Warning: Permanently added '[localhost]:61241' (ECDSA) to the list of known hosts.
2022/09/09 11:10:03 fuzzer started
2022/09/09 11:10:03 dialing manager at localhost:44773
syzkaller login: [   34.084886] cgroup: Unknown subsys name 'net'
[   34.142795] cgroup: Unknown subsys name 'rlimit'
2022/09/09 11:10:15 syscalls: 2215
2022/09/09 11:10:15 code coverage: enabled
2022/09/09 11:10:15 comparison tracing: enabled
2022/09/09 11:10:15 extra coverage: enabled
2022/09/09 11:10:15 setuid sandbox: enabled
2022/09/09 11:10:15 namespace sandbox: enabled
2022/09/09 11:10:15 Android sandbox: enabled
2022/09/09 11:10:15 fault injection: enabled
2022/09/09 11:10:15 leak checking: enabled
2022/09/09 11:10:15 net packet injection: enabled
2022/09/09 11:10:15 net device setup: enabled
2022/09/09 11:10:15 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2022/09/09 11:10:15 devlink PCI setup: PCI device 0000:00:10.0 is not available
2022/09/09 11:10:15 USB emulation: enabled
2022/09/09 11:10:15 hci packet injection: enabled
2022/09/09 11:10:15 wifi device emulation: failed to parse kernel version (6.0.0-rc4-next-20220909                                          )
2022/09/09 11:10:15 802.15.4 emulation: enabled
2022/09/09 11:10:15 fetching corpus: 0, signal 0/0 (executing program)
2022/09/09 11:10:15 fetching corpus: 0, signal 0/0 (executing program)
2022/09/09 11:10:16 starting 8 fuzzer processes
11:10:16 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r0, 0x1, 0x12, 0x0, &(0x7f00000000c0))

11:10:16 executing program 0:
r0 = memfd_create(&(0x7f0000000380)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5\x88\xf3g\xba\xed>Wj\x9a\xca\xc1\xd6u\xe0/|i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb62j\x88\xd4K\x0ev;\x1f\xffz1p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x04D\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x918\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=', 0x0)
preadv2(r0, &(0x7f0000001200)=[{&(0x7f00000013c0)=""/135, 0x87}], 0x1, 0x7008, 0x0, 0x0)

11:10:16 executing program 2:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, 0x0, 0x0)

11:10:16 executing program 3:
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x76, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000240)=ANY=[], 0x8e, 0x0)

11:10:16 executing program 4:
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0xc2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x44, 0x0, "704f5992d666aa2888e479ca552ee155f638582a91ca97213cf4774a2e4c350cdc3f9f62a4c21970bd149a52fa311b916bf00b51b808c412ed6b9fcbb5be4a2fb7dd8fd0dfa22b4100"}, 0xd8)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000018c0)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x141042, 0x0)
pwritev(r2, &(0x7f0000000140)=[{&(0x7f0000000000)='P', 0x1}], 0x1, 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000040)={0x9, 0x5, 0x100, 0x3, 0x9})
socket$unix(0x1, 0x5, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611)
openat(r2, &(0x7f0000000080)='./file1\x00', 0x4680, 0x150)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(r3, 0xc020662a, &(0x7f0000000140))

11:10:16 executing program 7:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000180)='asymmetric\x00', &(0x7f00000001c0))
add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, r0)

[   47.349252] audit: type=1400 audit(1662721816.945:6): avc:  denied  { execmem } for  pid=284 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
11:10:16 executing program 5:
add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x20001, 0x0)

11:10:16 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x101242)
write$evdev(r0, &(0x7f00000000c0)=[{{}, 0x5}, {{0x0, 0xea60}, 0x1, 0xd62}], 0x30)

