[ 49.178308][ T188] device veth0_macvtap left promiscuous mode [ 49.184335][ T188] device veth1_vlan left promiscuous mode [ 49.191209][ T188] device veth0_vlan left promiscuous mode [ 52.315995][ T188] team0 (unregistering): Port device team_slave_1 removed [ 52.327868][ T188] team0 (unregistering): Port device team_slave_0 removed [ 52.340026][ T188] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 52.354794][ T188] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 52.397508][ T188] bond0 (unregistering): Released all slaves [ 54.032314][ T5425] can: request_module (can-proto-0) failed. [ 54.056073][ T5425] can: request_module (can-proto-0) failed. [ 71.322629][ T3815] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.1.82' (ECDSA) to the list of known hosts. 2022/06/02 20:11:07 parsed 1 programs 2022/06/02 20:11:07 executed programs: 0 [ 72.670620][ T5876] cgroup: Unknown subsys name 'net' [ 72.680502][ T5876] cgroup: Unknown subsys name 'rlimit' [ 73.819304][ T5880] IPVS: ftp: loaded support on port[0] = 21 [ 73.868391][ T5880] chnl_net:caif_netlink_parms(): no params data found [ 73.901139][ T5880] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.908551][ T5880] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.916433][ T5880] device bridge_slave_0 entered promiscuous mode [ 73.924863][ T5880] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.932158][ T5880] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.940011][ T5880] device bridge_slave_1 entered promiscuous mode [ 73.955837][ T5880] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.967279][ T5880] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.985925][ T5880] team0: Port device team_slave_0 added [ 73.993712][ T5880] team0: Port device team_slave_1 added [ 74.006712][ T5880] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.013810][ T5880] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.040345][ T5880] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.052809][ T5880] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.059868][ T5880] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.086159][ T5880] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.106923][ T5880] device hsr_slave_0 entered promiscuous mode [ 74.113955][ T5880] device hsr_slave_1 entered promiscuous mode [ 74.164646][ T5880] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.171983][ T5880] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.179588][ T5880] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.186839][ T5880] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.217120][ T5880] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.230337][ T5446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 74.238954][ T5446] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.246232][ T5446] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.254131][ T5446] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 74.266547][ T5880] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.276211][ T5446] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.284661][ T5446] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.291734][ T5446] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.308462][ T5446] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.316753][ T5446] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.323887][ T5446] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.332682][ T5446] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 74.342795][ T5446] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 74.357236][ T5880] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 74.368635][ T5880] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 74.382258][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 74.391263][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 74.400056][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 74.409670][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 74.424406][ T5880] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.433776][ T5447] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.441931][ T5447] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.519880][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 74.535348][ T3815] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 74.544478][ T3815] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 74.552572][ T3815] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 74.562437][ T5880] device veth0_vlan entered promiscuous mode [ 74.572547][ T5880] device veth1_vlan entered promiscuous mode [ 74.588922][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 74.597507][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 74.606132][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 74.617546][ T5880] device veth0_macvtap entered promiscuous mode [ 74.626992][ T5880] device veth1_macvtap entered promiscuous mode [ 74.641170][ T5880] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.649602][ T3815] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 74.658985][ T3815] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 74.670260][ T5880] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.678129][ T3815] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 74.725111][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.740865][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.750153][ T2939] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 74.760131][ T3089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.768529][ T3089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.777206][ T2939] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 74.821448][ T5893] [ 74.824213][ T5893] ===================================================== [ 74.831136][ T5893] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 74.838735][ T5893] 5.11.0-syzkaller #0 Not tainted [ 74.843733][ T5893] ----------------------------------------------------- [ 74.850723][ T5893] syz-executor.0/5893 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 74.858674][ T5893] ffff8880192850c0 (&new->fa_lock){.+.+}-{2:2}, at: kill_fasync+0xec/0x310 [ 74.867263][ T5893] [ 74.867263][ T5893] and this task is already holding: [ 74.874601][ T5893] ffff88801028a028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xef/0xb10 [ 74.884998][ T5893] which would create a new lock dependency: [ 74.890882][ T5893] (&client->buffer_lock){....}-{2:2} -> (&new->fa_lock){.+.+}-{2:2} [ 74.899119][ T5893] [ 74.899119][ T5893] but this new dependency connects a HARDIRQ-irq-safe lock: [ 74.908652][ T5893] (&dev->event_lock){-...