[ OK ] Started Getty on tty3. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty2. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.181' (ECDSA) to the list of known hosts. syzkaller login: [ 72.518677][ T6523] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 72.527390][ T6523] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 72.535772][ T6523] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 72.544173][ T6523] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.551949][ T6523] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 72.559523][ T6523] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 executing program [ 72.962408][ T35] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 73.202224][ T35] usb 1-1: Using ep0 maxpacket: 8 [ 73.322310][ T35] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 73.333354][ T35] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 73.344235][ T35] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 73.354646][ T35] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 166 [ 73.365200][ T35] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 73.375041][ T35] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.387085][ T35] usb 1-1: config 0 descriptor?? [ 73.413433][ T6515] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 73.637857][ T926] usb 1-1: USB disconnect, device number 2 [ 73.652150][ C1] BUG: sleeping function called from invalid context at kernel/workqueue.c:3039 [ 73.661420][ C1] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 8, name: kworker/u4:0 [ 73.670487][ C1] preempt_count: 101, expected: 0 [ 73.675610][ C1] RCU nest depth: 0, expected: 0 [ 73.680548][ C1] 5 locks held by kworker/u4:0/8: [ 73.685587][ C1] #0: ffff8880155d9938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x896/0x1690 [ 73.695879][ C1] #1: ffffc90000cd7db0 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8ca/0x1690 [ 73.705814][ C1] #2: ffffffff8d308150 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x9b/0xb00 [ 73.715239][ C1] #3: ffff88806f0ab8f0 (&ent->pde_unload_lock){+.+.}-{2:2}, at: proc_entry_rundown+0xe7/0x1d0 [ 73.725706][ C1] #4: ffffc90000dc0d70 ((&dum_hcd->timer)){+.-.}-{0:0}, at: call_timer_fn+0xd5/0x6b0 [ 73.735290][ C1] irq event stamp: 268125 [ 73.739607][ C1] hardirqs last enabled at (268124): [] _raw_spin_unlock_irq+0x1f/0x40 [ 73.749598][ C1] hardirqs last disabled at (268125): [] _raw_spin_lock_irqsave+0x4e/0x50 [ 73.759676][ C1] softirqs last enabled at (268062): [] rxrpc_release+0x1f0/0x5a0 [ 73.769152][ C1] softirqs last disabled at (268119): [] __irq_exit_rcu+0x123/0x180 [ 73.778704][ C1] Preemption disabled at: [ 73.778713][ C1] [<0000000000000000>] 0x0 [ 73.787431][ C1] CPU: 1 PID: 8 Comm: kworker/u4:0 Not tainted 5.16.0-rc4-next-20211208-syzkaller #0 [ 73.796879][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.806935][ C1] Workqueue: netns cleanup_net [ 73.811715][ C1] Call Trace: [ 73.814987][ C1] [ 73.817826][ C1] dump_stack_lvl+0xcd/0x134 [ 73.822427][ C1] __might_resched.cold+0x222/0x26b [ 73.827646][ C1] __flush_work+0x109/0xb10 [ 73.832146][ C1] ? debug_object_assert_init+0x246/0x2e0 [ 73.837876][ C1] ? queue_delayed_work_on+0x120/0x120 [ 73.843368][ C1] ? del_timer+0xc5/0x110 [ 73.847695][ C1] ? detach_if_pending+0x470/0x470 [ 73.852892][ C1] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 73.859161][ C1] ? try_to_grab_pending.part.0+0x47/0x770 [ 73.864973][ C1] __cancel_work_timer+0x3f9/0x570 [ 73.870088][ C1] ? try_to_grab_pending+0xd0/0xd0 [ 73.875215][ C1] ? btusb_intr_complete+0x1cd/0x4a0 [ 73.880524][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 