[   48.587522] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   48.590069] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   48.591521] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   48.594133] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   48.595471] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   48.598406] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   48.602990] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   48.605551] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   48.607169] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   48.609126] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   48.610860] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   48.612946] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   48.614097] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   48.615247] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   48.617357] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   48.623071] Bluetooth: hci1: HCI_REQ-0x0c1a
[   48.624949] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   48.626440] Bluetooth: hci0: HCI_REQ-0x0c1a
[   48.662033] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   48.663432] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   48.672495] Bluetooth: hci2: HCI_REQ-0x0c1a
[   48.739318] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[   48.740803] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[   48.768611] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[   48.770129] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[   48.774671] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[   48.778281] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[   48.781226] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[   48.781415] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[   48.790297] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[   48.794644] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[   48.798082] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[   48.798385] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[   48.815368] Bluetooth: hci6: HCI_REQ-0x0c1a
[   48.816605] Bluetooth: hci7: HCI_REQ-0x0c1a
[   50.675850] Bluetooth: hci2: command 0x0409 tx timeout
[   50.675876] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   50.676389] Bluetooth: hci0: command 0x0409 tx timeout
[   50.677054] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   50.677432] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   50.739931] Bluetooth: hci1: command 0x0409 tx timeout
[   50.867871] Bluetooth: hci7: command 0x0409 tx timeout
[   50.868387] Bluetooth: hci6: command 0x0409 tx timeout
[   52.723869] Bluetooth: hci0: command 0x041b tx timeout
[   52.724357] Bluetooth: hci2: command 0x041b tx timeout
[   52.787901] Bluetooth: hci1: command 0x041b tx timeout
[   52.915943] Bluetooth: hci6: command 0x041b tx timeout
[   52.917247] Bluetooth: hci7: command 0x041b tx timeout
[   54.771866] Bluetooth: hci2: command 0x040f tx timeout
[   54.772746] Bluetooth: hci0: command 0x040f tx timeout
[   54.836855] Bluetooth: hci1: command 0x040f tx timeout
[   54.963878] Bluetooth: hci7: command 0x040f tx timeout
[   54.964734] Bluetooth: hci6: command 0x040f tx timeout
[   55.347954] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   55.348974] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   55.350089] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   56.819841] Bluetooth: hci0: command 0x0419 tx timeout
[   56.820327] Bluetooth: hci2: command 0x0419 tx timeout
[   56.885647] Bluetooth: hci1: command 0x0419 tx timeout
[   57.012844] Bluetooth: hci6: command 0x0419 tx timeout
[   57.013337] Bluetooth: hci7: command 0x0419 tx timeout
[   59.763899] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   59.955846] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   59.955902] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   64.115844] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   64.371861] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   64.372843] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   68.404869] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   68.787872] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   68.788831] Bluetooth: hci5: Opcode 0x c03 failed: -110
[   71.158335] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   71.159058] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   71.159713] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   71.161655] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   71.162708] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   71.164069] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   71.166375] Bluetooth: hci5: HCI_REQ-0x0c1a
[   72.692832] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   73.139952] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   73.204840] Bluetooth: hci5: command 0x0409 tx timeout
11:10:43 executing program 0:
r0 = memfd_create(&(0x7f0000000380)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5\x88\xf3g\xba\xed>Wj\x9a\xca\xc1\xd6u\xe0/|i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb62j\x88\xd4K\x0ev;\x1f\xffz1p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x04D\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x918\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=', 0x0)
preadv2(r0, &(0x7f0000001200)=[{&(0x7f00000013c0)=""/135, 0x87}], 0x1, 0x7008, 0x0, 0x0)

11:10:43 executing program 0:
r0 = memfd_create(&(0x7f0000000380)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5\x88\xf3g\xba\xed>Wj\x9a\xca\xc1\xd6u\xe0/|i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb62j\x88\xd4K\x0ev;\x1f\xffz1p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x04D\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x918\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=', 0x0)
preadv2(r0, &(0x7f0000001200)=[{&(0x7f00000013c0)=""/135, 0x87}], 0x1, 0x7008, 0x0, 0x0)

