Warning: Permanently added '10.128.1.100' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 55.160886][ T3259] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 55.521142][ T3259] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 55.532335][ T3259] usb 1-1: New USB device found, idVendor=15c2, idProduct=0039, bcdDevice=d2.65 [ 55.542062][ T3259] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.554745][ T3259] usb 1-1: config 0 descriptor?? [ 55.594731][ T3259] input: iMON Panel, Knob and Mouse(15c2:0039) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 55.880885][ T3259] rc_core: IR keymap rc-imon-pad not found [ 55.886712][ T3259] Registered IR keymap rc-empty [ 55.891680][ T3259] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 55.901905][ T3259] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 56.051666][ T3259] rc rc0: iMON Remote (15c2:0039) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 56.062384][ T3259] input: iMON Remote (15c2:0039) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input6 [ 56.079949][ T3259] imon 1-1:0.0: iMON device (15c2:0039, intf0) on usb<1:2> initialized [ 56.231559][ T3596] [ 56.233891][ T3596] ====================================================== [ 56.240938][ T3596] WARNING: possible circular locking dependency detected [ 56.247959][ T3596] 5.18.0-rc3-syzkaller #0 Not tainted [ 56.253324][ T3596] ------------------------------------------------------ [ 56.260317][ T3596] syz-executor208/3596 is trying to acquire lock: [ 56.266706][ T3596] ffffffff8d536a88 (driver_lock){+.+.}-{3:3}, at: display_open+0x2e/0x290 [ 56.275229][ T3596] [ 56.275229][ T3596] but task is already holding lock: [ 56.282566][ T3596] ffffffff8d334ef0 (minor_rwsem#2){++++}-{3:3}, at: usb_open+0x2c/0x2f0 [ 56.290896][ T3596] [ 56.290896][ T3596] which lock already depends on the new lock. [ 56.290896][ T3596] [ 56.301280][ T3596] [ 56.301280][ T3596] the existing dependency chain (in reverse order) is: [ 56.310286][ T3596] [ 56.310286][ T3596] -> #2 (minor_rwsem#2){++++}-{3:3}: [ 56.317735][ T3596] lock_acquire+0x1a7/0x400 [ 56.322738][ T3596] down_write+0x95/0x170 [ 56.327497][ T3596] usb_register_dev+0x2a6/0x810 [ 56.332847][ T3596] imon_init_display+0x8b/0x160 [ 56.338199][ T3596] imon_probe+0x258f/0x2ee0 [ 56.343203][ T3596] usb_probe_interface+0x66e/0xb60 [ 56.348829][ T3596] call_driver_probe+0x96/0x250 [ 56.354196][ T3596] really_probe+0x222/0x8e0 [ 56.359207][ T3596] __driver_probe_device+0x1f4/0x3f0 [ 56.365096][ T3596] driver_probe_device+0x50/0x240 [ 56.370628][ T3596] __device_attach_driver+0x254/0x3a0 [ 56.376504][ T3596] bus_for_each_drv+0x18a/0x210 [ 56.381864][ T3596] __device_attach+0x32e/0x570 [ 56.387131][ T3596] bus_probe_device+0xb8/0x1f0 [ 56.392422][ T3596] device_add+0xb20/0xf90 [ 56.397253][ T3596] usb_set_configuration+0x1a5f/0x20e0 [ 56.403213][ T3596] usb_generic_driver_probe+0x83/0x140 [ 56.409177][ T3596] usb_probe_device+0x131/0x260 [ 56.414527][ T3596] call_driver_probe+0x96/0x250 [ 56.419887][ T3596] really_probe+0x222/0x8e0 [ 56.424892][ T3596] __driver_probe_device+0x1f4/0x3f0 [ 56.430678][ T3596] driver_probe_device+0x50/0x240 [ 56.436207][ T3596] __device_attach_driver+0x254/0x3a0 [ 56.442087][ T3596] bus_for_each_drv+0x18a/0x210 [ 56.447960][ T3596] __device_attach+0x32e/0x570 [ 56.453226][ T3596] bus_probe_device+0xb8/0x1f0 [ 56.458493][ T3596] device_add+0xb20/0xf90 [ 56.463323][ T3596] usb_new_device+0xbfc/0x18a0 [ 56.468589][ T3596] hub_port_connect+0x106b/0x2930 [ 56.474127][ T3596] hub_port_connect_change+0x619/0xbe0 [ 56.480087][ T3596] port_event+0xe72/0x13a0 [ 56.485005][ T3596] hub_event+0x5be/0xd70 [ 56.489749][ T3596] process_one_work+0x81c/0xd10 [ 56.495104][ T3596] worker_thread+0xb14/0x1330 [ 56.500283][ T3596] kthread+0x266/0x300 [ 56.504854][ T3596] ret_from_fork+0x1f/0x30 [ 56.509777][ T3596] [ 56.509777][ T3596] -> #1 (&ictx->lock){+.+.}-{3:3}: [ 56.517058][ T3596] lock_acquire+0x1a7/0x400 [ 56.522060][ T3596] __mutex_lock_common+0x1de/0x26e0 [ 56.527759][ T3596] mutex_lock_nested+0x17/0x20 [ 56.533023][ T3596] imon_probe+0x365/0x2ee0 [ 56.537943][ T3596] usb_probe_interface+0x66e/0xb60 [ 56.543554][ T3596] call_driver_probe+0x96/0x250 [ 56.548910][ T3596] really_probe+0x222/0x8e0 [ 56.553917][ T3596] __driver_probe_device+0x1f4/0x3f0 [ 56.559715][ T3596] driver_probe_device+0x50/0x240 [ 56.565256][ T3596] __device_attach_driver+0x254/0x3a0 [ 56.571138][ T3596] bus_for_each_drv+0x18a/0x210 [ 56.576493][ T3596] __device_attach+0x32e/0x570 [ 56.581767][ T3596] bus_probe_device+0xb8/0x1f0 [ 56.587209][ T3596] device_add+0xb20/0xf90 [ 56.592046][ T3596] usb_set_configuration+0x1a5f/0x20e0 [ 56.598012][ T3596] usb_generic_driver_probe+0x83/0x140 [ 56.603976][ T3596] usb_probe_device+0x131/0x260 [ 56.609330][ T3596] call_driver_probe+0x96/0x250 [ 56.614684][ T3596] really_probe+0x222/0x8e0 [ 56.619690][ T3596] __driver_probe_device+0x1f4/0x3f0 [ 56.625478][ T3596] driver_probe_device+0x50/0x240 [ 56.631005][ T3596] __device_attach_driver+0x254/0x3a0 [ 56.636884][ T3596] bus_for_each_drv+0x18a/0x210 [ 56.642239][ T3596] __device_attach+0x32e/0x570 [ 56.647505][ T3596] bus_probe_device+0xb8/0x1f0 [ 56.652770][ T3596] device_add+0xb20/0xf90 [ 56.657599][ T3596] usb_new_device+0xbfc/0x18a0 [ 56.662864][ T3596] hub_port_connect+0x106b/0x2930 [ 56.668389][ T3596] hub_port_connect_change+0x619/0xbe0 [ 56.674351][ T3596] port_event+0xe72/0x13a0 [ 56.679268][ T3596] hub_event+0x5be/0xd70 [ 56.684017][ T3596] process_one_work+0x81c/0xd10 [ 56.689381][ T3596] worker_thread+0xb14/0x1330 [ 56.694561][ T3596] kthread+0x266/0x300 [ 56.699134][ T3596] ret_from_fork+0x1f/0x30 [ 56.704062][ T3596] [ 56.704062][ T3596] -> #0 (driver_lock){+.+.