[ 73.124090][ T11] device veth1_macvtap left promiscuous mode [ 73.130889][ T11] device veth0_macvtap left promiscuous mode [ 73.137054][ T11] device veth1_vlan left promiscuous mode [ 73.143707][ T11] device veth0_vlan left promiscuous mode [ 73.402511][ T11] team0 (unregistering): Port device team_slave_1 removed [ 73.421001][ T11] team0 (unregistering): Port device team_slave_0 removed [ 73.442946][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 73.460742][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 73.545184][ T11] bond0 (unregistering): Released all slaves [ 81.760330][ T7] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.15.195' (ECDSA) to the list of known hosts. 2023/01/09 20:20:52 ignoring optional flag "sandboxArg"="0" 2023/01/09 20:20:52 parsed 1 programs 2023/01/09 20:20:52 executed programs: 0 [ 89.965487][ T5505] cgroup: Unknown subsys name 'net' [ 89.977260][ T5505] cgroup: Unknown subsys name 'rlimit' [ 93.199378][ T4388] Bluetooth: hci0: Opcode 0x c03 failed: -110 [ 95.287410][ T5073] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.295677][ T5073] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.304092][ T5073] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.312441][ T5073] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.322527][ T5073] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 95.330034][ T5073] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.414399][ T5526] chnl_net:caif_netlink_parms(): no params data found [ 95.455159][ T5526] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.462437][ T5526] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.470684][ T5526] device bridge_slave_0 entered promiscuous mode [ 95.479401][ T5526] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.486829][ T5526] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.495318][ T5526] device bridge_slave_1 entered promiscuous mode [ 95.518931][ T5526] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.530264][ T5526] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.552865][ T5526] team0: Port device team_slave_0 added [ 95.561059][ T5526] team0: Port device team_slave_1 added [ 95.580632][ T5526] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.588138][ T5526] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.614812][ T5526] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.627935][ T5526] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.636054][ T5526] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.662287][ T5526] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.689159][ T5526] device hsr_slave_0 entered promiscuous mode [ 95.697134][ T5526] device hsr_slave_1 entered promiscuous mode [ 95.762816][ T5526] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.769970][ T5526] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.777326][ T5526] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.784526][ T5526] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.826806][ T5526] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.842011][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.851063][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.858901][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.866991][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 