syzbot |
sign-in | mailing list | source | docs |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] Monthly kernfs report (Nov 2024) | 0 (1) | 2024/11/15 11:25 |
| [syzbot] Monthly kernfs report (Oct 2024) | 0 (1) | 2024/10/15 10:07 |
| [syzbot] Monthly input report (Oct 2024) | 0 (1) | 2024/10/03 09:03 |
| [syzbot] [fs?] possible deadlock in input_inject_event | 0 (1) | 2024/09/27 15:01 |
========================================================
WARNING: possible irq lock inversion dependency detected
6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0 Not tainted
--------------------------------------------------------
syz.2.1925/13985 just changed the state of lock:
ffff888146b0a230 (&dev->event_lock#2){..-.}-{2:2}, at: input_inject_event+0xc5/0x340 drivers/input/input.c:423
but this lock took another, SOFTIRQ-READ-unsafe lock in the past:
(tasklist_lock){.+.+}-{2:2}
and interrupts could create inverse lock ordering between them.
other info that might help us debug this:
Chain exists of:
&dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(tasklist_lock);
local_irq_disable();
lock(&dev->event_lock#2);
lock(&client->buffer_lock);
<Interrupt>
lock(&dev->event_lock#2);
*** DEADLOCK ***
6 locks held by syz.2.1925/13985:
#0: ffff88807caf30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffff88807caf3130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: tty_write_lock drivers/tty/tty_io.c:948 [inline]
#1: ffff88807caf3130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: iterate_tty_write drivers/tty/tty_io.c:967 [inline]
#1: ffff88807caf3130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write+0x1ed/0x9b0 drivers/tty/tty_io.c:1090
#2: ffff88807caf32e8 (&tty->termios_rwsem){++++}-{3:3}, at: n_tty_write+0x25e/0x1230 drivers/tty/n_tty.c:2372
#3: ffffc900033b3380 (&ldata->output_lock){+.+.}-{3:3}, at: process_output_block drivers/tty/n_tty.c:529 [inline]
#3: ffffc900033b3380 (&ldata->output_lock){+.+.}-{3:3}, at: n_tty_write+0x6ca/0x1230 drivers/tty/n_tty.c:2389
#4: ffffffff8e813380 (console_lock){+.+.}-{0:0}, at: do_con_write+0x154/0x4c30 drivers/tty/vt/vt.c:3056
#5: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
#5: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
#5: ffffffff8e937da0 (rcu_read_lock){....}-{1:2}, at: led_trigger_event+0x4e/0x210 drivers/leds/led-triggers.c:405
the shortest dependencies between 2nd lock and 1st lock:
-> (tasklist_lock){.+.+}-{2:2} {
HARDIRQ-ON-R at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
__do_wait+0x12d/0x850 kernel/exit.c:1648
do_wait+0x1e9/0x560 kernel/exit.c:1692
kernel_wait+0xe9/0x240 kernel/exit.c:1868
call_usermodehelper_exec_sync kernel/umh.c:137 [inline]
call_usermodehelper_exec_work+0xbd/0x230 kernel/umh.c:164
process_one_work kernel/workqueue.c:3229 [inline]
process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310
worker_thread+0x870/0xd30 kernel/workqueue.c:3391
kthread+0x2f2/0x390 kernel/kthread.c:389
ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
SOFTIRQ-ON-R at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
__do_wait+0x12d/0x850 kernel/exit.c:1648
do_wait+0x1e9/0x560 kernel/exit.c:1692
kernel_wait+0xe9/0x240 kernel/exit.c:1868
call_usermodehelper_exec_sync kernel/umh.c:137 [inline]
call_usermodehelper_exec_work+0xbd/0x230 kernel/umh.c:164
process_one_work kernel/workqueue.c:3229 [inline]
process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310
worker_thread+0x870/0xd30 kernel/workqueue.c:3391
kthread+0x2f2/0x390 kernel/kthread.c:389
ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
INITIAL USE at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_write_lock_irq include/linux/rwlock_api_smp.h:195 [inline]
_raw_write_lock_irq+0xd3/0x120 kernel/locking/spinlock.c:326
copy_process+0x2267/0x3d50 kernel/fork.c:2502
kernel_clone+0x226/0x8f0 kernel/fork.c:2786
user_mode_thread+0x132/0x1a0 kernel/fork.c:2864
rest_init+0x23/0x300 init/main.c:712
start_kernel+0x47f/0x500 init/main.c:1105
x86_64_start_reservations+0x2a/0x30 arch/x86/kernel/head64.c:507
