Warning: Permanently added '[localhost]:52371' (ECDSA) to the list of known hosts. 2022/07/25 14:39:50 fuzzer started 2022/07/25 14:39:50 dialing manager at localhost:33171 syzkaller login: [ 48.581870] cgroup: Unknown subsys name 'net' [ 48.698636] cgroup: Unknown subsys name 'rlimit' 2022/07/25 14:40:07 syscalls: 2217 2022/07/25 14:40:07 code coverage: enabled 2022/07/25 14:40:07 comparison tracing: enabled 2022/07/25 14:40:07 extra coverage: enabled 2022/07/25 14:40:07 setuid sandbox: enabled 2022/07/25 14:40:07 namespace sandbox: enabled 2022/07/25 14:40:07 Android sandbox: enabled 2022/07/25 14:40:07 fault injection: enabled 2022/07/25 14:40:07 leak checking: enabled 2022/07/25 14:40:07 net packet injection: enabled 2022/07/25 14:40:07 net device setup: enabled 2022/07/25 14:40:07 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/07/25 14:40:07 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/07/25 14:40:07 USB emulation: enabled 2022/07/25 14:40:07 hci packet injection: enabled 2022/07/25 14:40:07 wifi device emulation: enabled 2022/07/25 14:40:07 802.15.4 emulation: enabled 2022/07/25 14:40:07 fetching corpus: 0, signal 0/2000 (executing program) 2022/07/25 14:40:07 fetching corpus: 41, signal 19284/22993 (executing program) 2022/07/25 14:40:07 fetching corpus: 82, signal 30699/35954 (executing program) 2022/07/25 14:40:07 fetching corpus: 122, signal 38445/45211 (executing program) 2022/07/25 14:40:07 fetching corpus: 165, signal 43326/51624 (executing program) 2022/07/25 14:40:07 fetching corpus: 210, signal 49524/59169 (executing program) 2022/07/25 14:40:07 fetching corpus: 260, signal 55803/66761 (executing program) 2022/07/25 14:40:07 fetching corpus: 310, signal 60062/72368 (executing program) 2022/07/25 14:40:07 fetching corpus: 360, signal 64595/78111 (executing program) 2022/07/25 14:40:07 fetching corpus: 409, signal 70952/85446 (executing program) 2022/07/25 14:40:07 fetching corpus: 459, signal 73810/89520 (executing program) 2022/07/25 14:40:08 fetching corpus: 509, signal 76506/93377 (executing program) 2022/07/25 14:40:08 fetching corpus: 559, signal 78848/96894 (executing program) 2022/07/25 14:40:08 fetching corpus: 609, signal 81118/100257 (executing program) 2022/07/25 14:40:08 fetching corpus: 659, signal 84962/105001 (executing program) 2022/07/25 14:40:08 fetching corpus: 709, signal 88221/109171 (executing program) 2022/07/25 14:40:08 fetching corpus: 759, signal 90853/112770 (executing program) 2022/07/25 14:40:08 fetching corpus: 809, signal 94063/116822 (executing program) 2022/07/25 14:40:08 fetching corpus: 857, signal 96975/120569 (executing program) 2022/07/25 14:40:08 fetching corpus: 907, signal 100884/125063 (executing program) 2022/07/25 14:40:09 fetching corpus: 956, signal 103342/128343 (executing program) 2022/07/25 14:40:09 fetching corpus: 1004, signal 105710/131473 (executing program) 2022/07/25 14:40:09 fetching corpus: 1053, signal 108566/134945 (executing program) 2022/07/25 14:40:09 fetching corpus: 1103, signal 110422/137495 (executing program) 2022/07/25 14:40:09 fetching corpus: 1152, signal 112345/140164 (executing program) 2022/07/25 14:40:09 fetching corpus: 1202, signal 114856/143275 (executing program) 2022/07/25 14:40:09 fetching corpus: 1252, signal 116235/145488 (executing program) 2022/07/25 14:40:09 fetching corpus: 1301, signal 118366/148170 (executing program) 2022/07/25 14:40:10 fetching corpus: 1350, signal 119548/150125 (executing program) 2022/07/25 14:40:10 fetching corpus: 1400, signal 121568/152727 (executing program) 2022/07/25 14:40:10 fetching corpus: 1450, signal 123762/155420 (executing program) 2022/07/25 14:40:10 fetching corpus: 1500, signal 126071/158181 (executing program) 2022/07/25 14:40:10 fetching corpus: 1548, signal 127855/160536 (executing program) 2022/07/25 14:40:10 fetching corpus: 1597, signal 130164/163215 (executing program) 2022/07/25 14:40:10 fetching corpus: 1647, signal 131973/165452 (executing program) 2022/07/25 14:40:10 fetching corpus: 1695, signal 132739/166945 (executing program) 2022/07/25 14:40:11 fetching corpus: 1744, signal 133992/168822 (executing program) 2022/07/25 14:40:11 fetching corpus: 1793, signal 135635/170938 (executing program) 2022/07/25 14:40:11 fetching corpus: 1843, signal 136814/172708 (executing program) 2022/07/25 14:40:11 fetching corpus: 1891, signal 138378/174688 (executing program) 2022/07/25 14:40:11 fetching corpus: 1937, signal 139989/176685 (executing program) 2022/07/25 14:40:11 fetching corpus: 1986, signal 141812/178831 (executing program) 2022/07/25 14:40:11 fetching corpus: 2035, signal 142923/180433 (executing program) 2022/07/25 14:40:11 fetching corpus: 2084, signal 144336/182167 (executing program) 2022/07/25 14:40:11 fetching corpus: 2134, signal 145188/183587 (executing program) 2022/07/25 14:40:12 fetching corpus: 2184, signal 146237/185082 (executing program) 2022/07/25 14:40:12 fetching corpus: 2233, signal 147469/186755 (executing program) 2022/07/25 14:40:12 fetching corpus: 2283, signal 148581/188255 (executing program) 2022/07/25 14:40:12 fetching corpus: 2333, signal 149993/189979 (executing program) 2022/07/25 14:40:12 fetching corpus: 2383, signal 151353/191630 (executing program) 2022/07/25 14:40:12 fetching corpus: 2432, signal 152505/193178 (executing program) 2022/07/25 14:40:12 fetching corpus: 2481, signal 153245/194433 (executing program) 2022/07/25 14:40:12 fetching corpus: 2531, signal 155146/196305 (executing program) 2022/07/25 14:40:12 fetching corpus: 2581, signal 155986/197566 (executing program) 2022/07/25 14:40:13 fetching corpus: 2630, signal 156985/198859 (executing program) 2022/07/25 14:40:13 fetching corpus: 2680, signal 157710/200029 (executing program) 2022/07/25 14:40:13 fetching corpus: 2730, signal 158552/201243 (executing program) 2022/07/25 14:40:13 fetching corpus: 2780, signal 159778/202648 (executing program) 2022/07/25 14:40:13 fetching corpus: 2829, signal 160790/203953 (executing program) 2022/07/25 14:40:13 fetching corpus: 2879, signal 161543/205102 (executing program) 2022/07/25 14:40:13 fetching corpus: 2929, signal 162380/206228 (executing program) 2022/07/25 14:40:13 fetching corpus: 2978, signal 162982/207225 (executing program) 2022/07/25 14:40:14 fetching corpus: 3028, signal 163790/208321 (executing program) 2022/07/25 14:40:14 fetching corpus: 3076, signal 164748/209488 (executing program) 2022/07/25 14:40:14 fetching corpus: 3126, signal 165311/210452 (executing program) 2022/07/25 14:40:14 fetching corpus: 3176, signal 166279/211559 (executing program) 2022/07/25 14:40:14 fetching corpus: 3226, signal 167219/212654 (executing program) 2022/07/25 14:40:14 fetching corpus: 3276, signal 168134/213748 (executing program) 2022/07/25 14:40:14 fetching corpus: 3326, signal 168834/214713 (executing program) 2022/07/25 14:40:14 fetching corpus: 3376, signal 169810/215892 (executing program) 2022/07/25 14:40:14 fetching corpus: 3426, signal 170627/216944 (executing program) 2022/07/25 14:40:14 fetching corpus: 3475, signal 171392/217931 (executing program) 2022/07/25 14:40:15 fetching corpus: 3525, signal 172275/218939 (executing program) 2022/07/25 14:40:15 fetching corpus: 3573, signal 173094/219940 (executing program) 2022/07/25 14:40:15 fetching corpus: 3622, signal 173516/220742 (executing program) 2022/07/25 14:40:15 fetching corpus: 3671, signal 174440/221787 (executing program) 2022/07/25 14:40:15 fetching corpus: 3721, signal 175191/222739 (executing program) 2022/07/25 14:40:15 fetching corpus: 3771, signal 175781/223577 (executing program) 2022/07/25 14:40:15 fetching corpus: 3821, signal 176305/224376 (executing program) 2022/07/25 14:40:15 fetching corpus: 3871, signal 176757/225119 (executing program) 2022/07/25 14:40:15 fetching corpus: 3921, signal 177207/225937 (executing program) 2022/07/25 14:40:16 fetching corpus: 3971, signal 177840/226802 (executing program) 2022/07/25 14:40:16 fetching corpus: 4021, signal 178458/227592 (executing program) 2022/07/25 14:40:16 fetching corpus: 4071, signal 179036/228378 (executing program) 2022/07/25 14:40:16 fetching corpus: 4121, signal 179649/229183 (executing program) 2022/07/25 14:40:16 fetching corpus: 4171, signal 180416/230028 (executing program) 2022/07/25 14:40:16 fetching corpus: 4221, signal 181151/230829 (executing program) 2022/07/25 14:40:16 fetching corpus: 4271, signal 182036/231668 (executing program) 2022/07/25 14:40:16 fetching corpus: 4321, signal 182696/232436 (executing program) 2022/07/25 14:40:17 fetching corpus: 4371, signal 183311/233167 (executing program) 2022/07/25 14:40:17 fetching corpus: 4421, signal 183896/233905 (executing program) 2022/07/25 14:40:17 fetching corpus: 4471, signal 184688/234725 (executing program) 2022/07/25 14:40:17 fetching corpus: 4521, signal 185471/235495 (executing program) 2022/07/25 14:40:17 fetching corpus: 4571, signal 186060/236182 (executing program) 2022/07/25 14:40:17 fetching corpus: 4621, signal 186414/236789 (executing program) 2022/07/25 14:40:17 fetching corpus: 4670, signal 187661/237627 (executing program) 2022/07/25 14:40:17 fetching corpus: 4720, signal 188538/238369 (executing program) 2022/07/25 14:40:17 fetching corpus: 4770, signal 189118/239021 (executing program) 2022/07/25 14:40:18 fetching corpus: 4820, signal 189879/239698 (executing program) 2022/07/25 14:40:18 fetching corpus: 4869, signal 190357/240302 (executing program) 2022/07/25 14:40:18 fetching corpus: 4919, signal 190665/240881 (executing program) 2022/07/25 14:40:18 fetching corpus: 4968, signal 191487/241575 (executing program) 2022/07/25 14:40:18 fetching corpus: 5018, signal 192026/242215 (executing program) 2022/07/25 14:40:18 fetching corpus: 5067, signal 192551/242787 (executing program) 2022/07/25 14:40:18 fetching corpus: 5116, signal 193657/243451 (executing program) 2022/07/25 14:40:18 fetching corpus: 5166, signal 195008/244137 (executing program) 2022/07/25 14:40:19 fetching corpus: 5216, signal 195982/244781 (executing program) 2022/07/25 14:40:19 fetching corpus: 5266, signal 196401/245270 (executing program) 2022/07/25 14:40:19 fetching corpus: 5316, signal 197155/245873 (executing program) 2022/07/25 14:40:19 fetching corpus: 5366, signal 197928/246445 (executing program) 2022/07/25 14:40:19 fetching corpus: 5416, signal 198701/246994 (executing program) 2022/07/25 14:40:19 fetching corpus: 5466, signal 199329/247493 (executing program) 2022/07/25 14:40:19 fetching corpus: 5516, signal 199873/247950 (executing program) 2022/07/25 14:40:19 fetching corpus: 5565, signal 200413/248446 (executing program) 2022/07/25 14:40:20 fetching corpus: 5613, signal 200985/248932 (executing program) 2022/07/25 14:40:20 fetching corpus: 5658, signal 201429/249387 (executing program) 2022/07/25 14:40:20 fetching corpus: 5708, signal 202130/249841 (executing program) 2022/07/25 14:40:20 fetching corpus: 5757, signal 202817/250316 (executing program) 2022/07/25 14:40:20 fetching corpus: 5805, signal 203281/250690 (executing program) 2022/07/25 14:40:20 fetching corpus: 5855, signal 203888/251139 (executing program) 2022/07/25 14:40:20 fetching corpus: 5904, signal 204779/251545 (executing program) 2022/07/25 14:40:20 fetching corpus: 5953, signal 205342/251999 (executing program) 