[ 71.615530][ T7] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.10.0' (ECDSA) to the list of known hosts. 2022/07/01 06:43:18 parsed 1 programs 2022/07/01 06:43:18 executed programs: 0 [ 72.920433][ T5878] cgroup: Unknown subsys name 'net' [ 72.929650][ T5878] cgroup: Unknown subsys name 'rlimit' [ 74.039801][ T5884] IPVS: ftp: loaded support on port[0] = 21 [ 74.096157][ T5884] chnl_net:caif_netlink_parms(): no params data found [ 74.130773][ T5884] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.138011][ T5884] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.146596][ T5884] device bridge_slave_0 entered promiscuous mode [ 74.154972][ T5884] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.162674][ T5884] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.170348][ T5884] device bridge_slave_1 entered promiscuous mode [ 74.186771][ T5884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.198305][ T5884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.218680][ T5884] team0: Port device team_slave_0 added [ 74.227192][ T5884] team0: Port device team_slave_1 added [ 74.241932][ T5884] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.249025][ T5884] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.275715][ T5884] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.287905][ T5884] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.295067][ T5884] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.321658][ T5884] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.345047][ T5884] device hsr_slave_0 entered promiscuous mode [ 74.352807][ T5884] device hsr_slave_1 entered promiscuous mode [ 74.405776][ T5884] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.412885][ T5884] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.420199][ T5884] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.427513][ T5884] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.459077][ T5884] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.472217][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 74.480137][ T5448] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.490298][ T5448] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.498570][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 74.512234][ T5884] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.523137][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.531867][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.539236][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.550677][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.560269][ T3613] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.567707][ T3613] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.590562][ T5884] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 74.601269][ T5884] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 74.614389][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.623047][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.631625][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 74.640163][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 74.649327][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 74.657892][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 74.675969][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.684903][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.697560][ T5884] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.791874][ T3613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 74.806158][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 74.814877][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 