Warning: Permanently added '10.128.10.33' (ED25519) to the list of known hosts. 2025/06/08 22:04:14 ignoring optional flag "sandboxArg"="0" 2025/06/08 22:04:15 parsed 1 programs [ 107.688693][ T4612] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 109.339501][ T4623] chnl_net:caif_netlink_parms(): no params data found [ 109.387646][ T4623] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.395117][ T4623] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.403267][ T4623] device bridge_slave_0 entered promiscuous mode [ 109.415111][ T4623] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.422324][ T4623] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.430061][ T4623] device bridge_slave_1 entered promiscuous mode [ 109.451582][ T4623] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.463204][ T4623] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.491202][ T4623] team0: Port device team_slave_0 added [ 109.498884][ T4623] team0: Port device team_slave_1 added [ 109.519488][ T4623] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.526564][ T4623] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.552623][ T4623] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.564529][ T4623] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.571491][ T4623] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.597833][ T4623] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.631389][ T4623] device hsr_slave_0 entered promiscuous mode [ 109.638572][ T4623] device hsr_slave_1 entered promiscuous mode [ 110.266247][ T4623] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 110.283359][ T4623] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 110.303778][ T4623] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 110.323274][ T4623] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 110.364781][ T4623] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.371908][ T4623] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.379428][ T4623] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.386567][ T4623] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.405658][ T381] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.423133][ T381] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.486916][ T4623] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.503035][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 110.512939][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 110.536955][ T4623] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.550893][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 110.565317][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 110.577602][ T381] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.584931][ T381] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.607438][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 110.623783][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 110.653823][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.660938][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.683987][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 110.703121][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 110.722341][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 110.734099][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 110.752930][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 110.772954][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 110.794112][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 110.816999][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 110.832961][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 110.856125][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 110.873045][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 110.897617][ T4623] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 111.134900][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 111.152468][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 111.165502][ T4623] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.210783][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 111.224450][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 111.263718][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 111.281712][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 111.294054][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 111.301972][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 111.315019][ T4623] device veth0_vlan entered promiscuous mode [ 111.340129][ T4623] device veth1_vlan entered promiscuous mode [ 111.387558][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 111.398071][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 111.407733][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 111.417272][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 111.441809][ T4623] device veth0_macvtap entered promiscuous mode [ 111.469232][ T4623] device veth1_macvtap entered promiscuous mode [ 111.509971][ T4623] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.523490][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 111.543950][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 111.567575][ T4623] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.579298][ T4623] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.596119][ T4623] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.605160][ T4623] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.614171][ T4623] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.625974][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 111.636231][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 111.961781][ T4311] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.850136][ T4311] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.199534][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.213753][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.238617][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 114.256450][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.265528][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.278729][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready 2025/06/08 22:04:27 executed programs: 0 [ 115.502147][ T4883] chnl_net:caif_netlink_parms(): no params data found [ 115.578110][ T4883] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.595756][ T4883] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.605591][ T4883] device bridge_slave_0 entered promiscuous mode [ 115.616530][ T4883] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.625568][ T4883] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.635590][ T4883] device bridge_slave_1 entered promiscuous mode [ 115.670842][ T4883] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 115.685413][ T4883] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 115.720492][ T4883] team0: Port device team_slave_0 added [ 115.731045][ T4883] team0: Port device team_slave_1 added [ 115.766174][ T4311] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.780200][ T4883] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 115.787377][ T4883] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 115.815147][ T4883] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 115.829618][ T4883] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 115.837263][ T4883] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 115.863640][ T4883] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 115.888536][ T4311] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.931412][ T4883] device hsr_slave_0 entered promiscuous mode [ 115.941048][ T4883] device hsr_slave_1 entered promiscuous mode [ 115.948206][ T4883] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 115.959145][ T4883] Cannot create hsr debugfs directory [ 116.755970][ T4311] device hsr_slave_0 left promiscuous mode [ 116.765789][ T4311] device hsr_slave_1 left promiscuous mode [ 116.773838][ T4311] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.781714][ T4311] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 116.790224][ T4311] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.797964][ T4311] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 116.805742][ T4311] device bridge_slave_1 left promiscuous mode [ 116.811918][ T4311] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.820795][ T4311] device bridge_slave_0 left promiscuous mode [ 116.827821][ T4311] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.840049][ T4311] device veth1_macvtap left promiscuous mode [ 116.846953][ T4311] device veth0_macvtap left promiscuous mode [ 116.853465][ T4311] device veth1_vlan left promiscuous mode [ 116.859266][ T4311] device veth0_vlan left promiscuous mode [ 117.007884][ T4311] team0 (unregistering): Port device team_slave_1 removed [ 117.020492][ T4311] team0 (unregistering): Port device team_slave_0 removed [ 117.036253][ T4311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 117.050643][ T4311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 