[ OK ] Started Getty on tty2. [ OK ] Started Serial Getty on ttyS0. [ OK ] Started Getty on tty1. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ OK ] Started OpenBSD Secure Shell server. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.15' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 69.217123][ T6543] [ 69.219553][ T6543] ===================================================== [ 69.226458][ T6543] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 69.233900][ T6543] 5.15.0-rc6-syzkaller #0 Not tainted [ 69.239268][ T6543] ----------------------------------------------------- [ 69.246296][ T6543] syz-executor365/6543 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 69.254348][ T6543] ffffffff8b60a098 (tasklist_lock){.+.+}-{2:2}, at: send_sigio+0xab/0x380 [ 69.262868][ T6543] [ 69.262868][ T6543] and this task is already holding: [ 69.270352][ T6543] ffff8880737dbcb8 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x24/0x380 [ 69.279121][ T6543] which would create a new lock dependency: [ 69.284984][ T6543] (&f->f_owner.lock){....}-{2:2} -> (tasklist_lock){.+.+}-{2:2} [ 69.292701][ T6543] [ 69.292701][ T6543] but this new dependency connects a HARDIRQ-irq-safe lock: [ 69.302126][ T6543] (&dev->event_lock){-...}-{2:2} [ 69.302144][ T6543] [ 69.302144][ T6543] ... which became HARDIRQ-irq-safe at: [ 69.314908][ T6543] lock_acquire+0x1ab/0x510 [ 69.319489][ T6543] _raw_spin_lock_irqsave+0x39/0x50 [ 69.324861][ T6543] input_event+0x7b/0xb0 [ 69.329186][ T6543] psmouse_report_standard_buttons+0x2c/0x80 [ 69.335249][ T6543] psmouse_process_byte+0x1e1/0x890 [ 69.340554][ T6543] psmouse_handle_byte+0x41/0x1b0 [ 69.345702][ T6543] psmouse_interrupt+0x304/0xf00 [ 69.350708][ T6543] serio_interrupt+0x88/0x150 [ 69.355485][ T6543] i8042_interrupt+0x27a/0x520 [ 69.360327][ T6543] __handle_irq_event_percpu+0x303/0x8f0 [ 69.366030][ T6543] handle_irq_event+0x102/0x280 [ 69.371121][ T6543] handle_edge_irq+0x25f/0xd00 [ 69.375951][ T6543] __common_interrupt+0x9d/0x210 [ 69.380973][ T6543] common_interrupt+0x9f/0xd0 [ 69.385717][ T6543] asm_common_interrupt+0x1e/0x40 [ 69.390810][ T6543] _raw_spin_unlock_irqrestore+0x38/0x70 [ 69.396510][ T6543] i8042_command+0x12e/0x150 [ 69.401167][ T6543] i8042_aux_write+0xd7/0x120 [ 69.405917][ T6543] ps2_do_sendbyte+0x2cf/0x710 [ 69.410762][ T6543] ps2_sendbyte+0x58/0x150 [ 69.415277][ T6543] cypress_ps2_sendbyte+0x2e/0x160 [ 69.420457][ T6543] cypress_send_ext_cmd+0x1d0/0x8e0 [ 69.425727][ T6543] cypress_detect+0x75/0x190 [ 69.430382][ T6543] psmouse_try_protocol+0x211/0x370 [ 69.435649][ T6543] psmouse_extensions+0x557/0x930 [ 69.440751][ T6543] psmouse_switch_protocol+0x52a/0x740 [ 69.446299][ T6543] psmouse_connect+0x5e9/0xfd0 [ 69.451129][ T6543] serio_driver_probe+0x72/0xa0 [ 69.456046][ T6543] really_probe+0x245/0xcc0 [ 69.460620][ T6543] __driver_probe_device+0x338/0x4d0 [ 69.465977][ T6543] driver_probe_device+0x4c/0x1a0 [ 69.471069][ T6543] __driver_attach+0x22d/0x4e0 [ 69.475898][ T6543] bus_for_each_dev+0x147/0x1d0 [ 69.480816][ T6543] serio_handle_event+0x5f6/0xa30 [ 69.485908][ T6543] process_one_work+0x9bf/0x16b0 [ 69.491008][ T6543] worker_thread+0x658/0x11f0 [ 69.495764][ T6543] kthread+0x3e5/0x4d0 [ 69.499904][ T6543] ret_from_fork+0x1f/0x30 [ 69.504388][ T6543] [ 69.504388][ T6543] to a HARDIRQ-irq-unsafe lock: [ 69.511389][ T6543] (tasklist_lock){.+.+}-{2:2} [ 69.511408][ T6543] [ 69.511408][ T6543] ... which became HARDIRQ-irq-unsafe at: [ 69.524001][ T6543] ... [ 69.524006][ T6543] lock_acquire+0x1ab/0x510 [ 69.531157][ T6543] _raw_read_lock+0x5b/0x70 [ 69.535731][ T6543] do_wait+0x284/0xce0 [ 69.539864][ T6543] kernel_wait+0x9c/0x150 [ 69.544259][ T6543] call_usermodehelper_exec_work+0xf5/0x180 [ 69.550222][ T6543] process_one_work+0x9bf/0x16b0 [ 69.555223][ T6543] worker_thread+0x658/0x11f0 [ 69.559965][ T6543] kthread+0x3e5/0x4d0 [ 69.564103][ T6543] ret_from_fork+0x1f/0x30 [ 69.568583][ T6543] [ 69.568583][ T6543] other info that might help us debug this: [ 69.568583][ T6543] [ 69.578798][ T6543] Chain exists of: [ 69.578798][ T6543] &dev->event_lock --> &f->f_owner.lock --> tasklist_lock [ 69.578798][ T6543] [ 69.591982][ T6543] Possible interrupt unsafe locking scenario: [ 69.591982][ T6543] [ 69.600283][ T6543] CPU0 CPU1 [ 69.605633][ T6543] ---- ---- [ 69.610975][ T6543] lock(tasklist_lock); [ 69.615196][ T6543] local_irq_disable(); [ 69.621928][ T6543] lock(&dev->event_lock); [ 69.628930][ T6543] lock(&f->f_owner.lock); [ 69.635939][ T6543] [ 69.639371][ T6543] lock(&dev->event_lock); [ 69.644023][ T6543] [ 69.644023][ T6543] *** DEADLOCK *** [ 69.644023][ T6543] [ 69.652153][ T6543] 5 locks held by syz-executor365/6543: [ 69.657677][ T6543] #0: ffffffff8b981b20 (rcu_read_lock){....}-{1:2}, at: sock_def_readable+0x0/0x4e0 [ 69.667146][ T6543] #1: ffffffff8b981b20 (rcu_read_lock){....}-{1:2}, at: sock_def_readable+0x2aa/0x4e0 [ 69.676782][ T6543] #2: ffffffff8b981b20 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x41/0x470 [ 69.685811][ T6543] #3: ffff8880197450c0 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x136/0x470 [ 69.694919][ T6543] #4: ffff8880737dbcb8 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x24/0x380 [ 69.704123][ T6543] [ 69.704123][ T6543] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 69.714502][ T6543] -> (&dev->event_lock){-...