[�[0;32m OK �[0m] Reached target Login Prompts.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.254' (ECDSA) to the list of known hosts.
syzkaller login: [ 63.843008][ T8464] IPVS: ftp: loaded support on port[0] = 21
[ 63.951020][ T8464] chnl_net:caif_netlink_parms(): no params data found
[ 64.039802][ T8464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 64.049069][ T8464] bridge0: port 1(bridge_slave_0) entered disabled state
[ 64.058142][ T8464] device bridge_slave_0 entered promiscuous mode
[ 64.069579][ T8464] bridge0: port 2(bridge_slave_1) entered blocking state
[ 64.077212][ T8464] bridge0: port 2(bridge_slave_1) entered disabled state
[ 64.084884][ T8464] device bridge_slave_1 entered promiscuous mode
[ 64.106004][ T8464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 64.118211][ T8464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 64.140670][ T8464] team0: Port device team_slave_0 added
[ 64.150233][ T8464] team0: Port device team_slave_1 added
[ 64.168544][ T8464] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 64.176562][ T8464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 64.204149][ T8464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 64.218541][ T8464] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 64.225943][ T8464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 64.252014][ T8464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 64.279322][ T8464] device hsr_slave_0 entered promiscuous mode
[ 64.287725][ T8464] device hsr_slave_1 entered promiscuous mode
[ 64.385625][ T8464] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 64.397341][ T8464] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 64.409138][ T8464] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 64.419359][ T8464] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 64.447018][ T8464] bridge0: port 2(bridge_slave_1) entered blocking state
[ 64.454361][ T8464] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 64.462550][ T8464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 64.469851][ T8464] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 64.514725][ T8464] 8021q: adding VLAN 0 to HW filter on device bond0
[ 64.529827][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 64.541906][ T3138] bridge0: port 1(bridge_slave_0) entered disabled state
[ 64.550779][ T3138] bridge0: port 2(bridge_slave_1) entered disabled state
[ 64.559564][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 64.573295][ T8464] 8021q: adding VLAN 0 to HW filter on device team0
[ 64.584219][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 64.593370][ T3138] bridge0: port 1(bridge_slave_0) entered blocking state
[ 64.600511][ T3138] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 64.617675][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 64.627610][ T3138] bridge0: port 2(bridge_slave_1) entered blocking state
[ 64.636948][ T3138] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 64.656167][ T3000] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 64.666686][ T3000] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 64.677258][ T3000] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 64.693494][ T8464] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 64.705984][ T8464] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 64.718683][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 64.727937][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 64.737166][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 64.755327][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 64.763188][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 64.779191][ T8464] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 64.799407][ T3000] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 64.819790][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 64.828402][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 64.837654][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 64.849562][ T8464] device veth0_vlan entered promiscuous mode
