./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2695384351

<...>
DUID 00:04:7b:a2:e0:73:6b:5f:a9:8e:d4:f6:53:82:b5:31:a7:5e
forked to background, child pid 4726
[   33.391914][ T4727] 8021q: adding VLAN 0 to HW filter on device bond0
[   33.409252][ T4727] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.114' (ED25519) to the list of known hosts.
execve("./syz-executor2695384351", ["./syz-executor2695384351"], 0x7fffc9f33a40 /* 10 vars */) = 0
brk(NULL)                               = 0x555595192000
brk(0x555595192d00)                     = 0x555595192d00
arch_prctl(ARCH_SET_FS, 0x555595192380) = 0
set_tid_address(0x555595192650)         = 5057
set_robust_list(0x555595192660, 24)     = 0
rseq(0x555595192ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2695384351", 4096) = 28
getrandom("\x09\x0a\x6a\xe8\x79\x9a\x22\x12", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555595192d00
brk(0x5555951b3d00)                     = 0x5555951b3d00
brk(0x5555951b4000)                     = 0x5555951b4000
mprotect(0x7f64804d7000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/sequencer2", O_RDWR|O_LARGEFILE) = 3
openat(AT_FDCWD, "/dev/audio", O_RDONLY) = 4
readv(4, [{iov_base="\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"..., iov_len=204}], 1) = 204
exit_group(0)                           = ?
syzkaller login: [   57.918927][ T5057] 
[   57.921283][ T5057] ========================================================
[   57.928462][ T5057] WARNING: possible irq lock inversion dependency detected
[   57.935634][ T5057] 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted
[   57.942288][ T5057] --------------------------------------------------------
[   57.949456][ T5057] syz-executor269/5057 just changed the state of lock:
[   57.956299][ T5057] ffff888029c70948 (&timer->lock){+.+.}-{2:2}, at: snd_timer_close_locked+0x53/0x8d0
[   57.965815][ T5057] but this lock was taken by another, SOFTIRQ-safe lock in the past:
[   57.973860][ T5057]  (&group->lock#2){..-.}-{2:2}
[   57.973883][ T5057] 
[   57.973883][ T5057] 
[   57.973883][ T5057] and interrupts could create inverse lock ordering between them.
[   57.973883][ T5057] 
[   57.993043][ T5057] 
[   57.993043][ T5057] other info that might help us debug this:
[   58.001082][ T5057]  Possible interrupt unsafe locking scenario:
[   58.001082][ T5057] 
[   58.009397][ T5057]        CPU0                    CPU1
[   58.014741][ T5057]        ----                    ----
[   58.020092][ T5057]   lock(&timer->lock);
[   58.024232][ T5057]                                local_irq_disable();
[   58.030987][ T5057]                                lock(&group->lock#2);
[   58.037853][ T5057]                                lock(&timer->lock);
[   58.044517][ T5057]   <Interrupt>
[   58.047957][ T5057]     lock(&group->lock#2);
[   58.052447][ T5057] 
[   58.052447][ T5057]  *** DEADLOCK ***
[   58.052447][ T5057] 
[   58.060617][ T5057] 3 locks held by syz-executor269/5057:
[   58.066140][ T5057]  #0: ffffffff8f2d3228 (register_mutex#4){+.+.}-{3:3}, at: odev_release+0x4e/0x80
[   58.075434][ T5057]  #1: ffff88801b6d0178 (&q->timer_mutex){+.+.}-{3:3}, at: snd_seq_queue_delete+0x5b/0xf0
[   58.085331][ T5057]  #2: ffffffff8f2c1a68 (register_mutex){+.+.}-{3:3}, at: snd_timer_close+0xa3/0x130
[   58.094794][ T5057] 
[   58.094794][ T5057] the shortest dependencies between 2nd lock and 1st lock:
[   58.104202][ T5057]  -> (&group->lock#2){..-.}-{2:2} {
[   58.109511][ T5057]     IN-SOFTIRQ-W at:
[   58.113560][ T5057]                       lock_acquire+0x1e4/0x530
