program: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, r2}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0) syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f0000000080)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfb, 0x27f, &(0x7f0000000480)="$eJzs3T9v00AYx/HfOWkbaFXcPwgJMRUqMaG2LIilCGVgZ2FCQBOkiqhIUMSfKTAj2Nl5C7wARibEjMTGxAvIFnTnC3HSOA5W00vS70dKlNT32M/F5949rqoIwKl1u/rr8/Xf9mGkkkqSbkqRpIpUlnReFyovDg73Dxv12rAdlVyEfRglkeZIm72D+qBQG+civNi+K2sp/TOMR+Wnmh9v3XkZOg+E5a7+ASJpwV+dbnvlxDMbj2boBAIzLbX0Ssuh8wAAhOXn/8jP80t+/R5F0qaf9nvn/ymfQFuhExizrznbU/O/q7Laxp7fc25Tt95zJZzdHnWqxCK5zCsZWT0LTJNXVbpcojOP9xv1a3tPG7VI77TrzXWbrbvnWjJ0O9LZvj26640BtekQxfu+6PowZ/uwk84/1WTteI+Yz3wz3819E+uTav/Wf+W2safJnam470wl+W9l79H1cl6uVUYvV9xBLvojeEN7WVJGRaLOiFpR7w2COC9PF7XaF5X0bjsnam1g1E5O1Hp/VHc0Z0eOm/lg7pkN/dEXVVPr/8h+2psa5cq0bVxLPzKG9qfsWsZuPvFXXfPSwJZR0R6hgPd6pBtafv76zZOHjUb92cy+sFfiBKQxUS86g2BS8pnZF/ZDDnL0zrxTfD/BfjPhBHVP+n8G8reZWWHXXSap/1L1ypZbrNmnuHedvpCObeftPLXH7YzaYNU9n82u4HoYd+thMbuCG7XmunxVujLKEROxz3Py7BYJMlX90APu/wMAAAAAAAAAAAAAAAAAAEyb4/uXg4qyNoXuIwAAAAAAAAAAAAAAAAAAAAAA027ivv/3rpJ3fP8vMHZ/AwAA////DnhI") syz_mount_image$udf(&(0x7f0000000400), &(0x7f0000000500)='./bus\x00', 0x105e080, &(0x7f0000002cc0)=ANY=[@ANYRES8=0x0, @ANYRES32=0x0], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0xffffffffffffffff}}, 0x10) r5 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0) ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000080)={'pcl726\x00', [0xffffffff, 0x80008000, 0x1, 0xa, 0x0, 0x0, 0x1, 0xf, 0x1000, 0x1, 0xb687, 0x1, 0x6, 0x4, 0xffff, 0x6, 0xffffffa7, 0x9, 0x6, 0x5, 0x3ff, 0x10000, 0x7ff, 0xe2df, 0x9, 0x1, 0x4, 0x3, 0x7, 0xb, 0x5]}) r6 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r6, 0x4, 0x6000) io_setup(0x202, &(0x7f0000000200)=0x0) ftruncate(r6, 0x81fd) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r8, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1}}, 0x40) getpid() setsockopt$inet6_IPV6_PKTINFO(r6, 0x29, 0x32, &(0x7f0000000240)={@remote, r4}, 0x14) io_submit(r7, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r6, &(0x7f0000000000), 0x4000, 0xa00}]) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r9, &(0x7f0000000180), 0xfea7) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendfile(r11, r10, 0x0, 0x100000002) [ 85.572631][ T5299] Bluetooth: hci0: command tx timeout [ 85.688821][ T5320] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 85.725403][ T5320] loop0: detected capacity change from 0 to 64 [ 85.776651][ T5320] comedi comedi3: pcl726: I/O port conflict (0xffffffffffffffff,16) [ 85.834363][ T1238] ------------[ cut here ]------------ [ 85.834473][ T1238] [ 85.834500][ T1238] ====================================================== [ 85.834523][ T1238] WARNING: possible circular locking dependency detected [ 85.834528][ T1238] syzkaller #0 Not tainted [ 85.834559][ T1238] ------------------------------------------------------ [ 85.834562][ T1238] kworker/0:3/1238 is trying to acquire lock: [ 85.834567][ T1238] ffffffff8e7502e0 (console_owner){....