[ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.8' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 59.055845][ T8419] [ 59.058239][ T8419] ======================================================== [ 59.065599][ T8419] WARNING: possible irq lock inversion dependency detected [ 59.072907][ T8419] 5.13.0-rc2-syzkaller #0 Not tainted [ 59.078322][ T8419] -------------------------------------------------------- [ 59.085723][ T8419] syz-executor166/8419 just changed the state of lock: [ 59.092588][ T8419] ffff8880173ebcb8 (&f->f_owner.lock){.+..}-{2:2}, at: f_getown+0x22/0x210 [ 59.101244][ T8419] but this lock was taken by another, HARDIRQ-safe lock in the past: [ 59.109330][ T8419] (&dev->event_lock){-...}-{2:2} [ 59.109358][ T8419] [ 59.109358][ T8419] [ 59.109358][ T8419] and interrupts could create inverse lock ordering between them. [ 59.109358][ T8419] [ 59.128999][ T8419] [ 59.128999][ T8419] other info that might help us debug this: [ 59.137143][ T8419] Chain exists of: [ 59.137143][ T8419] &dev->event_lock --> &new->fa_lock --> &f->f_owner.lock [ 59.137143][ T8419] [ 59.150291][ T8419] Possible interrupt unsafe locking scenario: [ 59.150291][ T8419] [ 59.158807][ T8419] CPU0 CPU1 [ 59.164631][ T8419] ---- ---- [ 59.169998][ T8419] lock(&f->f_owner.lock); [ 59.174524][ T8419] local_irq_disable(); [ 59.181303][ T8419] lock(&dev->event_lock); [ 59.188707][ T8419] lock(&new->fa_lock); [ 59.195495][ T8419] [ 59.198969][ T8419] lock(&dev->event_lock); [ 59.203655][ T8419] [ 59.203655][ T8419] *** DEADLOCK *** [ 59.203655][ T8419] [ 59.211832][ T8419] no locks held by syz-executor166/8419. [ 59.217666][ T8419] [ 59.217666][ T8419] the shortest dependencies between 2nd lock and 1st lock: [ 59.227341][ T8419] -> (&dev->event_lock){-...}-{2:2} { [ 59.233020][ T8419] IN-HARDIRQ-W at: [ 59.237388][ T8419] lock_acquire+0x17f/0x720 [ 59.244095][ T8419] _raw_spin_lock_irqsave+0xb3/0x100 [ 59.251837][ T8419] input_event+0x89/0xc0 [ 59.258357][ T8419] psmouse_report_standard_packet+0x4f/0x200 [ 59.266799][ T8419] psmouse_process_byte+0x44f/0x640 [ 59.274273][ T8419] psmouse_handle_byte+0x44/0x4a0 [ 59.281568][ T8419] psmouse_interrupt+0x6d0/0x10c0 [ 59.288856][ T8419] serio_interrupt+0x88/0x130 [ 59.295727][ T8419] i8042_interrupt+0x34c/0x740 [ 59.302725][ T8419] __handle_irq_event_percpu+0x20a/0x6d0 [ 59.311025][ T8419] handle_irq_event+0x10a/0x2f0 [ 59.318180][ T8419] handle_edge_irq+0x245/0xbe0 [ 59.326042][ T8419] __common_interrupt+0xce/0x1e0 [ 59.333805][ T8419] common_interrupt+0x9c/0xc0 [ 59.340972][ T8419] asm_common_interrupt+0x1e/0x40 [ 59.348557][ T8419] acpi_idle_enter+0x430/0x780 [ 59.355626][ T8419] cpuidle_enter_state+0x509/0xe60 [ 59.363201][ T8419] cpuidle_enter+0x59/0x90 [ 59.369820][ T8419] do_idle+0x3c8/0x620 [ 59.376073][ T8419] cpu_startup_entry+0x15/0x20 [ 59.383027][ T8419] secondary_startup_64_no_verify+0xb0/0xbb [ 59.391109][ T8419] INITIAL USE at: [ 59.395369][ T8419] lock_acquire+0x17f/0x720 [ 59.401975][ T8419] _raw_spin_lock_irqsave+0xb3/0x100 [ 59.409489][ T8419] input_inject_event+0xb3/0x280 [ 59.416540][ T8419] led_trigger_event+0x6f/0xd0 [ 59.423595][ T8419] kbd_led_trigger_activate+0xb8/0x100 [ 59.431258][ T8419] led_trigger_set+0x514/0x940 [ 59.438158][ T8419] led_trigger_set_default+0x1ca/0x200 [ 59.445812][ T8419] led_classdev_register_ext+0x690/0x870 [ 59.453647][ T8419] input_leds_connect+0x53e/0x790 [ 59.460779][ T8419] input_register_device+0xe25/0x1350 [ 59.468534][ T8419] atkbd_connect+0x74f/0xa70 [ 59.475597][ T8419] serio_driver_probe+0x76/0x90 [ 59.482548][ T8419] really_probe+0x385/0x1020 [ 59.489250][ T8419] driver_probe_device+0x178/0x350 [ 59.496640][ T8419] device_driver_attach+0x176/0x280 [ 59.503945][ T8419] __driver_attach+0xa7/0x390 [ 59.510750][ T8419] bus_for_each_dev+0x168/0x1d0 [ 59.517965][ T8419] serio_handle_event+0x8d1/0x1070 [ 59.525202][ T8419] process_one_work+0x833/0x10c0 [ 59.532269][ T8419] worker_thread+0xac1/0x1300 [ 59.539232][ T8419] kthread+0x39a/0x3c0 [ 59.545413][ T8419] ret_from_fork+0x1f/0x30 [ 59.551945][ T8419] } [ 59.554718][ T8419] ... key at: [] input_allocate_device.__key.6+0x0/0x40 [ 59.564026][ T8419] ... acquired at: [ 59.568106][ T8419] lock_acquire+0x17f/0x720 [ 59.572812][ T8419] _raw_spin_lock+0x2a/0x40 [ 59.577499][ T8419] evdev_pass_values+0xd9/0xaa0 [ 59.582537][ T8419] evdev_events+0x1c5/0x270 [ 59.588080][ T8419] input_pass_values+0x89c/0x11d0 [ 59.593759][ T8419] input_handle_event+0xb99/0x1550 [ 59.599059][ T8419] input_inject_event+0x1e8/0x280 [ 59.604489][ T8419] evdev_write+0x5f0/0x780 [ 59.609096][ T8419] vfs_write+0x289/0xc90 [ 59.613533][ T8419] ksys_write+0x171/0x2a0 [ 59.618054][ T8419] do_syscall_64+0x3f/0xb0 [ 59.622670][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 59.628774][ T8419] [ 59.631206][ T8419] -> (&client->buffer_lock){....}-{2:2} { [ 59.637133][ T8419] INITIAL USE at: [ 59.641223][ T8419] lock_acquire+0x17f/0x720 [ 59.647665][ T8419] _raw_spin_lock+0x2a/0x40 [ 59.654126][ T8419] evdev_pass_values+0xd9/0xaa0 [ 59.661274][ T8419] evdev_events+0x1c5/0x270 [ 59.667806][ T8419] input_pass_values+0x89c/0x11d0 [ 59.674771][ T8419] input_handle_event+0xb99/0x1550 [ 59.681816][ T8419] input_inject_event+0x1e8/0x280 [ 59.688873][ T8419] evdev_write+0x5f0/0x780 [ 59.695221][ T8419] vfs_write+0x289/0xc90 [ 59.701395][ T8419] ksys_write+0x171/0x2a0 [ 59.707752][ T8419] do_syscall_64+0x3f/0xb0 [ 59.714103][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 59.721941][ T8419] } [ 59.724634][ T8419] ... key at: [] evdev_open.__key.23+0x0/0x40 [ 59.732993][ T8419] ... acquired at: [ 59.737007][ T8419] lock_acquire+0x17f/0x720 [ 59.741704][ T8419] _raw_read_lock+0x32/0x40 [ 59.746564][ T8419] kill_fasync+0x19b/0x440 [ 59.751166][ T8419] evdev_pass_values+0x58a/0xaa0 [ 59.756455][ T8419] evdev_events+0x1c5/0x270 [ 59.761157][ T8419] input_pass_values+0x89c/0x11d0 [ 59.766373][ T8419] input_handle_event+0xb99/0x1550 [ 59.771673][ T8419] input_inject_event+0x1e8/0x280 [ 59.776994][ T8419] evdev_write+0x5f0/0x780 [ 59.781610][ T8419] vfs_write+0x289/0xc90 [ 59.786128][ T8419] ksys_write+0x171/0x2a0 [ 59.790632][ T8419] do_syscall_64+0x3f/0xb0 [ 59.795256][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 59.801424][ T8419] [ 59.803769][ T8419] -> (&new->fa_lock){....