
Debian GNU/Linux 11 syzkaller ttyS0

Warning: Permanently added '[localhost]:50845' (ECDSA) to the list of known hosts.
2022/08/23 11:01:33 fuzzer started
2022/08/23 11:01:33 dialing manager at localhost:33573
syzkaller login: [   38.547308] cgroup: Unknown subsys name 'net'
[   38.655354] cgroup: Unknown subsys name 'rlimit'
2022/08/23 11:01:49 syscalls: 2215
2022/08/23 11:01:49 code coverage: enabled
2022/08/23 11:01:49 comparison tracing: enabled
2022/08/23 11:01:49 extra coverage: enabled
2022/08/23 11:01:49 setuid sandbox: enabled
2022/08/23 11:01:49 namespace sandbox: enabled
2022/08/23 11:01:49 Android sandbox: enabled
2022/08/23 11:01:49 fault injection: enabled
2022/08/23 11:01:49 leak checking: enabled
2022/08/23 11:01:49 net packet injection: enabled
2022/08/23 11:01:49 net device setup: enabled
2022/08/23 11:01:49 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/08/23 11:01:49 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/08/23 11:01:49 USB emulation: enabled
2022/08/23 11:01:49 hci packet injection: enabled
2022/08/23 11:01:49 wifi device emulation: failed to parse kernel version (6.0.0-rc2-next-20220823                                          )
2022/08/23 11:01:49 802.15.4 emulation: enabled
2022/08/23 11:01:49 fetching corpus: 0, signal 0/2000 (executing program)
2022/08/23 11:01:49 fetching corpus: 41, signal 22754/26367 (executing program)
2022/08/23 11:01:49 fetching corpus: 91, signal 39637/44665 (executing program)
2022/08/23 11:01:50 fetching corpus: 141, signal 50237/56583 (executing program)
2022/08/23 11:01:50 fetching corpus: 190, signal 58033/65696 (executing program)
2022/08/23 11:01:50 fetching corpus: 240, signal 66067/74885 (executing program)
2022/08/23 11:01:50 fetching corpus: 290, signal 74502/84309 (executing program)
2022/08/23 11:01:50 fetching corpus: 339, signal 80362/91145 (executing program)
2022/08/23 11:01:50 fetching corpus: 388, signal 86003/97725 (executing program)
2022/08/23 11:01:50 fetching corpus: 438, signal 89004/101810 (executing program)
2022/08/23 11:01:51 fetching corpus: 488, signal 95153/108688 (executing program)
2022/08/23 11:01:51 fetching corpus: 537, signal 98528/112960 (executing program)
2022/08/23 11:01:51 fetching corpus: 587, signal 101541/116883 (executing program)
2022/08/23 11:01:51 fetching corpus: 637, signal 105318/121403 (executing program)
2022/08/23 11:01:51 fetching corpus: 686, signal 107495/124419 (executing program)
2022/08/23 11:01:51 fetching corpus: 736, signal 111904/129336 (executing program)
2022/08/23 11:01:52 fetching corpus: 786, signal 113926/132154 (executing program)
2022/08/23 11:01:52 fetching corpus: 836, signal 116978/135853 (executing program)
2022/08/23 11:01:52 fetching corpus: 886, signal 119134/138713 (executing program)
2022/08/23 11:01:52 fetching corpus: 936, signal 121476/141688 (executing program)
2022/08/23 11:01:52 fetching corpus: 986, signal 123499/144396 (executing program)
2022/08/23 11:01:52 fetching corpus: 1035, signal 126068/147524 (executing program)
2022/08/23 11:01:52 fetching corpus: 1085, signal 128140/150188 (executing program)
2022/08/23 11:01:52 fetching corpus: 1135, signal 130216/152842 (executing program)
2022/08/23 11:01:53 fetching corpus: 1184, signal 133380/156295 (executing program)
2022/08/23 11:01:53 fetching corpus: 1234, signal 134350/157985 (executing program)
2022/08/23 11:01:53 fetching corpus: 1284, signal 136579/160588 (executing program)
2022/08/23 11:01:53 fetching corpus: 1334, signal 139013/163374 (executing program)
2022/08/23 11:01:53 fetching corpus: 1384, signal 140048/165022 (executing program)
2022/08/23 11:01:53 fetching corpus: 1434, signal 141762/167151 (executing program)
2022/08/23 11:01:53 fetching corpus: 1484, signal 143408/169223 (executing program)
2022/08/23 11:01:53 fetching corpus: 1534, signal 145465/171590 (executing program)
2022/08/23 11:01:54 fetching corpus: 1584, signal 147258/173733 (executing program)
2022/08/23 11:01:54 fetching corpus: 1634, signal 148575/175522 (executing program)
