======================================================== WARNING: possible irq lock inversion dependency detected 5.11.0-syzkaller #0 Not tainted -------------------------------------------------------- swapper/1/0 just changed the state of lock: ffff888149f28108 (&group->lock){..-.}-{2:2}, at: snd_pcm_period_elapsed+0x17/0x1c0 sound/core/pcm_lib.c:1799 but this lock took another, SOFTIRQ-READ-unsafe lock in the past: ( tasklist_lock){.+.+}-{2:2} and interrupts could create inverse lock ordering between them. other info that might help us debug this: Chain exists of: &group->lock --> &timer->lock --> tasklist_lock Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(tasklist_lock); local_irq_disable(); lock(&group->lock); lock(&timer->lock); lock(&group->lock); *** DEADLOCK *** no locks held by swapper/1/0. the shortest dependencies between 2nd lock and 1st lock: -> (tasklist_lock){.+.+}-{2:2} { HARDIRQ-ON-R at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x5b/0x70 kernel/locking/spinlock.c:223 do_wait+0x28f/0x840 kernel/exit.c:1465 kernel_wait+0x97/0x130 kernel/exit.c:1647 call_usermodehelper_exec_sync kernel/umh.c:137 [inline] call_usermodehelper_exec_work+0xbb/0x140 kernel/umh.c:164 process_one_work+0x828/0x1390 kernel/workqueue.c:2275 worker_thread+0x598/0xf80 kernel/workqueue.c:2421 kthread+0x36f/0x450 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296 SOFTIRQ-ON-R at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x5b/0x70 kernel/locking/spinlock.c:223 do_wait+0x28f/0x840 kernel/exit.c:1465 kernel_wait+0x97/0x130 kernel/exit.c:1647 call_usermodehelper_exec_sync kernel/umh.c:137 [inline] call_usermodehelper_exec_work+0xbb/0x140 kernel/umh.c:164 process_one_work+0x828/0x1390 kernel/workqueue.c:2275 worker_thread+0x598/0xf80 kernel/workqueue.c:2421 kthread+0x36f/0x450 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline] _raw_write_lock_irq+0x32/0x50 kernel/locking/spinlock.c:311 copy_process+0x2ea7/0x6750 kernel/fork.c:2216 kernel_clone+0xb8/0x7f0 kernel/fork.c:2462 kernel_thread+0xa3/0xe0 kernel/fork.c:2514 rest_init+0x1e/0x298 init/main.c:686 start_kernel+0x333/0x351 init/main.c:1061 secondary_startup_64_no_verify+0xb0/0xbb INITIAL READ USE at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x5b/0x70 kernel/locking/spinlock.c:223 do_wait+0x28f/0x840 kernel/exit.c:1465 kernel_wait+0x97/0x130 kernel/exit.c:1647 call_usermodehelper_exec_sync kernel/umh.c:137 [inline] call_usermodehelper_exec_work+0xbb/0x140 kernel/umh.c:164 process_one_work+0x828/0x1390 kernel/workqueue.c:2275 worker_thread+0x598/0xf80 kernel/workqueue.c:2421 kthread+0x36f/0x450 kernel/kthread.c:292 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296 } ... key at: [] tasklist_lock+0x18/0x40 ... acquired at: __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x5b/0x70 kernel/locking/spinlock.c:223 send_sigio+0x8c/0x2a0 fs/fcntl.c:801 dnotify_handle_event+0x10a/0x210 fs/notify/dnotify/dnotify.c:97 fsnotify_handle_event fs/notify/fsnotify.c:310 [inline] send_to_group fs/notify/fsnotify.c:364 [inline] fsnotify+0x870/0xdd0 fs/notify/fsnotify.c:541 fsnotify_name include/linux/fsnotify.h:33 [inline] fsnotify_dirent include/linux/fsnotify.h:39 [inline] fsnotify_create include/linux/fsnotify.h:189 [inline] open_last_lookups fs/namei.c:3182 [inline] path_openat+0xbe1/0x2190 fs/namei.c:3368 do_filp_open+0x16d/0x390 fs/namei.c:3398 do_sys_openat2+0x11e/0x360 fs/open.c:1172 do_sys_open fs/open.c:1188 [inline] __do_sys_creat fs/open.c:1262 [inline] __se_sys_creat fs/open.c:1256 [inline] __x64_sys_creat+0xc3/0x110 fs/open.c:1256 do_syscall_64+0x2d/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 -> (&f->f_owner.lock){....