Warning: Permanently added '10.128.0.217' (ED25519) to the list of known hosts. 2025/01/13 05:22:39 ignoring optional flag "sandboxArg"="0" 2025/01/13 05:22:39 parsed 1 programs [ 75.053396][ T5832] cgroup: Unknown subsys name 'net' [ 75.182268][ T5832] cgroup: Unknown subsys name 'cpuset' [ 75.190137][ T5832] cgroup: Unknown subsys name 'rlimit' [ 76.503512][ T5832] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 78.808729][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 78.817352][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 78.825494][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 78.834571][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 78.842756][ T5844] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 78.850160][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 78.971364][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 79.181301][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.189413][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.212634][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.221235][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.452796][ T5882] chnl_net:caif_netlink_parms(): no params data found [ 80.517685][ T5882] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.525976][ T5882] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.533937][ T5882] bridge_slave_0: entered allmulticast mode [ 80.540813][ T5882] bridge_slave_0: entered promiscuous mode [ 80.551064][ T5882] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.558221][ T5882] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.566471][ T5882] bridge_slave_1: entered allmulticast mode [ 80.574175][ T5882] bridge_slave_1: entered promiscuous mode [ 80.600213][ T5882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.616998][ T5882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.644022][ T5882] team0: Port device team_slave_0 added [ 80.651250][ T5882] team0: Port device team_slave_1 added [ 80.669579][ T5882] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.677070][ T5882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.703902][ T5882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.717382][ T5882] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.724518][ T5882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.750809][ T5882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.780680][ T5882] hsr_slave_0: entered promiscuous mode [ 80.786999][ T5882] hsr_slave_1: entered promiscuous mode [ 80.875003][ T5882] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.886333][ T5882] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.896158][ T5882] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.905848][ T5882] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.929091][ T5882] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.936278][ T5882] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.944495][ T5882] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.951975][ T5882] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.996847][ T5882] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.014548][ T2996] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.023824][ T2996] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.040169][ T5882] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.053434][ T3534] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.060575][ T3534] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.074933][ T192] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.082116][ T192] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.202819][ T5882] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 81.237574][ T5882] veth0_vlan: entered promiscuous mode [ 81.247643][ T5882] veth1_vlan: entered promiscuous mode [ 81.271635][ T5882] veth0_macvtap: entered promiscuous mode [ 81.281207][ T5882] veth1_macvtap: entered promiscuous