./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor361949696
<...>
Warning: Permanently added '10.128.0.183' (ECDSA) to the list of known hosts.
execve("./syz-executor361949696", ["./syz-executor361949696"], 0x7fff4eee1160 /* 10 vars */) = 0
brk(NULL) = 0x555556376000
brk(0x555556376c40) = 0x555556376c40
arch_prctl(ARCH_SET_FS, 0x555556376300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor361949696", 4096) = 27
brk(0x555556397c40) = 0x555556397c40
brk(0x555556398000) = 0x555556398000
mprotect(0x7f4884bd7000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 3
ioctl(3, TIOCSPTLCK, [0]) = 0
ioctl(3, TIOCGPTN, [0]) = 0
openat(AT_FDCWD, "/dev/pts/0", O_RDWR) = 4
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
write(5, "3", 1) = 1
syzkaller login: [ 48.416470][ T3605] FAULT_INJECTION: forcing a failure.
[ 48.416470][ T3605] name failslab, interval 1, probability 0, space 0, times 1
[ 48.416646][ T3605]
[ 48.416652][ T3605] ======================================================
[ 48.416658][ T3605] WARNING: possible circular locking dependency detected
[ 48.416664][ T3605] 5.18.0-rc6-syzkaller-00015-g0ac824f379fb #0 Not tainted
[ 48.416675][ T3605] ------------------------------------------------------
[ 48.416680][ T3605] syz-executor361/3605 is trying to acquire lock:
[ 48.416689][ T3605] ffffffff8bc90700 (console_owner){....}-{0:0}, at: console_unlock+0x35e/0xdd0
[ 48.416749][ T3605]
[ 48.416749][ T3605] but task is already holding lock:
[ 48.416753][ T3605] ffff888076b27158 (&port->lock){-.-.}-{2:2}, at: pty_write+0xea/0x1e0
[ 48.416797][ T3605]
[ 48.416797][ T3605] which lock already depends on the new lock.
[ 48.416797][ T3605]
[ 48.416802][ T3605]
[ 48.416802][ T3605] the existing dependency chain (in reverse order) is:
[ 48.416807][ T3605]
[ 48.416807][ T3605] -> #2 (&port->lock){-.-.}-{2:2}:
[ 48.416831][ T3605] _raw_spin_lock_irqsave+0x39/0x50
[ 48.416861][ T3605] tty_port_tty_get+0x1f/0x100
[ 48.416881][ T3605] tty_port_default_wakeup+0x11/0x40
[ 48.416898][ T3605] serial8250_tx_chars+0x4f3/0xa50
[ 48.416916][ T3605] serial8250_handle_irq.part.0+0x328/0x3d0
[ 48.416930][ T3605] serial8250_default_handle_irq+0xb2/0x220
[ 48.416945][ T3605] serial8250_interrupt+0xfd/0x200
[ 48.416960][ T3605] __handle_irq_event_percpu+0x22b/0x880
[ 48.416974][ T3605] handle_irq_event+0xa7/0x1e0
[ 48.416984][ T3605] handle_edge_irq+0x25f/0xd00
[ 48.416997][ T3605] __common_interrupt+0x9d/0x210
[ 48.417010][ T3605] common_interrupt+0xa4/0xc0
[ 48.417025][ T3605] asm_common_interrupt+0x1e/0x40
[ 48.417038][ T3605] acpi_idle_do_entry+0x1c6/0x250
[ 48.417051][ T3605] acpi_idle_enter+0x361/0x500
[ 48.417062][ T3605] cpuidle_enter_state+0x1b1/0xc80
[ 48.417074][ T3605] cpuidle_enter+0x4a/0xa0
[ 48.417084][ T3605] do_idle+0x3e8/0x590
[ 48.417095][ T3605] cpu_startup_entry+0x14/0x20
[ 48.417105][ T3605] rest_init+0x169/0x270
[ 48.417116][ T3605] arch_call_rest_init+0xf/0x14
[ 48.417128][ T3605] start_kernel+0x47f/0x4a0
[ 48.417138][ T3605] secondary_startup_64_no_verify+0xc3/0xcb
[ 48.417153][ T3605]
[ 48.417153][ T3605] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 48.417170][ T3605] _raw_spin_lock_irqsave+0x39/0x50
