[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Update UTMP about System Runlevel Changes. Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.26' (ECDSA) to the list of known hosts. syzkaller login: [ 29.720242] IPVS: ftp: loaded support on port[0] = 21 executing program [ 30.230212] [ 30.231888] ====================================================== [ 30.238301] WARNING: possible circular locking dependency detected [ 30.244601] 4.14.303-syzkaller #0 Not tainted [ 30.249068] ------------------------------------------------------ [ 30.255373] swapper/1/0 is trying to acquire lock: [ 30.260269] (&(&gsm->tx_lock)->rlock){-...}, at: [] gsmld_write_wakeup+0x4e/0xd0 [ 30.269448] [ 30.269448] but task is already holding lock: [ 30.275389] (&port_lock_key){-.-.}, at: [] serial8250_handle_irq.part.0+0x20/0x390 [ 30.284741] [ 30.284741] which lock already depends on the new lock. [ 30.284741] [ 30.293059] [ 30.293059] the existing dependency chain (in reverse order) is: [ 30.300663] [ 30.300663] -> #1 (&port_lock_key){-.-.}: [ 30.306273] _raw_spin_lock_irqsave+0x8c/0xc0 [ 30.311262] uart_write_room+0xd5/0x340 [ 30.315763] tty_write_room+0x61/0x80 [ 30.320067] gsmld_write+0x69/0x120 [ 30.324203] tty_write+0x410/0x740 [ 30.328341] __vfs_write+0xe4/0x630 [ 30.332478] __kernel_write+0xf5/0x330 [ 30.336865] write_pipe_buf+0x143/0x1c0 [ 30.341353] __splice_from_pipe+0x326/0x7a0 [ 30.346168] default_file_splice_write+0xc5/0x150 [ 30.351603] direct_splice_actor+0x115/0x160 [ 30.356523] splice_direct_to_actor+0x27c/0x730 [ 30.361690] do_splice_direct+0x164/0x210 [ 30.366372] do_sendfile+0x47f/0xb30 [ 30.370585] SyS_sendfile64+0xff/0x110 [ 30.374970] do_syscall_64+0x1d5/0x640 [ 30.379355] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 30.385082] [ 30.385082] -> #0 (&(&gsm->tx_lock)->rlock){-...}: [ 30.391568] lock_acquire+0x170/0x3f0 [ 30.395875] _raw_spin_lock_irqsave+0x8c/0xc0 [ 30.400870] gsmld_write_wakeup+0x4e/0xd0 [ 30.405559] tty_wakeup+0xc3/0xf0 [ 30.409513] tty_port_default_wakeup+0x26/0x40 [ 30.414589] serial8250_tx_chars+0x3fe/0xc70 [ 30.419490] serial8250_handle_irq.part.0+0x2c7/0x390 [ 30.425181] serial8250_default_handle_irq+0x8a/0x1f0 [ 30.430871] serial8250_interrupt+0xf3/0x210 [ 30.435783] __handle_irq_event_percpu+0xee/0x7f0 [ 30.441148] handle_irq_event+0xed/0x240 [ 30.445711] handle_edge_irq+0x224/0xc40 [ 30.450270] handle_irq+0x35/0x50 [ 30.454221] do_IRQ+0x93/0x1d0 [ 30.457924] ret_from_intr+0x0/0x1e [ 30.462057] native_safe_halt+0xe/0x10 [ 30.466451] default_idle+0x47/0x370 [ 30.470664] do_idle+0x250/0x3c0 [ 30.474521] cpu_startup_entry+0x14/0x20 [ 30.479075] start_secondary+0x4db/0x670 [ 30.483725] secondary_startup_64+0xa5/0xb0 [ 30.488535] [ 30.488535] other info that might help us debug this: [ 30.488535] [ 30.496649] Possible unsafe locking scenario: [ 30.496649] [ 30.502690] CPU0 CPU1 [ 30.507325] ---- ---- [ 30.512063] lock(&port_lock_key); [ 30.515669] lock(&(&gsm->tx_lock)->rlock); [ 30.522565] lock(&port_lock_key); [ 30.528688] lock(&(&gsm->tx_lock)->rlock); [ 30.533066] [ 30.533066] *** DEADLOCK *** [ 30.533066] [ 30.539112] 3 locks held by swapper/1/0: [ 30.543140] #0: (&(&i->lock)->rlock){-.