Warning: Permanently added '10.128.1.80' (ED25519) to the list of known hosts. 2024/08/30 02:33:35 ignoring optional flag "sandboxArg"="0" 2024/08/30 02:33:35 parsed 1 programs [ 63.679203][ T3568] cgroup: Unknown subsys name 'net' [ 63.807580][ T3568] cgroup: Unknown subsys name 'rlimit' [ 65.212482][ T3568] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 66.800916][ T3591] chnl_net:caif_netlink_parms(): no params data found [ 66.852197][ T3591] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.859692][ T3591] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.868244][ T3591] device bridge_slave_0 entered promiscuous mode [ 66.880280][ T3591] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.887478][ T3591] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.895381][ T3591] device bridge_slave_1 entered promiscuous mode [ 66.917845][ T3591] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.931018][ T3591] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.955388][ T3591] team0: Port device team_slave_0 added [ 66.963589][ T3591] team0: Port device team_slave_1 added [ 66.987028][ T3591] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.994071][ T3591] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.020209][ T3591] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.032796][ T3591] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.039742][ T3591] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.066147][ T3591] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.106612][ T3591] device hsr_slave_0 entered promiscuous mode [ 67.113556][ T3591] device hsr_slave_1 entered promiscuous mode [ 67.247400][ T3591] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 67.259482][ T3591] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 67.270897][ T3591] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 67.280579][ T3591] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 67.310529][ T3591] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.317778][ T3591] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.325849][ T3591] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.332990][ T3591] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.399600][ T3591] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.415299][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 67.434778][ T443] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.444802][ T443] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.453243][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 67.467743][ T3591] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.484290][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 67.493344][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.500445][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.509900][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.522348][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.529412][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.556175][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.568117][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.589466][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 67.600546][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.609290][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.623891][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 67.735928][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 67.745486][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 67.761725][ T3591] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.786455][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 67.797668][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 67.818103][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 67.827512][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 67.840113][ T3591] device veth0_vlan entered promiscuous mode [ 67.848171][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 67.866855][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 67.880216][ T3591] device veth1_vlan entered promiscuous mode [ 67.905258][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 67.915703][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 67.925062][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 67.935866][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 67.947505][ T3591] device veth0_macvtap entered promiscuous mode [ 67.958422][ T3591] device veth1_macvtap entered promiscuous mode [ 67.978590][ T3591] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.986812][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 67.995888][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 68.004623][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 68.014816][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 68.027007][ T3591] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.036695][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 68.046185][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 68.057894][ T3591] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.068041][ T3591] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.078447][ T3591] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.087825][ T3591] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.465875][ T154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.557784][ T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.574196][ T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.586622][ T443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.588090][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 68.595592][ T443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.614169][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2024/08/30 02:33:44 executed programs: 0 [ 69.795206][ T3647] chnl_net:caif_netlink_parms(): no params data found [ 69.840161][ T3647] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.847384][ T3647] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.855855][ T3647] device bridge_slave_0 entered promiscuous mode [ 69.865871][ T3647] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.873217][ T3647] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.881702][ T3647] device bridge_slave_1 entered promiscuous mode [ 69.904915][ T3647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.915968][ T3647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.945116][ T3647] team0: Port device team_slave_0 added [ 69.952563][ T3647] team0: Port device team_slave_1 added [ 69.972689][ T3647] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.979659][ T3647] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.005819][ T3647] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.018354][ T3647] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.025591][ T3647] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.051874][ T3647] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.084497][ T3647] device hsr_slave_0 entered promiscuous mode [ 70.092284][ T3647] device hsr_slave_1 entered promiscuous mode [ 70.098966][ T3647] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.106892][ T3647] Cannot create hsr debugfs directory [ 70.668178][ T154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.133416][ T1389] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.139936][ T1389] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.781570][ T13] Bluetooth: hci0: command 0x0409 tx timeout [ 73.206913][ T154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.248700][ T154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.851662][ T3573] Bluetooth: hci0: command 0x041b tx timeout [ 74.243730][ T3647] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 74.274574][ T3647] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 74.287766][ T3647] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 74.298338][ T3647] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 74.384252][ T3647] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.396068][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 74.405830][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 74.426907][ T3647] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.436506][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 74.445394][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.454212][ T155] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.461311][ T155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.469125][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.480480][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 74.491760][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.500110][ T155] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.507194][ T155] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.525349][ T154] device hsr_slave_0 left promiscuous mode [ 74.533088][ T154] device hsr_slave_1 left promiscuous mode [ 74.539537][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 74.547248][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 