syzbot |
sign-in | mailing list | source | docs |
| Date | Name | Commit | Repro | Result |
|---|---|---|---|---|
| 2023/09/03 | linux-5.15.y (ToT) | 8f790700c974 | C | [report] possible deadlock in input_event |
| 2023/07/20 | upstream (ToT) | bfa3037d8280 | C | [report] possible deadlock in input_event |
| 2023/09/03 | upstream (ToT) | 92901222f83d | C | Didn't crash |
| Kernel | Title | Rank 🛈 | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|---|
| linux-6.1 | possible deadlock in input_event origin:upstream missing-backport | 4 | C | done | 434 | 7d23h | 817d | 0/3 | upstream: reported C repro on 2023/06/23 12:11 | |
| upstream | possible deadlock in input_event (2) fs | 4 | C | inconclusive | 6254 | 5d03h | 1407d | 0/29 | upstream: reported C repro on 2021/11/10 17:01 | |
| upstream | possible deadlock in input_event | 4 | C | done | 2740 | 1408d | 1712d | 0/29 | closed as dup on 2021/07/07 07:31 | |
| linux-6.6 | possible deadlock in input_event | 4 | 28 | 17h19m | 79d | 0/2 | upstream: reported on 2025/06/30 21:29 |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2025/06/08 21:41 | 11m | retest repro | linux-5.15.y | report log | |
| 2025/06/08 21:41 | 13m | retest repro | linux-5.15.y | report log | |
| 2025/06/08 21:41 | 15m | retest repro | linux-5.15.y | report log | |
| 2025/06/08 21:41 | 14m | retest repro | linux-5.15.y | report log | |
| 2025/06/08 21:41 | 9m | retest repro | linux-5.15.y | report log | |
| 2025/01/12 14:15 | 14m | retest repro | linux-5.15.y | report log | |
| 2025/01/12 14:15 | 9m | retest repro | linux-5.15.y | report log | |
| 2025/01/12 14:15 | 9m | retest repro | linux-5.15.y | report log | |
| 2025/01/12 14:15 | 11m | retest repro | linux-5.15.y | report log |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2024/03/18 02:38 | 58m | bisect fix | linux-5.15.y | OK (0) job log log | |
| 2024/02/12 17:11 | 1h30m | bisect fix | linux-5.15.y | OK (0) job log log | |
| 2024/01/05 22:45 | 1h53m | bisect fix | linux-5.15.y | OK (0) job log log | |
| 2023/09/14 19:19 | 1h40m | fix candidate | upstream | OK (0) job log log |
=====================================================
WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
syzkaller #0 Not tainted
-----------------------------------------------------
syz.0.17/4317 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
ffff888023f3e3b8 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x2f/0x330 fs/fcntl.c:790
and this task is already holding:
ffff888073e99018 (&new->fa_lock){....}-{2:2}, at: kill_fasync_rcu fs/fcntl.c:1008 [inline]
ffff888073e99018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x16d/0x490 fs/fcntl.c:1029
which would create a new lock dependency:
(&new->fa_lock){....}-{2:2} -> (&f->f_owner.lock){....}-{2:2}
but this new dependency connects a HARDIRQ-irq-safe lock:
(&dev->event_lock#2){-...}-{2:2}
... which became HARDIRQ-irq-safe at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xa4/0xf0 kernel/locking/spinlock.c:162
input_event+0x76/0xb0 drivers/input/input.c:456
input_report_key include/linux/input.h:425 [inline]
psmouse_report_standard_buttons drivers/input/mouse/psmouse-base.c:123 [inline]
psmouse_report_standard_packet+0x4f/0x200 drivers/input/mouse/psmouse-base.c:141
psmouse_process_byte+0x42b/0x620 drivers/input/mouse/psmouse-base.c:232
psmouse_handle_byte+0x43/0x490 drivers/input/mouse/psmouse-base.c:274
psmouse_interrupt+0x699/0x1130 drivers/input/mouse/psmouse-base.c:426
serio_interrupt+0x87/0x130 drivers/input/serio/serio.c:1001
i8042_interrupt+0x369/0x710 drivers/input/serio/i8042.c:606
__handle_irq_event_percpu+0x291/0x9b0 kernel/irq/handle.c:156
handle_irq_event_percpu kernel/irq/handle.c:196 [inline]
handle_irq_event+0xa5/0x220 kernel/irq/handle.c:213
handle_edge_irq+0x243/0xb20 kernel/irq/chip.c:819
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:233 [inline]
