[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 30.251020] kauditd_printk_skb: 7 callbacks suppressed [ 30.251032] audit: type=1800 audit(1542636057.059:29): pid=5899 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 30.275648] audit: type=1800 audit(1542636057.069:30): pid=5899 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 34.601892] sshd (6039) used greatest stack depth: 15744 bytes left Warning: Permanently added '10.128.0.13' (ECDSA) to the list of known hosts. executing program [ 716.192755] BUG: workqueue lockup - pool cpus=0 node=0 flags=0x0 nice=0 stuck for 269s! [ 716.201136] Showing busy workqueues and worker pools: [ 716.206493] workqueue events: flags=0x0 [ 716.210547] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=4/256 [ 716.218941] in-flight: 12:rtc_timer_do_work [ 716.223602] pending: vmstat_shepherd, cache_reap, psi_update_work [ 716.230925] [ 716.230929] ====================================================== [ 716.230932] WARNING: possible circular locking dependency detected [ 716.230935] 4.20.0-rc3+ #119 Not tainted [ 716.230938] ------------------------------------------------------ [ 716.230941] kworker/0:1/12 is trying to acquire lock: [ 716.230942] 00000000b5d8ad7b (console_owner){-.-.}, at: console_unlock+0x570/0x1190 [ 716.230951] [ 716.230953] but task is already holding lock: [ 716.230955] 00000000709df602 (&(&pool->lock)->rlock){-.-.}, at: show_workqueue_state.cold.49+0xad0/0x159a [ 716.230964] [ 716.230966] which lock already depends on the new lock. [ 716.230968] [ 716.230969] [ 716.230972] the existing dependency chain (in reverse order) is: [ 716.230973] [ 716.230975] -> #4 (&(&pool->lock)->rlock){-.-.}: [ 716.230983] _raw_spin_lock+0x2d/0x40 [ 716.230985] __queue_work+0x2ff/0x1440 [ 716.230987] queue_work_on+0x19a/0x1e0 [ 716.230989] put_pwq+0x175/0x1c0 [ 716.230992] put_pwq_unlocked.part.27+0x34/0x70 [ 716.230994] destroy_workqueue+0x868/0x9c0 [ 716.230997] floppy_async_init+0x1fe4/0x213b [ 716.230999] async_run_entry_fn+0x1c4/0x7f0 [ 716.231002] process_one_work+0xc90/0x1c40 [ 716.231004] worker_thread+0x17f/0x1390 [ 716.231006] kthread+0x35a/0x440 [ 716.231008] ret_from_fork+0x3a/0x50 [ 716.231009] [ 716.231011] -> #3 (&pool->lock/1){..-.}: [ 716.231019] _raw_spin_lock+0x2d/0x40 [ 716.231022] __queue_work+0x2ff/0x1440 [ 716.231024] queue_work_on+0x19a/0x1e0 [ 716.231027] tty_schedule_flip+0x14c/0x1d0 [ 716.231029] tty_flip_buffer_push+0x15/0x20 [ 716.231031] pty_write+0x19d/0x1f0 [ 716.231034] n_tty_write+0xc5b/0x11a0 [ 716.231036] tty_write+0x3f1/0x880 [ 716.231038] __vfs_write+0x119/0x9f0 [ 716.231040] vfs_write+0x1fc/0x560 [ 716.231043] ksys_write+0x101/0x260 [ 716.231045] __x64_sys_write+0x73/0xb0 [ 716.231047] do_syscall_64+0x1b9/0x820 [ 716.231050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 716.231052] [ 716.231053] -> #2 (&(&port->lock)->rlock){-.-.