syzbot |
sign-in | mailing list | source | docs |
| Date | Name | Commit | Repro | Result |
|---|---|---|---|---|
| 2023/09/03 | linux-5.15.y (ToT) | 8f790700c974 | C | [report] possible deadlock in input_event |
| 2023/07/20 | upstream (ToT) | bfa3037d8280 | C | [report] possible deadlock in input_event |
| 2023/09/03 | upstream (ToT) | 92901222f83d | C | Didn't crash |
| Kernel | Title | Rank 🛈 | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|---|
| linux-6.1 | possible deadlock in input_event origin:upstream missing-backport | 4 | C | done | 553 | 3d09h | 1074d | 0/3 | upstream: reported C repro on 2023/06/23 12:11 | |
| upstream | possible deadlock in input_event (2) fs | 4 | C | inconclusive | 7428 | 3h23m | 1664d | 0/29 | upstream: reported C repro on 2021/11/10 17:01 | |
| upstream | possible deadlock in input_event | 4 | C | done | 2740 | 1665d | 1969d | 0/29 | closed as dup on 2021/07/07 07:31 | |
| linux-6.6 | possible deadlock in input_event origin:lts-only | 4 | C | inconclusive | 176 | 19h35m | 336d | 0/2 | upstream: reported C repro on 2025/06/30 21:29 |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2026/02/07 21:37 | 11m | retest repro | linux-5.15.y | report log | |
| 2026/02/07 21:37 | 11m | retest repro | linux-5.15.y | report log | |
| 2026/02/07 21:37 | 12m | retest repro | linux-5.15.y | report log | |
| 2026/02/07 21:37 | 9m | retest repro | linux-5.15.y | report log | |
| 2026/02/07 21:37 | 9m | retest repro | linux-5.15.y | report log | |
| 2026/01/01 00:12 | 16m | retest repro | linux-5.15.y | report log | |
| 2025/11/19 23:06 | 10m | retest repro | linux-5.15.y | report log | |
| 2025/11/19 23:06 | 12m | retest repro | linux-5.15.y | report log | |
| 2025/11/19 23:06 | 13m | retest repro | linux-5.15.y | report log | |
| 2025/11/19 23:06 | 12m | retest repro | linux-5.15.y | report log |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2024/03/18 02:38 | 58m | bisect fix | linux-5.15.y | OK (0) job log log | |
| 2024/02/12 17:11 | 1h30m | bisect fix | linux-5.15.y | OK (0) job log log | |
| 2024/01/05 22:45 | 1h53m | bisect fix | linux-5.15.y | OK (0) job log log | |
| 2023/09/14 19:19 | 1h40m | fix candidate | upstream | OK (0) job log log |
=====================================================
WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
syzkaller #0 Not tainted
-----------------------------------------------------
syz.0.17/4317 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
ffff888023f3e3b8 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x2f/0x330 fs/fcntl.c:790
and this task is already holding:
ffff888073e99018 (&new->fa_lock){....}-{2:2}, at: kill_fasync_rcu fs/fcntl.c:1008 [inline]
ffff888073e99018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x16d/0x490 fs/fcntl.c:1029
which would create a new lock dependency:
(&new->fa_lock){....}-{2:2} -> (&f->f_owner.lock){....}-{2:2}
but this new dependency connects a HARDIRQ-irq-safe lock:
(&dev->event_lock#2){-...}-{2:2}
... which became HARDIRQ-irq-safe at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xa4/0xf0 kernel/locking/spinlock.c:162
input_event+0x76/0xb0 drivers/input/input.c:456
input_report_key include/linux/input.h:425 [inline]
psmouse_report_standard_buttons drivers/input/mouse/psmouse-base.c:123 [inline]
psmouse_report_standard_packet+0x4f/0x200 drivers/input/mouse/psmouse-base.c:141
psmouse_process_byte+0x42b/0x620 drivers/input/mouse/psmouse-base.c:232
psmouse_handle_byte+0x43/0x490 drivers/input/mouse/psmouse-base.c:274
psmouse_interrupt+0x699/0x1130 drivers/input/mouse/psmouse-base.c:426
serio_interrupt+0x87/0x130 drivers/input/serio/serio.c:1001
i8042_interrupt+0x369/0x710 drivers/input/serio/i8042.c:606
__handle_irq_event_percpu+0x291/0x9b0 kernel/irq/handle.c:156
handle_irq_event_percpu kernel/irq/handle.c:196 [inline]
