/28 02:42:23 net device setup: enabled 2022/09/28 02:42:23 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/28 02:42:23 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/28 02:42:23 USB emulation: enabled 2022/09/28 02:42:23 hci packet injection: enabled 2022/09/28 02:42:23 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220927) 2022/09/28 02:42:23 802.15.4 emulation: enabled 2022/09/28 02:42:23 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/28 02:42:23 fetching corpus: 28, signal 15174/18664 (executing program) 2022/09/28 02:42:23 fetching corpus: 69, signal 32237/36633 (executing program) 2022/09/28 02:42:23 fetching corpus: 118, signal 41611/46974 (executing program) 2022/09/28 02:42:23 fetching corpus: 168, signal 49155/55285 (executing program) 2022/09/28 02:42:23 fetching corpus: 218, signal 56120/62888 (executing program) 2022/09/28 02:42:24 fetching corpus: 268, signal 61658/69008 (executing program) 2022/09/28 02:42:24 fetching corpus: 318, signal 68064/75654 (executing program) 2022/09/28 02:42:24 fetching corpus: 368, signal 73255/81035 (executing program) 2022/09/28 02:42:24 fetching corpus: 418, signal 76582/84738 (executing program) 2022/09/28 02:42:24 fetching corpus: 468, signal 79248/87791 (executing program) 2022/09/28 02:42:24 fetching corpus: 518, signal 80413/89514 (executing program) 2022/09/28 02:42:24 fetching corpus: 568, signal 82939/92299 (executing program) 2022/09/28 02:42:24 fetching corpus: 618, signal 86180/95570 (executing program) 2022/09/28 02:42:24 fetching corpus: 668, signal 88500/98068 (executing program) 2022/09/28 02:42:25 fetching corpus: 718, signal 91818/101152 (executing program) 2022/09/28 02:42:25 fetching corpus: 768, signal 94659/103815 (executing program) 2022/09/28 02:42:25 fetching corpus: 818, signal 96800/105881 (executing program) 2022/09/28 02:42:25 fetching corpus: 868, signal 98469/107532 (executing program) 2022/09/28 02:42:25 fetching corpus: 918, signal 99843/108981 (executing program) 2022/09/28 02:42:25 fetching corpus: 968, signal 100881/110184 (executing program) 2022/09/28 02:42:25 fetching corpus: 1018, signal 103940/112618 (executing program) 2022/09/28 02:42:25 fetching corpus: 1068, signal 104743/113509 (executing program) 2022/09/28 02:42:26 fetching corpus: 1118, signal 105995/114647 (executing program) 2022/09/28 02:42:26 fetching corpus: 1168, signal 107337/115812 (executing program) 2022/09/28 02:42:26 fetching corpus: 1218, signal 109250/117289 (executing program) 2022/09/28 02:42:26 fetching corpus: 1268, signal 110388/118262 (executing program) 2022/09/28 02:42:26 fetching corpus: 1318, signal 111816/119350 (executing program) 2022/09/28 02:42:26 fetching corpus: 1368, signal 113891/120741 (executing program) 2022/09/28 02:42:26 fetching corpus: 1418, signal 115747/121977 (executing program) 2022/09/28 02:42:27 fetching corpus: 1468, signal 116676/122646 (executing program) 2022/09/28 02:42:27 fetching corpus: 1518, signal 118463/123785 (executing program) 2022/09/28 02:42:27 fetching corpus: 1568, signal 119597/124488 (executing program) 2022/09/28 02:42:27 fetching corpus: 1618, signal 120522/125093 (executing program) 2022/09/28 02:42:27 fetching corpus: 1668, signal 121751/126004 (executing program) 2022/09/28 02:42:27 fetching corpus: 1718, signal 124667/127409 (executing program) 2022/09/28 02:42:27 fetching corpus: 1728, signal 124852/127596 (executing program) 2022/09/28 02:42:27 fetching corpus: 1728, signal 124852/127660 (executing program) 2022/09/28 02:42:27 fetching corpus: 1728, signal 124852/127731 (executing program) 2022/09/28 02:42:27 fetching corpus: 1728, signal 124852/127811 (executing program) 2022/09/28 02:42:27 fetching corpus: 1728, signal 124852/127890 (executing program) 2022/09/28 02:42:27 fetching corpus: 1728, signal 124852/127962 (executing program) 2022/09/28 02:42:27 fetching corpus: 1728, signal 124852/128040 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128111 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128159 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128234 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128300 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128371 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128442 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128502 