./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1509168487 <...> Warning: Permanently added '10.128.0.247' (ED25519) to the list of known hosts. execve("./syz-executor1509168487", ["./syz-executor1509168487"], 0x7ffdc7977bc0 /* 10 vars */) = 0 brk(NULL) = 0x555555ff0000 brk(0x555555ff0d00) = 0x555555ff0d00 arch_prctl(ARCH_SET_FS, 0x555555ff0380) = 0 set_tid_address(0x555555ff0650) = 5060 set_robust_list(0x555555ff0660, 24) = 0 rseq(0x555555ff0ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1509168487", 4096) = 28 getrandom("\xf7\x7c\xbb\xd3\xb4\x98\xa6\x8f", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555555ff0d00 brk(0x555556011d00) = 0x555556011d00 brk(0x555556012000) = 0x555556012000 mprotect(0x7f2737165000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5061 ./strace-static-x86_64: Process 5061 attached [pid 5061] set_robust_list(0x555555ff0660, 24) = 0 [pid 5061] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5061] setpgid(0, 0) = 0 [pid 5061] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5061] write(3, "1000", 4) = 4 [pid 5061] close(3) = 0 [pid 5061] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5061] ioctl(3, TIOCSETD, [21]) = 0 [ 100.755558][ T5061] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 100.765292][ T5061] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5061, name: syz-executor150 [ 100.774793][ T5061] preempt_count: 1, expected: 0 [ 100.779659][ T5061] RCU nest depth: 0, expected: 0 [ 100.784624][ T5061] 3 locks held by syz-executor150/5061: [ 100.790184][ T5061] #0: ffff88801fd7b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 100.799988][ T5061] #1: ffff88801fd7b130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 100.811347][ T5061] #2: ffff88807fb533e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 100.820550][ T5061] irq event stamp: 1716 [ 100.824718][ T5061] hardirqs last enabled at (1715): [] _raw_spin_unlock_irq+0x23/0x50 [ 100.834479][ T5061] hardirqs last disabled at (1716): [] _raw_spin_lock_irqsave+0x52/0x60 [ 100.844400][ T5061] softirqs last enabled at (952): [] __do_softirq+0x596/0x8de [ 100.853544][ T5061] softirqs last disabled at (947): [] irq_exit_rcu+0xb9/0x120 [ 100.862601][ T5061] Preemption disabled at: [ 100.862612][ T5061] [<0000000000000000>] 0x0 [ 100.871377][ T5061] CPU: 0 PID: 5061 Comm: syz-executor150 Not tainted 6.7.0-next-20240119-syzkaller #0 [ 100.880942][ T5061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 100.891104][ T5061] Call Trace: [ 100.894408][ T5061] [ 100.897385][ T5061] dump_stack_lvl+0xd9/0x1b0 [ 100.902014][ T5061] __might_resched+0x3c0/0x5e0 [ 100.906808][ T5061] ? __pfx___might_resched+0x10/0x10 [ 100.912125][ T5061] ? add_lock_to_list+0x17d/0x380 [ 100.917191][ T5061] console_lock+0x34/0x150 [ 100.921659][ T5061] do_con_write+0x149/0x7f50 [ 100.926298][ T5061] ? __pfx___lock_acquire+0x10/0x10 [ 100.931558][ T5061] ? __pfx___might_resched+0x10/0x10 [ 100.936893][ T5061] ? __pfx_do_con_write+0x10/0x10 [ 100.941960][ T5061] ? lock_acquire+0x1b1/0x540 [ 100.946697][ T5061] ? __pfx_lock_acquire+0x10/0x10 [ 100.951775][ T5061] ? do_raw_spin_lock+0x12d/0x2c0 [ 100.956833][ T5061] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 100.962245][ T5061] con_write+0x23/0xc0 [ 100.966355][ T5061] gsmld_write+0xd2/0x150 [ 100.970720][ T5061] ? __pfx_gsmld_write+0x10/0x10 [ 100.975694][ T5061] file_tty_write.constprop.0+0x518/0x9b0 [ 100.981461][ T5061] vfs_write+0x6db/0x1100 [ 100.985847][ T5061] ? __pfx_vfs_write+0x10/0x10 [ 100.990657][ T5061] ? find_held_lock+0x2d/0x110 [ 100.995461][ T5061] ? __pfx_lock_release+0x10/0x10 [ 101.000529][ T5061] ? __fget_light+0x176/0x210 [ 101.005253][ T5061] ksys_write+0x12f/0x260 [ 101.009630][ T5061] ? __pfx_ksys_write+0x10/0x10 [ 101.014536][ T5061] ? lockdep_hardirqs_on+0x7c/0x110 [ 101.019778][ T5061] ? _raw_spin_unlock_irq+0x2e/0x50 [ 101.025010][ T5061] ? ptrace_notify+0xf1/0x130 [ 101.029745][ T5061] do_syscall_64+0xd2/0x260 [ 101.034296][ T5061] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 101.040226][ T5061] RIP: 0033:0x7f27370f1cb9 [ 101.044663][ T5061] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 101.064300][ T5061] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 101.072745][ T5061] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 101.080742][ T5061] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 101.088738][ T5061] RBP: 00007f27371655f0 R08: 0000000000000006 R09: 0000000000000006 [ 101.096743][ T5061] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 0000000000000001 [pid 5061] write(3, NULL, 0) = 0 [pid 5061] exit_group(0) = ? [pid 5061] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5061, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5064 attached , child_tidptr=0x555555ff0650) = 5064 [pid 5064] set_robust_list(0x555555ff0660, 24) = 0 [pid 5064] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5064] setpgid(0, 0) = 0 [pid 5064] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5064] write(3, "1000", 4) = 4 [ 101.104738][ T5061] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 101.112752][ T5061] [pid 5064] close(3) = 0 [pid 5064] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5064] ioctl(3, TIOCSETD, [21]) = 0 [pid 5064] write(3, NULL, 0) = 0 [pid 5064] exit_group(0) = ? [pid 5064] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5064, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5065 attached [pid 5065] set_robust_list(0x555555ff0660, 24) = 0 [pid 5065] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5060] <... clone resumed>, child_tidptr=0x555555ff0650) = 5065 [pid 5065] <... prctl resumed>) = 0 [pid 5065] setpgid(0, 0) = 0 [pid 5065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5065] write(3, "1000", 4) = 4 [pid 5065] close(3) = 0 [pid 5065] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5065] ioctl(3, TIOCSETD, [21]) = 0 [pid 5065] write(3, NULL, 0) = 0 [pid 5065] exit_group(0) = ? [pid 5065] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5065, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5066 attached , child_tidptr=0x555555ff0650) = 5066 [pid 5066] set_robust_list(0x555555ff0660, 24) = 0 [pid 5066] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5066] setpgid(0, 0) = 0 [pid 5066] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5066] write(3, "1000", 4) = 4 [pid 5066] close(3) = 0 [pid 5066] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5066] ioctl(3, TIOCSETD, [21]) = 0 [pid 5066] write(3, NULL, 0) = 0 [pid 5066] exit_group(0) = ? [pid 5066] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5066, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5067 ./strace-static-x86_64: Process 5067 attached [pid 5067] set_robust_list(0x555555ff0660, 24) = 0 [pid 5067] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5067] setpgid(0, 0) = 0 [pid 5067] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5067] write(3, "1000", 4) = 4 [pid 5067] close(3) = 0 [pid 5067] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5067] ioctl(3, TIOCSETD, [21]) = 0 [pid 5067] write(3, NULL, 0) = 0 [pid 5067] exit_group(0) = ? [pid 5067] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5067, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5068 attached , child_tidptr=0x555555ff0650) = 5068 [pid 5068] set_robust_list(0x555555ff0660, 24) = 0 [pid 5068] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5068] setpgid(0, 0) = 0 [pid 5068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5068] write(3, "1000", 4) = 4 [pid 5068] close(3) = 0 [pid 5068] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5068] ioctl(3, TIOCSETD, [21]) = 0 [pid 5068] write(3, NULL, 0) = 0 [pid 5068] exit_group(0) = ? [pid 5068] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5068, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5069 attached , child_tidptr=0x555555ff0650) = 5069 [pid 5069] set_robust_list(0x555555ff0660, 24) = 0 [pid 5069] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5069] setpgid(0, 0) = 0 [pid 5069] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5069] write(3, "1000", 4) = 4 [pid 5069] close(3) = 0 [pid 5069] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5069] ioctl(3, TIOCSETD, [21]) = 0 [pid 5069] write(3, NULL, 0) = 0 [pid 5069] exit_group(0) = ? [pid 5069] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5069, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5070 ./strace-static-x86_64: Process 5070 attached [pid 5070] set_robust_list(0x555555ff0660, 24) = 0 [pid 5070] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5070] setpgid(0, 0) = 0 [pid 5070] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5070] write(3, "1000", 4) = 4 [pid 5070] close(3) = 0 [pid 5070] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5070] ioctl(3, TIOCSETD, [21]) = 0 [pid 5070] write(3, NULL, 0) = 0 [pid 5070] exit_group(0) = ? [pid 5070] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5070, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5071 ./strace-static-x86_64: Process 5071 attached [pid 5071] set_robust_list(0x555555ff0660, 24) = 0 [pid 5071] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5071] setpgid(0, 0) = 0 [pid 5071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5071] write(3, "1000", 4) = 4 [pid 5071] close(3) = 0 [pid 5071] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5071] ioctl(3, TIOCSETD, [21]) = 0 [pid 5071] write(3, NULL, 0) = 0 [pid 5071] exit_group(0) = ? [pid 5071] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5071, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5072 attached , child_tidptr=0x555555ff0650) = 5072 [pid 5072] set_robust_list(0x555555ff0660, 24) = 0 [pid 5072] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5072] setpgid(0, 0) = 0 [pid 5072] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] write(3, "1000", 4) = 4 [pid 5072] close(3) = 0 [pid 5072] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5072] ioctl(3, TIOCSETD, [21]) = 0 [pid 5072] write(3, NULL, 0) = 0 [pid 5072] exit_group(0) = ? [pid 5072] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5072, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5073 attached , child_tidptr=0x555555ff0650) = 5073 [pid 5073] set_robust_list(0x555555ff0660, 24) = 0 [pid 