Warning: Permanently added '[localhost]:11128' (ECDSA) to the list of known hosts.
2021/06/16 17:05:41 fuzzer started
2021/06/16 17:05:42 connecting to host at localhost:37269
2021/06/16 17:05:42 checking machine...
2021/06/16 17:05:42 checking revisions...
2021/06/16 17:05:42 testing simple program...
executing program
executing program
executing program
executing program
executing program
syzkaller login: [  183.650296][ T8674] BUG: sleeping function called from invalid context at net/core/sock.c:3064
[  183.679173][ T8674] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 8674, name: syz-executor.0
[  183.712418][ T8674] 1 lock held by syz-executor.0/8674:
[  183.742035][ T8674]  #0: ffffffff8d8c38e0 (hci_sk_list.lock){++++}-{2:2}, at: hci_sock_dev_event+0x3db/0x660
[  183.764806][ T8674] Preemption disabled at:
[  183.764824][ T8674] [<0000000000000000>] 0x0
[  183.777796][ T8674] CPU: 1 PID: 8674 Comm: syz-executor.0 Not tainted 5.13.0-rc6-syzkaller #0
[  183.791944][ T8674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[  183.809675][ T8674] Call Trace:
[  183.818424][ T8674]  dump_stack+0x141/0x1d7
[  183.828873][ T8674]  ___might_sleep.cold+0x1f1/0x237
[  183.841008][ T8674]  lock_sock_nested+0x25/0x120
[  183.852656][ T8674]  hci_sock_dev_event+0x465/0x660
[  183.861740][ T8674]  ? hci_send_monitor_ctrl_event+0x560/0x560
[  183.873019][ T8674]  ? do_raw_read_unlock+0x70/0x70
[  183.882858][ T8674]  hci_unregister_dev+0x2fd/0x1130
[  183.893955][ T8674]  ? fsnotify+0x1070/0x1070
[  183.903281][ T8674]  ? hci_bdaddr_list_clear+0x200/0x200
[  183.918290][ T8674]  ? fcntl_setlk+0xe90/0xe90
[  183.932216][ T8674]  vhci_release+0x70/0xe0
[  183.942424][ T8674]  __fput+0x288/0x920
[  183.951353][ T8674]  ? vhci_close_dev+0x50/0x50
[  183.962911][ T8674]  task_work_run+0xdd/0x1a0
[  183.973890][ T8674]  do_exit+0xbfc/0x2a60
[  183.983559][ T8674]  ? find_held_lock+0x2d/0x110
[  183.994278][ T8674]  ? mm_update_next_owner+0x7a0/0x7a0
[  184.006266][ T8674]  ? lock_downgrade+0x6e0/0x6e0
[  184.017246][ T8674]  ? lock_downgrade+0x6e0/0x6e0
[  184.030367][ T8674]  do_group_exit+0x125/0x310
[  184.038839][ T8674]  __ia32_sys_exit_group+0x3a/0x50
[  184.048490][ T8674]  __do_fast_syscall_32+0x67/0xe0
[  184.061334][ T8674]  do_fast_syscall_32+0x2f/0x70
[  184.073064][ T8674]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  184.089559][ T8674] RIP: 0023:0xf7f0d549
[  184.098309][ T8674] Code: Unable to access opcode bytes at RIP 0xf7f0d51f.
[  184.114866][ T8674] RSP: 002b:00000000ffb6199c EFLAGS: 00000282 ORIG_RAX: 00000000000000fc
[  184.135112][ T8674] RAX: ffffffffffffffda RBX: 0000000000000043 RCX: 00000000ffb619e8
[  184.154428][ T8674] RDX: 0000000000000000 RSI: 000000000817214c RDI: 0000000000000010
[  184.174533][ T8674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  184.192926][ T8674] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  184.228314][ T8674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  184.296621][ T8674] 
[  184.302165][ T8674] ======================================================
[  184.315119][ T8674] WARNING: possible circular locking dependency detected
[  184.327914][ T8674] 5.13.0-rc6-syzkaller #0 Tainted: G        W        
[  184.340403][ T8674] ------------------------------------------------------
[  184.353333][ T8674] syz-executor.0/8674 is trying to acquire lock:
[  184.364582][ T8674] ffffffff8d8c38e0 (hci_sk_list.lock){++++}-{2:2}, at: bt_sock_unlink+0x1d/0x1c0
[  184.382462][ T8674] 
[  184.382462][ T8674] but task is already holding lock:
[  184.395623][ T8674] ffff8880164c3120 (sk_lock-AF_BLUETOOTH-BTPROTO_HCI){+.+.}-{0:0}, at: hci_sock_release+0x61/0x4d0
[  184.413953][ T8674] 
[  184.413953][ T8674] which lock already depends on the new lock.
