=====================================================
WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
6.1.120-syzkaller-00773-g52f863f820fd #0 Tainted: G W
-----------------------------------------------------
kworker/u4:5/4303 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
ffffffff8dd7c118 (disc_data_lock){.+.+}-{2:2}, at: sp_get drivers/net/hamradio/6pack.c:376 [inline]
ffffffff8dd7c118 (disc_data_lock){.+.+}-{2:2}, at: sixpack_write_wakeup+0x2c/0x420 drivers/net/hamradio/6pack.c:397
and this task is already holding:
ffffffff976dd308 (&port_lock_key){-.-.}-{2:2}, at: uart_write+0x11e/0x930 drivers/tty/serial/serial_core.c:581
which would create a new lock dependency:
(&port_lock_key){-.-.}-{2:2} -> (disc_data_lock){.+.+}-{2:2}
but this new dependency connects a HARDIRQ-irq-safe lock:
(&port_lock_key){-.-.}-{2:2}
... which became HARDIRQ-irq-safe at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
serial8250_handle_irq+0x7d/0x6a0 drivers/tty/serial/8250/8250_port.c:1932
serial8250_default_handle_irq+0xc8/0x1e0 drivers/tty/serial/8250/8250_port.c:1981
serial8250_interrupt+0xa1/0x1e0 drivers/tty/serial/8250/8250_core.c:126
__handle_irq_event_percpu+0x2a8/0xb20 kernel/irq/handle.c:158
handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
handle_irq_event+0x85/0x1e0 kernel/irq/handle.c:210
handle_edge_irq+0x245/0xbf0 kernel/irq/chip.c:819
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:231 [inline]
__common_interrupt+0xd7/0x1f0 arch/x86/kernel/irq.c:250
common_interrupt+0xae/0xd0 arch/x86/kernel/irq.c:240
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:682
native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]
arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]
acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline]
acpi_idle_do_entry+0x10f/0x340 drivers/acpi/processor_idle.c:567
acpi_idle_enter+0x352/0x4f0 drivers/acpi/processor_idle.c:704
cpuidle_enter_state+0x516/0xf80 drivers/cpuidle/cpuidle.c:239
cpuidle_enter+0x59/0x90 drivers/cpuidle/cpuidle.c:356
call_cpuidle kernel/sched/idle.c:155 [inline]
cpuidle_idle_call kernel/sched/idle.c:236 [inline]
do_idle+0x3ce/0x680 kernel/sched/idle.c:303
cpu_startup_entry+0x3d/0x60 kernel/sched/idle.c:401
rest_init+0x2da/0x300 init/main.c:733
start_kernel+0x0/0x53f init/main.c:893
start_kernel+0x496/0x53f init/main.c:1140
secondary_startup_64_no_verify+0xcf/0xdb
to a HARDIRQ-irq-unsafe lock:
(disc_data_lock){.+.+}-{2:2}
... which became HARDIRQ-irq-unsafe at:
...
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
sp_get drivers/net/hamradio/6pack.c:376 [inline]
sixpack_receive_buf+0x51/0x1460 drivers/net/hamradio/6pack.c:439
tty_ldisc_receive_buf+0x121/0x160 drivers/tty/tty_buffer.c:461
tty_port_default_receive_buf+0x6a/0x90 drivers/tty/tty_port.c:39
receive_buf drivers/tty/tty_buffer.c:515 [inline]
flush_to_ldisc+0x2f4/0x840 drivers/tty/tty_buffer.c:565
process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292
worker_thread+0xa47/0x1200 kernel/workqueue.c:2439
kthread+0x28d/0x320 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
other info that might help us debug this:
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(disc_data_lock);
local_irq_disable();
lock(&port_lock_key);
lock(disc_data_lock);
<Interrupt>
lock(&port_lock_key);
*** DEADLOCK ***
6 locks held by kworker/u4:5/4303:
#0: ffff888017c79138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#1: ffffc90004707d20 ((work_completion)(&buf->work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 kernel/workqueue.c:2267
#2: ffff888024ae0ce8 (&buf->lock){+.+.}-{3:3}, at: flush_to_ldisc+0x34/0x840 drivers/tty/tty_buffer.c:537
#3: ffff88807c7dc098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x18/0x80 drivers/tty/tty_ldisc.c:264
#4: ffffffff976dd308 (&port_lock_key){-.-.}-{2:2}, at: uart_write+0x11e/0x930 drivers/tty/serial/serial_core.c:581
#5: ffff88807c7dc098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x18/0x80 drivers/tty/tty_ldisc.c:264
the dependencies between HARDIRQ-irq-safe lock and the holding lock:
-> (&port_lock_key){-.-.}-{2:2} {
IN-HARDIRQ-W at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
serial8250_handle_irq+0x7d/0x6a0 drivers/tty/serial/8250/8250_port.c:1932
serial8250_default_handle_irq+0xc8/0x1e0 drivers/tty/serial/8250/8250_port.c:1981
serial8250_interrupt+0xa1/0x1e0 drivers/tty/serial/8250/8250_core.c:126
__handle_irq_event_percpu+0x2a8/0xb20 kernel/irq/handle.c:158
handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
handle_irq_event+0x85/0x1e0 kernel/irq/handle.c:210
handle_edge_irq+0x245/0xbf0 kernel/irq/chip.c:819
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:231 [inline]
__common_interrupt+0xd7/0x1f0 arch/x86/kernel/irq.c:250
common_interrupt+0xae/0xd0 arch/x86/kernel/irq.c:240
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:682
native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]
arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]
acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline]
acpi_idle_do_entry+0x10f/0x340 drivers/acpi/processor_idle.c:567
acpi_idle_enter+0x352/0x4f0 drivers/acpi/processor_idle.c:704
cpuidle_enter_state+0x516/0xf80 drivers/cpuidle/cpuidle.c:239
cpuidle_enter+0x59/0x90 drivers/cpuidle/cpuidle.c:356
call_cpuidle kernel/sched/idle.c:155 [inline]
cpuidle_idle_call kernel/sched/idle.c:236 [inline]
do_idle+0x3ce/0x680 kernel/sched/idle.c:303
cpu_startup_entry+0x3d/0x60 kernel/sched/idle.c:401
rest_init+0x2da/0x300 init/main.c:733
start_kernel+0x0/0x53f init/main.c:893
start_kernel+0x496/0x53f init/main.c:1140
secondary_startup_64_no_verify+0xcf/0xdb
IN-SOFTIRQ-W at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
serial8250_handle_irq+0x7d/0x6a0 drivers/tty/serial/8250/8250_port.c:1932
serial8250_default_handle_irq+0xc8/0x1e0 drivers/tty/serial/8250/8250_port.c:1981
serial8250_interrupt+0xa1/0x1e0 drivers/tty/serial/8250/8250_core.c:126
__handle_irq_event_percpu+0x2a8/0xb20 kernel/irq/handle.c:158
handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
handle_irq_event+0x85/0x1e0 kernel/irq/handle.c:210
handle_edge_irq+0x245/0xbf0 kernel/irq/chip.c:819
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq arch/x86/kernel/irq.c:231 [inline]
__common_interrupt+0xd7/0x1f0 arch/x86/kernel/irq.c:250
common_interrupt+0x59/0xd0 arch/x86/kernel/irq.c:240
asm_common_interrupt+0x22/0x40 arch/x86/include/asm/idtentry.h:682
lock_acquire+0x26f/0x5a0 kernel/locking/lockdep.c:5666
call_timer_fn+0xdf/0x6b0 kernel/time/timer.c:1501
expire_timers kernel/time/timer.c:1549 [inline]
__run_timers+0x67c/0x890 kernel/time/timer.c:1820
run_timer_softirq+0x63/0xf0 kernel/time/timer.c:1833
handle_softirqs+0x2ee/0xa40 kernel/softirq.c:571
__do_softirq kernel/softirq.c:605 [inline]
invoke_softirq kernel/softirq.c:445 [inline]
__irq_exit_rcu+0x157/0x240 kernel/softirq.c:654
irq_exit_rcu+0x5/0x20 kernel/softirq.c:666
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1118 [inline]
sysvec_apic_timer_interrupt+0xa0/0xc0 arch/x86/kernel/apic/apic.c:1118
asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:691
native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]
arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]
acpi_safe_halt drivers/acpi/processor_idle.c:111 [inline]
acpi_idle_do_entry+0x10f/0x340 drivers/acpi/processor_idle.c:567
acpi_idle_enter+0x352/0x4f0 drivers/acpi/processor_idle.c:704
cpuidle_enter_state+0x516/0xf80 drivers/cpuidle/cpuidle.c:239
cpuidle_enter+0x59/0x90 drivers/cpuidle/cpuidle.c:356
call_cpuidle kernel/sched/idle.c:155 [inline]
cpuidle_idle_call kernel/sched/idle.c:236 [inline]
do_idle+0x3ce/0x680 kernel/sched/idle.c:303
cpu_startup_entry+0x3d/0x60 kernel/sched/idle.c:401
rest_init+0x2da/0x300 init/main.c:733
start_kernel+0x0/0x53f init/main.c:893
start_kernel+0x496/0x53f init/main.c:1140
secondary_startup_64_no_verify+0xcf/0xdb
INITIAL USE at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xd1/0x120 kernel/locking/spinlock.c:162
serial8250_do_set_termios+0x527/0x1790 drivers/tty/serial/8250/8250_port.c:2786
uart_set_options+0x3e1/0x740 drivers/tty/serial/serial_core.c:2283
serial8250_console_setup+0x3be/0x650 drivers/tty/serial/8250/8250_port.c:3508
univ8250_console_setup+0xe3/0x180 drivers/tty/serial/8250/8250_core.c:602
console_call_setup kernel/printk/printk.c:3063 [inline]
try_enable_preferred_console+0x41f/0x570 kernel/printk/printk.c:3104
register_console+0x1a9/0x9a0 kernel/printk/printk.c:3211
univ8250_console_init+0x41/0x43 drivers/tty/serial/8250/8250_core.c:687
console_init+0x1d6/0x7f3 kernel/printk/printk.c:3359
start_kernel+0x30b/0x53f init/main.c:1076
secondary_startup_64_no_verify+0xcf/0xdb
}
... key at: [<ffffffff976dc7a0>] port_lock_key+0x0/0x20
the dependencies between the lock to be acquired
and HARDIRQ-irq-unsafe lock:
-> (disc_data_lock){.+.+}-{2:2} {
HARDIRQ-ON-R at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
sp_get drivers/net/hamradio/6pack.c:376 [inline]
sixpack_receive_buf+0x51/0x1460 drivers/net/hamradio/6pack.c:439
tty_ldisc_receive_buf+0x121/0x160 drivers/tty/tty_buffer.c:461
tty_port_default_receive_buf+0x6a/0x90 drivers/tty/tty_port.c:39
receive_buf drivers/tty/tty_buffer.c:515 [inline]
flush_to_ldisc+0x2f4/0x840 drivers/tty/tty_buffer.c:565
process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292
worker_thread+0xa47/0x1200 kernel/workqueue.c:2439
kthread+0x28d/0x320 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
SOFTIRQ-ON-R at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
sp_get drivers/net/hamradio/6pack.c:376 [inline]
sixpack_receive_buf+0x51/0x1460 drivers/net/hamradio/6pack.c:439
tty_ldisc_receive_buf+0x121/0x160 drivers/tty/tty_buffer.c:461
tty_port_default_receive_buf+0x6a/0x90 drivers/tty/tty_port.c:39
receive_buf drivers/tty/tty_buffer.c:515 [inline]
flush_to_ldisc+0x2f4/0x840 drivers/tty/tty_buffer.c:565
process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292
worker_thread+0xa47/0x1200 kernel/workqueue.c:2439
kthread+0x28d/0x320 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
INITIAL USE at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_write_lock_irq include/linux/rwlock_api_smp.h:195 [inline]
_raw_write_lock_irq+0xcf/0x110 kernel/locking/spinlock.c:326
sixpack_close+0x28/0x2a0 drivers/net/hamradio/6pack.c:653
tty_ldisc_kill+0xa6/0x1a0 drivers/tty/tty_ldisc.c:614
tty_ldisc_release+0x19d/0x200 drivers/tty/tty_ldisc.c:782
tty_release_struct+0x27/0xd0 drivers/tty/tty_io.c:1689
tty_release+0xcfb/0x12a0 drivers/tty/tty_io.c:1860
__fput+0x3f6/0x8d0 fs/file_table.c:320
task_work_run+0x246/0x300 kernel/task_work.c:203
resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
exit_to_user_mode_loop+0xde/0x100 kernel/entry/common.c:177
exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:210
__syscall_exit_to_user_mode_work kernel/entry/common.c:292 [inline]
syscall_exit_to_user_mode+0x60/0x270 kernel/entry/common.c:303
do_syscall_64+0x47/0xb0 arch/x86/entry/common.c:87
entry_SYSCALL_64_after_hwframe+0x68/0xd2
INITIAL READ USE at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
sp_get drivers/net/hamradio/6pack.c:376 [inline]
sixpack_receive_buf+0x51/0x1460 drivers/net/hamradio/6pack.c:439
tty_ldisc_receive_buf+0x121/0x160 drivers/tty/tty_buffer.c:461
tty_port_default_receive_buf+0x6a/0x90 drivers/tty/tty_port.c:39
receive_buf drivers/tty/tty_buffer.c:515 [inline]
flush_to_ldisc+0x2f4/0x840 drivers/tty/tty_buffer.c:565
process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292
worker_thread+0xa47/0x1200 kernel/workqueue.c:2439
kthread+0x28d/0x320 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
}
... key at: [<ffffffff8dd7c118>] disc_data_lock+0x18/0x100
... acquired at:
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
sp_get drivers/net/hamradio/6pack.c:376 [inline]
sixpack_write_wakeup+0x2c/0x420 drivers/net/hamradio/6pack.c:397
tty_wakeup+0xb3/0xf0 drivers/tty/tty_io.c:524
tty_port_default_wakeup+0xa2/0xf0 drivers/tty/tty_port.c:71
serial8250_tx_chars+0x60d/0x800 drivers/tty/serial/8250/8250_port.c:1854
__start_tx drivers/tty/serial/8250/8250_port.c:1570 [inline]
serial8250_start_tx+0x6a7/0x8a0 drivers/tty/serial/8250/8250_port.c:1676
__uart_start drivers/tty/serial/serial_core.c:139 [inline]
uart_write+0x6a2/0x930 drivers/tty/serial/serial_core.c:601
decode_prio_command drivers/net/hamradio/6pack.c:888 [inline]
sixpack_decode drivers/net/hamradio/6pack.c:963 [inline]
sixpack_receive_buf+0x455/0x1460 drivers/net/hamradio/6pack.c:453
tty_ldisc_receive_buf+0x121/0x160 drivers/tty/tty_buffer.c:461
tty_port_default_receive_buf+0x6a/0x90 drivers/tty/tty_port.c:39
receive_buf drivers/tty/tty_buffer.c:515 [inline]
flush_to_ldisc+0x2f4/0x840 drivers/tty/tty_buffer.c:565
process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292
worker_thread+0xa47/0x1200 kernel/workqueue.c:2439
kthread+0x28d/0x320 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
stack backtrace:
CPU: 1 PID: 4303 Comm: kworker/u4:5 Tainted: G W 6.1.120-syzkaller-00773-g52f863f820fd #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
Workqueue: events_unbound flush_to_ldisc
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
print_bad_irq_dependency kernel/locking/lockdep.c:2604 [inline]
check_irq_usage kernel/locking/lockdep.c:2843 [inline]
check_prev_add kernel/locking/lockdep.c:3094 [inline]
check_prevs_add kernel/locking/lockdep.c:3209 [inline]
validate_chain+0x4d16/0x5950 kernel/locking/lockdep.c:3825
__lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5049
lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
__raw_read_lock include/linux/rwlock_api_smp.h:150 [inline]
_raw_read_lock+0x32/0x40 kernel/locking/spinlock.c:228
sp_get drivers/net/hamradio/6pack.c:376 [inline]
sixpack_write_wakeup+0x2c/0x420 drivers/net/hamradio/6pack.c:397
tty_wakeup+0xb3/0xf0 drivers/tty/tty_io.c:524
tty_port_default_wakeup+0xa2/0xf0 drivers/tty/tty_port.c:71
serial8250_tx_chars+0x60d/0x800 drivers/tty/serial/8250/8250_port.c:1854
__start_tx drivers/tty/serial/8250/8250_port.c:1570 [inline]
serial8250_start_tx+0x6a7/0x8a0 drivers/tty/serial/8250/8250_port.c:1676
__uart_start drivers/tty/serial/serial_core.c:139 [inline]
uart_write+0x6a2/0x930 drivers/tty/serial/serial_core.c:601
decode_prio_command drivers/net/hamradio/6pack.c:888 [inline]
sixpack_decode drivers/net/hamradio/6pack.c:963 [inline]
sixpack_receive_buf+0x455/0x1460 drivers/net/hamradio/6pack.c:453
tty_ldisc_receive_buf+0x121/0x160 drivers/tty/tty_buffer.c:461
tty_port_default_receive_buf+0x6a/0x90 drivers/tty/tty_port.c:39
receive_buf drivers/tty/tty_buffer.c:515 [inline]
flush_to_ldisc+0x2f4/0x840 drivers/tty/tty_buffer.c:565
process_one_work+0x8a9/0x11d0 kernel/workqueue.c:2292
worker_thread+0xa47/0x1200 kernel/workqueue.c:2439
kthread+0x28d/0x320 kernel/kthread.c:376
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
</TASK>