[ 48.417182][ T3605] serial8250_console_write+0x9cb/0xc30
[ 48.417197][ T3605] console_unlock+0x9bc/0xdd0
[ 48.417209][ T3605] vprintk_emit+0x1b4/0x5f0
[ 48.417222][ T3605] vprintk+0x80/0x90
[ 48.417235][ T3605] _printk+0xba/0xed
[ 48.417247][ T3605] register_console+0x410/0x7c0
[ 48.417260][ T3605] univ8250_console_init+0x3a/0x46
[ 48.417274][ T3605] console_init+0x3c1/0x58d
[ 48.417288][ T3605] start_kernel+0x30b/0x4a0
[ 48.417298][ T3605] secondary_startup_64_no_verify+0xc3/0xcb
[ 48.417311][ T3605]
[ 48.417311][ T3605] -> #0 (console_owner){....}-{0:0}:
[ 48.417325][ T3605] __lock_acquire+0x2ac6/0x56c0
[ 48.417348][ T3605] lock_acquire+0x1ab/0x510
[ 48.417362][ T3605] console_unlock+0x3b1/0xdd0
[ 48.417375][ T3605] vprintk_emit+0x1b4/0x5f0
[ 48.417388][ T3605] vprintk+0x80/0x90
[ 48.417401][ T3605] _printk+0xba/0xed
[ 48.417411][ T3605] should_fail+0x472/0x5a0
[ 48.417423][ T3605] should_failslab+0x5/0x10
[ 48.417437][ T3605] __kmalloc+0x7e/0x350
[ 48.417449][ T3605] tty_buffer_alloc+0x23f/0x2a0
[ 48.417462][ T3605] __tty_buffer_request_room+0x156/0x2a0
[ 48.417476][ T3605] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 48.417489][ T3605] pty_write+0x11c/0x1e0
[ 48.417503][ T3605] n_tty_write+0x410/0xfc0
[ 48.417513][ T3605] file_tty_write.constprop.0+0x520/0x900
[ 48.417528][ T3605] new_sync_write+0x38a/0x560
[ 48.417539][ T3605] vfs_write+0x7c0/0xac0
[ 48.417550][ T3605] ksys_write+0x127/0x250
[ 48.417560][ T3605] do_syscall_64+0x35/0xb0
[ 48.417573][ T3605] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 48.417586][ T3605]
[ 48.417586][ T3605] other info that might help us debug this:
[ 48.417586][ T3605]
[ 48.417589][ T3605] Chain exists of:
[ 48.417589][ T3605] console_owner --> &port_lock_key --> &port->lock
[ 48.417589][ T3605]
[ 48.417612][ T3605] Possible unsafe locking scenario:
[ 48.417612][ T3605]
[ 48.417614][ T3605] CPU0 CPU1
[ 48.417617][ T3605] ---- ----
[ 48.417619][ T3605] lock(&port->lock);
[ 48.417625][ T3605] lock(&port_lock_key);
[ 48.417632][ T3605] lock(&port->lock);
[ 48.417639][ T3605] lock(console_owner);
[ 48.417645][ T3605]
[ 48.417645][ T3605] *** DEADLOCK ***
[ 48.417645][ T3605]
[ 48.417647][ T3605] 6 locks held by syz-executor361/3605:
[ 48.417654][ T3605] #0: ffff888074874098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80
[ 48.417682][ T3605] #1: ffff888074874130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x299/0x900
[ 48.417714][ T3605] #2: ffff8880748742e8 (&o_tty->termios_rwsem/1){++++}-{3:3}, at: n_tty_write+0x1bf/0xfc0
[ 48.417743][ T3605] #3: ffffc900013ec378 (&ldata->output_lock){+.+.}-{3:3}, at: n_tty_write+0x53c/0xfc0
[ 48.417770][ T3605] #4: ffff888076b27158 (&port->lock){-.-.}-{2:2}, at: pty_write+0xea/0x1e0
[ 48.417797][ T3605] #5: ffffffff8bd70b40 (console_lock){+.+.}-{0:0}, at: vprintk+0x80/0x90
[ 48.417826][ T3605]
[ 48.417826][ T3605] stack backtrace:
[ 48.417830][ T3605] CPU: 0 PID: 3605 Comm: syz-executor361 Not tainted 5.18.0-rc6-syzkaller-00015-g0ac824f379fb #0
[ 48.417844][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 48.417853][ T3605] Call Trace:
[ 48.417857][ T3605]
[ 48.417862][ T3605] dump_stack_lvl+0xcd/0x134
[ 48.417879][ T3605] check_noncircular+0x25f/0x2e0
