Warning: Permanently added '10.128.0.12' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 489.160369][ T8220] Bluetooth: hci0: command 0x0409 tx timeout [ 491.239418][ T8220] Bluetooth: hci0: command 0x041b tx timeout [ 493.319182][ T8477] Bluetooth: hci0: command 0x040f tx timeout [ 495.398947][ T8477] Bluetooth: hci0: command 0x0419 tx timeout [ 497.478629][ T8477] Bluetooth: hci0: command 0x0405 tx timeout [ 610.666762][ T8477] Bluetooth: hci0: command 0x0406 tx timeout [ 721.218687][ T1655] INFO: task krfcommd:4780 blocked for more than 143 seconds. [ 721.226269][ T1655] Not tainted 5.14.0-rc7-syzkaller #0 [ 721.233440][ T1655] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 721.242516][ T1655] task:krfcommd state:D stack:29248 pid: 4780 ppid: 2 flags:0x00004000 [ 721.251877][ T1655] Call Trace: [ 721.255179][ T1655] __schedule+0x93a/0x26f0 [ 721.260145][ T1655] ? io_schedule_timeout+0x140/0x140 [ 721.265469][ T1655] schedule+0xd3/0x270 [ 721.269960][ T1655] schedule_preempt_disabled+0xf/0x20 [ 721.275359][ T1655] __mutex_lock+0x7b6/0x10a0 [ 721.280375][ T1655] ? rfcomm_run+0x2ed/0x4a20 [ 721.285071][ T1655] ? mutex_lock_io_nested+0xf00/0xf00 [ 721.290956][ T1655] ? __mutex_unlock_slowpath+0xe2/0x610 [ 721.296537][ T1655] rfcomm_run+0x2ed/0x4a20 [ 721.301501][ T1655] ? find_held_lock+0x2d/0x110 [ 721.306354][ T1655] ? rfcomm_check_accept+0x240/0x240 [ 721.312228][ T1655] ? lock_downgrade+0x6e0/0x6e0 [ 721.317103][ T1655] ? __init_waitqueue_head+0xd0/0xd0 [ 721.322837][ T1655] ? _raw_spin_unlock_irqrestore+0x50/0x70 [ 721.328759][ T1655] ? lockdep_hardirqs_on+0x79/0x100 [ 721.334043][ T1655] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 721.340767][ T1655] ? __kthread_parkme+0x15f/0x220 [ 721.345934][ T1655] ? rfcomm_check_accept+0x240/0x240 [ 721.352052][ T1655] kthread+0x3e5/0x4d0 [ 721.356143][ T1655] ? set_kthread_struct+0x130/0x130 [ 721.361836][ T1655] ret_from_fork+0x1f/0x30 [ 721.366356][ T1655] INFO: task syz-executor602:8475 blocked for more than 143 seconds. [ 721.374799][ T1655] Not tainted 5.14.0-rc7-syzkaller #0 [ 721.380795][ T1655] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 721.389554][ T1655] task:syz-executor602 state:D stack:27528 pid: 8475 ppid: 8443 flags:0x00004006 [ 721.398881][ T1655] Call Trace: [ 721.402186][ T1655] __schedule+0x93a/0x26f0 [ 721.406601][ T1655] ? io_schedule_timeout+0x140/0x140 [ 721.411978][ T1655] ? mark_held_locks+0x9f/0xe0 [ 721.417199][ T1655] schedule+0xd3/0x270 [ 721.421393][ T1655] __lock_sock+0x13d/0x260 [ 721.425892][ T1655] ? sock_omalloc+0x180/0x180 [ 721.430773][ T1655] ? finish_wait+0x270/0x270 [ 721.435385][ T1655] ? rwlock_bug.part.0+0x90/0x90 [ 721.440446][ T1655] lock_sock_nested+0xf6/0x120 [ 721.445229][ T1655] rfcomm_sk_state_change+0xb4/0x390 [ 721.450598][ T1655] __rfcomm_dlc_close+0x1b6/0x8a0 [ 721.455639][ T1655] rfcomm_dlc_close+0x1ea/0x240 [ 721.460722][ T1655] __rfcomm_sock_close+0xac/0x260 [ 721.465782][ T1655] rfcomm_sock_shutdown+0xe9/0x210 [ 721.471012][ T1655] rfcomm_sock_release+0x5f/0x140 [ 721.476065][ T1655] __sock_release+0xcd/0x280 [ 721.481049][ T1655] sock_close+0x18/0x20 [ 721.485220][ T1655] __fput+0x288/0x920 [ 721.489334][ T1655] ? __sock_release+0x280/0x280 [ 721.494199][ T1655] task_work_run+0xdd/0x1a0 [ 721.498815][ T1655] do_exit+0xbd4/0x2a60 [ 721.503053][ T1655] ? mm_update_next_owner+0x7a0/0x7a0 [ 721.508411][ T1655] ? lock_downgrade+0x6e0/0x6e0 [ 721.513351][ T1655] do_group_exit+0x125/0x310 [ 721.517954][ T1655] get_signal+0x47f/0x2160 [ 721.522528][ T1655] ? lock_downgrade+0x6e0/0x6e0 [ 721.527396][ T1655] arch_do_signal_or_restart+0x2a9/0x1c40 [ 721.533245][ T1655] ? rfcomm_sock_connect+0x15f/0x460 [ 721.538670][ T1655] ? rfcomm_sock_getname+0x300/0x300 [ 721.543965][ T1655] ? __sys_connect_file+0x4e/0x1a0 [ 721.549921][ T1655] ? get_sigframe_size+0x10/0x10 [ 721.554860][ T1655] ? __sys_connect_file+0x1a0/0x1a0 [ 721.560971][ T1655] exit_to_user_mode_prepare+0x17d/0x290 [ 721.566662][ T1655] syscall_exit_to_user_mode+0x19/0x60 [ 721.572947][ T1655] do_syscall_64+0x42/0xb0 [ 721.577362][ T1655] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 721.584059][ T1655] RIP: 0033:0x445fe9 [ 721.587947][ T1655] RSP: 002b:00007ffd8edc9a18 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 721.597428][ T1655] RAX: fffffffffffffffc RBX: 0000000000000003 RCX: 0000000000445fe9 [ 721.606459][ T1655] RDX: 0000000000000080 RSI: 0000000020000000 RDI: 0000000000000004 [ 721.615000][ T1655] RBP: 0000000000000003 R08: 000000ff00000001 R09: 000000ff00000001 [ 721.623559][ T1655] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000005312b8 [ 721.632190][ T1655] R13: 0000000000000072 R14: 00007ffd8edc9a70 R15: 0000000000000003 [ 721.640752][ T1655] [ 721.640752][ T1655] Showing all locks held in the system: [ 721.649393][ T1655] 1 lock held by khungtaskd/1655: [ 721.654434][ T1655] #0: ffffffff8b97c280 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 [ 721.665204][ T1655] 1 lock held by krfcommd/4780: [ 721.670165][ T1655] #0: ffffffff8d306528 (rfcomm_mutex){+.+.}-{3:3}, at: rfcomm_run+0x2ed/0x4a20 [ 721.679344][ T1655] 1 lock held by systemd-journal/4870: [ 721.684802][ T1655] #0: ffff8880b9d51a58 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x233/0x26f0 [ 721.694031][ T1655] 1 lock held by in:imklog/8149: [ 721.699116][ T1655] 4 locks held by syz-executor602/8475: [ 721.704660][ T1655] #0: ffff888036cda190 (&sb->s_type->i_mutex_key#13){+.+.}-{3:3}, at: __sock_release+0x86/0x280 [ 721.715267][ T1655] #1: ffff88801f875120 (sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM){+.+.}-{0:0}, at: rfcomm_sock_shutdown+0x54/0x210 [ 721.727138][ T1655] #2: ffffffff8d306528 (rfcomm_mutex){+.+.}-{3:3}, at: rfcomm_dlc_close+0x34/0x240 [ 721.736661][ T1655] #3: ffff88801ccfbd28 (&d->lock){+.+.}-{3:3}, at: __rfcomm_dlc_close+0x162/0x8a0 [ 721.746131][ T1655] [ 721.748538][ T1655] ============================================= [ 721.748538][ T1655] [ 721.756944][ T1655] NMI backtrace for cpu 0 [ 721.761320][ T1655] CPU: 0 PID: 1655 Comm: khungtaskd Not tainted 5.14.0-rc7-syzkaller #0 [ 721.769654][ T1655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 721.779709][ T1655] Call Trace: [ 721.782972][ T1655] dump_stack_lvl+0xcd/0x134 [ 721.787616][ T1655] nmi_cpu_backtrace.cold+0x44/0xd7 [ 721.792803][ T1655] ? lapic_can_unplug_cpu+0x80/0x80 [ 721.798028][ T1655] nmi_trigger_cpumask_backtrace+0x1b3/0x230 [ 721.804025][ T1655] watchdog+0xd0a/0xfc0 [ 721.808167][ T1655] ? reset_hung_task_detector+0x30/0x30 [ 721.813696][ T1655] kthread+0x3e5/0x4d0 [ 721.817753][ T1655] ? set_kthread_struct+0x130/0x130 [ 721.822936][ T1655] ret_from_fork+0x1f/0x30 [ 721.827457][ T1655] Sending NMI from CPU 0 to CPUs 1: [ 721.832756][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_idle_do_entry+0x1c6/0x250 [ 721.833696][ T1655] Kernel panic - not syncing: hung_task: blocked tasks [ 721.848277][ T1655] CPU: 0 PID: 1655 Comm: khungtaskd Not tainted 5.14.0-rc7-syzkaller #0 [ 721.856599][ T1655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 721.866631][ T1655] Call Trace: [ 721.869911][ T1655] dump_stack_lvl+0xcd/0x134 [ 721.874491][ T1655] panic+0x306/0x73d [ 721.878401][ T1655] ? __warn_printk+0xf3/0xf3 [ 721.882993][ T1655] ? lockdep_hardirqs_on+0x79/0x100 [ 721.888174][ T1655] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 721.894399][ T1655] ? cpumask_next+0xa4/0xf0 [ 721.898902][ T1655] ? _raw_spin_unlock_irqrestore+0x3d/0x70 [ 721.904693][ T1655] ? __sanitizer_cov_trace_cmp4+0x1c/0x70 [ 721.910392][ T1655] ? printk_safe_flush+0xea/0x160 [ 721.915453][ T1655] ? watchdog.cold+0x5/0x158 [ 721.920044][ T1655] watchdog.cold+0x16/0x158 [ 721.924536][ T1655] ? reset_hung_task_detector+0x30/0x30 [ 721.930087][ T1655] kthread+0x3e5/0x4d0 [ 721.934142][ T1655] ? set_kthread_struct+0x130/0x130 [ 721.939355][ T1655] ret_from_fork+0x1f/0x30 [ 721.943941][ T1655] Kernel Offset: disabled [ 721.948266][ T1655] Rebooting in 86400 seconds..