./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor75812341

<...>
DUID 00:04:15:32:48:1d:3b:73:54:4f:46:a6:7d:b2:d0:ec:1f:b1
forked to background, child pid 3177
[   26.860338][ T3178] 8021q: adding VLAN 0 to HW filter on device bond0
[   26.871480][ T3178] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.109' (ECDSA) to the list of known hosts.
execve("./syz-executor75812341", ["./syz-executor75812341"], 0x7ffedc4dfb00 /* 10 vars */) = 0
brk(NULL)                               = 0x55555650d000
brk(0x55555650dc40)                     = 0x55555650dc40
arch_prctl(ARCH_SET_FS, 0x55555650d300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor75812341", 4096) = 26
brk(0x55555652ec40)                     = 0x55555652ec40
brk(0x55555652f000)                     = 0x55555652f000
mprotect(0x7f0b7ebbf000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/proc/self/net/dev_snmp6", O_RDWR) = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/proc/self/net/dev_snmp6", O_RDONLY) = 3
openat(AT_FDCWD, "/dev/ptmx", O_RDONLY) = 4
ioctl(4, TIOCSPTLCK, [0])               = 0
ioctl(4, TIOCGPTN, [0])                 = 0
openat(AT_FDCWD, "/dev/pts/0", O_RDWR)  = 5
dup3(5, 3, 0)                           = 3
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
write(6, "3", 1)                        = 1
syzkaller login: [   48.644696][ T3599] FAULT_INJECTION: forcing a failure.
[   48.644696][ T3599] name failslab, interval 1, probability 0, space 0, times 1
[   48.644803][ T3599] 
[   48.644807][ T3599] ======================================================
[   48.644810][ T3599] WARNING: possible circular locking dependency detected
[   48.644814][ T3599] 5.18.0-rc6-syzkaller-00161-gbc403203d65a #0 Not tainted
[   48.644821][ T3599] ------------------------------------------------------
[   48.644824][ T3599] syz-executor758/3599 is trying to acquire lock:
[   48.644830][ T3599] ffffffff8bc90700 (console_owner){....}-{0:0}, at: console_unlock+0x35e/0xdd0
[   48.644869][ T3599] 
[   48.644869][ T3599] but task is already holding lock:
[   48.644871][ T3599] ffff88801a519958 (&port->lock){-...}-{2:2}, at: pty_write+0xea/0x1e0
[   48.644899][ T3599] 
[   48.644899][ T3599] which lock already depends on the new lock.
[   48.644899][ T3599] 
[   48.644903][ T3599] 
[   48.644903][ T3599] the existing dependency chain (in reverse order) is:
[   48.644906][ T3599] 
[   48.644906][ T3599] -> #2 (&port->lock){-...}-{2:2}:
[   48.644921][ T3599]        _raw_spin_lock_irqsave+0x39/0x50
[   48.644939][ T3599]        tty_port_tty_get+0x1f/0x100
[   48.644952][ T3599]        tty_port_default_wakeup+0x11/0x40
[   48.644965][ T3599]        serial8250_tx_chars+0x4f3/0xa50
[   48.644980][ T3599]        serial8250_handle_irq.part.0+0x328/0x3d0
[   48.644994][ T3599]        serial8250_default_handle_irq+0xb2/0x220
[   48.645009][ T3599]        serial8250_interrupt+0xfd/0x200
[   48.645022][ T3599]        __handle_irq_event_percpu+0x22b/0x880
[   48.645034][ T3599]        handle_irq_event+0xa7/0x1e0
[   48.645044][ T3599]        handle_edge_irq+0x25f/0xd00
[   48.645057][ T3599]        __common_interrupt+0x9d/0x210
[   48.645069][ T3599]        common_interrupt+0xa4/0xc0
[   48.645083][ T3599]        asm_common_interrupt+0x1e/0x40
[   48.645097][ T3599]        acpi_idle_do_entry+0x1c6/0x250
[   48.645108][ T3599]        acpi_idle_enter+0x361/0x500
[   48.645119][ T3599]        cpuidle_enter_state+0x1b1/0xc80