__common_interrupt+0xd7/0x1e0 arch/x86/kernel/irq.c:252
common_interrupt+0xb0/0xd0 arch/x86/kernel/irq.c:242
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:667
__orc_find arch/x86/kernel/unwind_orc.c:52 [inline]
orc_find arch/x86/kernel/unwind_orc.c:178 [inline]
unwind_next_frame+0x107f/0x1d90 arch/x86/kernel/unwind_orc.c:448
__unwind_start+0x5bb/0x740 arch/x86/kernel/unwind_orc.c:704
unwind_start arch/x86/include/asm/unwind.h:60 [inline]
arch_stack_walk+0xda/0x140 arch/x86/kernel/stacktrace.c:24
stack_trace_save+0x98/0xe0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:38 [inline]
kasan_set_track+0x4b/0x70 mm/kasan/common.c:46
kasan_set_free_info+0x1f/0x40 mm/kasan/generic.c:360
____kasan_slab_free+0xd5/0x110 mm/kasan/common.c:366
kasan_slab_free include/linux/kasan.h:230 [inline]
slab_free_hook mm/slub.c:1705 [inline]
slab_free_freelist_hook+0xea/0x170 mm/slub.c:1731
slab_free mm/slub.c:3499 [inline]
kfree+0xef/0x2a0 mm/slub.c:4559
kobject_uevent_env+0x368/0x890 lib/kobject_uevent.c:640
driver_register+0x3e2/0x430 drivers/base/driver.c:248
usb_register_driver+0x202/0x3d0 drivers/usb/core/driver.c:1061
do_one_initcall+0x1ee/0x680 init/main.c:1302
do_initcall_level+0x137/0x1f0 init/main.c:1375
do_initcalls+0x4b/0x90 init/main.c:1391
kernel_init_freeable+0x3ce/0x560 init/main.c:1615
kernel_init+0x19/0x1b0 init/main.c:1506
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
to a HARDIRQ-irq-unsafe lock:
(tasklist_lock){.+.+}-{2:2}
... which became HARDIRQ-irq-unsafe at:
...
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x293/0xac0 kernel/exit.c:1579
kernel_wait+0xa8/0x160 kernel/exit.c:1769
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
other info that might help us debug this:
Chain exists of:
&dev->event_lock#2 --> &new->fa_lock --> tasklist_lock
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(tasklist_lock);
local_irq_disable();
lock(&dev->event_lock#2);
lock(&new->fa_lock);
<Interrupt>
lock(&dev->event_lock#2);
*** DEADLOCK ***
8 locks held by syz.0.17/4317:
#0: ffff888148229110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x177/0x470 drivers/input/evdev.c:513
#1: ffff8881468be230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0x9e/0x2c0 drivers/input/input.c:482
#2: ffffffff8c11c460 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#3: ffffffff8c11c460 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#4: ffffffff8c11c460 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#5: ffff88807f289028 (&client->buffer_lock){....}-{2:2}, at: spin_lock include/linux/spinlock.h:363 [inline]
#5: ffff88807f289028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xcb/0xab0 drivers/input/evdev.c:261
#6: ffffffff8c11c460 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#7: ffff888073e99018 (&new->fa_lock){....}-{2:2}, at: kill_fasync_rcu fs/fcntl.c:1008 [inline]
#7: ffff888073e99018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x16d/0x490 fs/fcntl.c:1029
the dependencies between HARDIRQ-irq-safe lock and the holding lock:
-> (&dev->event_lock#2){-...}-{2:2} {
IN-HARDIRQ-W at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xa4/0xf0 kernel/locking/spinlock.c:162
input_event+0x76/0xb0 drivers/input/input.c:456
input_report_key include/linux/input.h:425 [inline]
psmouse_report_standard_buttons drivers/input/mouse/psmouse-base.c:123 [inline]
psmouse_report_standard_packet+0x4f/0x200 drivers/input/mouse/psmouse-base.c:141
psmouse_process_byte+0x42b/0x620 drivers/input/mouse/psmouse-base.c:232
psmouse_handle_byte+0x43/0x490 drivers/input/mouse/psmouse-base.c:274
psmouse_interrupt+0x699/0x1130 drivers/input/mouse/psmouse-base.c:426
serio_interrupt+0x87/0x130 drivers/input/serio/serio.c:1001
i8042_interrupt+0x369/0x710 drivers/input/serio/i8042.c:606
__handle_irq_event_percpu+0x291/0x9b0 kernel/irq/handle.c:156
handle_irq_event_percpu kernel/irq/handle.c:196 [inline]
