Warning: Permanently added '10.128.1.15' (ECDSA) to the list of known hosts. executing program [ 41.628499] FAULT_INJECTION: forcing a failure. [ 41.628499] name failslab, interval 1, probability 0, space 0, times 1 [ 41.640580] CPU: 0 PID: 7987 Comm: syz-executor425 Not tainted 4.14.302-syzkaller #0 [ 41.648556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 41.657888] Call Trace: [ 41.660454] dump_stack+0x1b2/0x281 [ 41.664066] should_fail.cold+0x10a/0x149 [ 41.668191] should_failslab+0xd6/0x130 [ 41.672140] __kmalloc+0x6d/0x400 [ 41.675567] ? tty_buffer_alloc+0xc0/0x270 [ 41.679775] tty_buffer_alloc+0xc0/0x270 [ 41.683831] __tty_buffer_request_room+0x12c/0x290 [ 41.688746] tty_insert_flip_string_fixed_flag+0x8b/0x210 [ 41.694260] tty_insert_flip_string_and_push_buffer+0x3e/0x160 [ 41.700203] pty_write+0xc3/0xf0 [ 41.703549] n_tty_write+0x85e/0xda0 [ 41.707235] ? n_tty_open+0x160/0x160 [ 41.711011] ? do_wait_intr_irq+0x270/0x270 [ 41.715306] ? __might_fault+0x177/0x1b0 [ 41.719338] tty_write+0x410/0x740 [ 41.722852] ? n_tty_open+0x160/0x160 [ 41.726632] __vfs_write+0xe4/0x630 [ 41.730231] ? tty_compat_ioctl+0x240/0x240 [ 41.734526] ? debug_check_no_obj_freed+0x2c0/0x680 [ 41.739513] ? kernel_read+0x110/0x110 [ 41.743383] ? common_file_perm+0x3ee/0x580 [ 41.747680] ? security_file_permission+0x82/0x1e0 [ 41.752588] ? rw_verify_area+0xe1/0x2a0 [ 41.756626] vfs_write+0x17f/0x4d0 [ 41.760161] SyS_write+0xf2/0x210 [ 41.763599] ? SyS_read+0x210/0x210 [ 41.767209] ? __do_page_fault+0x159/0xad0 [ 41.771415] ? do_syscall_64+0x4c/0x640 [ 41.775382] ? SyS_read+0x210/0x210 [ 41.778982] do_syscall_64+0x1d5/0x640 [ 41.782947] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 41.788109] RIP: 0033:0x7f1c39f41679 [ 41.791791] RSP: 002b:00007ffd889c2b48 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 41.799470] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1c39f41679 [ 41.806712] RDX: 000000000000ff2e RSI: 0000000020000080 RDI: 0000000000000003 [ 41.813960] RBP: 00007ffd889c2b50 R08: 0000000000000001 R09: 00007f1c39f00033 [ 41.821299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 41.828555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 41.835827] [ 41.835830] ====================================================== [ 41.835831] WARNING: possible circular locking dependency detected [ 41.835833] 4.14.302-syzkaller #0 Not tainted [ 41.835834] ------------------------------------------------------ [ 41.835836] syz-executor425/7987 is trying to acquire lock: [ 41.835837] (console_owner){....}, at: [] console_unlock+0x307/0xf20 [ 41.835841] [ 41.835842] but task is already holding lock: [ 41.835843] (&(&port->lock)->rlock){-.-.}, at: [] tty_insert_flip_string_and_push_buffer+0x2b/0x160 [ 41.835848] [ 41.835849] which lock already depends on the new lock. [ 41.835850] [ 41.835851] [ 41.835852] the existing dependency chain (in reverse order) is: [ 41.835853] [ 41.835854] -> #2 (&(&port->lock)->rlock){-.-.