[ 64.861949][ T8464] device veth1_vlan entered promiscuous mode
[ 64.885003][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 64.894010][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 64.903994][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 64.918038][ T8464] device veth0_macvtap entered promiscuous mode
[ 64.927111][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 64.938449][ T8464] device veth1_macvtap entered promiscuous mode
[ 64.957295][ T8464] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 64.965109][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 64.974431][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 64.988113][ T8464] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 64.996848][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 65.007434][ T3138] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 65.020073][ T8464] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.030043][ T8464] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
executing program
[ 65.039037][ T8464] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.050853][ T8464] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.095138][ T8464]
[ 65.097790][ T8464] =====================================================
[ 65.104800][ T8464] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected
[ 65.112254][ T8464] 5.10.0-rc7-syzkaller #0 Not tainted
[ 65.117615][ T8464] -----------------------------------------------------
[ 65.124540][ T8464] syz-executor039/8464 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 65.132724][ T8464] ffff88801814a138 (&f->f_owner.lock){.+.+}-{2:2}, at: send_sigio+0x24/0x350
[ 65.141951][ T8464]
[ 65.141951][ T8464] and this task is already holding:
[ 65.149410][ T8464] ffff8880127ee018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x14b/0x460
[ 65.158085][ T8464] which would create a new lock dependency:
[ 65.163987][ T8464] (&new->fa_lock){....}-{2:2} -> (&f->f_owner.lock){.+.+}-{2:2}
[ 65.171715][ T8464]
[ 65.171715][ T8464] but this new dependency connects a HARDIRQ-irq-safe lock:
[ 65.181153][ T8464] (&dev->event_lock){-.-.}-{2:2}
[ 65.181168][ T8464]
[ 65.181168][ T8464] ... which became HARDIRQ-irq-safe at:
[ 65.194548][ T8464] lock_acquire+0x29d/0x740
[ 65.199147][ T8464] _raw_spin_lock_irqsave+0x39/0x50
[ 65.204434][ T8464] input_event+0x7b/0xb0
[ 65.208755][ T8464] psmouse_report_standard_buttons+0x2c/0x80
[ 65.214804][ T8464] psmouse_process_byte+0x1e1/0x890
[ 65.220211][ T8464] psmouse_handle_byte+0x41/0x1b0
[ 65.225493][ T8464] psmouse_interrupt+0x304/0xf00
[ 65.230500][ T8464] serio_interrupt+0x88/0x150
[ 65.235241][ T8464] i8042_interrupt+0x27a/0x520
[ 65.240194][ T8464] __handle_irq_event_percpu+0x303/0x8f0
[ 65.245922][ T8464] handle_irq_event+0x102/0x290
[ 65.250840][ T8464] handle_edge_irq+0x25f/0xd00
[ 65.255671][ T8464] asm_call_irq_on_stack+0xf/0x20
[ 65.261324][ T8464] common_interrupt+0x120/0x200
[ 65.266258][ T8464] asm_common_interrupt+0x1e/0x40
[ 65.271361][ T8464] call_rcu+0x2e7/0x700
[ 65.275589][ T8464] __put_cred+0x1ca/0x250
[ 65.280517][ T8464] file_free_rcu+0xa2/0xd0
[ 65.284997][ T8464] rcu_core+0x5df/0xe80
[ 65.289331][ T8464] __do_softirq+0x2a0/0x9f6
[ 65.293999][ T8464] run_ksoftirqd+0x2d/0x50
[ 65.298484][ T8464] smpboot_thread_fn+0x655/0x9e0
[ 65.303498][ T8464] kthread+0x3b1/0x4a0
[ 65.307632][ T8464] ret_from_fork+0x1f/0x30
[ 65.312107][ T8464]
[ 65.312107][ T8464] to a HARDIRQ-irq-unsafe lock:
[ 65.319112][ T8464] (&f->f_owner.lock){.+.+}-{2:2}
[ 65.319126][ T8464]
[ 65.319126][ T8464] ... which became HARDIRQ-irq-unsafe at:
[ 65.332198][ T8464] ...