2022/08/23 11:01:54 fetching corpus: 1684, signal 149776/177167 (executing program)
2022/08/23 11:01:54 fetching corpus: 1734, signal 151037/178837 (executing program)
2022/08/23 11:01:54 fetching corpus: 1784, signal 152871/180875 (executing program)
2022/08/23 11:01:54 fetching corpus: 1834, signal 154662/182861 (executing program)
2022/08/23 11:01:54 fetching corpus: 1884, signal 156818/185103 (executing program)
2022/08/23 11:01:54 fetching corpus: 1934, signal 158344/186845 (executing program)
2022/08/23 11:01:55 fetching corpus: 1984, signal 159975/188633 (executing program)
2022/08/23 11:01:55 fetching corpus: 2034, signal 161455/190301 (executing program)
2022/08/23 11:01:55 fetching corpus: 2084, signal 163147/192115 (executing program)
2022/08/23 11:01:55 fetching corpus: 2134, signal 164511/193686 (executing program)
2022/08/23 11:01:55 fetching corpus: 2184, signal 166100/195304 (executing program)
2022/08/23 11:01:55 fetching corpus: 2233, signal 167286/196670 (executing program)
2022/08/23 11:01:55 fetching corpus: 2283, signal 168647/198165 (executing program)
2022/08/23 11:01:55 fetching corpus: 2333, signal 170151/199716 (executing program)
2022/08/23 11:01:56 fetching corpus: 2383, signal 171326/201049 (executing program)
2022/08/23 11:01:56 fetching corpus: 2433, signal 172333/202248 (executing program)
2022/08/23 11:01:56 fetching corpus: 2483, signal 174047/203868 (executing program)
2022/08/23 11:01:56 fetching corpus: 2533, signal 175302/205155 (executing program)
2022/08/23 11:01:56 fetching corpus: 2583, signal 176269/206248 (executing program)
2022/08/23 11:01:56 fetching corpus: 2633, signal 177539/207511 (executing program)
2022/08/23 11:01:56 fetching corpus: 2683, signal 179154/208933 (executing program)
2022/08/23 11:01:57 fetching corpus: 2733, signal 180890/210410 (executing program)
2022/08/23 11:01:57 fetching corpus: 2783, signal 181703/211325 (executing program)
2022/08/23 11:01:57 fetching corpus: 2833, signal 182867/212477 (executing program)
2022/08/23 11:01:57 fetching corpus: 2883, signal 183832/213519 (executing program)
2022/08/23 11:01:57 fetching corpus: 2933, signal 184930/214575 (executing program)
2022/08/23 11:01:57 fetching corpus: 2983, signal 185695/215470 (executing program)
2022/08/23 11:01:57 fetching corpus: 3033, signal 186886/216547 (executing program)
2022/08/23 11:01:57 fetching corpus: 3083, signal 187890/217530 (executing program)
2022/08/23 11:01:58 fetching corpus: 3133, signal 188662/218350 (executing program)
2022/08/23 11:01:58 fetching corpus: 3183, signal 189419/219189 (executing program)
2022/08/23 11:01:58 fetching corpus: 3233, signal 190178/220019 (executing program)
2022/08/23 11:01:58 fetching corpus: 3283, signal 191473/221052 (executing program)
2022/08/23 11:01:58 fetching corpus: 3333, signal 192969/222178 (executing program)
2022/08/23 11:01:58 fetching corpus: 3383, signal 193776/222964 (executing program)
2022/08/23 11:01:58 fetching corpus: 3433, signal 194709/223757 (executing program)
2022/08/23 11:01:59 fetching corpus: 3483, signal 195352/224437 (executing program)
2022/08/23 11:01:59 fetching corpus: 3533, signal 196269/225211 (executing program)
2022/08/23 11:01:59 fetching corpus: 3583, signal 197090/225952 (executing program)
2022/08/23 11:01:59 fetching corpus: 3633, signal 198497/226890 (executing program)
2022/08/23 11:01:59 fetching corpus: 3683, signal 199082/227483 (executing program)
2022/08/23 11:01:59 fetching corpus: 3733, signal 200577/228442 (executing program)
2022/08/23 11:01:59 fetching corpus: 3783, signal 201356/229085 (executing program)
2022/08/23 11:02:00 fetching corpus: 3833, signal 201920/229689 (executing program)
2022/08/23 11:02:00 fetching corpus: 3883, signal 202936/230434 (executing program)
2022/08/23 11:02:00 fetching corpus: 3933, signal 203755/231059 (executing program)
2022/08/23 11:02:00 fetching corpus: 3983, signal 205030/231856 (executing program)
2022/08/23 11:02:00 fetching corpus: 4033, signal 205720/232408 (executing program)
