Warning: Permanently added '[localhost]:28558' (ECDSA) to the list of known hosts. 2022/09/30 02:51:55 fuzzer started 2022/09/30 02:51:55 dialing manager at localhost:40535 syzkaller login: [ 44.259179] cgroup: Unknown subsys name 'net' [ 44.375129] cgroup: Unknown subsys name 'rlimit' 2022/09/30 02:52:08 syscalls: 2215 2022/09/30 02:52:08 code coverage: enabled 2022/09/30 02:52:08 comparison tracing: enabled 2022/09/30 02:52:08 extra coverage: enabled 2022/09/30 02:52:08 setuid sandbox: enabled 2022/09/30 02:52:08 namespace sandbox: enabled 2022/09/30 02:52:08 Android sandbox: enabled 2022/09/30 02:52:08 fault injection: enabled 2022/09/30 02:52:08 leak checking: enabled 2022/09/30 02:52:08 net packet injection: enabled 2022/09/30 02:52:08 net device setup: enabled 2022/09/30 02:52:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/09/30 02:52:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/09/30 02:52:08 USB emulation: enabled 2022/09/30 02:52:08 hci packet injection: enabled 2022/09/30 02:52:08 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220929) 2022/09/30 02:52:08 802.15.4 emulation: enabled 2022/09/30 02:52:08 fetching corpus: 0, signal 0/2000 (executing program) 2022/09/30 02:52:08 fetching corpus: 50, signal 26137/29415 (executing program) 2022/09/30 02:52:09 fetching corpus: 100, signal 34809/39381 (executing program) 2022/09/30 02:52:09 fetching corpus: 150, signal 47246/52577 (executing program) 2022/09/30 02:52:09 fetching corpus: 200, signal 51068/57475 (executing program) 2022/09/30 02:52:09 fetching corpus: 250, signal 55229/62566 (executing program) 2022/09/30 02:52:09 fetching corpus: 300, signal 59258/67431 (executing program) 2022/09/30 02:52:09 fetching corpus: 350, signal 63029/71999 (executing program) 2022/09/30 02:52:09 fetching corpus: 400, signal 67453/76994 (executing program) 2022/09/30 02:52:09 fetching corpus: 450, signal 70030/80339 (executing program) 2022/09/30 02:52:10 fetching corpus: 500, signal 74228/84925 (executing program) 2022/09/30 02:52:10 fetching corpus: 550, signal 78037/89144 (executing program) 2022/09/30 02:52:10 fetching corpus: 600, signal 80879/92447 (executing program) 2022/09/30 02:52:10 fetching corpus: 650, signal 83269/95309 (executing program) 2022/09/30 02:52:10 fetching corpus: 700, signal 84998/97612 (executing program) 2022/09/30 02:52:10 fetching corpus: 750, signal 87465/100397 (executing program) 2022/09/30 02:52:10 fetching corpus: 800, signal 89481/102756 (executing program) 2022/09/30 02:52:10 fetching corpus: 850, signal 93340/106432 (executing program) 2022/09/30 02:52:11 fetching corpus: 900, signal 95211/108631 (executing program) 2022/09/30 02:52:11 fetching corpus: 950, signal 96846/110542 (executing program) 2022/09/30 02:52:11 fetching corpus: 1000, signal 98702/112521 (executing program) 2022/09/30 02:52:11 fetching corpus: 1050, signal 100259/114251 (executing program) 2022/09/30 02:52:11 fetching corpus: 1100, signal 102467/116516 (executing program) 2022/09/30 02:52:11 fetching corpus: 1150, signal 103624/117909 (executing program) 2022/09/30 02:52:11 fetching corpus: 1200, signal 105464/119726 (executing program) 2022/09/30 02:52:11 fetching corpus: 1250, signal 107175/121436 (executing program) 2022/09/30 02:52:12 fetching corpus: 1300, signal 108517/122822 (executing program) 2022/09/30 02:52:12 fetching corpus: 1350, signal 109807/124157 (executing program) 2022/09/30 02:52:12 fetching corpus: 1400, signal 111908/125981 (executing program) 2022/09/30 02:52:12 fetching corpus: 1450, signal 114022/127691 (executing program) 2022/09/30 02:52:12 fetching corpus: 1500, signal 115042/128703 (executing program) 2022/09/30 02:52:12 fetching corpus: 1550, signal 116223/129821 (executing program) 2022/09/30 02:52:12 fetching corpus: 1600, signal 118114/131287 (executing program) 2022/09/30 02:52:12 fetching corpus: 1650, signal 120239/132857 (executing program) 2022/09/30 02:52:12 fetching corpus: 1700, signal 121601/133984 (executing program) 2022/09/30 02:52:13 fetching corpus: 1750, signal 122745/134914 (executing program) 2022/09/30 02:52:13 fetching corpus: 1800, signal 123947/135824 (executing program) 2022/09/30 02:52:13 fetching corpus: 1850, signal 125165/136739 (executing program) 2022/09/30 02:52:13 fetching corpus: 1900, signal 127366/138075 (executing program) 2022/09/30 02:52:13 fetching corpus: 1950, signal 128528/138894 (executing program) 2022/09/30 02:52:13 fetching corpus: 2000, signal 129503/139634 (executing program) 2022/09/30 02:52:13 fetching corpus: 2050, signal 130891/140478 (executing program) 2022/09/30 02:52:13 fetching corpus: 2100, signal 131830/141086 (executing program) 2022/09/30 02:52:14 fetching corpus: 2150, signal 132687/141596 (executing program) 2022/09/30 02:52:14 fetching corpus: 2200, signal 133302/142034 (executing program) 2022/09/30 02:52:14 fetching corpus: 2250, signal 134801/142757 (executing program) 2022/09/30 02:52:14 fetching corpus: 2300, signal 137048/143760 (executing program) 2022/09/30 02:52:14 fetching corpus: 2350, signal 138044/144319 (executing program) 2022/09/30 02:52:14 fetching corpus: 2400, signal 138938/144742 (executing program) 2022/09/30 02:52:14 fetching corpus: 2450, signal 139847/145152 (executing program) 2022/09/30 02:52:14 fetching corpus: 2500, signal 140591/145472 (executing program) 2022/09/30 02:52:15 fetching corpus: 2550, signal 141519/145820 (executing program) 2022/09/30 02:52:15 fetching corpus: 2600, signal 142386/146150 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146517 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146574 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146627 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146681 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146732 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146787 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146854 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146915 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/146976 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147032 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147088 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147153 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147219 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147275 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147337 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147388 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147437 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147498 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147563 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147583 (executing program) 2022/09/30 02:52:15 fetching corpus: 2630, signal 143525/147583 (executing program) 2022/09/30 02:52:18 starting 8 fuzzer processes 02:52:18 executing program 0: syz_usb_ep_write(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000880)={{0x12, 0x1, 0x0, 0xc, 0xd0, 0x9d, 0x0, 0x5dd, 0xff31, 0xfa, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xcb, 0x6e, 0x9a}}]}}]}}, 0x0) 02:52:18 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_rdma(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="7472616e733d72f5eeb6a088740740c2c066fd0ebaab3ea8a9756759834f09d6cea49a3ea6808f64e52ef148f7860777597486b340af70f6982a60"]) 02:52:18 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, 0x0, &(0x7f00000007c0)) 02:52:18 executing program 3: clone3(&(0x7f0000001e40)={0x9a300300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 67.066869] audit: type=1400 audit(1664506338.415:6): avc: denied { execmem } for pid=285 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 02:52:18 executing program 4: syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@aname={'aname', 0x3d, 'wfdno'}}]}}) 02:52:18 executing program 5: r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x1d5080, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) pwrite64(r0, &(0x7f0000000380)="3103f23175f7386daa2ec1173e3ae4f175bacf76d60163f93d8b4e6d242ffc0468c2ed80e90bcfbe3c91c6dfdf4e47ab6a49bb37ea1fea2ecdac3624", 0x3c, 0xc5d) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1/file0\x00', &(0x7f0000000200), &(0x7f0000000500)={0x0, 0xfb, 0x5b, 0x2, 0xfe, "ad88448df434fd9c1353e873b70f0a51", "278c8d07f40936fae726a1495faaf19eb321573df24bdffd852adadf6398d1b49d359aecbc07d0211b8dce73b9028eeee35cf060e3044c38606b6e9a93129d3fda0001d1f895"}, 0x5b, 0x1) fcntl$setpipe(r3, 0x407, 0x5000000) r4 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1/file0\x00', 0xf0, 0x3, &(0x7f0000000300)=[{&(0x7f0000000180)="1a359f84", 0x4, 0x1}, {&(0x7f00000005c0)="379f2bf6258b0ef53ab8463cf42ed86c32ed04128dc2c6da4ee90f6e0ef37a8edc9b177035585cd4d53a6a29f4f38b10eac5e356e9fdf255419e11f3299bbc924e88fa1090b1404517dcb46957f28fde9eca0a8837eefb7f620c10aca67125432335c19134101de6315ee5191740d1f9e9f8c15f893964a5a0d149f886d9fb4127833338687cb6ee47cdc804cb750588f0cd301e993fcebed72676ca522d19426bbccec0e448bdff7d42f599444966e61677578a44936089d194727fbb740e03208e895733b7603380938575efa2d2d97fff570a95111d523af959ef907aa85817472035547750c12ff1af2e8870abf59bb23a5d510cfd1af67bda6a63e3706c49e829274b27374c02f366cda1a4e8253b1012b37925ed8233cee4e69bd905c0287c4f1667bd9e982e11dde18a0b4f0d92c70d6ddd1aa1eb42bca3dda784c2e45411698eda6737f58a6c99fa92b39f36e31ef8038d9bfe64cf369c321d97a73329ad5ed022c939770fe6421683264cad1704bb6938963d5f739d911f1000a5e01c7480740f90bdd77a54608d272dd75fe2464c44fabd2ec4910e312ad54614158c0c9e0434538aaa070c64f6ab57717512fd880d8678ef90067e86ee1405b887266bcdf17f810c62022bdd73ab8c28e51d63428bfb626d243d6061d2142771277c8e6b25db5fa2c0e2bdcdc5ea955276a63b0848b6ee124360c65406d8ea78bb33e1e02725b5ee957f5c4a53d9c23061ab79198bd0c554077b1626581e9b7835c727f4594f9d2e58988ffb45a3d7a5d6b33e6f3fe831c4e404ad7d2fd64fe85abfb228ccafefac3b60a3e8d77ecaf0f26cc3636ea91006bb80923d9dec5c76d7d50e141d8f9c90381d16729061f504da202dbfeb93e9a488601f55510afeb528492e74f0c2946b1399ddc785129b118fa5ffcb6a7101e6ff758b488a28e4bf26e7dd56dcf63b0245a04678881d6524b2e09694d5f230d2edb617b80a68d19a95abd38ebd1da35e21efeb979d2fe5fea180e7cb572ae327ad344c23634da7ce4f69509cab07b250b4f206642d4819af62f5adad0565a91e79e7598720f203d7be3275fbed9173ee8f85565f99503fd18f328b6b25ba863fc02af1db06c8e8c550f034d04d4331f8d49b018c15fbf175f7341f328a6a6df06851f27e8cbf4c30bc1ed474c4b739f2f3d6b4db05a08145830df90f79d9ad09a3b63b0e4bbbee3739db96eaae95e15c09afe760df42d581b1e7e7c18e437c1ec40701fd0d6a66b62c566f4427a83181d29a3e00df5c5a0b48f0569c520a6380aecf3cbb6e0ad58066a00e8ea5d1a9f7706b0e86da3ec81ba245dfe1e477f4a0d27c3d789620c5984e603e67b69f2ca7e2d3f92d3c31b47fb299663dc7545a02d1bf810ba89ed5c61b16015cdae8e8baa10195da4b902507b195b59597683576e2c3233039735d2f3b6e93b1e258ef5325854b4f33786378eabbbb8281658104f40e0c45749e08c6f7fa007ceaa7c7e842eb07658793f0cde3b433bfccafb0563535fcd4a03c6c18f286a0440de90c2dd3251fb8692111c3d7f8271d2ab3c97c53ba2bbab4ef193c7965ed20342fc84289ff018ee80eeb50e3b3f421ba73e9e8d81fd63f7f7bba0b49d9dc41112c71d5b7530246a0e5103d696bc6af2c586d158680176ed72f45b4cbfa19234b41b79fe152b8143a38fbc8ec29037d37b6d7657703a9ac7337b49ff1b05afd7080082dbde9eeced98c249fb87c1f2afaa043b50801284a383be7ddc8e10e56ff5cbf6d9caf86071d43af646b1be26bcedbcee7302c4a2003304f4bef8eec928cd26b7b17283bac4e9e980f0fd20269a4122bdc0a3d3e56b70413f824be49789f25c3a2f3e0a6aa745a9daa46dfc558a7cece741c8e0f6ab22f6240363451dec77e0065483b99291cbaecce0e9f33a5a9b60886152dad40aa6cf9cff64cf314ae9ea15801a919c40bf3c1a86f04d013dbba6f886c7adb0857d0d43c4117834164ec6bbe83d9aceb3b70f0b140680b66ab7f1cd927aad28f06ed15cd5b3edf8a66654b60ec3a5c1c0e5874c9c1c40992fcf94b5a561c6104d0287034a38213b2121813e1145f6488ee48b86587d972e840ed9fcc34bfe6fc39404251f628c046d22b21164f460208a792472fcd1f7d606163dc6e3dd96af412f3c415057aa9883c78d23f533eb3245ecb4cf191cf6fd10a80723df755a0d1cc1437e66f4e39b909d0ba0db0036b7b886b84c5928afc11ccfa28956275eb4e484a20b9c1473ca0408f896f76b2685bfbd73613d6eccae847fcf5e2286b6cd39d79ea273da25115fe990a2e0c607ce0b80ee5e48bb1cf757930a396670eee8e6314bab8a37081bbbaa3a3b27374e0639b489db7f174d74ff11542a1f37fad4d28a789e237e0ad1850b8adf0ff47623bb017b0edc5825b093e2fe19e1a17f4100c2795ed2eafe53ec2c53bd45a57ab4912bc7953e797a4ce25fc00eb01ea9fe303a853023f631a8414b2c35720370687e1497dacbcbcd7ec9f3f41a79767b5d937ec461229e743c9a21802bdc0f5eea42d0dbbb03f09f7e13e14dd4a43fcea265c126b3da2ebcce05213ae2f26e6237a5df0b3ef638f7834594c85c30ed94ea3b76f484ca6a0e1fc6d8c68c544e87c0992f8af8cd4a3b30b7b0f77b99cc0d26b8b4a2325a1c37e56bab2780d0a6317ba723589fafa400bf6282976146b4bb734e5cb070aa2d42a6f9b3dd396770db863e901be019868c828898917c04183df9392fd88d3ec42529ecef17a8adc8da9ca07147697826b8657cf593fc21dad870ca8aae7a73ab9970aa8df88e34834dc0004cdd005f2ffc2c1f9324da84f355f0219e6f8ba6b6bd908ba91ba84c5add6da54f45a936a4acac503318cea01f2c60c74f716d9ea9b473d52eaa02de1f383c331acb608d7337940c2ed7258d921f9becd9d425e3252bb0afa51f5f2a9a885d96f1478f21615d40dcef1dfe2ef0de25dbba042aa1723d64a607b63d50a11e1f535fe9f166c2301425f49fba59eafdd8efd560eb4067e2bef834e4fcaf84fe53037d73cb4f4119489d62def6f62ab35e3cfa91cf94834f914c6e3372617d7c740a0699099949fe6f669c3d2350c635c00ad09ba8049d40808b713f88e72a9deda6bc9115fc0b62a999bc4d4a2f548604644f13cb339d48085f0d9874b239a8e401b8d8e7258092e113b4b76eff136c33f14be86737573ba7d649ce4c11d3098fb4bb79eea2e43bbca1efc32ae0473faff81ddd7927418631a7eb0218b31632d772425e4dc5b46a5856c3389bb45d60490ebc79ae4b7bc723c05fec2ccb0846b0b7a47f02af6d620e106fb3df6dc488b8981c217b7563099e8bf9248ff1af594c3a7384cfe67ef10758aa123fa3cbfea19e27c10c9fdafeca35a6207bb9a8d540a9bb8064dbdfe606904619893c6e3764142a215dfa0c1f2e69c855d1655862693d482997f89c06853614ca64600667a7eb0e9b6373a769b5383d289171e886deef95c958f23fcdf84182fcd944f44156a248eefb3223e0ce54c14d1de060d03d37cceec37f445caa9af66eef397dace730b229731478278ca4e0ee2edfdaa99ac41d3bf1edc3d9b44067c5c2544fcc32bf9d48a8a2d81e28abc99860f3bad3e0214f8755afdfa6f3273bd723f38b970d5210ccc1e95f3514d65f517d1f021d7085ebbcc8ce3797e6b6e52a71102108784f273015c95cfdfda73c17f02a4b322df7ddc56820120f69c1a4c7c4af2e10209bbbd11369aae2c62602bcf05eec0821bc59884e8fd77efaf91cdbbe0dd934b21a7de16399f79085abbfa53423b4bbce656bb952bf474cec1d87b674c2338e3e133162db1a35f0bc8cec521b057e15bb07c4f00235a3bb8fa9d7e7727c6fb166a4507119c0e4eec63d267f9c5e435744d426143e4c4b6c8e3133b84338a3cf1d27d99c8346bed5a918ce68d06ca5e1b6fdd9cbc2cd02e79e28e2144ee515aab47b6fc5308f3e4465357fe0acfcf23d62ef50a334b40581b7e4e903c7c589cf482f450acaf2e7e805f0cfb0995d9c7f98b63b07f2528c4048c98dce50907b461ebc6e42f41ff9ef6e2085314c4419a0bd23b905d309f519afed6a66f83769eb2a4bd546fca9a653a744d3cd8aeae1f58262fa09a6d7d3f349996e9e614dbf2506ee25f7d3ba46fb4f5ad53996b65499fc66898080c10c05b0e56f9f0308ac6d53ea86e72eb5c8e5d8e53217b8242b7fc8a1a801594a0b3d4966af1c05e6f41fa3e2c8d18fdd347df135da43a11b51a05b2224c55ce9a6fb8f0c46bfbc0a85b77b7ef5741e4a5b79d64687051dabab1d0c555161851f5d441bcdd332d8e6c45dccb5894d3f6a36b81fdb417386276be49a4a44c8c7704d3695f8224935a13e58dfbbde4bd558a4d3d6792206f42895c707151e088a0f4f9282fc6faefa070a83a05aefbe2c7a8a18e539b7bc9e3b3a160a2bf86030b7f9be2fd5f657858c005c605a6c61a8ab282db56975db5ab31b4a0c69c32af6cc50997ae31c07b11681ef57a32fcbf2f60ce8d998eadbbd735b2faae29afeb60b522db224854659b7cedcd91396af59ddcf09acecfd5fc95e3ada6521afff0740c522b78dad06b6d6344c1b7482cb6af43cd1635c139f6ae1ff25dc0d6b0751675c3f670e0188518a5003cad903986f448