handle_irq_event+0xa5/0x220 kernel/irq/handle.c:213
handle_edge_irq+0x243/0xb20 kernel/irq/chip.c:819
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:233 [inline]
__common_interrupt+0xd7/0x1e0 arch/x86/kernel/irq.c:252
common_interrupt+0xb0/0xd0 arch/x86/kernel/irq.c:242
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:667
__orc_find arch/x86/kernel/unwind_orc.c:52 [inline]
orc_find arch/x86/kernel/unwind_orc.c:178 [inline]
unwind_next_frame+0x107f/0x1d90 arch/x86/kernel/unwind_orc.c:448
__unwind_start+0x5bb/0x740 arch/x86/kernel/unwind_orc.c:704
unwind_start arch/x86/include/asm/unwind.h:60 [inline]
arch_stack_walk+0xda/0x140 arch/x86/kernel/stacktrace.c:24
stack_trace_save+0x98/0xe0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:38 [inline]
kasan_set_track+0x4b/0x70 mm/kasan/common.c:46
kasan_set_free_info+0x1f/0x40 mm/kasan/generic.c:360
____kasan_slab_free+0xd5/0x110 mm/kasan/common.c:366
kasan_slab_free include/linux/kasan.h:230 [inline]
slab_free_hook mm/slub.c:1705 [inline]
slab_free_freelist_hook+0xea/0x170 mm/slub.c:1731
slab_free mm/slub.c:3499 [inline]
kfree+0xef/0x2a0 mm/slub.c:4559
kobject_uevent_env+0x368/0x890 lib/kobject_uevent.c:640
driver_register+0x3e2/0x430 drivers/base/driver.c:248
usb_register_driver+0x202/0x3d0 drivers/usb/core/driver.c:1061
do_one_initcall+0x1ee/0x680 init/main.c:1302
do_initcall_level+0x137/0x1f0 init/main.c:1375
do_initcalls+0x4b/0x90 init/main.c:1391
kernel_init_freeable+0x3ce/0x560 init/main.c:1615
kernel_init+0x19/0x1b0 init/main.c:1506
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
INITIAL USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xa4/0xf0 kernel/locking/spinlock.c:162
input_inject_event+0x9e/0x2c0 drivers/input/input.c:482
led_trigger_event+0x10a/0x1e0 drivers/leds/led-triggers.c:392
kbd_led_trigger_activate+0xb9/0x100 drivers/tty/vt/keyboard.c:1029
led_trigger_set+0x504/0x900 drivers/leds/led-triggers.c:211
led_trigger_set_default+0x19c/0x1e0 drivers/leds/led-triggers.c:275
led_classdev_register_ext+0x68f/0x870 drivers/leds/led-class.c:428
led_classdev_register include/linux/leds.h:196 [inline]
input_leds_connect+0x51d/0x750 drivers/input/input-leds.c:139
input_attach_handler drivers/input/input.c:1046 [inline]
input_register_device+0xda7/0x1140 drivers/input/input.c:2429
atkbd_connect+0x759/0xa10 drivers/input/keyboard/atkbd.c:1337
serio_connect_driver drivers/input/serio/serio.c:47 [inline]
serio_driver_probe+0x76/0x90 drivers/input/serio/serio.c:778
call_driver_probe drivers/base/dd.c:-1 [inline]
really_probe+0x284/0xc80 drivers/base/dd.c:595
__driver_probe_device+0x18c/0x330 drivers/base/dd.c:755
driver_probe_device+0x4f/0x420 drivers/base/dd.c:785
__driver_attach+0x46b/0x670 drivers/base/dd.c:1164
bus_for_each_dev+0x175/0x1e0 drivers/base/bus.c:303
serio_attach_driver drivers/input/serio/serio.c:807 [inline]
serio_handle_event+0x29c/0x840 drivers/input/serio/serio.c:227
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
}
... key at: [<ffffffff96424aa0>] input_allocate_device.__key.6+0x0/0x20
-> (&client->buffer_lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
_raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:363 [inline]
evdev_pass_values+0xcb/0xab0 drivers/input/evdev.c:261
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff96424d60>] evdev_open.__key.22+0x0/0x20
... acquired at:
__raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
_raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:363 [inline]
evdev_pass_values+0xcb/0xab0 drivers/input/evdev.c:261
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
-> (&new->fa_lock){....}-{2:2} {
INITIAL READ USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1008 [inline]
kill_fasync+0x16d/0x490 fs/fcntl.c:1029
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x54b/0xab0 drivers/input/evdev.c:278
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff96129740>] fasync_insert_entry.__key+0x0/0x20