2022/07/25 14:40:20 fetching corpus: 6002, signal 205725/252505 (executing program) 2022/07/25 14:40:21 fetching corpus: 6052, signal 206359/252910 (executing program) 2022/07/25 14:40:21 fetching corpus: 6102, signal 207090/253362 (executing program) 2022/07/25 14:40:21 fetching corpus: 6152, signal 207445/253777 (executing program) 2022/07/25 14:40:21 fetching corpus: 6202, signal 207759/254156 (executing program) 2022/07/25 14:40:21 fetching corpus: 6250, signal 208336/254280 (executing program) 2022/07/25 14:40:21 fetching corpus: 6300, signal 208813/254280 (executing program) 2022/07/25 14:40:21 fetching corpus: 6350, signal 209305/254280 (executing program) 2022/07/25 14:40:21 fetching corpus: 6400, signal 209524/254280 (executing program) 2022/07/25 14:40:21 fetching corpus: 6449, signal 209900/254280 (executing program) 2022/07/25 14:40:22 fetching corpus: 6499, signal 210607/254280 (executing program) 2022/07/25 14:40:22 fetching corpus: 6548, signal 211014/254280 (executing program) 2022/07/25 14:40:22 fetching corpus: 6598, signal 211248/254280 (executing program) 2022/07/25 14:40:22 fetching corpus: 6648, signal 211610/254281 (executing program) 2022/07/25 14:40:22 fetching corpus: 6698, signal 212105/254281 (executing program) 2022/07/25 14:40:22 fetching corpus: 6747, signal 212518/254284 (executing program) 2022/07/25 14:40:22 fetching corpus: 6797, signal 212745/254287 (executing program) 2022/07/25 14:40:22 fetching corpus: 6845, signal 213182/254289 (executing program) 2022/07/25 14:40:23 fetching corpus: 6895, signal 214202/254310 (executing program) 2022/07/25 14:40:23 fetching corpus: 6944, signal 214660/254310 (executing program) 2022/07/25 14:40:23 fetching corpus: 6992, signal 215056/254327 (executing program) 2022/07/25 14:40:23 fetching corpus: 7042, signal 215481/254337 (executing program) 2022/07/25 14:40:23 fetching corpus: 7091, signal 215749/254376 (executing program) 2022/07/25 14:40:23 fetching corpus: 7141, signal 216436/254376 (executing program) 2022/07/25 14:40:23 fetching corpus: 7191, signal 216805/254442 (executing program) 2022/07/25 14:40:23 fetching corpus: 7240, signal 217218/254442 (executing program) 2022/07/25 14:40:23 fetching corpus: 7289, signal 217794/254442 (executing program) 2022/07/25 14:40:24 fetching corpus: 7339, signal 218113/254442 (executing program) 2022/07/25 14:40:24 fetching corpus: 7387, signal 218461/254442 (executing program) 2022/07/25 14:40:24 fetching corpus: 7437, signal 218969/254442 (executing program) 2022/07/25 14:40:24 fetching corpus: 7487, signal 219416/254442 (executing program) 2022/07/25 14:40:24 fetching corpus: 7535, signal 219915/254465 (executing program) 2022/07/25 14:40:24 fetching corpus: 7584, signal 220176/254473 (executing program) 2022/07/25 14:40:24 fetching corpus: 7632, signal 221191/254478 (executing program) 2022/07/25 14:40:25 fetching corpus: 7682, signal 221627/254478 (executing program) 2022/07/25 14:40:25 fetching corpus: 7731, signal 221930/254489 (executing program) 2022/07/25 14:40:25 fetching corpus: 7780, signal 222298/254490 (executing program) 2022/07/25 14:40:25 fetching corpus: 7829, signal 222665/254506 (executing program) 2022/07/25 14:40:25 fetching corpus: 7879, signal 223493/254506 (executing program) 2022/07/25 14:40:25 fetching corpus: 7925, signal 224699/254511 (executing program) 2022/07/25 14:40:25 fetching corpus: 7974, signal 225165/254548 (executing program) 2022/07/25 14:40:25 fetching corpus: 8024, signal 225452/254548 (executing program) 2022/07/25 14:40:25 fetching corpus: 8071, signal 225873/254550 (executing program) 2022/07/25 14:40:26 fetching corpus: 8121, signal 226071/254551 (executing program) 2022/07/25 14:40:26 fetching corpus: 8170, signal 226370/254551 (executing program) 2022/07/25 14:40:26 fetching corpus: 8220, signal 226783/254551 (executing program) 2022/07/25 14:40:26 fetching corpus: 8269, signal 227316/254576 (executing program) 2022/07/25 14:40:26 fetching corpus: 8317, signal 227819/254607 (executing program) 2022/07/25 14:40:26 fetching corpus: 8365, signal 228277/254633 (executing program) 2022/07/25 14:40:26 fetching corpus: 8415, signal 228513/254633 (executing program) 2022/07/25 14:40:26 fetching corpus: 8465, signal 228874/254633 (executing program) 2022/07/25 14:40:27 fetching corpus: 8515, signal 229320/254633 (executing program) 2022/07/25 14:40:27 fetching corpus: 8565, signal 229613/254633 (executing program) 2022/07/25 14:40:27 fetching corpus: 8615, signal 229975/254640 (executing program) 2022/07/25 14:40:27 fetching corpus: 8663, signal 230289/254640 (executing program) 2022/07/25 14:40:27 fetching corpus: 8713, signal 230563/254641 (executing program) 2022/07/25 14:40:27 fetching corpus: 8763, signal 230862/254641 (executing program) 2022/07/25 14:40:27 fetching corpus: 8813, signal 231180/254659 (executing program) 2022/07/25 14:40:27 fetching corpus: 8863, signal 231429/254664 (executing program) 2022/07/25 14:40:27 fetching corpus: 8913, signal 231807/254664 (executing program) 2022/07/25 14:40:28 fetching corpus: 8963, signal 232324/254676 (executing program) 2022/07/25 14:40:28 fetching corpus: 9012, signal 232691/254702 (executing program) 2022/07/25 14:40:28 fetching corpus: 9062, signal 233057/254722 (executing program) 2022/07/25 14:40:28 fetching corpus: 9112, signal 233424/254722 (executing program) 2022/07/25 14:40:28 fetching corpus: 9162, signal 233801/254722 (executing program) 2022/07/25 14:40:28 fetching corpus: 9212, signal 234186/254722 (executing program) 2022/07/25 14:40:28 fetching corpus: 9262, signal 234862/254722 (executing program) 2022/07/25 14:40:28 fetching corpus: 9312, signal 235170/254722 (executing program) 2022/07/25 14:40:28 fetching corpus: 9362, signal 235645/254722 (executing program) 2022/07/25 14:40:29 fetching corpus: 9411, signal 236214/254725 (executing program) 2022/07/25 14:40:29 fetching corpus: 9460, signal 236457/254727 (executing program) 2022/07/25 14:40:29 fetching corpus: 9510, signal 236805/254727 (executing program) 2022/07/25 14:40:29 fetching corpus: 9560, signal 237014/254735 (executing program) 2022/07/25 14:40:29 fetching corpus: 9608, signal 237352/254740 (executing program) 2022/07/25 14:40:29 fetching corpus: 9658, signal 237667/254740 (executing program) 2022/07/25 14:40:29 fetching corpus: 9708, signal 238212/254740 (executing program) 2022/07/25 14:40:29 fetching corpus: 9757, signal 238913/254847 (executing program) 2022/07/25 14:40:30 fetching corpus: 9807, signal 239380/254847 (executing program) 2022/07/25 14:40:30 fetching corpus: 9857, signal 239693/254854 (executing program) 2022/07/25 14:40:30 fetching corpus: 9907, signal 240147/254860 (executing program) 2022/07/25 14:40:30 fetching corpus: 9954, signal 240437/254863 (executing program) 2022/07/25 14:40:30 fetching corpus: 10004, signal 240772/254863 (executing program) 2022/07/25 14:40:30 fetching corpus: 10053, signal 241124/254863 (executing program) 2022/07/25 14:40:30 fetching corpus: 10103, signal 241488/254880 (executing program) 2022/07/25 14:40:30 fetching corpus: 10151, signal 241738/254918 (executing program) 2022/07/25 14:40:31 fetching corpus: 10201, signal 242042/254918 (executing program) 2022/07/25 14:40:31 fetching corpus: 10250, signal 242388/254952 (executing program) 2022/07/25 14:40:31 fetching corpus: 10297, signal 242764/254959 (executing program) 2022/07/25 14:40:31 fetching corpus: 10346, signal 243035/254985 (executing program) 2022/07/25 14:40:31 fetching corpus: 10394, signal 243250/255009 (executing program) 2022/07/25 14:40:31 fetching corpus: 10444, signal 243489/255009 (executing program) 2022/07/25 14:40:31 fetching corpus: 10492, signal 243722/255024 (executing program) 2022/07/25 14:40:31 fetching corpus: 10542, signal 244024/255043 (executing program) 2022/07/25 14:40:32 fetching corpus: 10592, signal 244394/255043 (executing program) 2022/07/25 14:40:32 fetching corpus: 10642, signal 244713/255048 (executing program) 2022/07/25 14:40:32 fetching corpus: 10691, signal 245101/255056 (executing program) 2022/07/25 14:40:32 fetching corpus: 10741, signal 245505/255059 (executing program) 2022/07/25 14:40:32 fetching corpus: 10791, signal 245776/255059 (executing program) 2022/07/25 14:40:32 fetching corpus: 10841, signal 246037/255059 (executing program) 2022/07/25 14:40:32 fetching corpus: 10891, signal 246332/255117 (executing program) 2022/07/25 14:40:32 fetching corpus: 10941, signal 246726/255117 (executing program) 2022/07/25 14:40:32 fetching corpus: 10991, signal 247032/255117 (executing program) 2022/07/25 14:40:33 fetching corpus: 11041, signal 247384/255117 (executing program) 2022/07/25 14:40:33 fetching corpus: 11091, signal 247758/255117 (executing program) 2022/07/25 14:40:33 fetching corpus: 11141, signal 248157/255117 (executing program) 2022/07/25 14:40:33 fetching corpus: 11191, signal 248418/255117 (executing program) 2022/07/25 14:40:33 fetching corpus: 11241, signal 248821/255117 (executing program) 2022/07/25 14:40:33 fetching corpus: 11291, signal 249149/255152 (executing program) 2022/07/25 14:40:33 fetching corpus: 11341, signal 249499/255152 (executing program) 2022/07/25 14:40:33 fetching corpus: 11390, signal 249746/255159 (executing program) 2022/07/25 14:40:34 fetching corpus: 11440, signal 250040/255159 (executing program) 2022/07/25 14:40:34 fetching corpus: 11483, signal 250309/255159 (executing program) 2022/07/25 14:40:34 fetching corpus: 11483, signal 250309/255159 (executing program) 2022/07/25 14:40:36 starting 8 fuzzer processes 14:40:36 executing program 0: sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x4042, 0x0) pwrite64(r0, &(0x7f0000000000)='y', 0xfffffe5f, 0x8040000) 14:40:36 executing program 5: r0 = fsopen(&(0x7f0000000040)='cpuset\x00', 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 14:40:36 executing program 2: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000100)={0x1}) close_range(r0, 0xffffffffffffffff, 0x0) 14:40:36 executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)=""/70, 0x46}], 0x1}, 0x0) sendmsg$unix(r1, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002840)=[{&(0x7f0000002100)="e2", 0x1}], 0x1, &(0x7f0000002700)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18}, 0x0) 14:40:36 executing program 4: r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000380), 0x800, 0x0) ioctl$DVD_READ_STRUCT(r0, 0x127b, &(0x7f00000007c0)=@manufact={0x4, 0x0, 