117.108394][ T4311] bond0 (unregistering): Released all slaves [ 117.158201][ T4883] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 117.168117][ T4883] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 117.178415][ T4883] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 117.188778][ T4883] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 117.328705][ T4883] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.372048][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 117.381849][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 117.395878][ T4883] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.417864][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 117.428965][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 117.432534][ T1108] Bluetooth: hci0: command 0x0409 tx timeout [ 117.439034][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.450110][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.462721][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 117.493858][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 117.513636][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 117.524429][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.531531][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.542995][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 117.584299][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 117.594202][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 117.610036][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 117.619324][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 117.631005][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 117.643627][ T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 117.674624][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 117.694299][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 117.718313][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 117.734281][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 117.756955][ T4883] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 117.978560][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 117.986803][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 118.001581][ T4883] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.045088][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 118.063428][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 118.104998][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 118.122859][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 118.143327][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 118.152925][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 118.173696][ T4883] device veth0_vlan entered promiscuous mode [ 118.198092][ T4883] device veth1_vlan entered promiscuous mode [ 118.247947][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 118.257048][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 118.283415][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 118.292677][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 118.316002][ T4883] device veth0_macvtap entered promiscuous mode [ 118.327489][ T4883] device veth1_macvtap entered promiscuous mode [ 118.337144][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 118.346119][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 118.384117][ T4883] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.391659][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 118.405386][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 118.419111][ T4883] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.428801][ T4222] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 118.438256][ T4222] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 118.451743][ T4883] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.461407][ T4883] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.472137][ T4883] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.481274][ T4883] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.571095][ T4222] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.593187][ T4222] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.602390][ T381] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 118.642008][ T381] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.652693][ T381] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.679347][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 118.850307][ T5012] [ 118.852689][ T5012] ===================================================== [ 