}-{2:2} [ 74.908664][ T5893] [ 74.908664][ T5893] ... which became HARDIRQ-irq-safe at: [ 74.921517][ T5893] lock_acquire+0x1a8/0x720 [ 74.926097][ T5893] _raw_spin_lock_irqsave+0x39/0x50 [ 74.931375][ T5893] input_event+0x41/0x80 [ 74.935712][ T5893] psmouse_report_standard_buttons+0x1b/0x50 [ 74.941843][ T5893] psmouse_process_byte+0x1ae/0x7a0 [ 74.947114][ T5893] psmouse_handle_byte+0x3c/0x180 [ 74.952201][ T5893] psmouse_interrupt+0x22b/0xd60 [ 74.957217][ T5893] serio_interrupt+0x7e/0x110 [ 74.961987][ T5893] i8042_interrupt+0x17b/0x410 [ 74.966824][ T5893] __handle_irq_event_percpu+0x256/0x680 [ 74.972535][ T5893] handle_irq_event+0xfa/0x260 [ 74.977366][ T5893] handle_edge_irq+0x203/0xb50 [ 74.982563][ T5893] asm_call_irq_on_stack+0xf/0x20 [ 74.988049][ T5893] common_interrupt+0x120/0x200 [ 74.993700][ T5893] asm_common_interrupt+0x1e/0x40 [ 74.998881][ T5893] _raw_spin_unlock_irqrestore+0x25/0x50 [ 75.004596][ T5893] i8042_command+0x8b/0xb0 [ 75.009081][ T5893] i8042_aux_write+0xb1/0x100 [ 75.013814][ T5893] ps2_do_sendbyte+0x1f2/0x5a0 [ 75.018633][ T5893] ps2_sendbyte+0x53/0x140 [ 75.023120][ T5893] cypress_ps2_sendbyte+0x21/0x130 [ 75.028401][ T5893] cypress_send_ext_cmd+0x1ae/0x7b0 [ 75.033682][ T5893] cypress_detect+0x6c/0x130 [ 75.038448][ T5893] psmouse_try_protocol+0x194/0x3a0 [ 75.043715][ T5893] psmouse_extensions+0x3f8/0x680 [ 75.048945][ T5893] psmouse_switch_protocol+0x4a2/0x690 [ 75.055342][ T5893] psmouse_connect+0x57b/0xe70 [ 75.060179][ T5893] serio_driver_probe+0x6d/0xa0 [ 75.065096][ T5893] really_probe+0x1fd/0xc60 [ 75.069862][ T5893] driver_probe_device+0x1ed/0x380 [ 75.075242][ T5893] device_driver_attach+0x1da/0x240 [ 75.080732][ T5893] __driver_attach+0xee/0x260 [ 75.085887][ T5893] bus_for_each_dev+0x119/0x1a0 [ 75.090917][ T5893] serio_handle_event+0x48f/0x750 [ 75.096015][ T5893] process_one_work+0x84c/0x13b0 [ 75.101440][ T5893] worker_thread+0x598/0xf80 [ 75.106185][ T5893] kthread+0x36f/0x450 [ 75.110486][ T5893] ret_from_fork+0x1f/0x30 [ 75.114977][ T5893] [ 75.114977][ T5893] to a HARDIRQ-irq-unsafe lock: [ 75.122286][ T5893] (&new->fa_lock){.+.+}-{2:2} [ 75.122299][ T5893] [ 75.122299][ T5893] ... which became HARDIRQ-irq-unsafe at: [ 75.135347][ T5893] ... [ 75.135353][ T5893] lock_acquire+0x1a8/0x720 [ 75.142495][ T5893] _raw_read_lock+0x5b/0x70 [ 75.147510][ T5893] kill_fasync+0xec/0x310 [ 75.152419][ T5893] sock_wake_async+0xce/0x110 [ 75.157254][ T5893] sock_def_readable+0x1cc/0x340 [ 75.162821][ T5893] unix_dgram_sendmsg+0xcad/0x1710 [ 75.168155][ T5893] sock_sendmsg+0xab/0xe0 [ 75.172563][ T5893] ____sys_sendmsg+0x392/0x7a0 [ 75.177518][ T5893] ___sys_sendmsg+0xd3/0x150 [ 75.182317][ T5893] __sys_sendmmsg+0x141/0x300 [ 75.187168][ T5893] __x64_sys_sendmmsg+0x94/0x100 [ 75.192342][ T5893] do_syscall_64+0x2d/0x40 [ 75.196991][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 75.203026][ T5893] [ 75.203026][ T5893] other info that might help us debug this: [ 75.203026][ T5893] [ 75.213225][ T5893] Chain exists of: [ 75.213225][ T5893] &dev->event_lock --> &client->buffer_lock --> &new->fa_lock [ 75.213225][ T5893] [ 75.227187][ T5893] Possible interrupt unsafe locking scenario: [ 75.227187][ T5893] [ 75.235649][ T5893] CPU0 CPU1 [ 