[ 48.417893][ T3605] ? filter_irq_stacks+0x90/0x90
[ 48.417909][ T3605] ? print_circular_bug+0x1e0/0x1e0
[ 48.417923][ T3605] ? pointer+0x950/0x950
[ 48.417937][ T3605] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 48.417955][ T3605] ? add_lock_to_list.constprop.0+0x185/0x370
[ 48.417971][ T3605] __lock_acquire+0x2ac6/0x56c0
[ 48.417988][ T3605] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 48.418003][ T3605] ? msg_add_ext_text+0x1d0/0x1d0
[ 48.418023][ T3605] lock_acquire+0x1ab/0x510
[ 48.418045][ T3605] ? console_unlock+0x35e/0xdd0
[ 48.418063][ T3605] ? lock_release+0x720/0x720
[ 48.418076][ T3605] ? lock_downgrade+0x6e0/0x6e0
[ 48.418089][ T3605] ? do_raw_spin_lock+0x120/0x2a0
[ 48.418104][ T3605] ? rwlock_bug.part.0+0x90/0x90
[ 48.418119][ T3605] ? prb_final_commit+0x64/0xa0
[ 48.418134][ T3605] console_unlock+0x3b1/0xdd0
[ 48.418148][ T3605] ? console_unlock+0x35e/0xdd0
[ 48.418163][ T3605] ? devkmsg_read+0x730/0x730
[ 48.418177][ T3605] ? lock_release+0x720/0x720
[ 48.418193][ T3605] ? vprintk+0x80/0x90
[ 48.418207][ T3605] vprintk_emit+0x1b4/0x5f0
[ 48.418221][ T3605] ? add_lock_to_list.constprop.0+0x185/0x370
[ 48.418236][ T3605] vprintk+0x80/0x90
[ 48.418250][ T3605] _printk+0xba/0xed
[ 48.418263][ T3605] ? record_print_text.cold+0x16/0x16
[ 48.418278][ T3605] ? ___ratelimit+0x222/0x4b0
[ 48.418290][ T3605] should_fail+0x472/0x5a0
[ 48.418303][ T3605] should_failslab+0x5/0x10
[ 48.418314][ T3605] __kmalloc+0x7e/0x350
[ 48.418325][ T3605] ? tty_buffer_alloc+0x23f/0x2a0
[ 48.418338][ T3605] tty_buffer_alloc+0x23f/0x2a0
[ 48.418351][ T3605] __tty_buffer_request_room+0x156/0x2a0
[ 48.418365][ T3605] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 48.418381][ T3605] pty_write+0x11c/0x1e0
[ 48.418394][ T3605] ? ptmx_open+0x360/0x360
[ 48.418407][ T3605] n_tty_write+0x410/0xfc0
[ 48.418422][ T3605] ? n_tty_check_unthrottle+0x440/0x440
[ 48.418434][ T3605] ? rcu_read_lock_sched_held+0x3a/0x70
[ 48.418449][ T3605] ? __init_waitqueue_head+0xd0/0xd0
[ 48.418463][ T3605] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 48.418476][ T3605] ? __phys_addr+0xc4/0x140
[ 48.418490][ T3605] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 48.418503][ T3605] ? __phys_addr_symbol+0x2c/0x70
[ 48.418516][ T3605] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 48.418528][ T3605] ? __check_object_size+0x16c/0x4f0
[ 48.418543][ T3605] file_tty_write.constprop.0+0x520/0x900
[ 48.418559][ T3605] ? n_tty_check_unthrottle+0x440/0x440
[ 48.418572][ T3605] new_sync_write+0x38a/0x560
[ 48.418584][ T3605] ? new_sync_read+0x5f0/0x5f0
[ 48.418595][ T3605] ? _raw_spin_lock_irq+0x41/0x50
[ 48.418615][ T3605] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 48.418628][ T3605] ? security_file_permission+0xab/0xd0
[ 48.418644][ T3605] vfs_write+0x7c0/0xac0
[ 48.418656][ T3605] ksys_write+0x127/0x250
[ 48.418667][ T3605] ? __ia32_sys_read+0xb0/0xb0
[ 48.418678][ T3605] ? lockdep_hardirqs_on+0x79/0x100
[ 48.418690][ T3605] ? _raw_spin_unlock_irq+0x2a/0x40
[ 48.418703][ T3605] ? ptrace_notify+0xfa/0x140
[ 48.418719][ T3605] do_syscall_64+0x35/0xb0
[ 48.418733][ T3605] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 48.418748][ T3605] RIP: 0033:0x7f4884b6a789
