./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4248323912 <...> forked to background, child pid 4651 no interfaces have a carrier [ 34.476377][ T4652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.489094][ T4652] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.15.198' (ECDSA) to the list of known hosts. execve("./syz-executor4248323912", ["./syz-executor4248323912"], 0x7ffdaa2ec5a0 /* 10 vars */) = 0 brk(NULL) = 0x555555b89000 brk(0x555555b89c40) = 0x555555b89c40 arch_prctl(ARCH_SET_FS, 0x555555b89300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor4248323912", 4096) = 28 brk(0x555555baac40) = 0x555555baac40 brk(0x555555bab000) = 0x555555bab000 mprotect(0x7fedad5d1000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5081 attached , child_tidptr=0x555555b895d0) = 5081 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5081] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5082 attached [pid 5080] <... clone resumed>, child_tidptr=0x555555b895d0) = 5082 [pid 5081] <... clone resumed>, child_tidptr=0x555555b895d0) = 5083 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5083 attached [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5083] setpgid(0, 0) = 0 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... clone resumed>, child_tidptr=0x555555b895d0) = 5084 [pid 5082] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5083] <... openat resumed>) = 3 [pid 5083] write(3, "1000", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5080] <... clone resumed>, child_tidptr=0x555555b895d0) = 5085 [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5083] <... openat resumed>) = 3 [pid 5083] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5080] <... clone resumed>, child_tidptr=0x555555b895d0) = 5086 ./strace-static-x86_64: Process 5086 attached ./strace-static-x86_64: Process 5085 attached ./strace-static-x86_64: Process 5084 attached [pid 5080] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5084] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5082] <... clone resumed>, child_tidptr=0x555555b895d0) = 5087 [pid 5080] <... clone resumed>, child_tidptr=0x555555b895d0) = 5088 [pid 5084] <... clone resumed>, child_tidptr=0x555555b895d0) = 5090 [pid 5085] <... clone resumed>, child_tidptr=0x555555b895d0) = 5091 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5088 attached [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5087 attached ./strace-static-x86_64: Process 5090 attached [pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... prctl resumed>) = 0 [pid 5090] <... prctl resumed>) = 0 [pid 5086] <... clone resumed>, child_tidptr=0x555555b895d0) = 5092 [pid 5087] setpgid(0, 0 [pid 5090] setpgid(0, 0) = 0 [pid 5087] <... setpgid resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] <... openat resumed>) = 3 [pid 5090] <... openat resumed>) = 3 [pid 5088] <... clone resumed>, child_tidptr=0x555555b895d0) = 5094 [pid 5087] write(3, "1000", 4./strace-static-x86_64: Process 5094 attached [pid 5090] write(3, "1000", 4 [pid 5087] <... write resumed>) = 4 ./strace-static-x86_64: Process 5092 attached [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] <... write resumed>) = 4 [pid 5087] close(3 [pid 5094] <... prctl resumed>) = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5090] close(3 [pid 5087] <... close resumed>) = 0 [pid 5094] setpgid(0, 0 [pid 5092] <... prctl resumed>) = 0 [pid 5090] <... close resumed>) = 0 [pid 5087] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE./strace-static-x86_64: Process 5091 attached [pid 5094] <... setpgid resumed>) = 0 [pid 5092] setpgid(0, 0 [pid 5090] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... setpgid resumed>) = 0 [pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... openat resumed>) = 3 [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5091] <... prctl resumed>) = 0 [pid 5094] write(3, "1000", 4 [pid 5092] <... openat resumed>) = 3 [pid 5091] setpgid(0, 0 [pid 5094] <... write resumed>) = 4 [pid 5092] write(3, "1000", 4 [pid 5091] <... setpgid resumed>) = 0 [pid 5094] close(3 [pid 5092] <... write resumed>) = 4 [pid 5094] <... close resumed>) = 0 [pid 5092] close(3 [pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5094] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5092] <... close resumed>) = 0 [pid 5092] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5091] <... openat resumed>) = 3 [pid 5091] write(3, "1000", 4) = 4 [pid 5091] close(3) = 0 [pid 5091] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5094] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5091] <... openat resumed>) = 3 [pid 5090] <... openat resumed>) = 3 [pid 5087] <... openat resumed>) = 3 [pid 5094] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5092] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5090] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5087] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5094] <... write resumed>) = 8 [pid 5092] <... write resumed>) = 8 [pid 5090] <... write resumed>) = 8 [pid 5087] <... write resumed>) = 8 [pid 5083] <... write resumed>) = 8 [pid 5094] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5092] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5090] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5087] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5091] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5083] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5091] <... write resumed>) = 8 [pid 5091] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5094] <... openat resumed>) = 4 [pid 5094] exit_group(0) = ? [pid 5094] +++ exited with 0 +++ [pid 5092] <... openat resumed>) = 4 [pid 5092] exit_group(0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5092] <... exit_group resumed>) = ? [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5092] +++ exited with 0 +++ [pid 5088] <... clone resumed>, child_tidptr=0x555555b895d0) = 5109 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5111 ./strace-static-x86_64: Process 5109 attached ./strace-static-x86_64: Process 5111 attached [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5109] <... prctl resumed>) = 0 [pid 5111] <... prctl resumed>) = 0 [pid 5109] setpgid(0, 0 [pid 5090] <... openat resumed>) = 4 [pid 5111] setpgid(0, 0 [pid 5109] <... setpgid resumed>) = 0 [pid 5090] exit_group(0 [pid 5111] <... setpgid resumed>) = 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] <... exit_group resumed>) = ? [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5109] <... openat resumed>) = 3 [pid 5090] +++ exited with 0 +++ [pid 5111] <... openat resumed>) = 3 [pid 5109] write(3, "1000", 4 [pid 5111] write(3, "1000", 4 [pid 5109] <... write resumed>) = 4 [pid 5087] <... openat resumed>) = 4 [pid 5084] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5111] <... write resumed>) = 4 [pid 5109] close(3 [pid 5087] exit_group(0 [pid 5084] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... exit_group resumed>) = ? [pid 5111] close(3 [pid 5109] <... close resumed>) = 0 [pid 5111] <... close resumed>) = 0 [pid 5109] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5111] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5084] <... clone resumed>, child_tidptr=0x555555b895d0) = 5119 ./strace-static-x86_64: Process 5119 attached [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5119] setpgid(0, 0) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5087] +++ exited with 0 +++ [pid 5119] <... openat resumed>) = 3 [pid 5082] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5119] write(3, "1000", 4 [pid 5082] restart_syscall(<... resuming interrupted clone ...