handle_irq_event+0xa5/0x220 kernel/irq/handle.c:213
handle_edge_irq+0x243/0xb20 kernel/irq/chip.c:819
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:233 [inline]
__common_interrupt+0xd7/0x1e0 arch/x86/kernel/irq.c:252
common_interrupt+0xb0/0xd0 arch/x86/kernel/irq.c:242
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:667
__orc_find arch/x86/kernel/unwind_orc.c:52 [inline]
orc_find arch/x86/kernel/unwind_orc.c:178 [inline]
unwind_next_frame+0x107f/0x1d90 arch/x86/kernel/unwind_orc.c:448
__unwind_start+0x5bb/0x740 arch/x86/kernel/unwind_orc.c:704
unwind_start arch/x86/include/asm/unwind.h:60 [inline]
arch_stack_walk+0xda/0x140 arch/x86/kernel/stacktrace.c:24
stack_trace_save+0x98/0xe0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:38 [inline]
kasan_set_track+0x4b/0x70 mm/kasan/common.c:46
kasan_set_free_info+0x1f/0x40 mm/kasan/generic.c:360
____kasan_slab_free+0xd5/0x110 mm/kasan/common.c:366
kasan_slab_free include/linux/kasan.h:230 [inline]
slab_free_hook mm/slub.c:1705 [inline]
slab_free_freelist_hook+0xea/0x170 mm/slub.c:1731
slab_free mm/slub.c:3499 [inline]
kfree+0xef/0x2a0 mm/slub.c:4559
kobject_uevent_env+0x368/0x890 lib/kobject_uevent.c:640
driver_register+0x3e2/0x430 drivers/base/driver.c:248
usb_register_driver+0x202/0x3d0 drivers/usb/core/driver.c:1061
do_one_initcall+0x1ee/0x680 init/main.c:1302
do_initcall_level+0x137/0x1f0 init/main.c:1375
do_initcalls+0x4b/0x90 init/main.c:1391
kernel_init_freeable+0x3ce/0x560 init/main.c:1615
kernel_init+0x19/0x1b0 init/main.c:1506
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
to a HARDIRQ-irq-unsafe lock:
(tasklist_lock){.+.+}-{2:2}
... which became HARDIRQ-irq-unsafe at:
...
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x293/0xac0 kernel/exit.c:1579
kernel_wait+0xa8/0x160 kernel/exit.c:1769
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
other info that might help us debug this:
Chain exists of:
&dev->event_lock#2 --> &new->fa_lock --> tasklist_lock
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(tasklist_lock);
local_irq_disable();
lock(&dev->event_lock#2);
lock(&new->fa_lock);
<Interrupt>
lock(&dev->event_lock#2);
*** DEADLOCK ***
8 locks held by syz.0.17/4317:
#0: ffff888148229110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x177/0x470 drivers/input/evdev.c:513
#1: ffff8881468be230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0x9e/0x2c0 drivers/input/input.c:482
#2: ffffffff8c11c460 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#3: ffffffff8c11c460 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#4: ffffffff8c11c460 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#5: ffff88807f289028 (&client->buffer_lock){....}-{2:2}, at: spin_lock include/linux/spinlock.h:363 [inline]
#5: ffff88807f289028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0 drivers/input/evdev.c:261
#6: ffffffff8c11c460 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#7: ffff888073e99018 (&new->fa_lock){....}-{2:2}, at: kill_fasync_rcu fs/fcntl.c:1008 [inline]
#7: ffff888073e99018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x16d/0x490 fs/fcntl.c:1029
the dependencies between HARDIRQ-irq-safe lock and the holding lock:
-> (&dev->event_lock#2){-...}-{2:2} {
IN-HARDIRQ-W at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xa4/0xf0 kernel/locking/spinlock.c:162
input_event+0x76/0xb0 drivers/input/input.c:456
input_report_key include/linux/input.h:425 [inline]
psmouse_report_standard_buttons drivers/input/mouse/psmouse-base.c:123 [inline]
psmouse_report_standard_packet+0x4f/0x200 drivers/input/mouse/psmouse-base.c:141
psmouse_process_byte+0x42b/0x620 drivers/input/mouse/psmouse-base.c:232
psmouse_handle_byte+0x43/0x490 drivers/input/mouse/psmouse-base.c:274
psmouse_interrupt+0x699/0x1130 drivers/input/mouse/psmouse-base.c:426
serio_interrupt+0x87/0x130 drivers/input/serio/serio.c:1001