74.556431][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 74.564390][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 74.572470][ T154] device bridge_slave_1 left promiscuous mode [ 74.579189][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.593569][ T154] device bridge_slave_0 left promiscuous mode [ 74.599754][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.618106][ T154] device veth1_macvtap left promiscuous mode [ 74.624418][ T154] device veth0_macvtap left promiscuous mode [ 74.630442][ T154] device veth1_vlan left promiscuous mode [ 74.636490][ T154] device veth0_vlan left promiscuous mode [ 74.796663][ T154] team0 (unregistering): Port device team_slave_1 removed [ 74.809835][ T154] team0 (unregistering): Port device team_slave_0 removed [ 74.825915][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 74.841275][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 74.898191][ T154] bond0 (unregistering): Released all slaves [ 74.948491][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 74.962405][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 74.976596][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 74.986342][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.995207][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 75.008656][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 75.017340][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 75.029990][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 75.038493][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 75.050221][ T3647] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 75.063311][ T3647] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 75.077734][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 75.087066][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 75.160515][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 75.168472][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 75.181835][ T3647] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.205908][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 75.215156][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 75.233827][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 75.242501][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.251021][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.259264][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.277600][ T3647] device veth0_vlan entered promiscuous mode [ 75.288731][ T3647] device veth1_vlan entered promiscuous mode [ 75.308304][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 75.316284][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 75.324936][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 75.334131][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 75.344262][ T3647] device veth0_macvtap entered promiscuous mode [ 75.359814][ T3647] device veth1_macvtap entered promiscuous mode [ 75.394173][ T3647] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.403095][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 75.411944][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 75.420036][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 75.429458][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 75.441432][ T3647] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.452315][ T3647] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.462937][ T3647] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.472092][ T3647] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.481025][ T3647] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.492722][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 75.502001][ T443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 75.567158][ T3618] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.580829][ T3618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.590072][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 75.605269][ T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.615414][ T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.626169][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 75.802228][ T3720] [ 75.804588][ T3720] ====================================================== [ 75.811609][ T3720] WARNING: possible circular locking dependency detected [ 75.818630][ T3720] 5.15.165-syzkaller #0 Not tainted [ 75.823848][ T3720] ------------------------------------------------------ [ 75.830869][ T3720] syz.0.15/3720 is trying to acquire lock: [ 75.836762][ T3720] ffff88807c588c28 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}, at: __flush_work+0xcf/0x1a0 [ 75.847942][ T3720] [ 75.847942][ T3720] but task is already holding lock: [ 75.855318][ T3720] ffffffff8dcbd1a8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a5/0x790 [ 75.864998][ T3720] [ 75.864998][ T3720] which lock already depends on the new lock. [ 75.864998][ T3720] [ 75.875405][ T3720] [ 75.875405][ T3720] the existing dependency chain (in reverse order) is: [ 75.884422][ T3720] [ 75.884422][ T3720] -> #4 (rfkill_global_mutex){+.