Warning: Permanently added '10.128.0.243' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 28.067406] FAULT_INJECTION: forcing a failure. [ 28.067406] name failslab, interval 1, probability 0, space 0, times 1 [ 28.078995] CPU: 0 PID: 7951 Comm: syz-executor552 Not tainted 4.14.302-syzkaller #0 [ 28.086846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.096168] Call Trace: [ 28.098729] dump_stack+0x1b2/0x281 [ 28.102335] should_fail.cold+0x10a/0x149 [ 28.106472] should_failslab+0xd6/0x130 [ 28.110424] __kmalloc+0x6d/0x400 [ 28.113853] ? tty_buffer_alloc+0xc0/0x270 [ 28.118060] tty_buffer_alloc+0xc0/0x270 [ 28.122100] __tty_buffer_request_room+0x12c/0x290 [ 28.127011] tty_insert_flip_string_fixed_flag+0x8b/0x210 [ 28.132594] tty_insert_flip_string_and_push_buffer+0x3e/0x160 [ 28.138538] pty_write+0xc3/0xf0 [ 28.141876] ? tty_write_room+0x69/0x80 [ 28.146260] n_tty_write+0x352/0xda0 [ 28.149946] ? n_tty_open+0x160/0x160 [ 28.153719] ? do_wait_intr_irq+0x270/0x270 [ 28.158008] ? __might_fault+0x177/0x1b0 [ 28.162036] tty_write+0x410/0x740 [ 28.165550] ? n_tty_open+0x160/0x160 [ 28.169317] __vfs_write+0xe4/0x630 [ 28.172909] ? tty_compat_ioctl+0x240/0x240 [ 28.177198] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.182182] ? kernel_read+0x110/0x110 [ 28.186038] ? common_file_perm+0x3ee/0x580 [ 28.190332] ? security_file_permission+0x82/0x1e0 [ 28.195228] ? rw_verify_area+0xe1/0x2a0 [ 28.199256] vfs_write+0x17f/0x4d0 [ 28.202765] SyS_write+0xf2/0x210 [ 28.206188] ? SyS_read+0x210/0x210 [ 28.209784] ? do_syscall_64+0x4c/0x640 [ 28.213723] ? SyS_read+0x210/0x210 [ 28.217315] do_syscall_64+0x1d5/0x640 [ 28.221173] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.226333] RIP: 0033:0x7f8a3e134789 [ 28.230012] RSP: 002b:00007ffd5daf5348 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 28.237688] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f8a3e134789 [ 28.244925] RDX: 00000000fffffedf RSI: 0000000020000000 RDI: 0000000000000004 [ 28.252162] RBP: 00007ffd5daf5360 R08: 0000000000000001 R09: 0000000000000001 [ 28.259400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 28.266637] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 28.273897] [ 28.273899] ====================================================== [ 28.273901] WARNING: possible circular locking dependency detected [ 28.273902] 4.14.302-syzkaller #0 Not tainted [ 28.273904] ------------------------------------------------------ [ 28.273905] syz-executor552/7951 is trying to acquire lock: [ 28.273906] (console_owner){....}, at: [] console_unlock+0x307/0xf20 [ 28.273910] [ 28.273911] but task is already holding lock: [ 28.273912] (&(&port->lock)->rlock){-.-.}, at: [] tty_insert_flip_string_and_push_buffer+0x2b/0x160 [ 28.273917] [ 28.273918] which lock already depends on the new lock. [ 28.273919] [ 28.273920] [ 28.273922] the existing dependency chain (in reverse order) is: [ 28.273923] [ 28.273924] -> #2 (&(&port->lock)->rlock){-.-.