0x800, "866939cb2af7e3eede3fd45f7c7cc3008553502c1b4d63d0b367fe4a324d5cf6cd7dbcca914291693ff8d85dc19b439c60b3751726d3cb34aa0a2a0b427753a7762d91de110bb00e31cf839b8284818493031d2a1dc1a8784d2473b7b528b90a46aba70c7e230e727433d8c1788c5113146393df0b6dc4f0d47d1fb669d6b41333339419f63478db3c02d2f04ead813c1d0f8f71b334098e6d8f09ba8982feb962d67ef84cda4821e4e60b77ce784347836dfe831c52d8206152238dbcc318a4b31557e5d185a281736080e28bfd35c59664ada00cfcee251d9964dbd97c0937ca4ff162ba62569c72eb878f36375b617d806fd380d5d1bf5d716d11ac813e0bdf3e7521fc6be28ba27b1dd7c22d1e8b75b2bbc444419883dd869478e43dda6466c88da6ae78f0fcffe3350a7bf64299148b9052182493a0124fc42b443d4e310d562d75b999f02c90c0a8bf8540a6dd68125a0d122c9f26f6fa385c9470ac3a744252c8336321d3ccf9e41cd0e83a4f0d68b1d71db682bb8630e6f9e007672bafeafef9e46aa3958e47ca962a6225ac0b29e739949bf0975de38fd096841807931138a0d1afd8c6bfd013039eac19fb252448c19786908aa04a448f3b65110a0ac8025628eda39424a4cff5d93947d6394770dbb820e7f330ecc66b228df9957b6376ed93d86ed8f0074e944a8d221b7146a01836c8c55f47c3c4e4cec1dbc05afa422868aba8c4b0fe204d4a8f30930faa7fc119e9b5664e654b9dab9a8def81f59717f2b622d2a33573ae04e8091dbb7ed1252f7ed4c07b831aa2666fa894c8890c46499f6a01342aed465d7a4daf9320c36e52fef3c84f0da081c855492c46a2de8504f61a7e66cb59b5d95770328dc56e6e159634d43acb44176a2ddf08ccca324219af20c2b35f8da89523a3c7de240225cdaf9e4d9fb9530c0e7e0a9cda9d08f84445a92266e17f12551808ac0bb03c5561792725eb3288c82c58b75fa7cc30c7e4a6f904bd780cbd1b8d78266e9ea70dc3ecde7711435b38cc8e4c7a09cd61671031fb23f602dc1419a4ca17a50bd52a229c67db68f9c2d816484784f2f03eedf37ee9aa46523a925c11085e2e597e5f7a40cc0a16d38cdc106234e4a9668f5047bc6b28c6ce48d79ae05f24532f96a313e1dc406c07104c2b0e20d36cade08c88861b46ac021250dac1d02615385d8d1c1b5fc872a23c99c79b862ded0941c0da358a96436ce462aee6e0bedf026722c79d79f704fb433df3b3bcd7fa1b6b1ce6069333b870d5bf0dadc6f3935c1d4b67ad4f3311788ad1e6e455b11d0b9abcbfbedb2f0d4878d94cb45b73af35aa1a25e46b9f1c9f3e138202527dee5d7970b9824cf41fcf4f58b166a7c4c858a34e7d66627f35a472ecc482b827116c988c7866816cbfdbda869af23b58a4f107f60201c8590786d3739931ab5d29deaba6d9fa6326ac7bfd608430446ca93bb1d573830989f58ae176f86e1c132730afa64c1dd4f0afe6c9661557386d2c194248712eb09b148c3a6b659476da87ca1c297c81bacc48ba9c5ada4d2a92190dc516544ee5630a70e6e012b5822b215760c539c5df0fc793ef8629f82f95d76cca5baa8f9bd9fc8f0a90fd3cd662b4761959d9e9701d2d77a94726fcd17855cc409b9bbbc60eb6d3133b2eb6428f7da0a366ebd1ae835dfebfe74b3493e8d1e17aedbab2862b3caec9412e96e1a1168dbaaf114063d16a7554176bf334df425dcb8f07ee5787bf63e7ba86906f748ffb9bbdfd9d2916dec24d0710684a974b1391653c17b3212612e7e904a58e15f5acea4c3bab232e3b8798288ba2deb60e65330c2001204e58344429b83b90eb38da02957c6c88c7010147fd0470958ab2cf3e73922a95e6340a1e95f561d2423b8d8052796d52a69ef0a1530f2fab1ce55cf43fc5e35d22c60a92b3a321d21c8258fab8953df82bb6440343f21b14b1849fb7da0605d0f6e2547000e85ddcd8fb67bd111716b761a84467a4715c6029914a1a2d3bb52adc243dc4d55647d03e253658c921b7027311c923edfdffdd58c7db2dc0824a9a212599988683d26181f113a254224549ca97211178280f54c0a37daf824d8a3867ccadb348cb27ca2efaae7ab2959a2110f89522f4684d8303d1ac47026a4cd03b8e699333eb651a68a2e6cf51241846c1699fec349e60193d4aa0c70f31a74b3fcd799b1a2ade1fcd1487d5ed8f6df5401ea78df59060005944dc287ffcdeecbd6c73ee0c80bc98a6f74b5cb6d9149754c10f90b98730b977334384835341c75a2d71643a85bb8dd5fa9103cd392909099ec36b16e3e88d7c57342e6d3c9fc7edb697bbfbb20e2f3be2344503f7dbf67fdcabba855821cb09f23db02f40c7b1cbeee2b0cd39e837e8f3ae7396aff5817296c1989e2380d9ea4beb4dac18061b0ce3f8aa36a3802affb028a16686615961b41520c27eb26739eebc6e4ce3bd1e455aa2b10eb4fe710837bdd7896cbda865df76f5d9459da020fb3b49166e5ca9d8e30cd051abaadc01a3751332d418d02e3a4d50df677f4dec4a1cd38a03aa43837032e01aca80012fcb0550d8509479b6b52291060d5ebd612be016dcdbe7f4b5a30561148600d48f54df9a261d25f4ca7fb97bfe75cb54e4ba89b099cd8d36bd67a9f9945e1545af241d8fc02e767002e1c59aefdc63719b3a2e9e23cf5a77623ee2ed235274d4c6565acaaadac466c8effe95bf6c4799e10a20a7d82e8cc12b89fa40afe72b6306977390299c936e50bc9035bffce4041d44e7ed397a0c18487d28743cbff69d5c4346a4e3ea1032d151e73c9c51b731af9e6702a76c56583cb52415091f5b8b63a1abce86629a1fc689c146236b1527035251ea133e969acca3a44b4b2016dbc5"}) 14:40:36 executing program 1: pwritev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x7fffffe, 0x9) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x80000001, 0x0, 0x6, 0x30}) r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = fork() r2 = open_tree(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x8000) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x0, 0x1, 0x8, 0x71, 0x0, 0x9, 0x20, 0x2, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0xfffffffffffffff9, 0xde0f}, 0x20, 0x8, 0x8001, 0x3, 0x0, 0xfa71, 0x0, 0x0, 0xff, 0x0, 0x14000000}, r1, 0xf, r2, 0xc) recvfrom(r2, &(0x7f0000000300)=""/205, 0xcd, 0x2000, &(0x7f0000000200)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x15}}, 0x80) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x0, 0xffffffffffffffff, r0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) clone3(&(0x7f0000000680)={0x400, &(0x7f0000000400), &(0x7f0000000440), &(0x7f0000000480), {0x35}, &(0x7f00000004c0)=""/94, 0x5e, &(0x7f0000000540)=""/219, 0x0}, 0x58) [ 91.475114] audit: type=1400 audit(1658760036.515:6): avc: denied { execmem } for pid=286 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 14:40:36 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xc, &(0x7f0000000280), 0x4) 14:40:36 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x4}) [ 92.681702] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.683695] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.685063] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.688656] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.691083] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 92.692397] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.745729] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 92.762426] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 92.765266] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 92.767452] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 92.771049] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 92.772946] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 92.774942] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 92.775107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 92.776392] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 92.777247] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 92.779252] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.779296] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.783726] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.786250] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 92.788231] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 92.801636] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 92.803429] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 92.804958] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 92.807136] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.808632] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.809893] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 92.811572] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 92.812872] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.814384] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 92.815941] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 92.818053] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 92.820382] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 92.821687] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 92.828418] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.829981] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 92.838306] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 92.839861] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 92.844899] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.846133] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 92.874819] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 92.876720] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 92.884895] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 92.886198] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 92.891062] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 92.900289] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 92.912732] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 92.913909] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 94.707157] Bluetooth: hci0: command 0x0409 tx timeout [ 94.834616] Bluetooth: hci4: command 0x0409 tx timeout [ 94.834631] Bluetooth: hci1: command 0x0409 tx timeout [ 94.898684] Bluetooth: hci2: command 0x0409 tx timeout [ 94.899146] Bluetooth: hci3: command 0x0409 tx timeout [ 94.962672] Bluetooth: hci5: command 0x0409 tx timeout [ 94.963700] Bluetooth: hci7: command 0x0409 tx timeout [ 94.964224] Bluetooth: hci6: command 0x0409 tx timeout [ 96.754973] Bluetooth: hci0: command 0x041b tx timeout [ 96.882620] Bluetooth: hci4: command 0x041b tx timeout [ 96.882663] Bluetooth: hci1: command 0x041b tx timeout [ 96.946652] Bluetooth: hci3: command 0x041b tx timeout [ 96.947153] Bluetooth: hci2: command 0x041b tx timeout [ 97.011674] Bluetooth: hci6: command 0x041b tx timeout [ 97.012191] Bluetooth: hci7: command 0x041b tx timeout [ 97.014246] Bluetooth: hci5: command 0x041b tx timeout [ 98.803616] Bluetooth: hci0: command 0x040f tx timeout [ 98.931701] Bluetooth: hci1: command 0x040f tx timeout [ 98.932260] Bluetooth: hci4: command 0x040f tx timeout [ 98.994668] Bluetooth: hci2: command 0x040f tx timeout [ 98.996351] Bluetooth: hci3: command 0x040f tx timeout [ 99.059659] Bluetooth: hci5: command 0x040f tx timeout [ 99.060505] Bluetooth: hci7: command 0x040f tx timeout [ 99.062230] Bluetooth: hci6: command 0x040f tx timeout [ 100.850714] Bluetooth: hci0: command 0x0419 tx timeout [ 100.978727] Bluetooth: hci4: command 0x0419 tx timeout [ 100.980947] Bluetooth: hci1: command 0x0419 tx timeout [ 101.042876] Bluetooth: hci3: command 0x0419 tx timeout [ 101.043846] Bluetooth: hci2: command 0x0419 tx timeout [ 101.106690] Bluetooth: hci6: command 0x0419 tx timeout [ 101.107499] Bluetooth: hci7: command 0x0419 tx timeout [ 101.110312] Bluetooth: hci5: command 0x0419 tx timeout [ 148.979278] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 148.980081] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 148.981253] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 149.280938] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.281624] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.283051] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 149.328921] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.329627] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.331135] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 149.480484] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.481124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.482264] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 149.830153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.830836] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.832163] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 150.073154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.073861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.075460] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 14:41:35 executing program 4: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)=@chain) keyctl$link(0x8, r0, r0) 14:41:35 executing program 4: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)=@chain) keyctl$link(0x8, r0, r0) [ 150.382005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.383069] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.384616] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 14:41:35 executing program 4: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)=@chain) keyctl$link(0x8, r0, r0) [ 150.465559] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO 14:41:35 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x4}) 14:41:35 executing program 