[ 65.332213][ T8464] lock_acquire+0x29d/0x740
[ 65.339372][ T8464] _raw_read_lock+0x5b/0x70
[ 65.343993][ T8464] send_sigurg+0x1e/0xab0
[ 65.348404][ T8464] sk_send_sigurg+0x76/0x300
[ 65.353076][ T8464] tcp_check_urg.isra.0+0x1f4/0x710
[ 65.358363][ T8464] tcp_rcv_established+0x106c/0x1eb0
[ 65.363727][ T8464] tcp_v4_do_rcv+0x5d1/0x870
[ 65.368394][ T8464] __release_sock+0x134/0x3a0
[ 65.373256][ T8464] release_sock+0x54/0x1b0
[ 65.377750][ T8464] tcp_sendmsg+0x36/0x40
[ 65.382064][ T8464] inet_sendmsg+0x99/0xe0
[ 65.386459][ T8464] sock_sendmsg+0xcf/0x120
[ 65.390953][ T8464] __sys_sendto+0x21c/0x320
[ 65.395546][ T8464] __x64_sys_sendto+0xdd/0x1b0
[ 65.400839][ T8464] do_syscall_64+0x2d/0x70
[ 65.405367][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 65.411450][ T8464]
[ 65.411450][ T8464] other info that might help us debug this:
[ 65.411450][ T8464]
[ 65.421665][ T8464] Chain exists of:
[ 65.421665][ T8464] &dev->event_lock --> &new->fa_lock --> &f->f_owner.lock
[ 65.421665][ T8464]
[ 65.435459][ T8464] Possible interrupt unsafe locking scenario:
[ 65.435459][ T8464]
[ 65.443785][ T8464] CPU0 CPU1
[ 65.449753][ T8464] ---- ----
[ 65.455146][ T8464] lock(&f->f_owner.lock);
[ 65.459668][ T8464] local_irq_disable();
[ 65.466409][ T8464] lock(&dev->event_lock);
[ 65.473412][ T8464] lock(&new->fa_lock);
[ 65.480156][ T8464] <Interrupt>
[ 65.483590][ T8464] lock(&dev->event_lock);
[ 65.488352][ T8464]
[ 65.488352][ T8464] *** DEADLOCK ***
[ 65.488352][ T8464]
[ 65.496563][ T8464] 8 locks held by syz-executor039/8464:
[ 65.502165][ T8464] #0: ffff88801cd8e110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x1d3/0x760
[ 65.511289][ T8464] #1: ffff888018096230 (&dev->event_lock){-.-.}-{2:2}, at: input_inject_event+0xa6/0x310
[ 65.521286][ T8464] #2: ffffffff8b3378e0 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0x92/0x310
[ 65.530977][ T8464] #3: ffffffff8b3378e0 (rcu_read_lock){....}-{1:2}, at: input_pass_values.part.0+0x0/0x700
[ 65.541055][ T8464] #4: ffffffff8b3378e0 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x59/0x3f0
[ 65.550167][ T8464] #5: ffff888021d05028 (&client->buffer_lock){....}-{2:2}, at: evdev_pass_values.part.0+0xf6/0x970
[ 65.560952][ T8464] #6: ffffffff8b3378e0 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x3d/0x460
[ 65.570202][ T8464] #7: ffff8880127ee018 (&new->fa_lock){....}-{2:2}, at: kill_fasync+0x14b/0x460
[ 65.579442][ T8464]
[ 65.579442][ T8464] the dependencies between HARDIRQ-irq-safe lock and the holding lock:
[ 65.589859][ T8464] -> (&dev->event_lock){-.-.}-{2:2} {
[ 65.595409][ T8464] IN-HARDIRQ-W at:
[ 65.599562][ T8464] lock_acquire+0x29d/0x740
[ 65.606043][ T8464] _raw_spin_lock_irqsave+0x39/0x50
[ 65.613316][ T8464] input_event+0x7b/0xb0
[ 65.619544][ T8464] psmouse_report_standard_buttons+0x2c/0x80
