./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2058802717 <...> forked to background, child pid 3179 no interfaces have a carrier [ 22.943906][ T3180] 8021q: adding VLAN 0 to HW filter on device bond0 [ 22.958248][ T3180] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.78' (ECDSA) to the list of known hosts. execve("./syz-executor2058802717", ["./syz-executor2058802717"], 0x7fffa5fc3910 /* 10 vars */) = 0 brk(NULL) = 0x555556b03000 brk(0x555556b03c40) = 0x555556b03c40 arch_prctl(ARCH_SET_FS, 0x555556b03300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2058802717", 4096) = 28 brk(0x555556b24c40) = 0x555556b24c40 brk(0x555556b25000) = 0x555556b25000 mprotect(0x7fef7186f000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 open(".", O_RDONLY) = 3 open(".", O_RDONLY) = 4 fcntl(4, F_NOTIFY, DN_ACCESS|DN_CREATE) = 0 fcntl(4, F_SETOWN, -1) = 0 symlinkat("\x13\x13\x77\xc5\xfc\x35\xd4\x14\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f", 3, "./file0") = 0 openat(AT_FDCWD, "/dev/input/event0", O_WRONLY|O_CREAT|O_SYNC|O_NOFOLLOW, 000) = 5 ioctl(-1, EVIOCSFF, {type=0 /* FF_??? */, id=0, direction=0, ...}) = -1 EBADF (Bad file descriptor) ioctl(5, FIOASYNC, [4]) = 0 syzkaller login: [ 42.188801][ T3600] [ 42.191415][ T3600] ===================================================== [ 42.198322][ T3600] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 42.205764][ T3600] 5.19.0-syzkaller-02972-g200e340f2196 #0 Not tainted [ 42.212498][ T3600] ----------------------------------------------------- [ 42.219405][ T3600] syz-executor205/3600 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 42.227534][ T3600] ffff888076ed0b30 (&f->f_owner.lock){....}-{2:2}, at: send_sigio+0x24/0x370 [ 42.236310][ T3600] [ 42.236310][ T3600] and this task is already holding: [ 42.243650][ T3600] ffff88807e669018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x136/0x470 [ 42.252324][ T3600] which would create a new lock dependency: [ 42.258205][ T3600] (&new->fa_lock){....}-{2:2} -> (&f->f_owner.lock){....}-{2:2} [ 42.265925][ T3600] [ 42.265925][ T3600] but this new dependency connects a HARDIRQ-irq-safe lock: [ 42.275349][ T3600] (&dev->event_lock#2){-...}-{2:2} [ 42.275370][ T3600] [ 42.275370][ T3600] ... which became HARDIRQ-irq-safe at: [ 42.288220][ T3600] lock_acquire+0x1ab/0x570 [ 42.293084][ T3600] _raw_spin_lock_irqsave+0x39/0x50 [ 42.298370][ T3600] input_event+0x7b/0xb0 [ 42.302690][ T3600] psmouse_report_standard_buttons+0x2c/0x80 [ 42.308745][ T3600] psmouse_process_byte+0x1e1/0x890 [ 42.314194][ T3600] psmouse_handle_byte+0x41/0x1b0 [ 42.319293][ T3600] psmouse_interrupt+0x304/0xf00 [ 42.324304][ T3600] serio_interrupt+0x88/0x150 [ 42.329143][ T3600] i8042_interrupt+0x27a/0x520 [ 42.333984][ T3600] __handle_irq_event_percpu+0x22c/0x880 [ 42.339695][ T3600] handle_irq_event+0xa7/0x1e0 [ 42.344533][ T3600] handle_edge_irq+0x25f/0xd00 [ 42.349375][ T3600] __common_interrupt+0x9d/0x210 [ 42.354390][ T3600] common_interrupt+0xa4/0xc0 [ 