syzbot |
sign-in | mailing list | source | docs |
=====================================================
WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
syzkaller #0 Tainted: G L
-----------------------------------------------------
syz.8.5536/23060 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
ffffffff8e00c098 (tasklist_lock){.+.+}-{3:3}, at: send_sigurg+0xed/0xc80 fs/fcntl.c:978
and this task is already holding:
ffff888064e3bda0 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x5f/0xc80 fs/fcntl.c:962
which would create a new lock dependency:
(&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3}
but this new dependency connects a SOFTIRQ-irq-safe lock:
(&client->buffer_lock){..-.}-{3:3}
... which became SOFTIRQ-irq-safe at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:351 [inline]
evdev_pass_values+0x10e/0x9b0 drivers/input/evdev.c:261
evdev_events+0x1bb/0x390 drivers/input/evdev.c:306
input_pass_values+0x74e/0x880 drivers/input/input.c:128
input_event_dispose drivers/input/input.c:353 [inline]
input_handle_event+0xb29/0x14d0 drivers/input/input.c:370
input_inject_event+0x1e8/0x3b0 drivers/input/input.c:424
kd_sound_helper+0x17a/0x280 drivers/tty/vt/keyboard.c:256
input_handler_for_each_handle+0xd7/0x250 drivers/input/input.c:2520
call_timer_fn+0x19a/0x5a0 kernel/time/timer.c:1748
expire_timers kernel/time/timer.c:1799 [inline]
__run_timers+0x74a/0xae0 kernel/time/timer.c:2373
__run_timer_base kernel/time/timer.c:2385 [inline]
__run_timer_base kernel/time/timer.c:2377 [inline]
run_timer_base+0x114/0x190 kernel/time/timer.c:2394
run_timer_softirq+0x1a/0x40 kernel/time/timer.c:2404
handle_softirqs+0x219/0x950 kernel/softirq.c:622
__do_softirq kernel/softirq.c:656 [inline]
invoke_softirq kernel/softirq.c:496 [inline]
__irq_exit_rcu+0x109/0x170 kernel/softirq.c:723
irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1056
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
___slab_alloc+0x1ba/0x1c90 mm/slub.c:4531
__kmem_cache_alloc_bulk+0x1fb/0x6c0 mm/slub.c:7424
kmem_cache_alloc_bulk_noprof+0x4e1/0x800 mm/slub.c:7490
__io_alloc_req_refill+0x9d/0x5e0 io_uring/io_uring.c:1025
io_alloc_req io_uring/io_uring.h:562 [inline]
io_submit_sqes+0xf94/0x28e0 io_uring/io_uring.c:2423
__do_sys_io_uring_enter+0xd6b/0x1630 io_uring/io_uring.c:3277
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
to a SOFTIRQ-irq-unsafe lock:
(tasklist_lock){.+.+}-{3:3}
... which became SOFTIRQ-irq-unsafe at:
...