> [pid 5119] <... write resumed>) = 4 [pid 5119] close(3 [pid 5082] <... restart_syscall resumed>) = 0 [pid 5119] <... close resumed>) = 0 [pid 5082] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5091] <... openat resumed>) = 4 [pid 5082] <... clone resumed>, child_tidptr=0x555555b895d0) = 5123 [pid 5091] exit_group(0) = ? [pid 5119] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5091] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5085] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5123 attached ) = 0 [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5123] setpgid(0, 0) = 0 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5123] write(3, "1000", 4) = 4 [pid 5123] close(3) = 0 [pid 5123] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5119] <... openat resumed>) = 3 [pid 5111] <... openat resumed>) = 3 [pid 5109] <... openat resumed>) = 3 [pid 5083] <... openat resumed>) = 4 [pid 5119] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5111] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5109] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5083] exit_group(0 [pid 5119] <... write resumed>) = 8 [pid 5111] <... write resumed>) = 8 [pid 5109] <... write resumed>) = 8 [pid 5083] <... exit_group resumed>) = ? [pid 5123] <... openat resumed>) = 3 [pid 5119] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5111] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5109] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5123] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5083] +++ exited with 0 +++ [pid 5123] <... write resumed>) = 8 [pid 5123] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5085] <... clone resumed>, child_tidptr=0x555555b895d0) = 5129 [pid 5081] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5081] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5132 ./strace-static-x86_64: Process 5129 attached [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5119] <... openat resumed>) = 4 [pid 5119] exit_group(0) = ? ./strace-static-x86_64: Process 5132 attached [pid 5129] <... prctl resumed>) = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5129] setpgid(0, 0 [pid 5119] +++ exited with 0 +++ [pid 5084] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5129] <... setpgid resumed>) = 0 [pid 5084] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5111] <... openat resumed>) = 4 [pid 5111] exit_group(0) = ? [pid 5084] <... clone resumed>, child_tidptr=0x555555b895d0) = 5136 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5129] write(3, "1000", 4) = 4 [pid 5129] close(3 [pid 5132] <... prctl resumed>) = 0 [pid 5129] <... close resumed>) = 0 [pid 5129] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5136 attached ) = 3 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0 [pid 5132] write(3, "1000", 4 [pid 5136] <... setpgid resumed>) = 0 [pid 5132] <... write resumed>) = 4 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5111] +++ exited with 0 +++ [pid 5109] <... openat resumed>) = 4 [pid 5136] <... openat resumed>) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5109] exit_group(0) = ? [pid 5132] close(3) = 0 [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5132] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5142 [pid 5109] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5143 ./strace-static-x86_64: Process 5142 attached [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] setpgid(0, 0) = 0 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5142] write(3, "1000", 4./strace-static-x86_64: Process 5143 attached ) = 4 [pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5142] close(3) = 0 [pid 5142] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5143] <... prctl resumed>) = 0 [pid 5143] setpgid(0, 0) = 0 [pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5143] write(3, "1000", 4) = 4 [pid 5143] close(3) = 0 [pid 5143] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE) = 3 [pid 5142] <... openat resumed>) = 3 [pid 5136] <... openat resumed>) = 3 [pid 5132] <... openat resumed>) = 3 [pid 5129] <... openat resumed>) = 3 [pid 5123] <... openat resumed>) = 4 [pid 5143] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5142] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5136] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5132] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5129] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5123] exit_group(0 [pid 5143] <... write resumed>) = 8 [pid 5142] <... write resumed>) = 8 [pid 5136] <... write resumed>) = 8 [pid 5132] <... write resumed>) = 8 [pid 5129] <... write resumed>) = 8 [pid 5123] <... exit_group resumed>) = ? [pid 5143] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5142] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5136] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5132] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5129] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5123] +++ exited with 0 +++ [pid 5082] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5082] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5082] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5148 ./strace-static-x86_64: Process 5148 attached [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "1000", 4) = 4 [pid 5148] close(3) = 0 [pid 5148] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5143] <... openat resumed>) = 4 [pid 5143] exit_group(0) = ? [pid 5143] +++ exited with 0 +++ [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5155 attached , child_tidptr=0x555555b895d0) = 5155 [pid 5155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5155] setpgid(0, 0) = 0 [pid 5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5142] <... openat resumed>) = 4 [pid 5155] <... openat resumed>) = 3 [pid 5155] write(3, "1000", 4) = 4 [pid 5155] close(3) = 0 [pid 5155] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5142] exit_group(0) = ? [pid 5136] <... openat resumed>) = 4 [pid 5136] exit_group(0) = ? [pid 5136] +++ exited with 0 +++ [pid 5084] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5142] +++ exited with 0 +++ [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5084] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5164 [pid 5084] <... clone resumed>, child_tidptr=0x555555b895d0) = 5163 ./strace-static-x86_64: Process 5163 attached ./strace-static-x86_64: Process 5164 attached [pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5163] setpgid(0, 0 [pid 5164] <... prctl resumed>) = 0 [pid 5164] setpgid(0, 0) = 0 [pid 5163] <... setpgid resumed>) = 0 [pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5132] <... openat resumed>) = 4 [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5132] exit_group(0) = ? [pid 5163] <... openat resumed>) = 3 [pid 5163] write(3, "1000", 4) = 4 [pid 5163] close(3) = 0 [pid 5163] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5164] <... openat resumed>) = 3 [pid 5164] write(3, "1000", 4 [pid 5132] +++ exited with 0 +++ [pid 5164] <... write resumed>) = 4 [pid 5081] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5164] close(3) = 0 [pid 5081] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5170 [pid 5164] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5129] <... openat resumed>) = 4 [pid 5163] <... openat resumed>) = 3 [pid 5155] <... openat resumed>) = 3 [pid 5148] <... openat resumed>) = 3 [pid 5163] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5155] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5148] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5163] <... write resumed>) = 8 [pid 5155] <... write resumed>) = 8 [pid 5148] <... write resumed>) = 8 [pid 5163] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5155] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5148] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5129] exit_group(0) = ? [pid 5129] +++ exited with 0 +++ [pid 5085] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5085] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5174 ./strace-static-x86_64: Process 5174 attached ./strace-static-x86_64: Process 5170 attached [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5174] setpgid(0, 0 [pid 5170] setpgid(0, 0) = 0 [pid 5174] <... setpgid resumed>) = 0 [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5170] <... openat resumed>) = 3 [pid 5174] <... openat resumed>) = 3 [pid 5170] write(3, "1000", 4 [pid 5174] write(3, "1000", 4 [pid 5170] <... write resumed>) = 4 [pid 5174] <... write resumed>) = 4 [pid 5170] close(3 [pid 5164] <... openat resumed>) = 3 [pid 5155] <... openat resumed>) = 4 [pid 5174] close(3 [pid 5170] <... close resumed>) = 0 [pid 5164] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5155] exit_group(0 [pid 5174] <... close resumed>) = 0 [pid 5170] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5164] <... write resumed>) = 8 [pid 5155] <... exit_group resumed>) = ? [pid 5174] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5164] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5155] +++ exited with 0 +++ [pid 5148] <... openat resumed>) = 4 [pid 5148] exit_group(0 [pid 5088] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5148] <... exit_group resumed>) = ? [pid 5088] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5088] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5182 [pid 5148] +++ exited with 0 +++ [pid 5082] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5082] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5082] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5184 ./strace-static-x86_64: Process 5182 attached [pid 5174] <... openat resumed>) = 3 [pid 5170] <... openat resumed>) = 3 [pid 5163] <... openat resumed>) = 4 [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5174] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5170] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5182] <... prctl