[ 63.918821][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.936978][ T154] device veth1_macvtap left promiscuous mode [ 63.943168][ T154] device veth0_macvtap left promiscuous mode [ 63.949373][ T154] device veth1_vlan left promiscuous mode [ 63.955439][ T154] device veth0_vlan left promiscuous mode [ 64.103226][ T154] team0 (unregistering): Port device team_slave_1 removed [ 64.117353][ T154] team0 (unregistering): Port device team_slave_0 removed [ 64.130437][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 64.145007][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 64.201030][ T154] bond0 (unregistering): Released all slaves [ 71.328529][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.335024][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 Warning: Permanently added '10.128.0.71' (ED25519) to the list of known hosts. 2025/01/12 14:44:45 ignoring optional flag "sandboxArg"="0" 2025/01/12 14:44:45 ignoring optional flag "type"="gce" 2025/01/12 14:44:45 parsed 1 programs 2025/01/12 14:44:47 executed programs: 0 [ 78.992190][ T4393] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 79.148350][ T4470] chnl_net:caif_netlink_parms(): no params data found [ 79.191771][ T4470] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.200614][ T4470] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.209349][ T4470] device bridge_slave_0 entered promiscuous mode [ 79.218024][ T4470] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.225316][ T4470] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.233286][ T4470] device bridge_slave_1 entered promiscuous mode [ 79.257092][ T4470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.268052][ T4470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.291935][ T4470] team0: Port device team_slave_0 added [ 79.299381][ T4470] team0: Port device team_slave_1 added [ 79.319235][ T4470] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.326372][ T4470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.352332][ T4470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.365411][ T4470] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.372386][ T4470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.398517][ T4470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.429550][ T4470] device hsr_slave_0 entered promiscuous mode [ 79.436412][ T4470] device hsr_slave_1 entered promiscuous mode [ 79.968980][ T4470] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 79.981518][ T4470] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 79.992719][ T4470] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.003385][ T4470] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.029313][ T4470] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.036516][ T4470] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.043913][ T4470] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.051103][ T4470] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.112938][ T4470] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.125242][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.133058][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.145315][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 80.167296][ T4470] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.175342][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 80.183811][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 80.197720][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 