2022/08/23 11:02:00 fetching corpus: 4083, signal 206643/233030 (executing program)
2022/08/23 11:02:00 fetching corpus: 4133, signal 207440/233555 (executing program)
2022/08/23 11:02:01 fetching corpus: 4183, signal 208194/234132 (executing program)
2022/08/23 11:02:01 fetching corpus: 4233, signal 208846/234640 (executing program)
2022/08/23 11:02:01 fetching corpus: 4282, signal 209867/235259 (executing program)
2022/08/23 11:02:01 fetching corpus: 4332, signal 210563/235688 (executing program)
2022/08/23 11:02:01 fetching corpus: 4382, signal 210931/236105 (executing program)
2022/08/23 11:02:01 fetching corpus: 4432, signal 211377/236503 (executing program)
2022/08/23 11:02:01 fetching corpus: 4482, signal 212397/237064 (executing program)
2022/08/23 11:02:02 fetching corpus: 4531, signal 213284/237556 (executing program)
2022/08/23 11:02:02 fetching corpus: 4581, signal 213814/237926 (executing program)
2022/08/23 11:02:02 fetching corpus: 4631, signal 214399/238323 (executing program)
2022/08/23 11:02:02 fetching corpus: 4681, signal 215007/238705 (executing program)
2022/08/23 11:02:02 fetching corpus: 4731, signal 215887/239152 (executing program)
2022/08/23 11:02:02 fetching corpus: 4781, signal 216922/239626 (executing program)
2022/08/23 11:02:02 fetching corpus: 4831, signal 217760/240031 (executing program)
2022/08/23 11:02:03 fetching corpus: 4881, signal 218283/240387 (executing program)
2022/08/23 11:02:03 fetching corpus: 4931, signal 218811/240716 (executing program)
2022/08/23 11:02:03 fetching corpus: 4981, signal 219438/241059 (executing program)
2022/08/23 11:02:03 fetching corpus: 5031, signal 220270/241392 (executing program)
2022/08/23 11:02:03 fetching corpus: 5081, signal 221001/241706 (executing program)
2022/08/23 11:02:03 fetching corpus: 5131, signal 221802/242067 (executing program)
2022/08/23 11:02:03 fetching corpus: 5181, signal 222536/242377 (executing program)
2022/08/23 11:02:04 fetching corpus: 5231, signal 223057/242628 (executing program)
2022/08/23 11:02:04 fetching corpus: 5281, signal 223480/242874 (executing program)
2022/08/23 11:02:04 fetching corpus: 5331, signal 224181/243127 (executing program)
2022/08/23 11:02:04 fetching corpus: 5381, signal 224556/243340 (executing program)
2022/08/23 11:02:04 fetching corpus: 5431, signal 225459/243592 (executing program)
2022/08/23 11:02:04 fetching corpus: 5481, signal 226085/243820 (executing program)
2022/08/23 11:02:04 fetching corpus: 5531, signal 226701/244040 (executing program)
2022/08/23 11:02:04 fetching corpus: 5581, signal 227470/244263 (executing program)
2022/08/23 11:02:05 fetching corpus: 5631, signal 227885/244429 (executing program)
2022/08/23 11:02:05 fetching corpus: 5681, signal 228398/244613 (executing program)
2022/08/23 11:02:05 fetching corpus: 5731, signal 228950/244791 (executing program)
2022/08/23 11:02:05 fetching corpus: 5781, signal 229497/244948 (executing program)
2022/08/23 11:02:05 fetching corpus: 5830, signal 230098/245106 (executing program)
2022/08/23 11:02:05 fetching corpus: 5880, signal 230402/245255 (executing program)
2022/08/23 11:02:05 fetching corpus: 5930, signal 230798/245389 (executing program)
2022/08/23 11:02:06 fetching corpus: 5979, signal 231494/245508 (executing program)
2022/08/23 11:02:06 fetching corpus: 6028, signal 232119/245641 (executing program)
2022/08/23 11:02:06 fetching corpus: 6078, signal 232632/245745 (executing program)
2022/08/23 11:02:06 fetching corpus: 6128, signal 233524/245783 (executing program)
2022/08/23 11:02:06 fetching corpus: 6178, signal 234075/245783 (executing program)
2022/08/23 11:02:06 fetching corpus: 6228, signal 234654/245783 (executing program)
2022/08/23 11:02:06 fetching corpus: 6278, signal 235190/245783 (executing program)
2022/08/23 11:02:07 fetching corpus: 6328, signal 235821/245783 (executing program)
2022/08/23 11:02:07 fetching corpus: 6378, signal 236451/245783 (executing program)
2022/08/23 11:02:07 fetching corpus: 6428, signal 237012/245783 (executing program)
2022/08/23 11:02:07 fetching corpus: 6477, signal 237393/245783 (executing program)