}: [ 716.231061] _raw_spin_lock_irqsave+0x99/0xd0 [ 716.231063] tty_port_tty_get+0x20/0x80 [ 716.231066] tty_port_default_wakeup+0x15/0x40 [ 716.231068] tty_port_tty_wakeup+0x5d/0x70 [ 716.231071] uart_write_wakeup+0x44/0x60 [ 716.231073] serial8250_tx_chars+0x4be/0xb60 [ 716.231076] serial8250_handle_irq.part.23+0x1ee/0x280 [ 716.231079] serial8250_default_handle_irq+0xc8/0x150 [ 716.231081] serial8250_interrupt+0xef/0x190 [ 716.231084] __handle_irq_event_percpu+0x195/0xb30 [ 716.231086] handle_irq_event_percpu+0xa0/0x1d0 [ 716.231089] handle_irq_event+0xa7/0x135 [ 716.231091] handle_edge_irq+0x227/0x880 [ 716.231093] handle_irq+0x252/0x3d8 [ 716.231095] do_IRQ+0x98/0x1c0 [ 716.231097] ret_from_intr+0x0/0x1e [ 716.231100] native_safe_halt+0x6/0x10 [ 716.231102] default_idle+0xbf/0x490 [ 716.231104] arch_cpu_idle+0x10/0x20 [ 716.231106] default_idle_call+0x6d/0x90 [ 716.231109] do_idle+0x49b/0x5c0 [ 716.231111] cpu_startup_entry+0x18/0x20 [ 716.231113] start_secondary+0x487/0x5f0 [ 716.231116] secondary_startup_64+0xa4/0xb0 [ 716.231117] [ 716.231118] -> #1 (&port_lock_key){-.-.}: [ 716.231126] _raw_spin_lock_irqsave+0x99/0xd0 [ 716.231129] serial8250_console_write+0x8e8/0xb10 [ 716.231131] univ8250_console_write+0x5f/0x70 [ 716.231134] console_unlock+0xb1f/0x1190 [ 716.231136] vprintk_emit+0x391/0x990 [ 716.231138] vprintk_default+0x28/0x30 [ 716.231140] vprintk_func+0x7e/0x181 [ 716.231142] printk+0xa7/0xcf [ 716.231145] register_console+0x8df/0xcf0 [ 716.231147] univ8250_console_init+0x3f/0x4b [ 716.231149] console_init+0x6ac/0x9dc [ 716.231152] start_kernel+0x70b/0xa2b [ 716.231154] x86_64_start_reservations+0x2e/0x30 [ 716.231157] x86_64_start_kernel+0x76/0x79 [ 716.231159] secondary_startup_64+0xa4/0xb0 [ 716.231160] [ 716.231162] -> #0 (console_owner){-.-.}: [ 716.231169] lock_acquire+0x1ed/0x520 [ 716.231172] console_unlock+0x5dd/0x1190 [ 716.231174] vprintk_emit+0x391/0x990 [ 716.231176] vprintk_default+0x28/0x30 [ 716.231178] vprintk_func+0x7e/0x181 [ 716.231180] printk+0xa7/0xcf [ 716.231183] show_workqueue_state.cold.49+0xc6c/0x159a [ 716.231186] wq_watchdog_timer_fn+0x6ea/0x810 [ 716.231188] call_timer_fn+0x272/0x920 [ 716.231190] __run_timers+0x7e5/0xc70 [ 716.231192] run_timer_softirq+0x88/0xb0 [ 716.231195] __do_softirq+0x308/0xb7e [ 716.231197] irq_exit+0x17f/0x1c0 [ 716.231199] smp_apic_timer_interrupt+0x1cb/0x760 [ 716.231202] apic_timer_interrupt+0xf/0x20 [ 716.231205] _raw_spin_unlock_irqrestore+0xaf/0xd0 [ 716.231208] __wake_up_common_lock+0x1d0/0x330 [ 716.231211] __wake_up+0xe/0x10 [ 716.231213] rtc_handle_legacy_irq+0x8f/0xd0 [ 716.231216] rtc_uie_update_irq+0x1f/0x30 [ 716.231218] rtc_timer_do_work+0x287/0x11b0 [ 716.231221] process_one_work+0xc90/0x1c40 [ 716.231223] worker_thread+0x17f/0x1390 [ 716.231225] kthread+0x35a/0x440 [ 716.231227] ret_from_fork+0x3a/0x50 [ 716.231229] [ 716.231231] other info that might help us debug this: [ 716.231233] [ 716.231234] Chain