[ 71.851825][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.858312][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 Warning: Permanently added '10.128.1.214' (ED25519) to the list of known hosts. 2025/11/20 00:06:26 ignoring optional flag "type"="gce" 2025/11/20 00:06:26 parsed 1 programs 2025/11/20 00:06:28 executed programs: 0 [ 76.729100][ T4462] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 76.856395][ T4512] chnl_net:caif_netlink_parms(): no params data found [ 76.896259][ T4512] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.903643][ T4512] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.911827][ T4512] device bridge_slave_0 entered promiscuous mode [ 76.920539][ T4512] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.927756][ T4512] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.936475][ T4512] device bridge_slave_1 entered promiscuous mode [ 76.955128][ T4512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.965831][ T4512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.977833][ T1108] cfg80211: failed to load regulatory.db [ 77.024868][ T4512] team0: Port device team_slave_0 added [ 77.040367][ T4512] team0: Port device team_slave_1 added [ 77.089536][ T4512] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.096597][ T4512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.142591][ T4512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.154949][ T4512] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.162061][ T4512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.208269][ T4512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.277452][ T4512] device hsr_slave_0 entered promiscuous mode [ 77.284955][ T4512] device hsr_slave_1 entered promiscuous mode [ 77.807977][ T4512] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 77.818637][ T4512] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 77.828118][ T4512] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 77.839909][ T4512] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 77.914119][ T4512] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.927722][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 77.937686][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 77.951715][ T4512] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.962875][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 77.972667][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 77.982878][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.990004][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.009970][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 78.019111][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 78.027812][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 78.036765][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.043902][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.054734][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 78.063625][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 78.079383][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 78.090285][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 78.101159][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 78.110498][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 78.125529][ T4512] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 