a3c974ea18ad360c6541cd7285833558747875e0d0bc75129d9304dc83c8bcb0019d0f81ffe38470c8f5591b58b82e325b661f7c2c3fff5d8d298eacb5e89ac6f0363bc67cea788f8832cf5c00c8820c523050a31653f97f7a2fed0a1914f38e4f8bb5165400b9fe8c1718a16a28b2f522831c74df691b3d5ee9179e128ef6efc5ef39fb6a34487b9633bb10da115be2ce002ae6d3d90e482637941749e2deeb4569a4a93b5655d861aa592bb221e7f4655b267574b6c38b969ec09358f0ebffac05e3765c18a73687bf0921979a94ef76ef71743f597233965164a789c98ad947c778b4b27f198dbb6af058e29a34ee7866ac1fa84dd2a06f60401f54eb1a8529b8a4c47a84ea6144c7a545984697b5a3b11f6ddb4837fce1a3ea3be570dfc4b603cc965c52ff2c0e28ad84f117696f85970701425e53c66a0621e634568b76126ec3c3b63df419623f4cda018483097ee1fba6c13c92d4064022279ee46e39a9b799c1f5f00eab4f408504236a09c8cf0b69e843e26cffdb5870ad7561cb1e771f3834ad41dfd986038d632a8993ca5924725e8fc4482d0992f0a0cd2f9ba82035924a5516626ab89788749fe9d7d71474309e98dbc7fe126758550d79ca8982b8f6a13f576a64ec395d4797647087e1a96448eeb4d9acfd8d66cf3b224d16cacc87cf29eb8a26d45cee9756f68f9470f5f93930c3e73783369dec1712fb037c11f55ada8083859a1e8aef0bb5a13d614c00f9291600d82fd501103a3623884f7181f569702ce5a333bee92c597d31ef2ede9c02cab543eec671da3ba05b3685ba5941f7f07d46232addd25c4acb4e6d824fdc48cfe3f5560fd08561f6cc26d3f3cc1354f848f815d4b3a7aad43de3b21f97697e6a02ac3e541c08ccdf1a0a65de8d68ccc75334f43574c865a4932785969c6473ac9f6d0215af424cc54f840095ebee480853d060d9eff169503ceed871d9a89e4f96dd99a6a2a18993772662c98b859f52da53162b09c27dc06eec0c9f2cd50a5b95c94d03d870d58e5435761ba5cf7c373070e0b99d40e196051b17f5b25aa83833b05e6974377934e2d4fe149f348f859c49e2dd614f0eff06605ea2876a109d0b1a235bb2e3e0f6b44d", 0x1000, 0xbac4}, {&(0x7f0000000400)="98abcf259977c1e6c14edca4c23607db48b3b732c4f868e2911b1b5771adde1e53746f8fd39d32d9028fca90eda7644a31be76d0f5061247c961333027bcfc5568ccf8ab70d8f361a75b8bf4299b001098188a98f4e67eb6f4bc7d9710d4ecd80d20354f9fa26ddfd0c7208ebd3b161ca81ef01ba695495952a267c601ac4ef0b1c6d0cfce65fb3bad2bdbdc5a1183008dd6d78ae5a57132ce99acfae61d1faac50b935b4632cbb2ce680c52b6ab86d97e2349dfe50c45d3da17ea351bccdb6703fa6858ad5ae8793493c5653902d1596b707d3f2651a93f08710ba2ec48e6dd1321500cf7492eb3380f5684aeb03a326fc9d9888918", 0xf6, 0x170f}], 0x40000, &(0x7f0000001700)=ANY=[@ANYBLOB="74696d655f6f6666743d3078666666666666666666666680666437322c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e6e742c757466383d312c646f6e745f686173682c6f626a5f757365723d235e2c6f626a5f747970653d2c7375626a5f747970653d5b7dea0400402a2e2c6f626a280588af653d90d3c42c7065726d69745f646972656374696f2c6f626a5f5d736572cb244c191aecb6da8fa48e8255693ddb215e77262d2c2c736d61636b66736861743d2c0057b85b0db58509553a2e97968323da937f8d7a52843cde50b204534581cf06e21cda42bc782e0aedb8a0a7ee3e9eefdcb73d4aff76006e9cfe605bf9f4673cea0000"]) openat(r4, &(0x7f0000000240)='./file1\x00', 0x800, 0x40) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) pwritev(r2, &(0x7f0000000580)=[{&(0x7f0000000140)='\x00', 0x1}, {0x0}, {0x0}], 0x3, 0x7fffffc, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r1, r1, 0x0, 0x100007) 02:52:18 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) accept(r0, 0x0, 0x0) 02:52:18 executing program 7: syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}}}}}]}}, 0x0) [ 68.446486] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.448876] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.451257] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.452692] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.459681] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.461014] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.473824] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.477668] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.494817] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.517617] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.519002] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.521738] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.523801] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 68.525805] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 68.528714] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.530942] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 68.536114] Bluetooth: hci0: HCI_REQ-0x0c1a [ 68.537102] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 68.538463] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 68.543121] Bluetooth: hci1: HCI_REQ-0x0c1a [ 68.558251] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 68.559914] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 68.561942] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 68.563501] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.565495] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 68.567011] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 68.569169] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.570909] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 68.575163] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 68.577961] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 68.580180] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 