[   48.645131][ T3599]        cpuidle_enter+0x4a/0xa0
[   48.645141][ T3599]        do_idle+0x3e8/0x590
[   48.645151][ T3599]        cpu_startup_entry+0x14/0x20
[   48.645162][ T3599]        rest_init+0x169/0x270
[   48.645173][ T3599]        arch_call_rest_init+0xf/0x14
[   48.645185][ T3599]        start_kernel+0x47f/0x4a0
[   48.645195][ T3599]        secondary_startup_64_no_verify+0xc3/0xcb
[   48.645210][ T3599] 
[   48.645210][ T3599] -> #1 (&port_lock_key){-...}-{2:2}:
[   48.645224][ T3599]        _raw_spin_lock_irqsave+0x39/0x50
[   48.645237][ T3599]        serial8250_console_write+0x9cb/0xc30
[   48.645251][ T3599]        console_unlock+0x9bc/0xdd0
[   48.645264][ T3599]        vprintk_emit+0x1b4/0x5f0
[   48.645277][ T3599]        vprintk+0x80/0x90
[   48.645289][ T3599]        _printk+0xba/0xed
[   48.645301][ T3599]        register_console+0x410/0x7c0
[   48.645315][ T3599]        univ8250_console_init+0x3a/0x46
[   48.645330][ T3599]        console_init+0x3c1/0x58d
[   48.645344][ T3599]        start_kernel+0x30b/0x4a0
[   48.645354][ T3599]        secondary_startup_64_no_verify+0xc3/0xcb
[   48.645368][ T3599] 
[   48.645368][ T3599] -> #0 (console_owner){....}-{0:0}:
[   48.645382][ T3599]        __lock_acquire+0x2ac6/0x56c0
[   48.645396][ T3599]        lock_acquire+0x1ab/0x510
[   48.645408][ T3599]        console_unlock+0x3b1/0xdd0
[   48.645421][ T3599]        vprintk_emit+0x1b4/0x5f0
[   48.645434][ T3599]        vprintk+0x80/0x90
[   48.645446][ T3599]        _printk+0xba/0xed
[   48.645457][ T3599]        should_fail+0x472/0x5a0
[   48.645469][ T3599]        should_failslab+0x5/0x10
[   48.645481][ T3599]        __kmalloc+0x7e/0x350
[   48.645492][ T3599]        tty_buffer_alloc+0x23f/0x2a0
[   48.645503][ T3599]        __tty_buffer_request_room+0x156/0x2a0
[   48.645516][ T3599]        tty_insert_flip_string_fixed_flag+0x8c/0x240
[   48.645529][ T3599]        pty_write+0x11c/0x1e0
[   48.645541][ T3599]        n_tty_write+0x410/0xfc0
[   48.645551][ T3599]        file_tty_write.constprop.0+0x520/0x900
[   48.645566][ T3599]        new_sync_write+0x38a/0x560
[   48.645587][ T3599]        vfs_write+0x7c0/0xac0
[   48.645603][ T3599]        ksys_write+0x127/0x250
[   48.645620][ T3599]        do_syscall_64+0x35/0xb0
[   48.645642][ T3599]        entry_SYSCALL_64_after_hwframe+0x44/0xae
[   48.645658][ T3599] 
[   48.645658][ T3599] other info that might help us debug this:
[   48.645658][ T3599] 
[   48.645661][ T3599] Chain exists of:
[   48.645661][ T3599]   console_owner --> &port_lock_key --> &port->lock
[   48.645661][ T3599] 
[   48.645678][ T3599]  Possible unsafe locking scenario:
[   48.645678][ T3599] 
[   48.645680][ T3599]        CPU0                    CPU1
[   48.645682][ T3599]        ----                    ----
[   48.645685][ T3599]   lock(&port->lock);
[   48.645691][ T3599]                                lock(&port_lock_key);
[   48.645698][ T3599]                                lock(&port->lock);
[   48.645704][ T3599]   lock(console_owner);
[   48.645710][ T3599] 
[   48.645710][ T3599]  *** DEADLOCK ***
[   48.645710][ T3599] 
[   48.645712][ T3599] 6 locks held by syz-executor758/3599:
[   48.645719][ T3599]  #0: ffff88801d210098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80
[   48.645747][ T3599]  #1: ffff88801d210130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x299/0x900
[   48.645779][ T3599]  #2: ffff88801d2102e8 (&o_tty->termios_rwsem/1){++++}-{3:3}, at: n_tty_write+0x1bf/0xfc0
