program: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002840)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000240000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6238975d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4988a0d411a9872971c7c56f0979bd10b97163c066d0e196bf0fb04e500b0c0502df9de9ca3c00cb9a323d9b401bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f6324bb7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9226e3550ee5520211d9370175fba303f003073afd1ec9f7c6133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80eff7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc0584b8e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe568215dfbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d944763a4bf5e138d810e29a31f08f7dea7762d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cd43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbdde42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c2e88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387f74d1ffbd1da497613174f76a656ba5bacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f009f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459110500a09b75885cd79ba32776e4a511c8a4ad922b000000000002ef507ec6fc7f5dc431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477effff26af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8e45c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cadb7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec4604c28d5c287d1435956784003a53eb5f0436ead88d7acf0166dbd9f30a9b259c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8ae7e1c8b4b4106a381cb67fdb86def4de2076dc538bb97502b4b4350e633dc0a53c2fc9a01bc5cfae0245f1fab843c633446f5f3a43226109b7dafe7815773bd6969f04cbe15236b90000000000000000000000000000000000000000000000000000ff0779b9c0057addb2efe11b8b3a706569f1522b57d71bb0beccab7c8fe9e1330b2f501b2ac3cfe9e2f505e833217557abb257d61a73a758543651b250f8d8ef9c8481bb28a137d15040b0181c28dfad7c17b30c452a64c43a117cb948247c33abc765a6ba695c3cea5e32a4d11c9b4be91c60932bae2dcbec2ff4268e03aad15efc6004e6b3d7f0edf8b5d4ae7846a6d43c16c90b7c5dc13ac2ff0439ab693498964cad2bb533bcd240778b7e49145c48efde42b44c01517f1a7c7707b4c4fc0900e7086ec40354504590696282286db9030f0320e2fcba8723939005347b3c99e3f1310d41ab328c1f351b3f744ff1973431000000000000000000000000000000000000003495d69aaf9a1d83e83511a3bf44fe753b8ad83bc34ea4d46b397e000fd267c50122aa5aaf8474ec2e57d960d963900bef84a4b3c7dd01ae4d6b5522aa8a35ae7996e298bcfe3f31a34e3e12c58cf172a4d3677a67b52041ec21ae8003aa1c9969178b1b00e4d12ac9741fd788fb6260ec043c013907523c77f8acc20b9e2fd224ca8f21fab2b10991881e0a12f4e1c4f54b9ca7c9a0c8298d60b8b6eaa023418992d6d62b0e9faca4a3b3a845e859137cd933ef5eb8db16f159f32505725da51414562d064b551246dacd586f42d04d3fed3c087bb52ae4bc09f3846c785d1b278e661ed01fbc2415288bc9c808c4aef648d431b3029da0dec8886c3ee9cad996843d00a3b5eb54e270dd2e96c8f2fdb4c27c2d1bd467f2a14867dec67730d8a68329839d9feff688dfbe25c73f936338e7b057980da58a6303d95f17712d667d5a1066ae457ae32925ce658b559c1182a74e267da57fe25b19153f1cdebaddf3f7a3479c09f2303dff449c0513b552a75ed48215cc31264a6ff648a95daa0d599dbce303b3b5307572df30429a3b4b115cab0a018f2501272048dd9e69877535e20078e7c28a98f26ace7a266bdc15ce904f25ec7fb2434ee7b5b69bed702ba1e7ed72942f452f1a98a2d949450091075efa823b11f5f5eccd921c04c7c15a5a05750cd85b1300fc00ce275de7559e117f87cb6c3c9a4b9f96149e3fcffa44d7000000000000000000d43d07d546acb7009c0c4f6e57b8577d2113bfca1939b9bf757265e175c1863a7c8d7640675830dc11d5d59546daf2385a7074f770c8333b21e2fb660141bc4f1ed45f703da6ac2557ab6952bd0c300000000000000000005b44bff4e3966fdfc9b720412bec09936b08e440c774e2224f2d338fab2ae59379378ca34eeedbd9a323a889f295e5d3bae64fc48ba123668e6a0be1e732aa5e2a0d4373a0b76d84f018d45bdf6f12d6d5d23a0331c3ae5e99a2bcdb52386135ea15890007e1cba5e52a04971139272012ae5542ba109a9d2f49798ce2fc6f639735e0222cd08075418239042bfe47c363973d3245ce507e838dfd90ae442a96fa1343029be56de31c2