Warning: Permanently added '10.128.0.210' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 28.514954][ T17] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 28.874827][ T17] usb 1-1: config 0 descriptor has 1 excess byte, ignoring [ 28.882250][ T17] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 255, changing to 11 [ 28.893372][ T17] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid maxpacket 1792, setting to 1024 [ 28.904399][ T17] usb 1-1: New USB device found, idVendor=15c2, idProduct=003f, bcdDevice=c2.39 [ 28.913419][ T17] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 28.922271][ T17] usb 1-1: config 0 descriptor?? [ 28.967556][ T17] input: iMON Panel, Knob and Mouse(15c2:003f) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5 [ 29.204920][ T17] Registered IR keymap rc-imon-pad [ 29.425186][ T17] rc rc0: iMON Remote (15c2:003f) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 29.435710][ T17] input: iMON Remote (15c2:003f) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input6 [ 29.449790][ T17] imon 1-1:0.0: iMON device (15c2:003f, intf0) on usb<1:2> initialized [ 29.474851][ C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored [ 29.494833][ C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored [ 29.514796][ C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored [ 29.544867][ C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored [ 29.564881][ C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored [ 29.584806][ C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored [ 29.604884][ C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71): ignored [ 29.612716][ T1719] [ 29.615010][ T1719] ====================================================== [ 29.621986][ T1719] WARNING: possible circular locking dependency detected [ 29.628964][ T1719] 5.3.0-rc5+ #28 Not tainted [ 29.633510][ T1719] ------------------------------------------------------ [ 29.640488][ T1719] syz-executor223/1719 is trying to acquire lock: [ 29.646860][ T1719] 0000000040649294 (driver_lock#2){+.+.}, at: display_open+0x1f/0x1d0 [ 29.654980][ T1719] [ 29.654980][ T1719] but task is already holding lock: [ 29.662420][ T1719] 0000000003a1f673 (minor_rwsem){++++}, at: usb_open+0x23/0x270 [ 29.670103][ T1719] [ 29.670103][ T1719] which lock already depends on the new lock. [ 29.670103][ T1719] [ 29.680465][ T1719] [ 29.680465][ T1719] the existing dependency chain (in reverse order) is: [ 29.689439][ T1719] [ 29.689439][ T1719] -> #2 (minor_rwsem){++++}: [ 29.696162][ T1719] down_write+0x92/0x150 [ 29.700885][ T1719] usb_register_dev+0x131/0x670 [ 29.706216][ T1719] imon_probe+0x244d/0x2af0 [ 29.711199][ T1719] usb_probe_interface+0x305/0x7a0 [ 29.716793][ T1719] really_probe+0x281/0x6d0 [ 29.721838][ T1719] driver_probe_device+0x101/0x1b0 [ 29.727448][ T1719] __device_attach_driver+0x1c2/0x220 [ 29.733305][ T1719] bus_for_each_drv+0x162/0x1e0 [ 29.738638][ T1719] __device_attach+0x217/0x360 [ 29.743882][ T1719] bus_probe_device+0x1e4/0x290 [ 29.749216][ T1719] device_add+0xae6/0x16f0 [ 29.754114][ T1719] usb_set_configuration+0xdf6/0x1670 [ 29.760091][ T1719] generic_probe+0x9d/0xd5 [ 29.764993][ T1719] usb_probe_device+0x99/0x100 [ 29.770237][ T1719] really_probe+0x281/0x6d0 [ 29.775222][ T1719] driver_probe_device+0x101/0x1b0 [ 29.780814][ T1719] __device_attach_driver+0x1c2/0x220 [ 29.786667][ T1719] bus_for_each_drv+0x162/0x1e0 [ 29.792000][ T1719] __device_attach+0x217/0x360 [ 29.797251][ T1719] bus_probe_device+0x1e4/0x290 [ 29.802584][ T1719] device_add+0xae6/0x16f0 [ 29.807484][ T1719] usb_new_device.cold+0x6a4/0xe79 [ 29.813076][ T1719] hub_event+0x1b5c/0x3640 [ 29.817976][ T1719] process_one_work+0x92b/0x1530 [ 29.823442][ T1719] worker_thread+0x96/0xe20 [ 29.828432][ T1719] kthread+0x318/0x420 [ 29.832982][ T1719] ret_from_fork+0x24/0x30 [ 29.837877][ T1719] [ 29.837877][ T1719] -> #1 (&ictx->lock){+.+.}: [ 29.844600][ T1719] __mutex_lock+0x158/0x1360 [ 29.849669][ T1719] imon_probe+0xf0c/0x2af0 [ 29.854565][ T1719] usb_probe_interface+0x305/0x7a0 [ 29.860157][ T1719] really_probe+0x281/0x6d0 [ 29.865142][ T1719] driver_probe_device+0x101/0x1b0 [ 29.870732][ T1719] __device_attach_driver+0x1c2/0x220 [ 29.876582][ T1719] bus_for_each_drv+0x162/0x1e0 [ 29.881912][ T1719] __device_attach+0x217/0x360 [ 29.887156][ T1719] bus_probe_device+0x1e4/0x290 [ 29.892484][ T1719] device_add+0xae6/0x16f0 [ 29.897382][ T1719] usb_set_configuration+0xdf6/0x1670 [ 29.903325][ T1719] generic_probe+0x9d/0xd5 [ 29.908221][ T1719] usb_probe_device+0x99/0x100 [ 29.913464][ T1719] really_probe+0x281/0x6d0 [ 29.918473][ T1719] driver_probe_device+0x101/0x1b0 [ 29.924098][ T1719] __device_attach_driver+0x1c2/0x220 [ 29.929953][ T1719] bus_for_each_drv+0x162/0x1e0 [ 29.935285][ T1719] __device_attach+0x217/0x360 [ 29.940535][ T1719] bus_probe_device+0x1e4/0x290 [ 29.945863][ T1719] device_add+0xae6/0x16f0 [ 29.950759][ T1719] usb_new_device.cold+0x6a4/0xe79 [ 29.956477][ T1719] hub_event+0x1b5c/0x3640 [ 29.961381][ T1719] process_one_work+0x92b/0x1530 [ 29.966804][ T1719] worker_thread+0x96/0xe20 [ 29.971788][ T1719] kthread+0x318/0x420 [ 29.976343][ T1719] ret_from_fork+0x24/0x30 [ 29.981235][ T1719] [ 29.981235][ T1719] -> #0 (driver_lock#2){+.+.}: [ 29.988137][ T1719] __lock_acquire+0x1f7c/0x3b50 [ 29.993466][ T1719] lock_acquire+0x127/0x320 [ 29.998451][ T1719] __mutex_lock+0x158/0x1360 [ 30.003521][ T1719] display_open+0x1f/0x1d0 [ 30.008419][ T1719] usb_open+0x1df/0x270 [ 30.013070][ T1719] chrdev_open+0x219/0x5c0 [ 30.017972][ T1719] do_dentry_open+0x494/0x1120 [ 30.023219][ T1719] path_openat+0x1430/0x3f50 [ 30.028292][ T1719] do_filp_open+0x1a1/0x280 [ 30.033276][ T1719] do_sys_open+0x3c0/0x580 [ 30.038174][ T1719] do_syscall_64+0xb7/0x580 [ 30.043161][ T1719] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 30.049534][ T1719] [ 30.049534][ T1719] other info that might help us debug this: [ 30.049534][ T1719] [ 30.059721][ T1719] Chain exists of: [ 30.059721][ T1719] driver_lock#2 --> &ictx->lock --> minor_rwsem [ 30.059721][ T1719] [ 30.071826][ T1719] Possible unsafe locking scenario: [ 30.071826][ T1719] [ 30.079235][ T1719] CPU0 CPU1 [ 30.084563][ T1719] ---- ---- [ 30.089892][ T1719] lock(minor_rwsem); [ 30.093919][ T1719] lock(&ictx->lock); [ 30.100468][ T1719] lock(minor_rwsem); [ 30.107014][ T1719] lock(driver_lock#2); [ 30.111215][ T1719] [ 30.111215][ T1719] *** DEADLOCK *** [ 30.111215][ T1719] [ 30.119320][ T1719] 1 lock held by syz-executor223/1719: [ 30.124737][ T1719] #0: 0000000003a1f673 (minor_rwsem){++++}, at: usb_open+0x23/0x270 [ 30.132780][ T1719] [ 30.132780][ T1719] stack backtrace: [ 30.138633][ T1719] CPU: 1 PID: 1719 Comm: syz-executor223 Not tainted 5.3.0-rc5+ #28 [ 30.146565][ T1719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.156597][ T1719] Call Trace: [ 30.159863][ T1719] dump_stack+0xca/0x13e [ 30.164068][ T1719] check_noncircular+0x345/0x3e0 [ 30.168965][ T1719] ? print_circular_bug+0x1b0/0x1b0 [ 30.174123][ T1719] ? graph_lock+0x80/0x180 [ 30.178502][ T1719] ? hlock_class+0x120/0x120 [ 30.183069][ T1719] ? mark_lock+0xbc/0x1130 [ 30.187445][ T1719] __lock_acquire+0x1f7c/0x3b50 [ 30.192257][ T1719] ? mark_held_locks+0xe0/0xe0 [ 30.196980][ T1719] ? hlock_class+0x120/0x120 [ 30.201530][ T1719] ? mark_lock+0xbc/0x1130 [ 30.205910][ T1719] ? find_first_zero_bit+0x94/0xb0 [ 30.210985][ T1719] lock_acquire+0x127/0x320 [ 30.215448][ T1719] ? display_open+0x1f/0x1d0 [ 30.219997][ T1719] __mutex_lock+0x158/0x1360 [ 30.224546][ T1719] ? display_open+0x1f/0x1d0 [ 30.229097][ T1719] ? display_open+0x1f/0x1d0 [ 30.233649][ T1719] ? __lock_acquire+0x145e/0x3b50 [ 30.238632][ T1719] ? mutex_trylock+0x2c0/0x2c0 [ 30.243357][ T1719] ? lock_acquire+0x127/0x320 [ 30.247995][ T1719] ? usb_open+0x23/0x270 [ 30.252196][ T1719] ? down_read+0x113/0x3f0 [ 30.256571][ T1719] ? m_show+0x4f0/0x4f0 [ 30.260685][ T1719] ? display_open+0x1f/0x1d0 [ 30.265237][ T1719] display_open+0x1f/0x1d0 [ 30.269616][ T1719] ? usb_tx_callback+0x110/0x110 [ 30.274512][ T1719] usb_open+0x1df/0x270 [ 30.278628][ T1719] ? usb_devnode+0xa0/0xa0 [ 30.283007][ T1719] chrdev_open+0x219/0x5c0 [ 30.287382][ T1719] ? cdev_put.part.0+0x50/0x50 [ 30.292112][ T1719] do_dentry_open+0x494/0x1120 [ 30.296835][ T1719] ? cdev_put.part.0+0x50/0x50 [ 30.301559][ T1719] ? chmod_common+0x3c0/0x3c0 [ 30.306196][ T1719] ? inode_permission+0xbe/0x3a0 [ 30.311092][ T1719] path_openat+0x1430/0x3f50 [ 30.315643][ T1719] ? save_stack+0x1b/0x80 [ 30.319936][ T1719] ? do_sys_open+0x294/0x580 [ 30.324488][ T1719] ? do_syscall_64+0xb7/0x580 [ 30.329123][ T1719] ? path_lookupat.isra.0+0x8d0/0x8d0 [ 30.334454][ T1719] ? __lock_acquire+0x145e/0x3b50 [ 30.339438][ T1719] do_filp_open+0x1a1/0x280 [ 30.343905][ T1719] ? may_open_dev+0xf0/0xf0 [ 30.348369][ T1719] ? __alloc_fd+0x46d/0x600 [ 30.352834][ T1719] ? _raw_spin_unlock+0x1f/0x30 [ 30.357646][ T1719] ? __alloc_fd+0x46d/0x600 [ 30.362109][ T1719] do_sys_open+0x3c0/0x580 [ 30.366488][ T1719] ? filp_open+0x70/0x70 [ 30.370690][ T1719] ? switch_fpu_return+0x1c2/0x430 [ 30.375761][ T1719] ? hrtimer_nanosleep+0x510/0x510 [ 30.380831][ T1719] ? trace_hardirqs_off_caller+0x55/0x1e0 [ 30.386512][ T1719] do_syscall_64+0xb7/0x580 [ 30.390980][ T1719] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 30.396830][ T1719] RIP: 0033:0x401300 [ 30.400686][ T1719] Code: 01 f0 ff ff 0f 83 00 0b 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d 8d 0a 2d 00 00 75 14 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 d4 0a 00 00 c3 48 83 ec 08 e8 3a 00 00 00 [ 30.420251][ T1719] RSP: 002b:00007ffe4077bf18 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 30.428622][ T1719] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000401300 [ 30.436557][ T1719] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00007ffe4077bf30 [ 30.444490][ T1719] RBP: 00000000006cb018 R08: 0000000000000000 R09: 000000000000000f [ 30.452423][ T1719] R10: 0000000000000064 R11: 0000000000000246 R12: 00