5073] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] setpgid(0, 0) = 0 [pid 5073] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5073] write(3, "1000", 4) = 4 [pid 5073] close(3) = 0 [pid 5073] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5073] ioctl(3, TIOCSETD, [21]) = 0 [pid 5073] write(3, NULL, 0) = 0 [pid 5073] exit_group(0) = ? [pid 5073] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5073, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5074 attached , child_tidptr=0x555555ff0650) = 5074 [pid 5074] set_robust_list(0x555555ff0660, 24) = 0 [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5074] setpgid(0, 0) = 0 [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5074] write(3, "1000", 4) = 4 [pid 5074] close(3) = 0 [pid 5074] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5074] ioctl(3, TIOCSETD, [21]) = 0 [ 101.799261][ T5074] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 101.808705][ T5074] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5074, name: syz-executor150 [ 101.818195][ T5074] preempt_count: 1, expected: 0 [ 101.823063][ T5074] RCU nest depth: 0, expected: 0 [ 101.828017][ T5074] 3 locks held by syz-executor150/5074: [ 101.833570][ T5074] #0: ffff88807e7490a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 101.843360][ T5074] #1: ffff88807e749130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 101.854716][ T5074] #2: ffff88807e7cd3e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 101.863831][ T5074] irq event stamp: 1286 [ 101.867990][ T5074] hardirqs last enabled at (1285): [] _raw_spin_unlock_irq+0x23/0x50 [ 101.877731][ T5074] hardirqs last disabled at (1286): [] _raw_spin_lock_irqsave+0x52/0x60 [ 101.887761][ T5074] softirqs last enabled at (1136): [] __do_softirq+0x596/0x8de [ 101.896987][ T5074] softirqs last disabled at (1105): [] irq_exit_rcu+0xb9/0x120 [ 101.906213][ T5074] Preemption disabled at: [ 101.906224][ T5074] [<0000000000000000>] 0x0 [ 101.914976][ T5074] CPU: 1 PID: 5074 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 101.926277][ T5074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 101.936366][ T5074] Call Trace: [ 101.939660][ T5074] [ 101.942621][ T5074] dump_stack_lvl+0xd9/0x1b0 [ 101.947242][ T5074] __might_resched+0x3c0/0x5e0 [ 101.952049][ T5074] ? __pfx___might_resched+0x10/0x10 [ 101.957357][ T5074] ? __pfx___lock_acquire+0x10/0x10 [ 101.962595][ T5074] console_lock+0x34/0x150 [ 101.967045][ T5074] do_con_write+0x149/0x7f50 [ 101.971674][ T5074] ? __might_fault+0x13b/0x190 [ 101.976469][ T5074] ? __pfx___lock_acquire+0x10/0x10 [ 101.981701][ T5074] ? __pfx___might_resched+0x10/0x10 [ 101.987012][ T5074] ? __pfx_do_con_write+0x10/0x10 [ 101.992067][ T5074] ? lock_acquire+0x1b1/0x540 [ 101.996781][ T5074] ? __pfx_lock_acquire+0x10/0x10 [ 102.001835][ T5074] ? do_raw_spin_lock+0x12d/0x2c0 [ 102.006879][ T5074] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 102.012282][ T5074] con_write+0x23/0xc0 [ 102.016396][ T5074] gsmld_write+0xd2/0x150 [ 102.020784][ T5074] ? __pfx_gsmld_write+0x10/0x10 [ 102.025767][ T5074] file_tty_write.constprop.0+0x518/0x9b0 [ 102.031524][ T5074] vfs_write+0x6db/0x1100 [ 102.035901][ T5074] ? __pfx_vfs_write+0x10/0x10 [ 102.040750][ T5074] ? find_held_lock+0x2d/0x110 [ 102.045554][ T5074] ? __pfx_lock_release+0x10/0x10 [ 102.050610][ T5074] ? __fget_light+0x176/0x210 [ 102.055320][ T5074] ksys_write+0x12f/0x260 [ 102.059688][ T5074] ? __pfx_ksys_write+0x10/0x10 [ 102.064567][ T5074] ? lockdep_hardirqs_on+0x7c/0x110 [ 102.069810][ T5074] ? _raw_spin_unlock_irq+0x2e/0x50 [ 102.075031][ T5074] ? ptrace_notify+0xf1/0x130 [ 102.079762][ T5074] do_syscall_64+0xd2/0x260 [ 102.084334][ T5074] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 102.090254][ T5074] RIP: 0033:0x7f27370f1cb9 [ 102.094685][ T5074] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 102.114330][ T5074] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 102.122790][ T5074] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 102.130779][ T5074] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 102.138766][ T5074] RBP: 0000000000018d43 R08: 0000000000000006 R09: 0000000000000006 [pid 5074] write(3, NULL, 0) = 0 [pid 5074] exit_group(0) = ? [pid 5074] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5075 attached , child_tidptr=0x555555ff0650) = 5075 [pid 5075] set_robust_list(0x555555ff0660, 24) = 0 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5075] setpgid(0, 0) = 0 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 102.146754][ T5074] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 102.154738][ T5074] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 102.162740][ T5074] [pid 5075] write(3, "1000", 4) = 4 [pid 5075] close(3) = 0 [pid 5075] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5075] ioctl(3, TIOCSETD, [21]) = 0 [pid 5075] write(3, NULL, 0) = 0 [pid 5075] exit_group(0) = ? [pid 5075] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5076 attached , child_tidptr=0x555555ff0650) = 5076 [pid 5076] set_robust_list(0x555555ff0660, 24) = 0 [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5076] setpgid(0, 0) = 0 [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5076] write(3, "1000", 4) = 4 [pid 5076] close(3) = 0 [pid 5076] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5076] ioctl(3, TIOCSETD, [21]) = 0 [pid 5076] write(3, NULL, 0) = 0 [pid 5076] exit_group(0) = ? [pid 5076] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5077 attached , child_tidptr=0x555555ff0650) = 5077 [pid 5077] set_robust_list(0x555555ff0660, 24) = 0 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] setpgid(0, 0) = 0 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5077] write(3, "1000", 4) = 4 [pid 5077] close(3) = 0 [pid 5077] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5077] ioctl(3, TIOCSETD, [21]) = 0 [pid 5077] write(3, NULL, 0) = 0 [pid 5077] exit_group(0) = ? [pid 5077] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5078 attached , child_tidptr=0x555555ff0650) = 5078 [pid 5078] set_robust_list(0x555555ff0660, 24) = 0 [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5078] setpgid(0, 0) = 0 [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5078] write(3, "1000", 4) = 4 [pid 5078] close(3) = 0 [pid 5078] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5078] ioctl(3, TIOCSETD, [21]) = 0 [pid 5078] write(3, NULL, 0) = 0 [pid 5078] exit_group(0) = ? [pid 5078] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5079 attached , child_tidptr=0x555555ff0650) = 5079 [pid 5079] set_robust_list(0x555555ff0660, 24) = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5079] setpgid(0, 0) = 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5079] write(3, "1000", 4) = 4 [pid 5079] close(3) = 0 [pid 5079] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5079] ioctl(3, TIOCSETD, [21]) = 0 [pid 5079] write(3, NULL, 0) = 0 [pid 5079] exit_group(0) = ? [pid 5079] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5080 attached , child_tidptr=0x555555ff0650) = 5080 [pid 5080] set_robust_list(0x555555ff0660, 24) = 0 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] setpgid(0, 0) = 0 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5080] write(3, "1000", 4) = 4 [pid 5080] close(3) = 0 [pid 5080] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5080] ioctl(3, TIOCSETD, [21]) = 0 [pid 5080] write(3, NULL, 0) = 0 [pid 5080] exit_group(0) = ? [pid 5080] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5081 attached , child_tidptr=0x555555ff0650) = 5081 [pid 5081] set_robust_list(0x555555ff0660, 24) = 0 [pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5081] setpgid(0, 0) = 0 [pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5081] write(3, "1000", 4) = 4 [pid 5081] close(3) = 0 [pid 5081] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [ 102.581108][ T781] cfg80211: failed to load regulatory.db [pid 5081] ioctl(3, TIOCSETD, [21]) = 0 [pid 5081] write(3, NULL, 0) = 0 [pid 5081] exit_group(0) = ? [pid 5081] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5082 attached , child_tidptr=0x555555ff0650) = 5082 [pid 5082] set_robust_list(0x555555ff0660, 24) = 0 [pid 5082] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5082] setpgid(0, 0) = 0 [pid 5082] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5082] write(3, "1000", 4) = 4 [pid 5082] close(3) = 0 [pid 5082] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5082] ioctl(3, TIOCSETD, [21]) = 0 [pid 5082] write(3, NULL, 0) = 0 [pid 5082] exit_group(0) = ? [pid 5082] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5082, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5083 ./strace-static-x86_64: Process 5083 attached [pid 5083] set_robust_list(0x555555ff0660, 24) = 0 [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5083] setpgid(0, 0) = 0 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5083] write(3, "1000", 4) = 4 [pid 5083] close(3) = 0 [pid 5083] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5083] ioctl(3, TIOCSETD, [21]) = 0 [pid 5083] write(3, NULL, 0) = 0 [pid 5083] exit_group(0) = ? [pid 5083] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5084 attached , child_tidptr=0x555555ff0650) = 5084 [pid 5084] set_robust_list(0x555555ff0660, 24) = 0 [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5084] setpgid(0, 0) = 0 [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5084] write(3, "1000", 4) = 4 [pid 5084] close(3) = 0 [pid 5084] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5084] ioctl(3, TIOCSETD, [21]) = 0 [ 102.844275][ T5084] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 102.853714][ T5084] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5084, name: syz-executor150 [ 102.863188][ T5084] preempt_count: 1, expected: 0 [ 102.868042][ T5084] RCU nest depth: 0, expected: 0 [ 102.872984][ T5084] 3 locks held by syz-executor150/5084: [ 102.878537][ T5084] #0: ffff888025fa60a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 102.888466][ T5084] #1: ffff888025fa6130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 102.899836][ T5084] #2: ffff888022c083e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 102.908968][ T5084] irq event stamp: 1106 [ 102.913179][ T5084] hardirqs last enabled at (1105): [] _raw_spin_unlock_irq+0x23/0x50 [ 