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128585 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128657 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128724 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128787 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/128864 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/129003 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/129098 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/129176 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/129248 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/129331 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/129397 (executing program) 2022/09/28 02:42:27 fetching corpus: 1729, signal 124856/129469 (executing program) 2022/09/28 02:42:28 fetching corpus: 1729, signal 124856/129555 (executing program) 2022/09/28 02:42:28 fetching corpus: 1729, signal 124856/129555 (executing program) 2022/09/28 02:42:30 starting 8 fuzzer processes 02:42:30 executing program 0: r0 = epoll_create1(0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)) 02:42:30 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000000)=@ethtool_channels={0x1e}}) 02:42:30 executing program 2: recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000001a80)={0x0, 0x3938700}) getresgid(&(0x7f0000001ac0), &(0x7f0000001b00), &(0x7f0000001b40)) 02:42:30 executing program 3: getpriority(0x1, 0xffffffffffffffff) 02:42:30 executing program 4: perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @remote}, 0x10) connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @multicast1}, 0x10) 02:42:30 executing program 5: r0 = syz_io_uring_setup(0xeb1, &(0x7f0000000200), &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r3, 0x0, &(0x7f0000000140)='./file0\x00'}, 0x0) io_uring_enter(r0, 0x10001b, 0x0, 0x0, 0x0, 0x0) 02:42:30 executing program 7: syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000e80)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, 0x0) [ 66.157319] audit: type=1400 audit(1664332950.333:6): avc: denied { execmem } for pid=289 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:42:30 executing program 6: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect(r0, &(0x7f00000003c0)=@nl=@unspec, 0x80) [ 67.438678] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.441285] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.443236] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.444977] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.450030] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.472803] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.474053] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.475186] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.478878] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.480295] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.482850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.484080] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.485517] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.487158] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.488231] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.493929] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.496576] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 67.497420] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.499182] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.500554] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.500774] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.501885] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.504449] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.504759] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.506921] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.508351] Bluetooth: hci2: HCI_REQ-0x0c1a [ 67.509283] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.509885] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 67.511563] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 67.512731] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.513395] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.515794] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 67.516021] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.517324] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 