}-{0:0}, at: console_flush_all+0x123/0xb20 [ 85.834733][ T1238] [ 85.834733][ T1238] but task is already holding lock: [ 85.834736][ T1238] ffff88801fc3a318 (&pool->lock){-.-.}-{2:2}, at: __flush_work+0x1ef/0xc50 [ 85.834778][ T1238] [ 85.834778][ T1238] which lock already depends on the new lock. [ 85.834778][ T1238] [ 85.834781][ T1238] [ 85.834781][ T1238] the existing dependency chain (in reverse order) is: [ 85.834784][ T1238] [ 85.834784][ T1238] -> #3 (&pool->lock){-.-.}-{2:2}: [ 85.834796][ T1238] _raw_spin_lock+0x2e/0x40 [ 85.834835][ T1238] __queue_work+0x7ea/0xf90 [ 85.834844][ T1238] queue_work_on+0x106/0x1d0 [ 85.834853][ T1238] rpm_suspend+0xe85/0x1700 [ 85.834890][ T1238] __pm_runtime_idle+0x12f/0x1a0 [ 85.834901][ T1238] __device_attach+0x34f/0x450 [ 85.834913][ T1238] device_initial_probe+0xa1/0xd0 [ 85.834925][ T1238] bus_probe_device+0x12a/0x220 [ 85.834934][ T1238] device_add+0x7b6/0xb70 [ 85.834945][ T1238] serial_base_port_add+0x18f/0x260 [ 85.834957][ T1238] serial_core_register_port+0x375/0x28b0 [ 85.834965][ T1238] serial8250_register_8250_port+0x1658/0x1fd0 [ 85.834973][ T1238] serial_pnp_probe+0x568/0x7f0 [ 85.834981][ T1238] pnp_device_probe+0x30b/0x4c0 [ 85.834990][ T1238] really_probe+0x267/0xaf0 [ 85.834997][ T1238] __driver_probe_device+0x18c/0x320 [ 85.835009][ T1238] driver_probe_device+0x4f/0x240 [ 85.835016][ T1238] __driver_attach+0x349/0x640 [ 85.835023][ T1238] bus_for_each_dev+0x23b/0x2c0 [ 85.835032][ T1238] bus_add_driver+0x345/0x670 [ 85.835041][ T1238] driver_register+0x23a/0x320 [ 85.835048][ T1238] serial8250_init+0x8f/0x160 [ 85.835060][ T1238] do_one_initcall+0x250/0x840 [ 85.835093][ T1238] do_initcall_level+0x104/0x190 [ 85.835101][ T1238] do_initcalls+0x59/0xa0 [ 85.835108][ T1238] kernel_init_freeable+0x2a6/0x3d0 [ 85.835115][ T1238] kernel_init+0x1d/0x1d0 [ 85.835123][ T1238] ret_from_fork+0x51e/0xb90 [ 85.835177][ T1238] ret_from_fork_asm+0x1a/0x30 [ 85.835188][ T1238] [ 85.835188][ T1238] -> #2 (&dev->power.lock){-...}-{3:3}: [ 85.835200][ T1238] _raw_spin_lock_irqsave+0x40/0x60 [ 85.835210][ T1238] __pm_runtime_resume+0x10f/0x180 [ 85.835221][ T1238] __uart_start+0x171/0x460 [ 85.835228][ T1238] uart_write+0x265/0xa10 [ 85.835237][ T1238] n_tty_write+0xd84/0x12a0 [ 85.835248][ T1238] file_tty_write+0x559/0xa20 [ 85.835256][ T1238] vfs_write+0x61d/0xb90 [ 85.835283][ T1238] ksys_write+0x150/0x270 [ 85.835291][ T1238] do_syscall_64+0x14d/0xf80 [ 85.835302][ T1238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.835310][ T1238] [ 85.835310][ T1238] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 85.835320][ T1238] _raw_spin_lock_irqsave+0x40/0x60 [ 85.835330][ T1238] serial8250_console_write+0x150/0x1ba0 [ 85.835340][ T1238] console_flush_all+0x718/0xb20 [ 85.835351][ T1238] console_unlock+0xd1/0x1c0 [ 85.835360][ T1238] vprintk_emit+0x485/0x560 [ 85.835369][ T1238] _printk+0xdd/0x130 [ 85.835400][ T1238] register_console+0xbc2/0xfa0 [ 85.835411][ T1238] univ8250_console_init+0x3a/0x70 [ 85.835421][ T1238] console_init+0xfc/0x3e0 [ 85.835430][ T1238] start_kernel+0x226/0x3d0 [ 85.835442][ T1238] x86_64_start_reservations+0x24/0x30 [ 85.835452][ T1238] x86_64_start_kernel+0x143/0x1c0 [ 85.835462][ T1238] common_startup_64+0x13e/0x147 [ 85.835474][ T1238] [ 85.835474][ T1238] -> #0 (console_owner){....}-{0:0}: [ 85.835485][ T1238] __lock_acquire+0x15a5/0x2cf0 [ 85.835509][ T1238] lock_acquire+0x106/0x330 [ 85.835517][ T1238] console_flush_all+0x6c1/0xb20 [ 85.835527][ T1238] console_unlock+0xd1/0x1c0 [ 85.835536][ T1238] vprintk_emit+0x485/0x560 [ 85.835545][ T1238] _printk+0xdd/0x130 [ 85.835557][ T1238] __report_bug+0x317/0x540 [ 85.835567][ T1238] report_bug_entry+0x19a/0x290 [ 85.835577][ T1238] handle_bug+0xca/0x200 [ 85.835584][ T1238] exc_invalid_op+0x1a/0x50 [ 85.835590][ T1238] asm_exc_invalid_op+0x1a/0x20 [ 85.835598][ T1238] check_flush_dependency+0x312/0x3c0 [ 85.835608][ T1238] __flush_work+0x411/0xc50 [ 85.835617][ T1238] hfs_file_fsync+0xee/0x140 [ 85.835636][ T1238] dio_complete+0x5f4/0x790 [ 85.835672][ T1238] process_scheduled_works+0xaec/0x17a0 [ 85.835681][ T1238] worker_thread+0xda6/0x1360 [ 85.835689][ T1238] kthread+0x388/0x470 [ 85.835699][ T1238] ret_from_fork+0x51e/0xb90 [ 85.835708][ T1238] ret_from_fork_asm+0x1a/0x30 [ 85.835719][ T1238] [ 85.835719][ T1238] other info that might help us debug this: [ 85.835719][ T1238] [ 85.835722][ T1238] Chain exists of: [ 85.835722][ T1238] console_owner --> &dev->power.lock --> &pool->lock [ 85.835722][ T1238] [ 85.835735][ T1238] Possible unsafe locking scenario: [ 85.835735][ T1238] [ 85.835738][ T1238] CPU0 CPU1 [ 85.835759][ T1238] ---- ---- [ 85.835762][ T1238] lock(&pool->lock); [ 85.835767][ T1238] lock(&dev->power.lock); [ 85.835773][ T1238] lock(&pool->lock); [ 85.835779][ T1238] lock(console_owner); [ 85.835785][ T1238] [ 85.835785][ T1238] *** DEADLOCK *** [ 85.835785][ T1238] [ 85.835787][ T1238] 7 locks held by kworker/0:3/1238: [ 85.835792][ T1238] #0: ffff888041559948 ((wq_completion)dio/loop0){+.+.}-{0:0}, at: process_scheduled_works+0x9d4/0x17a0 [ 85.835814][ T1238] #1: ffffc9000255fc40 ((work_completion)(&dio->complete_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa0f/0x17a0 [ 85.835835][ T1238] #2: ffff888011e31620 (&sb->s_type->i_mutex_key#25){+.