68.580911] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 68.583035] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 68.584019] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.585032] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 68.586320] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 68.586876] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 68.589067] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 68.589173] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.591570] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 68.592105] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 68.595689] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.598641] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 68.603193] Bluetooth: hci6: HCI_REQ-0x0c1a [ 68.604678] Bluetooth: hci7: HCI_REQ-0x0c1a [ 68.605946] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.610028] Bluetooth: hci3: HCI_REQ-0x0c1a [ 68.623041] Bluetooth: hci4: HCI_REQ-0x0c1a [ 68.645695] Bluetooth: hci5: HCI_REQ-0x0c1a [ 70.515400] Bluetooth: hci2: Opcode 0x c03 failed: -110 [ 70.580064] Bluetooth: hci0: command 0x0409 tx timeout [ 70.580994] Bluetooth: hci1: command 0x0409 tx timeout [ 70.643538] Bluetooth: hci7: command 0x0409 tx timeout [ 70.644941] Bluetooth: hci4: command 0x0409 tx timeout [ 70.645651] Bluetooth: hci3: command 0x0409 tx timeout [ 70.646252] Bluetooth: hci6: command 0x0409 tx timeout [ 70.707423] Bluetooth: hci5: command 0x0409 tx timeout [ 72.626475] Bluetooth: hci1: command 0x041b tx timeout [ 72.627321] Bluetooth: hci0: command 0x041b tx timeout [ 72.690602] Bluetooth: hci6: command 0x041b tx timeout [ 72.691461] Bluetooth: hci3: command 0x041b tx timeout [ 72.692155] Bluetooth: hci4: command 0x041b tx timeout [ 72.692892] Bluetooth: hci7: command 0x041b tx timeout [ 72.754473] Bluetooth: hci5: command 0x041b tx timeout [ 73.655537] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 73.658403] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 73.660176] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 73.664025] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 73.666161] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 73.668086] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 73.675417] Bluetooth: hci2: HCI_REQ-0x0c1a [ 74.674426] Bluetooth: hci0: command 0x040f tx timeout [ 74.674849] Bluetooth: hci1: command 0x040f tx timeout [ 74.739476] Bluetooth: hci7: command 0x040f tx timeout [ 74.739896] Bluetooth: hci4: command 0x040f tx timeout [ 74.740258] Bluetooth: hci3: command 0x040f tx timeout [ 74.740738] Bluetooth: hci6: command 0x040f tx timeout [ 74.802410] Bluetooth: hci5: command 0x040f tx timeout [ 75.699421] Bluetooth: hci2: command 0x0409 tx timeout [ 76.722460] Bluetooth: hci1: command 0x0419 tx timeout [ 76.723226] Bluetooth: hci0: command 0x0419 tx timeout [ 76.787543] Bluetooth: hci6: command 0x0419 tx timeout [ 76.788323] Bluetooth: hci3: command 0x0419 tx timeout [ 76.789062] Bluetooth: hci4: command 0x0419 tx timeout [ 76.789782] Bluetooth: hci7: command 0x0419 tx timeout [ 76.850550] Bluetooth: hci5: command 0x0419 tx timeout [ 77.746545] Bluetooth: hci2: command 0x041b tx timeout [ 79.794440] Bluetooth: hci2: command 0x040f tx timeout [ 81.844196] Bluetooth: hci2: command 0x0419 tx timeout 02:53:14 executing program 3: clone3(&(0x7f0000001e40)={0x9a300300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:53:14 executing program 3: clone3(&(0x7f0000001e40)={0x9a300300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:53:14 executing program 3: clone3(&(0x7f0000001e40)={0x9a300300, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:53:14 executing program 3: prctl$PR_GET_TSC(0x19, &(0x7f0000000000)) prctl$PR_GET_TSC(0x19, &(0x7f0000000040)) prctl$PR_GET_TSC(0x19, &(0x7f0000000080)) shmget$private(0x0, 0x4000, 0x1, &(0x7f0000ffc000/0x4000)=nil) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x8, 0x25}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x45}, 0x40) prctl$PR_GET_TSC(0x19, &(0x7f00000001c0)) shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffc000/0x2000)=nil) syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff) socket$inet_udp(0x2, 0x2, 0x0) fork() socket(0x1d, 0x80000, 0x2) [ 123.771499] 9pnet: Could not find request transport: rt@f>ugYO Τ>d.HwYt@p*` 02:53:15 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_rdma(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="7472616e733d72f5eeb6a088740740c2c066fd0ebaab3ea8a9756759834f09d6cea49a3ea6808f64e52ef148f7860777597486b340af70f6982a60"]) [ 123.890742] 9pnet: Could not find request transport: rt@f>ugYO Τ>d.HwYt@p*` 02:53:15 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_rdma(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="7472616e733d72f5eeb6a088740740c2c066fd0ebaab3ea8a9756759834f09d6cea49a3ea6808f64e52ef148f7860777597486b340af70f6982a60"]) 02:53:15 executing program 3: prctl$PR_GET_TSC(0x19, &(0x7f0000000000)) prctl$PR_GET_TSC(0x19, &(0x7f0000000040)) prctl$PR_GET_TSC(0x19, &(0x7f0000000080)) shmget$private(0x0, 0x4000, 