2022/08/23 11:02:07 fetching corpus: 6527, signal 237802/245783 (executing program)
2022/08/23 11:02:07 fetching corpus: 6577, signal 238505/245783 (executing program)
2022/08/23 11:02:07 fetching corpus: 6627, signal 239205/245795 (executing program)
2022/08/23 11:02:07 fetching corpus: 6677, signal 240083/245795 (executing program)
2022/08/23 11:02:08 fetching corpus: 6727, signal 240548/245795 (executing program)
2022/08/23 11:02:08 fetching corpus: 6777, signal 240959/245795 (executing program)
2022/08/23 11:02:08 fetching corpus: 6827, signal 241485/245795 (executing program)
2022/08/23 11:02:08 fetching corpus: 6877, signal 242082/245802 (executing program)
2022/08/23 11:02:08 fetching corpus: 6894, signal 242210/245802 (executing program)
2022/08/23 11:02:08 fetching corpus: 6895, signal 242212/245804 (executing program)
2022/08/23 11:02:08 fetching corpus: 6895, signal 242212/245804 (executing program)
2022/08/23 11:02:11 starting 8 fuzzer processes
11:02:11 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x1010c2, 0x44)
openat(r2, &(0x7f0000000100)='./file2\x00', 0x2840, 0x2)
signalfd(r0, &(0x7f0000000140)={[0x8001]}, 0x8)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x10000027f)
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x5)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000400)={0x6, 0x10001, 0x4, 0x9, 0x6, "81edee0b895f5d8e3780848c4d64b26b8a0eaf"})
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)=ANY=[@ANYBLOB="01480b071ddc59ca3c000000", @ANYRES32=r1, @ANYBLOB='\x00!\x00\x00\x00\x00\x00\x00./file0\x00'])

11:02:11 executing program 1:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = gettid()
fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, r1})

11:02:11 executing program 7:
r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x88800, 0x0)
ioctl$CDROM_CLEAR_OPTIONS(r0, 0x5321, 0x0)

11:02:11 executing program 2:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/profiling', 0x0, 0x0)
pread64(r0, &(0x7f00000000c0)=""/244, 0xf4, 0x0)

[   74.049198] audit: type=1400 audit(1661252531.101:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:02:11 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f00000002c0)="19", 0x1}], 0x1, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, r2})

11:02:11 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0xa)
write$binfmt_aout(r0, &(0x7f00000005c0)={{0x0, 0x0, 0x3}, "", ['\x00']}, 0x120)

11:02:11 executing program 3:
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f00000000c0)=@abs={0x1}, 0x6e)
listen(r0, 0x0)
listen(r0, 0x0)

11:02:11 executing program 6:
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x6}, 0x0, 0x5, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x20140, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
mmap$perf(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x50, r0, 0x9)
process_vm_readv(0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000000100)=""/57, 0x39}], 0x2, &(0x7f0000000300)=[{&(0x7f0000012940)=""/102389, 0x18ff5}], 0x1, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x28201, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0)
ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_DATA_DIR(r6, 0x0, 0x1, &(0x7f00000019c0)=0x83a4, 0x4)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000100000018000000c5fb44059d918f29925401fa34beee27852ec48fd167f8216a76beaccac02662d6b7b6d130b53d7eef6bddf4fb33fbc7a47f684ba2e5c759efaf0d6a4eb25edf51ec2fac036cbbeb70f6598af53698f0b1", @ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file1\x00'])
r7 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r7)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r7)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r7)
pwritev(r4, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)