74.823528][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 74.836279][ T5884] device veth0_vlan entered promiscuous mode [ 74.847617][ T5884] device veth1_vlan entered promiscuous mode [ 74.865465][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 74.873848][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 74.882879][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 74.894034][ T5884] device veth0_macvtap entered promiscuous mode [ 74.903667][ T5884] device veth1_macvtap entered promiscuous mode [ 74.919128][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.927650][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 74.936965][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 74.948629][ T5884] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.957910][ T5448] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 75.007962][ T990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.026912][ T990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.032322][ T212] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.037101][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 75.043411][ T212] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.060300][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 75.371577][ T7] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 75.611405][ T7] usb 1-1: Using ep0 maxpacket: 16 [ 75.731402][ T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 120, changing to 10 [ 75.901282][ T7] usb 1-1: New USB device found, idVendor=15c2, idProduct=0040, bcdDevice=80.f3 [ 75.910592][ T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 75.918960][ T7] usb 1-1: Product: syz [ 75.923373][ T7] usb 1-1: Manufacturer: syz [ 75.928040][ T7] usb 1-1: SerialNumber: syz [ 75.944221][ T7] usb 1-1: config 0 descriptor?? [ 75.987705][ T7] input: iMON Panel, Knob and Mouse(15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 76.093048][ T5448] Bluetooth: hci0: command 0x0409 tx timeout [ 76.271331][ T7] rc_core: IR keymap rc-imon-pad not found [ 76.278037][ T7] Registered IR keymap rc-empty [ 76.284000][ T7] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 76.294933][ T7] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 76.444633][ T7] rc rc0: iMON Remote (15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 76.456324][ T7] input: iMON Remote (15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input6 [ 76.475805][ T7] imon 1-1:0.0: iMON device (15c2:0040, intf0) on usb<1:2> initialized [ 76.622373][ T5898] [ 76.624821][ T5898] ====================================================== [ 76.631934][ T5898] WARNING: possible circular locking dependency detected [ 76.639111][ T5898] 5.11.0-syzkaller #0 Not tainted [ 76.644433][ T5898] ------------------------------------------------------ [ 76.651438][ T5898] syz-executor.0/5898 is trying to acquire lock: [ 76.657735][ T5898] ffffffff8b7c4f88 (driver_lock){+.+.}-{3:3}, at: display_open+0x1e/0x1e0 [ 76.666398][ T5898] [ 76.666398][ T5898] but task is already holding lock: [ 76.673833][ T5898] ffffffff8b5365d0 (minor_rwsem#2){++++}-{3:3}, at: usb_open+0x1f/0x2a0 [ 76.682251][ T5898] [ 76.682251][ T5898] which lock already depends on the new lock. [ 76.682251][ T5898] [ 76.692959][ T5898] [ 76.692959][ T5898] the existing dependency chain (in reverse order) is: [ 76.701996][ T5898] [ 76.701996][ T5898] -> #2 (minor_rwsem#2){++++}-{3:3}: [ 76.709621][ T5898] down_write+0x8d/0x150 [ 76.714378][ T5898] usb_register_dev+0x12e/0x700 [ 76.719751][ T5898] imon_probe+0x2218/0x2990 [ 76.724756][ T5898] usb_probe_interface+0x274/0x6a0 [ 76.730708][ T5898] really_probe+0x1fd/0xc60 [ 76.735818][ T5898] driver_probe_device+0x1ed/0x380 [ 76.741618][ T5898] bus_for_each_drv+0x11e/0x1a0 [ 76.746970][ T5898] __device_attach+0x1db/0x400 [ 76.752236][ T5898] bus_probe_device+0x19d/0x250 [ 76.757587][ T5898] device_add+0x99a/0x1ad0 [ 76.762498][ T5898] usb_set_configuration+0x9f9/0x1750 [ 76.768493][ T5898] usb_generic_driver_probe+0x74/0xa0 [ 76.774389][ T5898] usb_probe_device+0x98/0x240 [ 76.779750][ T5898] really_probe+0x1fd/0xc60 [ 76.784871][ T5898] driver_probe_device+0x1ed/0x380 [ 76.790587][ T5898] bus_for_each_drv+0x11e/0x1a0 [ 76.795972][ T5898] __device_attach+0x1db/0x400 [ 76.801455][ T5898] bus_probe_device+0x19d/0x250 [ 76.806940][ T5898] device_add+0x99a/0x1ad0 [ 76.811945][ T5898] usb_new_device.cold+0x69a/0xee1 [ 76.817710][ T5898] hub_event+0x10a3/0x36b0 [ 76.822635][ T5898] process_one_work+0x84c/0x13b0 [ 76.828164][ T5898] worker_thread+0x598/0xf80 [ 76.833391][ T5898] kthread+0x36f/0x450 [ 76.838040][ T5898] ret_from_fork+0x1f/0x30 [ 76.842968][ T5898] [ 76.842968][ T5898] -> #1 (&ictx->lock){+.+.}-{3:3}: [ 76.850425][ T5898] __mutex_lock+0x134/0x1110 [ 76.855787][ T5898] imon_probe+0xec9/0x2990 [ 76.860705][ T5898] usb_probe_interface+0x274/0x6a0 [ 76.866309][ T5898] really_probe+0x1fd/0xc60 [ 76.871387][ T5898] driver_probe_device+0x1ed/0x380 [ 76.877083][ T5898] bus_for_each_drv+0x11e/0x1a0 [ 76.882677][ T5898] __device_attach+0x1db/0x400 [ 76.887947][ T5898] bus_probe_device+0x19d/0x250 [ 76.893383][ T5898] device_add+0x99a/0x1ad0 [ 76.898573][ T5898] usb_set_configuration+0x9f9/0x1750 [ 76.904441][ T5898] usb_generic_driver_probe+0x74/0xa0 [ 76.910402][ T5898] usb_probe_device+0x98/0x240 [ 76.915655][ T5898] really_probe+0x1fd/0xc60 [ 76.920647][ T5898] driver_probe_device+0x1ed/0x380 [ 76.926350][ T5898] bus_for_each_drv+0x11e/0x1a0 [ 76.931696][ T5898] __device_attach+0x1db/0x400 [ 76.937100][ T5898] bus_probe_device+0x19d/0x250 [ 76.942547][ T5898] device_add+0x99a/0x1ad0 [ 76.947653][ T5898] usb_new_device.cold+0x69a/0xee1 [ 76.953259][ T5898] hub_event+0x10a3/0x36b0 [ 76.958234][ T5898] process_one_work+0x84c/0x13b0 [ 76.963841][ T5898] worker_thread+0x598/0xf80 [ 76.969387][ T5898] kthread+0x36f/0x450 [ 76.973956][ T5898] ret_from_fork+0x1f/0x30 [ 76.978887][ T5898] [ 76.978887][ T5898] -> #0 (driver_lock){+.+.}-{3:3}: [ 76.986339][ T5898] __lock_acquire+0x2b3b/0x57d0 [ 76.991700][ T5898] lock_acquire+0x1a8/0x720 [ 76.996704][ T5898] __mutex_lock+0x134/0x1110 [ 77.001931][ T5898] display_open+0x1e/0x1e0 [ 77.006841][ T5898] usb_open+0x1d5/0x2a0 [ 77.011666][ T5898] chrdev_open+0x20f/0x650 [ 77.016579][ T5898] do_dentry_open+0x42a/0xfb0 [ 77.021753][ T5898] path_openat+0x129c/0x2190 [ 77.026834][ T5898] do_filp_open+0x16d/0x390 [ 77.031961][ T5898] do_sys_openat2+0x11e/0x360 [ 77.037163][ T5898] __x64_sys_openat+0x11b/0x1d0 [ 77.042823][ T5898] do_syscall_64+0x2d/0x40 [ 77.047985][ T5898] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 77.054727][ T5898] [ 77.054727][ T5898] other info that might help us debug this: [ 77.054727][ T5898] [ 77.065069][ T5898] Chain exists of: [ 77.065069][ T5898] driver_lock --> &ictx->lock --> minor_rwsem#2 [ 77.065069][ T5898] [ 77.077205][ T5898] Possible unsafe locking scenario: [ 77.077205][ T5898] [ 77.084747][ T5898] CPU0 CPU1 [ 77.090093][ T5898] ---- ---- [ 77.095441][ T5898] lock(minor_rwsem#2); [ 77.099750][ T5898] lock(&ictx->lock); [ 77.106671][ T5898] lock(minor_rwsem#2); [ 77.113410][ T5898] lock(driver_lock); [ 77.117552][ T5898] [ 77.117552][ T5898] *** DEADLOCK *** [ 77.117552][ T5898] [ 77.125933][ T5898] 1 lock held by syz-executor.0/5898: [ 77.131389][ T5898] #0: ffffffff8b5365d0 (minor_rwsem#2){++++}-{3:3}, at: usb_open+0x1f/0x2a0 [ 77.140487][ T5898] [ 77.140487][ T5898] stack backtrace: [ 77.146495][ T5898] CPU: 0 PID: 5898 Comm: syz-executor.0 Not tainted 5.11.0-syzkaller #0 [ 77.155075][ T5898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/18/2022 [ 77.165189][ T5898] Call Trace: [ 77.168454][ T5898] dump_stack+0x9a/0xcc [ 77.172787][ T5898] check_noncircular+0x25f/0x2e0 [ 77.177859][ T5898] ? print_circular_bug+0x480/0x480 [ 77.183288][ T5898] ? save_trace+0x55d/0x9f0 [ 77.188140][ T5898] ? lockdep_lock+0xc6/0x200 [ 77.192820][ T5898] ? call_rcu_zapped+0xb0/0xb0 [ 77.197679][ T5898] __lock_acquire+0x2b3b/0x57d0 [ 77.202610][ T5898] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 77.208665][ T5898] ? call_rcu_zapped+0xb0/0xb0 [ 77.213403][ T5898] ? lock_chain_count+0x20/0x20 [ 77.218236][ T5898] lock_acquire+0x1a8/0x720 [ 77.223181][ T5898] ? display_open+0x1e/0x1e0 [ 77.227760][ T5898] ? lock_release+0x710/0x710 [ 77.232433][ T5898] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 77.238647][ T5898] __mutex_lock+0x134/0x1110 [ 77.243229][ T5898] ? display_open+0x1e/0x1e0 [ 77.247946][ T5898] ? display_open+0x1e/0x1e0 [ 77.252526][ T5898] ? lock_release+0x710/0x710 [ 77.257238][ T5898] ? mutex_lock_io_nested+0xf60/0xf60 [ 77.263119][ T5898] ? down_read+0x195/0x440 [ 77.267527][ T5898] ? chrdev_open+0x4b4/0x650 [ 77.272231][ T5898] ? rwsem_down_read_slowpath+0x980/0x980 [ 77.278074][ T5898] display_open+0x1e/0x1e0 [ 77.282568][ T5898] usb_open+0x1d5/0x2a0 [ 77.286700][ T5898] chrdev_open+0x20f/0x650 [ 77.291097][ T5898] ? cdev_device_add+0x1e0/0x1e0 [ 77.296136][ T5898] ? security_file_open+0x43/0x400 [ 77.301259][ T5898] do_dentry_open+0x42a/0xfb0 [ 77.305950][ T5898] ? cdev_device_add+0x1e0/0x1e0 [ 77.310870][ T5898] ? security_inode_permission+0x6e/0xb0 [ 77.316654][ T5898] path_openat+0x129c/0x2190 [ 77.321242][ T5898] ? path_lookupat+0x660/0x660 [ 77.326594][ T5898] ? mark_lock+0xee/0x1720 [ 77.331073][ T5898] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 77.337200][ T5898] do_filp_open+0x16d/0x390 [ 77.341679][ T5898] ? may_open_dev+0xd0/0xd0 [ 77.346242][ T5898] ? rwlock_bug.part.0+0x90/0x90 [ 77.351263][ T5898] ? _raw_spin_unlock+0x24/0x40 [ 77.356259][ T5898] ? alloc_fd+0x1b2/0x530 [ 77.360575][ T5898] ? getname_flags.part.0+0x89/0x440 [ 77.366009][ T5898] do_sys_openat2+0x11e/0x360 [ 77.370761][ T5898] ? build_open_flags+0x470/0x470 [ 77.375754][ T5898] ? __context_tracking_exit+0x80/0x90 [ 77.381295][ T5898] ? lock_downgrade+0x6d0/0x6d0 [ 77.386139][ T5898] __x64_sys_openat+0x11b/0x1d0 [ 77.390984][ T5898] ? __ia32_sys_open+0x190/0x190 [ 77.396084][ T5898] ? lockdep_hardirqs_on_prepare+0x17b/0x400 [ 77.402561][ T5898] ? syscall_enter_from_user_mode+0x27/0x70 [ 77.408504][ T5898] ? lockdep_hardirqs_on+0x79/0x100 [ 77.413707][ T5898] do_syscall_64+0x2d/0x40 [ 77.418103][ T5898] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 77.424068][ T5898] RIP: 0033:0x7fa8a9a3d024 [ 77.428499][ T5898] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44 [ 77.448568][ T5898] RSP: 002b:00007fa8a91feca0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 77.457568][ T5898] RAX: ffffffffffffffda RBX: 00007fa8a9b9cf60 RCX: 00007fa8a9a3d024 [ 77.465884][ T5898] RDX: 0000000000000002 RSI: 00007fa8a91fed40 RDI: 00000000ffffff9c [ 77.473873][ T5898] RBP: 00007fa8a91fed40 R08: 0000000000000000 R09: 000000000000000f [ 77.481914][ T5898] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 77.489949][ T5898] R13: 00007ffe3f1cf11f R14: 00007fa8a91ff300 R15: 0000000000022000 [ 78.171165][ T5] Bluetooth: hci0: command 0x041b tx timeout 2022/07/01 06:43:23 executed programs: 