./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3548727301
<...>
Warning: Permanently added '10.128.0.20' (ECDSA) to the list of known hosts.
execve("./syz-executor3548727301", ["./syz-executor3548727301"], 0x7ffdec12d1f0 /* 10 vars */) = 0
brk(NULL) = 0x555556b9b000
brk(0x555556b9bc40) = 0x555556b9bc40
arch_prctl(ARCH_SET_FS, 0x555556b9b300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor3548727301", 4096) = 28
brk(0x555556bbcc40) = 0x555556bbcc40
brk(0x555556bbd000) = 0x555556bbd000
mprotect(0x7f9917ab3000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/dev/ptmx", O_WRONLY|O_CREAT, 000) = 3
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 4
write(4, "3", 1) = 1
syzkaller login: [ 44.417133][ T3608] FAULT_INJECTION: forcing a failure.
[ 44.417133][ T3608] name failslab, interval 1, probability 0, space 0, times 1
[ 44.417279][ T3608]
[ 44.417284][ T3608] ======================================================
[ 44.417289][ T3608] WARNING: possible circular locking dependency detected
[ 44.417295][ T3608] 5.18.0-syzkaller-01850-gaa051d36ce4a #0 Not tainted
[ 44.417305][ T3608] ------------------------------------------------------
[ 44.417311][ T3608] syz-executor354/3608 is trying to acquire lock:
[ 44.417320][ T3608] ffffffff8bc92f80 (console_owner){....}-{0:0}, at: console_unlock+0x35e/0xdd0
[ 44.417382][ T3608]
[ 44.417382][ T3608] but task is already holding lock:
[ 44.417386][ T3608] ffff888011b7e958 (&port->lock){-...}-{2:2}, at: pty_write+0xea/0x1e0
[ 44.417426][ T3608]
[ 44.417426][ T3608] which lock already depends on the new lock.
[ 44.417426][ T3608]
[ 44.417431][ T3608]
[ 44.417431][ T3608] the existing dependency chain (in reverse order) is:
[ 44.417436][ T3608]
[ 44.417436][ T3608] -> #2 (&port->lock){-...}-{2:2}:
[ 44.417460][ T3608] _raw_spin_lock_irqsave+0x39/0x50
[ 44.417485][ T3608] tty_port_tty_get+0x1f/0x100
[ 44.417508][ T3608] tty_port_default_wakeup+0x11/0x40
[ 44.417532][ T3608] serial8250_tx_chars+0x4f3/0xa50
[ 44.417553][ T3608] serial8250_handle_irq.part.0+0x328/0x3d0
[ 44.417570][ T3608] serial8250_default_handle_irq+0xb2/0x220
[ 44.417582][ T3608] serial8250_interrupt+0xfd/0x200
[ 44.417595][ T3608] __handle_irq_event_percpu+0x22b/0x880
[ 44.417607][ T3608] handle_irq_event+0xa7/0x1e0
[ 44.417618][ T3608] handle_edge_irq+0x25f/0xd00
[ 44.417630][ T3608] __common_interrupt+0x9d/0x210
[ 44.417641][ T3608] common_interrupt+0xa4/0xc0
[ 44.417653][ T3608] asm_common_interrupt+0x27/0x40
[ 44.417670][ T3608] acpi_idle_do_entry+0x1c6/0x250
[ 44.417683][ T3608] acpi_idle_enter+0x369/0x510
[ 44.417696][ T3608] cpuidle_enter_state+0x1b1/0xc80
[ 44.417709][ T3608] cpuidle_enter+0x4a/0xa0
[ 44.417720][ T3608] do_idle+0x3e8/0x590
[ 44.417730][ T3608] cpu_startup_entry+0x14/0x20
[ 44.417740][ T3608] rest_init+0x169/0x270
[ 44.417752][ T3608] arch_call_rest_init+0xf/0x14
[ 44.417765][ T3608] start_kernel+0x46e/0x48f
[ 44.417775][ T3608] secondary_startup_64_no_verify+0xce/0xdb
[ 44.417790][ T3608]
[ 44.417790][ T3608] -> #1 (&port_lock_key){-...}-{2:2}:
[ 44.417804][ T3608] _raw_spin_lock_irqsave+0x39/0x50
[ 44.417818][ T3608] serial8250_console_write+0x9cb/0xc30
[ 44.417830][ T3608] console_unlock+0x9bc/0xdd0
[ 44.417843][ T3608] vprintk_emit+0x1b4/0x5f0