75.241002][ T5893] ---- ---- [ 75.246449][ T5893] lock(&new->fa_lock); [ 75.251022][ T5893] local_irq_disable(); [ 75.257926][ T5893] lock(&dev->event_lock); [ 75.265097][ T5893] lock(&client->buffer_lock); [ 75.272537][ T5893] [ 75.276048][ T5893] lock(&dev->event_lock); [ 75.281172][ T5893] [ 75.281172][ T5893] *** DEADLOCK *** [ 75.281172][ T5893] [ 75.289849][ T5893] 7 locks held by syz-executor.0/5893: [ 75.295619][ T5893] #0: ffff888147364110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x121/0x350 [ 75.305154][ T5893] #1: ffff888145b70230 (&dev->event_lock){-...}-{2:2}, at: input_inject_event+0x6c/0x220 [ 75.315564][ T5893] #2: ffffffff8a76ac00 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0x5d/0x220 [ 75.325347][ T5893] #3: ffffffff8a76ac00 (rcu_read_lock){....}-{1:2}, at: input_pass_values.part.0+0x0/0x550 [ 75.335658][ T5893] #4: ffffffff8a76ac00 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x50/0x2f0 [ 75.344839][ T5893] #5: ffff88801028a028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xef/0xb10 [ 75.355740][ T5893] #6: ffffffff8a76ac00 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x36/0x310 [ 75.364742][ T5893] [ 75.364742][ T5893] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 75.375197][ T5893] -> (&dev->event_lock){-...}-{2:2} { [ 75.380625][ T5893] IN-HARDIRQ-W at: [ 75.384667][ T5893] lock_acquire+0x1a8/0x720 [ 75.390974][ T5893] _raw_spin_lock_irqsave+0x39/0x50 [ 75.397976][ T5893] input_event+0x41/0x80 [ 75.404022][ T5893] psmouse_report_standard_buttons+0x1b/0x50 [ 75.411787][ T5893] psmouse_process_byte+0x1ae/0x7a0 [ 75.418771][ T5893] psmouse_handle_byte+0x3c/0x180 [ 75.425609][ T5893] psmouse_interrupt+0x22b/0xd60 [ 75.432330][ T5893] serio_interrupt+0x7e/0x110 [ 75.438886][ T5893] i8042_interrupt+0x17b/0x410 [ 75.445435][ T5893] __handle_irq_event_percpu+0x256/0x680 [ 75.452866][ T5893] handle_irq_event+0xfa/0x260 [ 75.459413][ T5893] handle_edge_irq+0x203/0xb50 [ 75.465963][ T5893] asm_call_irq_on_stack+0xf/0x20 [ 75.472777][ T5893] common_interrupt+0x120/0x200 [ 75.479434][ T5893] asm_common_interrupt+0x1e/0x40 [ 75.486254][ T5893] _raw_spin_unlock_irqrestore+0x25/0x50 [ 75.493867][ T5893] i8042_command+0x8b/0xb0 [ 75.500075][ T5893] i8042_aux_write+0xb1/0x100 [ 75.506549][ T5893] ps2_do_sendbyte+0x1f2/0x5a0 [ 75.513196][ T5893] ps2_sendbyte+0x53/0x140 [ 75.519418][ T5893] cypress_ps2_sendbyte+0x21/0x130 [ 75.526317][ T5893] cypress_send_ext_cmd+0x1ae/0x7b0 [ 75.533300][ T5893] cypress_detect+0x6c/0x130 [ 75.539676][ T5893] psmouse_try_protocol+0x194/0x3a0 [ 75.546658][ T5893] psmouse_extensions+0x3f8/0x680 [ 75.553467][ T5893] psmouse_switch_protocol+0x4a2/0x690 [ 75.560718][ T5893] psmouse_connect+0x57b/0xe70 [ 75.567271][ T5893] serio_driver_probe+0x6d/0xa0 [ 75.573910][ T5893] really_probe+0x1fd/0xc60 [ 75.580216][ T5893] driver_probe_device+0x1ed/0x380 [ 75.587118][ T5893] device_driver_attach+0x1da/0x240 [ 75.594102][ T5893] __driver_attach+0xee/0x260 [ 75.600573][ T5893] bus_for_each_dev+0x119/0x1a0 [ 75.607210][ T5893] serio_handle_event+0x48f/0x750 [ 75.614018][ T5893] process_one_work+0x84c/0x13b0 [ 75.620932][ T5893] worker_thread+0x598/0xf80 [ 75.627329][ T5893] kthread+0x36f/0x450 [ 75.633371][ T5893] ret_from_fork+0x1f/0x30 [ 75.639581][ T5893] INITIAL