resumed>) = 0 [pid 5174] <... write resumed>) = 8 [pid 5163] exit_group(0 [pid 5170] <... write resumed>) = 8 [pid 5182] setpgid(0, 0 [pid 5174] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5163] <... exit_group resumed>) = ? ./strace-static-x86_64: Process 5184 attached [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5170] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5184] <... prctl resumed>) = 0 [pid 5184] setpgid(0, 0) = 0 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5184] write(3, "1000", 4) = 4 [pid 5184] close(3 [pid 5182] <... setpgid resumed>) = 0 [pid 5184] <... close resumed>) = 0 [pid 5184] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5163] +++ exited with 0 +++ [pid 5084] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5084] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5084] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555b895d0) = 5188 [pid 5182] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5188 attached [pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5188] setpgid(0, 0) = 0 [pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5182] write(3, "1000", 4) = 4 [pid 5182] close(3) = 0 [pid 5182] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5188] <... openat resumed>) = 3 [pid 5188] write(3, "1000", 4) = 4 [pid 5188] close(3) = 0 [pid 5188] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5164] <... openat resumed>) = 4 [pid 5164] exit_group(0) = ? [pid 5174] <... openat resumed>) = 4 [pid 5174] exit_group(0 [pid 5164] +++ exited with 0 +++ [pid 5174] <... exit_group resumed>) = ? [pid 5086] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5170] <... openat resumed>) = 4 [pid 5184] <... openat resumed>) = 3 [pid 5188] <... openat resumed>) = 3 [pid 5182] <... openat resumed>) = 3 [pid 5184] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5188] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5184] <... write resumed>) = 8 [pid 5182] write(3, "\x01\x00\x00\x00\x00\x03\x04\x00", 8 [pid 5086] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5184] openat(AT_FDCWD, "/dev/virtual_nci", O_RDWR [pid 5170] exit_group(0) = ? [pid 5086] <... clone resumed>, child_tidptr=0x555555b895d0) = 5197 ./strace-static-x86_64: Process 5197 attached [pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5197] setpgid(0, 0) = 0 [pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5197] write(3, "1000", 4) = 4 [pid 5197] close(3) = 0 [pid 5197] openat(AT_FDCWD, "/dev/rfkill", O_WRONLY|O_LARGEFILE [pid 5081] kill(-5170, SIGKILL) = 0 [pid 5081] kill(5170, SIGKILL) = 0 [pid 5085] kill(-5174, SIGKILL) = 0 [pid 5085] kill(5174, SIGKILL) = 0 [pid 5088] kill(-5182, SIGKILL) = 0 [pid 5088] kill(5182, SIGKILL) = 0 [pid 5082] kill(-5184, SIGKILL) = 0 [pid 5082] kill(5184, SIGKILL) = 0 [pid 5084] kill(-5188, SIGKILL) = 0 [pid 5084] kill(5188, SIGKILL) = 0 [pid 5086] kill(-5197, SIGKILL) = 0 [pid 5086] kill(5197, SIGKILL) = 0 [pid 5081] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5081] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5081] getdents64(3, 0x555555b8a620 /* 2 entries */, 32768) = 48 [pid 5081] getdents64(3, 0x555555b8a620 /* 0 entries */, 32768) = 0 [pid 5081] close(3) = 0 [pid 5085] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5085] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5085] getdents64(3, 0x555555b8a620 /* 2 entries */, 32768) = 48 [pid 5085] getdents64(3, 0x555555b8a620 /* 0 entries */, 32768) = 0 [pid 5085] close(3) = 0 [pid 5088] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5088] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5082] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] getdents64(3, [pid 5082] <... openat resumed>) = 3 [pid 5088] <... getdents64 resumed>0x555555b8a620 /* 2 entries */, 32768) = 48 [pid 5082] fstat(3, [pid 5088] getdents64(3, [pid 5082] <... fstat resumed>{st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5088] <... getdents64 resumed>0x555555b8a620 /* 0 entries */, 32768) = 0 [pid 5082] getdents64(3, [pid 5088] close(3 [pid 5082] <... getdents64 resumed>0x555555b8a620 /* 2 entries */, 32768) = 48 [pid 5088] <... close resumed>) = 0 [pid 5082] getdents64(3, 0x555555b8a620 /* 0 entries */, 32768) = 0 [pid 5082] close(3) = 0 [pid 5084] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5084] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5084] getdents64(3, 0x555555b8a620 /* 2 entries */, 32768) = 48 [pid 5084] getdents64(3, 0x555555b8a620 /* 0 entries */, 32768) = 0 [pid 5084] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/sys/fs/fuse/connections", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5086] fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0 [pid 5086] getdents64(3, 0x555555b8a620 /* 2 entries */, 32768) = 48 [pid 5086] getdents64(3, 0x555555b8a620 /* 0 entries */, 32768) = 0 [pid 5086] close(3) = 0 syzkaller login: [ 76.204769][ T26] cfg80211: failed to load regulatory.db [ 286.122717][ T28] INFO: task kworker/0:3:5145 blocked for more than 143 seconds. [ 286.130572][ T28] Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 286.137766][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.146677][ T28] task:kworker/0:3 state:D stack:28856 pid:5145 ppid:2 flags:0x00004000 [ 286.156098][ T28] Workqueue: events rfkill_global_led_trigger_worker [ 286.163033][ T28] Call Trace: [ 286.166323][ T28] [ 286.169253][ T28] __schedule+0x25d0/0x5a70 [ 286.174019][ T28] ? rcu_read_lock_sched_held+0x3e/0x70 [ 286.179630][ T28] ? find_held_lock+0x2d/0x110 [ 286.184699][ T28] ? wq_worker_sleeping+0x1e9/0x250 [ 286.189943][ T28] ? io_schedule_timeout+0x150/0x150 [ 286.195863][ T28] ? mark_held_locks+0x9f/0xe0 [ 286.200650][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.205806][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.211050][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 286.216577][ T28] schedule+0xde/0x1b0 [ 286.220683][ T28] schedule_preempt_disabled+0x13/0x20 [ 286.226458][ T28] __mutex_lock+0xa48/0x1360 [ 286.231085][ T28] ? rfkill_global_led_trigger_worker+0x1b/0x120 [ 286.237627][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.243377][ T28] ? lock_release+0x810/0x810 [ 286.248107][ T28] ? trace_lock_acquire+0x1f1/0x290 [ 286.253635][ T28] rfkill_global_led_trigger_worker+0x1b/0x120 [ 286.259841][ T28] process_one_work+0x9bf/0x1750 [ 286.264938][ T28] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 286.270347][ T28] ? rcu_read_lock_sched_held+0x3e/0x70 [ 286.275983][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.280945][ T28] ? lock_acquire+0x32/0xc0 [ 286.285566][ T28] ? worker_thread+0x16d/0x1090 [ 286.290451][ T28] worker_thread+0x669/0x1090 [ 286.295198][ T28] ? __kthread_parkme+0x163/0x220 [ 286.300245][ T28] ? process_one_work+0x1750/0x1750 [ 286.305599][ T28] kthread+0x2e8/0x3a0 [ 286.309745][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 286.315453][ T28] ret_from_fork+0x1f/0x30 [ 286.319912][ T28] [ 286.323119][ T28] INFO: task syz-executor424:5170 blocked for more than 143 seconds. [ 286.331197][ T28] Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 286.338361][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.347162][ T28] task:syz-executor424 state:D stack:26912 pid:5170 ppid:5081 flags:0x00004002 [ 286.356440][ T28] Call Trace: [ 286.359751][ T28] [ 286.362745][ T28] __schedule+0x25d0/0x5a70 [ 286.367279][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.373308][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.379343][ T28] ? io_schedule_timeout+0x150/0x150 [ 286.384742][ T28] ? __mutex_lock+0xa43/0x1360 [ 286.389569][ T28] schedule+0xde/0x1b0 [ 286.393769][ T28] schedule_preempt_disabled+0x13/0x20 [ 286.399264][ T28] __mutex_lock+0xa48/0x1360 [ 286.403948][ T28] ? rfkill_unregister+0xde/0x2c0 [ 286.409022][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.414651][ T28] ? nfc_genl_device_removed+0x226/0x2f0 [ 286.420401][ T28] ? nfc_genl_device_added+0x230/0x230 [ 286.425960][ T28] rfkill_unregister+0xde/0x2c0 [ 286.430850][ T28] nfc_unregister_device+0x96/0x330 [ 286.436119][ T28] virtual_ncidev_close+0x52/0xb0 [ 286.441245][ T28] __fput+0x27c/0xa90 [ 286.445348][ T28] ? virtual_nci_open+0x10/0x10 [ 286.450237][ T28] task_work_run+0x16f/0x270 [ 286.454899][ T28] ? task_work_cancel+0x30/0x30 [ 286.459792][ T28] ? do_raw_spin_unlock+0x175/0x230 [ 286.465088][ T28] do_exit+0xb17/0x2a90 [ 286.469469][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.474384][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 286.479438][ T28] ? mm_update_next_owner+0x7b0/0x7b0 [ 286.484884][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.489846][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.495463][ T28] do_group_exit+0xd4/0x2a0 [ 286.500098][ T28] __x64_sys_exit_group+0x3e/0x50 [ 286.505193][ T28] do_syscall_64+0x39/0xb0 [ 286.509631][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.515674][ T28] RIP: 0033:0x7fedad563af9 [ 286.520117][ T28] RSP: 002b:00007ffda4b8f8f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 286.528660][ T28] RAX: ffffffffffffffda RBX: 00007fedad5d7330 RCX: 00007fedad563af9 [ 286.536700][ T28] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 286.544745][ T28] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000001 [ 286.552764][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fedad5d7330 [ 286.560729][ T28] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 286.568780][ T28] [ 286.571824][ T28] INFO: task syz-executor424:5174 blocked for more than 143 seconds. [ 286.579948][ T28] Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 286.587020][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.595721][ T28] task:syz-executor424 state:D stack:26992 pid:5174 ppid:5085 flags:0x00004002 [ 286.605137][ T28] Call Trace: [ 286.608454][ T28] [ 286.611385][ T28] __schedule+0x25d0/0x5a70 [ 286.615944][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.621957][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.628018][ T28] ? mark_held_locks+0x9f/0xe0 [ 286.632847][ T28] ? io_schedule_timeout+0x150/0x150 [ 286.638133][ T28] ? __mutex_lock+0xa43/0x1360 [ 286.643101][ T28] schedule+0xde/0x1b0 [ 286.647203][ T28] schedule_preempt_disabled+0x13/0x20 [ 286.652752][ T28] __mutex_lock+0xa48/0x1360 [ 286.657369][ T28] ? rfkill_unregister+0xde/0x2c0 [ 286.662406][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.668044][ T28] ? nfc_genl_device_removed+0x226/0x2f0 [ 286.673741][ T28] ? nfc_genl_device_added+0x230/0x230 [ 286.679213][ T28] rfkill_unregister+0xde/0x2c0 [ 286.684139][ T28] nfc_unregister_device+0x96/0x330 [ 286.689364][ T28] virtual_ncidev_close+0x52/0xb0 [ 286.694460][ T28] __fput+0x27c/0xa90 [ 286.698466][ T28] ? virtual_nci_open+0x10/0x10 [ 286.703398][ T28] task_work_run+0x16f/0x270 [ 286.708031][ T28] ? task_work_cancel+0x30/0x30 [ 286.712937][ T28] ? do_raw_spin_unlock+0x175/0x230 [ 286.718164][ T28] do_exit+0xb17/0x2a90 [ 286.722326][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.727248][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 286.732296][ T28] ? mm_update_next_owner+0x7b0/0x7b0 [ 286.737722][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 286.742723][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 286.747933][ T28] do_group_exit+0xd4/0x2a0 [ 286.752446][ T28] __x64_sys_exit_group+0x3e/0x50 [ 286.757587][ T28] do_syscall_64+0x39/0xb0 [ 286.762032][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 286.767999][ T28] RIP: 0033:0x7fedad563af9 [ 286.772428][ T28] RSP: 002b:00007ffda4b8f8f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 286.780940][ T28] RAX: ffffffffffffffda RBX: 00007fedad5d7330 RCX: 00007fedad563af9 [ 286.789018][ T28] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 286.797062][ T28] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000001 [ 286.805138][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fedad5d7330 [ 286.813178][ T28] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 286.821181][ T28] [ 286.824313][ T28] INFO: task syz-executor424:5182 blocked for more than 144 seconds. [ 286.832393][ T28] Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 286.839488][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 286.848319][ T28] task:syz-executor424 state:D stack:27256 pid:5182 ppid:5088 flags:0x00004004 [ 286.857580][ T28] Call Trace: [ 286.860871][ T28] [ 286.863877][ T28] __schedule+0x25d0/0x5a70 [ 286.868413][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.874464][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 286.880477][ T28] ? io_schedule_timeout+0x150/0x150 [ 286.885846][ T28] ? __mutex_lock+0xa43/0x1360 [ 286.890644][ T28] schedule+0xde/0x1b0 [ 286.894969][ T28] schedule_preempt_disabled+0x13/0x20 [ 286.900477][ T28] __mutex_lock+0xa48/0x1360 [ 286.905220][ T28] ? rfkill_fop_write+0x160/0x570 [ 286.910306][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 286.915956][ T28] rfkill_fop_write+0x160/0x570 [ 286.920857][ T28] ? rfkill_sync_work+0xc0/0xc0 [ 286.925855][ T28] ? bpf_lsm_file_permission+0x9/0x10 [ 286.931373][ T28] ? security_file_permission+0xaf/0xd0 [ 286.937033][ T28] vfs_write+0x2db/0xe10 [ 286.941297][ T28] ? rfkill_sync_work+0xc0/0xc0 [ 286.946268][ T28] ? kernel_write+0x670/0x670 [ 286.950974][ T28] ? find_held_lock+0x2d/0x110 [ 286.955792][ T28] ? ptrace_notify+0xfe/0x140 [ 286.960540][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 286.965501][ T28] ? __fget_light+0x20a/0x270 [ 286.970222][ T28] ksys_write+0x1ec/0x250 [ 286.974590][ T28] ? __ia32_sys_read+0xb0/0xb0 [ 286.979380][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 286.984696][ T28] ? _raw_spin_unlock_irq+0x2e/0x50 [ 286.989977][ T28] ? ptrace_notify+0xfe/0x140 [ 286.994729][ T28] do_syscall_64+0x39/0xb0 [ 286.999187][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 287.005205][ T28] RIP: 0033:0x7fedad564e69 [ 287.009643][ T28] RSP: 002b:00007ffda4b8f948 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 287.018102][ T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fedad564e69 [ 287.026335][ T28] RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000003 [ 287.034637][ T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 287.042703][ T28] R10: 00007ffda4b8f3c0 R11: 0000000000000246 R12: 000000000000ddbf [ 287.050694][ T28] R13: 00007ffda4b8f95c R14: 00007ffda4b8f970 R15: 00007ffda4b8f960 [ 287.058767][ T28] [ 287.061822][ T28] INFO: task syz-executor424:5184 blocked for more than 144 seconds. [ 287.069974][ T28] Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 287.077051][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.085883][ T28] task:syz-executor424 state:D stack:26992 pid:5184 ppid:5082 flags:0x00004004 [ 287.095171][ T28] Call Trace: [ 287.098463][ T28] [ 287.101394][ T28] __schedule+0x25d0/0x5a70 [ 287.105978][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 287.111981][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 287.118044][ T28] ? io_schedule_timeout+0x150/0x150 [ 287.123392][ T28] ? __mutex_lock+0xa43/0x1360 [ 287.128172][ T28] schedule+0xde/0x1b0 [ 287.132240][ T28] schedule_preempt_disabled+0x13/0x20 [ 287.137747][ T28] __mutex_lock+0xa48/0x1360 [ 287.142456][ T28] ? rfkill_register+0x3a/0xb00 [ 287.147397][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 287.152999][ T28] ? lockdep_init_map_type+0x21e/0x800 [ 287.158485][ T28] ? __init_waitqueue_head+0xca/0x150 [ 287.164013][ T28] rfkill_register+0x3a/0xb00 [ 287.168739][ T28] nfc_register_device+0x124/0x3b0 [ 287.174388][ T28] nci_register_device+0x7cb/0xb50 [ 287.180053][ T28] ? nci_init_complete_req+0x3f0/0x3f0 [ 287.185588][ T28] ? lockdep_init_map_type+0x21e/0x800 [ 287.191068][ T28] ? lockdep_init_map_type+0x21e/0x800 [ 287.196581][ T28] ? virtual_ncidev_read+0x4b0/0x4b0 [ 287.201913][ T28] virtual_ncidev_open+0x14f/0x230 [ 287.207144][ T28] misc_open+0x37a/0x4a0 [ 287.211521][ T28] ? misc_devnode+0x120/0x120 [ 287.216295][ T28] chrdev_open+0x26a/0x770 [ 287.220739][ T28] ? __unregister_chrdev+0x110/0x110 [ 287.226124][ T28] ? fsnotify_perm.part.0+0x221/0x610 [ 287.231539][ T28] do_dentry_open+0x6cc/0x13f0 [ 287.236440][ T28] ? __unregister_chrdev+0x110/0x110 [ 287.241746][ T28] ? may_open+0x1f6/0x420 [ 287.246190][ T28] path_openat+0x1bc1/0x2b40 [ 287.250822][ T28] ? path_lookupat+0x840/0x840 [ 287.255640][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 287.261656][ T28] do_filp_open+0x1ba/0x410 [ 287.266386][ T28] ? may_open_dev+0xf0/0xf0 [ 287.270946][ T28] ? find_held_lock+0x2d/0x110 [ 287.275790][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 287.280841][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 287.285876][ T28] ? _raw_spin_unlock+0x28/0x40 [ 287.290767][ T28] ? alloc_fd+0x2e4/0x6e0 [ 287.295208][ T28] do_sys_openat2+0x16d/0x4c0 [ 287.299924][ T28] ? build_open_flags+0x6f0/0x6f0 [ 287.305066][ T28] ? ptrace_notify+0xfe/0x140 [ 287.309765][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 287.314675][ T28] __x64_sys_openat+0x143/0x1f0 [ 287.319551][ T28] ? __ia32_sys_open+0x1c0/0x1c0 [ 287.324557][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.330117][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 287.335375][ T28] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.340612][ T28] ? ptrace_notify+0xfe/0x140 [ 287.345368][ T28] do_syscall_64+0x39/0xb0 [ 287.349814][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 287.355833][ T28] RIP: 0033:0x7fedad564e69 [ 287.360264][ T28] RSP: 002b:00007ffda4b8f948 