102.922936][ T5084] hardirqs last disabled at (1106): [] _raw_spin_lock_irqsave+0x52/0x60 [ 102.932866][ T5084] softirqs last enabled at (348): [] __do_softirq+0x596/0x8de [ 102.942015][ T5084] softirqs last disabled at (333): [] irq_exit_rcu+0xb9/0x120 [ 102.951085][ T5084] Preemption disabled at: [ 102.951097][ T5084] [<0000000000000000>] 0x0 [ 102.959869][ T5084] CPU: 0 PID: 5084 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 102.970914][ T5084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 102.980988][ T5084] Call Trace: [ 102.984288][ T5084] [ 102.987235][ T5084] dump_stack_lvl+0xd9/0x1b0 [ 102.991865][ T5084] __might_resched+0x3c0/0x5e0 [ 102.996659][ T5084] ? __pfx___might_resched+0x10/0x10 [ 103.001971][ T5084] ? __pfx___lock_acquire+0x10/0x10 [ 103.007216][ T5084] console_lock+0x34/0x150 [ 103.011679][ T5084] do_con_write+0x149/0x7f50 [ 103.016326][ T5084] ? __might_fault+0x13b/0x190 [ 103.021131][ T5084] ? __pfx___lock_acquire+0x10/0x10 [ 103.026373][ T5084] ? __pfx___might_resched+0x10/0x10 [ 103.031691][ T5084] ? __pfx_do_con_write+0x10/0x10 [ 103.036812][ T5084] ? lock_acquire+0x1b1/0x540 [ 103.041575][ T5084] ? __pfx_lock_acquire+0x10/0x10 [ 103.046652][ T5084] ? do_raw_spin_lock+0x12d/0x2c0 [ 103.051721][ T5084] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 103.057157][ T5084] con_write+0x23/0xc0 [ 103.061293][ T5084] gsmld_write+0xd2/0x150 [ 103.065671][ T5084] ? __pfx_gsmld_write+0x10/0x10 [ 103.070665][ T5084] file_tty_write.constprop.0+0x518/0x9b0 [ 103.076457][ T5084] vfs_write+0x6db/0x1100 [ 103.080844][ T5084] ? __pfx_vfs_write+0x10/0x10 [ 103.085659][ T5084] ? find_held_lock+0x2d/0x110 [ 103.090464][ T5084] ? __pfx_lock_release+0x10/0x10 [ 103.095526][ T5084] ? __fget_light+0x176/0x210 [ 103.100248][ T5084] ksys_write+0x12f/0x260 [ 103.104641][ T5084] ? __pfx_ksys_write+0x10/0x10 [ 103.109560][ T5084] ? lockdep_hardirqs_on+0x7c/0x110 [ 103.114830][ T5084] ? _raw_spin_unlock_irq+0x2e/0x50 [ 103.120082][ T5084] ? ptrace_notify+0xf1/0x130 [ 103.124807][ T5084] do_syscall_64+0xd2/0x260 [ 103.129361][ T5084] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 103.135300][ T5084] RIP: 0033:0x7f27370f1cb9 [ 103.139742][ T5084] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 103.159495][ T5084] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 103.167955][ T5084] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 103.175954][ T5084] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 103.183971][ T5084] RBP: 000000000001913c R08: 0000000000000006 R09: 0000000000000006 [pid 5084] write(3, NULL, 0) = 0 [pid 5084] exit_group(0) = ? [pid 5084] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5085 attached , child_tidptr=0x555555ff0650) = 5085 [pid 5085] set_robust_list(0x555555ff0660, 24) = 0 [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 103.191971][ T5084] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 103.199969][ T5084] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 103.208075][ T5084] [pid 5085] setpgid(0, 0) = 0 [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5085] write(3, "1000", 4) = 4 [pid 5085] close(3) = 0 [pid 5085] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5085] ioctl(3, TIOCSETD, [21]) = 0 [pid 5085] write(3, NULL, 0) = 0 [pid 5085] exit_group(0) = ? [pid 5085] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5086 ./strace-static-x86_64: Process 5086 attached [pid 5086] set_robust_list(0x555555ff0660, 24) = 0 [pid 5086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5086] setpgid(0, 0) = 0 [pid 5086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5086] write(3, "1000", 4) = 4 [pid 5086] close(3) = 0 [pid 5086] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5086] ioctl(3, TIOCSETD, [21]) = 0 [pid 5086] write(3, NULL, 0) = 0 [pid 5086] exit_group(0) = ? [pid 5086] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5086, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5087 attached , child_tidptr=0x555555ff0650) = 5087 [pid 5087] set_robust_list(0x555555ff0660, 24) = 0 [pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5087] setpgid(0, 0) = 0 [pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5087] write(3, "1000", 4) = 4 [pid 5087] close(3) = 0 [pid 5087] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5087] ioctl(3, TIOCSETD, [21]) = 0 [pid 5087] write(3, NULL, 0) = 0 [pid 5087] exit_group(0) = ? [pid 5087] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5088 attached , child_tidptr=0x555555ff0650) = 5088 [pid 5088] set_robust_list(0x555555ff0660, 24) = 0 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5088] setpgid(0, 0) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5088] write(3, "1000", 4) = 4 [pid 5088] close(3) = 0 [pid 5088] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5088] ioctl(3, TIOCSETD, [21]) = 0 [pid 5088] write(3, NULL, 0) = 0 [pid 5088] exit_group(0) = ? [pid 5088] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5089 attached , child_tidptr=0x555555ff0650) = 5089 [pid 5089] set_robust_list(0x555555ff0660, 24) = 0 [pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5089] setpgid(0, 0) = 0 [pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] write(3, "1000", 4) = 4 [pid 5089] close(3) = 0 [pid 5089] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5089] ioctl(3, TIOCSETD, [21]) = 0 [pid 5089] write(3, NULL, 0) = 0 [pid 5089] exit_group(0) = ? [pid 5089] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5090 attached , child_tidptr=0x555555ff0650) = 5090 [pid 5090] set_robust_list(0x555555ff0660, 24) = 0 [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5090] setpgid(0, 0) = 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5090] write(3, "1000", 4) = 4 [pid 5090] close(3) = 0 [pid 5090] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5090] ioctl(3, TIOCSETD, [21]) = 0 [pid 5090] write(3, NULL, 0) = 0 [pid 5090] exit_group(0) = ? [pid 5090] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5091 attached , child_tidptr=0x555555ff0650) = 5091 [pid 5091] set_robust_list(0x555555ff0660, 24) = 0 [pid 5091] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5091] setpgid(0, 0) = 0 [pid 5091] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5091] write(3, "1000", 4) = 4 [pid 5091] close(3) = 0 [pid 5091] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5091] ioctl(3, TIOCSETD, [21]) = 0 [pid 5091] write(3, NULL, 0) = 0 [pid 5091] exit_group(0) = ? [pid 5091] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5091, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5092 ./strace-static-x86_64: Process 5092 attached [pid 5092] set_robust_list(0x555555ff0660, 24) = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5092] setpgid(0, 0) = 0 [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5092] write(3, "1000", 4) = 4 [pid 5092] close(3) = 0 [pid 5092] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5092] ioctl(3, TIOCSETD, [21]) = 0 [ 103.850868][ T5092] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 103.860308][ T5092] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5092, name: syz-executor150 [ 103.870488][ T5092] preempt_count: 1, expected: 0 [ 103.875347][ T5092] RCU nest depth: 0, expected: 0 [ 103.880289][ T5092] 3 locks held by syz-executor150/5092: [ 103.885839][ T5092] #0: ffff88807a8a90a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 103.895639][ T5092] #1: ffff88807a8a9130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 103.907014][ T5092] #2: ffff88807b7b53e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 103.916117][ T5092] irq event stamp: 1310 [ 103.920281][ T5092] hardirqs last enabled at (1309): [] _raw_spin_unlock_irq+0x23/0x50 [ 103.930033][ T5092] hardirqs last disabled at (1310): [] _raw_spin_lock_irqsave+0x52/0x60 [ 103.939972][ T5092] softirqs last enabled at (1256): [] __do_softirq+0x596/0x8de [ 103.949201][ T5092] softirqs last disabled at (1225): [] irq_exit_rcu+0xb9/0x120 [ 103.958349][ T5092] Preemption disabled at: [ 103.958360][ T5092] [<0000000000000000>] 0x0 [ 103.967121][ T5092] CPU: 0 PID: 5092 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 103.978174][ T5092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 103.988247][ T5092] Call Trace: [ 103.991545][ T5092] [ 103.994498][ T5092] dump_stack_lvl+0xd9/0x1b0 [ 103.999134][ T5092] __might_resched+0x3c0/0x5e0 [ 104.004016][ T5092] ? __pfx___might_resched+0x10/0x10 [ 104.009329][ T5092] ? __pfx___lock_acquire+0x10/0x10 [ 104.014587][ T5092] console_lock+0x34/0x150 [ 104.019222][ T5092] do_con_write+0x149/0x7f50 [ 104.023863][ T5092] ? __might_fault+0x13b/0x190 [ 104.028663][ T5092] ? __pfx___lock_acquire+0x10/0x10 [ 104.033915][ T5092] ? __pfx___might_resched+0x10/0x10 [ 104.039406][ T5092] ? __pfx_do_con_write+0x10/0x10 [ 104.044473][ T5092] ? lock_acquire+0x1b1/0x540 [ 104.049198][ T5092] ? __pfx_lock_acquire+0x10/0x10 [ 104.054265][ T5092] ? do_raw_spin_lock+0x12d/0x2c0 [ 104.059430][ T5092] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 104.064861][ T5092] con_write+0x23/0xc0 [ 104.068983][ T5092] gsmld_write+0xd2/0x150 [ 104.073379][ T5092] ? __pfx_gsmld_write+0x10/0x10 [ 104.078365][ T5092] file_tty_write.constprop.0+0x518/0x9b0 [ 104.084146][ T5092] vfs_write+0x6db/0x1100 [ 104.088633][ T5092] ? __pfx_vfs_write+0x10/0x10 [ 104.093445][ T5092] ? find_held_lock+0x2d/0x110 [ 104.098251][ T5092] ? __pfx_lock_release+0x10/0x10 [ 104.103315][ T5092] ? __fget_light+0x176/0x210 [ 104.108036][ T5092] ksys_write+0x12f/0x260 [ 104.112410][ T5092] ? __pfx_ksys_write+0x10/0x10 [ 104.117302][ T5092] ? lockdep_hardirqs_on+0x7c/0x110 [ 104.122539][ T5092] ? _raw_spin_unlock_irq+0x2e/0x50 [ 104.127769][ T5092] ? ptrace_notify+0xf1/0x130 [ 104.132487][ T5092] do_syscall_64+0xd2/0x260 [ 104.137036][ T5092] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 104.142966][ T5092] RIP: 0033:0x7f27370f1cb9 [ 104.147403][ T5092] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 104.167038][ T5092] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 104.175480][ T5092] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 104.183491][ T5092] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 104.191486][ T5092] RBP: 000000000001950e R08: 0000000000000006 R09: 0000000000000006 [pid 5092] write(3, NULL, 0) = 0 [pid 