95.880450][ T5526] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.891750][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 95.900545][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.907647][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.918886][ T1699] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 95.927402][ T1699] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.934532][ T1699] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.952490][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 95.969944][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 95.979689][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 95.989992][ T5526] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 96.007165][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 96.015560][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 96.027102][ T5526] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.401183][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 96.415210][ T5526] device veth0_vlan entered promiscuous mode [ 96.422837][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 96.432455][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 96.444598][ T5526] device veth1_vlan entered promiscuous mode [ 96.452543][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 96.460457][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 96.468096][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 96.493894][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 96.502766][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 96.512307][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 96.522262][ T5526] device veth0_macvtap entered promiscuous mode [ 96.533205][ T5526] device veth1_macvtap entered promiscuous mode [ 96.547899][ T5526] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.555561][ T1699] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 96.564255][ T1699] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 96.572536][ T1699] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 96.581572][ T1699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 96.593648][ T5526] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.603231][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 96.611855][ T5082] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 96.670056][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.677967][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.700073][ T1699] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 96.712955][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.722377][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.732156][ T1699] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 96.782544][ T5546] [ 96.784918][ T5546] ===================================================== [ 96.792102][ T5546] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 96.799631][ T5546] 6.2.0-rc3-syzkaller-00008-g1fe4fd6f5cad #0 Not tainted [ 96.807011][ T5546] ----------------------------------------------------- [ 96.813930][ T5546] syz-executor.0/5546 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 96.821912][ T5546] ffff88801d8b90c0 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x13a/0x480 [ 96.830708][ T5546] [ 96.830708][ T5546] and this task is already holding: [ 96.838274][ T5546] ffff8880784e5028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xf6/0x960 [ 96.848980][ T5546] which would create a new lock dependency: [ 96.854977][ T5546] (&client->buffer_lock){....