78.136323][ T4512] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 78.150149][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 78.158999][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 78.167684][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 78.177920][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 78.187978][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 78.202477][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 78.305906][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 78.315301][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 78.329699][ T4512] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.350789][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 78.360710][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 78.380488][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 78.389186][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 78.398051][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 78.406142][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 78.415662][ T4512] device veth0_vlan entered promiscuous mode [ 78.428230][ T4512] device veth1_vlan entered promiscuous mode [ 78.451341][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 78.459641][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 78.467806][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 78.478962][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 78.489728][ T4512] device veth0_macvtap entered promiscuous mode [ 78.500247][ T4512] device veth1_macvtap entered promiscuous mode [ 78.516419][ T4512] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.524911][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 78.534336][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 78.543407][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 78.553373][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 78.565019][ T4512] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.576659][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 78.586572][ T2997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 78.599047][ T4512] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.607770][ T4512] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.618951][ T4512] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.627679][ T4512] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.697411][ T4596] [ 78.699781][ T4596] ===================================================== [ 78.706704][ T4596] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 78.714160][ T4596] syzkaller #0 Not tainted [ 78.718572][ T4596] ----------------------------------------------------- [ 78.725581][ T4596] syz-executor.0/4596 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 78.733558][ T4596] ffffffff8be0a058 (tasklist_lock){.+.+}-{2:2}, at: send_sigurg+0xcb/0x390 [ 78.742197][ T4596] [ 78.742197][ T4596] and this task is already holding: [ 78.749566][ T4596] ffff88807c21cdb8 (&f->f_owner.lock){....}-{2:2}, at: send_sigurg+0x25/0x390 [ 78.758449][ T4596] which would create a new lock dependency: [ 78.764456][ T4596] (&f->f_owner.lock){....}-{2:2} -> (tasklist_lock){.+.+}-{2:2} [ 78.772208][ T4596] [ 78.772208][ T4596] but this new dependency connects a HARDIRQ-irq-safe lock: [ 78.781654][ T4596] (&dev->event_lock#2){-...