[ 44.417855][ T3608] vprintk+0x80/0x90
[ 44.417868][ T3608] _printk+0xba/0xed
[ 44.417881][ T3608] register_console+0x410/0x7c0
[ 44.417894][ T3608] univ8250_console_init+0x3a/0x46
[ 44.417909][ T3608] console_init+0x3c1/0x58d
[ 44.417919][ T3608] start_kernel+0x2fa/0x48f
[ 44.417929][ T3608] secondary_startup_64_no_verify+0xce/0xdb
[ 44.417942][ T3608]
[ 44.417942][ T3608] -> #0 (console_owner){....}-{0:0}:
[ 44.417956][ T3608] __lock_acquire+0x2ac6/0x56c0
[ 44.417970][ T3608] lock_acquire+0x1ab/0x570
[ 44.417982][ T3608] console_unlock+0x3b1/0xdd0
[ 44.417995][ T3608] vprintk_emit+0x1b4/0x5f0
[ 44.418008][ T3608] vprintk+0x80/0x90
[ 44.418020][ T3608] _printk+0xba/0xed
[ 44.418032][ T3608] should_fail+0x472/0x5a0
[ 44.418045][ T3608] should_failslab+0x5/0x10
[ 44.418056][ T3608] __kmalloc+0x7e/0x350
[ 44.418067][ T3608] tty_buffer_alloc+0x23f/0x2a0
[ 44.418079][ T3608] __tty_buffer_request_room+0x156/0x2a0
[ 44.418092][ T3608] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 44.418107][ T3608] pty_write+0x11c/0x1e0
[ 44.418116][ T3608] n_tty_write+0xa7a/0xfc0
[ 44.418127][ T3608] file_tty_write.constprop.0+0x520/0x900
[ 44.418139][ T3608] new_sync_write+0x38a/0x560
[ 44.418150][ T3608] vfs_write+0x7c0/0xac0
[ 44.418160][ T3608] ksys_write+0x127/0x250
[ 44.418171][ T3608] do_syscall_64+0x35/0xb0
[ 44.418181][ T3608] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[ 44.418196][ T3608]
[ 44.418196][ T3608] other info that might help us debug this:
[ 44.418196][ T3608]
[ 44.418199][ T3608] Chain exists of:
[ 44.418199][ T3608] console_owner --> &port_lock_key --> &port->lock
[ 44.418199][ T3608]
[ 44.418214][ T3608] Possible unsafe locking scenario:
[ 44.418214][ T3608]
[ 44.418217][ T3608] CPU0 CPU1
[ 44.418219][ T3608] ---- ----
[ 44.418221][ T3608] lock(&port->lock);
[ 44.418227][ T3608] lock(&port_lock_key);
[ 44.418234][ T3608] lock(&port->lock);
[ 44.418240][ T3608] lock(console_owner);
[ 44.418246][ T3608]
[ 44.418246][ T3608] *** DEADLOCK ***
[ 44.418246][ T3608]
[ 44.418248][ T3608] 6 locks held by syz-executor354/3608:
[ 44.418255][ T3608] #0: ffff88807dfa3098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80
[ 44.418285][ T3608] #1: ffff88807dfa3130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x299/0x900
[ 44.418321][ T3608] #2: ffff88807dfa32e8 (&tty->termios_rwsem){++++}-{3:3}, at: n_tty_write+0x1bf/0xfc0
[ 44.418348][ T3608] #3: ffffc900013da378 (&ldata->output_lock){+.+.}-{3:3}, at: n_tty_write+0xa47/0xfc0
[ 44.418375][ T3608] #4: ffff888011b7e958 (&port->lock){-...}-{2:2}, at: pty_write+0xea/0x1e0
[ 44.418400][ T3608] #5: ffffffff8bd733c0 (console_lock){+.+.}-{0:0}, at: vprintk+0x80/0x90
[ 44.418428][ T3608]
[ 44.418428][ T3608] stack backtrace:
[ 44.418432][ T3608] CPU: 1 PID: 3608 Comm: syz-executor354 Not tainted 5.18.0-syzkaller-01850-gaa051d36ce4a #0
[ 44.418445][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 44.418453][ T3608] Call Trace:
[ 44.418462][ T3608]
[ 44.418467][ T3608] dump_stack_lvl+0xcd/0x134
[ 44.418481][ T3608] check_noncircular+0x25f/0x2e0
[ 44.418494][ T3608] ? filter_irq_stacks+0x90/0x90
[ 44.418510][ T3608] ? print_circular_bug+0x1e0/0x1e0
[ 44.418524][ T3608] ? pointer+0x950/0x950