118.859635][ T5012] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 118.867123][ T5012] 5.15.185-syzkaller #0 Not tainted [ 118.872339][ T5012] ----------------------------------------------------- [ 118.879383][ T5012] syz.0.16/5012 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 118.886864][ T5012] ffff8880793d88b8 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x2f/0x330 [ 118.895711][ T5012] [ 118.895711][ T5012] and this task is already holding: [ 118.903096][ T5012] ffff88805dbc8018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x16d/0x490 [ 118.911843][ T5012] which would create a new lock dependency: [ 118.918120][ T5012] (&new->fa_lock){....}-{2:2} -> (&f->f_owner.lock){....}-{2:2} [ 118.925998][ T5012] [ 118.925998][ T5012] but this new dependency connects a HARDIRQ-irq-safe lock: [ 118.935465][ T5012] (&dev->event_lock#2){-.-.}-{2:2} [ 118.935504][ T5012] [ 118.935504][ T5012] ... which became HARDIRQ-irq-safe at: [ 118.948424][ T5012] lock_acquire+0x197/0x3f0 [ 118.953043][ T5012] _raw_spin_lock_irqsave+0xa4/0xf0 [ 118.958436][ T5012] input_event+0x76/0xb0 [ 118.962795][ T5012] psmouse_report_standard_packet+0x4f/0x200 [ 118.968888][ T5012] psmouse_process_byte+0x42b/0x620 [ 118.974202][ T5012] psmouse_handle_byte+0x43/0x490 [ 118.979451][ T5012] psmouse_interrupt+0x699/0x1130 [ 118.984593][ T5012] serio_interrupt+0x87/0x130 [ 118.989389][ T5012] i8042_interrupt+0x369/0x710 [ 118.994270][ T5012] __handle_irq_event_percpu+0x291/0x9b0 [ 119.000020][ T5012] handle_irq_event+0xa5/0x220 [ 119.004905][ T5012] handle_edge_irq+0x243/0xb20 [ 119.009793][ T5012] __common_interrupt+0xd7/0x1e0 [ 119.014848][ T5012] common_interrupt+0x59/0xd0 [ 119.019637][ T5012] asm_common_interrupt+0x22/0x40 [ 119.024771][ T5012] handle_softirqs+0x1a9/0x820 [ 119.029657][ T5012] __irq_exit_rcu+0x12f/0x220 [ 119.034450][ T5012] irq_exit_rcu+0x5/0x20 [ 119.038815][ T5012] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 119.044569][ T5012] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 119.050674][ T5012] _raw_spin_unlock_irqrestore+0xa5/0x100 [ 119.056511][ T5012] i8042_aux_write+0x105/0x170 [ 119.061390][ T5012] ps2_do_sendbyte+0x1fb/0x6c0 [ 119.066439][ T5012] ps2_sendbyte+0x5b/0x110 [ 119.071226][ T5012] cypress_send_ext_cmd+0x239/0x910 [ 119.076541][ T5012] cypress_detect+0x89/0x190 [ 119.081251][ T5012] psmouse_extensions+0xcf3/0x1430 [ 119.086473][ T5012] psmouse_switch_protocol+0x2e7/0x870 [ 119.092043][ T5012] psmouse_connect+0x923/0x1430 [ 119.097015][ T5012] serio_driver_probe+0x76/0x90 [ 119.101987][ T5012] really_probe+0x284/0xc80 [ 119.106697][ T5012] __driver_probe_device+0x18c/0x330 [ 119.112097][ T5012] driver_probe_device+0x4f/0x420 [ 119.117238][ T5012] __driver_attach+0x46b/0x670 [ 119.122117][ T5012] bus_for_each_dev+0x175/0x1e0 [ 119.127165][ T5012] serio_handle_event+0x29c/0x840 [ 119.132306][ T5012] process_one_work+0x863/0x1000 [ 119.137451][ T5012] worker_thread+0xaa8/0x12a0 [ 119.142243][ T5012] kthread+0x436/0x520 [ 119.146505][ T5012] ret_from_fork+0x1f/0x30 [ 119.151041][ T5012] [ 119.151041][ T5012] to a HARDIRQ-irq-unsafe lock: [ 119.158090][ T5012] (tasklist_lock){.+.+}-{2:2} [ 119.158121][ T5012] [ 119.158121][ T5012] ... which became HARDIRQ-irq-unsafe at: [ 119.170865][ T5012] ... [ 119.170876][ T5012] lock_acquire+0x197/0x3f0 [ 119.178081][ T5012] _raw_read_lock+0x32/0x40 [ 119.182698][ T5012] do_wait+0x293/0xac0 [ 119.186886][ T5012] kernel_wait+0xa8/0x160 [ 119.191332][ T5012] call_usermodehelper_exec_work+0xb5/0x220 [ 119.197347][ T5012] process_one_work+0x863/0x1000 [ 119.202485][ T5012] worker_thread+0xaa8/0x12a0 [ 119.207275][ T5012] kthread+0x436/0x520 [ 119.211457][ T5012] ret_from_fork+0x1f/0x30 [ 119.215983][ T5012] [ 119.215983][ T5012] other info that might help us debug this: [ 119.215983][ T5012] [ 119.226222][ T5012] Chain exists of: [ 119.226222][ T5012] &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock [ 119.226222][ T5012] [ 119.239200][ T5012] Possible interrupt unsafe locking scenario: [ 119.239200][ T5012] [ 119.247634][ T5012] CPU0 CPU1 [ 119.253016][ T5012] ---- ---- [ 119.258425][ T5012] lock(tasklist_lock); [ 119.262680][ T5012] local_irq_disable(); [ 119.269437][ T5012] lock(&dev->event_lock#2); [ 119.276661][ T5012] lock(&new->fa_lock); [ 119.283455][ T5012] [ 119.286994][ T5012] lock(&dev->event_lock#2); [ 119.291855][ T5012] [ 119.291855][ T5012] *** DEADLOCK *** [ 119.291855][ T5012] [ 119.299994][ T5012] 8 locks held by syz.0.16/5012: [ 119.304930][ T5012] #0: ffff8881485f6110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x177/0x470 [ 119.314080][ T5012] #1: ffff88801e080230 (&dev->event_lock#2){-.