USE at: [ 75.643534][ T5893] lock_acquire+0x1a8/0x720 [ 75.649870][ T5893] _raw_spin_lock_irqsave+0x39/0x50 [ 75.656777][ T5893] input_inject_event+0x6c/0x220 [ 75.663435][ T5893] led_trigger_event+0x66/0xc0 [ 75.669913][ T5893] kbd_led_trigger_activate+0xb3/0xf0 [ 75.677189][ T5893] led_trigger_set+0x5ae/0xbe0 [ 75.683661][ T5893] led_trigger_set_default+0x167/0x200 [ 75.690852][ T5893] led_classdev_register_ext+0x4d7/0x710 [ 75.698446][ T5893] input_leds_connect+0x351/0x750 [ 75.705174][ T5893] input_attach_handler+0xfb/0x150 [ 75.711987][ T5893] input_register_device.cold+0xb7/0x29a [ 75.719432][ T5893] atkbd_connect+0x669/0x8e0 [ 75.725736][ T5893] serio_driver_probe+0x6d/0xa0 [ 75.732375][ T5893] really_probe+0x1fd/0xc60 [ 75.738580][ T5893] driver_probe_device+0x1ed/0x380 [ 75.745399][ T5893] device_driver_attach+0x1da/0x240 [ 75.752298][ T5893] __driver_attach+0xee/0x260 [ 75.758679][ T5893] bus_for_each_dev+0x119/0x1a0 [ 75.765276][ T5893] serio_handle_event+0x48f/0x750 [ 75.772107][ T5893] process_one_work+0x84c/0x13b0 [ 75.778755][ T5893] worker_thread+0x598/0xf80 [ 75.785061][ T5893] kthread+0x36f/0x450 [ 75.790893][ T5893] ret_from_fork+0x1f/0x30 [ 75.797284][ T5893] } [ 75.799847][ T5893] ... key at: [] __key.8+0x0/0x40 [ 75.807019][ T5893] ... acquired at: [ 75.810878][ T5893] _raw_spin_lock+0x2a/0x40 [ 75.815526][ T5893] evdev_pass_values.part.0+0xef/0xb10 [ 75.821235][ T5893] evdev_events+0x1d5/0x2f0 [ 75.825882][ T5893] input_to_handler+0x23d/0x4a0 [ 75.830894][ T5893] input_pass_values.part.0+0x1be/0x550 [ 75.836672][ T5893] input_handle_event+0xc18/0x1160 [ 75.841993][ T5893] input_inject_event+0x200/0x220 [ 75.847167][ T5893] evdev_write+0x253/0x350 [ 75.851717][ T5893] vfs_write+0x1c4/0x870 [ 75.856110][ T5893] ksys_write+0x171/0x1d0 [ 75.860579][ T5893] do_syscall_64+0x2d/0x40 [ 75.865144][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 75.871198][ T5893] [ 75.873490][ T5893] -> (&client->buffer_lock){....}-{2:2} { [ 75.878184][ T5446] Bluetooth: hci0: command 0x0409 tx timeout [ 75.879191][ T5893] INITIAL USE at: [ 75.889010][ T5893] lock_acquire+0x1a8/0x720 [ 75.895063][ T5893] _raw_spin_lock+0x2a/0x40 [ 75.901097][ T5893] evdev_pass_values.part.0+0xef/0xb10 [ 75.908092][ T5893] evdev_events+0x1d5/0x2f0 [ 75.914221][ T5893] input_to_handler+0x23d/0x4a0 [ 75.920727][ T5893] input_pass_values.part.0+0x1be/0x550 [ 75.928060][ T5893] input_handle_event+0xc18/0x1160 [ 75.934853][ T5893] input_inject_event+0x200/0x220 [ 75.941513][ T5893] evdev_write+0x253/0x350 [ 75.947543][ T5893] vfs_write+0x1c4/0x870 [ 75.953408][ T5893] ksys_write+0x171/0x1d0 [ 75.960136][ T5893] do_syscall_64+0x2d/0x40 [ 75.966099][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 75.973524][ T5893] } [ 75.975995][ T5893] ... key at: [] __key.4+0x0/0x40 [ 75.983069][ T5893] ... acquired at: [ 75.986887][ T5893] lock_acquire+0x1a8/0x720 [ 75.991662][ T5893] _raw_read_lock+0x5b/0x70 [ 75.996320][ T5893] kill_fasync+0xec/0x310 [ 76.000899][ T5893] evdev_pass_values.part.0+0x57b/0xb10 [ 76.006800][ T5893] evdev_events+0x1d5/0x2f0 [ 76.011440][ T5893] input_to_handler+0x23d/0x4a0 [ 76.016662][ T5893] input_pass_values.part.0+0x1be/0x550 [ 76.022347][ T5893] input_handle_event+0xc18/0x1160 [ 76.028205][ T5893] input_inject_event+0x200/0x220 [ 76.033559][ T5893] evdev_write+0x253/0x350 [ 76.038316][ T5893] vfs_write+0x1c4/0x870 [ 76.042802][ T5893] ksys_write+0x171/0x1d0 [ 76.047447][ T5893] do_syscall_64+0x2d/0x40 [ 76.052004][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 76.058379][ T5893] [ 76.060957][ T5893] [ 76.060957][ T5893] the dependencies between the lock to be acquired [ 76.060960][ T5893] and HARDIRQ-irq-unsafe lock: [ 76.081680][ T5893] -> (&new->fa_lock){.