forked to background, child pid 3171
no interfaces have a carrier
[ 21.095329][ T3172] 8021q: adding VLAN 0 to HW filter on device bond0
[ 21.104418][ T3172] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.0.66' (ECDSA) to the list of known hosts.
syzkaller login: [ 36.286489][ T3600] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 36.294559][ T3600] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 36.302436][ T3600] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 36.310407][ T3600] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 36.318240][ T3600] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 36.325497][ T3600] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 36.380231][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 36.388517][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 36.398357][ T3257] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 36.414726][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 36.422863][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program
[ 36.431313][ T3257] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 36.445828][ T3594] FAULT_INJECTION: forcing a failure.
[ 36.445828][ T3594] name failslab, interval 1, probability 0, space 0, times 1
[ 36.445904][ T3594]
[ 36.445907][ T3594] ======================================================
[ 36.445910][ T3594] WARNING: possible circular locking dependency detected
[ 36.445914][ T3594] 5.18.0-rc1-syzkaller-00016-g3e732ebf7316 #0 Not tainted
[ 36.445920][ T3594] ------------------------------------------------------
[ 36.445923][ T3594] syz-executor143/3594 is trying to acquire lock:
[ 36.445929][ T3594] ffffffff8bc90500 (console_owner){....}-{0:0}, at: console_unlock+0x35e/0xdd0
[ 36.445982][ T3594]
[ 36.445982][ T3594] but task is already holding lock:
[ 36.445985][ T3594] ffff88807e48b958 (&port->lock){-...}-{2:2}, at: pty_write+0xea/0x1e0
[ 36.446009][ T3594]
[ 36.446009][ T3594] which lock already depends on the new lock.
[ 36.446009][ T3594]
[ 36.446012][ T3594]
[ 36.446012][ T3594] the existing dependency chain (in reverse order) is:
[ 36.446016][ T3594]
[ 36.446016][ T3594] -> #2 (&port->lock){-...}-{2:2}:
[ 36.446030][ T3594] _raw_spin_lock_irqsave+0x39/0x50
[ 36.446046][ T3594] tty_port_tty_get+0x1f/0x100
[ 36.446056][ T3594] tty_port_default_wakeup+0x11/0x40
[ 36.446067][ T3594] serial8250_tx_chars+0x4f3/0xa50
[ 36.446079][ T3594] serial8250_handle_irq.part.0+0x328/0x3d0
[ 36.446091][ T3594] serial8250_default_handle_irq+0xb2/0x220
[ 36.446103][ T3594] serial8250_interrupt+0xfd/0x200
[ 36.446114][ T3594] __handle_irq_event_percpu+0x22b/0x880
[ 36.446125][ T3594] handle_irq_event+0xa7/0x1e0
[ 36.446134][ T3594] handle_edge_irq+0x25f/0xd00
[ 36.446146][ T3594] __common_interrupt+0x9d/0x210
[ 36.446157][ T3594] common_interrupt+0xa4/0xc0
[ 36.446167][ T3594] asm_common_interrupt+0x1e/0x40
[ 36.446179][ T3594] acpi_idle_do_entry+0x1c6/0x250
