Warning: Permanently added '10.128.1.147' (ED25519) to the list of known hosts.
2023/09/22 03:32:44 ignoring optional flag "sandboxArg"="0"
2023/09/22 03:32:44 parsed 1 programs
2023/09/22 03:32:44 executed programs: 0
[   43.772873][ T1922] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   43.793422][   T45] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   43.800991][   T45] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   43.808284][   T45] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   43.815818][   T45] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   43.823255][   T45] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   43.830599][   T45] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   43.903604][ T1928] chnl_net:caif_netlink_parms(): no params data found
[   44.490982][ T1928] 8021q: adding VLAN 0 to HW filter on device bond0
[   44.884191][ T1928] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.584599][ T2330] 
[   45.586965][ T2330] ======================================================
[   45.593969][ T2330] WARNING: possible circular locking dependency detected
[   45.601236][ T2330] 6.6.0-rc1-syzkaller #0 Not tainted
[   45.606482][ T2330] ------------------------------------------------------
[   45.613724][ T2330] syz-executor.0/2330 is trying to acquire lock:
[   45.620112][ T2330] ffff8881083410b8 (&hdev->req_lock){+.+.}-{3:3}, at: hci_dev_do_close+0x1c/0x60
[   45.629296][ T2330] 
[   45.629296][ T2330] but task is already holding lock:
[   45.636829][ T2330] ffffffff8377cc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x92/0x1f0
[   45.647144][ T2330] 
[   45.647144][ T2330] which lock already depends on the new lock.
[   45.647144][ T2330] 
[   45.658393][ T2330] 
[   45.658393][ T2330] the existing dependency chain (in reverse order) is:
[   45.667813][ T2330] 
[   45.667813][ T2330] -> #3 (rfkill_global_mutex){+.+.}-{3:3}:
[   45.676073][ T2330]        __mutex_lock+0xab/0xa10
[   45.681080][ T2330]        rfkill_register+0x26/0x320
[   45.686377][ T2330]        hci_register_dev+0x17f/0x3f0
[   45.691732][ T2330]        __vhci_create_device+0x10d/0x270
[   45.697599][ T2330]        vhci_write+0x112/0x1b0
[   45.702606][ T2330]        vfs_write+0x25c/0x510
[   45.707448][ T2330]        ksys_write+0x70/0xf0
[   45.712470][ T2330]        do_syscall_64+0x38/0xb0
[   45.717635][ T2330]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.724100][ T2330] 
[   45.724100][ T2330] -> #2 (&data->open_mutex){+.+.}-{3:3}:
[   45.732579][ T2330]        __mutex_lock+0xab/0xa10
[   45.738360][ T2330]        vhci_send_frame+0x36/0x70
[   45.743446][ T2330]        hci_send_frame+0x6e/0x120
[   45.748531][ T2330]        hci_tx_work+0x6eb/0x8d0
[   45.753532][ T2330]        process_one_work+0x208/0x4c0
[   45.758960][ T2330]        worker_thread+0x1c3/0x380
[   45.764155][ T2330]        kthread+0xde/0x110
[   45.768803][ T2330]        ret_from_fork+0x2c/0x40
[   45.773706][ T2330]        ret_from_fork_asm+0x11/0x20
[   45.779130][ T2330] 
[   45.779130][ T2330] -> #1 ((work_completion)(&hdev->tx_work)){+.+.}-{0:0}:
[   45.788382][ T2330]        __flush_work+0x8c/0x4e0
[   45.793382][ T2330]        hci_dev_close_sync+0xc4/0x5a0
[   45.798801][ T2330]        hci_dev_do_close+0x24/0x60
[   45.804140][ T2330]        hci_unregister_dev+0xb8/0x1d0
[   45.809562][ T2330]        vhci_release+0x3a/0x70
[   45.814392][ T2330]        __fput+0xe8/0x280
[   45.818862][ T2330]        task_work_run+0x55/0x80
[   45.823939][ T2330]        do_exit+0x371/0xbb0
[   45.829631][ T2330]        do_group_exit+0x32/0xa0
[   45.834532][ T2330]        get_signal+0xde7/0xe00
[   45.839485][ T2330]        arch_do_signal_or_restart+0x39/0x290
[   45.845700][ T2330]        exit_to_user_mode_prepare+0x110/0x1b0
[   45.851914][ T2330]        syscall_exit_to_user_mode+0x1d/0x60
[   45.858121][ T2330]        do_syscall_64+0x44/0xb0