80.215330][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 80.224185][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.231414][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.255259][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 80.264117][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 80.274942][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.282027][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.292203][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 80.302105][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 80.311727][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 80.322557][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 80.332017][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 80.343002][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 80.352384][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 80.369536][ T4470] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 80.380633][ T4470] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 80.395620][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 80.405551][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 80.415664][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 80.424302][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 80.438871][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 80.537254][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 80.545956][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 80.558317][ T4470] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.579832][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 80.590110][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 80.613461][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 80.622999][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 80.635899][ T4470] device veth0_vlan entered promiscuous mode [ 80.646034][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 80.653958][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 80.665550][ T4470] device veth1_vlan entered promiscuous mode [ 80.692227][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 80.702070][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 80.711528][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 80.721483][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 80.733486][ T4470] device veth0_macvtap entered promiscuous mode [ 80.745141][ T4470] device veth1_macvtap entered promiscuous mode [ 80.767308][ T4470] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.776180][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 80.786413][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 80.797004][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 80.806231][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 80.821638][ T4470] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.832188][ T4470] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.842618][ T4470] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.852078][ T4470] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.862481][ T4470] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.881307][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 80.890244][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 80.958805][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.972184][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.990240][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 81.003189][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 81.012474][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.023619][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 81.084229][ T4563] [ 81.086681][ T4563] ===================================================== [ 81.093621][ T4563] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 81.101083][ T4563] 5.15.176-syzkaller #0 Not tainted [ 81.106401][ T4563] ----------------------------------------------------- [ 81.113386][ T4563] syz-executor.0/4563 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 81.121383][ T4563] ffffffff8c80a058 (tasklist_lock){.+.+}-{2:2}, at: send_sigurg+0xc8/0x380 [ 81.130047][ T4563] [ 81.130047][ T4563] and this task is already holding: [ 81.137415][ T4563] ffff8880791efa38 (&f->f_owner.lock){....}-{2:2}, at: send_sigurg+0x25/0x380 [ 81.146300][ T4563] which would create a new lock dependency: [ 81.152179][ T4563] (&f->f_owner.lock){....}-{2:2} -> (tasklist_lock){.+.+}-{2:2} [ 81.159918][ T4563] [ 81.159918][ T4563] but this new dependency connects a HARDIRQ-irq-safe lock: [ 81.169357][ T4563] (&dev->event_lock#2){-...}-{2:2} [ 81.169384][ T4563] [ 81.169384][ T4563] ... which became HARDIRQ-irq-safe at: [ 81.182423][ T4563] lock_acquire+0x1db/0x4f0 [ 81.187036][ T4563] _raw_spin_lock_irqsave+0xd1/0x120 [ 81.192419][ T4563] input_event+0x8a/0xd0 [ 81.196749][ T4563] psmouse_report_standard_packet+0x50/0x200 [ 81.202819][ T4563] psmouse_process_byte+0x45b/0x640 [ 81.208103][ T4563] psmouse_handle_byte+0x46/0x4b0 [ 81.213207][ T4563] psmouse_interrupt+0x697/0x10a0 [ 81.218343][ T4563] serio_interrupt+0x88/0x130 [ 81.223101][ T4563] i8042_interrupt+0x355/0x750 [ 81.227950][ T4563] __handle_irq_event_percpu+0x292/0xa70 [ 81.233664][ T4563] handle_irq_event+0xff/0x2b0 [ 81.238510][ T4563] handle_edge_irq+0x245/0xbf0 [ 81.243363][ T4563] __common_interrupt+0xd7/0x1f0 [ 81.248473][ T4563] common_interrupt+0xae/0xd0 [ 81.253231][ T4563] asm_common_interrupt+0x22/0x40 [ 81.258340][ T4563] _raw_spin_unlock_irq+0x25/0x40 [ 81.263538][ T4563] process_one_work+0x78a/0x10c0 [ 81.268566][ T4563] worker_thread+0xaca/0x1280 [ 81.273409][ T4563] kthread+0x3f6/0x4f0 [ 81.277572][ T4563] ret_from_fork+0x1f/0x30 [ 81.282070][ T4563] [ 81.282070][ T4563] to a HARDIRQ-irq-unsafe lock: [ 81.289079][ T4563] (tasklist_lock){.+.+}-{2:2} [ 81.289108][ T4563] [ 81.289108][ T4563] ... which became HARDIRQ-irq-unsafe at: [ 81.301883][ T4563] ... [ 81.301892][ T4563] lock_acquire+0x1db/0x4f0 [ 81.309067][ T4563] _raw_read_lock+0x32/0x40 [ 81.313657][ T4563] do_wait+0x2a7/0xaf0 [ 81.317802][ T4563] kernel_wait+0xe5/0x230 [ 81.322210][ T4563] call_usermodehelper_exec_work+0xb5/0x220 [ 81.328182][ T4563] process_one_work+0x8a1/0x10c0 [ 81.333199][ T4563] worker_thread+0xaca/0x1280 [ 81.337953][ T4563] kthread+0x3f6/0x4f0 [ 81.342105][ T4563] ret_from_fork+0x1f/0x30 [ 81.346619][ T4563] [ 81.346619][ T4563] other info that might help us debug this: [ 81.346619][ T4563] [ 81.356836][ T4563] Chain exists of: [ 81.356836][ T4563] &dev->event_lock#2 --> &f->f_owner.lock --> tasklist_lock [ 81.356836][ T4563] [ 81.370040][ T4563] Possible interrupt unsafe locking scenario: [ 81.370040][ T4563] [ 81.378599][ T4563] CPU0 CPU1 [ 81.383962][ T4563] ---- ---- [ 81.389322][ T4563] lock(tasklist_lock); [ 81.393560][ T4563] local_irq_disable(); [ 81.400307][ T4563] lock(&dev->event_lock#2); [ 81.407505][ T4563] lock(&f->f_owner.lock); [ 81.414520][ T4563] [ 81.417978][ T4563] lock(&dev->event_lock#2); [ 81.422910][ T4563] [ 81.422910][ T4563] *** DEADLOCK *** [ 81.422910][ T4563] [ 81.431249][ T4563] 2 locks held by syz-executor.0/4563: [ 81.436695][ T4563] #0: ffff888074bf9aa0 (sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_sendmsg+0x1e/0x40 [ 81.445944][ T4563] #1: ffff8880791efa38 (&f->f_owner.lock){....