}-{2:2} [ 78.781688][ T4596] [ 78.781688][ T4596] ... which became HARDIRQ-irq-safe at: [ 78.794657][ T4596] lock_acquire+0x197/0x3f0 [ 78.799354][ T4596] _raw_spin_lock_irqsave+0xa4/0xf0 [ 78.804659][ T4596] input_event+0x76/0xb0 [ 78.808997][ T4596] psmouse_report_standard_packet+0x4f/0x200 [ 78.815062][ T4596] psmouse_process_byte+0x42b/0x620 [ 78.820361][ T4596] psmouse_handle_byte+0x43/0x490 [ 78.825483][ T4596] psmouse_interrupt+0x699/0x1130 [ 78.830594][ T4596] serio_interrupt+0x87/0x130 [ 78.835359][ T4596] i8042_interrupt+0x369/0x710 [ 78.840214][ T4596] __handle_irq_event_percpu+0x291/0x9b0 [ 78.845936][ T4596] handle_irq_event+0xa5/0x220 [ 78.850798][ T4596] handle_edge_irq+0x243/0xb20 [ 78.855654][ T4596] __common_interrupt+0xd7/0x1e0 [ 78.860679][ T4596] common_interrupt+0xb0/0xd0 [ 78.865452][ T4596] asm_common_interrupt+0x22/0x40 [ 78.870579][ T4596] _raw_spin_unlock_irqrestore+0xa5/0x100 [ 78.876391][ T4596] klist_next+0x272/0x2f0 [ 78.881159][ T4596] bus_for_each_dev+0x146/0x1e0 [ 78.886213][ T4596] bus_add_driver+0x30a/0x5a0 [ 78.890978][ T4596] driver_register+0x32d/0x430 [ 78.895919][ T4596] usb_register_driver+0x202/0x3d0 [ 78.901486][ T4596] do_one_initcall+0x1ee/0x680 [ 78.906346][ T4596] do_initcall_level+0x137/0x1f0 [ 78.911380][ T4596] do_initcalls+0x4b/0x90 [ 78.915808][ T4596] kernel_init_freeable+0x3ce/0x560 [ 78.921100][ T4596] kernel_init+0x19/0x1b0 [ 78.925865][ T4596] ret_from_fork+0x1f/0x30 [ 78.930378][ T4596] [ 78.930378][ T4596] to a HARDIRQ-irq-unsafe lock: [ 78.937390][ T4596] (tasklist_lock){.+.+}-{2:2} [ 78.937417][ T4596] [ 78.937417][ T4596] ... which became HARDIRQ-irq-unsafe at: [ 78.950253][ T4596] ... [ 78.950261][ T4596] lock_acquire+0x197/0x3f0 [ 78.957438][ T4596] _raw_read_lock+0x32/0x40 [ 78.962118][ T4596] do_wait+0x293/0xac0 [ 78.966270][ T4596] kernel_wait+0xa8/0x160 [ 78.970687][ T4596] call_usermodehelper_exec_work+0xb5/0x220 [ 78.976668][ T4596] process_one_work+0x863/0x1000 [ 78.981695][ T4596] worker_thread+0xaa8/0x12a0 [ 78.986466][ T4596] kthread+0x436/0x520 [ 78.990707][ T4596] ret_from_fork+0x1f/0x30 [ 78.995212][ T4596] [ 78.995212][ T4596] other info that might help us debug this: [ 78.995212][ T4596] [ 79.005433][ T4596] Chain exists of: [ 79.005433][ T4596] &dev->event_lock#2 --> &f->f_owner.lock --> tasklist_lock [ 79.005433][ T4596] [ 79.018656][ T4596] Possible interrupt unsafe locking scenario: [ 79.018656][ T4596] [ 79.026976][ T4596] CPU0 CPU1 [ 79.032339][ T4596] ---- ---- [ 79.037829][ T4596] lock(tasklist_lock); [ 79.042077][ T4596] local_irq_disable(); [ 79.048987][ T4596] lock(&dev->event_lock#2); [ 79.056277][ T4596] lock(&f->f_owner.lock); [ 79.063489][ T4596] [ 79.066955][ T4596] lock(&dev->event_lock#2); [ 79.072041][ T4596] [ 79.072041][ T4596] *** DEADLOCK *** [ 79.072041][ T4596] [ 79.080366][ T4596] 2 locks held by syz-executor.0/4596: [ 79.085824][ T4596] #0: ffff888078c40de0 (sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_sendmsg+0x1d/0x40 [ 79.095145][ T4596] #1: ffff88807c21cdb8 (&f->f_owner.lock){....}-{2:2}, at: send_sigurg+0x25/0x390 [ 79.105105][ T4596] [ 79.105105][ T4596] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 79.115607][ T4596] -> (&dev->event_lock#2){-...