Warning: Permanently added '10.128.0.154' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 43.771359][ C1] [ 43.773927][ C1] ======================================================== [ 43.781207][ C1] WARNING: possible irq lock inversion dependency detected [ 43.788381][ C1] 5.6.0-syzkaller #0 Not tainted [ 43.793291][ C1] -------------------------------------------------------- [ 43.800627][ C1] swapper/1/0 just changed the state of lock: [ 43.806830][ C1] ffff8880a83f1cd8 (&ctx->ctx_lock){..-.}-{2:2}, at: free_ioctx_users+0x30/0x1c0 [ 43.815920][ C1] but this lock took another, SOFTIRQ-unsafe lock in the past: [ 43.823439][ C1] (&pid->wait_pidfd){+.+.}-{2:2} [ 43.823448][ C1] [ 43.823448][ C1] [ 43.823448][ C1] and interrupts could create inverse lock ordering between them. [ 43.823448][ C1] [ 43.842871][ C1] [ 43.842871][ C1] other info that might help us debug this: [ 43.850922][ C1] Possible interrupt unsafe locking scenario: [ 43.850922][ C1] [ 43.859246][ C1] CPU0 CPU1 [ 43.864586][ C1] ---- ---- [ 43.870192][ C1] lock(&pid->wait_pidfd); [ 43.874678][ C1] local_irq_disable(); [ 43.881530][ C1] lock(&ctx->ctx_lock); [ 43.888492][ C1] lock(&pid->wait_pidfd); [ 43.895551][ C1] [ 43.899031][ C1] lock(&ctx->ctx_lock); [ 43.903517][ C1] [ 43.903517][ C1] *** DEADLOCK *** [ 43.903517][ C1] [ 43.911646][ C1] 2 locks held by swapper/1/0: [ 43.916435][ C1] #0: ffffffff892e6c20 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire+0x0/0x30 [ 43.925762][ C1] #1: ffffffff892e6bd0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 43.935160][ C1] [ 43.935160][ C1] the shortest dependencies between 2nd lock and 1st lock: [ 43.944628][ C1] -> (&pid->wait_pidfd){+.+.}-{2:2} { [ 43.950070][ C1] HARDIRQ-ON-W at: [ 43.954169][ C1] lock_acquire+0x169/0x480 [ 43.960611][ C1] _raw_spin_lock+0x2a/0x40 [ 43.967672][ C1] proc_pid_make_inode+0x187/0x2d0 [ 43.974600][ C1] proc_pid_instantiate+0x4b/0x1a0 [ 43.981727][ C1] proc_pid_lookup+0x218/0x2f0 [ 43.988290][ C1] proc_root_lookup+0x1b/0x50 [ 43.994762][ C1] __lookup_slow+0x240/0x370 [ 44.001148][ C1] walk_component+0x442/0x680 [ 44.007857][ C1] link_path_walk+0x66d/0xba0 [ 44.014352][ C1] path_openat+0x21d/0x38b0 [ 44.020678][ C1] do_filp_open+0x191/0x3a0 [ 44.027809][ C1] do_sys_openat2+0x463/0x770 [ 44.034298][ C1] __x64_sys_open+0x1af/0x1e0 [ 44.040913][ C1] do_syscall_64+0xf3/0x1b0 [ 44.047223][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 44.055262][ C1] SOFTIRQ-ON-W at: [ 44.059318][ C1] lock_acquire+0x169/0x480 [ 44.065645][ C1] _raw_spin_lock+0x2a/0x40 [ 44.071957][ C1] proc_pid_make_inode+0x187/0x2d0 [ 44.078875][ C1] proc_pid_instantiate+0x4b/0x1a0 [ 44.085804][ C1] proc_pid_lookup+0x218/0x2f0 [ 44.092386][ C1] proc_root_lookup+0x1b/0x50 [ 44.098866][ C1] __lookup_slow+0x240/0x370 [ 44.105559][ C1] walk_component+0x442/0x680 [ 44.112688][ C1] link_path_walk+0x66d/0xba0 [ 44.119166][ C1] path_openat+0x21d/0x38b0 [ 44.125690][ C1] do_filp_open+0x191/0x3a0 [ 44.132148][ C1] do_sys_openat2+0x463/0x770 [ 44.138646][ C1] __x64_sys_open+0x1af/0x1e0 [ 44.145143][ C1] do_syscall_64+0xf3/0x1b0 [ 44.151736][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 44.159444][ C1] INITIAL USE at: [ 44.163410][ C1] lock_acquire+0x169/0x480 [ 44.169815][ C1] _raw_spin_lock_irqsave+0x9e/0xc0 [ 44.176728][ C1] __wake_up+0xb8/0x150 [ 44.182952][ C1] do_notify_parent+0x167/0xce0 [ 44.189534][ C1] do_exit+0x12c5/0x1f80 [ 44.195489][ C1] call_usermodehelper_exec_async+0x47c/0x480 [ 44.203279][ C1] ret_from_fork+0x24/0x30 [ 44.209419][ C1] } [ 44.212079][ C1] ... key at: [] alloc_pid.__key+0x0/0x10 [ 44.220524][ C1] ... acquired at: [ 44.224408][ C1] lock_acquire+0x169/0x480 [ 44.229192][ C1] _raw_spin_lock+0x2a/0x40 [ 44.233848][ C1] io_submit_one+0x10f5/0x1a80 [ 44.238761][ C1] __se_sys_io_submit+0x117/0x220 [ 44.243937][ C1] do_syscall_64+0xf3/0x1b0 [ 44.248605][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 44.254933][ C1] [ 44.257365][ C1] -> (&ctx->ctx_lock){..-.}-{2:2} { [ 44.262547][ C1] IN-SOFTIRQ-W at: [ 44.266523][ C1] lock_acquire+0x169/0x480 [ 44.272661][ C1] _raw_spin_lock_irq+0x67/0x80 [ 44.279159][ C1] free_ioctx_users+0x30/0x1c0 [ 44.285886][ C1] percpu_ref_put+0x18d/0x1a0 [ 44.292189][ C1] rcu_core+0x816/0x1120 [ 44.298056][ C1] __do_softirq+0x268/0x80c [ 44.304372][ C1] irq_exit+0x223/0x230 [ 44.310171][ C1] smp_apic_timer_interrupt+0x113/0x280 [ 44.317343][ C1] apic_timer_interrupt+0xf/0x20 [ 44.323902][ C1] native_safe_halt+0xe/0x10 [ 44.330112][ C1] default_idle+0x4c/0x70 [ 44.336062][ C1] do_idle+0x1ee/0x650 [ 44.341764][ C1] cpu_startup_entry+0x15/0x20 [ 44.348151][ C1] start_secondary+0x386/0x410 [ 44.354557][ C1] secondary_startup_64+0xa4/0xb0 [ 44.361349][ C1] INITIAL USE at: [ 44.365234][ C1] lock_acquire+0x169/0x480 [ 44.371280][ C1] _raw_spin_lock_irq+0x67/0x80 [ 44.377672][ C1] io_submit_one+0x10cb/0x1a80 [ 44.383970][ C1] __se_sys_io_submit+0x117/0x220 [ 44.390550][ C1] do_syscall_64+0xf3/0x1b0 [ 44.396591][ C1] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 44.404068][ C1] } [ 44.406563][ C1] ... key at: [] ioctx_alloc.__key+0x0/0x10 [ 44.414638][ C1] ... acquired at: [ 44.418572][ C1] mark_lock+0x529/0x1b00 [ 44.423237][ C1] __lock_acquire+0xaa7/0x2b90 [ 44.428149][ C1] lock_acquire+0x169/0x480 [ 44.432838][ C1] _raw_spin_lock_irq+0x67/0x80 [ 44.437872][ C1] free_ioctx_users+0x30/0x1c0 [ 44.442903][ C1] percpu_ref_put+0x18d/0x1a0 [ 44.447753][ C1] rcu_core+0x816/0x1120 [ 44.452147][ C1] __do_softirq+0x268/0x80c [ 44.456795][ C1] irq_exit+0x223/0x230 [ 44.461150][ C1] smp_apic_timer_interrupt+0x113/0x280 [ 44.466843][ C1] apic_timer_interrupt+0xf/0x20 [ 44.471927][ C1] native_safe_halt+0xe/0x10 [ 44.476660][ C1] default_idle+0x4c/0x70 [ 44.481147][ C1] do_idle+0x1ee/0x650 [ 44.485356][ C1] cpu_startup_entry+0x15/0x20 [ 44.490278][ C1] start_secondary+0x386/0x410 [ 44.495335][ C1] secondary_startup_64+0xa4/0xb0 [ 44.500508][ C1] [ 44.502815][ C1] [ 44.502815][ C1] stack backtrace: [ 44.508812][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.6.0-syzkaller #0 [ 44.516459][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.526646][ C1] Call Trace: [ 44.529910][ C1] [ 44.532740][ C1] dump_stack+0x1e9/0x30e [ 44.537120][ C1] print_irq_inversion_bug+0xb67/0xe90 [ 44.542553][ C1] ? arch_stack_walk+0xb4/0xe0 [ 44.547298][ C1] ? secondary_startup_64+0xa4/0xb0 [ 44.552622][ C1] check_usage_forwards+0x13f/0x240 [ 44.557801][ C1] ? save_trace+0x49/0xb60 [ 44.562195][ C1] mark_lock+0x529/0x1b00 [ 44.566496][ C1] ? check_usage_backwards+0x240/0x240 [ 44.572078][ C1] ? mark_lock+0x102/0x1b00 [ 44.576693][ C1] ? __lock_acquire+0x116c/0x2b90 [ 44.581772][ C1] __lock_acquire+0xaa7/0x2b90 [ 44.586528][ C1] ? pcpu_block_update+0x564/0x890 [ 44.591624][ C1] lock_acquire+0x169/0x480 [ 44.596249][ C1] ? free_ioctx_users+0x30/0x1c0 [ 44.601178][ C1] ? rcu_lock_acquire+0x5/0x30 [ 44.605920][ C1] ? trace_irq_disable_rcuidle+0x1f/0x1d0 [ 44.611611][ C1] ? percpu_ref_noop_confirm_switch+0x10/0x10 [ 44.617651][ C1] _raw_spin_lock_irq+0x67/0x80 [ 44.622524][ C1] ? free_ioctx_users+0x30/0x1c0 [ 44.627434][ C1] free_ioctx_users+0x30/0x1c0 [ 44.632221][ C1] ? percpu_ref_noop_confirm_switch+0x10/0x10 [ 44.638283][ C1] ? percpu_ref_noop_confirm_switch+0x10/0x10 [ 44.644336][ C1] percpu_ref_put+0x18d/0x1a0 [ 44.649111][ C1] rcu_core+0x816/0x1120 [ 44.653363][ C1] __do_softirq+0x268/0x80c [ 44.658210][ C1] ? irq_exit+0x223/0x230 [ 44.662766][ C1] irq_exit+0x223/0x230 [ 44.667194][ C1] smp_apic_timer_interrupt+0x113/0x280 [ 44.674021][ C1] apic_timer_interrupt+0xf/0x20 [ 44.679003][ C1] [ 44.681940][ C1] RIP: 0010:native_safe_halt+0xe/0x10 [ 44.687299][ C1] Code: 80 e1 07 80 c1 03 38 c1 7c bc 48 89 df e8 4a 29 a7 f9 eb b2 cc cc cc cc cc cc cc cc e9 07 00 00 00 0f 00 2d 36 c3 58 00 fb f4 90 e9 07 00 00 00 0f 00 2d 26 c3 58 00 f4 c3 cc cc 41 56 53 65 [ 44.707213][ C1] RSP: 0018:ffffc90000d3fe60 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 44.715612][ C1] RAX: 1ffffffff1257409 RBX: ffff8880a9a3c340 RCX: dffffc0000000000 [ 44.723640][ C1] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffff8880a9a3cba4 [ 44.731671][ C1] RBP: ffffffff896b9ee0 R08: ffffffff8178ec90 R09: ffffed1015347869 [ 44.740266][ C1] R10: ffffed1015347869 R11: 0000000000000000 R12: 1ffff11015347868 [ 44.748254][ C1] R13: dffffc0000000000 R14: 1ffffffff1257407 R15: 0000000000000001 [ 44.756350][ C1] ? trace_hardirqs_on+0x30/0x70 [ 44.761412][ C1] default_idle+0x4c/0x70 [ 44.765825][ C1] do_idle+0x1ee/0x650 [ 44.769869][ C1] cpu_startup_entry+0x15/0x20 [ 44.774671][ C1] start_secondary+0x386/0x410 [ 44.779412][ C1] secondary_startup_64+0xa4/0xb0