Warning: Permanently added '10.128.0.144' (ED25519) to the list of known hosts. 1970/01/01 00:00:31 parsed 1 programs [ 33.068671][ T6557] cgroup: Unknown subsys name 'net' [ 33.208672][ T6557] cgroup: Unknown subsys name 'cpuset' [ 33.210832][ T6557] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 33.382523][ T6557] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 39.647880][ T4841] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.649280][ T4841] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.657914][ T2127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.659199][ T2127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.700065][ T6570] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 39.794234][ T6583] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 39.795865][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 39.797642][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 39.799222][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 39.800898][ T6583] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 40.554264][ T6607] chnl_net:caif_netlink_parms(): no params data found [ 40.608238][ T6607] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.608284][ T6607] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.608344][ T6607] bridge_slave_0: entered allmulticast mode [ 40.608767][ T6607] bridge_slave_0: entered promiscuous mode [ 40.609708][ T6607] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.609724][ T6607] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.609762][ T6607] bridge_slave_1: entered allmulticast mode [ 40.610170][ T6607] bridge_slave_1: entered promiscuous mode [ 40.620563][ T6607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 40.621356][ T6607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 40.629331][ T6607] team0: Port device team_slave_0 added [ 40.630623][ T6607] team0: Port device team_slave_1 added [ 40.639136][ T6607] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 40.639158][ T6607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 40.639168][ T6607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 40.639916][ T6607] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 40.639924][ T6607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 40.639935][ T6607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 40.654435][ T6607] hsr_slave_0: entered promiscuous mode [ 40.655333][ T6607] hsr_slave_1: entered promiscuous mode [ 40.737357][ T6607] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.743410][ T6607] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.746287][ T6607] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.749181][ T6607] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.780187][ T6607] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.784784][ T6607] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.788099][ T1522] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.788153][ T1522] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.793033][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.793079][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.842084][ T6607] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.857000][ T6607] veth0_vlan: entered promiscuous mode [ 40.860260][ T6607] veth1_vlan: entered promiscuous mode [ 40.866766][ T6607] veth0_macvtap: entered promiscuous mode [ 40.869086][ T6607] veth1_macvtap: entered promiscuous mode [ 40.872195][ T6607] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.873346][ T6607] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.877067][ T2127] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.877137][ T2127] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.877175][ T2127] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.878602][ T2127] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.102654][ T4841] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.152608][ T4841] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.193143][ T4841] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.244390][ T4841] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:41 executed programs: 0 [ 41.631489][ T6146] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 41.632838][ T6146] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 41.634139][ T6146] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 41.635608][ T6146] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 41.636480][ T6146] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 41.684657][ T6663] chnl_net:caif_netlink_parms(): no params data found [ 41.704071][ T6663] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.704144][ T6663] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.704258][ T6663] bridge_slave_0: entered allmulticast mode [ 41.704674][ T6663] bridge_slave_0: entered promiscuous mode [ 41.705808][ T6663] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.705847][ T6663] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.705926][ T6663] bridge_slave_1: entered allmulticast mode [ 41.706359][ T6663] bridge_slave_1: entered promiscuous mode [ 41.718526][ T6663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.720181][ T6663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.726756][ T6663] team0: Port device team_slave_0 added [ 41.727555][ T6663] team0: Port device team_slave_1 added [ 41.737895][ T6663] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.737916][ T6663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 41.737927][ T6663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.738436][ T6663] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.738443][ T6663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 41.738458][ T6663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.755964][ T6663] hsr_slave_0: entered promiscuous mode [ 41.756253][ T6663] hsr_slave_1: entered promiscuous mode [ 41.756445][ T6663] debugfs: 'hsr0' already exists in 'hsr' [ 41.756498][ T6663] Cannot create hsr debugfs directory [ 43.677744][ T6146] Bluetooth: hci0: command tx timeout [ 44.222209][ T4841] bridge_slave_1: left allmulticast mode [ 44.222253][ T4841] bridge_slave_1: left promiscuous mode [ 44.222501][ T4841] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.229762][ T4841] bridge_slave_0: left allmulticast mode [ 44.229797][ T4841] bridge_slave_0: left promiscuous mode [ 44.229883][ T4841] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.360350][ T4841] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 44.398778][ T4841] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 44.408794][ T4841] bond0 (unregistering): Released all slaves [ 44.496729][ T4841] hsr_slave_0: left promiscuous mode [ 44.498340][ T4841] hsr_slave_1: left promiscuous mode [ 44.498633][ T4841] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 44.498646][ T4841] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 44.499719][ T4841] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 44.499733][ T4841] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 