mode [ 81.298092][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.311579][ T5882] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.323136][ T5882] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.332675][ T5882] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.343489][ T5882] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.352493][ T5882] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.473395][ T3534] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.567433][ T3534] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.624119][ T3534] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.721475][ T3534] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 2025/01/13 05:22:49 executed programs: 0 [ 83.046709][ T5147] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.056174][ T5147] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.065011][ T5147] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.074573][ T5147] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.083076][ T5147] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 83.090482][ T5147] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.198282][ T5923] chnl_net:caif_netlink_parms(): no params data found [ 83.247131][ T5923] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.255035][ T5923] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.262529][ T5923] bridge_slave_0: entered allmulticast mode [ 83.269807][ T5923] bridge_slave_0: entered promiscuous mode [ 83.277193][ T5923] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.284916][ T5923] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.294266][ T5923] bridge_slave_1: entered allmulticast mode [ 83.301003][ T5923] bridge_slave_1: entered promiscuous mode [ 83.323976][ T5923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 83.334986][ T5923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 83.359738][ T5923] team0: Port device team_slave_0 added [ 83.367657][ T5923] team0: Port device team_slave_1 added [ 83.387355][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.394547][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.421280][ T5923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.433180][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.440503][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.466717][ T5923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.497488][ T5923] hsr_slave_0: entered promiscuous mode [ 83.504017][ T5923] hsr_slave_1: entered promiscuous mode [ 83.511141][ T5923] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.519247][ T5923] Cannot create hsr debugfs directory [ 85.126908][ T3534] bridge_slave_1: left allmulticast mode [ 85.133827][ T5844] Bluetooth: hci0: command tx timeout [ 85.150590][ T3534] bridge_slave_1: left promiscuous mode [ 85.157851][ T3534] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.171246][ T3534] bridge_slave_0: left allmulticast mode [ 85.177540][ T3534] bridge_slave_0: left promiscuous mode [ 85.184493][ T3534] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.524496][ T3534] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 85.537508][ T3534] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 85.549399][ T3534] bond0 (unregistering): Released all slaves [ 85.660797][ T3534] hsr_slave_0: left promiscuous mode [ 85.666792][ T3534] hsr_slave_1: left promiscuous mode [ 85.674009][ T3534] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.683246][ T3534] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 85.692075][ T3534] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 85.704208][ T3534] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 85.725964][ T3534] veth1_macvtap: left promiscuous mode [ 85.734532][ T3534] veth0_macvtap: left promiscuous mode [ 85.742855][ T3534] veth1_vlan: left promiscuous mode [ 85.748502][ T3534] veth0_vlan: left promiscuous mode [ 86.131493][ T3534] team0 (unregistering): Port device team_slave_1 removed [ 86.161065][ T3534] team0 (unregistering): Port device team_slave_0 removed [ 86.651049][ T5923] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.673883][ T5923] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.698302][ T5923] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.713673][ T5923] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.825528][ T5923] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.847774][ T5923] 8021q: adding VLAN 0 to HW filter on device team0 [ 86.976260][ T1105] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.983437][ T1105] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.001919][ T2996] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.009123][ T2996] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.208886][ T5844] Bluetooth: hci0: command tx timeout [ 87.217213][ T8] cfg80211: failed to load regulatory.db [ 87.363651][ T5923] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.407864][ T5923] veth0_vlan: entered promiscuous mode [ 87.423368][ T5923] veth1_vlan: entered promiscuous mode [ 87.456145][ T5923] veth0_macvtap: entered promiscuous mode [ 87.467144][ T5923] veth1_macvtap: entered promiscuous mode [ 87.491399][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 87.507298][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 87.523185][ T5923] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.533901][ T5923] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.544267][ T5923] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.553433][ T5923] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.621201][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.637565][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.667382][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.678564][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.744154][ T6005] [ 87.746541][ T6005] ====================================================== [ 87.753581][ T6005] WARNING: possible circular locking dependency detected [ 87.760599][ T6005] 6.13.0-rc6-next-20250107-syzkaller #0 Not tainted [ 87.767173][ T6005] ------------------------------------------------------ [ 87.774205][ T6005] syz.0.16/6005 is trying to acquire lock: [ 87.779999][ T6005] ffff88807f2835c8 (vm_lock){++++}-{0:0}, at: binder_alloc_free_page+0x150/0xd50 [ 87.789242][ T6005] [ 87.789242][ T6005] but task is already holding lock: [ 87.796606][ T6005] ffff88802eac0830 (&l->lock){+.+.}-{3:3}, at: lock_list_lru_of_memcg+0x24c/0x4d0 [ 87.805847][ T6005] [ 87.805847][ T6005] which lock already depends on the new lock. [ 87.805847][ T6005] [ 87.816247][ T6005] [ 87.816247][ T6005] the existing dependency chain (in reverse order) is: [ 87.825257][ T6005] [ 87.825257][ T6005] -> #4 (&l->lock){+.+.}-{3:3}: [ 87.832290][ T6005] lock_acquire+0x1ed/0x550 [ 87.837311][ T6005] _raw_spin_lock+0x2e/0x40 [ 87.842330][ T6005] lock_list_lru_of_memcg+0x24c/0x4d0 [ 87.848223][ T6005] list_lru_add+0x59/0x270 [ 87.853154][ T6005] list_lru_add_obj+0x17b/0x250 [ 87.858522][ T6005] iput+0x89c/0xa50 [ 87.862843][ T6005] __dentry_kill+0x20d/0x630 [ 87.867950][ T6005] shrink_kill+0xa9/0x2c0 [ 87.872788][ T6005] shrink_dentry_list+0x2c0/0x5b0 [ 87.878325][ T6005] shrink_dcache_sb+0x25e/0x3e0 [ 87.883690][ T6005] reconfigure_super+0x2c6/0x870 [ 87.889150][ T6005] path_mount+0xc22/0xfa0 [ 87.894018][ T6005] __se_sys_mount+0x2d6/0x3c0 [ 87.899208][ T6005] do_syscall_64+0xf3/0x230 [ 87.904268][ T6005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.910676][ T6005] [ 87.910676][ T6005] -> #3 (&sb->s_type->i_lock_key#23){+.+.