42.359319][ T3600] asm_common_interrupt+0x22/0x40 [ 42.364422][ T3600] _raw_spin_unlock_irqrestore+0x38/0x70 [ 42.370132][ T3600] i8042_command+0x12e/0x150 [ 42.374798][ T3600] i8042_aux_write+0xd7/0x120 [ 42.379550][ T3600] ps2_do_sendbyte+0x2cd/0x710 [ 42.384565][ T3600] ps2_sendbyte+0x58/0x150 [ 42.389057][ T3600] cypress_ps2_sendbyte+0x2e/0x160 [ 42.394351][ T3600] cypress_send_ext_cmd+0x1d0/0x8e0 [ 42.399622][ T3600] cypress_detect+0x75/0x190 [ 42.404312][ T3600] psmouse_try_protocol+0x211/0x370 [ 42.409586][ T3600] psmouse_extensions+0x557/0x930 [ 42.414774][ T3600] psmouse_switch_protocol+0x52a/0x740 [ 42.420644][ T3600] psmouse_connect+0x5e9/0xfb0 [ 42.425483][ T3600] serio_driver_probe+0x72/0xa0 [ 42.430410][ T3600] really_probe+0x23e/0xb90 [ 42.434989][ T3600] __driver_probe_device+0x338/0x4d0 [ 42.440348][ T3600] driver_probe_device+0x4c/0x1a0 [ 42.445536][ T3600] __driver_attach+0x22d/0x550 [ 42.450381][ T3600] bus_for_each_dev+0x147/0x1d0 [ 42.455303][ T3600] serio_handle_event+0x5f6/0xa30 [ 42.460405][ T3600] process_one_work+0x996/0x1610 [ 42.465419][ T3600] worker_thread+0x665/0x1080 [ 42.470169][ T3600] kthread+0x2e9/0x3a0 [ 42.474310][ T3600] ret_from_fork+0x1f/0x30 [ 42.478802][ T3600] [ 42.478802][ T3600] to a HARDIRQ-irq-unsafe lock: [ 42.486013][ T3600] (tasklist_lock){.+.+}-{2:2} [ 42.486035][ T3600] [ 42.486035][ T3600] ... which became HARDIRQ-irq-unsafe at: [ 42.498727][ T3600] ... [ 42.498733][ T3600] lock_acquire+0x1ab/0x570 [ 42.505963][ T3600] _raw_read_lock+0x5b/0x70 [ 42.510539][ T3600] do_wait+0x284/0xce0 [ 42.514681][ T3600] kernel_wait+0x9c/0x150 [ 42.519079][ T3600] call_usermodehelper_exec_work+0xf5/0x180 [ 42.525134][ T3600] process_one_work+0x996/0x1610 [ 42.530145][ T3600] worker_thread+0x665/0x1080 [ 42.534892][ T3600] kthread+0x2e9/0x3a0 [ 42.539205][ T3600] ret_from_fork+0x1f/0x30 [ 42.543696][ T3600] [ 42.543696][ T3600] other info that might help us debug this: [ 42.543696][ T3600] [ 42.553912][ T3600] Chain exists of: [ 42.553912][ T3600] &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock [ 42.553912][ T3600] [ 42.566850][ T3600] Possible interrupt unsafe locking scenario: [ 42.566850][ T3600] [ 42.575149][ T3600] CPU0 CPU1 [ 42.580673][ T3600] ---- ---- [ 42.586371][ T3600] lock(tasklist_lock); [ 42.590598][ T3600] local_irq_disable(); [ 42.597331][ T3600] lock(&dev->event_lock#2); [ 42.604515][ T3600] lock(&new->fa_lock); [ 42.611458][ T3600] [ 42.614914][ T3600] lock(&dev->event_lock#2); [ 42.619772][ T3600] [ 42.619772][ T3600] *** DEADLOCK *** [ 42.619772][ T3600] [ 42.627901][ T3600] 8 locks held by syz-executor205/3600: [ 42.633426][ T3600] #0: ffff888021776110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x1d3/0x760 [ 42.642556][ T3600] #1: ffff888146357230 (&dev->event_lock#2){-...}-{2:2}, at: input_inject_event+0xa6/0x320 [ 42.652645][ T3600] #2: ffffffff8bd873c0 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0x92/0x320 [ 42.662468][ T3600] #3: ffffffff8bd873c0 (rcu_read_lock){....