}: [ 28.273928] _raw_spin_lock_irqsave+0x8c/0xc0 [ 28.273929] tty_port_tty_get+0x1d/0x80 [ 28.273930] tty_port_default_wakeup+0x11/0x40 [ 28.273931] serial8250_tx_chars+0x3fe/0xc70 [ 28.273933] serial8250_handle_irq.part.0+0x2c7/0x390 [ 28.273934] serial8250_default_handle_irq+0x8a/0x1f0 [ 28.273935] serial8250_interrupt+0xf3/0x210 [ 28.273936] __handle_irq_event_percpu+0xee/0x7f0 [ 28.273937] handle_irq_event+0xed/0x240 [ 28.273939] handle_edge_irq+0x224/0xc40 [ 28.273940] handle_irq+0x35/0x50 [ 28.273941] do_IRQ+0x93/0x1d0 [ 28.273942] ret_from_intr+0x0/0x1e [ 28.273943] _raw_spin_unlock_irqrestore+0xa3/0xe0 [ 28.273944] uart_write+0x2dd/0x560 [ 28.273945] do_output_char+0x4f5/0x750 [ 28.273946] n_tty_write+0x3e3/0xda0 [ 28.273947] tty_write+0x410/0x740 [ 28.273948] redirected_tty_write+0x9c/0xb0 [ 28.273949] do_iter_write+0x3da/0x550 [ 28.273950] vfs_writev+0x125/0x290 [ 28.273952] do_writev+0xfc/0x2c0 [ 28.273953] do_syscall_64+0x1d5/0x640 [ 28.273954] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.273955] [ 28.273955] -> #1 (&port_lock_key){-.-.}: [ 28.273959] _raw_spin_lock_irqsave+0x8c/0xc0 [ 28.273960] serial8250_console_write+0x8cb/0xb40 [ 28.273961] console_unlock+0x99d/0xf20 [ 28.273962] vprintk_emit+0x224/0x620 [ 28.273963] vprintk_func+0x58/0x160 [ 28.273964] printk+0x9e/0xbc [ 28.273965] register_console+0x6f4/0xad0 [ 28.273967] univ8250_console_init+0x2f/0x3a [ 28.273968] console_init+0x46/0x53 [ 28.273969] start_kernel+0x521/0x763 [ 28.273970] secondary_startup_64+0xa5/0xb0 [ 28.273971] [ 28.273971] -> #0 (console_owner){....}: [ 28.273975] lock_acquire+0x170/0x3f0 [ 28.273976] console_unlock+0x36f/0xf20 [ 28.273977] vprintk_emit+0x224/0x620 [ 28.273978] vprintk_func+0x58/0x160 [ 28.273979] printk+0x9e/0xbc [ 28.273980] should_fail.cold+0xdf/0x149 [ 28.273981] should_failslab+0xd6/0x130 [ 28.273982] __kmalloc+0x6d/0x400 [ 28.273983] tty_buffer_alloc+0xc0/0x270 [ 28.273985] __tty_buffer_request_room+0x12c/0x290 [ 28.273986] tty_insert_flip_string_fixed_flag+0x8b/0x210 [ 28.273988] tty_insert_flip_string_and_push_buffer+0x3e/0x160 [ 28.273989] pty_write+0xc3/0xf0 [ 28.273990] n_tty_write+0x352/0xda0 [ 28.273991] tty_write+0x410/0x740 [ 28.273992] __vfs_write+0xe4/0x630 [ 28.273993] vfs_write+0x17f/0x4d0 [ 28.273994] SyS_write+0xf2/0x210 [ 28.273995] do_syscall_64+0x1d5/0x640 [ 28.273996] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.273997] [ 28.273998] other info that might help us debug this: [ 28.273999] [ 28.274000] Chain exists of: [ 28.274000] console_owner --> &port_lock_key --> &(&port->lock)->rlock [ 28.274005] [ 28.274006] Possible unsafe locking scenario: [ 28.274007] [ 28.274008] CPU0 CPU1 [ 28.274009] ---- ---- [ 28.274010] lock(&(&port->lock)->rlock); [ 28.274012] lock(&port_lock_key); [ 28.274015] lock(&(&port->lock)->rlock); [ 28.274017] lock(console_owner); [ 28.274019] [ 28.274020] *** DEADLOCK *** [ 28.274021] [ 28.274022] 6 locks held by syz-executor552/7951: [ 28.274022] #0: (&tty->ldisc_sem){++++}, at: [] tty_ldisc_ref_wait+0x22/0x80 [ 28.274027] #1: (&tty->atomic_write_lock){+.