Warning: Permanently added '10.128.0.136' (ECDSA) to the list of known hosts. executing program [ 51.371484] audit: type=1400 audit(1566903628.309:36): avc: denied { map } for pid=7678 comm="syz-executor853" path="/root/syz-executor853405566" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 51.417538] [ 51.419281] ======================================================== [ 51.425889] WARNING: possible irq lock inversion dependency detected [ 51.432621] 4.19.68 #42 Not tainted [ 51.436272] -------------------------------------------------------- [ 51.442759] swapper/0/0 just changed the state of lock: [ 51.448459] 000000008c8ec146 (&(&ctx->ctx_lock)->rlock){..-.}, at: free_ioctx_users+0x2d/0x490 [ 51.457230] but this lock took another, SOFTIRQ-unsafe lock in the past: [ 51.464073] (&fiq->waitq){+.+.} [ 51.464084] [ 51.464084] [ 51.464084] and interrupts could create inverse lock ordering between them. [ 51.464084] [ 51.479028] [ 51.479028] other info that might help us debug this: [ 51.485678] Possible interrupt unsafe locking scenario: [ 51.485678] [ 51.492785] CPU0 CPU1 [ 51.497445] ---- ---- [ 51.502095] lock(&fiq->waitq); [ 51.505445] local_irq_disable(); [ 51.511488] lock(&(&ctx->ctx_lock)->rlock); [ 51.518494] lock(&fiq->waitq); [ 51.524672] [ 51.527419] lock(&(&ctx->ctx_lock)->rlock); [ 51.532082] [ 51.532082] *** DEADLOCK *** [ 51.532082] [ 51.538327] 2 locks held by swapper/0/0: [ 51.542389] #0: 00000000c962dc1f (rcu_callback){....}, at: rcu_process_callbacks+0xc79/0x1a30 [ 51.551425] #1: 00000000bc494d30 (rcu_read_lock_sched){....}, at: percpu_ref_switch_to_atomic_rcu+0x1ca/0x540 [ 51.561587] [ 51.561587] the shortest dependencies between 2nd lock and 1st lock: [ 51.570356] -> (&fiq->waitq){+.+.} ops: 4 { [ 51.574793] HARDIRQ-ON-W at: [ 51.578167] lock_acquire+0x16f/0x3f0 [ 51.583881] _raw_spin_lock+0x2f/0x40 [ 51.589561] flush_bg_queue+0x1f3/0x3d0 [ 51.595379] fuse_request_send_background_locked+0x26d/0x4e0 [ 51.603104] fuse_request_send_background+0x12b/0x180 [ 51.610124] cuse_channel_open+0x5ba/0x830 [ 51.616187] misc_open+0x395/0x4c0 [ 51.621538] chrdev_open+0x245/0x6b0 [ 51.627076] do_dentry_open+0x4c3/0x1210 [ 51.633072] vfs_open+0xa0/0xd0 [ 51.638165] path_openat+0x10d7/0x45e0 [ 51.643874] do_filp_open+0x1a1/0x280 [ 51.649756] do_sys_open+0x3fe/0x550 [ 51.655281] __x64_sys_openat+0x9d/0x100 [ 51.661177] do_syscall_64+0xfd/0x620 [ 51.666801] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 51.673804] SOFTIRQ-ON-W at: [ 51.677203] lock_acquire+0x16f/0x3f0 [ 51.682823] _raw_spin_lock+0x2f/0x40 [ 51.688617] flush_bg_queue+0x1f3/0x3d0 [ 51.694416] fuse_request_send_background_locked+0x26d/0x4e0 [ 51.702073] fuse_request_send_background+0x12b/0x180 [ 51.709264] cuse_channel_open+0x5ba/0x830 [ 51.715327] misc_open+0x395/0x4c0 [ 51.720903] chrdev_open+0x245/0x6b0 [ 51.726513] do_dentry_open+0x4c3/0x1210 [ 51.732408] vfs_open+0xa0/0xd0 [ 51.738245] path_openat+0x10d7/0x45e0 [ 51.744215] do_filp_open+0x1a1/0x280 [ 51.749973] do_sys_open+0x3fe/0x550 [ 51.755516] __x64_sys_openat+0x9d/0x100 [ 51.761427] do_syscall_64+0xfd/0x620 [ 