0x1, &(0x7f0000ffc000/0x4000)=nil) sendmsg$NL80211_CMD_LEAVE_IBSS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x8, 0x25}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x45}, 0x40) prctl$PR_GET_TSC(0x19, &(0x7f00000001c0)) shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffc000/0x2000)=nil) syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff) socket$inet_udp(0x2, 0x2, 0x0) fork() socket(0x1d, 0x80000, 0x2) [ 124.058400] 9pnet: Could not find request transport: rt@f>ugYO Τ>d.HwYt@p*` 02:53:15 executing program 2: syz_mount_image$vfat(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_rdma(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="7472616e733d72f5eeb6a088740740c2c066fd0ebaab3ea8a9756759834f09d6cea49a3ea6808f64e52ef148f7860777597486b340af70f6982a60"]) [ 124.303032] 9pnet: Could not find request transport: rt@f>ugYO Τ>d.HwYt@p*` [ 124.954885] loop5: detected capacity change from 0 to 186 [ 125.015017] audit: type=1400 audit(1664506396.362:7): avc: denied { open } for pid=3853 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.017508] audit: type=1400 audit(1664506396.363:8): avc: denied { kernel } for pid=3853 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 125.029356] hrtimer: interrupt took 29174 ns [ 125.030947] ------------[ cut here ]------------ [ 125.030979] [ 125.030984] ====================================================== [ 125.030990] WARNING: possible circular locking dependency detected [ 125.030998] 6.0.0-rc7-next-20220929 #1 Not tainted [ 125.031011] ------------------------------------------------------ [ 125.031017] syz-executor.5/3854 is trying to acquire lock: [ 125.031030] ffffffff853faab8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0xe/0x70 [ 125.031098] [ 125.031098] but task is already holding lock: [ 125.031103] ffff88801769f020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 125.031150] [ 125.031150] which lock already depends on the new lock. [ 125.031150] [ 125.031156] [ 125.031156] the existing dependency chain (in reverse order) is: [ 125.031162] [ 125.031162] -> #3 (&ctx->lock){....}-{2:2}: [ 125.031187] _raw_spin_lock+0x2a/0x40 [ 125.031207] __perf_event_task_sched_out+0x53b/0x18d0 [ 125.031228] __schedule+0xedd/0x2470 [ 125.031253] schedule+0xda/0x1b0 [ 125.031277] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.031299] syscall_exit_to_user_mode+0x19/0x40 [ 125.031322] do_syscall_64+0x48/0x90 [ 125.031353] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.031376] [ 125.031376] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 125.031401] _raw_spin_lock_nested+0x30/0x40 [ 125.031421] raw_spin_rq_lock_nested+0x1e/0x30 [ 125.031444] task_fork_fair+0x63/0x4d0 [ 125.031473] sched_cgroup_fork+0x3d0/0x540 [ 125.031499] copy_process+0x4183/0x6e20 [ 125.031518] kernel_clone+0xe7/0x890 [ 125.031535] user_mode_thread+0xad/0xf0 [ 125.031554] rest_init+0x24/0x250 [ 125.031575] arch_call_rest_init+0xf/0x14 [ 125.031605] start_kernel+0x4c6/0x4eb [ 125.031631] secondary_startup_64_no_verify+0xe0/0xeb [ 125.031656] [ 125.031656] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 125.031681] _raw_spin_lock_irqsave+0x39/0x60 [ 125.031700] try_to_wake_up+0xab/0x1930 [ 125.031725] up+0x75/0xb0 [ 125.031750] __up_console_sem+0x6e/0x80 [ 125.031778] console_unlock+0x46a/0x590 [ 125.031807] vprintk_emit+0x1bd/0x560 [ 125.031837] vprintk+0x84/0xa0 [ 125.031866] _printk+0xba/0xf1 [ 125.031886] regdb_fw_cb.cold+0x6c/0xa7 [ 125.031915] request_firmware_work_func+0x12e/0x240 [ 125.031949] process_one_work+0xa17/0x16a0 [ 125.031981] worker_thread+0x637/0x1260 [ 125.032011] kthread+0x2ed/0x3a0 [ 125.032036] ret_from_fork+0x22/0x30 [ 125.032058] [ 125.032058] -> #0 ((console_sem).lock){-.-.}-{2:2}: [ 125.032084] __lock_acquire+0x2a02/0x5e70 [ 125.032114] lock_acquire+0x1a2/0x530 [ 125.032143] _raw_spin_lock_irqsave+0x39/0x60 [ 125.032162] down_trylock+0xe/0x70 [ 125.032189] __down_trylock_console_sem+0x3b/0xd0 [ 125.032219] vprintk_emit+0x16b/0x560 [ 125.032248] vprintk+0x84/0xa0 [ 125.032278] _printk+0xba/0xf1 [ 125.032296] report_bug.cold+0x72/0xab [ 125.032326] handle_bug+0x3c/0x70 [ 125.032356] exc_invalid_op+0x14/0x50 [ 125.032387] asm_exc_invalid_op+0x16/0x20 [ 125.032408] group_sched_out.part.0+0x2c7/0x460 [ 125.032441] ctx_sched_out+0x8f1/0xc10 [ 125.032471] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.032491] __schedule+0xedd/0x2470 [ 125.032516] schedule+0xda/0x1b0 [ 125.032541] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.032561] syscall_exit_to_user_mode+0x19/0x40 [ 125.032583] do_syscall_64+0x48/0x90 [ 125.032614] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.032637] [ 125.032637] other info that might help us debug this: [ 125.032637] [ 125.032642] Chain exists of: [ 125.032642] (console_sem).lock --> &rq->__lock --> &ctx->lock [ 125.032642] [ 125.032669] Possible unsafe locking scenario: [ 125.032669] [ 125.032673] CPU0 CPU1 [ 125.032677] ---- ---- [ 125.032681] lock(&ctx->lock); [ 125.032691] lock(&rq->__lock); [ 125.032703] lock(&ctx->lock); [ 125.032714] lock((console_sem).lock); [ 125.032725] [ 125.032725] *** DEADLOCK *** [ 125.032725] [ 125.032728] 2 locks held by syz-executor.5/3854: [ 125.032741] #0: ffff88806ce37e98 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x1cf/0x2470 [ 125.032795] #1: ffff88801769f020 (&ctx->lock){....