Warning: Permanently added '10.128.1.173' (ED25519) to the list of known hosts. 2024/04/20 09:51:16 ignoring optional flag "sandboxArg"="0" 2024/04/20 09:51:17 parsed 1 programs 2024/04/20 09:51:19 executed programs: 0 [ 82.484082][ T5353] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 82.539156][ T5088] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 82.547166][ T5088] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 82.555190][ T5088] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 82.564332][ T5088] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 82.572857][ T5088] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 82.580340][ T5088] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 82.631754][ T928] cfg80211: failed to load regulatory.db [ 82.715414][ T5419] chnl_net:caif_netlink_parms(): no params data found [ 82.766552][ T5419] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.773962][ T5419] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.781357][ T5419] bridge_slave_0: entered allmulticast mode [ 82.788780][ T5419] bridge_slave_0: entered promiscuous mode [ 82.796736][ T5419] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.804602][ T5419] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.814730][ T5419] bridge_slave_1: entered allmulticast mode [ 82.822521][ T5419] bridge_slave_1: entered promiscuous mode [ 82.852241][ T5419] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.863964][ T5419] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.892091][ T5419] team0: Port device team_slave_0 added [ 82.900067][ T5419] team0: Port device team_slave_1 added [ 82.922211][ T5419] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.930093][ T5419] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.957314][ T5419] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.971468][ T5419] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.979179][ T5419] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.006059][ T5419] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.062775][ T5419] hsr_slave_0: entered promiscuous mode [ 83.069840][ T5419] hsr_slave_1: entered promiscuous mode [ 83.723598][ T5419] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 83.736225][ T5419] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 83.764976][ T5419] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 83.777514][ T5419] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 83.879769][ T5419] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.906366][ T5419] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.924564][ T931] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.931926][ T931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.963806][ T931] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.971051][ T931] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.193258][ T5419] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 84.270924][ T5419] veth0_vlan: entered promiscuous mode [ 84.286423][ T5419] veth1_vlan: entered promiscuous mode [ 84.326966][ T5419] veth0_macvtap: entered promiscuous mode [ 84.340054][ T5419] veth1_macvtap: entered promiscuous mode [ 84.364338][ T5419] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.382708][ T5419] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.398388][ T5419] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.407134][ T5419] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.418523][ T5419] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.427265][ T5419] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.516425][ T2430] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.531041][ T2430] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.565008][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.575096][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.631847][ T5088] Bluetooth: hci0: command tx timeout [ 84.645675][ T5495] [ 84.648036][ T5495] ===================================================== [ 84.655087][ T5495] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 84.662719][ T5495] 6.9.0-rc4-syzkaller-00214-g13a2e429f644-dirty #0 Not tainted [ 84.670794][ T5495] ----------------------------------------------------- [ 84.677958][ T5495] syz-executor.0/5495 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 84.685950][ T5495] ffffffff8e00a058 (tasklist_lock){.