[ 48.418759][ T3605] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 48.418771][ T3605] RSP: 002b:00007ffcb28b1dc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 48.418783][ T3605] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f4884b6a789
[ 48.418791][ T3605] RDX: 0000000000000008 RSI: 00000000200000c0 RDI: 0000000000000004
[ 48.418799][ T3605] RBP: 00007ffcb28b1de0 R08: 0000000000000001 R09: 0000000000000001
[ 48.418806][ T3605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 48.418814][ T3605] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 48.418825][ T3605]
[ 49.374484][ T3605] CPU: 0 PID: 3605 Comm: syz-executor361 Not tainted 5.18.0-rc6-syzkaller-00015-g0ac824f379fb #0
[ 49.384967][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.395091][ T3605] Call Trace:
[ 49.398357][ T3605]
[ 49.401271][ T3605] dump_stack_lvl+0xcd/0x134
[ 49.405859][ T3605] should_fail.cold+0x5/0xa
[ 49.410353][ T3605] should_failslab+0x5/0x10
[ 49.414845][ T3605] __kmalloc+0x7e/0x350
[ 49.418987][ T3605] ? tty_buffer_alloc+0x23f/0x2a0
[ 49.424007][ T3605] tty_buffer_alloc+0x23f/0x2a0
[ 49.428844][ T3605] __tty_buffer_request_room+0x156/0x2a0
[ 49.434466][ T3605] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 49.440699][ T3605] pty_write+0x11c/0x1e0
[ 49.444978][ T3605] ? ptmx_open+0x360/0x360
[ 49.449395][ T3605] n_tty_write+0x410/0xfc0
[ 49.453813][ T3605] ? n_tty_check_unthrottle+0x440/0x440
[ 49.459345][ T3605] ? rcu_read_lock_sched_held+0x3a/0x70
[ 49.464882][ T3605] ? __init_waitqueue_head+0xd0/0xd0
[ 49.470155][ T3605] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 49.476383][ T3605] ? __phys_addr+0xc4/0x140
[ 49.480875][ T3605] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 49.487102][ T3605] ? __phys_addr_symbol+0x2c/0x70
[ 49.492114][ T3605] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 49.497993][ T3605] ? __check_object_size+0x16c/0x4f0
[ 49.503273][ T3605] file_tty_write.constprop.0+0x520/0x900
[ 49.508987][ T3605] ? n_tty_check_unthrottle+0x440/0x440
[ 49.514522][ T3605] new_sync_write+0x38a/0x560
[ 49.519192][ T3605] ? new_sync_read+0x5f0/0x5f0
[ 49.523944][ T3605] ? _raw_spin_lock_irq+0x41/0x50
[ 49.528968][ T3605] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 49.535221][ T3605] ? security_file_permission+0xab/0xd0
[ 49.540758][ T3605] vfs_write+0x7c0/0xac0
[ 49.544989][ T3605] ksys_write+0x127/0x250
[ 49.549306][ T3605] ? __ia32_sys_read+0xb0/0xb0
[ 49.554222][ T3605] ? lockdep_hardirqs_on+0x79/0x100
[ 49.559405][ T3605] ? _raw_spin_unlock_irq+0x2a/0x40
[ 49.564591][ T3605] ? ptrace_notify+0xfa/0x140
[ 49.569260][ T3605] do_syscall_64+0x35/0xb0
[ 49.573682][ T3605] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.579585][ T3605] RIP: 0033:0x7f4884b6a789
[ 49.584002][ T3605] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 49.603605][ T3605] RSP: 002b:00007ffcb28b1dc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 49.612012][ T3605] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f4884b6a789
write(4, "\x8c\x14\x60\x58\x17\xb7\x44\x0d", 8) = 8
exit_group(0) = ?
+++ exited with 0 +++
[ 49.619976][ T3605] RDX: 0000000000000008 RSI