}: [ 41.835858] _raw_spin_lock_irqsave+0x8c/0xc0 [ 41.835859] tty_port_tty_get+0x1d/0x80 [ 41.835861] tty_port_default_wakeup+0x11/0x40 [ 41.835862] serial8250_tx_chars+0x3fe/0xc70 [ 41.835864] serial8250_handle_irq.part.0+0x2c7/0x390 [ 41.835865] serial8250_default_handle_irq+0x8a/0x1f0 [ 41.835866] serial8250_interrupt+0xf3/0x210 [ 41.835868] __handle_irq_event_percpu+0xee/0x7f0 [ 41.835869] handle_irq_event+0xed/0x240 [ 41.835870] handle_edge_irq+0x224/0xc40 [ 41.835872] handle_irq+0x35/0x50 [ 41.835873] do_IRQ+0x93/0x1d0 [ 41.835874] ret_from_intr+0x0/0x1e [ 41.835875] _raw_spin_unlock_irqrestore+0xa3/0xe0 [ 41.835876] uart_write+0x2dd/0x560 [ 41.835878] do_output_char+0x4f5/0x750 [ 41.835879] n_tty_write+0x3e3/0xda0 [ 41.835880] tty_write+0x410/0x740 [ 41.835881] redirected_tty_write+0x9c/0xb0 [ 41.835883] do_iter_write+0x3da/0x550 [ 41.835884] vfs_writev+0x125/0x290 [ 41.835885] do_writev+0xfc/0x2c0 [ 41.835886] do_syscall_64+0x1d5/0x640 [ 41.835888] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 41.835888] [ 41.835889] -> #1 (&port_lock_key){-.-.}: [ 41.835893] _raw_spin_lock_irqsave+0x8c/0xc0 [ 41.835895] serial8250_console_write+0x8cb/0xb40 [ 41.835896] console_unlock+0x99d/0xf20 [ 41.835897] vprintk_emit+0x224/0x620 [ 41.835898] vprintk_func+0x58/0x160 [ 41.835899] printk+0x9e/0xbc [ 41.835901] register_console+0x6f4/0xad0 [ 41.835902] univ8250_console_init+0x2f/0x3a [ 41.835903] console_init+0x46/0x53 [ 41.835904] start_kernel+0x521/0x763 [ 41.835906] secondary_startup_64+0xa5/0xb0 [ 41.835906] [ 41.835907] -> #0 (console_owner){....}: [ 41.835911] lock_acquire+0x170/0x3f0 [ 41.835912] console_unlock+0x36f/0xf20 [ 41.835913] vprintk_emit+0x224/0x620 [ 41.835915] vprintk_func+0x58/0x160 [ 41.835916] printk+0x9e/0xbc [ 41.835917] should_fail.cold+0xdf/0x149 [ 41.835918] should_failslab+0xd6/0x130 [ 41.835920] __kmalloc+0x6d/0x400 [ 41.835921] tty_buffer_alloc+0xc0/0x270 [ 41.835922] __tty_buffer_request_room+0x12c/0x290 [ 41.835924] tty_insert_flip_string_fixed_flag+0x8b/0x210 [ 41.835926] tty_insert_flip_string_and_push_buffer+0x3e/0x160 [ 41.835927] pty_write+0xc3/0xf0 [ 41.835928] n_tty_write+0x85e/0xda0 [ 41.835930] tty_write+0x410/0x740 [ 41.835931] __vfs_write+0xe4/0x630 [ 41.835932] vfs_write+0x17f/0x4d0 [ 41.835933] SyS_write+0xf2/0x210 [ 41.835934] do_syscall_64+0x1d5/0x640 [ 41.835936] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 41.835936] [ 41.835938] other info that might help us debug this: [ 41.835938] [ 41.835939] Chain exists of: [ 41.835940] console_owner --> &port_lock_key --> &(&port->lock)->rlock [ 41.835945] [ 41.835946] Possible unsafe locking scenario: [ 41.835947] [ 41.835948] CPU0 CPU1 [ 41.835950] ---- ---- [ 41.835950] lock(&(&port->lock)->rlock); [ 41.835953] lock(&port_lock_key); [ 41.835956] lock(&(&port->lock)->rlock); [ 41.835959] lock(console_owner); [ 41.835961] [ 41.835962] *** DEADLOCK *** [ 41.835962] [ 41.835964] 6 locks held by syz-executor425/7987: [ 41.835964] #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x22/0x80 [ 41.835969] #1: (&tty->atomic_write_lock){+.