[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.10.0' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 42.103523][ C0] [ 42.105873][ C0] ======================================================== [ 42.113042][ C0] WARNING: possible irq lock inversion dependency detected [ 42.120215][ C0] 5.6.0-syzkaller #0 Not tainted [ 42.125169][ C0] -------------------------------------------------------- [ 42.132335][ C0] swapper/0/0 just changed the state of lock: [ 42.138410][ C0] ffff888094b8fcd8 (&ctx->ctx_lock){..-.}-{2:2}, at: free_ioctx_users+0x30/0x1c0 [ 42.147538][ C0] but this lock took another, SOFTIRQ-unsafe lock in the past: [ 42.155142][ C0] (&pid->wait_pidfd){+.+.}-{2:2} [ 42.155149][ C0] [ 42.155149][ C0] [ 42.155149][ C0] and interrupts could create inverse lock ordering between them. [ 42.155149][ C0] [ 42.174443][ C0] [ 42.174443][ C0] other info that might help us debug this: [ 42.182474][ C0] Possible interrupt unsafe locking scenario: [ 42.182474][ C0] [ 42.190761][ C0] CPU0 CPU1 [ 42.196108][ C0] ---- ---- [ 42.201455][ C0] lock(&pid->wait_pidfd); [ 42.205925][ C0] local_irq_disable(); [ 42.212649][ C0] lock(&ctx->ctx_lock); [ 42.219464][ C0] lock(&pid->wait_pidfd); [ 42.226462][ C0] [ 42.229888][ C0] lock(&ctx->ctx_lock); [ 42.234365][ C0] [ 42.234365][ C0] *** DEADLOCK *** [ 42.234365][ C0] [ 42.242483][ C0] 2 locks held by swapper/0/0: [ 42.247227][ C0] #0: ffffffff892e6be0 (rcu_callback){....}-{0:0}, at: rcu_lock_acquire+0x0/0x30 [ 42.256406][ C0] #1: ffffffff892e6b90 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 42.265671][ C0] [ 42.265671][ C0] the shortest dependencies between 2nd lock and 1st lock: [ 42.275038][ C0] -> (&pid->wait_pidfd){+.+.}-{2:2} { [ 42.280471][ C0] HARDIRQ-ON-W at: [ 42.284525][ C0] lock_acquire+0x169/0x480 [ 42.290823][ C0] _raw_spin_lock+0x2a/0x40 [ 42.297124][ C0] proc_pid_make_inode+0x187/0x2d0 [ 42.304028][ C0] proc_pid_instantiate+0x4b/0x1a0 [ 42.310933][ C0] proc_pid_lookup+0x218/0x2f0 [ 42.317489][ C0] proc_root_lookup+0x1b/0x50 [ 42.323960][ C0] __lookup_slow+0x240/0x370 [ 42.331391][ C0] walk_component+0x442/0x680 [ 42.337874][ C0] link_path_walk+0x66d/0xba0 [ 42.344344][ C0] path_openat+0x21d/0x38b0 [ 42.350640][ C0] do_filp_open+0x191/0x3a0 [ 42.356962][ C0] do_sys_openat2+0x463/0x770 [ 42.363449][ C0] __x64_sys_open+0x1af/0x1e0 [ 42.369936][ C0] do_syscall_64+0xf3/0x1b0 [ 42.376256][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 42.383947][ C0] SOFTIRQ-ON-W at: [ 42.388162][ C0] lock_acquire+0x169/0x480 [ 42.394459][ C0] _raw_spin_lock+0x2a/0x40 [ 42.400882][ C0] proc_pid_make_inode+0x187/0x2d0 [ 42.407800][ C0] proc_pid_instantiate+0x4b/0x1a0 [ 42.414710][ C0] proc_pid_lookup+0x218/0x2f0 [ 42.421715][ C0] proc_root_lookup+0x1b/0x50 [ 42.428183][ C0] __lookup_slow+0x240/0x370 [ 42.434582][ C0] walk_component+0x442/0x680 [ 42.441065][ C0] link_path_walk+0x66d/0xba0 [ 