[ 36.446190][ T3594] acpi_idle_enter+0x361/0x500
[ 36.446203][ T3594] cpuidle_enter_state+0x1b1/0xc80
[ 36.446216][ T3594] cpuidle_enter+0x4a/0xa0
[ 36.446228][ T3594] do_idle+0x3e8/0x590
[ 36.446237][ T3594] cpu_startup_entry+0x14/0x20
[ 36.446247][ T3594] start_kernel+0x47f/0x4a0
[ 36.446259][ T3594] secondary_startup_64_no_verify+0xc3/0xcb
[ 36.446273][ T3594]
[ 36.446273][ T3594] -> #1 (&port_lock_key){-...}-{2:2}:
[ 36.446293][ T3594] _raw_spin_lock_irqsave+0x39/0x50
[ 36.446304][ T3594] serial8250_console_write+0x91a/0xb70
[ 36.446317][ T3594] console_unlock+0x9bc/0xdd0
[ 36.446328][ T3594] vprintk_emit+0x1b4/0x5f0
[ 36.446341][ T3594] vprintk+0x80/0x90
[ 36.446352][ T3594] _printk+0xba/0xed
[ 36.446362][ T3594] register_console+0x410/0x7c0
[ 36.446374][ T3594] univ8250_console_init+0x3a/0x46
[ 36.446385][ T3594] console_init+0x3c1/0x58d
[ 36.446395][ T3594] start_kernel+0x30b/0x4a0
[ 36.446406][ T3594] secondary_startup_64_no_verify+0xc3/0xcb
[ 36.446419][ T3594]
[ 36.446419][ T3594] -> #0 (console_owner){....}-{0:0}:
[ 36.446433][ T3594] __lock_acquire+0x2ac6/0x56c0
[ 36.446445][ T3594] lock_acquire+0x1ab/0x510
[ 36.446457][ T3594] console_unlock+0x3b1/0xdd0
[ 36.446469][ T3594] vprintk_emit+0x1b4/0x5f0
[ 36.446481][ T3594] vprintk+0x80/0x90
[ 36.446492][ T3594] _printk+0xba/0xed
[ 36.446501][ T3594] should_fail+0x472/0x5a0
[ 36.446514][ T3594] should_failslab+0x5/0x10
[ 36.446525][ T3594] __kmalloc+0x7e/0x350
[ 36.446535][ T3594] tty_buffer_alloc+0x23f/0x2a0
[ 36.446548][ T3594] __tty_buffer_request_room+0x156/0x2a0
[ 36.446562][ T3594] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 36.446577][ T3594] pty_write+0x11c/0x1e0
[ 36.446586][ T3594] tty_put_char+0x122/0x150
[ 36.446597][ T3594] __process_echoes+0x577/0x9f0
[ 36.446609][ T3594] n_tty_receive_buf_common+0x1699/0x4780
[ 36.446622][ T3594] tty_ioctl+0x909/0x15e0
[ 36.446633][ T3594] __x64_sys_ioctl+0x193/0x200
[ 36.446646][ T3594] do_syscall_64+0x35/0xb0
[ 36.446659][ T3594] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 36.446671][ T3594]
[ 36.446671][ T3594] other info that might help us debug this:
[ 36.446671][ T3594]
[ 36.446674][ T3594] Chain exists of:
[ 36.446674][ T3594] console_owner --> &port_lock_key --> &port->lock
[ 36.446674][ T3594]
[ 36.446690][ T3594] Possible unsafe locking scenario:
[ 36.446690][ T3594]
[ 36.446692][ T3594] CPU0 CPU1
[ 36.446694][ T3594] ---- ----
[ 36.446697][ T3594] lock(&port->lock);
[ 36.446702][ T3594] lock(&port_lock_key);
[ 36.446709][ T3594] lock(&port->lock);
[ 36.446716][ T3594] lock(console_owner);
[ 36.446722][ T3594]
[ 36.446722][ T3594] *** DEADLOCK ***
[ 36.446722][ T3594]
[ 36.446723][ T3594] 6 locks held by syz-executor143/3594:
[ 36.446730][ T3594] #0: ffff88807b0b7098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80
[ 36.446759][ T3594] #1: ffff88807e48a0b8 (&port->buf.lock/1){+.+.}-{3:3}, at: tty_ioctl+0x89f/0x15e0
[ 36.446788][ T3594] #2: ffff88807b0b72e8 (&o_tty->termios_rwsem/1){++++}-{3:3}, at: isig+0x37d/0x430
