./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3889157498 <...> forked to background, child pid 3182 no interfaces have a carrier [ 22.376382][ T3183] 8021q: adding VLAN 0 to HW filter on device bond0 [ 22.386919][ T3183] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.21' (ECDSA) to the list of known hosts. execve("./syz-executor3889157498", ["./syz-executor3889157498"], 0x7ffe4fe90360 /* 10 vars */) = 0 brk(NULL) = 0x555555f65000 brk(0x555555f65c40) = 0x555555f65c40 arch_prctl(ARCH_SET_FS, 0x555555f65300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor3889157498", 4096) = 28 brk(0x555555f86c40) = 0x555555f86c40 brk(0x555555f87000) = 0x555555f87000 mprotect(0x7fe5cedf1000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/dev/input/event0", O_WRONLY|O_CREAT|O_SYNC|O_NOFOLLOW, 000) = 3 fcntl(3, F_SETFL, O_RDONLY|O_NONBLOCK|O_NOATIME|FASYNC) = 0 ioctl(-1, EVIOCSFF, {type=0 /* FF_??? */, id=0, direction=0, ...}) = -1 EBADF (Bad file descriptor) write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 883) = 864 open("./file0", O_RDONLY|O_CREAT|O_EXCL|O_LARGEFILE|FASYNC|0x4000000, 000) = 4 gettid() = 3604 fcntl(4, F_SETOWN_EX, {type=F_OWNER_PGRP, pid=3604}) = 0 fcntl(4, F_SETLEASE, F_RDLCK) = 0 syzkaller login: [ 42.471173][ T3604] [ 42.473507][ T3604] ===================================================== [ 42.480418][ T3604] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 42.487850][ T3604] 6.0.0-rc1-syzkaller-00025-g274a2eebf80c #0 Not tainted [ 42.495033][ T3604] ----------------------------------------------------- [ 42.501936][ T3604] syz-executor388/3604 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 42.509995][ T3604] ffffffff8bc0a098 (tasklist_lock){.+.+}-{2:2}, at: send_sigio+0xab/0x370 [ 42.518495][ T3604] [ 42.518495][ T3604] and this task is already holding: [ 42.525851][ T3604] ffff888078af32b0 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x24/0x370 [ 42.534615][ T3604] which would create a new lock dependency: [ 42.540487][ T3604] (&f->f_owner.lock){....}-{2:2} -> (tasklist_lock){.+.+}-{2:2} [ 42.548214][ T3604] [ 42.548214][ T3604] but this new dependency connects a HARDIRQ-irq-safe lock: [ 42.557647][ T3604] (&dev->event_lock#2){-...}-{2:2} [ 42.557673][ T3604] [ 42.557673][ T3604] ... which became HARDIRQ-irq-safe at: [ 42.570531][ T3604] lock_acquire+0x1ab/0x570 [ 42.575113][ T3604] _raw_spin_lock_irqsave+0x39/0x50 [ 42.580435][ T3604] input_event+0x6c/0xa0 [ 42.584768][ T3604] psmouse_report_standard_buttons+0x2c/0x80 [ 42.590836][ T3604] psmouse_process_byte+0x1e1/0x890 [ 42.596118][ T3604] psmouse_handle_byte+0x41/0x1b0 [ 42.601220][ T3604] psmouse_interrupt+0x304/0xf00 [ 42.606232][ T3604] serio_interrupt+0x88/0x150 [ 42.610988][ T3604] i8042_interrupt+0x27a/0x520 [ 42.615833][ T3604] __handle_irq_event_percpu+0x227/0x870 [ 