From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-oo1-f72.google.com (mail-oo1-f72.google.com [209.85.161.72])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9D43014884C
	for <linux-kernel@vger.kernel.org>; Sun,  5 Apr 2026 05:36:02 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.161.72
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1775367364; cv=none; b=dq9iG7w61ab3/q+PqgazVSX8Zr55WSfsv+gBY0GVp4BXflBPQ5bwmXtmUvDDkSBl63D0d8XQEGZrh80uYdQlXLF8yFZ1u0mCXlbwcoLSWke0nDNqUXW6sUccWHU++mjBP4MLDiwyRWn5RhXuoRxJlqD2nT2PHoNM9+57VNk/XgA=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1775367364; c=relaxed/simple;
	bh=kepyccdUkkocCn13hbF6U6O/3QZGngXV/OrksSAI8Yw=;
	h=MIME-Version:Date:In-Reply-To:Message-ID:Subject:From:To:
	 Content-Type; b=HRD7HxvS6O7A9WoE6FrRcVsNN1ytIgUCkW8NIvkB1RKrc7bJewPjWBtMAJoclaS00HW0XD26agO67euc96YEYOSzy9XH/7euprB2Ik9nNXkT+kuKLv2qlxN+JKtaqWRydfRDqe6IwTfAtW4eNjVMTYJ0IwR6+FT2a7N0mIAOr8k=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.161.72
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com
Received: by mail-oo1-f72.google.com with SMTP id 006d021491bc7-680b7befb84so4444112eaf.3
        for <linux-kernel@vger.kernel.org>; Sat, 04 Apr 2026 22:36:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1775367361; x=1775972161;
        h=to:from:subject:message-id:in-reply-to:date:mime-version
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=perK2o+/YqqCWqKnsXaMsnAOuIj/neeV5vItedIkSpM=;
        b=hI8enWVgDDB3kb3nI/gIpfb9xMMKfS1/4pNb/R8zQ9qw4Z8mIzwpzgb84qPJAF1QCN
         cSt8vCMKnPw8Ci5aEe+gUvFJ5CiruOVXLFlBp0ppUOzad3/NISlzC9d49/BvnE50fn4d
         ApCdxf+WAFn956sgByqLZXZPDMYoH7AqnP525NJi1wj/77fryvK/rCmCCdX8lf2aIf65
         G1l/HgXzdU9Bq4WGFuMOn9kbROSzFj6oM3j6n91wWBU64WQ8X/w77rbC97V2mcwKP+B3
         OVSX3GAJEtNdpSZyyCchmTsPh1Px+eg8S2+PHGRcMfqDHFJIlrsvUhN5411GYLLsS9kG
         Lbpw==
X-Forwarded-Encrypted: i=1; AJvYcCV/4NZbO4vqxhmHPtQU28SR79rOjGqxPbpq2cEuo/o/CbPCdJ4WYYqr3cCWAQCO+hKawUJ9pd1Y6AZJiXU=@vger.kernel.org
X-Gm-Message-State: AOJu0Yxh6wnCmupPV2XuoZeAv//Bl6pGXny/siC5xo77pnorZ24RpnYq
	dM5GcGz1dSesqNPwO8oVqo3O7pKgV7t1TTULWnY75KMdRA3JKl+/YW7LJ3beoohW8/SAkL6RQve
	Ma9NuyFRuamr/Qe3RgZVdH2KtwKfEKmWHGnaSNAyiCDL8RjPLb7AKci1AzU0=
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Received: by 2002:a05:6820:1c81:b0:67e:2adf:fa3c with SMTP id
 006d021491bc7-6821a340a70mr4348308eaf.0.1775367361553; Sat, 04 Apr 2026
 22:36:01 -0700 (PDT)
Date: Sat, 04 Apr 2026 22:36:01 -0700
In-Reply-To: <20260405051753.375869-1-kartikey406@gmail.com>
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <69d1f4c1.050a0220.2dbe29.0024.GAE@google.com>
Subject: Re: [syzbot] [kernel?] INFO: rcu detected stall in kill
From: syzbot <syzbot+9b95da55ba5146a60734@syzkaller.appspotmail.com>
To: kartikey406@gmail.com, linux-kernel@vger.kernel.org, 
	syzkaller-bugs@googlegroups.com
Content-Type: text/plain; charset="UTF-8"