[   75.411764] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   75.413214] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   75.421828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   75.422970] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   75.428029] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   75.429277] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   75.438045] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   75.445187] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   75.446392] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   75.486624] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   75.487832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   75.490116] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   75.492208] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   75.495547] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   75.496639] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   75.498724] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   75.500291] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   75.501835] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   75.504026] Bluetooth: hci1: HCI_REQ-0x0c1a
[   75.504480] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   75.506237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   75.507326] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   75.508778] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   75.510303] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   75.513429] Bluetooth: hci0: HCI_REQ-0x0c1a
[   75.514967] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   75.516942] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   75.518824] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   75.519124] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   75.521753] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   75.522298] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   75.524075] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   75.525571] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   75.526796] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   75.531841] Bluetooth: hci6: HCI_REQ-0x0c1a
[   75.538331] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   75.540067] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   75.542171] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   75.547397] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   75.548841] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   75.550246] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   75.552317] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   75.553871] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   75.555394] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   75.556942] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   75.558658] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   75.559882] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   75.564951] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   75.565310] Bluetooth: hci7: HCI_REQ-0x0c1a
[   75.566271] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   75.568610] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   75.570935] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   75.575332] Bluetooth: hci2: HCI_REQ-0x0c1a
[   75.598929] Bluetooth: hci3: HCI_REQ-0x0c1a
[   75.602560] Bluetooth: hci4: HCI_REQ-0x0c1a
[   75.604095] Bluetooth: hci5: HCI_REQ-0x0c1a
[   77.560143] Bluetooth: hci6: command 0x0409 tx timeout
[   77.560508] Bluetooth: hci1: command 0x0409 tx timeout
[   77.623534] Bluetooth: hci5: command 0x0409 tx timeout
[   77.624346] Bluetooth: hci2: command 0x0409 tx timeout
[   77.624511] Bluetooth: hci4: command 0x0409 tx timeout
[   77.625365] Bluetooth: hci3: command 0x0409 tx timeout
[   77.625831] Bluetooth: hci0: command 0x0409 tx timeout
[   77.687527] Bluetooth: hci7: command 0x0409 tx timeout
[   79.607511] Bluetooth: hci1: command 0x041b tx timeout
[   79.607683] Bluetooth: hci6: command 0x041b tx timeout
[   79.671990] Bluetooth: hci0: command 0x041b tx timeout
[   79.672835] Bluetooth: hci3: command 0x041b tx timeout
[   79.673309] Bluetooth: hci4: command 0x041b tx timeout
