syzbot |
sign-in | mailing list | source | docs |
=====================================================
WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
syzkaller #0 Tainted: G L
-----------------------------------------------------
syz.3.9739/6822 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
ffffffff8e40c058 (tasklist_lock){.+.+}-{3:3}, at: send_sigio+0x101/0x370 fs/fcntl.c:932
and this task is already holding:
ffff888035445ea0 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370 fs/fcntl.c:918
which would create a new lock dependency:
(&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3}
but this new dependency connects a SOFTIRQ-irq-safe lock:
(&client->buffer_lock){..-.}-{3:3}
... which became SOFTIRQ-irq-safe at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_spin_lock include/linux/spinlock_api_smp.h:158 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:341 [inline]
evdev_pass_values+0xb9/0xbd0 drivers/input/evdev.c:261
evdev_events+0x1e6/0x340 drivers/input/evdev.c:306
input_pass_values+0x288/0x890 drivers/input/input.c:128
input_event_dispose drivers/input/input.c:342 [inline]
input_handle_event drivers/input/input.c:370 [inline]
input_repeat_key+0x41a/0x680 drivers/input/input.c:2228
call_timer_fn+0x192/0x5a0 kernel/time/timer.c:1748
expire_timers kernel/time/timer.c:1799 [inline]
__run_timers kernel/time/timer.c:2373 [inline]
__run_timer_base+0x652/0x8b0 kernel/time/timer.c:2385
run_timer_base kernel/time/timer.c:2394 [inline]
run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2404
handle_softirqs+0x22a/0x7c0 kernel/softirq.c:622
__do_softirq kernel/softirq.c:656 [inline]
invoke_softirq kernel/softirq.c:496 [inline]
__irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723
irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
lock_release+0x2d7/0x3a0 kernel/locking/lockdep.c:5893
rcu_lock_release include/linux/rcupdate.h:322 [inline]
rcu_read_unlock include/linux/rcupdate.h:881 [inline]
class_rcu_destructor include/linux/rcupdate.h:1193 [inline]
unwind_next_frame+0x1aaa/0x23c0 arch/x86/kernel/unwind_orc.c:695
arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
save_stack+0x122/0x230 mm/page_owner.c:165
__set_page_owner+0x8d/0x4c0 mm/page_owner.c:341
set_page_owner include/linux/page_owner.h:32 [inline]
post_alloc_hook+0x228/0x280 mm/page_alloc.c:1884
prep_new_page mm/page_alloc.c:1892 [inline]
get_page_from_freelist+0x24dc/0x2580 mm/page_alloc.c:3950
__alloc_frozen_pages_noprof+0x18d/0x380 mm/page_alloc.c:5245
alloc_pages_mpol+0x232/0x4a0 mm/mempolicy.c:2486
folio_alloc_mpol_noprof+0x39/0x70 mm/mempolicy.c:2505
shmem_alloc_folio mm/shmem.c:1919 [inline]
shmem_alloc_and_add_folio+0x445/0xf80 mm/shmem.c:1961
shmem_get_folio_gfp+0x5a9/0x1670 mm/shmem.c:2585
shmem_fault+0x179/0x390 mm/shmem.c:2786
__do_fault+0x138/0x390 mm/memory.c:5323
do_read_fault mm/memory.c:5758 [inline]
do_fault mm/memory.c:5892 [inline]
do_pte_missing+0x21a2/0x37a0 mm/memory.c:4404
handle_pte_fault mm/memory.c:6276 [inline]
__handle_mm_fault mm/memory.c:6414 [inline]
handle_mm_fault+0x1b8c/0x32a0 mm/memory.c:6583
faultin_page mm/gup.c:1126 [inline]
__get_user_pages+0x165b/0x29d0 mm/gup.c:1428
populate_vma_page_range+0x2be/0x3c0 mm/gup.c:1860
__mm_populate+0x25f/0x390 mm/gup.c:1963
mm_populate include/linux/mm.h:3682 [inline]
vm_mmap_pgoff+0x3aa/0x4f0 mm/util.c:586
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
to a SOFTIRQ-irq-unsafe lock:
(tasklist_lock){.+.+}-{3:3}
... which became SOFTIRQ-irq-unsafe at:
...
