syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [569] 🐞 Fixed [32] 🐞 Invalid [301] ⬇ Missing Backports [45] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
| Date | Name | Commit | Repro | Result |
|---|---|---|---|---|
| 2023/09/03 | linux-5.15.y (ToT) | 8f790700c974 | C | [report] possible deadlock in input_event |
| 2023/07/20 | upstream (ToT) | bfa3037d8280 | C | [report] possible deadlock in input_event |
| 2023/09/03 | upstream (ToT) | 92901222f83d | C | Didn't crash |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| linux-6.1 | possible deadlock in input_event origin:upstream | C | 118 | 5h01m | 318d | 0/3 | upstream: reported C repro on 2023/06/23 12:11 | ||
| upstream | possible deadlock in input_event (2) kernfs | C | inconclusive | 2911 | 2h32m | 908d | 0/26 | upstream: reported C repro on 2021/11/10 17:01 | |
| upstream | possible deadlock in input_event | C | done | 2740 | 909d | 1213d | 0/26 | closed as dup on 2021/07/07 07:31 |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2024/03/18 02:38 | 58m | bisect fix | linux-5.15.y | job log (0) log | |
| 2024/02/12 17:11 | 1h30m | bisect fix | linux-5.15.y | job log (0) log | |
| 2024/01/05 22:45 | 1h53m | bisect fix | linux-5.15.y | job log (0) log | |
| 2023/09/14 19:19 | 1h40m | fix candidate | upstream | job log (0) log |
=====================================================
WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
5.15.158-syzkaller #0 Not tainted
-----------------------------------------------------
syz-executor407/3499 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
ffff88807700c8b8 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x2f/0x330 fs/fcntl.c:796
and this task is already holding:
ffff88807590d018 (&new->fa_lock){....}-{2:2}, at: kill_fasync_rcu fs/fcntl.c:1014 [inline]
ffff88807590d018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x16a/0x490 fs/fcntl.c:1035
which would create a new lock dependency:
(&new->fa_lock){....}-{2:2} -> (&f->f_owner.lock){....}-{2:2}
but this new dependency connects a HARDIRQ-irq-safe lock:
(&dev->event_lock#2){-...}-{2:2}
... which became HARDIRQ-irq-safe at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
input_event+0x8a/0xd0 drivers/input/input.c:456
input_report_key include/linux/input.h:425 [inline]
psmouse_report_standard_buttons drivers/input/mouse/psmouse-base.c:123 [inline]
psmouse_report_standard_packet+0x50/0x200 drivers/input/mouse/psmouse-base.c:141
psmouse_process_byte+0x45b/0x640 drivers/input/mouse/psmouse-base.c:232
psmouse_handle_byte+0x46/0x4b0 drivers/input/mouse/psmouse-base.c:274
psmouse_interrupt+0x697/0x10a0 drivers/input/mouse/psmouse-base.c:426
serio_interrupt+0x88/0x130 drivers/input/serio/serio.c:1001
i8042_interrupt+0x355/0x750 drivers/input/serio/i8042.c:606
__handle_irq_event_percpu+0x292/0xa70 kernel/irq/handle.c:156
handle_irq_event_percpu kernel/irq/handle.c:196 [inline]
handle_irq_event+0xff/0x2b0 kernel/irq/handle.c:213
handle_edge_irq+0x245/0xbf0 kernel/irq/chip.c:822
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:231 [inline]
__common_interrupt+0xd7/0x1f0 arch/x86/kernel/irq.c:250
common_interrupt+0x9f/0xc0 arch/x86/kernel/irq.c:240
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:629
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline]
_raw_spin_unlock_irqrestore+0xd4/0x130 kernel/locking/spinlock.c:194
spin_unlock_irqrestore include/linux/spinlock.h:418 [inline]
i8042_command drivers/input/serio/i8042.c:356 [inline]
i8042_aux_write+0x112/0x190 drivers/input/serio/i8042.c:391
serio_write include/linux/serio.h:125 [inline]
ps2_do_sendbyte+0x20a/0x720 drivers/input/serio/libps2.c:40
ps2_sendbyte+0x5c/0x120 drivers/input/serio/libps2.c:92
cypress_ps2_sendbyte drivers/input/mouse/cypress_ps2.c:42 [inline]
cypress_ps2_read_cmd_status drivers/input/mouse/cypress_ps2.c:116 [inline]
cypress_send_ext_cmd+0x21d/0x900 drivers/input/mouse/cypress_ps2.c:189
cypress_detect+0x8f/0x220 drivers/input/mouse/cypress_ps2.c:205
psmouse_do_detect drivers/input/mouse/psmouse-base.c:1009 [inline]
psmouse_try_protocol drivers/input/mouse/psmouse-base.c:1023 [inline]