67.518983] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.522267] Bluetooth: hci0: HCI_REQ-0x0c1a [ 67.533800] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 67.535347] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 67.539295] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 67.539339] Bluetooth: hci4: HCI_REQ-0x0c1a [ 67.541319] Bluetooth: hci1: HCI_REQ-0x0c1a [ 67.542140] Bluetooth: hci3: HCI_REQ-0x0c1a [ 67.551264] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 67.566257] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 67.568263] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 67.574005] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 67.575342] Bluetooth: hci7: HCI_REQ-0x0c1a [ 67.582503] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 67.586963] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 67.589017] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 67.593592] Bluetooth: hci5: HCI_REQ-0x0c1a [ 67.605993] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 67.610552] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 67.613250] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 67.628965] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 67.637032] Bluetooth: hci6: HCI_REQ-0x0c1a [ 69.559250] Bluetooth: hci4: command 0x0409 tx timeout [ 69.559290] Bluetooth: hci1: command 0x0409 tx timeout [ 69.560061] Bluetooth: hci2: command 0x0409 tx timeout [ 69.560987] Bluetooth: hci0: command 0x0409 tx timeout [ 69.622892] Bluetooth: hci5: command 0x0409 tx timeout [ 69.622947] Bluetooth: hci7: command 0x0409 tx timeout [ 69.623966] Bluetooth: hci3: command 0x0409 tx timeout [ 69.686827] Bluetooth: hci6: command 0x0409 tx timeout [ 71.606816] Bluetooth: hci2: command 0x041b tx timeout [ 71.607276] Bluetooth: hci1: command 0x041b tx timeout [ 71.607358] Bluetooth: hci4: command 0x041b tx timeout [ 71.607861] Bluetooth: hci0: command 0x041b tx timeout [ 71.670827] Bluetooth: hci3: command 0x041b tx timeout [ 71.671123] Bluetooth: hci7: command 0x041b tx timeout [ 71.671312] Bluetooth: hci5: command 0x041b tx timeout [ 71.734759] Bluetooth: hci6: command 0x041b tx timeout [ 73.655164] Bluetooth: hci0: command 0x040f tx timeout [ 73.655208] Bluetooth: hci4: command 0x040f tx timeout [ 73.655600] Bluetooth: hci1: command 0x040f tx timeout [ 73.656396] Bluetooth: hci2: command 0x040f tx timeout [ 73.718838] Bluetooth: hci7: command 0x040f tx timeout [ 73.719580] Bluetooth: hci3: command 0x040f tx timeout [ 73.720421] Bluetooth: hci5: command 0x040f tx timeout [ 73.783758] Bluetooth: hci6: command 0x040f tx timeout [ 75.702847] Bluetooth: hci2: command 0x0419 tx timeout [ 75.704494] Bluetooth: hci1: command 0x0419 tx timeout [ 75.705324] Bluetooth: hci4: command 0x0419 tx timeout [ 75.706104] Bluetooth: hci0: command 0x0419 tx timeout [ 75.766812] Bluetooth: hci5: command 0x0419 tx timeout [ 75.767016] Bluetooth: hci3: command 0x0419 tx timeout [ 75.767255] Bluetooth: hci7: command 0x0419 tx timeout [ 75.830794] Bluetooth: hci6: command 0x0419 tx timeout [ 125.780664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.785363] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 125.943125] audit: type=1400 audit(1664333010.120:7): avc: denied { open } for pid=3917 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.947152] audit: type=1400 audit(1664333010.120:8): avc: denied { kernel } for pid=3917 comm="syz-executor.4" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.959629] ------------[ cut here ]------------ [ 125.959663] [ 125.959669] ====================================================== [ 125.959676] WARNING: possible circular locking dependency detected [ 125.959683] 6.0.0-rc7-next-20220927 #1 Not tainted [ 125.959701] ------------------------------------------------------ [ 125.959706] syz-executor.4/3918 is trying to acquire lock: [ 125.959718] ffffffff853faab8 ((console_sem).lock){....}-{2:2}, at: down_trylock+0xe/0x70 [ 125.959786] [ 125.959786] but task is already holding lock: [ 125.959791] ffff888008b43c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 125.959841] [ 125.959841] which lock already depends on the new lock. [ 125.959841] [ 125.959846] [ 125.959846] the existing dependency chain (in reverse order) is: [ 125.959852] [ 125.959852] -> #3 (&ctx->lock){....