Warning: Permanently added '10.128.10.7' (ECDSA) to the list of known hosts. 2023/04/21 19:25:17 ignoring optional flag "sandboxArg"="0" 2023/04/21 19:25:17 parsed 1 programs 2023/04/21 19:25:18 executed programs: 0 [ 78.651108][ T5522] cgroup: Unknown subsys name 'net' [ 78.660458][ T5522] cgroup: Unknown subsys name 'rlimit' [ 79.809566][ T4394] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.820000][ T4394] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.828720][ T4394] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.837824][ T4394] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.846519][ T4394] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 79.854641][ T4394] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.942293][ T5529] chnl_net:caif_netlink_parms(): no params data found [ 79.985533][ T5529] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.993567][ T5529] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.001300][ T5529] bridge_slave_0: entered allmulticast mode [ 80.008305][ T5529] bridge_slave_0: entered promiscuous mode [ 80.017357][ T5529] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.025351][ T5529] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.033103][ T5529] bridge_slave_1: entered allmulticast mode [ 80.040627][ T5529] bridge_slave_1: entered promiscuous mode [ 80.061688][ T5529] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.074885][ T5529] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.100563][ T5529] team0: Port device team_slave_0 added [ 80.110186][ T5529] team0: Port device team_slave_1 added [ 80.130006][ T5529] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.137349][ T5529] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.164518][ T5529] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.177850][ T5529] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.185595][ T5529] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.213459][ T5529] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.240122][ T5529] hsr_slave_0: entered promiscuous mode [ 80.246566][ T5529] hsr_slave_1: entered promiscuous mode [ 80.311736][ T5529] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.318973][ T5529] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.326662][ T5529] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.334397][ T5529] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.374519][ T5529] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.386865][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.396839][ T896] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.405176][ T896] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.414541][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 80.428448][ T5529] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.439726][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 80.451624][ T896] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.459185][ T896] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.471260][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 80.480536][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.487921][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.507635][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.516849][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 80.530304][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 80.543297][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 80.556199][ T5529] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.568033][ T5529] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 80.576598][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 80.595071][ T5529] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.604381][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 80.612801][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 80.960646][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 80.970113][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 80.988965][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 80.997732][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 81.007869][ T5529] veth0_vlan: entered promiscuous mode [ 81.017188][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 81.026982][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 81.041200][ T5529] veth1_vlan: entered promiscuous mode [ 81.058578][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 81.067610][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 81.076539][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 81.085439][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 81.097011][ T5529] veth0_macvtap: entered promiscuous mode [ 81.107710][ T5529] veth1_macvtap: entered promiscuous mode [ 81.122544][ T5529] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.131279][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 81.140950][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 81.149527][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 81.158361][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 81.170312][ T5529] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.178998][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 81.188640][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 81.244670][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.258303][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.273889][ T5091] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 81.283510][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.291842][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.301399][ T896] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.354944][ T5550] [ 81.357418][ T5550] ===================================================== [ 81.364704][ T5550] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 81.372633][ T5550] 6.3.0-rc7-syzkaller-00180-gc337b23f32c8 #0 Not tainted [ 81.380021][ T5550] ----------------------------------------------------- [ 81.387045][ T5550] syz-executor.0/5550 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 81.395309][ T5550] ffff8880776040c0 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x139/0x4f0 [ 81.404179][ T5550] [ 81.404179][ T5550] and this task is already holding: [ 81.411806][ T5550] ffff88807cbd8028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xf6/0x960 [ 81.422714][ T5550] which would create a new lock dependency: [ 81.428615][ T5550] (&client->buffer_lock){....}-{2:2} -> (&new->fa_lock){....}-{2:2} [ 81.438570][ T5550] [ 81.438570][ T5550] but this new dependency connects a HARDIRQ-irq-safe lock: [ 81.448365][ T5550] (&dev->event_lock#2){-...