[   45.863120][ T2330]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.870119][ T2330] 
[   45.870119][ T2330] -> #0 (&hdev->req_lock){+.+.}-{3:3}:
[   45.878425][ T2330]        __lock_acquire+0x12e6/0x1d00
[   45.883774][ T2330]        lock_acquire+0xcd/0x2d0
[   45.888778][ T2330]        __mutex_lock+0xab/0xa10
[   45.893784][ T2330]        hci_dev_do_close+0x1c/0x60
[   45.898946][ T2330]        hci_rfkill_set_block+0x53/0x80
[   45.904461][ T2330]        rfkill_set_block+0x86/0x150
[   45.909716][ T2330]        rfkill_fop_write+0x154/0x1f0
[   45.915147][ T2330]        vfs_write+0xe6/0x510
[   45.919790][ T2330]        ksys_write+0xbb/0xf0
[   45.924589][ T2330]        do_syscall_64+0x38/0xb0
[   45.929492][ T2330]        entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   45.935880][ T2330] 
[   45.935880][ T2330] other info that might help us debug this:
[   45.935880][ T2330] 
[   45.946601][ T2330] Chain exists of:
[   45.946601][ T2330]   &hdev->req_lock --> &data->open_mutex --> rfkill_global_mutex
[   45.946601][ T2330] 
[   45.960133][ T2330]  Possible unsafe locking scenario:
[   45.960133][ T2330] 
[   45.967641][ T2330]        CPU0                    CPU1
[   45.972978][ T2330]        ----                    ----
[   45.978488][ T2330]   lock(rfkill_global_mutex);
[   45.983245][ T2330]                                lock(&data->open_mutex);
[   45.990322][ T2330]                                lock(rfkill_global_mutex);
[   45.997674][ T2330]   lock(&hdev->req_lock);
[   46.002057][ T2330] 
[   46.002057][ T2330]  *** DEADLOCK ***
[   46.002057][ T2330] 
[   46.010181][ T2330] 1 lock held by syz-executor.0/2330:
[   46.015959][ T2330]  #0: ffffffff8377cc68 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x92/0x1f0
[   46.025903][ T2330] 
[   46.025903][ T2330] stack backtrace:
[   46.031759][ T2330] CPU: 0 PID: 2330 Comm: syz-executor.0 Not tainted 6.6.0-rc1-syzkaller #0
[   46.040327][ T2330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
[   46.050368][ T2330] Call Trace:
[   46.053711][ T2330]  <TASK>
[   46.056632][ T2330]  dump_stack_lvl+0x5c/0xb0
[   46.061106][ T2330]  check_noncircular+0x116/0x130
[   46.066645][ T2330]  __lock_acquire+0x12e6/0x1d00
[   46.071470][ T2330]  lock_acquire+0xcd/0x2d0
[   46.075958][ T2330]  ? hci_dev_do_close+0x1c/0x60
[   46.080783][ T2330]  ? __lock_acquire+0x1041/0x1d00
[   46.085868][ T2330]  __mutex_lock+0xab/0xa10
[   46.090255][ T2330]  ? hci_dev_do_close+0x1c/0x60
[   46.095069][ T2330]  ? hci_dev_do_close+0x1c/0x60
[   46.100424][ T2330]  ? hci_dev_do_close+0x1c/0x60
[   46.105237][ T2330]  hci_dev_do_close+0x1c/0x60
[   46.109996][ T2330]  hci_rfkill_set_block+0x53/0x80
[   46.114996][ T2330]  rfkill_set_block+0x86/0x150
[   46.119724][ T2330]  rfkill_fop_write+0x154/0x1f0
[   46.124546][ T2330]  vfs_write+0xe6/0x510
[   46.128793][ T2330]  ? __fget_files+0xc0/0x170
[   46.133449][ T2330]  ksys_write+0xbb/0xf0
[   46.137577][ T2330]  do_syscall_64+0x38/0xb0
[   46.142053][ T2330]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[   46.147913][ T2330] RIP: 0033:0x7f4d0a27cae9
[   46.152306][ T2330] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   46.171886][ T2330] RSP: 002b:00007f4d0b0be0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   46.180612][ T2330] RAX: ffffffffffffffda RBX: 00007f4d0a39bf80 RCX: 00007f4d0a27cae9
[   46.188740][ T2330] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000003
[   46.196692][ T2330] RBP: 00007f4d0a2c847a R08: 0000000000000000 R09: 0000000000000000
[   46.204718][ T2330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   46.212757][ T2330] R13: 0000000000000006 R14: 00007f4d0a39bf80 R15: 00007ffd264e8138
[   46.220738][ T2330]  </TASK>
[   46.223937][   T45] Bluetooth: hci0: command 0x0409 tx timeout
2023/09/22 03:32:49 executed programs: 720
2023/09/22 03:32:54 executed programs: 2221