+.}-{4:4}, at: hfs_file_fsync+0x9a/0x140 [ 85.835883][ T1238] #3: ffffffff8e75df20 (rcu_read_lock){....}-{1:3}, at: __flush_work+0x100/0xc50 [ 85.835905][ T1238] #4: ffff88801fc3a318 (&pool->lock){-.-.}-{2:2}, at: __flush_work+0x1ef/0xc50 [ 85.835926][ T1238] #5: ffffffff8e750340 (console_lock){+.+.}-{0:0}, at: _printk+0xdd/0x130 [ 85.835949][ T1238] #6: ffffffff8e637bf8 (console_srcu){....}-{0:0}, at: console_flush_all+0x123/0xb20 [ 85.835971][ T1238] [ 85.835971][ T1238] stack backtrace: [ 85.835977][ T1238] CPU: 0 UID: 0 PID: 1238 Comm: kworker/0:3 Not tainted syzkaller #0 PREEMPT(full) [ 85.835987][ T1238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 85.835994][ T1238] Workqueue: dio/loop0 dio_aio_complete_work [ 85.836007][ T1238] Call Trace: [ 85.836011][ T1238] [ 85.836016][ T1238] dump_stack_lvl+0xe8/0x150 [ 85.836028][ T1238] print_circular_bug+0x2e1/0x300 [ 85.836040][ T1238] check_noncircular+0x12e/0x150 [ 85.836052][ T1238] __lock_acquire+0x15a5/0x2cf0 [ 85.836064][ T1238] ? console_flush_all+0x123/0xb20 [ 85.836075][ T1238] lock_acquire+0x106/0x330 [ 85.836089][ T1238] ? console_flush_all+0x123/0xb20 [ 85.836101][ T1238] ? do_raw_spin_unlock+0x4d/0x210 [ 85.836114][ T1238] ? console_flush_all+0x123/0xb20 [ 85.836125][ T1238] console_flush_all+0x6c1/0xb20 [ 85.836136][ T1238] ? console_flush_all+0x123/0xb20 [ 85.836148][ T1238] ? console_flush_all+0x123/0xb20 [ 85.836160][ T1238] ? __pfx_console_flush_all+0x10/0x10 [ 85.836172][ T1238] ? is_printk_cpu_sync_owner+0x32/0x40 [ 85.836186][ T1238] console_unlock+0xd1/0x1c0 [ 85.836197][ T1238] ? __pfx_console_unlock+0x10/0x10 [ 85.836207][ T1238] ? _raw_spin_lock_bh+0x20/0x50 [ 85.836217][ T1238] ? _printk+0xdd/0x130 [ 85.836230][ T1238] vprintk_emit+0x485/0x560 [ 85.836241][ T1238] ? __pfx_vprintk_emit+0x10/0x10 [ 85.836251][ T1238] ? unwind_next_frame+0xa5/0x23c0 [ 85.836303][ T1238] _printk+0xdd/0x130 [ 85.836316][ T1238] ? __pfx__printk+0x10/0x10 [ 85.836329][ T1238] ? unwind_next_frame+0xa5/0x23c0 [ 85.836340][ T1238] ? ret_from_fork_asm+0x1a/0x30 [ 85.836351][ T1238] ? ret_from_fork_asm+0x1a/0x30 [ 85.836363][ T1238] ? check_flush_dependency+0x28f/0x3c0 [ 85.836374][ T1238] __report_bug+0x317/0x540 [ 85.836385][ T1238] ? lock_acquire+0x106/0x330 [ 85.836394][ T1238] ? check_flush_dependency+0x28f/0x3c0 [ 85.836404][ T1238] ? __pfx___report_bug+0x10/0x10 [ 85.836416][ T1238] ? __lock_acquire+0x6b5/0x2cf0 [ 85.836426][ T1238] report_bug_entry+0x19a/0x290 [ 85.836437][ T1238] ? check_flush_dependency+0x312/0x3c0 [ 85.836447][ T1238] ? check_flush_dependency+0x317/0x3c0 [ 85.836458][ T1238] handle_bug+0xca/0x200 [ 85.836465][ T1238] exc_invalid_op+0x1a/0x50 [ 85.836473][ T1238] asm_exc_invalid_op+0x1a/0x20 [ 85.836482][ T1238] RIP: 0010:check_flush_dependency+0x312/0x3c0 [ 85.836493][ T1238] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 f7 e8 b5 81 a2 00 49 8b 16 48 81 c3 78 01 00 00 4c 89 ef 4c 89 e6 48 89 d9 4c 8b 04 24 <67> 48 0f b9 3a e9 53 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f [ 85.836501][ T1238] RSP: 0018:ffffc9000255f860 EFLAGS: 00010086 [ 85.836509][ T1238] RAX: 1ffff11003f6ec03 RBX: ffff88801a867d78 RCX: ffff88801a867d78 [ 85.836515][ T1238] RDX: ffffffff825687f0 RSI: ffff888041559978 RDI: ffffffff90136940 [ 85.836522][ T1238] RBP: ffff88800ba2e008 R08: ffffffff82ae6100 R09: 1ffff11008405f29 [ 85.836528][ T1238] R10: dffffc0000000000 R11: ffffed1008405f2a R12: ffff888041559978 [ 85.836534][ T1238] R13: ffffffff90136940 R14: ffff88801fb76018 R15: ffff88801fb76020 [ 85.836542][ T1238] ? __pfx_flush_mdb+0x10/0x10 [ 85.836552][ T1238] ? __pfx_dio_aio_complete_work+0x10/0x10 [ 85.836565][ T1238] ? __pfx_flush_mdb+0x10/0x10 [ 85.836575][ T1238] __flush_work+0x411/0xc50 [ 85.836586][ T1238] ? __flush_work+0x100/0xc50 [ 85.836596][ T1238] ? __pfx___flush_work+0x10/0x10 [ 85.836612][ T1238] hfs_file_fsync+0xee/0x140 [ 85.836622][ T1238] dio_complete+0x5f4/0x790 [ 85.836633][ T1238] ? process_scheduled_works+0xa0f/0x17a0 [ 85.836642][ T1238] process_scheduled_works+0xaec/0x17a0 [ 85.836655][ T1238] ? __pfx_process_scheduled_works+0x10/0x10 [ 85.836663][ T1238] ? do_raw_spin_lock+0x12b/0x2f0 [ 85.836675][ T1238] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 85.836689][ T1238] worker_thread+0xda6/0x1360 [ 85.836700][ T1238] ? __kthread_parkme+0x19c/0x1f0 [ 85.836711][ T1238] kthread+0x388/0x470 [ 85.836723][ T1238] ? __pfx_worker_thread+0x10/0x10 [ 85.836731][ T1238] ? __pfx_kthread+0x10/0x10 [ 85.836742][ T1238] ret_from_fork+0x51e/0xb90 [ 85.836752][ T1238] ? __pfx_ret_from_fork+0x10/0x10 [ 85.836761][ T1238] ? __switch_to+0xc7d/0x1400 [ 85.836769][ T1238] ? __pfx_kthread+0x10/0x10 [ 85.836780][ T1238] ret_from_fork_asm+0x1a/0x30 [ 85.836795][ T1238] [ 86.290933][ T1238] workqueue: WQ_MEM_RECLAIM dio/loop0:dio_aio_complete_work is flushing !WQ_MEM_RECLAIM events_long:flush_mdb [ 86.290968][ T1238] WARNING: kernel/workqueue.c:3754 at check_flush_dependency+0x28f/0x3c0, CPU#0: kworker/0:3/1238 [ 86.300695][ T1238] Modules linked in: [ 86.302385][ T1238] CPU: 0 UID: 0 PID: 1238 Comm: kworker/0:3 Not tainted syzkaller #0 PREEMPT(full) [ 86.306368][ T1238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 86.311262][ T1238] Workqueue: dio/loop0 dio_aio_complete_work [ 86.314126][ T1238] RIP: 0010:check_flush_dependency+0x312/0x3c0 [ 86.316774][ T1238] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 