51.767193] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 51.774305] INITIAL USE at: [ 51.777584] lock_acquire+0x16f/0x3f0 [ 51.783260] _raw_spin_lock+0x2f/0x40 [ 51.789027] flush_bg_queue+0x1f3/0x3d0 [ 51.794881] fuse_request_send_background_locked+0x26d/0x4e0 [ 51.802419] fuse_request_send_background+0x12b/0x180 [ 51.809442] cuse_channel_open+0x5ba/0x830 [ 51.815435] misc_open+0x395/0x4c0 [ 51.820708] chrdev_open+0x245/0x6b0 [ 51.826163] do_dentry_open+0x4c3/0x1210 [ 51.831962] vfs_open+0xa0/0xd0 [ 51.837027] path_openat+0x10d7/0x45e0 [ 51.842647] do_filp_open+0x1a1/0x280 [ 51.848183] do_sys_open+0x3fe/0x550 [ 51.853641] __x64_sys_openat+0x9d/0x100 [ 51.859441] do_syscall_64+0xfd/0x620 [ 51.864997] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 51.872005] } [ 51.874002] ... key at: [] __key.42211+0x0/0x40 [ 51.880889] ... acquired at: [ 51.884094] _raw_spin_lock+0x2f/0x40 [ 51.888156] io_submit_one+0xef2/0x2eb0 [ 51.892540] __x64_sys_io_submit+0x1aa/0x520 [ 51.897313] do_syscall_64+0xfd/0x620 [ 51.901299] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 51.906873] [ 51.908489] -> (&(&ctx->ctx_lock)->rlock){..-.} ops: 2 { [ 51.913942] IN-SOFTIRQ-W at: [ 51.917241] lock_acquire+0x16f/0x3f0 [ 51.922692] _raw_spin_lock_irq+0x60/0x80 [ 51.928676] free_ioctx_users+0x2d/0x490 [ 51.934401] percpu_ref_switch_to_atomic_rcu+0x407/0x540 [ 51.941932] rcu_process_callbacks+0xba0/0x1a30 [ 51.948396] __do_softirq+0x25c/0x921 [ 51.953857] irq_exit+0x180/0x1d0 [ 51.958955] smp_apic_timer_interrupt+0x13b/0x550 [ 51.965488] apic_timer_interrupt+0xf/0x20 [ 51.971365] native_safe_halt+0xe/0x10 [ 51.976901] arch_cpu_idle+0xa/0x10 [ 51.982170] default_idle_call+0x36/0x90 [ 51.987880] do_idle+0x377/0x560 [ 51.996245] cpu_startup_entry+0xc8/0xe0 [ 52.002017] rest_init+0x219/0x222 [ 52.007199] start_kernel+0x88c/0x8c5 [ 52.012633] x86_64_start_reservations+0x29/0x2b [ 52.019144] x86_64_start_kernel+0x77/0x7b [ 52.025027] secondary_startup_64+0xa4/0xb0 [ 52.030987] INITIAL USE at: [ 52.034178] lock_acquire+0x16f/0x3f0 [ 52.039535] _raw_spin_lock_irq+0x60/0x80 [ 52.045249] io_submit_one+0xead/0x2eb0 [ 52.050914] __x64_sys_io_submit+0x1aa/0x520 [ 52.056883] do_syscall_64+0xfd/0x620 [ 52.062325] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 52.069286] } [ 52.071086] ... key at: [] __key.50211+0x0/0x40 [ 52.078046] ... acquired at: [ 52.081146] mark_lock+0x420/0x1370 [ 52.085200] __lock_acquire+0xc62/0x49c0 [ 52.089419] lock_acquire+0x16f/0x3f0 [ 52.093390] _raw_spin_lock_irq+0x60/0x80 [ 52.097705] free_ioctx_users+0x2d/0x490 [ 52.101921] percpu_ref_switch_to_atomic_rcu+0x407/0x540 [ 52.107767] rcu_process_callbacks+0xba0/0x1a30 [ 52.112701] __do_softirq+0x25c/0x921 [ 52.116720] irq_exit+0x180/0x1d0 [ 52.120343] smp_apic_timer_interrupt+0x13b/0x550 [ 52.125354] apic_timer_interrupt+0xf/0x20 [ 52.129749] native_safe_halt+0xe/0x10 [ 52.133981] arch_cpu_idle+0xa/0x10 [ 52.137770] default_idle_call+0x36/0x90 [ 52.142079] do_idle+0x377/0x560 [ 52.145614] cpu_startup_entry+0xc8/0xe0 [ 52.150843] rest_init+0x219/0x222 [ 52.154646] start_kernel+0x88c/0x8c5 [ 