+.+}-{2:2} { [ 76.086775][ T5893] HARDIRQ-ON-R at: [ 76.090885][ T5893] lock_acquire+0x1a8/0x720 [ 76.097274][ T5893] _raw_read_lock+0x5b/0x70 [ 76.103848][ T5893] kill_fasync+0xec/0x310 [ 76.109970][ T5893] sock_wake_async+0xce/0x110 [ 76.116450][ T5893] sock_def_readable+0x1cc/0x340 [ 76.123187][ T5893] unix_dgram_sendmsg+0xcad/0x1710 [ 76.130105][ T5893] sock_sendmsg+0xab/0xe0 [ 76.136140][ T5893] ____sys_sendmsg+0x392/0x7a0 [ 76.142535][ T5893] ___sys_sendmsg+0xd3/0x150 [ 76.148751][ T5893] __sys_sendmmsg+0x141/0x300 [ 76.155047][ T5893] __x64_sys_sendmmsg+0x94/0x100 [ 76.161625][ T5893] do_syscall_64+0x2d/0x40 [ 76.168282][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 76.175805][ T5893] SOFTIRQ-ON-R at: [ 76.180028][ T5893] lock_acquire+0x1a8/0x720 [ 76.186200][ T5893] _raw_read_lock+0x5b/0x70 [ 76.192318][ T5893] kill_fasync+0xec/0x310 [ 76.198267][ T5893] sock_wake_async+0xce/0x110 [ 76.204565][ T5893] sock_def_readable+0x1cc/0x340 [ 76.211233][ T5893] unix_dgram_sendmsg+0xcad/0x1710 [ 76.218857][ T5893] sock_sendmsg+0xab/0xe0 [ 76.224830][ T5893] ____sys_sendmsg+0x392/0x7a0 [ 76.231552][ T5893] ___sys_sendmsg+0xd3/0x150 [ 76.237762][ T5893] __sys_sendmmsg+0x141/0x300 [ 76.244226][ T5893] __x64_sys_sendmmsg+0x94/0x100 [ 76.250864][ T5893] do_syscall_64+0x2d/0x40 [ 76.256924][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 76.264433][ T5893] INITIAL READ USE at: [ 76.268728][ T5893] lock_acquire+0x1a8/0x720 [ 76.275761][ T5893] _raw_read_lock+0x5b/0x70 [ 76.282232][ T5893] kill_fasync+0xec/0x310 [ 76.288729][ T5893] sock_wake_async+0xce/0x110 [ 76.295377][ T5893] sock_def_readable+0x1cc/0x340 [ 76.302283][ T5893] unix_dgram_sendmsg+0xcad/0x1710 [ 76.309374][ T5893] sock_sendmsg+0xab/0xe0 [ 76.315784][ T5893] ____sys_sendmsg+0x392/0x7a0 [ 76.323028][ T5893] ___sys_sendmsg+0xd3/0x150 [ 76.329602][ T5893] __sys_sendmmsg+0x141/0x300 [ 76.336510][ T5893] __x64_sys_sendmmsg+0x94/0x100 [ 76.343433][ T5893] do_syscall_64+0x2d/0x40 [ 76.350830][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 76.359464][ T5893] } [ 76.362033][ T5893] ... key at: [] __key.0+0x0/0x40 [ 76.369588][ T5893] ... acquired at: [ 76.373621][ T5893] lock_acquire+0x1a8/0x720 [ 76.378376][ T5893] _raw_read_lock+0x5b/0x70 [ 76.383225][ T5893] kill_fasync+0xec/0x310 [ 76.387786][ T5893] evdev_pass_values.part.0+0x57b/0xb10 [ 76.393489][ T5893] evdev_events+0x1d5/0x2f0 [ 76.398523][ T5893] input_to_handler+0x23d/0x4a0 [ 76.406906][ T5893] input_pass_values.part.0+0x1be/0x550 [ 76.412713][ T5893] input_handle_event+0xc18/0x1160 [ 76.418259][ T5893] input_inject_event+0x200/0x220 [ 76.423500][ T5893] evdev_write+0x253/0x350 [ 76.428623][ T5893] vfs_write+0x1c4/0x870 [ 76.433364][ T5893] ksys_write+0x171/0x1d0 [ 76.437860][ T5893] do_syscall_64+0x2d/0x40 [ 76.442549][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 