42.621545][ T3604] handle_irq_event+0xa7/0x1e0 [ 42.626389][ T3604] handle_edge_irq+0x25f/0xd00 [ 42.631227][ T3604] __common_interrupt+0x9d/0x210 [ 42.636242][ T3604] common_interrupt+0xa4/0xc0 [ 42.640997][ T3604] asm_common_interrupt+0x22/0x40 [ 42.646100][ T3604] __orc_find+0x83/0xf0 [ 42.650337][ T3604] unwind_next_frame+0x2a3/0x1cc0 [ 42.655443][ T3604] arch_stack_walk+0x7d/0xe0 [ 42.660105][ T3604] stack_trace_save+0x8c/0xc0 [ 42.664860][ T3604] save_stack+0x151/0x1e0 [ 42.669272][ T3604] __set_page_owner+0x2e/0x50 [ 42.674030][ T3604] get_page_from_freelist+0x109b/0x2ce0 [ 42.679661][ T3604] __alloc_pages+0x1c7/0x510 [ 42.684337][ T3604] alloc_page_interleave+0x1e/0x200 [ 42.689616][ T3604] alloc_pages+0x22f/0x270 [ 42.694114][ T3604] allocate_slab+0x27e/0x3d0 [ 42.698782][ T3604] ___slab_alloc+0x7f1/0xe10 [ 42.703450][ T3604] __slab_alloc.constprop.0+0x4d/0xa0 [ 42.708903][ T3604] kmem_cache_alloc+0x38c/0x3b0 [ 42.713835][ T3604] __kernfs_new_node+0xd4/0x8b0 [ 42.718771][ T3604] kernfs_new_node+0x93/0x120 [ 42.723533][ T3604] __kernfs_create_file+0x51/0x350 [ 42.728729][ T3604] sysfs_add_file_mode_ns+0x20f/0x3f0 [ 42.734180][ T3604] sysfs_create_file_ns+0x127/0x1c0 [ 42.739465][ T3604] device_create_file+0xea/0x1d0 [ 42.744490][ T3604] device_add+0x4ef/0x1e90 [ 42.748987][ T3604] __video_register_device+0x1da8/0x50b0 [ 42.754703][ T3604] register_instance+0x46a/0x590 [ 42.759728][ T3604] vicodec_probe+0x1aa/0x490 [ 42.764402][ T3604] platform_probe+0xfc/0x1f0 [ 42.769082][ T3604] really_probe+0x249/0xb90 [ 42.773675][ T3604] __driver_probe_device+0x1df/0x4d0 [ 42.779046][ T3604] driver_probe_device+0x4c/0x1a0 [ 42.784158][ T3604] __driver_attach+0x223/0x550 [ 42.789005][ T3604] bus_for_each_dev+0x147/0x1d0 [ 42.793934][ T3604] bus_add_driver+0x4c9/0x640 [ 42.798698][ T3604] driver_register+0x220/0x3a0 [ 42.803542][ T3604] vicodec_init+0x37/0x64 [ 42.807953][ T3604] do_one_initcall+0xfe/0x650 [ 42.812718][ T3604] kernel_init_freeable+0x6b1/0x73a [ 42.818000][ T3604] kernel_init+0x1a/0x1d0 [ 42.822412][ T3604] ret_from_fork+0x1f/0x30 [ 42.827087][ T3604] [ 42.827087][ T3604] to a HARDIRQ-irq-unsafe lock: [ 42.834094][ T3604] (tasklist_lock){.+.+}-{2:2} [ 42.834116][ T3604] [ 42.834116][ T3604] ... which became HARDIRQ-irq-unsafe at: [ 42.846725][ T3604] ... [ 42.846733][ T3604] lock_acquire+0x1ab/0x570 [ 42.853883][ T3604] _raw_read_lock+0x5b/0x70 [ 42.858480][ T3604] do_wait+0x27f/0xce0 [ 42.862628][ T3604] kernel_wait+0x9c/0x150 [ 42.867038][ T3604] call_usermodehelper_exec_work+0xf5/0x180 [ 42.873011][ T3604] process_one_work+0x991/0x1610 [ 42.878032][ T3604] worker_thread+0x665/0x1080 [ 42.882790][ T3604] kthread+0x2e4/0x3a0 [ 42.886937][ T3604] ret_from_fork+0x1f/0x30 [ 42.891431][ T3604] [ 42.891431][ T3604] other info that might help us debug this: [ 42.891431][ T3604] [ 