psmouse_extensions+0xc2a/0x1550 drivers/input/mouse/psmouse-base.c:1146
psmouse_switch_protocol+0x308/0x840 drivers/input/mouse/psmouse-base.c:1542
psmouse_connect+0x94b/0x1430 drivers/input/mouse/psmouse-base.c:1632
serio_connect_driver drivers/input/serio/serio.c:47 [inline]
serio_driver_probe+0x74/0x90 drivers/input/serio/serio.c:778
really_probe+0x24e/0xb60 drivers/base/dd.c:595
__driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:755
driver_probe_device+0x50/0x420 drivers/base/dd.c:785
__driver_attach+0x479/0x690 drivers/base/dd.c:1164
bus_for_each_dev+0x17c/0x1f0 drivers/base/bus.c:301
serio_attach_driver drivers/input/serio/serio.c:807 [inline]
serio_handle_event+0x56a/0x8f0 drivers/input/serio/serio.c:227
process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300
to a HARDIRQ-irq-unsafe lock:
(tasklist_lock){.+.+}-{2:2}
... which became HARDIRQ-irq-unsafe at:
...
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x2a7/0xaf0 kernel/exit.c:1576
kernel_wait+0xe5/0x230 kernel/exit.c:1766
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300
other info that might help us debug this:
Chain exists of:
&dev->event_lock#2 --> &new->fa_lock --> tasklist_lock
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(tasklist_lock);
local_irq_disable();
lock(&dev->event_lock#2);
lock(&new->fa_lock);
<Interrupt>
lock(&dev->event_lock#2);
*** DEADLOCK ***
8 locks held by syz-executor407/3499:
#0: ffff88814854d110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x26d/0x7c0 drivers/input/evdev.c:513
#1: ffff8881483d2230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0xc0/0x300 drivers/input/input.c:482
#2: ffffffff8c91fae0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#3: ffffffff8c91fae0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#4: ffffffff8c91fae0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#5: ffff888073ad3028 (&client->buffer_lock){....}-{2:2}, at: spin_lock include/linux/spinlock.h:363 [inline]
#5: ffff888073ad3028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values+0xe7/0xb60 drivers/input/evdev.c:261
#6: ffffffff8c91fae0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 include/linux/rcupdate.h:311
#7: ffff88807590d018 (&new->fa_lock){....}-{2:2}, at: kill_fasync_rcu fs/fcntl.c:1014 [inline]
#7: ffff88807590d018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x16a/0x490 fs/fcntl.c:1035
the dependencies between HARDIRQ-irq-safe lock and the holding lock:
-> (&dev->event_lock#2){-...}-{2:2} {
IN-HARDIRQ-W at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
input_event+0x8a/0xd0 drivers/input/input.c:456
input_report_key include/linux/input.h:425 [inline]
psmouse_report_standard_buttons drivers/input/mouse/psmouse-base.c:123 [inline]
psmouse_report_standard_packet+0x50/0x200 drivers/input/mouse/psmouse-base.c:141
psmouse_process_byte+0x45b/0x640 drivers/input/mouse/psmouse-base.c:232
psmouse_handle_byte+0x46/0x4b0 drivers/input/mouse/psmouse-base.c:274
psmouse_interrupt+0x697/0x10a0 drivers/input/mouse/psmouse-base.c:426
serio_interrupt+0x88/0x130 drivers/input/serio/serio.c:1001
i8042_interrupt+0x355/0x750 drivers/input/serio/i8042.c:606
__handle_irq_event_percpu+0x292/0xa70 kernel/irq/handle.c:156
handle_irq_event_percpu kernel/irq/handle.c:196 [inline]
handle_irq_event+0xff/0x2b0 kernel/irq/handle.c:213
handle_edge_irq+0x245/0xbf0 kernel/irq/chip.c:822
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:231 [inline]
__common_interrupt+0xd7/0x1f0 arch/x86/kernel/irq.c:250
common_interrupt+0x9f/0xc0 arch/x86/kernel/irq.c:240
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:629
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline]
_raw_spin_unlock_irqrestore+0xd4/0x130 kernel/locking/spinlock.c:194
spin_unlock_irqrestore include/linux/spinlock.h:418 [inline]
i8042_command drivers/input/serio/i8042.c:356 [inline]
i8042_aux_write+0x112/0x190 drivers/input/serio/i8042.c:391
serio_write include/linux/serio.h:125 [inline]
ps2_do_sendbyte+0x20a/0x720 drivers/input/serio/libps2.c:40
ps2_sendbyte+0x5c/0x120 drivers/input/serio/libps2.c:92