}-{1:2}, at: input_pass_values.part.0+0x0/0x710 [ 42.672557][ T3600] #4: ffffffff8bd873c0 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x59/0x3e0 [ 42.681684][ T3600] #5: ffff88801726f028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xf6/0x970 [ 42.693159][ T3600] #6: ffffffff8bd873c0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x41/0x470 [ 42.702203][ T3600] #7: ffff88807e669018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x136/0x470 [ 42.711331][ T3600] [ 42.711331][ T3600] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 42.721744][ T3600] -> (&dev->event_lock#2){-...}-{2:2} { [ 42.727470][ T3600] IN-HARDIRQ-W at: [ 42.731606][ T3600] lock_acquire+0x1ab/0x570 [ 42.738093][ T3600] _raw_spin_lock_irqsave+0x39/0x50 [ 42.745279][ T3600] input_event+0x7b/0xb0 [ 42.751511][ T3600] psmouse_report_standard_buttons+0x2c/0x80 [ 42.759482][ T3600] psmouse_process_byte+0x1e1/0x890 [ 42.766671][ T3600] psmouse_handle_byte+0x41/0x1b0 [ 42.773681][ T3600] psmouse_interrupt+0x304/0xf00 [ 42.780691][ T3600] serio_interrupt+0x88/0x150 [ 42.787352][ T3600] i8042_interrupt+0x27a/0x520 [ 42.794099][ T3600] __handle_irq_event_percpu+0x22c/0x880 [ 42.801718][ T3600] handle_irq_event+0xa7/0x1e0 [ 42.808474][ T3600] handle_edge_irq+0x25f/0xd00 [ 42.815245][ T3600] __common_interrupt+0x9d/0x210 [ 42.822196][ T3600] common_interrupt+0xa4/0xc0 [ 42.828869][ T3600] asm_common_interrupt+0x22/0x40 [ 42.835974][ T3600] _raw_spin_unlock_irqrestore+0x38/0x70 [ 42.843604][ T3600] i8042_command+0x12e/0x150 [ 42.850178][ T3600] i8042_aux_write+0xd7/0x120 [ 42.856926][ T3600] ps2_do_sendbyte+0x2cd/0x710 [ 42.863680][ T3600] ps2_sendbyte+0x58/0x150 [ 42.870081][ T3600] cypress_ps2_sendbyte+0x2e/0x160 [ 42.877178][ T3600] cypress_send_ext_cmd+0x1d0/0x8e0 [ 42.884359][ T3600] cypress_detect+0x75/0x190 [ 42.890932][ T3600] psmouse_try_protocol+0x211/0x370 [ 42.898206][ T3600] psmouse_extensions+0x557/0x930 [ 42.905302][ T3600] psmouse_switch_protocol+0x52a/0x740 [ 42.912746][ T3600] psmouse_connect+0x5e9/0xfb0 [ 42.919846][ T3600] serio_driver_probe+0x72/0xa0 [ 42.927043][ T3600] really_probe+0x23e/0xb90 [ 42.933529][ T3600] __driver_probe_device+0x338/0x4d0 [ 42.940830][ T3600] driver_probe_device+0x4c/0x1a0 [ 42.947835][ T3600] __driver_attach+0x22d/0x550 [ 42.954609][ T3600] bus_for_each_dev+0x147/0x1d0 [ 42.961617][ T3600] serio_handle_event+0x5f6/0xa30 [ 42.968634][ T3600] process_one_work+0x996/0x1610 [ 42.975563][ T3600] worker_thread+0x665/0x1080 [ 42.982226][ T3600] kthread+0x2e9/0x3a0 [ 42.988281][ T3600] ret_from_fork+0x1f/0x30 [ 42.994683][ T3600] INITIAL USE at: [ 42.998735][ T3600] lock_acquire+0x1ab/0x570 [ 43.005135][ T3600] _raw_spin_lock_irqsave+0x39/0x50 [ 43.012230][ T3600] input_inject_event+0xa6/0x320 [ 43.019067][ T3600] led_set_brightness_nosleep+0xe6/0x1a0 [ 43.026596][ T3600] led_set_brightness+0x134/0x170 [ 43.033689][ T3600] led_trigger_event+0xb0/0x200 [ 43.040441][ T3600] kbd_led_trigger_activate+0xc9/0x100 [ 