i8042_interrupt+0x369/0x710 drivers/input/serio/i8042.c:606
__handle_irq_event_percpu+0x291/0x9b0 kernel/irq/handle.c:156
handle_irq_event_percpu kernel/irq/handle.c:196 [inline]
handle_irq_event+0xa5/0x220 kernel/irq/handle.c:213
handle_edge_irq+0x243/0xb20 kernel/irq/chip.c:819
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:233 [inline]
__common_interrupt+0xd7/0x1e0 arch/x86/kernel/irq.c:252
common_interrupt+0xb0/0xd0 arch/x86/kernel/irq.c:242
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:667
__orc_find arch/x86/kernel/unwind_orc.c:52 [inline]
orc_find arch/x86/kernel/unwind_orc.c:178 [inline]
unwind_next_frame+0x107f/0x1d90 arch/x86/kernel/unwind_orc.c:448
__unwind_start+0x5bb/0x740 arch/x86/kernel/unwind_orc.c:704
unwind_start arch/x86/include/asm/unwind.h:60 [inline]
arch_stack_walk+0xda/0x140 arch/x86/kernel/stacktrace.c:24
stack_trace_save+0x98/0xe0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:38 [inline]
kasan_set_track+0x4b/0x70 mm/kasan/common.c:46
kasan_set_free_info+0x1f/0x40 mm/kasan/generic.c:360
____kasan_slab_free+0xd5/0x110 mm/kasan/common.c:366
kasan_slab_free include/linux/kasan.h:230 [inline]
slab_free_hook mm/slub.c:1705 [inline]
slab_free_freelist_hook+0xea/0x170 mm/slub.c:1731
slab_free mm/slub.c:3499 [inline]
kfree+0xef/0x2a0 mm/slub.c:4559
kobject_uevent_env+0x368/0x890 lib/kobject_uevent.c:640
driver_register+0x3e2/0x430 drivers/base/driver.c:248
usb_register_driver+0x202/0x3d0 drivers/usb/core/driver.c:1061
do_one_initcall+0x1ee/0x680 init/main.c:1302
do_initcall_level+0x137/0x1f0 init/main.c:1375
do_initcalls+0x4b/0x90 init/main.c:1391
kernel_init_freeable+0x3ce/0x560 init/main.c:1615
kernel_init+0x19/0x1b0 init/main.c:1506
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
INITIAL USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xa4/0xf0 kernel/locking/spinlock.c:162
input_inject_event+0x9e/0x2c0 drivers/input/input.c:482
led_trigger_event+0x10a/0x1e0 drivers/leds/led-triggers.c:392
kbd_led_trigger_activate+0xb9/0x100 drivers/tty/vt/keyboard.c:1029
led_trigger_set+0x504/0x900 drivers/leds/led-triggers.c:211
led_trigger_set_default+0x19c/0x1e0 drivers/leds/led-triggers.c:275
led_classdev_register_ext+0x68f/0x870 drivers/leds/led-class.c:428
led_classdev_register include/linux/leds.h:196 [inline]
input_leds_connect+0x51d/0x750 drivers/input/input-leds.c:139
input_attach_handler drivers/input/input.c:1046 [inline]
input_register_device+0xda7/0x1140 drivers/input/input.c:2429
atkbd_connect+0x759/0xa10 drivers/input/keyboard/atkbd.c:1337
serio_connect_driver drivers/input/serio/serio.c:47 [inline]
serio_driver_probe+0x76/0x90 drivers/input/serio/serio.c:778
call_driver_probe drivers/base/dd.c:-1 [inline]
really_probe+0x284/0xc80 drivers/base/dd.c:595
__driver_probe_device+0x18c/0x330 drivers/base/dd.c:755
driver_probe_device+0x4f/0x420 drivers/base/dd.c:785
__driver_attach+0x46b/0x670 drivers/base/dd.c:1164
bus_for_each_dev+0x175/0x1e0 drivers/base/bus.c:303
serio_attach_driver drivers/input/serio/serio.c:807 [inline]
serio_handle_event+0x29c/0x840 drivers/input/serio/serio.c:227
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
}
... key at: [<ffffffff96424aa0>] input_allocate_device.__key.6+0x0/0x20
-> (&client->buffer_lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
_raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:363 [inline]
evdev_pass_values+0xcb/0xab0 drivers/input/evdev.c:261
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff96424d60>] evdev_open.__key.22+0x0/0x20
... acquired at:
__raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
_raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:363 [inline]
evdev_pass_values+0xcb/0xab0 drivers/input/evdev.c:261
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
-> (&new->fa_lock){....}-{2:2} {
INITIAL READ USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1008 [inline]