+.}-{3:3}: [ 75.892432][ T3720] lock_acquire+0x1db/0x4f0 [ 75.897473][ T3720] __mutex_lock_common+0x1da/0x25a0 [ 75.903208][ T3720] mutex_lock_nested+0x17/0x20 [ 75.908508][ T3720] rfkill_register+0x30/0x880 [ 75.913709][ T3720] hci_register_dev+0x4dd/0xa50 [ 75.919090][ T3720] vhci_create_device+0x310/0x590 [ 75.924644][ T3720] vhci_write+0x382/0x430 [ 75.929535][ T3720] vfs_write+0xacd/0xe50 [ 75.934310][ T3720] ksys_write+0x1a2/0x2c0 [ 75.939168][ T3720] do_syscall_64+0x3b/0xb0 [ 75.944108][ T3720] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 75.950621][ T3720] [ 75.950621][ T3720] -> #3 (&data->open_mutex){+.+.}-{3:3}: [ 75.958445][ T3720] lock_acquire+0x1db/0x4f0 [ 75.963472][ T3720] __mutex_lock_common+0x1da/0x25a0 [ 75.969193][ T3720] mutex_lock_nested+0x17/0x20 [ 75.974486][ T3720] vhci_send_frame+0x8a/0xf0 [ 75.979604][ T3720] hci_send_frame+0x1af/0x2f0 [ 75.984803][ T3720] hci_tx_work+0xb0b/0x19d0 [ 75.989827][ T3720] process_one_work+0x8a1/0x10c0 [ 75.995287][ T3720] worker_thread+0xaca/0x1280 [ 76.000488][ T3720] kthread+0x3f6/0x4f0 [ 76.005083][ T3720] ret_from_fork+0x1f/0x30 [ 76.010038][ T3720] [ 76.010038][ T3720] -> #2 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}: [ 76.019260][ T3720] lock_acquire+0x1db/0x4f0 [ 76.024301][ T3720] __flush_work+0xeb/0x1a0 [ 76.029252][ T3720] hci_dev_do_close+0x20a/0x1070 [ 76.034728][ T3720] hci_unregister_dev+0x2d7/0x580 [ 76.040288][ T3720] vhci_release+0x73/0xc0 [ 76.045168][ T3720] __fput+0x3fe/0x8e0 [ 76.049684][ T3720] task_work_run+0x129/0x1a0 [ 76.054989][ T3720] do_exit+0x6a3/0x2480 [ 76.059672][ T3720] do_group_exit+0x144/0x310 [ 76.064787][ T3720] get_signal+0xc66/0x14e0 [ 76.069726][ T3720] arch_do_signal_or_restart+0xc3/0x1890 [ 76.075889][ T3720] exit_to_user_mode_loop+0x97/0x130 [ 76.081702][ T3720] exit_to_user_mode_prepare+0xb1/0x140 [ 76.087778][ T3720] syscall_exit_to_user_mode+0x5d/0x240 [ 76.093850][ T3720] do_syscall_64+0x47/0xb0 [ 76.098793][ T3720] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.105213][ T3720] [ 76.105213][ T3720] -> #1 (&hdev->req_lock){+.+.}-{3:3}: [ 76.112869][ T3720] lock_acquire+0x1db/0x4f0 [ 76.117994][ T3720] __mutex_lock_common+0x1da/0x25a0 [ 76.123720][ T3720] mutex_lock_nested+0x17/0x20 [ 76.129011][ T3720] bg_scan_update+0xa1/0x4a0 [ 76.134126][ T3720] process_one_work+0x8a1/0x10c0 [ 76.139592][ T3720] worker_thread+0xaca/0x1280 [ 76.144794][ T3720] kthread+0x3f6/0x4f0 [ 76.149391][ T3720] ret_from_fork+0x1f/0x30 [ 76.154336][ T3720] [ 76.154336][ T3720] -> #0 ((work_completion)(&hdev->bg_scan_update)){+.+.}-{0:0}: [ 76.164143][ T3720] validate_chain+0x1649/0x5930 [ 76.169511][ T3720] __lock_acquire+0x1295/0x1ff0 [ 76.174947][ T3720] lock_acquire+0x1db/0x4f0 [ 76.179959][ T3720] __flush_work+0xeb/0x1a0 [ 76.184887][ T3720] __cancel_work_timer+0x519/0x6a0 [ 76.190532][ T3720] hci_request_cancel_all+0xcb/0x300 [ 76.196328][ T3720] hci_dev_do_close+0x51/0x1070 [ 76.201691][ T3720] hci_rfkill_set_block+0x114/0x1a0 [ 76.207429][ T3720] rfkill_set_block+0x1e7/0x430 [ 76.212834][ T3720] rfkill_fop_write+0x5b7/0x790 [ 76.218197][ T3720] vfs_write+0x30c/0xe50 [ 76.222950][ T3720] ksys_write+0x1a2/0x2c0 [ 76.227798][ T3720] do_syscall_64+0x3b/0xb0 [ 76.232725][ T3720] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.239133][ T3720] [ 76.239133][ T3720] other info that might help us debug this: [ 76.239133][ T3720] [ 76.249352][ T3720] Chain exists of: [ 76.249352][ T3720] (work_completion)(&hdev->bg_scan_update) --> &data->open_mutex --> rfkill_global_mutex [ 76.249352][ T3720] [ 76.265072][ T3720] Possible unsafe locking scenario: [ 76.265072][ T3720] [ 76.272509][ T3720] CPU0 CPU1 [ 76.277858][ T3720] ---- ---- [ 76.283205][ T3720] lock(rfkill_global_mutex); [ 76.287964][ T3720] lock(&data->open_mutex); [ 76.295064][ T3720] lock(rfkill_global_mutex); [ 76.302343][ T3720] lock((work_completion)(&hdev->bg_scan_update)); [ 76.308920][ T3720] [ 