42.901648][ T3604] Chain exists of: [ 42.901648][ T3604] &dev->event_lock#2 --> &f->f_owner.lock --> tasklist_lock [ 42.901648][ T3604] [ 42.915648][ T3604] Possible interrupt unsafe locking scenario: [ 42.915648][ T3604] [ 42.923957][ T3604] CPU0 CPU1 [ 42.929307][ T3604] ---- ---- [ 42.934656][ T3604] lock(tasklist_lock); [ 42.938890][ T3604] local_irq_disable(); [ 42.945628][ T3604] lock(&dev->event_lock#2); [ 42.952822][ T3604] lock(&f->f_owner.lock); [ 42.959834][ T3604] [ 42.963268][ T3604] lock(&dev->event_lock#2); [ 42.968113][ T3604] [ 42.968113][ T3604] *** DEADLOCK *** [ 42.968113][ T3604] [ 42.976240][ T3604] 6 locks held by syz-executor388/3604: [ 42.981773][ T3604] #0: ffff888062e10460 (sb_writers#4){.+.+}-{0:0}, at: path_openat+0x1b5d/0x28f0 [ 42.991001][ T3604] #1: ffffffff8c150f10 (file_rwsem){.+.+}-{0:0}, at: do_dentry_open+0x431/0x13a0 [ 43.000221][ T3604] #2: ffff888063012018 (&ctx->flc_lock){+.+.}-{2:2}, at: __break_lease+0x208/0x1410 [ 43.009699][ T3604] #3: ffffffff8bf892c0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x41/0x470 [ 43.018740][ T3604] #4: ffff888020697018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x136/0x470 [ 43.027863][ T3604] #5: ffff888078af32b0 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x24/0x370 [ 43.037077][ T3604] [ 43.037077][ T3604] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 43.047469][ T3604] -> (&dev->event_lock#2){-...}-{2:2} { [ 43.053283][ T3604] IN-HARDIRQ-W at: [ 43.057509][ T3604] lock_acquire+0x1ab/0x570 [ 43.064175][ T3604] _raw_spin_lock_irqsave+0x39/0x50 [ 43.071538][ T3604] input_event+0x6c/0xa0 [ 43.077942][ T3604] psmouse_report_standard_buttons+0x2c/0x80 [ 43.086085][ T3604] psmouse_process_byte+0x1e1/0x890 [ 43.093441][ T3604] psmouse_handle_byte+0x41/0x1b0 [ 43.100626][ T3604] psmouse_interrupt+0x304/0xf00 [ 43.107726][ T3604] serio_interrupt+0x88/0x150 [ 43.114563][ T3604] i8042_interrupt+0x27a/0x520 [ 43.121490][ T3604] __handle_irq_event_percpu+0x227/0x870 [ 43.129465][ T3604] handle_irq_event+0xa7/0x1e0 [ 43.136395][ T3604] handle_edge_irq+0x25f/0xd00 [ 43.143319][ T3604] __common_interrupt+0x9d/0x210 [ 43.150418][ T3604] common_interrupt+0xa4/0xc0 [ 43.157259][ T3604] asm_common_interrupt+0x22/0x40 [ 43.164444][ T3604] __orc_find+0x83/0xf0 [ 43.171200][ T3604] unwind_next_frame+0x2a3/0x1cc0 [ 43.178391][ T3604] arch_stack_walk+0x7d/0xe0 [ 43.185146][ T3604] stack_trace_save+0x8c/0xc0 [ 43.191986][ T3604] save_stack+0x151/0x1e0 [ 43.198483][ T3604] __set_page_owner+0x2e/0x50 [ 43.205323][ T3604] get_page_from_freelist+0x109b/0x2ce0 [ 43.213036][ T3604] __alloc_pages+0x1c7/0x510 [ 43.219789][ T3604] alloc_page_interleave+0x1e/0x200 [ 43.227148][ T3604] alloc_pages+0x22f/0x270 [ 43.233725][ T3604] allocate_slab+0x27e/0x3d0 [ 43.240475][ T3604] ___slab_alloc+0x7f1/0xe10 [ 43.247227][ T3604] __slab_alloc.constprop.0+0x4d/0xa0 [ 43.254761][ T3604] kmem_cache_alloc+0x38c/0x3b0 [ 43.261772][ T3604] __kernfs_new_node+0xd4/0x8b0 [ 43.268783][ T3604] kernfs_new_node+0x93/0x120 [ 43.275620][ T3604] __kernfs_create_file+0x51/0x350 [ 43.282896][ T3604] sysfs_add_file_mode_ns+0x20f/0x3f0 [ 43.290427][ T3604] sysfs_create_file_ns+0x127/0x1c0 [ 43.297784][ T3604] device_create_file+0xea/0x1d0 [ 43.304888][ T3604] device_add+0x4ef/0x1e90 [ 43.311462][ T3604] __video_register_device+0x1da8/0x50b0 [ 43.319258][ T3604] register_instance+0x46a/0x590 [ 43.326454][ T3604] vicodec_probe+0x1aa/0x490 [ 43.333209][ T3604] platform_probe+0xfc/0x1f0 [ 43.339964][ T3604] really_probe+0x249/0xb90 [ 43.346630][ T3604] __driver_probe_device+0x1df/0x4d0 [ 43.354087][ T3604] driver_probe_device+0x4c/0x1a0 [ 43.361279][ T3604] __driver_attach+0x223/0x550 [ 43.368208][ T3604] bus_for_each_dev+0x147/0x1d0 [ 43.375223][ T3604] bus_add_driver+0x4c9/0x640 [ 43.382062][ T3604] driver_register+0x220/0x3a0 [ 43.388989][ T3604] vicodec_init+0x37/0x64 [ 43.395478][ T3604] do_one_initcall+0xfe/0x650 [ 43.402326][ T3604] kernel_init_freeable+0x6b1/0x73a [ 43.409690][ T3604] kernel_init+0x1a/0x1d0 [ 43.416186][ T3604] ret_from_fork+0x1f/0x30 [ 43.422764][ T3604] INITIAL USE at: [ 43.426907][ T3604] lock_acquire+0x1ab/0x570 [ 43.433486][ T3604] _raw_spin_lock_irqsave+0x39/0x50 [ 43.440772][ T3604] input_inject_event+0x9b/0x320 [ 43.447791][ T3604] led_set_brightness_nosleep+0xe6/0x1a0 [ 43.455500][ T3604] led_set_brightness+0x134/0x170 [ 43.462601][ T3604] led_trigger_event+0xb0/0x200 [ 43.469528][ T3604] kbd_led_trigger_activate+0xc9/0x100 [ 43.477064][ T3604] led_trigger_set+0x5d7/0xaf0 [ 43.483932][ T3604] led_trigger_set_default+0x1a6/0x230 [ 43.491472][ T3604] led_classdev_register_ext+0x56f/0x760 [ 43.499181][ T3604] input_leds_connect+0x4bd/0x860 [ 43.506283][ T3604] input_attach_handler+0x180/0x1f0 [ 43.513553][ T3604] input_register_device.cold+0xf0/0x2ff [ 43.521259][ T3604] atkbd_connect+0x749/0xa10 [ 43.527919][ T3604] serio_driver_probe+0x72/0xa0 [ 43.534846][ T3604] really_probe+0x249/0xb90 [ 43.541423][ T3604] __driver_probe_device+0x1df/0x4d0 [ 43.548784][ T3604] driver_probe_device+0x4c/0x1a0 [ 43.555969][ T3604] __driver_attach+0x223/0x550 [ 43.562807][ T3604] bus_for_each_dev+0x147/0x1d0 [ 43.569731][ T3604] serio_handle_event+0x5f6/0xa30 [ 43.576831][ T3604] process_one_work+0x991/0x1610 [ 43.583841][ T3604] worker_thread+0x665/0x1080 [ 43.590593][ T3604] kthread+0x2e4/0x3a0 [ 43.596734][ T3604] ret_from_fork+0x1f/0x30 [ 43.603225][ T3604] } [ 43.605966][ T3604] ... key at: [] __key.7+0x0/0x40 [ 43.613413][ T3604] -> (&client->buffer_lock){....