5092] exit_group(0) = ? [pid 5092] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5093 attached , child_tidptr=0x555555ff0650) = 5093 [pid 5093] set_robust_list(0x555555ff0660, 24) = 0 [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5093] setpgid(0, 0) = 0 [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5093] write(3, "1000", 4) = 4 [pid 5093] close(3) = 0 [ 104.199479][ T5092] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 104.207476][ T5092] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 104.215497][ T5092] [pid 5093] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5093] ioctl(3, TIOCSETD, [21]) = 0 [pid 5093] write(3, NULL, 0) = 0 [pid 5093] exit_group(0) = ? [pid 5093] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5094 attached , child_tidptr=0x555555ff0650) = 5094 [pid 5094] set_robust_list(0x555555ff0660, 24) = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5094] setpgid(0, 0) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5094] write(3, "1000", 4) = 4 [pid 5094] close(3) = 0 [pid 5094] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5094] ioctl(3, TIOCSETD, [21]) = 0 [pid 5094] write(3, NULL, 0) = 0 [pid 5094] exit_group(0) = ? [pid 5094] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5095 attached , child_tidptr=0x555555ff0650) = 5095 [pid 5095] set_robust_list(0x555555ff0660, 24) = 0 [pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5095] setpgid(0, 0) = 0 [pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5095] write(3, "1000", 4) = 4 [pid 5095] close(3) = 0 [pid 5095] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5095] ioctl(3, TIOCSETD, [21]) = 0 [pid 5095] write(3, NULL, 0) = 0 [pid 5095] exit_group(0) = ? [pid 5095] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5096 attached , child_tidptr=0x555555ff0650) = 5096 [pid 5096] set_robust_list(0x555555ff0660, 24) = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5096] setpgid(0, 0) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5096] write(3, "1000", 4) = 4 [pid 5096] close(3) = 0 [pid 5096] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5096] ioctl(3, TIOCSETD, [21]) = 0 [pid 5096] write(3, NULL, 0) = 0 [pid 5096] exit_group(0) = ? [pid 5096] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5097 attached , child_tidptr=0x555555ff0650) = 5097 [pid 5097] set_robust_list(0x555555ff0660, 24) = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5097] setpgid(0, 0) = 0 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5097] write(3, "1000", 4) = 4 [pid 5097] close(3) = 0 [pid 5097] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5097] ioctl(3, TIOCSETD, [21]) = 0 [pid 5097] write(3, NULL, 0) = 0 [pid 5097] exit_group(0) = ? [pid 5097] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5098 attached , child_tidptr=0x555555ff0650) = 5098 [pid 5098] set_robust_list(0x555555ff0660, 24) = 0 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5098] setpgid(0, 0) = 0 [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5098] write(3, "1000", 4) = 4 [pid 5098] close(3) = 0 [pid 5098] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5098] ioctl(3, TIOCSETD, [21]) = 0 [pid 5098] write(3, NULL, 0) = 0 [pid 5098] exit_group(0) = ? [pid 5098] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5099 attached , child_tidptr=0x555555ff0650) = 5099 [pid 5099] set_robust_list(0x555555ff0660, 24) = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5099] setpgid(0, 0) = 0 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5099] write(3, "1000", 4) = 4 [pid 5099] close(3) = 0 [pid 5099] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5099] ioctl(3, TIOCSETD, [21]) = 0 [pid 5099] write(3, NULL, 0) = 0 [pid 5099] exit_group(0) = ? [pid 5099] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5100 attached , child_tidptr=0x555555ff0650) = 5100 [pid 5100] set_robust_list(0x555555ff0660, 24) = 0 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5100] setpgid(0, 0) = 0 [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5100] write(3, "1000", 4) = 4 [pid 5100] close(3) = 0 [pid 5100] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5100] ioctl(3, TIOCSETD, [21]) = 0 [pid 5100] write(3, NULL, 0) = 0 [pid 5100] exit_group(0) = ? [pid 5100] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5101 attached , child_tidptr=0x555555ff0650) = 5101 [pid 5101] set_robust_list(0x555555ff0660, 24) = 0 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5101] setpgid(0, 0) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5101] write(3, "1000", 4) = 4 [pid 5101] close(3) = 0 [pid 5101] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5101] ioctl(3, TIOCSETD, [21]) = 0 [pid 5101] write(3, NULL, 0) = 0 [pid 5101] exit_group(0) = ? [pid 5101] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5102 attached , child_tidptr=0x555555ff0650) = 5102 [pid 5102] set_robust_list(0x555555ff0660, 24) = 0 [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5102] setpgid(0, 0) = 0 [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5102] write(3, "1000", 4) = 4 [pid 5102] close(3) = 0 [pid 5102] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5102] ioctl(3, TIOCSETD, [21]) = 0 [ 104.920577][ T5102] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 104.930030][ T5102] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5102, name: syz-executor150 [ 104.939509][ T5102] preempt_count: 1, expected: 0 [ 104.944363][ T5102] RCU nest depth: 0, expected: 0 [ 104.949308][ T5102] 3 locks held by syz-executor150/5102: [ 104.954883][ T5102] #0: ffff888025ff20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 104.964672][ T5102] #1: ffff888025ff2130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 104.976026][ T5102] #2: ffff888074f473e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 104.985124][ T5102] irq event stamp: 1182 [ 104.989286][ T5102] hardirqs last enabled at (1181): [] _raw_spin_unlock_irq+0x23/0x50 [ 104.999034][ T5102] hardirqs last disabled at (1182): [] _raw_spin_lock_irqsave+0x52/0x60 [ 105.008954][ T5102] softirqs last enabled at (624): [] __do_softirq+0x596/0x8de [ 105.018112][ T5102] softirqs last disabled at (593): [] irq_exit_rcu+0xb9/0x120 [ 105.027164][ T5102] Preemption disabled at: [ 105.027174][ T5102] [<0000000000000000>] 0x0 [ 105.035939][ T5102] CPU: 0 PID: 5102 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 105.046984][ T5102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 105.057061][ T5102] Call Trace: [ 105.060359][ T5102] [ 105.063321][ T5102] dump_stack_lvl+0xd9/0x1b0 [ 105.067951][ T5102] __might_resched+0x3c0/0x5e0 [ 105.072768][ T5102] ? __pfx___might_resched+0x10/0x10 [ 105.078084][ T5102] ? __pfx___lock_acquire+0x10/0x10 [ 105.083332][ T5102] console_lock+0x34/0x150 [ 105.087862][ T5102] do_con_write+0x149/0x7f50 [ 105.092544][ T5102] ? __might_fault+0x13b/0x190 [ 105.097368][ T5102] ? __pfx___lock_acquire+0x10/0x10 [ 105.102636][ T5102] ? __pfx___might_resched+0x10/0x10 [ 105.107968][ T5102] ? __pfx_do_con_write+0x10/0x10 [ 105.113037][ T5102] ? lock_acquire+0x1b1/0x540 [ 105.117764][ T5102] ? __pfx_lock_acquire+0x10/0x10 [ 105.122833][ T5102] ? do_raw_spin_lock+0x12d/0x2c0 [ 105.127886][ T5102] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 105.133296][ T5102] con_write+0x23/0xc0 [ 105.137414][ T5102] gsmld_write+0xd2/0x150 [ 105.141776][ T5102] ? __pfx_gsmld_write+0x10/0x10 [ 105.146748][ T5102] file_tty_write.constprop.0+0x518/0x9b0 [ 105.152512][ T5102] vfs_write+0x6db/0x1100 [ 105.157004][ T5102] ? __pfx_vfs_write+0x10/0x10 [ 105.161822][ T5102] ? find_held_lock+0x2d/0x110 [ 105.166629][ T5102] ? __pfx_lock_release+0x10/0x10 [ 105.171721][ T5102] ? __fget_light+0x176/0x210 [ 105.176460][ T5102] ksys_write+0x12f/0x260 [ 105.180843][ T5102] ? __pfx_ksys_write+0x10/0x10 [ 105.185755][ T5102] ? lockdep_hardirqs_on+0x7c/0x110 [ 105.191110][ T5102] ? _raw_spin_unlock_irq+0x2e/0x50 [ 105.196351][ T5102] ? ptrace_notify+0xf1/0x130 [ 105.201171][ T5102] do_syscall_64+0xd2/0x260 [ 105.205730][ T5102] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 105.211674][ T5102] RIP: 0033:0x7f27370f1cb9 [ 105.216379][ T5102] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 105.236035][ T5102] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 105.244578][ T5102] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 105.252596][ T5102] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 105.260607][ T5102] RBP: 000000000001993e R08: 0000000000000006 R09: 0000000000000006 [pid 5102] write(3, NULL, 0) = 0 [pid 5102] exit_group(0) = ? [pid 5102] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5103 attached , child_tidptr=0x555555ff0650) = 5103 [pid 5103] set_robust_list(0x555555ff0660, 24) = 0 [ 105.268619][ T5102] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 105.276629][ T5102] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 105.284661][ T5102] [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5103] setpgid(0, 0) = 0 [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5103] write(3, "1000", 4) = 4 [pid 5103] close(3) = 0 [pid 5103] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5103] ioctl(3, TIOCSETD, [21]) = 0 [pid 5103] write(3, NULL, 0) = 0 [pid 5103] exit_group(0) = ? [pid 5103] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5104 attached , child_tidptr=0x555555ff0650) = 5104 [pid 5104] set_robust_list(0x555555ff0660, 24) = 0 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5104] setpgid(0, 0) = 0 [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5104] write(3, "1000", 4) = 4 [pid 5104] close(3) = 0 [pid 5104] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5104] ioctl(3, TIOCSETD, [21]) = 0 [pid 5104] write(3, NULL, 0) = 0 [pid 5104] exit_group(0) = ? [pid 5104] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5105 attached , child_tidptr=0x555555ff0650) = 5105 [pid 5105] set_robust_list(0x555555ff0660, 24) = 0 [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5105] setpgid(0, 0) = 0 [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5105] write(3, "1000", 4) = 4 [pid 5105] close(3) = 0 [pid 5105] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5105] ioctl(3, TIOCSETD, [21]) = 0 [pid 5105] write(3, NULL, 0) = 0 [pid 5105] exit_group(0) = ? [pid 5105] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5106 