}-{2:2}, at: send_sigurg+0x25/0x380 [ 81.455338][ T4563] [ 81.455338][ T4563] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 81.465729][ T4563] -> (&dev->event_lock#2){-...}-{2:2} { [ 81.471545][ T4563] IN-HARDIRQ-W at: [ 81.475873][ T4563] lock_acquire+0x1db/0x4f0 [ 81.482542][ T4563] _raw_spin_lock_irqsave+0xd1/0x120 [ 81.489998][ T4563] input_event+0x8a/0xd0 [ 81.496587][ T4563] psmouse_report_standard_packet+0x50/0x200 [ 81.504733][ T4563] psmouse_process_byte+0x45b/0x640 [ 81.512096][ T4563] psmouse_handle_byte+0x46/0x4b0 [ 81.519296][ T4563] psmouse_interrupt+0x697/0x10a0 [ 81.526502][ T4563] serio_interrupt+0x88/0x130 [ 81.533363][ T4563] i8042_interrupt+0x355/0x750 [ 81.540305][ T4563] __handle_irq_event_percpu+0x292/0xa70 [ 81.548124][ T4563] handle_irq_event+0xff/0x2b0 [ 81.555142][ T4563] handle_edge_irq+0x245/0xbf0 [ 81.562070][ T4563] __common_interrupt+0xd7/0x1f0 [ 81.569169][ T4563] common_interrupt+0xae/0xd0 [ 81.576010][ T4563] asm_common_interrupt+0x22/0x40 [ 81.583310][ T4563] _raw_spin_unlock_irq+0x25/0x40 [ 81.590514][ T4563] process_one_work+0x78a/0x10c0 [ 81.597621][ T4563] worker_thread+0xaca/0x1280 [ 81.604460][ T4563] kthread+0x3f6/0x4f0 [ 81.610714][ T4563] ret_from_fork+0x1f/0x30 [ 81.617317][ T4563] INITIAL USE at: [ 81.621465][ T4563] lock_acquire+0x1db/0x4f0 [ 81.628044][ T4563] _raw_spin_lock_irqsave+0xd1/0x120 [ 81.635408][ T4563] input_inject_event+0xc0/0x300 [ 81.642425][ T4563] led_trigger_event+0x109/0x1e0 [ 81.649440][ T4563] kbd_led_trigger_activate+0xb9/0x100 [ 81.656981][ T4563] led_trigger_set+0x55a/0x970 [ 81.663818][ T4563] led_trigger_set_default+0x1c2/0x200 [ 81.671440][ T4563] led_classdev_register_ext+0x6cf/0x8d0 [ 81.679147][ T4563] input_leds_connect+0x503/0x740 [ 81.686250][ T4563] input_register_device+0xdae/0x1150 [ 81.693697][ T4563] atkbd_connect+0x7a7/0xa70 [ 81.700458][ T4563] serio_driver_probe+0x74/0x90 [ 81.707392][ T4563] really_probe+0x24e/0xb60 [ 81.713970][ T4563] __driver_probe_device+0x1a2/0x3d0 [ 81.721341][ T4563] driver_probe_device+0x50/0x420 [ 81.728446][ T4563] __driver_attach+0x479/0x690 [ 81.735287][ T4563] bus_for_each_dev+0x17c/0x1f0 [ 81.742211][ T4563] serio_handle_event+0x56a/0x8f0 [ 81.749401][ T4563] process_one_work+0x8a1/0x10c0 [ 81.756419][ T4563] worker_thread+0xaca/0x1280 [ 81.763173][ T4563] kthread+0x3f6/0x4f0 [ 81.769320][ T4563] ret_from_fork+0x1f/0x30 [ 81.775824][ T4563] } [ 81.778571][ T4563] ... key at: [] input_allocate_device.__key.6+0x0/0x20 [ 81.787848][ T4563] -> (&client->buffer_lock){....}-{2:2} { [ 81.793748][ T4563] INITIAL USE at: [ 81.797806][ T4563] lock_acquire+0x1db/0x4f0 [ 81.804210][ T4563] _raw_spin_lock+0x2a/0x40 [ 81.810617][ T4563] evdev_pass_values+0xe7/0xb60 [ 81.817376][ T4563] evdev_events+0x198/0x2c0 [ 81.823780][ T4563] input_pass_values+0x873/0x1200 [ 81.830739][ T4563] input_handle_event+0xc9b/0x1600 [ 81.837852][ T4563] input_inject_event+0x1fc/0x300 [ 81.844787][ T4563] evdev_write+0x668/0x7c0 [ 81.851108][ T4563] vfs_write+0x30c/0xe50 [ 81.857255][ T4563] ksys_write+0x1a2/0x2c0 [ 81.863488][ T4563] do_syscall_64+0x3b/0xb0 [ 81.869814][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 81.877615][ T4563] } [ 81.880279][ T4563] ... key at: [] evdev_open.