Warning: Permanently added '10.128.0.193' (ECDSA) to the list of known hosts. syzkaller login: [ 74.613131][ T8449] IPVS: ftp: loaded support on port[0] = 21 [ 74.743439][ T8449] chnl_net:caif_netlink_parms(): no params data found [ 74.823206][ T8449] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.831563][ T8449] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.841947][ T8449] device bridge_slave_0 entered promiscuous mode [ 74.851919][ T8449] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.861221][ T8449] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.869217][ T8449] device bridge_slave_1 entered promiscuous mode [ 74.890353][ T8449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.902079][ T8449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.925304][ T8449] team0: Port device team_slave_0 added [ 74.933218][ T8449] team0: Port device team_slave_1 added [ 74.950514][ T8449] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.957613][ T8449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 74.984758][ T8449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.997422][ T8449] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.004644][ T8449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.033567][ T8449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.059804][ T8449] device hsr_slave_0 entered promiscuous mode [ 75.066560][ T8449] device hsr_slave_1 entered promiscuous mode [ 75.168862][ T8449] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.181120][ T8449] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.192119][ T8449] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.202325][ T8449] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.227710][ T8449] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.235059][ T8449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.242903][ T8449] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.250047][ T8449] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.295350][ T8449] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.311740][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.323657][ T5] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.332675][ T5] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.341899][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 75.357239][ T8449] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.369903][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 75.380141][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.387280][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.406019][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 75.415885][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.422959][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.436993][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 75.447072][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 75.466178][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 75.475602][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 75.483776][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 75.496530][ T8449] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 75.517893][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 75.525666][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 75.541796][ T8449] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.561989][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 75.582791][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.592094][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.601601][ T36] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.613423][ T8449] device veth0_vlan entered promiscuous mode [ 75.626765][ T8449] device veth1_vlan entered promiscuous mode [ 75.649612][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 75.658714][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 