}-{2:2} { INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline] _raw_write_lock_irq+0x32/0x50 kernel/locking/spinlock.c:311 f_modown+0x23/0x320 fs/fcntl.c:90 __f_setown fs/fcntl.c:109 [inline] f_setown+0x8b/0x160 fs/fcntl.c:137 do_fcntl+0x5a7/0xcd0 fs/fcntl.c:384 __do_sys_fcntl fs/fcntl.c:463 [inline] __se_sys_fcntl fs/fcntl.c:448 [inline] __x64_sys_fcntl+0x11a/0x160 fs/fcntl.c:448 do_syscall_64+0x2d/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 INITIAL READ USE at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x70/0x90 kernel/locking/spinlock.c:231 send_sigio+0x1c/0x2a0 fs/fcntl.c:787 kill_fasync_rcu fs/fcntl.c:1011 [inline] kill_fasync fs/fcntl.c:1025 [inline] kill_fasync+0x17a/0x310 fs/fcntl.c:1018 snd_timer_user_ccallback+0x24d/0x300 sound/core/timer.c:1386 snd_timer_notify1+0x119/0x330 sound/core/timer.c:516 snd_timer_start1+0x3dd/0x6f0 sound/core/timer.c:577 snd_timer_start sound/core/timer.c:696 [inline] snd_timer_start sound/core/timer.c:689 [inline] snd_timer_user_start.isra.0+0x16d/0x1e0 sound/core/timer.c:1984 __snd_timer_user_ioctl.isra.0+0xa1b/0x1d90 sound/core/timer.c:2107 snd_timer_user_ioctl+0x72/0xa0 sound/core/timer.c:2128 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x11f/0x190 fs/ioctl.c:739 do_syscall_64+0x2d/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 } ... key at: [] __key.3+0x0/0x40 ... acquired at: __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline] _raw_read_lock_irqsave+0x70/0x90 kernel/locking/spinlock.c:231 send_sigio+0x1c/0x2a0 fs/fcntl.c:787 kill_fasync_rcu fs/fcntl.c:1011 [inline] kill_fasync fs/fcntl.c:1025 [inline] kill_fasync+0x17a/0x310 fs/fcntl.c:1018 snd_timer_user_ccallback+0x24d/0x300 sound/core/timer.c:1386 snd_timer_notify1+0x119/0x330 sound/core/timer.c:516 snd_timer_start1+0x3dd/0x6f0 sound/core/timer.c:577 snd_timer_start sound/core/timer.c:696 [inline] snd_timer_start sound/core/timer.c:689 [inline] snd_timer_user_start.isra.0+0x16d/0x1e0 sound/core/timer.c:1984 __snd_timer_user_ioctl.isra.0+0xa1b/0x1d90 sound/core/timer.c:2107 snd_timer_user_ioctl+0x72/0xa0 sound/core/timer.c:2128 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x11f/0x190 fs/ioctl.c:739 do_syscall_64+0x2d/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 -> (&new->fa_lock ){....}-{2:2} { INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline] _raw_write_lock_irq+0x32/0x50 kernel/locking/spinlock.c:311 fasync_remove_entry+0xa1/0x1d0 fs/fcntl.c:882 __fput+0x574/0x870 fs/file_table.c:277 task_work_run+0xc0/0x160 kernel/task_work.c:140 tracehook_notify_resume include/linux/tracehook.h:189 [inline] exit_to_user_mode_loop kernel/entry/common.c:174 [inline] exit_to_user_mode_prepare+0x249/0x250 kernel/entry/common.c:201 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x44/0xa9 INITIAL READ USE at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x5b/0x70 kernel/locking/spinlock.c:223 kill_fasync_rcu fs/fcntl.c:1004 [inline] kill_fasync fs/fcntl.c:1025 [inline] kill_fasync+0xec/0x310 fs/fcntl.c:1018 snd_timer_user_ccallback+0x24d/0x300 sound/core/timer.c:1386 snd_timer_notify1+0x119/0x330 sound/core/timer.c:516 snd_timer_start1+0x3dd/0x6f0 sound/core/timer.c:577 snd_timer_start sound/core/timer.c:696 [inline] snd_timer_start sound/core/timer.c:689 [inline] snd_timer_user_start.isra.0+0x16d/0x1e0 sound/core/timer.c:1984 __snd_timer_user_ioctl.isra.0+0xa1b/0x1d90 sound/core/timer.c:2107 snd_timer_user_ioctl+0x72/0xa0 