}-{2:2} { [ 69.720123][ T6543] IN-HARDIRQ-W at: [ 69.724340][ T6543] lock_acquire+0x1ab/0x510 [ 69.730998][ T6543] _raw_spin_lock_irqsave+0x39/0x50 [ 69.738352][ T6543] input_event+0x7b/0xb0 [ 69.744760][ T6543] psmouse_report_standard_buttons+0x2c/0x80 [ 69.752901][ T6543] psmouse_process_byte+0x1e1/0x890 [ 69.760339][ T6543] psmouse_handle_byte+0x41/0x1b0 [ 69.767601][ T6543] psmouse_interrupt+0x304/0xf00 [ 69.774689][ T6543] serio_interrupt+0x88/0x150 [ 69.781516][ T6543] i8042_interrupt+0x27a/0x520 [ 69.788431][ T6543] __handle_irq_event_percpu+0x303/0x8f0 [ 69.796233][ T6543] handle_irq_event+0x102/0x280 [ 69.803316][ T6543] handle_edge_irq+0x25f/0xd00 [ 69.810251][ T6543] __common_interrupt+0x9d/0x210 [ 69.817355][ T6543] common_interrupt+0x9f/0xd0 [ 69.824186][ T6543] asm_common_interrupt+0x1e/0x40 [ 69.831374][ T6543] _raw_spin_unlock_irqrestore+0x38/0x70 [ 69.839164][ T6543] i8042_command+0x12e/0x150 [ 69.845908][ T6543] i8042_aux_write+0xd7/0x120 [ 69.852758][ T6543] ps2_do_sendbyte+0x2cf/0x710 [ 69.859679][ T6543] ps2_sendbyte+0x58/0x150 [ 69.866248][ T6543] cypress_ps2_sendbyte+0x2e/0x160 [ 69.873510][ T6543] cypress_send_ext_cmd+0x1d0/0x8e0 [ 69.881035][ T6543] cypress_detect+0x75/0x190 [ 69.887777][ T6543] psmouse_try_protocol+0x211/0x370 [ 69.895139][ T6543] psmouse_extensions+0x557/0x930 [ 69.902329][ T6543] psmouse_switch_protocol+0x52a/0x740 [ 69.909954][ T6543] psmouse_connect+0x5e9/0xfd0 [ 69.916875][ T6543] serio_driver_probe+0x72/0xa0 [ 69.923878][ T6543] really_probe+0x245/0xcc0 [ 69.930545][ T6543] __driver_probe_device+0x338/0x4d0 [ 69.937986][ T6543] driver_probe_device+0x4c/0x1a0 [ 69.945172][ T6543] __driver_attach+0x22d/0x4e0 [ 69.952100][ T6543] bus_for_each_dev+0x147/0x1d0 [ 69.959102][ T6543] serio_handle_event+0x5f6/0xa30 [ 69.966277][ T6543] process_one_work+0x9bf/0x16b0 [ 69.973362][ T6543] worker_thread+0x658/0x11f0 [ 69.980189][ T6543] kthread+0x3e5/0x4d0 [ 69.986588][ T6543] ret_from_fork+0x1f/0x30 [ 69.993160][ T6543] INITIAL USE at: [ 69.997291][ T6543] lock_acquire+0x1ab/0x510 [ 70.003859][ T6543] _raw_spin_lock_irqsave+0x39/0x50 [ 70.011128][ T6543] input_inject_event+0xa6/0x320 [ 70.018133][ T6543] led_set_brightness_nosleep+0xe6/0x1a0 [ 70.025833][ T6543] led_set_brightness+0x134/0x170 [ 70.032926][ T6543] led_trigger_event+0x75/0xd0 [ 70.039773][ T6543] kbd_led_trigger_activate+0xc9/0x100 [ 70.047296][ T6543] led_trigger_set+0x61e/0xbd0 [ 70.054124][ T6543] led_trigger_set_default+0x1a6/0x230 [ 70.061650][ T6543] led_classdev_register_ext+0x622/0x850 [ 70.069359][ T6543] input_leds_connect+0x4bd/0x860 [ 70.076455][ T6543] input_attach_handler+0x180/0x1f0 [ 70.083730][ T6543] input_register_device.cold+0xf0/0x304 [ 70.091605][ T6543] atkbd_connect+0x739/0xa00 [ 70.098260][ T6543] serio_driver_probe+0x72/0xa0 [ 70.105176][ T6543] really_probe+0x245/0xcc0 [ 70.111753][ T6543] __driver_probe_device+0x338/0x4d0 [ 70.119133][ T6543] driver_probe_device+0x4c/0x1a0 [ 70.126225][ T6543] __driver_attach+0x22d/0x4e0 [ 70.133493][ T6543] bus_for_each_dev+0x147/0x1d0 [ 70.140413][ T6543] serio_handle_event+0x5f6/0xa30 [ 70.147500][ T6543] process_one_work+0x9bf/0x16b0 [ 70.154515][ T6543] worker_thread+0x658/0x11f0 [ 70.161260][ T6543] kthread+0x3e5/0x4d0 [ 70.167394][ T6543] ret_from_fork+0x1f/0x30 [ 70.173882][ T6543] } [ 70.176631][ T6543] ... key at: [] __key.8+0x0/0x40 [ 70.183984][ T6543] -> (&client->buffer_lock){....