}-{2:2} { [ 59.808993][ T8419] INITIAL READ USE at: [ 59.813416][ T8419] lock_acquire+0x17f/0x720 [ 59.820278][ T8419] _raw_read_lock+0x32/0x40 [ 59.826984][ T8419] kill_fasync+0x19b/0x440 [ 59.833858][ T8419] evdev_pass_values+0x58a/0xaa0 [ 59.840998][ T8419] evdev_events+0x1c5/0x270 [ 59.847757][ T8419] input_pass_values+0x89c/0x11d0 [ 59.855053][ T8419] input_handle_event+0xb99/0x1550 [ 59.862366][ T8419] input_inject_event+0x1e8/0x280 [ 59.869594][ T8419] evdev_write+0x5f0/0x780 [ 59.876227][ T8419] vfs_write+0x289/0xc90 [ 59.882843][ T8419] ksys_write+0x171/0x2a0 [ 59.889367][ T8419] do_syscall_64+0x3f/0xb0 [ 59.895978][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 59.904168][ T8419] } [ 59.906870][ T8419] ... key at: [] fasync_insert_entry.__key+0x0/0x40 [ 59.915733][ T8419] ... acquired at: [ 59.919639][ T8419] lock_acquire+0x17f/0x720 [ 59.924436][ T8419] _raw_read_lock_irqsave+0xbb/0x100 [ 59.929907][ T8419] send_sigio+0x2f/0x300 [ 59.934330][ T8419] kill_fasync+0x243/0x440 [ 59.938941][ T8419] evdev_pass_values+0x58a/0xaa0 [ 59.944063][ T8419] evdev_events+0x1c5/0x270 [ 59.948748][ T8419] input_pass_values+0x89c/0x11d0 [ 59.953948][ T8419] input_handle_event+0xb99/0x1550 [ 59.959234][ T8419] input_inject_event+0x1e8/0x280 [ 59.964519][ T8419] evdev_write+0x5f0/0x780 [ 59.969118][ T8419] vfs_write+0x289/0xc90 [ 59.973540][ T8419] ksys_write+0x171/0x2a0 [ 59.978046][ T8419] do_syscall_64+0x3f/0xb0 [ 59.982632][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 59.988716][ T8419] [ 59.991114][ T8419] -> (&f->f_owner.lock){.+..}-{2:2} { [ 59.996544][ T8419] HARDIRQ-ON-R at: [ 60.000530][ T8419] lock_acquire+0x17f/0x720 [ 60.006695][ T8419] _raw_read_lock+0x32/0x40 [ 60.012872][ T8419] f_getown+0x22/0x210 [ 60.018625][ T8419] sock_ioctl+0x2c6/0x6a0 [ 60.024619][ T8419] __se_sys_ioctl+0xfb/0x170 [ 60.030866][ T8419] do_syscall_64+0x3f/0xb0 [ 60.037023][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 60.044589][ T8419] INITIAL READ USE at: [ 60.048920][ T8419] lock_acquire+0x17f/0x720 [ 60.055430][ T8419] _raw_read_lock_irqsave+0xbb/0x100 [ 60.062735][ T8419] send_sigio+0x2f/0x300 [ 60.068976][ T8419] kill_fasync+0x243/0x440 [ 60.075387][ T8419] evdev_pass_values+0x58a/0xaa0 [ 60.082321][ T8419] evdev_events+0x1c5/0x270 [ 60.088816][ T8419] input_pass_values+0x89c/0x11d0 [ 60.095836][ T8419] input_handle_event+0xb99/0x1550 [ 60.102943][ T8419] input_inject_event+0x1e8/0x280 [ 60.110018][ T8419] evdev_write+0x5f0/0x780 [ 60.116439][ T8419] vfs_write+0x289/0xc90 [ 60.122793][ T8419] ksys_write+0x171/0x2a0 [ 60.129134][ T8419] do_syscall_64+0x3f/0xb0 [ 60.135566][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 60.143474][ T8419] } [ 60.145976][ T8419] ... key at: [] __alloc_file.__key+0x0/0x10 [ 60.154061][ T8419] ... acquired at: [ 60.157875][ T8419] __lock_acquire+0xd10/0x6040 [ 60.162911][ T8419] lock_acquire+0x17f/0x720 [ 60.167587][ T8419] _raw_read_lock+0x32/0x40 [ 60.172280][ T8419] f_getown+0x22/0x210 [ 60.176534][ T8419] sock_ioctl+0x2c6/0x6a0 [ 60.181042][ T8419] __se_sys_ioctl+0xfb/0x170 [ 60.185834][ T8419] do_syscall_64+0x3f/0xb0 [ 60.190421][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 60.196495][ T8419] [ 60.198815][ T8419] [ 60.198815][ T8419] stack backtrace: [ 60.204707][ T8419] CPU: 1 PID: 8419 Comm: syz-executor166 Not tainted 5.13.0-rc2-syzkaller #0 [ 60.213650][ T8419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 60.223720][ T8419] Call Trace: [ 60.227018][ T8419] dump_stack+0x202/0x31e [ 60.231359][ T8419] ? show_regs_print_info+0x12/0x12 [ 60.236578][ T8419] ? log_buf_vmcoreinfo_setup+0x498/0x498 [ 60.242301][ T8419] ? save_trace+0x5a/0x9f0 [ 60.246722][ T8419] print_irq_inversion_bug+0xa58/0xda0 [ 60.252225][ T8419] ? print_bfs_bug+0x30/0x30 [ 60.256816][ T8419] ? unwind_get_return_address+0x48/0x80 [ 60.262452][ T8419] ? arch_stack_walk+0x98/0xe0 [ 60.267238][ T8419] ? stack_trace_save+0x104/0x1e0 [ 60.272374][ T8419] ? stack_trace_snprint+0xe0/0xe0 [ 60.277483][ T8419] ? stack_trace_save+0x1e0/0x1e0 [ 60.282515][ T8419] ? print_usage_bug+0x1210/0x1210 [ 60.287628][ T8419] ? save_trace+0x5a/0x9f0 [ 60.292046][ T8419] mark_lock+0x110b/0x1eb0 [ 60.296465][ T8419] ? __bfs+0x700/0x700 [ 60.300555][ T8419] ? __bfs+0x700/0x700 [ 60.304623][ T8419] ? stack_trace_save+0x1e0/0x1e0 [ 60.309648][ T8419] ? stack_trace_save+0x1e0/0x1e0 [ 60.314675][ T8419] ? is_bpf_text_address+0x253/0x270 [ 60.319980][ T8419] ? stack_trace_save+0x1e0/0x1e0 [ 60.325003][ T8419] ? unwind_get_return_address+0x48/0x80 [ 60.330652][ T8419] ? arch_stack_walk+0x98/0xe0 [ 60.335418][ T8419] ? stack_trace_save+0x104/0x1e0 [ 60.340440][ T8419] ? stack_trace_snprint+0xe0/0xe0 [ 60.345566][ T8419] ? rcu_read_lock_sched_held+0x87/0x110 [ 60.351205][ T8419] __lock_acquire+0xd10/0x6040 [ 60.355980][ T8419] ? __lock_acquire+0x147f/0x6040 [ 60.361014][ T8419] ? do_syscall_64+0x3f/0xb0 [ 60.365612][ T8419] ? trace_lock_acquire+0x180/0x180 [ 60.370820][ T8419] ? trace_lock_acquire+0x180/0x180 [ 60.376029][ T8419] ? rcu_lock_release+0x5/0x20 [ 60.380804][ T8419] ? rcu_read_lock_sched_held+0x87/0x110 [ 60.386439][ T8419] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 60.392445][ T8419] ? lockdep_hardirqs_on_prepare+0x3e2/0x750 [ 60.398444][ T8419] ? rcu_read_lock_sched_held+0x87/0x110 [ 60.404107][ T8419] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 60.410203][ T8419] ? rcu_read_lock_sched_held+0x87/0x110 [ 60.415894][ T8419] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 60.421898][ T8419] lock_acquire+0x17f/0x720 [ 60.426458][ T8419] ? f_getown+0x22/0x210 [ 60.430720][ T8419] ? read_lock_is_recursive+0x10/0x10 [ 60.436104][ T8419] ? __might_fault+0xb8/0x110 [ 60.440807][ T8419] ? __lock_acquire+0x6040/0x6040 [ 60.445851][ T8419] _raw_read_lock+0x32/0x40 [ 60.450366][ T8419] ? f_getown+0x22/0x210 [ 60.454611][ T8419] f_getown+0x22/0x210 [ 60.458687][ T8419] sock_ioctl+0x2c6/0x6a0 [ 60.463041][ T8419] ? sock_poll+0x400/0x400 [ 60.467464][ T8419] ? print_irqtrace_events+0x220/0x220 [ 60.473110][ T8419] ? vtime_user_exit+0x2b2/0x3e0 [ 60.478054][ T8419] ? bpf_lsm_file_ioctl+0x5/0x10 [ 60.483011][ T8419] ? security_file_ioctl+0x9d/0xb0 [ 60.488219][ T8419] ? sock_poll+0x400/0x400 [ 60.492657][ T8419] __se_sys_ioctl+0xfb/0x170 [ 60.497360][ T8419] do_syscall_64+0x3f/0xb0 [ 60.501967][ T8419] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 60.507878][ T8419] RIP: 0033:0x443599 [ 6