x86_64_start_kernel+0x9f/0xa0 arch/x86/kernel/head64.c:488
common_startup_64+0x13e/0x147
INITIAL READ USE at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
__do_wait+0x12d/0x850 kernel/exit.c:1648
do_wait+0x1e9/0x560 kernel/exit.c:1692
kernel_wait+0xe9/0x240 kernel/exit.c:1868
call_usermodehelper_exec_sync kernel/umh.c:137 [inline]
call_usermodehelper_exec_work+0xbd/0x230 kernel/umh.c:164
process_one_work kernel/workqueue.c:3229 [inline]
process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310
worker_thread+0x870/0xd30 kernel/workqueue.c:3391
kthread+0x2f2/0x390 kernel/kthread.c:389
ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
}
... key at: [<ffffffff8e60a058>] tasklist_lock+0x18/0x40
... acquired at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:228
send_sigio+0x108/0x390 fs/fcntl.c:924
kill_fasync_rcu fs/fcntl.c:1136 [inline]
kill_fasync+0x256/0x4f0 fs/fcntl.c:1151
lease_break_callback+0x26/0x30 fs/locks.c:558
__break_lease+0x6d7/0x1820 fs/locks.c:1592
vfs_truncate+0x26b/0x3b0 fs/open.c:105
do_sys_truncate+0xdb/0x190 fs/open.c:134
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> (&f_owner->lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_write_lock_irq include/linux/rwlock_api_smp.h:195 [inline]
_raw_write_lock_irq+0xd3/0x120 kernel/locking/spinlock.c:326
__f_setown+0x6b/0x380 fs/fcntl.c:137
generic_add_lease fs/locks.c:1874 [inline]
generic_setlease+0xc76/0x1550 fs/locks.c:1942
do_fcntl_add_lease fs/locks.c:2047 [inline]
fcntl_setlease+0x404/0x540 fs/locks.c:2069
do_fcntl+0x69d/0x1a60 fs/fcntl.c:531
__do_sys_fcntl fs/fcntl.c:586 [inline]
__se_sys_fcntl+0xd2/0x1e0 fs/fcntl.c:571
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL READ USE at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_read_lock_irq include/linux/rwlock_api_smp.h:169 [inline]
_raw_read_lock_irq+0xda/0x120 kernel/locking/spinlock.c:244
f_getown+0x55/0x2a0 fs/fcntl.c:205
sock_ioctl+0x498/0x8e0 net/socket.c:1293
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:907 [inline]
__se_sys_ioctl+0xfb/0x170 fs/ioctl.c:893
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a448ee0>] file_f_owner_allocate.__key+0x0/0x20
... acquired at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0xdd/0x130 kernel/locking/spinlock.c:236
send_sigio+0x37/0x390 fs/fcntl.c:910
kill_fasync_rcu fs/fcntl.c:1136 [inline]
kill_fasync+0x256/0x4f0 fs/fcntl.c:1151
lease_break_callback+0x26/0x30 fs/locks.c:558
__break_lease+0x6d7/0x1820 fs/locks.c:1592
vfs_truncate+0x26b/0x3b0 fs/open.c:105
do_sys_truncate+0xdb/0x190 fs/open.c:134
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> (&new->fa_lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_write_lock_irq include/linux/rwlock_api_smp.h:195 [inline]
_raw_write_lock_irq+0xd3/0x120 kernel/locking/spinlock.c:326
fasync_remove_entry+0xff/0x1d0 fs/fcntl.c:1004
lease_modify+0x1bd/0x3a0 fs/locks.c:1455
locks_remove_lease fs/locks.c:2680 [inline]
locks_remove_file+0x577/0x10c0 fs/locks.c:2705
__fput+0x1a6/0x880 fs/file_table.c:423
task_work_run+0x251/0x310 kernel/task_work.c:239
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
exit_to_user_mode_loop kernel/entry/common.c:114 [inline]
exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
__syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
syscall_exit_to_user_mode+0x168/0x370 kernel/entry/common.c:218
do_syscall_64+0x100/0x230 arch/x86/entry/common.c:89
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL READ USE at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0xdd/0x130 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1127 [inline]
kill_fasync+0x199/0x4f0 fs/fcntl.c:1151
lease_break_callback+0x26/0x30 fs/locks.c:558
__break_lease+0x6d7/0x1820 fs/locks.c:1592
vfs_truncate+0x26b/0x3b0 fs/open.c:105
do_sys_truncate+0xdb/0x190 fs/open.c:134
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a448f00>] fasync_insert_entry.__key+0x0/0x20
... acquired at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0xdd/0x130 kernel/locking/spinlock.c:236
