Warning: Permanently added '10.128.1.19' (ECDSA) to the list of known hosts. executing program [ 50.872102][ T7] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 51.242197][ T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 51.253655][ T7] usb 1-1: New USB device found, idVendor=15c2, idProduct=0039, bcdDevice=d2.65 [ 51.264418][ T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.276290][ T7] usb 1-1: config 0 descriptor?? [ 51.315331][ T7] input: iMON Panel, Knob and Mouse(15c2:0039) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 51.622033][ T7] rc_core: IR keymap rc-imon-pad not found [ 51.627866][ T7] Registered IR keymap rc-empty [ 51.633812][ T7] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 51.643996][ T7] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 51.772789][ T7] rc rc0: iMON Remote (15c2:0039) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 51.784848][ T7] input: iMON Remote (15c2:0039) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input6 [ 51.798933][ T7] imon 1-1:0.0: iMON device (15c2:0039, intf0) on usb<1:2> initialized [ 51.952547][ T3596] [ 51.955283][ T3596] ====================================================== [ 51.962743][ T3596] WARNING: possible circular locking dependency detected [ 51.970086][ T3596] 5.17.0-syzkaller #0 Not tainted [ 51.975215][ T3596] ------------------------------------------------------ [ 51.982272][ T3596] syz-executor325/3596 is trying to acquire lock: [ 51.988656][ T3596] ffffffff8cd162c8 (driver_lock){+.+.}-{3:3}, at: display_open+0x1f/0x220 [ 51.997196][ T3596] [ 51.997196][ T3596] but task is already holding lock: [ 52.004546][ T3596] ffffffff8ca5b010 (minor_rwsem#2){++++}-{3:3}, at: usb_open+0x24/0x2e0 [ 52.012884][ T3596] [ 52.012884][ T3596] which lock already depends on the new lock. [ 52.012884][ T3596] [ 52.023519][ T3596] [ 52.023519][ T3596] the existing dependency chain (in reverse order) is: [ 52.032528][ T3596] [ 52.032528][ T3596] -> #2 (minor_rwsem#2){++++}-{3:3}: [ 52.040340][ T3596] down_write+0x90/0x150 [ 52.045193][ T3596] usb_register_dev+0x19d/0x7e0 [ 52.051440][ T3596] imon_probe+0x2506/0x2b90 [ 52.056473][ T3596] usb_probe_interface+0x315/0x7f0 [ 52.062081][ T3596] really_probe+0x245/0xcc0 [ 52.067085][ T3596] __driver_probe_device+0x338/0x4d0 [ 52.072867][ T3596] driver_probe_device+0x4c/0x1a0 [ 52.078476][ T3596] __device_attach_driver+0x20b/0x2f0 [ 52.084698][ T3596] bus_for_each_drv+0x15f/0x1e0 [ 52.090050][ T3596] __device_attach+0x228/0x4a0 [ 52.095327][ T3596] bus_probe_device+0x1e4/0x290 [ 52.101023][ T3596] device_add+0xb83/0x1e20 [ 52.105935][ T3596] usb_set_configuration+0x101e/0x1900 [ 52.111917][ T3596] usb_generic_driver_probe+0xba/0x100 [ 52.117877][ T3596] usb_probe_device+0xd9/0x2c0 [ 52.123556][ T3596] really_probe+0x245/0xcc0 [ 52.129729][ T3596] __driver_probe_device+0x338/0x4d0 [ 52.135963][ T3596] driver_probe_device+0x4c/0x1a0 [ 52.141503][ T3596] __device_attach_driver+0x20b/0x2f0 [ 52.147370][ T3596] bus_for_each_drv+0x15f/0x1e0 [ 52.153486][ T3596] __device_attach+0x228/0x4a0 [ 52.159194][ T3596] bus_probe_device+0x1e4/0x290 [ 52.164651][ T3596] device_add+0xb83/0x1e20 [ 52.169564][ T3596] usb_new_device.cold+0x63f/0x108e [ 52.176473][ T3596] hub_event+0x2585/0x44d0 [ 52.181391][ T3596] process_one_work+0x9ac/0x1650 [ 52.186847][ T3596] worker_thread+0x657/0x1110 [ 52.192733][ T3596] kthread+0x2e9/0x3a0 [ 52.197387][ T3596] ret_from_fork+0x1f/0x30 [ 52.202475][ T3596] [ 52.202475][ T3596] -> #1 (&ictx->lock){+.