52.158618] x86_64_start_reservations+0x29/0x2b [ 52.163665] x86_64_start_kernel+0x77/0x7b [ 52.168177] secondary_startup_64+0xa4/0xb0 [ 52.177226] [ 52.178848] [ 52.178848] stack backtrace: [ 52.193785] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.19.68 #42 [ 52.200008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 52.209621] Call Trace: [ 52.212191] [ 52.214331] dump_stack+0x172/0x1f0 [ 52.217947] print_irq_inversion_bug.part.0+0x2c0/0x2cd [ 52.223295] check_usage_forwards.cold+0x20/0x29 [ 52.228046] ? check_usage_backwards+0x340/0x340 [ 52.232803] ? save_stack_trace+0x1a/0x20 [ 52.236940] ? save_trace+0xe0/0x290 [ 52.240638] mark_lock+0x420/0x1370 [ 52.244583] ? check_usage_backwards+0x340/0x340 [ 52.249339] __lock_acquire+0xc62/0x49c0 [ 52.253453] ? mark_held_locks+0x100/0x100 [ 52.257700] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 52.262445] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 52.267208] ? mark_held_locks+0x100/0x100 [ 52.271435] ? mark_held_locks+0x100/0x100 [ 52.275730] ? _raw_spin_unlock_irqrestore+0x95/0xe0 [ 52.280913] lock_acquire+0x16f/0x3f0 [ 52.284715] ? free_ioctx_users+0x2d/0x490 [ 52.288949] _raw_spin_lock_irq+0x60/0x80 [ 52.293090] ? free_ioctx_users+0x2d/0x490 [ 52.297318] free_ioctx_users+0x2d/0x490 [ 52.301486] ? rcu_dynticks_curr_cpu_in_eqs+0x51/0xb0 [ 52.306681] percpu_ref_switch_to_atomic_rcu+0x407/0x540 [ 52.312177] ? percpu_ref_exit+0xd0/0xd0 [ 52.316547] rcu_process_callbacks+0xba0/0x1a30 [ 52.322561] ? __rcu_read_unlock+0x170/0x170 [ 52.327296] __do_softirq+0x25c/0x921 [ 52.331086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 52.336626] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 52.342384] irq_exit+0x180/0x1d0 [ 52.345835] smp_apic_timer_interrupt+0x13b/0x550 [ 52.350720] apic_timer_interrupt+0xf/0x20 [ 52.355260] [ 52.357493] RIP: 0010:native_safe_halt+0xe/0x10 [ 52.362401] Code: ff ff 48 89 df e8 42 63 ae fa eb 82 e9 07 00 00 00 0f 00 2d d4 53 54 00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d c4 53 54 00 fb f4 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 e8 8e 45 66 fa e8 29 [ 52.381661] RSP: 0018:ffffffff88607ca8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13 [ 52.389369] RAX: 1ffffffff10e489c RBX: ffffffff88679ec0 RCX: 0000000000000000 [ 52.396626] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffffffff8867a73c [ 52.404010] RBP: ffffffff88607cd8 R08: ffffffff88679ec0 R09: 0000000000000000 [ 52.411460] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 52.418725] R13: ffffffff887244d0 R14: 0000000000000000 R15: 0000000000000000 [ 52.426116] ? default_idle+0x4e/0x320 [ 52.430016] arch_cpu_idle+0xa/0x10 [ 52.433630] default_idle_call+0x36/0x90 [ 52.437767] do_idle+0x377/0x560 [ 52.441132] ? arch_cpu_idle_exit+0x80/0x80 [ 52.445519] ? check_preemption_disabled+0x48/0x290 [ 52.450541] cpu_startup_entry+0xc8/0xe0 [ 52.454607] ? cpu_in_idle+0x20/0x20 [ 52.458321] rest_init+0x219/0x222 [ 52.461918] start_kernel+0x88c/0x8c5 [ 52.465727] ? mem_encrypt_init+0xb/0xb [ 52.469698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 52.475234] ?