}-{2:2}, at: __perf_event_task_sched_out+0x53b/0x18d0 [ 125.032844] [ 125.032844] stack backtrace: [ 125.032848] CPU: 0 PID: 3854 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220929 #1 [ 125.032871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.032885] Call Trace: [ 125.032890] [ 125.032897] dump_stack_lvl+0x8b/0xb3 [ 125.032931] check_noncircular+0x263/0x2e0 [ 125.032961] ? format_decode+0x26c/0xb50 [ 125.032990] ? print_circular_bug+0x450/0x450 [ 125.033021] ? enable_ptr_key_workfn+0x20/0x20 [ 125.033050] ? __lockdep_reset_lock+0x180/0x180 [ 125.033081] ? format_decode+0x26c/0xb50 [ 125.033113] ? alloc_chain_hlocks+0x1ec/0x5a0 [ 125.033146] __lock_acquire+0x2a02/0x5e70 [ 125.033186] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 125.033228] lock_acquire+0x1a2/0x530 [ 125.033258] ? down_trylock+0xe/0x70 [ 125.033290] ? lock_release+0x750/0x750 [ 125.033328] ? vprintk+0x84/0xa0 [ 125.033361] _raw_spin_lock_irqsave+0x39/0x60 [ 125.033382] ? down_trylock+0xe/0x70 [ 125.033412] down_trylock+0xe/0x70 [ 125.033441] ? vprintk+0x84/0xa0 [ 125.033472] __down_trylock_console_sem+0x3b/0xd0 [ 125.033504] vprintk_emit+0x16b/0x560 [ 125.033539] vprintk+0x84/0xa0 [ 125.033571] _printk+0xba/0xf1 [ 125.033592] ? record_print_text.cold+0x16/0x16 [ 125.033618] ? hrtimer_try_to_cancel+0x163/0x2c0 [ 125.033643] ? lock_downgrade+0x6d0/0x6d0 [ 125.033676] ? report_bug.cold+0x66/0xab [ 125.033709] ? group_sched_out.part.0+0x2c7/0x460 [ 125.033743] report_bug.cold+0x72/0xab [ 125.033778] handle_bug+0x3c/0x70 [ 125.033810] exc_invalid_op+0x14/0x50 [ 125.033844] asm_exc_invalid_op+0x16/0x20 [ 125.033867] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 125.033904] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 125.033925] RSP: 0018:ffff88803fd77c48 EFLAGS: 00010006 [ 125.033941] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.033955] RDX: ffff88801d748000 RSI: ffffffff81565e67 RDI: 0000000000000005 [ 125.033969] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 125.033983] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801769f000 [ 125.034005] R13: ffff88806ce3d2c0 R14: ffffffff8547c9a0 R15: 0000000000000002 [ 125.034026] ? group_sched_out.part.0+0x2c7/0x460 [ 125.034063] ? group_sched_out.part.0+0x2c7/0x460 [ 125.034100] ctx_sched_out+0x8f1/0xc10 [ 125.034137] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.034164] ? lock_is_held_type+0xd7/0x130 [ 125.034189] ? __perf_cgroup_move+0x160/0x160 [ 125.034209] ? set_next_entity+0x304/0x550 [ 125.034241] ? update_curr+0x267/0x740 [ 125.034275] ? lock_is_held_type+0xd7/0x130 [ 125.034302] __schedule+0xedd/0x2470 [ 125.034334] ? io_schedule_timeout+0x150/0x150 [ 125.034365] ? __x64_sys_futex_time32+0x480/0x480 [ 125.034391] schedule+0xda/0x1b0 [ 125.034418] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.034441] syscall_exit_to_user_mode+0x19/0x40 [ 125.034466] do_syscall_64+0x48/0x90 [ 125.034499] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.034523] RIP: 0033:0x7f3ce3784b19 [ 125.034538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.034558] RSP: 002b:00007f3ce0cfa218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.034578] RAX: 0000000000000001 RBX: 00007f3ce3897f68 RCX: 00007f3ce3784b19 [ 125.034592] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3ce3897f6c [ 125.034606] RBP: 00007f3ce3897f60 R08: 000000000000000e R09: 0000000000000000 [ 125.034619] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f3ce3897f6c [ 125.034632] R13: 00007ffcb753aa3f R14: 00007f3ce0cfa300 R15: 0000000000022000 [ 125.034656] [ 125.141088] WARNING: CPU: 0 PID: 3854 at kernel/events/core.c:2309 group_sched_out.part.0+0x2c7/0x460 [ 125.142397] Modules linked in: [ 125.142857] CPU: 0 PID: 3854 Comm: syz-executor.5 Not tainted 6.0.0-rc7-next-20220929 #1 [ 125.143987] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 125.145558] RIP: 0010:group_sched_out.part.0+0x2c7/0x460 [ 125.146339] Code: 5e 41 5f e9 8b ae ef ff e8 86 ae ef ff 65 8b 1d 6b 17 ac 7e 31 ff 89 de e8 26 ab ef ff 85 db 0f 84 8a 00 00 00 e8 69 ae ef ff <0f> 0b e9 a5 fe ff ff e8 5d ae ef ff 48 8d 7d 10 48 b8 00 00 00 00 [ 125.148861] RSP: 0018:ffff88803fd77c48 EFLAGS: 00010006 [ 125.149604] RAX: 0000000040000002 RBX: 0000000000000000 RCX: 0000000000000000 [ 125.150616] RDX: ffff88801d748000 RSI: ffffffff81565e67 RDI: 0000000000000005 [ 125.151597] RBP: ffff8880086605c8 R08: 0000000000000005 R09: 0000000000000001 [ 125.152589] R10: 0000000000000000 R11: 0000000000000001 R12: ffff88801769f000 [ 125.153589] R13: ffff88806ce3d2c0 R14: ffffffff8547c9a0 R15: 0000000000000002 [ 125.154596] FS: 00007f3ce0cfa700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 125.155707] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.156506] CR2: 00007f40276671f0 CR3: 000000000eef0000 CR4: 0000000000350ef0 [ 