}-{2:2} -> (&new->fa_lock){....}-{2:2} [ 96.863172][ T5546] [ 96.863172][ T5546] but this new dependency connects a HARDIRQ-irq-safe lock: [ 96.872609][ T5546] (&dev->event_lock#2){-...}-{2:2} [ 96.872633][ T5546] [ 96.872633][ T5546] ... which became HARDIRQ-irq-safe at: [ 96.885602][ T5546] lock_acquire+0x1e3/0x630 [ 96.890185][ T5546] _raw_spin_lock_irqsave+0x3d/0x60 [ 96.895472][ T5546] input_event+0x70/0xa0 [ 96.899798][ T5546] psmouse_report_standard_buttons+0x30/0x80 [ 96.905859][ T5546] psmouse_process_byte+0x39e/0x8b0 [ 96.911137][ T5546] psmouse_handle_byte+0x41/0x1b0 [ 96.916323][ T5546] psmouse_interrupt+0x308/0xf00 [ 96.921338][ T5546] serio_interrupt+0x8c/0x150 [ 96.926116][ T5546] i8042_interrupt+0x27e/0x520 [ 96.931066][ T5546] __handle_irq_event_percpu+0x264/0x970 [ 96.936789][ T5546] handle_irq_event+0xab/0x1e0 [ 96.941668][ T5546] handle_edge_irq+0x263/0xd00 [ 96.946723][ T5546] __common_interrupt+0xa1/0x210 [ 96.951760][ T5546] common_interrupt+0xa8/0xd0 [ 96.956527][ T5546] asm_common_interrupt+0x26/0x40 [ 96.961715][ T5546] unwind_get_return_address+0x12/0xa0 [ 96.967385][ T5546] arch_stack_walk+0x97/0xf0 [ 96.972190][ T5546] stack_trace_save+0x90/0xc0 [ 96.977436][ T5546] kasan_save_stack+0x22/0x40 [ 96.982299][ T5546] kasan_set_track+0x25/0x30 [ 96.987237][ T5546] __kasan_slab_alloc+0x82/0x90 [ 96.992277][ T5546] kmem_cache_alloc+0x1e4/0x430 [ 96.997397][ T5546] __kernfs_new_node+0xd4/0x8b0 [ 97.002336][ T5546] kernfs_new_node+0x97/0x120 [ 97.007444][ T5546] __kernfs_create_file+0x55/0x350 [ 97.012641][ T5546] sysfs_add_file_mode_ns+0x213/0x3f0 [ 97.018186][ T5546] sysfs_create_file_ns+0x12b/0x1c0 [ 97.023480][ T5546] driver_create_file+0x4c/0x70 [ 97.028409][ T5546] bus_add_driver+0x3e3/0x640 [ 97.033166][ T5546] driver_register+0x224/0x3a0 [ 97.038017][ T5546] __serio_register_driver+0xc1/0x190 [ 97.043673][ T5546] do_one_initcall+0x141/0x790 [ 97.048610][ T5546] kernel_init_freeable+0x6f9/0x782 [ 97.053969][ T5546] kernel_init+0x1e/0x1d0 [ 97.058403][ T5546] ret_from_fork+0x1f/0x30 [ 97.062898][ T5546] [ 97.062898][ T5546] to a HARDIRQ-irq-unsafe lock: [ 97.070013][ T5546] (tasklist_lock){.+.+}-{2:2} [ 97.070042][ T5546] [ 97.070042][ T5546] ... which became HARDIRQ-irq-unsafe at: [ 97.082652][ T5546] ... [ 97.082659][ T5546] lock_acquire+0x1e3/0x630 [ 97.090178][ T5546] _raw_read_lock+0x5f/0x70 [ 97.094764][ T5546] do_wait+0x2b7/0xd70 [ 97.099006][ T5546] kernel_wait+0xa0/0x150 [ 97.103519][ T5546] call_usermodehelper_exec_work+0xf9/0x180 [ 97.109488][ T5546] process_one_work+0x9bf/0x1710 [ 97.114506][ T5546] worker_thread+0x669/0x1090 [ 97.119307][ T5546] kthread+0x2e8/0x3a0 [ 97.123552][ T5546] ret_from_fork+0x1f/0x30 [ 97.128244][ T5546] [ 97.128244][ T5546] other info that might help us debug this: [ 97.128244][ T5546] [ 97.138470][ T5546] Chain exists of: [ 97.138470][ T5546] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 97.138470][ T5546] [ 97.152296][ T5546] Possible interrupt unsafe locking scenario: [ 97.152296][ T5546] [ 97.160606][ T5546] CPU0 CPU1 [ 97.165958][ T5546] ---- ---- [ 97.171313][ T5546] lock(tasklist_lock); [ 97.175822][ T5546] local_irq_disable(); [ 97.182834][ T5546] lock(&dev->event_lock#2); [ 97.190029][ T5546] lock(&client->buffer_lock); [ 97.197404][ T5546] [ 97.200935][ T5546] lock(&dev->event_lock#2); [ 97.205881][ T5546] [ 97.205881][ T5546] *** DEADLOCK *** [ 97.205881][ T5546] [ 97.214032][ T5546] 7 locks held by syz-executor.0/5546: [ 97.219490][ T5546] #0: ffff888022380110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x1d7/0x760 [ 97.228649][ T5546] #1: ffff88801b83e230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0x9f/0x330 [ 97.238902][ T5546] #2: ffffffff8c791a80 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0x8b/0x330 [ 97.248660][ T5546] #3: ffffffff8c791a80 (rcu_read_lock){....}-{1:2}, at: input_pass_values.part.0+0x0/0x710 [ 97.258809][ T5546] #4: ffffffff8c791a80 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x5d/0x3e0 [ 97.267947][ T5546] #5: ffff8880784e5028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xf6/0x960 [ 97.278831][ T5546] #6: ffffffff8c791a80 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x45/0x480 [ 97.288378][ T5546] [ 97.288378][ T5546] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 97.298782][ T5546] -> (&dev->event_lock#2){-...}-{2:2} { [ 97.304437][ T5546] IN-HARDIRQ-W at: [ 97.308510][ T5546] lock_acquire+0x1e3/0x630 [ 97.314947][ T5546] _raw_spin_lock_irqsave+0x3d/0x60 [ 97.321971][ T5546] input_event+0x70/0xa0 [ 97.328127][ T5546] psmouse_report_standard_buttons+0x30/0x80 [ 97.336107][ T5546] psmouse_process_byte+0x39e/0x8b0 [ 97.343210][ T5546] psmouse_handle_byte+0x41/0x1b0 [ 97.350151][ T5546] psmouse_interrupt+0x308/0xf00 [ 97.357009][ T5546] serio_interrupt+0x8c/0x150 [ 97.363701][ T5546] i8042_interrupt+0x27e/0x520 [ 97.370518][ T5546] __handle_irq_event_percpu+0x264/0x970 [ 97.377988][ T5546] handle_irq_event+0xab/0x1e0 [ 97.378771][ T5073] Bluetooth: hci0: command 0x0409 tx timeout [ 97.384569][ T5546] handle_edge_irq+0x263/0xd00 [ 97.397155][ T5546] __common_interrupt+0xa1/0x210 [ 97.405407][ T5546] common_interrupt+0xa8/0xd0 [ 97.411967][ T5546] asm_common_interrupt+0x26/0x40 [ 97.418910][ T5546] unwind_get_return_address+0x12/0xa0 [ 97.426196][ T5546] arch_stack_walk+0x97/0xf0 [ 97.433309][ T5546] stack_trace_save+0x90/0xc0 [ 97.440075][ T5546] kasan_save_stack+0x22/0x40 [ 97.446585][ T5546] kasan_set_track+0x25/0x30 [ 97.453020][ T5546] __kasan_slab_alloc+0x82/0x90 [ 97.459694][ T5546] kmem_cache_alloc+0x1e4/0x430 [ 97.466633][ T5546] __kernfs_new_node+0xd4/0x8b0 [ 97.473308][ T5546] kernfs_new_node+0x97/0x120 [ 97.479824][ T5546] __kernfs_create_file+0x55/0x350 [ 97.486967][ T5546] sysfs_add_file_mode_ns+0x213/0x3f0 [ 97.494357][ T5546] sysfs_create_file_ns+0x12b/0x1c0 [ 97.501398][ T5546] driver_create_file+0x4c/0x70 [ 97.508166][ T5546] bus_add_driver+0x3e3/0x640 [ 97.514841][ T5546] driver_register+0x224/0x3a0 [ 97.521685][ T5546] __serio_register_driver+0xc1/0x190 [ 97.529152][ T5546] do_one_initcall+0x141/0x790 [ 97.535830][ T5546] kernel_init_freeable+0x6f9/0x782 [ 97.542937][ T5546] kernel_init+0x1e/0x1d0 [ 97.549262][ T5546] ret_from_fork+0x1f/0x30 [ 97.555776][ T5546] INITIAL USE at: [ 97.560122][ T5546] lock_acquire+0x1e3/0x630 [ 97.566363][ T5546] _raw_spin_lock_irqsave+0x3d/0x60 [ 97.573385][ T5546] input_inject_event+0x9f/0x330 [ 97.580097][ T5546] led_set_brightness_nosleep+0xea/0x1a0 [ 97.587467][ T5546] led_set_brightness+0x138/0x180 [ 97.594227][ T5546] led_trigger_event+0xb4/0x200 [ 97.600808][ T5546] kbd_led_trigger_activate+0xcd/0x110 [ 97.607995][ T5546] led_trigger_set+0x5db/0xaf0 [ 97.614496][ T5546] led_trigger_set_default+0x1aa/0x230 [ 97.621700][ T5546] led_classdev_register_ext+0x573/0x770 [ 97.629088][ T5546] input_leds_connect+0x4c1/0x860 [ 97.635877][ T5546] input_attach_handler+0x180/0x1f0 [ 97.642807][ T5546] input_register_device.cold+0xf0/0x2fd [ 97.650187][ T5546] atkbd_connect+0x5ca/0x9d0 [ 97.656528][ T5546] serio_driver_probe+0x76/0xa0 [ 97.663146][ T5546] really_probe+0x249/0xb90 [ 97.669388][ T5546] __driver_probe_device+0x1df/0x4d0 [ 97.676667][ T5546] driver_probe_device+0x4c/0x1a0 [ 97.683551][ T5546] __driver_attach+0x271/0x570 [ 97.690144][ T5546] bus_for_each_dev+0x14b/0x1d0 [ 97.697072][ T5546] serio_handle_event+0x2c3/0xa40 [ 97.703837][ T5546] process_one_work+0x9bf/0x1710 [ 97.710508][ T5546] worker_thread+0x669/0x1090 [ 97.717029][ T5546] kthread+0x2e8/0x3a0 [ 97.723009][ T5546] ret_from_fork+0x1f/0x30 [ 97.729302][ T5546] } [ 97.731900][ T5546] ... key at: [] __key.7+0x0/0x40 [ 97.739366][ T5546] -> (&client->buffer_lock){....}-{2:2} { [ 97.745697][ T5546] INITIAL USE at: [ 97.749604][ T5546] lock_acquire+0x1e3/0x630 [ 97.755682][ T5546] _raw_spin_lock+0x2e/0x40 [ 97.761754][ T5546] evdev_pass_values.part.0+0xf6/0x960 [ 97.769123][ T5546] evdev_events+0x35d/0x3e0 [ 97.775274][ T5546] input_to_handler+0x2a0/0x4c0 [ 97.781754][ T5546] input_pass_values.part.0+0x230/0x710 [ 97.788955][ T5546] input_event_dispose+0x5cf/0x730 [ 97.795735][ T5546] input_handle_event+0x120/0xe70 [ 97.802411][ T5546] input_inject_event+0x1c8/0x330 [ 97.809224][ T5546] evdev_write+0x434/0x760 [ 97.815285][ T5546] vfs_write+0x2db/0xdd0 [ 97.821168][ T5546] ksys_write+0x1ec/0x250 [ 97.827146][ T5546] do_syscall_64+0x39/0xb0 [ 97.833148][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 97.840700][ T5546] } [ 97.843261][ T5546] ... key at: [] __key.3+0x0/0x40 [ 97.850827][ T5546] ... acquired at: [ 97.854797][ T5546] _raw_spin_lock+0x2e/0x40 [ 97.859502][ T5546] evdev_pass_values.part.0+0xf6/0x960 [ 97.865144][ T5546] evdev_events+0x35d/0x3e0 [ 97.869815][ T5546] input_to_handler+0x2a0/0x4c0 [ 97.874994][ T5546] input_pass_values.part.0+0x230/0x710 [ 97.880888][ T5546] input_event_dispose+0x5cf/0x730 [ 97.886291][ T5546] input_handle_event+0x120/0xe70 [ 97.891484][ T5546] input_inject_event+0x1c8/0x330 [ 97.897284][ T5546] evdev_write+0x434/0x760 [ 97.901871][ T5546] vfs_write+0x2db/0xdd0 [ 97.906281][ T5546] ksys_write+0x1ec/0x250 [ 97.910864][ T5546] do_syscall_64+0x39/0xb0 [ 97.915451][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 97.921797][ T5546] [ 97.924546][ T5546] [ 97.924546][ T5546] the dependencies between the lock to be acquired [ 97.924553][ T5546] and HARDIRQ-irq-unsafe lock: [ 97.938292][ T5546] -> (tasklist_lock){.+.