eff226c05f0ae3dbe2281e7bc02db39342d5b54ad3616733a5aa7753613423a0c5e2844a6e08fa5b76e18f7e24e967f6f83c546718d0f20959376427cdd449a4be3d75fd3e51e1b7f8690855af8eddbd3fd556b4460d0091e3623933f1a11db14aea54af6c49725bfa51fed222dc379995f48b1aab94441767c8bccbfd966d814715203bd8f549cd57d6a87295bf16aa25fb4e7fcaa8cec5e5c03b0095861bf2fed70ffb46bbb78ba90ca272ead9b3d2959fd9dbaabd1d51a60b474cef4c700faf718b810e4d3527a4663ee9fbc0000000000000000000000000000000000000000000000000061abf7a66b7b3f57ff83482dbab3f591dded505630dd9dd4828dde3fd9218fb1d041a26c60a724fd8506ba03a370721c281ff6202410dd078fc15f5c4e02b46fba33e0a772130f9a158a2e403ea61919f461358bee016e4c7c114ba7f4486aa7984fffd4555d71e049b2e933ae820bb5990ac3e27e7ebb101ad67ea47ed363de7dab4fb43769f5eca65b5918a76af8860f4d0d79805d9c08d3e27a8f041615ef85b52e521a90e511fcb303dc0ab19abaf0e37e9725bb596de8d8afecf5e15215a83652f3834bf00bf7bbc82b3c45e78a46e70a54a1925b4bf8392070e9cde0634790e444e4e4ee762db725122865a194d7ba289d9aecbba85da0a5c0de6b71a3cc"], &(0x7f0000000340)='GPL\x00'}, 0x48) r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0xddc, 0x2) ioctl$vim2m_VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000001480)={0x2, @raw_data="4141e3448ea1c95d2e0eb2d2032aaf330000000019d05ee4f1de8fd41cbc9e57f8a9e071ef2f37a93246d3dada50bb39a08475b2578c49c4a0d5b0126e72800321fd80f5659ef310a003b6501803116c1e6f11f6d616562babedba8a52aae65aa255bd99a50543bf5afb0900000092c2b226901c9fadc8e94d8664c14ebeb97dc0b3be7adf3d1a9dd3196b207084a727d20b05ee974ce07073cfec3c311e69a00b11977b1e1623aced9db96289dc486397feab63353cb3973a2113673fc2d7e8b564c5d45a4adc20"}) ioctl$COMEDI_SETRSUBD(r1, 0x6410) r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x53, 0xfffffffffffffffc, 0xfffffffffffffee8, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000240)="120804000000", 0x0, 0x0, 0x0, 0x0, 0x0}) pselect6(0x40, &(0x7f0000000080)={0x1, 0xfff, 0xffffffffffffffff, 0x8, 0x6, 0x80000001, 0x4, 0xfff}, &(0x7f00000001c0)={0x7, 0xb, 0x1ff, 0x80000000, 0x4, 0xa1f, 0x6, 0x700}, &(0x7f0000000300)={0x2, 0x9, 0x100000001, 0x101, 0x0, 0x3, 0x9, 0x2}, &(0x7f0000000400)={0x0, 0x989680}, &(0x7f0000000480)={&(0x7f0000000440)={[0x5f11]}, 0x8}) ioctl$NBD_DO_IT(r0, 0xab03) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x400448cb, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40040, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r5 = pidfd_getfd(0xffffffffffffffff, r3, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x41, &(0x7f0000000100)={'raw\x00', 0x2, [{}, {}]}, 0x48) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040e0402030c", @ANYRES64=r4], 0x7) [ 151.719671][ T5357] Bluetooth: hci0: command tx timeout [ 151.736865][ T4731] [ 151.738399][ T4731] ====================================================== [ 151.742026][ T4731] WARNING: possible circular locking dependency detected [ 151.745002][ T4731] syzkaller #0 Not tainted [ 151.746874][ T4731] ------------------------------------------------------ [ 151.749787][ T4731] kworker/0:3/4731 is trying to acquire lock: [ 151.752301][ T4731] ffff888035e9eb38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_info_timeout+0x60/0xa0 [ 151.756134][ T4731] [ 151.756134][ T4731] but task is already holding lock: [ 151.759069][ T4731] ffffc90001fb7bc0 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 151.764113][ T4731] [ 151.764113][ T4731] which lock already depends on the new lock. [ 151.764113][ T4731] [ 151.768279][ T4731] [ 151.768279][ T4731] the existing dependency chain (in reverse order) is: [ 151.771925][ T4731] [ 151.771925][ T4731] -> #1 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}: [ 151.776040][ T4731] lock_acquire+0x120/0x360 [ 151.778051][ T4731] __flush_work+0x6b8/0xbc0 [ 151.780179][ T4731] __cancel_work_sync+0xbe/0x110 [ 151.782440][ T4731] l2cap_conn_del+0x4f0/0x680 [ 151.784609][ T4731] hci_conn_hash_flush+0x10a/0x230 [ 151.786897][ T4731] hci_dev_reset+0x44b/0x6b0 [ 151.789028][ T4731] sock_do_ioctl+0xd9/0x300 [ 151.791062][ T4731] sock_ioctl+0x576/0x790 [ 151.793129][ T4731] __se_sys_ioctl+0xf9/0x170 [ 151.795206][ T4731] do_syscall_64+0xfa/0x3b0 [ 151.799007][ T4731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.801619][ T4731] [ 151.801619][ T4731] -> #0 (&conn->lock#2){+.