[   83.821862][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.837000][   T11] device veth1_macvtap left promiscuous mode
[   83.844420][   T11] device veth0_macvtap left promiscuous mode
[   83.850657][   T11] device veth1_vlan left promiscuous mode
[   83.856741][   T11] device veth0_vlan left promiscuous mode
[   83.969616][   T11] team0 (unregistering): Port device team_slave_1 removed
[   83.981516][   T11] team0 (unregistering): Port device team_slave_0 removed
[   83.993922][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   84.006116][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   84.051444][   T11] bond0 (unregistering): Released all slaves
Warning: Permanently added '10.128.10.43' (ECDSA) to the list of known hosts.
[  100.163030][ T4068] 
[  100.165425][ T4068] ======================================================
[  100.172418][ T4068] WARNING: possible circular locking dependency detected
[  100.179403][ T4068] 5.17.0-syzkaller #0 Not tainted
[  100.184407][ T4068] ------------------------------------------------------
[  100.191392][ T4068] syz-executor339/4068 is trying to acquire lock:
[  100.198032][ T4068] ffff8880774e3228 (&mm->mmap_lock#2){++++}-{3:3}, at: __might_fault+0x88/0x160
[  100.207119][ T4068] 
[  100.207119][ T4068] but task is already holding lock:
[  100.214465][ T4068] ffff88801a542230 (&runtime->buffer_mutex){+.+.}-{3:3}, at: __snd_pcm_lib_xfer+0x9ca/0x1ab0
[  100.224588][ T4068] 
[  100.224588][ T4068] which lock already depends on the new lock.
[  100.224588][ T4068] 
[  100.235145][ T4068] 
[  100.235145][ T4068] the existing dependency chain (in reverse order) is:
[  100.244136][ T4068] 
[  100.244136][ T4068] -> #1 (&runtime->buffer_mutex){+.+.}-{3:3}:
[  100.252354][ T4068]        __mutex_lock+0x12f/0x12f0
[  100.257530][ T4068]        snd_pcm_hw_params+0xbb/0x1740
[  100.262979][ T4068]        snd_pcm_oss_change_params_locked+0x11a2/0x30a0
[  100.269890][ T4068]        snd_pcm_oss_mmap+0x391/0x4a0
[  100.275317][ T4068]        mmap_region+0x976/0x1200
[  100.280324][ T4068]        do_mmap+0x5c4/0xd70
[  100.285061][ T4068]        vm_mmap_pgoff+0x163/0x210
[  100.290265][ T4068]        ksys_mmap_pgoff+0x2e8/0x490
[  100.295534][ T4068]        do_syscall_64+0x35/0x80
[  100.300465][ T4068]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[  100.306854][ T4068] 
[  100.306854][ T4068] -> #0 (&mm->mmap_lock#2){++++}-{3:3}:
[  100.314633][ T4068]        __lock_acquire+0x2a44/0x5660
[  100.320150][ T4068]        lock_acquire+0x1ab/0x510
[  100.325314][ T4068]        __might_fault+0xe6/0x160
[  100.330309][ T4068]        _copy_to_user+0x20/0xc0
[  100.335312][ T4068]        default_read_copy+0xf1/0x160
[  100.340667][ T4068]        __snd_pcm_lib_xfer+0x1148/0x1ab0
[  100.346365][ T4068]        snd_pcm_oss_read3+0x16f/0x360
[  100.351799][ T4068]        snd_pcm_oss_read2+0x261/0x3b0
[  100.357495][ T4068]        snd_pcm_oss_read+0x4a4/0x6a0
[  100.363017][ T4068]        vfs_read+0x15f/0x4b0
[  100.367665][ T4068]        ksys_read+0xee/0x1c0
[  100.372323][ T4068]        do_syscall_64+0x35/0x80
[  100.377230][ T4068]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[  100.383630][ T4068] 
[  100.383630][ T4068] other info that might help us debug this:
[  100.383630][ T4068] 
[  100.393929][ T4068]  Possible unsafe locking scenario:
[  100.393929][ T4068] 
[  100.401348][ T4068]        CPU0                    CPU1
[  100.406770][ T4068]        ----                    ----