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228
__do_wait+0x105/0x890 kernel/exit.c:1672
do_wait+0x21d/0x570 kernel/exit.c:1716
kernel_wait+0x9f/0x160 kernel/exit.c:1892
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xf1/0x170 kernel/umh.c:163
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
other info that might help us debug this:
Chain exists of:
&client->buffer_lock --> &f_owner->lock --> tasklist_lock
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(tasklist_lock);
local_irq_disable();
lock(&client->buffer_lock);
lock(&f_owner->lock);
<Interrupt>
lock(&client->buffer_lock);
*** DEADLOCK ***
2 locks held by syz.8.5536/23060:
#0: ffff8880347f6fe0 (&u->lock){+.+.}-{3:3}, at: spin_lock include/linux/spinlock.h:351 [inline]
#0: ffff8880347f6fe0 (&u->lock){+.+.}-{3:3}, at: queue_oob net/unix/af_unix.c:2336 [inline]
#0: ffff8880347f6fe0 (&u->lock){+.+.}-{3:3}, at: unix_stream_sendmsg+0xd33/0x1320 net/unix/af_unix.c:2491
#1: ffff888064e3bda0 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x5f/0xc80 fs/fcntl.c:962
the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
-> (&client->buffer_lock){..-.}-{3:3} {
IN-SOFTIRQ-W at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:351 [inline]
evdev_pass_values+0x10e/0x9b0 drivers/input/evdev.c:261
evdev_events+0x1bb/0x390 drivers/input/evdev.c:306
input_pass_values+0x74e/0x880 drivers/input/input.c:128
input_event_dispose drivers/input/input.c:353 [inline]
input_handle_event+0xb29/0x14d0 drivers/input/input.c:370
input_inject_event+0x1e8/0x3b0 drivers/input/input.c:424
kd_sound_helper+0x17a/0x280 drivers/tty/vt/keyboard.c:256
input_handler_for_each_handle+0xd7/0x250 drivers/input/input.c:2520
call_timer_fn+0x19a/0x5a0 kernel/time/timer.c:1748
expire_timers kernel/time/timer.c:1799 [inline]
__run_timers+0x74a/0xae0 kernel/time/timer.c:2373
__run_timer_base kernel/time/timer.c:2385 [inline]
__run_timer_base kernel/time/timer.c:2377 [inline]
run_timer_base+0x114/0x190 kernel/time/timer.c:2394
run_timer_softirq+0x1a/0x40 kernel/time/timer.c:2404
handle_softirqs+0x219/0x950 kernel/softirq.c:622
__do_softirq kernel/softirq.c:656 [inline]
invoke_softirq kernel/softirq.c:496 [inline]
__irq_exit_rcu+0x109/0x170 kernel/softirq.c:723
irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1056
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
___slab_alloc+0x1ba/0x1c90 mm/slub.c:4531
__kmem_cache_alloc_bulk+0x1fb/0x6c0 mm/slub.c:7424
kmem_cache_alloc_bulk_noprof+0x4e1/0x800 mm/slub.c:7490
__io_alloc_req_refill+0x9d/0x5e0 io_uring/io_uring.c:1025
io_alloc_req io_uring/io_uring.h:562 [inline]
io_submit_sqes+0xf94/0x28e0 io_uring/io_uring.c:2423
__do_sys_io_uring_enter+0xd6b/0x1630 io_uring/io_uring.c:3277
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL USE at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:351 [inline]
evdev_pass_values+0x10e/0x9b0 drivers/input/evdev.c:261
evdev_events+0x1bb/0x390 drivers/input/evdev.c:306
input_pass_values+0x74e/0x880 drivers/input/input.c:128
input_event_dispose drivers/input/input.c:342 [inline]
input_handle_event+0xf00/0x14d0 drivers/input/input.c:370
input_inject_event+0x1e8/0x3b0 drivers/input/input.c:424
evdev_write+0x457/0x750 drivers/input/evdev.c:528
vfs_write+0x2a0/0x11d0 fs/read_write.c:684
ksys_write+0x1f8/0x250 fs/read_write.c:738
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9af1bba0>] __key.88+0x0/0x40
-> (&new->fa_lock){...-}-{3:3} {
IN-SOFTIRQ-R at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0x46/0x90 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1135 [inline]
kill_fasync fs/fcntl.c:1159 [inline]
kill_fasync+0x138/0x510 fs/fcntl.c:1152
sock_wake_async+0x132/0x160 net/socket.c:1509
sk_wake_async_rcu include/net/sock.h:2570 [inline]
sk_wake_async_rcu include/net/sock.h:2567 [inline]
sock_def_readable+0x4f7/0x5d0 net/core/sock.c:3613
tcp_data_ready+0x114/0x5a0 net/ipv4/tcp_input.c:5371
tcp_data_queue+0x1ac2/0x4ff0 net/ipv4/tcp_input.c:5461