}-{2:2} { [ 70.189871][ T6543] INITIAL USE at: [ 70.193914][ T6543] lock_acquire+0x1ab/0x510 [ 70.200309][ T6543] _raw_spin_lock+0x2a/0x40 [ 70.206704][ T6543] evdev_pass_values.part.0+0xf6/0x970 [ 70.214054][ T6543] evdev_events+0x359/0x3e0 [ 70.220629][ T6543] input_to_handler+0x2a0/0x4c0 [ 70.227369][ T6543] input_pass_values.part.0+0x230/0x710 [ 70.234882][ T6543] input_handle_event+0x373/0x1440 [ 70.241988][ T6543] input_inject_event+0x1bd/0x320 [ 70.248936][ T6543] evdev_write+0x430/0x760 [ 70.255248][ T6543] vfs_write+0x28e/0xae0 [ 70.261384][ T6543] ksys_write+0x1ee/0x250 [ 70.267621][ T6543] do_syscall_64+0x35/0xb0 [ 70.273930][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.281719][ T6543] } [ 70.284384][ T6543] ... key at: [] __key.4+0x0/0x40 [ 70.291666][ T6543] ... acquired at: [ 70.295623][ T6543] _raw_spin_lock+0x2a/0x40 [ 70.300282][ T6543] evdev_pass_values.part.0+0xf6/0x970 [ 70.305910][ T6543] evdev_events+0x359/0x3e0 [ 70.310603][ T6543] input_to_handler+0x2a0/0x4c0 [ 70.315610][ T6543] input_pass_values.part.0+0x230/0x710 [ 70.321311][ T6543] input_handle_event+0x373/0x1440 [ 70.326581][ T6543] input_inject_event+0x1bd/0x320 [ 70.331761][ T6543] evdev_write+0x430/0x760 [ 70.336332][ T6543] vfs_write+0x28e/0xae0 [ 70.340729][ T6543] ksys_write+0x1ee/0x250 [ 70.345217][ T6543] do_syscall_64+0x35/0xb0 [ 70.349787][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.355849][ T6543] [ 70.358172][ T6543] -> (&new->fa_lock){....}-{2:2} { [ 70.363374][ T6543] INITIAL READ USE at: [ 70.367765][ T6543] lock_acquire+0x1ab/0x510 [ 70.374435][ T6543] _raw_read_lock_irqsave+0x70/0x90 [ 70.381786][ T6543] kill_fasync+0x136/0x470 [ 70.388367][ T6543] evdev_pass_values.part.0+0x64e/0x970 [ 70.396064][ T6543] evdev_events+0x359/0x3e0 [ 70.402729][ T6543] input_to_handler+0x2a0/0x4c0 [ 70.409856][ T6543] input_pass_values.part.0+0x230/0x710 [ 70.417560][ T6543] input_handle_event+0x373/0x1440 [ 70.424827][ T6543] input_inject_event+0x1bd/0x320 [ 70.432015][ T6543] evdev_write+0x430/0x760 [ 70.438598][ T6543] vfs_write+0x28e/0xae0 [ 70.444999][ T6543] ksys_write+0x1ee/0x250 [ 70.451480][ T6543] do_syscall_64+0x35/0xb0 [ 70.458096][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.466145][ T6543] } [ 70.468709][ T6543] ... key at: [] __key.0+0x0/0x40 [ 70.475887][ T6543] ... acquired at: [ 70.479760][ T6543] _raw_read_lock_irqsave+0x70/0x90 [ 70.485137][ T6543] kill_fasync+0x136/0x470 [ 70.489707][ T6543] evdev_pass_values.part.0+0x64e/0x970 [ 70.495412][ T6543] evdev_events+0x359/0x3e0 [ 70.500130][ T6543] input_to_handler+0x2a0/0x4c0 [ 70.505245][ T6543] input_pass_values.part.0+0x230/0x710 [ 70.510948][ T6543] input_handle_event+0x373/0x1440 [ 70.516218][ T6543] input_inject_event+0x1bd/0x320 [ 70.521455][ T6543] evdev_write+0x430/0x760 [ 70.526025][ T6543] vfs_write+0x28e/0xae0 [ 70.530431][ T6543] ksys_write+0x1ee/0x250 [ 70.534918][ T6543] do_syscall_64+0x35/0xb0 [ 70.539512][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.545572][ T6543] [ 70.547874][ T6543] -> (&f->f_owner.lock){....