+.+}-{2:2}, at: send_sigurg+0xee/0x3c0 [ 84.694777][ T5495] [ 84.694777][ T5495] and this task is already holding: [ 84.702326][ T5495] ffff88801c7f4398 (&f->f_owner.lock){....}-{2:2}, at: send_sigurg+0x29/0x3c0 [ 84.711411][ T5495] which would create a new lock dependency: [ 84.717373][ T5495] (&f->f_owner.lock){....}-{2:2} -> (tasklist_lock){.+.+}-{2:2} [ 84.725242][ T5495] [ 84.725242][ T5495] but this new dependency connects a HARDIRQ-irq-safe lock: [ 84.734970][ T5495] (&dev->event_lock#2){-...}-{2:2} [ 84.735010][ T5495] [ 84.735010][ T5495] ... which became HARDIRQ-irq-safe at: [ 84.748006][ T5495] lock_acquire+0x1ed/0x550 [ 84.752827][ T5495] _raw_spin_lock_irqsave+0xd5/0x120 [ 84.758231][ T5495] input_event+0x91/0xd0 [ 84.762591][ T5495] psmouse_report_standard_packet+0x54/0x200 [ 84.768878][ T5495] psmouse_process_byte+0x48c/0x680 [ 84.774187][ T5495] psmouse_handle_byte+0x49/0x4c0 [ 84.779321][ T5495] ps2_interrupt+0x17c/0x8e0 [ 84.784014][ T5495] serio_interrupt+0x90/0x140 [ 84.788873][ T5495] i8042_interrupt+0x375/0x770 [ 84.793753][ T5495] __handle_irq_event_percpu+0x29a/0xa80 [ 84.799768][ T5495] handle_irq_event+0x89/0x1f0 [ 84.804643][ T5495] handle_edge_irq+0x25f/0xc20 [ 84.809782][ T5495] __common_interrupt+0x138/0x230 [ 84.814969][ T5495] common_interrupt+0xa5/0xd0 [ 84.819851][ T5495] asm_common_interrupt+0x26/0x40 [ 84.824985][ T5495] do_raw_spin_unlock+0x118/0x8b0 [ 84.830210][ T5495] _raw_spin_unlock+0x1e/0x50 [ 84.835000][ T5495] usb_device_match+0x41b/0x4a0 [ 84.840218][ T5495] __driver_attach+0x6c/0x710 [ 84.845007][ T5495] bus_for_each_dev+0x239/0x2b0 [ 84.849971][ T5495] bus_add_driver+0x347/0x620 [ 84.855105][ T5495] driver_register+0x23a/0x320 [ 84.859976][ T5495] usb_register_driver+0x1f5/0x3b0 [ 84.865194][ T5495] do_one_initcall+0x248/0x880 [ 84.870074][ T5495] do_initcall_level+0x157/0x210 [ 84.875381][ T5495] do_initcalls+0x3f/0x80 [ 84.879816][ T5495] kernel_init_freeable+0x435/0x5d0 [ 84.885129][ T5495] kernel_init+0x1d/0x2b0 [ 84.889657][ T5495] ret_from_fork+0x4b/0x80 [ 84.894192][ T5495] ret_from_fork_asm+0x1a/0x30 [ 84.899246][ T5495] [ 84.899246][ T5495] to a HARDIRQ-irq-unsafe lock: [ 84.906280][ T5495] (tasklist_lock){.+.+}-{2:2} [ 84.906312][ T5495] [ 84.906312][ T5495] ... which became HARDIRQ-irq-unsafe at: [ 84.919057][ T5495] ... [ 84.919069][ T5495] lock_acquire+0x1ed/0x550 [ 84.926446][ T5495] _raw_read_lock+0x36/0x50 [ 84.931084][ T5495] __do_wait+0x12d/0x850 [ 84.935454][ T5495] do_wait+0x1e9/0x560 [ 84.939718][ T5495] kernel_wait+0xe9/0x240 [ 84.944465][ T5495] call_usermodehelper_exec_work+0xbd/0x230 [ 84.950462][ T5495] process_scheduled_works+0xa10/0x17c0 [ 84.956232][ T5495] worker_thread+0x86d/0xd70 [ 84.960927][ T5495] kthread+0x2f0/0x390 [ 84.965140][ T5495] ret_from_fork+0x4b/0x80 [ 84.969665][ T5495] ret_from_fork_asm+0x1a/0x30 [ 84.974544][ T5495] [ 84.974544][ T5495] other info that might help us debug this: [ 84.974544][ T5495] [ 84.984784][ T5495] Chain exists of: [ 84.984784][ T5495] &dev->event_lock#2 --> &f->f_owner.lock --> tasklist_lock [ 84.984784][ T5495] [ 84.998323][ T5495] Possible interrupt unsafe locking scenario: [ 84.998323][ T5495] [ 85.006656][ T5495] CPU0 CPU1 [ 85.012114][ T5495] ---- ---- [ 85.017843][ T5495] lock(tasklist_lock); [ 85.022109][ T5495] local_irq_disable(); [ 85.029137][ T5495] lock(&dev->event_lock#2); [ 85.036551][ T5495] lock(&f->f_owner.lock); [ 85.043772][ T5495] [ 85.047236][ T5495] lock(&dev->event_lock#2); [ 85.052140][ T5495] [ 85.052140][ T5495] *** DEADLOCK *** [ 85.052140][ T5495] [ 85.060516][ T5495] 2 locks held by syz-executor.0/5495: [ 85.066064][ T5495] #0: ffff88802b50d058 (sk_lock-AF_INET6){+.