__key.23+0x0/0x20 [ 81.888606][ T4563] ... acquired at: [ 81.892568][ T4563] lock_acquire+0x1db/0x4f0 [ 81.897238][ T4563] _raw_spin_lock+0x2a/0x40 [ 81.901908][ T4563] evdev_pass_values+0xe7/0xb60 [ 81.906926][ T4563] evdev_events+0x198/0x2c0 [ 81.911597][ T4563] input_pass_values+0x873/0x1200 [ 81.916786][ T4563] input_handle_event+0xc9b/0x1600 [ 81.922067][ T4563] input_inject_event+0x1fc/0x300 [ 81.927259][ T4563] evdev_write+0x668/0x7c0 [ 81.931845][ T4563] vfs_write+0x30c/0xe50 [ 81.936254][ T4563] ksys_write+0x1a2/0x2c0 [ 81.940749][ T4563] do_syscall_64+0x3b/0xb0 [ 81.945421][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 81.951485][ T4563] [ 81.953801][ T4563] -> (&new->fa_lock){....}-{2:2} { [ 81.959005][ T4563] INITIAL READ USE at: [ 81.963413][ T4563] lock_acquire+0x1db/0x4f0 [ 81.970088][ T4563] _raw_read_lock_irqsave+0xd9/0x120 [ 81.977627][ T4563] kill_fasync+0x16a/0x490 [ 81.984303][ T4563] evdev_pass_values+0x5ad/0xb60 [ 81.991411][ T4563] evdev_events+0x198/0x2c0 [ 81.998081][ T4563] input_pass_values+0x873/0x1200 [ 82.005266][ T4563] input_handle_event+0xc9b/0x1600 [ 82.012557][ T4563] input_inject_event+0x1fc/0x300 [ 82.019924][ T4563] evdev_write+0x668/0x7c0 [ 82.026505][ T4563] vfs_write+0x30c/0xe50 [ 82.032911][ T4563] ksys_write+0x1a2/0x2c0 [ 82.039401][ T4563] do_syscall_64+0x3b/0xb0 [ 82.045981][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 82.054046][ T4563] } [ 82.056622][ T4563] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 82.065378][ T4563] ... acquired at: [ 82.069289][ T4563] lock_acquire+0x1db/0x4f0 [ 82.074229][ T4563] _raw_read_lock_irqsave+0xd9/0x120 [ 82.079680][ T4563] kill_fasync+0x16a/0x490 [ 82.084263][ T4563] evdev_pass_values+0x5ad/0xb60 [ 82.089373][ T4563] evdev_events+0x198/0x2c0 [ 82.094041][ T4563] input_pass_values+0x873/0x1200 [ 82.099229][ T4563] input_handle_event+0xc9b/0x1600 [ 82.104515][ T4563] input_inject_event+0x1fc/0x300 [ 82.109707][ T4563] evdev_write+0x668/0x7c0 [ 82.114379][ T4563] vfs_write+0x30c/0xe50 [ 82.118786][ T4563] ksys_write+0x1a2/0x2c0 [ 82.123278][ T4563] do_syscall_64+0x3b/0xb0 [ 82.127948][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 82.134010][ T4563] [ 82.136323][ T4563] -> (&f->f_owner.lock){....}-{2:2} { [ 82.141826][ T4563] INITIAL USE at: [ 82.145726][ T4563] lock_acquire+0x1db/0x4f0 [ 82.151800][ T4563] _raw_write_lock_irq+0xcf/0x110 [ 82.158489][ T4563] __f_setown+0x38/0x350 [ 82.164300][ T4563] f_setown+0x11f/0x1c0 [ 82.170011][ T4563] do_fcntl+0x1b7/0x1600 [ 82.175916][ T4563] __se_sys_fcntl+0xd8/0x1b0 [ 82.182062][ T4563] do_syscall_64+0x3b/0xb0 [ 82.188044][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 82.195587][ T4563] INITIAL READ USE at: [ 82.199927][ T4563] lock_acquire+0x1db/0x4f0 [ 82.206427][ T4563] _raw_read_lock_irqsave+0xd9/0x120 [ 82.213723][ T4563] send_sigio+0x2f/0x330 [ 82.219971][ T4563] kill_fasync+0x20c/0x490 [ 82.226393][ T4563] evdev_pass_values+0x5ad/0xb60 [ 82.233339][ T4563] evdev_events+0x198/0x2c0 [ 82.239851][ T4563] input_pass_values+0x873/0x1200 [ 82.246871][ T4563] input_handle_event+0xc9b/0x1600 [ 82.253981][ T4563] input_inject_event+0x1fc/0x300 [ 82.261003][ T4563] evdev_write+0x668/0x7c0 [ 82.267430][ T4563] vfs_write+0x30c/0xe50 [ 82.273679][ T4563] ksys_write+0x1a2/0x2c0 [ 82.280006][ T4563] do_syscall_64+0x3b/0xb0 [ 82.286417][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 82.294421][ T4563] } [ 82.296925][ T4563] ... key at: [] __alloc_file.