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:161 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
__do_wait+0xde/0x740 kernel/exit.c:1672
do_wait+0x1e7/0x4f0 kernel/exit.c:1716
kernel_wait+0xd6/0x1c0 kernel/exit.c:1892
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xbe/0x230 kernel/umh.c:163
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xaec/0x17a0 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
other info that might help us debug this:
Chain exists of:
&client->buffer_lock --> &f_owner->lock --> tasklist_lock
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(tasklist_lock);
local_irq_disable();
lock(&client->buffer_lock);
lock(&f_owner->lock);
<Interrupt>
lock(&client->buffer_lock);
*** DEADLOCK ***
5 locks held by syz.3.9739/6822:
#0: ffff888035e3a420 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 fs/namespace.c:493
#1: ffff888069bf8fb8 (&sb->s_type->i_mutex_key#16){++++}-{4:4}, at: inode_lock_killable include/linux/fs.h:1033 [inline]
#1: ffff888069bf8fb8 (&sb->s_type->i_mutex_key#16){++++}-{4:4}, at: do_truncate+0x18f/0x250 fs/open.c:63
#2: ffffffff9a293378 (&fsnotify_mark_srcu){.+.?}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:187 [inline]
#2: ffffffff9a293378 (&fsnotify_mark_srcu){.+.?}-{0:0}, at: srcu_read_lock include/linux/srcu.h:294 [inline]
#2: ffffffff9a293378 (&fsnotify_mark_srcu){.+.?}-{0:0}, at: fsnotify+0x74c/0x1ae0 fs/notify/fsnotify.c:619
#3: ffff888048102e48 (&mark->lock){+.+.}-{3:3}, at: spin_lock include/linux/spinlock.h:341 [inline]
#3: ffff888048102e48 (&mark->lock){+.+.}-{3:3}, at: dnotify_handle_event+0x62/0x440 fs/notify/dnotify/dnotify.c:105
#4: ffff888035445ea0 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370 fs/fcntl.c:918
the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
-> (&client->buffer_lock){..-.}-{3:3} {
IN-SOFTIRQ-W at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_spin_lock include/linux/spinlock_api_smp.h:158 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:341 [inline]
evdev_pass_values+0xb9/0xbd0 drivers/input/evdev.c:261
evdev_events+0x1e6/0x340 drivers/input/evdev.c:306
input_pass_values+0x288/0x890 drivers/input/input.c:128
input_event_dispose drivers/input/input.c:342 [inline]
input_handle_event drivers/input/input.c:370 [inline]
input_repeat_key+0x41a/0x680 drivers/input/input.c:2228
call_timer_fn+0x192/0x5a0 kernel/time/timer.c:1748
expire_timers kernel/time/timer.c:1799 [inline]
__run_timers kernel/time/timer.c:2373 [inline]
__run_timer_base+0x652/0x8b0 kernel/time/timer.c:2385
run_timer_base kernel/time/timer.c:2394 [inline]
run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2404
handle_softirqs+0x22a/0x7c0 kernel/softirq.c:622
__do_softirq kernel/softirq.c:656 [inline]
invoke_softirq kernel/softirq.c:496 [inline]
__irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723
irq_exit_rcu+0x9/0x30 kernel/softirq.c:739
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
lock_release+0x2d7/0x3a0 kernel/locking/lockdep.c:5893
rcu_lock_release include/linux/rcupdate.h:322 [inline]
rcu_read_unlock include/linux/rcupdate.h:881 [inline]
class_rcu_destructor include/linux/rcupdate.h:1193 [inline]
unwind_next_frame+0x1aaa/0x23c0 arch/x86/kernel/unwind_orc.c:695
arch_stack_walk+0x11b/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
save_stack+0x122/0x230 mm/page_owner.c:165
__set_page_owner+0x8d/0x4c0 mm/page_owner.c:341
set_page_owner include/linux/page_owner.h:32 [inline]
post_alloc_hook+0x228/0x280 mm/page_alloc.c:1884
prep_new_page mm/page_alloc.c:1892 [inline]
get_page_from_freelist+0x24dc/0x2580 mm/page_alloc.c:3950
__alloc_frozen_pages_noprof+0x18d/0x380 mm/page_alloc.c:5245
alloc_pages_mpol+0x232/0x4a0 mm/mempolicy.c:2486
folio_alloc_mpol_noprof+0x39/0x70 mm/mempolicy.c:2505
shmem_alloc_folio mm/shmem.c:1919 [inline]
shmem_alloc_and_add_folio+0x445/0xf80 mm/shmem.c:1961