1 [ 78.531384][ T5898] imon:send_packet: task interrupted [ 78.536991][ T5898] imon:send_packet: packet tx failed (-2) [ 78.542908][ T5898] imon:vfd_write: send packet #0 failed [ 78.549614][ T5] usb 1-1: USB disconnect, device number 2 [ 78.555530][ C0] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored [ 78.921141][ T5] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 79.161025][ T5] usb 1-1: Using ep0 maxpacket: 16 [ 79.281196][ T5] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 120, changing to 10 [ 79.461554][ T5] usb 1-1: New USB device found, idVendor=15c2, idProduct=0040, bcdDevice=80.f3 [ 79.470878][ T5] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.478971][ T5] usb 1-1: Product: syz [ 79.483303][ T5] usb 1-1: Manufacturer: syz [ 79.488273][ T5] usb 1-1: SerialNumber: syz [ 79.493793][ T5] usb 1-1: config 0 descriptor?? [ 79.532476][ T5] input: iMON Panel, Knob and Mouse(15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input7 [ 79.811042][ T5] rc_core: IR keymap rc-imon-pad not found [ 79.817139][ T5] Registered IR keymap rc-empty [ 79.822638][ T5] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 79.832900][ T5] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 79.991395][ T5] rc rc0: iMON Remote (15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 80.002031][ T5] input: iMON Remote (15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input8 [ 80.014460][ T5] imon 1-1:0.0: iMON device (15c2:0040, intf0) on usb<1:3> initialized [ 80.222751][ T5905] ------------[ cut here ]------------ [ 80.228619][ T5905] URB 00000000f4bcc99f submitted while active [ 80.235166][ T5905] WARNING: CPU: 0 PID: 5905 at drivers/usb/core/urb.c:378 usb_submit_urb+0xe51/0x1270 [ 80.245445][ T5905] Modules linked in: [ 80.249429][ T5905] CPU: 0 PID: 5905 Comm: syz-executor.0 Not tainted 5.11.0-syzkaller #0 [ 80.258067][ T5] Bluetooth: hci0: command 0x040f tx timeout [ 80.261436][ T5905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/18/2022 [ 80.274471][ T5905] RIP: 0010:usb_submit_urb+0xe51/0x1270 [ 80.280114][ T5905] Code: 3d 9d a8 57 07 00 b8 f0 ff ff ff 0f 85 ec fc ff ff 4c 89 e6 48 c7 c7 c0 8f 1b 89 89 04 24 c6 05 7e a8 57 07 01 e8 c9 7d 2b 03 <0f> 0b 8b 04 24 e9 c9 fc ff ff 41 be 01 00 00 00 e9 b1 f7 ff ff b8 [ 80.299805][ T5905] RSP: 0018:ffffc900017ffd20 EFLAGS: 00010286 [ 80.305931][ T5905] RAX: 0000000000000000 RBX: ffff88802a546000 RCX: 0000000000000000 [ 80.314011][ T5905] RDX: 0000000000000001 RSI: ffffffff88ddb4e0 RDI: fffff520002fff96 [ 80.322530][ T5905] RBP: ffff888014ff1410 R08: 0000000000000001 R09: ffff8880b9e4c867 [ 80.330652][ T5905] R10: ffffed10173c990c R11: 3030303020425255 R12: ffff88801cfb2800 [ 80.339005][ T5905] R13: ffff88801cfb2800 R14: ffff88802a546128 R15: ffff88802a546170 [ 80.347908][ T5905] FS: 00007fa8a91de700(0000) GS:ffff8880b9e00000(0000) knlGS:0000000000000000 [ 80.357045][ T5905] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 80.363699][ T5905] CR2: 00007f9a94244111 CR3: 00000000145e8000 CR4: 00000000003506f0 [ 80.371792][ T5905] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 80.379881][ T5905] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 80.387895][ T5905] Call Trace: [ 80.391399][ T5905] ? unpoison_range+0x3a/0x60 [ 80.396058][ T5905] ? ____kasan_kmalloc.constprop.0+0x82/0xa0 [ 80.402050][ T5905] send_packet+0x3f9/0xbf0 [ 80.406462][ T5905] ? display_open+0x1e0/0x1e0 [ 80.411186][ T5905] vfd_write+0x21f/0x450 [ 80.415546][ T5905] vfs_write+0x1c4/0x870 [ 80.419772][ T5905] ksys_write+0xf4/0x1d0 [ 80.424071][ T5905] ? __ia32_sys_read+0xa0/0xa0 [ 80.429109][ T5905] ? vtime_user_exit+0x12d/0x210 [ 80.434075][ T5905] ? syscall_enter_from_user_mode+0x27/0x70 [ 80.440402][ T5905] do_syscall_64+0x2d/0x40 [ 80.445503][ T5905] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 80.452011][ T5905] RIP: 0033:0x7fa8a9a8a109 [ 80.456516][ T5905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 80.476795][ T5905] RSP: 002b:00007fa8a91de168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 80.485363][ T5905] RAX: ffffffffffffffda RBX: 00007fa8a9b9d030 RCX: 00007fa8a9a8a109 [ 80.493461][ T5905] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000004 [ 80.501455][ T5905] RBP: 00007fa8a9ae405d R08: 0000000000000000 R09: 0000000000000000 [ 80.509409][ T5905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.518145][ T5905] R13: 00007ffe3f1cf11f R14: 00007fa8a91de300 R15: 0000000000022000 [ 80.526229][ T5905] Kernel panic - not syncing: panic_on_warn set ... [ 80.532795][ T5905] CPU: 1 PID: 5905 Comm: syz-executor.0 Not tainted 5.11.0-syzkaller #0 [ 80.541100][ T5905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/18/2022 [ 80.551162][ T5905] Call Trace: [ 80.554438][ T5905] dump_stack+0x9a/0xcc [ 80.558667][ T5905] panic+0x256/0x4eb [ 80.562550][ T5905] ? __warn_printk+0xee/0xee [ 80.567119][ T5905] ? usb_submit_urb+0xe51/0x1270 [ 80.572041][ T5905] __warn.cold+0x2b/0x35 [ 80.576400][ T5905] ? usb_submit_urb+0xe51/0x1270 [ 80.581499][ T5905] report_bug+0x15a/0x1b0 [ 80.585902][ T5905] handle_bug+0x3c/0x60 [ 80.590045][ T5905] exc_invalid_op+0x14/0x40 [ 80.594640][ T5905] asm_exc_invalid_op+0x12/0x20 [ 80.599472][ T5905] RIP: 0010:usb_submit_urb+0xe51/0x1270 [ 80.605300][ T5905] Code: 3d 9d a8 57 07 00 b8 f0 ff ff ff 0f 85 ec fc ff ff 4c 89 e6 48 c7 c7 c0 8f 1b 89 89 04 24 c6 05 7e a8 57 07 01 e8 c9 7d 2b 03 <0f> 0b 8b 04 24 e9 c9 fc ff ff 41 be 01 00 00 00 e9 b1 f7 ff ff b8 [ 80.625068][ T5905] RSP: 0018:ffffc900017ffd20 EFLAGS: 00010286 [ 80.631228][ T5905] RAX: 0000000000000000 RBX: ffff88802a546000 RCX: 0000000000000000 [ 80.639269][ T5905] RDX: 0000000000000001 RSI: ffffffff88ddb4e0 RDI: fffff520002fff96 [ 80.647375][ T5905] RBP: ffff888014ff1410 R08: 0000000000000001 R09: ffff8880b9e4c867 [ 80.655347][ T5905] R10: ffffed10173c990c R11: 3030303020425255 R12: ffff88801cfb2800 [ 80.663571][ T5905] R13: ffff88801cfb2800 R14: ffff88802a546128 R15: ffff88802a546170 [ 80.671815][ T5905] ? unpoison_range+0x3a/0x60 [ 80.676485][ T5905] ? ____kasan_kmalloc.constprop.0+0x82/0xa0 [ 80.682614][ T5905] send_packet+0x3f9/0xbf0 [ 80.687239][ T5905] ? display_open+0x1e0/0x1e0 [ 80.691994][ T5905] vfd_write+0x21f/0x450 [ 80.696306][ T5905] vfs_write+0x1c4/0x870 [ 80.700625][ T5905] ksys_write+0xf4/0x1d0 [ 80.704867][ T5905] ? __ia32_sys_read+0xa0/0xa0 [ 80.709642][ T5905] ? vtime_user_exit+0x12d/0x210 [ 80.714582][ T5905] ? syscall_enter_from_user_mode+0x27/0x70 [ 80.720597][ T5905] do_syscall_64+0x2d/0x40 [ 80.725013][ T5905] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 80.730900][ T5905] RIP: 0033:0x7fa8a9a8a109 [ 80.735321][ T5905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 80.755104][ T5905] RSP: 002b:00007fa8a91de168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 80.763501][ T5905] RAX: ffffffffffffffda RBX: 00007fa8a9b9d030 RCX: 00007fa8a9a8a109 [ 80.771547][ T5905] RDX: 0000000000000001 RSI: 0000000020000180 RDI: 0000000000000004 [ 80.779615][ T5905] RBP: 00007fa8a9ae405d R08: 0000000000000000 R09: 0000000000000000 [ 80.787749][ T5905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.796053][ T5905] R13: 00007ffe3f1cf11f R14: 00007fa8a91de300 R15: 0000000000022000 [ 80.804317][ T5905] Kernel Offset: disabled [ 80.808636][ T5905] Rebooting in 86400 seconds..