+.}-{0:0}, at: tcp_sendmsg+0x22/0x50 [ 85.076891][ T5495] #1: ffff88801c7f4398 (&f->f_owner.lock){....}-{2:2}, at: send_sigurg+0x29/0x3c0 [ 85.086445][ T5495] [ 85.086445][ T5495] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 85.096954][ T5495] -> (&dev->event_lock#2){-...}-{2:2} { [ 85.102814][ T5495] IN-HARDIRQ-W at: [ 85.107333][ T5495] lock_acquire+0x1ed/0x550 [ 85.114121][ T5495] _raw_spin_lock_irqsave+0xd5/0x120 [ 85.121711][ T5495] input_event+0x91/0xd0 [ 85.128147][ T5495] psmouse_report_standard_packet+0x54/0x200 [ 85.136327][ T5495] psmouse_process_byte+0x48c/0x680 [ 85.143732][ T5495] psmouse_handle_byte+0x49/0x4c0 [ 85.151028][ T5495] ps2_interrupt+0x17c/0x8e0 [ 85.157817][ T5495] serio_interrupt+0x90/0x140 [ 85.164780][ T5495] i8042_interrupt+0x375/0x770 [ 85.171930][ T5495] __handle_irq_event_percpu+0x29a/0xa80 [ 85.179770][ T5495] handle_irq_event+0x89/0x1f0 [ 85.186742][ T5495] handle_edge_irq+0x25f/0xc20 [ 85.194221][ T5495] __common_interrupt+0x138/0x230 [ 85.202024][ T5495] common_interrupt+0xa5/0xd0 [ 85.208991][ T5495] asm_common_interrupt+0x26/0x40 [ 85.216313][ T5495] do_raw_spin_unlock+0x118/0x8b0 [ 85.223556][ T5495] _raw_spin_unlock+0x1e/0x50 [ 85.230545][ T5495] usb_device_match+0x41b/0x4a0 [ 85.237692][ T5495] __driver_attach+0x6c/0x710 [ 85.244708][ T5495] bus_for_each_dev+0x239/0x2b0 [ 85.251774][ T5495] bus_add_driver+0x347/0x620 [ 85.258919][ T5495] driver_register+0x23a/0x320 [ 85.265896][ T5495] usb_register_driver+0x1f5/0x3b0 [ 85.273217][ T5495] do_one_initcall+0x248/0x880 [ 85.280372][ T5495] do_initcall_level+0x157/0x210 [ 85.287533][ T5495] do_initcalls+0x3f/0x80 [ 85.294428][ T5495] kernel_init_freeable+0x435/0x5d0 [ 85.302198][ T5495] kernel_init+0x1d/0x2b0 [ 85.308825][ T5495] ret_from_fork+0x4b/0x80 [ 85.315464][ T5495] ret_from_fork_asm+0x1a/0x30 [ 85.322449][ T5495] INITIAL USE at: [ 85.326822][ T5495] lock_acquire+0x1ed/0x550 [ 85.333537][ T5495] _raw_spin_lock_irqsave+0xd5/0x120 [ 85.341027][ T5495] input_inject_event+0xc5/0x340 [ 85.348282][ T5495] led_trigger_event+0x11c/0x1e0 [ 85.355365][ T5495] kbd_led_trigger_activate+0xbd/0x100 [ 85.363046][ T5495] led_trigger_set+0x541/0x950 [ 85.370197][ T5495] led_trigger_set_default+0x229/0x260 [ 85.378036][ T5495] led_classdev_register_ext+0x773/0x960 [ 85.385887][ T5495] input_leds_connect+0x497/0x640 [ 85.393125][ T5495] input_register_device+0xcfa/0x1090 [ 85.400877][ T5495] atkbd_connect+0x752/0xa00 [ 85.407684][ T5495] serio_driver_probe+0x7f/0xa0 [ 85.414744][ T5495] really_probe+0x2b8/0xad0 [ 85.421549][ T5495] __driver_probe_device+0x1a2/0x390 [ 85.428951][ T5495] driver_probe_device+0x50/0x430 [ 85.436264][ T5495] __driver_attach+0x45f/0x710 [ 85.443143][ T5495] bus_for_each_dev+0x239/0x2b0 [ 85.450206][ T5495] serio_handle_event+0x1c7/0x920 [ 85.457450][ T5495] process_scheduled_works+0xa10/0x17c0 [ 85.465169][ T5495] worker_thread+0x86d/0xd70 [ 85.471873][ T5495] kthread+0x2f0/0x390 [ 85.478055][ T5495] ret_from_fork+0x4b/0x80 [ 85.484594][ T5495] ret_from_fork_asm+0x1a/0x30 [ 85.491522][ T5495] } [ 85.494468][ T5495] ... key at: [] input_allocate_device.__key.5+0x0/0x20 [ 85.503885][ T5495] -> (&client->buffer_lock){....}-{2:2} { [ 85.509827][ T5495] INITIAL USE at: [ 85.513912][ T5495] lock_acquire+0x1ed/0x550 [ 85.520629][ T5495] _raw_spin_lock+0x2e/0x40 [ 85.527073][ T5495] evdev_pass_values+0xf2/0xad0 [ 85.533896][ T5495] evdev_events+0x1c2/0x300 [ 85.540347][ T5495] input_pass_values+0x84d/0x1200 [ 85.547503][ T5495] input_event_dispose+0x36c/0x650 [ 85.554650][ T5495] input_handle_event+0xa71/0xbe0 [ 85.561974][ T5495] input_inject_event+0x22f/0x340 [ 85.569220][ T5495] evdev_write+0x672/0x7c0 [ 85.575598][ T5495] vfs_write+0x2a4/0xcb0 [ 85.581889][ T5495] ksys_write+0x1a0/0x2c0 [ 85.588383][ T5495] do_syscall_64+0xf5/0x240 [ 85.594839][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.602763][ T5495] } [ 85.605462][ T5495] ... key at: [] evdev_open.