[ 65.628251][ T8464] psmouse_process_byte+0x1e1/0x890
[ 65.636833][ T8464] psmouse_handle_byte+0x41/0x1b0
[ 65.645188][ T8464] psmouse_interrupt+0x304/0xf00
[ 65.653046][ T8464] serio_interrupt+0x88/0x150
[ 65.660148][ T8464] i8042_interrupt+0x27a/0x520
[ 65.667573][ T8464] __handle_irq_event_percpu+0x303/0x8f0
[ 65.675368][ T8464] handle_irq_event+0x102/0x290
[ 65.682324][ T8464] handle_edge_irq+0x25f/0xd00
[ 65.689182][ T8464] asm_call_irq_on_stack+0xf/0x20
[ 65.696192][ T8464] common_interrupt+0x120/0x200
[ 65.703119][ T8464] asm_common_interrupt+0x1e/0x40
[ 65.710155][ T8464] call_rcu+0x2e7/0x700
[ 65.716321][ T8464] __put_cred+0x1ca/0x250
[ 65.722648][ T8464] file_free_rcu+0xa2/0xd0
[ 65.729229][ T8464] rcu_core+0x5df/0xe80
[ 65.735374][ T8464] __do_softirq+0x2a0/0x9f6
[ 65.742077][ T8464] run_ksoftirqd+0x2d/0x50
[ 65.749660][ T8464] smpboot_thread_fn+0x655/0x9e0
[ 65.756633][ T8464] kthread+0x3b1/0x4a0
[ 65.762953][ T8464] ret_from_fork+0x1f/0x30
[ 65.769448][ T8464] IN-SOFTIRQ-W at:
[ 65.773586][ T8464] lock_acquire+0x29d/0x740
[ 65.780078][ T8464] _raw_spin_lock_irqsave+0x39/0x50
[ 65.787261][ T8464] input_event+0x7b/0xb0
[ 65.793535][ T8464] psmouse_report_standard_buttons+0x2c/0x80
[ 65.801513][ T8464] psmouse_process_byte+0x1e1/0x890
[ 65.808705][ T8464] psmouse_handle_byte+0x41/0x1b0
[ 65.815712][ T8464] psmouse_interrupt+0x304/0xf00
[ 65.822628][ T8464] serio_interrupt+0x88/0x150
[ 65.829309][ T8464] i8042_interrupt+0x27a/0x520
[ 65.836058][ T8464] __handle_irq_event_percpu+0x303/0x8f0
[ 65.843688][ T8464] handle_irq_event+0x102/0x290
[ 65.850516][ T8464] handle_edge_irq+0x25f/0xd00
[ 65.857261][ T8464] asm_call_irq_on_stack+0xf/0x20
[ 65.864270][ T8464] common_interrupt+0x120/0x200
[ 65.871124][ T8464] asm_common_interrupt+0x1e/0x40
[ 65.878398][ T8464] call_rcu+0x2e7/0x700
[ 65.884669][ T8464] __put_cred+0x1ca/0x250
[ 65.890980][ T8464] file_free_rcu+0xa2/0xd0
[ 65.897376][ T8464] rcu_core+0x5df/0xe80
[ 65.903529][ T8464] __do_softirq+0x2a0/0x9f6
[ 65.910154][ T8464] run_ksoftirqd+0x2d/0x50
[ 65.916559][ T8464] smpboot_thread_fn+0x655/0x9e0
[ 65.923720][ T8464] kthread+0x3b1/0x4a0
[ 65.929789][ T8464] ret_from_fork+0x1f/0x30
[ 65.936423][ T8464] INITIAL USE at:
[ 65.940482][ T8464] lock_acquire+0x29d/0x740
[ 65.946879][ T8464] _raw_spin_lock_irqsave+0x39/0x50
[ 65.953965][ T8464] input_inject_event+0xa6/0x310
[ 65.960803][ T8464] led_set_brightness_nosleep+0xe6/0x1a0
[ 65.968335][ T8464] led_set_brightness+0x134/0x170
[ 65.975446][ T8464] led_trigger_event+0x70/0xd0
[ 65.982103][ T8464] kbd_led_trigger_activate+0xfa/0x130
[ 65.989474][ T8464] led_trigger_set+0x61e/0xbd0
[ 65.996163][ T8464] led_trigger_set_default+0x1a6/0x230
[ 66.003647][ T8464] led_classdev_register_ext+0x5b1/0x7c0
[ 66.011192][ T8464] input_leds_connect+0x3fb/0x740