tcp_rcv_established+0xa7f/0x36e0 net/ipv4/tcp_input.c:6474
tcp_v4_do_rcv+0xc65/0x10a0 net/ipv4/tcp_ipv4.c:1881
tcp_v4_rcv+0x3077/0x4db0 net/ipv4/tcp_ipv4.c:2324
ip_protocol_deliver_rcu+0xba/0x4c0 net/ipv4/ip_input.c:207
ip_local_deliver_finish+0x3f2/0x720 net/ipv4/ip_input.c:241
NF_HOOK include/linux/netfilter.h:318 [inline]
NF_HOOK include/linux/netfilter.h:312 [inline]
ip_local_deliver+0x18e/0x1f0 net/ipv4/ip_input.c:262
dst_input include/net/dst.h:474 [inline]
ip_rcv_finish net/ipv4/ip_input.c:453 [inline]
NF_HOOK include/linux/netfilter.h:318 [inline]
NF_HOOK include/linux/netfilter.h:312 [inline]
ip_rcv+0x2e0/0x600 net/ipv4/ip_input.c:573
__netif_receive_skb_one_core+0x197/0x1e0 net/core/dev.c:6137
__netif_receive_skb+0x1d/0x160 net/core/dev.c:6250
process_backlog+0x4a2/0x1650 net/core/dev.c:6602
__napi_poll.constprop.0+0xb3/0x540 net/core/dev.c:7666
napi_poll net/core/dev.c:7729 [inline]
net_rx_action+0x9f9/0xfa0 net/core/dev.c:7881
handle_softirqs+0x219/0x950 kernel/softirq.c:622
do_softirq kernel/softirq.c:523 [inline]
do_softirq+0xb2/0xf0 kernel/softirq.c:510
__local_bh_enable_ip+0x100/0x120 kernel/softirq.c:450
sk_stream_wait_memory+0x65c/0x10e0 net/core/stream.c:149
tcp_sendmsg_locked+0x15d0/0x42a0 net/ipv4/tcp.c:1365
tcp_sendmsg+0x2e/0x50 net/ipv4/tcp.c:1412
inet_sendmsg+0xb9/0x140 net/ipv4/af_inet.c:859
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
__sys_sendto+0x43c/0x520 net/socket.c:2206
__do_sys_sendto net/socket.c:2213 [inline]
__se_sys_sendto net/socket.c:2209 [inline]
__x64_sys_sendto+0xe0/0x1c0 net/socket.c:2209
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL USE at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_write_lock_irq include/linux/rwlock_api_smp.h:195 [inline]
_raw_write_lock_irq+0x36/0x50 kernel/locking/spinlock.c:326
fasync_remove_entry+0xb2/0x1e0 fs/fcntl.c:1012
fasync_helper+0xaf/0xd0 fs/fcntl.c:1115
lease_modify+0x232/0x500 fs/locks.c:1455
locks_remove_lease fs/locks.c:2726 [inline]
locks_remove_file+0x29e/0x5c0 fs/locks.c:2751
__fput+0x351/0xb70 fs/file_table.c:460
task_work_run+0x150/0x240 kernel/task_work.c:233
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
__exit_to_user_mode_loop kernel/entry/common.c:44 [inline]
exit_to_user_mode_loop+0xfb/0x540 kernel/entry/common.c:75
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
do_syscall_64+0x4ee/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL READ USE at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0x74/0x90 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1135 [inline]
kill_fasync fs/fcntl.c:1159 [inline]
kill_fasync+0x138/0x510 fs/fcntl.c:1152
lease_break_callback+0x23/0x30 fs/locks.c:558
__break_lease+0x6cd/0x1800 fs/locks.c:1598
break_lease include/linux/filelock.h:476 [inline]
do_dentry_open+0x6e7/0x1590 fs/open.c:953
vfs_open+0x82/0x3f0 fs/open.c:1094
do_open fs/namei.c:4628 [inline]
path_openat+0x2078/0x3140 fs/namei.c:4787
do_filp_open+0x20b/0x470 fs/namei.c:4814
do_sys_openat2+0x11f/0x280 fs/open.c:1430
do_sys_open fs/open.c:1436 [inline]
__do_sys_open fs/open.c:1444 [inline]
__se_sys_open fs/open.c:1440 [inline]
__x64_sys_open+0x153/0x1e0 fs/open.c:1440
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9ac43380>] __key.0+0x0/0x40
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0x74/0x90 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1135 [inline]
kill_fasync fs/fcntl.c:1159 [inline]
kill_fasync+0x138/0x510 fs/fcntl.c:1152
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x619/0x9b0 drivers/input/evdev.c:278
evdev_events+0x1bb/0x390 drivers/input/evdev.c:306
input_pass_values+0x74e/0x880 drivers/input/input.c:128
input_event_dispose drivers/input/input.c:342 [inline]
input_handle_event+0xf00/0x14d0 drivers/input/input.c:370
input_inject_event+0x1e8/0x3b0 drivers/input/input.c:424
evdev_write+0x457/0x750 drivers/input/evdev.c:528
vfs_write+0x2a0/0x11d0 fs/read_write.c:684
ksys_write+0x1f8/0x250 fs/read_write.c:738