44.505733][ T4841] veth1_macvtap: left promiscuous mode [ 44.506670][ T4841] veth0_macvtap: left promiscuous mode [ 44.506765][ T4841] veth1_vlan: left promiscuous mode [ 44.506820][ T4841] veth0_vlan: left promiscuous mode [ 44.612676][ T4841] team0 (unregistering): Port device team_slave_1 removed [ 44.623849][ T4841] team0 (unregistering): Port device team_slave_0 removed [ 45.002610][ T6663] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 45.008611][ T6663] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 45.012839][ T6663] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 45.020468][ T6663] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 45.043662][ T6663] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.052827][ T6663] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.057898][ T2127] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.057936][ T2127] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.155979][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.156173][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.220576][ T6663] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.231150][ T6663] veth0_vlan: entered promiscuous mode [ 45.233286][ T6663] veth1_vlan: entered promiscuous mode [ 45.242903][ T6663] veth0_macvtap: entered promiscuous mode [ 45.243775][ T6663] veth1_macvtap: entered promiscuous mode [ 45.258087][ T6663] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.258975][ T6663] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.262205][ T15] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.262397][ T15] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.262414][ T15] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.262427][ T15] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.282954][ T15] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.282991][ T15] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.498387][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.498419][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.573733][ T6740] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 45.734111][ T6740] sy ** replaying previous printk message ** [ 45.734111][ T6740] syz.0.17 uses obsolete (PF_INET,SOCK_PACKET) [ 45.734562][ T6739] [ 45.736551][ T6739] ===================================================== [ 45.737624][ T6739] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 45.738739][ T6739] syzkaller #0 Not tainted [ 45.739425][ T6739] ----------------------------------------------------- [ 45.740433][ T6739] syz.0.17/6739 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 45.741597][ T6739] ffff8000973c1dd0 (&p->sequence){+.-.}-{0:0}, at: __fprop_add_percpu_max+0x130/0x1f4 [ 45.742978][ T6739] [ 45.742978][ T6739] and this task is already holding: [ 45.744128][ T6739] ffff0000ec070240 (&xa->xa_lock#10){-...}-{3:3}, at: __folio_end_writeback+0x10c/0x75c [ 45.745569][ T6739] which would create a new lock dependency: [ 45.746430][ T6739] (&xa->xa_lock#10){-...}-{3:3} -> (&p->sequence){+.-.}-{0:0} [ 45.747546][ T6739] [ 45.747546][ T6739] but this new dependency connects a HARDIRQ-irq-safe lock: [ 45.748929][ T6739] (&xa->xa_lock#10){-...