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1008 [inline]
kill_fasync+0x16d/0x490 fs/fcntl.c:1029
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x54b/0xab0 drivers/input/evdev.c:278
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
the dependencies between the lock to be acquired
and HARDIRQ-irq-unsafe lock:
-> (tasklist_lock){.+.+}-{2:2} {
HARDIRQ-ON-R at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x293/0xac0 kernel/exit.c:1579
kernel_wait+0xa8/0x160 kernel/exit.c:1769
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
SOFTIRQ-ON-R at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x293/0xac0 kernel/exit.c:1579
kernel_wait+0xa8/0x160 kernel/exit.c:1769
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
INITIAL USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline]
_raw_write_lock_irq+0x9f/0xe0 kernel/locking/spinlock.c:316
copy_process+0x234a/0x3e00 kernel/fork.c:2412
kernel_clone+0x219/0x930 kernel/fork.c:2679
kernel_thread+0xc8/0x120 kernel/fork.c:2731
rest_init+0x21/0x330 init/main.c:706
start_kernel+0x486/0x530 init/main.c:1140
secondary_startup_64_no_verify+0xb1/0xbb
INITIAL READ USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x293/0xac0 kernel/exit.c:1579
kernel_wait+0xa8/0x160 kernel/exit.c:1769
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x863/0x1000 kernel/workqueue.c:2310
worker_thread+0xaa8/0x12a0 kernel/workqueue.c:2457
kthread+0x436/0x520 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:287
}
... key at: [<ffffffff8be0a058>] tasklist_lock+0x18/0x40
... acquired at:
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
send_sigurg+0xcb/0x390 fs/fcntl.c:845
sk_send_sigurg+0x6b/0xc0 net/core/sock.c:3129
tcp_check_urg net/ipv4/tcp_input.c:5688 [inline]
tcp_urg+0x2bc/0xb10 net/ipv4/tcp_input.c:5729
tcp_rcv_established+0xac5/0x1cb0 net/ipv4/tcp_input.c:6063
tcp_v6_do_rcv+0x539/0x1180 net/ipv6/tcp_ipv6.c:1526
sk_backlog_rcv include/net/sock.h:1061 [inline]
__release_sock+0x1b9/0x420 net/core/sock.c:2725
release_sock+0x5b/0x1b0 net/core/sock.c:3266
sk_stream_wait_memory+0x6d8/0xe50 net/core/stream.c:145
tcp_sendmsg_locked+0x1c9f/0x3590 net/ipv4/tcp.c:1419
tcp_sendmsg+0x2b/0x40 net/ipv4/tcp.c:1457
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
__sys_sendto+0x423/0x580 net/socket.c:2063
__do_sys_sendto net/socket.c:2075 [inline]
__se_sys_sendto net/socket.c:2071 [inline]
__x64_sys_sendto+0xda/0xf0 net/socket.c:2071
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
-> (&f->f_owner.lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline]
_raw_write_lock_irq+0x9f/0xe0 kernel/locking/spinlock.c:316
__f_setown+0x37/0x330 fs/fcntl.c:91
f_setown+0x120/0x1c0 fs/fcntl.c:132
do_fcntl+0x192/0x12d0 fs/fcntl.c:387
__do_sys_fcntl fs/fcntl.c:466 [inline]
__se_sys_fcntl+0xcc/0x190 fs/fcntl.c:451
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
INITIAL READ USE at:
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
send_sigurg+0x25/0x390 fs/fcntl.c:829
sk_send_sigurg+0x6b/0xc0 net/core/sock.c:3129
tcp_check_urg net/ipv4/tcp_input.c:5688 [inline]
tcp_urg+0x2bc/0xb10 net/ipv4/tcp_input.c:5729
tcp_rcv_established+0xac5/0x1cb0 net/ipv4/tcp_input.c:6063
tcp_v6_do_rcv+0x539/0x1180 net/ipv6/tcp_ipv6.c:1526
sk_backlog_rcv include/net/sock.h:1061 [inline]
__release_sock+0x1b9/0x420 net/core/sock.c:2725
release_sock+0x5b/0x1b0 net/core/sock.c:3266
sk_stream_wait_memory+0x6d8/0xe50 net/core/stream.c:145
tcp_sendmsg_locked+0x1c9f/0x3590 net/ipv4/tcp.c:1419
tcp_sendmsg+0x2b/0x40 net/ipv4/tcp.c:1457
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
__sys_sendto+0x423/0x580 net/socket.c:2063
__do_sys_sendto net/socket.c:2075 [inline]
__se_sys_sendto net/socket.c:2071 [inline]
__x64_sys_sendto+0xda/0xf0 net/socket.c:2071
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff96128ac0>] __alloc_file.__key+0x0/0x10