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> (&f_owner->lock){....}-{3:3} {
INITIAL USE at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_write_lock_irq include/linux/rwlock_api_smp.h:195 [inline]
_raw_write_lock_irq+0x36/0x50 kernel/locking/spinlock.c:326
__f_setown+0x61/0x3c0 fs/fcntl.c:136
fcntl_dirnotify+0x7b1/0xb60 fs/notify/dnotify/dnotify.c:369
do_fcntl+0x504/0x1660 fs/fcntl.c:538
__do_sys_fcntl fs/fcntl.c:602 [inline]
__se_sys_fcntl fs/fcntl.c:587 [inline]
__x64_sys_fcntl+0x163/0x200 fs/fcntl.c:587
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL READ USE at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0x74/0x90 kernel/locking/spinlock.c:236
send_sigio+0x31/0x3e0 fs/fcntl.c:918
kill_fasync_rcu fs/fcntl.c:1144 [inline]
kill_fasync fs/fcntl.c:1159 [inline]
kill_fasync+0x214/0x510 fs/fcntl.c:1152
lease_break_callback+0x23/0x30 fs/locks.c:558
__break_lease+0x6cd/0x1800 fs/locks.c:1598
break_lease include/linux/filelock.h:476 [inline]
do_dentry_open+0x6e7/0x1590 fs/open.c:953
vfs_open+0x82/0x3f0 fs/open.c:1094
do_open fs/namei.c:4628 [inline]
path_openat+0x2078/0x3140 fs/namei.c:4787
do_filp_open+0x20b/0x470 fs/namei.c:4814
do_sys_openat2+0x11f/0x280 fs/open.c:1430
do_sys_open fs/open.c:1436 [inline]
__do_sys_open fs/open.c:1444 [inline]
__se_sys_open fs/open.c:1440 [inline]
__x64_sys_open+0x153/0x1e0 fs/open.c:1440
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9ac433c0>] __key.1+0x0/0x40
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0x74/0x90 kernel/locking/spinlock.c:236
send_sigio+0x31/0x3e0 fs/fcntl.c:918
kill_fasync_rcu fs/fcntl.c:1144 [inline]
kill_fasync fs/fcntl.c:1159 [inline]
kill_fasync+0x214/0x510 fs/fcntl.c:1152
lease_break_callback+0x23/0x30 fs/locks.c:558
__break_lease+0x6cd/0x1800 fs/locks.c:1598
break_lease include/linux/filelock.h:476 [inline]
do_dentry_open+0x6e7/0x1590 fs/open.c:953
vfs_open+0x82/0x3f0 fs/open.c:1094
do_open fs/namei.c:4628 [inline]
path_openat+0x2078/0x3140 fs/namei.c:4787
do_filp_open+0x20b/0x470 fs/namei.c:4814
do_sys_openat2+0x11f/0x280 fs/open.c:1430
do_sys_open fs/open.c:1436 [inline]
__do_sys_open fs/open.c:1444 [inline]
__se_sys_open fs/open.c:1440 [inline]
__x64_sys_open+0x153/0x1e0 fs/open.c:1440
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
the dependencies between the lock to be acquired
and SOFTIRQ-irq-unsafe lock:
-> (tasklist_lock){.+.+}-{3:3} {
HARDIRQ-ON-R at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228
__do_wait+0x105/0x890 kernel/exit.c:1672
do_wait+0x21d/0x570 kernel/exit.c:1716
kernel_wait+0x9f/0x160 kernel/exit.c:1892
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xf1/0x170 kernel/umh.c:163
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
SOFTIRQ-ON-R at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228
__do_wait+0x105/0x890 kernel/exit.c:1672
do_wait+0x21d/0x570 kernel/exit.c:1716
kernel_wait+0x9f/0x160 kernel/exit.c:1892
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xf1/0x170 kernel/umh.c:163
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
INITIAL USE at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_write_lock_irq include/linux/rwlock_api_smp.h:195 [inline]
_raw_write_lock_irq+0x36/0x50 kernel/locking/spinlock.c:326
copy_process+0x4668/0x7430 kernel/fork.c:2367
kernel_clone+0xfc/0x910 kernel/fork.c:2651
user_mode_thread+0xc8/0x110 kernel/fork.c:2727
rest_init+0x23/0x2b0 init/main.c:722
start_kernel+0x3ef/0x4d0 init/main.c:1206
x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:310
x86_64_start_kernel+0x130/0x190 arch/x86/kernel/head64.c:291
common_startup_64+0x13e/0x148
INITIAL READ USE at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228
__do_wait+0x105/0x890 kernel/exit.c:1672
do_wait+0x21d/0x570 kernel/exit.c:1716
kernel_wait+0x9f/0x160 kernel/exit.c:1892
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xf1/0x170 kernel/umh.c:163
process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257