-.}, at: [] serial8250_interrupt+0x3a/0x210 [ 30.552561] #1: (&port_lock_key){-.-.}, at: [] serial8250_handle_irq.part.0+0x20/0x390 [ 30.562341] #2: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref+0x1b/0x80 [ 30.570806] [ 30.570806] stack backtrace: [ 30.575723] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.303-syzkaller #0 [ 30.582791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 [ 30.592234] Call Trace: [ 30.595145] [ 30.597290] dump_stack+0x1b2/0x281 [ 30.600937] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 30.606727] __lock_acquire+0x2e0e/0x3f20 [ 30.610854] ? trace_hardirqs_on+0x10/0x10 [ 30.615080] ? trace_hardirqs_on+0x10/0x10 [ 30.619403] ? trace_hardirqs_on+0x10/0x10 [ 30.626956] lock_acquire+0x170/0x3f0 [ 30.630930] ? gsmld_write_wakeup+0x4e/0xd0 [ 30.635227] ? lock_downgrade+0x740/0x740 [ 30.639527] _raw_spin_lock_irqsave+0x8c/0xc0 [ 30.643997] ? gsmld_write_wakeup+0x4e/0xd0 [ 30.648289] ? gsm_dlci_data_sweep+0x1b0/0x1b0 [ 30.652843] gsmld_write_wakeup+0x4e/0xd0 [ 30.657012] ? gsm_dlci_data_sweep+0x1b0/0x1b0 [ 30.661586] tty_wakeup+0xc3/0xf0 [ 30.665013] tty_port_default_wakeup+0x26/0x40 [ 30.669587] serial8250_tx_chars+0x3fe/0xc70 [ 30.673973] serial8250_handle_irq.part.0+0x2c7/0x390 [ 30.679142] serial8250_default_handle_irq+0x8a/0x1f0 [ 30.684426] serial8250_interrupt+0xf3/0x210 [ 30.688828] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 30.694268] ? serial8250_backup_timeout+0x440/0x440 [ 30.699376] __handle_irq_event_percpu+0xee/0x7f0 [ 30.704196] handle_irq_event+0xed/0x240 [ 30.708336] ? handle_irq_event_percpu+0x110/0x110 [ 30.713362] handle_edge_irq+0x224/0xc40 [ 30.717406] handle_irq+0x35/0x50 [ 30.720837] do_IRQ+0x93/0x1d0 [ 30.724007] common_interrupt+0x93/0x93 [ 30.727954] [ 30.730179] RIP: 0010:native_safe_halt+0xe/0x10 [ 30.734819] RSP: 0018:ffff8880b5477e68 EFLAGS: 000002c6 ORIG_RAX: ffffffffffffffc8 [ 30.742526] RAX: 1ffffffff11e13dc RBX: dffffc0000000000 RCX: 0000000000000000 [ 30.749778] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffff8880b5464bc4 [ 30.757030] RBP: ffffffff88f09ed0 R08: ffffffff88ccbd68 R09: 0000000000000000 [ 30.764295] R10: 0000000000000000 R11: 0000000000000000 R12: ffffed1016a8c868 [ 30.771628] R13: ffff8880b5464340 R14: 0000000000000000 R15: 0000000000000000 [ 30.778991] default_idle+0x47/0x370 [ 30.782682] do_idle+0x250/0x3c0 [ 30.786127] cpu_startup_entry+0x14/0x20 [ 30.790171] start_secondary+0x4db/0x670 [ 30.794230] ? set_cpu_sibling_map+0x1680/0x1680 [ 30.798968] secondary_startup_64+0xa5/0xb0