42.447538][ C0] path_openat+0x21d/0x38b0 [ 42.453852][ C0] do_filp_open+0x191/0x3a0 [ 42.460510][ C0] do_sys_openat2+0x463/0x770 [ 42.466998][ C0] __x64_sys_open+0x1af/0x1e0 [ 42.473470][ C0] do_syscall_64+0xf3/0x1b0 [ 42.479768][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 42.487451][ C0] INITIAL USE at: [ 42.491402][ C0] lock_acquire+0x169/0x480 [ 42.497687][ C0] _raw_spin_lock_irqsave+0x9e/0xc0 [ 42.504597][ C0] __wake_up+0xb8/0x150 [ 42.510473][ C0] do_notify_parent+0x167/0xce0 [ 42.517042][ C0] do_exit+0x12c5/0x1f80 [ 42.522996][ C0] call_usermodehelper_exec_async+0x47c/0x480 [ 42.530781][ C0] ret_from_fork+0x24/0x30 [ 42.536912][ C0] } [ 42.539483][ C0] ... key at: [] alloc_pid.__key+0x0/0x10 [ 42.547338][ C0] ... acquired at: [ 42.551204][ C0] lock_acquire+0x169/0x480 [ 42.555851][ C0] _raw_spin_lock+0x2a/0x40 [ 42.560510][ C0] io_submit_one+0x10f5/0x1a80 [ 42.565415][ C0] __se_sys_io_submit+0x117/0x220 [ 42.570581][ C0] do_syscall_64+0xf3/0x1b0 [ 42.575229][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 42.581260][ C0] [ 42.583569][ C0] -> (&ctx->ctx_lock){..-.}-{2:2} { [ 42.588738][ C0] IN-SOFTIRQ-W at: [ 42.592689][ C0] lock_acquire+0x169/0x480 [ 42.598823][ C0] _raw_spin_lock_irq+0x67/0x80 [ 42.605300][ C0] free_ioctx_users+0x30/0x1c0 [ 42.611682][ C0] percpu_ref_put+0x18d/0x1a0 [ 42.617981][ C0] rcu_core+0x816/0x1120 [ 42.623858][ C0] __do_softirq+0x268/0x80c [ 42.629982][ C0] irq_exit+0x223/0x230 [ 42.635766][ C0] smp_apic_timer_interrupt+0x113/0x280 [ 42.642968][ C0] apic_timer_interrupt+0xf/0x20 [ 42.649539][ C0] native_safe_halt+0xe/0x10 [ 42.655761][ C0] default_idle+0x4c/0x70 [ 42.661714][ C0] do_idle+0x1ee/0x650 [ 42.667450][ C0] cpu_startup_entry+0x15/0x20 [ 42.674361][ C0] start_kernel+0x674/0x774 [ 42.680486][ C0] secondary_startup_64+0xa4/0xb0 [ 42.687126][ C0] INITIAL USE at: [ 42.690993][ C0] lock_acquire+0x169/0x480 [ 42.697041][ C0] _raw_spin_lock_irq+0x67/0x80 [ 42.703453][ C0] io_submit_one+0x10cb/0x1a80 [ 42.709937][ C0] __se_sys_io_submit+0x117/0x220 [ 42.717289][ C0] do_syscall_64+0xf3/0x1b0 [ 42.723379][ C0] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 42.730897][ C0] } [ 42.733381][ C0] ... key at: [] ioctx_alloc.__key+0x0/0x10 [ 42.741324][ C0] ... acquired at: [ 42.745108][ C0] mark_lock+0x529/0x1b00 [ 42.749594][ C0] __lock_acquire+0xaa7/0x2b90 [ 42.754500][ C0] lock_acquire+0x169/0x480 [ 42.759149][ C0] _raw_spin_lock_irq+0x67/0x80 [ 42.764322][ C0] free_ioctx_users+0x30/0x1c0 [ 42.769235][ C0] percpu_ref_put+0x18d/0x1a0 [ 42.774057][ C0] rcu_core+0x816/0x1120 [ 42.778443][ C0] __do_softirq+0x268/0x80c [ 42.783089][ C0] irq_exit+0x223/0x230 [ 42.787397][ C0] smp_apic_timer_interrupt+0x113/0x280 [ 42.793087][ C0] apic_timer_interrupt+0xf/0x20 [ 42.798165][ C0] native_safe_halt+0xe/0x10 [ 42.802896][ C0] default_idle+0x4c/0x70 [ 42.807368][ C0] do_idle+0x1ee/0x650 [ 42.811591][ C0] cpu_startup_entry+0x15/0x20 [ 42.816512][ C0] start_kernel+0x674/0x774 [ 42.821158][ C0] secondary_startup_64+0xa4/0xb0 [ 42.826330][ C0] [ 42.828681][ C0] [ 42.828681][ C0] stack backtrace: [ 42.834720][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.6.0-syzkaller #0 [ 42.842503][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.852619][ C0] Call Trace: [ 42.855878][ C0] [ 42.858715][ C0] dump_stack+0x1e9/0x30e [ 42.863019][ C0] print_irq_inversion_bug+0xb67/0xe90 [ 42.868474][ C0] ? arch_stack_walk+0xb4/0xe0 [ 42.873212][ C0] ? secondary_startup_64+0xa4/0xb0 [ 42.878394][ C0] check_usage_forwards+0x13f/0x240 [ 42.883609][ C0] ? save_trace+0x49/0xb60 [ 42.888012][ C0] mark_lock+0x529/0x1b00 [ 42.892317][ C0] ? check_usage_backwards+0x240/0x240 [ 42.897749][ C0] ? mark_lock+0x102/0x1b00 [ 42.902267][ C0] ? __lock_acquire+0x116c/0x2b90 [ 42.907273][ C0] __lock_acquire+0xaa7/0x2b90 [ 42.912017][ C0] ? pcpu_block_update+0x564/0x890 [ 42.917154][ C0] lock_acquire+0x169/0x480 [ 42.921668][ C0] ? free_ioctx_users+0x30/0x1c0 [ 42.926633][ C0] ? rcu_lock_acquire+0x5/0x30 [ 42.931376][ C0] ? trace_irq_disable_rcuidle+0x1f/0x1d0 [ 42.937114][ C0] ? percpu_ref_noop_confirm_switch+0x10/0x10 [ 42.943163][ C0] _raw_spin_lock_irq+0x67/0x80 [ 42.947989][ C0] ? free_ioctx_users+0x30/0x1c0 [ 42.952899][ C0] free_ioctx_users+0x30/0x1c0 [ 42.957638][ C0] ? percpu_ref_noop_confirm_switch+0x10/0x10 [ 42.963906][ C0] ? percpu_ref_noop_confirm_switch+0x10/0x10 [ 42.969986][ C0] percpu_ref_put+0x18d/0x1a0 [ 42.974637][ C0] rcu_core+0x816/0x1120 [ 42.978855][ C0] __do_softirq+0x268/0x80c [ 42.983334][ C0] ? irq_exit+0x223/0x230 [ 42.987674][ C0] irq_exit+0x223/0x230 [ 42.992593][ C0] smp_apic_timer_interrupt+0x113/0x280 [ 42.998134][ C0] apic_timer_interrupt+0xf/0x20 [ 43.003043][ C0] [ 43.005967][ C0] RIP: 0010:native_safe_halt+0xe/0x10 [ 43.011311][ C0] Code: 80 e1 07 80 c1 03 38 c1 7c bc 48 89 df e8 1a fe a7 f9 eb b2 cc cc cc cc cc cc cc cc e9 07 00 00 00 0f 00 2d a6 eb 56 00 fb f4 90 e9 07 00 00 00 0f 00 2d 96 eb 56 00 f4 c3 cc cc 41 56 53 65 [ 43.030888][ C0] RSP: 0018:ffffffff89207e68 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13 [ 43.039272][ C0] RAX: 1ffffffff1257401 RBX: ffffffff89281b00 RCX: dffffc0000000000 [ 43.047217][ C0] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffffff89282364 [ 43.055160][ C0] RBP: ffffffff896b98e0 R08: ffffffff817b9a70 R09: fffffbfff1250361 [ 43.063103][ C0] R10: fffffbfff1250361 R11: 0000000000000000 R12: 1ffffffff1250360 [ 43.071046][ C0] R13: dffffc0000000000 R14: 1ffffffff12573ff R15: 0000000000000000 [ 43.078996][ C0] ? trace_hardirqs_on+0x30/0x70 [ 43.083926][ C0] default_idle+0x4c/0x70 [ 43.088229][ C0] do_idle+0x1ee/0x650 [ 43.092266][ C0] cpu_startup_entry+0x15/0x20 [ 43.096999][ C0] ? time_init+0x33/0x33 [ 43.101219][ C0] start_kernel+0x674/0x774 [ 43.105694][ C0] secondary_startup_64+0xa4/0xb0