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.368749][ T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fedad564e69 [ 287.376781][ T28] RDX: 0000000000000002 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 287.384821][ T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 287.392844][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000dd9e [ 287.400815][ T28] R13: 00007ffda4b8f95c R14: 00007ffda4b8f970 R15: 00007ffda4b8f960 [ 287.408877][ T28] [ 287.411914][ T28] INFO: task syz-executor424:5188 blocked for more than 144 seconds. [ 287.420143][ T28] Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 287.427282][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.436015][ T28] task:syz-executor424 state:D stack:28256 pid:5188 ppid:5084 flags:0x00004004 [ 287.445326][ T28] Call Trace: [ 287.448613][ T28] [ 287.451540][ T28] __schedule+0x25d0/0x5a70 [ 287.456092][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 287.461319][ T28] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 287.467048][ T28] ? io_schedule_timeout+0x150/0x150 [ 287.472359][ T28] ? __mutex_lock+0xa43/0x1360 [ 287.477317][ T28] schedule+0xde/0x1b0 [ 287.481414][ T28] schedule_preempt_disabled+0x13/0x20 [ 287.486941][ T28] __mutex_lock+0xa48/0x1360 [ 287.491563][ T28] ? nfc_dev_down+0x2d/0x2d0 [ 287.496202][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 287.501776][ T28] ? find_held_lock+0x2d/0x110 [ 287.506631][ T28] ? mark_held_locks+0x9f/0xe0 [ 287.511417][ T28] ? nfc_dev_down+0x2d0/0x2d0 [ 287.516143][ T28] nfc_dev_down+0x2d/0x2d0 [ 287.520578][ T28] ? nfc_dev_down+0x2d0/0x2d0 [ 287.525321][ T28] nfc_rfkill_set_block+0x33/0xd0 [ 287.530369][ T28] ? nfc_dev_down+0x2d0/0x2d0 [ 287.535108][ T28] rfkill_set_block+0x1f9/0x540 [ 287.539993][ T28] rfkill_fop_write+0x2c7/0x570 [ 287.544925][ T28] ? rfkill_sync_work+0xc0/0xc0 [ 287.549803][ T28] ? bpf_lsm_file_permission+0x9/0x10 [ 287.555336][ T28] ? security_file_permission+0xaf/0xd0 [ 287.560937][ T28] vfs_write+0x2db/0xe10 [ 287.565418][ T28] ? rfkill_sync_work+0xc0/0xc0 [ 287.570324][ T28] ? kernel_write+0x670/0x670 [ 287.575098][ T28] ? find_held_lock+0x2d/0x110 [ 287.579911][ T28] ? ptrace_notify+0xfe/0x140 [ 287.584678][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 287.589549][ T28] ? __fget_light+0x20a/0x270 [ 287.594294][ T28] ksys_write+0x1ec/0x250 [ 287.598647][ T28] ? __ia32_sys_read+0xb0/0xb0 [ 287.603489][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 287.608736][ T28] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.614002][ T28] ? ptrace_notify+0xfe/0x140 [ 287.618720][ T28] do_syscall_64+0x39/0xb0 [ 287.623217][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 287.629140][ T28] RIP: 0033:0x7fedad564e69 [ 287.633601][ T28] RSP: 002b:00007ffda4b8f948 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 287.642036][ T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fedad564e69 [ 287.650167][ T28] RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000003 [ 287.658217][ T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 287.666249][ T28] R10: 00007ffda4b8f3c0 R11: 0000000000000246 R12: 000000000000de08 [ 287.674714][ T28] R13: 00007ffda4b8f95c R14: 00007ffda4b8f970 R15: 00007ffda4b8f960 [ 287.682777][ T28] [ 287.685813][ T28] INFO: task syz-executor424:5197 blocked for more than 144 seconds. [ 287.693948][ T28] Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 287.700987][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 287.709746][ T28] task:syz-executor424 state:D stack:27880 pid:5197 ppid:5086 flags:0x00004004 [ 287.719032][ T28] Call Trace: [ 287.722314][ T28] [ 287.725309][ T28] __schedule+0x25d0/0x5a70 [ 287.729840][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 287.735872][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 287.741878][ T28] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 287.747776][ T28] ? io_schedule_timeout+0x150/0x150 [ 287.753125][ T28] ? __mutex_lock+0xa43/0x1360 [ 287.757905][ T28] schedule+0xde/0x1b0 [ 287.761971][ T28] schedule_preempt_disabled+0x13/0x20 [ 287.767537][ T28] __mutex_lock+0xa48/0x1360 [ 287.772167][ T28] ? misc_open+0x63/0x4a0 [ 287.776626][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 287.782205][ T28] ? find_held_lock+0x2d/0x110 [ 287.787058][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 287.791928][ T28] ? kobject_get_unless_zero+0x15e/0x1e0 [ 287.797640][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 287.802673][ T28] ? misc_devnode+0x120/0x120 [ 287.807443][ T28] misc_open+0x63/0x4a0 [ 287.811603][ T28] ? misc_devnode+0x120/0x120 [ 287.816329][ T28] chrdev_open+0x26a/0x770 [ 287.820772][ T28] ? __unregister_chrdev+0x110/0x110 [ 287.826149][ T28] ? fsnotify_perm.part.0+0x221/0x610 [ 287.831565][ T28] do_dentry_open+0x6cc/0x13f0 [ 287.836453][ T28] ? __unregister_chrdev+0x110/0x110 [ 287.841845][ T28] ? may_open+0x1f6/0x420 [ 287.846297][ T28] path_openat+0x1bc1/0x2b40 [ 287.851003][ T28] ? path_lookupat+0x840/0x840 [ 287.855847][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 287.861868][ T28] do_filp_open+0x1ba/0x410 [ 287.866529][ T28] ? may_open_dev+0xf0/0xf0 [ 287.871072][ T28] ? find_held_lock+0x2d/0x110 [ 287.875907][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 287.880954][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 287.885970][ T28] ? _raw_spin_unlock+0x28/0x40 [ 287.890855][ T28] ? alloc_fd+0x2e4/0x6e0 [ 287.895255][ T28] do_sys_openat2+0x16d/0x4c0 [ 287.899960][ T28] ? build_open_flags+0x6f0/0x6f0 [ 287.905145][ T28] ? ptrace_notify+0xfe/0x140 [ 287.909847][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 287.914749][ T28] __x64_sys_openat+0x143/0x1f0 [ 287.919622][ T28] ? __ia32_sys_open+0x1c0/0x1c0 [ 287.924627][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 287.929927][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 287.935212][ T28] ? _raw_spin_unlock_irq+0x2e/0x50 [ 287.940443][ T28] ? ptrace_notify+0xfe/0x140 [ 287.945203][ T28] do_syscall_64+0x39/0xb0 [ 287.949645][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 287.955632][ T28] RIP: 0033:0x7fedad564e69 [ 287.960124][ T28] RSP: 002b:00007ffda4b8f948 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.968642][ T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fedad564e69 [ 287.976676][ T28] RDX: 0000000000008001 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 287.984712][ T28] RBP: 0000000000000000 R08: 00007ffda4b8f3c0 R09: 0000000000000001 [ 287.992726][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000de07 [ 288.000691][ T28] R13: 00007ffda4b8f95c R14: 00007ffda4b8f970 R15: 00007ffda4b8f960 [ 288.008744][ T28] [ 288.011786][ T28] [ 288.011786][ T28] Showing all threads with locks held in the system: [ 288.020697][ T28] task:rcu_tasks_kthre state:I stack:29040 pid:12 ppid:2 flags:0x00004000 [ 288.029989][ T28] Call Trace: [ 288.033307][ T28] [ 288.036250][ T28] __schedule+0x25d0/0x5a70 [ 288.040755][ T28] ? lock_chain_count+0x20/0x20 [ 288.045777][ T28] ? find_held_lock+0x2d/0x110 [ 288.050624][ T28] ? io_schedule_timeout+0x150/0x150 [ 288.055986][ T28] ? mark_held_locks+0x9f/0xe0 [ 288.060776][ T28] schedule+0xde/0x1b0 [ 288.064956][ T28] rcu_tasks_one_gp+0x484/0xcd0 [ 288.069842][ T28] rcu_tasks_kthread+0x77/0xa0 [ 288.074666][ T28] ? synchronize_rcu_tasks_trace+0x70/0x70 [ 288.080501][ T28] kthread+0x2e8/0x3a0 [ 288.084692][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 288.090362][ T28] ret_from_fork+0x1f/0x30 [ 288.094895][ T28] [ 288.097925][ T28] 1 lock held by rcu_tasks_kthre/12: [ 288.103290][ T28] #0: ffffffff8c793470 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xcd0 [ 288.113837][ T28] task:rcu_tasks_trace state:I stack:29208 pid:13 ppid:2 flags:0x00004000 [ 288.123207][ T28] Call Trace: [ 288.126497][ T28] [ 288.129427][ T28] __schedule+0x25d0/0x5a70 [ 288.134001][ T28] ? lock_chain_count+0x20/0x20 [ 288.138909][ T28] ? find_held_lock+0x2d/0x110 [ 288.144177][ T28] ? io_schedule_timeout+0x150/0x150 [ 288.149513][ T28] ? mark_held_locks+0x9f/0xe0 [ 288.154364][ T28] schedule+0xde/0x1b0 [ 288.158475][ T28] rcu_tasks_one_gp+0x484/0xcd0 [ 288.163414][ T28] rcu_tasks_kthread+0x77/0xa0 [ 288.168206][ T28] ? synchronize_rcu_tasks_trace+0x70/0x70 [ 288.174081][ T28] kthread+0x2e8/0x3a0 [ 288.178171][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 288.183868][ T28] ret_from_fork+0x1f/0x30 [ 288.188331][ T28] [ 288.191349][ T28] 1 lock held by rcu_tasks_trace/13: [ 288.196690][ T28] #0: ffffffff8c793170 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x31/0xcd0 [ 288.207947][ T28] task:getty state:S stack:23336 pid:4751 ppid:1 flags:0x00000000 [ 288.217234][ T28] Call Trace: [ 288.220546][ T28] [ 288.223548][ T28] __schedule+0x25d0/0x5a70 [ 288.228108][ T28] ? __flush_work+0x8b8/0xb60 [ 288.232851][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 288.238861][ T28] ? trace_lock_acquire+0x1f1/0x290 [ 288.244159][ T28] ? io_schedule_timeout+0x150/0x150 [ 288.249514][ T28] schedule+0xde/0x1b0 [ 288.253661][ T28] schedule_timeout+0x1e1/0x2a0 [ 288.258547][ T28] ? usleep_range_state+0x1b0/0x1b0 [ 288.263810][ T28] ? __up_read+0x192/0x720 [ 288.268268][ T28] ? down_read+0x19c/0x450 [ 288.272782][ T28] ? up_write+0x520/0x520 [ 288.278193][ T28] wait_woken+0x197/0x200 [ 288.282614][ T28] n_tty_read+0x1055/0x13e0 [ 288.287247][ T28] ? n_tty_receive_buf_closing+0x5b0/0x5b0 [ 288.293124][ T28] ? __init_waitqueue_head+0x150/0x150 [ 288.298629][ T28] tty_read+0x30e/0x5a0 [ 288.302862][ T28] ? do_SAK+0x70/0x70 [ 288.306876][ T28] ? fsnotify_perm.part.0+0x221/0x610 [ 288.313251][ T28] ? apparmor_file_permission+0x272/0x4e0 [ 288.319075][ T28] ? security_file_permission+0xaf/0xd0 [ 288.324692][ T28] vfs_read+0x681/0x930 [ 288.328876][ T28] ? kernel_read+0x1c0/0x1c0 [ 288.333581][ T28] ? __fget_light+0x20a/0x270 [ 288.338320][ T28] ksys_read+0x12b/0x250 [ 288.342639][ T28] ? vfs_write+0xe10/0xe10 [ 288.347151][ T28] ? syscall_enter_from_user_mode+0x26/0xb0 [ 288.353109][ T28] do_syscall_64+0x39/0xb0 [ 288.357546][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 288.363492][ T28] RIP: 0033:0x7f46ccfc58fe [ 288.367922][ T28] RSP: 002b:00007ffd1596e738 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 288.376398][ T28] RAX: ffffffffffffffda RBX: 00005619e1a03910 RCX: 00007f46ccfc58fe [ 288.384461][ T28] RDX: 0000000000000001 RSI: 00007ffd1596e750 RDI: 0000000000000000 [ 288.392431][ T28] RBP: 00005619e1a03970 R08: 0000000000000007 R09: 00005619e1a04cd0 [ 288.400610][ T28] R10: 0000000000000063 R11: 0000000000000246 R12: 00005619e1a039ac [ 288.408660][ T28] R13: 00007ffd1596e750 R14: 0000000000000000 R15: 00005619e1a039ac [ 288.416702][ T28] [ 288.419720][ T28] 2 locks held by getty/4751: [ 288.424431][ T28] #0: ffff88814a283098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x26/0x80 [ 288.434261][ T28] #1: ffffc900015a02f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xef4/0x13e0 [ 288.444428][ T28] task:kworker/0:3 state:D stack:28856 pid:5145 ppid:2 flags:0x00004000 [ 288.453725][ T28] Workqueue: events rfkill_global_led_trigger_worker [ 288.460417][ T28] Call Trace: [ 288.463735][ T28] [ 288.466700][ T28] __schedule+0x25d0/0x5a70 [ 288.471228][ T28] ? rcu_read_lock_sched_held+0x3e/0x70 [ 288.476831][ T28] ? find_held_lock+0x2d/0x110 [ 288.481630][ T28] ? wq_worker_sleeping+0x1e9/0x250 [ 288.486888][ T28] ? io_schedule_timeout+0x150/0x150 [ 288.492199][ T28] ? mark_held_locks+0x9f/0xe0 [ 288.497009][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 288.501972][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.507225][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 288.512458][ T28] schedule+0xde/0x1b0 [ 288.516592][ T28] schedule_preempt_disabled+0x13/0x20 [ 288.522069][ T28] __mutex_lock+0xa48/0x1360 [ 288.526797][ T28] ? rfkill_global_led_trigger_worker+0x1b/0x120 [ 288.533190][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 288.538739][ T28] ? lock_release+0x810/0x810 [ 288.543466][ T28] ? trace_lock_acquire+0x1f1/0x290 [ 288.548699][ T28] rfkill_global_led_trigger_worker+0x1b/0x120 [ 288.554913][ T28] process_one_work+0x9bf/0x1750 [ 288.559881][ T28] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 288.565305][ T28] ? rcu_read_lock_sched_held+0x3e/0x70 [ 288.570899][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 288.575901][ T28] ? lock_acquire+0x32/0xc0 [ 288.580421][ T28] ? worker_thread+0x16d/0x1090 [ 288.585355][ T28] worker_thread+0x669/0x1090 [ 288.590082][ T28] ? __kthread_parkme+0x163/0x220 [ 288.595195][ T28] ? process_one_work+0x1750/0x1750 [ 288.600422][ T28] kthread+0x2e8/0x3a0 [ 288.604531][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 288.610189][ T28] ret_from_fork+0x1f/0x30 [ 288.614674][ T28] [ 288.617699][ T28] 3 locks held by kworker/0:3/5145: [ 288.622932][ T28] #0: ffff888012470d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x86d/0x1750 [ 288.633390][ T28] #1: ffffc90003e3fda8 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x8a1/0x1750 [ 288.646399][ T28] #2: ffffffff8e4efcc8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x1b/0x120 [ 288.657878][ T28] task:syz-executor424 state:D stack:26912 pid:5170 ppid:5081 flags:0x00004002 [ 288.667122][ T28] Call Trace: [ 288.670406][ T28] [ 288.673380][ T28] __schedule+0x25d0/0x5a70 [ 288.677908][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 288.683932][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 288.689949][ T28] ? io_schedule_timeout+0x150/0x150 [ 288.695356][ T28] ? __mutex_lock+0xa43/0x1360 [ 288.700178][ T28] schedule+0xde/0x1b0 [ 288.704300][ T28] schedule_preempt_disabled+0x13/0x20 [ 288.709785][ T28] __mutex_lock+0xa48/0x1360 [ 288.714452][ T28] ? rfkill_unregister+0xde/0x2c0 [ 288.719521][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 288.725169][ T28] ? nfc_genl_device_removed+0x226/0x2f0 [ 288.730923][ T28] ? nfc_genl_device_added+0x230/0x230 [ 288.736450][ T28] rfkill_unregister+0xde/0x2c0 [ 288.741352][ T28] nfc_unregister_device+0x96/0x330 [ 288.746634][ T28] virtual_ncidev_close+0x52/0xb0 [ 288.751695][ T28] __fput+0x27c/0xa90 [ 288.755751][ T28] ? virtual_nci_open+0x10/0x10 [ 288.760638][ T28] task_work_run+0x16f/0x270 [ 288.765319][ T28] ? task_work_cancel+0x30/0x30 [ 288.770210][ T28] ? do_raw_spin_unlock+0x175/0x230 [ 288.775502][ T28] do_exit+0xb17/0x2a90 [ 288.779696][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 288.784589][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 288.789637][ T28] ? mm_update_next_owner+0x7b0/0x7b0 [ 288.795064][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 288.800026][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 288.805294][ T28] do_group_exit+0xd4/0x2a0 [ 288.809834][ T28] __x64_sys_exit_group+0x3e/0x50 [ 288.814913][ T28] do_syscall_64+0x39/0xb0 [ 288.819353][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 288.825303][ T28] RIP: 0033:0x7fedad563af9 [ 288.829731][ T28] RSP: 002b:00007ffda4b8f8f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 288.838192][ T28] RAX: ffffffffffffffda RBX: 00007fedad5d7330 RCX: 00007fedad563af9 [ 288.846241][ T28] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 288.854291][ T28] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000001 [ 288.862379][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fedad5d7330 [ 288.870425][ T28] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 288.878460][ T28] [ 288.881483][ T28] 2 locks held by syz-executor424/5170: [ 288.887070][ T28] #0: ffff888024f21100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x62/0x330 [ 288.896897][ T28] #1: ffffffff8e4efcc8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xde/0x2c0 [ 288.907044][ T28] task:syz-executor424 state:D stack:26992 pid:5174 ppid:5085 flags:0x00004002 [ 288.916300][ T28] Call Trace: [ 288.919586][ T28] [ 288.922568][ T28] __schedule+0x25d0/0x5a70 [ 288.927105][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 288.933150][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 288.939158][ T28] ? mark_held_locks+0x9f/0xe0 [ 288.943981][ T28] ? io_schedule_timeout+0x150/0x150 [ 288.949295][ T28] ? __mutex_lock+0xa43/0x1360 [ 288.954130][ T28] schedule+0xde/0x1b0 [ 288.958235][ T28] schedule_preempt_disabled+0x13/0x20 [ 288.963767][ T28] __mutex_lock+0xa48/0x1360 [ 288.968387][ T28] ? rfkill_unregister+0xde/0x2c0 [ 288.973496][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 288.979091][ T28] ? nfc_genl_device_removed+0x226/0x2f0 [ 288.984816][ T28] ? nfc_genl_device_added+0x230/0x230 [ 288.990300][ T28] rfkill_unregister+0xde/0x2c0 [ 288.995220][ T28] nfc_unregister_device+0x96/0x330 [ 289.000447][ T28] virtual_ncidev_close+0x52/0xb0 [ 289.005525][ T28] __fput+0x27c/0xa90 [ 289.009535][ T28] ? virtual_nci_open+0x10/0x10 [ 289.014441][ T28] task_work_run+0x16f/0x270 [ 289.019063][ T28] ? task_work_cancel+0x30/0x30 [ 289.023977][ T28] ? do_raw_spin_unlock+0x175/0x230 [ 289.029207][ T28] do_exit+0xb17/0x2a90 [ 289.033473][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 289.038344][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 289.043417][ T28] ? mm_update_next_owner+0x7b0/0x7b0 [ 289.048819][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 289.053815][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 289.059049][ T28] do_group_exit+0xd4/0x2a0 [ 289.063608][ T28] __x64_sys_exit_group+0x3e/0x50 [ 289.068670][ T28] do_syscall_64+0x39/0xb0 [ 289.073163][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 289.079087][ T28] RIP: 0033:0x7fedad563af9 [ 289.083554][ T28] RSP: 002b:00007ffda4b8f8f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 289.091991][ T28] RAX: ffffffffffffffda RBX: 00007fedad5d7330 RCX: 00007fedad563af9 [ 289.100016][ T28] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 289.108065][ T28] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000001 [ 289.116109][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fedad5d7330 [ 289.124147][ T28] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 289.132164][ T28] [ 289.135250][ T28] 2 locks held by syz-executor424/5174: [ 289.140824][ T28] #0: ffff8880220bc100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x62/0x330 [ 289.150720][ T28] #1: ffffffff8e4efcc8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xde/0x2c0 [ 289.160906][ T28] task:syz-executor424 state:D stack:27256 pid:5182 ppid:5088 flags:0x00004004 [ 289.170154][ T28] Call Trace: [ 289.173477][ T28] [ 289.176408][ T28] __schedule+0x25d0/0x5a70 [ 289.180913][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 289.186957][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 289.192994][ T28] ? io_schedule_timeout+0x150/0x150 [ 289.198286][ T28] ? __mutex_lock+0xa43/0x1360 [ 289.203111][ T28] schedule+0xde/0x1b0 [ 289.207201][ T28] schedule_preempt_disabled+0x13/0x20 [ 289.212709][ T28] __mutex_lock+0xa48/0x1360 [ 289.217326][ T28] ? rfkill_fop_write+0x160/0x570 [ 289.222356][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 289.227974][ T28] rfkill_fop_write+0x160/0x570 [ 289.232885][ T28] ? rfkill_sync_work+0xc0/0xc0 [ 289.237741][ T28] ? bpf_lsm_file_permission+0x9/0x10 [ 289.243186][ T28] ? security_file_permission+0xaf/0xd0 [ 289.248782][ T28] vfs_write+0x2db/0xe10 [ 289.253126][ T28] ? rfkill_sync_work+0xc0/0xc0 [ 289.258035][ T28] ? kernel_write+0x670/0x670 [ 289.262797][ T28] ? find_held_lock+0x2d/0x110 [ 289.267598][ T28] ? ptrace_notify+0xfe/0x140 [ 289.272275][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 289.277186][ T28] ? __fget_light+0x20a/0x270 [ 289.281898][ T28] ksys_write+0x1ec/0x250 [ 289.286282][ T28] ? __ia32_sys_read+0xb0/0xb0 [ 289.291071][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 289.296406][ T28] ? _raw_spin_unlock_irq+0x2e/0x50 [ 289.301664][ T28] ? ptrace_notify+0xfe/0x140 [ 289.306399][ T28] do_syscall_64+0x39/0xb0 [ 289.310867][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 289.316823][ T28] RIP: 0033:0x7fedad564e69 [ 289.321258][ T28] RSP: 002b:00007ffda4b8f948 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 289.331083][ T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fedad564e69 [ 289.339099][ T28] RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000003 [ 289.347112][ T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 289.355152][ T28] R10: 00007ffda4b8f3c0 R11: 0000000000000246 R12: 000000000000ddbf [ 289.363179][ T28] R13: 00007ffda4b8f95c R14: 00007ffda4b8f970 R15: 00007ffda4b8f960 [ 289.371179][ T28] [ 289.374269][ T28] 1 lock held by syz-executor424/5182: [ 289.379744][ T28] #0: ffffffff8e4efcc8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x160/0x570 [ 289.389961][ T28] task:syz-executor424 state:D stack:26992 pid:5184 ppid:5082 flags:0x00004004 [ 289.399320][ T28] Call Trace: [ 289.402666][ T28] [ 289.405608][ T28] __schedule+0x25d0/0x5a70 [ 289.410112][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 289.416154][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 289.422168][ T28] ? io_schedule_timeout+0x150/0x150 [ 289.427510][ T28] ? __mutex_lock+0xa43/0x1360 [ 289.432328][ T28] schedule+0xde/0x1b0 [ 289.436459][ T28] schedule_preempt_disabled+0x13/0x20 [ 289.441942][ T28] __mutex_lock+0xa48/0x1360 [ 289.446587][ T28] ? rfkill_register+0x3a/0xb00 [ 289.451472][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 289.457074][ T28] ? lockdep_init_map_type+0x21e/0x800 [ 289.462588][ T28] ? __init_waitqueue_head+0xca/0x150 [ 289.467973][ T28] rfkill_register+0x3a/0xb00 [ 289.472711][ T28] nfc_register_device+0x124/0x3b0 [ 289.477842][ T28] nci_register_device+0x7cb/0xb50 [ 289.483014][ T28] ? nci_init_complete_req+0x3f0/0x3f0 [ 289.488499][ T28] ? lockdep_init_map_type+0x21e/0x800 [ 289.494040][ T28] ? lockdep_init_map_type+0x21e/0x800 [ 289.499624][ T28] ? virtual_ncidev_read+0x4b0/0x4b0 [ 289.505008][ T28] virtual_ncidev_open+0x14f/0x230 [ 289.510153][ T28] misc_open+0x37a/0x4a0 [ 289.514465][ T28] ? misc_devnode+0x120/0x120 [ 289.519168][ T28] chrdev_open+0x26a/0x770 [ 289.523628][ T28] ? __unregister_chrdev+0x110/0x110 [ 289.528930][ T28] ? fsnotify_perm.part.0+0x221/0x610 [ 289.534373][ T28] do_dentry_open+0x6cc/0x13f0 [ 289.539171][ T28] ? __unregister_chrdev+0x110/0x110 [ 289.544499][ T28] ? may_open+0x1f6/0x420 [ 289.548859][ T28] path_openat+0x1bc1/0x2b40 [ 289.553520][ T28] ? path_lookupat+0x840/0x840 [ 289.558310][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 289.564439][ T28] do_filp_open+0x1ba/0x410 [ 289.568985][ T28] ? may_open_dev+0xf0/0xf0 [ 289.573542][ T28] ? find_held_lock+0x2d/0x110 [ 289.578343][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 289.583429][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 289.588392][ T28] ? _raw_spin_unlock+0x28/0x40 [ 289.593314][ T28] ? alloc_fd+0x2e4/0x6e0 [ 289.598027][ T28] do_sys_openat2+0x16d/0x4c0 [ 289.602752][ T28] ? build_open_flags+0x6f0/0x6f0 [ 289.607799][ T28] ? ptrace_notify+0xfe/0x140 [ 289.612472][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 289.617408][ T28] __x64_sys_openat+0x143/0x1f0 [ 289.622281][ T28] ? __ia32_sys_open+0x1c0/0x1c0 [ 289.627278][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 289.632561][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 289.637794][ T28] ? _raw_spin_unlock_irq+0x2e/0x50 [ 289.643066][ T28] ? ptrace_notify+0xfe/0x140 [ 289.647856][ T28] do_syscall_64+0x39/0xb0 [ 289.652270][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 289.658243][ T28] RIP: 0033:0x7fedad564e69 [ 289.662698][ T28] RSP: 002b:00007ffda4b8f948 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 289.671107][ T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fedad564e69 [ 289.679118][ T28] RDX: 0000000000000002 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 289.687130][ T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 289.695138][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000dd9e [ 289.703144][ T28] R13: 00007ffda4b8f95c R14: 00007ffda4b8f970 R15: 00007ffda4b8f960 [ 289.711119][ T28] [ 289.714189][ T28] 3 locks held by syz-executor424/5184: [ 289.719740][ T28] #0: ffffffff8d246ee8 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x63/0x4a0 [ 289.728234][ T28] #1: ffff88801e1ae100 (&dev->mutex){....}-{3:3}, at: nfc_register_device+0x9f/0x3b0 [ 289.737903][ T28] #2: ffffffff8e4efcc8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x3a/0xb00 [ 289.747876][ T28] task:syz-executor424 state:D stack:28256 pid:5188 ppid:5084 flags:0x00004004 [ 289.757157][ T28] Call Trace: [ 289.760442][ T28] [ 289.763458][ T28] __schedule+0x25d0/0x5a70 [ 289.768016][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 289.773317][ T28] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 289.779001][ T28] ? io_schedule_timeout+0x150/0x150 [ 289.784346][ T28] ? __mutex_lock+0xa43/0x1360 [ 289.789149][ T28] schedule+0xde/0x1b0 [ 289.793271][ T28] schedule_preempt_disabled+0x13/0x20 [ 289.798755][ T28] __mutex_lock+0xa48/0x1360 [ 289.803397][ T28] ? nfc_dev_down+0x2d/0x2d0 [ 289.808009][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 289.813602][ T28] ? find_held_lock+0x2d/0x110 [ 289.818407][ T28] ? mark_held_locks+0x9f/0xe0 [ 289.823222][ T28] ? nfc_dev_down+0x2d0/0x2d0 [ 289.827931][ T28] nfc_dev_down+0x2d/0x2d0 [ 289.832345][ T28] ? nfc_dev_down+0x2d0/0x2d0 [ 289.837086][ T28] nfc_rfkill_set_block+0x33/0xd0 [ 289.842133][ T28] ? nfc_dev_down+0x2d0/0x2d0 [ 289.846878][ T28] rfkill_set_block+0x1f9/0x540 [ 289.851766][ T28] rfkill_fop_write+0x2c7/0x570 [ 289.856670][ T28] ? rfkill_sync_work+0xc0/0xc0 [ 289.861551][ T28] ? bpf_lsm_file_permission+0x9/0x10 [ 289.866975][ T28] ? security_file_permission+0xaf/0xd0 [ 289.872594][ T28] vfs_write+0x2db/0xe10 [ 289.876837][ T28] ? rfkill_sync_work+0xc0/0xc0 [ 289.881692][ T28] ? kernel_write+0x670/0x670 [ 289.886446][ T28] ? find_held_lock+0x2d/0x110 [ 289.891261][ T28] ? ptrace_notify+0xfe/0x140 [ 289.896045][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 289.900914][ T28] ? __fget_light+0x20a/0x270 [ 289.905642][ T28] ksys_write+0x1ec/0x250 [ 289.909999][ T28] ? __ia32_sys_read+0xb0/0xb0 [ 289.914805][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 289.920034][ T28] ? _raw_spin_unlock_irq+0x2e/0x50 [ 289.925288][ T28] ? ptrace_notify+0xfe/0x140 [ 289.929987][ T28] do_syscall_64+0x39/0xb0 [ 289.934445][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 289.940369][ T28] RIP: 0033:0x7fedad564e69 [ 289.944823][ T28] RSP: 002b:00007ffda4b8f948 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 289.953299][ T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fedad564e69 [ 289.961266][ T28] RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000003 [ 289.969276][ T28] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 289.977290][ T28] R10: 00007ffda4b8f3c0 R11: 0000000000000246 R12: 000000000000de08 [ 289.985299][ T28] R13: 00007ffda4b8f95c R14: 00007ffda4b8f970 R15: 00007ffda4b8f960 [ 289.993365][ T28] [ 289.996392][ T28] 2 locks held by syz-executor424/5188: [ 290.001925][ T28] #0: ffffffff8e4efcc8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x160/0x570 [ 290.012086][ T28] #1: ffff8880220bc100 (&dev->mutex){....}-{3:3}, at: nfc_dev_down+0x2d/0x2d0 [ 290.021235][ T28] task:syz-executor424 state:D stack:27880 pid:5197 ppid:5086 flags:0x00004004 [ 290.030515][ T28] Call Trace: [ 290.033866][ T28] [ 290.036835][ T28] __schedule+0x25d0/0x5a70 [ 290.043401][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 290.049416][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 290.055466][ T28] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 290.061325][ T28] ? io_schedule_timeout+0x150/0x150 [ 290.066690][ T28] ? __mutex_lock+0xa43/0x1360 [ 290.071495][ T28] schedule+0xde/0x1b0 [ 290.075625][ T28] schedule_preempt_disabled+0x13/0x20 [ 290.081112][ T28] __mutex_lock+0xa48/0x1360 [ 290.085773][ T28] ? misc_open+0x63/0x4a0 [ 290.090139][ T28] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 290.095738][ T28] ? find_held_lock+0x2d/0x110 [ 290.100629][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 290.107448][ T28] ? kobject_get_unless_zero+0x15e/0x1e0 [ 290.113138][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 290.118078][ T28] ? misc_devnode+0x120/0x120 [ 290.122805][ T28] misc_open+0x63/0x4a0 [ 290.127032][ T28] ? misc_devnode+0x120/0x120 [ 290.131711][ T28] chrdev_open+0x26a/0x770 [ 290.136186][ T28] ? __unregister_chrdev+0x110/0x110 [ 290.141490][ T28] ? fsnotify_perm.part.0+0x221/0x610 [ 290.147099][ T28] do_dentry_open+0x6cc/0x13f0 [ 290.151895][ T28] ? __unregister_chrdev+0x110/0x110 [ 290.157254][ T28] ? may_open+0x1f6/0x420 [ 290.161630][ T28] path_openat+0x1bc1/0x2b40 [ 290.166341][ T28] ? path_lookupat+0x840/0x840 [ 290.171145][ T28] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 290.177224][ T28] do_filp_open+0x1ba/0x410 [ 290.181768][ T28] ? may_open_dev+0xf0/0xf0 [ 290.186341][ T28] ? find_held_lock+0x2d/0x110 [ 290.191146][ T28] ? do_raw_spin_lock+0x124/0x2b0 [ 290.196227][ T28] ? rwlock_bug.part.0+0x90/0x90 [ 290.201203][ T28] ? _raw_spin_unlock+0x28/0x40 [ 290.206109][ T28] ? alloc_fd+0x2e4/0x6e0 [ 290.210481][ T28] do_sys_openat2+0x16d/0x4c0 [ 290.215232][ T28] ? build_open_flags+0x6f0/0x6f0 [ 290.220288][ T28] ? ptrace_notify+0xfe/0x140 [ 290.225016][ T28] ? lock_downgrade+0x6e0/0x6e0 [ 290.229892][ T28] __x64_sys_openat+0x143/0x1f0 [ 290.234792][ T28] ? __ia32_sys_open+0x1c0/0x1c0 [ 290.239750][ T28] ? _raw_spin_unlock_irq+0x23/0x50 [ 290.245005][ T28] ? lockdep_hardirqs_on+0x7d/0x100 [ 290.250235][ T28] ? _raw_spin_unlock_irq+0x2e/0x50 [ 290.255608][ T28] ? ptrace_notify+0xfe/0x140 [ 290.260311][ T28] do_syscall_64+0x39/0xb0 [ 290.264774][ T28] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 290.270700][ T28] RIP: 0033:0x7fedad564e69 [ 290.275157][ T28] RSP: 002b:00007ffda4b8f948 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 290.283678][ T28] RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fedad564e69 [ 290.291654][ T28] RDX: 0000000000008001 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 290.299670][ T28] RBP: 0000000000000000 R08: 00007ffda4b8f3c0 R09: 0000000000000001 [ 290.307722][ T28] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000de07 [ 290.315770][ T28] R13: 00007ffda4b8f95c R14: 00007ffda4b8f970 R15: 00007ffda4b8f960 [ 290.323790][ T28] [ 290.326853][ T28] 1 lock held by syz-executor424/5197: [ 290.332299][ T28] #0: ffffffff8d246ee8 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x63/0x4a0 [ 290.340911][ T28] [ 290.343269][ T28] ============================================= [ 290.343269][ T28] [ 290.351664][ T28] NMI backtrace for cpu 1 [ 290.355977][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 290.365260][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 290.375303][ T28] Call Trace: [ 290.378572][ T28] [ 290.381502][ T28] dump_stack_lvl+0xd1/0x138 [ 290.386086][ T28] nmi_cpu_backtrace.cold+0x24/0x18a [ 290.391367][ T28] nmi_trigger_cpumask_backtrace+0x32f/0x3c0 [ 290.397363][ T28] ? lapic_can_unplug_cpu+0x80/0x80 [ 290.402566][ T28] watchdog+0xcae/0x1050 [ 290.406881][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 290.412863][ T28] kthread+0x2e8/0x3a0 [ 290.416922][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 290.422551][ T28] ret_from_fork+0x1f/0x30 [ 290.426971][ T28] [ 290.430127][ T28] Sending NMI from CPU 1 to CPUs 0: [ 290.435425][ C0] NMI backtrace for cpu 0 [ 290.435434][ C0] CPU: 0 PID: 9 Comm: kworker/u4:0 Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 290.435453][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 290.435464][ C0] Workqueue: events_unbound toggle_allocation_gate [ 290.435564][ C0] RIP: 0010:load_balance+0xa84/0x2e30 [ 290.435584][ C0] Code: 4b 17 0d 83 f8 02 0f 85 9c fc ff ff 3b 4c 24 48 0f 86 60 fa ff ff 89 4c 24 48 48 89 54 24 60 e9 52 fa ff ff 48 83 7c 24 60 00 <0f> 84 11 15 00 00 48 8b 44 24 60 48 39 84 24 20 01 00 00 0f 84 35 [ 290.435600][ C0] RSP: 0018:ffffc900000e7730 EFLAGS: 00000086 [ 290.435614][ C0] RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000 [ 290.435625][ C0] RDX: ffff88813fe18000 RSI: ffffffff840895ed RDI: 0000000000000006 [ 290.435637][ C0] RBP: ffffc900000e7910 R08: 0000000000000006 R09: 0000000000000002 [ 290.435648][ C0] R10: 0000000000000002 R11: 00000000000003ff R12: 0000000000000002 [ 290.435658][ C0] R13: 0000000000000003 R14: dffffc0000000000 R15: ffff88813fef5220 [ 290.435670][ C0] FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 290.435687][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 290.435700][ C0] CR2: 000055cf7cbdefa8 CR3: 000000000c571000 CR4: 00000000003506f0 [ 290.435711][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 290.435722][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 290.435733][ C0] Call Trace: [ 290.435737][ C0] [ 290.435743][ C0] ? find_held_lock+0x2d/0x110 [ 290.435778][ C0] ? find_busiest_group+0x9f0/0x9f0 [ 290.435803][ C0] newidle_balance+0x713/0x1220 [ 290.435824][ C0] ? load_balance+0x2e30/0x2e30 [ 290.435844][ C0] pick_next_task_fair+0x9a/0x12e0 [ 290.435864][ C0] __schedule+0x3ec/0x5a70 [ 290.435890][ C0] ? prepare_to_wait_event+0xd0/0x6a0 [ 290.435910][ C0] ? io_schedule_timeout+0x150/0x150 [ 290.435930][ C0] ? mark_held_locks+0x9f/0xe0 [ 290.435949][ C0] ? _raw_spin_unlock_irqrestore+0x54/0x70 [ 290.435976][ C0] ? lockdep_hardirqs_on+0x7d/0x100 [ 290.436000][ C0] ? _raw_spin_unlock_irqrestore+0x41/0x70 [ 290.436028][ C0] schedule+0xde/0x1b0 [ 290.436047][ C0] toggle_allocation_gate+0x1ad/0x230 [ 290.436073][ C0] ? wake_up_kfence_timer+0x30/0x30 [ 290.436097][ C0] ? trace_lock_acquire+0x1f1/0x290 [ 290.436114][ C0] ? prepare_to_wait_exclusive+0x2c0/0x2c0 [ 290.436137][ C0] process_one_work+0x9bf/0x1750 [ 290.436162][ C0] ? pwq_dec_nr_in_flight+0x2a0/0x2a0 [ 290.436183][ C0] ? rcu_read_lock_sched_held+0x3e/0x70 [ 290.436202][ C0] ? rwlock_bug.part.0+0x90/0x90 [ 290.436221][ C0] ? lock_acquire+0x32/0xc0 [ 290.436237][ C0] ? worker_thread+0x16d/0x1090 [ 290.436259][ C0] worker_thread+0x669/0x1090 [ 290.436284][ C0] ? process_one_work+0x1750/0x1750 [ 290.436306][ C0] kthread+0x2e8/0x3a0 [ 290.436328][ C0] ? kthread_complete_and_exit+0x40/0x40 [ 290.436349][ C0] ret_from_fork+0x1f/0x30 [ 290.436377][ C0] [ 290.436495][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 290.734283][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.2.0-rc3-next-20230112-syzkaller #0 [ 290.743584][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 290.753646][ T28] Call Trace: [ 290.756933][ T28] [ 290.759875][ T28] dump_stack_lvl+0xd1/0x138 [ 290.764484][ T28] panic+0x2cc/0x626 [ 290.768430][ T28] ? panic_print_sys_info.part.0+0x112/0x112 [ 290.774444][ T28] ? preempt_schedule_thunk+0x1a/0x20 [ 290.779863][ T28] ? watchdog.cold+0x130/0x158 [ 290.784662][ T28] watchdog.cold+0x141/0x158 [ 290.789275][ T28] ? proc_dohung_task_timeout_secs+0x80/0x80 [ 290.795310][ T28] kthread+0x2e8/0x3a0 [ 290.799396][ T28] ? kthread_complete_and_exit+0x40/0x40 [ 290.805048][ T28] ret_from_fork+0x1f/0x30 [ 290.809510][ T28] [ 290.812724][ T28] Kernel Offset: disabled [ 290.817055][ T28] Rebooting in 86400 seconds..