}-{2:2} { [ 79.121440][ T4596] IN-HARDIRQ-W at: [ 79.125760][ T4596] lock_acquire+0x197/0x3f0 [ 79.132530][ T4596] _raw_spin_lock_irqsave+0xa4/0xf0 [ 79.140001][ T4596] input_event+0x76/0xb0 [ 79.146432][ T4596] psmouse_report_standard_packet+0x4f/0x200 [ 79.154682][ T4596] psmouse_process_byte+0x42b/0x620 [ 79.162144][ T4596] psmouse_handle_byte+0x43/0x490 [ 79.169358][ T4596] psmouse_interrupt+0x699/0x1130 [ 79.176564][ T4596] serio_interrupt+0x87/0x130 [ 79.183421][ T4596] i8042_interrupt+0x369/0x710 [ 79.190371][ T4596] __handle_irq_event_percpu+0x291/0x9b0 [ 79.198188][ T4596] handle_irq_event+0xa5/0x220 [ 79.205142][ T4596] handle_edge_irq+0x243/0xb20 [ 79.212089][ T4596] __common_interrupt+0xd7/0x1e0 [ 79.219212][ T4596] common_interrupt+0xb0/0xd0 [ 79.226086][ T4596] asm_common_interrupt+0x22/0x40 [ 79.233301][ T4596] _raw_spin_unlock_irqrestore+0xa5/0x100 [ 79.241640][ T4596] klist_next+0x272/0x2f0 [ 79.248249][ T4596] bus_for_each_dev+0x146/0x1e0 [ 79.255277][ T4596] bus_add_driver+0x30a/0x5a0 [ 79.262142][ T4596] driver_register+0x32d/0x430 [ 79.269175][ T4596] usb_register_driver+0x202/0x3d0 [ 79.276561][ T4596] do_one_initcall+0x1ee/0x680 [ 79.283676][ T4596] do_initcall_level+0x137/0x1f0 [ 79.290791][ T4596] do_initcalls+0x4b/0x90 [ 79.297301][ T4596] kernel_init_freeable+0x3ce/0x560 [ 79.304853][ T4596] kernel_init+0x19/0x1b0 [ 79.311364][ T4596] ret_from_fork+0x1f/0x30 [ 79.318010][ T4596] INITIAL USE at: [ 79.322175][ T4596] lock_acquire+0x197/0x3f0 [ 79.329007][ T4596] _raw_spin_lock_irqsave+0xa4/0xf0 [ 79.336827][ T4596] input_inject_event+0x9e/0x2c0 [ 79.343957][ T4596] led_trigger_event+0x10a/0x1e0 [ 79.351012][ T4596] kbd_led_trigger_activate+0xb9/0x100 [ 79.358750][ T4596] led_trigger_set+0x504/0x900 [ 79.365778][ T4596] led_trigger_set_default+0x19c/0x1e0 [ 79.373331][ T4596] led_classdev_register_ext+0x68f/0x870 [ 79.381055][ T4596] input_leds_connect+0x51d/0x750 [ 79.388257][ T4596] input_register_device+0xda7/0x1140 [ 79.395748][ T4596] atkbd_connect+0x759/0xa10 [ 79.402434][ T4596] serio_driver_probe+0x76/0x90 [ 79.409377][ T4596] really_probe+0x284/0xc80 [ 79.415983][ T4596] __driver_probe_device+0x18c/0x330 [ 79.423377][ T4596] driver_probe_device+0x4f/0x420 [ 79.430495][ T4596] __driver_attach+0x46b/0x670 [ 79.437351][ T4596] bus_for_each_dev+0x175/0x1e0 [ 79.444393][ T4596] serio_handle_event+0x29c/0x840 [ 79.451600][ T4596] process_one_work+0x863/0x1000 [ 79.458641][ T4596] worker_thread+0xaa8/0x12a0 [ 79.465506][ T4596] kthread+0x436/0x520 [ 79.472021][ T4596] ret_from_fork+0x1f/0x30 [ 79.478534][ T4596] } [ 79.481379][ T4596] ... key at: [] input_allocate_device.__key.6+0x0/0x20 [ 79.490753][ T4596] -> (&client->buffer_lock){....}-{2:2} { [ 79.496668][ T4596] INITIAL USE at: [ 79.500756][ T4596] lock_acquire+0x197/0x3f0 [ 79.507178][ T4596] _raw_spin_lock+0x2a/0x40 [ 79.513597][ T4596] evdev_pass_values+0xcb/0xab0 [ 79.520362][ T4596] evdev_events+0x1c0/0x2f0 [ 79.526782][ T4596] input_pass_values+0x880/0x1220 [ 79.533730][ T4596] input_handle_event+0xb3f/0x1490 [ 79.541200][ T4596] input_inject_event+0x1b9/0x2c0 [ 79.548145][ T4596] evdev_write+0x326/0x470 [ 79.554477][ T4596] vfs_write+0x300/0xd00 [ 79.560638][ T4596] ksys_write+0x14d/0x250 [ 79.566889][ T4596] do_syscall_64+0x4c/0xa0 [ 79.573306][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 79.581466][ T4596] } [ 79.584139][ T4596] ... key at: [] evdev_open.