}-{3:3} [ 45.748952][ T6739] [ 45.748952][ T6739] ... which became HARDIRQ-irq-safe at: [ 45.750795][ T6739] lock_acquire+0x14c/0x2e0 [ 45.751472][ T6739] _raw_spin_lock_irqsave+0x5c/0x7c [ 45.752235][ T6739] __folio_end_writeback+0x10c/0x75c [ 45.753026][ T6739] folio_end_writeback_no_dropbehind+0xd0/0x204 [ 45.753923][ T6739] folio_end_writeback+0xd8/0x248 [ 45.754647][ T6739] end_buffer_async_write+0x20c/0x350 [ 45.755468][ T6739] end_bio_bh_io_sync+0xb0/0x184 [ 45.756247][ T6739] bio_endio+0x858/0x894 [ 45.756874][ T6739] blk_mq_end_request_batch+0x49c/0x105c [ 45.757693][ T6739] nvme_irq+0x1ec/0x240 [ 45.758311][ T6739] __handle_irq_event_percpu+0x224/0x8e4 [ 45.759126][ T6739] handle_irq_event+0x9c/0x1d0 [ 45.759879][ T6739] handle_fasteoi_irq+0x328/0x8d8 [ 45.760626][ T6739] generic_handle_domain_irq+0xe0/0x140 [ 45.761438][ T6739] gic_handle_irq+0x6c/0x190 [ 45.762158][ T6739] call_on_irq_stack+0x30/0x48 [ 45.762932][ T6739] do_interrupt_handler+0xd4/0x138 [ 45.763682][ T6739] el1_interrupt+0x3c/0x60 [ 45.764372][ T6739] el1h_64_irq_handler+0x18/0x24 [ 45.765124][ T6739] el1h_64_irq+0x6c/0x70 [ 45.765725][ T6739] arch_local_irq_enable+0x8/0xc [ 45.766474][ T6739] do_idle+0x1d8/0x454 [ 45.767168][ T6739] cpu_startup_entry+0x5c/0x74 [ 45.767891][ T6739] secondary_start_kernel+0x1bc/0x1e4 [ 45.768750][ T6739] __secondary_switched+0xc0/0xc4 [ 45.769552][ T6739] [ 45.769552][ T6739] to a HARDIRQ-irq-unsafe lock: [ 45.770545][ T6739] (&p->sequence){+.-.}-{0:0} [ 45.770565][ T6739] [ 45.770565][ T6739] ... which became HARDIRQ-irq-unsafe at: [ 45.772358][ T6739] ... [ 45.772366][ T6739] lock_acquire+0x14c/0x2e0 [ 45.773442][ T6739] fprop_new_period+0x3b8/0x718 [ 45.774147][ T6739] writeout_period+0x94/0x11c [ 45.774826][ T6739] call_timer_fn+0x1b4/0x818 [ 45.775467][ T6739] __run_timer_base+0x51c/0x76c [ 45.776094][ T6739] run_timer_softirq+0x11c/0x194 [ 45.776725][ T6739] handle_softirqs+0x328/0xc88 [ 45.777382][ T6739] __do_softirq+0x14/0x20 [ 45.778002][ T6739] ____do_softirq+0x14/0x20 [ 45.778639][ T6739] call_on_irq_stack+0x30/0x48 [ 45.779330][ T6739] do_softirq_own_stack+0x20/0x2c [ 45.780092][ T6739] __irq_exit_rcu+0x1b0/0x478 [ 45.780831][ T6739] irq_exit_rcu+0x14/0x84 [ 45.781455][ T6739] el1_interrupt+0x40/0x60 [ 45.782120][ T6739] el1h_64_irq_handler+0x18/0x24 [ 45.782881][ T6739] el1h_64_irq+0x6c/0x70 [ 45.783480][ T6739] lock_release+0x80/0x39c [ 45.784273][ T6739] __might_fault+0xf0/0x124 [ 45.784981][ T6739] arch_do_signal_or_restart+0xb28/0x4414 [ 45.785894][ T6739] exit_to_user_mode_loop+0x7c/0x178 [ 45.786660][ T6739] el0_svc+0x170/0x254 [ 45.787308][ T6739] el0t_64_sync_handler+0x84/0x12c [ 45.788046][ T6739] el0t_64_sync+0x198/0x19c [ 45.788659][ T6739] [ 45.788659][ T6739] other info that might help us debug this: [ 45.788659][ T6739] [ 45.790088][ T6739] Possible interrupt unsafe locking scenario: [ 45.790088][ T6739] [ 45.791203][ T6739] CPU0 CPU1 [ 45.791944][ T6739] ---- ---- [ 45.792657][ T6739] lock(&p->sequence); [ 45.793244][ T6739] local_irq_disable(); [ 45.794141][ T6739] lock(&xa->xa_lock#10); [ 45.795129][ T6739] lock(&p->sequence); [ 45.796107][ T6739] [ 45.796593][ T6739] lock(&xa->xa_lock#10); [ 45.797195][ T6739] [ 45.797195][ T6739] *** DEADLOCK *** [ 45.797195][ T6739] [ 45.798268][ T6739] 2 locks held by syz.0.17/6739: [ 45.798986][ T6739] #0: ffff0000ec070638 (&fi->lock){+.+.}-{3:3}, at: fuse_iomap_writeback_range+0x3b8/0x152c [ 45.800376][ T6739] #1: ffff0000ec070240 (&xa->xa_lock#10){-...}-{3:3}, at: __folio_end_writeback+0x10c/0x75c [ 45.801810][ T6739] [ 45.801810][ T6739] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 45.803253][ T6739] -> (&xa->xa_lock#10){-...