}-{2:2} { [ 43.619329][ T3604] INITIAL USE at: [ 43.623379][ T3604] lock_acquire+0x1ab/0x570 [ 43.629783][ T3604] _raw_spin_lock+0x2a/0x40 [ 43.636190][ T3604] evdev_pass_values.part.0+0xf6/0x960 [ 43.643549][ T3604] evdev_events+0x359/0x3e0 [ 43.649955][ T3604] input_to_handler+0x2a0/0x4c0 [ 43.656710][ T3604] input_pass_values.part.0+0x230/0x710 [ 43.664156][ T3604] input_event_dispose+0x5cf/0x730 [ 43.671168][ T3604] input_handle_event+0x112/0xda0 [ 43.678089][ T3604] input_inject_event+0x1c4/0x320 [ 43.685013][ T3604] evdev_write+0x430/0x760 [ 43.691332][ T3604] vfs_write+0x2d7/0xdd0 [ 43.697476][ T3604] ksys_write+0x1e8/0x250 [ 43.703702][ T3604] do_syscall_64+0x35/0xb0 [ 43.710020][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.717812][ T3604] } [ 43.720469][ T3604] ... key at: [] __key.3+0x0/0x40 [ 43.727742][ T3604] ... acquired at: [ 43.731700][ T3604] _raw_spin_lock+0x2a/0x40 [ 43.736370][ T3604] evdev_pass_values.part.0+0xf6/0x960 [ 43.741996][ T3604] evdev_events+0x359/0x3e0 [ 43.746670][ T3604] input_to_handler+0x2a0/0x4c0 [ 43.751684][ T3604] input_pass_values.part.0+0x230/0x710 [ 43.757389][ T3604] input_event_dispose+0x5cf/0x730 [ 43.762666][ T3604] input_handle_event+0x112/0xda0 [ 43.767850][ T3604] input_inject_event+0x1c4/0x320 [ 43.773037][ T3604] evdev_write+0x430/0x760 [ 43.777619][ T3604] vfs_write+0x2d7/0xdd0 [ 43.782022][ T3604] ksys_write+0x1e8/0x250 [ 43.786513][ T3604] do_syscall_64+0x35/0xb0 [ 43.791089][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.797142][ T3604] [ 43.799452][ T3604] -> (&new->fa_lock){....}-{2:2} { [ 43.804651][ T3604] INITIAL READ USE at: [ 43.809054][ T3604] lock_acquire+0x1ab/0x570 [ 43.815739][ T3604] _raw_read_lock_irqsave+0x70/0x90 [ 43.823101][ T3604] kill_fasync+0x136/0x470 [ 43.829680][ T3604] evdev_pass_values.part.0+0x667/0x960 [ 43.837390][ T3604] evdev_events+0x359/0x3e0 [ 43.844062][ T3604] input_to_handler+0x2a0/0x4c0 [ 43.851072][ T3604] input_pass_values.part.0+0x230/0x710 [ 43.858778][ T3604] input_event_dispose+0x5cf/0x730 [ 43.866055][ T3604] input_handle_event+0x112/0xda0 [ 43.873247][ T3604] input_inject_event+0x1c4/0x320 [ 43.880432][ T3604] evdev_write+0x430/0x760 [ 43.887011][ T3604] vfs_write+0x2d7/0xdd0 [ 43.893416][ T3604] ksys_write+0x1e8/0x250 [ 43.899903][ T3604] do_syscall_64+0x35/0xb0 [ 43.906483][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.914539][ T3604] } [ 43.917108][ T3604] ... key at: [] __key.0+0x0/0x40 [ 43.924297][ T3604] ... acquired at: [ 43.928171][ T3604] _raw_read_lock_irqsave+0x70/0x90 [ 43.933537][ T3604] kill_fasync+0x136/0x470 [ 43.938119][ T3604] evdev_pass_values.part.0+0x667/0x960 [ 43.943836][ T3604] evdev_events+0x359/0x3e0 [ 43.948511][ T3604] input_to_handler+0x2a0/0x4c0 [ 43.953531][ T3604] input_pass_values.part.0+0x230/0x710 [ 43.959251][ T3604] input_event_dispose+0x5cf/0x730 [ 43.964529][ T3604] input_handle_event+0x112/0xda0 [ 43.969725][ T3604] input_inject_event+0x1c4/0x320 [ 43.974937][ T3604] evdev_write+0x430/0x760 [ 43.979529][ T3604] vfs_write+0x2d7/0xdd0 [ 43.983940][ T3604] ksys_write+0x1e8/0x250 [ 43.988441][ T3604] do_syscall_64+0x35/0xb0 [ 43.993025][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.999088][ T3604] [ 44.001396][ T3604] -> (&f->f_owner.lock){....