[  184.413953][ T8674] 
[  184.433258][ T8674] 
[  184.433258][ T8674] the existing dependency chain (in reverse order) is:
[  184.450234][ T8674] 
[  184.450234][ T8674] -> #1 (sk_lock-AF_BLUETOOTH-BTPROTO_HCI){+.+.}-{0:0}:
[  184.467405][ T8674]        lock_sock_nested+0xca/0x120
[  184.476746][ T8674]        hci_sock_dev_event+0x465/0x660
[  184.485909][ T8674]        hci_unregister_dev+0x2fd/0x1130
[  184.496368][ T8674]        vhci_release+0x70/0xe0
[  184.505156][ T8674]        __fput+0x288/0x920
[  184.512682][ T8674]        task_work_run+0xdd/0x1a0
[  184.535214][ T8674]        do_exit+0xbfc/0x2a60
[  184.544410][ T8674]        do_group_exit+0x125/0x310
[  184.561352][ T8674]        __ia32_sys_exit_group+0x3a/0x50
[  184.574669][ T8674]        __do_fast_syscall_32+0x67/0xe0
[  184.585208][ T8674]        do_fast_syscall_32+0x2f/0x70
[  184.594659][ T8674]        entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  184.611245][ T8674] 
[  184.611245][ T8674] -> #0 (hci_sk_list.lock){++++}-{2:2}:
[  184.629400][ T8674]        __lock_acquire+0x2a17/0x5230
[  184.642668][ T8674]        lock_acquire+0x1ab/0x740
[  184.656212][ T8674]        _raw_write_lock+0x2a/0x40
[  184.668109][ T8674]        bt_sock_unlink+0x1d/0x1c0
[  184.680316][ T8674]        hci_sock_release+0xcf/0x4d0
[  184.691939][ T8674]        __sock_release+0xcd/0x280
[  184.703971][ T8674]        sock_close+0x18/0x20
[  184.714539][ T8674]        __fput+0x288/0x920
[  184.724813][ T8674]        task_work_run+0xdd/0x1a0
[  184.734786][ T8674]        do_exit+0xbfc/0x2a60
[  184.744918][ T8674]        do_group_exit+0x125/0x310
[  184.757352][ T8674]        __ia32_sys_exit_group+0x3a/0x50
[  184.770916][ T8674]        __do_fast_syscall_32+0x67/0xe0
[  184.783084][ T8674]        do_fast_syscall_32+0x2f/0x70
[  184.796708][ T8674]        entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  184.813379][ T8674] 
[  184.813379][ T8674] other info that might help us debug this:
[  184.813379][ T8674] 
[  184.833023][ T8674]  Possible unsafe locking scenario:
[  184.833023][ T8674] 
[  184.848920][ T8674]        CPU0                    CPU1
[  184.861462][ T8674]        ----                    ----
[  184.874637][ T8674]   lock(sk_lock-AF_BLUETOOTH-BTPROTO_HCI);
[  184.887665][ T8674]                                lock(hci_sk_list.lock);
[  184.903891][ T8674]                                lock(sk_lock-AF_BLUETOOTH-BTPROTO_HCI);
[  184.921477][ T8674]   lock(hci_sk_list.lock);
[  184.934160][ T8674] 
[  184.934160][ T8674]  *** DEADLOCK ***
[  184.934160][ T8674] 
[  184.953160][ T8674] 2 locks held by syz-executor.0/8674:
[  184.966386][ T8674]  #0: ffff888024c77ad0 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}, at: __sock_release+0x86/0x280
[  184.992897][ T8674]  #1: ffff8880164c3120 (sk_lock-AF_BLUETOOTH-BTPROTO_HCI){+.+.}-{0:0}, at: hci_sock_release+0x61/0x4d0
[  185.020084][ T8674] 
[  185.020084][ T8674] stack backtrace:
[  185.034527][ T8674] CPU: 1 PID: 8674 Comm: syz-executor.0 Tainted: G        W         5.13.0-rc6-syzkaller #0
[  185.060066][ T8674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[  185.074924][ T8674] Call Trace:
[  185.081201][ T8674]  dump_stack+0x141/0x1d7
[  185.090194][ T8674]  check_noncircular+0x25f/0x2e0
[  185.100717][ T8674]  ? stack_trace_save+0x8c/0xc0
[  185.109810][ T8674]  ? print_circular_bug+0x1e0/0x1e0
[  185.120625][ T8674]  ? is_dynamic_key+0x1a0/0x1a0
[  185.130861][ T8674]  ? lockdep_lock+0xc6/0x200
[  185.142320][ T8674]  ? call_rcu_zapped+0xb0/0xb0
[  185.154580][ T8674]  __lock_acquire+0x2a17/0x5230
[  185.169056][ T8674]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  185.184096][ T8674]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  185.198573][ T8674]  lock_acquire+0x1ab/0x740
[  185.207868][ T8674]  ? bt_sock_unlink+0x1d/0x1c0
[  185.217203][ T8674]  ? lock_release+0x720/0x720
[  185.228899][ T8674]  ? lock_release+0x720/0x720
[  185.240402][ T8674]  ? lock_downgrade+0x6e0/0x6e0
[  185.249670][ T8674]  ? do_raw_spin_lock+0x120/0x2b0
[  185.259282][ T8674]  ? mark_held_locks+0x9f/0xe0
[  185.269216][ T8674]  _raw_write_lock+0x2a/0x40
[  185.279467][ T8674]  ? bt_sock_unlink+0x1d/0x1c0
[  185.291808][ T8674]  bt_sock_unlink+0x1d/0x1c0
[  185.299250][ T8674]  hci_sock_release+0xcf/0x4d0
[  185.308836][ T8674]  __sock_release+0xcd/0x280
[  185.318175][ T8674]  sock_close+0x18/0x20
[  185.326730][ T8674]  __fput+0x288/0x920
[  185.334486][ T8674]  ? __sock_release+0x280/0x280
[  185.343717][ T8674]  task_work_run+0xdd/0x1a0
[  185.351879][ T8674]  do_exit+0xbfc/0x2a60
[  185.357531][ T8674]  ? find_held_lock+0x2d/0x110
[  185.367869][ T8674]  ? mm_update_next_owner+0x7a0/0x7a0
[  185.383888][ T8674]  ? lock_downgrade+0x6e0/0x6e0
[  185.390515][ T8674]  ? lock_downgrade+0x6e0/0x6e0
[  185.395978][ T8674]  do_group_exit+0x125/0x310
[  185.403414][ T8674]  __ia32_sys_exit_group+0x3a/0x50
[  185.410854][ T8674]  __do_fast_syscall_32+0x67/0xe0
[  185.417985][ T8674]  do_fast_syscall_32+0x2f/0x70
[  185.425339][ T8674]  entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
[  185.434713][ T8674] RIP: 0023:0xf7f0d549
[  185.440868][ T8674] Code: Unable to access opcode bytes at RIP 0xf7f0d51f.