kill_fasync+0x16d/0x490 fs/fcntl.c:1029
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x54b/0xab0 drivers/input/evdev.c:278
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff96129740>] fasync_insert_entry.__key+0x0/0x20
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1008 [inline]
kill_fasync+0x16d/0x490 fs/fcntl.c:1029
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x54b/0xab0 drivers/input/evdev.c:278
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
the dependencies between the lock to be acquired
and HARDIRQ-irq-unsafe lock:
-> (tasklist_lock){.+.+}-{2:2} {
HARDIRQ-ON-R at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x293/0xac0 kernel/exit.c:1579
kernel_wait+0xa8/0x160 kernel/exit.c:1769
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
SOFTIRQ-ON-R at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x293/0xac0 kernel/exit.c:1579
kernel_wait+0xa8/0x160 kernel/exit.c:1769
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
INITIAL USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline]
_raw_write_lock_irq+0x9f/0xe0 kernel/locking/spinlock.c:316
copy_process+0x234a/0x3e00 kernel/fork.c:2412
kernel_clone+0x219/0x930 kernel/fork.c:2679
kernel_thread+0xc8/0x120 kernel/fork.c:2731
rest_init+0x21/0x330 init/main.c:706
start_kernel+0x486/0x530 init/main.c:1140
secondary_startup_64_no_verify+0xb1/0xbb
INITIAL READ USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x293/0xac0 kernel/exit.c:1579
kernel_wait+0xa8/0x160 kernel/exit.c:1769
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
}
... key at: [<ffffffff8be0a058>] tasklist_lock+0x18/0x40
... acquired at:
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
send_sigurg+0xcb/0x390 fs/fcntl.c:845
sk_send_sigurg+0x6b/0xc0 net/core/sock.c:3129
tcp_check_urg net/ipv4/tcp_input.c:5688 [inline]
tcp_urg+0x2bc/0xb10 net/ipv4/tcp_input.c:5729
tcp_rcv_established+0xac5/0x1cb0 net/ipv4/tcp_input.c:6063
tcp_v6_do_rcv+0x539/0x1180 net/ipv6/tcp_ipv6.c:1526
sk_backlog_rcv include/net/sock.h:1061 [inline]
__release_sock+0x1b9/0x420 net/core/sock.c:2725
release_sock+0x5b/0x1b0 net/core/sock.c:3266
sk_stream_wait_memory+0x6d8/0xe50 net/core/stream.c:145
tcp_sendmsg_locked+0x1c9f/0x3590 net/ipv4/tcp.c:1419
tcp_sendmsg+0x2b/0x40 net/ipv4/tcp.c:1457
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
__sys_sendto+0x423/0x580 net/socket.c:2063
__do_sys_sendto net/socket.c:2075 [inline]
__se_sys_sendto net/socket.c:2071 [inline]
__x64_sys_sendto+0xda/0xf0 net/socket.c:2071
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
-> (&f->f_owner.lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline]
_raw_write_lock_irq+0x9f/0xe0 kernel/locking/spinlock.c:316
__f_setown+0x37/0x330 fs/fcntl.c:91
f_setown+0x120/0x1c0 fs/fcntl.c:132
do_fcntl+0x192/0x12d0 fs/fcntl.c:387
__do_sys_fcntl fs/fcntl.c:466 [inline]
__se_sys_fcntl+0xcc/0x190 fs/fcntl.c:451
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
INITIAL READ USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
send_sigurg+0x25/0x390 fs/fcntl.c:829
sk_send_sigurg+0x6b/0xc0 net/core/sock.c:3129
tcp_check_urg net/ipv4/tcp_input.c:5688 [inline]
tcp_urg+0x2bc/0xb10 net/ipv4/tcp_input.c:5729
tcp_rcv_established+0xac5/0x1cb0 net/ipv4/tcp_input.c:6063
tcp_v6_do_rcv+0x539/0x1180 net/ipv6/tcp_ipv6.c:1526
sk_backlog_rcv include/net/sock.h:1061 [inline]
__release_sock+0x1b9/0x420 net/core/sock.c:2725
release_sock+0x5b/0x1b0 net/core/sock.c:3266
sk_stream_wait_memory+0x6d8/0xe50 net/core/stream.c:145
tcp_sendmsg_locked+0x1c9f/0x3590 net/ipv4/tcp.c:1419
tcp_sendmsg+0x2b/0x40 net/ipv4/tcp.c:1457
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
__sys_sendto+0x423/0x580 net/socket.c:2063
__do_sys_sendto net/socket.c:2075 [inline]
__se_sys_sendto net/socket.c:2071 [inline]
__x64_sys_sendto+0xda/0xf0 net/socket.c:2071
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff96128ac0>] __alloc_file.__key+0x0/0x10