[ 36.446818][ T3594] #3: ffffc90001c0c378 (&ldata->output_lock){+.+.}-{3:3}, at: n_tty_receive_buf_common+0x1663/0x4780
[ 36.446847][ T3594] #4: ffff88807e48b958 (&port->lock){-...}-{2:2}, at: pty_write+0xea/0x1e0
[ 36.446873][ T3594] #5: ffffffff8bd70940 (console_lock){+.+.}-{0:0}, at: vprintk+0x80/0x90
[ 36.446900][ T3594]
[ 36.446900][ T3594] stack backtrace:
[ 36.446903][ T3594] CPU: 1 PID: 3594 Comm: syz-executor143 Not tainted 5.18.0-rc1-syzkaller-00016-g3e732ebf7316 #0
[ 36.446916][ T3594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 36.446923][ T3594] Call Trace:
[ 36.446926][ T3594]
[ 36.446930][ T3594] dump_stack_lvl+0xcd/0x134
[ 36.446946][ T3594] check_noncircular+0x25f/0x2e0
[ 36.446958][ T3594] ? filter_irq_stacks+0x90/0x90
[ 36.446972][ T3594] ? print_circular_bug+0x1e0/0x1e0
[ 36.446986][ T3594] ? pointer+0x950/0x950
[ 36.446997][ T3594] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 36.447010][ T3594] ? add_lock_to_list.constprop.0+0x185/0x370
[ 36.447025][ T3594] __lock_acquire+0x2ac6/0x56c0
[ 36.447041][ T3594] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 36.447055][ T3594] ? msg_add_ext_text+0x1d0/0x1d0
[ 36.447069][ T3594] lock_acquire+0x1ab/0x510
[ 36.447082][ T3594] ? console_unlock+0x35e/0xdd0
[ 36.447095][ T3594] ? lock_release+0x720/0x720
[ 36.447108][ T3594] ? lock_downgrade+0x6e0/0x6e0
[ 36.447121][ T3594] ? do_raw_spin_lock+0x120/0x2a0
[ 36.447135][ T3594] ? rwlock_bug.part.0+0x90/0x90
[ 36.447148][ T3594] ? prb_final_commit+0x64/0xa0
[ 36.447163][ T3594] console_unlock+0x3b1/0xdd0
[ 36.447175][ T3594] ? console_unlock+0x35e/0xdd0
[ 36.447189][ T3594] ? devkmsg_read+0x730/0x730
[ 36.447202][ T3594] ? lock_release+0x720/0x720
[ 36.447217][ T3594] ? vprintk+0x80/0x90
[ 36.447231][ T3594] vprintk_emit+0x1b4/0x5f0
[ 36.447243][ T3594] ? add_lock_to_list.constprop.0+0x185/0x370
[ 36.447258][ T3594] vprintk+0x80/0x90
[ 36.447271][ T3594] _printk+0xba/0xed
[ 36.447285][ T3594] ? record_print_text.cold+0x16/0x16
[ 36.447298][ T3594] ? ___ratelimit+0x222/0x4b0
[ 36.447311][ T3594] should_fail+0x472/0x5a0
[ 36.447325][ T3594] should_failslab+0x5/0x10
[ 36.447336][ T3594] __kmalloc+0x7e/0x350
[ 36.447346][ T3594] ? tty_buffer_alloc+0x23f/0x2a0
[ 36.447360][ T3594] tty_buffer_alloc+0x23f/0x2a0
[ 36.447375][ T3594] __tty_buffer_request_room+0x156/0x2a0
[ 36.447390][ T3594] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 36.447407][ T3594] pty_write+0x11c/0x1e0
[ 36.447419][ T3594] tty_put_char+0x122/0x150
[ 36.447430][ T3594] ? tty_hung_up_p+0x70/0x70
[ 36.447442][ T3594] ? tty_flip_buffer_push+0xfe/0x100
[ 36.447456][ T3594] ? pty_write_room+0xb3/0xe0
[ 36.447467][ T3594] ? ptmx_open+0x360/0x360
[ 36.447479][ T3594] __process_echoes+0x577/0x9f0
[ 36.447493][ T3594] n_tty_receive_buf_common+0x1699/0x4780
[ 36.447511][ T3594] ? n_tty_receive_buf2+0x40/0x40
[ 36.447525][ T3594] tty_ioctl+0x909/0x15e0
