./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1955368990 <...> Warning: Permanently added '10.128.0.157' (ECDSA) to the list of known hosts. execve("./syz-executor1955368990", ["./syz-executor1955368990"], 0x7ffdac8e5c70 /* 10 vars */) = 0 brk(NULL) = 0x5555566a8000 brk(0x5555566a8c40) = 0x5555566a8c40 arch_prctl(ARCH_SET_FS, 0x5555566a8300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1955368990", 4096) = 28 brk(0x5555566c9c40) = 0x5555566c9c40 brk(0x5555566ca000) = 0x5555566ca000 mprotect(0x7f642e5fc000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 open(".", O_RDONLY) = 3 open(".", O_RDONLY) = 4 fcntl(4, F_NOTIFY, DN_ACCESS|DN_CREATE) = 0 fcntl(4, F_SETOWN, -1) = 0 symlinkat("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 3, "./file0") = 0 openat(AT_FDCWD, "/dev/input/event0", O_WRONLY|O_CREAT|O_SYNC|O_NOFOLLOW, 000) = 5 ioctl(-1, EVIOCSFF, {type=0 /* FF_??? */, id=0, direction=0, ...}) = -1 EBADF (Bad file descriptor) ioctl(5, FIOASYNC, [4]) = 0 syzkaller login: [ 48.965275][ T3608] [ 48.967628][ T3608] ===================================================== [ 48.974534][ T3608] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 48.981974][ T3608] 5.19.0-rc6-syzkaller-00115-g4a57a8400075 #0 Not tainted [ 48.989067][ T3608] ----------------------------------------------------- [ 48.995977][ T3608] syz-executor195/3608 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 49.004047][ T3608] ffff88801e1bd530 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x24/0x380 [ 49.012824][ T3608] [ 49.012824][ T3608] and this task is already holding: [ 49.020181][ T3608] ffff888071965018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x136/0x470 [ 49.028884][ T3608] which would create a new lock dependency: [ 49.034850][ T3608] (&new->fa_lock){....}-{2:2} -> (&f->f_owner.lock){....}-{2:2} [ 49.042627][ T3608] [ 49.042627][ T3608] but this new dependency connects a HARDIRQ-irq-safe lock: [ 49.052062][ T3608] (&dev->event_lock#2){-...}-{2:2} [ 49.052092][ T3608] [ 49.052092][ T3608] ... which became HARDIRQ-irq-safe at: [ 49.064976][ T3608] lock_acquire+0x1ab/0x570 [ 49.069565][ T3608] _raw_spin_lock_irqsave+0x39/0x50 [ 49.074856][ T3608] input_event+0x7b/0xb0 [ 49.079189][ T3608] psmouse_report_standard_buttons+0x2c/0x80 [ 49.085338][ T3608] psmouse_process_byte+0x1e1/0x890 [ 49.090641][ T3608] psmouse_handle_byte+0x41/0x1b0 [ 49.095743][ T3608] psmouse_interrupt+0x304/0xf00 [ 49.100757][ T3608] serio_interrupt+0x88/0x150 [ 49.105515][ T3608] i8042_interrupt+0x27a/0x520 [ 49.110365][ T3608] __handle_irq_event_percpu+0x22b/0x880 [ 49.116095][ T3608] handle_irq_event+0xa7/0x1e0 [ 49.121132][ T3608] handle_edge_irq+0x25f/0xd00 [ 49.125998][ T3608] __common_interrupt+0x9d/0x210 [ 49.131028][ T3608] common_interrupt+0xa4/0xc0 [ 49.135791][ T3608] asm_common_interrupt+0x22/0x40 [ 49.140916][ T3608] acpi_idle_do_entry+0x1c9/0x240 [ 49.146143][ T3608] acpi_idle_enter+0x369/0x510 [ 49.150996][ T3608] cpuidle_enter_state+0x1b1/0xc80 [ 49.156191][ T3608] cpuidle_enter+0x4a/0xa0 [ 49.160690][ T3608] do_idle+0x3e8/0x590 [ 49.164857][ T3608] cpu_startup_entry+0x14/0x20 [ 49.169706][ T3608] start_secondary+0x21d/0x2b0 [ 49.174558][ T3608] secondary_startup_64_no_verify+0xce/0xdb [ 49.180536][ T3608] [ 49.180536][ T3608] to a HARDIRQ-irq-unsafe lock: [ 49.187543][ T3608] (tasklist_lock){.