shmem_get_folio_gfp+0x5a9/0x1670 mm/shmem.c:2585
shmem_fault+0x179/0x390 mm/shmem.c:2786
__do_fault+0x138/0x390 mm/memory.c:5323
do_read_fault mm/memory.c:5758 [inline]
do_fault mm/memory.c:5892 [inline]
do_pte_missing+0x21a2/0x37a0 mm/memory.c:4404
handle_pte_fault mm/memory.c:6276 [inline]
__handle_mm_fault mm/memory.c:6414 [inline]
handle_mm_fault+0x1b8c/0x32a0 mm/memory.c:6583
faultin_page mm/gup.c:1126 [inline]
__get_user_pages+0x165b/0x29d0 mm/gup.c:1428
populate_vma_page_range+0x2be/0x3c0 mm/gup.c:1860
__mm_populate+0x25f/0x390 mm/gup.c:1963
mm_populate include/linux/mm.h:3682 [inline]
vm_mmap_pgoff+0x3aa/0x4f0 mm/util.c:586
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL USE at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_spin_lock include/linux/spinlock_api_smp.h:158 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:341 [inline]
evdev_pass_values+0xb9/0xbd0 drivers/input/evdev.c:261
evdev_events+0x1e6/0x340 drivers/input/evdev.c:306
input_pass_values+0x288/0x890 drivers/input/input.c:128
input_event_dispose+0x330/0x6b0 drivers/input/input.c:342
input_inject_event+0x1dd/0x340 drivers/input/input.c:424
evdev_write+0x325/0x4c0 drivers/input/evdev.c:528
vfs_write+0x29a/0xb90 fs/read_write.c:686
ksys_write+0x150/0x270 fs/read_write.c:740
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a5ae6a0>] evdev_open.__key.27+0x0/0x20
-> (&new->fa_lock){....}-{3:3} {
INITIAL USE at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_write_lock_irq include/linux/rwlock_api_smp.h:211 [inline]
_raw_write_lock_irq+0x3d/0x50 kernel/locking/spinlock.c:326
fasync_remove_entry+0xf1/0x1c0 fs/fcntl.c:1012
lease_modify+0x4f7/0x6c0 fs/locks.c:1514
locks_remove_lease fs/locks.c:2746 [inline]
locks_remove_file+0x5f0/0xf70 fs/locks.c:2771
__fput+0x3ae/0xa70 fs/file_table.c:461
task_work_run+0x1d9/0x270 kernel/task_work.c:233
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
__exit_to_user_mode_loop kernel/entry/common.c:67 [inline]
exit_to_user_mode_loop+0xed/0x480 kernel/entry/common.c:98
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:325 [inline]
do_syscall_64+0x32d/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL READ USE at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:172 [inline]
_raw_read_lock_irqsave+0x48/0x60 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1135 [inline]
kill_fasync+0x199/0x4d0 fs/fcntl.c:1159
lease_break_callback+0x26/0x30 fs/locks.c:577
__break_lease+0x81c/0x1d90 fs/locks.c:1657
break_lease include/linux/filelock.h:484 [inline]
do_dentry_open+0x1010/0x14e0 fs/open.c:940
vfs_open+0x3b/0x340 fs/open.c:1081
do_open fs/namei.c:4671 [inline]
path_openat+0x2e08/0x3860 fs/namei.c:4830
do_file_open+0x23e/0x4a0 fs/namei.c:4859
do_sys_openat2+0x113/0x200 fs/open.c:1366
do_sys_open fs/open.c:1372 [inline]
__do_sys_openat fs/open.c:1388 [inline]
__se_sys_openat fs/open.c:1383 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1383
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a290400>] fasync_insert_entry.__key+0x0/0x20
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:172 [inline]
_raw_read_lock_irqsave+0x48/0x60 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1135 [inline]
kill_fasync+0x199/0x4d0 fs/fcntl.c:1159
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x627/0xbd0 drivers/input/evdev.c:278
evdev_events+0x1e6/0x340 drivers/input/evdev.c:306
input_pass_values+0x288/0x890 drivers/input/input.c:128
input_event_dispose+0x330/0x6b0 drivers/input/input.c:342
input_inject_event+0x1dd/0x340 drivers/input/input.c:424
evdev_write+0x325/0x4c0 drivers/input/evdev.c:528
vfs_write+0x29a/0xb90 fs/read_write.c:686
ksys_write+0x150/0x270 fs/read_write.c:740
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> (&f_owner->lock){....}-{3:3} {
INITIAL USE at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_write_lock_irq include/linux/rwlock_api_smp.h:211 [inline]