}-{3:3}: [ 56.711344][ T3596] validate_chain+0x185c/0x65c0 [ 56.716711][ T3596] __lock_acquire+0x129a/0x1f80 [ 56.722067][ T3596] lock_acquire+0x1a7/0x400 [ 56.727090][ T3596] __mutex_lock_common+0x1de/0x26e0 [ 56.732788][ T3596] mutex_lock_nested+0x17/0x20 [ 56.738141][ T3596] display_open+0x2e/0x290 [ 56.743062][ T3596] usb_open+0x217/0x2f0 [ 56.747739][ T3596] chrdev_open+0x5fb/0x680 [ 56.752660][ T3596] do_dentry_open+0x77f/0xfd0 [ 56.757845][ T3596] path_openat+0x26c0/0x2ec0 [ 56.762948][ T3596] do_filp_open+0x277/0x4f0 [ 56.767952][ T3596] do_sys_openat2+0x13b/0x500 [ 56.773131][ T3596] __x64_sys_openat+0x243/0x290 [ 56.778486][ T3596] do_syscall_64+0x2b/0x70 [ 56.783407][ T3596] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 56.789804][ T3596] [ 56.789804][ T3596] other info that might help us debug this: [ 56.789804][ T3596] [ 56.800011][ T3596] Chain exists of: [ 56.800011][ T3596] driver_lock --> &ictx->lock --> minor_rwsem#2 [ 56.800011][ T3596] [ 56.812160][ T3596] Possible unsafe locking scenario: [ 56.812160][ T3596] [ 56.819597][ T3596] CPU0 CPU1 [ 56.824939][ T3596] ---- ---- [ 56.830283][ T3596] lock(minor_rwsem#2); [ 56.834509][ T3596] lock(&ictx->lock); [ 56.841077][ T3596] lock(minor_rwsem#2); [ 56.847826][ T3596] lock(driver_lock); [ 56.851877][ T3596] [ 56.851877][ T3596] *** DEADLOCK *** [ 56.851877][ T3596] [ 56.859997][ T3596] 1 lock held by syz-executor208/3596: [ 56.865435][ T3596] #0: ffffffff8d334ef0 (minor_rwsem#2){++++}-{3:3}, at: usb_open+0x2c/0x2f0 [ 56.874209][ T3596] [ 56.874209][ T3596] stack backtrace: [ 56.880075][ T3596] CPU: 0 PID: 3596 Comm: syz-executor208 Not tainted 5.18.0-rc3-syzkaller #0 [ 56.888812][ T3596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 56.898845][ T3596] Call Trace: [ 56.902107][ T3596] [ 56.905025][ T3596] dump_stack_lvl+0x1e3/0x2cb [ 56.909689][ T3596] ? bfq_pos_tree_add_move+0x436/0x436 [ 56.915137][ T3596] ? print_circular_bug+0x13e/0x1c0 [ 56.920318][ T3596] check_noncircular+0x2f7/0x3b0 [ 56.925238][ T3596] ? add_chain_block+0x850/0x850 [ 56.930157][ T3596] ? lockdep_lock+0x11d/0x2a0 [ 56.934818][ T3596] validate_chain+0x185c/0x65c0 [ 56.939653][ T3596] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 56.945622][ T3596] ? reacquire_held_locks+0x680/0x680 [ 56.950977][ T3596] ? lockdep_unlock+0x163/0x300 [ 56.955808][ T3596] ? lockdep_lock+0x2a0/0x2a0 [ 56.960463][ T3596] ? deref_stack_reg+0xbd/0x110 [ 56.965298][ T3596] ? unwind_next_frame+0x1365/0x1dc0 [ 56.970565][ T3596] ? validate_chain+0x1440/0x65c0 [ 56.975576][ T3596] ? __kernel_text_address+0x9/0x40 [ 56.980757][ T3596] ? unwind_get_return_address+0x48/0x80 [ 56.986371][ T3596] ? arch_stack_walk+0xf8/0x140 [ 56.991205][ T3596] ? mark_lock+0x98/0x350 [ 56.995517][ T3596] __lock_acquire+0x129a/0x1f80 [ 57.000355][ T3596] lock_acquire+0x1a7/0x400 [ 57.004841][ T3596] ? display_open+0x2e/0x290 [ 57.009422][ T3596] ? read_lock_is_recursive+0x10/0x10 [ 57.014777][ T3596] ? __might_sleep+0xc0/0xc0 [ 57.019348][ T3596] ? mark_lock+0x29f/0x350 [ 57.023756][ T3596] __mutex_lock_common+0x1de/0x26e0 [ 57.028944][ T3596] ? display_open+0x2e/0x290 [ 57.033523][ T3596] ? display_open+0x2e/0x290 [ 57.038096][ T3596] ? mutex_lock_io_nested+0x60/0x60 [ 57.043277][ T3596] ? __might_sleep+0xc0/0xc0 [ 57.047849][ T3596] ? chrdev_open+0x3c4/0x680 [ 57.052423][ T3596] ? __lock_acquire+0x1f80/0x1f80 [ 57.057427][ T3596] ? do_raw_spin_lock+0x148/0x360 [ 57.062692][ T3596] mutex_lock_nested+0x17/0x20 [ 57.067450][ T3596] display_open+0x2e/0x290 [ 57.071865][ T3596] ? usb_open+0x20f/0x2f0 [ 57.076189][ T3596] ? lcd_write+0x2c0/0x2c0 [ 57.080603][ T3596] usb_open+0x217/0x2f0 [ 57.084747][ T3596] chrdev_open+0x5fb/0x680 [ 57.089155][ T3596] ? __fsnotify_update_child_dentry_flags+0x2d0/0x2d0 [ 57.095913][ T3596] ? cd_forget+0x160/0x160 [ 57.100325][ T3596] ? tomoyo_file_open+0xe6/0x170 [ 57.105257][ T3596] ? security_file_open+0x44c/0x560 [ 57.110443][ T3596] ? cd_forget+0x160/0x160 [ 57.114846][ T3596] do_dentry_open+0x77f/0xfd0 [ 57.119519][ T3596] path_openat+0x26c0/0x2ec0 [ 57.124104][ T3596] ? do_filp_open+0x4f0/0x4f0 [ 57.128764][ T3596] ? alloc_fd+0x5ae/0x650 [ 57.133076][ T3596] ? rcu_read_lock_sched_held+0x89/0x130 [ 57.138693][ T3596] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 57.144657][ T3596] do_filp_open+0x277/0x4f0 [ 57.149146][ T3596] ? vfs_tmpfile+0x230/0x230 [ 57.153723][ T3596] ? alloc_fd+0x5ae/0x650 [ 57.158035][ T3596] do_sys_openat2+0x13b/0x500 [ 57.162695][ T3596] ? read_lock_is_recursive+0x10/0x10 [ 57.168045][ T3596] ? __context_tracking_exit+0x4d/0x80 [ 57.173489][ T3596] ? do_sys_open+0x220/0x220 [ 57.178065][ T3596] __x64_sys_openat+0x243/0x290 [ 57.182901][ T3596] ? __ia32_sys_open+0x270/0x270 [ 57.187819][ T3596] ? syscall_enter_from_user_mode+0x2e/0x1a0 [ 57.193781][ T3596] ? syscall_enter_from_user_mode+0x2e/0x1a0 [ 57.199756][ T3596] do_syscall_64+0x2b/0x70 [ 57.204169][ T3596] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 57.210047][ T3596] RIP: 0033:0x7f8f70c6ec77 [ 57.214444][ T3596] Code: 25 00 00 41 00 3d 00 00 41 00 74 47 64 8b 04 25 18 00 00 00 85 c0 75 6b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 95 00 00 00 48 8b 4c 24 28 64 48 2b 0c 25 [ 57.234036][ T3596] RSP: 002b:00007ffc5a450ed0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 57.242436][ T3596] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8f70c6ec77 [ 57.250395][ T3596] RDX: 0000000000000002 RSI: 00007ffc5a450f50 RDI: 00000000ffffff9c [ 57.258347][ T3596] RBP: 00007ffc5a450f50 R08: 0000000000000000 R09: 000000000000000f [ 57.266300][ T3596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 57.274249][ T3596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 57.282207][ T3596] [