75.667736][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 75.678823][ T8449] device veth0_macvtap entered promiscuous mode [ 75.692185][ T8449] device veth1_macvtap entered promiscuous mode [ 75.710504][ T8449] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.719523][ T4554] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 75.731233][ T4554] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 75.743000][ T8449] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.751221][ T4554] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 75.760921][ T4554] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program [ 75.773058][ T8449] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.785665][ T8449] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.795072][ T8449] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.803776][ T8449] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.861278][ T8449] ttyprintk ttyprintk: tty_port_close_start: tty->count = 1 port count = 2 [ 75.871090][ C1] [ 75.871098][ C1] ====================================================== [ 75.871104][ C1] WARNING: possible circular locking dependency detected [ 75.871109][ C1] 5.12.0-rc5-next-20210401-syzkaller #0 Not tainted [ 75.871114][ C1] ------------------------------------------------------ [ 75.871119][ C1] syz-executor610/8449 is trying to acquire lock: [ 75.871123][ C1] ffffffff8be83cc0 (console_owner){....}-{0:0}, at: console_unlock+0x2e6/0xc40 [ 75.871140][ C1] [ 75.871143][ C1] but task is already holding lock: [ 75.871146][ C1] ffffffff90167d78 (&port->lock){-.-.}-{2:2}, at: tty_port_close_start.part.0+0x28/0x550 [ 75.871163][ C1] [ 75.871166][ C1] which lock already depends on the new lock. [ 75.871169][ C1] [ 75.871171][ C1] [ 75.871174][ C1] the existing dependency chain (in reverse order) is: [ 75.871178][ C1] [ 75.871180][ C1] -> #2 (&port->lock){-.-.}-{2:2}: [ 75.871193][ C1] _raw_spin_lock_irqsave+0x39/0x50 [ 75.871197][ C1] tty_port_tty_get+0x1f/0x100 [ 75.871201][ C1] tty_port_default_wakeup+0x11/0x40 [ 75.871205][ C1] serial8250_tx_chars+0x487/0xa80 [ 75.871210][ C1] serial8250_handle_irq.part.0+0x328/0x3d0 [ 75.871214][ C1] serial8250_default_handle_irq+0xb2/0x220 [ 75.871218][ C1] serial8250_interrupt+0xfd/0x200 [ 75.871222][ C1] __handle_irq_event_percpu+0x303/0x8f0 [ 75.871227][ C1] handle_irq_event+0x102/0x290 [ 75.871230][ C1] handle_edge_irq+0x25f/0xd00 [ 75.871234][ C1] __common_interrupt+0x9e/0x200 [ 75.871238][ C1] common_interrupt+0x9f/0xd0 [ 75.871242][ C1] asm_common_interrupt+0x1e/0x40 [ 75.871246][ C1] _raw_spin_unlock_irqrestore+0x38/0x70 [ 75.871249][ C1] uart_write+0x30d/0x570 [ 75.871253][ C1] do_output_char+0x5de/0x850 [ 75.871257][ C1] n_tty_write+0x4c3/0xfd0 [ 75.871261][ C1] file_tty_write.constprop.0+0x526/0x910 [ 75.871265][ C1] redirected_tty_write+0xa1/0xc0 [ 75.871269][ C1] do_iter_readv_writev+0x46f/0x740 [ 75.871273][ C1] do_iter_write+0x188/0x670 [ 75.871276][ C1] vfs_writev+0x1aa/0x630 [ 75.871280][ C1] do_writev+0x139/0x300 [ 75.871283][ C1] do_syscall_64+0x2d/0x70 [ 75.871287][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.871291][ C1] [ 75.871293][ C1] -> #1 (&port_lock_key){-.-.}-{2:2}: [ 75.871306][ C1] _raw_spin_lock_irqsave+0x39/0x50 [ 75.871310][ C1] serial8250_console_write+0x8b2/0xae0 [ 75.871315][ C1] console_unlock+0x859/0xc40 [ 75.871318][ C1] vprintk_emit+0x1ca/0x560 [ 75.871322][ C1] vprintk+0x8d/0x260 [ 75.871325][ C1] printk+0xba/0xed [ 75.871328][ C1] register_console+0x55f/0x780 [ 75.871332][ C1] univ8250_console_init+0x3a/0x46 [ 75.871336][ C1] console_init+0x3c7/0x596 [ 75.871340][ C1] start_kernel+0x306/0x496 [ 75.871344][ C1] secondary_startup_64_no_verify+0xb0/0xbb [ 75.871347][ C1] [ 75.871349][ C1] -> #0 (console_owner){....