+.}, at: [] tty_write+0x22d/0x740 [ 28.274031] #2: (&o_tty->termios_rwsem/1){++++}, at: [] n_tty_write+0x18a/0xda0 [ 28.274035] #3: (&ldata->output_lock){+.+.}, at: [] n_tty_write+0x43f/0xda0 [ 28.274039] #4: (&(&port->lock)->rlock){-.-.}, at: [] tty_insert_flip_string_and_push_buffer+0x2b/0x160 [ 28.274043] #5: (console_lock){+.+.}, at: [] vprintk_func+0x58/0x160 [ 28.274047] [ 28.274048] stack backtrace: [ 28.274050] CPU: 0 PID: 7951 Comm: syz-executor552 Not tainted 4.14.302-syzkaller #0 [ 28.274052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.274053] Call Trace: [ 28.274054] dump_stack+0x1b2/0x281 [ 28.274056] print_circular_bug.constprop.0.cold+0x2d7/0x41e [ 28.274057] __lock_acquire+0x2e0e/0x3f20 [ 28.274058] ? trace_hardirqs_on+0x10/0x10 [ 28.274059] ? snprintf+0xd0/0xd0 [ 28.274060] ? console_unlock+0x34a/0xf20 [ 28.274061] lock_acquire+0x170/0x3f0 [ 28.274062] ? console_unlock+0x307/0xf20 [ 28.274064] console_unlock+0x36f/0xf20 [ 28.274066] ? console_unlock+0x307/0xf20 [ 28.274067] vprintk_emit+0x224/0x620 [ 28.274068] vprintk_func+0x58/0x160 [ 28.274069] printk+0x9e/0xbc [ 28.274070] ? log_store.cold+0x16/0x16 [ 28.274071] ? __lock_acquire+0x5fc/0x3f20 [ 28.274072] ? ___ratelimit+0x2b5/0x510 [ 28.274073] should_fail.cold+0xdf/0x149 [ 28.274074] should_failslab+0xd6/0x130 [ 28.274075] __kmalloc+0x6d/0x400 [ 28.274076] ? tty_buffer_alloc+0xc0/0x270 [ 28.274077] tty_buffer_alloc+0xc0/0x270 [ 28.274078] __tty_buffer_request_room+0x12c/0x290 [ 28.274080] tty_insert_flip_string_fixed_flag+0x8b/0x210 [ 28.274081] tty_insert_flip_string_and_push_buffer+0x3e/0x160 [ 28.274082] pty_write+0xc3/0xf0 [ 28.274083] ? tty_write_room+0x69/0x80 [ 28.274084] n_tty_write+0x352/0xda0 [ 28.274085] ? n_tty_open+0x160/0x160 [ 28.274086] ? do_wait_intr_irq+0x270/0x270 [ 28.274087] ? __might_fault+0x177/0x1b0 [ 28.274088] tty_write+0x410/0x740 [ 28.274089] ? n_tty_open+0x160/0x160 [ 28.274091] __vfs_write+0xe4/0x630 [ 28.274092] ? tty_compat_ioctl+0x240/0x240 [ 28.274093] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.274094] ? kernel_read+0x110/0x110 [ 28.274095] ? common_file_perm+0x3ee/0x580 [ 28.274096] ? security_file_permission+0x82/0x1e0 [ 28.274097] ? rw_verify_area+0xe1/0x2a0 [ 28.274098] vfs_write+0x17f/0x4d0 [ 28.274099] SyS_write+0xf2/0x210 [ 28.274100] ? SyS_read+0x210/0x210 [ 28.274102] ? do_syscall_64+0x4c/0x640 [ 28.274103] ? SyS_read+0x210/0x210 [ 28.274104] do_syscall_64+0x1d5/0x640 [ 28.274105] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.274106] RIP: 0033:0x7f8a3e134789 [ 28.274107] RSP: 002b:00007ffd5daf5348 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 28.274110] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f8a3e134789 [ 28.274112] RDX: 00000000fffffedf RSI: 0000000020000000 RDI: 0000000000000004 [ 28.274113] RBP: 00007ffd5daf5360 R08: 0000000000000001 R09: 0000000000000001 [ 28.274115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 28.274117] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000