exists of: [ 716.231236] console_owner --> &pool->lock/1 --> &(&pool->lock)->rlock [ 716.231247] [ 716.231249] Possible unsafe locking scenario: [ 716.231250] [ 716.231253] CPU0 CPU1 [ 716.231255] ---- ---- [ 716.231257] lock(&(&pool->lock)->rlock); [ 716.231262] lock(&pool->lock/1); [ 716.231269] lock(&(&pool->lock)->rlock); [ 716.231273] lock(console_owner); [ 716.231277] [ 716.231279] *** DEADLOCK *** [ 716.231280] [ 716.231283] 7 locks held by kworker/0:1/12: [ 716.231284] #0: 000000007ca4d974 ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40 [ 716.231294] #1: 00000000be9f8b1c ((work_completion)(&rtc->irqwork)){+.+.}, at: process_one_work+0xb9a/0x1c40 [ 716.231304] #2: 00000000fe033963 (&rtc->ops_lock){+.+.}, at: rtc_timer_do_work+0x131/0x11b0 [ 716.231313] #3: 0000000056b2bc86 ((&wq_watchdog_timer)){+.-.}, at: call_timer_fn+0x1db/0x920 [ 716.231322] #4: 0000000071e2907d (rcu_read_lock_sched){....}, at: show_workqueue_state+0x0/0x1d0 [ 716.231350] #5: 00000000709df602 (&(&pool->lock)->rlock){-.-.}, at: show_workqueue_state.cold.49+0xad0/0x159a [ 716.231360] #6: 00000000c12a5a13 (console_lock){+.+.}, at: vprintk_emit+0x372/0x990 [ 716.231369] [ 716.231371] stack backtrace: [ 716.231374] CPU: 0 PID: 12 Comm: kworker/0:1 Not tainted 4.20.0-rc3+ #119 [ 716.231379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.231381] Workqueue: events rtc_timer_do_work [ 716.231384] Call Trace: [ 716.231386] [ 716.231388] dump_stack+0x244/0x39d [ 716.231391] ? dump_stack_print_info.cold.1+0x20/0x20 [ 716.231393] ? vprintk_func+0x85/0x181 [ 716.231396] print_circular_bug.isra.35.cold.54+0x1bd/0x27d [ 716.231398] ? save_trace+0xe0/0x290 [ 716.231401] __lock_acquire+0x3399/0x4c20 [ 716.231403] ? mark_held_locks+0x130/0x130 [ 716.231406] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 716.231408] ? put_dec+0x3b/0xf0 [ 716.231411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 716.231414] ? __sanitizer_cov_trace_const_cmp4+0x10/0x20 [ 716.231417] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 716.231419] ? enable_ptr_key_workfn+0x30/0x30 [ 716.231421] ? put_dec+0xf0/0xf0 [ 716.231423] ? zap_class+0x640/0x640 [ 716.231426] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 716.231428] ? vsnprintf+0x20d/0x1b60 [ 716.231430] lock_acquire+0x1ed/0x520 [ 716.231433] ? console_unlock+0x570/0x1190 [ 716.231435] ? lock_release+0xa00/0xa00 [ 716.231437] ? kasan_check_read+0x11/0x20 [ 716.231440] ? do_raw_spin_unlock+0xa7/0x330 [ 716.231442] ? do_raw_spin_trylock+0x270/0x270 [ 716.231445] ? msg_print_text+0x19a/0x1d0 [ 716.231447] console_unlock+0x5dd/0x1190 [ 716.231449] ? console_unlock+0x570/0x1190 [ 716.231452] ? kmsg_dump_get_buffer+0xac0/0xac0 [ 716.231454] ? trace_hardirqs_on+0x310/0x310 [ 716.231456] ? vprintk_emit+0x372/0x990 [ 716.231459] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 716.231461] ? vprintk_emit+0x372/0x990 [ 