_raw_write_lock_irq+0x3d/0x50 kernel/locking/spinlock.c:326
__f_setown+0x67/0x370 fs/fcntl.c:136
generic_add_lease fs/locks.c:1908 [inline]
generic_setlease+0xacf/0xf90 fs/locks.c:1984
do_fcntl_add_lease+0x35e/0x470 fs/locks.c:2086
fcntl_setdeleg+0x14c/0x1e0 fs/locks.c:2132
do_fcntl+0xe6d/0x1a20 fs/fcntl.c:564
__do_sys_fcntl fs/fcntl.c:602 [inline]
__se_sys_fcntl+0xc8/0x150 fs/fcntl.c:587
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL READ USE at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_read_lock_irq include/linux/rwlock_api_smp.h:182 [inline]
_raw_read_lock_irq+0x45/0x60 kernel/locking/spinlock.c:244
f_getown_ex fs/fcntl.c:270 [inline]
do_fcntl+0x30f/0x1a20 fs/fcntl.c:517
__do_sys_fcntl fs/fcntl.c:602 [inline]
__se_sys_fcntl+0xc8/0x150 fs/fcntl.c:587
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a2903e0>] file_f_owner_allocate.__key+0x0/0x20
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:172 [inline]
_raw_read_lock_irqsave+0x48/0x60 kernel/locking/spinlock.c:236
send_sigio+0x38/0x370 fs/fcntl.c:918
kill_fasync_rcu fs/fcntl.c:1144 [inline]
kill_fasync+0x24d/0x4d0 fs/fcntl.c:1159
lease_break_callback+0x26/0x30 fs/locks.c:577
__break_lease+0x81c/0x1d90 fs/locks.c:1657
break_lease include/linux/filelock.h:484 [inline]
do_dentry_open+0x1010/0x14e0 fs/open.c:940
vfs_open+0x3b/0x340 fs/open.c:1081
do_open fs/namei.c:4671 [inline]
path_openat+0x2e08/0x3860 fs/namei.c:4830
do_file_open+0x23e/0x4a0 fs/namei.c:4859
do_sys_openat2+0x113/0x200 fs/open.c:1366
do_sys_open fs/open.c:1372 [inline]
__do_sys_openat fs/open.c:1388 [inline]
__se_sys_openat fs/open.c:1383 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1383
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
the dependencies between the lock to be acquired
and SOFTIRQ-irq-unsafe lock:
-> (tasklist_lock){.+.+}-{3:3} {
HARDIRQ-ON-R at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:161 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
__do_wait+0xde/0x740 kernel/exit.c:1672
do_wait+0x1e7/0x4f0 kernel/exit.c:1716
kernel_wait+0xd6/0x1c0 kernel/exit.c:1892
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xbe/0x230 kernel/umh.c:163
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xaec/0x17a0 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
SOFTIRQ-ON-R at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:161 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
__do_wait+0xde/0x740 kernel/exit.c:1672
do_wait+0x1e7/0x4f0 kernel/exit.c:1716
kernel_wait+0xd6/0x1c0 kernel/exit.c:1892
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xbe/0x230 kernel/umh.c:163
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xaec/0x17a0 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
INITIAL USE at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_write_lock_irq include/linux/rwlock_api_smp.h:211 [inline]
_raw_write_lock_irq+0x3d/0x50 kernel/locking/spinlock.c:326
copy_process+0x247a/0x3cf0 kernel/fork.c:2369
kernel_clone+0x248/0x870 kernel/fork.c:2654
user_mode_thread+0x110/0x180 kernel/fork.c:2730
rest_init+0x23/0x300 init/main.c:722
start_kernel+0x380/0x3d0 init/main.c:1206
x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310
x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291
common_startup_64+0x13e/0x147
INITIAL READ USE at:
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:161 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
__do_wait+0xde/0x740 kernel/exit.c:1672
do_wait+0x1e7/0x4f0 kernel/exit.c:1716
kernel_wait+0xd6/0x1c0 kernel/exit.c:1892
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xbe/0x230 kernel/umh.c:163
process_one_work kernel/workqueue.c:3275 [inline]
process_scheduled_works+0xaec/0x17a0 kernel/workqueue.c:3358
worker_thread+0xa50/0xfc0 kernel/workqueue.c:3439
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
}
... key at: [<ffffffff8e40c058>] tasklist_lock+0x18/0x40