__key.22+0x0/0x20 [ 79.592579][ T4596] ... acquired at: [ 79.596571][ T4596] _raw_spin_lock+0x2a/0x40 [ 79.601260][ T4596] evdev_pass_values+0xcb/0xab0 [ 79.606303][ T4596] evdev_events+0x1c0/0x2f0 [ 79.610990][ T4596] input_pass_values+0x880/0x1220 [ 79.616374][ T4596] input_handle_event+0xb3f/0x1490 [ 79.621756][ T4596] input_inject_event+0x1b9/0x2c0 [ 79.626968][ T4596] evdev_write+0x326/0x470 [ 79.631572][ T4596] vfs_write+0x300/0xd00 [ 79.635998][ T4596] ksys_write+0x14d/0x250 [ 79.640693][ T4596] do_syscall_64+0x4c/0xa0 [ 79.645307][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 79.651468][ T4596] [ 79.653795][ T4596] -> (&new->fa_lock){....}-{2:2} { [ 79.659101][ T4596] INITIAL READ USE at: [ 79.663516][ T4596] lock_acquire+0x197/0x3f0 [ 79.670201][ T4596] _raw_read_lock_irqsave+0xac/0xf0 [ 79.677665][ T4596] kill_fasync+0x16d/0x490 [ 79.684372][ T4596] evdev_pass_values+0x54b/0xab0 [ 79.691493][ T4596] evdev_events+0x1c0/0x2f0 [ 79.698358][ T4596] input_pass_values+0x880/0x1220 [ 79.705741][ T4596] input_handle_event+0xb3f/0x1490 [ 79.713035][ T4596] input_inject_event+0x1b9/0x2c0 [ 79.720326][ T4596] evdev_write+0x326/0x470 [ 79.726925][ T4596] vfs_write+0x300/0xd00 [ 79.733345][ T4596] ksys_write+0x14d/0x250 [ 79.739934][ T4596] do_syscall_64+0x4c/0xa0 [ 79.746536][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 79.754726][ T4596] } [ 79.757325][ T4596] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 79.766469][ T4596] ... acquired at: [ 79.770364][ T4596] _raw_read_lock_irqsave+0xac/0xf0 [ 79.775748][ T4596] kill_fasync+0x16d/0x490 [ 79.780351][ T4596] evdev_pass_values+0x54b/0xab0 [ 79.785638][ T4596] evdev_events+0x1c0/0x2f0 [ 79.790328][ T4596] input_pass_values+0x880/0x1220 [ 79.795532][ T4596] input_handle_event+0xb3f/0x1490 [ 79.800833][ T4596] input_inject_event+0x1b9/0x2c0 [ 79.806042][ T4596] evdev_write+0x326/0x470 [ 79.810638][ T4596] vfs_write+0x300/0xd00 [ 79.815062][ T4596] ksys_write+0x14d/0x250 [ 79.819566][ T4596] do_syscall_64+0x4c/0xa0 [ 79.824163][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 79.830229][ T4596] [ 79.832549][ T4596] -> (&f->f_owner.lock){....}-{2:2} { [ 79.837939][ T4596] INITIAL USE at: [ 79.841828][ T4596] lock_acquire+0x197/0x3f0 [ 79.847897][ T4596] _raw_write_lock_irq+0x9f/0xe0 [ 79.854489][ T4596] __f_setown+0x37/0x330 [ 79.860302][ T4596] f_setown+0x120/0x1c0 [ 79.866035][ T4596] do_fcntl+0x192/0x12d0 [ 79.871848][ T4596] __se_sys_fcntl+0xcc/0x190 [ 79.878017][ T4596] do_syscall_64+0x4c/0xa0 [ 79.884113][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 79.891848][ T4596] INITIAL READ USE at: [ 79.896233][ T4596] lock_acquire+0x197/0x3f0 [ 79.902742][ T4596] _raw_read_lock_irqsave+0xac/0xf0 [ 79.909948][ T4596] send_sigio+0x2f/0x330 [ 79.916208][ T4596] kill_fasync+0x20a/0x490 [ 79.922647][ T4596] evdev_pass_values+0x54b/0xab0 [ 79.929587][ T4596] evdev_events+0x1c0/0x2f0 [ 79.936098][ T4596] input_pass_values+0x880/0x1220 [ 79.943126][ T4596] input_handle_event+0xb3f/0x1490 [ 79.950253][ T4596] input_inject_event+0x1b9/0x2c0 [ 79.957284][ T4596] evdev_write+0x326/0x470 [ 79.963796][ T4596] vfs_write+0x300/0xd00 [ 79.970129][ T4596] ksys_write+0x14d/0x250 [ 79.976461][ T4596] do_syscall_64+0x4c/0xa0 [ 79.982878][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 79.990776][ T4596] } [ 79.993356][ T4596] ... key at: [] __alloc_file.