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING: locking bug in ath9k_hif_usb_dealloc_urbs

ath9k_htc: Failed to initialize the device
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: kernel/locking/lockdep.c:238 at hlock_class kernel/locking/lockdep.c:238 [inline], CPU#1: kworker/1:4/5897
WARNING: kernel/locking/lockdep.c:238 at check_wait_context kernel/locking/lockdep.c:4854 [inline], CPU#1: kworker/1:4/5897
WARNING: kernel/locking/lockdep.c:238 at __lock_acquire+0x39d/0x2cf0 kernel/locking/lockdep.c:5187, CPU#1: kworker/1:4/5897
Modules linked in:
CPU: 1 UID: 0 PID: 5897 Comm: kworker/1:4 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Workqueue: events request_firmware_work_func
RIP: 0010:hlock_class kernel/locking/lockdep.c:238 [inline]
RIP: 0010:check_wait_context kernel/locking/lockdep.c:4854 [inline]
RIP: 0010:__lock_acquire+0x3a4/0x2cf0 kernel/locking/lockdep.c:5187
Code: 18 00 4c 8b 74 24 08 75 27 90 e8 c7 8a 0a 03 85 c0 74 1c 83 3d a0 76 70 0e 00 75 13 48 8d 3d a3 97 73 0e 48 c7 c6 0f 96 01 8e <67> 48 0f b9 3a 90 31 c0 0f b6 98 c4 00 00 00 41 8b 45 20 25 ff 1f
RSP: 0018:ffffc90003c77588 EFLAGS: 00010046
RAX: 0000000000000001 RBX: 0000000000040000 RCX: ffff88807ca75b80
RDX: 0000000000000000 RSI: ffffffff8e01960f RDI: ffffffff90152ad0
RBP: 0000000000000002 R08: ffffffff901209c3 R09: 1ffffffff2024138
R10: dffffc0000000000 R11: fffffbfff2024139 R12: 0000000000000936
R13: ffff88807ca76728 R14: ffff88807ca75b80 R15: ffff88807ca766d8
FS:  0000000000000000(0000) GS:ffff888125554000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000559755574be0 CR3: 000000005396b000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 lock_acquire+0xf0/0x2e0 kernel/locking/lockdep.c:5868
 touch_wq_lockdep_map+0xcb/0x180 kernel/workqueue.c:3991
 __flush_workqueue+0x14b/0x14f0 kernel/workqueue.c:4033
 drain_workqueue+0xd3/0x390 kernel/workqueue.c:4197
 destroy_workqueue+0xbb/0xc60 kernel/workqueue.c:5967
 ath9k_hif_usb_dealloc_reg_in_urbs drivers/net/wireless/ath/ath9k/hif_usb.c:1000 [inline]
 ath9k_hif_usb_dealloc_urbs+0x6a/0x1c0 drivers/net/wireless/ath/ath9k/hif_usb.c:1105
 ath9k_hif_usb_dev_deinit drivers/net/wireless/ath/ath9k/hif_usb.c:1188 [inline]
 ath9k_hif_usb_firmware_cb+0x260/0x4c0 drivers/net/wireless/ath/ath9k/hif_usb.c:1330
 request_firmware_work_func+0x105/0x1c0 drivers/base/firmware_loader/main.c:1152
 process_one_work kernel/workqueue.c:3276 [inline]
 process_scheduled_works+0xb6e/0x18c0 kernel/workqueue.c:3359
 worker_thread+0xa53/0xfc0 kernel/workqueue.c:3440
 kthread+0x388/0x470 kernel/kthread.c:436
 ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
----------------
Code disassembly (best guess):
   0:	18 00                	sbb    %al,(%rax)
   2:	4c 8b 74 24 08       	mov    0x8(%rsp),%r14
   7:	75 27                	jne    0x30
   9:	90                   	nop
   a:	e8 c7 8a 0a 03       	call   0x30a8ad6
   f:	85 c0                	test   %eax,%eax
  11:	74 1c                	je     0x2f
  13:	83 3d a0 76 70 0e 00 	cmpl   $0x0,0xe7076a0(%rip)        # 0xe7076ba
  1a:	75 13                	jne    0x2f
  1c:	48 8d 3d a3 97 73 0e 	lea    0xe7397a3(%rip),%rdi        # 0xe7397c6
  23:	48 c7 c6 0f 96 01 8e 	mov    $0xffffffff8e01960f,%rsi
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	90                   	nop
  30:	31 c0                	xor    %eax,%eax
  32:	0f b6 98 c4 00 00 00 	movzbl 0xc4(%rax),%ebx
  39:	41 8b 45 20          	mov    0x20(%r13),%eax
  3d:	25                   	.byte 0x25
  3e:	ff 1f                	lcall  *(%rdi)


Tested on:

commit:         3aae9383 Merge tag 'input-for-v7.0-rc6' of git://git.k..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=114706ba580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=6754c86e8d9e4c91
dashboard link: https://syzkaller.appspot.com/bug?extid=9b95da55ba5146a60734
compiler:       Debian clang version 21.1.8 (++20251221033036+2078da43e25a-1~exp1~20251221153213.50), Debian LLD 21.1.8
patch:          https://syzkaller.appspot.com/x/patch.diff?x=15e8cdda580000