... acquired at:
__raw_read_lock include/linux/rwlock_api_smp.h:161 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
send_sigio+0x101/0x370 fs/fcntl.c:932
dnotify_handle_event+0x169/0x440 fs/notify/dnotify/dnotify.c:113
fsnotify_handle_event fs/notify/fsnotify.c:357 [inline]
send_to_group fs/notify/fsnotify.c:431 [inline]
fsnotify+0x168e/0x1ae0 fs/notify/fsnotify.c:648
__fsnotify_parent+0x50d/0x620 fs/notify/fsnotify.c:294
notify_change+0xc55/0xf40 fs/attr.c:551
do_truncate+0x1c2/0x250 fs/open.c:68
vfs_truncate+0x4b4/0x540 fs/open.c:118
do_sys_truncate+0xf3/0x1c0 fs/open.c:142
__do_sys_truncate fs/open.c:154 [inline]
__se_sys_truncate fs/open.c:152 [inline]
__x64_sys_truncate+0x5b/0x70 fs/open.c:152
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
stack backtrace:
CPU: 1 UID: 0 PID: 6822 Comm: syz.3.9739 Tainted: G L syzkaller #0 PREEMPT(full)
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
Call Trace:
<TASK>
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
print_bad_irq_dependency kernel/locking/lockdep.c:2616 [inline]
check_irq_usage kernel/locking/lockdep.c:2857 [inline]
check_prev_add kernel/locking/lockdep.c:3169 [inline]
check_prevs_add kernel/locking/lockdep.c:3284 [inline]
validate_chain kernel/locking/lockdep.c:3908 [inline]
__lock_acquire+0x2a94/0x2cf0 kernel/locking/lockdep.c:5237
lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:161 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
send_sigio+0x101/0x370 fs/fcntl.c:932
dnotify_handle_event+0x169/0x440 fs/notify/dnotify/dnotify.c:113
fsnotify_handle_event fs/notify/fsnotify.c:357 [inline]
send_to_group fs/notify/fsnotify.c:431 [inline]
fsnotify+0x168e/0x1ae0 fs/notify/fsnotify.c:648
__fsnotify_parent+0x50d/0x620 fs/notify/fsnotify.c:294
notify_change+0xc55/0xf40 fs/attr.c:551
do_truncate+0x1c2/0x250 fs/open.c:68
vfs_truncate+0x4b4/0x540 fs/open.c:118
do_sys_truncate+0xf3/0x1c0 fs/open.c:142
__do_sys_truncate fs/open.c:154 [inline]
__se_sys_truncate fs/open.c:152 [inline]
__x64_sys_truncate+0x5b/0x70 fs/open.c:152
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f5c0579bf79
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f5c066b4028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
RAX: ffffffffffffffda RBX: 00007f5c05a15fa0 RCX: 00007f5c0579bf79
RDX: 0000000000000000 RSI: 000000000008fff5 RDI: 0000200000000180
RBP: 00007f5c058327e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f5c05a16038 R14: 00007f5c05a15fa0 R15: 00007ffdbe293bf8
</TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2026/02/12 04:49 | upstream | c22e26bd0906 | 76a109e2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2026/02/11 03:12 | upstream | dc855b77719f | 441e25b7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2026/02/01 20:22 | upstream | 162b42445b58 | 6b8752f2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/02/01 16:55 | upstream | 162b42445b58 | 6b8752f2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/30 02:33 | upstream | 8dfce8991b95 | aeb6fdd5 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2026/01/05 22:29 | upstream | 3609fa95fb0f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/05 19:37 | upstream | 3609fa95fb0f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/05 18:24 | upstream | 3609fa95fb0f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/05 15:11 | upstream | 3609fa95fb0f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/05 10:35 | upstream | 3609fa95fb0f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/04 21:27 | upstream | 54e82e93ca93 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2026/01/04 18:16 | upstream | 54e82e93ca93 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/04 14:44 | upstream | aacb0a6d604a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/04 11:58 | upstream | aacb0a6d604a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/04 