}-{3:3}: [ 87.919454][ T6005] lock_acquire+0x1ed/0x550 [ 87.924496][ T6005] _raw_spin_lock+0x2e/0x40 [ 87.929518][ T6005] d_instantiate_new+0x76/0x130 [ 87.934886][ T6005] ext4_add_nondir+0x21e/0x290 [ 87.940164][ T6005] ext4_create+0x377/0x550 [ 87.945095][ T6005] path_openat+0x192f/0x3580 [ 87.950200][ T6005] do_filp_open+0x27f/0x4e0 [ 87.955218][ T6005] do_sys_openat2+0x13e/0x1d0 [ 87.960409][ T6005] __x64_sys_openat+0x247/0x2a0 [ 87.965768][ T6005] do_syscall_64+0xf3/0x230 [ 87.970782][ T6005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.977195][ T6005] [ 87.977195][ T6005] -> #2 (jbd2_handle){++++}-{0:0}: [ 87.984490][ T6005] lock_acquire+0x1ed/0x550 [ 87.989534][ T6005] start_this_handle+0x1eb4/0x2110 [ 87.995160][ T6005] jbd2__journal_start+0x2da/0x5d0 [ 88.000786][ T6005] __ext4_journal_start_sb+0x239/0x600 [ 88.006760][ T6005] ext4_dirty_inode+0x92/0x110 [ 88.012039][ T6005] __mark_inode_dirty+0x2ee/0xe90 [ 88.018008][ T6005] file_update_time+0x3d2/0x450 [ 88.023374][ T6005] ext4_page_mkwrite+0x210/0x1100 [ 88.028931][ T6005] do_page_mkwrite+0x159/0x340 [ 88.034301][ T6005] __handle_mm_fault+0x22dc/0x70f0 [ 88.040024][ T6005] handle_mm_fault+0x3e2/0x8c0 [ 88.045300][ T6005] exc_page_fault+0x2b9/0x8b0 [ 88.050505][ T6005] asm_exc_page_fault+0x26/0x30 [ 88.055992][ T6005] [ 88.055992][ T6005] -> #1 (sb_pagefaults){.+.+}-{0:0}: [ 88.063483][ T6005] lock_acquire+0x1ed/0x550 [ 88.068528][ T6005] percpu_down_read+0x44/0x1b0 [ 88.073816][ T6005] ext4_page_mkwrite+0x1f9/0x1100 [ 88.079351][ T6005] do_page_mkwrite+0x159/0x340 [ 88.084627][ T6005] __handle_mm_fault+0x22dc/0x70f0 [ 88.090254][ T6005] handle_mm_fault+0x3e2/0x8c0 [ 88.095529][ T6005] exc_page_fault+0x459/0x8b0 [ 88.100816][ T6005] asm_exc_page_fault+0x26/0x30 [ 88.106203][ T6005] [ 88.106203][ T6005] -> #0 (vm_lock){++++}-{0:0}: [ 88.113164][ T6005] validate_chain+0x18ef/0x5920 [ 88.118566][ T6005] __lock_acquire+0x1397/0x2100 [ 88.123940][ T6005] lock_acquire+0x1ed/0x550 [ 88.129046][ T6005] lock_vma_under_rcu+0x35f/0x9a0 [ 88.134592][ T6005] binder_alloc_free_page+0x150/0xd50 [ 88.140477][ T6005] __list_lru_walk_one+0x170/0x470 [ 88.146100][ T6005] list_lru_walk_node+0xc4/0xa70 [ 88.151552][ T6005] binder_shrink_scan+0x138/0x260 [ 88.157371][ T6005] do_shrink_slab+0x72d/0x1160 [ 88.162751][ T6005] shrink_slab+0x1093/0x14d0 [ 88.167884][ T6005] drop_slab+0x142/0x280 [ 88.172742][ T6005] drop_caches_sysctl_handler+0xbc/0x160 [ 88.178909][ T6005] proc_sys_call_handler+0x5ec/0x920 [ 88.184721][ T6005] do_iter_readv_writev+0x71a/0x9d0 [ 88.190443][ T6005] vfs_writev+0x38b/0xbc0 [ 88.195299][ T6005] do_writev+0x1b6/0x360 [ 88.200048][ T6005] do_syscall_64+0xf3/0x230 [ 88.205064][ T6005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.211569][ T6005] [ 88.211569][ T6005] other info that might help us debug this: [ 88.211569][ T6005] [ 88.221785][ T6005] Chain exists of: [ 88.221785][ T6005] vm_lock --> &sb->s_type->i_lock_key#23 --> &l->lock [ 88.221785][ T6005] [ 88.234475][ T6005] Possible unsafe locking scenario: [ 88.234475][ T6005] [ 88.241946][ T6005] CPU0 CPU1 [ 88.247339][ T6005] ---- ---- [ 88.252699][ T6005] lock(&l->lock); [ 88.256519][ T6005] lock(&sb->s_type->i_lock_key#23); [ 88.264431][ T6005] lock(&l->lock); [ 88.270752][ T6005] rlock(vm_lock); [ 88.274552][ T6005] [ 88.274552][ T6005] *** DEADLOCK *** [ 88.274552][ T6005] [ 88.282686][ T6005] 3 locks held by syz.0.16/6005: [ 88.287609][ T6005] #0: ffff888033bec420 (sb_writers#3){.+.+}-{0:0}, at: vfs_writev+0x2d6/0xbc0 [ 88.296594][ T6005] #1: ffff88802eac0830 (&l->lock){+.+.}-{3:3}, at: lock_list_lru_of_memcg+0x24c/0x4d0 [ 88.306458][ T6005] #2: ffffffff8e937ee0 (rcu_read_lock){....