__key.24+0x0/0x20 [ 85.613917][ T5495] ... acquired at: [ 85.617914][ T5495] lock_acquire+0x1ed/0x550 [ 85.622624][ T5495] _raw_spin_lock+0x2e/0x40 [ 85.627326][ T5495] evdev_pass_values+0xf2/0xad0 [ 85.632392][ T5495] evdev_events+0x1c2/0x300 [ 85.637107][ T5495] input_pass_values+0x84d/0x1200 [ 85.642357][ T5495] input_event_dispose+0x36c/0x650 [ 85.647670][ T5495] input_handle_event+0xa71/0xbe0 [ 85.653069][ T5495] input_inject_event+0x22f/0x340 [ 85.658297][ T5495] evdev_write+0x672/0x7c0 [ 85.663000][ T5495] vfs_write+0x2a4/0xcb0 [ 85.667708][ T5495] ksys_write+0x1a0/0x2c0 [ 85.672240][ T5495] do_syscall_64+0xf5/0x240 [ 85.677034][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.683139][ T5495] [ 85.685478][ T5495] -> (&new->fa_lock){....}-{2:2} { [ 85.690780][ T5495] INITIAL READ USE at: [ 85.695254][ T5495] lock_acquire+0x1ed/0x550 [ 85.702053][ T5495] _raw_read_lock_irqsave+0xdd/0x130 [ 85.709572][ T5495] kill_fasync+0x19e/0x4d0 [ 85.716456][ T5495] evdev_pass_values+0x58a/0xad0 [ 85.723598][ T5495] evdev_events+0x1c2/0x300 [ 85.730307][ T5495] input_pass_values+0x84d/0x1200 [ 85.737531][ T5495] input_event_dispose+0x36c/0x650 [ 85.745027][ T5495] input_handle_event+0xa71/0xbe0 [ 85.752521][ T5495] input_inject_event+0x22f/0x340 [ 85.759939][ T5495] evdev_write+0x672/0x7c0 [ 85.766860][ T5495] vfs_write+0x2a4/0xcb0 [ 85.773407][ T5495] ksys_write+0x1a0/0x2c0 [ 85.780052][ T5495] do_syscall_64+0xf5/0x240 [ 85.786774][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.794961][ T5495] } [ 85.797570][ T5495] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 85.806460][ T5495] ... acquired at: [ 85.810460][ T5495] lock_acquire+0x1ed/0x550 [ 85.815366][ T5495] _raw_read_lock_irqsave+0xdd/0x130 [ 85.820947][ T5495] kill_fasync+0x19e/0x4d0 [ 85.825656][ T5495] evdev_pass_values+0x58a/0xad0 [ 85.830798][ T5495] evdev_events+0x1c2/0x300 [ 85.835600][ T5495] input_pass_values+0x84d/0x1200 [ 85.840831][ T5495] input_event_dispose+0x36c/0x650 [ 85.846157][ T5495] input_handle_event+0xa71/0xbe0 [ 85.851570][ T5495] input_inject_event+0x22f/0x340 [ 85.857060][ T5495] evdev_write+0x672/0x7c0 [ 85.861684][ T5495] vfs_write+0x2a4/0xcb0 [ 85.866560][ T5495] ksys_write+0x1a0/0x2c0 [ 85.871174][ T5495] do_syscall_64+0xf5/0x240 [ 85.875955][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.882044][ T5495] [ 85.884385][ T5495] -> (&f->f_owner.lock){....}-{2:2} { [ 85.889881][ T5495] INITIAL USE at: [ 85.893793][ T5495] lock_acquire+0x1ed/0x550 [ 85.899978][ T5495] _raw_write_lock_irq+0xd3/0x120 [ 85.906843][ T5495] f_modown+0x38/0x340 [ 85.912611][ T5495] f_setown+0x14f/0x200 [ 85.918457][ T5495] do_fcntl+0x8b1/0x16f0 [ 85.924570][ T5495] __se_sys_fcntl+0xd2/0x1b0 [ 85.930767][ T5495] do_syscall_64+0xf5/0x240 [ 85.936875][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.944363][ T5495] INITIAL READ USE at: [ 85.948809][ T5495] lock_acquire+0x1ed/0x550 [ 85.955436][ T5495] _raw_read_lock_irqsave+0xdd/0x130 [ 85.962760][ T5495] send_sigio+0x33/0x360 [ 85.969046][ T5495] kill_fasync+0x23a/0x4d0 [ 85.975543][ T5495] evdev_pass_values+0x58a/0xad0 [ 85.982511][ T5495] evdev_events+0x1c2/0x300 [ 85.989135][ T5495] input_pass_values+0x84d/0x1200 [ 85.996278][ T5495] input_event_dispose+0x36c/0x650 [ 86.003513][ T5495] input_handle_event+0xa71/0xbe0 [ 86.011358][ T5495] input_inject_event+0x22f/0x340 [ 86.018417][ T5495] evdev_write+0x672/0x7c0 [ 86.024866][ T5495] vfs_write+0x2a4/0xcb0 [ 86.031235][ T5495] ksys_write+0x1a0/0x2c0 [ 86.037689][ T5495] do_syscall_64+0xf5/0x240 [ 86.044228][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.052509][ T5495] } [ 86.055023][ T5495] ... key at: [] init_file.