76.448591][ T5893] [ 76.450906][ T5893] [ 76.450906][ T5893] stack backtrace: [ 76.456769][ T5893] CPU: 0 PID: 5893 Comm: syz-executor.0 Not tainted 5.11.0-syzkaller #0 [ 76.465159][ T5893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.475185][ T5893] Call Trace: [ 76.478443][ T5893] dump_stack+0x9a/0xcc [ 76.482572][ T5893] check_irq_usage.cold+0x50d/0x744 [ 76.487745][ T5893] ? enqueue_entity+0x384/0x2080 [ 76.492744][ T5893] ? print_shortest_lock_dependencies+0x80/0x80 [ 76.499228][ T5893] ? check_path.constprop.0+0x22/0x40 [ 76.504574][ T5893] ? lockdep_lock+0xc6/0x200 [ 76.509141][ T5893] ? call_rcu_zapped+0xb0/0xb0 [ 76.513878][ T5893] ? is_dynamic_key+0x1a0/0x1a0 [ 76.518701][ T5893] __lock_acquire+0x2b51/0x57d0 [ 76.523524][ T5893] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 76.529471][ T5893] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 76.535678][ T5893] lock_acquire+0x1a8/0x720 [ 76.540150][ T5893] ? kill_fasync+0xec/0x310 [ 76.544621][ T5893] ? lock_release+0x710/0x710 [ 76.549262][ T5893] ? lock_release+0x710/0x710 [ 76.553920][ T5893] ? lock_release+0x710/0x710 [ 76.558562][ T5893] ? __wake_up_common+0x650/0x650 [ 76.563749][ T5893] ? do_raw_spin_lock+0x120/0x2b0 [ 76.568808][ T5893] _raw_read_lock+0x5b/0x70 [ 76.573280][ T5893] ? kill_fasync+0xec/0x310 [ 76.577772][ T5893] kill_fasync+0xec/0x310 [ 76.582067][ T5893] evdev_pass_values.part.0+0x57b/0xb10 [ 76.587578][ T5893] ? evdev_release+0x390/0x390 [ 76.592307][ T5893] evdev_events+0x1d5/0x2f0 [ 76.596782][ T5893] input_to_handler+0x23d/0x4a0 [ 76.601604][ T5893] input_pass_values.part.0+0x1be/0x550 [ 76.607117][ T5893] ? rwlock_bug.part.0+0x90/0x90 [ 76.612021][ T5893] input_handle_event+0xc18/0x1160 [ 76.617098][ T5893] input_inject_event+0x200/0x220 [ 76.622118][ T5893] evdev_write+0x253/0x350 [ 76.626501][ T5893] ? evdev_handle_set_keycode_v2+0xe0/0xe0 [ 76.632291][ T5893] ? apparmor_file_permission+0x14e/0x450 [ 76.637984][ T5893] ? security_file_permission+0x49/0x460 [ 76.643579][ T5893] vfs_write+0x1c4/0x870 [ 76.647794][ T5893] ksys_write+0x171/0x1d0 [ 76.652093][ T5893] ? __ia32_sys_read+0xa0/0xa0 [ 76.656822][ T5893] ? lockdep_hardirqs_on_prepare+0x17b/0x400 [ 76.662774][ T5893] ? syscall_enter_from_user_mode+0x27/0x70 [ 76.668640][ T5893] do_syscall_64+0x2d/0x40 [ 76.673042][ T5893] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 76.678906][ T5893] RIP: 0033:0x7feb5f455109 [ 76.683292][ T5893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 76.702956][ T5893] RSP: 002b:00007feb5ebca168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 76.711338][ T5893] RAX: ffffffffffffffda RBX: 00007feb5f567f60 RCX: 00007feb5f455109 [ 76.719387][ T5893] RDX: 0000000000003888 RSI: 0000000020000080 RDI: 0000000000000005 [ 76.727329][ T5893] RBP: 00007feb5f4af08d R08: 0000000000000000 R09: 0000000000000000 [ 76.735276][ T5893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 76.743307][ T5893] R13: 00007fff907a2faf R14: 00007feb5ebca300 R15: 0000000000022000 2022/06/02 20:11:12 executed programs: 68 [ 77.957891][ T26] Bluetooth: hci0: command 0x041b tx timeout [ 80.038530][ T5446] Bluetooth: hci0: command 0x040f tx timeout [ 82.117826][ T26] Bluetooth: hci0: command 0x0419 tx timeout 2022/06/02 20:11:17 executed programs: 412