[  185.450005][ T8674] RSP: 002b:00000000ffb6199c EFLAGS: 00000282 ORIG_RAX: 00000000000000fc
[  185.461314][ T8674] RAX: ffffffffffffffda RBX: 0000000000000043 RCX: 00000000ffb619e8
[  185.473388][ T8674] RDX: 0000000000000000 RSI: 000000000817214c RDI: 0000000000000010
[  185.485180][ T8674] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  185.495772][ T8674] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  185.505994][ T8674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
2021/06/16 17:05:59 BUG: program execution failed: executor 0: exit status 67
SYZFAIL: wrong response packet
 (errno 16: Device or resource busy)
loop exited with status 67

SYZFAIL: wrong response packet
 (errno 16: Device or resource busy)
loop exited with status 67

VM DIAGNOSIS:
17:06:00  Registers:
info registers vcpu 0
RAX=0000000000037db9 RBX=ffffffff8bcbc540 RCX=ffffffff89168fc1 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff8bc07e40
R8 =0000000000000001 R9 =ffff88802ca365cb R10=ffffed1005946cb9 R11=0000000000000000
R12=fffffbfff17978a8 R13=0000000000000000 R14=ffffffff8dc96950 R15=0000000000000000
RIP=ffffffff89193a9e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802ca00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5da41e6000 CR3=00000000155d5000 CR4=00150ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00009fc0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=5837fe9dc1c91f32000000000003fd98 XMM01=8ca0b852b1c7c8e1000000000003ff38
XMM02=f1c1a81e7e6f16870000000000040188 XMM03=ac8bc31478ec85110000000000042e28
XMM04=362e1a8e19dd140e0000000000177080 XMM05=d3fdd5f48436fbd70000000000040230
XMM06=8a0c6e04b09ee0f300000000000400e8 XMM07=a1fcdcf819d7e1e5000000000003fea8
XMM08=fab9e021eb45f3d100000000001623f0 XMM09=070707505151515151685b050f231100
XMM10=226b0707070707070707070750515151 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000000 RBX=ffffffff8ac1ebc6 RCX=0000000000000000 RDX=0000000000000006
RSI=ffffffff816b495f RDI=0000000000000003 RBP=0000000000000000 RSP=ffffc90000fa7330
R8 =0000000000000000 R9 =0000000000000053 R10=ffffffff816b4942 R11=0000000000000073
R12=ffffc90000fa74d8 R13=0000000000000022 R14=ffffffff880875eb R15=dffffc0000000000
RIP=ffffffff816b497d RFL=00010046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cb00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000003c000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000564af40e9000 CR3=00000000270e2000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=0000000000000000bfe62e42fefa39ef XMM03=0000ff00000000000000000000000000
XMM04=732f6c61636f6c2f7273752f3d485441 XMM05=622f6c61636f6c2f7273752f3a6e6962
XMM06=73752f3a6e6962732f7273752f3a6e69 XMM07=6e69622f3a6e6962732f3a6e69622f72
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=000000000003e497 RBX=ffff8880119f9c40 RCX=ffffffff89168fc1 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000002 RSP=ffffc9000043fdf8
R8 =0000000000000001 R9 =ffff88802cc365cb R10=ffffed1005986cb9 R11=0000000000000000
R12=ffffed100233f388 R13=0000000000000002 R14=ffffffff8dc96950 R15=0000000000000000
RIP=ffffffff89193a9e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cc00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000077000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000564af40fb748 CR3=000000002942b000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2037353a35303a3731203631206e754a XMM01=5d3831343231372e33383120205b203a
XMM02=652d7a797320796220646c6568206b63 XMM03=343231372e33383120205b203a6c656e
XMM04=3a656d616e202c34373638203a646970 XMM05=30203a292864656c62617369645f7371
XMM06=6e69205d3437363854205b5d33373139 XMM07=6b2072656c6c616b7a79732037353a35
XMM08=00000000000000000000000000000000 XMM09=0000ffffffffffffffffffffffffff00
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=000000000003cecb RBX=ffff8880119fb880 RCX=ffffffff89168fc1 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000003 RSP=ffffc9000044fdf8
R8 =0000000000000001 R9 =ffff88802cd365cb R10=ffffed10059a6cb9 R11=0000000000000000
R12=ffffed100233f710 R13=0000000000000003 R14=ffffffff8dc96950 R15=0000000000000000
RIP=ffffffff89193a9e RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00000000
FS =0000 0000000000000000 ffffffff 00000000
GS =0000 ffff88802cd00000 ffffffff 00000000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000b2000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f91a1592ab4 CR3=000000000bc8e000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00009fc0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f91a35a8b0800007f91a35a84f0
XMM02=00007f91a35af9e800007f91a35a9038 XMM03=00007f91a35a8b0800007f91a35a84f0
XMM04=00007f91a35a903800007f91a35a8b08 XMM05=00007f91a35a84f000007f91a35af500
XMM06=00007f91a35a800000007f91a35b29d8 XMM07=00007f91a35ab8b000007f91a35ab3c0
XMM08=00007f91a35ab3c000007f91a35aaed0 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000