kill_fasync_rcu fs/fcntl.c:1127 [inline]
kill_fasync+0x199/0x4f0 fs/fcntl.c:1151
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x58a/0xad0 drivers/input/evdev.c:278
evdev_events+0x1c2/0x300 drivers/input/evdev.c:306
input_pass_values+0x26a/0x890 drivers/input/input.c:126
input_event_dispose+0x30f/0x600 drivers/input/input.c:341
input_handle_event+0xa71/0xbe0 drivers/input/input.c:369
input_inject_event+0x22f/0x340 drivers/input/input.c:428
evdev_write+0x5fd/0x790 drivers/input/evdev.c:528
vfs_write+0x2a5/0xd30 fs/read_write.c:681
ksys_write+0x183/0x2b0 fs/read_write.c:736
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> (&client->buffer_lock){....}-{2:2} {
INITIAL USE at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:351 [inline]
evdev_pass_values+0xf2/0xad0 drivers/input/evdev.c:261
evdev_events+0x1c2/0x300 drivers/input/evdev.c:306
input_pass_values+0x26a/0x890 drivers/input/input.c:126
input_event_dispose+0x30f/0x600 drivers/input/input.c:341
input_handle_event+0xa71/0xbe0 drivers/input/input.c:369
input_inject_event+0x22f/0x340 drivers/input/input.c:428
evdev_write+0x5fd/0x790 drivers/input/evdev.c:528
vfs_write+0x2a5/0xd30 fs/read_write.c:681
ksys_write+0x183/0x2b0 fs/read_write.c:736
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a758ba0>] evdev_open.__key.24+0x0/0x20
... acquired at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:351 [inline]
evdev_pass_values+0xf2/0xad0 drivers/input/evdev.c:261
evdev_events+0x1c2/0x300 drivers/input/evdev.c:306
input_pass_values+0x26a/0x890 drivers/input/input.c:126
input_event_dispose+0x30f/0x600 drivers/input/input.c:341
input_handle_event+0xa71/0xbe0 drivers/input/input.c:369
input_inject_event+0x22f/0x340 drivers/input/input.c:428
evdev_write+0x5fd/0x790 drivers/input/evdev.c:528
vfs_write+0x2a5/0xd30 fs/read_write.c:681
ksys_write+0x183/0x2b0 fs/read_write.c:736
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> (&dev->event_lock#2){..-.}-{2:2} {
IN-SOFTIRQ-W at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162
input_inject_event+0xc5/0x340 drivers/input/input.c:423
led_trigger_event+0x138/0x210 drivers/leds/led-triggers.c:407
kbd_propagate_led_state drivers/tty/vt/keyboard.c:1080 [inline]
kbd_bh+0x1b5/0x290 drivers/tty/vt/keyboard.c:1269
tasklet_action_common+0x323/0x4d0 kernel/softirq.c:784
handle_softirqs+0x2c7/0x980 kernel/softirq.c:554
__do_softirq kernel/softirq.c:588 [inline]
invoke_softirq kernel/softirq.c:428 [inline]
__irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637
irq_exit_rcu+0x9/0x30 kernel/softirq.c:649
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
_raw_spin_unlock_irqrestore+0xd8/0x140 kernel/locking/spinlock.c:194
do_con_trol drivers/tty/vt/vt.c:2657 [inline]
do_con_write+0x3b5b/0x4c30 drivers/tty/vt/vt.c:3092
con_write+0x26/0x40 drivers/tty/vt/vt.c:3434
process_output_block drivers/tty/n_tty.c:574 [inline]
n_tty_write+0xd64/0x1230 drivers/tty/n_tty.c:2389
iterate_tty_write drivers/tty/tty_io.c:1015 [inline]
file_tty_write+0x548/0x9b0 drivers/tty/tty_io.c:1090
new_sync_write fs/read_write.c:590 [inline]
vfs_write+0xaed/0xd30 fs/read_write.c:683
ksys_write+0x183/0x2b0 fs/read_write.c:736
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL USE at:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162
input_inject_event+0xc5/0x340 drivers/input/input.c:423
kbd_led_trigger_activate+0xb8/0x100 drivers/tty/vt/keyboard.c:1036
led_trigger_set+0x584/0x9c0 drivers/leds/led-triggers.c:212
led_match_default_trigger drivers/leds/led-triggers.c:269 [inline]
led_trigger_set_default+0x229/0x260 drivers/leds/led-triggers.c:287
led_classdev_register_ext+0x6e6/0x8a0 drivers/leds/led-class.c:555
led_classdev_register include/linux/leds.h:273 [inline]
input_leds_connect+0x489/0x630 drivers/input/input-leds.c:145
input_attach_handler drivers/input/input.c:1027 [inline]
input_register_device+0xd3d/0x1110 drivers/input/input.c:2470
atkbd_connect+0x752/0xa00 drivers/input/keyboard/atkbd.c:1340
serio_connect_driver drivers/input/serio/serio.c:44 [inline]
serio_driver_probe+0x81/0xa0 drivers/input/serio/serio.c:775
really_probe+0x2ba/0xad0 drivers/base/dd.c:658
__driver_probe_device+0x1a2/0x390 drivers/base/dd.c:800
driver_probe_device+0x50/0x430 drivers/base/dd.c:830
__driver_attach+0x45f/0x710 drivers/base/dd.c:1216
bus_for_each_dev+0x23b/0x2b0 drivers/base/bus.c:370
serio_attach_driver drivers/input/serio/serio.c:804 [inline]
serio_handle_event+0x1c7/0x920 drivers/input/serio/serio.c:224
process_one_work kernel/workqueue.c:3229 [inline]
process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310
worker_thread+0x870/0xd30 kernel/workqueue.c:3391
kthread+0x2f2/0x390 kernel/kthread.c:389
ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
}
... key at: [<ffffffff9a758900>] input_allocate_device.__key.5+0x0/0x20
... acquired at:
mark_lock+0x223/0x360 kernel/locking/lockdep.c:4725
__lock_acquire+0xbf9/0x2050 kernel/locking/lockdep.c:5156
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162
input_inject_event+0xc5/0x340 drivers/input/input.c:423
led_trigger_event+0x138/0x210 drivers/leds/led-triggers.c:407
kbd_propagate_led_state drivers/tty/vt/keyboard.c:1080 [inline]
kbd_bh+0x1b5/0x290 drivers/tty/vt/keyboard.c:1269
tasklet_action_common+0x323/0x4d0 kernel/softirq.c:784
handle_softirqs+0x2c7/0x980 kernel/softirq.c:554
__do_softirq kernel/softirq.c:588 [inline]
invoke_softirq kernel/softirq.c:428 [inline]
__irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637
irq_exit_rcu+0x9/0x30 kernel/softirq.c:649
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
_raw_spin_unlock_irqrestore+0xd8/0x140 kernel/locking/spinlock.c:194
do_con_trol drivers/tty/vt/vt.c:2657 [inline]
do_con_write+0x3b5b/0x4c30 drivers/tty/vt/vt.c:3092
con_write+0x26/0x40 drivers/tty/vt/vt.c:3434
process_output_block drivers/tty/n_tty.c:574 [inline]
n_tty_write+0xd64/0x1230 drivers/tty/n_tty.c:2389
iterate_tty_write drivers/tty/tty_io.c:1015 [inline]
file_tty_write+0x548/0x9b0 drivers/tty/tty_io.c:1090
new_sync_write fs/read_write.c:590 [inline]
vfs_write+0xaed/0xd30 fs/read_write.c:683
ksys_write+0x183/0x2b0 fs/read_write.c:736
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
stack backtrace:
CPU: 0 UID: 0 PID: 13985 Comm: syz.2.1925 Not tainted 6.12.0-rc7-syzkaller-00042-gf1b785f4c787 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
Call Trace:
<IRQ>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
print_irq_inversion_bug+0x33d/0x390 kernel/locking/lockdep.c:4121
mark_lock_irq+0x80c/0xc20 kernel/locking/lockdep.c:4290
mark_lock+0x223/0x360 kernel/locking/lockdep.c:4725
__lock_acquire+0xbf9/0x2050 kernel/locking/lockdep.c:5156
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd5/0x120 kernel/locking/spinlock.c:162
input_inject_event+0xc5/0x340 drivers/input/input.c:423
led_trigger_event+0x138/0x210 drivers/leds/led-triggers.c:407
kbd_propagate_led_state drivers/tty/vt/keyboard.c:1080 [inline]
kbd_bh+0x1b5/0x290 drivers/tty/vt/keyboard.c:1269
tasklet_action_common+0x323/0x4d0 kernel/softirq.c:784
handle_softirqs+0x2c7/0x980 kernel/softirq.c:554
__do_softirq kernel/softirq.c:588 [inline]
invoke_softirq kernel/softirq.c:428 [inline]
__irq_exit_rcu+0xf4/0x1c0 kernel/softirq.c:637
irq_exit_rcu+0x9/0x30 kernel/softirq.c:649
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049
</IRQ>
<TASK>
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140 kernel/locking/spinlock.c:194
Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 8e 5e 2d f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> f3 e9 91 f5 65 8b 05 b4 81 32 74 85 c0 74 43 48 c7 04 24 0e 36
RSP: 0018:ffffc9000cf375e0 EFLAGS: 00000206
RAX: dba96e4fcbd53f00 RBX: 1ffff920019e6ec0 RCX: ffffffff8170cfaa
RDX: dffffc0000000000 RSI: ffffffff8c0acac0 RDI: 0000000000000001
RBP: ffffc9000cf37670 R08: ffffffff942d0807 R09: 1ffffffff285a100
R10: dffffc0000000000 R11: fffffbfff285a101 R12: dffffc0000000000
R13: 1ffff920019e6ebc R14: ffffc9000cf37600 R15: 0000000000000246
do_con_trol drivers/tty/vt/vt.c:2657 [inline]
do_con_write+0x3b5b/0x4c30 drivers/tty/vt/vt.c:3092
con_write+0x26/0x40 drivers/tty/vt/vt.c:3434
process_output_block drivers/tty/n_tty.c:574 [inline]
n_tty_write+0xd64/0x1230 drivers/tty/n_tty.c:2389
iterate_tty_write drivers/tty/tty_io.c:1015 [inline]
file_tty_write+0x548/0x9b0 drivers/tty/tty_io.c:1090
new_sync_write fs/read_write.c:590 [inline]
vfs_write+0xaed/0xd30 fs/read_write.c:683
ksys_write+0x183/0x2b0 fs/read_write.c:736
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f2addb7e719
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f2ade928038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f2addd35f80 RCX: 00007f2addb7e719
RDX: 0000000000000100 RSI: 0000000020000000 RDI: 0000000000000004
RBP: 00007f2addbf175e R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007f2addd35f80 R15: 00007ffd1ef7f6a8
</TASK>
vkms_vblank_simulate: vblank timer overrun
----------------
Code disassembly (best guess):
0: 9c pushf
1: 8f 44 24 20 pop 0x20(%rsp)
5: 42 80 3c 23 00 cmpb $0x0,(%rbx,%r12,1)
a: 74 08 je 0x14
c: 4c 89 f7 mov %r14,%rdi
f: e8 8e 5e 2d f6 call 0xf62d5ea2
14: f6 44 24 21 02 testb $0x2,0x21(%rsp)
19: 75 52 jne 0x6d
1b: 41 f7 c7 00 02 00 00 test $0x200,%r15d
22: 74 01 je 0x25
24: fb sti
25: bf 01 00 00 00 mov $0x1,%edi
* 2a: e8 f3 e9 91 f5 call 0xf591ea22 <-- trapping instruction
2f: 65 8b 05 b4 81 32 74 mov %gs:0x743281b4(%rip),%eax # 0x743281ea
36: 85 c0 test %eax,%eax
38: 74 43 je 0x7d
3a: 48 rex.W
3b: c7 .byte 0xc7
3c: 04 24 add $0x24,%al
3e: 0e (bad)
3f: 36 ss
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/11/14 07:26 | upstream | f1b785f4c787 | a8c99394 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/14 00:43 | upstream | f1b785f4c787 | a8c99394 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/11/13 22:14 | upstream | f1b785f4c787 | a8c99394 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/11/13 01:30 | upstream | 3022e9d00ebe | 62026c85 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/11/12 23:07 | upstream | 3022e9d00ebe | 75bb1b32 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/11/12 20:17 | upstream | 3022e9d00ebe | 75bb1b32 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/11/12 15:33 | upstream | 2d5404caa8c7 | 75bb1b32 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/11/11 21:11 | upstream | 2d5404caa8c7 | 97fe5517 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/11/11 15:10 | upstream | 2d5404caa8c7 | 97fe5517 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in input_inject_event | ||
| 2024/11/11 13:04 | upstream | 2d5404caa8c7 | 97fe5517 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/11/10 10:11 | upstream | de2f378f2b77 | 6b856513 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in input_inject_event | ||
| 2024/11/10 05:53 | upstream | de2f378f2b77 | 6b856513 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/08 11:47 | upstream | 906bd684e4b1 | 179b040e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in input_inject_event | ||
| 2024/11/06 22:26 | upstream | 7758b206117d | df3dc63b | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/05 15:36 | upstream | 2e1b3cc9d7f7 | 509da429 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/05 04:39 | upstream | 557329bcecc2 | 509da429 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/05 03:33 | upstream | 557329bcecc2 | 509da429 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/03 10:21 | upstream | 3e5e6c9900c3 | f00eed24 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in input_inject_event | ||
| 2024/11/02 06:14 | upstream | 11066801dd4b | f00eed24 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in input_inject_event | ||
| 2024/11/01 00:28 | upstream | 0fc810ae3ae1 | 96eb609f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in input_inject_event | ||
| 2024/10/31 04:40 | upstream | 4236f913808c | fb888278 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in input_inject_event | ||
| 2024/10/30 21:03 | upstream | 4236f913808c | 66aeb999 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/10/30 12:17 | upstream | c1e939a21eb1 | 66aeb999 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in input_inject_event | ||
| 2024/10/30 07:29 | upstream | c1e939a21eb1 | 66aeb999 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in input_inject_event | ||
| 2024/10/24 11:41 | upstream | c2ee9f594da8 | 15fa2979 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/24 05:28 | upstream | c2ee9f594da8 | 15fa2979 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/24 01:46 | upstream | c2ee9f594da8 | 15fa2979 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/23 12:53 | upstream | c2ee9f594da8 | 15fa2979 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/22 12:25 | upstream | c2ee9f594da8 | a93682b3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/22 05:27 | upstream | c2ee9f594da8 | a93682b3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/20 22:24 | upstream | db87114dcf13 | cd6fc0a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/20 02:39 | upstream | 9197b73fd7bb | cd6fc0a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/19 19:29 | upstream | 9197b73fd7bb | cd6fc0a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/10/19 07:48 | upstream | 3d5ad2d4eca3 | cd6fc0a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in input_inject_event | ||
| 2024/09/19 15:26 | upstream | 2a17bb8c204f | 6f888b75 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/09/03 22:43 | upstream | 88fac17500f4 | 9d47f20a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in input_inject_event | ||
| 2024/08/31 06:52 | upstream | 1934261d8974 | 1eda0d14 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in input_inject_event | ||
| 2024/11/15 19:33 | upstream | cfaaa7d010d1 | f6ede3a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in input_inject_event | ||
| 2024/11/15 15:43 | upstream | cfaaa7d010d1 | f6ede3a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in input_inject_event | ||
| 2024/11/14 14:10 | upstream | 0a9b9d17f3a7 | 77f3eeb7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in input_inject_event | ||
| 2024/11/11 16:14 | upstream | 2d5404caa8c7 | 97fe5517 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in input_inject_event | ||
| 2024/11/09 05:23 | upstream | 50643bbc9eb6 | 6b856513 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in input_inject_event | ||
| 2024/10/20 16:38 | upstream | 715ca9dd687f | cd6fc0a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in input_inject_event | ||
| 2024/10/19 16:46 | upstream | 3d5ad2d4eca3 | cd6fc0a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in input_inject_event | ||
| 2024/10/19 03:03 | upstream | 4d939780b705 | cd6fc0a3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in input_inject_event | ||
| 2024/11/13 16:18 | upstream | f1b785f4c787 | 4dfba277 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | possible deadlock in input_inject_event | ||
| 2024/11/11 10:36 | upstream | 2d5404caa8c7 | 0c4b1325 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | possible deadlock in input_inject_event | ||
| 2024/11/17 14:28 | upstream | 4a5df3796467 | cfe3a04a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | possible deadlock in input_inject_event | ||
| 2024/11/15 10:54 | upstream | cfaaa7d010d1 | f6ede3a3 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | possible deadlock in input_inject_event | ||
| 2024/11/10 00:28 | upstream | da4373fbcf00 | 6b856513 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | possible deadlock in input_inject_event | ||
| 2024/11/10 17:39 | linux-next | 929beafbe7ac | 6b856513 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/10 12:27 | linux-next | 929beafbe7ac | 6b856513 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/08 07:45 | linux-next | 74741a050b79 | 179b040e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/08 05:06 | linux-next | 74741a050b79 | c069283c | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in input_inject_event | ||
| 2024/11/08 03:02 | linux-next | 74741a050b79 | c069283c | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in input_inject_event |