./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3507147524

<...>
Warning: Permanently added '10.128.1.80' (ED25519) to the list of known hosts.
execve("./syz-executor3507147524", ["./syz-executor3507147524"], 0x7ffcc2af89f0 /* 10 vars */) = 0
brk(NULL)                               = 0x555574078000
brk(0x555574078d00)                     = 0x555574078d00
arch_prctl(ARCH_SET_FS, 0x555574078380) = 0
set_tid_address(0x555574078650)         = 5070
set_robust_list(0x555574078660, 24)     = 0
rseq(0x555574078ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3507147524", 4096) = 28
getrandom("\x33\x49\x51\xc3\xd7\x25\xae\x95", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555574078d00
brk(0x555574099d00)                     = 0x555574099d00
brk(0x55557409a000)                     = 0x55557409a000
mprotect(0x7f4c98bcb000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/snd/seq", O_WRONLY|O_EXCL|O_APPEND|O_NONBLOCK|O_NOFOLLOW|O_NOATIME|O_CLOEXEC) = 3
ioctl(3, SNDRV_SEQ_IOCTL_CREATE_QUEUE, 0x200008c0) = 0
openat(AT_FDCWD, "/dev/dsp", O_RDWR|O_CREAT, 000) = 4
write(4, "\xf0", 1)                     = 1
exit_group(0)                           = ?
[   73.578001][ T5070] 
[   73.580378][ T5070] ================================
[   73.585484][ T5070] WARNING: inconsistent lock state
[   73.590589][ T5070] 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted
[   73.597262][ T5070] --------------------------------
[   73.602370][ T5070] inconsistent {IN-SOFTIRQ-W} -> {SOFTIRQ-ON-W} usage.
[   73.609210][ T5070] syz-executor350/5070 [HC0[0]:SC0[0]:HE1:SE1] takes:
[   73.615968][ T5070] ffff8880299a8148 (&timer->lock){+.?.}-{2:2}, at: snd_timer_close_locked+0x53/0x8d0
[   73.625511][ T5070] {IN-SOFTIRQ-W} state was registered at:
[   73.631230][ T5070]   lock_acquire+0x1e4/0x530
[   73.635830][ T5070]   _raw_spin_lock_irqsave+0xd5/0x120
[   73.641236][ T5070]   snd_timer_notify+0x103/0x3d0
[   73.646189][ T5070]   snd_pcm_drain_done+0x2b8/0x3e0
[   73.651316][ T5070]   snd_pcm_update_state+0x31b/0x410
[   73.656611][ T5070]   snd_pcm_update_hw_ptr0+0x1066/0x1a70
[   73.662253][ T5070]   snd_pcm_period_elapsed_under_stream_lock+0xeb/0x210
[   73.669291][ T5070]   snd_pcm_period_elapsed+0x2c/0x50
[   73.674591][ T5070]   dummy_hrtimer_callback+0x7f/0x180
[   73.679969][ T5070]   __hrtimer_run_queues+0x597/0xd00
[   73.685279][ T5070]   hrtimer_run_softirq+0x19a/0x2c0
[   73.690492][ T5070]   __do_softirq+0x2be/0x943
[   73.695088][ T5070]   __irq_exit_rcu+0xf2/0x1c0
[   73.699762][ T5070]   irq_exit_rcu+0x9/0x30
[   73.704088][ T5070]   sysvec_apic_timer_interrupt+0xa6/0xc0
[   73.709804][ T5070]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   73.715866][ T5070]   acpi_safe_halt+0x21/0x30
[   73.720449][ T5070]   acpi_idle_enter+0xe4/0x140
[   73.725204][ T5070]   cpuidle_enter_state+0x11a/0x490
[   73.730394][ T5070]   cpuidle_enter+0x5d/0xa0
[   73.734889][ T5070]   do_idle+0x375/0x5d0