[ 44.418539][ T3608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 44.418554][ T3608] ? add_lock_to_list+0x185/0x370
[ 44.418569][ T3608] __lock_acquire+0x2ac6/0x56c0
[ 44.418585][ T3608] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 44.418600][ T3608] ? msg_add_ext_text+0x1d0/0x1d0
[ 44.418616][ T3608] lock_acquire+0x1ab/0x570
[ 44.418629][ T3608] ? console_unlock+0x35e/0xdd0
[ 44.418644][ T3608] ? lock_release+0x780/0x780
[ 44.418657][ T3608] ? lock_downgrade+0x6e0/0x6e0
[ 44.418675][ T3608] ? do_raw_spin_lock+0x120/0x2a0
[ 44.418690][ T3608] ? rwlock_bug.part.0+0x90/0x90
[ 44.418704][ T3608] ? prb_final_commit+0x64/0xa0
[ 44.418716][ T3608] console_unlock+0x3b1/0xdd0
[ 44.418730][ T3608] ? console_unlock+0x35e/0xdd0
[ 44.418744][ T3608] ? devkmsg_read+0x730/0x730
[ 44.418758][ T3608] ? lock_release+0x780/0x780
[ 44.418774][ T3608] ? vprintk+0x80/0x90
[ 44.418789][ T3608] vprintk_emit+0x1b4/0x5f0
[ 44.418802][ T3608] ? add_lock_to_list+0x185/0x370
[ 44.418816][ T3608] vprintk+0x80/0x90
[ 44.418830][ T3608] _printk+0xba/0xed
[ 44.418844][ T3608] ? record_print_text.cold+0x16/0x16
[ 44.418871][ T3608] ? ___ratelimit+0x222/0x4b0
[ 44.418889][ T3608] should_fail+0x472/0x5a0
[ 44.418902][ T3608] should_failslab+0x5/0x10
[ 44.418914][ T3608] __kmalloc+0x7e/0x350
[ 44.418925][ T3608] ? tty_buffer_alloc+0x23f/0x2a0
[ 44.418940][ T3608] tty_buffer_alloc+0x23f/0x2a0
[ 44.418954][ T3608] __tty_buffer_request_room+0x156/0x2a0
[ 44.418970][ T3608] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 44.418987][ T3608] pty_write+0x11c/0x1e0
[ 44.418999][ T3608] n_tty_write+0xa7a/0xfc0
[ 44.419012][ T3608] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 44.419024][ T3608] ? _copy_from_iter+0x12b/0x15a0
[ 44.419040][ T3608] ? n_tty_check_unthrottle+0x440/0x440
[ 44.419053][ T3608] ? rcu_read_lock_sched_held+0x3a/0x70
[ 44.419068][ T3608] ? __init_waitqueue_head+0xd0/0xd0
[ 44.419082][ T3608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 44.419095][ T3608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 44.419108][ T3608] ? __phys_addr_symbol+0x2c/0x70
[ 44.419123][ T3608] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 44.419135][ T3608] ? __check_object_size+0x353/0x7a0
[ 44.419151][ T3608] file_tty_write.constprop.0+0x520/0x900
[ 44.419164][ T3608] ? n_tty_check_unthrottle+0x440/0x440
[ 44.419179][ T3608] new_sync_write+0x38a/0x560
[ 44.419191][ T3608] ? new_sync_read+0x5f0/0x5f0
[ 44.419203][ T3608] ? _raw_spin_lock_irq+0x41/0x50
[ 44.419219][ T3608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 44.419232][ T3608] ? security_file_permission+0xab/0xd0
[ 44.419249][ T3608] vfs_write+0x7c0/0xac0
[ 44.419262][ T3608] ksys_write+0x127/0x250
[ 44.419273][ T3608] ? __ia32_sys_read+0xb0/0xb0
[ 44.419285][ T3608] ? lockdep_hardirqs_on+0x79/0x100
[ 44.419298][ T3608] ? _raw_spin_unlock_irq+0x2a/0x40
[ 44.419312][ T3608] ? ptrace_notify+0xfa/0x140
[ 44.419329][ T3608] do_syscall_64+0x35/0xb0
[ 44.419341][ T3608] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[ 44.419356][ T3608] RIP: 0033:0x7f9917a46669
[ 44.419366][ T3608] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 44.419378][ T3608] RSP: 002b:00007fff90698ff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 44.419390][ T3608] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f9917a46669