[ 36.447537][ T3594] ? tty_fasync+0x390/0x390
[ 36.447551][ T3594] ? __context_tracking_exit+0xb8/0xe0
[ 36.447564][ T3594] ? lock_downgrade+0x6e0/0x6e0
[ 36.447579][ T3594] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 36.447591][ T3594] ? tty_fasync+0x390/0x390
[ 36.447603][ T3594] __x64_sys_ioctl+0x193/0x200
[ 36.447617][ T3594] do_syscall_64+0x35/0xb0
[ 36.447630][ T3594] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 36.447644][ T3594] RIP: 0033:0x7fcecf79c839
[ 36.447654][ T3594] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 36.447664][ T3594] RSP: 002b:00007ffd3b6fb838 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 36.447676][ T3594] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fcecf79c839
[ 36.447684][ T3594] RDX: 0000000020000000 RSI: 0000000000005412 RDI: 0000000000000004
[ 36.447691][ T3594] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000003
[ 36.447698][ T3594] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c
[ 36.447705][ T3594] R13: 00007ffd3b6fb88a R14: 00007ffd3b6fb8c0 R15: 00007fcecf81e480
[ 36.447715][ T3594]
[ 37.341278][ T3594] CPU: 1 PID: 3594 Comm: syz-executor143 Not tainted 5.18.0-rc1-syzkaller-00016-g3e732ebf7316 #0
[ 37.351768][ T3594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 37.361816][ T3594] Call Trace:
[ 37.365076][ T3594]
[ 37.367985][ T3594] dump_stack_lvl+0xcd/0x134
[ 37.372566][ T3594] should_fail.cold+0x5/0xa
[ 37.377052][ T3594] should_failslab+0x5/0x10
[ 37.381534][ T3594] __kmalloc+0x7e/0x350
[ 37.385671][ T3594] ? tty_buffer_alloc+0x23f/0x2a0
[ 37.390686][ T3594] tty_buffer_alloc+0x23f/0x2a0
[ 37.395526][ T3594] __tty_buffer_request_room+0x156/0x2a0
[ 37.401146][ T3594] tty_insert_flip_string_fixed_flag+0x8c/0x240
[ 37.407377][ T3594] pty_write+0x11c/0x1e0
[ 37.411610][ T3594] tty_put_char+0x122/0x150
[ 37.416270][ T3594] ? tty_hung_up_p+0x70/0x70
[ 37.420865][ T3594] ? tty_flip_buffer_push+0xfe/0x100
[ 37.426156][ T3594] ? pty_write_room+0xb3/0xe0
[ 37.431102][ T3594] ? ptmx_open+0x360/0x360
[ 37.435501][ T3594] __process_echoes+0x577/0x9f0
[ 37.440337][ T3594] n_tty_receive_buf_common+0x1699/0x4780
[ 37.446053][ T3594] ? n_tty_receive_buf2+0x40/0x40
[ 37.451152][ T3594] tty_ioctl+0x909/0x15e0
[ 37.455465][ T3594] ? tty_fasync+0x390/0x390
[ 37.459951][ T3594] ? __context_tracking_exit+0xb8/0xe0
[ 37.465392][ T3594] ? lock_downgrade+0x6e0/0x6e0
[ 37.470227][ T3594] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 37.476449][ T3594] ? tty_fasync+0x390/0x390
[ 37.480937][ T3594] __x64_sys_ioctl+0x193/0x200
[ 37.485686][ T3594] do_syscall_64+0x35/0xb0
[ 37.490086][ T3594] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 37.495987][ T3594] RIP: 0033:0x7fcecf79c839
[ 37.500403][ T3594] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 37.520026][ T3594] RSP: 002b:00007ffd3b6fb838 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 37.528431][ T3594] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fcecf79c839
[