+.}-{3:3}: [ 52.210082][ T3596] __mutex_lock+0x12f/0x12f0 [ 52.215451][ T3596] imon_probe+0xff9/0x2b90 [ 52.220369][ T3596] usb_probe_interface+0x315/0x7f0 [ 52.225975][ T3596] really_probe+0x245/0xcc0 [ 52.230975][ T3596] __driver_probe_device+0x338/0x4d0 [ 52.236757][ T3596] driver_probe_device+0x4c/0x1a0 [ 52.242282][ T3596] __device_attach_driver+0x20b/0x2f0 [ 52.248170][ T3596] bus_for_each_drv+0x15f/0x1e0 [ 52.253515][ T3596] __device_attach+0x228/0x4a0 [ 52.258794][ T3596] bus_probe_device+0x1e4/0x290 [ 52.264158][ T3596] device_add+0xb83/0x1e20 [ 52.269159][ T3596] usb_set_configuration+0x101e/0x1900 [ 52.275114][ T3596] usb_generic_driver_probe+0xba/0x100 [ 52.281072][ T3596] usb_probe_device+0xd9/0x2c0 [ 52.286502][ T3596] really_probe+0x245/0xcc0 [ 52.291506][ T3596] __driver_probe_device+0x338/0x4d0 [ 52.297374][ T3596] driver_probe_device+0x4c/0x1a0 [ 52.302898][ T3596] __device_attach_driver+0x20b/0x2f0 [ 52.308766][ T3596] bus_for_each_drv+0x15f/0x1e0 [ 52.314285][ T3596] __device_attach+0x228/0x4a0 [ 52.319552][ T3596] bus_probe_device+0x1e4/0x290 [ 52.324900][ T3596] device_add+0xb83/0x1e20 [ 52.329812][ T3596] usb_new_device.cold+0x63f/0x108e [ 52.335520][ T3596] hub_event+0x2585/0x44d0 [ 52.340451][ T3596] process_one_work+0x9ac/0x1650 [ 52.345885][ T3596] worker_thread+0x657/0x1110 [ 52.351056][ T3596] kthread+0x2e9/0x3a0 [ 52.355648][ T3596] ret_from_fork+0x1f/0x30 [ 52.360586][ T3596] [ 52.360586][ T3596] -> #0 (driver_lock){+.+.}-{3:3}: [ 52.367864][ T3596] __lock_acquire+0x2ad4/0x56c0 [ 52.373238][ T3596] lock_acquire+0x1ab/0x510 [ 52.378258][ T3596] __mutex_lock+0x12f/0x12f0 [ 52.383347][ T3596] display_open+0x1f/0x220 [ 52.388279][ T3596] usb_open+0x204/0x2e0 [ 52.392931][ T3596] chrdev_open+0x266/0x770 [ 52.397844][ T3596] do_dentry_open+0x4b9/0x1250 [ 52.403109][ T3596] path_openat+0x1c9e/0x2940 [ 52.408194][ T3596] do_filp_open+0x1aa/0x400 [ 52.413190][ T3596] do_sys_openat2+0x16d/0x4d0 [ 52.418362][ T3596] __x64_sys_openat+0x13f/0x1f0 [ 52.423711][ T3596] do_syscall_64+0x35/0xb0 [ 52.428810][ T3596] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 52.435392][ T3596] [ 52.435392][ T3596] other info that might help us debug this: [ 52.435392][ T3596] [ 52.445680][ T3596] Chain exists of: [ 52.445680][ T3596] driver_lock --> &ictx->lock --> minor_rwsem#2 [ 52.445680][ T3596] [ 52.458078][ T3596] Possible unsafe locking scenario: [ 52.458078][ T3596] [ 52.465760][ T3596] CPU0 CPU1 [ 52.471100][ T3596] ---- ---- [ 52.476609][ T3596] lock(minor_rwsem#2); [ 52.480833][ T3596] lock(&ictx->lock); [ 52.488015][ T3596] lock(minor_rwsem#2); [ 52.495013][ T3596] lock(driver_lock); [ 52.499160][ T3596] [ 52.499160][ T3596] *** DEADLOCK *** [ 52.499160][ T3596] [ 52.507535][ T3596] 1 lock held by syz-executor325/3596: [ 52.513157][ T3596] #0: ffffffff8ca5b010 (minor_rwsem#2){++++}-{3:3}, at: usb_open+0x24/0x2e0 [ 52.521942][ T3596] [ 52.521942][ T3596] stack backtrace: [ 