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
send_sigio+0x2f/0x330 fs/fcntl.c:790
kill_fasync_rcu fs/fcntl.c:1015 [inline]
kill_fasync+0x20a/0x490 fs/fcntl.c:1029
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x54b/0xab0 drivers/input/evdev.c:278
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
stack backtrace:
CPU: 0 PID: 4317 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Call Trace:
<TASK>
dump_stack_lvl+0x168/0x230 lib/dump_stack.c:106
print_bad_irq_dependency kernel/locking/lockdep.c:2567 [inline]
check_irq_usage kernel/locking/lockdep.c:2806 [inline]
check_prev_add kernel/locking/lockdep.c:3057 [inline]
check_prevs_add kernel/locking/lockdep.c:3172 [inline]
validate_chain kernel/locking/lockdep.c:3788 [inline]
__lock_acquire+0x65dd/0x7c60 kernel/locking/lockdep.c:5012
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
send_sigio+0x2f/0x330 fs/fcntl.c:790
kill_fasync_rcu fs/fcntl.c:1015 [inline]
kill_fasync+0x20a/0x490 fs/fcntl.c:1029
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x54b/0xab0 drivers/input/evdev.c:278
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7fb33a123be9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fb339772038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007fb33a35b090 RCX: 00007fb33a123be9
RDX: 0000000000001068 RSI: 0000200000000040 RDI: 0000000000000005
RBP: 00007fb33a1a6e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fb33a35b128 R14: 00007fb33a35b090 R15: 00007ffe2137a7d8
</TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2025/09/09 13:17 | linux-5.15.y | 7a6c2d093c45 | d291dd2d | .config | console log | report | syz / log | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2025/04/15 07:59 | linux-5.15.y | f7347f400572 | 0bd6db41 | .config | console log | report | syz / log | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/05/06 04:12 | linux-5.15.y | 284087d4f7d5 | 610f2a54 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/04/11 08:09 | linux-5.15.y | cdfd0a7f0139 | 33b9e058 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/04/10 23:08 | linux-5.15.y | cdfd0a7f0139 | 4320ec32 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2023/07/19 08:21 | linux-5.15.y | d54cfc420586 | 022df2bb | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2026/06/01 11:26 | linux-5.15.y | 241d66fa280c | 8d8eeb3a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/28 13:47 | linux-5.15.y | 241d66fa280c | 681715f7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/28 01:50 | linux-5.15.y | 241d66fa280c | 4c36e7e5 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/27 13:16 | linux-5.15.y | 241d66fa280c | 8777bdc3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/26 06:58 | linux-5.15.y | 241d66fa280c | c69befb3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/25 11:13 | linux-5.15.y | 241d66fa280c | c69befb3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/23 15:20 | linux-5.15.y | 241d66fa280c | c69befb3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/22 16:51 | linux-5.15.y | 93741761e5e3 | 5f091fcc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/22 16:51 | linux-5.15.y | 93741761e5e3 | 5f091fcc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/19 00:22 | linux-5.15.y | 93741761e5e3 | 9f74d399 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/17 00:19 | linux-5.15.y | 93741761e5e3 | de5aae85 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/16 00:58 | linux-5.15.y | 93741761e5e3 | 81fb92f3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/14 00:38 | linux-5.15.y | de8dfb3f0278 | 6ccb967e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/13 22:02 | linux-5.15.y | de8dfb3f0278 | 6ccb967e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/13 09:26 | linux-5.15.y | de8dfb3f0278 | fec2a7ee | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/11 22:03 | linux-5.15.y | de8dfb3f0278 | d168f260 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/11 02:26 | linux-5.15.y | de8dfb3f0278 | 29233ece | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/07 14:59 | linux-5.15.y | ef251c45f1cd | cbf9e0fc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/05 23:30 | linux-5.15.y | ef251c45f1cd | 26da2c66 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/04 15:39 | linux-5.15.y | ef251c45f1cd | 85f1bcf2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/04 09:45 | linux-5.15.y | ef251c45f1cd | 85f1bcf2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/04 09:45 | linux-5.15.y | ef251c45f1cd | 85f1bcf2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/04 04:41 | linux-5.15.y | ef251c45f1cd | a0d91488 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/05/04 03:32 | linux-5.15.y | ef251c45f1cd | a0d91488 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/30 17:36 | linux-5.15.y | ef251c45f1cd | a7464baf | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/28 23:43 | linux-5.15.y | b9d57c40a767 | 95008c03 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/28 21:15 | linux-5.15.y | b9d57c40a767 | 95008c03 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/27 23:47 | linux-5.15.y | b9d57c40a767 | ce741359 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/27 08:03 | linux-5.15.y | b9d57c40a767 | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/27 02:02 | linux-5.15.y | b9d57c40a767 | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/26 20:39 | linux-5.15.y | b9d57c40a767 | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/26 13:38 | linux-5.15.y | b9d57c40a767 | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/23 14:43 | linux-5.15.y | b9d57c40a767 | 4c3406dc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/20 20:15 | linux-5.15.y | b9d57c40a767 | e65da4ee | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/16 15:43 | linux-5.15.y | 91d48252ad4b | 4743f87d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/14 21:55 | linux-5.15.y | 91d48252ad4b | 362d1323 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/06 09:10 | linux-5.15.y | 91d48252ad4b | 4440e7c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/05 10:00 | linux-5.15.y | 91d48252ad4b | 4440e7c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/04/04 08:05 | linux-5.15.y | 91d48252ad4b | 4440e7c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/29 07:30 | linux-5.15.y | 91d48252ad4b | b5ceaad2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/29 05:55 | linux-5.15.y | 91d48252ad4b | b5ceaad2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/25 23:28 | linux-5.15.y | 91d48252ad4b | c6143aac | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/22 14:55 | linux-5.15.y | 91d48252ad4b | 5b92003d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/22 06:33 | linux-5.15.y | 91d48252ad4b | 5b92003d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/22 05:15 | linux-5.15.y | 91d48252ad4b | 5b92003d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/16 22:06 | linux-5.15.y | 91d48252ad4b | 0737c18f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/11 20:41 | linux-5.15.y | 91d48252ad4b | 2d88ab01 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/05 00:45 | linux-5.15.y | 91d48252ad4b | a9fe5c9e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2026/03/02 03:40 | linux-5.15.y | 3330a8d33e08 | 43249bac | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/11 07:28 | linux-5.15.y | cdfd0a7f0139 | 33b9e058 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan-arm64 | possible deadlock in input_event | ||
| 2023/07/17 14:43 | linux-5.15.y | d54cfc420586 | 20f8b3c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event |