}-{1:3}, at: lock_vma_under_rcu+0x1dd/0x9a0 [ 88.316659][ T6005] [ 88.316659][ T6005] stack backtrace: [ 88.322906][ T6005] CPU: 0 UID: 0 PID: 6005 Comm: syz.0.16 Not tainted 6.13.0-rc6-next-20250107-syzkaller #0 [ 88.322921][ T6005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 88.322932][ T6005] Call Trace: [ 88.322937][ T6005] [ 88.322943][ T6005] dump_stack_lvl+0x241/0x360 [ 88.322959][ T6005] ? __pfx_dump_stack_lvl+0x10/0x10 [ 88.322971][ T6005] ? __pfx__printk+0x10/0x10 [ 88.322991][ T6005] print_circular_bug+0x13a/0x1b0 [ 88.323004][ T6005] check_noncircular+0x36a/0x4a0 [ 88.323022][ T6005] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 88.323037][ T6005] ? __pfx_check_noncircular+0x10/0x10 [ 88.323055][ T6005] ? lockdep_lock+0x123/0x2b0 [ 88.323071][ T6005] ? lockdep_unlock+0x16a/0x300 [ 88.323086][ T6005] validate_chain+0x18ef/0x5920 [ 88.323109][ T6005] ? __pfx_validate_chain+0x10/0x10 [ 88.323128][ T6005] ? __pfx_validate_chain+0x10/0x10 [ 88.323150][ T6005] ? __pfx_validate_chain+0x10/0x10 [ 88.323166][ T6005] ? stack_trace_save+0x118/0x1d0 [ 88.323179][ T6005] ? mark_lock+0x9a/0x360 [ 88.323196][ T6005] __lock_acquire+0x1397/0x2100 [ 88.323215][ T6005] lock_acquire+0x1ed/0x550 [ 88.323230][ T6005] ? binder_alloc_free_page+0x150/0xd50 [ 88.323249][ T6005] ? __pfx_lock_acquire+0x10/0x10 [ 88.323268][ T6005] ? mas_walk+0x1f3/0x280 [ 88.323286][ T6005] lock_vma_under_rcu+0x35f/0x9a0 [ 88.323300][ T6005] ? binder_alloc_free_page+0x150/0xd50 [ 88.323314][ T6005] ? lock_vma_under_rcu+0x1dd/0x9a0 [ 88.323328][ T6005] ? binder_alloc_free_page+0x150/0xd50 [ 88.323344][ T6005] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 88.323360][ T6005] ? __pfx_validate_chain+0x10/0x10 [ 88.323377][ T6005] ? lock_list_lru_of_memcg+0x2e/0x4d0 [ 88.323396][ T6005] binder_alloc_free_page+0x150/0xd50 [ 88.323414][ T6005] __list_lru_walk_one+0x170/0x470 [ 88.323427][ T6005] ? __pfx_binder_alloc_free_page+0x10/0x10 [ 88.323442][ T6005] ? __pfx_binder_alloc_free_page+0x10/0x10 [ 88.323457][ T6005] list_lru_walk_node+0xc4/0xa70 [ 88.323470][ T6005] ? mark_lock+0x9a/0x360 [ 88.323486][ T6005] ? __pfx_binder_alloc_free_page+0x10/0x10 [ 88.323502][ T6005] ? __pfx_list_lru_walk_node+0x10/0x10 [ 88.323522][ T6005] binder_shrink_scan+0x138/0x260 [ 88.323538][ T6005] ? __pfx_binder_shrink_scan+0x10/0x10 [ 88.323555][ T6005] do_shrink_slab+0x72d/0x1160 [ 88.323573][ T6005] ? shrink_slab+0x12b/0x14d0 [ 88.323586][ T6005] shrink_slab+0x1093/0x14d0 [ 88.323601][ T6005] ? shrink_slab+0x12b/0x14d0 [ 88.323613][ T6005] ? __pfx_lock_release+0x10/0x10 [ 88.323628][ T6005] ? __pfx_shrink_slab+0x10/0x10 [ 88.323645][ T6005] ? mem_cgroup_iter+0x3d/0x420 [ 88.323659][ T6005] drop_slab+0x142/0x280 [ 88.323674][ T6005] drop_caches_sysctl_handler+0xbc/0x160 [ 88.323692][ T6005] ? __pfx_drop_caches_sysctl_handler+0x10/0x10 [ 88.323709][ T6005] proc_sys_call_handler+0x5ec/0x920 [ 88.323725][ T6005] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 88.323742][ T6005] do_iter_readv_writev+0x71a/0x9d0 [ 88.323760][ T6005] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 88.323775][ T6005] ? rcu_read_lock_any_held+0xb7/0x160 [ 88.323792][ T6005] vfs_writev+0x38b/0xbc0 [ 88.323805][ T6005] ? tomoyo_path_number_perm+0x206/0x860 [ 88.323821][ T6005] ? __pfx_vfs_writev+0x10/0x10 [ 88.323843][ T6005] do_writev+0x1b6/0x360 [ 88.323856][ T6005] ? __pfx_do_writev+0x10/0x10 [ 88.323868][ T6005] ? do_syscall_64+0x100/0x230 [ 88.323882][ T6005] ? do_syscall_64+0xb6/0x230 [ 88.323895][ T6005] do_syscall_64+0xf3/0x230 [ 88.323908][ T6005] ? clear_bhb_loop+0x35/0x90 [ 88.323926][ T6005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.323945][ T6005] RIP: 0033:0x7fc4e3d85d29 [ 88.323963][ T6005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.323973][ T6005] RSP: 002b:00007fffafb25958 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 88.323987][ T6005] RAX: ffffffffffffffda RBX: 00007fc4e3f75fa0 RCX: 00007fc4e3d85d29 [ 88.323996][ T6005] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000003 [ 88.324004][ T6005] RBP: 00007fc4e3e01b08 R08: 0000000000000000 R09: 0000000000000000 [ 88.324012][ T6005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 88.324019][ T6005] R13: 00007fc4e3f75fa0 R14: 00007fc4e3f75fa0 R15: 00000000000019d2 [ 88.324032][ T6005] [ 89.317166][ T5844] Bluetooth: hci0: command tx timeout [ 89.338025][ T6005] syz.0.16 (6005): drop_caches: 2