}-{3:3} { [ 45.804059][ T6739] IN-HARDIRQ-W at: [ 45.804661][ T6739] lock_acquire+0x14c/0x2e0 [ 45.805542][ T6739] _raw_spin_lock_irqsave+0x5c/0x7c [ 45.806427][ T6739] __folio_end_writeback+0x10c/0x75c [ 45.807537][ T6739] folio_end_writeback_no_dropbehind+0xd0/0x204 [ 45.808749][ T6739] folio_end_writeback+0xd8/0x248 [ 45.809780][ T6739] end_buffer_async_write+0x20c/0x350 [ 45.810841][ T6739] end_bio_bh_io_sync+0xb0/0x184 [ 45.811804][ T6739] bio_endio+0x858/0x894 [ 45.812684][ T6739] blk_mq_end_request_batch+0x49c/0x105c [ 45.813758][ T6739] nvme_irq+0x1ec/0x240 [ 45.814669][ T6739] __handle_irq_event_percpu+0x224/0x8e4 [ 45.815741][ T6739] handle_irq_event+0x9c/0x1d0 [ 45.816630][ T6739] handle_fasteoi_irq+0x328/0x8d8 [ 45.817510][ T6739] generic_handle_domain_irq+0xe0/0x140 [ 45.818470][ T6739] gic_handle_irq+0x6c/0x190 [ 45.819358][ T6739] call_on_irq_stack+0x30/0x48 [ 45.820268][ T6739] do_interrupt_handler+0xd4/0x138 [ 45.821263][ T6739] el1_interrupt+0x3c/0x60 [ 45.822101][ T6739] el1h_64_irq_handler+0x18/0x24 [ 45.822996][ T6739] el1h_64_irq+0x6c/0x70 [ 45.823916][ T6739] arch_local_irq_enable+0x8/0xc [ 45.824944][ T6739] do_idle+0x1d8/0x454 [ 45.825744][ T6739] cpu_startup_entry+0x5c/0x74 [ 45.826585][ T6739] secondary_start_kernel+0x1bc/0x1e4 [ 45.827526][ T6739] __secondary_switched+0xc0/0xc4 [ 45.828517][ T6739] INITIAL USE at: [ 45.829120][ T6739] lock_acquire+0x14c/0x2e0 [ 45.829977][ T6739] _raw_spin_lock_irq+0x58/0x70 [ 45.830905][ T6739] shmem_add_to_page_cache+0x564/0xa24 [ 45.831884][ T6739] shmem_alloc_and_add_folio+0x758/0x10c4 [ 45.832904][ T6739] shmem_get_folio_gfp+0x4d4/0x159c [ 45.833884][ T6739] shmem_read_folio_gfp+0x8c/0xf0 [ 45.834835][ T6739] drm_gem_get_pages+0x1cc/0x7c0 [ 45.835824][ T6739] drm_gem_shmem_get_pages_locked+0x1d4/0x364 [ 45.836956][ T6739] drm_gem_shmem_pin_locked+0x1f8/0x410 [ 45.837993][ T6739] drm_gem_shmem_vmap_locked+0x3cc/0x658 [ 45.839060][ T6739] drm_gem_shmem_object_vmap+0x28/0x38 [ 45.840054][ T6739] drm_gem_vmap+0x104/0x1d8 [ 45.841012][ T6739] drm_client_buffer_vmap+0x48/0x90 [ 45.841991][ T6739] drm_fbdev_shmem_driver_fbdev_probe+0x1d8/0x70c [ 45.843154][ T6739] __drm_fb_helper_initial_config_and_unlock+0xf94/0x159c [ 45.844397][ T6739] drm_fb_helper_initial_config+0x3c/0x58 [ 45.845327][ T6739] drm_fbdev_client_hotplug+0x154/0x22c [ 45.846293][ T6739] drm_client_register+0x13c/0x1d4 [ 45.847187][ T6739] drm_fbdev_client_setup+0x194/0x3d0 [ 45.848174][ T6739] drm_client_setup+0x114/0x228 [ 45.849076][ T6739] vkms_init+0x338/0x3f0 [ 45.849861][ T6739] do_one_initcall+0x250/0x990 [ 45.850797][ T6739] do_initcall_level+0x128/0x1c4 [ 45.851670][ T6739] do_initcalls+0x70/0xd0 [ 45.852462][ T6739] do_basic_setup+0x78/0x8c [ 45.853365][ T6739] kernel_init_freeable+0x268/0x39c [ 45.854349][ T6739] kernel_init+0x24/0x1dc [ 45.855236][ T6739] ret_from_fork+0x10/0x20 [ 45.856020][ T6739] } [ 45.856340][ T6739] ... key at: [] xa_init_flags.__key+0x0/0x20 [ 45.857493][ T6739] [ 45.857493][ T6739] the dependencies between the lock to be acquired [ 45.857503][ T6739] and HARDIRQ-irq-unsafe lock: [ 45.859372][ T6739] -> (&p->sequence){+.-.}-{0:0} { [ 45.860112][ T6739] HARDIRQ-ON-W at: [ 45.860649][ T6739] lock_acquire+0x14c/0x2e0 [ 45.861537][ T6739] fprop_new_period+0x3b8/0x718 [ 45.862535][ T6739] writeout_period+0x94/0x11c [ 45.863352][ T6739] call_timer_fn+0x1b4/0x818 [ 45.864142][ T6739] __run_timer_base+0x51c/0x76c [ 45.864991][ T6739] run_timer_softirq+0x11c/0x194 [ 45.865836][ T6739] handle_softirqs+0x328/0xc88 [ 45.866749][ T6739] __do_softirq+0x14/0x20 [ 45.867590][ T6739] ____do_softirq+0x14/0x20 [ 45.868442][ T6739] call_on_irq_stack+0x30/0x48 [ 