[   79.675721] Bluetooth: hci2: command 0x041b tx timeout
[   79.676177] Bluetooth: hci5: command 0x041b tx timeout
[   79.735600] Bluetooth: hci7: command 0x041b tx timeout
[   81.655544] Bluetooth: hci6: command 0x040f tx timeout
[   81.656095] Bluetooth: hci1: command 0x040f tx timeout
[   81.719556] Bluetooth: hci5: command 0x040f tx timeout
[   81.720017] Bluetooth: hci2: command 0x040f tx timeout
[   81.721226] Bluetooth: hci4: command 0x040f tx timeout
[   81.721986] Bluetooth: hci3: command 0x040f tx timeout
[   81.722422] Bluetooth: hci0: command 0x040f tx timeout
[   81.783556] Bluetooth: hci7: command 0x040f tx timeout
[   83.029289] ==================================================================
[   83.029862] BUG: KASAN: use-after-free in __lock_acquire+0x42c9/0x5e70
[   83.030369] Read of size 8 at addr ffff88800db126d8 by task kmemleak/54
[   83.030980] 
[   83.031098] CPU: 0 PID: 54 Comm: kmemleak Not tainted 6.0.0-rc2-next-20220823 #1
[   83.031814] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[   83.033953] Call Trace:
[   83.034840]  <TASK>
[   83.035016]  dump_stack_lvl+0x8b/0xb3
[   83.035322]  print_report.cold+0x5e/0x5e5
[   83.035640]  ? __lock_acquire+0x42c9/0x5e70
[   83.036199]  kasan_report+0xb1/0x1c0
[   83.036498]  ? __lock_acquire+0x42c9/0x5e70
[   83.036837]  __lock_acquire+0x42c9/0x5e70
[   83.037169]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   83.037565]  ? lockdep_hardirqs_on_prepare+0x410/0x410
[   83.037973]  ? finish_task_switch.isra.0+0x22d/0x8a0
[   83.038366]  lock_acquire+0x1a2/0x530
[   83.038662]  ? kmemleak_scan+0x21d/0x16f0
[   83.038994]  ? lock_release+0x750/0x750
[   83.039308]  ? lock_release+0x750/0x750
[   83.039614]  ? io_schedule_timeout+0x150/0x150
[   83.039965]  ? _raw_spin_lock_irq+0x41/0x50
[   83.040294]  _raw_spin_lock_irq+0x32/0x50
[   83.040608]  ? kmemleak_scan+0x21d/0x16f0
[   83.040933]  kmemleak_scan+0x21d/0x16f0
[   83.041252]  ? paint_ptr+0xc0/0xc0
[   83.041534]  ? __kthread_parkme+0x15a/0x220
[   83.041855]  ? kmemleak_write.cold+0x29/0x29
[   83.042186]  kmemleak_scan_thread+0x8f/0xb1
[   83.042508]  kthread+0x2ed/0x3a0
[   83.042769]  ? kthread_complete_and_exit+0x40/0x40
[   83.043140]  ret_from_fork+0x22/0x30
[   83.043436]  </TASK>
[   83.043614] 
[   83.043744] Allocated by task 183:
[   83.044010]  kasan_save_stack+0x1e/0x40
[   83.044313]  __kasan_slab_alloc+0x66/0x80
[   83.044626]  kmem_cache_alloc+0x1b1/0x4a0
[   83.044937]  __create_object.isra.0+0x3d/0xc10
[   83.045306]  kmemleak_alloc_percpu+0x9d/0x160
[   83.045651]  pcpu_alloc+0x834/0x10f0
[   83.045941]  __percpu_counter_init+0x10d/0x2e0
[   83.046285]  wb_init+0x607/0x810
[   83.046545]  wb_get_create+0x23a/0x1180
[   83.046850]  __inode_attach_wb+0x2e6/0x880
[   83.047175]  __mark_inode_dirty+0x9b2/0xf00
[   83.047509]  touch_atime+0x644/0x700
[   83.047789]  filemap_read+0xb16/0xd10
[   83.048082]  generic_file_read_iter+0x3cd/0x530
[   83.048441]  ext4_file_read_iter+0x182/0x400
[   83.048786]  __kernel_read+0x2cb/0x7d0
[   83.049093]  kernel_read+0xbf/0x1c0
[   83.049369]  bprm_execve+0x70e/0x1920
[   83.049668]  do_execveat_common+0x72c/0x890
[   83.050003]  __x64_sys_execve+0x8f/0xc0
[   83.050307]  do_syscall_64+0x3b/0x90
[   83.050588]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   83.050980] 
[   83.051112] Freed by task 13:
[   83.051348]  kasan_save_stack+0x1e/0x40
[   83.051654]  kasan_set_track+0x21/0x30
[   83.051956]  kasan_set_free_info+0x20/0x40
[   83.052279]  __kasan_slab_free+0x108/0x190
[   83.052605]  kmem_cache_free+0xfb/0x610
[   83.052907]  rcu_core+0x7e2/0x2080
[   83.053185]  __do_softirq+0x1c8/0x8d0
[   83.053486] 
[   83.053615] Last potentially related work creation:
[   83.053978]  kasan_save_stack+0x1e/0x40
[   83.054275]  __kasan_record_aux_stack+0x97/0xb0
[   83.054629]  call_rcu+0x6a/0xa30
[   83.054893]  kmemleak_free_percpu+0xf5/0x160
[   83.055234]  free_percpu+0x2c/0xec0
[   83.055511]  percpu_counter_destroy+0x11a/0x1c0
[   83.055857]  wb_exit+0x76/0xb0