sound/core/timer.c:2128 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x11f/0x190 fs/ioctl.c:739 do_syscall_64+0x2d/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 } ... key at: [] __key.0+0x0/0x40 ... acquired at: __raw_read_lock include/linux/rwlock_api_smp.h:149 [inline] _raw_read_lock+0x5b/0x70 kernel/locking/spinlock.c:223 kill_fasync_rcu fs/fcntl.c:1004 [inline] kill_fasync fs/fcntl.c:1025 [inline] kill_fasync+0xec/0x310 fs/fcntl.c:1018 snd_timer_user_ccallback+0x24d/0x300 sound/core/timer.c:1386 snd_timer_notify1+0x119/0x330 sound/core/timer.c:516 snd_timer_start1+0x3dd/0x6f0 sound/core/timer.c:577 snd_timer_start sound/core/timer.c:696 [inline] snd_timer_start sound/core/timer.c:689 [inline] snd_timer_user_start.isra.0+0x16d/0x1e0 sound/core/timer.c:1984 __snd_timer_user_ioctl.isra.0+0xa1b/0x1d90 sound/core/timer.c:2107 snd_timer_user_ioctl+0x72/0xa0 sound/core/timer.c:2128 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x11f/0x190 fs/ioctl.c:739 do_syscall_64+0x2d/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 -> (&timer->lock){....}-{2:2} { INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:159 snd_timer_notify sound/core/timer.c:1086 [inline] snd_timer_notify+0xcc/0x320 sound/core/timer.c:1073 snd_pcm_timer_notify sound/core/pcm_native.c:581 [inline] snd_pcm_post_stop+0x1a0/0x210 sound/core/pcm_native.c:1436 snd_pcm_action_single sound/core/pcm_native.c:1214 [inline] snd_pcm_action+0x10c/0x140 sound/core/pcm_native.c:1295 snd_pcm_stop sound/core/pcm_native.c:1460 [inline] snd_pcm_drop+0x165/0x290 sound/core/pcm_native.c:2138 snd_pcm_oss_sync+0x1ed/0x730 sound/core/oss/pcm_oss.c:1717 snd_pcm_oss_release+0x21f/0x2b0 sound/core/oss/pcm_oss.c:2556 __fput+0x204/0x870 fs/file_table.c:280 task_work_run+0xc0/0x160 kernel/task_work.c:140 tracehook_notify_resume include/linux/tracehook.h:189 [inline] exit_to_user_mode_loop kernel/entry/common.c:174 [inline] exit_to_user_mode_prepare+0x249/0x250 kernel/entry/common.c:201 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x44/0xa9 } ... key at: [] __key.6+0x0/0x40 ... acquired at: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:159 snd_timer_notify sound/core/timer.c:1086 [inline] snd_timer_notify+0xcc/0x320 sound/core/timer.c:1073 snd_pcm_timer_notify sound/core/pcm_native.c:581 [inline] snd_pcm_post_stop+0x1a0/0x210 sound/core/pcm_native.c:1436 snd_pcm_action_single sound/core/pcm_native.c:1214 [inline] snd_pcm_action+0x10c/0x140 sound/core/pcm_native.c:1295 snd_pcm_stop sound/core/pcm_native.c:1460 [inline] snd_pcm_drop+0x165/0x290 sound/core/pcm_native.c:2138 snd_pcm_oss_sync+0x1ed/0x730 sound/core/oss/pcm_oss.c:1717 snd_pcm_oss_release+0x21f/0x2b0 sound/core/oss/pcm_oss.c:2556 __fput+0x204/0x870 fs/file_table.c:280 task_work_run+0xc0/0x160 kernel/task_work.c:140 tracehook_notify_resume include/linux/tracehook.h:189 [inline] exit_to_user_mode_loop kernel/entry/common.c:174 [inline] exit_to_user_mode_prepare+0x249/0x250 kernel/entry/common.c:201 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x44/0xa9 -> (&group->lock){..-.