09:39 | upstream | aacb0a6d604a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/04 05:22 | upstream | aacb0a6d604a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/12 12:43 | upstream | 187d0801404f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/12/12 08:03 | upstream | d358e5254674 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/12 05:20 | upstream | d358e5254674 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/12 00:34 | upstream | d358e5254674 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2025/12/11 14:17 | upstream | d358e5254674 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2025/12/11 07:41 | upstream | d358e5254674 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2025/08/23 14:33 | upstream | 038d61fd6422 | bf27483f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in evdev_pass_values | ||
| 2026/02/03 02:00 | upstream | dee65f79364c | d78927dd | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/02/02 14:59 | upstream | 18f7fcd5e69a | 018ebef2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/02/02 02:38 | upstream | 18f7fcd5e69a | 6b8752f2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/31 20:49 | upstream | ad9a728a3388 | 35764559 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/16 12:05 | upstream | 983d014aafb1 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/15 00:29 | upstream | 944aacb68baf | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/14 11:06 | upstream | c537e12daeec | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/13 21:15 | upstream | b54345928fa1 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/12 22:23 | upstream | b71e635feefc | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/12 06:45 | upstream | 0f61b1860cc3 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/10 13:47 | upstream | b6151c4e60e5 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/10 00:01 | upstream | 372800cb95a3 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/07 23:37 | upstream | f0b9d8eb98df | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/07 17:34 | upstream | f0b9d8eb98df | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/06 19:50 | upstream | f0b9d8eb98df | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/01/06 01:00 | upstream | 7f98ab9da046 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/12/17 07:07 | upstream | ea1013c15392 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/12/16 10:26 | upstream | 40fbbd64bba6 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/12/15 09:48 | upstream | 8f0b4cce4481 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/12/14 09:59 | upstream | 8f0b4cce4481 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/12/13 06:43 | upstream | 9551a26f17d9 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2025/12/12 09:43 | upstream | d358e5254674 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/02/03 22:16 | upstream | de0674d9bc69 | 42b01fab | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | possible deadlock in evdev_pass_values | ||
| 2025/10/22 22:28 | upstream | dd72c8fcf6d3 | c0460fcd | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | possible deadlock in evdev_pass_values | ||
| 2023/04/19 19:50 | upstream | 789b4a41c247 | a219f34e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2023/04/16 17:07 | upstream | 3e7bb4f24617 | ec410564 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/13 02:58 | linux-next | f417b7ffcbef | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2026/01/09 18:20 | linux-next | f417b7ffcbef | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/12/14 05:45 | linux-next | d9771d0dbe18 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2025/10/23 23:03 | linux-next | aaa9c3550b60 | c0460fcd | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | possible deadlock in evdev_pass_values |