}-{2:2} [ 81.448402][ T5550] [ 81.448402][ T5550] ... which became HARDIRQ-irq-safe at: [ 81.461579][ T5550] lock_acquire+0x1af/0x520 [ 81.466286][ T5550] _raw_spin_lock_irqsave+0x3d/0x60 [ 81.471599][ T5550] input_event+0x70/0xa0 [ 81.476118][ T5550] psmouse_report_standard_buttons+0x30/0x80 [ 81.482481][ T5550] psmouse_process_byte+0x39e/0x8b0 [ 81.487796][ T5550] psmouse_handle_byte+0x41/0x560 [ 81.492943][ T5550] psmouse_interrupt+0x308/0x12a0 [ 81.498073][ T5550] serio_interrupt+0x8c/0x150 [ 81.502846][ T5550] i8042_interrupt+0x3a9/0x820 [ 81.507889][ T5550] __handle_irq_event_percpu+0x22b/0x730 [ 81.513627][ T5550] handle_irq_event+0xab/0x1e0 [ 81.519011][ T5550] handle_edge_irq+0x263/0xd00 [ 81.523864][ T5550] __common_interrupt+0xa1/0x220 [ 81.528904][ T5550] common_interrupt+0xa8/0xd0 [ 81.533676][ T5550] asm_common_interrupt+0x26/0x40 [ 81.538908][ T5550] rcu_is_watching+0x7c/0xb0 [ 81.543603][ T5550] lock_acquire+0x46e/0x520 [ 81.548373][ T5550] fs_reclaim_acquire+0x11d/0x160 [ 81.553516][ T5550] kmem_cache_alloc+0x43/0x3b0 [ 81.558557][ T5550] getname_kernel+0x52/0x370 [ 81.563425][ T5550] kernel_execve+0x7e/0x500 [ 81.568037][ T5550] call_usermodehelper_exec_async+0x260/0x4e0 [ 81.574202][ T5550] ret_from_fork+0x1f/0x30 [ 81.578820][ T5550] [ 81.578820][ T5550] to a HARDIRQ-irq-unsafe lock: [ 81.585835][ T5550] (tasklist_lock){.+.+}-{2:2} [ 81.585866][ T5550] [ 81.585866][ T5550] ... which became HARDIRQ-irq-unsafe at: [ 81.598687][ T5550] ... [ 81.598694][ T5550] lock_acquire+0x1af/0x520 [ 81.605916][ T5550] _raw_read_lock+0x5f/0x70 [ 81.611045][ T5550] do_wait+0x283/0xc30 [ 81.615234][ T5550] kernel_wait+0xa0/0x150 [ 81.620001][ T5550] call_usermodehelper_exec_work+0xf9/0x180 [ 81.626184][ T5550] process_one_work+0x991/0x15c0 [ 81.631358][ T5550] worker_thread+0x669/0x1090 [ 81.636221][ T5550] kthread+0x2e8/0x3a0 [ 81.640676][ T5550] ret_from_fork+0x1f/0x30 [ 81.645295][ T5550] [ 81.645295][ T5550] other info that might help us debug this: [ 81.645295][ T5550] [ 81.656060][ T5550] Chain exists of: [ 81.656060][ T5550] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 81.656060][ T5550] [ 81.669916][ T5550] Possible interrupt unsafe locking scenario: [ 81.669916][ T5550] [ 81.678695][ T5550] CPU0 CPU1 [ 81.684166][ T5550] ---- ---- [ 81.689714][ T5550] lock(tasklist_lock); [ 81.693967][ T5550] local_irq_disable(); [ 81.700993][ T5550] lock(&dev->event_lock#2); [ 81.708222][ T5550] lock(&client->buffer_lock); [ 81.715745][ T5550] [ 81.719297][ T5550] lock(&dev->event_lock#2); [ 81.724169][ T5550] [ 81.724169][ T5550] *** DEADLOCK *** [ 81.724169][ T5550] [ 81.732424][ T5550] 7 locks held by syz-executor.0/5550: [ 81.737919][ T5550] #0: ffff888022e7d110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x1d7/0x760 [ 81.747428][ T5550] #1: ffff888018dd6230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0x9f/0x390 [ 81.758364][ T5550] #2: ffffffff8c7955c0 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0x8b/0x390 [ 81.768470][ T5550] #3: ffffffff8c7955c0 (rcu_read_lock){....}-{1:2}, at: input_pass_values.part.0+0x0/0x760 [ 81.778857][ T5550] #4: ffffffff8c7955c0 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x5d/0x430 [ 81.788110][ T5550] #5: ffff88807cbd8028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xf6/0x960 [ 81.799015][ T5550] #6: ffffffff8c7955c0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x45/0x4f0 [ 81.808229][ T5550] [ 81.808229][ T5550] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 81.819196][ T5550] -> (&dev->event_lock#2){-...