[   73.739046][ T5070]   cpu_startup_entry+0x42/0x60
[   73.743897][ T5070]   __pfx_ap_starting+0x0/0x10
[   73.748660][ T5070]   common_startup_64+0x13e/0x147
[   73.753682][ T5070] irq event stamp: 5101
[   73.757818][ T5070] hardirqs last  enabled at (5101): [<ffffffff8b7f0bd3>] _raw_spin_unlock_irq+0x23/0x50
[   73.767541][ T5070] hardirqs last disabled at (5100): [<ffffffff8b7f091d>] _raw_spin_lock_irq+0xad/0x120
[   73.777188][ T5070] softirqs last  enabled at (4508): [<ffffffff81597642>] __irq_exit_rcu+0xf2/0x1c0
[   73.786471][ T5070] softirqs last disabled at (4463): [<ffffffff81597642>] __irq_exit_rcu+0xf2/0x1c0
[   73.795747][ T5070] 
[   73.795747][ T5070] other info that might help us debug this:
[   73.803814][ T5070]  Possible unsafe locking scenario:
[   73.803814][ T5070] 
[   73.811251][ T5070]        CPU0
[   73.814517][ T5070]        ----
[   73.817789][ T5070]   lock(&timer->lock);
[   73.821947][ T5070]   <Interrupt>
[   73.825394][ T5070]     lock(&timer->lock);
[   73.829719][ T5070] 
[   73.829719][ T5070]  *** DEADLOCK ***
[   73.829719][ T5070] 
[   73.837851][ T5070] 3 locks held by syz-executor350/5070:
[   73.843466][ T5070]  #0: ffffffff8f2e2ae8 (register_mutex#3){+.+.}-{3:3}, at: seq_free_client+0x27/0x180
[   73.853500][ T5070]  #1: ffff88801e261578 (&q->timer_mutex){+.+.}-{3:3}, at: snd_seq_queue_client_leave+0x54/0x2b0
[   73.864073][ T5070]  #2: ffffffff8f2d3f68 (register_mutex){+.+.}-{3:3}, at: snd_timer_close+0xa3/0x130
[   73.873586][ T5070] 
[   73.873586][ T5070] stack backtrace:
[   73.879464][ T5070] CPU: 1 PID: 5070 Comm: syz-executor350 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0
[   73.889524][ T5070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   73.899593][ T5070] Call Trace:
[   73.902870][ T5070]  <TASK>
[   73.905794][ T5070]  dump_stack_lvl+0x241/0x360
[   73.910495][ T5070]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.915705][ T5070]  ? srso_return_thunk+0x5/0x5f
[   73.920570][ T5070]  ? srso_return_thunk+0x5/0x5f
[   73.925445][ T5070]  ? print_usage_bug+0x61a/0x8a0
[   73.930396][ T5070]  ? is_bpf_text_address+0x28d/0x2b0
[   73.935694][ T5070]  valid_state+0x13a/0x1c0
[   73.940128][ T5070]  mark_lock_irq+0xbb/0xc20
[   73.944645][ T5070]  ? srso_return_thunk+0x5/0x5f
[   73.949500][ T5070]  ? arch_stack_walk+0x16d/0x1b0
[   73.954445][ T5070]  ? __pfx_mark_lock_irq+0x10/0x10
[   73.959567][ T5070]  ? srso_return_thunk+0x5/0x5f
[   73.964423][ T5070]  ? stack_trace_save+0x118/0x1d0
[   73.969455][ T5070]  ? __pfx_stack_trace_save+0x10/0x10
[   73.974835][ T5070]  ? srso_return_thunk+0x5/0x5f
[   73.979691][ T5070]  ? srso_return_thunk+0x5/0x5f
[   73.984542][ T5070]  ? save_trace+0x749/0xb40
[   73.989060][ T5070]  mark_lock+0x223/0x350
[   73.993311][ T5070]  __lock_acquire+0x116e/0x1fd0
[   73.998179][ T5070]  lock_acquire+0x1e4/0x530
[   74.002683][ T5070]  ? snd_timer_close_locked+0x53/0x8d0
[   74.008140][ T5070]  ? __pfx___mutex_trylock_common+0x10/0x10