+.+}-{2:2} [ 49.187567][ T3608] [ 49.187567][ T3608] ... which became HARDIRQ-irq-unsafe at: [ 49.200187][ T3608] ... [ 49.200192][ T3608] lock_acquire+0x1ab/0x570 [ 49.207353][ T3608] _raw_read_lock+0x5b/0x70 [ 49.211937][ T3608] do_wait+0x284/0xce0 [ 49.216091][ T3608] kernel_wait+0x9c/0x150 [ 49.220512][ T3608] call_usermodehelper_exec_work+0xf5/0x180 [ 49.226494][ T3608] process_one_work+0x996/0x1610 [ 49.231510][ T3608] worker_thread+0x665/0x1080 [ 49.236267][ T3608] kthread+0x2e9/0x3a0 [ 49.240440][ T3608] ret_from_fork+0x1f/0x30 [ 49.244954][ T3608] [ 49.244954][ T3608] other info that might help us debug this: [ 49.244954][ T3608] [ 49.255176][ T3608] Chain exists of: [ 49.255176][ T3608] &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock [ 49.255176][ T3608] [ 49.268165][ T3608] Possible interrupt unsafe locking scenario: [ 49.268165][ T3608] [ 49.276476][ T3608] CPU0 CPU1 [ 49.281830][ T3608] ---- ---- [ 49.287183][ T3608] lock(tasklist_lock); [ 49.291416][ T3608] local_irq_disable(); [ 49.298156][ T3608] lock(&dev->event_lock#2); [ 49.305439][ T3608] lock(&new->fa_lock); [ 49.312190][ T3608] [ 49.315629][ T3608] lock(&dev->event_lock#2); [ 49.320477][ T3608] [ 49.320477][ T3608] *** DEADLOCK *** [ 49.320477][ T3608] [ 49.328608][ T3608] 8 locks held by syz-executor195/3608: [ 49.334138][ T3608] #0: ffff888147f37110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x1d3/0x760 [ 49.343273][ T3608] #1: ffff88801b513230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0xa6/0x320 [ 49.353362][ T3608] #2: ffffffff8bd870a0 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0x92/0x320 [ 49.363011][ T3608] #3: ffffffff8bd870a0 (rcu_read_lock){....}-{1:2}, at: input_pass_values.part.0+0x0/0x710 [ 49.373101][ T3608] #4: ffffffff8bd870a0 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x59/0x3e0 [ 49.382238][ T3608] #5: ffff8880174b0028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xf6/0x970 [ 49.393019][ T3608] #6: ffffffff8bd870a0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x41/0x470 [ 49.402152][ T3608] #7: ffff888071965018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x136/0x470 [ 49.411281][ T3608] [ 49.411281][ T3608] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 49.421682][ T3608] -> (&dev->event_lock#2){-...}-{2:2} { [ 49.427419][ T3608] IN-HARDIRQ-W at: [ 49.431562][ T3608] lock_acquire+0x1ab/0x570 [ 49.438053][ T3608] _raw_spin_lock_irqsave+0x39/0x50 [ 49.445244][ T3608] input_event+0x7b/0xb0 [ 49.451474][ T3608] psmouse_report_standard_buttons+0x2c/0x80 [ 49.459444][ T3608] psmouse_process_byte+0x1e1/0x890 [ 49.466631][ T3608] psmouse_handle_byte+0x41/0x1b0 [ 49.473654][ T3608] psmouse_interrupt+0x304/0xf00 [ 49.480579][ T3608] serio_interrupt+0x88/0x150 [ 49.487243][ T3608] i8042_interrupt+0x27a/0x520 [ 49.494010][ T3608] __handle_irq_event_percpu+0x22b/0x880 [ 49.501636][ T3608] handle_irq_event+0xa7/0x1e0 [ 49.508388][ T3608] handle_edge_irq+0x25f/0xd00 [ 49.515143][ T3608] __common_interrupt+0x9d/0x210 [ 49.522068][ T3608] common_interrupt+0xa4/0xc0 [ 49.528824][ T3608] asm_common_interrupt+0x22/0x40 [ 49.535836][ T3608] acpi_idle_do_entry+0x1c9/0x240 [ 49.542855][ T3608] acpi_idle_enter+0x369/0x510 [ 49.549610][ T3608] cpuidle_enter_state+0x1b1/0xc80 [ 49.556710][ T3608] cpuidle_enter+0x4a/0xa0 [ 49.563113][ T3608] do_idle+0x3e8/0x590 [ 49.569172][ T3608] cpu_startup_entry+0x14/0x20 [ 49.575924][ T3608] start_secondary+0x21d/0x2b0 [ 49.582685][ T3608] secondary_startup_64_no_verify+0xce/0xdb [ 49.590572][ T3608] INITIAL USE at: [ 49.594628][ T3608] lock_acquire+0x1ab/0x570 [ 49.601031][ T3608] _raw_spin_lock_irqsave+0x39/0x50 [ 49.608136][ T3608] input_inject_event+0xa6/0x320 [ 49.614975][ T3608] led_set_brightness_nosleep+0xe6/0x1a0 [ 49.622510][ T3608] led_set_brightness+0x134/0x170 [ 49.629439][ T3608] led_trigger_event+0xb0/0x200 [ 49.636195][ T3608] kbd_led_trigger_activate+0xc9/0x100 [ 49.643555][ T3608] led_trigger_set+0x5d7/0xaf0 [ 49.650223][ T3608] led_trigger_set_default+0x1a6/0x230 [ 49.657586][ T3608] led_classdev_register_ext+0x56f/0x770 [ 49.665122][ T3608] input_leds_connect+0x4bd/0x860 [ 49.672047][ T3608] input_attach_handler+0x180/0x1f0 [ 49.679145][ T3608] input_register_device.cold+0xf0/0x304 [ 49.686683][ T3608] atkbd_connect+0x749/0xa10 [ 49.693177][ T3608] serio_driver_probe+0x72/0xa0 [ 49.699934][ T3608] really_probe+0x23e/0xb90 [ 49.706354][ T3608] __driver_probe_device+0x338/0x4d0 [ 49.713542][ T3608] driver_probe_device+0x4c/0x1a0 [ 49.720471][ T3608] __driver_attach+0x22d/0x550 [ 49.727142][ T3608] bus_for_each_dev+0x147/0x1d0 [ 49.733893][ T3608] serio_handle_event+0x5f6/0xa30 [ 49.740836][ T3608] process_one_work+0x996/0x1610 [ 49.747690][ T3608] worker_thread+0x665/0x1080 [ 49.754266][ T3608] kthread+0x2e9/0x3a0 [ 49.760239][ T3608] ret_from_fork+0x1f/0x30 [ 49.766561][ T3608] } [ 49.769220][ T3608] ... key at: [] __key.7+0x0/0x40 [ 49.776496][ T3608] -> (&client->buffer_lock){....}-{2:2} { [ 49.782402][ T3608] INITIAL USE at: [ 49.786369][ T3608] lock_acquire+0x1ab/0x570 [ 49.792609][ T3608] _raw_spin_lock+0x2a/0x40 [ 49.798850][ T3608] evdev_pass_values.part.0+0xf6/0x970 [ 49.806040][ T3608] evdev_events+0x359/0x3e0 [ 49.812272][ T3608] input_to_handler+0x2a0/0x4c0 [ 49.818864][ T3608] input_pass_values.part.0+0x230/0x710 [ 49.826139][ T3608] input_handle_event+0x373/0x1440 [ 49.833417][ T3608] input_inject_event+0x1bd/0x320 [ 49.840183][ T3608] evdev_write+0x430/0x760 [ 49.846333][ T3608] vfs_write+0x269/0xac0 [ 49.852324][ T3608] ksys_write+0x1e8/0x250 [ 49.858402][ T3608] do_syscall_64+0x35/0xb0 [ 49.864557][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 49.872182][ T3608] } [ 49.874766][ T3608] ... key at: [] __key.3+0x0/0x40 [ 49.881983][ T3608] ... acquired at: [ 49.885859][ T3608] _raw_spin_lock+0x2a/0x40 [ 49.890532][ T3608] evdev_pass_values.part.0+0xf6/0x970 [ 49.896161][ T3608] evdev_events+0x359/0x3e0 [ 49.900837][ T3608] input_to_handler+0x2a0/0x4c0 [ 49.905859][ T3608] input_pass_values.part.0+0x230/0x710 [ 49.911570][ T3608] input_handle_event+0x373/0x1440 [ 49.916860][ T3608] input_inject_event+0x1bd/0x320 [ 49.922067][ T3608] evdev_write+0x430/0x760 [ 49.926665][ T3608] vfs_write+0x269/0xac0 [ 49.931084][ T3608] ksys_write+0x1e8/0x250 [ 49.935589][ T3608] do_syscall_64+0x35/0xb0 [ 49.940178][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 49.946249][ T3608] [ 49.948562][ T3608] -> (&new->fa_lock){....