}-{2:2}: [ 125.959877] _raw_spin_lock+0x2a/0x40 [ 125.959900] __perf_event_task_sched_out+0x53b/0x18d0 [ 125.959924] __schedule+0xedd/0x2470 [ 125.959952] schedule+0xda/0x1b0 [ 125.959980] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.960001] syscall_exit_to_user_mode+0x19/0x40 [ 125.960027] do_syscall_64+0x48/0x90 [ 125.960046] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.960072] [ 125.960072] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 125.960097] _raw_spin_lock_nested+0x30/0x40 [ 125.960120] raw_spin_rq_lock_nested+0x1e/0x30 [ 125.960143] task_fork_fair+0x63/0x4d0 [ 125.960172] sched_cgroup_fork+0x3d0/0x540 [ 125.960198] copy_process+0x4183/0x6e20 [ 125.960216] kernel_clone+0xe7/0x890 [ 125.960234] user_mode_thread+0xad/0xf0 [ 125.960253] rest_init+0x24/0x250 [ 125.960277] arch_call_rest_init+0xf/0x14 [ 125.960302] start_kernel+0x4c6/0x4eb [ 125.960323] secondary_startup_64_no_verify+0xe0/0xeb [ 125.960348] [ 125.960348] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 125.960373] _raw_spin_lock_irqsave+0x39/0x60 [ 125.960395] try_to_wake_up+0xab/0x1930 [ 125.960420] up+0x75/0xb0 [ 125.960448] __up_console_sem+0x6e/0x80 [ 125.960477] console_unlock+0x46a/0x590 [ 125.960505] vprintk_emit+0x1bd/0x560 [ 125.960535] vprintk+0x84/0xa0 [ 125.960564] _printk+0xba/0xf1 [ 125.960586] kauditd_hold_skb.cold+0x3f/0x4e [ 125.960605] kauditd_send_queue+0x233/0x290 [ 125.960632] kauditd_thread+0x5da/0x9a0 [ 125.960657] kthread+0x2ed/0x3a0 [ 125.960683] ret_from_fork+0x22/0x30 [ 125.960705] [ 125.960705] -> #0 ((console_sem).lock){....}-{2:2}: [ 125.960731] __lock_acquire+0x2a02/0x5e70 [ 125.960761] lock_acquire+0x1a2/0x530 [ 125.960790] _raw_spin_lock_irqsave+0x39/0x60 [ 125.960812] down_trylock+0xe/0x70 [ 125.960843] __down_trylock_console_sem+0x3b/0xd0 [ 125.960872] vprintk_emit+0x16b/0x560 [ 125.960902] vprintk+0x84/0xa0 [ 125.960931] _printk+0xba/0xf1 [ 125.960952] report_bug.cold+0x72/0xab [ 125.960970] handle_bug+0x3c/0x70 [ 125.960988] exc_invalid_op+0x14/0x50 [ 125.961007] asm_exc_invalid_op+0x16/0x20 [ 125.961032] group_sched_out.part.0+0x2c7/0x460 [ 125.961052] ctx_sched_out+0x8f1/0xc10 [ 125.961071] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.961095] __schedule+0xedd/0x2470 [ 125.961123] schedule+0xda/0x1b0 [ 125.961150] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.961170] syscall_exit_to_user_mode+0x19/0x40 [ 125.961196] do_syscall_64+0x48/0x90 [ 125.961215] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.961241] [ 125.961241] other info that might help us debug this: [ 125.961241] [ 125.961246] Chain exists of: [ 125.961246] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 125.961246] [ 125.961273] Possible unsafe locking scenario: [ 125.961273] [ 125.961277] CPU0 CPU1 [ 125.961281] ---- ---- [ 125.961285] lock(&ctx->lock); [ 125.961295] lock(&rq->__lock); [ 125.961307] lock(&ctx->lock); [ 125.961319] lock((console_sem).lock); [ 125.961329] [ 125.961329] *** DEADLOCK *** [ 125.961329] [ 125.961333] 2 locks held by syz-executor.4/3918: [ 125.961345] #0: ffff88806ce37d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 125.961402] #1: ffff888008b43c20 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 125.961454] [ 125.961454] stack backtrace: [ 125.961459] CPU: 0 PID: 3918 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220927 #1 [ 125.961490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.961504] Call Trace: [ 125.961510] [ 125.961517] dump_stack_lvl+0x8b/0xb3 [ 125.961539] check_noncircular+0x263/0x2e0 [ 125.961569] ? format_decode+0x26c/0xb50 [ 125.961602] ? print_circular_bug+0x450/0x450 [ 125.961633] ? enable_ptr_key_workfn+0x20/0x20 [ 125.961668] ? format_decode+0x26c/0xb50 [ 125.961707] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 125.961739] __lock_acquire+0x2a02/0x5e70 [ 125.961779] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 125.961821] lock_acquire+0x1a2/0x530 [ 125.961852] ? down_trylock+0xe/0x70 [ 125.961886] ? lock_release+0x750/0x750 [ 125.961924] ? vprintk+0x84/0xa0 [ 125.961957] _raw_spin_lock_irqsave+0x39/0x60 [ 125.961981] ? down_trylock+0xe/0x70 [ 125.962014] down_trylock+0xe/0x70 [ 125.962046] ? vprintk+0x84/0xa0 [ 125.962077] __down_trylock_console_sem+0x3b/0xd0 [ 125.962109] vprintk_emit+0x16b/0x560 [ 