43.047804][ T3600] led_trigger_set+0x5d7/0xaf0 [ 43.054467][ T3600] led_trigger_set_default+0x1a6/0x230 [ 43.061830][ T3600] led_classdev_register_ext+0x56f/0x770 [ 43.069535][ T3600] input_leds_connect+0x4bd/0x860 [ 43.076460][ T3600] input_attach_handler+0x180/0x1f0 [ 43.083559][ T3600] input_register_device.cold+0xf0/0x304 [ 43.091090][ T3600] atkbd_connect+0x749/0xa10 [ 43.097663][ T3600] serio_driver_probe+0x72/0xa0 [ 43.104413][ T3600] really_probe+0x23e/0xb90 [ 43.110814][ T3600] __driver_probe_device+0x338/0x4d0 [ 43.118174][ T3600] driver_probe_device+0x4c/0x1a0 [ 43.125706][ T3600] __driver_attach+0x22d/0x550 [ 43.132366][ T3600] bus_for_each_dev+0x147/0x1d0 [ 43.139115][ T3600] serio_handle_event+0x5f6/0xa30 [ 43.146039][ T3600] process_one_work+0x996/0x1610 [ 43.152878][ T3600] worker_thread+0x665/0x1080 [ 43.159454][ T3600] kthread+0x2e9/0x3a0 [ 43.165422][ T3600] ret_from_fork+0x1f/0x30 [ 43.171739][ T3600] } [ 43.174394][ T3600] ... key at: [] __key.7+0x0/0x40 [ 43.181670][ T3600] -> (&client->buffer_lock){....}-{2:2} { [ 43.187481][ T3600] INITIAL USE at: [ 43.191479][ T3600] lock_acquire+0x1ab/0x570 [ 43.198036][ T3600] _raw_spin_lock+0x2a/0x40 [ 43.204359][ T3600] evdev_pass_values.part.0+0xf6/0x970 [ 43.211544][ T3600] evdev_events+0x359/0x3e0 [ 43.217771][ T3600] input_to_handler+0x2a0/0x4c0 [ 43.224349][ T3600] input_pass_values.part.0+0x230/0x710 [ 43.231623][ T3600] input_handle_event+0x373/0x1440 [ 43.238811][ T3600] input_inject_event+0x1bd/0x320 [ 43.245567][ T3600] evdev_write+0x430/0x760 [ 43.251710][ T3600] vfs_write+0x269/0xac0 [ 43.257682][ T3600] ksys_write+0x1e8/0x250 [ 43.263742][ T3600] do_syscall_64+0x35/0xb0 [ 43.269883][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.277508][ T3600] } [ 43.280077][ T3600] ... key at: [] __key.3+0x0/0x40 [ 43.287265][ T3600] ... acquired at: [ 43.291135][ T3600] _raw_spin_lock+0x2a/0x40 [ 43.295802][ T3600] evdev_pass_values.part.0+0xf6/0x970 [ 43.301422][ T3600] evdev_events+0x359/0x3e0 [ 43.306083][ T3600] input_to_handler+0x2a0/0x4c0 [ 43.311097][ T3600] input_pass_values.part.0+0x230/0x710 [ 43.316803][ T3600] input_handle_event+0x373/0x1440 [ 43.322077][ T3600] input_inject_event+0x1bd/0x320 [ 43.327268][ T3600] evdev_write+0x430/0x760 [ 43.331844][ T3600] vfs_write+0x269/0xac0 [ 43.336253][ T3600] ksys_write+0x1e8/0x250 [ 43.340743][ T3600] do_syscall_64+0x35/0xb0 [ 43.345324][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.351380][ T3600] [ 43.353687][ T3600] -> (&new->fa_lock){....}-{2:2} { [ 43.358799][ T3600] INITIAL READ USE at: [ 43.363112][ T3600] lock_acquire+0x1ab/0x570 [ 43.369602][ T3600] _raw_read_lock_irqsave+0x70/0x90 [ 43.376790][ T3600] kill_fasync+0x136/0x470 [ 43.383195][ T3600] evdev_pass_values.part.0+0x64e/0x970 [ 43.390754][ T3600] evdev_events+0x359/0x3e0 [ 43.397245][ T3600] input_to_handler+0x2a0/0x4c0 [ 43.404081][ T3600] input_pass_values.part.0+0x230/0x710 [ 43.411615][ T3600] input_handle_event+0x373/0x1440 [ 43.418710][ T3600] input_inject_event+0x1bd/0x320 [ 43.425721][ T3600] evdev_write+0x430/0x760 [ 43.432127][ T3600] vfs_write+0x269/0xac0 [ 43.438359][ T3600] ksys_write+0x1e8/0x250 [ 43.444676][ T3600] do_syscall_64+0x35/0xb0 [ 43.451080][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.458965][ T3600] } [ 43.461449][ T3600] ... key at: [] __key.0+0x0/0x40 [ 43.468646][ T3600] ... acquired at: [ 43.472435][ T3600] _raw_read_lock_irqsave+0x70/0x90 [ 43.477799][ T3600] kill_fasync+0x136/0x470 [ 43.482379][ T3600] evdev_pass_values.part.0+0x64e/0x970 [ 43.488087][ T3600] evdev_events+0x359/0x3e0 [ 43.492752][ T3600] input_to_handler+0x2a0/0x4c0 [ 43.497766][ T3600] input_pass_values.part.0+0x230/0x710 [ 43.503473][ T3600] input_handle_event+0x373/0x1440 [ 43.508752][ T3600] input_inject_event+0x1bd/0x320 [ 43.513940][ T3600] evdev_write+0x430/0x760 [ 43.518521][ T3600] vfs_write+0x269/0xac0 [ 43.522944][ T3600] ksys_write+0x1e8/0x250 [ 43.527433][ T3600] do_syscall_64+0x35/0xb0 [ 43.534012][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.540072][ T3600] [ 43.542378][ T3600] [ 43.542378][ T3600] the dependencies between the lock to be acquired [ 43.542385][ T3600] and HARDIRQ-irq-unsafe lock: [ 43.555882][ T3600] -> (tasklist_lock){.+.+}-{2:2} { [ 43.561086][ T3600] HARDIRQ-ON-R at: [ 43.565141][ T3600] lock_acquire+0x1ab/0x570 [ 43.571458][ T3600] _raw_read_lock+0x5b/0x70 [ 43.577775][ T3600] do_wait+0x284/0xce0 [ 43.583660][ T3600] kernel_wait+0x9c/0x150 [ 43.589800][ T3600] call_usermodehelper_exec_work+0xf5/0x180 [ 43.597518][ T3600] process_one_work+0x996/0x1610 [ 43.604269][ T3600] worker_thread+0x665/0x1080 [ 43.610756][ T3600] kthread+0x2e9/0x3a0 [ 43.616635][ T3600] ret_from_fork+0x1f/0x30 [ 43.622863][ T3600] SOFTIRQ-ON-R at: [ 43.626917][ T3600] lock_acquire+0x1ab/0x570 [ 43.633237][ T3600] _raw_read_lock+0x5b/0x70 [ 43.639562][ T3600] do_wait+0x284/0xce0 [ 43.645460][ T3600] kernel_wait+0x9c/0x150 [ 43.651610][ T3600] call_usermodehelper_exec_work+0xf5/0x180 [ 43.659328][ T3600] process_one_work+0x996/0x1610 [ 43.666091][ T3600] worker_thread+0x665/0x1080 [ 43.672583][ T3600] kthread+0x2e9/0x3a0 [ 43.678464][ T3600] ret_from_fork+0x1f/0x30 [ 43.684701][ T3600] INITIAL USE at: [ 43.688668][ T3600] lock_acquire+0x1ab/0x570 [ 43.694895][ T3600] _raw_write_lock_irq+0x32/0x50 [ 43.701559][ T3600] copy_process+0x449d/0x70a0 [ 43.707962][ T3600] kernel_clone+0xe7/0xab0 [ 43.714104][ T3600] user_mode_thread+0xad/0xe0 [ 43.720506][ T3600] rest_init+0x23/0x270 [ 43.726386][ T3600] arch_call_rest_init+0xf/0x14 [ 43.732974][ T3600] start_kernel+0x46e/0x48f [ 43.739208][ T3600] secondary_startup_64_no_verify+0xce/0xdb [ 43.746842][ T3600] INITIAL READ USE at: [ 43.751245][ T3600] lock_acquire+0x1ab/0x570 [ 43.757923][ T3600] _raw_read_lock+0x5b/0x70 [ 43.764593][ T3600] do_wait+0x284/0xce0 [ 43.770827][ T3600] kernel_wait+0x9c/0x150 [ 43.777314][ T3600] call_usermodehelper_exec_work+0xf5/0x180 [ 43.785365][ T3600] process_one_work+0x996/0x1610 [ 43.792463][ T3600] worker_thread+0x665/0x1080 [ 43.799297][ T3600] kthread+0x2e9/0x3a0 [ 43.805525][ T3600] ret_from_fork+0x1f/0x30 [ 43.812102][ T3600] } [ 43.814673][ T3600] ... key at: [] tasklist_lock+0x18/0x40 [ 43.822469][ T3600] ... acquired at: [ 43.826343][ T3600] _raw_read_lock+0x5b/0x70 [ 43.831042][ T3600] send_sigio+0xab/0x370 [ 43.835463][ T3600] dnotify_handle_event+0x148/0x280 [ 43.840831][ T3600] fsnotify_handle_inode_event.isra.0+0x22e/0x370 [ 43.847409][ T3600] fsnotify+0x1158/0x1680 [ 43.851899][ T3600] vfs_symlink+0x490/0x5b0 [ 43.856477][ T3600] do_symlinkat+0x261/0x2e0 [ 43.861144][ T3600] __x64_sys_symlinkat+0x93/0xc0 [ 43.866245][ T3600] do_syscall_64+0x35/0xb0 [ 43.870823][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.877747][ T3600] [ 43.880056][ T3600] -> (&f->f_owner.lock){....}-{2:2} { [ 43.885436][ T3600] INITIAL USE at: [ 43.889314][ T3600] lock_acquire+0x1ab/0x570 [ 43.895451][ T3600] _raw_write_lock_irq+0x32/0x50 [ 43.901943][ T3600] f_modown+0x2a/0x390 [ 43.907652][ T3600] fcntl_dirnotify+0x9f3/0xf30 [ 43.913969][ T3600] do_fcntl+0x24c/0x1040 [ 43.919766][ T3600] __x64_sys_fcntl+0x15f/0x1d0 [ 43.926087][ T3600] do_syscall_64+0x35/0xb0 [ 43.932057][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.939597][ T3600] INITIAL READ USE at: [ 43.943914][ T3600] lock_acquire+0x1ab/0x570 [ 43.950401][ T3600] _raw_read_lock_irqsave+0x70/0x90 [ 43.957586][ T3600] send_sigio+0x24/0x370 [ 43.963819][ T3600] dnotify_handle_event+0x148/0x280 [ 43.970999][ T3600] fsnotify_handle_inode_event.isra.0+0x22e/0x370 [ 43.979400][ T3600] fsnotify+0x1158/0x1680 [ 43.985713][ T3600] vfs_symlink+0x490/0x5b0 [ 43.992114][ T3600] do_symlinkat+0x261/0x2e0 [ 43.998689][ T3600] __x64_sys_symlinkat+0x93/0xc0 [ 44.005614][ T3600] do_syscall_64+0x35/0xb0 [ 44.012103][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.019984][ T3600] } [ 44.022471][ T3600] ... key at: [] __key.5+0x0/0x40 [ 44.029578][ T3600] ... acquired at: [ 44.033362][ T3600] lock_acquire+0x1ab/0x570 [ 44.038027][ T3600] _raw_read_lock_irqsave+0x70/0x90 [ 44.043410][ T3600] send_sigio+0x24/0x370 [ 44.047817][ T3600] kill_fasync+0x1f8/0x470 [ 44.052393][ T3600] evdev_pass_values.part.0+0x64e/0x970 [ 44.058105][ T3600] evdev_events+0x359/0x3e0 [ 44.062773][ T3600] input_to_handler+0x2a0/0x4c0 [ 44.067784][ T3600] input_pass_values.part.0+0x230/0x710 [ 44.073578][ T3600] input_handle_event+0x373/0x1440 [ 44.078851][ T3600] input_inject_event+0x1bd/0x320 [ 44.084038][ T3600] evdev_write+0x430/0x760 [ 44.088702][ T3600] vfs_write+0x269/0xac0 [ 44.093113][ T3600] ksys_write+0x1e8/0x250 [ 44.097610][ T3600] do_syscall_64+0x35/0xb0 [ 44.102189][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.108244][ T3600] [ 44.110552][ T3600] [ 44.110552][ T3600] stack backtrace: [ 44.116425][ T3600] CPU: 0 PID: 3600 Comm: syz-executor205 Not tainted 5.19.0-syzkaller-02972-g200e340f2196 #0 [ 44.126561][ T3600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 44.136602][ T3600] Call Trace: [ 44.139868][ T3600] [ 44.142787][ T3600] dump_stack_lvl+0xcd/0x134 [ 44.147548][ T3600] check_irq_usage.cold+0x4c1/0x6b0 [ 44.152740][ T3600] ? print_shortest_lock_dependencies_backwards+0x80/0x80 [ 44.159843][ T3600] ? unwind_get_return_address+0x51/0x90 [ 44.165466][ T3600] ? create_prof_cpu_mask+0x20/0x20 [ 44.170658][ T3600] ? check_path.constprop.0+0x24/0x50 [ 44.176107][ T3600] ? register_lock_class+0xbe/0x1130 [ 44.181400][ T3600] ? filter_irq_stacks+0x90/0x90 [ 44.186334][ T3600] __lock_acquire+0x2ad2/0x5660 [ 44.191174][ T3600] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 44.197148][ T3600] lock_acquire+0x1ab/0x570 [ 44.201639][ T3600] ? send_sigio+0x24/0x370 [ 44.206054][ T3600] ? lock_release+0x780/0x780 [ 44.210719][ T3600] ? lock_release+0x780/0x780 [ 44.215391][ T3600] ? lock_release+0x780/0x780 [ 44.220068][ T3600] _raw_read_lock_irqsave+0x70/0x90 [ 44.225435][ T3600] ? send_sigio+0x24/0x370 [ 44.229929][ T3600] send_sigio+0x24/0x370 [ 44.234163][ T3600] kill_fasync+0x1f8/0x470 [ 44.238576][ T3600] evdev_pass_values.part.0+0x64e/0x970 [ 44.244114][ T3600] ? evdev_free+0x70/0x70 [ 44.248428][ T3600] ? ktime_mono_to_any+0xb5/0x1e0 [ 44.253450][ T3600] evdev_events+0x359/0x3e0 [ 44.257943][ T3600] ? evdev_connect+0x4b0/0x4b0 [ 44.262697][ T3600] input_to_handler+0x2a0/0x4c0 [ 44.267541][ T3600] input_pass_values.part.0+0x230/0x710 [ 44.273082][ T3600] input_handle_event+0x373/0x1440 [ 44.278191][ T3600] input_inject_event+0x1bd/0x320 [ 44.283221][ T3600] evdev_write+0x430/0x760 [ 44.287634][ T3600] ? evdev_read+0xe30/0xe30 [ 44.292127][ T3600] ? apparmor_file_permission+0x264/0x4e0 [ 44.297847][ T3600] ? bpf_lsm_file_permission+0x5/0x10 [ 44.303220][ T3600] ? security_file_permission+0xab/0xd0 [ 44.308761][ T3600] ? evdev_read+0xe30/0xe30 [ 44.313255][ T3600] vfs_write+0x269/0xac0 [ 44.317492][ T3600] ksys_write+0x1e8/0x250 [ 44.321813][ T3600] ? __ia32_sys_read+0xb0/0xb0 [ 44.326739][ T3600] ? lockdep_hardirqs_on+0x79/0x100 [ 44.331925][ T3600] ? _raw_spin_unlock_irq+0x2a/0x40 [ 44.337112][ T3600] ? ptrace_notify+0xfa/0x140 [ 44.341777][ T3600] do_syscall_64+0x35/0xb0 [ 44.346187][ T3600] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 44.352070][ T3600] RIP: 0033:0x7fef718027c9 [ 44.356475][ T3600] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 44.376089][ T3600] RSP: 002b:00007ffd02427878 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 44.384501][ T3600] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fef718027c9 write(5, "\x04\x00\x00\x00\x00\x00\x00\x00\x54\xd5\xd4\x1d\x29\xad\x1a\x60\x29\x59\x81\x46\xe6\xbe\x16\x6e\x41\xad\x0d\xbd\x40\x54\x03\x3c\x9f\x33\xbb\xda\x82\x24\xa2\xf3\xd7\x72\xe7\x63\x6e\x48\xb3\x3c\xbf\x70\x83\x72\xe8\xf1\xb9\x93\x3e\xc5\x12\x77\x43\xbe\x22\x06\x20\x9e\xf0\x2d\xf9\xcb\xf2\xf6\xe8\x80\xd3\x38\x2f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 883) = 864 exit_group(0) = ? +++ exited with 0 +++ [ 44.392465][ T3600] RDX: 0000000000000373 RSI: 0000000020000040 RDI: 0