-.}-{2:2}, at: input_inject_event+0x9e/0x2c0 [ 119.324181][ T5012] #2: ffffffff8c11bfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 119.333529][ T5012] #3: ffffffff8c11bfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 119.342844][ T5012] #4: ffffffff8c11bfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 119.352171][ T5012] #5: ffff88807d737028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0 [ 119.362368][ T5012] #6: ffffffff8c11bfa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 119.371680][ T5012] #7: ffff88805dbc8018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x16d/0x490 [ 119.380813][ T5012] [ 119.380813][ T5012] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 119.391232][ T5012] -> (&dev->event_lock#2){-.-.}-{2:2} { [ 119.396968][ T5012] IN-HARDIRQ-W at: [ 119.401131][ T5012] lock_acquire+0x197/0x3f0 [ 119.407658][ T5012] _raw_spin_lock_irqsave+0xa4/0xf0 [ 119.414866][ T5012] input_event+0x76/0xb0 [ 119.421146][ T5012] psmouse_report_standard_packet+0x4f/0x200 [ 119.429121][ T5012] psmouse_process_byte+0x42b/0x620 [ 119.436312][ T5012] psmouse_handle_byte+0x43/0x490 [ 119.443335][ T5012] psmouse_interrupt+0x699/0x1130 [ 119.450353][ T5012] serio_interrupt+0x87/0x130 [ 119.457028][ T5012] i8042_interrupt+0x369/0x710 [ 119.463886][ T5012] __handle_irq_event_percpu+0x291/0x9b0 [ 119.471540][ T5012] handle_irq_event+0xa5/0x220 [ 119.478301][ T5012] handle_edge_irq+0x243/0xb20 [ 119.485061][ T5012] __common_interrupt+0xd7/0x1e0 [ 119.491992][ T5012] common_interrupt+0x59/0xd0 [ 119.498663][ T5012] asm_common_interrupt+0x22/0x40 [ 119.505682][ T5012] handle_softirqs+0x1a9/0x820 [ 119.512527][ T5012] __irq_exit_rcu+0x12f/0x220 [ 119.519197][ T5012] irq_exit_rcu+0x5/0x20 [ 119.525543][ T5012] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 119.533171][ T5012] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 119.541151][ T5012] _raw_spin_unlock_irqrestore+0xa5/0x100 [ 119.548893][ T5012] i8042_aux_write+0x105/0x170 [ 119.555763][ T5012] ps2_do_sendbyte+0x1fb/0x6c0 [ 119.562675][ T5012] ps2_sendbyte+0x5b/0x110 [ 119.569096][ T5012] cypress_send_ext_cmd+0x239/0x910 [ 119.576321][ T5012] cypress_detect+0x89/0x190 [ 119.582907][ T5012] psmouse_extensions+0xcf3/0x1430 [ 119.590124][ T5012] psmouse_switch_protocol+0x2e7/0x870 [ 119.597579][ T5012] psmouse_connect+0x923/0x1430 [ 119.604428][ T5012] serio_driver_probe+0x76/0x90 [ 119.611711][ T5012] really_probe+0x284/0xc80 [ 119.618216][ T5012] __driver_probe_device+0x18c/0x330 [ 119.625500][ T5012] driver_probe_device+0x4f/0x420 [ 119.632522][ T5012] __driver_attach+0x46b/0x670 [ 119.639285][ T5012] bus_for_each_dev+0x175/0x1e0 [ 119.646145][ T5012] serio_handle_event+0x29c/0x840 [ 119.653258][ T5012] process_one_work+0x863/0x1000 [ 119.660196][ T5012] worker_thread+0xaa8/0x12a0 [ 119.666957][ T5012] kthread+0x436/0x520 [ 119.673018][ T5012] ret_from_fork+0x1f/0x30 [ 119.679427][ T5012] IN-SOFTIRQ-W at: [ 119.683574][ T5012] lock_acquire+0x197/0x3f0 [ 119.690165][ T5012] _raw_spin_lock_irqsave+0xa4/0xf0 [ 119.697368][ T5012] input_event+0x76/0xb0 [ 119.703621][ T5012] psmouse_report_standard_packet+0x4f/0x200 [ 119.711612][ T5012] psmouse_process_byte+0x42b/0x620 [ 119.718811][ T5012] psmouse_handle_byte+0x43/0x490 [ 119.725937][ T5012] psmouse_interrupt+0x699/0x1130 [ 119.732966][ T5012] serio_interrupt+0x87/0x130 [ 119.739763][ T5012] i8042_interrupt+0x369/0x710 [ 119.746526][ T5012] __handle_irq_event_percpu+0x291/0x9b0 [ 119.754161][ T5012] handle_irq_event+0xa5/0x220 [ 119.760921][ T5012] handle_edge_irq+0x243/0xb20 [ 119.767685][ T5012] __common_interrupt+0xd7/0x1e0 [ 119.774623][ T5012] common_interrupt+0x59/0xd0 [ 119.781297][ T5012] asm_common_interrupt+0x22/0x40 [ 119.788328][ T5012] handle_softirqs+0x1a9/0x820 [ 119.795094][ T5012] __irq_exit_rcu+0x12f/0x220 [ 119.801764][ T5012] irq_exit_rcu+0x5/0x20 [ 119.808004][ T5012] sysvec_apic_timer_interrupt+0xa0/0xc0 [ 119.815640][ T5012] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 119.823736][ T5012] _raw_spin_unlock_irqrestore+0xa5/0x100 [ 119.831578][ T5012] i8042_aux_write+0x105/0x170 [ 119.838620][ T5012] ps2_do_sendbyte+0x1fb/0x6c0 [ 119.845384][ T5012] ps2_sendbyte+0x5b/0x110 [ 119.851800][ T5012] cypress_send_ext_cmd+0x239/0x910 [ 119.859035][ T5012] cypress_detect+0x89/0x190 [ 119.865652][ T5012] psmouse_extensions+0xcf3/0x1430 [ 119.872760][ T5012] psmouse_switch_protocol+0x2e7/0x870 [ 119.880219][ T5012] psmouse_connect+0x923/0x1430 [ 119.887153][ T5012] serio_driver_probe+0x76/0x90 [ 119.894125][ T5012] really_probe+0x284/0xc80 [ 119.900808][ T5012] __driver_probe_device+0x18c/0x330 [ 119.908115][ T5012] driver_probe_device+0x4f/0x420 [ 119.915178][ T5012] __driver_attach+0x46b/0x670 [ 119.921966][ T5012] bus_for_each_dev+0x175/0x1e0 [ 119.928854][ T5012] serio_handle_event+0x29c/0x840 [ 119.935890][ T5012] process_one_work+0x863/0x1000 [ 119.942832][ T5012] worker_thread+0xaa8/0x12a0 [ 119.949518][ T5012] kthread+0x436/0x520 [ 119.955591][ T5012] ret_from_fork+0x1f/0x30 [ 119.962015][ T5012] INITIAL USE at: [ 119.966083][ T5012] lock_acquire+0x197/0x3f0 [ 119.972501][ T5012] _raw_spin_lock_irqsave+0xa4/0xf0 [ 119.979640][ T5012] input_inject_event+0x9e/0x2c0 [ 119.986505][ T5012] led_trigger_event+0x10a/0x1e0 [ 119.993367][ T5012] kbd_led_trigger_activate+0xb9/0x100 [ 120.000761][ T5012] led_trigger_set+0x504/0x900 [ 120.007459][ T5012] led_trigger_set_default+0x19c/0x1e0 [ 120.014835][ T5012] led_classdev_register_ext+0x68f/0x870 [ 120.022379][ T5012] input_leds_connect+0x51d/0x750 [ 120.029316][ T5012] input_register_device+0xda7/0x1140 [ 120.036599][ T5012] atkbd_connect+0x759/0xa10 [ 120.043194][ T5012] serio_driver_probe+0x76/0x90 [ 120.049958][ T5012] really_probe+0x284/0xc80 [ 120.056535][ T5012] __driver_probe_device+0x18c/0x330 [ 120.063854][ T5012] driver_probe_device+0x4f/0x420 [ 120.070802][ T5012] __driver_attach+0x46b/0x670 [ 120.077482][ T5012] bus_for_each_dev+0x175/0x1e0 [ 120.084246][ T5012] serio_handle_event+0x29c/0x840 [ 120.091185][ T5012] process_one_work+0x863/0x1000 [ 120.098041][ T5012] worker_thread+0xaa8/0x12a0 [ 120.104636][ T5012] kthread+0x436/0x520 [ 120.110654][ T5012] ret_from_fork+0x1f/0x30 [ 120.116997][ T5012] } [ 120.119672][ T5012] ... key at: [] input_allocate_device.__key.6+0x0/0x20 [ 120.128990][ T5012] -> (&client->buffer_lock){....}-{2:2} { [ 120.134811][ T5012] INITIAL USE at: [ 120.138792][ T5012] lock_acquire+0x197/0x3f0 [ 120.145036][ T5012] _raw_spin_lock+0x2a/0x40 [ 120.151277][ T5012] evdev_pass_values+0xcb/0xab0 [ 120.157869][ T5012] evdev_events+0x1c0/0x2f0 [ 120.164112][ T5012] input_pass_values+0x880/0x1220 [ 120.170881][ T5012] input_handle_event+0xb3f/0x1490 [ 120.177732][ T5012] input_inject_event+0x1b9/0x2c0 [ 120.184496][ T5012] evdev_write+0x326/0x470 [ 120.190651][ T5012] vfs_write+0x300/0xd00 [ 120.196627][ T5012] ksys_write+0x14d/0x250 [ 120.202712][ T5012] do_syscall_64+0x4c/0xa0 [ 120.208863][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 120.216493][ T5012] } [ 120.219076][ T5012] ... key at: [] evdev_open.__key.22+0x0/0x20 [ 120.227314][ T5012] ... acquired at: [ 120.231207][ T5012] _raw_spin_lock+0x2a/0x40 [ 120.235894][ T5012] evdev_pass_values+0xcb/0xab0 [ 120.241008][ T5012] evdev_events+0x1c0/0x2f0 [ 120.245689][ T5012] input_pass_values+0x880/0x1220 [ 120.250884][ T5012] input_handle_event+0xb3f/0x1490 [ 120.256167][ T5012] input_inject_event+0x1b9/0x2c0 [ 120.261360][ T5012] evdev_write+0x326/0x470 [ 120.266045][ T5012] vfs_write+0x300/0xd00 [ 120.270458][ T5012] ksys_write+0x14d/0x250 [ 120.274964][ T5012] do_syscall_64+0x4c/0xa0 [ 120.279559][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 120.285719][ T5012] [ 120.288044][ T5012] -> (&new->fa_lock){....}-{2:2} { [ 120.293273][ T5012] INITIAL READ USE at: [ 120.297610][ T5012] lock_acquire+0x197/0x3f0 [ 120.304119][ T5012] _raw_read_lock_irqsave+0xac/0xf0 [ 120.311320][ T5012] kill_fasync+0x16d/0x490 [ 120.317736][ T5012] evdev_pass_values+0x54b/0xab0 [ 120.324695][ T5012] evdev_events+0x1c0/0x2f0 [ 120.331301][ T5012] input_pass_values+0x880/0x1220 [ 120.338320][ T5012] input_handle_event+0xb3f/0x1490 [ 120.345536][ T5012] input_inject_event+0x1b9/0x2c0 [ 120.352555][ T5012] evdev_write+0x326/0x470 [ 120.358983][ T5012] vfs_write+0x300/0xd00 [ 120.365249][ T5012] ksys_write+0x14d/0x250 [ 120.371633][ T5012] do_syscall_64+0x4c/0xa0 [ 120.378046][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 120.385941][ T5012] } [ 120.388446][ T5012] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 120.397147][ T5012] ... acquired at: [ 120.400961][ T5012] _raw_read_lock_irqsave+0xac/0xf0 [ 120.406338][ T5012] kill_fasync+0x16d/0x490 [ 120.410930][ T5012] evdev_pass_values+0x54b/0xab0 [ 120.416044][ T5012] evdev_events+0x1c0/0x2f0 [ 120.420723][ T5012] input_pass_values+0x880/0x1220 [ 120.425927][ T5012] input_handle_event+0xb3f/0x1490 [ 120.431217][ T5012] input_inject_event+0x1b9/0x2c0 [ 120.436413][ T5012] evdev_write+0x326/0x470 [ 120.441013][ T5012] vfs_write+0x300/0xd00 [ 120.445430][ T5012] ksys_write+0x14d/0x250 [ 120.449938][ T5012] do_syscall_64+0x4c/0xa0 [ 120.454535][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 120.460604][ T5012] [ 120.462926][ T5012] [ 120.462926][ T5012] the dependencies between the lock to be acquired [ 120.462933][ T5012] and HARDIRQ-irq-unsafe lock: [ 120.476568][ T5012] -> (tasklist_lock){.