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
send_sigio+0x2f/0x330 fs/fcntl.c:790
kill_fasync_rcu fs/fcntl.c:1015 [inline]
kill_fasync+0x20a/0x490 fs/fcntl.c:1029
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x54b/0xab0 drivers/input/evdev.c:278
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
stack backtrace:
CPU: 0 PID: 4317 Comm: syz.0.17 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Call Trace:
<TASK>
dump_stack_lvl+0x168/0x230 lib/dump_stack.c:106
print_bad_irq_dependency kernel/locking/lockdep.c:2567 [inline]
check_irq_usage kernel/locking/lockdep.c:2806 [inline]
check_prev_add kernel/locking/lockdep.c:3057 [inline]
check_prevs_add kernel/locking/lockdep.c:3172 [inline]
validate_chain kernel/locking/lockdep.c:3788 [inline]
__lock_acquire+0x65dd/0x7c60 kernel/locking/lockdep.c:5012
lock_acquire+0x197/0x3f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xac/0xf0 kernel/locking/spinlock.c:236
send_sigio+0x2f/0x330 fs/fcntl.c:790
kill_fasync_rcu fs/fcntl.c:1015 [inline]
kill_fasync+0x20a/0x490 fs/fcntl.c:1029
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x54b/0xab0 drivers/input/evdev.c:278
evdev_events+0x1c0/0x2f0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x880/0x1220 drivers/input/input.c:156
input_handle_event+0xb3f/0x1490 drivers/input/input.c:415
input_inject_event+0x1b9/0x2c0 drivers/input/input.c:487
evdev_write+0x326/0x470 drivers/input/evdev.c:530
vfs_write+0x300/0xd00 fs/read_write.c:592
ksys_write+0x14d/0x250 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7fb33a123be9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fb339772038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007fb33a35b090 RCX: 00007fb33a123be9
RDX: 0000000000001068 RSI: 0000200000000040 RDI: 0000000000000005
RBP: 00007fb33a1a6e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fb33a35b128 R14: 00007fb33a35b090 R15: 00007ffe2137a7d8
</TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2025/09/09 13:17 | linux-5.15.y | 7a6c2d093c45 | d291dd2d | .config | console log | report | syz / log | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2025/04/15 07:59 | linux-5.15.y | f7347f400572 | 0bd6db41 | .config | console log | report | syz / log | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/05/06 04:12 | linux-5.15.y | 284087d4f7d5 | 610f2a54 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/04/11 08:09 | linux-5.15.y | cdfd0a7f0139 | 33b9e058 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/04/10 23:08 | linux-5.15.y | cdfd0a7f0139 | 4320ec32 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2023/07/19 08:21 | linux-5.15.y | d54cfc420586 | 022df2bb | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2025/09/04 06:26 | linux-5.15.y | 01879f56bdde | d291dd2d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/09/02 12:29 | linux-5.15.y | 01879f56bdde | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/30 03:42 | linux-5.15.y | 01879f56bdde | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/30 02:16 | linux-5.15.y | 01879f56bdde | 807a3b61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/26 20:15 | linux-5.15.y | c79648372d02 | e12e5ba4 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/24 15:23 | linux-5.15.y | c79648372d02 | bf27483f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/22 07:57 | linux-5.15.y | c79648372d02 | bf27483f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/21 17:27 | linux-5.15.y | c79648372d02 | 3e79b825 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/20 03:59 | linux-5.15.y | c79648372d02 | 79512909 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/19 17:46 | linux-5.15.y | c79648372d02 | 254a27c1 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/19 06:11 | linux-5.15.y | c79648372d02 | 523f460e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/15 05:31 | linux-5.15.y | c79648372d02 | 