11:10:43 executing program 0:
r0 = memfd_create(&(0x7f0000000380)='B\xdb/\x89\x03l\xdeb\xcb\xb54\xed\xbeLY\xb5Z\xe1\x12S\xf5G\xcc\xf3\xe9\x02h\v\xca(\x96\xe1C\xdf\x1c\xea\x85C\xfb\x10\x13\xfa\x03\x16\xcd\x17\xa2\x80\xa1z\xb4r\x95\xc3@\x9d\xa6\xf1\x92#}g\xd3`\xf7\xcez\xcb\xb3\x1a\xbb\xc48e\x8e\xb1&\xd1\x8a\xe6!\x7f\x8d\xea,qx\xa28\xbf\"\xc7e\x06L\xb06\xeb<$\xd7\xba\xe5\x01\x03\x94r\xab\xd4J\x03s\xaf\xf6A\xbfV\xfa\x1ew\x8d\xbf\x99I\x97\xd8\xd2\xe8\x11\xc4\x04\x00\x84\xd5\x88\xf3g\xba\xed>Wj\x9a\xca\xc1\xd6u\xe0/|i\xee\xaf\xae[E\x1f\xdd\xd7#rT+\xb62j\x88\xd4K\x0ev;\x1f\xffz1p\xaf[\x99\" 1\xeb\xc7)\xd2\x1dh\xf2\xd5s\xfd?\fa>\x9f;\xe5r\xe5\xbd\xb0|=\x8eZcPY\xf8\xbd\x13\xaa\x8b\xdf\xbc\x93u\xd5\xb0r\xfb\xde\xe7\xd9k\xe2\xc6\x1b\xf2o@&>\xf2M\xe7\x8c\xeb\xee\xf5\x02~\x85\x14\xf3\xc6v\xf15PE\x8c\xca\x16$\xc2\x01#\xb563\rbq\xbf64\xfaW\x17\xdfa\xe6\xca\x86\xd7\xf8\x81X\x9bg4\xc1\xdam\xcf=Rq6\xb0\xd4D=I\x1a\x0e\xd0\xabz\xe2\x19\x0fM\xad\xdco\xa4\xb2\x8c?\xc1\x10\xf273\xd00\xb3_\xe8\x9a*\xfcL\xea;\xc0\x9a\xdbx!N;\xb5x\t\xa4E\xbe\x93r\x04\xf5\xf0\xf5\x7f\x9a)\xf5\x1b\"\xa1\xd8\x06>\xc9\xe2r\xe9_\xfe\xc0\b\x81\x98\x1c\xe2\xe0?\x8f\xa1\xbel\aN\x83@\xb1\x03)4A\x83\xd6\xcf\xf6\xb5\x82\xb7\x9dA\b$\xa2x\x8a@\xfaj~\xef\x93\xb1/L\x01\xe2\xba|\xf0\x01)PP\xcdl\x06\xfc\x15;qZ\xb1u\xc9\xd0\xd16~JEGm\xe4\x1e@\x9dG\xe4@\xdf\xba\'\x8b\x04D\xc7\xec\xd1@}tR\xd9P\xf4N\xe3\xd8x\xa0\x918\xc2}\x13\b\xca\t(Z\xa3_\xa1\x90\x15T\x93\xe7%\x98\xa7\xfb\x8bp/eq\x93\xbf\x1f =|\xf3\xb1\xfcR\xd8\nM,\xcb%@\'\x15\x88\xd8\xad\f\x91|\x95\x8fq+\x98\x81W\xba\x9f\xe0elOt\xbd\by\r\x87\x1c\xba\xbd\x8e+S>\xb8\xe29\x91h^x\xfb`\x00\xdd/\xa6\xb1\x16=', 0x0)
preadv2(r0, &(0x7f0000001200)=[{&(0x7f00000013c0)=""/135, 0x87}], 0x1, 0x7008, 0x0, 0x0)

11:10:43 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x101242)
write$evdev(r0, &(0x7f00000000c0)=[{{}, 0x5}, {{0x0, 0xea60}, 0x1, 0xd62}], 0x30)

11:10:43 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x101242)
write$evdev(r0, &(0x7f00000000c0)=[{{}, 0x5}, {{0x0, 0xea60}, 0x1, 0xd62}], 0x30)

11:10:43 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x101242)
write$evdev(r0, &(0x7f00000000c0)=[{{}, 0x5}, {{0x0, 0xea60}, 0x1, 0xd62}], 0x30)