45.869344][ T6739] do_softirq_own_stack+0x20/0x2c [ 45.870256][ T6739] __irq_exit_rcu+0x1b0/0x478 [ 45.871144][ T6739] irq_exit_rcu+0x14/0x84 [ 45.871984][ T6739] el1_interrupt+0x40/0x60 [ 45.872880][ T6739] el1h_64_irq_handler+0x18/0x24 [ 45.873754][ T6739] el1h_64_irq+0x6c/0x70 [ 45.874549][ T6739] lock_release+0x80/0x39c [ 45.875337][ T6739] __might_fault+0xf0/0x124 [ 45.876130][ T6739] arch_do_signal_or_restart+0xb28/0x4414 [ 45.877090][ T6739] exit_to_user_mode_loop+0x7c/0x178 [ 45.878100][ T6739] el0_svc+0x170/0x254 [ 45.878805][ T6739] el0t_64_sync_handler+0x84/0x12c [ 45.879766][ T6739] el0t_64_sync+0x198/0x19c [ 45.880678][ T6739] IN-SOFTIRQ-W at: [ 45.881253][ T6739] lock_acquire+0x14c/0x2e0 [ 45.882060][ T6739] fprop_new_period+0x3b8/0x718 [ 45.882972][ T6739] writeout_period+0x94/0x11c [ 45.883918][ T6739] call_timer_fn+0x1b4/0x818 [ 45.884711][ T6739] __run_timer_base+0x51c/0x76c [ 45.885641][ T6739] run_timer_softirq+0x11c/0x194 [ 45.886638][ T6739] handle_softirqs+0x328/0xc88 [ 45.887503][ T6739] __do_softirq+0x14/0x20 [ 45.888314][ T6739] ____do_softirq+0x14/0x20 [ 45.889191][ T6739] call_on_irq_stack+0x30/0x48 [ 45.890082][ T6739] do_softirq_own_stack+0x20/0x2c [ 45.891088][ T6739] __irq_exit_rcu+0x1b0/0x478 [ 45.891974][ T6739] irq_exit_rcu+0x14/0x84 [ 45.892842][ T6739] el1_interrupt+0x40/0x60 [ 45.893733][ T6739] el1h_64_irq_handler+0x18/0x24 [ 45.894730][ T6739] el1h_64_irq+0x6c/0x70 [ 45.895644][ T6739] lock_release+0x80/0x39c [ 45.896603][ T6739] __might_fault+0xf0/0x124 [ 45.897521][ T6739] arch_do_signal_or_restart+0xb28/0x4414 [ 45.898582][ T6739] exit_to_user_mode_loop+0x7c/0x178 [ 45.899625][ T6739] el0_svc+0x170/0x254 [ 45.900479][ T6739] el0t_64_sync_handler+0x84/0x12c [ 45.901477][ T6739] el0t_64_sync+0x198/0x19c [ 45.902353][ T6739] INITIAL USE at: [ 45.902947][ T6739] lock_acquire+0x14c/0x2e0 [ 45.903900][ T6739] fprop_new_period+0x3b8/0x718 [ 45.904850][ T6739] writeout_period+0x94/0x11c [ 45.905758][ T6739] call_timer_fn+0x1b4/0x818 [ 45.906590][ T6739] __run_timer_base+0x51c/0x76c [ 45.907524][ T6739] run_timer_softirq+0x11c/0x194 [ 45.908479][ T6739] handle_softirqs+0x328/0xc88 [ 45.909422][ T6739] __do_softirq+0x14/0x20 [ 45.910241][ T6739] ____do_softirq+0x14/0x20 [ 45.911031][ T6739] call_on_irq_stack+0x30/0x48 [ 45.911911][ T6739] do_softirq_own_stack+0x20/0x2c [ 45.912802][ T6739] __irq_exit_rcu+0x1b0/0x478 [ 45.913680][ T6739] irq_exit_rcu+0x14/0x84 [ 45.914527][ T6739] el1_interrupt+0x40/0x60 [ 45.915353][ T6739] el1h_64_irq_handler+0x18/0x24 [ 45.916232][ T6739] el1h_64_irq+0x6c/0x70 [ 45.917005][ T6739] lock_release+0x80/0x39c [ 45.917826][ T6739] __might_fault+0xf0/0x124 [ 45.918729][ T6739] arch_do_signal_or_restart+0xb28/0x4414 [ 45.919766][ T6739] exit_to_user_mode_loop+0x7c/0x178 [ 45.920747][ T6739] el0_svc+0x170/0x254 [ 45.921573][ T6739] el0t_64_sync_handler+0x84/0x12c [ 45.922503][ T6739] el0t_64_sync+0x198/0x19c [ 45.923373][ T6739] INITIAL READ USE at: [ 45.924066][ T6739] lock_acquire+0x14c/0x2e0 [ 45.924985][ T6739] fprop_fraction_percpu+0xac/0x270 [ 45.926054][ T6739] __wb_calc_thresh+0xfc/0x3b0 [ 45.927072][ T6739] domain_over_bg_thresh+0xb8/0x1f0 [ 45.928135][ T6739] wb_over_bg_thresh+0xf8/0x17c [ 45.929089][ T6739] wb_workfn+0xa30/0xdc0 [ 45.929906][ T6739] process_one_work+0x7e8/0x155c [ 45.930933][ T6739] worker_thread+0x958/0xed8 [ 45.931958][ T6739] kthread+0x5fc/0x75c [ 45.932809][ T6739] ret_from_fork+0x10/0x20 [ 45.933718][ T6739] } [ 45.934049][ T6739] ... key at: [] fprop_global_init.