716.231464] ? __down_trylock_console_sem+0x151/0x1f0 [ 716.231466] vprintk_emit+0x391/0x990 [ 716.231469] ? wake_up_klogd+0x180/0x180 [ 716.231471] ? print_usage_bug+0xc0/0xc0 [ 716.231473] ? find_held_lock+0x36/0x1c0 [ 716.231475] vprintk_default+0x28/0x30 [ 716.231478] vprintk_func+0x7e/0x181 [ 716.231480] ? printk+0xa7/0xcf [ 716.231482] printk+0xa7/0xcf [ 716.231484] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 716.231487] show_workqueue_state.cold.49+0xc6c/0x159a [ 716.231489] ? llist_add_batch+0x106/0x170 [ 716.231492] ? check_preemption_disabled+0x48/0x280 [ 716.231495] ? print_worker_info+0x540/0x540 [ 716.231497] ? tick_nohz_tick_stopped+0x1a/0x90 [ 716.231500] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 716.231502] ? radix_tree_next_chunk+0x5b9/0xe20 [ 716.231505] ? radix_tree_cpu_dead+0x160/0x160 [ 716.231507] ? vprintk_emit+0x293/0x990 [ 716.231510] ? zap_class+0x640/0x640 [ 716.231512] ? wake_up_klogd+0x180/0x180 [ 716.231515] ? update_cfs_rq_load_avg.part.68+0x253/0x2e0 [ 716.231517] ? find_held_lock+0x36/0x1c0 [ 716.231520] ? wq_watchdog_timer_fn+0x5b4/0x810 [ 716.231522] ? lock_downgrade+0x900/0x900 [ 716.231525] ? check_preemption_disabled+0x48/0x280 [ 716.231528] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 716.231530] ? kasan_check_read+0x11/0x20 [ 716.231533] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 716.231535] ? rcu_softirq_qs+0x20/0x20 [ 716.231538] wq_watchdog_timer_fn+0x6ea/0x810 [ 716.231540] ? show_workqueue_state+0x1d0/0x1d0 [ 716.231543] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 716.231545] ? rcu_read_unlock+0x16/0x60 [ 716.231548] ? check_preemption_disabled+0x48/0x280 [ 716.231550] ? zap_class+0x640/0x640 [ 716.231553] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 716.231556] ? check_preemption_disabled+0x48/0x280 [ 716.231558] ? __lock_is_held+0xb5/0x140 [ 716.231560] call_timer_fn+0x272/0x920 [ 716.231563] ? show_workqueue_state+0x1d0/0x1d0 [ 716.231565] ? process_timeout+0x40/0x40 [ 716.231567] ? mark_held_locks+0xc7/0x130 [ 716.231570] ? _raw_spin_unlock_irq+0x27/0x80 [ 716.231572] ? _raw_spin_unlock_irq+0x27/0x80 [ 716.231575] ? show_workqueue_state+0x1d0/0x1d0 [ 716.231577] ? lockdep_hardirqs_on+0x296/0x5b0 [ 716.231580] ? trace_hardirqs_on+0xbd/0x310 [ 716.231582] ? kasan_check_read+0x11/0x20 [ 716.231584] ? __run_timer [ 716.231588] Lost 118 message(s)! [ 717.262716] workqueue events_power_efficient: flags=0x80 [ 717.268201] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 [ 717.274346] pending: do_cache_clean [ 717.278438] workqueue mm_percpu_wq: flags=0x8 [ 717.282934] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 [ 717.289071] pending: vmstat_update [ 717.293025] workqueue dm_bufio_cache: flags=0x8 [ 717.297678] pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 [ 717.303938] pending: work_fn [ 717.307412] pool 0: cpus=0 node=0 flags=0x0 nice=0 hung=270s workers=2 idle: 5