+.+}-{2:2} { [ 120.481782][ T5012] HARDIRQ-ON-R at: [ 120.485847][ T5012] lock_acquire+0x197/0x3f0 [ 120.492191][ T5012] _raw_read_lock+0x32/0x40 [ 120.498615][ T5012] do_wait+0x293/0xac0 [ 120.504527][ T5012] kernel_wait+0xa8/0x160 [ 120.510680][ T5012] call_usermodehelper_exec_work+0xb5/0x220 [ 120.518397][ T5012] process_one_work+0x863/0x1000 [ 120.525165][ T5012] worker_thread+0xaa8/0x12a0 [ 120.531668][ T5012] kthread+0x436/0x520 [ 120.537558][ T5012] ret_from_fork+0x1f/0x30 [ 120.544071][ T5012] SOFTIRQ-ON-R at: [ 120.548134][ T5012] lock_acquire+0x197/0x3f0 [ 120.554465][ T5012] _raw_read_lock+0x32/0x40 [ 120.560790][ T5012] do_wait+0x293/0xac0 [ 120.566680][ T5012] kernel_wait+0xa8/0x160 [ 120.572836][ T5012] call_usermodehelper_exec_work+0xb5/0x220 [ 120.580554][ T5012] process_one_work+0x863/0x1000 [ 120.587316][ T5012] worker_thread+0xaa8/0x12a0 [ 120.593815][ T5012] kthread+0x436/0x520 [ 120.599795][ T5012] ret_from_fork+0x1f/0x30 [ 120.606046][ T5012] INITIAL USE at: [ 120.610029][ T5012] lock_acquire+0x197/0x3f0 [ 120.616306][ T5012] _raw_write_lock_irq+0x9f/0xe0 [ 120.622998][ T5012] copy_process+0x234a/0x3e00 [ 120.629414][ T5012] kernel_clone+0x219/0x930 [ 120.635669][ T5012] kernel_thread+0xc8/0x120 [ 120.641964][ T5012] rest_init+0x21/0x330 [ 120.647865][ T5012] start_kernel+0x486/0x530 [ 120.654107][ T5012] secondary_startup_64_no_verify+0xb1/0xbb [ 120.661857][ T5012] INITIAL READ USE at: [ 120.666288][ T5012] lock_acquire+0x197/0x3f0 [ 120.672978][ T5012] _raw_read_lock+0x32/0x40 [ 120.679668][ T5012] do_wait+0x293/0xac0 [ 120.685936][ T5012] kernel_wait+0xa8/0x160 [ 120.692447][ T5012] call_usermodehelper_exec_work+0xb5/0x220 [ 120.700517][ T5012] process_one_work+0x863/0x1000 [ 120.707709][ T5012] worker_thread+0xaa8/0x12a0 [ 120.714659][ T5012] kthread+0x436/0x520 [ 120.720916][ T5012] ret_from_fork+0x1f/0x30 [ 120.727529][ T5012] } [ 120.730190][ T5012] ... key at: [] tasklist_lock+0x18/0x40 [ 120.738010][ T5012] ... acquired at: [ 120.741922][ T5012] _raw_read_lock+0x32/0x40 [ 120.746611][ T5012] send_sigurg+0xcb/0x390 [ 120.751117][ T5012] sk_send_sigurg+0x6b/0xc0 [ 120.755806][ T5012] tcp_urg+0x2bc/0xb10 [ 120.760138][ T5012] tcp_rcv_established+0xa9c/0x1c80 [ 120.765521][ T5012] tcp_v6_do_rcv+0x539/0x1180 [ 120.770379][ T5012] __release_sock+0x1b9/0x420 [ 120.775233][ T5012] release_sock+0x5b/0x1b0 [ 120.779823][ T5012] sk_stream_wait_memory+0x6d8/0xe50 [ 120.785289][ T5012] tcp_sendmsg_locked+0x1c9f/0x3590 [ 120.790665][ T5012] tcp_sendmsg+0x2b/0x40 [ 120.795079][ T5012] __sys_sendto+0x423/0x580 [ 120.799762][ T5012] __x64_sys_sendto+0xda/0xf0 [ 120.804787][ T5012] do_syscall_64+0x4c/0xa0 [ 120.809385][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 120.815475][ T5012] [ 120.817803][ T5012] -> (&f->f_owner.lock){....}-{2:2} { [ 120.823207][ T5012] INITIAL USE at: [ 120.827112][ T5012] lock_acquire+0x197/0x3f0 [ 120.833270][ T5012] _raw_write_lock_irq+0x9f/0xe0 [ 120.839774][ T5012] __f_setown+0x37/0x330 [ 120.845583][ T5012] f_setown+0x120/0x1c0 [ 120.851298][ T5012] do_fcntl+0x192/0x12d0 [ 120.857121][ T5012] __se_sys_fcntl+0xcc/0x190 [ 120.863270][ T5012] do_syscall_64+0x4c/0xa0 [ 120.869246][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 120.876730][ T5012] INITIAL READ USE at: [ 120.881058][ T5012] lock_acquire+0x197/0x3f0 [ 120.887574][ T5012] _raw_read_lock_irqsave+0xac/0xf0 [ 120.894774][ T5012] send_sigurg+0x25/0x390 [ 120.901111][ T5012] sk_send_sigurg+0x6b/0xc0 [ 120.907625][ T5012] tcp_urg+0x2bc/0xb10 [ 120.913816][ T5012] tcp_rcv_established+0xa9c/0x1c80 [ 120.921026][ T5012] tcp_v6_do_rcv+0x539/0x1180 [ 120.927798][ T5012] __release_sock+0x1b9/0x420 [ 120.934511][ T5012] release_sock+0x5b/0x1b0 [ 120.940961][ T5012] sk_stream_wait_memory+0x6d8/0xe50 [ 120.948280][ T5012] tcp_sendmsg_locked+0x1c9f/0x3590 [ 120.955480][ T5012] tcp_sendmsg+0x2b/0x40 [ 120.961721][ T5012] __sys_sendto+0x423/0x580 [ 120.968226][ T5012] __x64_sys_sendto+0xda/0xf0 [ 120.974904][ T5012] do_syscall_64+0x4c/0xa0 [ 120.981331][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 120.989227][ T5012] } [ 120.991723][ T5012] ... key at: [] __alloc_file.