[ 66.018133][ T8464] input_attach_handler+0x180/0x1f0
[ 66.025229][ T8464] input_register_device.cold+0xf0/0x307
[ 66.032756][ T8464] atkbd_connect+0x736/0xa00
[ 66.039429][ T8464] serio_driver_probe+0x72/0xa0
[ 66.046197][ T8464] really_probe+0x291/0xde0
[ 66.052616][ T8464] driver_probe_device+0x26b/0x3d0
[ 66.059760][ T8464] device_driver_attach+0x228/0x290
[ 66.066863][ T8464] __driver_attach+0x15b/0x2f0
[ 66.073536][ T8464] bus_for_each_dev+0x147/0x1d0
[ 66.080460][ T8464] serio_handle_event+0x5f6/0xa30
[ 66.087644][ T8464] process_one_work+0x933/0x15a0
[ 66.094488][ T8464] worker_thread+0x64c/0x1120
[ 66.101167][ T8464] kthread+0x3b1/0x4a0
[ 66.107164][ T8464] ret_from_fork+0x1f/0x30
[ 66.113631][ T8464] }
[ 66.116320][ T8464] ... key at: [<ffffffff8fa25e00>] __key.8+0x0/0x40
[ 66.123587][ T8464] ... acquired at:
[ 66.127551][ T8464] _raw_spin_lock+0x2a/0x40
[ 66.132208][ T8464] evdev_pass_values.part.0+0xf6/0x970
[ 66.137825][ T8464] evdev_events+0x28b/0x3f0
[ 66.142631][ T8464] input_to_handler+0x2a0/0x4c0
[ 66.147784][ T8464] input_pass_values.part.0+0x284/0x700
[ 66.153571][ T8464] input_handle_event+0x324/0x1400
[ 66.158992][ T8464] input_inject_event+0x2f5/0x310
[ 66.164171][ T8464] evdev_write+0x430/0x760
[ 66.168741][ T8464] vfs_write+0x28e/0xa30
[ 66.173153][ T8464] ksys_write+0x1ee/0x250
[ 66.177739][ T8464] do_syscall_64+0x2d/0x70
[ 66.182325][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 66.188395][ T8464]
[ 66.190702][ T8464] -> (&client->buffer_lock){....}-{2:2} {
[ 66.196708][ T8464] INITIAL USE at:
[ 66.202327][ T8464] lock_acquire+0x29d/0x740
[ 66.208569][ T8464] _raw_spin_lock+0x2a/0x40
[ 66.214823][ T8464] evdev_pass_values.part.0+0xf6/0x970
[ 66.222000][ T8464] evdev_events+0x28b/0x3f0
[ 66.228243][ T8464] input_to_handler+0x2a0/0x4c0
[ 66.234948][ T8464] input_pass_values.part.0+0x284/0x700
[ 66.242295][ T8464] input_handle_event+0x324/0x1400
[ 66.249483][ T8464] input_inject_event+0x2f5/0x310
[ 66.256221][ T8464] evdev_write+0x430/0x760
[ 66.262350][ T8464] vfs_write+0x28e/0xa30
[ 66.268304][ T8464] ksys_write+0x1ee/0x250
[ 66.274356][ T8464] do_syscall_64+0x2d/0x70
[ 66.280487][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 66.288134][ T8464] }
[ 66.290885][ T8464] ... key at: [<ffffffff8fa26300>] __key.4+0x0/0x40
[ 66.298361][ T8464] ... acquired at:
[ 66.303470][ T8464] _raw_read_lock+0x5b/0x70
[ 66.308146][ T8464] kill_fasync+0x14b/0x460
[ 66.312715][ T8464] evdev_pass_values.part.0+0x64e/0x970
[ 66.318425][ T8464] evdev_events+0x28b/0x3f0
[ 66.323081][ T8464] input_to_handler+0x2a0/0x4c0
[ 66.328090][ T8464] input_pass_values.part.0+0x284/0x700
[ 66.334522][ T8464] input_handle_event+0x324/0x1400
[ 66.339788][ T8464] input_inject_event+0x2f5/0x310
[ 66.345000][ T8464] evdev_write+0x430/0x760
[ 66.349591][ T8464] vfs_write+0x28e/0xa30