[   58.119885][ T5057]                       _raw_spin_lock_irqsave+0xd5/0x120
[   58.126989][ T5057]                       snd_pcm_period_elapsed+0x21/0x50
[   58.133991][ T5057]                       dummy_hrtimer_callback+0x7f/0x180
[   58.141081][ T5057]                       __hrtimer_run_queues+0x595/0xd00
[   58.148171][ T5057]                       hrtimer_run_softirq+0x19a/0x2c0
[   58.155086][ T5057]                       __do_softirq+0x2bc/0x943
[   58.161391][ T5057]                       __irq_exit_rcu+0xf2/0x1c0
[   58.167782][ T5057]                       irq_exit_rcu+0x9/0x30
[   58.173830][ T5057]                       sysvec_apic_timer_interrupt+0xa6/0xc0
[   58.181270][ T5057]                       asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   58.189058][ T5057]                       acpi_safe_halt+0x21/0x30
[   58.195365][ T5057]                       acpi_idle_enter+0xe4/0x140
[   58.201847][ T5057]                       cpuidle_enter_state+0x118/0x490
[   58.208761][ T5057]                       cpuidle_enter+0x5d/0xa0
[   58.214983][ T5057]                       do_idle+0x375/0x5d0
[   58.220884][ T5057]                       cpu_startup_entry+0x42/0x60
[   58.227464][ T5057]                       __pfx_ap_starting+0x0/0x10
[   58.233961][ T5057]                       common_startup_64+0x13e/0x147
[   58.240704][ T5057]     INITIAL USE at:
[   58.244666][ T5057]                      lock_acquire+0x1e4/0x530
[   58.250901][ T5057]                      _raw_spin_lock_irq+0xd3/0x120
[   58.257567][ T5057]                      snd_pcm_hw_params+0x201/0x1ea0
[   58.264317][ T5057]                      snd_pcm_oss_change_params_locked+0x20d5/0x3e00
[   58.272457][ T5057]                      snd_pcm_oss_read+0x24c/0x940
[   58.279030][ T5057]                      vfs_readv+0x68f/0xa50
[   58.284994][ T5057]                      do_readv+0x1b1/0x350
[   58.290869][ T5057]                      do_syscall_64+0xfb/0x240
[   58.297091][ T5057]                      entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   58.304722][ T5057]   }
[   58.307293][ T5057]   ... key      at: [<ffffffff9485f200>] snd_pcm_group_init.__key+0x0/0x20
[   58.315960][ T5057]   ... acquired at:
[   58.319834][ T5057]    lock_acquire+0x1e4/0x530
[   58.324493][ T5057]    _raw_spin_lock_irqsave+0xd5/0x120
[   58.329936][ T5057]    snd_timer_notify+0x103/0x3d0
[   58.334966][ T5057]    snd_pcm_start+0x3fa/0x4c0
[   58.339725][ T5057]    __snd_pcm_lib_xfer+0x1af3/0x1e30
[   58.345080][ T5057]    snd_pcm_oss_read3+0x3ea/0x600
[   58.350174][ T5057]    snd_pcm_plug_read_transfer+0x3a1/0x470
[   58.356051][ T5057]    snd_pcm_oss_read2+0x296/0x430
[   58.361143][ T5057]    snd_pcm_oss_read+0x45b/0x940
[   58.366148][ T5057]    vfs_readv+0x68f/0xa50
[   58.370550][ T5057]    do_readv+0x1b1/0x350
[   58.374857][ T5057]    do_syscall_64+0xfb/0x240
[   58.379533][ T5057]    entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   58.385592][ T5057] 
[   58.387901][ T5057] -> (&timer->lock){+.+.}-{2:2} {
[   58.392925][ T5057]    HARDIRQ-ON-W at:
[   58.396910][ T5057]                     lock_acquire+0x1e4/0x530
[   58.403046][ T5057]                     _raw_spin_lock+0x2e/0x40
[   58.409184][ T5057]                     snd_timer_close_locked+0x53/0x8d0
[   58.416109][ T5057]                     snd_timer_close+0xae/0x130
[   58.422439][ T5057]                     snd_seq_timer_close+0xa9/0xe0
[   58.429011][ T5057]                     snd_seq_queue_delete+0x8f/0xf0