__key+0x0/0x20 [ 86.063153][ T5495] ... acquired at: [ 86.067338][ T5495] lock_acquire+0x1ed/0x550 [ 86.072043][ T5495] _raw_read_lock_irqsave+0xdd/0x130 [ 86.077605][ T5495] send_sigio+0x33/0x360 [ 86.082055][ T5495] kill_fasync+0x23a/0x4d0 [ 86.086683][ T5495] evdev_pass_values+0x58a/0xad0 [ 86.091920][ T5495] evdev_events+0x1c2/0x300 [ 86.096646][ T5495] input_pass_values+0x84d/0x1200 [ 86.101879][ T5495] input_event_dispose+0x36c/0x650 [ 86.107194][ T5495] input_handle_event+0xa71/0xbe0 [ 86.112502][ T5495] input_inject_event+0x22f/0x340 [ 86.117824][ T5495] evdev_write+0x672/0x7c0 [ 86.122529][ T5495] vfs_write+0x2a4/0xcb0 [ 86.127120][ T5495] ksys_write+0x1a0/0x2c0 [ 86.131655][ T5495] do_syscall_64+0xf5/0x240 [ 86.136371][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.142553][ T5495] [ 86.144882][ T5495] [ 86.144882][ T5495] the dependencies between the lock to be acquired [ 86.144895][ T5495] and HARDIRQ-irq-unsafe lock: [ 86.158660][ T5495] -> (tasklist_lock){.+.+}-{2:2} { [ 86.163958][ T5495] HARDIRQ-ON-R at: [ 86.167974][ T5495] lock_acquire+0x1ed/0x550 [ 86.174329][ T5495] _raw_read_lock+0x36/0x50 [ 86.180514][ T5495] __do_wait+0x12d/0x850 [ 86.186443][ T5495] do_wait+0x1e9/0x560 [ 86.192289][ T5495] kernel_wait+0xe9/0x240 [ 86.198653][ T5495] call_usermodehelper_exec_work+0xbd/0x230 [ 86.206237][ T5495] process_scheduled_works+0xa10/0x17c0 [ 86.214278][ T5495] worker_thread+0x86d/0xd70 [ 86.221038][ T5495] kthread+0x2f0/0x390 [ 86.226973][ T5495] ret_from_fork+0x4b/0x80 [ 86.233167][ T5495] ret_from_fork_asm+0x1a/0x30 [ 86.239703][ T5495] SOFTIRQ-ON-R at: [ 86.243804][ T5495] lock_acquire+0x1ed/0x550 [ 86.250167][ T5495] _raw_read_lock+0x36/0x50 [ 86.256440][ T5495] __do_wait+0x12d/0x850 [ 86.262547][ T5495] do_wait+0x1e9/0x560 [ 86.268295][ T5495] kernel_wait+0xe9/0x240 [ 86.274471][ T5495] call_usermodehelper_exec_work+0xbd/0x230 [ 86.282034][ T5495] process_scheduled_works+0xa10/0x17c0 [ 86.289345][ T5495] worker_thread+0x86d/0xd70 [ 86.295641][ T5495] kthread+0x2f0/0x390 [ 86.301474][ T5495] ret_from_fork+0x4b/0x80 [ 86.307765][ T5495] ret_from_fork_asm+0x1a/0x30 [ 86.314393][ T5495] INITIAL USE at: [ 86.318320][ T5495] lock_acquire+0x1ed/0x550 [ 86.324501][ T5495] _raw_write_lock_irq+0xd3/0x120 [ 86.331200][ T5495] copy_process+0x228b/0x3df0 [ 86.337463][ T5495] kernel_clone+0x226/0x8f0 [ 86.343589][ T5495] user_mode_thread+0x132/0x1a0 [ 86.350256][ T5495] rest_init+0x23/0x300 [ 86.356008][ T5495] start_kernel+0x47a/0x500 [ 86.362117][ T5495] x86_64_start_reservations+0x2a/0x30 [ 86.369171][ T5495] x86_64_start_kernel+0x99/0xa0 [ 86.375697][ T5495] common_startup_64+0x13e/0x147 [ 86.382311][ T5495] INITIAL READ USE at: [ 86.386686][ T5495] lock_acquire+0x1ed/0x550 [ 86.393210][ T5495] _raw_read_lock+0x36/0x50 [ 86.399824][ T5495] __do_wait+0x12d/0x850 [ 86.406090][ T5495] do_wait+0x1e9/0x560 [ 86.412183][ T5495] kernel_wait+0xe9/0x240 [ 86.418541][ T5495] call_usermodehelper_exec_work+0xbd/0x230 [ 86.426511][ T5495] process_scheduled_works+0xa10/0x17c0 [ 86.434168][ T5495] worker_thread+0x86d/0xd70 [ 86.440783][ T5495] kthread+0x2f0/0x390 [ 86.447051][ T5495] ret_from_fork+0x4b/0x80 [ 86.453666][ T5495] ret_from_fork_asm+0x1a/0x30 [ 86.460458][ T5495] } [ 86.463056][ T5495] ... key at: [] tasklist_lock+0x18/0x40 [ 86.470795][ T5495] ... acquired at: [ 86.474697][ T5495] lock_acquire+0x1ed/0x550 [ 86.480000][ T5495] _raw_read_lock_irq+0xda/0x120 [ 86.485225][ T5495] send_sigurg+0xee/0x3c0 [ 86.489757][ T5495] sk_send_sigurg+0x6e/0xc0 [ 86.494469][ T5495] tcp_check_urg+0x207/0x740 [ 86.499356][ T5495] tcp_urg+0x15c/0x450 [ 86.503614][ T5495] tcp_rcv_established+0xfac/0x2020 [ 86.509454][ T5495] tcp_v6_do_rcv+0xa09/0x1300 [ 86.514413][ T5495] __release_sock+0x1c8/0x350 [ 86.519298][ T5495] release_sock+0x61/0x1f0 [ 86.523934][ T5495] tcp_sendmsg+0x3a/0x50 [ 86.528459][ T5495] __sock_sendmsg+0xef/0x270 [ 86.533254][ T5495] __sys_sendto+0x3a4/0x4f0 [ 86.537956][ T5495] __x64_sys_sendto+0xde/0x100 [ 86.542915][ T5495] do_syscall_64+0xf5/0x240 [ 86.547704][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.553785][ T5495] [ 86.556120][ T5495] [ 86.556120][ T5495] stack backtrace: [ 86.562126][ T5495] CPU: 1 PID: 5495 Comm: syz-executor.0 Not tainted 6.9.0-rc4-syzkaller-00214-g13a2e429f644-dirty #0 [ 86.573010][ T5495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 86.583097][ T5495] Call Trace: [ 86.586395][ T5495] [ 86.589348][ T5495] dump_stack_lvl+0x241/0x360 [ 86.594140][ T5495] ? __pfx_dump_stack_lvl+0x10/0x10 [ 86.599376][ T5495] ? __pfx__printk+0x10/0x10 [ 86.604010][ T5495] ? print_shortest_lock_dependencies+0xf2/0x160 [ 86.610452][ T5495] validate_chain+0x4dc7/0x58e0 [ 86.615348][ T5495] ? __pfx_validate_chain+0x10/0x10 [ 86.620574][ T5495] ? validate_chain+0x11b/0x58e0 [ 86.625541][ T5495] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 86.631919][ T5495] ? __pfx_debug_object_assert_init+0x10/0x10 [ 86.638009][ T5495] ? mark_lock+0x9a/0x350 [ 86.642537][ T5495] __lock_acquire+0x1346/0x1fd0 [ 86.647415][ T5495] lock_acquire+0x1ed/0x550 [ 86.651937][ T5495] ? send_sigurg+0xee/0x3c0 [ 86.656644][ T5495] ? __pfx_lock_acquire+0x10/0x10 [ 86.661700][ T5495] _raw_read_lock_irq+0xda/0x120 [ 86.666683][ T5495] ? send_sigurg+0xee/0x3c0 [ 86.671224][ T5495] ? __pfx__raw_read_lock_irq+0x10/0x10 [ 86.676795][ T5495] send_sigurg+0xee/0x3c0 [ 86.681152][ T5495] sk_send_sigurg+0x6e/0xc0 [ 86.685689][ T5495] tcp_check_urg+0x207/0x740 [ 86.690308][ T5495] tcp_urg+0x15c/0x450 [ 86.694419][ T5495] ? __pfx_tcp_urg+0x10/0x10 [ 86.699036][ T5495] ? ktime_get+0x24c/0x280 [ 86.703578][ T5495] ? inet6_sk_rx_dst_set+0x1a8/0x250 [ 86.708892][ T5495] tcp_rcv_established+0xfac/0x2020 [ 86.714121][ T5495] ? __pfx_tcp_rcv_established+0x10/0x10 [ 86.719900][ T5495] tcp_v6_do_rcv+0xa09/0x1300 [ 86.724708][ T5495] ? do_raw_spin_unlock+0x13c/0x8b0 [ 86.730032][ T5495] ? __pfx_tcp_v6_do_rcv+0x10/0x10 [ 86.735342][ T5495] __release_sock+0x1c8/0x350 [ 86.740045][ T5495] release_sock+0x61/0x1f0 [ 86.744573][ T5495] tcp_sendmsg+0x3a/0x50 [ 86.748853][ T5495] __sock_sendmsg+0xef/0x270 [ 86.753655][ T5495] __sys_sendto+0x3a4/0x4f0 [ 86.758200][ T5495] ? __pfx___sys_sendto+0x10/0x10 [ 86.763422][ T5495] ? do_futex+0x392/0x560 [ 86.767862][ T5495] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 86.774127][ T5495] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 86.780746][ T5495] __x64_sys_sendto+0xde/0x100 [ 86.786247][ T5495] do_syscall_64+0xf5/0x240 [ 86.790779][ T5495] ? clear_bhb_loop+0x35/0x90 [ 86.795585][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.801590][ T5495] RIP: 0033:0x7f93be67de69 [ 86.806123][ T5495] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 86.825918][ T5495] RSP: 002b:00007f93bf3490c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 86.834453][ T5495] RAX: ffffffffffffffda RBX: 00007f93be7abf80 RCX: 00007f93be67de69 [ 86.842443][ T5495] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000005 [ 86.850431][ T5495] RBP: 00007f93be6ca47a R08: 0000000000000000 R09: 0000000000000000 [ 86.858683][ T5495] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 86.866680][ T5495] R13: 000000000000000b R14: 00007f93be7abf80 R15: 00007ffd71560168 [ 86.874767][ T5495] [ 86.879841][ T5495] ------------[ cut here ]------------ [ 86.885565][ T5495] raw_local_irq_restore() called with IRQs enabled [ 86.892772][ T5495] WARNING: CPU: 1 PID: 5495 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x29/0x40 [ 86.903738][ T5495] Modules linked in: [ 86.908210][ T5495] CPU: 1 PID: 5495 Comm: syz-executor.0 Not tainted 6.9.0-rc4-syzkaller-00214-g13a2e429f644-dirty #0 [ 86.918390][ T5088] Bluetooth: hci0: command tx timeout [ 86.919489][ T5495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 86.934967][ T5495] RIP: 0010:warn_bogus_irq_restore+0x29/0x40 [ 86.941255][ T5495] Code: 90 f3 0f 1e fa 90 80 3d 6f 98 0f 04 00 74 06 90 c3 cc cc cc cc c6 05 60 98 0f 04 01 90 48 c7 c7 a0 b0 ca 