}-{2:2} { IN-SOFTIRQ-W at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:159 snd_pcm_period_elapsed+0x17/0x1c0 sound/core/pcm_lib.c:1799 dummy_hrtimer_callback+0x7a/0x170 sound/drivers/dummy.c:378 __run_hrtimer kernel/time/hrtimer.c:1519 [inline] __hrtimer_run_queues+0x4d7/0xb00 kernel/time/hrtimer.c:1583 hrtimer_run_softirq+0x176/0x340 kernel/time/hrtimer.c:1600 __do_softirq+0x29b/0x9f6 kernel/softirq.c:343 asm_call_irq_on_stack+0xf/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0xaa/0xd0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:226 [inline] __irq_exit_rcu kernel/softirq.c:420 [inline] irq_exit_rcu+0x134/0x200 kernel/softirq.c:432 sysvec_apic_timer_interrupt+0x4d/0x100 arch/x86/kernel/apic/apic.c:1100 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:629 native_safe_halt arch/x86/include/asm/irqflags.h:60 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:103 [inline] acpi_safe_halt drivers/acpi/processor_idle.c:110 [inline] acpi_idle_do_entry+0x161/0x1c0 drivers/acpi/processor_idle.c:516 acpi_idle_enter+0x2c0/0x4b0 drivers/acpi/processor_idle.c:647 cpuidle_enter_state+0x152/0xb40 drivers/cpuidle/cpuidle.c:237 cpuidle_enter+0x45/0xa0 drivers/cpuidle/cpuidle.c:351 call_cpuidle kernel/sched/idle.c:158 [inline] cpuidle_idle_call kernel/sched/idle.c:239 [inline] do_idle+0x3e1/0x590 kernel/sched/idle.c:299 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:396 start_secondary+0x274/0x350 arch/x86/kernel/smpboot.c:272 secondary_startup_64_no_verify+0xb0/0xbb INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:128 [inline] _raw_spin_lock_irq+0x32/0x50 kernel/locking/spinlock.c:167 spin_lock_irq include/linux/spinlock.h:379 [inline] snd_pcm_group_lock_irq sound/core/pcm_native.c:97 [inline] snd_pcm_stream_lock_irq sound/core/pcm_native.c:136 [inline] snd_pcm_hw_params+0x10d/0x1750 sound/core/pcm_native.c:672 snd_pcm_oss_change_params_locked+0x1151/0x30e0 sound/core/oss/pcm_oss.c:947 snd_pcm_oss_change_params sound/core/oss/pcm_oss.c:1090 [inline] snd_pcm_oss_make_ready+0x99/0x140 sound/core/oss/pcm_oss.c:1149 snd_pcm_oss_sync+0x1aa/0x730 sound/core/oss/pcm_oss.c:1714 snd_pcm_oss_release+0x21f/0x2b0 sound/core/oss/pcm_oss.c:2556 __fput+0x204/0x870 fs/file_table.c:280 task_work_run+0xc0/0x160 kernel/task_work.c:140 tracehook_notify_resume include/linux/tracehook.h:189 [inline] exit_to_user_mode_loop kernel/entry/common.c:174 [inline] exit_to_user_mode_prepare+0x249/0x250 kernel/entry/common.c:201 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline] syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x44/0xa9 } ... key at: [] __key.5+0x0/0x40 ... acquired at: mark_usage kernel/locking/lockdep.c:4306 [inline] __lock_acquire+0x1199/0x57d0 kernel/locking/lockdep.c:4786 lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:159 snd_pcm_period_elapsed+0x17/0x1c0 sound/core/pcm_lib.c:1799 dummy_hrtimer_callback+0x7a/0x170 sound/drivers/dummy.c:378 __run_hrtimer kernel/time/hrtimer.c:1519 [inline] __hrtimer_run_queues+0x4d7/0xb00 kernel/time/hrtimer.c:1583 hrtimer_run_softirq+0x176/0x340 kernel/time/hrtimer.c:1600 __do_softirq+0x29b/0x9f6 kernel/softirq.c:343 asm_call_irq_on_stack+0xf/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0xaa/0xd0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:226 [inline] __irq_exit_rcu kernel/softirq.c:420 [inline] irq_exit_rcu+0x134/0x200 kernel/softirq.c:432 sysvec_apic_timer_interrupt+0x4d/0x100 arch/x86/kernel/apic/apic.c:1100 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:629 native_safe_halt arch/x86/include/asm/irqflags.h:60 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:103 [inline] acpi_safe_halt drivers/acpi/processor_idle.c:110 [inline] acpi_idle_do_entry+0x161/0x1c0 drivers/acpi/processor_idle.c:516 acpi_idle_enter+0x2c0/0x4b0 drivers/acpi/processor_idle.c:647 cpuidle_enter_state+0x152/0xb40 drivers/cpuidle/cpuidle.c:237 cpuidle_enter+0x45/0xa0 drivers/cpuidle/cpuidle.c:351 call_cpuidle kernel/sched/idle.c:158 [inline] cpuidle_idle_call kernel/sched/idle.c:239 [inline] do_idle+0x3e1/0x590 kernel/sched/idle.c:299 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:396 start_secondary+0x274/0x350 arch/x86/kernel/smpboot.c:272 secondary_startup_64_no_verify+0xb0/0xbb stack backtrace: CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.11.