attached , child_tidptr=0x555555ff0650) = 5106 [pid 5106] set_robust_list(0x555555ff0660, 24) = 0 [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5106] setpgid(0, 0) = 0 [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5106] write(3, "1000", 4) = 4 [pid 5106] close(3) = 0 [pid 5106] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5106] ioctl(3, TIOCSETD, [21]) = 0 [pid 5106] write(3, NULL, 0) = 0 [pid 5106] exit_group(0) = ? [pid 5106] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5107 attached , child_tidptr=0x555555ff0650) = 5107 [pid 5107] set_robust_list(0x555555ff0660, 24) = 0 [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5107] setpgid(0, 0) = 0 [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5107] write(3, "1000", 4) = 4 [pid 5107] close(3) = 0 [pid 5107] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5107] ioctl(3, TIOCSETD, [21]) = 0 [pid 5107] write(3, NULL, 0) = 0 [pid 5107] exit_group(0) = ? [pid 5107] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5108 attached , child_tidptr=0x555555ff0650) = 5108 [pid 5108] set_robust_list(0x555555ff0660, 24) = 0 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5108] setpgid(0, 0) = 0 [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5108] write(3, "1000", 4) = 4 [pid 5108] close(3) = 0 [pid 5108] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5108] ioctl(3, TIOCSETD, [21]) = 0 [pid 5108] write(3, NULL, 0) = 0 [pid 5108] exit_group(0) = ? [pid 5108] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5110 attached , child_tidptr=0x555555ff0650) = 5110 [pid 5110] set_robust_list(0x555555ff0660, 24) = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5110] setpgid(0, 0) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5110] write(3, "1000", 4) = 4 [pid 5110] close(3) = 0 [pid 5110] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5110] ioctl(3, TIOCSETD, [21]) = 0 [pid 5110] write(3, NULL, 0) = 0 [pid 5110] exit_group(0) = ? [pid 5110] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5111 attached , child_tidptr=0x555555ff0650) = 5111 [pid 5111] set_robust_list(0x555555ff0660, 24) = 0 [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5111] setpgid(0, 0) = 0 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5111] write(3, "1000", 4) = 4 [pid 5111] close(3) = 0 [pid 5111] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5111] ioctl(3, TIOCSETD, [21]) = 0 [ 105.989846][ T5111] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 105.999297][ T5111] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5111, name: syz-executor150 [ 106.008970][ T5111] preempt_count: 1, expected: 0 [ 106.013851][ T5111] RCU nest depth: 0, expected: 0 [ 106.018806][ T5111] 3 locks held by syz-executor150/5111: [ 106.024376][ T5111] #0: ffff8880291380a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 106.034279][ T5111] #1: ffff888029138130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 106.045739][ T5111] #2: ffff8880283083e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 106.054859][ T5111] irq event stamp: 1158 [ 106.059026][ T5111] hardirqs last enabled at (1157): [] _raw_spin_unlock_irq+0x23/0x50 [ 106.068956][ T5111] hardirqs last disabled at (1158): [] _raw_spin_lock_irqsave+0x52/0x60 [ 106.078907][ T5111] softirqs last enabled at (98): [] __do_softirq+0x596/0x8de [ 106.087990][ T5111] softirqs last disabled at (55): [] irq_exit_rcu+0xb9/0x120 [ 106.096960][ T5111] Preemption disabled at: [ 106.096971][ T5111] [<0000000000000000>] 0x0 [ 106.105735][ T5111] CPU: 0 PID: 5111 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 106.116797][ T5111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 106.126892][ T5111] Call Trace: [ 106.130227][ T5111] [ 106.133180][ T5111] dump_stack_lvl+0xd9/0x1b0 [ 106.137810][ T5111] __might_resched+0x3c0/0x5e0 [ 106.142609][ T5111] ? __pfx___might_resched+0x10/0x10 [ 106.147921][ T5111] ? __pfx___lock_acquire+0x10/0x10 [ 106.153167][ T5111] console_lock+0x34/0x150 [ 106.157627][ T5111] do_con_write+0x149/0x7f50 [ 106.162263][ T5111] ? __might_fault+0x13b/0x190 [ 106.167066][ T5111] ? __pfx___lock_acquire+0x10/0x10 [ 106.172311][ T5111] ? __pfx___might_resched+0x10/0x10 [ 106.177627][ T5111] ? __pfx_do_con_write+0x10/0x10 [ 106.182689][ T5111] ? lock_acquire+0x1b1/0x540 [ 106.187417][ T5111] ? __pfx_lock_acquire+0x10/0x10 [ 106.192487][ T5111] ? do_raw_spin_lock+0x12d/0x2c0 [ 106.197540][ T5111] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 106.202958][ T5111] con_write+0x23/0xc0 [ 106.207064][ T5111] gsmld_write+0xd2/0x150 [ 106.211424][ T5111] ? __pfx_gsmld_write+0x10/0x10 [ 106.216398][ T5111] file_tty_write.constprop.0+0x518/0x9b0 [ 106.222167][ T5111] vfs_write+0x6db/0x1100 [ 106.226559][ T5111] ? __pfx_vfs_write+0x10/0x10 [ 106.231370][ T5111] ? find_held_lock+0x2d/0x110 [ 106.236170][ T5111] ? __pfx_lock_release+0x10/0x10 [ 106.241232][ T5111] ? __fget_light+0x176/0x210 [ 106.245958][ T5111] ksys_write+0x12f/0x260 [ 106.250328][ T5111] ? __pfx_ksys_write+0x10/0x10 [ 106.255221][ T5111] ? lockdep_hardirqs_on+0x7c/0x110 [ 106.260468][ T5111] ? _raw_spin_unlock_irq+0x2e/0x50 [ 106.265695][ T5111] ? ptrace_notify+0xf1/0x130 [ 106.270423][ T5111] do_syscall_64+0xd2/0x260 [ 106.274969][ T5111] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 106.280899][ T5111] RIP: 0033:0x7f27370f1cb9 [ 106.285338][ T5111] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 106.304973][ T5111] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 106.313416][ T5111] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 106.321406][ T5111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 106.329400][ T5111] RBP: 0000000000019d35 R08: 0000000000000006 R09: 0000000000000006 [pid 5111] write(3, NULL, 0) = 0 [pid 5111] exit_group(0) = ? [pid 5111] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5112 attached , child_tidptr=0x555555ff0650) = 5112 [ 106.337390][ T5111] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 106.345383][ T5111] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 106.353404][ T5111] [pid 5112] set_robust_list(0x555555ff0660, 24) = 0 [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5112] setpgid(0, 0) = 0 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5112] write(3, "1000", 4) = 4 [pid 5112] close(3) = 0 [pid 5112] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5112] ioctl(3, TIOCSETD, [21]) = 0 [pid 5112] write(3, NULL, 0) = 0 [pid 5112] exit_group(0) = ? [pid 5112] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5113 attached , child_tidptr=0x555555ff0650) = 5113 [pid 5113] set_robust_list(0x555555ff0660, 24) = 0 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5113] setpgid(0, 0) = 0 [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5113] write(3, "1000", 4) = 4 [pid 5113] close(3) = 0 [pid 5113] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5113] ioctl(3, TIOCSETD, [21]) = 0 [pid 5113] write(3, NULL, 0) = 0 [pid 5113] exit_group(0) = ? [pid 5113] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5114 attached , child_tidptr=0x555555ff0650) = 5114 [pid 5114] set_robust_list(0x555555ff0660, 24) = 0 [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] setpgid(0, 0) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5114] write(3, "1000", 4) = 4 [pid 5114] close(3) = 0 [pid 5114] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5114] ioctl(3, TIOCSETD, [21]) = 0 [pid 5114] write(3, NULL, 0) = 0 [pid 5114] exit_group(0) = ? [pid 5114] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5115 attached , child_tidptr=0x555555ff0650) = 5115 [pid 5115] set_robust_list(0x555555ff0660, 24) = 0 [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5115] setpgid(0, 0) = 0 [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5115] write(3, "1000", 4) = 4 [pid 5115] close(3) = 0 [pid 5115] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5115] ioctl(3, TIOCSETD, [21]) = 0 [pid 5115] write(3, NULL, 0) = 0 [pid 5115] exit_group(0) = ? [pid 5115] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5116 attached , child_tidptr=0x555555ff0650) = 5116 [pid 5116] set_robust_list(0x555555ff0660, 24) = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5116] setpgid(0, 0) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5116] write(3, "1000", 4) = 4 [pid 5116] close(3) = 0 [pid 5116] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5116] ioctl(3, TIOCSETD, [21]) = 0 [pid 5116] write(3, NULL, 0) = 0 [pid 5116] exit_group(0) = ? [pid 5116] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5117 attached , child_tidptr=0x555555ff0650) = 5117 [pid 5117] set_robust_list(0x555555ff0660, 24) = 0 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5117] setpgid(0, 0) = 0 [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5117] write(3, "1000", 4) = 4 [pid 5117] close(3) = 0 [pid 5117] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5117] ioctl(3, TIOCSETD, [21]) = 0 [pid 5117] write(3, NULL, 0) = 0 [pid 5117] exit_group(0) = ? [pid 5117] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5118 attached , child_tidptr=0x555555ff0650) = 5118 [pid 5118] set_robust_list(0x555555ff0660, 24) = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5118] setpgid(0, 0) = 0 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5118] write(3, "1000", 4) = 4 [pid 5118] close(3) = 0 [pid 5118] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5118] ioctl(3, TIOCSETD, [21]) = 0 [pid 5118] write(3, NULL, 0) = 0 [pid 5118] exit_group(0) = ? [pid 5118] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5119 attached , child_tidptr=0x555555ff0650) = 5119 [pid 5119] set_robust_list(0x555555ff0660, 24) = 0 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5119] setpgid(0, 0) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5119] write(3, "1000", 4) = 4 [pid 5119] close(3) = 0 [pid 5119] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5119] ioctl(3, TIOCSETD, [21]) = 0 [pid 5119] write(3, NULL, 0) = 0 [pid 5119] exit_group(0) = ? [pid 5119] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5120 attached , child_tidptr=0x555555ff0650) = 5120 [pid 5120] set_robust_list(0x555555ff0660, 24) = 0 [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5120] setpgid(0, 0) = 0 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5120] write(3, "1000", 