4: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)=@chain) keyctl$link(0x8, r0, r0) [ 150.556506] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.557200] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.558651] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 150.571496] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO 14:41:35 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000001000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x4}) 14:41:35 executing program 4: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)=@chain) keyctl$link(0x8, r0, r0) [ 150.757721] program syz-executor.7 is using a deprecated SCSI ioctl, please convert it to SG_IO 14:41:35 executing program 4: r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)=@chain) keyctl$link(0x8, r0, r0) [ 151.065898] audit: type=1400 audit(1658760096.106:7): avc: denied { open } for pid=3862 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 151.067820] audit: type=1400 audit(1658760096.106:8): avc: denied { kernel } for pid=3862 comm="syz-executor.2" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1 [ 151.804548] ------------[ cut here ]------------ [ 151.805248] WARNING: CPU: 1 PID: 303 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 151.806143] Modules linked in: [ 151.806487] CPU: 1 PID: 303 Comm: syz-executor.6 Not tainted 5.19.0-rc8-next-20220725 #1 [ 151.807386] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 151.808806] RIP: 0010:__flush_work+0xaaa/0xd20 [ 151.809726] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 151.811893] RSP: 0018:ffff88804115f6e8 EFLAGS: 00010293 [ 151.812455] RAX: 0000000000000000 RBX: ffff88801b87c988 RCX: 0000000000000000 [ 151.813229] RDX: ffff88801a46b580 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 151.813989] RBP: ffff88804115f890 R08: 0000000000000001 R09: 0000000000000000 [ 151.814768] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801b87c988 [ 151.815553] R13: 0000000000000001 R14: ffff88801b87c9a0 R15: ffff88801a46b580 [ 151.816275] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 151.816985] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.817431] CR2: 00005600f0e5de08 CR3: 000000000eb54000 CR4: 0000000000350ee0 [ 151.818007] Call Trace: [ 151.818212] [ 151.818393] ? lock_chain_count+0x20/0x20 [ 151.818742] ? queue_delayed_work_on+0xd0/0xd0 [ 151.819125] ? lock_release+0x3b2/0x750 [ 151.819447] ? mark_held_locks+0x9e/0xe0 [ 151.819788] ? del_timer+0xb6/0x100 [ 151.820087] ? mark_held_locks+0x9e/0xe0 [ 151.820408] ? __cancel_work_timer+0x30f/0x4e0 [ 151.820795] __cancel_work_timer+0x39c/0x4e0 [ 151.821042] ------------[ cut here ]------------ [ 151.821139] ? cancel_delayed_work+0x20/0x20 [ 151.821705] WARNING: CPU: 0 PID: 301 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 151.822032] ? mgmt_send_event_skb+0x2ed/0x460 [ 151.822903] Modules linked in: [ 151.823236] ? mgmt_send_event+0x13c/0x180 [ 151.823620] [ 151.823924] mgmt_index_removed+0x187/0x2f0 [ 151.824084] CPU: 0 PID: 301 Comm: syz-executor.3 Not tainted 5.19.0-rc8-next-20220725 #1 [ 151.824388] ? mgmt_index_added+0x290/0x290 [ 151.824957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 151.825265] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 151.826079] RIP: 0010:__flush_work+0xaaa/0xd20 [ 151.826401] ? blocking_notifier_chain_unregister+0xef/0x290 [ 151.826738] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 151.827164] hci_unregister_dev+0x2e2/0x380 [ 151.828457] RSP: 0018:ffff88803ff2f6e8 EFLAGS: 00010293 [ 151.828792] vhci_release+0x7c/0xf0 [ 151.829175] [ 151.829441] __fput+0x272/0x9d0 [ 151.829462] ? vhci_close_dev+0x50/0x50 [ 151.829482] task_work_run+0xe2/0x1a0 [ 151.829500] do_exit+0xc37/0x2940 [ 151.829521] ? lock_release+0x3b2/0x750 [ 151.829539] ? get_signal+0x93f/0x24b0 [ 151.829558] ? mm_update_next_owner+0x7e0/0x7e0 [ 151.829598] ? lock_is_held_type+0xd7/0x130 [ 151.829618] do_group_exit+0xd0/0x2a0 [ 151.829637] get_signal+0x2205/0x24b0 [ 151.829657] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 151.829683] ? exit_signals+0x8b0/0x8b0 [ 151.829702] ? sock_do_ioctl+0x196/0x240 [ 151.829723] ? put_user_ifreq+0xc0/0xc0 [ 151.829747] arch_do_signal_or_restart+0x89/0x1be0 [ 151.829771] ? fd_install+0x1c7/0x640 [ 151.829786] ? selinux_inode_getsecctx+0xa0/0xa0 [ 151.829801] ? alloc_file+0x800/0x800 [ 151.829822] ? get_sigframe_size+0x10/0x10 [ 151.829844] ? sock_ioctl+0x1be/0x670 [ 151.829865] ? br_ioctl_call+0xb0/0xb0 [ 151.829887] ? fd_install+0x1f9/0x640 [ 151.829905] ? selinux_file_ioctl+0xb1/0x260 [ 151.829921] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 151.829949] exit_to_user_mode_prepare+0x131/0x1a0 [ 151.829971] syscall_exit_to_user_mode+0x19/0x40 [ 151.829986] do_syscall_64+0x48/0x90 [ 151.830006] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 151.830020] RIP: 0033:0x7f8cd6aab8d7 [ 151.830030] Code: Unable to access opcode bytes at RIP 0x7f8cd6aab8ad. [ 151.830036] RSP: 002b:00007ffc2ffe86d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 151.830050] RAX: ffffffffffffffed RBX: 0000000000000004 RCX: 00007f8cd6aab8d7 [ 151.830059] RDX: 00007ffc2ffe86e0 RSI: 0000000000008933 RDI: 0000000000000004 [ 151.830068] RBP: 0000000000000004 R08: 0000000000000100 R09: 0000000000000006 [ 151.830076] R10: 00007f8cd6b05a00 R11: 0000000000000246 R12: 00007ffc2ffe86e0 [ 151.830085] R13: 0000000000000003 R14: 00007ffc2ffe876c R15: 0000000000000042 [ 151.830109] [ 151.830114] irq event stamp: 124069 [ 151.830119] hardirqs last enabled at (124075): [] vprintk_emit+0x502/0x560 [ 151.830141] hardirqs last disabled at (124080): [] vprintk_emit+0x499/0x560 [ 151.830161] softirqs last enabled at (123620): [] __irq_exit_rcu+0x11b/0x180 [ 151.830299] RAX: 0000000000000000 RBX: ffff888018a58988 RCX: 0000000000000000 [ 151.830536] softirqs last disabled at (123589): [] __irq_exit_rcu+0x11b/0x180 [ 151.830955] RDX: ffff88800fd3b580 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 151.831118] ---[ end trace 0000000000000000 ]--- [ 151.831363] RBP: ffff88803ff2f890 R08: 0000000000000001 R09: 0000000000000000 [ 151.831673] ------------[ cut here ]------------ [ 151.831927] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888018a58988 [ 151.832249] WARNING: CPU: 1 PID: 303 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 151.832554] R13: 0000000000000001 R14: ffff888018a589a0 R15: ffff88800fd3b580 [ 151.832841] Modules linked in: [ 151.833110] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 151.833476] [ 151.833769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.834056] CPU: 1 PID: 303 Comm: syz-executor.6 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 151.834335] CR2: 00007fb0f8bba970 CR3: 000000000eeec000 CR4: 0000000000350ef0 [ 151.834697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 151.834984] Call Trace: [ 151.835319] RIP: 0010:__flush_work+0xaaa/0xd20 [ 151.835603] [ 151.835614] ? lock_chain_count+0x20/0x20 [ 151.835900] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 151.836170] ? queue_delayed_work_on+0xd0/0xd0 [ 151.836439] RSP: 0018:ffff88804115f6e8 EFLAGS: 00010293 [ 151.836728] ? lock_release+0x3b2/0x750 [ 151.837036] [ 151.837403] ? mark_held_locks+0x9e/0xe0 [ 151.837758] RAX: 0000000000000000 RBX: ffff88801b87ca30 RCX: 0000000000000000 [ 151.838096] ? del_timer+0xb6/0x100 [ 151.838358] RDX: ffff88801a46b580 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 151.838735] ? mark_held_locks+0x9e/0xe0 [ 151.839002] RBP: ffff88804115f890 R08: 0000000000000001 R09: 0000000000000000 [ 151.839461] ? __cancel_work_timer+0x30f/0x4e0 [ 151.840013] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801b87ca30 [ 151.840559] __cancel_work_timer+0x39c/0x4e0 [ 151.841087] R13: 0000000000000001 R14: ffff88801b87ca48 R15: ffff88801a46b580 [ 151.841602] ? cancel_delayed_work+0x20/0x20 [ 151.842122] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 151.842663] ? mgmt_send_event_skb+0x2ed/0x460 [ 151.842841] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.843130] ? mgmt_send_event+0x13c/0x180 [ 151.843758] CR2: 00005600f0e5de08 CR3: 000000000eb54000 CR4: 0000000000350ee0 [ 151.844378] mgmt_index_removed+0x187/0x2f0 [ 151.845011] Call Trace: [ 151.845527] ? mgmt_index_added+0x290/0x290 [ 151.846159] [ 151.846697] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 151.847045] ? lock_chain_count+0x20/0x20 [ 151.847591] ? blocking_notifier_chain_unregister+0xef/0x290 [ 151.847937] ? queue_delayed_work_on+0xd0/0xd0 [ 151.848461] hci_unregister_dev+0x2e2/0x380 [ 151.849054] ? lock_release+0x3b2/0x750 [ 151.849600] vhci_release+0x7c/0xf0 [ 151.849853] ? mark_held_locks+0x9e/0xe0 [ 151.850424] __fput+0x272/0x9d0 [ 151.850551] ? del_timer+0xb6/0x100 [ 151.851010] ? vhci_close_dev+0x50/0x50 [ 151.851731] ? mark_held_locks+0x9e/0xe0 [ 151.852271] task_work_run+0xe2/0x1a0 [ 151.853138] ? __cancel_work_timer+0x30f/0x4e0 [ 151.853337] do_exit+0xc37/0x2940 [ 151.853701] __cancel_work_timer+0x39c/0x4e0 [ 151.853870] ? lock_release+0x3b2/0x750 [ 151.854184] ? cancel_delayed_work+0x20/0x20 [ 151.855612] ? get_signal+0x93f/0x24b0 [ 151.855973] ? mgmt_send_event_skb+0x2ed/0x460 [ 151.856369] ? mm_update_next_owner+0x7e0/0x7e0 [ 151.856684] ? mgmt_send_event+0x13c/0x180 [ 151.856807] ? lock_is_held_type+0xd7/0x130 [ 151.857102] mgmt_index_removed+0x193/0x2f0 [ 151.857665] do_group_exit+0xd0/0x2a0 [ 151.857947] ? mgmt_index_added+0x290/0x290 [ 151.858484] get_signal+0x2205/0x24b0 [ 151.858796] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 151.859329] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 151.859705] ? blocking_notifier_chain_unregister+0xef/0x290 [ 151.860239] ? exit_signals+0x8b0/0x8b0 [ 151.860581] hci_unregister_dev+0x2e2/0x380 [ 151.861114] ? sock_do_ioctl+0x196/0x240 [ 151.861432] vhci_release+0x7c/0xf0 [ 151.862056] ? put_user_ifreq+0xc0/0xc0 [ 151.862403] __fput+0x272/0x9d0 [ 151.862849] arch_do_signal_or_restart+0x89/0x1be0 [ 151.863186] ? vhci_close_dev+0x50/0x50 [ 151.863753] ? fd_install+0x1c7/0x640 [ 151.864085] task_work_run+0xe2/0x1a0 [ 151.864277] ? selinux_inode_getsecctx+0xa0/0xa0 [ 151.864627] do_exit+0xc37/0x2940 [ 151.864804] ? alloc_file+0x800/0x800 [ 151.865147] ? lock_release+0x3b2/0x750 [ 151.865461] ? get_sigframe_size+0x10/0x10 [ 151.865903] ? get_signal+0x93f/0x24b0 [ 151.866258] ? sock_ioctl+0x1be/0x670 [ 151.866590] ? mm_update_next_owner+0x7e0/0x7e0 [ 151.866883] ? br_ioctl_call+0xb0/0xb0 [ 151.867176] ? lock_is_held_type+0xd7/0x130 [ 151.867480] ? fd_install+0x1f9/0x640 [ 151.867751] do_group_exit+0xd0/0x2a0 [ 151.868022] ? selinux_file_ioctl+0xb1/0x260 [ 151.868311] get_signal+0x2205/0x24b0 [ 151.868631] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 151.868939] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 151.869284] exit_to_user_mode_prepare+0x131/0x1a0 [ 151.869552] ? exit_signals+0x8b0/0x8b0 [ 151.869893] syscall_exit_to_user_mode+0x19/0x40 [ 151.870173] ? sock_do_ioctl+0x196/0x240 [ 151.870504] do_syscall_64+0x48/0x90 [ 151.870827] ? put_user_ifreq+0xc0/0xc0 [ 151.871179] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 151.871519] arch_do_signal_or_restart+0x89/0x1be0 [ 151.871845] RIP: 0033:0x7fefb9d998d7 [ 151.872171] ? fd_install+0x1c7/0x640 [ 151.872492] Code: Unable to access opcode bytes at RIP 0x7fefb9d998ad. [ 