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x9a/0xcc lib/dump_stack.c:120 print_irq_inversion_bug kernel/locking/lockdep.c:4413 [inline] check_usage_forwards kernel/locking/lockdep.c:3849 [inline] mark_lock_irq kernel/locking/lockdep.c:3981 [inline] mark_lock.cold+0x20/0x72 kernel/locking/lockdep.c:4411 mark_usage kernel/locking/lockdep.c:4306 [inline] __lock_acquire+0x1199/0x57d0 kernel/locking/lockdep.c:4786 lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:159 snd_pcm_period_elapsed+0x17/0x1c0 sound/core/pcm_lib.c:1799 dummy_hrtimer_callback+0x7a/0x170 sound/drivers/dummy.c:378 __run_hrtimer kernel/time/hrtimer.c:1519 [inline] __hrtimer_run_queues+0x4d7/0xb00 kernel/time/hrtimer.c:1583 hrtimer_run_softirq+0x176/0x340 kernel/time/hrtimer.c:1600 __do_softirq+0x29b/0x9f6 kernel/softirq.c:343 asm_call_irq_on_stack+0xf/0x20 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline] do_softirq_own_stack+0xaa/0xd0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:226 [inline] __irq_exit_rcu kernel/softirq.c:420 [inline] irq_exit_rcu+0x134/0x200 kernel/softirq.c:432 sysvec_apic_timer_interrupt+0x4d/0x100 arch/x86/kernel/apic/apic.c:1100 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:629 RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:29 [inline] RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:79 [inline] RIP: 0010:arch_irqs_disabled arch/x86/include/asm/irqflags.h:169 [inline] RIP: 0010:acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline] RIP: 0010:acpi_idle_do_entry+0x161/0x1c0 drivers/acpi/processor_idle.c:516 Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 6d 48 8b 45 00 a8 08 75 c9 e8 9d 1f 3e f9 e9 07 00 00 00 0f 00 2d b1 69 b7 00 fb f4 <9c> 58 fa f6 c4 02 74 ae 5d e9 f1 1b 3e f9 48 89 ef 5d e9 c8 f9 ff RSP: 0018:ffffc90000d47d30 EFLAGS: 00000202 RAX: 000000000004c051 RBX: ffff888143fa0865 RCX: 1ffffffff185df49 RDX: 0000000000000000 RSI: ffffffff888ae020 RDI: ffffffff88dc3fe0 RBP: ffff8880101ab800 R08: 0000000000000001 R09: 0000000000000001 R10: ffffed1002035700 R11: 0000000000000001 R12: 0000000000000001 R13: ffff888143fa0864 R14: ffffffff8b084400 R15: ffff8880189aa004 acpi_idle_enter+0x2c0/0x4b0 drivers/acpi/processor_idle.c:647 cpuidle_enter_state+0x152/0xb40 drivers/cpuidle/cpuidle.c:237 cpuidle_enter+0x45/0xa0 drivers/cpuidle/cpuidle.c:351 call_cpuidle kernel/sched/idle.c:158 [inline] cpuidle_idle_call kernel/sched/idle.c:239 [inline] do_idle+0x3e1/0x590 kernel/sched/idle.c:299 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:396 start_secondary+0x274/0x350 arch/x86/kernel/smpboot.c:272 secondary_startup_64_no_verify+0xb0/0xbb ---------------- Code disassembly (best guess), 5 bytes skipped: 0: 48 c1 ea 03 shr $0x3,%rdx 4: 80 3c 02 00 cmpb $0x0,(%rdx,%rax,1) 8: 75 6d jne 0x77 a: 48 8b 45 00 mov 0x0(%rbp),%rax e: a8 08 test $0x8,%al 10: 75 c9 jne 0xffffffdb 12: e8 9d 1f 3e f9 callq 0xf93e1fb4 17: e9 07 00 00 00 jmpq 0x23 1c: 0f 00 2d b1 69 b7 00 verw 0xb769b1(%rip) # 0xb769d4 23: fb sti 24: f4 hlt * 25: 9c pushfq <-- trapping instruction 26: 58 pop %rax 27: fa cli 28: f6 c4 02 test $0x2,%ah 2b: 74 ae je 0xffffffdb 2d: 5d pop %rbp 2e: e9 f1 1b 3e f9 jmpq 0xf93e1c24 33: 48 89 ef mov %rbp,%rdi 36: 5d pop %rbp 37: e9 .byte 0xe9 38: c8 .byte 0xc8 39: f9 stc 3a: ff .byte 0xff