[   58.435692][ T5057]                     snd_seq_oss_release+0x1d3/0x310
[   58.442447][ T5057]                     odev_release+0x56/0x80
[   58.448411][ T5057]                     __fput+0x429/0x8a0
[   58.454032][ T5057]                     task_work_run+0x24f/0x310
[   58.460261][ T5057]                     do_exit+0xa1b/0x27e0
[   58.466076][ T5057]                     do_group_exit+0x207/0x2c0
[   58.472319][ T5057]                     __x64_sys_exit_group+0x3f/0x40
[   58.479005][ T5057]                     do_syscall_64+0xfb/0x240
[   58.485149][ T5057]                     entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   58.492708][ T5057]    SOFTIRQ-ON-W at:
[   58.496681][ T5057]                     lock_acquire+0x1e4/0x530
[   58.502823][ T5057]                     _raw_spin_lock+0x2e/0x40
[   58.508961][ T5057]                     snd_timer_close_locked+0x53/0x8d0
[   58.515889][ T5057]                     snd_timer_close+0xae/0x130
[   58.522206][ T5057]                     snd_seq_timer_close+0xa9/0xe0
[   58.528788][ T5057]                     snd_seq_queue_delete+0x8f/0xf0
[   58.535452][ T5057]                     snd_seq_oss_release+0x1d3/0x310
[   58.542220][ T5057]                     odev_release+0x56/0x80
[   58.548201][ T5057]                     __fput+0x429/0x8a0
[   58.553835][ T5057]                     task_work_run+0x24f/0x310
[   58.560084][ T5057]                     do_exit+0xa1b/0x27e0
[   58.565878][ T5057]                     do_group_exit+0x207/0x2c0
[   58.572101][ T5057]                     __x64_sys_exit_group+0x3f/0x40
[   58.578760][ T5057]                     do_syscall_64+0xfb/0x240
[   58.584914][ T5057]                     entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   58.592461][ T5057]    INITIAL USE at:
[   58.596346][ T5057]                    lock_acquire+0x1e4/0x530
[   58.602411][ T5057]                    _raw_spin_lock_irqsave+0xd5/0x120
[   58.609244][ T5057]                    snd_timer_notify+0x103/0x3d0
[   58.615664][ T5057]                    snd_pcm_start+0x3fa/0x4c0
[   58.621835][ T5057]                    __snd_pcm_lib_xfer+0x1af3/0x1e30
[   58.628590][ T5057]                    snd_pcm_oss_read3+0x3ea/0x600
[   58.635097][ T5057]                    snd_pcm_plug_read_transfer+0x3a1/0x470
[   58.642395][ T5057]                    snd_pcm_oss_read2+0x296/0x430
[   58.648893][ T5057]                    snd_pcm_oss_read+0x45b/0x940
[   58.655308][ T5057]                    vfs_readv+0x68f/0xa50
[   58.661119][ T5057]                    do_readv+0x1b1/0x350
[   58.666829][ T5057]                    do_syscall_64+0xfb/0x240
[   58.672899][ T5057]                    entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   58.680350][ T5057]  }
[   58.682831][ T5057]  ... key      at: [<ffffffff9485efe0>] snd_timer_new.__key+0x0/0x20
[   58.690965][ T5057]  ... acquired at:
[   58.694750][ T5057]    mark_lock+0x223/0x350
[   58.699152][ T5057]    __lock_acquire+0x116e/0x1fd0
[   58.704154][ T5057]    lock_acquire+0x1e4/0x530
[   58.708827][ T5057]    _raw_spin_lock+0x2e/0x40
[   58.713504][ T5057]    snd_timer_close_locked+0x53/0x8d0
[   58.719001][ T5057]    snd_timer_close+0xae/0x130
[   58.723882][ T5057]    snd_seq_timer_close+0xa9/0xe0
[   58.729025][ T5057]    snd_seq_queue_delete+0x8f/0xf0
[   58.734288][ T5057]    snd_seq_oss_release+0x1d3/0x310
[   58.739634][ T5057]    odev_release+0x56/0x80
[   58.744158][ T5057]    __fput+0x429/0x8a0
[   58.748316][ T5057]    task_work_run+0x24f/0x310