151.872798] ? selinux_inode_getsecctx+0xa0/0xa0 [ 151.873113] RSP: 002b:00007fff5b49aba8 EFLAGS: 00000246 [ 151.873395] ? alloc_file+0x800/0x800 [ 151.873765] ORIG_RAX: 0000000000000010 [ 151.874154] ? get_sigframe_size+0x10/0x10 [ 151.874589] RAX: ffffffffffffffed RBX: 0000000000000000 RCX: 00007fefb9d998d7 [ 151.874899] ? sock_ioctl+0x1be/0x670 [ 151.875239] RDX: 00007fff5b49abb0 RSI: 0000000000008933 RDI: 0000000000000004 [ 151.875538] ? br_ioctl_call+0xb0/0xb0 [ 151.875817] RBP: 0000000000000004 R08: 0000000000000100 R09: 00007fff5b49aed0 [ 151.876122] ? fd_install+0x1f9/0x640 [ 151.876382] R10: 00007fefb9df3a00 R11: 0000000000000246 R12: 00007fff5b49abb0 [ 151.876772] ? selinux_file_ioctl+0xb1/0x260 [ 151.877076] R13: 00007fefb9df39f9 R14: 0000000000000003 R15: 0000000000000000 [ 151.877361] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 151.877692] [ 151.878043] exit_to_user_mode_prepare+0x131/0x1a0 [ 151.878298] irq event stamp: 133175 [ 151.878595] syscall_exit_to_user_mode+0x19/0x40 [ 151.878907] hardirqs last enabled at (133185): [] console_emit_next_record.constprop.0+0x64c/0x800 [ 151.879258] do_syscall_64+0x48/0x90 [ 151.879543] hardirqs last disabled at (133192): [] console_emit_next_record.constprop.0+0x66b/0x800 [ 151.879844] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 151.880162] softirqs last enabled at (132572): [] __irq_exit_rcu+0x11b/0x180 [ 151.880452] RIP: 0033:0x7f8cd6aab8d7 [ 151.880780] softirqs last disabled at (132455): [] __irq_exit_rcu+0x11b/0x180 [ 151.881061] Code: Unable to access opcode bytes at RIP 0x7f8cd6aab8ad. [ 151.881339] ---[ end trace 0000000000000000 ]--- [ 151.881686] RSP: 002b:00007ffc2ffe86d8 EFLAGS: 00000246 [ 151.881984] ------------[ cut here ]------------ [ 151.882331] ORIG_RAX: 0000000000000010 [ 151.882722] WARNING: CPU: 0 PID: 301 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 151.883097] RAX: ffffffffffffffed RBX: 0000000000000004 RCX: 00007f8cd6aab8d7 [ 151.883391] Modules linked in: [ 151.883776] RDX: 00007ffc2ffe86e0 RSI: 0000000000008933 RDI: 0000000000000004 [ 151.884080] [ 151.884383] RBP: 0000000000000004 R08: 0000000000000100 R09: 0000000000000006 [ 151.884700] CPU: 0 PID: 301 Comm: syz-executor.3 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 151.885095] R10: 00007f8cd6b05a00 R11: 0000000000000246 R12: 00007ffc2ffe86e0 [ 151.885463] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 151.885757] R13: 0000000000000003 R14: 00007ffc2ffe876c R15: 0000000000000042 [ 151.886030] RIP: 0010:__flush_work+0xaaa/0xd20 [ 151.886516] [ 151.886854] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 151.887263] irq event stamp: 124827 [ 151.887534] RSP: 0018:ffff88803ff2f6e8 EFLAGS: 00010293 [ 151.887840] hardirqs last enabled at (124837): [] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 151.888139] [ 151.888683] hardirqs last disabled at (124846): [] sysvec_apic_timer_interrupt+0xb/0xc0 [ 151.888960] RAX: 0000000000000000 RBX: ffff888018a58a30 RCX: 0000000000000000 [ 151.889483] softirqs last enabled at (123620): [] __irq_exit_rcu+0x11b/0x180 [ 151.889779] RDX: ffff88800fd3b580 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 151.890316] softirqs last disabled at (123589): [] __irq_exit_rcu+0x11b/0x180 [ 151.890614] RBP: ffff88803ff2f890 R08: 0000000000000001 R09: 0000000000000000 [ 151.891157] ---[ end trace 0000000000000000 ]--- [ 151.891478] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888018a58a30 [ 151.892038] ------------[ cut here ]------------ [ 151.892398] R13: 0000000000000001 R14: ffff888018a58a48 R15: ffff88800fd3b580 [ 151.892592] WARNING: CPU: 1 PID: 303 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 151.892962] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 151.893255] Modules linked in: [ 151.893630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.894413] [ 151.894707] CR2: 00007fb0f8bba970 CR3: 000000000eeec000 CR4: 0000000000350ef0 [ 151.895518] CPU: 1 PID: 303 Comm: syz-executor.6 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 151.895913] Call Trace: [ 151.895920] [ 151.896542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 151.896833] ? lock_chain_count+0x20/0x20 [ 151.897465] RIP: 0010:__flush_work+0xaaa/0xd20 [ 151.897961] ? queue_delayed_work_on+0xd0/0xd0 [ 151.898306] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 151.898708] ? lock_release+0x3b2/0x750 [ 151.899057] RSP: 0018:ffff88804115f6e8 EFLAGS: 00010293 [ 151.899363] ? mark_held_locks+0x9e/0xe0 [ 151.899956] [ 151.900473] ? del_timer+0xb6/0x100 [ 151.900725] RAX: 0000000000000000 RBX: ffff88801b87db30 RCX: 0000000000000000 [ 151.901246] ? mark_held_locks+0x9e/0xe0 [ 151.901371] RDX: ffff88801a46b580 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 151.901921] ? __cancel_work_timer+0x30f/0x4e0 [ 151.902625] RBP: ffff88804115f890 R08: 0000000000000001 R09: 0000000000000000 [ 151.903155] __cancel_work_timer+0x39c/0x4e0 [ 151.903951] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801b87db30 [ 151.904459] ? cancel_delayed_work+0x20/0x20 [ 151.904793] R13: 0000000000000001 R14: ffff88801b87db48 R15: ffff88801a46b580 [ 151.904968] ? mgmt_send_event_skb+0x2ed/0x460 [ 151.906282] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 151.906549] ? mgmt_send_event+0x13c/0x180 [ 151.906956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.907704] mgmt_index_removed+0x193/0x2f0 [ 151.907838] CR2: 00005600f0e5de08 CR3: 000000000eb54000 CR4: 0000000000350ee0 [ 151.908556] ? mgmt_index_added+0x290/0x290 [ 151.909095] Call Trace: [ 151.909744] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 151.910300] [ 151.910982] ? blocking_notifier_chain_unregister+0xef/0x290 [ 151.911521] ? lock_chain_count+0x20/0x20 [ 151.911891] hci_unregister_dev+0x2e2/0x380 [ 151.912429] ? queue_delayed_work_on+0xd0/0xd0 [ 151.912801] vhci_release+0x7c/0xf0 [ 151.913357] ? lock_release+0x3b2/0x750 [ 151.913993] __fput+0x272/0x9d0 [ 151.914636] ? mark_held_locks+0x9e/0xe0 [ 151.914876] ? vhci_close_dev+0x50/0x50 [ 151.915330] ? del_timer+0xb6/0x100 [ 151.915466] task_work_run+0xe2/0x1a0 [ 151.916032] ? mark_held_locks+0x9e/0xe0 [ 151.916741] do_exit+0xc37/0x2940 [ 151.916942] ? __cancel_work_timer+0x30f/0x4e0 [ 151.917119] ? lock_release+0x3b2/0x750 [ 151.918012] __cancel_work_timer+0x39c/0x4e0 [ 151.918317] ? get_signal+0x93f/0x24b0 [ 151.918679] ? cancel_delayed_work+0x20/0x20 [ 151.919024] ? mm_update_next_owner+0x7e0/0x7e0 [ 151.920419] ? mgmt_send_event_skb+0x2ed/0x460 [ 151.920726] ? lock_is_held_type+0xd7/0x130 [ 151.921119] ? mgmt_send_event+0x13c/0x180 [ 151.921413] do_group_exit+0xd0/0x2a0 [ 151.921543] mgmt_index_removed+0x19f/0x2f0 [ 151.921827] get_signal+0x2205/0x24b0 [ 151.922339] ? mgmt_index_added+0x290/0x290 [ 151.922648] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 151.923206] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 151.923558] ? exit_signals+0x8b0/0x8b0 [ 151.924102] ? blocking_notifier_chain_unregister+0xef/0x290 [ 151.924408] ? sock_do_ioctl+0x196/0x240 [ 151.924956] hci_unregister_dev+0x2e2/0x380 [ 151.925278] ? put_user_ifreq+0xc0/0xc0 [ 151.925831] vhci_release+0x7c/0xf0 [ 151.926167] arch_do_signal_or_restart+0x89/0x1be0 [ 151.926766] __fput+0x272/0x9d0 [ 151.927079] ? fd_install+0x1c7/0x640 [ 151.927507] ? vhci_close_dev+0x50/0x50 [ 151.927839] ? selinux_inode_getsecctx+0xa0/0xa0 [ 151.928377] task_work_run+0xe2/0x1a0 [ 151.928701] ? alloc_file+0x800/0x800 [ 151.928905] do_exit+0xc37/0x2940 [ 151.929241] ? get_sigframe_size+0x10/0x10 [ 151.929414] ? lock_release+0x3b2/0x750 [ 151.929847] ? sock_ioctl+0x1be/0x670 [ 151.930154] ? get_signal+0x93f/0x24b0 [ 151.930476] ? br_ioctl_call+0xb0/0xb0 [ 151.930837] ? mm_update_next_owner+0x7e0/0x7e0 [ 151.931112] ? fd_install+0x1f9/0x640 [ 151.931407] ? lock_is_held_type+0xd7/0x130 [ 151.931677] ? selinux_file_ioctl+0xb1/0x260 [ 151.931967] do_group_exit+0xd0/0x2a0 [ 151.932258] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 151.932534] get_signal+0x2205/0x24b0 [ 151.932829] exit_to_user_mode_prepare+0x131/0x1a0 [ 151.933124] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 151.933388] syscall_exit_to_user_mode+0x19/0x40 [ 151.933744] ? exit_signals+0x8b0/0x8b0 [ 151.934036] do_syscall_64+0x48/0x90 [ 151.934366] ? sock_do_ioctl+0x196/0x240 [ 151.934664] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 151.934997] ? put_user_ifreq+0xc0/0xc0 [ 151.935343] RIP: 0033:0x7fefb9d998d7 [ 151.935707] arch_do_signal_or_restart+0x89/0x1be0 [ 151.936009] Code: Unable to access opcode bytes at RIP 0x7fefb9d998ad. [ 151.936323] ? fd_install+0x1c7/0x640 [ 151.936615] RSP: 002b:00007fff5b49aba8 EFLAGS: 00000246 [ 151.936933] ? selinux_inode_getsecctx+0xa0/0xa0 [ 151.937211] ORIG_RAX: 0000000000000010 [ 151.937529] ? alloc_file+0x800/0x800 [ 151.937928] RAX: ffffffffffffffed RBX: 0000000000000000 RCX: 00007fefb9d998d7 [ 151.938284] ? get_sigframe_size+0x10/0x10 [ 151.938592] RDX: 00007fff5b49abb0 RSI: 0000000000008933 RDI: 0000000000000004 [ 151.939036] ? sock_ioctl+0x1be/0x670 [ 151.939346] RBP: 0000000000000004 R08: 0000000000000100 R09: 00007fff5b49aed0 [ 151.939680] ? br_ioctl_call+0xb0/0xb0 [ 151.939973] R10: 00007fefb9df3a00 R11: 0000000000000246 R12: 00007fff5b49abb0 [ 151.940245] ? fd_install+0x1f9/0x640 [ 151.940618] R13: 00007fefb9df39f9 R14: 0000000000000003 R15: 0000000000000000 [ 151.940879] ? selinux_file_ioctl+0xb1/0x260 [ 151.941172] [ 151.941453] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 151.941813] irq event stamp: 133953 [ 151.941820] hardirqs last enabled at (133959): [] vprintk_emit+0x502/0x560 [ 151.942106] exit_to_user_mode_prepare+0x131/0x1a0 [ 151.942389] hardirqs last disabled at (133966): [] console_emit_next_record.constprop.0+0x66b/0x800 [ 151.942663] syscall_exit_to_user_mode+0x19/0x40 [ 151.942982] softirqs last enabled at (132572): [] __irq_exit_rcu+0x11b/0x180 [ 151.943281] do_syscall_64+0x48/0x90 [ 151.943586] softirqs last disabled at (132455): [] __irq_exit_rcu+0x11b/0x180 [ 151.943882] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 151.944166] ---[ end trace 0000000000000000 ]--- [ 151.944511] RIP: 0033:0x7f8cd6aab8d7 [ 151.944823] ------------[ cut here ]------------ [ 151.945126] Code: Unable to access opcode bytes at RIP 0x7f8cd6aab8ad. [ 151.945450] WARNING: CPU: 0 PID: 301 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 151.945745] RSP: 002b:00007ffc2ffe86d8 EFLAGS: 00000246 [ 151.946114] Modules linked in: [ 151.946397] ORIG_RAX: 0000000000000010 [ 151.946756] [ 151.946762] CPU: 0 PID: 301 Comm: syz-executor.3 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 151.947135] RAX: ffffffffffffffed RBX: 0000000000000004 RCX: 00007f8cd6aab8d7 [ 151.947464] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 151.947761] RDX: 00007ffc2ffe86e0 RSI: 0000000000008933 RDI: 0000000000000004 [ 151.948024] RIP: 0010:__flush_work+0xaaa/0xd20 [ 151.948306] RBP: 0000000000000004 R08: 0000000000000100 R09: 0000000000000006 [ 151.948689] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 151.949000] R10: 00007f8cd6b05a00 R11: 0000000000000246 R12: 00007ffc2ffe86e0 [ 151.949282] RSP: 0018:ffff88803ff2f6e8 EFLAGS: 00010293 [ 151.949652] R13: 0000000000000003 R14: 00007ffc2ffe876c R15: 0000000000000042 [ 151.950107] [ 151.950394] [ 151.950760] RAX: 0000000000000000 RBX: ffff888018a59b30 