}-{2:2} { [ 70.553246][ T6543] INITIAL USE at: [ 70.557126][ T6543] lock_acquire+0x1ab/0x510 [ 70.563197][ T6543] _raw_write_lock_irq+0x32/0x50 [ 70.569705][ T6543] f_modown+0x2a/0x390 [ 70.575347][ T6543] f_setown+0xd7/0x230 [ 70.581047][ T6543] sock_ioctl+0x37e/0x640 [ 70.586948][ T6543] __x64_sys_ioctl+0x193/0x200 [ 70.593259][ T6543] do_syscall_64+0x35/0xb0 [ 70.599232][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.606719][ T6543] INITIAL READ USE at: [ 70.611066][ T6543] lock_acquire+0x1ab/0x510 [ 70.617732][ T6543] _raw_read_lock_irqsave+0x70/0x90 [ 70.624918][ T6543] send_sigio+0x24/0x380 [ 70.631249][ T6543] kill_fasync+0x1f8/0x470 [ 70.637689][ T6543] evdev_pass_values.part.0+0x64e/0x970 [ 70.645223][ T6543] evdev_events+0x359/0x3e0 [ 70.651728][ T6543] input_to_handler+0x2a0/0x4c0 [ 70.658577][ T6543] input_pass_values.part.0+0x230/0x710 [ 70.666106][ T6543] input_handle_event+0x373/0x1440 [ 70.673203][ T6543] input_inject_event+0x1bd/0x320 [ 70.680217][ T6543] evdev_write+0x430/0x760 [ 70.686639][ T6543] vfs_write+0x28e/0xae0 [ 70.692862][ T6543] ksys_write+0x1ee/0x250 [ 70.699172][ T6543] do_syscall_64+0x35/0xb0 [ 70.705571][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.713453][ T6543] } [ 70.715933][ T6543] ... key at: [] __key.5+0x0/0x40 [ 70.723038][ T6543] ... acquired at: [ 70.726819][ T6543] _raw_read_lock_irqsave+0x70/0x90 [ 70.732178][ T6543] send_sigio+0x24/0x380 [ 70.736591][ T6543] kill_fasync+0x1f8/0x470 [ 70.741164][ T6543] evdev_pass_values.part.0+0x64e/0x970 [ 70.746869][ T6543] evdev_events+0x359/0x3e0 [ 70.751527][ T6543] input_to_handler+0x2a0/0x4c0 [ 70.756544][ T6543] input_pass_values.part.0+0x230/0x710 [ 70.762269][ T6543] input_handle_event+0x373/0x1440 [ 70.767555][ T6543] input_inject_event+0x1bd/0x320 [ 70.772771][ T6543] evdev_write+0x430/0x760 [ 70.777429][ T6543] vfs_write+0x28e/0xae0 [ 70.782347][ T6543] ksys_write+0x1ee/0x250 [ 70.786832][ T6543] do_syscall_64+0x35/0xb0 [ 70.791489][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 70.797547][ T6543] [ 70.799851][ T6543] [ 70.799851][ T6543] the dependencies between the lock to be acquired [ 70.799857][ T6543] and HARDIRQ-irq-unsafe lock: [ 70.813328][ T6543] -> (tasklist_lock){.+.