[ 66.353989][ T8464] ksys_write+0x1ee/0x250
[ 66.358485][ T8464] do_syscall_64+0x2d/0x70
[ 66.363151][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 66.369284][ T8464]
[ 66.371585][ T8464] -> (&new->fa_lock){....}-{2:2} {
[ 66.376693][ T8464] INITIAL READ USE at:
[ 66.381104][ T8464] lock_acquire+0x29d/0x740
[ 66.387603][ T8464] _raw_read_lock+0x5b/0x70
[ 66.394168][ T8464] kill_fasync+0x14b/0x460
[ 66.400647][ T8464] evdev_pass_values.part.0+0x64e/0x970
[ 66.408178][ T8464] evdev_events+0x28b/0x3f0
[ 66.414767][ T8464] input_to_handler+0x2a0/0x4c0
[ 66.421960][ T8464] input_pass_values.part.0+0x284/0x700
[ 66.429667][ T8464] input_handle_event+0x324/0x1400
[ 66.436755][ T8464] input_inject_event+0x2f5/0x310
[ 66.443766][ T8464] evdev_write+0x430/0x760
[ 66.450254][ T8464] vfs_write+0x28e/0xa30
[ 66.456477][ T8464] ksys_write+0x1ee/0x250
[ 66.462884][ T8464] do_syscall_64+0x2d/0x70
[ 66.469481][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 66.477350][ T8464] }
[ 66.480360][ T8464] ... key at: [<ffffffff8ef60840>] __key.0+0x0/0x40
[ 66.487457][ T8464] ... acquired at:
[ 66.491247][ T8464] lock_acquire+0x29d/0x740
[ 66.495934][ T8464] _raw_read_lock+0x5b/0x70
[ 66.500611][ T8464] send_sigio+0x24/0x350
[ 66.505008][ T8464] kill_fasync+0x205/0x460
[ 66.510134][ T8464] evdev_pass_values.part.0+0x64e/0x970
[ 66.515859][ T8464] evdev_events+0x28b/0x3f0
[ 66.520615][ T8464] input_to_handler+0x2a0/0x4c0
[ 66.526137][ T8464] input_pass_values.part.0+0x284/0x700
[ 66.531861][ T8464] input_handle_event+0x324/0x1400
[ 66.537212][ T8464] input_inject_event+0x2f5/0x310
[ 66.542394][ T8464] evdev_write+0x430/0x760
[ 66.546973][ T8464] vfs_write+0x28e/0xa30
[ 66.551404][ T8464] ksys_write+0x1ee/0x250
[ 66.556509][ T8464] do_syscall_64+0x2d/0x70
[ 66.561090][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 66.567329][ T8464]
[ 66.569666][ T8464]
[ 66.569666][ T8464] the dependencies between the lock to be acquired
[ 66.569670][ T8464] and HARDIRQ-irq-unsafe lock:
[ 66.583316][ T8464] -> (&f->f_owner.lock){.+.+}-{2:2} {
[ 66.588782][ T8464] HARDIRQ-ON-R at:
[ 66.592763][ T8464] lock_acquire+0x29d/0x740
[ 66.598901][ T8464] _raw_read_lock+0x5b/0x70
[ 66.605119][ T8464] send_sigurg+0x1e/0xab0
[ 66.611093][ T8464] sk_send_sigurg+0x76/0x300
[ 66.617592][ T8464] tcp_check_urg.isra.0+0x1f4/0x710
[ 66.624418][ T8464] tcp_rcv_established+0x106c/0x1eb0
[ 66.631548][ T8464] tcp_v4_do_rcv+0x5d1/0x870
[ 66.639031][ T8464] __release_sock+0x134/0x3a0
[ 66.645990][ T8464] release_sock+0x54/0x1b0
[ 66.652215][ T8464] tcp_sendmsg+0x36/0x40
[ 66.658221][ T8464] inet_sendmsg+0x99/0xe0
[ 66.664200][ T8464] sock_sendmsg+0xcf/0x120
[ 66.670470][ T8464] __sys_sendto+0x21c/0x320
[ 66.677649][ T8464] __x64_sys_sendto+0xdd/0x1b0
[ 66.684143][ T8464] do_syscall_64+0x2d/0x70