[   58.753084][ T5057]    do_exit+0xa1b/0x27e0
[   58.757412][ T5057]    do_group_exit+0x207/0x2c0
[   58.762167][ T5057]    __x64_sys_exit_group+0x3f/0x40
[   58.767362][ T5057]    do_syscall_64+0xfb/0x240
[   58.772030][ T5057]    entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   58.778090][ T5057] 
[   58.780404][ T5057] 
[   58.780404][ T5057] stack backtrace:
[   58.786286][ T5057] CPU: 1 PID: 5057 Comm: syz-executor269 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0
[   58.796342][ T5057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   58.806389][ T5057] Call Trace:
[   58.809656][ T5057]  <TASK>
[   58.812574][ T5057]  dump_stack_lvl+0x241/0x360
[   58.817235][ T5057]  ? __pfx_dump_stack_lvl+0x10/0x10
[   58.822413][ T5057]  ? print_shortest_lock_dependencies+0xf2/0x160
[   58.828731][ T5057]  ? print_irq_inversion_bug+0x329/0x3a0
[   58.834349][ T5057]  mark_lock_irq+0x867/0xc20
[   58.838924][ T5057]  ? __pfx_mark_lock_irq+0x10/0x10
[   58.844019][ T5057]  ? stack_trace_save+0x118/0x1d0
[   58.849033][ T5057]  ? __pfx_stack_trace_save+0x10/0x10
[   58.854392][ T5057]  ? save_trace+0x749/0xb40
[   58.858881][ T5057]  mark_lock+0x223/0x350
[   58.863109][ T5057]  __lock_acquire+0x116e/0x1fd0
[   58.867944][ T5057]  lock_acquire+0x1e4/0x530
[   58.872458][ T5057]  ? snd_timer_close_locked+0x53/0x8d0
[   58.877919][ T5057]  ? __pfx___mutex_trylock_common+0x10/0x10
[   58.883796][ T5057]  ? __pfx_lock_acquire+0x10/0x10
[   58.888819][ T5057]  ? rcu_is_watching+0x15/0xb0
[   58.893566][ T5057]  ? trace_contention_end+0x3c/0x100
[   58.898833][ T5057]  ? __mutex_lock+0x2ef/0xd70
[   58.903494][ T5057]  ? snd_timer_close+0xa3/0x130
[   58.908334][ T5057]  _raw_spin_lock+0x2e/0x40
[   58.912820][ T5057]  ? snd_timer_close_locked+0x53/0x8d0
[   58.918259][ T5057]  snd_timer_close_locked+0x53/0x8d0
[   58.923526][ T5057]  snd_timer_close+0xae/0x130
[   58.928185][ T5057]  ? __pfx_snd_timer_close+0x10/0x10
[   58.933453][ T5057]  ? _raw_spin_unlock_irq+0x23/0x50
[   58.938635][ T5057]  ? lockdep_hardirqs_on+0x99/0x150
[   58.943816][ T5057]  snd_seq_timer_close+0xa9/0xe0
[   58.948745][ T5057]  snd_seq_queue_delete+0x8f/0xf0
[   58.953755][ T5057]  snd_seq_oss_release+0x1d3/0x310
[   58.958848][ T5057]  ? __pfx_snd_seq_oss_release+0x10/0x10
[   58.964464][ T5057]  ? __asan_memset+0x23/0x50
[   58.969050][ T5057]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   58.975367][ T5057]  ? evm_file_release+0x140/0x1d0
[   58.980374][ T5057]  ? __pfx_odev_release+0x10/0x10
[   58.985377][ T5057]  odev_release+0x56/0x80
[   58.989688][ T5057]  __fput+0x429/0x8a0
[   58.993677][ T5057]  task_work_run+0x24f/0x310
[   58.998268][ T5057]  ? __pfx_task_work_run+0x10/0x10
[   59.003360][ T5057]  ? switch_task_namespaces+0xe1/0x110
[   59.008798][ T5057]  do_exit+0xa1b/0x27e0
[   59.012938][ T5057]  ? __pfx_do_exit+0x10/0x10
[   59.017508][ T5057]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   59.023466][ T5057]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   59.029782][ T5057]  ? _raw_spin_unlock_irq+0x23/0x50
[   59.034964][ T5057]  ? lockdep_hardirqs_on+0x99/0x150
[   59.040147][ T5057]  do_group_exit+0x207/0x2c0
[   59.044734][ T5057]  __x64_sys_exit_group+0x3f/0x40
[   59.049740][ T5057]  do_syscall_64+0xfb/0x240
[   59.054225][ T5057]  entry_SYSCALL_64_after_hwframe+0x6d/0x75
[   59.060108][ T5057] RIP: 0033:0x7f6480462c79
[   59.064506][ T5057] Code: Unable to access opcode bytes at 0x7f6480462c4f.
+++ exited with 0 +++
[   59.071499][ T5057] RSP: 002b: