syzbot |
sign-in | mailing list | source | docs | 🏰 |
| ID | Workflow | Result | Correct | Bug | Created | Started | Finished | Revision | Error |
|---|---|---|---|---|---|---|---|---|---|
| 3aa2ee16-3598-4bbf-b10e-0c931b69b667 | repro | ❓ | inconsistent lock state in das16m1_interrupt | 2026/03/07 23:16 | 2026/03/07 23:16 | 2026/03/07 23:26 | 31e9c887f7dc24e04b3ca70d0d54fc34141844b0 |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| [PATCH] comedi: Reinit dev->spinlock between attachments to low-level drivers | 1 (1) | 2026/02/25 13:24 |
| [syzbot] [comedi?] inconsistent lock state in das16m1_interrupt | 1 (2) | 2026/02/16 17:10 |
================================
WARNING: inconsistent lock state
syzkaller #0 Tainted: G L
--------------------------------
inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
dhcpcd/5482 [HC1[1]:SC0[0]:HE0:SE1] takes:
ffff888032187868 (&dev->spinlock){?...}-{3:3}, at: spin_lock include/linux/spinlock.h:341 [inline]
ffff888032187868 (&dev->spinlock){?...}-{3:3}, at: das16m1_interrupt+0x68/0x120 drivers/comedi/drivers/das16m1.c:460
{HARDIRQ-ON-W} state was registered at:
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x1cf/0x380 kernel/locking/lockdep.c:5825
__raw_spin_lock_bh include/linux/spinlock_api_smp.h:150 [inline]
_raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178
spin_lock_bh include/linux/spinlock.h:347 [inline]
waveform_ao_cancel+0x96/0x150 drivers/comedi/drivers/comedi_test.c:628
do_cancel+0xf4/0x180 drivers/comedi/comedi_fops.c:818
comedi_close+0x2f6/0x470 drivers/comedi/comedi_fops.c:3036
__fput+0x3ff/0xb40 fs/file_table.c:469
task_work_run+0x150/0x240 kernel/task_work.c:233
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
__exit_to_user_mode_loop kernel/entry/common.c:67 [inline]
exit_to_user_mode_loop+0x100/0x4a0 kernel/entry/common.c:98
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:325 [inline]
do_syscall_64+0x67c/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
irq event stamp: 235036
hardirqs last enabled at (235035): [<ffffffff826504f1>] seqcount_lockdep_reader_access include/linux/seqlock.h:75 [inline]
hardirqs last enabled at (235035): [<ffffffff826504f1>] read_seqbegin include/linux/seqlock.h:838 [inline]
hardirqs last enabled at (235035): [<ffffffff826504f1>] zone_span_seqbegin include/linux/memory_hotplug.h:87 [inline]
hardirqs last enabled at (235035): [<ffffffff826504f1>] page_outside_zone_boundaries mm/page_alloc.c:612 [inline]
hardirqs last enabled at (235035): [<ffffffff826504f1>] bad_range+0x261/0x400 mm/page_alloc.c:631
hardirqs last disabled at (235036): [<ffffffff8b8f5dc9>] common_interrupt+0x19/0xe0 arch/x86/kernel/irq.c:326
softirqs last enabled at (235032): [<ffffffff89593477>] local_bh_disable include/linux/bottom_half.h:20 [inline]
softirqs last enabled at (235032): [<ffffffff89593477>] __alloc_skb+0x5b7/0x710 net/core/skbuff.c:695
softirqs last disabled at (235030): [<ffffffff89593477>] local_bh_disable include/linux/bottom_half.h:20 [inline]
softirqs last disabled at (235030): [<ffffffff89593477>] __alloc_skb+0x5b7/0x710 net/core/skbuff.c:695
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&dev->spinlock);
<Interrupt>
lock(&dev->spinlock);
*** DEADLOCK ***
3 locks held by dhcpcd/5482:
#0: ffff888020ba86f0 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: __netlink_dump_start+0x150/0x990 net/netlink/af_netlink.c:2404
#1: ffffffff8e7e7920 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#1: ffffffff8e7e7920 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#1: ffffffff8e7e7920 (rcu_read_lock){....}-{1:3}, at: inet_dump_fib+0x12f/0x990 net/ipv4/fib_frontend.c:1033
#2: ffffffff8e7e7920 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#2: ffffffff8e7e7920 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#2: ffffffff8e7e7920 (rcu_read_lock){....}-{1:3}, at: fib_dump_info_fnhe+0x24b/0x12e0 net/ipv4/route.c:3145
stack backtrace:
CPU: 0 UID: 101 PID: 5482 Comm: dhcpcd Tainted: G L syzkaller #0 PREEMPT(full)
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Call Trace:
<IRQ>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x100/0x190 lib/dump_stack.c:120
print_usage_bug.part.0+0x257/0x340 kernel/locking/lockdep.c:4042
print_usage_bug kernel/locking/lockdep.c:4010 [inline]
valid_state kernel/locking/lockdep.c:4056 [inline]
mark_lock_irq kernel/locking/lockdep.c:4267 [inline]
mark_lock+0x74a/0xa20 kernel/locking/lockdep.c:4753
mark_usage kernel/locking/lockdep.c:4639 [inline]
__lock_acquire+0x10ff/0x2630 kernel/locking/lockdep.c:5191
lock_acquire kernel/locking/lockdep.c:5868 [inline]
lock_acquire+0x1cf/0x380 kernel/locking/lockdep.c:5825
__raw_spin_lock include/linux/spinlock_api_smp.h:158 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:341 [inline]
das16m1_interrupt+0x68/0x120 drivers/comedi/drivers/das16m1.c:460
__handle_irq_event_percpu+0x232/0x8e0 kernel/irq/handle.c:209
handle_irq_event_percpu kernel/irq/handle.c:246 [inline]
handle_irq_event+0xab/0x1e0 kernel/irq/handle.c:263
handle_edge_irq+0x375/0x970 kernel/irq/chip.c:855
generic_handle_irq_desc include/linux/irqdesc.h:186 [inline]
handle_irq arch/x86/kernel/irq.c:262 [inline]
call_irq_handler arch/x86/kernel/irq.c:318 [inline]
__common_interrupt+0xd8/0x2f0 arch/x86/kernel/irq.c:333
common_interrupt+0xb9/0xe0 arch/x86/kernel/irq.c:326
</IRQ>
<TASK>
asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:688
RIP: 0010:debug_lockdep_rcu_enabled+0x0/0x40 kernel/rcu/update.c:319
Code: 00 00 8b 44 24 04 eb b2 89 44 24 04 e8 a9 fa ff ff 8b 44 24 04 eb aa 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 8b 05 82 5b 4a 05 85 c0 74 20 8b 05 60 8e 4a 05 85 c0
RSP: 0018:ffffc900030f7118 EFLAGS: 00000286
RAX: 0000000000000000 RBX: ffff88801eb23c80 RCX: 0000000000000002
RDX: 0000000000000000 RSI: ffffffff8de5e4ed RDI: ffffffff8c1b1a20
RBP: 0000000000000000 R08: 00000000992858fd R09: 0000000000000007
R10: 0000000000000200 R11: 0000000000000000 R12: ffff88801eb23c00
R13: 0000000000000000 R14: ffffc900030f72f8 R15: dffffc0000000000
rcu_read_lock include/linux/rcupdate.h:851 [inline]
fib_dump_info_fnhe+0x261/0x12e0 net/ipv4/route.c:3145
fn_trie_dump_leaf net/ipv4/fib_trie.c:2309 [inline]
fib_table_dump+0x658/0xd40 net/ipv4/fib_trie.c:2349
inet_dump_fib+0x394/0x990 net/ipv4/fib_frontend.c:1075
rtnl_dumpit+0x97/0x1f0 net/core/rtnetlink.c:6849
netlink_dump+0x539/0xd30 net/netlink/af_netlink.c:2325
__netlink_dump_start+0x6d6/0x990 net/netlink/af_netlink.c:2440
netlink_dump_start include/linux/netlink.h:341 [inline]
rtnetlink_dump_start net/core/rtnetlink.c:6878 [inline]
rtnetlink_rcv_msg+0xb3e/0xe90 net/core/rtnetlink.c:6945
netlink_rcv_skb+0x159/0x420 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x5aa/0x870 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x8b0/0xda0 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0x9e1/0xb70 net/socket.c:2592
___sys_sendmsg+0x190/0x1e0 net/socket.c:2646
__sys_sendmsg+0x170/0x220 net/socket.c:2678
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f7c931c6407
Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
RSP: 002b:00007ffe900520f0 EFLAGS: 00000202 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f7c9313c780 RCX: 00007f7c931c6407
RDX: 0000000000000000 RSI: 00007ffe90052170 RDI: 000000000000000c
RBP: 00007ffe90056390 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 000055963c91ac60
R13: 000000000000000c R14: 00007ffe90056350 R15: 00007ffe90056390
</TASK>
comedi comedi3: fifo overflow
----------------
Code disassembly (best guess):
0: 00 00 add %al,(%rax)
2: 8b 44 24 04 mov 0x4(%rsp),%eax
6: eb b2 jmp 0xffffffba
8: 89 44 24 04 mov %eax,0x4(%rsp)
c: e8 a9 fa ff ff call 0xfffffaba
11: 8b 44 24 04 mov 0x4(%rsp),%eax
15: eb aa jmp 0xffffffc1
17: 0f 1f 00 nopl (%rax)
1a: 90 nop
1b: 90 nop
1c: 90 nop
1d: 90 nop
1e: 90 nop
1f: 90 nop
20: 90 nop
21: 90 nop
22: 90 nop
23: 90 nop
24: 90 nop
25: 90 nop
26: 90 nop
27: 90 nop
28: 90 nop
29: 90 nop
* 2a: f3 0f 1e fa endbr64 <-- trapping instruction
2e: 8b 05 82 5b 4a 05 mov 0x54a5b82(%rip),%eax # 0x54a5bb6
34: 85 c0 test %eax,%eax
36: 74 20 je 0x58
38: 8b 05 60 8e 4a 05 mov 0x54a8e60(%rip),%eax # 0x54a8e9e
3e: 85 c0 test %eax,%eax
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2026/04/02 19:42 | upstream | 5619b098e2fb | 8b15d4ae | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/31 12:02 | upstream | d0c3bcd5b897 | d0af506e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/30 12:55 | upstream | 7aaa8047eafd | 458630d8 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/28 23:19 | upstream | be762d8b6dd7 | 356bdfc9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/28 18:30 | upstream | be762d8b6dd7 | 356bdfc9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/28 15:57 | upstream | 7df48e363130 | 356bdfc9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/27 15:32 | upstream | 46b513250491 | 74a13a23 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/27 15:31 | upstream | 46b513250491 | 74a13a23 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/27 15:30 | upstream | 46b513250491 | 74a13a23 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/26 06:56 | upstream | d2a43e7f89da | c6143aac | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/13 15:30 | upstream | 0257f64bdac7 | 351cb5cf | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/04/03 06:54 | linux-next | cc13002a9f98 | 4440e7c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | inconsistent lock state in das16m1_interrupt | ||
| 2026/04/03 03:02 | linux-next | cc13002a9f98 | 4440e7c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/26 18:21 | linux-next | e77a5a5cfe43 | fca8d360 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/23 12:13 | linux-next | 785f0eb2f85d | 5e3db351 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/23 12:13 | linux-next | 785f0eb2f85d | 5e3db351 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/23 12:12 | linux-next | 785f0eb2f85d | 5e3db351 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/20 08:58 | linux-next | b5d083a3ed1e | 2f245add | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/20 08:56 | linux-next | b5d083a3ed1e | 2f245add | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/12 20:01 | linux-next | 5c9e55fecf93 | 4efadf07 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/12 19:52 | linux-next | 5c9e55fecf93 | 4efadf07 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/03/12 10:48 | linux-next | f90aadf1c67c | 4efadf07 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/02/23 11:03 | linux-next | d4906ae14a5f | 305c0ec5 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | inconsistent lock state in das16m1_interrupt | ||
| 2026/02/22 16:29 | linux-next | d4906ae14a5f | 6e7b5511 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | inconsistent lock state in das16m1_interrupt | ||
| 2026/02/21 19:51 | linux-next | d4906ae14a5f | 6e7b5511 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | inconsistent lock state in das16m1_interrupt | ||
| 2026/02/17 14:13 | linux-next | 350adaf7fde9 | e439b951 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | inconsistent lock state in das16m1_interrupt | ||
| 2026/02/10 23:59 | linux-next | fd9678829d6d | 441e25b7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | inconsistent lock state in das16m1_interrupt | ||
| 2026/02/10 16:34 | linux-next | 132737e360b4 | 91d776d3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | inconsistent lock state in das16m1_interrupt |