cypress_ps2_sendbyte drivers/input/mouse/cypress_ps2.c:42 [inline]
cypress_ps2_read_cmd_status drivers/input/mouse/cypress_ps2.c:116 [inline]
cypress_send_ext_cmd+0x21d/0x900 drivers/input/mouse/cypress_ps2.c:189
cypress_detect+0x8f/0x220 drivers/input/mouse/cypress_ps2.c:205
psmouse_do_detect drivers/input/mouse/psmouse-base.c:1009 [inline]
psmouse_try_protocol drivers/input/mouse/psmouse-base.c:1023 [inline]
psmouse_extensions+0xc2a/0x1550 drivers/input/mouse/psmouse-base.c:1146
psmouse_switch_protocol+0x308/0x840 drivers/input/mouse/psmouse-base.c:1542
psmouse_connect+0x94b/0x1430 drivers/input/mouse/psmouse-base.c:1632
serio_connect_driver drivers/input/serio/serio.c:47 [inline]
serio_driver_probe+0x74/0x90 drivers/input/serio/serio.c:778
really_probe+0x24e/0xb60 drivers/base/dd.c:595
__driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:755
driver_probe_device+0x50/0x420 drivers/base/dd.c:785
__driver_attach+0x479/0x690 drivers/base/dd.c:1164
bus_for_each_dev+0x17c/0x1f0 drivers/base/bus.c:301
serio_attach_driver drivers/input/serio/serio.c:807 [inline]
serio_handle_event+0x56a/0x8f0 drivers/input/serio/serio.c:227
process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300
INITIAL USE at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
input_inject_event+0xc0/0x300 drivers/input/input.c:482
led_trigger_event+0x64/0xc0 drivers/leds/led-triggers.c:388
kbd_led_trigger_activate+0xb9/0x100 drivers/tty/vt/keyboard.c:1029
led_trigger_set+0x513/0x930 drivers/leds/led-triggers.c:195
led_trigger_set_default+0x1c2/0x200 drivers/leds/led-triggers.c:259
led_classdev_register_ext+0x6cf/0x8d0 drivers/leds/led-class.c:421
led_classdev_register include/linux/leds.h:196 [inline]
input_leds_connect+0x503/0x740 drivers/input/input-leds.c:139
input_attach_handler drivers/input/input.c:1046 [inline]
input_register_device+0xdae/0x1150 drivers/input/input.c:2354
atkbd_connect+0x7a7/0xa70 drivers/input/keyboard/atkbd.c:1336
serio_connect_driver drivers/input/serio/serio.c:47 [inline]
serio_driver_probe+0x74/0x90 drivers/input/serio/serio.c:778
really_probe+0x24e/0xb60 drivers/base/dd.c:595
__driver_probe_device+0x1a2/0x3d0 drivers/base/dd.c:755
driver_probe_device+0x50/0x420 drivers/base/dd.c:785
__driver_attach+0x479/0x690 drivers/base/dd.c:1164
bus_for_each_dev+0x17c/0x1f0 drivers/base/bus.c:301
serio_attach_driver drivers/input/serio/serio.c:807 [inline]
serio_handle_event+0x56a/0x8f0 drivers/input/serio/serio.c:227
process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300
}
... key at: [<ffffffff91752a20>] input_allocate_device.__key.6+0x0/0x20
-> (&client->buffer_lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
_raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:363 [inline]
evdev_pass_values+0xe7/0xb60 drivers/input/evdev.c:261
evdev_events+0x198/0x2c0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x873/0x1200 drivers/input/input.c:156
input_handle_event+0xc9b/0x1600 drivers/input/input.c:415
input_inject_event+0x1fc/0x300 drivers/input/input.c:487
evdev_write+0x668/0x7c0 drivers/input/evdev.c:530
vfs_write+0x30c/0xe50 fs/read_write.c:592
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff91752ce0>] evdev_open.__key.23+0x0/0x20
... acquired at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
_raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:363 [inline]
evdev_pass_values+0xe7/0xb60 drivers/input/evdev.c:261
evdev_events+0x198/0x2c0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x873/0x1200 drivers/input/input.c:156
input_handle_event+0xc9b/0x1600 drivers/input/input.c:415
input_inject_event+0x1fc/0x300 drivers/input/input.c:487
evdev_write+0x668/0x7c0 drivers/input/evdev.c:530
vfs_write+0x30c/0xe50 fs/read_write.c:592
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
-> (&new->fa_lock){....}-{2:2} {
INITIAL READ USE at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xd9/0x120 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1014 [inline]
kill_fasync+0x16a/0x490 fs/fcntl.c:1035
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x5ad/0xb60 drivers/input/evdev.c:278
