Warning: Permanently added '[localhost]:25910' (ECDSA) to the list of known hosts.
syzkaller login: [ 96.277972][ T48] audit: type=1400 audit(1612690852.231:8): avc: denied { execmem } for pid=8664 comm="syz-executor810" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 96.305835][ T8665] IPVS: ftp: loaded support on port[0] = 21
executing program
[ 96.380380][ T8665] ttyprintk ttyprintk: tty_port_close_start: tty->count = 1 port count = 2
[ 96.396502][ C0]
[ 96.396513][ C0] ======================================================
[ 96.396522][ C0] WARNING: possible circular locking dependency detected
[ 96.396531][ C0] 5.11.0-rc6-syzkaller #0 Not tainted
[ 96.396538][ C0] ------------------------------------------------------
[ 96.396546][ C0] syz-executor810/8665 is trying to acquire lock:
[ 96.396566][ C0] ffffffff8bc82ce0 (console_owner){....}-{0:0}, at: console_unlock+0x2fb/0xbb0
[ 96.396598][ C0]
[ 96.396603][ C0] but task is already holding lock:
[ 96.396610][ C0] ffffffff906b3358 (&port->lock){-.-.}-{2:2}, at: tty_port_close_start.part.0+0x28/0x550
[ 96.396641][ C0]
[ 96.396647][ C0] which lock already depends on the new lock.
[ 96.396654][ C0]
[ 96.396658][ C0]
[ 96.396664][ C0] the existing dependency chain (in reverse order) is:
[ 96.396671][ C0]
[ 96.396675][ C0] -> #2 (&port->lock){-.-.}-{2:2}:
[ 96.396701][ C0] _raw_spin_lock_irqsave+0x39/0x50
[ 96.396708][ C0] tty_port_tty_get+0x1f/0x100
[ 96.396715][ C0] tty_port_default_wakeup+0x11/0x40
[ 96.396722][ C0] serial8250_tx_chars+0x487/0xa80
[ 96.396728][ C0] serial8250_handle_irq.part.0+0x328/0x3d0
[ 96.396735][ C0] serial8250_default_handle_irq+0xb2/0x220
[ 96.396741][ C0] serial8250_interrupt+0xfd/0x200
[ 96.396748][ C0] __handle_irq_event_percpu+0x303/0x8f0
[ 96.396755][ C0] handle_irq_event+0x102/0x290
[ 96.396761][ C0] handle_edge_irq+0x25f/0xd00
[ 96.396768][ C0] asm_call_irq_on_stack+0xf/0x20
[ 96.396775][ C0] common_interrupt+0x120/0x200
[ 96.396782][ C0] asm_common_interrupt+0x1e/0x40
[ 96.396788][ C0] default_idle+0xe/0x10
[ 96.396794][ C0] default_idle_call+0x87/0xd0
[ 96.396801][ C0] do_idle+0x3fa/0x590
[ 96.396807][ C0] cpu_startup_entry+0x14/0x20
[ 96.396813][ C0] start_secondary+0x274/0x350
[ 96.396821][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 96.396828][ C0]
[ 96.396831][ C0] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 96.396857][ C0] _raw_spin_lock_irqsave+0x39/0x50
[ 96.396865][ C0] serial8250_console_write+0x880/0xa90
[ 96.396872][ C0] console_unlock+0x841/0xbb0
[ 96.396879][ C0] vprintk_emit+0x189/0x490
[ 96.396885][ C0] vprintk_func+0x8d/0x1e0
[ 96.396892][ C0] printk+0xba/0xed
[ 96.396898][ C0] register_console+0x5d1/0x800
[ 96.396905][ C0] univ8250_console_init+0x3a/0x46
[ 96.396912][ C0] console_init+0x3c7/0x596
[ 96.396919][ C0] start_kernel+0x2fc/0x48c
[ 96.396926][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 96.396933][ C0]
[ 96.396937][ C0] -> #0 (console_owner){....}-{0:0}:
[ 96.396962][ C0] __lock_acquire+0x2b26/0x54f0
[ 96.396969][ C0] lock_acquire+0x1a8/0x720
[ 96.396976][ C0] console_unlock+0x37a/0xbb0
[ 96.396982][ C0] vprintk_emit+0x189/0x490
[ 96.396988][ C0] vprintk_func+0x8d/0x1e0
[ 96.396994][ C0] printk+0xba/0xed
[ 96.397000][ C0] tty_port_close_start.part.0+0x503/0x550
[ 96.397008][ C0] tty_port_close+0x46/0x170
[ 96.397014][ C0] tty_release+0x45e/0x1210
[ 96.397020][ C0] __fput+0x283/0x920
[ 96.397027][ C0] task_work_run+0xdd/0x190
[ 96.397033][ C0] exit_to_user_mode_prepare+0x249/0x250
[ 96.397041][ C0] syscall_exit_to_user_mode+0x19/0x50
[ 96.397049][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 96.397055][ C0]
[ 96.397060][ C0] other info that might help us debug this:
[ 96.397067][ C0]
[ 96.397071][ C0] Chain exists of:
[ 96.397076][ C0] console_owner --> &port_lock_key --> &port->lock
[ 96.397110][ C0]
[ 96.397115][ C0] Possible unsafe locking scenario:
[ 96.397121][ C0]
[ 96.397126][ C0] CPU0 CPU1
[ 96.397133][ C0] ---- ----
[ 96.397139][ C0] lock(&port->lock);
[ 96.397154][ C0] lock(&port_lock_key);
[ 96.397171][ C0] lock(&port->lock);
[ 96.397188][ C0] lock(console_owner);
[ 96.397202][ C0]
[ 96.397207][ C0] *** DEADLOCK ***
[ 96.397211][ C0]
[ 96.397216][ C0] 3 locks held by syz-executor810/8665:
[ 96.397223][ C0] #0: ffff888019b801c0 (&tty->legacy_mutex){+.+.}-{3:3}, at: tty_lock+0xbd/0x120
[ 96.397256][ C0] #1: ffffffff906b3358 (&port->lock){-.-.}-{2:2}, at: tty_port_close_start.part.0+0x28/0x550
[ 96.397299][ C0] #2: ffffffff8bd63060 (console_lock){+.+.}-{0:0}, at: vprintk_func+0x8d/0x1e0
[ 96.397330][ C0]
[ 96.397335][ C0] stack backtrace:
[ 96.397342][ C0] CPU: 0 PID: 8665 Comm: syz-executor810 Not tainted 5.11.0-rc6-syzkaller #0
[ 96.397352][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
[ 96.397361][ C0] Call Trace:
[ 96.397366][ C0] dump_stack+0x107/0x163
[ 96.397372][ C0] check_noncircular+0x25f/0x2e0
[ 96.397379][ C0] ? stack_trace_consume_entry+0x160/0x160
[ 96.397386][ C0] ? print_circular_bug+0x480/0x480
[ 96.397392][ C0] ? memcpy+0x39/0x60
[ 96.397398][ C0] ? lockdep_lock+0xc6/0x200
[ 96.397404][ C0] ? call_rcu_zapped+0xb0/0xb0
[ 96.397410][ C0] __lock_acquire+0x2b26/0x54f0
[ 96.397417][ C0] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 96.397424][ C0] lock_acquire+0x1a8/0x720
[ 96.397430][ C0] ? console_unlock+0x2fb/0xbb0
[ 96.397437][ C0] ? lock_release+0x710/0x710
[ 96.397443][ C0] ? lock_downgrade+0x6d0/0x6d0
[ 96.397450][ C0] ? do_raw_spin_lock+0x120/0x2b0
[ 96.397456][ C0] ? rwlock_bug.part.0+0x90/0x90
[ 96.397462][ C0] console_unlock+0x37a/0xbb0
[ 96.397468][ C0] ? console_unlock+0x2fb/0xbb0
[ 96.397474][ C0] ? devkmsg_read+0x740/0x740
[ 96.397481][ C0] ? lock_release+0x710/0x710
[ 96.397487][ C0] ? do_raw_spin_unlock+0x171/0x230
[ 96.397493][ C0] ? vprintk_func+0x8d/0x1e0
[ 96.397500][ C0] vprintk_emit+0x189/0x490
[ 96.397506][ C0] vprintk_func+0x8d/0x1e0
[ 96.397511][ C0] printk+0xba/0xed
[ 96.397517][ C0] ? record_print_text.cold+0x16/0x16
[ 96.397524][ C0] ? _raw_spin_lock_irqsave+0x4e/0x50
[ 96.397532][ C0] tty_port_close_start.part.0+0x503/0x550
[ 96.397539][ C0] tty_port_close+0x46/0x170
[ 96.397545][ C0] ? tpk_open+0x60/0x60
[ 96.397551][ C0] tty_release+0x45e/0x1210
[ 96.397557][ C0] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80
[ 96.397564][ C0] __fput+0x283/0x920
[ 96.397570][ C0] ? tty_release_struct+0xe0/0xe0
[ 96.397576][ C0] task_work_run+0xdd/0x190
[ 96.397583][ C0] exit_to_user_mode_prepare+0x249/0x250
[ 96.397590][ C0] syscall_exit_to_user_mode+0x19/0x50
[ 96.397597][ C0] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 96.397604][ C0] RIP: 0033:0x40667b
[ 96.397615][ C0] Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 03 fd ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 41 fd ff ff 8b 44
[ 96.397632][ C0] RSP: 002b:00007fffc1ef8ee0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[ 96.397648][ C0] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 000000000040667b
[ 96.397658][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 96.397667][ C0] RBP: 00000000004ca41c R08: 0000000000000000 R09: 0000000100000000
[ 96.397676][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 96.397685][ C0] R13: 00007fffc1ef8f30 R14: 00007fffc1ef8f80 R15: 0000000000000002
VM DIAGNOSIS:
09:40:52 Registers:
info registers vcpu 0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff8418b75c RDI=ffffffff9069a5c0 RBP=ffffffff9069a580 RSP=ffffc90000007c38
R8 =000000000000003b R9 =0000000000000000 R10=ffffffff8418b74d R11=000000000000001f