}-{2:2} { [ 44.006773][ T3604] INITIAL USE at: [ 44.010654][ T3604] lock_acquire+0x1ab/0x570 [ 44.016719][ T3604] _raw_write_lock_irq+0x32/0x50 [ 44.023384][ T3604] f_modown+0x2a/0x390 [ 44.029252][ T3604] do_fcntl+0xb83/0x1100 [ 44.035052][ T3604] __x64_sys_fcntl+0x15f/0x1d0 [ 44.041373][ T3604] do_syscall_64+0x35/0xb0 [ 44.047348][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.054800][ T3604] INITIAL READ USE at: [ 44.059121][ T3604] lock_acquire+0x1ab/0x570 [ 44.065617][ T3604] _raw_read_lock_irqsave+0x70/0x90 [ 44.072813][ T3604] send_sigio+0x24/0x370 [ 44.079051][ T3604] kill_fasync+0x1f8/0x470 [ 44.085457][ T3604] evdev_pass_values.part.0+0x667/0x960 [ 44.092994][ T3604] evdev_events+0x359/0x3e0 [ 44.099498][ T3604] input_to_handler+0x2a0/0x4c0 [ 44.106341][ T3604] input_pass_values.part.0+0x230/0x710 [ 44.113877][ T3604] input_event_dispose+0x5cf/0x730 [ 44.120982][ T3604] input_handle_event+0x112/0xda0 [ 44.128002][ T3604] input_inject_event+0x1c4/0x320 [ 44.135019][ T3604] evdev_write+0x430/0x760 [ 44.141605][ T3604] vfs_write+0x2d7/0xdd0 [ 44.147842][ T3604] ksys_write+0x1e8/0x250 [ 44.154158][ T3604] do_syscall_64+0x35/0xb0 [ 44.160567][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.168459][ T3604] } [ 44.170942][ T3604] ... key at: [] __key.5+0x0/0x40 [ 44.178083][ T3604] ... acquired at: [ 44.181871][ T3604] _raw_read_lock_irqsave+0x70/0x90 [ 44.187244][ T3604] send_sigio+0x24/0x370 [ 44.191652][ T3604] kill_fasync+0x1f8/0x470 [ 44.196236][ T3604] evdev_pass_values.part.0+0x667/0x960 [ 44.201954][ T3604] evdev_events+0x359/0x3e0 [ 44.206630][ T3604] input_to_handler+0x2a0/0x4c0 [ 44.211653][ T3604] input_pass_values.part.0+0x230/0x710 [ 44.217366][ T3604] input_event_dispose+0x5cf/0x730 [ 44.222662][ T3604] input_handle_event+0x112/0xda0 [ 44.227872][ T3604] input_inject_event+0x1c4/0x320 [ 44.233060][ T3604] evdev_write+0x430/0x760 [ 44.237640][ T3604] vfs_write+0x2d7/0xdd0 [ 44.242044][ T3604] ksys_write+0x1e8/0x250 [ 44.246535][ T3604] do_syscall_64+0x35/0xb0 [ 44.251117][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.257173][ T3604] [ 44.259481][ T3604] [ 44.259481][ T3604] the dependencies between the lock to be acquired [ 44.259488][ T3604] and HARDIRQ-irq-unsafe lock: [ 44.272970][ T3604] -> (tasklist_lock){.+.