[ 44.419398][ T3608] RDX: 000000000000ff2e RSI: 00000000200000c0 RDI: 0000000000000003
[ 44.419406][ T3608] RBP: 00007fff90699000 R08: 0000000000000001 R09: 00007f9917a00033
[ 44.419414][ T3608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 44.419422][ T3608] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 44.419432][ T3608]
[ 45.372833][ T3608] CPU: 1 PID: 3608 Comm: syz-executor354 Not tainted 5.18.0-syzkaller-01850-gaa051d36ce4a #0
[ 45.382969][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 45.393006][ T3608] Call Trace:
[ 45.396269][ T3608]
[ 45.399185][ T3608] dump_stack_lvl+0xcd/0x134
[ 45.403768][ T3608] should_fail.cold+0x5/0xa
[ 45.408270][ T3608] should_failslab+0x5/0x10
[ 45.412760][ T3608] __kmalloc+0x7e/0x350
[ 45.416904][ T3608] ? tty_buffer_alloc+0x23f/0x2a0
[ 45.421919][ T3608] tty_buffer_alloc+0x23f/0x2a0
[ 45.426761][ T3608] __tty_buffer_request_room+0x156/0x2a0
[ 45.432383][ T3608] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 45.438621][ T3608] pty_write+0x11c/0x1e0
[ 45.442852][ T3608] n_tty_write+0xa7a/0xfc0
[ 45.447256][ T3608] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 45.452962][ T3608] ? _copy_from_iter+0x12b/0x15a0
[ 45.457982][ T3608] ? n_tty_check_unthrottle+0x440/0x440
[ 45.463521][ T3608] ? rcu_read_lock_sched_held+0x3a/0x70
[ 45.469059][ T3608] ? __init_waitqueue_head+0xd0/0xd0
[ 45.474335][ T3608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 45.480572][ T3608] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 45.486799][ T3608] ? __phys_addr_symbol+0x2c/0x70
[ 45.491810][ T3608] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 45.497514][ T3608] ? __check_object_size+0x353/0x7a0
[ 45.503003][ T3608] file_tty_write.constprop.0+0x520/0x900
[ 45.508747][ T3608] ? n_tty_check_unthrottle+0x440/0x440
[ 45.514306][ T3608] new_sync_write+0x38a/0x560
[ 45.519074][ T3608] ? new_sync_read+0x5f0/0x5f0
[ 45.523837][ T3608] ? _raw_spin_lock_irq+0x41/0x50
[ 45.528867][ T3608] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 45.535101][ T3608] ? security_file_permission+0xab/0xd0
[ 45.540650][ T3608] vfs_write+0x7c0/0xac0
[ 45.544887][ T3608] ksys_write+0x127/0x250
[ 45.549202][ T3608] ? __ia32_sys_read+0xb0/0xb0
[ 45.553953][ T3608] ? lockdep_hardirqs_on+0x79/0x100
[ 45.559150][ T3608] ? _raw_spin_unlock_irq+0x2a/0x40
[ 45.564338][ T3608] ? ptrace_notify+0xfa/0x140
[ 45.569006][ T3608] do_syscall_64+0x35/0xb0
[ 45.573412][ T3608] entry_SYSCALL_64_after_hwframe+0x46/0xb0
[ 45.579298][ T3608] RIP: 0033:0x7f9917a46669
[ 45.583702][ T3608] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 45.603299][ T3608] RSP: 002b:00007fff90698ff8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 45.611784][ T3608] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f9917a46669
[ 45.619741][ T3608] RDX: 000000000000ff2e RSI: 00000000200000c0 RDI: 0000000000000003
[ 45.627701][ T3608] RBP: 00007fff90699000 R08: 0000000000000001 R09: 00007f9917a00033
[ 45.635659][ T3608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 45.643614][ T3608] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 45.651580][ T3608]