[ 66.690200][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 66.697899][ T8464] SOFTIRQ-ON-R at:
[ 66.701897][ T8464] lock_acquire+0x29d/0x740
[ 66.708177][ T8464] _raw_read_lock+0x5b/0x70
[ 66.714593][ T8464] send_sigurg+0x1e/0xab0
[ 66.720638][ T8464] sk_send_sigurg+0x76/0x300
[ 66.726891][ T8464] tcp_check_urg.isra.0+0x1f4/0x710
[ 66.733719][ T8464] tcp_rcv_established+0x106c/0x1eb0
[ 66.740638][ T8464] tcp_v4_do_rcv+0x5d1/0x870
[ 66.746894][ T8464] __release_sock+0x134/0x3a0
[ 66.753225][ T8464] release_sock+0x54/0x1b0
[ 66.759303][ T8464] tcp_sendmsg+0x36/0x40
[ 66.765224][ T8464] inet_sendmsg+0x99/0xe0
[ 66.771211][ T8464] sock_sendmsg+0xcf/0x120
[ 66.777280][ T8464] __sys_sendto+0x21c/0x320
[ 66.783515][ T8464] __x64_sys_sendto+0xdd/0x1b0
[ 66.790001][ T8464] do_syscall_64+0x2d/0x70
[ 66.796178][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 66.803716][ T8464] INITIAL READ USE at:
[ 66.808032][ T8464] lock_acquire+0x29d/0x740
[ 66.814523][ T8464] _raw_read_lock+0x5b/0x70
[ 66.821029][ T8464] send_sigurg+0x1e/0xab0
[ 66.827347][ T8464] sk_send_sigurg+0x76/0x300
[ 66.833930][ T8464] tcp_check_urg.isra.0+0x1f4/0x710
[ 66.841108][ T8464] tcp_rcv_established+0x106c/0x1eb0
[ 66.848368][ T8464] tcp_v4_do_rcv+0x5d1/0x870
[ 66.855038][ T8464] __release_sock+0x134/0x3a0
[ 66.861707][ T8464] release_sock+0x54/0x1b0
[ 66.868215][ T8464] tcp_sendmsg+0x36/0x40
[ 66.874468][ T8464] inet_sendmsg+0x99/0xe0
[ 66.880792][ T8464] sock_sendmsg+0xcf/0x120
[ 66.887195][ T8464] __sys_sendto+0x21c/0x320
[ 66.893681][ T8464] __x64_sys_sendto+0xdd/0x1b0
[ 66.900447][ T8464] do_syscall_64+0x2d/0x70
[ 66.906846][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 66.914706][ T8464] }
[ 66.917219][ T8464] ... key at: [<ffffffff8ef5fa60>] __key.5+0x0/0x40
[ 66.924588][ T8464] ... acquired at:
[ 66.928392][ T8464] lock_acquire+0x29d/0x740
[ 66.933058][ T8464] _raw_read_lock+0x5b/0x70
[ 66.937729][ T8464] send_sigio+0x24/0x350
[ 66.942136][ T8464] kill_fasync+0x205/0x460
[ 66.946707][ T8464] evdev_pass_values.part.0+0x64e/0x970
[ 66.952408][ T8464] evdev_events+0x28b/0x3f0
[ 66.957080][ T8464] input_to_handler+0x2a0/0x4c0
[ 66.962461][ T8464] input_pass_values.part.0+0x284/0x700
[ 66.968181][ T8464] input_handle_event+0x324/0x1400
[ 66.973441][ T8464] input_inject_event+0x2f5/0x310
[ 66.978614][ T8464] evdev_write+0x430/0x760
[ 66.983321][ T8464] vfs_write+0x28e/0xa30
[ 66.987737][ T8464] ksys_write+0x1ee/0x250
[ 66.992247][ T8464] do_syscall_64+0x2d/0x70
[ 66.996846][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 67.002884][ T8464]
[ 67.005190][ T8464]
[ 67.005190][ T8464] stack backtrace:
[ 67.011068][ T8464] CPU: 0 PID: 8464 Comm: syz-executor039 Not tainted 5.10.0-rc7-syzkaller #0
[ 67.019810][ T8464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 67.029986][ T8464] Call Trace:
[ 67.033258][ T8464] dump_stack+0x107/0x163
[ 67.037569][ T8464] check_irq_usage.cold+0x4f5/0x6c8
[ 67.042927][ T8464] ? print_shortest_lock_dependencies+0x80/0x80
[ 67.049168][ T8464] ? __kernel_text_address+0x9/0x30
[ 67.054359][ T8464] ? unwind_get_return_address+0x51/0x90
[ 67.060199][ T8464] ? check_path.constprop.0+0x22/0x40
[ 67.065608][ T8464] ? stack_trace_save+0x8c/0xc0
[ 67.070479][ T8464] ? lockdep_lock+0xc6/0x200
[ 67.075066][ T8464] ? call_rcu_zapped+0xb0/0xb0
[ 67.079820][ T8464] __lock_acquire+0x2af6/0x5500
[ 67.084655][ T8464] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 67.090632][ T8464] lock_acquire+0x29d/0x740
[ 67.095126][ T8464] ? send_sigio+0x24/0x350
[ 67.099541][ T8464] ? lock_release+0x710/0x710
[ 67.104226][ T8464] ? lock_release+0x710/0x710
[ 67.108902][ T8464] ? lock_release+0x710/0x710
[ 67.113573][ T8464] ? lock_release+0x710/0x710
[ 67.118243][ T8464] _raw_read_lock+0x5b/0x70
[ 67.122738][ T8464] ? send_sigio+0x24/0x350
[ 67.127221][ T8464] send_sigio+0x24/0x350
[ 67.132049][ T8464] kill_fasync+0x205/0x460
[ 67.136474][ T8464] evdev_pass_values.part.0+0x64e/0x970
[ 67.142129][ T8464] ? evdev_release+0x410/0x410
[ 67.147058][ T8464] ? ktime_mono_to_any+0xb8/0x1a0
[ 67.152071][ T8464] evdev_events+0x28b/0x3f0
[ 67.156659][ T8464] ? evdev_pass_values.part.0+0x970/0x970
[ 67.162368][ T8464] input_to_handler+0x2a0/0x4c0
[ 67.167204][ T8464] input_pass_values.part.0+0x284/0x700
[ 67.172901][ T8464] ? rwlock_bug.part.0+0x90/0x90
[ 67.177820][ T8464] input_handle_event+0x324/0x1400
[ 67.183062][ T8464] input_inject_event+0x2f5/0x310
[ 67.188081][ T8464] evdev_write+0x430/0x760
[ 67.192484][ T8464] ? evdev_read+0xe40/0xe40
[ 67.197187][ T8464] ? security_file_permission+0x248/0x560
[ 67.203131][ T8464] ? evdev_read+0xe40/0xe40
[ 67.207743][ T8464] vfs_write+0x28e/0xa30
[ 67.212088][ T8464] ksys_write+0x1ee/0x250
[ 67.216506][ T8464] ? __ia32_sys_read+0xb0/0xb0
[ 67.221272][ T8464] ? syscall_enter_from_user_mode+0x1d/0x50
[ 67.227149][ T8464] do_syscall_64+0x2d/0x70
[ 67.231560][ T8464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 67.237432][ T8464] RIP: 0033:0x4478e9
[ 67.241328][ T8464] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb cf fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 67.261035][ T8464] RSP: 002b:00007ffe0e18edb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 67.269689][ T8464] RAX: ffffffffffffffda RBX: 00000000004ab481 RCX: 00000000004478e9
[ 67.277661][ T8464] RDX: 0000000000000030 RSI: 0000000020000200 RDI: 0000000000000005
[ 67.285721][ T8464] RBP: 00007ffe0e18edd0 R08: 00000000bb1414ac R09: 00000000bb1414ac
[ 67.293673][ T8464] R10: 000000000000000f R11: 0000000000000246 R12: 00007ffe0e18ee00
[ 67.301996][ T8464] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000