RCX: 0000000000000000 [ 151.951102] irq event stamp: 125605 [ 151.951382] RDX: ffff88800fd3b580 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 151.951668] hardirqs last enabled at (125615): [] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 151.952171] RBP: ffff88803ff2f890 R08: 0000000000000001 R09: 0000000000000000 [ 151.952466] hardirqs last disabled at (125622): [] console_emit_next_record.constprop.0+0x66b/0x800 [ 151.952978] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888018a59b30 [ 151.953249] softirqs last enabled at (123620): [] __irq_exit_rcu+0x11b/0x180 [ 151.953771] R13: 0000000000000001 R14: ffff888018a59b48 R15: ffff88800fd3b580 [ 151.954047] softirqs last disabled at (123589): [] __irq_exit_rcu+0x11b/0x180 [ 151.954557] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 151.954840] ---[ end trace 0000000000000000 ]--- [ 151.955343] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 151.978908] CR2: 00007fb0f8bba970 CR3: 000000000eeec000 CR4: 0000000000350ef0 [ 151.979447] Call Trace: [ 151.979671] [ 151.979855] ? lock_chain_count+0x20/0x20 [ 151.980180] ? queue_delayed_work_on+0xd0/0xd0 [ 151.980540] ? lock_release+0x3b2/0x750 [ 151.980892] ? mark_held_locks+0x9e/0xe0 [ 151.981214] ? del_timer+0xb6/0x100 [ 151.981507] ? mark_held_locks+0x9e/0xe0 [ 151.981857] ? __cancel_work_timer+0x30f/0x4e0 [ 151.982220] __cancel_work_timer+0x39c/0x4e0 [ 151.982586] ? cancel_delayed_work+0x20/0x20 [ 151.982941] ? mgmt_send_event_skb+0x2ed/0x460 [ 151.983321] ? mgmt_send_event+0x13c/0x180 [ 151.983673] mgmt_index_removed+0x19f/0x2f0 [ 151.984008] ? mgmt_index_added+0x290/0x290 [ 151.984341] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 151.984713] ? blocking_notifier_chain_unregister+0xef/0x290 [ 151.985152] hci_unregister_dev+0x2e2/0x380 [ 151.985497] vhci_release+0x7c/0xf0 [ 151.985803] __fput+0x272/0x9d0 [ 151.986070] ? vhci_close_dev+0x50/0x50 [ 151.986386] task_work_run+0xe2/0x1a0 [ 151.986707] do_exit+0xc37/0x2940 [ 151.986986] ? lock_release+0x3b2/0x750 [ 151.987308] ? get_signal+0x93f/0x24b0 [ 151.987633] ? mm_update_next_owner+0x7e0/0x7e0 [ 151.987999] ? lock_is_held_type+0xd7/0x130 [ 151.988334] do_group_exit+0xd0/0x2a0 [ 151.988653] get_signal+0x2205/0x24b0 [ 151.988957] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 151.989373] ? exit_signals+0x8b0/0x8b0 [ 151.989700] ? sock_do_ioctl+0x196/0x240 [ 151.990023] ? put_user_ifreq+0xc0/0xc0 [ 151.990335] arch_do_signal_or_restart+0x89/0x1be0 [ 151.990743] ? fd_install+0x1c7/0x640 [ 151.991051] ? selinux_inode_getsecctx+0xa0/0xa0 [ 151.991426] ? alloc_file+0x800/0x800 [ 151.991750] ? get_sigframe_size+0x10/0x10 [ 151.992078] ? sock_ioctl+0x1be/0x670 [ 151.992387] ? br_ioctl_call+0xb0/0xb0 [ 151.992716] ? fd_install+0x1f9/0x640 [ 151.993021] ? selinux_file_ioctl+0xb1/0x260 [ 151.993365] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 151.993785] exit_to_user_mode_prepare+0x131/0x1a0 [ 151.994172] syscall_exit_to_user_mode+0x19/0x40 [ 151.994532] do_syscall_64+0x48/0x90 [ 151.994841] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 151.995247] RIP: 0033:0x7fefb9d998d7 [ 151.995537] Code: Unable to access opcode bytes at RIP 0x7fefb9d998ad. [ 151.996043] RSP: 002b:00007fff5b49aba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 151.996639] RAX: ffffffffffffffed RBX: 0000000000000000 RCX: 00007fefb9d998d7 [ 151.997178] RDX: 00007fff5b49abb0 RSI: 0000000000008933 RDI: 0000000000000004 [ 151.997730] RBP: 0000000000000004 R08: 0000000000000100 R09: 00007fff5b49aed0 [ 151.998265] R10: 00007fefb9df3a00 R11: 0000000000000246 R12: 00007fff5b49abb0 [ 151.998810] R13: 00007fefb9df39f9 R14: 0000000000000003 R15: 0000000000000000 [ 151.999380] [ 151.999580] irq event stamp: 135697 [ 151.999855] hardirqs last enabled at (135707): [] __up_console_sem+0x78/0x80 [ 152.000509] hardirqs last disabled at (135716): [] __up_console_sem+0x5d/0x80 [ 152.001172] softirqs last enabled at (132572): [] __irq_exit_rcu+0x11b/0x180 [ 152.001849] softirqs last disabled at (132455): [] __irq_exit_rcu+0x11b/0x180 [ 152.002516] ---[ end trace 0000000000000000 ]--- [ 152.010090] ------------[ cut here ]------------ [ 152.010465] WARNING: CPU: 0 PID: 296 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 152.011193] Modules linked in: [ 152.011446] CPU: 0 PID: 296 Comm: syz-executor.0 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 152.012180] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 152.013040] RIP: 0010:__flush_work+0xaaa/0xd20 [ 152.013395] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 152.014772] RSP: 0018:ffff8880337376e8 EFLAGS: 00010293 [ 152.015183] RAX: 0000000000000000 RBX: ffff88801d9e8988 RCX: 0000000000000000 [ 152.015739] RDX: ffff88801a705040 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 152.016271] RBP: ffff888033737890 R08: 0000000000000001 R09: 0000000000000000 [ 152.016822] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801d9e8988 [ 152.017357] R13: 0000000000000001 R14: ffff88801d9e89a0 R15: ffff88801a705040 [ 152.017911] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 152.018523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.018985] CR2: 00007fb0f8bba970 CR3: 0000000017e86000 CR4: 0000000000350ef0 [ 152.019528] Call Trace: [ 152.019742] [ 152.019922] ? lock_chain_count+0x20/0x20 [ 152.020250] ? queue_delayed_work_on+0xd0/0xd0 [ 152.020629] ? lock_release+0x3b2/0x750 [ 152.020947] ? mark_held_locks+0x9e/0xe0 [ 152.021264] ? del_timer+0xb6/0x100 [ 152.021580] ? mark_held_locks+0x9e/0xe0 [ 152.021904] ? __cancel_work_timer+0x30f/0x4e0 [ 152.022271] __cancel_work_timer+0x39c/0x4e0 [ 152.022632] ? cancel_delayed_work+0x20/0x20 [ 152.022996] ? mgmt_send_event_skb+0x2ed/0x460 [ 152.023369] ? mgmt_send_event+0x13c/0x180 [ 152.023720] mgmt_index_removed+0x187/0x2f0 [ 152.024055] ? mgmt_index_added+0x290/0x290 [ 152.024389] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 152.024770] ? blocking_notifier_chain_unregister+0xef/0x290 [ 152.025226] hci_unregister_dev+0x2e2/0x380 [ 152.025594] vhci_release+0x7c/0xf0 [ 152.025881] __fput+0x272/0x9d0 [ 152.026148] ? vhci_close_dev+0x50/0x50 [ 152.026459] task_work_run+0xe2/0x1a0 [ 152.026782] do_exit+0xc37/0x2940 [ 152.027067] ? lock_release+0x3b2/0x750 [ 152.027385] ? get_signal+0x93f/0x24b0 [ 152.027706] ? mm_update_next_owner+0x7e0/0x7e0 [ 152.028072] ? lock_is_held_type+0xd7/0x130 [ 152.028411] do_group_exit+0xd0/0x2a0 [ 152.028734] get_signal+0x2205/0x24b0 [ 152.029046] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 152.029455] ? exit_signals+0x8b0/0x8b0 [ 152.029793] ? sock_do_ioctl+0x196/0x240 [ 152.030107] ? put_user_ifreq+0xc0/0xc0 [ 152.030428] arch_do_signal_or_restart+0x89/0x1be0 [ 152.030832] ? fd_install+0x1c7/0x640 [ 152.031146] ? selinux_inode_getsecctx+0xa0/0xa0 [ 152.031507] ? alloc_file+0x800/0x800 [ 152.031824] ? get_sigframe_size+0x10/0x10 [ 152.032153] ? sock_ioctl+0x1be/0x670 [ 152.032450] ? br_ioctl_call+0xb0/0xb0 [ 152.032773] ? fd_install+0x1f9/0x640 [ 152.033083] ? selinux_file_ioctl+0xb1/0x260 [ 152.033424] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 152.033847] exit_to_user_mode_prepare+0x131/0x1a0 [ 152.034249] syscall_exit_to_user_mode+0x19/0x40 [ 152.034640] do_syscall_64+0x48/0x90 [ 152.034938] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 152.035343] RIP: 0033:0x7f4d72a8d8d7 [ 152.035640] Code: Unable to access opcode bytes at RIP 0x7f4d72a8d8ad. [ 152.036114] RSP: 002b:00007ffd6aa6a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.036693] RAX: ffffffffffffffed RBX: 0000000000000000 RCX: 00007f4d72a8d8d7 [ 152.037216] RDX: 00007ffd6aa6a210 RSI: 0000000000008933 RDI: 0000000000000004 [ 152.037759] RBP: 0000000000000004 R08: 0000000000000100 R09: 00007ffd6aa6a530 [ 152.038292] R10: 00007f4d72ae7a00 R11: 0000000000000246 R12: 00007ffd6aa6a210 [ 152.038850] R13: 00007f4d72ae79f9 R14: 0000000000000003 R15: 0000000000000000 [ 152.039412] [ 152.039620] irq event stamp: 126987 [ 152.039900] hardirqs last enabled at (126997): [] __up_console_sem+0x78/0x80 [ 152.040554] hardirqs last disabled at (127006): [] __up_console_sem+0x5d/0x80 [ 152.041252] softirqs last enabled at (126204): [] __irq_exit_rcu+0x11b/0x180 [ 152.041914] softirqs last disabled at (126167): [] __irq_exit_rcu+0x11b/0x180 [ 152.042587] ---[ end trace 0000000000000000 ]--- [ 152.042960] ------------[ cut here ]------------ [ 152.043317] WARNING: CPU: 0 PID: 296 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 152.043959] Modules linked in: [ 152.044215] CPU: 0 PID: 296 Comm: syz-executor.0 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 152.044941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 152.045794] RIP: 0010:__flush_work+0xaaa/0xd20 [ 152.046166] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 152.047577] RSP: 0018:ffff8880337376e8 EFLAGS: 00010293 [ 152.047979] RAX: 0000000000000000 RBX: ffff88801d9e8a30 RCX: 0000000000000000 [ 152.048514] RDX: ffff88801a705040 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 152.049066] RBP: ffff888033737890 R08: 0000000000000001 R09: 0000000000000000 [ 152.049619] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801d9e8a30 [ 152.050166] R13: 0000000000000001 R14: ffff88801d9e8a48 R15: ffff88801a705040 [ 152.050716] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 152.051325] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.051777] CR2: 00007fb0f8bba970 CR3: 0000000017e86000 CR4: 0000000000350ef0 [ 152.052327] Call Trace: [ 152.052533] [ 152.052731] ? lock_chain_count+0x20/0x20 [ 152.053052] ? queue_delayed_work_on+0xd0/0xd0 [ 152.053415] ? lock_release+0x3b2/0x750 [ 152.053749] ? mark_held_locks+0x9e/0xe0 [ 152.054061] ? del_timer+0xb6/0x100 [ 152.054355] ? mark_held_locks+0x9e/0xe0 [ 152.054691] ? __cancel_work_timer+0x30f/0x4e0 [ 152.055067] __cancel_work_timer+0x39c/0x4e0 [ 152.055425] ? cancel_delayed_work+0x20/0x20 [ 152.055793] ? mgmt_send_event_skb+0x2ed/0x460 [ 152.056157] ? mgmt_send_event+0x13c/0x180 [ 152.056490] mgmt_index_removed+0x193/0x2f0 [ 152.056846] ? mgmt_index_added+0x290/0x290 [ 152.057178] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 152.057533] ? blocking_notifier_chain_unregister+0xef/0x290 [ 152.058021] hci_unregister_dev+0x2e2/0x380 [ 152.058354] vhci_release+0x7c/0xf0 [ 152.058660] __fput+0x272/0x9d0 [ 152.058924] ? vhci_close_dev+0x50/0x50 [ 152.059240] task_work_run+0xe2/0x1a0 [ 152.059541] do_exit+0xc37/0x2940 [ 152.059836] ? lock_release+0x3b2/0x750 [ 152.060142] ? get_signal+0x93f/0x24b0 [ 152.060446] ? mm_update_next_owner+0x7e0/0x7e0 [ 152.060826] ? lock_is_held_type+0xd7/0x130 [ 152.061153] do_group_exit+0xd0/0x2a0 [ 152.061458] get_signal+0x2205/0x24b0 [ 152.061778] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 152.062183] ? exit_signals+0x8b0/0x8b0 [ 152.062494] ? sock_do_ioctl+0x196/0x240 [ 152.062831] ? put_user_ifreq+0xc0/0xc0 [ 152.063165] arch_do_signal_or_restart+0x89/0x1be0 [ 152.063551] ? fd_install+0x1c7/0x640 [ 152.063872] ? selinux_inode_getsecctx+0xa0/0xa0 [ 152.064227] ? alloc_file+0x800/0x800 [ 152.064529] ? get_sigframe_size+0x10/0x10 [ 152.064873] ? sock_ioctl+0x1be/0x670 [ 152.065180] ? br_ioctl_call+0xb0/0xb0 [ 152.065489] ? fd_install+0x1f9/0x640 [ 152.065812] ? selinux_file_ioctl+0xb1/0x260 [ 152.066151] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 