1804e95e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/14 17:18 | linux-5.15.y | c79648372d02 | 5d8c2ac2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/13 19:06 | linux-5.15.y | c79648372d02 | 22ec1469 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/12 21:57 | linux-5.15.y | c79648372d02 | 22ec1469 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/12 00:15 | linux-5.15.y | c79648372d02 | c06e8995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/11 22:19 | linux-5.15.y | c79648372d02 | c06e8995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/11 22:18 | linux-5.15.y | c79648372d02 | c06e8995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/10 20:42 | linux-5.15.y | c79648372d02 | 32a0e5ed | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/09 16:26 | linux-5.15.y | c79648372d02 | 32a0e5ed | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/08/07 01:57 | linux-5.15.y | c79648372d02 | 9a42d6b1 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/07/20 03:32 | linux-5.15.y | c79648372d02 | 7117feec | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/07/19 19:41 | linux-5.15.y | c79648372d02 | 7117feec | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/07/17 15:04 | linux-5.15.y | 89950c454265 | 0d1223f1 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/07/09 11:19 | linux-5.15.y | 3dea0e7f549e | f4e5e155 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/26 12:55 | linux-5.15.y | 1c700860e8bc | 26d77996 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/25 22:18 | linux-5.15.y | 1c700860e8bc | 26d77996 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/22 17:57 | linux-5.15.y | 1c700860e8bc | d6cdfb8a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/20 09:29 | linux-5.15.y | 1c700860e8bc | ed3e87f7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/19 01:53 | linux-5.15.y | 1c700860e8bc | ed3e87f7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/14 19:34 | linux-5.15.y | 1c700860e8bc | 5f4b362d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/14 02:17 | linux-5.15.y | 1c700860e8bc | 0e8da31f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/11 15:08 | linux-5.15.y | 1c700860e8bc | 5d7e17ca | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/06/10 20:13 | linux-5.15.y | 1c700860e8bc | 5d7e17ca | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/25 20:44 | linux-5.15.y | 98f47d0e9b8c | 2d4582d0 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/23 19:58 | linux-5.15.y | 98f47d0e9b8c | f8cc0c83 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/23 03:15 | linux-5.15.y | 98f47d0e9b8c | fa44301a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/22 15:27 | linux-5.15.y | 98f47d0e9b8c | 0919b50b | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/22 04:05 | linux-5.15.y | a68c15152131 | 0919b50b | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/20 14:49 | linux-5.15.y | a68c15152131 | b47f9e02 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/19 14:47 | linux-5.15.y | a68c15152131 | b84f0537 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/18 10:28 | linux-5.15.y | a68c15152131 | f41472b0 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/18 05:15 | linux-5.15.y | 3b8db0e4f263 | f41472b0 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/17 21:44 | linux-5.15.y | 3b8db0e4f263 | f41472b0 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/17 20:27 | linux-5.15.y | 3b8db0e4f263 | f41472b0 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2025/05/16 23:41 | linux-5.15.y | 3b8db0e4f263 | f41472b0 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/11 07:28 | linux-5.15.y | cdfd0a7f0139 | 33b9e058 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan-arm64 | possible deadlock in input_event | ||
| 2023/07/17 14:43 | linux-5.15.y | d54cfc420586 | 20f8b3c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event |