__key+0x0/0x10 [ 120.999789][ T5012] ... acquired at: [ 121.003583][ T5012] _raw_read_lock_irqsave+0xac/0xf0 [ 121.008952][ T5012] send_sigio+0x2f/0x330 [ 121.013380][ T5012] kill_fasync+0x20a/0x490 [ 121.018122][ T5012] evdev_pass_values+0x54b/0xab0 [ 121.023252][ T5012] evdev_events+0x1c0/0x2f0 [ 121.028111][ T5012] input_pass_values+0x880/0x1220 [ 121.033314][ T5012] input_handle_event+0xb3f/0x1490 [ 121.038605][ T5012] input_inject_event+0x1b9/0x2c0 [ 121.043809][ T5012] evdev_write+0x326/0x470 [ 121.048414][ T5012] vfs_write+0x300/0xd00 [ 121.052830][ T5012] ksys_write+0x14d/0x250 [ 121.057334][ T5012] do_syscall_64+0x4c/0xa0 [ 121.061939][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 121.068028][ T5012] [ 121.070356][ T5012] [ 121.070356][ T5012] stack backtrace: [ 121.076250][ T5012] CPU: 1 PID: 5012 Comm: syz.0.16 Not tainted 5.15.185-syzkaller #0 [ 121.084236][ T5012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 121.094314][ T5012] Call Trace: [ 121.097606][ T5012] [ 121.100663][ T5012] dump_stack_lvl+0x168/0x230 [ 121.105345][ T5012] ? load_image+0x3b0/0x3b0 [ 121.109849][ T5012] ? show_regs_print_info+0x20/0x20 [ 121.115512][ T5012] ? load_image+0x3b0/0x3b0 [ 121.120036][ T5012] ? print_shortest_lock_dependencies+0xf0/0x160 [ 121.126458][ T5012] __lock_acquire+0x65dd/0x7c60 [ 121.131327][ T5012] ? verify_lock_unused+0x140/0x140 [ 121.136580][ T5012] lock_acquire+0x197/0x3f0 [ 121.141089][ T5012] ? send_sigio+0x2f/0x330 [ 121.145513][ T5012] ? read_lock_is_recursive+0x10/0x10 [ 121.150906][ T5012] ? read_lock_is_recursive+0x10/0x10 [ 121.156292][ T5012] _raw_read_lock_irqsave+0xac/0xf0 [ 121.161497][ T5012] ? send_sigio+0x2f/0x330 [ 121.165913][ T5012] ? _raw_read_lock+0x40/0x40 [ 121.170593][ T5012] ? _raw_read_lock_irqsave+0xb8/0xf0 [ 121.175970][ T5012] ? _raw_read_lock+0x40/0x40 [ 121.180649][ T5012] ? do_raw_spin_lock+0x11d/0x280 [ 121.185683][ T5012] send_sigio+0x2f/0x330 [ 121.189929][ T5012] kill_fasync+0x20a/0x490 [ 121.194433][ T5012] evdev_pass_values+0x54b/0xab0 [ 121.199408][ T5012] ? evdev_pass_values+0x571/0xab0 [ 121.204634][ T5012] evdev_events+0x1c0/0x2f0 [ 121.209140][ T5012] ? evdev_event+0xd0/0xd0 [ 121.213603][ T5012] input_pass_values+0x880/0x1220 [ 121.218635][ T5012] ? read_lock_is_recursive+0x10/0x10 [ 121.224050][ T5012] input_handle_event+0xb3f/0x1490 [ 121.229195][ T5012] input_inject_event+0x1b9/0x2c0 [ 121.234231][ T5012] evdev_write+0x326/0x470 [ 121.238680][ T5012] ? evdev_read+0xb50/0xb50 [ 121.243189][ T5012] ? end_current_label_crit_section+0x14b/0x170 [ 121.249440][ T5012] ? common_file_perm+0x171/0x1c0 [ 121.254477][ T5012] ? fsnotify_perm+0x5d/0x560 [ 121.259176][ T5012] ? security_file_permission+0x75/0xa0 [ 121.264723][ T5012] ? evdev_read+0xb50/0xb50 [ 121.269230][ T5012] vfs_write+0x300/0xd00 [ 121.273482][ T5012] ? file_end_write+0x250/0x250 [ 121.278339][ T5012] ? __fget_files+0x40f/0x480 [ 121.283031][ T5012] ? __fdget_pos+0x1e2/0x370 [ 121.287634][ T5012] ? ksys_write+0x71/0x250 [ 121.292059][ T5012] ksys_write+0x14d/0x250 [ 121.296405][ T5012] ? __ia32_sys_read+0x80/0x80 [ 121.301218][ T5012] ? lockdep_hardirqs_on+0x94/0x140 [ 121.306426][ T5012] do_syscall_64+0x4c/0xa0 [ 121.310868][ T5012] ? clear_bhb_loop+0x30/0x80 [ 121.315585][ T5012] ? clear_bhb_loop+0x30/0x80 [ 121.320264][ T5012] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 121.326180][ T5012] RIP: 0033:0x7f56cdee0169 [ 121.330603][ T5012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.350221][ T5012] RSP: 002b:00007f56cd130038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 121.358645][ T5012] RAX: ffffffffffffffda RBX: 00007f56ce0f9080 RCX: 00007f56cdee0169 [ 121.366680][ T5012] RDX: 0000000000002ad8 RSI: 0000200000000040 RDI: 0000000000000004 [ 121.374657][ T5012] RBP: 00007f56cdf61990 R08: 0000000000000000 R09: 0000000000000000 [ 121.382631][ T5012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 121.390602][ T5012] R13: 0000000000000000 R14: 00007f56ce0f9080 R15: 00007ffec40d9428 [ 121.398704][ T5012] [ 121.404249][ T4287] Bluetooth: hci0: command 0x041b tx timeout 2025/06/08 22:04:33 executed programs: 3 [ 123.422543][ T4287] Bluetooth: hci0: command 0x040f tx timeout [ 125.502682][ T1108] Bluetooth: hci0: command 0x0419 tx timeout 2025/06/08 22:04:38 executed programs: 9