+}-{2:2} { [ 44.278086][ T3604] HARDIRQ-ON-R at: [ 44.282050][ T3604] lock_acquire+0x1ab/0x570 [ 44.288278][ T3604] _raw_read_lock+0x5b/0x70 [ 44.294423][ T3604] do_wait+0x27f/0xce0 [ 44.300131][ T3604] kernel_wait+0x9c/0x150 [ 44.306098][ T3604] call_usermodehelper_exec_work+0xf5/0x180 [ 44.313635][ T3604] process_one_work+0x991/0x1610 [ 44.320212][ T3604] worker_thread+0x665/0x1080 [ 44.326527][ T3604] kthread+0x2e4/0x3a0 [ 44.332239][ T3604] ret_from_fork+0x1f/0x30 [ 44.338296][ T3604] SOFTIRQ-ON-R at: [ 44.342261][ T3604] lock_acquire+0x1ab/0x570 [ 44.348403][ T3604] _raw_read_lock+0x5b/0x70 [ 44.354546][ T3604] do_wait+0x27f/0xce0 [ 44.360250][ T3604] kernel_wait+0x9c/0x150 [ 44.366395][ T3604] call_usermodehelper_exec_work+0xf5/0x180 [ 44.373925][ T3604] process_one_work+0x991/0x1610 [ 44.380503][ T3604] worker_thread+0x665/0x1080 [ 44.386824][ T3604] kthread+0x2e4/0x3a0 [ 44.392529][ T3604] ret_from_fork+0x1f/0x30 [ 44.398586][ T3604] INITIAL USE at: [ 44.402464][ T3604] lock_acquire+0x1ab/0x570 [ 44.408517][ T3604] _raw_write_lock_irq+0x32/0x50 [ 44.415004][ T3604] copy_process+0x449b/0x7090 [ 44.421232][ T3604] kernel_clone+0xe7/0xab0 [ 44.427201][ T3604] user_mode_thread+0xad/0xe0 [ 44.433429][ T3604] rest_init+0x23/0x270 [ 44.439139][ T3604] arch_call_rest_init+0xf/0x14 [ 44.445543][ T3604] start_kernel+0x46e/0x48f [ 44.451595][ T3604] secondary_startup_64_no_verify+0xce/0xdb [ 44.459041][ T3604] INITIAL READ USE at: [ 44.463351][ T3604] lock_acquire+0x1ab/0x570 [ 44.469840][ T3604] _raw_read_lock+0x5b/0x70 [ 44.476333][ T3604] do_wait+0x27f/0xce0 [ 44.482387][ T3604] kernel_wait+0x9c/0x150 [ 44.488703][ T3604] call_usermodehelper_exec_work+0xf5/0x180 [ 44.496580][ T3604] process_one_work+0x991/0x1610 [ 44.503504][ T3604] worker_thread+0x665/0x1080 [ 44.510170][ T3604] kthread+0x2e4/0x3a0 [ 44.516223][ T3604] ret_from_fork+0x1f/0x30 [ 44.522627][ T3604] } [ 44.525111][ T3604] ... key at: [] tasklist_lock+0x18/0x40 [ 44.532826][ T3604] ... acquired at: [ 44.536612][ T3604] lock_acquire+0x1ab/0x570 [ 44.541279][ T3604] _raw_read_lock+0x5b/0x70 [ 44.545948][ T3604] send_sigio+0xab/0x370 [ 44.550352][ T3604] kill_fasync+0x1f8/0x470 [ 44.554927][ T3604] lease_break_callback+0x1f/0x30 [ 44.560115][ T3604] __break_lease+0x3d7/0x1410 [ 44.564963][ T3604] do_dentry_open+0x431/0x13a0 [ 44.569892][ T3604] path_openat+0x1c92/0x28f0 [ 44.574645][ T3604] do_filp_open+0x1b6/0x400 [ 44.579320][ T3604] do_sys_openat2+0x16d/0x4c0 [ 44.584157][ T3604] __x64_sys_creat+0xc9/0x120 [ 44.588996][ T3604] do_syscall_64+0x35/0xb0 [ 44.593572][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.599628][ T3604] [ 44.601936][ T3604] [ 44.601936][ T3604] stack backtrace: [ 44.607810][ T3604] CPU: 0 PID: 3604 Comm: syz-executor388 Not tainted 6.0.0-rc1-syzkaller-00025-g274a2eebf80c #0 [ 44.618206][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 44.628247][ T3604] Call Trace: [ 44.631516][ T3604] [ 44.634436][ T3604] dump_stack_lvl+0xcd/0x134 [ 44.639019][ T3604] check_irq_usage.cold+0x4c1/0x6b0 [ 44.644209][ T3604] ? print_shortest_lock_dependencies_backwards+0x80/0x80 [ 