[   74.014039][ T5070]  ? __pfx_lock_acquire+0x10/0x10
[   74.019059][ T5070]  ? rcu_is_watching+0x15/0xb0
[   74.023908][ T5070]  ? srso_return_thunk+0x5/0x5f
[   74.028764][ T5070]  ? trace_contention_end+0x3c/0x100
[   74.034152][ T5070]  ? srso_return_thunk+0x5/0x5f
[   74.038999][ T5070]  ? __mutex_lock+0x2ef/0xd70
[   74.043678][ T5070]  ? snd_timer_close+0xa3/0x130
[   74.048540][ T5070]  _raw_spin_lock+0x2e/0x40
[   74.053054][ T5070]  ? snd_timer_close_locked+0x53/0x8d0
[   74.058515][ T5070]  snd_timer_close_locked+0x53/0x8d0
[   74.063828][ T5070]  ? srso_return_thunk+0x5/0x5f
[   74.068681][ T5070]  ? mark_lock+0x9a/0x350
[   74.073034][ T5070]  snd_timer_close+0xae/0x130
[   74.077717][ T5070]  ? __pfx_snd_timer_close+0x10/0x10
[   74.083007][ T5070]  ? _raw_spin_unlock_irq+0x23/0x50
[   74.088210][ T5070]  ? srso_return_thunk+0x5/0x5f
[   74.093062][ T5070]  ? lockdep_hardirqs_on+0x99/0x150
[   74.098269][ T5070]  snd_seq_timer_close+0xa9/0xe0
[   74.103208][ T5070]  snd_seq_queue_client_leave+0x7f/0x2b0
[   74.108861][ T5070]  ? _raw_spin_unlock_irq+0x23/0x50
[   74.114061][ T5070]  ? srso_return_thunk+0x5/0x5f
[   74.118914][ T5070]  ? lockdep_hardirqs_on+0x99/0x150
[   74.124124][ T5070]  seq_free_client1+0xfe/0x2b0
[   74.128904][ T5070]  seq_free_client+0x6c/0x180
[   74.133580][ T5070]  snd_seq_release+0x48/0xc0
[   74.138170][ T5070]  ? __pfx_snd_seq_release+0x10/0x10
[   74.143453][ T5070]  __fput+0x42b/0x8a0
[   74.147444][ T5070]  task_work_run+0x251/0x310
[   74.152058][ T5070]  ? __pfx_task_work_run+0x10/0x10
[   74.157202][ T5070]  ? srso_return_thunk+0x5/0x5f
[   74.162058][ T5070]  ? switch_task_namespaces+0xe1/0x110
[   74.167511][ T5070]  do_exit+0xa1b/0x27e0
[   74.171686][ T5070]  ? __pfx_do_exit+0x10/0x10
[   74.176280][ T5070]  ? srso_return_thunk+0x5/0x5f
[   74.181125][ T5070]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   74.187115][ T5070]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   74.193436][ T5070]  ? _raw_spin_unlock_irq+0x23/0x50
[   74.198637][ T5070]  ? srso_return_thunk+0x5/0x5f
[   74.203485][ T5070]  ? lockdep_hardirqs_on+0x99/0x150
[   74.208687][ T5070]  do_group_exit+0x207/0x2c0
[   74.213307][ T5070]  __x64_sys_exit_group+0x3f/0x40
[   74.218338][ T5070]  do_syscall_64+0xfd/0x240
[   74.222838][ T5070]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   74.228739][ T5070] RIP: 0033:0x7f4c98b56d39
[   74.233143][ T5070] Code: Unable to access opcode bytes at 0x7f4c98b56d0f.
[   74.240148][ T5070] RSP: 002b:00007ffde4496158 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   74.248562][ T5070] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4c98b56d39
[   74.256526][ T5070] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[   74.264494][ T5070] RBP: 00007f4c98bd1290 R08: ffffffffffffffb8 R09: 00007ffde4496378
[   74.272487][ T5070] R10: 00007ffde4496378 R11: 0000000000000246 R12: 00007f4c98bd1290
+++ exited with 0 +++
[   74.28