11:10:43 executing program 0:
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x101242)
write$evdev(r0, &(0x7f00000000c0)=[{{}, 0x5}, {{0x0, 0xea60}, 0x1, 0xd62}], 0x30)

11:10:43 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x101242)
write$evdev(r0, &(0x7f00000000c0)=[{{}, 0x5}, {{0x0, 0xea60}, 0x1, 0xd62}], 0x30)

[   74.978388] audit: type=1400 audit(1662721844.574:7): avc:  denied  { open } for  pid=2683 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[   74.980257] audit: type=1400 audit(1662721844.574:8): avc:  denied  { kernel } for  pid=2683 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[   75.271204] Bluetooth: hci5: command 0x041b tx timeout
[   76.979827] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   77.299858] Bluetooth: hci5: command 0x040f tx timeout
[   77.619881] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   79.347860] Bluetooth: hci5: command 0x0419 tx timeout
[   81.203851] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   81.908606] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   85.427921] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   86.131846] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   89.124223] random: crng reseeded on system resumption
[   89.128024] random: crng reseeded on system resumption
[   89.587879] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   90.291898] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   93.747883] Bluetooth: hci3: Opcode 0x c03 failed: -110
[   94.515893] Bluetooth: hci4: Opcode 0x c03 failed: -110
[   97.907851] Bluetooth: hci3: Opcode 0x c03 failed: -110
2022/09/09 11:11:07 executor 7 failed 11 times:
executor 7: exit status 67
SYZFAIL: wrong response packet
 (errno 2: No such file or directory)
loop exited with status 67
[   98.170749] syz-executor.1 (293) used greatest stack depth: 25296 bytes left
[   98.675943] Bluetooth: hci4: Opcode 0x c03 failed: -110

VM DIAGNOSIS:
11:11:07  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=0000000000000000 RCX=0000000000000000 RDX=ffff888018b0d040
RSI=ffffffff815e67a4 RDI=0000000000000007 RBP=ffffea0000d1ec00 RSP=ffff88803868f620
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=ffffea0000d1ec00 R14=dffffc0000000000 R15=0000000000000000
RIP=ffffffff81462530 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fda6f53d480 CR3=0000000008a26000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 636578650a3a7365 6d69742031312064
YMM02=0000000000000000 0000000000000000 6174732074697865 203a3720726f7475
YMM03=0000000000000000 0000000000000000 203a4c4941465a59 530a373620737574
YMM04=0000000000000000 0000000000000000 702065736e6f7073 657220676e6f7277
YMM05=0000000000000000 0000000000000000 3a32206f6e727265 28200a74656b6361
YMM06=0000000000000000 0000000000000000 726f20656c696620 68637573206f4e20
YMM07=0000000000000000 0000000000000000 706f6f6c0a297972 6f74636572696420
YMM08=0000000000000000 0000000000000000 3a3720726f747563 6578650a3a73656d
YMM09=0000000000000000 0000000000000000 0a37362073757461 7473207469786520
YMM10=0000000000000000 0000000000000000 7220676e6f727720 3a4c4941465a5953
YMM11=0000000000000000 0000000000000000 200a74656b636170 2065736e6f707365
YMM12=0000000000000000 0000000000000000 637573206f4e203a 32206f6e72726528
YMM13=0000000000000000 0000000000000000 7463657269642072 6f20656c69662068
YMM14=0000000000000000 0000000000000000 6465746978652070 6f6f6c0a2979726f
YMM15=0000000000000000 0000000000000000 0a37362073757461 7473206874697720
info registers vcpu 1
RAX=0000000000000000 RBX=ffffea0000bae280 RCX=ffffffff8169346f RDX=ffff88801d478000
RSI=0000000000000008 RDI=ffffea0000bae280 RBP=ffff88802e8fb200 RSP=ffff88801b367640
R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001
R12=ffff88801b367a30 R13=ffffea0000bae280 R14=dffffc0000000000 R15=ffffea0000bae280
RIP=ffffffff81789014 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe6d0daffb8 CR3=000000000d58c000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000