8b e8 c8 be d3 f5 90 <0f> 0b 90 90 90 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f [ 86.961516][ T5495] RSP: 0018:ffffc90004a37798 EFLAGS: 00010246 [ 86.968551][ T5495] RAX: 7bd43406166ed700 RBX: 1ffff92000946ef8 RCX: ffff88802ab70000 [ 86.976544][ T5495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 86.984574][ T5495] RBP: ffffc90004a37828 R08: ffffffff81588072 R09: fffffbfff1c39b48 [ 86.992781][ T5495] R10: dffffc0000000000 R11: fffffbfff1c39b48 R12: dffffc0000000000 [ 87.001005][ T5495] R13: 1ffff92000946ef4 R14: ffffc90004a377c0 R15: 0000000000000246 [ 87.009312][ T5495] FS: 00007f93bf3496c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 87.018440][ T5495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 87.025875][ T5495] CR2: 0000000020b63fe4 CR3: 000000002a1e0000 CR4: 00000000003506f0 [ 87.033960][ T5495] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 87.042288][ T5495] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 87.050722][ T5495] Call Trace: [ 87.054286][ T5495] [ 87.057330][ T5495] ? __warn+0x163/0x4e0 [ 87.061697][ T5495] ? warn_bogus_irq_restore+0x29/0x40 [ 87.067358][ T5495] ? report_bug+0x2b3/0x500 [ 87.072187][ T5495] ? warn_bogus_irq_restore+0x29/0x40 [ 87.077683][ T5495] ? handle_bug+0x3e/0x70 [ 87.082206][ T5495] ? exc_invalid_op+0x1a/0x50 [ 87.086917][ T5495] ? asm_exc_invalid_op+0x1a/0x20 [ 87.092035][ T5495] ? __warn_printk+0x292/0x360 [ 87.105478][ T5495] ? warn_bogus_irq_restore+0x29/0x40 [ 87.111146][ T5495] ? warn_bogus_irq_restore+0x28/0x40 [ 87.117806][ T5495] _raw_read_unlock_irqrestore+0x120/0x140 [ 87.123744][ T5495] ? __pfx__raw_read_unlock_irqrestore+0x10/0x10 [ 87.130272][ T5495] ? trace_irq_enable+0x2c/0x120 [ 87.135519][ T5495] ? _raw_read_unlock_irq+0x29/0x50 [ 87.141046][ T5495] send_sigurg+0x36a/0x3c0 [ 87.145769][ T5495] sk_send_sigurg+0x6e/0xc0 [ 87.150740][ T5495] tcp_check_urg+0x207/0x740 [ 87.155381][ T5495] tcp_urg+0x15c/0x450 [ 87.159518][ T5495] ? __pfx_tcp_urg+0x10/0x10 [ 87.165114][ T5495] ? ktime_get+0x24c/0x280 [ 87.169705][ T5495] ? inet6_sk_rx_dst_set+0x1a8/0x250 [ 87.175795][ T5495] tcp_rcv_established+0xfac/0x2020 [ 87.181186][ T5495] ? __pfx_tcp_rcv_established+0x10/0x10 [ 87.187124][ T5495] tcp_v6_do_rcv+0xa09/0x1300 [ 87.191894][ T5495] ? do_raw_spin_unlock+0x13c/0x8b0 [ 87.197657][ T5495] ? __pfx_tcp_v6_do_rcv+0x10/0x10 [ 87.203476][ T5495] __release_sock+0x1c8/0x350 [ 87.208412][ T5495] release_sock+0x61/0x1f0 [ 87.212877][ T5495] tcp_sendmsg+0x3a/0x50 [ 87.217173][ T5495] __sock_sendmsg+0xef/0x270 [ 87.221881][ T5495] __sys_sendto+0x3a4/0x4f0 [ 87.226618][ T5495] ? __pfx___sys_sendto+0x10/0x10 [ 87.231710][ T5495] ? do_futex+0x392/0x560 [ 87.236076][ T5495] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 87.242325][ T5495] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 87.249131][ T5495] __x64_sys_sendto+0xde/0x100 [ 87.254205][ T5495] do_syscall_64+0xf5/0x240 [ 87.259065][ T5495] ? clear_bhb_loop+0x35/0x90 [ 87.263949][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.270147][ T5495] RIP: 0033:0x7f93be67de69 [ 87.274603][ T5495] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 87.294671][ T5495] RSP: 002b:00007f93bf3490c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 87.303630][ T5495] RAX: ffffffffffffffda RBX: 00007f93be7abf80 RCX: 00007f93be67de69 [ 87.312056][ T5495] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000005 [ 87.321261][ T5495] RBP: 00007f93be6ca47a R08: 0000000000000000 R09: 0000000000000000 [ 87.329596][ T5495] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 87.337864][ T5495] R13: 000000000000000b R14: 00007f93be7abf80 R15: 00007ffd71560168 [ 87.346080][ T5495] [ 87.350677][ T5495] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 87.358071][ T5495] CPU: 1 PID: 5495 Comm: syz-executor.0 Not tainted 6.9.0-rc4-syzkaller-00214-g13a2e429f644-dirty #0 [ 87.369906][ T5495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 