44.651311][ T3604] ? write_profile+0x4a0/0x4a0 [ 44.656073][ T3604] ? check_path.constprop.0+0x24/0x50 [ 44.661439][ T3604] ? stack_trace_save+0x8c/0xc0 [ 44.666287][ T3604] __lock_acquire+0x2a5b/0x56d0 [ 44.671132][ T3604] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 44.677110][ T3604] lock_acquire+0x1ab/0x570 [ 44.681599][ T3604] ? send_sigio+0xab/0x370 [ 44.686002][ T3604] ? lock_release+0x780/0x780 [ 44.690671][ T3604] ? lock_release+0x780/0x780 [ 44.695341][ T3604] ? lock_release+0x780/0x780 [ 44.700012][ T3604] _raw_read_lock+0x5b/0x70 [ 44.704505][ T3604] ? send_sigio+0xab/0x370 [ 44.708910][ T3604] send_sigio+0xab/0x370 [ 44.713140][ T3604] kill_fasync+0x1f8/0x470 [ 44.717545][ T3604] lease_break_callback+0x1f/0x30 [ 44.722559][ T3604] __break_lease+0x3d7/0x1410 [ 44.727230][ T3604] ? locks_remove_posix+0x570/0x570 [ 44.732420][ T3604] ? check_access_path_dual.part.0+0x3470/0x3470 [ 44.738739][ T3604] ? apparmor_path_chmod+0x20/0x20 [ 44.743842][ T3604] ? fsnotify_perm.part.0+0x221/0x610 [ 44.749207][ T3604] do_dentry_open+0x431/0x13a0 [ 44.753966][ T3604] path_openat+0x1c92/0x28f0 [ 44.758554][ T3604] ? path_lookupat+0x840/0x840 [ 44.763337][ T3604] do_filp_open+0x1b6/0x400 [ 44.767852][ T3604] ? may_open_dev+0xf0/0xf0 [ 44.772352][ T3604] ? find_held_lock+0x2d/0x110 [ 44.777113][ T3604] ? do_raw_spin_lock+0x120/0x2a0 [ 44.782131][ T3604] ? rwlock_bug.part.0+0x90/0x90 [ 44.787065][ T3604] ? _find_next_bit+0x1e3/0x260 [ 44.791909][ T3604] ? _raw_spin_unlock+0x24/0x40 [ 44.796759][ T3604] ? alloc_fd+0x2f0/0x6f0 [ 44.801080][ T3604] do_sys_openat2+0x16d/0x4c0 [ 44.805749][ T3604] ? find_held_lock+0x2d/0x110 [ 44.810502][ T3604] ? build_open_flags+0x6f0/0x6f0 [ 44.815517][ T3604] ? ptrace_notify+0xfa/0x140 [ 44.820189][ T3604] ? lock_downgrade+0x6e0/0x6e0 [ 44.825036][ T3604] __x64_sys_creat+0xc9/0x120 [ 44.829710][ T3604] ? __x64_compat_sys_openat+0x1f0/0x1f0 [ 44.835424][ T3604] ? _raw_spin_unlock_irq+0x2a/0x40 [ 44.840621][ T3604] ? ptrace_notify+0xfa/0x140 [ 44.845296][ T3604] ? syscall_trace_enter.constprop.0+0xb0/0x240 [ 44.851534][ T3604] do_syscall_64+0x35/0xb0 [ 44.856035][ T3604] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.861922][ T3604] RIP: 0033:0x7fe5ced84749 [ 44.866329][ T3604] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 44.886024][ T3604] RSP: 002b:00007fffcb084458 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 44.894712][ T3604] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5ced84749 [ 44.902766][ T3604] RDX: 00007fe5ced84749 RSI: 0000000000000000 RDI: 0000000020001440 [ 44.910728][ T3604] RBP: 00007fe5ced44250 R08: 0000000000000000 R09: 0000000000000000 [ 44.918687][ T3604] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5ced442e0 [ 44.926646][ T3604] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 44.934617][ T3604]