[  100.412103][ T4068]   lock(&runtime->buffer_mutex);
[  100.417094][ T4068]                                lock(&mm->mmap_lock#2);
[  100.424094][ T4068]                                lock(&runtime->buffer_mutex);
[  100.431616][ T4068]   lock(&mm->mmap_lock#2);
[  100.436355][ T4068] 
[  100.436355][ T4068]  *** DEADLOCK ***
[  100.436355][ T4068] 
[  100.444478][ T4068] 1 lock held by syz-executor339/4068:
[  100.449904][ T4068]  #0: ffff88801a542230 (&runtime->buffer_mutex){+.+.}-{3:3}, at: __snd_pcm_lib_xfer+0x9ca/0x1ab0
[  100.460555][ T4068] 
[  100.460555][ T4068] stack backtrace:
[  100.466413][ T4068] CPU: 0 PID: 4068 Comm: syz-executor339 Not tainted 5.17.0-syzkaller #0
[  100.474800][ T4068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  100.484839][ T4068] Call Trace:
[  100.488356][ T4068]  <TASK>
[  100.491261][ T4068]  dump_stack_lvl+0x57/0x7d
[  100.495831][ T4068]  check_noncircular+0x25f/0x2e0
[  100.500739][ T4068]  ? print_circular_bug+0x1e0/0x1e0
[  100.505905][ T4068]  ? lock_chain_count+0x20/0x20
[  100.510738][ T4068]  __lock_acquire+0x2a44/0x5660
[  100.515556][ T4068]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  100.521589][ T4068]  ? mark_lock.part.0+0xee/0x19a0
[  100.526591][ T4068]  lock_acquire+0x1ab/0x510
[  100.531060][ T4068]  ? __might_fault+0x88/0x160
[  100.535722][ T4068]  ? lock_release+0x720/0x720
[  100.540368][ T4068]  __might_fault+0xe6/0x160
[  100.544839][ T4068]  ? __might_fault+0x88/0x160
[  100.549495][ T4068]  _copy_to_user+0x20/0xc0
[  100.553888][ T4068]  default_read_copy+0xf1/0x160
[  100.558708][ T4068]  ? _raw_spin_unlock_irq+0x1f/0x40
[  100.563962][ T4068]  __snd_pcm_lib_xfer+0x1148/0x1ab0
[  100.569129][ T4068]  ? snd_pcm_hw_rule_step+0x3b0/0x3b0
[  100.574639][ T4068]  ? snd_pcm_add_chmap_ctls+0x560/0x560
[  100.580149][ T4068]  ? pcm_lib_apply_appl_ptr+0x400/0x400
[  100.585662][ T4068]  ? wake_up_q+0xf0/0xf0
[  100.589873][ T4068]  snd_pcm_oss_read3+0x16f/0x360
[  100.594797][ T4068]  ? snd_pcm_oss_write+0x8d0/0x8d0
[  100.599893][ T4068]  ? __up_read+0x194/0x720
[  100.604275][ T4068]  ? up_write+0x470/0x470
[  100.608664][ T4068]  snd_pcm_oss_read2+0x261/0x3b0
[  100.613574][ T4068]  ? snd_pcm_oss_read3+0x360/0x360
[  100.618653][ T4068]  ? snd_pcm_action_nonatomic+0xc9/0x110
[  100.624339][ T4068]  ? snd_pcm_oss_prepare+0x41/0x210
[  100.629509][ T4068]  snd_pcm_oss_read+0x4a4/0x6a0
[  100.634330][ T4068]  vfs_read+0x15f/0x4b0
[  100.638465][ T4068]  ksys_read+0xee/0x1c0
[  100.642597][ T4068]  ? vfs_write+0x8f0/0x8f0
[  100.646998][ T4068]  ? lockdep_hardirqs_on_prepare+0x17b/0x400
[  100.653039][ T4068]  ? syscall_enter_from_user_mode+0x21/0x70
[  100.659000][ T4068]  do_syscall_64+0x35/0x80
[  100.663478][ T4068]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  100.669337][ T4068] RIP: 0033:0x7f407434ec19
[  100.673721][ T4068] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[  100.693294][ T4068] RSP: 002b:00007fffea664128 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.701670][ T4068] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f407434ec19
[  100.709697][ T4068] RDX: 0000000000000ff2 RSI: 0000000020000780 RDI: 0000000000000004
[  100.717653][ T4068] RBP: 00007f4074312dc0 R08: 0000000000000000 R09: 0000000000000000
[  100.725592][ T4068] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4074312e50
[  100.733531][ T4068] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  100.741487][ T4068]  </TASK>