}-{2:2} { [ 49.953685][ T3608] INITIAL READ USE at: [ 49.958003][ T3608] lock_acquire+0x1ab/0x570 [ 49.964499][ T3608] _raw_read_lock_irqsave+0x70/0x90 [ 49.971704][ T3608] kill_fasync+0x136/0x470 [ 49.978111][ T3608] evdev_pass_values.part.0+0x64e/0x970 [ 49.985649][ T3608] evdev_events+0x359/0x3e0 [ 49.992144][ T3608] input_to_handler+0x2a0/0x4c0 [ 49.998990][ T3608] input_pass_values.part.0+0x230/0x710 [ 50.006526][ T3608] input_handle_event+0x373/0x1440 [ 50.013629][ T3608] input_inject_event+0x1bd/0x320 [ 50.020649][ T3608] evdev_write+0x430/0x760 [ 50.027056][ T3608] vfs_write+0x269/0xac0 [ 50.033304][ T3608] ksys_write+0x1e8/0x250 [ 50.039625][ T3608] do_syscall_64+0x35/0xb0 [ 50.046046][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.053949][ T3608] } [ 50.056459][ T3608] ... key at: [] __key.0+0x0/0x40 [ 50.063574][ T3608] ... acquired at: [ 50.067370][ T3608] _raw_read_lock_irqsave+0x70/0x90 [ 50.072743][ T3608] kill_fasync+0x136/0x470 [ 50.077332][ T3608] evdev_pass_values.part.0+0x64e/0x970 [ 50.083051][ T3608] evdev_events+0x359/0x3e0 [ 50.087723][ T3608] input_to_handler+0x2a0/0x4c0 [ 50.092744][ T3608] input_pass_values.part.0+0x230/0x710 [ 50.098457][ T3608] input_handle_event+0x373/0x1440 [ 50.103747][ T3608] input_inject_event+0x1bd/0x320 [ 50.108938][ T3608] evdev_write+0x430/0x760 [ 50.113522][ T3608] vfs_write+0x269/0xac0 [ 50.117935][ T3608] ksys_write+0x1e8/0x250 [ 50.122433][ T3608] do_syscall_64+0x35/0xb0 [ 50.127020][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.133082][ T3608] [ 50.135393][ T3608] [ 50.135393][ T3608] the dependencies between the lock to be acquired [ 50.135401][ T3608] and HARDIRQ-irq-unsafe lock: [ 50.148903][ T3608] -> (tasklist_lock){.+.+}-{2:2} { [ 50.154111][ T3608] HARDIRQ-ON-R at: [ 50.158168][ T3608] lock_acquire+0x1ab/0x570 [ 50.164485][ T3608] _raw_read_lock+0x5b/0x70 [ 50.170804][ T3608] do_wait+0x284/0xce0 [ 50.176696][ T3608] kernel_wait+0x9c/0x150 [ 50.182841][ T3608] call_usermodehelper_exec_work+0xf5/0x180 [ 50.190551][ T3608] process_one_work+0x996/0x1610 [ 50.197304][ T3608] worker_thread+0x665/0x1080 [ 50.203804][ T3608] kthread+0x2e9/0x3a0 [ 50.209705][ T3608] ret_from_fork+0x1f/0x30 [ 50.215940][ T3608] SOFTIRQ-ON-R at: [ 50.219995][ T3608] lock_acquire+0x1ab/0x570 [ 50.226316][ T3608] _raw_read_lock+0x5b/0x70 [ 50.232642][ T3608] do_wait+0x284/0xce0 [ 50.238536][ T3608] kernel_wait+0x9c/0x150 [ 50.244681][ T3608] call_usermodehelper_exec_work+0xf5/0x180 [ 50.252391][ T3608] process_one_work+0x996/0x1610 [ 50.259147][ T3608] worker_thread+0x665/0x1080 [ 50.265640][ T3608] kthread+0x2e9/0x3a0 [ 50.271524][ T3608] ret_from_fork+0x1f/0x30 [ 50.277759][ T3608] INITIAL USE at: [ 50.281737][ T3608] lock_acquire+0x1ab/0x570 [ 50.287985][ T3608] _raw_write_lock_irq+0x32/0x50 [ 50.294662][ T3608] copy_process+0x445e/0x7020 [ 50.301070][ T3608] kernel_clone+0xe7/0xab0 [ 50.307214][ T3608] user_mode_thread+0xad/0xe0 [ 50.313624][ T3608] rest_init+0x23/0x270 [ 50.319528][ T3608] arch_call_rest_init+0xf/0x14 [ 50.326117][ T3608] start_kernel+0x46e/0x48f [ 50.332350][ T3608] secondary_startup_64_no_verify+0xce/0xdb [ 50.339992][ T3608] INITIAL READ USE at: [ 50.344400][ T3608] lock_acquire+0x1ab/0x570 [ 50.351069][ T3608] _raw_read_lock+0x5b/0x70 [ 50.357743][ T3608] do_wait+0x284/0xce0 [ 50.363981][ T3608] kernel_wait+0x9c/0x150 [ 50.370476][ T3608] call_usermodehelper_exec_work+0xf5/0x180 [ 50.378531][ T3608] process_one_work+0x996/0x1610 [ 50.385635][ T3608] worker_thread+0x665/0x1080 [ 50.392477][ T3608] kthread+0x2e9/0x3a0 [ 50.398708][ T3608] ret_from_fork+0x1f/0x30 [ 50.405287][ T3608] } [ 50.407862][ T3608] ... key at: [] tasklist_lock+0x18/0x40 [ 50.415666][ T3608] ... acquired at: [ 50.419540][ T3608] _raw_read_lock+0x5b/0x70 [ 50.424216][ T3608] send_sigio+0xab/0x380 [ 50.428637][ T3608] dnotify_handle_event+0x148/0x280 [ 50.434016][ T3608] fsnotify_handle_inode_event.isra.0+0x22e/0x370 [ 50.440618][ T3608] fsnotify+0xec5/0x13a0 [ 50.445038][ T3608] vfs_symlink+0x242/0x2c0 [ 50.449623][ T3608] do_symlinkat+0x261/0x2e0 [ 50.454296][ T3608] __x64_sys_symlinkat+0x93/0xc0 [ 50.459400][ T3608] do_syscall_64+0x35/0xb0 [ 50.463989][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.470056][ T3608] [ 50.472374][ T3608] -> (&f->f_owner.lock){....}-{2:2} { [ 50.477756][ T3608] INITIAL USE at: [ 50.481640][ T3608] lock_acquire+0x1ab/0x570 [ 50.487703][ T3608] _raw_write_lock_irq+0x32/0x50 [ 50.494199][ T3608] f_modown+0x2a/0x390 [ 50.499826][ T3608] fcntl_dirnotify+0x9f3/0xf30 [ 50.506149][ T3608] do_fcntl+0x24c/0x1040 [ 50.511948][ T3608] __x64_sys_fcntl+0x15f/0x1d0 [ 50.518272][ T3608] do_syscall_64+0x35/0xb0 [ 50.524246][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.531699][ T3608] INITIAL READ USE at: [ 50.536016][ T3608] lock_acquire+0x1ab/0x570 [ 50.542507][ T3608] _raw_read_lock_irqsave+0x70/0x90 [ 50.549695][ T3608] send_sigio+0x24/0x380 [ 50.555926][ T3608] dnotify_handle_event+0x148/0x280 [ 50.563116][ T3608] fsnotify_handle_inode_event.isra.0+0x22e/0x370 [ 50.571528][ T3608] fsnotify+0xec5/0x13a0 [ 50.577762][ T3608] vfs_symlink+0x242/0x2c0 [ 50.584166][ T3608] do_symlinkat+0x261/0x2e0 [ 50.590659][ T3608] __x64_sys_symlinkat+0x93/0xc0 [ 50.597589][ T3608] do_syscall_64+0x35/0xb0 [ 50.603999][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.611887][ T3608] } [ 50.614376][ T3608] ... key at: [] __key.5+0x0/0x40 [ 50.621483][ T3608] ... acquired at: [ 50.625295][ T3608] lock_acquire+0x1ab/0x570 [ 50.629966][ T3608] _raw_read_lock_irqsave+0x70/0x90 [ 50.635332][ T3608] send_sigio+0x24/0x380 [ 50.639750][ T3608] kill_fasync+0x1f8/0x470 [ 50.644334][ T3608] evdev_pass_values.part.0+0x64e/0x970 [ 50.650052][ T3608] evdev_events+0x359/0x3e0 [ 50.654721][ T3608] input_to_handler+0x2a0/0x4c0 [ 50.659742][ T3608] input_pass_values.part.0+0x230/0x710 [ 50.665453][ T3608] input_handle_event+0x373/0x1440 [ 50.670741][ T3608] input_inject_event+0x1bd/0x320 [ 50.675934][ T3608] evdev_write+0x430/0x760 [ 50.680520][ T3608] vfs_write+0x269/0xac0 [ 50.684936][ T3608] ksys_write+0x1e8/0x250 [ 50.689435][ T3608] do_syscall_64+0x35/0xb0 [ 50.694110][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.700176][ T3608] [ 50.702488][ T3608] [ 50.702488][ T3608] stack backtrace: [ 50.708370][ T3608] CPU: 0 PID: 3608 Comm: syz-executor195 Not tainted 5.19.0-rc6-syzkaller-00115-g4a57a8400075 #0 [ 50.718859][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022 [ 50.728905][ T3608] Call Trace: [ 50.732179][ T3608] [ 50.735106][ T3608] dump_stack_lvl+0xcd/0x134 [ 50.739695][ T3608] check_irq_usage.cold+0x4c1/0x6b0 [ 50.744896][ T3608] ? print_shortest_lock_dependencies_backwards+0x80/0x80 [ 50.752034][ T3608] ? unwind_get_return_address+0x51/0x90 [ 50.757679][ T3608] ? create_prof_cpu_mask+0x20/0x20 [ 50.762881][ T3608] ? check_path.constprop.0+0x24/0x50 [ 50.768256][ T3608] ? register_lock_class+0xbe/0x1130 [ 50.773541][ T3608] ? filter_irq_stacks+0x90/0x90 [ 50.778482][ T3608] __lock_acquire+0x2ad6/0x5660 [ 50.783340][ T3608] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 50.789323][ T3608] lock_acquire+0x1ab/0x570 [ 50.793843][ T3608] ? send_sigio+0x24/0x380 [ 50.798261][ T3608] ? lock_release+0x780/0x780 [ 50.802934][ T3608] ? lock_release+0x780/0x780 [ 50.807605][ T3608] ? lock_release+0x780/0x780 [ 50.812281][ T3608] _raw_read_lock_irqsave+0x70/0x90 [ 50.817486][ T3608] ? send_sigio+0x24/0x380 [ 50.821901][ T3608] send_sigio+0x24/0x380 [ 50.826141][ T3608] kill_fasync+0x1f8/0x470 [ 50.830555][ T3608] evdev_pass_values.part.0+0x64e/0x970 [ 50.836103][ T3608] ? evdev_free+0x70/0x70 [ 50.840428][ T3608] ? ktime_mono_to_any+0xb5/0x1e0 [ 50.845451][ T3608] evdev_events+0x359/0x3e0 [ 50.849951][ T3608] ? evdev_connect+0x4b0/0x4b0 [ 50.854712][ T3608] input_to_handler+0x2a0/0x4c0 [ 50.859564][ T3608] input_pass_values.part.0+0x230/0x710 [ 50.865110][ T3608] input_handle_event+0x373/0x1440 [ 50.870217][ T3608] input_inject_event+0x1bd/0x320 [ 50.875259][ T3608] evdev_write+0x430/0x760 [ 50.879672][ T3608] ? evdev_read+0xe30/0xe30 [ 50.884169][ T3608] ? apparmor_file_permission+0x264/0x4e0 [ 50.889885][ T3608] ? bpf_lsm_file_permission+0x5/0x10 [ 50.895256][ T3608] ? security_file_permission+0xab/0xd0 [ 50.900811][ T3608] ? evdev_read+0xe30/0xe30 [ 50.905312][ T3608] vfs_write+0x269/0xac0 [ 50.909553][ T3608] ksys_write+0x1e8/0x250 [ 50.913883][ T3608] ? __ia32_sys_read+0xb0/0xb0 [ 50.918646][ T3608] ? lockdep_hardirqs_on+0x79/0x100 [ 50.923841][ T3608] ? _raw_spin_unlock_irq+0x2a/0x40 [ 50.929037][ T3608] ? ptrace_notify+0xfa/0x140 [ 50.933713][ T3608] do_syscall_64+0x35/0xb0 [ 50.938131][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 50.944033][ T3608] RIP: 0033:0x7f642e58f7c9 [ 50.948467][ T3608] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 write(5, "\x04\x00\x00\x00\x00\x00\x00\x00\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 883) = 864 exit_group(0) = ? +++ exited with 0 +++ [ 50.968073][ T3608] RSP: 002b:00007ffd48c82698 EFLAGS: 00000246 ORIG_RAX