4) = 4 [pid 5120] close(3) = 0 [pid 5120] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5120] ioctl(3, TIOCSETD, [21]) = 0 [ 107.028378][ T5120] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 107.037853][ T5120] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5120, name: syz-executor150 [ 107.047327][ T5120] preempt_count: 1, expected: 0 [ 107.052186][ T5120] RCU nest depth: 0, expected: 0 [ 107.057129][ T5120] 3 locks held by syz-executor150/5120: [ 107.062693][ T5120] #0: ffff88802913e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 107.072580][ T5120] #1: ffff88802913e130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 107.083959][ T5120] #2: ffff88802a3cd3e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 107.093088][ T5120] irq event stamp: 3184 [ 107.097257][ T5120] hardirqs last enabled at (3183): [] _raw_spin_unlock_irq+0x23/0x50 [ 107.107028][ T5120] hardirqs last disabled at (3184): [] _raw_spin_lock_irqsave+0x52/0x60 [ 107.116966][ T5120] softirqs last enabled at (154): [] __do_softirq+0x596/0x8de [ 107.126128][ T5120] softirqs last disabled at (139): [] irq_exit_rcu+0xb9/0x120 [ 107.135191][ T5120] Preemption disabled at: [ 107.135204][ T5120] [<0000000000000000>] 0x0 [ 107.143989][ T5120] CPU: 0 PID: 5120 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 107.155043][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 107.165123][ T5120] Call Trace: [ 107.168419][ T5120] [ 107.171382][ T5120] dump_stack_lvl+0xd9/0x1b0 [ 107.176027][ T5120] __might_resched+0x3c0/0x5e0 [ 107.180830][ T5120] ? __pfx___might_resched+0x10/0x10 [ 107.186154][ T5120] ? __pfx___lock_acquire+0x10/0x10 [ 107.191402][ T5120] console_lock+0x34/0x150 [ 107.195863][ T5120] do_con_write+0x149/0x7f50 [ 107.200501][ T5120] ? __might_fault+0x13b/0x190 [ 107.205319][ T5120] ? __pfx___lock_acquire+0x10/0x10 [ 107.210562][ T5120] ? __pfx___might_resched+0x10/0x10 [ 107.215878][ T5120] ? __pfx_do_con_write+0x10/0x10 [ 107.220941][ T5120] ? lock_acquire+0x1b1/0x540 [ 107.225662][ T5120] ? __pfx_lock_acquire+0x10/0x10 [ 107.230727][ T5120] ? do_raw_spin_lock+0x12d/0x2c0 [ 107.235781][ T5120] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 107.241189][ T5120] con_write+0x23/0xc0 [ 107.245315][ T5120] gsmld_write+0xd2/0x150 [ 107.249764][ T5120] ? __pfx_gsmld_write+0x10/0x10 [ 107.254749][ T5120] file_tty_write.constprop.0+0x518/0x9b0 [ 107.260520][ T5120] vfs_write+0x6db/0x1100 [ 107.264997][ T5120] ? __pfx_vfs_write+0x10/0x10 [ 107.271019][ T5120] ? find_held_lock+0x2d/0x110 [ 107.275828][ T5120] ? __pfx_lock_release+0x10/0x10 [ 107.280892][ T5120] ? __fget_light+0x176/0x210 [ 107.285612][ T5120] ksys_write+0x12f/0x260 [ 107.289992][ T5120] ? __pfx_ksys_write+0x10/0x10 [ 107.294992][ T5120] ? lockdep_hardirqs_on+0x7c/0x110 [ 107.300232][ T5120] ? _raw_spin_unlock_irq+0x2e/0x50 [ 107.305463][ T5120] ? ptrace_notify+0xf1/0x130 [ 107.310528][ T5120] do_syscall_64+0xd2/0x260 [ 107.315089][ T5120] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 107.321023][ T5120] RIP: 0033:0x7f27370f1cb9 [ 107.325470][ T5120] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 107.345106][ T5120] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 107.353554][ T5120] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 107.361547][ T5120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 107.369545][ T5120] RBP: 000000000001a166 R08: 0000000000000006 R09: 0000000000000006 [pid 5120] write(3, NULL, 0) = 0 [pid 5120] exit_group(0) = ? [pid 5120] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [ 107.377538][ T5120] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 107.385535][ T5120] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 107.393552][ T5120] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5121 attached , child_tidptr=0x555555ff0650) = 5121 [pid 5121] set_robust_list(0x555555ff0660, 24) = 0 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5121] setpgid(0, 0) = 0 [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5121] write(3, "1000", 4) = 4 [pid 5121] close(3) = 0 [pid 5121] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5121] ioctl(3, TIOCSETD, [21]) = 0 [pid 5121] write(3, NULL, 0) = 0 [pid 5121] exit_group(0) = ? [pid 5121] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5122 attached , child_tidptr=0x555555ff0650) = 5122 [pid 5122] set_robust_list(0x555555ff0660, 24) = 0 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5122] setpgid(0, 0) = 0 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5122] write(3, "1000", 4) = 4 [pid 5122] close(3) = 0 [pid 5122] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5122] ioctl(3, TIOCSETD, [21]) = 0 [pid 5122] write(3, NULL, 0) = 0 [pid 5122] exit_group(0) = ? [pid 5122] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5123 ./strace-static-x86_64: Process 5123 attached [pid 5123] set_robust_list(0x555555ff0660, 24) = 0 [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5123] setpgid(0, 0) = 0 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5123] write(3, "1000", 4) = 4 [pid 5123] close(3) = 0 [pid 5123] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5123] ioctl(3, TIOCSETD, [21]) = 0 [pid 5123] write(3, NULL, 0) = 0 [pid 5123] exit_group(0) = ? [pid 5123] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5124 attached [pid 5124] set_robust_list(0x555555ff0660, 24) = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5060] <... clone resumed>, child_tidptr=0x555555ff0650) = 5124 [pid 5124] <... prctl resumed>) = 0 [pid 5124] setpgid(0, 0) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5124] write(3, "1000", 4) = 4 [pid 5124] close(3) = 0 [pid 5124] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5124] ioctl(3, TIOCSETD, [21]) = 0 [pid 5124] write(3, NULL, 0) = 0 [pid 5124] exit_group(0) = ? [pid 5124] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5125 attached , child_tidptr=0x555555ff0650) = 5125 [pid 5125] set_robust_list(0x555555ff0660, 24) = 0 [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5125] setpgid(0, 0) = 0 [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5125] write(3, "1000", 4) = 4 [pid 5125] close(3) = 0 [pid 5125] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5125] ioctl(3, TIOCSETD, [21]) = 0 [pid 5125] write(3, NULL, 0) = 0 [pid 5125] exit_group(0) = ? [pid 5125] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5126 attached , child_tidptr=0x555555ff0650) = 5126 [pid 5126] set_robust_list(0x555555ff0660, 24) = 0 [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5126] setpgid(0, 0) = 0 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5126] write(3, "1000", 4) = 4 [pid 5126] close(3) = 0 [pid 5126] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5126] ioctl(3, TIOCSETD, [21]) = 0 [pid 5126] write(3, NULL, 0) = 0 [pid 5126] exit_group(0) = ? [pid 5126] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5127 attached , child_tidptr=0x555555ff0650) = 5127 [pid 5127] set_robust_list(0x555555ff0660, 24) = 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5127] setpgid(0, 0) = 0 [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5127] write(3, "1000", 4) = 4 [pid 5127] close(3) = 0 [pid 5127] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5127] ioctl(3, TIOCSETD, [21]) = 0 [pid 5127] write(3, NULL, 0) = 0 [pid 5127] exit_group(0) = ? [pid 5127] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5128 attached , child_tidptr=0x555555ff0650) = 5128 [pid 5128] set_robust_list(0x555555ff0660, 24) = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5128] setpgid(0, 0) = 0 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5128] write(3, "1000", 4) = 4 [pid 5128] close(3) = 0 [pid 5128] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5128] ioctl(3, TIOCSETD, [21]) = 0 [ 108.028363][ T5128] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 108.037907][ T5128] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5128, name: syz-executor150 [ 108.047502][ T5128] preempt_count: 1, expected: 0 [ 108.052375][ T5128] RCU nest depth: 0, expected: 0 [ 108.057336][ T5128] 3 locks held by syz-executor150/5128: [ 108.062894][ T5128] #0: ffff88802a50e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 108.072697][ T5128] #1: ffff88802a50e130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 108.084062][ T5128] #2: ffff888029fb43e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 108.093164][ T5128] irq event stamp: 1198 [ 108.097354][ T5128] hardirqs last enabled at (1197): [] _raw_spin_unlock_irq+0x23/0x50 [ 108.107119][ T5128] hardirqs last disabled at (1198): [] _raw_spin_lock_irqsave+0x52/0x60 [ 108.117089][ T5128] softirqs last enabled at (920): [] __do_softirq+0x596/0x8de [ 108.126238][ T5128] softirqs last disabled at (877): [] irq_exit_rcu+0xb9/0x120 [ 108.135301][ T5128] Preemption disabled at: [ 108.135312][ T5128] [<0000000000000000>] 0x0 [ 108.144066][ T5128] CPU: 1 PID: 5128 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 108.155113][ T5128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 108.165183][ T5128] Call Trace: [ 108.168474][ T5128] [ 108.171416][ T5128] dump_stack_lvl+0xd9/0x1b0 [ 108.176041][ T5128] __might_resched+0x3c0/0x5e0 [ 108.180833][ T5128] ? __pfx___might_resched+0x10/0x10 [ 108.186143][ T5128] ? __pfx___lock_acquire+0x10/0x10 [ 108.191385][ T5128] console_lock+0x34/0x150 [ 108.195840][ T5128] do_con_write+0x149/0x7f50 [ 108.200526][ T5128] ? __might_fault+0x13b/0x190 [ 108.205318][ T5128] ? __pfx___lock_acquire+0x10/0x10 [ 108.210554][ T5128] ? __pfx___might_resched+0x10/0x10 [ 108.216000][ T5128] ? __pfx_do_con_write+0x10/0x10 [ 108.221058][ T5128] ? lock_acquire+0x1b1/0x540 [ 108.225773][ T5128] ? __pfx_lock_acquire+0x10/0x10 [ 108.230833][ T5128] ? do_raw_spin_lock+0x12d/0x2c0 [ 108.235880][ T5128] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 108.241284][ T5128] con_write+0x23/0xc0 [ 108.245411][ T5128] gsmld_write+0xd2/0x150 [ 108.249767][ T5128] ? __pfx_gsmld_write+0x10/0x10 [ 108.254733][ T5128] file_tty_write.constprop.0+0x518/0x9b0 [ 108.260510][ T5128] vfs_write+0x6db/0x1100 [ 108.264877][ T5128] ? __pfx_vfs_write+0x10/0x10 [ 108.269784][ T5128] ? find_held_lock+0x2d/0x110 [ 108.274599][ T5128] ? __pfx_lock_release+0x10/0x10 [ 108.279652][ T5128] ? __fget_light+0x176/0x210 [ 108.284363][ T5128] ksys_write+0x12f/0x260 [ 108.288756][ T5128] ? __pfx_ksys_write+0x10/0x10 [ 108.293649][ T5128] ? lockdep_hardirqs_on+0x7c/0x110 [ 108.298964][ T5128] ? _raw_spin_unlock_irq+0x2e/0x50 [ 108.304184][ T5128] ? ptrace_notify+0xf1/0x130 [ 108.308892][ T5128] do_syscall_64+0xd2/0x260 [ 108.313469][ T5128] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 108.319402][ T5128] RIP: 0033:0x7f27370f1cb9 [ 108.323832][ T5128] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 108.343465][ T5128] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 108.351901][ T5128] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 108.359932][ T5128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 108.367919][ T5128] RBP: 000000000001a576 R08: 0000000000000006 R09: 0000000000000006 [pid 5128] write(3, NULL, 0) = 0 [pid 5128] exit_group(0) = ? [pid 5128] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5129 attached , child_tidptr=0x555555ff0650) = 5129 [pid 5129] set_robust_list(0x555555ff0660, 24) = 0 [ 108.375910][ T5128] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 108.383899][ T5128] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 108.391909][ T5128] [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5129] setpgid(0, 0) = 0 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5129] write(3, "1000", 4) = 4 [pid 5129] close(3) = 0 [pid 5129] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5129] ioctl(3, TIOCSETD, [21]) = 0 [pid 5129] write(3, NULL, 0) = 0 [pid 5129] exit_group(0) = ? [pid 5129] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5130 attached , child_tidptr=0x555555ff0650) = 5130 [pid 5130] set_robust_list(0x555555ff0660, 24) = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5130] setpgid(0, 0) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5130] write(3, "1000", 4) = 4 [pid 5130] close(3) = 0 [pid 5130] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5130] ioctl(3, TIOCSETD, [21]) = 0 [pid 5130] write(3, NULL, 0) = 0 [pid 5130] exit_group(0) = ? [pid 5130] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5131 attached , child_tidptr=0x555555ff0650) = 5131 [pid 5131] set_robust_list(0x555555ff0660, 24) = 0 [pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5131] setpgid(0, 0) = 0 [pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5131] write(3, "1000", 4) = 4 [pid 5131] close(3) = 0 [pid 5131] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5131] ioctl(3, TIOCSETD, [21]) = 0 [pid 5131] write(3, NULL, 0) = 0 [pid 5131] exit_group(0) = ? [pid 5131] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5132 attached , child_tidptr=0x555555ff0650) = 5132 [pid 5132] set_robust_list(0x555555ff0660, 24) = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5132] write(3, "1000", 4) = 4 [pid 5132] close(3) = 0 [pid 5132] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5132] ioctl(3, TIOCSETD, [21]) = 0 [pid 5132] write(3, NULL, 0) = 0 [pid 5132] exit_group(0) = ? [pid 5132] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5133 ./strace-static-x86_64: Process 5133 attached [pid 5133] set_robust_list(0x555555ff0660, 24) = 0 [pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5133] setpgid(0, 0) = 0 [pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5133] write(3, "1000", 4) = 4 [pid 5133] close(3) = 0 [pid 5133] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5133] ioctl(3, TIOCSETD, [21]) = 0 [pid 5133] write(3, NULL, 0) = 0 [pid 5133] exit_group(0) = ? [pid 5133] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5134 attached , child_tidptr=0x555555ff0650) = 5134 [pid 5134] set_robust_list(0x555555ff0660, 24) = 0 [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5134] setpgid(0, 0) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5134] write(3, "1000", 4) = 4 [pid 5134] close(3) = 0 [pid 5134] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5134] ioctl(3, TIOCSETD, [21]) = 0 [pid 5134] write(3, NULL, 0) = 0 [pid 5134] exit_group(0) = ? [pid 5134] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5135 attached , child_tidptr=0x555555ff0650) = 5135 [pid 5135] set_robust_list(0x555555ff0660, 24) = 0 [pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5135] setpgid(0, 0) = 0 [pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5135] write(3, "1000", 4) = 4 [pid 5135] close(3) = 0 [pid 5135] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5135] ioctl(3, TIOCSETD, [21]) = 0 [pid 5135] write(3, NULL, 0) = 0 [pid 5135] exit_group(0) = ? [pid 5135] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5136 attached , child_tidptr=0x555555ff0650) = 5136 [pid 5136] set_robust_list(0x555555ff0660, 24) = 0 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5136] write(3, "1000", 4) = 4 [pid 5136] close(3) = 0 [pid 5136] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5136] ioctl(3, TIOCSETD, [21]) = 0 [pid 5136] write(3, NULL, 0) = 0 [pid 5136] exit_group(0) = ? [pid 5136] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5137 attached , child_tidptr=0x555555ff0650) = 5137 [pid 5137] set_robust_list(0x555555ff0660, 24) = 0 [pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5137] setpgid(0, 0) = 0 [pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5137] write(3, "1000", 4) = 4 [pid 5137] close(3) = 0 [pid 5137] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5137] ioctl(3, TIOCSETD, [21]) = 0 [pid 5137] write(3, NULL, 0) = 0 [pid 5137] exit_group(0) = ? [pid 5137] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5139 attached , child_tidptr=0x555555ff0650) = 5139 [pid 5139] set_robust_list(0x555555ff0660, 24) = 0 [pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5139] setpgid(0, 0) = 0 [pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5139] write(3, "1000", 4) = 4 [pid 5139] close(3) = 0 [pid 5139] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5139] ioctl(3, TIOCSETD, [21]) = 0 [ 109.063546][ T5139] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 109.072990][ T5139] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5139, name: syz-executor150 [ 109.082459][ T5139] preempt_count: 1, expected: 0 [ 109.087329][ T5139] RCU nest depth: 0, expected: 0 [ 109.092297][ T5139] 3 locks held by syz-executor150/5139: [ 109.097851][ T5139] #0: ffff888028c950a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 109.107633][ T5139] #1: ffff888028c95130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 109.118982][ T5139] #2: ffff88801cafd3e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 109.128092][ T5139] irq event stamp: 1228 [ 109.132244][ T5139] hardirqs last enabled at (1227): [] _raw_spin_unlock_irq+0x23/0x50 [ 109.141980][ T5139] hardirqs last disabled at (1228): [] _raw_spin_lock_irqsave+0x52/0x60 [ 109.151901][ T5139] softirqs last enabled at (582): [] __do_softirq+0x596/0x8de [ 109.161043][ T5139] softirqs last disabled at (571): [] irq_exit_rcu+0xb9/0x120 [ 109.170087][ T5139] Preemption disabled at: [ 109.170097][ T5139] [<0000000000000000>] 0x0 [ 109.178838][ T5139] CPU: 0 PID: 5139 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 109.189872][ T5139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 109.199957][ T5139] Call Trace: [ 109.203332][ T5139] [ 109.206277][ T5139] dump_stack_lvl+0xd9/0x1b0 [ 109.210899][ T5139] __might_resched+0x3c0/0x5e0 [ 109.215684][ T5139] ? __pfx___might_resched+0x10/0x10 [ 109.220988][ T5139] ? __pfx___lock_acquire+0x10/0x10 [ 109.226226][ T5139] console_lock+0x34/0x150 [ 109.230674][ T5139] do_con_write+0x149/0x7f50 [ 109.235300][ T5139] ? __might_fault+0x13b/0x190 [ 109.240089][ T5139] ? __pfx___lock_acquire+0x10/0x10 [ 109.245316][ T5139] ? __pfx___might_resched+0x10/0x10 [ 109.250705][ T5139] ? __pfx_do_con_write+0x10/0x10 [ 109.255753][ T5139] ? lock_acquire+0x1b1/0x540 [ 109.260477][ T5139] ? __pfx_lock_acquire+0x10/0x10 [ 109.265529][ T5139] ? do_raw_spin_lock+0x12d/0x2c0 [ 109.270566][ T5139] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 109.275962][ T5139] con_write+0x23/0xc0 [ 109.280064][ T5139] gsmld_write+0xd2/0x150 [ 109.284504][ T5139] ? __pfx_gsmld_write+0x10/0x10 [ 109.289466][ T5139] file_tty_write.constprop.0+0x518/0x9b0 [ 109.295221][ T5139] vfs_write+0x6db/0x1100 [ 109.299594][ T5139] ? __pfx_vfs_write+0x10/0x10 [ 109.304398][ T5139] ? find_held_lock+0x2d/0x110 [ 109.309195][ T5139] ? __pfx_lock_release+0x10/0x10 [ 109.314247][ T5139] ? __fget_light+0x176/0x210 [ 109.318958][ T5139] ksys_write+0x12f/0x260 [ 109.323320][ T5139] ? __pfx_ksys_write+0x10/0x10 [ 109.328197][ T5139] ? lockdep_hardirqs_on+0x7c/0x110 [ 109.333419][ T5139] ? _raw_spin_unlock_irq+0x2e/0x50 [ 109.338637][ T5139] ? ptrace_notify+0xf1/0x130 [ 109.343340][ T5139] do_syscall_64+0xd2/0x260 [ 109.347877][ T5139] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 109.353797][ T5139] RIP: 0033:0x7f27370f1cb9 [ 109.358227][ T5139] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 109.377867][ T5139] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 109.386295][ T5139] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 109.394281][ T5139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 109.402264][ T5139] RBP: 000000000001a978 R08: 0000000000000006 R09: 0000000000000006 [pid 5139] write(3, NULL, 0) = 0 [pid 5139] exit_group(0) = ? [pid 5139] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5140 attached , child_tidptr=0x555555ff0650) = 5140 [pid 5140] set_robust_list(0x555555ff0660, 24) = 0 [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5140] setpgid(0, 0) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5140] write(3, "1000", 4) = 4 [pid 5140] close(3) = 0 [pid 5140] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5140] ioctl(3, TIOCSETD, [21]) = 0 [pid 5140] write(3, NULL, 0) = 0 [pid 5140] exit_group(0) = ? [pid 5140] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 109.410253][ T5139] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 109.418238][ T5139] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 109.426234][ T5139] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5141 attached , child_tidptr=0x555555ff0650) = 5141 [pid 5141] set_robust_list(0x555555ff0660, 24) = 0 [pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5141] setpgid(0, 0) = 0 [pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5141] write(3, "1000", 