process_scheduled_works kernel/workqueue.c:3340 [inline]
worker_thread+0x6c8/0xf10 kernel/workqueue.c:3421
kthread+0x3c5/0x780 kernel/kthread.c:463
ret_from_fork+0x983/0xb10 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
}
... key at: [<ffffffff8e00c098>] tasklist_lock+0x18/0x40
... acquired at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228
send_sigurg+0xed/0xc80 fs/fcntl.c:978
sk_send_sigurg+0x76/0x360 net/core/sock.c:3669
queue_oob net/unix/af_unix.c:2357 [inline]
unix_stream_sendmsg+0xfa3/0x1320 net/unix/af_unix.c:2491
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0xa5d/0xc30 net/socket.c:2592
___sys_sendmsg+0x134/0x1d0 net/socket.c:2646
__sys_sendmsg+0x16d/0x220 net/socket.c:2678
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
stack backtrace:
CPU: 1 UID: 60928 PID: 23060 Comm: syz.8.5536 Tainted: G L syzkaller #0 PREEMPT(full)
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
print_bad_irq_dependency kernel/locking/lockdep.c:2616 [inline]
check_irq_usage+0x8e6/0xbc0 kernel/locking/lockdep.c:2857
check_prev_add kernel/locking/lockdep.c:3169 [inline]
check_prevs_add kernel/locking/lockdep.c:3284 [inline]
validate_chain kernel/locking/lockdep.c:3908 [inline]
__lock_acquire+0x167f/0x2890 kernel/locking/lockdep.c:5237
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x179/0x330 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228
send_sigurg+0xed/0xc80 fs/fcntl.c:978
sk_send_sigurg+0x76/0x360 net/core/sock.c:3669
queue_oob net/unix/af_unix.c:2357 [inline]
unix_stream_sendmsg+0xfa3/0x1320 net/unix/af_unix.c:2491
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0xa5d/0xc30 net/socket.c:2592
___sys_sendmsg+0x134/0x1d0 net/socket.c:2646
__sys_sendmsg+0x16d/0x220 net/socket.c:2678
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa23f98f749
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa24082e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fa23fbe5fa0 RCX: 00007fa23f98f749
RDX: 00000000240408c1 RSI: 0000200000000080 RDI: 0000000000000003
RBP: 00007fa23fa13f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fa23fbe6038 R14: 00007fa23fbe5fa0 R15: 00007ffca797f688
</TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2025/12/07 16:12 | upstream | 37bb2e7217b0 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2025/12/06 16:35 | upstream | 416f99c3b16f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/12/06 05:51 | upstream | 51d90a15fedf | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/05 23:53 | upstream | d1d36025a617 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2025/12/03 03:58 | upstream | 619f4edc8d4f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/12/02 17:09 | upstream | 4a26e7032d7d | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/02 14:59 | upstream | 4a26e7032d7d | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/02 11:23 | upstream | 1d18101a644e | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/12/02 08:03 | upstream | 1d18101a644e | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/02 05:11 | upstream | 1d18101a644e | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/12/02 02:33 | upstream | 1d18101a644e | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2025/12/02 00:50 | upstream | 1d18101a644e | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/01 21:58 | upstream | 7d0a66e4bb90 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/12/01 17:58 | upstream | 7d0a66e4bb90 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/01 16:44 | upstream | 7d0a66e4bb90 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/01 16:18 | upstream | 7d0a66e4bb90 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/01 09:31 | upstream | 7d0a66e4bb90 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/01 07:46 | upstream | e69c7c175115 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/11/30 19:42 | upstream | e69c7c175115 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/30 13:38 | upstream | 6bda50f4333f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/11/30 08:34 | upstream | 6bda50f4333f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/30 05:03 | upstream | 6bda50f4333f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/11/30 01:09 | upstream | 6bda50f4333f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/11/29 20:12 | upstream | 19eef1d98eed | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/29 18:31 | upstream | 19eef1d98eed | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/11/29 11:13 | upstream | 19eef1d98eed | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/29 09:03 | upstream | 6cf62f0174de | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/20 12:48 | upstream | 23cb64fb7625 | 280ea308 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/11/20 05:34 | upstream | 23cb64fb7625 | 26ee5237 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/19 22:26 | upstream | 8b690556d8fe | 26ee5237 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/11/19 15:21 | upstream | 8b690556d8fe | 26ee5237 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2025/11/19 15:21 | upstream | 8b690556d8fe | 26ee5237 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2025/11/19 12:13 | upstream | 8b690556d8fe | 26ee5237 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/19 02:30 | upstream | 5bebe8de1926 | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/11/18 22:22 | upstream | 5bebe8de1926 | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/18 15:49 | upstream | e7c375b18160 | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/18 13:30 | upstream | e7c375b18160 | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/18 09:00 | upstream | e7c375b18160 | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/11/18 04:19 | upstream | e7c375b18160 | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2025/11/18 00:34 | upstream | e7c375b18160 | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/08/23 14:33 | upstream | 038d61fd6422 | bf27483f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in evdev_pass_values | ||
| 2025/12/04 21:34 | upstream | fa5ef105618a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/12/04 07:42 | upstream | 559e608c4655 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/12/03 18:03 | upstream | 3f9f0252130e | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/11/20 04:29 | upstream | 23cb64fb7625 | 26ee5237 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/11/19 14:20 | upstream | 8b690556d8fe | 26ee5237 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/11/19 09:03 | upstream | 8b690556d8fe | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/11/19 01:03 | upstream | 5bebe8de1926 | ef766cd7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/11/13 19:04 | upstream | 2ccec5944606 | 07e030de | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | possible deadlock in evdev_pass_values | ||
| 2025/10/22 22:28 | upstream | dd72c8fcf6d3 | c0460fcd | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | possible deadlock in evdev_pass_values | ||
| 2023/04/19 19:50 | upstream | 789b4a41c247 | a219f34e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2023/04/16 17:07 | upstream | 3e7bb4f24617 | ec410564 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/03 07:02 | linux-next | b2c27842ba85 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/11/30 12:31 | linux-next | 7d31f578f323 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/11/24 13:38 | linux-next | d724c6f85e80 | bf6fe8fe | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/11/22 10:49 | linux-next | d724c6f85e80 | 4fb8ef37 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/11/22 00:30 | linux-next | d724c6f85e80 | c31c1b0b | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/10/23 23:03 | linux-next | aaa9c3550b60 | c0460fcd | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | possible deadlock in evdev_pass_values |