+}-{2:2} { [ 97.944999][ T5546] HARDIRQ-ON-R at: [ 97.949231][ T5546] lock_acquire+0x1e3/0x630 [ 97.956452][ T5546] _raw_read_lock+0x5f/0x70 [ 97.964098][ T5546] do_wait+0x2b7/0xd70 [ 97.970386][ T5546] kernel_wait+0xa0/0x150 [ 97.977348][ T5546] call_usermodehelper_exec_work+0xf9/0x180 [ 97.986301][ T5546] process_one_work+0x9bf/0x1710 [ 97.994384][ T5546] worker_thread+0x669/0x1090 [ 98.001466][ T5546] kthread+0x2e8/0x3a0 [ 98.007812][ T5546] ret_from_fork+0x1f/0x30 [ 98.014580][ T5546] SOFTIRQ-ON-R at: [ 98.019181][ T5546] lock_acquire+0x1e3/0x630 [ 98.025954][ T5546] _raw_read_lock+0x5f/0x70 [ 98.032813][ T5546] do_wait+0x2b7/0xd70 [ 98.039088][ T5546] kernel_wait+0xa0/0x150 [ 98.045442][ T5546] call_usermodehelper_exec_work+0xf9/0x180 [ 98.053329][ T5546] process_one_work+0x9bf/0x1710 [ 98.060359][ T5546] worker_thread+0x669/0x1090 [ 98.067121][ T5546] kthread+0x2e8/0x3a0 [ 98.073373][ T5546] ret_from_fork+0x1f/0x30 [ 98.079790][ T5546] INITIAL USE at: [ 98.083944][ T5546] lock_acquire+0x1e3/0x630 [ 98.090352][ T5546] _raw_write_lock_irq+0x36/0x50 [ 98.097293][ T5546] copy_process+0x4efb/0x7520 [ 98.104163][ T5546] kernel_clone+0xeb/0x990 [ 98.110493][ T5546] user_mode_thread+0xb1/0xf0 [ 98.117254][ T5546] rest_init+0x27/0x270 [ 98.123329][ T5546] arch_call_rest_init+0x13/0x1c [ 98.130175][ T5546] start_kernel+0x44f/0x470 [ 98.136762][ T5546] secondary_startup_64_no_verify+0xce/0xdb [ 98.144562][ T5546] INITIAL READ USE at: [ 98.149049][ T5546] lock_acquire+0x1e3/0x630 [ 98.155906][ T5546] _raw_read_lock+0x5f/0x70 [ 98.162753][ T5546] do_wait+0x2b7/0xd70 [ 98.169693][ T5546] kernel_wait+0xa0/0x150 [ 98.176386][ T5546] call_usermodehelper_exec_work+0xf9/0x180 [ 98.184622][ T5546] process_one_work+0x9bf/0x1710 [ 98.192045][ T5546] worker_thread+0x669/0x1090 [ 98.199235][ T5546] kthread+0x2e8/0x3a0 [ 98.205729][ T5546] ret_from_fork+0x1f/0x30 [ 98.212487][ T5546] } [ 98.215324][ T5546] ... key at: [] tasklist_lock+0x18/0x40 [ 98.223215][ T5546] ... acquired at: [ 98.227272][ T5546] _raw_read_lock+0x5f/0x70 [ 98.232120][ T5546] send_sigio+0xaf/0x370 [ 98.236545][ T5546] kill_fasync+0x1fc/0x480 [ 98.241772][ T5546] sock_wake_async+0xd6/0x160 [ 98.246882][ T5546] sock_def_readable+0x34d/0x4e0 [ 98.251998][ T5546] unix_dgram_sendmsg+0xf8c/0x1bc0 [ 98.257303][ T5546] sock_sendmsg+0xd3/0x120 [ 98.261980][ T5546] ____sys_sendmsg+0x334/0x8c0 [ 98.266919][ T5546] ___sys_sendmsg+0x110/0x1b0 [ 98.271775][ T5546] __sys_sendmmsg+0x18f/0x460 [ 98.276714][ T5546] __x64_sys_sendmmsg+0x9d/0x100 [ 98.281840][ T5546] do_syscall_64+0x39/0xb0 [ 98.286434][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 98.292518][ T5546] [ 98.294840][ T5546] -> (&f->f_owner.lock){....}-{2:2} { [ 98.300302][ T5546] INITIAL USE at: [ 98.304369][ T5546] lock_acquire+0x1e3/0x630 [ 98.310788][ T5546] _raw_write_lock_irq+0x36/0x50 [ 98.317482][ T5546] f_modown+0x2a/0x390 [ 98.323376][ T5546] f_setown+0xdb/0x230 [ 98.329198][ T5546] sock_ioctl+0x450/0x680 [ 98.335291][ T5546] __x64_sys_ioctl+0x197/0x210 [ 98.341973][ T5546] do_syscall_64+0x39/0xb0 [ 98.348215][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 98.356120][ T5546] INITIAL READ USE at: [ 98.360524][ T5546] lock_acquire+0x1e3/0x630 [ 98.367197][ T5546] _raw_read_lock_irqsave+0x74/0x90 [ 98.374746][ T5546] send_sigio+0x28/0x370 [ 98.381250][ T5546] kill_fasync+0x1fc/0x480 [ 98.387850][ T5546] sock_wake_async+0xd6/0x160 [ 98.394703][ T5546] sock_def_readable+0x34d/0x4e0 [ 98.401805][ T5546] unix_dgram_sendmsg+0xf8c/0x1bc0 [ 98.409095][ T5546] sock_sendmsg+0xd3/0x120 [ 98.415941][ T5546] ____sys_sendmsg+0x334/0x8c0 [ 98.422901][ T5546] ___sys_sendmsg+0x110/0x1b0 [ 98.433692][ T5546] __sys_sendmmsg+0x18f/0x460 [ 98.440631][ T5546] __x64_sys_sendmmsg+0x9d/0x100 [ 98.447741][ T5546] do_syscall_64+0x39/0xb0 [ 98.454428][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 98.462492][ T5546] } [ 98.465071][ T5546] ... key at: [] __key.5+0x0/0x40 [ 98.472278][ T5546] ... acquired at: [ 98.476169][ T5546] _raw_read_lock_irqsave+0x74/0x90 [ 98.481550][ T5546] send_sigio+0x28/0x370 [ 98.485973][ T5546] kill_fasync+0x1fc/0x480 [ 98.490557][ T5546] sock_wake_async+0xd6/0x160 [ 98.496112][ T5546] sock_def_readable+0x34d/0x4e0 [ 98.501338][ T5546] unix_dgram_sendmsg+0xf8c/0x1bc0 [ 98.507170][ T5546] sock_sendmsg+0xd3/0x120 [ 98.511939][ T5546] ____sys_sendmsg+0x334/0x8c0 [ 98.517143][ T5546] ___sys_sendmsg+0x110/0x1b0 [ 98.522025][ T5546] __sys_sendmmsg+0x18f/0x460 [ 98.527150][ T5546] __x64_sys_sendmmsg+0x9d/0x100 [ 98.532263][ T5546] do_syscall_64+0x39/0xb0 [ 98.537121][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 98.543281][ T5546] [ 98.545599][ T5546] -> (&new->fa_lock){....}-{2:2} { [ 98.550725][ T5546] INITIAL READ USE at: [ 98.555041][ T5546] lock_acquire+0x1e3/0x630 [ 98.561622][ T5546] _raw_read_lock_irqsave+0x74/0x90 [ 98.569078][ T5546] kill_fasync+0x13a/0x480 [ 98.575501][ T5546] sock_wake_async+0xd6/0x160 [ 98.582359][ T5546] sock_def_readable+0x34d/0x4e0 [ 98.589380][ T5546] unix_dgram_sendmsg+0xf8c/0x1bc0 [ 98.596513][ T5546] sock_sendmsg+0xd3/0x120 [ 98.602923][ T5546] ____sys_sendmsg+0x334/0x8c0 [ 98.609854][ T5546] ___sys_sendmsg+0x110/0x1b0 [ 98.616523][ T5546] __sys_sendmmsg+0x18f/0x460 [ 98.623377][ T5546] __x64_sys_sendmmsg+0x9d/0x100 [ 98.630493][ T5546] do_syscall_64+0x39/0xb0 [ 98.636907][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 98.644820][ T5546] } [ 98.647316][ T5546] ... key at: [] __key.0+0x0/0x40 [ 98.654441][ T5546] ... acquired at: [ 98.658322][ T5546] lock_acquire+0x1e3/0x630 [ 98.663097][ T5546] _raw_read_lock_irqsave+0x74/0x90 [ 98.668469][ T5546] kill_fasync+0x13a/0x480 [ 98.673074][ T5546] evdev_pass_values.part.0+0x667/0x960 [ 98.678829][ T5546] evdev_events+0x35d/0x3e0 [ 98.683547][ T5546] input_to_handler+0x2a0/0x4c0 [ 98.688576][ T5546] input_pass_values.part.0+0x230/0x710 [ 98.694321][ T5546] input_event_dispose+0x5cf/0x730 [ 98.700313][ T5546] input_handle_event+0x120/0xe70 [ 98.705519][ T5546] input_inject_event+0x1c8/0x330 [ 98.710742][ T5546] evdev_write+0x434/0x760 [ 98.715465][ T5546] vfs_write+0x2db/0xdd0 [ 98.720015][ T5546] ksys_write+0x1ec/0x250 [ 98.724671][ T5546] do_syscall_64+0x39/0xb0 [ 98.729794][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 98.736145][ T5546] [ 98.738681][ T5546] [ 98.738681][ T5546] stack backtrace: [ 98.745167][ T5546] CPU: 0 PID: 5546 Comm: syz-executor.0 Not tainted 6.2.0-rc3-syzkaller-00008-g1fe4fd6f5cad #0 [ 98.755483][ T5546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 98.765533][ T5546] Call Trace: [ 98.768962][ T5546] [ 98.771976][ T5546] dump_stack_lvl+0xd1/0x138 [ 98.776656][ T5546] check_irq_usage.cold+0x4e4/0x761 [ 98.781864][ T5546] ? print_shortest_lock_dependencies_backwards+0x80/0x80 [ 98.789080][ T5546] ? mark_lock.part.0+0xee/0x1910 [ 98.794124][ T5546] ? check_path.constprop.0+0x24/0x50 [ 98.799520][ T5546] ? __pv_queued_spin_lock_slowpath+0x268/0xb50 [ 98.805774][ T5546] ? is_dynamic_key.part.0+0x130/0x130 [ 98.811421][ T5546] ? try_to_wake_up+0x107/0x2080 [ 98.816876][ T5546] __lock_acquire+0x2a5b/0x56d0 [ 98.821730][ T5546] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 98.827714][ T5546] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 98.833707][ T5546] lock_acquire+0x1e3/0x630 [ 98.838208][ T5546] ? kill_fasync+0x13a/0x480 [ 98.842977][ T5546] ? lock_release+0x810/0x810 [ 98.847644][ T5546] ? lock_release+0x810/0x810 [ 98.852315][ T5546] ? lock_release+0x810/0x810 [ 98.856983][ T5546] ? __wake_up_common+0x650/0x650 [ 98.862434][ T5546] _raw_read_lock_irqsave+0x74/0x90 [ 98.868114][ T5546] ? kill_fasync+0x13a/0x480 [ 98.872801][ T5546] kill_fasync+0x13a/0x480 [ 98.877224][ T5546] evdev_pass_values.part.0+0x667/0x960 [ 98.882873][ T5546] ? evdev_free+0x70/0x70 [ 98.887310][ T5546] ? ktime_mono_to_any+0xb9/0x1e0 [ 98.892534][ T5546] evdev_events+0x35d/0x3e0 [ 98.897658][ T5546] ? evdev_connect+0x4b0/0x4b0 [ 98.902442][ T5546] input_to_handler+0x2a0/0x4c0 [ 98.907307][ T5546] input_pass_values.part.0+0x230/0x710 [ 98.913120][ T5546] input_event_dispose+0x5cf/0x730 [ 98.918249][ T5546] input_handle_event+0x120/0xe70 [ 98.923287][ T5546] input_inject_event+0x1c8/0x330 [ 98.928314][ T5546] evdev_write+0x434/0x760 [ 98.933090][ T5546] ? evdev_read+0xe40/0xe40 [ 98.937599][ T5546] ? apparmor_file_permission+0x268/0x4e0 [ 98.943671][ T5546] ? bpf_lsm_file_permission+0x9/0x10 [ 98.949052][ T5546] ? security_file_permission+0xaf/0xd0 [ 98.954858][ T5546] vfs_write+0x2db/0xdd0 [ 98.959097][ T5546] ? evdev_read+0xe40/0xe40 [ 98.963612][ T5546] ? kernel_write+0x630/0x630 [ 98.968495][ T5546] ? __fget_files+0x26a/0x440 [ 98.973284][ T5546] ? __fget_light+0xe5/0x270 [ 98.978394][ T5546] ksys_write+0x1ec/0x250 [ 98.982816][ T5546] ? __ia32_sys_read+0xb0/0xb0 [ 98.987777][ T5546] ? syscall_enter_from_user_mode+0x26/0xb0 [ 98.993843][ T5546] do_syscall_64+0x39/0xb0 [ 98.998269][ T5546] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 99.004156][ T5546] RIP: 0033:0x7fa8cc889109 [ 99.009170][ T5546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 99.029382][ T5546] RSP: 002b:00007fa8cd9bc168 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 2023/01/09 20:21:01 executed programs: 1 [ 99.037971][ T5546] RAX: ffffffffffffffda RBX: 00007fa8cc99bf60 RCX: 00007fa8cc889109 [ 99.045942][ T5546] RDX: 0000000000003888 RSI: 0000000020000080 RDI: 0000000000000005 [ 99.053904][ T5546] RBP: 00007fa8cc8e308d R08: 0000000000000000 R09: 0000000000000000 [ 99.062403][ T5546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.070366][ T5546] R13: 00007ffefaceb1ef R14: 00007fa8cd9bc300 R15: 0000000000022000 [ 99.078345][ T5546] [ 99.448693][ T5073] Bluetooth: hci0: command 0x041b tx timeout [ 101.518702][ T5073] Bluetooth: hci0: command 0x040f tx timeout [ 103.598635][ T5073] Bluetooth: hci0: command 0x0419 tx timeout 2023/01/09 20:21:06 executed programs: 225