syzbot

usb-storage 1-1:0.0: USB Mass Storage device detected
usb 1-1: USB disconnect, device number 12
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: CPU: 1 PID: 5237 at kernel/locking/lockdep.c:231 hlock_class kernel/locking/lockdep.c:231 [inline]
WARNING: CPU: 1 PID: 5237 at kernel/locking/lockdep.c:231 check_wait_context kernel/locking/lockdep.c:4772 [inline]
WARNING: CPU: 1 PID: 5237 at kernel/locking/lockdep.c:231 __lock_acquire+0x58c/0x2040 kernel/locking/lockdep.c:5092
Modules linked in:
CPU: 1 UID: 0 PID: 5237 Comm: kworker/1:3 Not tainted 6.11.0-rc5-syzkaller-00219-g1934261d8974 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
Workqueue: events nsim_dev_trap_report_work
RIP: 0010:hlock_class kernel/locking/lockdep.c:231 [inline]
RIP: 0010:check_wait_context kernel/locking/lockdep.c:4772 [inline]
RIP: 0010:__lock_acquire+0x58c/0x2040 kernel/locking/lockdep.c:5092
Code: 00 00 83 3d c5 c8 a8 0e 00 75 23 90 48 c7 c7 00 d4 0a 8c 48 c7 c6 a0 d6 0a 8c e8 7f d8 e5 ff 48 ba 00 00 00 00 00 fc ff df 90 <0f> 0b 90 90 90 31 db 48 81 c3 c4 00 00 00 48 89 d8 48 c1 e8 03 0f
RSP: 0018:ffffc900049af4b0 EFLAGS: 00010046
RAX: a8716d57209e1200 RBX: 0000000000000f98 RCX: ffff888062f93c00
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 000000000000000f R08: ffffffff8155b2f2 R09: 1ffff1101712519a
R10: dffffc0000000000 R11: ffffed101712519b R12: ffff888062f93c00
R13: 0000000000000f98 R14: 1ffff1100c5f28ef R15: ffff888062f94778
FS:  0000000000000000(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000002002a000 CR3: 0000000077fb8000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5759
 _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378
 raw_spin_rq_lock_nested+0xb0/0x140 kernel/sched/core.c:568
 raw_spin_rq_lock kernel/sched/sched.h:1415 [inline]
 rq_lock kernel/sched/sched.h:1714 [inline]
 __schedule+0x357/0x4a60 kernel/sched/core.c:6436
 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:6851
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_reschedule_ipi+0x1a/0x20 arch/x86/include/asm/idtentry.h:707
RIP: 0010:nsim_dev_trap_report drivers/net/netdevsim/dev.c:785 [inline]
RIP: 0010:nsim_dev_trap_report_work+0x159/0xaa0 drivers/net/netdevsim/dev.c:850
Code: 74 08 4c 89 f7 e8 97 02 e5 fa 49 8b 1e 48 83 c3 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 7a 02 e5 fa 48 8b 1b <48> 89 df e8 3f 04 7b 03 48 89 84 24 80 00 00 00 48 8d 7b 10 48 89
RSP: 0018:ffffc900049afae8 EFLAGS: 00000246
RAX: 1ffff1100bd01199 RBX: ffff88807e5e7360 RCX: ffff888062f93c00
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffff88806f4dc800 R08: ffffffff8715d466 R09: 1ffff1100bd01015
R10: dffffc0000000000 R11: ffffed100bd01016 R12: ffff88807e5e7408
R13: dffffc0000000000 R14: ffff88806f4dc9e0 R15: ffffffff815e6ba5
 process_one_work kernel/workqueue.c:3231 [inline]
 process_scheduled_works+0xa2e/0x1830 kernel/workqueue.c:3312
 worker_thread+0x86d/0xd10 kernel/workqueue.c:3389
 kthread+0x2f2/0x390 kernel/kthread.c:389
 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
----------------
Code disassembly (best guess):
   0:	74 08                	je     0xa
   2:	4c 89 f7             	mov    %r14,%rdi
   5:	e8 97 02 e5 fa       	call   0xfae502a1
   a:	49 8b 1e             	mov    (%r14),%rbx
   d:	48 83 c3 08          	add    $0x8,%rbx
  11:	48 89 d8             	mov    %rbx,%rax
  14:	48 c1 e8 03          	shr    $0x3,%rax
  18:	42 80 3c 28 00       	cmpb   $0x0,(%rax,%r13,1)
  1d:	74 08                	je     0x27
  1f:	48 89 df             	mov    %rbx,%rdi
  22:	e8 7a 02 e5 fa       	call   0xfae502a1
  27:	48 8b 1b             	mov    (%rbx),%rbx
* 2a:	48 89 df             	mov    %rbx,%rdi <-- trapping instruction
  2d:	e8 3f 04 7b 03       	call   0x37b0471
  32:	48 89 84 24 80 00 00 	mov    %rax,0x80(%rsp)
  39:	00
  3a:	48 8d 7b 10          	lea    0x10(%rbx),%rdi
  3e:	48                   	rex.W
  3f:	89                   	.byte 0x89