76.308920][ T3720] *** DEADLOCK *** [ 76.308920][ T3720] [ 76.317048][ T3720] 1 lock held by syz.0.15/3720: [ 76.321885][ T3720] #0: ffffffff8dcbd1a8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a5/0x790 [ 76.331971][ T3720] [ 76.331971][ T3720] stack backtrace: [ 76.337858][ T3720] CPU: 1 PID: 3720 Comm: syz.0.15 Not tainted 5.15.165-syzkaller #0 [ 76.345824][ T3720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 76.355866][ T3720] Call Trace: [ 76.359138][ T3720] [ 76.362061][ T3720] dump_stack_lvl+0x1e3/0x2d0 [ 76.366737][ T3720] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 76.372364][ T3720] ? print_circular_bug+0x12b/0x1a0 [ 76.377556][ T3720] check_noncircular+0x2f8/0x3b0 [ 76.382485][ T3720] ? add_chain_block+0x850/0x850 [ 76.387412][ T3720] ? lockdep_lock+0x11f/0x2a0 [ 76.392086][ T3720] validate_chain+0x1649/0x5930 [ 76.396937][ T3720] ? __lock_acquire+0x1295/0x1ff0 [ 76.401950][ T3720] ? reacquire_held_locks+0x660/0x660 [ 76.407319][ T3720] ? mark_lock+0x98/0x340 [ 76.411637][ T3720] ? look_up_lock_class+0x77/0x120 [ 76.416744][ T3720] ? register_lock_class+0x100/0x9a0 [ 76.422024][ T3720] ? mark_lock+0x98/0x340 [ 76.426347][ T3720] ? is_dynamic_key+0x1f0/0x1f0 [ 76.431188][ T3720] ? __lock_acquire+0x1295/0x1ff0 [ 76.436202][ T3720] ? mark_lock+0x98/0x340 [ 76.440520][ T3720] __lock_acquire+0x1295/0x1ff0 [ 76.445367][ T3720] lock_acquire+0x1db/0x4f0 [ 76.449863][ T3720] ? __flush_work+0xcf/0x1a0 [ 76.454445][ T3720] ? rcu_lock_release+0x5/0x20 [ 76.459202][ T3720] ? read_lock_is_recursive+0x10/0x10 [ 76.464570][ T3720] ? start_flush_work+0x776/0x820 [ 76.469589][ T3720] __flush_work+0xeb/0x1a0 [ 76.474092][ T3720] ? __flush_work+0xcf/0x1a0 [ 76.478673][ T3720] ? flush_work+0x20/0x20 [ 76.482997][ T3720] ? print_irqtrace_events+0x210/0x210 [ 76.488452][ T3720] ? lock_timer_base+0x260/0x260 [ 76.493384][ T3720] ? __cancel_work_timer+0x467/0x6a0 [ 76.498671][ T3720] __cancel_work_timer+0x519/0x6a0 [ 76.503804][ T3720] ? cancel_work_sync+0x20/0x20 [ 76.508661][ T3720] ? lockdep_hardirqs_on+0x94/0x130 [ 76.513860][ T3720] ? __cancel_work+0x2ef/0x380 [ 76.518618][ T3720] ? cancel_work+0x20/0x20 [ 76.523029][ T3720] ? print_irqtrace_events+0x210/0x210 [ 76.528526][ T3720] hci_request_cancel_all+0xcb/0x300 [ 76.533813][ T3720] hci_dev_do_close+0x51/0x1070 [ 76.538667][ T3720] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 76.544552][ T3720] ? _raw_spin_unlock+0x40/0x40 [ 76.549394][ T3720] ? kmem_cache_alloc_trace+0x143/0x290 [ 76.554944][ T3720] hci_rfkill_set_block+0x114/0x1a0 [ 76.560139][ T3720] ? rcu_lock_release+0x20/0x20 [ 76.564978][ T3720] rfkill_set_block+0x1e7/0x430 [ 76.569822][ T3720] rfkill_fop_write+0x5b7/0x790 [ 76.574684][ T3720] ? mark_lock+0x98/0x340 [ 76.579008][ T3720] ? rfkill_fop_read+0x470/0x470 [ 76.583938][ T3720] ? fsnotify_perm+0x64/0x590 [ 76.588619][ T3720] ? security_file_permission+0x75/0xa0 [ 76.594158][ T3720] ? rfkill_fop_read+0x470/0x470 [ 76.599086][ T3720] vfs_write+0x30c/0xe50 [ 76.603326][ T3720] ? file_end_write+0x250/0x250 [ 76.608192][ T3720] ? read_lock_is_recursive+0x10/0x10 [ 76.613553][ T3720] ? __context_tracking_exit+0x4c/0x80 [ 76.619006][ T3720] ? __lock_acquire+0x1ff0/0x1ff0 [ 76.624021][ T3720] ? __fdget_pos+0x1e9/0x380 [ 76.628611][ T3720] ksys_write+0x1a2/0x2c0 [ 76.632932][ T3720] ? print_irqtrace_events+0x210/0x210 [ 76.638384][ T3720] ? __ia32_sys_read+0x80/0x80 [ 76.643142][ T3720] ? syscall_enter_from_user_mode+0x2e/0x240 [ 76.649118][ T3720] ? lockdep_hardirqs_on+0x94/0x130 [ 76.654308][ T3720] ? syscall_enter_from_user_mode+0x2e/0x240 [ 76.660284][ T3720] do_syscall_64+0x3b/0xb0 [ 76.664692][ T3720] ? clear_bhb_loop+0x15/0x70 [ 76.669366][ T3720] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 76.675387][ T3720] RIP: 0033:0x7efdfdbfbef9 [ 76.679804][ T3720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.699414][ T3720] RSP: 002b:00007fffc075ad38 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 76.707839][ T3720] RAX: ffffffffffffffda RBX: 00007efdfdd97f80 RCX: 00007efdfdbfbef9 [ 76.715849][ T3720] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000003 [ 76.723829][ T3720] RBP: 00007efdfdc6993e R08: 0000000000000000 R09: 0000000000000000 [ 76.732006][ T3720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.740153][ T3720] R13: 00007efdfdd97f80 R14: 00007efdfdd97f80 R15: 00000000000012c9 [ 76.748124][ T3720] [ 76.754443][ T2988] Bluetooth: hci0: command 0x040f tx timeout [ 76.760942][ T23] cfg80211: failed to load regulatory.db