87.380856][ T5495] Call Trace: [ 87.384168][ T5495] [ 87.387132][ T5495] dump_stack_lvl+0x241/0x360 [ 87.391856][ T5495] ? __pfx_dump_stack_lvl+0x10/0x10 [ 87.397375][ T5495] ? __pfx__printk+0x10/0x10 [ 87.401998][ T5495] ? _printk+0xd5/0x120 [ 87.406187][ T5495] ? vscnprintf+0x5d/0x90 [ 87.410574][ T5495] panic+0x349/0x860 [ 87.414497][ T5495] ? __warn+0x172/0x4e0 [ 87.418691][ T5495] ? __pfx_panic+0x10/0x10 [ 87.423145][ T5495] ? show_trace_log_lvl+0x4e6/0x520 [ 87.428508][ T5495] __warn+0x346/0x4e0 [ 87.432529][ T5495] ? warn_bogus_irq_restore+0x29/0x40 [ 87.438030][ T5495] report_bug+0x2b3/0x500 [ 87.442566][ T5495] ? warn_bogus_irq_restore+0x29/0x40 [ 87.447971][ T5495] handle_bug+0x3e/0x70 [ 87.452155][ T5495] exc_invalid_op+0x1a/0x50 [ 87.456692][ T5495] asm_exc_invalid_op+0x1a/0x20 [ 87.461599][ T5495] RIP: 0010:warn_bogus_irq_restore+0x29/0x40 [ 87.467796][ T5495] Code: 90 f3 0f 1e fa 90 80 3d 6f 98 0f 04 00 74 06 90 c3 cc cc cc cc c6 05 60 98 0f 04 01 90 48 c7 c7 a0 b0 ca 8b e8 c8 be d3 f5 90 <0f> 0b 90 90 90 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f [ 87.487436][ T5495] RSP: 0018:ffffc90004a37798 EFLAGS: 00010246 [ 87.493547][ T5495] RAX: 7bd43406166ed700 RBX: 1ffff92000946ef8 RCX: ffff88802ab70000 [ 87.501550][ T5495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 87.509561][ T5495] RBP: ffffc90004a37828 R08: ffffffff81588072 R09: fffffbfff1c39b48 [ 87.517573][ T5495] R10: dffffc0000000000 R11: fffffbfff1c39b48 R12: dffffc0000000000 [ 87.525854][ T5495] R13: 1ffff92000946ef4 R14: ffffc90004a377c0 R15: 0000000000000246 [ 87.533947][ T5495] ? __warn_printk+0x292/0x360 [ 87.538764][ T5495] ? warn_bogus_irq_restore+0x28/0x40 [ 87.544165][ T5495] _raw_read_unlock_irqrestore+0x120/0x140 [ 87.550016][ T5495] ? __pfx__raw_read_unlock_irqrestore+0x10/0x10 [ 87.556387][ T5495] ? trace_irq_enable+0x2c/0x120 [ 87.561533][ T5495] ? _raw_read_unlock_irq+0x29/0x50 [ 87.566764][ T5495] send_sigurg+0x36a/0x3c0 [ 87.571214][ T5495] sk_send_sigurg+0x6e/0xc0 [ 87.575919][ T5495] tcp_check_urg+0x207/0x740 [ 87.580583][ T5495] tcp_urg+0x15c/0x450 [ 87.584862][ T5495] ? __pfx_tcp_urg+0x10/0x10 [ 87.589488][ T5495] ? ktime_get+0x24c/0x280 [ 87.593942][ T5495] ? inet6_sk_rx_dst_set+0x1a8/0x250 [ 87.599261][ T5495] tcp_rcv_established+0xfac/0x2020 [ 87.604501][ T5495] ? __pfx_tcp_rcv_established+0x10/0x10 [ 87.610181][ T5495] tcp_v6_do_rcv+0xa09/0x1300 [ 87.614904][ T5495] ? do_raw_spin_unlock+0x13c/0x8b0 [ 87.620149][ T5495] ? __pfx_tcp_v6_do_rcv+0x10/0x10 [ 87.625446][ T5495] __release_sock+0x1c8/0x350 [ 87.630623][ T5495] release_sock+0x61/0x1f0 [ 87.635081][ T5495] tcp_sendmsg+0x3a/0x50 [ 87.639443][ T5495] __sock_sendmsg+0xef/0x270 [ 87.644155][ T5495] __sys_sendto+0x3a4/0x4f0 [ 87.648706][ T5495] ? __pfx___sys_sendto+0x10/0x10 [ 87.653811][ T5495] ? do_futex+0x392/0x560 [ 87.658210][ T5495] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 87.664410][ T5495] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 87.670782][ T5495] __x64_sys_sendto+0xde/0x100 [ 87.675592][ T5495] do_syscall_64+0xf5/0x240 [ 87.680141][ T5495] ? clear_bhb_loop+0x35/0x90 [ 87.684957][ T5495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.691074][ T5495] RIP: 0033:0x7f93be67de69 [ 87.695523][ T5495] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 87.715258][ T5495] RSP: 002b:00007f93bf3490c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 87.723805][ T5495] RAX: ffffffffffffffda RBX: 00007f93be7abf80 RCX: 00007f93be67de69 [ 87.731782][ T5495] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000005 [ 87.739875][ T5495] RBP: 00007f93be6ca47a R08: 0000000000000000 R09: 0000000000000000 [ 87.747841][ T5495] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 87.755928][ T5495] R13: 000000000000000b R14: 00007f93be7abf80 R15: 00007ffd71560168 [ 87.763928][ T5495] [ 87.767282][ T5495] Kernel Offset: disabled [ 87.771820][ T5495] Rebooting in 86400 seconds..