}-{0:0}: [ 75.871363][ C1] __lock_acquire+0x2a17/0x5230 [ 75.871367][ C1] lock_acquire+0x1ab/0x740 [ 75.871370][ C1] console_unlock+0x359/0xc40 [ 75.871374][ C1] vprintk_emit+0x1ca/0x560 [ 75.871377][ C1] vprintk+0x8d/0x260 [ 75.871381][ C1] printk+0xba/0xed [ 75.871384][ C1] tty_port_close_start.part.0+0x503/0x550 [ 75.871388][ C1] tty_port_close+0x46/0x170 [ 75.871392][ C1] tty_release+0x45e/0x1210 [ 75.871395][ C1] __fput+0x288/0x920 [ 75.871399][ C1] task_work_run+0xdd/0x1a0 [ 75.871402][ C1] exit_to_user_mode_prepare+0x249/0x250 [ 75.871407][ C1] syscall_exit_to_user_mode+0x19/0x60 [ 75.871411][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.871414][ C1] [ 75.871417][ C1] other info that might help us debug this: [ 75.871420][ C1] [ 75.871422][ C1] Chain exists of: [ 75.871425][ C1] console_owner --> &port_lock_key --> &port->lock [ 75.871443][ C1] [ 75.871446][ C1] Possible unsafe locking scenario: [ 75.871449][ C1] [ 75.871452][ C1] CPU0 CPU1 [ 75.871455][ C1] ---- ---- [ 75.871459][ C1] lock(&port->lock); [ 75.871467][ C1] lock(&port_lock_key); [ 75.871476][ C1] lock(&port->lock); [ 75.871485][ C1] lock(console_owner); [ 75.871492][ C1] [ 75.871494][ C1] *** DEADLOCK *** [ 75.871497][ C1] [ 75.871500][ C1] 3 locks held by syz-executor610/8449: [ 75.871503][ C1] #0: ffff88801d2f71c0 (&tty->legacy_mutex){+.+.}-{3:3}, at: tty_lock+0xbd/0x120 [ 75.871521][ C1] #1: ffffffff90167d78 (&port->lock){-.-.}-{2:2}, at: tty_port_close_start.part.0+0x28/0x550 [ 75.871539][ C1] #2: ffffffff8bf640a0 (console_lock){+.+.}-{0:0}, at: vprintk+0x8d/0x260 [ 75.871556][ C1] [ 75.871558][ C1] stack backtrace: [ 75.871562][ C1] CPU: 1 PID: 8449 Comm: syz-executor610 Not tainted 5.12.0-rc5-next-20210401-syzkaller #0 [ 75.871577][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.871592][ C1] Call Trace: [ 75.871594][ C1] dump_stack+0x141/0x1d7 [ 75.871597][ C1] check_noncircular+0x25f/0x2e0 [ 75.871601][ C1] ? stack_trace_consume_entry+0x160/0x160 [ 75.871605][ C1] ? print_circular_bug+0x1e0/0x1e0 [ 75.871608][ C1] ? memcpy+0x39/0x60 [ 75.871611][ C1] ? lockdep_lock+0xc6/0x200 [ 75.871615][ C1] ? call_rcu_zapped+0xb0/0xb0 [ 75.871618][ C1] __lock_acquire+0x2a17/0x5230 [ 75.871622][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 75.871626][ C1] lock_acquire+0x1ab/0x740 [ 75.871629][ C1] ? console_unlock+0x2e6/0xc40 [ 75.871632][ C1] ? lock_release+0x720/0x720 [ 75.871636][ C1] ? lock_downgrade+0x6e0/0x6e0 [ 75.871639][ C1] ? do_raw_spin_lock+0x120/0x2b0 [ 75.871643][ C1] ? rwlock_bug.part.0+0x90/0x90 [ 75.871646][ C1] console_unlock+0x359/0xc40 [ 75.871650][ C1] ? console_unlock+0x2e6/0xc40 [ 75.871653][ C1] ? devkmsg_read+0x7d0/0x7d0 [ 75.871656][ C1] ? lock_release+0x720/0x720 [ 75.871660][ C1] ? vprintk+0x8d/0x260 [ 75.871663][ C1] vprintk_emit+0x1ca/0x560 [ 75.871666][ C1] vprintk+0x8d/0x260 [ 75.871669][ C1] printk+0xba/0xed [ 75.871672][ C1] ? record_print_text.cold+0x16/0x16 [ 75.871676][ C1] ? _raw_spin_lock_irqsave+0x4e/0x50 [ 75.871679][ C1] tty_port_close_start.part.0+0x503/0x550 [ 75.871683][ C1] tty_port_close+0x46/0x170 [ 75.871686][ C1] ? tpk_open+0x60/0x60 [ 75.871689][ C1] tty_release+0x45e/0x1210 [ 75.871693][ C1] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 75.871697][ C1] __fput+0x288/0x920 [ 75.871700][ C1] ? tty_release_struct+0xe0/0xe0 [ 75.871704][ C1] task_work_run+0xdd/0x1a0 [ 75.871707][ C1] exit_to_user_mode_prepare+0x249/0x250 [ 75.871711][ C1] syscall_exit_to_user_mode+0x19/0x60 [ 75.871715][ C1] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.871719][ C1] RIP: 0033:0x40a17b [ 75.871725][ C1] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44 [ 75.871734][ C1] RSP: 002b:00007fff17874230 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 75.871743][ C1] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 000000000040a17b [ 75.871748][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 75.871754][ C1] RBP: 00000000004cf4dc R08: 00000000000000