}-{2:2} { [ 81.825121][ T5550] IN-HARDIRQ-W at: [ 81.829276][ T5550] lock_acquire+0x1af/0x520 [ 81.835612][ T5550] _raw_spin_lock_irqsave+0x3d/0x60 [ 81.842773][ T5550] input_event+0x70/0xa0 [ 81.848943][ T5550] psmouse_report_standard_buttons+0x30/0x80 [ 81.856761][ T5550] psmouse_process_byte+0x39e/0x8b0 [ 81.864166][ T5550] psmouse_handle_byte+0x41/0x560 [ 81.871111][ T5550] psmouse_interrupt+0x308/0x12a0 [ 81.877994][ T5550] serio_interrupt+0x8c/0x150 [ 81.884791][ T5550] i8042_interrupt+0x3a9/0x820 [ 81.891688][ T5550] __handle_irq_event_percpu+0x22b/0x730 [ 81.899952][ T5550] handle_irq_event+0xab/0x1e0 [ 81.906659][ T5550] handle_edge_irq+0x263/0xd00 [ 81.913340][ T5550] __common_interrupt+0xa1/0x220 [ 81.920396][ T5550] common_interrupt+0xa8/0xd0 [ 81.927265][ T5550] asm_common_interrupt+0x26/0x40 [ 81.934237][ T5550] rcu_is_watching+0x7c/0xb0 [ 81.940884][ T5550] lock_acquire+0x46e/0x520 [ 81.947222][ T5550] fs_reclaim_acquire+0x11d/0x160 [ 81.956435][ T5550] kmem_cache_alloc+0x43/0x3b0 [ 81.963298][ T5550] getname_kernel+0x52/0x370 [ 81.969825][ T5550] kernel_execve+0x7e/0x500 [ 81.976336][ T5550] call_usermodehelper_exec_async+0x260/0x4e0 [ 81.984338][ T5550] ret_from_fork+0x1f/0x30 [ 81.990786][ T5550] INITIAL USE at: [ 81.994940][ T5550] lock_acquire+0x1af/0x520 [ 82.001210][ T5550] _raw_spin_lock_irqsave+0x3d/0x60 [ 82.008777][ T5550] input_inject_event+0x9f/0x390 [ 82.015557][ T5550] led_set_brightness_nosleep+0xea/0x1a0 [ 82.023220][ T5550] led_set_brightness+0x138/0x180 [ 82.030631][ T5550] led_trigger_event+0xb4/0x240 [ 82.037759][ T5550] kbd_led_trigger_activate+0xcd/0x110 [ 82.045219][ T5550] led_trigger_set+0x5d6/0xbb0 [ 82.051905][ T5550] led_trigger_set_default+0x1aa/0x230 [ 82.059390][ T5550] led_classdev_register_ext+0x5dd/0x840 [ 82.066961][ T5550] input_leds_connect+0x4b0/0x8f0 [ 82.074003][ T5550] input_attach_handler+0x184/0x260 [ 82.081827][ T5550] input_register_device+0xafd/0x10f0 [ 82.089037][ T5550] atkbd_connect+0x5ca/0xa20 [ 82.095636][ T5550] serio_driver_probe+0x76/0xa0 [ 82.102313][ T5550] really_probe+0x240/0xca0 [ 82.108569][ T5550] __driver_probe_device+0x1df/0x4d0 [ 82.115610][ T5550] driver_probe_device+0x4c/0x1a0 [ 82.122387][ T5550] __driver_attach+0x271/0x570 [ 82.128918][ T5550] bus_for_each_dev+0x12a/0x1c0 [ 82.135714][ T5550] serio_handle_event+0x2bf/0xba0 [ 82.142481][ T5550] process_one_work+0x991/0x15c0 [ 82.149445][ T5550] worker_thread+0x669/0x1090 [ 82.155959][ T5550] kthread+0x2e8/0x3a0 [ 82.161881][ T5550] ret_from_fork+0x1f/0x30 [ 82.168235][ T5550] } [ 82.170994][ T5550] ... key at: [] __key.7+0x0/0x40 [ 82.178473][ T5550] -> (&client->buffer_lock){....}-{2:2} { [ 82.184576][ T5550] INITIAL USE at: [ 82.188470][ T5550] lock_acquire+0x1af/0x520 [ 82.194640][ T5550] _raw_spin_lock+0x2e/0x40 [ 82.200734][ T5550] evdev_pass_values.part.0+0xf6/0x960 [ 82.207852][ T5550] evdev_events+0x3b4/0x430 [ 82.214096][ T5550] input_to_handler+0x2a0/0x4c0 [ 82.220697][ T5550] input_pass_values.part.0+0x230/0x760 [ 82.228000][ T5550] input_event_dispose+0x5cf/0x730 [ 82.234782][ T5550] input_handle_event+0x120/0xe70 [ 82.241483][ T5550] input_inject_event+0x1c7/0x390 [ 82.248784][ T5550] evdev_write+0x434/0x760 [ 82.255657][ T5550] vfs_write+0x2db/0xe10 [ 82.261912][ T5550] ksys_write+0x1ec/0x250 [ 82.268122][ T5550] do_syscall_64+0x39/0xb0 [ 82.274217][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 82.281783][ T5550] } [ 82.284813][ T5550] ... key at: [] __key.3+0x0/0x40 [ 82.291965][ T5550] ... acquired at: [ 82.295855][ T5550] _raw_spin_lock+0x2e/0x40 [ 82.300554][ T5550] evdev_pass_values.part.0+0xf6/0x960 [ 82.306204][ T5550] evdev_events+0x3b4/0x430 [ 82.310986][ T5550] input_to_handler+0x2a0/0x4c0 [ 82.316118][ T5550] input_pass_values.part.0+0x230/0x760 [ 82.322124][ T5550] input_event_dispose+0x5cf/0x730 [ 82.327525][ T5550] input_handle_event+0x120/0xe70 [ 82.332757][ T5550] input_inject_event+0x1c7/0x390 [ 82.338191][ T5550] evdev_write+0x434/0x760 [ 82.343220][ T5550] vfs_write+0x2db/0xe10 [ 82.347653][ T5550] ksys_write+0x1ec/0x250 [ 82.352543][ T5550] do_syscall_64+0x39/0xb0 [ 82.357432][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 82.363613][ T5550] [ 82.365931][ T5550] [ 82.365931][ T5550] the dependencies between the lock to be acquired [ 82.365941][ T5550] and HARDIRQ-irq-unsafe lock: [ 82.379711][ T5550] -> (tasklist_lock){.