evdev_events+0x198/0x2c0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x873/0x1200 drivers/input/input.c:156
input_handle_event+0xc9b/0x1600 drivers/input/input.c:415
input_inject_event+0x1fc/0x300 drivers/input/input.c:487
evdev_write+0x668/0x7c0 drivers/input/evdev.c:530
vfs_write+0x30c/0xe50 fs/read_write.c:592
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff91456940>] fasync_insert_entry.__key+0x0/0x20
... acquired at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xd9/0x120 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1014 [inline]
kill_fasync+0x16a/0x490 fs/fcntl.c:1035
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x5ad/0xb60 drivers/input/evdev.c:278
evdev_events+0x198/0x2c0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x873/0x1200 drivers/input/input.c:156
input_handle_event+0xc9b/0x1600 drivers/input/input.c:415
input_inject_event+0x1fc/0x300 drivers/input/input.c:487
evdev_write+0x668/0x7c0 drivers/input/evdev.c:530
vfs_write+0x30c/0xe50 fs/read_write.c:592
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
the dependencies between the lock to be acquired
and HARDIRQ-irq-unsafe lock:
-> (tasklist_lock){.+.+}-{2:2} {
HARDIRQ-ON-R at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x2a7/0xaf0 kernel/exit.c:1576
kernel_wait+0xe5/0x230 kernel/exit.c:1766
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300
SOFTIRQ-ON-R at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x2a7/0xaf0 kernel/exit.c:1576
kernel_wait+0xe5/0x230 kernel/exit.c:1766
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300
INITIAL USE at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline]
_raw_write_lock_irq+0xcf/0x110 kernel/locking/spinlock.c:316
copy_process+0x22be/0x3ef0 kernel/fork.c:2337
kernel_clone+0x210/0x960 kernel/fork.c:2604
kernel_thread+0x168/0x1e0 kernel/fork.c:2656
rest_init+0x21/0x330 init/main.c:706
start_kernel+0x48c/0x540 init/main.c:1140
secondary_startup_64_no_verify+0xb1/0xbb
INITIAL READ USE at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
do_wait+0x2a7/0xaf0 kernel/exit.c:1576
kernel_wait+0xe5/0x230 kernel/exit.c:1766
call_usermodehelper_exec_sync kernel/umh.c:139 [inline]
call_usermodehelper_exec_work+0xb5/0x220 kernel/umh.c:166
process_one_work+0x8a1/0x10c0 kernel/workqueue.c:2310
worker_thread+0xaca/0x1280 kernel/workqueue.c:2457
kthread+0x3f6/0x4f0 kernel/kthread.c:334
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300
}
... key at: [<ffffffff8c60a058>] tasklist_lock+0x18/0x40
... acquired at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock include/linux/rwlock_api_smp.h:149 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
send_sigurg+0xc8/0x380 fs/fcntl.c:851
sk_send_sigurg+0x6a/0xb0 net/core/sock.c:3128
queue_oob+0x618/0x8d0 net/unix/af_unix.c:2015
unix_stream_sendmsg+0xe0a/0x1070 net/unix/af_unix.c:2115
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
____sys_sendmsg+0x59e/0x8f0 net/socket.c:2431
___sys_sendmsg+0x252/0x2e0 net/socket.c:2485
__sys_sendmsg net/socket.c:2514 [inline]
__do_sys_sendmsg net/socket.c:2523 [inline]
__se_sys_sendmsg+0x19a/0x260 net/socket.c:2521
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
-> (&f->f_owner.lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_write_lock_irq include/linux/rwlock_api_smp.h:196 [inline]
_raw_write_lock_irq+0xcf/0x110 kernel/locking/spinlock.c:316
f_modown+0x38/0x340 fs/fcntl.c:91
__f_setown fs/fcntl.c:110 [inline]
f_setown+0x127/0x1d0 fs/fcntl.c:138
do_fcntl+0x1b7/0x1600 fs/fcntl.c:393
__do_sys_fcntl fs/fcntl.c:472 [inline]
__se_sys_fcntl+0xd8/0x1b0 fs/fcntl.c:457
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
INITIAL READ USE at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xd9/0x120 kernel/locking/spinlock.c:236
send_sigurg+0x25/0x380 fs/fcntl.c:835
sk_send_sigurg+0x6a/0xb0 net/core/sock.c:3128
queue_oob+0x618/0x8d0 net/unix/af_unix.c:2015
unix_stream_sendmsg+0xe0a/0x1070 net/unix/af_unix.c:2115
sock_sendmsg_nosec net/socket.c:704 [inline]
__sock_sendmsg net/socket.c:716 [inline]
____sys_sendmsg+0x59e/0x8f0 net/socket.c:2431
___sys_sendmsg+0x252/0x2e0 net/socket.c:2485
__sys_sendmsg net/socket.c:2514 [inline]
__do_sys_sendmsg net/socket.c:2523 [inline]
__se_sys_sendmsg+0x19a/0x260 net/socket.c:2521
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