73.885393][ C1] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.891651][ C1] ? usb_submit_urb+0x875/0x18a0 [ 73.896587][ C1] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 73.902844][ C1] hci_cmd_sync_cancel+0xe1/0x170 [ 73.907876][ C1] btusb_intr_complete+0x3d3/0x4a0 [ 73.913270][ C1] __usb_hcd_giveback_urb+0x2b0/0x5c0 [ 73.918658][ C1] usb_hcd_giveback_urb+0x367/0x410 [ 73.923874][ C1] dummy_timer+0x11f9/0x32b0 [ 73.928782][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 73.935289][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 73.941306][ C1] ? lock_chain_count+0x20/0x20 [ 73.946164][ C1] ? dummy_dequeue+0x500/0x500 [ 73.950939][ C1] ? dummy_dequeue+0x500/0x500 [ 73.955702][ C1] call_timer_fn+0x1a5/0x6b0 [ 73.960294][ C1] ? add_timer_on+0x4a0/0x4a0 [ 73.965152][ C1] ? _raw_spin_unlock_irq+0x1f/0x40 [ 73.970361][ C1] ? dummy_dequeue+0x500/0x500 [ 73.975135][ C1] __run_timers.part.0+0x675/0xa20 [ 73.980260][ C1] ? call_timer_fn+0x6b0/0x6b0 [ 73.985196][ C1] ? lockdep_hardirqs_on+0x79/0x100 [ 73.990490][ C1] ? asm_sysvec_reschedule_ipi+0x12/0x20 [ 73.996145][ C1] run_timer_softirq+0xb3/0x1d0 [ 74.001009][ C1] __do_softirq+0x29b/0x9c2 [ 74.005521][ C1] __irq_exit_rcu+0x123/0x180 [ 74.010209][ C1] irq_exit_rcu+0x5/0x20 [ 74.014463][ C1] sysvec_apic_timer_interrupt+0x93/0xc0 [ 74.020106][ C1] [ 74.023029][ C1] [ 74.025950][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 74.031942][ C1] RIP: 0010:lock_acquire+0x1ef/0x510 [ 74.037265][ C1] Code: 9d a5 7e 83 f8 01 0f 85 b4 02 00 00 9c 58 f6 c4 02 0f 85 9f 02 00 00 48 83 7c 24 08 00 74 01 fb 48 b8 00 00 00 00 00 fc ff df <48> 01 c3 48 c7 03 00 00 00 00 48 c7 43 08 00 00 00 00 48 8b 84 24 [ 74.056958][ C1] RSP: 0000:ffffc90000cd7928 EFLAGS: 00000206 [ 74.063025][ C1] RAX: dffffc0000000000 RBX: 1ffff9200019af27 RCX: 0000000000000001 [ 74.070994][ C1] RDX: 1ffff110021cfc44 RSI: 0000000000000001 RDI: 0000000000000000 [ 74.079048][ C1] RBP: 0000000000000001 R08: 00000000000c1948 R09: 0000000000000001 [ 74.087014][ C1] R10: fffffbfff2024ea1 R11: 1ffffffff1ee5241 R12: 0000000000000000 [ 74.094982][ C1] R13: 0000000000000000 R14: ffff88806f0ab8f0 R15: 0000000000000000 [ 74.102971][ C1] ? lock_release+0x720/0x720 [ 74.107662][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 74.113651][ C1] ? lockdep_init_map_type+0x2c3/0x7b0 [ 74.119206][ C1] ? lockdep_init_map_type+0x2c3/0x7b0 [ 74.124678][ C1] _raw_spin_lock+0x2a/0x40 [ 74.129191][ C1] ? proc_entry_rundown+0xe7/0x1d0 [ 74.134318][ C1] proc_entry_rundown+0xe7/0x1d0 [ 74.139261][ C1] ? proc_invalidate_siblings_dcache+0x610/0x610 [ 74.145704][ C1] remove_proc_subtree+0x25c/0x500 [ 74.150828][ C1] ? remove_proc_entry+0x460/0x460 [ 74.155958][ C1] ? del_timer+0x110/0x110 [ 74.160376][ C1] ? init_wait_var_entry+0x200/0x200 [ 74.165672][ C1] proc_remove+0x66/0x90 [ 74.169925][ C1] afs_proc_cleanup+0x34/0x70 [ 74.174613][ C1] afs_net_exit+0x17d/0x320 [ 74.179125][ C1] ? __bpf_trace_afs_cb_miss+0x100/0x100 [ 74.184852][ C1] ops_exit_list+0xb0/0x160 [ 74.189371][ C1] cleanup_net+0x4ea/0xb00 [ 74.193798][ C1] ? unregister_pernet_device+0x70/0x70 [ 74.199360][ C1] process_one_work+0x9b2/0x1690 [ 74.204305][ C1] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 74.209682][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 74.214627][ C1] ? _raw_spin_lock_irq+0x41/0x50 [ 74.219667][ C1] worker_thread+0x658/0x11f0 [ 74.224357][ C1] ? process_one_work+0x1690/0x1690 [ 74.229646][ C1] kthread+0x405/0x4f0 [ 74.233726][ C1] ? set_kthread_struct+0x130/0x130 [ 74.239282][ C1] ret_from_fork+0x1f/0x30 [ 74.243725][ C1] [ 74.249154][ T6523] Bluetooth: hci1: Opcode 0x c03 failed: -19