+.+}-{2:2} { [ 82.385283][ T5550] HARDIRQ-ON-R at: [ 82.389524][ T5550] lock_acquire+0x1af/0x520 [ 82.396315][ T5550] _raw_read_lock+0x5f/0x70 [ 82.403003][ T5550] do_wait+0x283/0xc30 [ 82.409266][ T5550] kernel_wait+0xa0/0x150 [ 82.415606][ T5550] call_usermodehelper_exec_work+0xf9/0x180 [ 82.423940][ T5550] process_one_work+0x991/0x15c0 [ 82.431496][ T5550] worker_thread+0x669/0x1090 [ 82.438974][ T5550] kthread+0x2e8/0x3a0 [ 82.445406][ T5550] ret_from_fork+0x1f/0x30 [ 82.451837][ T5550] SOFTIRQ-ON-R at: [ 82.456078][ T5550] lock_acquire+0x1af/0x520 [ 82.462674][ T5550] _raw_read_lock+0x5f/0x70 [ 82.469629][ T5550] do_wait+0x283/0xc30 [ 82.475893][ T5550] kernel_wait+0xa0/0x150 [ 82.482402][ T5550] call_usermodehelper_exec_work+0xf9/0x180 [ 82.490476][ T5550] process_one_work+0x991/0x15c0 [ 82.497947][ T5550] worker_thread+0x669/0x1090 [ 82.505102][ T5550] kthread+0x2e8/0x3a0 [ 82.511271][ T5550] ret_from_fork+0x1f/0x30 [ 82.517844][ T5550] INITIAL USE at: [ 82.522277][ T5550] lock_acquire+0x1af/0x520 [ 82.528876][ T5550] _raw_write_lock_irq+0x36/0x50 [ 82.536004][ T5550] copy_process+0x47e5/0x7590 [ 82.543131][ T5550] kernel_clone+0xeb/0x890 [ 82.549496][ T5550] user_mode_thread+0xb1/0xf0 [ 82.556103][ T5550] rest_init+0x27/0x2b0 [ 82.562703][ T5550] arch_call_rest_init+0x13/0x30 [ 82.569660][ T5550] start_kernel+0x35a/0x4d0 [ 82.576427][ T5550] secondary_startup_64_no_verify+0xce/0xdb [ 82.584640][ T5550] INITIAL READ USE at: [ 82.589249][ T5550] lock_acquire+0x1af/0x520 [ 82.596193][ T5550] _raw_read_lock+0x5f/0x70 [ 82.604632][ T5550] do_wait+0x283/0xc30 [ 82.611275][ T5550] kernel_wait+0xa0/0x150 [ 82.618429][ T5550] call_usermodehelper_exec_work+0xf9/0x180 [ 82.627373][ T5550] process_one_work+0x991/0x15c0 [ 82.634674][ T5550] worker_thread+0x669/0x1090 [ 82.642148][ T5550] kthread+0x2e8/0x3a0 [ 82.648746][ T5550] ret_from_fork+0x1f/0x30 [ 82.655761][ T5550] } [ 82.658618][ T5550] ... key at: [] tasklist_lock+0x18/0x40 [ 82.666890][ T5550] ... acquired at: [ 82.670967][ T5550] _raw_read_lock+0x5f/0x70 [ 82.675663][ T5550] send_sigio+0xaf/0x3b0 [ 82.680188][ T5550] kill_fasync+0x1fb/0x4f0 [ 82.684889][ T5550] sock_wake_async+0xd6/0x160 [ 82.689843][ T5550] sock_def_readable+0x481/0x760 [ 82.695531][ T5550] unix_dgram_sendmsg+0xd5e/0x1950 [ 82.701187][ T5550] sock_sendmsg+0xde/0x190 [ 82.705986][ T5550] ____sys_sendmsg+0x334/0x900 [ 82.710955][ T5550] ___sys_sendmsg+0x110/0x1b0 [ 82.715821][ T5550] __sys_sendmmsg+0x18f/0x460 [ 82.720775][ T5550] __x64_sys_sendmmsg+0x9d/0x100 [ 82.725925][ T5550] do_syscall_64+0x39/0xb0 [ 82.730625][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 82.736720][ T5550] [ 82.739217][ T5550] -> (&f->f_owner.lock){....