R12=0000000000000000 R13=fffffbfff20d3503 R14=fffffbfff20d34ba R15=dffffc0000000000
RIP=ffffffff8418b782 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000001589300 ffffffff 00c00000
GS =0000 ffff88802ca00000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000000000485b80 CR3=0000000020c67000 CR4=00150ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000004c99e000000000004c99e0
XMM02=ffffffffffff00000000000000000000 XMM03=000000000000000000000000000000ff
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000034323031203030352036 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=000000000001ac16 RBX=ffff8880116c2400 RCX=ffffffff88fb88d0 RDX=0000000000000000
RSI=0000000000000001 RDI=ffffffff88fde11f RBP=ffffed10022d8480 RSP=ffffc9000043fdf8
R8 =0000000000000000 R9 =ffff88802cb35c6b R10=ffffed1005966b8d R11=0000000000000000
R12=0000000000000001 R13=0000000000000001 R14=ffffffff8da3b9c8 R15=0000000000000000
RIP=ffffffff88fddd5e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cb00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe000003e000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe000003c000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00000000200008cc CR3=0000000020c67000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000004c99e000000000004c99e0
XMM02=ffffffffffff00000000000000000000 XMM03=000000000000000000000000000000ff
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000034323031203030352036 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 2
RAX=0000000000000000 RBX=00000000c769401c RCX=0000000000000000 RDX=ffff8880115d4040
RSI=ffffffff8390def0 RDI=0000000000000003 RBP=000000005364b2ac RSP=ffffc9000034f9a8
R8 =000000005364b2ac R9 =0000000000000000 R10=ffffffff8390dfdc R11=0000000000000000
R12=0000000000000000 R13=ffff88801552a7c0 R14=ffff888015294928 R15=ffff8880152948a0
RIP=ffffffff8172d3c7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fb9ad75e500 ffffffff 00c00000
GS =0000 ffff88802cc00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe0000079000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000077000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055b6451f6498 CR3=0000000013009000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00009fc0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=7379732f646d65747379732f62696c2f XMM01=65642e39647974742d7665642f6d6574
XMM02=00642e6563697665642e39647974742d XMM03=7665642f6d65747379732f646d657473
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=000055b64519c340000055b64517dd70 XMM09=ffffffffffffff00000000000000ffff
XMM10=20202020202020000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 3
RAX=000000000001ca26 RBX=ffff8880116c8040 RCX=ffffffff88fb88d0 RDX=0000000000000000
RSI=0000000000000001 RDI=ffffffff88fde11f RBP=ffffed10022d9008 RSP=ffffc9000045fdf8
R8 =0000000000000000 R9 =ffff88802cd35c6b R10=ffffed10059a6b8d R11=0000000000000000
R12=0000000000000003 R13=0000000000000003 R14=ffffffff8da3b9c8 R15=0000000000000000
RIP=ffffffff88fddd5e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802cd00000 ffffffff 00c00000
LDT=0000 0000000000000000 00000000 00000000
TR =0040 fffffe00000b4000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe00000b2000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=000055b6451f5378 CR3=0000000013009000 CR4=00150ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00009fc0
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=0000000000ff000000000000ff000000
XMM02=00000000000000210000000065636976 XMM03=00000000000000000000000000000000
XMM04=000000000000000000ff000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=000055b64519c340000055b64517dd70 XMM09=ffffffffffffff00000000000000ffff
XMM10=20202020202020000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000