+}-{2:2} { [ 70.818427][ T6543] HARDIRQ-ON-R at: [ 70.822385][ T6543] lock_acquire+0x1ab/0x510 [ 70.828523][ T6543] _raw_read_lock+0x5b/0x70 [ 70.834747][ T6543] do_wait+0x284/0xce0 [ 70.840459][ T6543] kernel_wait+0x9c/0x150 [ 70.846421][ T6543] call_usermodehelper_exec_work+0xf5/0x180 [ 70.853956][ T6543] process_one_work+0x9bf/0x16b0 [ 70.860545][ T6543] worker_thread+0x658/0x11f0 [ 70.866850][ T6543] kthread+0x3e5/0x4d0 [ 70.872550][ T6543] ret_from_fork+0x1f/0x30 [ 70.878598][ T6543] SOFTIRQ-ON-R at: [ 70.882555][ T6543] lock_acquire+0x1ab/0x510 [ 70.888689][ T6543] _raw_read_lock+0x5b/0x70 [ 70.894923][ T6543] do_wait+0x284/0xce0 [ 70.900649][ T6543] kernel_wait+0x9c/0x150 [ 70.906614][ T6543] call_usermodehelper_exec_work+0xf5/0x180 [ 70.914143][ T6543] process_one_work+0x9bf/0x16b0 [ 70.920710][ T6543] worker_thread+0x658/0x11f0 [ 70.927014][ T6543] kthread+0x3e5/0x4d0 [ 70.932715][ T6543] ret_from_fork+0x1f/0x30 [ 70.938762][ T6543] INITIAL USE at: [ 70.942634][ T6543] lock_acquire+0x1ab/0x510 [ 70.948714][ T6543] _raw_write_lock_irq+0x32/0x50 [ 70.955282][ T6543] copy_process+0x36c0/0x7590 [ 70.961504][ T6543] kernel_clone+0xe7/0xac0 [ 70.967467][ T6543] kernel_thread+0xb5/0xf0 [ 70.973430][ T6543] rest_init+0x23/0x3e0 [ 70.979126][ T6543] start_kernel+0x47a/0x49b [ 70.985181][ T6543] secondary_startup_64_no_verify+0xb0/0xbb [ 70.992633][ T6543] INITIAL READ USE at: [ 70.996958][ T6543] lock_acquire+0x1ab/0x510 [ 71.003448][ T6543] _raw_read_lock+0x5b/0x70 [ 71.009944][ T6543] do_wait+0x284/0xce0 [ 71.015992][ T6543] kernel_wait+0x9c/0x150 [ 71.022311][ T6543] call_usermodehelper_exec_work+0xf5/0x180 [ 71.030181][ T6543] process_one_work+0x9bf/0x16b0 [ 71.037102][ T6543] worker_thread+0x658/0x11f0 [ 71.043763][ T6543] kthread+0x3e5/0x4d0 [ 71.049811][ T6543] ret_from_fork+0x1f/0x30 [ 71.056208][ T6543] } [ 71.058684][ T6543] ... key at: [] tasklist_lock+0x18/0x40 [ 71.066384][ T6543] ... acquired at: [ 71.070162][ T6543] lock_acquire+0x1ab/0x510 [ 71.074829][ T6543] _raw_read_lock+0x5b/0x70 [ 71.079485][ T6543] send_sigio+0xab/0x380 [ 71.083881][ T6543] kill_fasync+0x1f8/0x470 [ 71.088460][ T6543] sock_wake_async+0xd2/0x160 [ 71.093296][ T6543] sock_def_readable+0x349/0x4e0 [ 71.098397][ T6543] unix_dgram_sendmsg+0xfa7/0x1950 [ 71.103671][ T6543] sock_sendmsg+0xcf/0x120 [ 71.108242][ T6543] ____sys_sendmsg+0x331/0x810 [ 71.113164][ T6543] ___sys_sendmsg+0xf3/0x170 [ 71.117924][ T6543] __sys_sendmmsg+0x195/0x470 [ 71.122761][ T6543] __x64_sys_sendmmsg+0x99/0x100 [ 71.129014][ T6543] do_syscall_64+0x35/0xb0 [ 71.133590][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 71.139644][ T6543] [ 71.141946][ T6543] [ 71.141946][ T6543] stack backtrace: [ 71.147809][ T6543] CPU: 1 PID: 6543 Comm: syz-executor365 Not tainted 5.15.0-rc6-syzkaller #0 [ 71.156545][ T6543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 71.166582][ T6543] Call Trace: [ 71.169856][ T6543] dump_stack_lvl+0xcd/0x134 [ 71.174430][ T6543] check_irq_usage.cold+0x4c1/0x6b0 [ 71.179620][ T6543] ? print_shortest_lock_dependencies_backwards+0x80/0x80 [ 71.186714][ T6543] ? check_path.constprop.0+0x24/0x50 [ 71.192069][ T6543] ? lock_chain_count+0x20/0x20 [ 71.196912][ T6543] ? lockdep_lock+0xc6/0x200 [ 71.201482][ T6543] ? call_rcu_zapped+0xb0/0xb0 [ 71.206227][ T6543] __lock_acquire+0x2a1f/0x54a0 [ 71.211071][ T6543] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 71.217044][ T6543] lock_acquire+0x1ab/0x510 [ 71.221528][ T6543] ? send_sigio+0xab/0x380 [ 71.225935][ T6543] ? lock_release+0x720/0x720 [ 71.230599][ T6543] ? lock_release+0x720/0x720 [ 71.235257][ T6543] ? lock_release+0x720/0x720 [ 71.239915][ T6543] _raw_read_lock+0x5b/0x70 [ 71.244421][ T6543] ? send_sigio+0xab/0x380 [ 71.248828][ T6543] send_sigio+0xab/0x380 [ 71.253063][ T6543] kill_fasync+0x1f8/0x470 [ 71.257472][ T6543] sock_wake_async+0xd2/0x160 [ 71.262145][ T6543] sock_def_readable+0x349/0x4e0 [ 71.267065][ T6543] unix_dgram_sendmsg+0xfa7/0x1950 [ 71.272173][ T6543] ? unix_stream_sendpage+0xca0/0xca0 [ 71.277532][ T6543] ? aa_af_perm+0x230/0x230 [ 71.282019][ T6543] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 71.288347][ T6543] ? unix_stream_sendpage+0xca0/0xca0 [ 71.293699][ T6543] sock_sendmsg+0xcf/0x120 [ 71.298276][ T6543] ____sys_sendmsg+0x331/0x810 [ 71.303021][ T6543] ? kernel_sendmsg+0x50/0x50 [ 71.307688][ T6543] ? do_recvmmsg+0x6d0/0x6d0 [ 71.313139][ T6543] ___sys_sendmsg+0xf3/0x170 [ 71.317858][ T6543] ? sendmsg_copy_msghdr+0x160/0x160 [ 71.323312][ T6543] ? mark_lock+0xef/0x17b0 [ 71.327716][ T6543] ? mark_lock+0xef/0x17b0 [ 71.332115][ T6543] ? lock_chain_count+0x20/0x20 [ 71.336947][ T6543] ? lock_chain_count+0x20/0x20 [ 71.341777][ T6543] ? unix_dgram_connect+0xa21/0xc00 [ 71.347128][ T6543] ? lock_downgrade+0x6e0/0x6e0 [ 71.351957][ T6543] ? rwlock_bug.part.0+0x90/0x90 [ 71.356914][ T6543] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 71.363136][ T6543] ? __fget_light+0x215/0x280 [ 71.367795][ T6543] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 71.374018][ T6543] __sys_sendmmsg+0x195/0x470 [ 71.378683][ T6543] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 71.383687][ T6543] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 71.389653][ T6543] ? find_held_lock+0x2d/0x110 [ 71.394544][ T6543] ? __context_tracking_exit+0xb8/0xe0 [ 71.399986][ T6543] ? lock_downgrade+0x6e0/0x6e0 [ 71.404827][ T6543] ? lock_downgrade+0x6e0/0x6e0 [ 71.409661][ T6543] __x64_sys_sendmmsg+0x99/0x100 [ 71.414582][ T6543] ? syscall_enter_from_user_mode+0x21/0x70 [ 71.420470][ T6543] do_syscall_64+0x35/0xb0 [ 71.424883][ T6543] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 71.430772][ T6543] RIP: 0033:0x7f877ea95759 [ 71.435169][ T6543] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 71.454908][ T6543] RSP: 002b:00007ffd61e762e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 71.463351][ T6543] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f877ea95759 [ 71.471309][ T6543] RDX: 0307017fdb7a66cb RSI: 0000000020002dc0