}
... key at: [<ffffffff91455cc0>] __alloc_file.__key+0x0/0x10
... acquired at:
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xd9/0x120 kernel/locking/spinlock.c:236
send_sigio+0x2f/0x330 fs/fcntl.c:796
kill_fasync_rcu fs/fcntl.c:1021 [inline]
kill_fasync+0x20c/0x490 fs/fcntl.c:1035
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x5ad/0xb60 drivers/input/evdev.c:278
evdev_events+0x198/0x2c0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x873/0x1200 drivers/input/input.c:156
input_handle_event+0xc9b/0x1600 drivers/input/input.c:415
input_inject_event+0x1fc/0x300 drivers/input/input.c:487
evdev_write+0x668/0x7c0 drivers/input/evdev.c:530
vfs_write+0x30c/0xe50 fs/read_write.c:592
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
stack backtrace:
CPU: 0 PID: 3499 Comm: syz-executor407 Not tainted 5.15.158-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e3/0x2d0 lib/dump_stack.c:106
print_bad_irq_dependency kernel/locking/lockdep.c:2567 [inline]
check_irq_usage kernel/locking/lockdep.c:2806 [inline]
check_prev_add kernel/locking/lockdep.c:3057 [inline]
check_prevs_add kernel/locking/lockdep.c:3172 [inline]
validate_chain+0x4d01/0x5930 kernel/locking/lockdep.c:3788
__lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:159 [inline]
_raw_read_lock_irqsave+0xd9/0x120 kernel/locking/spinlock.c:236
send_sigio+0x2f/0x330 fs/fcntl.c:796
kill_fasync_rcu fs/fcntl.c:1021 [inline]
kill_fasync+0x20c/0x490 fs/fcntl.c:1035
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x5ad/0xb60 drivers/input/evdev.c:278
evdev_events+0x198/0x2c0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:126 [inline]
input_pass_values+0x873/0x1200 drivers/input/input.c:156
input_handle_event+0xc9b/0x1600 drivers/input/input.c:415
input_inject_event+0x1fc/0x300 drivers/input/input.c:487
evdev_write+0x668/0x7c0 drivers/input/evdev.c:530
vfs_write+0x30c/0xe50 fs/read_write.c:592
ksys_write+0x1a2/0x2c0 fs/read_write.c:647
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7fa29041f329
Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fffa1445e88 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007fffa1446058 RCX: 00007fa29041f32
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/05/06 04:12 | linux-5.15.y | 284087d4f7d5 | 610f2a54 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/04/11 08:09 | linux-5.15.y | cdfd0a7f0139 | 33b9e058 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/04/10 23:08 | linux-5.15.y | cdfd0a7f0139 | 4320ec32 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2023/07/19 08:21 | linux-5.15.y | d54cfc420586 | 022df2bb | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | |
| 2024/05/03 11:29 | linux-5.15.y | 284087d4f7d5 | dd26401e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/05/02 20:12 | linux-5.15.y | 284087d4f7d5 | 3ba885bc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/30 15:35 | linux-5.15.y | b925f60c6ee7 | 3ce4924c | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/29 22:02 | linux-5.15.y | b925f60c6ee7 | f10afd69 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/29 11:24 | linux-5.15.y | b925f60c6ee7 | 27e33c58 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/28 04:32 | linux-5.15.y | b925f60c6ee7 | 07b455f9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/27 18:43 | linux-5.15.y | b925f60c6ee7 | 07b455f9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/27 06:56 | linux-5.15.y | c52b9710c83d | 07b455f9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/26 14:05 | linux-5.15.y | c52b9710c83d | 059e9963 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/26 11:26 | linux-5.15.y | c52b9710c83d | 8bdc0f22 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/26 05:28 | linux-5.15.y | c52b9710c83d | 8bdc0f22 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/24 19:31 | linux-5.15.y | c52b9710c83d | 8bdc0f22 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/23 10:39 | linux-5.15.y | c52b9710c83d | 21339d7b | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/22 12:29 | linux-5.15.y | c52b9710c83d | 36c961ad | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/20 00:28 | linux-5.15.y | c52b9710c83d | af24b050 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/18 10:40 | linux-5.15.y | c52b9710c83d | af24b050 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/17 17:51 | linux-5.15.y | c52b9710c83d | acc528cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/17 12:49 | linux-5.15.y | c52b9710c83d | 18f6e127 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/17 11:19 | linux-5.15.y | c52b9710c83d | 18f6e127 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/16 18:23 | linux-5.15.y | fa3df276cd36 | 18f6e127 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/16 13:48 | linux-5.15.y | fa3df276cd36 | 0d592ce4 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/16 03:27 | linux-5.15.y | fa3df276cd36 | 0d592ce4 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/15 14:50 | linux-5.15.y | fa3df276cd36 | b9af7e61 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/14 06:47 | linux-5.15.y | fa3df276cd36 | c8349e48 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/14 04:44 | linux-5.15.y | fa3df276cd36 | c8349e48 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/13 22:23 | linux-5.15.y | fa3df276cd36 | c8349e48 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/13 13:24 | linux-5.15.y | fa3df276cd36 | c8349e48 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/12 03:56 | linux-5.15.y | cdfd0a7f0139 | 27de0a5c | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/11 13:52 | linux-5.15.y | cdfd0a7f0139 | 95ed9ece | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/11 01:57 | linux-5.15.y | cdfd0a7f0139 | 33b9e058 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/10 16:35 | linux-5.15.y | cdfd0a7f0139 | 4320ec32 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/10 11:57 | linux-5.15.y | 9465fef4ae35 | 4320ec32 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/10 11:53 | linux-5.15.y | 9465fef4ae35 | 4320ec32 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/10 04:21 | linux-5.15.y | 9465fef4ae35 | 171ec371 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/09 18:41 | linux-5.15.y | 9465fef4ae35 | f3234354 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/09 03:23 | linux-5.15.y | 9465fef4ae35 | f3234354 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/07 04:52 | linux-5.15.y | 9465fef4ae35 | ca620dd8 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/06 05:39 | linux-5.15.y | 9465fef4ae35 | ca620dd8 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/06 03:07 | linux-5.15.y | 9465fef4ae35 | ca620dd8 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/06 00:09 | linux-5.15.y | 9465fef4ae35 | 77230c29 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/05 13:43 | linux-5.15.y | 9465fef4ae35 | 77230c29 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/04 18:17 | linux-5.15.y | 9465fef4ae35 | 0ee3535e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/04 13:04 | linux-5.15.y | 9465fef4ae35 | 0ee3535e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/04 10:41 | linux-5.15.y | 9465fef4ae35 | 0ee3535e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/03/29 06:19 | linux-5.15.y | 9465fef4ae35 | c52bcb23 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/02/14 20:06 | linux-5.15.y | 6139f2a02fe0 | d9b1cdd5 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/02/14 09:42 | linux-5.15.y | 6139f2a02fe0 | d902085f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2023/12/06 18:25 | linux-5.15.y | 9b91d36ba301 | e3299f55 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2023/11/29 17:47 | linux-5.15.y | a78d278e01b1 | 6e78f9ce | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event | ||
| 2024/04/11 07:28 | linux-5.15.y | cdfd0a7f0139 | 33b9e058 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan-arm64 | possible deadlock in input_event | ||
| 2023/07/17 14:43 | linux-5.15.y | d54cfc420586 | 20f8b3c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | possible deadlock in input_event |