52.528736][ T3596] CPU: 0 PID: 3596 Comm: syz-executor325 Not tainted 5.17.0-syzkaller #0 [ 52.537511][ T3596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.547717][ T3596] Call Trace: [ 52.550980][ T3596] [ 52.553977][ T3596] dump_stack_lvl+0xcd/0x134 [ 52.558640][ T3596] check_noncircular+0x25f/0x2e0 [ 52.563646][ T3596] ? print_circular_bug+0x1e0/0x1e0 [ 52.568822][ T3596] ? lock_chain_count+0x20/0x20 [ 52.573648][ T3596] __lock_acquire+0x2ad4/0x56c0 [ 52.578564][ T3596] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 52.584519][ T3596] ? lockdep_unlock+0x11c/0x290 [ 52.589448][ T3596] ? __lock_acquire+0x25af/0x56c0 [ 52.594472][ T3596] lock_acquire+0x1ab/0x510 [ 52.598961][ T3596] ? display_open+0x1f/0x220 [ 52.603530][ T3596] ? lock_release+0x720/0x720 [ 52.608271][ T3596] ? __lock_acquire+0x1666/0x56c0 [ 52.613274][ T3596] __mutex_lock+0x12f/0x12f0 [ 52.617925][ T3596] ? display_open+0x1f/0x220 [ 52.622500][ T3596] ? lock_release+0x720/0x720 [ 52.627159][ T3596] ? display_open+0x1f/0x220 [ 52.632139][ T3596] ? mutex_lock_io_nested+0x1150/0x1150 [ 52.637838][ T3596] ? down_read+0x198/0x440 [ 52.642752][ T3596] ? chrdev_open+0x58c/0x770 [ 52.647321][ T3596] ? rwsem_down_read_slowpath+0xa70/0xa70 [ 52.653384][ T3596] ? do_raw_spin_lock+0x120/0x2b0 [ 52.658498][ T3596] display_open+0x1f/0x220 [ 52.663500][ T3596] ? display_close+0x160/0x160 [ 52.668242][ T3596] usb_open+0x204/0x2e0 [ 52.672461][ T3596] ? usb_devnode+0xa0/0xa0 [ 52.676966][ T3596] chrdev_open+0x266/0x770 [ 52.681445][ T3596] ? cdev_device_add+0x220/0x220 [ 52.686356][ T3596] ? fsnotify_perm.part.0+0x22d/0x620 [ 52.691707][ T3596] do_dentry_open+0x4b9/0x1250 [ 52.696448][ T3596] ? cdev_device_add+0x220/0x220 [ 52.701361][ T3596] ? may_open+0x1f6/0x420 [ 52.705771][ T3596] path_openat+0x1c9e/0x2940 [ 52.710513][ T3596] ? lock_chain_count+0x20/0x20 [ 52.715358][ T3596] ? path_lookupat+0x860/0x860 [ 52.720099][ T3596] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 52.726527][ T3596] do_filp_open+0x1aa/0x400 [ 52.731006][ T3596] ? may_open_dev+0xf0/0xf0 [ 52.735487][ T3596] ? rwlock_bug.part.0+0x90/0x90 [ 52.740403][ T3596] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 52.746882][ T3596] ? _find_next_bit+0x1e3/0x260 [ 52.751707][ T3596] ? _raw_spin_unlock+0x24/0x40 [ 52.756533][ T3596] ? alloc_fd+0x2f0/0x670 [ 52.760842][ T3596] do_sys_openat2+0x16d/0x4d0 [ 52.765494][ T3596] ? find_held_lock+0x2d/0x110 [ 52.770253][ T3596] ? build_open_flags+0x6f0/0x6f0 [ 52.775253][ T3596] ? lock_downgrade+0x6e0/0x6e0 [ 52.780079][ T3596] __x64_sys_openat+0x13f/0x1f0 [ 52.784907][ T3596] ? __ia32_sys_open+0x1c0/0x1c0 [ 52.789820][ T3596] ? syscall_enter_from_user_mode+0x21/0x70 [ 52.795693][ T3596] do_syscall_64+0x35/0xb0 [ 52.800086][ T3596] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 52.805955][ T3596] RIP: 0033:0x7fbde976fc77 [ 52.810348][ T3596] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25 [ 52.829928][ T3596] RSP: 002b:00007ffe8c878fe0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 52.838319][ T3596] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbde976fc77 [ 52.846280][ T3596] RDX: 0000000000000002 RSI: 00007ffe8c879060 RDI: 00000000ffffff9c [ 52.854246][ T3596] RBP: 0000