__key+0x0/0x10 [ 82.305003][ T4563] ... acquired at: [ 82.308796][ T4563] lock_acquire+0x1db/0x4f0 [ 82.313472][ T4563] _raw_read_lock_irqsave+0xd9/0x120 [ 82.318933][ T4563] send_sigio+0x2f/0x330 [ 82.323368][ T4563] kill_fasync+0x20c/0x490 [ 82.327950][ T4563] evdev_pass_values+0x5ad/0xb60 [ 82.333060][ T4563] evdev_events+0x198/0x2c0 [ 82.337736][ T4563] input_pass_values+0x873/0x1200 [ 82.342928][ T4563] input_handle_event+0xc9b/0x1600 [ 82.348305][ T4563] input_inject_event+0x1fc/0x300 [ 82.353503][ T4563] evdev_write+0x668/0x7c0 [ 82.358086][ T4563] vfs_write+0x30c/0xe50 [ 82.362495][ T4563] ksys_write+0x1a2/0x2c0 [ 82.366993][ T4563] do_syscall_64+0x3b/0xb0 [ 82.371578][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 82.377642][ T4563] [ 82.379983][ T4563] [ 82.379983][ T4563] the dependencies between the lock to be acquired [ 82.379991][ T4563] and HARDIRQ-irq-unsafe lock: [ 82.393573][ T4563] -> (tasklist_lock){.+.+}-{2:2} { [ 82.398731][ T4563] HARDIRQ-ON-R at: [ 82.402716][ T4563] lock_acquire+0x1db/0x4f0 [ 82.408871][ T4563] _raw_read_lock+0x32/0x40 [ 82.415039][ T4563] do_wait+0x2a7/0xaf0 [ 82.420758][ T4563] kernel_wait+0xe5/0x230 [ 82.426733][ T4563] call_usermodehelper_exec_work+0xb5/0x220 [ 82.434278][ T4563] process_one_work+0x8a1/0x10c0 [ 82.440881][ T4563] worker_thread+0xaca/0x1280 [ 82.447211][ T4563] kthread+0x3f6/0x4f0 [ 82.453414][ T4563] ret_from_fork+0x1f/0x30 [ 82.459480][ T4563] SOFTIRQ-ON-R at: [ 82.463452][ T4563] lock_acquire+0x1db/0x4f0 [ 82.469598][ T4563] _raw_read_lock+0x32/0x40 [ 82.475839][ T4563] do_wait+0x2a7/0xaf0 [ 82.481556][ T4563] kernel_wait+0xe5/0x230 [ 82.487524][ T4563] call_usermodehelper_exec_work+0xb5/0x220 [ 82.495064][ T4563] process_one_work+0x8a1/0x10c0 [ 82.501675][ T4563] worker_thread+0xaca/0x1280 [ 82.508018][ T4563] kthread+0x3f6/0x4f0 [ 82.513730][ T4563] ret_from_fork+0x1f/0x30 [ 82.519789][ T4563] INITIAL USE at: [ 82.523671][ T4563] lock_acquire+0x1db/0x4f0 [ 82.529825][ T4563] _raw_write_lock_irq+0xcf/0x110 [ 82.536407][ T4563] copy_process+0x22be/0x3ef0 [ 82.542645][ T4563] kernel_clone+0x210/0x960 [ 82.548790][ T4563] kernel_thread+0x168/0x1e0 [ 82.554953][ T4563] rest_init+0x21/0x330 [ 82.560666][ T4563] start_kernel+0x48c/0x540 [ 82.566727][ T4563] secondary_startup_64_no_verify+0xb1/0xbb [ 82.574261][ T4563] INITIAL READ USE at: [ 82.578578][ T4563] lock_acquire+0x1db/0x4f0 [ 82.585071][ T4563] _raw_read_lock+0x32/0x40 [ 82.591564][ T4563] do_wait+0x2a7/0xaf0 [ 82.597619][ T4563] kernel_wait+0xe5/0x230 [ 82.604020][ T4563] call_usermodehelper_exec_work+0xb5/0x220 [ 82.611909][ T4563] process_one_work+0x8a1/0x10c0 [ 82.618845][ T4563] worker_thread+0xaca/0x1280 [ 82.625610][ T4563] kthread+0x3f6/0x4f0 [ 82.631843][ T4563] ret_from_fork+0x1f/0x30 [ 82.638283][ T4563] } [ 82.640779][ T4563] ... key at: [] tasklist_lock+0x18/0x40 [ 82.648493][ T4563] ... acquired at: [ 82.652287][ T4563] lock_acquire+0x1db/0x4f0 [ 82.656955][ T4563] _raw_read_lock+0x32/0x40 [ 82.661632][ T4563] send_sigurg+0xc8/0x380 [ 82.666129][ T4563] sk_send_sigurg+0x6a/0xb0 [ 82.670813][ T4563] tcp_urg+0x2b8/0xb40 [ 82.675047][ T4563] tcp_rcv_established+0xe33/0x1e20 [ 82.680413][ T4563] tcp_v6_do_rcv+0x4f2/0x10f0 [ 82.685254][ T4563] __release_sock+0x198/0x4b0 [ 82.690096][ T4563] release_sock+0x5d/0x1c0 [ 82.694704][ T4563] tcp_sendmsg+0x36/0x40 [ 82.699110][ T4563] __sys_sendto+0x564/0x720 [ 82.703776][ T4563] __x64_sys_sendto+0xda/0xf0 [ 82.708618][ T4563] do_syscall_64+0x3b/0xb0 [ 