f7 e8 b5 81 a2 00 49 8b 16 48 81 c3 78 01 00 00 4c 89 ef 4c 89 e6 48 89 d9 4c 8b 04 24 <67> 48 0f b9 3a e9 53 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f [ 86.324847][ T1238] RSP: 0018:ffffc9000255f860 EFLAGS: 00010086 [ 86.327655][ T1238] RAX: 1ffff11003f6ec03 RBX: ffff88801a867d78 RCX: ffff88801a867d78 [ 86.331291][ T1238] RDX: ffffffff825687f0 RSI: ffff888041559978 RDI: ffffffff90136940 [ 86.334698][ T1238] RBP: ffff88800ba2e008 R08: ffffffff82ae6100 R09: 1ffff11008405f29 [ 86.338217][ T1238] R10: dffffc0000000000 R11: ffffed1008405f2a R12: ffff888041559978 [ 86.341749][ T1238] R13: ffffffff90136940 R14: ffff88801fb76018 R15: ffff88801fb76020 [ 86.345144][ T1238] FS: 0000000000000000(0000) GS:ffff88808cab1000(0000) knlGS:0000000000000000 [ 86.348899][ T1238] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 86.351779][ T1238] CR2: 00007ffffffff000 CR3: 000000003885d000 CR4: 0000000000352ef0 [ 86.355256][ T1238] Call Trace: [ 86.356807][ T1238] [ 86.358067][ T1238] ? __pfx_flush_mdb+0x10/0x10 [ 86.360374][ T1238] __flush_work+0x411/0xc50 [ 86.362995][ T1238] ? __flush_work+0x100/0xc50 [ 86.365256][ T1238] ? __pfx___flush_work+0x10/0x10 [ 86.367483][ T1238] hfs_file_fsync+0xee/0x140 [ 86.369495][ T1238] dio_complete+0x5f4/0x790 [ 86.371493][ T1238] ? process_scheduled_works+0xa0f/0x17a0 [ 86.374028][ T1238] process_scheduled_works+0xaec/0x17a0 [ 86.376155][ T1238] ? __pfx_process_scheduled_works+0x10/0x10 [ 86.378491][ T1238] ? do_raw_spin_lock+0x12b/0x2f0 [ 86.380471][ T1238] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 86.382793][ T1238] worker_thread+0xda6/0x1360 [ 86.384856][ T1238] ? __kthread_parkme+0x19c/0x1f0 [ 86.387044][ T1238] kthread+0x388/0x470 [ 86.388806][ T1238] ? __pfx_worker_thread+0x10/0x10 [ 86.390969][ T1238] ? __pfx_kthread+0x10/0x10 [ 86.393024][ T1238] ret_from_fork+0x51e/0xb90 [ 86.394951][ T1238] ? __pfx_ret_from_fork+0x10/0x10 [ 86.397126][ T1238] ? __switch_to+0xc7d/0x1400 [ 86.399154][ T1238] ? __pfx_kthread+0x10/0x10 [ 86.401327][ T1238] ret_from_fork_asm+0x1a/0x30 [ 86.403458][ T1238] [ 86.404898][ T1238] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 86.408160][ T1238] CPU: 0 UID: 0 PID: 1238 Comm: kworker/0:3 Not tainted syzkaller #0 PREEMPT(full) [ 86.412305][ T1238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 86.416623][ T1238] Workqueue: dio/loop0 dio_aio_complete_work [ 86.419310][ T1238] Call Trace: [ 86.420849][ T1238] [ 86.422189][ T1238] vpanic+0x1e0/0x670 [ 86.423974][ T1238] panic+0xc5/0xd0 [ 86.426016][ T1238] ? __pfx_panic+0x10/0x10 [ 86.427998][ T1238] ? ret_from_fork_asm+0x1a/0x30 [ 86.430162][ T1238] __warn+0x315/0x4a0 [ 86.431917][ T1238] ? check_flush_dependency+0x28f/0x3c0 [ 86.434260][ T1238] ? check_flush_dependency+0x28f/0x3c0 [ 86.436630][ T1238] __report_bug+0x29a/0x540 [ 86.438626][ T1238] ? lock_acquire+0x106/0x330 [ 86.440745][ T1238] ? check_flush_dependency+0x28f/0x3c0 [ 86.443108][ T1238] ? __pfx___report_bug+0x10/0x10 [ 86.445268][ T1238] ? __pfx_dio_aio_complete_work+0x10/0x10 [ 86.447825][ T1238] ? __pfx_flush_mdb+0x10/0x10 [ 86.449975][ T1238] report_bug_entry+0x19a/0x290 [ 86.452176][ T1238] ? check_flush_dependency+0x312/0x3c0 [ 86.454591][ T1238] ? check_flush_dependency+0x317/0x3c0 [ 86.456953][ T1238] handle_bug+0xca/0x200 [ 86.458779][ T1238] exc_invalid_op+0x1a/0x50 [ 86.460705][ T1238] asm_exc_invalid_op+0x1a/0x20 [ 86.462800][ T1238] RIP: 0010:check_flush_dependency+0x312/0x3c0 [ 86.465498][ T1238] Code: 00 00 fc ff df 80 3c 08 00 74 08 4c 89 f7 e8 b5 81 a2 00 49 8b 16 48 81 c3 78 01 00 00 4c 89 ef 4c 89 e6 48 89 d9 4c 8b 04 24 <67> 48 0f b9 3a e9 53 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f [ 86.473872][ T1238] RSP: 0018:ffffc9000255f860 EFLAGS: 00010086 [ 86.476582][ T1238] RAX: 1ffff11003f6ec03 RBX: ffff88801a867d78 RCX: ffff88801a867d78 [ 86.480185][ T1238] RDX: ffffffff825687f0 RSI: ffff888041559978 RDI: ffffffff90136940 [ 86.483705][ T1238] RBP: ffff88800ba2e008 R08: ffffffff82ae6100 R09: 1ffff11008405f29 [ 86.487219][ T1238] R10: dffffc0000000000 R11: ffffed1008405f2a R12: ffff888041559978 [ 86.490724][ T1238] R13: ffffffff90136940 R14: ffff88801fb76018 R15: ffff88801fb76020 [ 86.494202][ T1238] ? __pfx_flush_mdb+0x10/0x10 [ 86.496258][ T1238] ? __pfx_dio_aio_complete_work+0x10/0x10 [ 86.498826][ T1238] ? __pfx_flush_mdb+0x10/0x10 [ 86.501060][ T1238] __flush_work+0x411/0xc50 [ 86.503231][ T1238] ? __flush_work+0x100/0xc50 [ 86.505749][ T1238] ? __pfx___flush_work+0x10/0x10 [ 86.508485][ T1238] hfs_file_fsync+0xee/0x140 [ 86.510971][ T1238] dio_complete+0x5f4/0x790 [ 86.513397][ T1238] ? process_scheduled_works+0xa0f/0x17a0 [ 86.516372][ T1238] process_scheduled_works+0xaec/0x17a0 [ 86.519138][ T1238] ? __pfx_process_scheduled_works+0x10/0x10 [ 86.521746][ T1238] ? do_raw_spin_lock+0x12b/0x2f0 [ 86.523599][ T1238] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 86.529434][ T1238] worker_thread+0xda6/0x1360 [ 86.531735][ T1238] ? __kthread_parkme+0x19c/0x1f0 [ 86.533715][ T1238] kthread+0x388/0x470 [ 86.535105][ T1238] ? __pfx_worker_thread+0x10/0x10 [ 86.537232][ T1238] ? __pfx_kthread+0x10/0x10 [ 86.539193][ T1238] ret_from_fork+0x51e/0xb90 [ 86.541275][ T1238] ? __pfx_ret_from_fork+0x10/0x10 [ 86.543448][ T1238] ? __switch_to+0xc7d/0x1400 [ 86.545311][ T1238] ? __pfx_kthread+0x10/0x10 [ 86.547146][ T1238] ret_from_fork_asm+0x1a/0x30 [ 86.549623][ T1238] [ 86.551697][ T1238] Kernel Offset: disabled [ 86.553458][ T1238] Rebooting in 86400 seconds..