+.}-{4:4}: [ 151.804754][ T4731] validate_chain+0xb9b/0x2140 [ 151.807057][ T4731] __lock_acquire+0xab9/0xd20 [ 151.809233][ T4731] lock_acquire+0x120/0x360 [ 151.811399][ T4731] __mutex_lock+0x187/0x1350 [ 151.813527][ T4731] l2cap_info_timeout+0x60/0xa0 [ 151.815725][ T4731] process_scheduled_works+0xae1/0x17b0 [ 151.818293][ T4731] worker_thread+0x8a0/0xda0 [ 151.820485][ T4731] kthread+0x70e/0x8a0 [ 151.822483][ T4731] ret_from_fork+0x3fc/0x770 [ 151.824627][ T4731] ret_from_fork_asm+0x1a/0x30 [ 151.826790][ T4731] [ 151.826790][ T4731] other info that might help us debug this: [ 151.826790][ T4731] [ 151.830798][ T4731] Possible unsafe locking scenario: [ 151.830798][ T4731] [ 151.833634][ T4731] CPU0 CPU1 [ 151.835824][ T4731] ---- ---- [ 151.838068][ T4731] lock((work_completion)(&(&conn->info_timer)->work)); [ 151.840964][ T4731] lock(&conn->lock#2); [ 151.843790][ T4731] lock((work_completion)(&(&conn->info_timer)->work)); [ 151.847771][ T4731] lock(&conn->lock#2); [ 151.849649][ T4731] [ 151.849649][ T4731] *** DEADLOCK *** [ 151.849649][ T4731] [ 151.853036][ T4731] 2 locks held by kworker/0:3/4731: [ 151.855288][ T4731] #0: ffff88801a474d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 151.859756][ T4731] #1: ffffc90001fb7bc0 ((work_completion)(&(&conn->info_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 151.865199][ T4731] [ 151.865199][ T4731] stack backtrace: [ 151.867669][ T4731] CPU: 0 UID: 0 PID: 4731 Comm: kworker/0:3 Not tainted syzkaller #0 PREEMPT(full) [ 151.867685][ T4731] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 151.867694][ T4731] Workqueue: events l2cap_info_timeout [ 151.867715][ T4731] Call Trace: [ 151.867723][ T4731] [ 151.867728][ T4731] dump_stack_lvl+0x189/0x250 [ 151.867744][ T4731] ? __pfx_dump_stack_lvl+0x10/0x10 [ 151.867757][ T4731] ? __pfx__printk+0x10/0x10 [ 151.867773][ T4731] ? print_lock_name+0xde/0x100 [ 151.867789][ T4731] print_circular_bug+0x2ee/0x310 [ 151.867804][ T4731] check_noncircular+0x134/0x160 [ 151.867818][ T4731] validate_chain+0xb9b/0x2140 [ 151.867836][ T4731] __lock_acquire+0xab9/0xd20 [ 151.867854][ T4731] ? l2cap_info_timeout+0x60/0xa0 [ 151.867869][ T4731] lock_acquire+0x120/0x360 [ 151.867885][ T4731] ? l2cap_info_timeout+0x60/0xa0 [ 151.867903][ T4731] __mutex_lock+0x187/0x1350 [ 151.867921][ T4731] ? l2cap_info_timeout+0x60/0xa0 [ 151.867937][ T4731] ? irqentry_exit+0x74/0x90 [ 151.867952][ T4731] ? lockdep_hardirqs_on+0x9c/0x150 [ 151.867968][ T4731] ? l2cap_info_timeout+0x60/0xa0 [ 151.867984][ T4731] ? __pfx___mutex_lock+0x10/0x10 [ 151.868011][ T4731] l2cap_info_timeout+0x60/0xa0 [ 151.868026][ T4731] ? process_scheduled_works+0x9ef/0x17b0 [ 151.868037][ T4731] process_scheduled_works+0xae1/0x17b0 [ 151.868055][ T4731] ? __pfx_process_scheduled_works+0x10/0x10 [ 151.868070][ T4731] worker_thread+0x8a0/0xda0 [ 151.868082][ T4731] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 151.868099][ T4731] ? __kthread_parkme+0x7b/0x200 [ 151.868114][ T4731] kthread+0x70e/0x8a0 [ 151.868128][ T4731] ? __pfx_worker_thread+0x10/0x10 [ 151.868139][ T4731] ? __pfx_kthread+0x10/0x10 [ 151.868153][ T4731] ? _raw_spin_unlock_irq+0x23/0x50 [ 151.868167][ T4731] ? lockdep_hardirqs_on+0x9c/0x150 [ 151.868181][ T4731] ? __pfx_kthread+0x10/0x10 [ 151.868194][ T4731] ret_from_fork+0x3fc/0x770 [ 151.868207][ T4731] ? __pfx_ret_from_fork+0x10/0x10 [ 151.868220][ T4731] ? __pfx_kthread+0x10/0x10 [ 151.868234][ T4731] ret_from_fork_asm+0x1a/0x30 [ 151.868254][ T4731]