82.713205][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 82.719267][ T4563] [ 82.721777][ T4563] [ 82.721777][ T4563] stack backtrace: [ 82.727663][ T4563] CPU: 0 PID: 4563 Comm: syz-executor.0 Not tainted 5.15.176-syzkaller #0 [ 82.736155][ T4563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 82.746213][ T4563] Call Trace: [ 82.749488][ T4563] [ 82.752416][ T4563] dump_stack_lvl+0x1e3/0x2d0 [ 82.757094][ T4563] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 82.762804][ T4563] ? panic+0x860/0x860 [ 82.766870][ T4563] ? print_shortest_lock_dependencies+0xee/0x150 [ 82.773194][ T4563] validate_chain+0x4d01/0x5930 [ 82.778230][ T4563] ? reacquire_held_locks+0x660/0x660 [ 82.783596][ T4563] ? do_raw_spin_unlock+0x137/0x8b0 [ 82.788795][ T4563] ? __lock_acquire+0x1295/0x1ff0 [ 82.793812][ T4563] ? mark_lock+0x98/0x340 [ 82.798136][ T4563] __lock_acquire+0x1295/0x1ff0 [ 82.803174][ T4563] lock_acquire+0x1db/0x4f0 [ 82.807787][ T4563] ? send_sigurg+0xc8/0x380 [ 82.812306][ T4563] ? read_lock_is_recursive+0x10/0x10 [ 82.817696][ T4563] ? _raw_read_lock_irqsave+0xac/0x120 [ 82.823150][ T4563] ? lockdep_hardirqs_off+0x70/0x100 [ 82.828430][ T4563] ? do_raw_read_lock+0x38/0x80 [ 82.833272][ T4563] ? _raw_read_lock_irqsave+0xe5/0x120 [ 82.838732][ T4563] ? _raw_read_lock+0x40/0x40 [ 82.843406][ T4563] _raw_read_lock+0x32/0x40 [ 82.847902][ T4563] ? send_sigurg+0xc8/0x380 [ 82.852404][ T4563] send_sigurg+0xc8/0x380 [ 82.856820][ T4563] sk_send_sigurg+0x6a/0xb0 [ 82.861319][ T4563] tcp_urg+0x2b8/0xb40 [ 82.865394][ T4563] ? tcp_validate_incoming+0x2640/0x2640 [ 82.871026][ T4563] ? ktime_get+0x242/0x270 [ 82.875439][ T4563] ? inet6_sk_rx_dst_set+0x1e9/0x2a0 [ 82.880731][ T4563] tcp_rcv_established+0xe33/0x1e20 [ 82.885928][ T4563] ? tcp_check_space+0x930/0x930 [ 82.890860][ T4563] tcp_v6_do_rcv+0x4f2/0x10f0 [ 82.895533][ T4563] __release_sock+0x198/0x4b0 [ 82.900213][ T4563] release_sock+0x5d/0x1c0 [ 82.904627][ T4563] tcp_sendmsg+0x36/0x40 [ 82.908870][ T4563] ? inet6_compat_ioctl+0x550/0x550 [ 82.914063][ T4563] __sys_sendto+0x564/0x720 [ 82.918571][ T4563] ? __ia32_sys_getpeername+0x80/0x80 [ 82.924037][ T4563] ? print_irqtrace_events+0x210/0x210 [ 82.929492][ T4563] ? vtime_user_exit+0x2d1/0x400 [ 82.934431][ T4563] __x64_sys_sendto+0xda/0xf0 [ 82.939108][ T4563] do_syscall_64+0x3b/0xb0 [ 82.943517][ T4563] ? clear_bhb_loop+0x15/0x70 [ 82.948228][ T4563] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 82.954126][ T4563] RIP: 0033:0x7fd7cd0fde69 [ 82.958551][ T4563] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 82.978150][ T4563] RSP: 002b:00007fd7cc47e0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 82.986560][ T4563] RAX: ffffffffffffffda RBX: 00007fd7cd22bf80 RCX: 00007fd7cd0fde69 [ 82.994523][ T4563] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000005 [ 83.002491][ T4563] RBP: 00007fd7cd14a47a R08: 0000000000000000 R09: 0000000000000000 [ 83.010478][ T4563] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 83.018446][ T4563] R13: 000000000000000b R14: 00007fd7cd22bf80 R15: 00007ffeaf3c1b08 [ 83.026419][ T4563] [ 83.031032][ T13] Bluetooth: hci0: command 0x0409 tx timeout [ 83.042350][ T1347] cfg80211: failed to load regulatory.db 2025/01/12 14:44:52 executed programs: 32 [ 85.084646][ T13] Bluetooth: hci0: command 0x041b tx timeout [ 87.164532][ T1347] Bluetooth: hci0: command 0x040f tx timeout 2025/01/12 14:44:57 executed programs: 253 [ 89.247074][ T1347] Bluetooth: hci0: command 0x0419 tx timeout