152.066552] exit_to_user_mode_prepare+0x131/0x1a0 [ 152.066961] syscall_exit_to_user_mode+0x19/0x40 [ 152.067330] do_syscall_64+0x48/0x90 [ 152.067642] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 152.068041] RIP: 0033:0x7f4d72a8d8d7 [ 152.068331] Code: Unable to access opcode bytes at RIP 0x7f4d72a8d8ad. [ 152.068844] RSP: 002b:00007ffd6aa6a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.069410] RAX: ffffffffffffffed RBX: 0000000000000000 RCX: 00007f4d72a8d8d7 [ 152.069960] RDX: 00007ffd6aa6a210 RSI: 0000000000008933 RDI: 0000000000000004 [ 152.070483] RBP: 0000000000000004 R08: 0000000000000100 R09: 00007ffd6aa6a530 [ 152.071041] R10: 00007f4d72ae7a00 R11: 0000000000000246 R12: 00007ffd6aa6a210 [ 152.071597] R13: 00007f4d72ae79f9 R14: 0000000000000003 R15: 0000000000000000 [ 152.072147] [ 152.072331] irq event stamp: 127857 [ 152.072619] hardirqs last enabled at (127869): [] __up_console_sem+0x78/0x80 [ 152.073272] hardirqs last disabled at (127878): [] __up_console_sem+0x5d/0x80 [ 152.073941] softirqs last enabled at (126204): [] __irq_exit_rcu+0x11b/0x180 [ 152.074618] softirqs last disabled at (126167): [] __irq_exit_rcu+0x11b/0x180 [ 152.075270] ---[ end trace 0000000000000000 ]--- [ 152.075653] ------------[ cut here ]------------ [ 152.076006] WARNING: CPU: 0 PID: 296 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 152.076639] Modules linked in: [ 152.076892] CPU: 0 PID: 296 Comm: syz-executor.0 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 152.077618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 152.078463] RIP: 0010:__flush_work+0xaaa/0xd20 [ 152.078848] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 152.080222] RSP: 0018:ffff8880337376e8 EFLAGS: 00010293 [ 152.080649] RAX: 0000000000000000 RBX: ffff88801d9e9b30 RCX: 0000000000000000 [ 152.081181] RDX: ffff88801a705040 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 152.081730] RBP: ffff888033737890 R08: 0000000000000001 R09: 0000000000000000 [ 152.082261] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801d9e9b30 [ 152.082815] R13: 0000000000000001 R14: ffff88801d9e9b48 R15: ffff88801a705040 [ 152.083361] FS: 0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 152.083978] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.084418] CR2: 00007fb0f8bba970 CR3: 0000000017e86000 CR4: 0000000000350ef0 [ 152.084970] Call Trace: [ 152.085177] [ 152.085354] ? lock_chain_count+0x20/0x20 [ 152.085698] ? queue_delayed_work_on+0xd0/0xd0 [ 152.086065] ? lock_release+0x3b2/0x750 [ 152.086389] ? mark_held_locks+0x9e/0xe0 [ 152.086725] ? del_timer+0xb6/0x100 [ 152.087021] ? mark_held_locks+0x9e/0xe0 [ 152.087336] ? __cancel_work_timer+0x30f/0x4e0 [ 152.087724] __cancel_work_timer+0x39c/0x4e0 [ 152.088071] ? cancel_delayed_work+0x20/0x20 [ 152.088420] ? mgmt_send_event_skb+0x2ed/0x460 [ 152.088806] ? mgmt_send_event+0x13c/0x180 [ 152.089143] mgmt_index_removed+0x19f/0x2f0 [ 152.089480] ? mgmt_index_added+0x290/0x290 [ 152.089835] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 152.090197] ? blocking_notifier_chain_unregister+0xef/0x290 [ 152.090667] hci_unregister_dev+0x2e2/0x380 [ 152.091019] vhci_release+0x7c/0xf0 [ 152.091304] __fput+0x272/0x9d0 [ 152.091582] ? vhci_close_dev+0x50/0x50 [ 152.091897] task_work_run+0xe2/0x1a0 [ 152.092201] do_exit+0xc37/0x2940 [ 152.092480] ? lock_release+0x3b2/0x750 [ 152.092807] ? get_signal+0x93f/0x24b0 [ 152.093114] ? mm_update_next_owner+0x7e0/0x7e0 [ 152.093480] ? lock_is_held_type+0xd7/0x130 [ 152.093862] do_group_exit+0xd0/0x2a0 [ 152.094158] get_signal+0x2205/0x24b0 [ 152.094464] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 152.094889] ? exit_signals+0x8b0/0x8b0 [ 152.095209] ? sock_do_ioctl+0x196/0x240 [ 152.095528] ? put_user_ifreq+0xc0/0xc0 [ 152.095869] arch_do_signal_or_restart+0x89/0x1be0 [ 152.096252] ? fd_install+0x1c7/0x640 [ 152.096552] ? selinux_inode_getsecctx+0xa0/0xa0 [ 152.096939] ? alloc_file+0x800/0x800 [ 152.097245] ? get_sigframe_size+0x10/0x10 [ 152.097595] ? sock_ioctl+0x1be/0x670 [ 152.097894] ? br_ioctl_call+0xb0/0xb0 [ 152.098200] ? fd_install+0x1f9/0x640 [ 152.098494] ? selinux_file_ioctl+0xb1/0x260 [ 152.098850] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 152.099265] exit_to_user_mode_prepare+0x131/0x1a0 [ 152.099683] syscall_exit_to_user_mode+0x19/0x40 [ 152.100058] do_syscall_64+0x48/0x90 [ 152.100353] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 152.100766] RIP: 0033:0x7f4d72a8d8d7 [ 152.101053] Code: Unable to access opcode bytes at RIP 0x7f4d72a8d8ad. [ 152.101536] RSP: 002b:00007ffd6aa6a208 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.102140] RAX: ffffffffffffffed RBX: 0000000000000000 RCX: 00007f4d72a8d8d7 [ 152.102690] RDX: 00007ffd6aa6a210 RSI: 0000000000008933 RDI: 0000000000000004 [ 152.103221] RBP: 0000000000000004 R08: 0000000000000100 R09: 00007ffd6aa6a530 [ 152.103772] R10: 00007f4d72ae7a00 R11: 0000000000000246 R12: 00007ffd6aa6a210 [ 152.104305] R13: 00007f4d72ae79f9 R14: 0000000000000003 R15: 0000000000000000 [ 152.104866] [ 152.105054] irq event stamp: 128725 [ 152.105331] hardirqs last enabled at (128735): [] __up_console_sem+0x78/0x80 [ 152.105996] hardirqs last disabled at (128746): [] __up_console_sem+0x5d/0x80 [ 152.106672] softirqs last enabled at (126204): [] __irq_exit_rcu+0x11b/0x180 [ 152.107340] softirqs last disabled at (126167): [] __irq_exit_rcu+0x11b/0x180 [ 152.108028] ---[ end trace 0000000000000000 ]--- [ 152.127382] ------------[ cut here ]------------ [ 152.127810] WARNING: CPU: 1 PID: 300 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 152.128445] Modules linked in: [ 152.128726] CPU: 1 PID: 300 Comm: syz-executor.1 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 152.129429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 152.130286] RIP: 0010:__flush_work+0xaaa/0xd20 [ 152.130679] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 152.132102] RSP: 0018:ffff88803d6776e8 EFLAGS: 00010293 [ 152.132512] RAX: 0000000000000000 RBX: ffff88801bbfc988 RCX: 0000000000000000 [ 152.133071] RDX: ffff88801b09d040 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 152.133634] RBP: ffff88803d677890 R08: 0000000000000001 R09: 0000000000000000 [ 152.134174] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801bbfc988 [ 152.134743] R13: 0000000000000001 R14: ffff88801bbfc9a0 R15: ffff88801b09d040 [ 152.135296] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 152.135934] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.136378] CR2: 00007fb0f8cbb000 CR3: 0000000043b30000 CR4: 0000000000350ee0 [ 152.136947] Call Trace: [ 152.137144] [ 152.137321] ? lock_chain_count+0x20/0x20 [ 152.137679] ? queue_delayed_work_on+0xd0/0xd0 [ 152.138041] ? lock_release+0x3b2/0x750 [ 152.138366] ? mark_held_locks+0x9e/0xe0 [ 152.138706] ? del_timer+0xb6/0x100 [ 152.139011] ? mark_held_locks+0x9e/0xe0 [ 152.139329] ? __cancel_work_timer+0x30f/0x4e0 [ 152.139719] __cancel_work_timer+0x39c/0x4e0 [ 152.140068] ? cancel_delayed_work+0x20/0x20 [ 152.140421] ? mgmt_send_event_skb+0x2ed/0x460 [ 152.140825] ? mgmt_send_event+0x13c/0x180 [ 152.141161] mgmt_index_removed+0x187/0x2f0 [ 152.141498] ? mgmt_index_added+0x290/0x290 [ 152.141853] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 152.142211] ? blocking_notifier_chain_unregister+0xef/0x290 [ 152.142701] hci_unregister_dev+0x2e2/0x380 [ 152.143060] vhci_release+0x7c/0xf0 [ 152.143350] __fput+0x272/0x9d0 [ 152.143640] ? vhci_close_dev+0x50/0x50 [ 152.143950] task_work_run+0xe2/0x1a0 [ 152.144254] do_exit+0xc37/0x2940 [ 152.144535] ? lock_release+0x3b2/0x750 [ 152.144872] ? get_signal+0x93f/0x24b0 [ 152.145181] ? mm_update_next_owner+0x7e0/0x7e0 [ 152.145542] ? lock_is_held_type+0xd7/0x130 [ 152.145903] do_group_exit+0xd0/0x2a0 [ 152.146210] get_signal+0x2205/0x24b0 [ 152.146513] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 152.146942] ? exit_signals+0x8b0/0x8b0 [ 152.147266] ? sock_do_ioctl+0x196/0x240 [ 152.147615] ? put_user_ifreq+0xc0/0xc0 [ 152.147930] arch_do_signal_or_restart+0x89/0x1be0 [ 152.148317] ? fd_install+0x1c7/0x640 [ 152.148643] ? selinux_inode_getsecctx+0xa0/0xa0 [ 152.149012] ? alloc_file+0x800/0x800 [ 152.149313] ? get_sigframe_size+0x10/0x10 [ 152.149666] ? sock_ioctl+0x1be/0x670 [ 152.149967] ? br_ioctl_call+0xb0/0xb0 [ 152.150276] ? fd_install+0x1f9/0x640 [ 152.150602] ? selinux_file_ioctl+0xb1/0x260 [ 152.150964] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 152.151371] exit_to_user_mode_prepare+0x131/0x1a0 [ 152.151783] syscall_exit_to_user_mode+0x19/0x40 [ 152.152150] do_syscall_64+0x48/0x90 [ 152.152446] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 152.152868] RIP: 0033:0x7f5b6fdc48d7 [ 152.153155] Code: Unable to access opcode bytes at RIP 0x7f5b6fdc48ad. [ 152.153671] RSP: 002b:00007ffd69c5bd18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.154240] RAX: ffffffffffffffed RBX: 0000000000000006 RCX: 00007f5b6fdc48d7 [ 152.154796] RDX: 00007ffd69c5bd20 RSI: 0000000000008933 RDI: 0000000000000004 [ 152.155337] RBP: 0000000000000004 R08: 0000000000000200 R09: 00007ffd69c5c040 [ 152.155898] R10: 00007f5b6fe1eb80 R11: 0000000000000246 R12: 00007ffd69c5bd20 [ 152.156427] R13: 00007f5b6fe1eb7b R14: 0000000000000003 R15: 0000000000000000 [ 152.157006] [ 152.157195] irq event stamp: 122215 [ 152.157476] hardirqs last enabled at (122225): [] __up_console_sem+0x78/0x80 [ 152.158151] hardirqs last disabled at (122236): [] __up_console_sem+0x5d/0x80 [ 152.158824] softirqs last enabled at (117476): [] __irq_exit_rcu+0x11b/0x180 [ 152.159493] softirqs last disabled at (117403): [] __irq_exit_rcu+0x11b/0x180 [ 152.160172] ---[ end trace 0000000000000000 ]--- [ 152.160547] ------------[ cut here ]------------ [ 152.160929] WARNING: CPU: 1 PID: 300 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 152.161546] Modules linked in: [ 152.161820] CPU: 1 PID: 300 Comm: syz-executor.1 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 152.162527] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 152.163393] RIP: 0010:__flush_work+0xaaa/0xd20 [ 152.163772] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 152.165148] RSP: 0018:ffff88803d6776e8 EFLAGS: 00010293 [ 152.165556] RAX: 0000000000000000 RBX: ffff88801bbfca30 RCX: 0000000000000000 [ 152.166125] RDX: ffff88801b09d040 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 152.166708] RBP: ffff88803d677890 R08: 0000000000000001 R09: 0000000000000000 [ 152.167244] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801bbfca30 [ 152.167799] R13: 0000000000000001 R14: ffff88801bbfca48 R15: ffff88801b09d040 [ 152.168336] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 152.168965] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.169407] CR2: 00007fb0f8cbb000 CR3: 0000000043b30000 CR4: 0000000000350ee0 [ 152.169962] Call Trace: [ 152.170168] [ 152.170352] ? lock_chain_count+0x20/0x20 [ 152.170707] ? queue_delayed_work_on+0xd0/0xd0 [ 152.171076] ? lock_release+0x3b2/0x750 [ 152.171400] ? mark_held_locks+0x9e/0xe0 [ 152.171742] ? del_timer+0xb6/0x100 [ 152.172039] ? mark_held_locks+0x9e/0xe0 [ 152.172360] ? __cancel_work_timer+0x30f/0x4e0 [ 152.172753] __cancel_work_timer+0x39c/0x4e0 [ 152.173103] ? cancel_delayed_work+0x20/0x20 [ 152.173455] ? mgmt_send_event_skb+0x2ed/0x460 [ 152.173852] ? mgmt_send_event+0x13c/0x180 [ 152.174189] mgmt_index_removed+0x193/0x2f0 [ 152.174526] ? mgmt_index_added+0x290/0x290 [ 152.174886] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 152.175250] ? blocking_notifier_chain_unregister+0xef/0x290 [ 152.175727] hci_unregister_dev+0x2e2/0x380 [ 152.176067] vhci_release+0x7c/0xf0 [ 152.176352] __fput+0x272/0x9d0 [ 152.176646] ? vhci_close_dev+0x50/0x50 [ 152.176962] task_work_run+0xe2/0x1a0 [ 152.177264] do_exit+0xc37/0x2940 [ 152.177542] ? lock_release+0x3b2/0x750 [ 152.177889] ? get_signal+0x93f/0x24b0 [ 152.178212] ? mm_update_next_owner+0x7e0/0x7e0 [ 152.178615] ? lock_is_held_type+0xd7/0x130 [ 152.178965] do_group_exit+0xd0/0x2a0 [ 152.179270] get_signal+0x2205/0x24b0 [ 152.179600] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 152.180037] ? exit_signals+0x8b0/0x8b0 [ 152.180355] ? sock_do_ioctl+0x196/0x240 [ 152.180707] ? put_user_ifreq+0xc0/0xc0 [ 152.181041] arch_do_signal_or_restart+0x89/0x1be0 [ 152.181435] ? fd_install+0x1c7/0x640 [ 152.181759] ? selinux_inode_getsecctx+0xa0/0xa0 [ 152.182140] ? alloc_file+0x800/0x800 [ 152.182444] ? get_sigframe_size+0x10/0x10 [ 152.182801] ? sock_ioctl+0x1be/0x670 [ 152.183130] ? br_ioctl_call+0xb0/0xb0 [ 152.183439] ? fd_install+0x1f9/0x640 [ 152.183764] ? selinux_file_ioctl+0xb1/0x260 [ 152.184110] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 152.184509] exit_to_user_mode_prepare+0x131/0x1a0 [ 152.184915] syscall_exit_to_user_mode+0x19/0x40 [ 152.185284] do_syscall_64+0x48/0x90 [ 152.185605] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 152.185994] RIP: 0033:0x7f5b6fdc48d7 [ 152.186274] Code: Unable to access opcode bytes at RIP 0x7f5b6fdc48ad. [ 152.186786] RSP: 002b:00007ffd69c5bd18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.187356] RAX: ffffffffffffffed RBX: 0000000000000006 RCX: 00007f5b6fdc48d7 [ 152.187923] RDX: 00007ffd69c5bd20 RSI: 0000000000008933 RDI: 0000000000000004 [ 152.188462] RBP: 0000000000000004 R08: 0000000000000200 R09: 00007ffd69c5c040 [ 152.189021] R10: 00007f5b6fe1eb80 R11: 0000000000000246 R12: 00007ffd69c5bd20 [ 152.189592] R13: 00007f5b6fe1eb7b R14: 0000000000000003 R15: 0000000000000000 [ 152.190142] [ 152.190331] irq event stamp: 123083 [ 152.190638] hardirqs last enabled at (123095): [] __up_console_sem+0x78/0x80 [ 152.191323] hardirqs last disabled at (123104): [] __up_console_sem+0x5d/0x80 [ 152.192006] softirqs last enabled at (117476): [] __irq_exit_rcu+0x11b/0x180 [ 152.192694] softirqs last disabled at (117403): [] __irq_exit_rcu+0x11b/0x180 [ 152.193368] ---[ end trace 0000000000000000 ]--- [ 152.193771] ------------[ cut here ]------------ [ 152.194129] WARNING: CPU: 1 PID: 300 at kernel/workqueue.c:3066 __flush_work+0xaaa/0xd20 [ 152.194775] Modules linked in: [ 152.195041] CPU: 1 PID: 300 Comm: syz-executor.1 Tainted: G W 5.19.0-rc8-next-20220725 #1 [ 152.195769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 152.196629] RIP: 0010:__flush_work+0xaaa/0xd20 [ 152.196999] Code: 00 48 c7 c6 bf 74 1c 81 48 c7 c7 e0 51 40 85 e8 6c 72 0d 00 e9 11 fc ff ff e8 d2 33 29 00 0f 0b e9 05 fc ff ff e8 c6 33 29 00 <0f> 0b 45 31 ed e9 f6 fb ff ff e8 b7 33 29 00 4c 89 e7 e8 1f 95 06 [ 152.198378] RSP: 0018:ffff88803d6776e8 EFLAGS: 00010293 [ 152.198810] RAX: 0000000000000000 RBX: ffff88801bbfdb30 RCX: 0000000000000000 [ 152.199647] RDX: ffff88801b09d040 RSI: ffffffff811c74fa RDI: 0000000000000001 [ 152.200314] RBP: ffff88803d677890 R08: 0000000000000001 R09: 0000000000000000 [ 152.201011] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88801bbfdb30 [ 152.201688] R13: 0000000000000001 R14: ffff88801bbfdb48 R15: ffff88801b09d040 [ 152.202345] FS: 0000000000000000(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 152.203122] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.203688] CR2: 00007fb0f8cbb000 CR3: 0000000043b30000 CR4: 0000000000350ee0 [ 152.204348] Call Trace: [ 152.204620] [ 152.204834] ? lock_chain_count+0x20/0x20 [ 152.205238] ? queue_delayed_work_on+0xd0/0xd0 [ 152.205714] ? lock_release+0x3b2/0x750 [ 152.206101] ? mark_held_locks+0x9e/0xe0 [ 152.206485] ? del_timer+0xb6/0x100 [ 152.206882] ? mark_held_locks+0x9e/0xe0 [ 152.207278] ? __cancel_work_timer+0x30f/0x4e0 [ 152.207740] __cancel_work_timer+0x39c/0x4e0 [ 152.208164] ? cancel_delayed_work+0x20/0x20 [ 152.208620] ? mgmt_send_event_skb+0x2ed/0x460 [ 152.209063] ? mgmt_send_event+0x13c/0x180 [ 152.209466] mgmt_index_removed+0x19f/0x2f0 [ 152.209906] ? mgmt_index_added+0x290/0x290 [ 152.210315] ? hci_dev_open_sync+0x1fa0/0x1fa0 [ 152.210792] ? blocking_notifier_chain_unregister+0xef/0x290 [ 152.211353] hci_unregister_dev+0x2e2/0x380 [ 152.211798] vhci_release+0x7c/0xf0 [ 152.212149] __fput+0x272/0x9d0 [ 152.212468] ? vhci_close_dev+0x50/0x50 [ 152.212876] task_work_run+0xe2/0x1a0 [ 152.213246] do_exit+0xc37/0x2940 [ 152.213622] ? lock_release+0x3b2/0x750 [ 152.213990] ? get_signal+0x93f/0x24b0 [ 152.214344] ? mm_update_next_owner+0x7e0/0x7e0 [ 152.214795] ? lock_is_held_type+0xd7/0x130 [ 152.215204] do_group_exit+0xd0/0x2a0 [ 152.215559] get_signal+0x2205/0x24b0 [ 152.215951] ? netdev_name_node_lookup_rcu+0x108/0x150 [ 152.216425] ? exit_signals+0x8b0/0x8b0 [ 152.216822] ? sock_do_ioctl+0x196/0x240 [ 152.217196] ? put_user_ifreq+0xc0/0xc0 [ 152.217561] arch_do_signal_or_restart+0x89/0x1be0 [ 152.218073] ? fd_install+0x1c7/0x640 [ 152.218452] ? selinux_inode_getsecctx+0xa0/0xa0 [ 152.218925] ? alloc_file+0x800/0x800 [ 152.219307] ? get_sigframe_size+0x10/0x10 [ 152.219748] ? sock_ioctl+0x1be/0x670 [ 152.220125] ? br_ioctl_call+0xb0/0xb0 [ 152.220496] ? fd_install+0x1f9/0x640 [ 152.220898] ? selinux_file_ioctl+0xb1/0x260 [ 152.221320] ? exit_to_user_mode_prepare+0x109/0x1a0 [ 152.221849] exit_to_user_mode_prepare+0x131/0x1a0 [ 152.222308] syscall_exit_to_user_mode+0x19/0x40 [ 152.222772] do_syscall_64+0x48/0x90 [ 152.223138] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 152.223631] RIP: 0033:0x7f5b6fdc48d7 [ 152.223974] Code: Unable to access opcode bytes at RIP 0x7f5b6fdc48ad. [ 152.224553] RSP: 002b:00007ffd69c5bd18 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 152.225275] RAX: ffffffffffffffed RBX: 0000000000000006 RCX: 00007f5b6fdc48d7 [ 152.225939] RDX: 00007ffd69c5bd20 RSI: 0000000000008933 RDI: 0000000000000004 [ 152.226612] RBP: 0000000000000004 R08: 0000000000000200 R09: 00007ffd69c5c040 [ 152.227265] R10: 00007f5b6fe1eb80 R11: 0000000000000246 R12: 00007ffd69c5bd20 [ 152.227934] R13: 00007f5b6fe1eb7b R14: 0000000000000003 R15: 0000000000000000 [ 152.228617] [ 152.228838] irq event stamp: 123967 [ 152.229164] hardirqs last enabled at (123977): [] __up_console_sem+0x78/0x80 [ 152.229964] hardirqs last disabled at (123988): [] __up_console_sem+0x5d/0x80 [ 152.230796] softirqs last enabled at (117476): [] __irq_exit_rcu+0x11b/0x180 [ 152.231650] softirqs last disabled at (117403): [] __irq_exit_rcu+0x11b/0x180 [ 152.232446] ---[ end trace 0000000000000000 ]--- [ 154.689521] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 154.692170] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 154.694192] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 154.699323] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 154.701511] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 154.703191] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 154.753474] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 154.756345] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 154.758674] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 154.763198] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 154.766553] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 154.768156] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 154.838372] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 154.843549] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 154.845953] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 154.851136] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 154.853503] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 154.862786] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 156.723683] Bluetooth: hci0: command 0x0409 tx timeout [ 156.786627] Bluetooth: hci1: command 0x0409 tx timeout [ 156.850802] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 156.916841] Bluetooth: hci5: command 0x0409 tx timeout [ 158.770703] Bluetooth: hci0: command 0x041b tx timeout [ 158.835715] Bluetooth: hci1: command 0x041b tx timeout [ 158.962731] Bluetooth: hci5: command 0x041b tx timeout [ 159.250053] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 159.251518] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 159.253331] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 159.256873] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 159.258881] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 159.260533] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 160.818752] Bluetooth: hci0: command 0x040f tx timeout [ 160.882973] Bluetooth: hci1: command 0x040f tx timeout [ 161.010647] Bluetooth: hci5: command 0x040f tx timeout [ 161.330783] Bluetooth: hci7: command 0x0409 tx timeout VM DIAGNOSIS: 14:41:37 Registers: info registers vcpu 0 RAX=0000000000000007 RBX=0000000000000001 RCX=000000000000d408 RDX=0000000000002bd0 RSI=0000000000002bd0 RDI=ffffffff8625604c RBP=ffff88801828f618 RSP=ffff88801828f540 R8 =ffffffff852c3bc0 R9 =ffffffff85ebf856 R10=ffffed1003051ec5 R11=000000000003603c R12=ffff88801828f601 R13=ffff88801828f620 R14=ffff88801828f5c0 R15=ffffffff812bd0e8 RIP=ffffffff81119510 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007fd50a489700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fb0f8b940a0 CR3=0000000017e86000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 6576652d7372656b 726f772d6c6c696b YMM02=0000000000000000 0000000000000000 ffffff0f0e0d0c0b 0a09080706050403 YMM03=0000000000000000 0000000000000000 696e656420737365 636341002f737973 YMM04=0000000000000000 0000000000000000 0000000200000001 000055f1dedf4800 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 000055f1dedea500 0000000400000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 7269762f73656369 7665642f7379732f YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000002000000000 0000002000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff82439431 RDI=ffffffff8762d6a0 RBP=ffffffff8762d660 RSP=ffff88804115f000 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000030 R11=0000000000000001 R12=0000000000000030 R13=ffffffff8762d660 R14=0000000000000010 R15=ffffffff82439420 RIP=ffffffff82439489 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005600f0e5de08 CR3=000000000eb54000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 6576652d7372656b 726f772d6c6c696b YMM02=0000000000000000 0000000000000000 ffffff0f0e0d0c0b 0a09080706050403 YMM03=0000000000000000 0000000000000000 696e656420737365 636341002f737973 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 000055f1dedeafa0 000055f1dedeaf00 YMM06=0000000000000000 0000000000000000 000055f1dedea570 ffffffff00000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 7269762f73656369 7665642f7379732f YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000002000000000 0000002000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000