+.}, at: [] tty_write+0x22d/0x740 [ 41.835973] #2: (&tty->termios_rwsem){++++}, at: [] n_tty_write+0x18a/0xda0 [ 41.835978] #3: (&ldata->output_lock){+.+.}, at: [] n_tty_write+0x82b/0xda0 [ 41.835982] #4: (&(&port->lock)->rlock){-.-.}, at: [] tty_insert_flip_string_and_push_buffer+0x2b/0x160 [ 41.835987] #5: (console_lock){+.+.}, at: [] vprintk_func+0x58/0x160 [ 41.835991] [ 41.835992] stack backtrace: [ 41.835994] CPU: 0 PID: 7987 Comm: syz-executor425 Not tainted 4.14.302-syzkaller #0 [ 41.835997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 41.835998] Call Trace: [ 41.835999] dump_stack+0x1b2/0x281 [ 41.836000] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 41.836002] __lock_acquire+0x2e0e/0x3f20 [ 41.836003] ? trace_hardirqs_on+0x10/0x10 [ 41.836004] ? snprintf+0xd0/0xd0 [ 41.836005] ? console_unlock+0x34a/0xf20 [ 41.836006] lock_acquire+0x170/0x3f0 [ 41.836008] ? console_unlock+0x307/0xf20 [ 41.836009] console_unlock+0x36f/0xf20 [ 41.836010] ? console_unlock+0x307/0xf20 [ 41.836011] vprintk_emit+0x224/0x620 [ 41.836012] vprintk_func+0x58/0x160 [ 41.836013] printk+0x9e/0xbc [ 41.836014] ? log_store.cold+0x16/0x16 [ 41.836016] ? __lock_acquire+0x5fc/0x3f20 [ 41.836017] ? ___ratelimit+0x2b5/0x510 [ 41.836018] should_fail.cold+0xdf/0x149 [ 41.836019] should_failslab+0xd6/0x130 [ 41.836020] __kmalloc+0x6d/0x400 [ 41.836022] ? tty_buffer_alloc+0xc0/0x270 [ 41.836023] tty_buffer_alloc+0xc0/0x270 [ 41.836024] __tty_buffer_request_room+0x12c/0x290 [ 41.836026] tty_insert_flip_string_fixed_flag+0x8b/0x210 [ 41.836027] tty_insert_flip_string_and_push_buffer+0x3e/0x160 [ 41.836028] pty_write+0xc3/0xf0 [ 41.836030] n_tty_write+0x85e/0xda0 [ 41.836031] ? n_tty_open+0x160/0x160 [ 41.836032] ? do_wait_intr_irq+0x270/0x270 [ 41.836033] ? __might_fault+0x177/0x1b0 [ 41.836034] tty_write+0x410/0x740 [ 41.836035] ? n_tty_open+0x160/0x160 [ 41.836037] __vfs_write+0xe4/0x630 [ 41.836038] ? tty_compat_ioctl+0x240/0x240 [ 41.836039] ? debug_check_no_obj_freed+0x2c0/0x680 [ 41.836040] ? kernel_read+0x110/0x110 [ 41.836042] ? common_file_perm+0x3ee/0x580 [ 41.836043] ? security_file_permission+0x82/0x1e0 [ 41.836044] ? rw_verify_area+0xe1/0x2a0 [ 41.836045] vfs_write+0x17f/0x4d0 [ 41.836046] SyS_write+0xf2/0x210 [ 41.836048] ? SyS_read+0x210/0x210 [ 41.836049] ? __do_page_fault+0x159/0xad0 [ 41.836050] ? do_syscall_64+0x4c/0x640 [ 41.836051] ? SyS_read+0x210/0x210 [ 41.836052] do_syscall_64+0x1d5/0x640 [ 41.836054] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 41.836055] RIP: 0033:0x7f1c39f41679 [ 41.836056] RSP: 002b:00007ffd889c2b48 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 41.836059] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f1c39f41679 [ 41.836061] RDX: 000000000000ff2e RSI: 0000000020000080 RDI: 0000000000000003 [ 41.836063] RBP: 00007ffd889c2b50 R08: 0000000000000001 R09: 00007f1c39f00033 [ 41.836065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 41.836067] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000