125.962144] vprintk+0x84/0xa0 [ 125.962175] _printk+0xba/0xf1 [ 125.962199] ? record_print_text.cold+0x16/0x16 [ 125.962232] ? report_bug.cold+0x66/0xab [ 125.962253] ? group_sched_out.part.0+0x2c7/0x460 [ 125.962276] report_bug.cold+0x72/0xab [ 125.962298] handle_bug+0x3c/0x70 [ 125.962319] exc_invalid_op+0x14/0x50 [ 125.962340] asm_exc_invalid_op+0x16/0x20 [ 125.962367] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 125.962392] Code: 5e 41 5f e9 ab a9 ef ff e8 a6 a9 ef ff 65 8b 1d 1b 0f ac 7e 31 ff 89 de e8 46 a6 ef ff 85 db 0f 84 8a 00 00 00 e8 89 a9 ef ff <0f> 0b e9 a5 fe ff ff e8 7d a9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 125.962413] RSP: 0018:ffff88800a3d7c48 EFLAGS: 00010006 [ 125.962430] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.962444] RDX: ffff888019fcb580 RSI: ffffffff815666b7 RDI: 0000000000000005 [ 125.962458] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 125.962472] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888008b43c00 [ 125.962486] R13: ffff88806ce3d140 R14: ffffffff8547cf80 R15: 0000000000000002 [ 125.962506] ? group_sched_out.part.0+0x2c7/0x460 [ 125.962532] ? group_sched_out.part.0+0x2c7/0x460 [ 125.962557] ctx_sched_out+0x8f1/0xc10 [ 125.962581] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.962611] ? lock_is_held_type+0xd7/0x130 [ 125.962639] ? __perf_cgroup_move+0x160/0x160 [ 125.962662] ? set_next_entity+0x304/0x550 [ 125.962697] ? update_curr+0x267/0x740 [ 125.962733] ? lock_is_held_type+0xd7/0x130 [ 125.962761] __schedule+0xedd/0x2470 [ 125.962796] ? io_schedule_timeout+0x150/0x150 [ 125.962830] ? rcu_read_lock_sched_held+0x3e/0x80 [ 125.962866] schedule+0xda/0x1b0 [ 125.962897] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.962920] syscall_exit_to_user_mode+0x19/0x40 [ 125.962948] do_syscall_64+0x48/0x90 [ 125.962969] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.962997] RIP: 0033:0x7fe64e2a1b19 [ 125.963011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.963032] RSP: 002b:00007fe64b817218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.963052] RAX: 0000000000000001 RBX: 00007fe64e3b4f68 RCX: 00007fe64e2a1b19 [ 125.963066] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe64e3b4f6c [ 125.963079] RBP: 00007fe64e3b4f60 R08: 000000000000000e R09: 0000000000000000 [ 125.963093] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe64e3b4f6c [ 125.963106] R13: 00007fffa1080c4f R14: 00007fe64b817300 R15: 0000000000022000 [ 125.963130] [ 126.066498] WARNING: CPU: 0 PID: 3918 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 126.067839] Modules linked in: [ 126.068281] CPU: 0 PID: 3918 Comm: syz-executor.4 Not tainted 6.0.0-rc7-next-20220927 #1 [ 126.069352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 126.070992] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 126.071801] Code: 5e 41 5f e9 ab a9 ef ff e8 a6 a9 ef ff 65 8b 1d 1b 0f ac 7e 31 ff 89 de e8 46 a6 ef ff 85 db 0f 84 8a 00 00 00 e8 89 a9 ef ff <0f> 0b e9 a5 fe ff ff e8 7d a9 ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 126.074284] RSP: 0018:ffff88800a3d7c48 EFLAGS: 00010006 [ 126.075093] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 126.076146] RDX: ffff888019fcb580 RSI: ffffffff815666b7 RDI: 0000000000000005 [ 126.077096] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 126.078061] R10: 0000000000000000 R11: ffffffff865b401b R12: ffff888008b43c00 [ 126.079012] R13: ffff88806ce3d140 R14: ffffffff8547cf80 R15: 0000000000000002 [ 126.079960] FS: 00007fe64b817700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 126.081040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 126.081826] CR2: 00007fca778eb610 CR3: 000000000dd52000 CR4: 0000000000350ef0 [ 126.082927] Call Trace: [ 126.083337] [ 126.083704] ctx_sched_out+0x8f1/0xc10 [ 126.084272] __perf_event_task_sched_out+0x6d0/0x18d0 [ 126.084986] ? lock_is_held_type+0xd7/0x130 [ 126.085586] ? __perf_cgroup_move+0x160/0x160 [ 126.086258] ? set_next_entity+0x304/0x550 [ 126.086934] ? update_curr+0x267/0x740 [ 126.087479] ? lock_is_held_type+0xd7/0x130 [ 126.088070] __schedule+0xedd/0x2470 [ 126.088594] ? io_schedule_timeout+0x150/0x150 [ 126.089228] ? rcu_read_lock_sched_held+0x3e/0x80 [ 126.089907] schedule+0xda/0x1b0 [ 126.090457] exit_to_user_mode_prepare+0x114/0x1a0 [ 126.091223] syscall_exit_to_user_mode+0x19/0x40 [ 126.091977] do_syscall_64+0x48/0x90 [ 126.092490] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 126.093205] RIP: 0033:0x7fe64e2a1b19 [ 126.093733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 126.096298] RSP: 002b:00007fe64b817218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 126.097310] RAX: 0000000000000001 RBX: 00007fe64e3b4f68 RCX: 00007fe64e2a1b19 [ 126.098305] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe64e3b4f6c [ 126.099347] RBP: 00007fe64e3b4f60 R08: 000000000000000e R09: 0000000000000000 [ 126.100276] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe64e3b4f6c [ 126.101187] R13: 00007fffa1080c4f R14: 00007fe64b817300 R15: 0000000000022000 [ 126.102134] [ 126.102472] irq event stamp: 674 [ 126.102958] hardirqs last enabled at (673): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 126.104202] hardirqs last disabled at (674): [] __schedule+0x1225/0x2470 [ 126.105307] softirqs last enabled at (412): [] __irq_exit_rcu+0x11b/0x180 [ 126.106517] softirqs last disabled at (403): [] __irq_exit_rcu+0x11b/0x180 [ 126.107699] ---[ end trace 0000000000000000 ]--- [ 126.309580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.310642] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.697291] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 128.698635] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 128.699640] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 128.710728] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 128.712218] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 128.714041] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 128.717150] Bluetooth: hci0: HCI_REQ-0x0c1a [ 128.760396] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 128.761596] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 128.767822] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 128.769197] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 128.770606] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 128.773386] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 128.775933] Bluetooth: hci6: HCI_REQ-0x0c1a [ 130.742757] Bluetooth: hci0: command 0x0409 tx timeout [ 130.743742] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 130.806756] Bluetooth: hci6: command 0x0409 tx timeout [ 132.790826] Bluetooth: hci0: command 0x041b tx timeout [ 132.854751] Bluetooth: hci6: command 0x041b tx timeout [ 134.838784] Bluetooth: hci0: command 0x040f tx timeout [ 134.902791] Bluetooth: hci6: command 0x040f tx timeout [ 134.967733] Bluetooth: hci5: Opcode 0x c03 failed: -110 VM DIAGNOSIS: 02:43:30 Registers: info registers vcpu 0 RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823ba0b1 RDI=ffffffff8765a980 RBP=ffffffff8765a940 RSP=ffff88800a3d7690 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000063 R11=0000000000000001 R12=0000000000000063 R13=ffffffff8765a940 R14=0000000000000010 R15=ffffffff823ba0a0 RIP=ffffffff823ba109 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fe64b817700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fca778eb610 CR3=000000000dd52000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fe64e3887c0 00007fe64e3887c8 YMM02=0000000000000000 0000000000000000 00007fe64e3887e0 00007fe64e3887c0 YMM03=0000000000000000 0000000000000000 00007fe64e3887c8 00007fe64e3887c0 YMM04=0000000000000000 0000000000000000 ffffffffffffffff ffffffff00000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff812a1ca8 RDX=ffff88801ca23580 RSI=0000000000000008 RDI=ffffffff85b065d0 RBP=1ffff11001fc0e86 RSP=ffff88800fe07418 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=ffffffff85407360 R13=0000000000000000 R14=ffffffff8544dac8 R15=ffff888007c75000 RIP=ffffffff81788ad4 RFL=00000256 [---ZAP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f79d454e540 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f79d4620910 CR3=000000001810c000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 000000ff00000000 00000000000000ff YMM01=0000000000000000 0000000000000000 ffffff0000ff00ff ffffffffffffff00 YMM02=0000000000000000 0000000000000000 494c4700362e322e 325f4342494c4700 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000004700 YMM04=0000000000000000 0000000000000000 4342494c4700362e 322e325f4342494c YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000