4) = 4 [pid 5141] close(3) = 0 [pid 5141] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5141] ioctl(3, TIOCSETD, [21]) = 0 [pid 5141] write(3, NULL, 0) = 0 [pid 5141] exit_group(0) = ? [pid 5141] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5142 attached , child_tidptr=0x555555ff0650) = 5142 [pid 5142] set_robust_list(0x555555ff0660, 24) = 0 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] setpgid(0, 0) = 0 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5142] write(3, "1000", 4) = 4 [pid 5142] close(3) = 0 [pid 5142] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5142] ioctl(3, TIOCSETD, [21]) = 0 [pid 5142] write(3, NULL, 0) = 0 [pid 5142] exit_group(0) = ? [pid 5142] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5143 attached , child_tidptr=0x555555ff0650) = 5143 [pid 5143] set_robust_list(0x555555ff0660, 24) = 0 [pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5143] setpgid(0, 0) = 0 [pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5143] write(3, "1000", 4) = 4 [pid 5143] close(3) = 0 [pid 5143] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5143] ioctl(3, TIOCSETD, [21]) = 0 [pid 5143] write(3, NULL, 0) = 0 [pid 5143] exit_group(0) = ? [pid 5143] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5144 attached , child_tidptr=0x555555ff0650) = 5144 [pid 5144] set_robust_list(0x555555ff0660, 24) = 0 [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5144] setpgid(0, 0) = 0 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5144] write(3, "1000", 4) = 4 [pid 5144] close(3) = 0 [pid 5144] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5144] ioctl(3, TIOCSETD, [21]) = 0 [pid 5144] write(3, NULL, 0) = 0 [pid 5144] exit_group(0) = ? [pid 5144] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5145 attached , child_tidptr=0x555555ff0650) = 5145 [pid 5145] set_robust_list(0x555555ff0660, 24) = 0 [pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5145] setpgid(0, 0) = 0 [pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5145] write(3, "1000", 4) = 4 [pid 5145] close(3) = 0 [pid 5145] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5145] ioctl(3, TIOCSETD, [21]) = 0 [pid 5145] write(3, NULL, 0) = 0 [pid 5145] exit_group(0) = ? [pid 5145] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5146 ./strace-static-x86_64: Process 5146 attached [pid 5146] set_robust_list(0x555555ff0660, 24) = 0 [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5146] setpgid(0, 0) = 0 [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5146] write(3, "1000", 4) = 4 [pid 5146] close(3) = 0 [pid 5146] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5146] ioctl(3, TIOCSETD, [21]) = 0 [pid 5146] write(3, NULL, 0) = 0 [pid 5146] exit_group(0) = ? [pid 5146] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5147 attached , child_tidptr=0x555555ff0650) = 5147 [pid 5147] set_robust_list(0x555555ff0660, 24) = 0 [pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5147] setpgid(0, 0) = 0 [pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5147] write(3, "1000", 4) = 4 [pid 5147] close(3) = 0 [pid 5147] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5147] ioctl(3, TIOCSETD, [21]) = 0 [pid 5147] write(3, NULL, 0) = 0 [pid 5147] exit_group(0) = ? [pid 5147] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5148 attached , child_tidptr=0x555555ff0650) = 5148 [pid 5148] set_robust_list(0x555555ff0660, 24) = 0 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5148] write(3, "1000", 4) = 4 [pid 5148] close(3) = 0 [pid 5148] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5148] ioctl(3, TIOCSETD, [21]) = 0 [pid 5148] write(3, NULL, 0) = 0 [pid 5148] exit_group(0) = ? [pid 5148] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5149 attached , child_tidptr=0x555555ff0650) = 5149 [pid 5149] set_robust_list(0x555555ff0660, 24) = 0 [pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5149] setpgid(0, 0) = 0 [pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5149] write(3, "1000", 4) = 4 [pid 5149] close(3) = 0 [pid 5149] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5149] ioctl(3, TIOCSETD, [21]) = 0 [ 110.089227][ T5149] BUG: sleeping function called from invalid context at kernel/printk/printk.c:2634 [ 110.098669][ T5149] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 5149, name: syz-executor150 [ 110.108196][ T5149] preempt_count: 1, expected: 0 [ 110.113070][ T5149] RCU nest depth: 0, expected: 0 [ 110.118032][ T5149] 3 locks held by syz-executor150/5149: [ 110.123599][ T5149] #0: ffff88807c80a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 110.133409][ T5149] #1: ffff88807c80a130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x293/0x9b0 [ 110.144821][ T5149] #2: ffff88801c29d3e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write+0x62/0x150 [ 110.153943][ T5149] irq event stamp: 1108 [ 110.158114][ T5149] hardirqs last enabled at (1107): [] _raw_spin_unlock_irq+0x23/0x50 [ 110.167867][ T5149] hardirqs last disabled at (1108): [] _raw_spin_lock_irqsave+0x52/0x60 [ 110.177797][ T5149] softirqs last enabled at (0): [] copy_process+0x2450/0x9780 [ 110.187040][ T5149] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 110.194267][ T5149] Preemption disabled at: [ 110.194278][ T5149] [<0000000000000000>] 0x0 [ 110.203049][ T5149] CPU: 0 PID: 5149 Comm: syz-executor150 Tainted: G W 6.7.0-next-20240119-syzkaller #0 [ 110.214179][ T5149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 110.224254][ T5149] Call Trace: [ 110.227553][ T5149] [ 110.230504][ T5149] dump_stack_lvl+0xd9/0x1b0 [ 110.235150][ T5149] __might_resched+0x3c0/0x5e0 [ 110.239958][ T5149] ? __pfx___might_resched+0x10/0x10 [ 110.245271][ T5149] ? __pfx___lock_acquire+0x10/0x10 [ 110.250516][ T5149] console_lock+0x34/0x150 [ 110.254978][ T5149] do_con_write+0x149/0x7f50 [ 110.259625][ T5149] ? __might_fault+0x13b/0x190 [ 110.264422][ T5149] ? __pfx___lock_acquire+0x10/0x10 [ 110.269676][ T5149] ? __pfx___might_resched+0x10/0x10 [ 110.274992][ T5149] ? __pfx_do_con_write+0x10/0x10 [ 110.280143][ T5149] ? lock_acquire+0x1b1/0x540 [ 110.284864][ T5149] ? __pfx_lock_acquire+0x10/0x10 [ 110.289930][ T5149] ? do_raw_spin_lock+0x12d/0x2c0 [ 110.295012][ T5149] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 110.300427][ T5149] con_write+0x23/0xc0 [ 110.304542][ T5149] gsmld_write+0xd2/0x150 [ 110.308905][ T5149] ? __pfx_gsmld_write+0x10/0x10 [ 110.313879][ T5149] file_tty_write.constprop.0+0x518/0x9b0 [ 110.319644][ T5149] vfs_write+0x6db/0x1100 [ 110.324029][ T5149] ? __pfx_vfs_write+0x10/0x10 [ 110.328840][ T5149] ? find_held_lock+0x2d/0x110 [ 110.333644][ T5149] ? __pfx_lock_release+0x10/0x10 [ 110.338707][ T5149] ? __fget_light+0x176/0x210 [ 110.343424][ T5149] ksys_write+0x12f/0x260 [ 110.347793][ T5149] ? __pfx_ksys_write+0x10/0x10 [ 110.352686][ T5149] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.357923][ T5149] ? _raw_spin_unlock_irq+0x2e/0x50 [ 110.363154][ T5149] ? ptrace_notify+0xf1/0x130 [ 110.367874][ T5149] do_syscall_64+0xd2/0x260 [ 110.372421][ T5149] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 110.378347][ T5149] RIP: 0033:0x7f27370f1cb9 [ 110.382784][ T5149] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 110.402419][ T5149] RSP: 002b:00007ffd8a79f278 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 110.410864][ T5149] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27370f1cb9 [ 110.418859][ T5149] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 110.426850][ T5149] RBP: 000000000001ad8d R08: 0000000000000006 R09: 0000000000000006 [pid 5149] write(3, NULL, 0) = 0 [pid 5149] exit_group(0) = ? [pid 5149] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555ff0650) = 5150 ./strace-static-x86_64: Process 5150 attached [pid 5150] set_robust_list(0x555555ff0660, 24) = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5150] setpgid(0, 0) = 0 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] write(3, "1000", 4) = 4 [ 110.434840][ T5149] R10: 00007ffd8a79ef86 R11: 0000000000000246 R12: 00007ffd8a79f28c [ 110.442838][ T5149] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 110.450857][ T5149] [pid 5150] close(3) = 0 [pid 5150] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5150] ioctl(3, TIOCSETD, [21]) = 0 [pid 5150] write(3, NULL, 0) = 0 [pid 5150] exit_group(0) = ? [pid 5150] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5151 attached , child_tidptr=0x555555ff0650) = 5151 [pid 5151] set_robust_list(0x555555ff0660, 24) = 0 [pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5151] setpgid(0, 0) = 0 [pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5151] write(3, "1000", 4) = 4 [pid 5151] close(3) = 0 [pid 5151] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5151] ioctl(3, TIOCSETD, [21]) = 0 [pid 5151] write(3, NULL, 0) = 0 [pid 5151] exit_group(0) = ? [pid 5151] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5152 attached , child_tidptr=0x555555ff0650) = 5152 [pid 5152] set_robust_list(0x555555ff0660, 24) = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5152] setpgid(0, 0) = 0 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5152] write(3, "1000", 4) = 4 [pid 5152] close(3) = 0 [pid 5152] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5152] ioctl(3, TIOCSETD, [21]) = 0 [pid 5152] write(3, NULL, 0) = 0 [pid 5152] exit_group(0) = ? [pid 5152] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5153 attached , child_tidptr=0x555555ff0650) = 5153 [pid 5153] set_robust_list(0x555555ff0660, 24) = 0 [pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5153] setpgid(0, 0) = 0 [pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5153] write(3, "1000", 4) = 4 [pid 5153] close(3) = 0 [pid 5153] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3 [pid 5153] ioctl(3, TIOCSETD, [21]) = 0 [pid 5153] write(3, NULL, 0) = 0 [pid 5153] exit_group(0) = ? [pid 5153] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5154 attached , child_tidptr=0x555555ff0650) = 5154 [pid 5154] set_robust_list(0x555555ff0660, 24) = 0 [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5154] setpgid(0, 0) = 0 [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5154] write(3, "1000", 4) = 4 [pid 5154] close(3) = 0 [pid 5154] openat(AT_FDCWD, "/dev/char/4:21", O_RDWR) = 3