125.157504] Call Trace: [ 125.157875] [ 125.158211] ctx_sched_out+0x8f1/0xc10 [ 125.158785] __perf_event_task_sched_out+0x6d0/0x18d0 [ 125.159513] ? lock_is_held_type+0xd7/0x130 [ 125.160129] ? __perf_cgroup_move+0x160/0x160 [ 125.160762] ? set_next_entity+0x304/0x550 [ 125.161369] ? update_curr+0x267/0x740 [ 125.161930] ? lock_is_held_type+0xd7/0x130 [ 125.162560] __schedule+0xedd/0x2470 [ 125.163103] ? io_schedule_timeout+0x150/0x150 [ 125.163762] ? __x64_sys_futex_time32+0x480/0x480 [ 125.164449] schedule+0xda/0x1b0 [ 125.164933] exit_to_user_mode_prepare+0x114/0x1a0 [ 125.165624] syscall_exit_to_user_mode+0x19/0x40 [ 125.166310] do_syscall_64+0x48/0x90 [ 125.166856] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 125.167589] RIP: 0033:0x7f3ce3784b19 [ 125.168119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 125.170662] RSP: 002b:00007f3ce0cfa218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 125.171597] RAX: 0000000000000001 RBX: 00007f3ce3897f68 RCX: 00007f3ce3784b19 [ 125.172559] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3ce3897f6c [ 125.173550] RBP: 00007f3ce3897f60 R08: 000000000000000e R09: 0000000000000000 [ 125.174552] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f3ce3897f6c [ 125.175556] R13: 00007ffcb753aa3f R14: 00007f3ce0cfa300 R15: 0000000000022000 [ 125.176560] [ 125.176903] irq event stamp: 3386 [ 125.177392] hardirqs last enabled at (3385): [] exit_to_user_mode_prepare+0x109/0x1a0 [ 125.178702] hardirqs last disabled at (3386): [] __schedule+0x1225/0x2470 [ 125.179867] softirqs last enabled at (3380): [] __irq_exit_rcu+0x11b/0x180 [ 125.181071] softirqs last disabled at (3251): [] __irq_exit_rcu+0x11b/0x180 [ 125.182281] ---[ end trace 0000000000000000 ]--- [ 125.317922] loop5: detected capacity change from 0 to 186 [ 126.255428] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.257174] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 126.408995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.411561] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 126.762234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.765745] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 129.467234] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 129.468850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 129.471025] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 129.472841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 129.474455] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 129.475551] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 129.479309] Bluetooth: hci0: HCI_REQ-0x0c1a [ 131.506627] Bluetooth: hci0: command 0x0409 tx timeout [ 133.554415] Bluetooth: hci0: command 0x041b tx timeout VM DIAGNOSIS: 02:53:16 Registers: info registers vcpu 0 RAX=000000000000007a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823ba3c1 RDI=ffffffff8765a9c0 RBP=ffffffff8765a980 RSP=ffff88803fd77690 R8 =0000000000000001 R9 =000000000000000a R10=000000000000007a R11=0000000000000001 R12=000000000000007a R13=ffffffff8765a980 R14=0000000000000010 R15=ffffffff823ba3b0 RIP=ffffffff823ba419 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f3ce0cfa700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f40276671f0 CR3=000000000eef0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 6666666678303d74 66666f5f656d6974 YMM01=0000000000000000 0000000000000000 6f68732c32376466 8066666666666666 YMM02=0000000000000000 0000000000000000 6f68732c746e6e69 773d656d616e7472 YMM03=0000000000000000 0000000000000000 6674752c746e6e69 773d656d616e7472 YMM04=0000000000000000 0000000000000000 04ea7d5b3d657079 745f6a6275732c3d YMM05=0000000000000000 0000000000000000 657079745f6a626f 2c5e233d72657375 YMM06=0000000000000000 0000000000000000 5f6a626f2c687361 685f746e6f642c31 YMM07=0000000000000000 0000000000000000 3d386674752c746e 6e69773d656d616e YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff84272467 RDX=ffffed100d9c6fd1 RSI=0000000000000004 RDI=ffff88806ce37e80 RBP=ffff88806ce37e80 RSP=ffff88806cf09b28 R8 =0000000000000000 R9 =ffff88806ce37e83 R10=ffffed100d9c6fd0 R11=0000000000000001 R12=0000000000000003 R13=ffffed100d9c6fd0 R14=0000000000000001 R15=1ffff1100d9e1366 RIP=ffffffff842724e4 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f6e3a5fd900 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6e39a2e0d0 CR3=0000000008a1a000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM01=0000000000000000 0000000000000000 3030623438613630 3638616663356134 YMM02=0000000000000000 0000000000000000 3830306234386136 3036386166633561 YMM03=0000000000000000 0000000000000000 2f6c616e72756f6a 2f676f6c2f6e7572 YMM04=0000000000000000 0000000000000000 01506112cc8e3cf7 0000000000136c50 YMM05=0000000000000000 0000000000000000 d3fdd5f48436fbd7 00000000000aead0 YMM06=0000000000000000 0000000000000000 58d3204f96e2449d 00000000000ae988 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 44495f474f4c5359 530069253d595449 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0020000000200000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000