__key+0x0/0x10 [ 80.001435][ T4596] ... acquired at: [ 80.005250][ T4596] _raw_read_lock_irqsave+0xac/0xf0 [ 80.010717][ T4596] send_sigio+0x2f/0x330 [ 80.015155][ T4596] kill_fasync+0x20a/0x490 [ 80.019748][ T4596] evdev_pass_values+0x54b/0xab0 [ 80.024881][ T4596] evdev_events+0x1c0/0x2f0 [ 80.029560][ T4596] input_pass_values+0x880/0x1220 [ 80.034775][ T4596] input_handle_event+0xb3f/0x1490 [ 80.040064][ T4596] input_inject_event+0x1b9/0x2c0 [ 80.045265][ T4596] evdev_write+0x326/0x470 [ 80.050041][ T4596] vfs_write+0x300/0xd00 [ 80.054555][ T4596] ksys_write+0x14d/0x250 [ 80.059068][ T4596] do_syscall_64+0x4c/0xa0 [ 80.063662][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 80.069829][ T4596] [ 80.072151][ T4596] [ 80.072151][ T4596] the dependencies between the lock to be acquired [ 80.072161][ T4596] and HARDIRQ-irq-unsafe lock: [ 80.085670][ T4596] -> (tasklist_lock){.+.+}-{2:2} { [ 80.090798][ T4596] HARDIRQ-ON-R at: [ 80.094777][ T4596] lock_acquire+0x197/0x3f0 [ 80.101063][ T4596] _raw_read_lock+0x32/0x40 [ 80.107275][ T4596] do_wait+0x293/0xac0 [ 80.113004][ T4596] kernel_wait+0xa8/0x160 [ 80.118995][ T4596] call_usermodehelper_exec_work+0xb5/0x220 [ 80.126660][ T4596] process_one_work+0x863/0x1000 [ 80.133250][ T4596] worker_thread+0xaa8/0x12a0 [ 80.139784][ T4596] kthread+0x436/0x520 [ 80.145592][ T4596] ret_from_fork+0x1f/0x30 [ 80.151679][ T4596] SOFTIRQ-ON-R at: [ 80.155663][ T4596] lock_acquire+0x197/0x3f0 [ 80.161923][ T4596] _raw_read_lock+0x32/0x40 [ 80.168435][ T4596] do_wait+0x293/0xac0 [ 80.174691][ T4596] kernel_wait+0xa8/0x160 [ 80.180689][ T4596] call_usermodehelper_exec_work+0xb5/0x220 [ 80.188433][ T4596] process_one_work+0x863/0x1000 [ 80.195198][ T4596] worker_thread+0xaa8/0x12a0 [ 80.201532][ T4596] kthread+0x436/0x520 [ 80.207254][ T4596] ret_from_fork+0x1f/0x30 [ 80.213326][ T4596] INITIAL USE at: [ 80.217217][ T4596] lock_acquire+0x197/0x3f0 [ 80.223296][ T4596] _raw_write_lock_irq+0x9f/0xe0 [ 80.229923][ T4596] copy_process+0x234a/0x3e00 [ 80.236170][ T4596] kernel_clone+0x219/0x930 [ 80.242420][ T4596] kernel_thread+0xc8/0x120 [ 80.248581][ T4596] rest_init+0x21/0x330 [ 80.254304][ T4596] start_kernel+0x486/0x530 [ 80.260377][ T4596] secondary_startup_64_no_verify+0xb1/0xbb [ 80.267836][ T4596] INITIAL READ USE at: [ 80.272164][ T4596] lock_acquire+0x197/0x3f0 [ 80.278675][ T4596] _raw_read_lock+0x32/0x40 [ 80.285266][ T4596] do_wait+0x293/0xac0 [ 80.291352][ T4596] kernel_wait+0xa8/0x160 [ 80.297685][ T4596] call_usermodehelper_exec_work+0xb5/0x220 [ 80.305579][ T4596] process_one_work+0x863/0x1000 [ 80.312524][ T4596] worker_thread+0xaa8/0x12a0 [ 80.319202][ T4596] kthread+0x436/0x520 [ 80.325274][ T4596] ret_from_fork+0x1f/0x30 [ 80.331707][ T4596] } [ 80.334210][ T4596] ... key at: [] tasklist_lock+0x18/0x40 [ 80.341941][ T4596] ... acquired at: [ 80.345837][ T4596] _raw_read_lock+0x32/0x40 [ 80.350520][ T4596] send_sigurg+0xcb/0x390 [ 80.355032][ T4596] sk_send_sigurg+0x6b/0xc0 [ 80.359714][ T4596] tcp_urg+0x2bc/0xb10 [ 80.363960][ T4596] tcp_rcv_established+0xac5/0x1cb0 [ 80.369331][ T4596] tcp_v6_do_rcv+0x539/0x1180 [ 80.374194][ T4596] __release_sock+0x1b9/0x420 [ 80.379049][ T4596] release_sock+0x5b/0x1b0 [ 80.383709][ T4596] tcp_sendmsg+0x35/0x40 [ 80.388163][ T4596] __sys_sendto+0x423/0x580 [ 80.392930][ T4596] __x64_sys_sendto+0xda/0xf0 [ 80.397874][ T4596] do_syscall_64+0x4c/0xa0 [ 80.402467][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 80.408626][ T4596] [ 80.410955][ T4596] [ 80.410955][ T4596] stack backtrace: [ 80.416939][ T4596] CPU: 1 PID: 4596 Comm: syz-executor.0 Not tainted syzkaller #0 [ 80.424664][ T4596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 80.434823][ T4596] Call Trace: [ 80.438112][ T4596] [ 80.441047][ T4596] dump_stack_lvl+0x168/0x230 [ 80.445732][ T4596] ? load_image+0x3b0/0x3b0 [ 80.450240][ T4596] ? show_regs_print_info+0x20/0x20 [ 80.455446][ T4596] ? load_image+0x3b0/0x3b0 [ 80.459963][ T4596] ? print_shortest_lock_dependencies+0xf0/0x160 [ 80.466299][ T4596] __lock_acquire+0x65dd/0x7c60 [ 80.471170][ T4596] ? verify_lock_unused+0x140/0x140 [ 80.476388][ T4596] ? cubictcp_acked+0xc2/0xe30 [ 80.481165][ T4596] lock_acquire+0x197/0x3f0 [ 80.485764][ T4596] ? send_sigurg+0xcb/0x390 [ 80.490274][ T4596] ? _raw_read_lock_irqsave+0x7f/0xf0 [ 80.495742][ T4596] ? lockdep_hardirqs_off+0x70/0x100 [ 80.501052][ T4596] ? read_lock_is_recursive+0x10/0x10 [ 80.506447][ T4596] ? do_raw_read_lock+0x39/0x80 [ 80.511317][ T4596] ? _raw_read_lock_irqsave+0xb8/0xf0 [ 80.516783][ T4596] ? _raw_read_lock+0x40/0x40 [ 80.521466][ T4596] _raw_read_lock+0x32/0x40 [ 80.525976][ T4596] ? send_sigurg+0xcb/0x390 [ 80.530580][ T4596] send_sigurg+0xcb/0x390 [ 80.534913][ T4596] sk_send_sigurg+0x6b/0xc0 [ 80.539427][ T4596] tcp_urg+0x2bc/0xb10 [ 80.543506][ T4596] ? tcp_validate_incoming+0x1e10/0x1e10 [ 80.549143][ T4596] ? inet6_sk_rx_dst_set+0x1ea/0x2a0 [ 80.554434][ T4596] tcp_rcv_established+0xac5/0x1cb0 [ 80.559730][ T4596] ? tcp_check_space+0x960/0x960 [ 80.564694][ T4596] tcp_v6_do_rcv+0x539/0x1180 [ 80.569384][ T4596] __release_sock+0x1b9/0x420 [ 80.574080][ T4596] release_sock+0x5b/0x1b0 [ 80.578504][ T4596] tcp_sendmsg+0x35/0x40 [ 80.582752][ T4596] __sys_sendto+0x423/0x580 [ 80.587523][ T4596] ? __ia32_sys_getpeername+0x80/0x80 [ 80.592908][ T4596] ? __lock_acquire+0x7c60/0x7c60 [ 80.597953][ T4596] ? lock_chain_count+0x20/0x20 [ 80.602810][ T4596] ? vtime_user_exit+0x2dc/0x400 [ 80.607751][ T4596] __x64_sys_sendto+0xda/0xf0 [ 80.612435][ T4596] do_syscall_64+0x4c/0xa0 [ 80.616853][ T4596] ? clear_bhb_loop+0x30/0x80 [ 80.621537][ T4596] ? clear_bhb_loop+0x30/0x80 [ 80.626224][ T4596] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 80.632148][ T4596] RIP: 0033:0x7f503c344e69 [ 80.636582][ T4596] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 80.656288][ T4596] RSP: 002b:00007f503b6c50c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 80.664709][ T4596] RAX: ffffffffffffffda RBX: 00007f503c472f80 RCX: 00007f503c344e69 [ 80.672771][ T4596] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000005 [ 80.680969][ T4596] RBP: 00007f503c39147a R08: 0000000000000000 R09: 0000000000000000 [ 80.689137][ T4596] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 80.697289][ T4596] R13: 000000000000000b R14: 00007f503c472f80 R15: 00007fff8bee08c8 [ 80.705276][ T4596] [ 80.710067][ T4231] Bluetooth: hci0: command 0x0409 tx timeout 2025/11/20 00:06:33 executed programs: 45 [ 82.738545][ T4231] Bluetooth: hci0: command 0x041b tx timeout [ 84.809057][ T4231] Bluetooth: hci0: command 0x040f tx timeout 2025/11/20 00:06:38 executed programs: 381 [ 86.888977][ T4231] Bluetooth: hci0: command 0x0419 tx timeout