[   83.056105]  cgwb_release_workfn+0x25d/0x3f0
[   83.056439]  process_one_work+0xa0f/0x1690
[   83.056759]  worker_thread+0x637/0x1260
[   83.057068]  kthread+0x2ed/0x3a0
[   83.057327]  ret_from_fork+0x22/0x30
[   83.057612] 
[   83.057744] Second to last potentially related work creation:
[   83.058170]  kasan_save_stack+0x1e/0x40
[   83.058470]  __kasan_record_aux_stack+0x97/0xb0
[   83.058823]  call_rcu+0x6a/0xa30
[   83.059083]  kmem_cache_free+0xc1/0x610
[   83.059379]  exit_mmap+0x24f/0x680
[   83.059652]  mmput+0xd1/0x390
[   83.059902]  do_exit+0xb44/0x2940
[   83.060168]  do_group_exit+0xd0/0x2a0
[   83.060460]  __x64_sys_exit_group+0x3a/0x50
[   83.060784]  do_syscall_64+0x3b/0x90
[   83.061074]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   83.061461] 
[   83.061591] The buggy address belongs to the object at ffff88800db126c0
[   83.061591]  which belongs to the cache kmemleak_object of size 368
[   83.062512] The buggy address is located 24 bytes inside of
[   83.062512]  368-byte region [ffff88800db126c0, ffff88800db12830)
[   83.063345] 
[   83.063476] The buggy address belongs to the physical page:
[   83.063889] page:00000000c01a8ca9 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xdb12
[   83.064579] head:00000000c01a8ca9 order:1 compound_mapcount:0 compound_pincount:0
[   83.065140] flags: 0x100000000010200(slab|head|node=0|zone=1)
[   83.065578] raw: 0100000000010200 0000000000000000 dead000000000001 ffff888007c4f780
[   83.066140] raw: 0000000000000000 0000000000120012 00000001ffffffff 0000000000000000
[   83.066706] page dumped because: kasan: bad access detected
[   83.067114] 
[   83.067243] Memory state around the buggy address:
[   83.067597]  ffff88800db12580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   83.068135]  ffff88800db12600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   83.068670] >ffff88800db12680: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[   83.069199]                                                     ^
[   83.069648]  ffff88800db12700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   83.070180]  ffff88800db12780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   83.070710] ==================================================================
[   83.071242] Disabling lock debugging due to kernel taint

VM DIAGNOSIS:
11:02:20  Registers:
info registers vcpu 0
RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff82444701 RDI=ffffffff876379e0 RBP=ffffffff876379a0 RSP=ffff88800fcd7628
R8 =0000000000000001 R9 =000000000000000a R10=0000000000000061 R11=0000000000000001
R12=0000000000000061 R13=ffffffff876379a0 R14=0000000000000010 R15=ffffffff824446f0
RIP=ffffffff82444759 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fdbf3841610 CR3=000000000d01c000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 3725e6165981cfaa 4c00003e5567f513
YMM02=0000000000000000 0000000000000000 adc2e04558d6456b 357fce2f9fd88ec1
YMM03=0000000000000000 0000000000000000 b69ec82753a452c8 b0a36536e9eb643e
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0d0c0f0e09080b0a 0504070601000302
YMM07=0000000000000000 0000000000000000 0e0d0c0f0a09080b 0605040702010003
YMM08=0000000000000000 0000000000000000 a92b0fefffa7efff 3fa8e9dfbff2b5fb
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=ffff8880172af8b8 RCX=0000000000000000 RDX=0000000080000000
RSI=ffff8880172af888 RDI=0000000000000001 RBP=ffff8880172a8000 RSP=ffff8880172af478
R8 =ffffffff85e6058e R9 =ffffffff85e60592 R10=ffffed1002e55eac R11=ffff8880172af538
R12=ffff8880172af539 R13=ffff8880172af558 R14=ffff8880172af4f8 R15=0000000000000003
RIP=ffffffff8111a092 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055a465186868 CR3=000000001b73c000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f
YMM01=0000000000000000 0000000000000000 322e6f732e6c6462 696c2f756e672d78
YMM02=0000000000000000 0000000000000000 00322e6f732e6c64 62696c2f756e672d
YMM03=0000000000000000 0000000000000000 78756e696c2d3436 5f3638782f62696c
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000