}-{2:2} { [ 82.744793][ T5550] INITIAL USE at: [ 82.749140][ T5550] lock_acquire+0x1af/0x520 [ 82.755653][ T5550] _raw_write_lock_irq+0x36/0x50 [ 82.763321][ T5550] f_modown+0x2a/0x390 [ 82.769327][ T5550] f_setown+0xdb/0x270 [ 82.775509][ T5550] sock_ioctl+0x450/0x680 [ 82.781764][ T5550] __x64_sys_ioctl+0x197/0x210 [ 82.788373][ T5550] do_syscall_64+0x39/0xb0 [ 82.794806][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 82.802557][ T5550] INITIAL READ USE at: [ 82.807069][ T5550] lock_acquire+0x1af/0x520 [ 82.813754][ T5550] _raw_read_lock_irqsave+0x74/0x90 [ 82.821457][ T5550] send_sigio+0x28/0x3b0 [ 82.828070][ T5550] kill_fasync+0x1fb/0x4f0 [ 82.834940][ T5550] sock_wake_async+0xd6/0x160 [ 82.841832][ T5550] sock_def_readable+0x481/0x760 [ 82.849210][ T5550] unix_dgram_sendmsg+0xd5e/0x1950 [ 82.856692][ T5550] sock_sendmsg+0xde/0x190 [ 82.863480][ T5550] ____sys_sendmsg+0x334/0x900 [ 82.870467][ T5550] ___sys_sendmsg+0x110/0x1b0 [ 82.877547][ T5550] __sys_sendmmsg+0x18f/0x460 [ 82.884958][ T5550] __x64_sys_sendmmsg+0x9d/0x100 [ 82.892534][ T5550] do_syscall_64+0x39/0xb0 [ 82.900020][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 82.908556][ T5550] } [ 82.911322][ T5550] ... key at: [] __key.5+0x0/0x40 [ 82.918719][ T5550] ... acquired at: [ 82.922605][ T5550] _raw_read_lock_irqsave+0x74/0x90 [ 82.928079][ T5550] send_sigio+0x28/0x3b0 [ 82.932616][ T5550] kill_fasync+0x1fb/0x4f0 [ 82.937231][ T5550] sock_wake_async+0xd6/0x160 [ 82.942273][ T5550] sock_def_readable+0x481/0x760 [ 82.947574][ T5550] unix_dgram_sendmsg+0xd5e/0x1950 [ 82.953050][ T5550] sock_sendmsg+0xde/0x190 [ 82.957741][ T5550] ____sys_sendmsg+0x334/0x900 [ 82.962696][ T5550] ___sys_sendmsg+0x110/0x1b0 [ 82.967654][ T5550] __sys_sendmmsg+0x18f/0x460 [ 82.972608][ T5550] __x64_sys_sendmmsg+0x9d/0x100 [ 82.978081][ T5550] do_syscall_64+0x39/0xb0 [ 82.982689][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 82.988952][ T5550] [ 82.991273][ T5550] -> (&new->fa_lock){....}-{2:2} { [ 82.996410][ T5550] INITIAL READ USE at: [ 83.000911][ T5550] lock_acquire+0x1af/0x520 [ 83.007695][ T5550] _raw_read_lock_irqsave+0x74/0x90 [ 83.015521][ T5550] kill_fasync+0x139/0x4f0 [ 83.022565][ T5550] sock_wake_async+0xd6/0x160 [ 83.029425][ T5550] sock_def_readable+0x481/0x760 [ 83.036977][ T5550] unix_dgram_sendmsg+0xd5e/0x1950 [ 83.044990][ T5550] sock_sendmsg+0xde/0x190 [ 83.051782][ T5550] ____sys_sendmsg+0x334/0x900 [ 83.058909][ T5550] ___sys_sendmsg+0x110/0x1b0 [ 83.065776][ T5550] __sys_sendmmsg+0x18f/0x460 [ 83.072493][ T5550] __x64_sys_sendmmsg+0x9d/0x100 [ 83.079642][ T5550] do_syscall_64+0x39/0xb0 [ 83.086124][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 83.094123][ T5550] } [ 83.096622][ T5550] ... key at: [] __key.0+0x0/0x40 [ 83.103946][ T5550] ... acquired at: [ 83.107849][ T5550] lock_acquire+0x1af/0x520 [ 83.112622][ T5550] _raw_read_lock_irqsave+0x74/0x90 [ 83.118198][ T5550] kill_fasync+0x139/0x4f0 [ 83.122831][ T5550] evdev_pass_values.part.0+0x667/0x960 [ 83.128567][ T5550] evdev_events+0x3b4/0x430 [ 83.133431][ T5550] input_to_handler+0x2a0/0x4c0 [ 83.138485][ T5550] input_pass_values.part.0+0x230/0x760 [ 83.144413][ T5550] input_event_dispose+0x5cf/0x730 [ 83.150074][ T5550] input_handle_event+0x120/0xe70 [ 83.155813][ T5550] input_inject_event+0x1c7/0x390 [ 83.161123][ T5550] evdev_write+0x434/0x760 [ 83.165981][ T5550] vfs_write+0x2db/0xe10 [ 83.170491][ T5550] ksys_write+0x1ec/0x250 [ 83.175029][ T5550] do_syscall_64+0x39/0xb0 [ 83.179726][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 83.185895][ T5550] [ 83.188216][ T5550] [ 83.188216][ T5550] stack backtrace: [ 83.194100][ T5550] CPU: 0 PID: 5550 Comm: syz-executor.0 Not tainted 6.3.0-rc7-syzkaller-00180-gc337b23f32c8 #0 [ 83.204537][ T5550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023 [ 83.214981][ T5550] Call Trace: [ 83.218262][ T5550] [ 83.221367][ T5550] dump_stack_lvl+0xd9/0x150 [ 83.226163][ T5550] check_irq_usage+0x114e/0x1a40 [ 83.231130][ T5550] ? save_trace+0xb20/0xb20 [ 83.235730][ T5550] ? print_shortest_lock_dependencies_backwards+0x1e0/0x1e0 [ 83.243823][ T5550] ? mark_lock.part.0+0xee/0x1970 [ 83.248860][ T5550] ? check_path.constprop.0+0x24/0x50 [ 83.254421][ T5550] ? register_lock_class+0xbe/0x1120 [ 83.260098][ T5550] ? print_circular_bug+0x5c0/0x5c0 [ 83.265677][ T5550] ? print_usage_bug.part.0+0x660/0x660 [ 83.271323][ T5550] ? is_dynamic_key.part.0+0x190/0x190 [ 83.277406][ T5550] ? try_to_wake_up+0x100/0x1c40 [ 83.282792][ T5550] __lock_acquire+0x2edf/0x5d40 [ 83.287937][ T5550] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 83.294298][ T5550] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 83.300397][ T5550] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 83.306566][ T5550] ? __wake_up_common_lock+0xe2/0x140 [ 83.311979][ T5550] lock_acquire+0x1af/0x520 [ 83.316506][ T5550] ? kill_fasync+0x139/0x4f0 [ 83.321385][ T5550] ? lock_release+0x670/0x670 [ 83.326430][ T5550] ? lock_release+0x670/0x670 [ 83.332248][ T5550] ? lock_release+0x670/0x670 [ 83.337124][ T5550] ? __wake_up_common+0x650/0x650 [ 83.342874][ T5550] _raw_read_lock_irqsave+0x74/0x90 [ 83.348632][ T5550] ? kill_fasync+0x139/0x4f0 [ 83.353681][ T5550] kill_fasync+0x139/0x4f0 [ 83.358643][ T5550] evdev_pass_values.part.0+0x667/0x960 [ 83.364397][ T5550] ? evdev_free+0x70/0x70 [ 83.368911][ T5550] ? ktime_mono_to_any+0xb9/0x1e0 [ 83.374132][ T5550] evdev_events+0x3b4/0x430 [ 83.378731][ T5550] ? evdev_connect+0x4c0/0x4c0 [ 83.383536][ T5550] input_to_handler+0x2a0/0x4c0 [ 83.388685][ T5550] input_pass_values.part.0+0x230/0x760 [ 83.394265][ T5550] input_event_dispose+0x5cf/0x730 [ 83.399800][ T5550] input_handle_event+0x120/0xe70 [ 83.404932][ T5550] input_inject_event+0x1c7/0x390 [ 83.410237][ T5550] evdev_write+0x434/0x760 [ 83.414928][ T5550] ? evdev_read+0xe40/0xe40 [ 83.419458][ T5550] ? apparmor_file_permission+0x272/0x4e0 [ 83.425202][ T5550] ? bpf_lsm_file_permission+0x9/0x10 [ 83.430641][ T5550] ? security_file_permission+0xaf/0xd0 [ 83.436203][ T5550] vfs_write+0x2db/0xe10 [ 83.440464][ T5550] ? evdev_read+0xe40/0xe40 [ 83.445074][ T5550] ? kernel_write+0x670/0x670 [ 83.450221][ T5550] ? __fget_files+0x26a/0x480 [ 83.455033][ T5550] ? __fget_light+0xe5/0x270 [ 83.459682][ T5550] ksys_write+0x1ec/0x250 [ 83.464033][ T5550] ? __ia32_sys_read+0xb0/0xb0 [ 83.469010][ T5550] ? syscall_enter_from_user_mode+0x26/0x80 [ 83.475198][ T5550] do_syscall_64+0x39/0xb0 [ 83.479699][ T5550] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 83.485647][ T5550] RIP: 0033:0x7f31fa889109 [ 83.490429][ T5550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 83.510667][ T5550] RSP: 002b:00007f31fb9fa168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 83.519086][ T5550] RAX: ffffffffffffffda RBX: 00007f31fa99bf60 RCX: 00007f31fa889109 [ 83.528294][ T5550] RDX: 0000000000003888 RSI: 0000000020000080 RDI: 0000000000000005 [ 83.536365][ T5550] RBP: 00007f31fa8e308d R08: 0000000000000000 R09: 0000000000000000 [ 83.544513][ T5550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.552679][ T5550] R13: 00007ffc1d05373f R14: 00007f31fb9fa300 R15: 0000000000022000 [ 83.560924][ T5550] [ 83.565251][ T4394] Bluetooth: hci0: command 0x0409 tx timeout [ 83.565835][ T2064] cfg80211: failed to load regulatory.db 2023/04/21 19:25:23 executed programs: 5 [ 85.648898][ T5080] Bluetooth: hci0: command 0x041b tx timeout [ 87.719149][ T5080] Bluetooth: hci0: command 0x040f tx timeout 2023/04/21 19:25:28 executed programs: 228 [ 89.801474][ T5080] Bluetooth: hci0: command 0x0419 tx timeout