Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.213' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 28.132109] [ 28.132111] ============================================ [ 28.132112] WARNING: possible recursive locking detected [ 28.132116] 4.14.280-syzkaller #0 Not tainted [ 28.132117] -------------------------------------------- [ 28.132120] syz-executor337/7995 is trying to acquire lock: [ 28.132121] ((fb_notifier_list).rwsem){++++}, at: [] blocking_notifier_call_chain+0x63/0x90 [ 28.132136] [ 28.132136] but task is already holding lock: [ 28.132136] ((fb_notifier_list).rwsem){++++}, at: [] blocking_notifier_call_chain+0x63/0x90 [ 28.132144] [ 28.132144] other info that might help us debug this: [ 28.132145] Possible unsafe locking scenario: [ 28.132145] [ 28.132146] CPU0 [ 28.132146] ---- [ 28.132147] lock((fb_notifier_list).rwsem); [ 28.132149] lock((fb_notifier_list).rwsem); [ 28.132152] [ 28.132152] *** DEADLOCK *** [ 28.132152] [ 28.132153] May be due to missing lock nesting notation [ 28.132153] [ 28.132155] 3 locks held by syz-executor337/7995: [ 28.132156] #0: (console_lock){+.+.}, at: [] do_fb_ioctl+0x81a/0xa70 [ 28.132163] #1: (&fb_info->lock){+.+.}, at: [] do_fb_ioctl+0x824/0xa70 [ 28.132169] #2: ((fb_notifier_list).rwsem){++++}, at: [] blocking_notifier_call_chain+0x63/0x90 [ 28.132176] [ 28.132176] stack backtrace: [ 28.132180] CPU: 0 PID: 7995 Comm: syz-executor337 Not tainted 4.14.280-syzkaller #0 [ 28.132183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.132184] Call Trace: [ 28.132203] dump_stack+0x1b2/0x281 [ 28.132211] __lock_acquire.cold+0x180/0x97c [ 28.132219] ? retint_kernel+0x2d/0x2d [ 28.132224] ? trace_hardirqs_on+0x10/0x10 [ 28.132229] ? check_preemption_disabled+0x35/0x240 [ 28.132235] ? delay_tsc+0x8a/0xb0 [ 28.132239] ? vga16fb_update_fix+0x2fe/0x470 [ 28.132243] ? memcpy+0x35/0x50 [ 28.132247] lock_acquire+0x170/0x3f0 [ 28.132251] ? blocking_notifier_call_chain+0x63/0x90 [ 28.132254] down_read+0x36/0x80 [ 28.132258] ? blocking_notifier_call_chain+0x63/0x90 [ 28.132261] blocking_notifier_call_chain+0x63/0x90 [ 28.132267] fb_set_var+0xbc8/0xdc0 [ 28.132271] ? fb_set_suspend+0x110/0x110 [ 28.132277] ? kfree+0xc9/0x250 [ 28.132280] ? vga16fb_imageblit+0x630/0x2140 [ 28.132284] ? fb_pad_aligned_buffer+0xbf/0x110 [ 28.132290] ? bit_cursor+0xfb8/0x1580 [ 28.132293] ? fb_videomode_to_var+0xf/0x610 [ 28.132296] fbcon_switch+0x3d9/0x19e0 [ 28.132301] ? fbcon_event_notify+0x1760/0x1760 [ 28.132308] redraw_screen+0x32c/0x790 [ 28.132311] ? get_color+0x1be/0x3a0 [ 28.132314] ? con_shutdown+0x90/0x90 [ 28.132317] ? bit_update_start+0x1f0/0x1f0 [ 28.132320] ? fbcon_cursor+0x48e/0x650 [ 28.132324] fbcon_blank+0x986/0xd50 [ 28.132328] ? con2fb_release_oldinfo.constprop.0+0x5a0/0x5a0 [ 28.132332] ? __lock_acquire+0x5fc/0x3f20 [ 28.132336] ? __lock_acquire+0x5fc/0x3f20 [ 28.132340] ? trace_hardirqs_on+0x10/0x10 [ 28.132343] ? __lock_acquire+0x5fc/0x3f20 [ 28.132347] do_unblank_screen+0x1fd/0x4e0 [ 28.132351] fbcon_event_notify+0x1445/0x1760 [ 28.132356] notifier_call_chain+0x108/0x1a0 [ 28.132361] blocking_notifier_call_chain+0x79/0x90 [ 28.132364] fb_blank+0x14c/0x190 [ 28.132368] ? fb_set_logocmap+0x450/0x450 [ 28.132371] ? do_fb_ioctl+0x81a/0xa70 [ 28.132374] do_fb_ioctl+0x894/0xa70 [ 28.132377] ? register_framebuffer+0x8e0/0x8e0 [ 28.132380] ? __kernel_text_address+0x9/0x30 [ 28.132386] ? unwind_get_return_address+0x51/0x90 [ 28.132389] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.132394] ? __save_stack_trace+0xa0/0x160 [ 28.132397] ? check_preemption_disabled+0x35/0x240 [ 28.132401] ? kasan_slab_free+0x12d/0x1a0 [ 28.132404] ? kasan_slab_free+0xc3/0x1a0 [ 28.132408] ? kmem_cache_free+0x7c/0x2b0 [ 28.132412] ? putname+0xcd/0x110 [ 28.132415] ? do_sys_open+0x203/0x410 [ 28.132419] ? do_syscall_64+0x1d5/0x640 [ 28.132423] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.132426] ? path_lookupat+0x780/0x780 [ 28.132430] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.132434] ? lock_acquire+0x170/0x3f0 [ 28.132437] ? lock_downgrade+0x740/0x740 [ 28.132441] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 28.132444] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.132448] fb_ioctl+0xdd/0x130 [ 28.132450] ? do_fb_ioctl+0xa70/0xa70 [ 28.132453] do_vfs_ioctl+0x75a/0xff0 [ 28.132458] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 28.132462] ? ioctl_preallocate+0x1a0/0x1a0 [ 28.132465] ? kmem_cache_free+0x23a/0x2b0 [ 28.132468] ? putname+0xcd/0x110 [ 28.132472] ? do_sys_open+0x208/0x410 [ 28.132475] ? filp_open+0x60/0x60 [ 28.132480] ? security_file_ioctl+0x83/0xb0 [ 28.132484] SyS_ioctl+0x7f/0xb0 [ 28.132486] ? do_vfs_ioctl+0xff0/0xff0 [ 28.132490] do_syscall_64+0x1d5/0x640 [ 28.132494] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.132498] RIP: 0033:0x7fd3a6027239 [ 28.132500] RSP: 002b:00007ffe8a0162f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 28.132504] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd3a6027239 [ 28.132506] RDX: 0000000000000000 RSI: 0000000000004611 RDI: 0000000000000005 [ 28.132508] RBP: 00007fd3a5feb220 R08: 0000000000000000 R09: 0000000000000000 [ 28.132510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd3a5