__key.1+0x0/0x20 [ 45.935296][ T6739] ... acquired at: [ 45.935808][ T6739] fprop_fraction_percpu+0xf0/0x270 [ 45.936517][ T6739] __fprop_add_percpu_max+0x130/0x1f4 [ 45.937276][ T6739] __wb_writeout_add+0xbc/0x27c [ 45.937997][ T6739] __folio_end_writeback+0x380/0x75c [ 45.938783][ T6739] folio_end_writeback_no_dropbehind+0xd0/0x204 [ 45.939709][ T6739] folio_end_writeback+0xd8/0x248 [ 45.940468][ T6739] iomap_finish_folio_write+0x1c0/0x2a4 [ 45.941250][ T6739] fuse_flush_writepages+0x54c/0x73c [ 45.941962][ T6739] fuse_iomap_writeback_range+0x48c/0x152c [ 45.942883][ T6739] iomap_writeback_folio+0xee4/0x1c74 [ 45.943625][ T6739] iomap_writepages+0x128/0x25c [ 45.944336][ T6739] fuse_writepages+0x208/0x2bc [ 45.945010][ T6739] do_writepages+0x270/0x468 [ 45.945661][ T6739] __writeback_single_inode+0x15c/0x13e8 [ 45.946482][ T6739] writeback_single_inode+0x18c/0x54c [ 45.947318][ T6739] write_inode_now+0x13c/0x1a4 [ 45.948076][ T6739] fuse_flush+0x20c/0x6a0 [ 45.948785][ T6739] filp_flush+0xb8/0x190 [ 45.949428][ T6739] filp_close+0x28/0x48 [ 45.950044][ T6739] __arm64_sys_close_range+0x318/0x5c4 [ 45.950857][ T6739] invoke_syscall+0x98/0x254 [ 45.951495][ T6739] el0_svc_common+0xe8/0x23c [ 45.952157][ T6739] do_el0_svc+0x48/0x58 [ 45.952769][ T6739] el0_svc+0x5c/0x254 [ 45.953342][ T6739] el0t_64_sync_handler+0x84/0x12c [ 45.954072][ T6739] el0t_64_sync+0x198/0x19c [ 45.954712][ T6739] [ 45.955020][ T6739] [ 45.955020][ T6739] stack backtrace: [ 45.955843][ T6739] CPU: 1 UID: 0 PID: 6739 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT [ 45.956959][ T6739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 45.958252][ T6739] Call trace: [ 45.958716][ T6739] show_stack+0x2c/0x3c (C) [ 45.959343][ T6739] __dump_stack+0x30/0x40 [ 45.959924][ T6739] dump_stack_lvl+0xd8/0x12c [ 45.960575][ T6739] dump_stack+0x1c/0x28 [ 45.961124][ T6739] __lock_acquire+0x3058/0x30a4 [ 45.961755][ T6739] lock_acquire+0x14c/0x2e0 [ 45.962370][ T6739] fprop_fraction_percpu+0xf0/0x270 [ 45.963061][ T6739] __fprop_add_percpu_max+0x130/0x1f4 [ 45.963742][ T6739] __wb_writeout_add+0xbc/0x27c [ 45.964408][ T6739] __folio_end_writeback+0x380/0x75c [ 45.965170][ T6739] folio_end_writeback_no_dropbehind+0xd0/0x204 [ 45.966056][ T6739] folio_end_writeback+0xd8/0x248 [ 45.966761][ T6739] iomap_finish_folio_write+0x1c0/0x2a4 [ 45.967551][ T6739] fuse_flush_writepages+0x54c/0x73c [ 45.968329][ T6739] fuse_iomap_writeback_range+0x48c/0x152c [ 45.969075][ T6739] iomap_writeback_folio+0xee4/0x1c74 [ 45.969816][ T6739] iomap_writepages+0x128/0x25c [ 45.970484][ T6739] fuse_writepages+0x208/0x2bc [ 45.971137][ T6739] do_writepages+0x270/0x468 [ 45.971762][ T6739] __writeback_single_inode+0x15c/0x13e8 [ 45.972627][ T6739] writeback_single_inode+0x18c/0x54c [ 45.973396][ T6739] write_inode_now+0x13c/0x1a4 [ 45.974066][ T6739] fuse_flush+0x20c/0x6a0 [ 45.974709][ T6739] filp_flush+0xb8/0x190 [ 45.975291][ T6739] filp_close+0x28/0x48 [ 45.975866][ T6739] __arm64_sys_close_range+0x318/0x5c4 [ 45.976612][ T6739] invoke_syscall+0x98/0x254 [ 45.977268][ T6739] el0_svc_common+0xe8/0x23c [ 45.977922][ T6739] do_el0_svc+0x48/0x58 [ 45.978525][ T6739] el0_svc+0x5c/0x254 [ 45.979103][ T6739] el0t_64_sync_handler+0x84/0x12c [ 45.979786][ T6739] el0t_64_sync+0x198/0x19c [ 45.980604][ T6146] Bluetooth: hci0: command tx timeout 1970/01/01 00:00:46 executed programs: 6 [ 47.997254][ T6146] Bluetooth: hci0: command tx timeout [ 50.087258][ T6146] Bluetooth: hci0: command tx timeout 1970/01/01 00:00:51 executed programs: 32