[   48.645808][ T3599]  #3: ffffc900013ec378 (&ldata->output_lock){+.+.}-{3:3}, at: n_tty_write+0x53c/0xfc0
[   48.645834][ T3599]  #4: ffff88801a519958 (&port->lock){-...}-{2:2}, at: pty_write+0xea/0x1e0
[   48.645862][ T3599]  #5: ffffffff8bd70b40 (console_lock){+.+.}-{0:0}, at: vprintk+0x80/0x90
[   48.645891][ T3599] 
[   48.645891][ T3599] stack backtrace:
[   48.645894][ T3599] CPU: 0 PID: 3599 Comm: syz-executor758 Not tainted 5.18.0-rc6-syzkaller-00161-gbc403203d65a #0
[   48.645908][ T3599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   48.645915][ T3599] Call Trace:
[   48.645918][ T3599]  <TASK>
[   48.645923][ T3599]  dump_stack_lvl+0xcd/0x134
[   48.645939][ T3599]  check_noncircular+0x25f/0x2e0
[   48.645953][ T3599]  ? filter_irq_stacks+0x90/0x90
[   48.645969][ T3599]  ? print_circular_bug+0x1e0/0x1e0
[   48.645984][ T3599]  ? pointer+0x950/0x950
[   48.645997][ T3599]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   48.646012][ T3599]  ? add_lock_to_list.constprop.0+0x185/0x370
[   48.646028][ T3599]  __lock_acquire+0x2ac6/0x56c0
[   48.646045][ T3599]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[   48.646060][ T3599]  ? msg_add_ext_text+0x1d0/0x1d0
[   48.646076][ T3599]  lock_acquire+0x1ab/0x510
[   48.646090][ T3599]  ? console_unlock+0x35e/0xdd0
[   48.646104][ T3599]  ? lock_release+0x720/0x720
[   48.646118][ T3599]  ? lock_downgrade+0x6e0/0x6e0
[   48.646131][ T3599]  ? do_raw_spin_lock+0x120/0x2a0
[   48.646146][ T3599]  ? rwlock_bug.part.0+0x90/0x90
[   48.646161][ T3599]  ? prb_final_commit+0x64/0xa0
[   48.646177][ T3599]  console_unlock+0x3b1/0xdd0
[   48.646191][ T3599]  ? console_unlock+0x35e/0xdd0
[   48.646205][ T3599]  ? devkmsg_read+0x730/0x730
[   48.646220][ T3599]  ? lock_release+0x720/0x720
[   48.646236][ T3599]  ? vprintk+0x80/0x90
[   48.646250][ T3599]  vprintk_emit+0x1b4/0x5f0
[   48.646264][ T3599]  ? add_lock_to_list.constprop.0+0x185/0x370
[   48.646280][ T3599]  vprintk+0x80/0x90
[   48.646293][ T3599]  _printk+0xba/0xed
[   48.646305][ T3599]  ? record_print_text.cold+0x16/0x16
[   48.646321][ T3599]  ? ___ratelimit+0x222/0x4b0
[   48.646333][ T3599]  should_fail+0x472/0x5a0
[   48.646346][ T3599]  should_failslab+0x5/0x10
[   48.646357][ T3599]  __kmalloc+0x7e/0x350
[   48.646368][ T3599]  ? tty_buffer_alloc+0x23f/0x2a0
[   48.646381][ T3599]  tty_buffer_alloc+0x23f/0x2a0
[   48.646394][ T3599]  __tty_buffer_request_room+0x156/0x2a0
[   48.646409][ T3599]  tty_insert_flip_string_fixed_flag+0x8c/0x240
[   48.646425][ T3599]  pty_write+0x11c/0x1e0
[   48.646438][ T3599]  ? __sanitizer_cov_trace_switch+0xbb/0xf0
[   48.646451][ T3599]  n_tty_write+0x410/0xfc0
[   48.646465][ T3599]  ? n_tty_check_unthrottle+0x440/0x440
[   48.646477][ T3599]  ? rcu_read_lock_sched_held+0x3a/0x70
[   48.646492][ T3599]  ? __init_waitqueue_head+0xd0/0xd0
[   48.646507][ T3599]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   48.646520][ T3599]  ? __phys_addr+0xc4/0x140
[   48.646534][ T3599]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   48.646547][ T3599]  ? __phys_addr_symbol+0x2c/0x70
[   48.646561][ T3599]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   48.646573][ T3599]  ? __check_object_size+0x16c/0x4f0
[   48.646593][ T3599]  file_tty_write.constprop.0+0x520/0x900
[   48.646609][ T3599]  ? n_tty_check_unthrottle+0x440/0x440
[   48.646623][ T3599]  new_sync_write+0x38a/0x560
[   48.646634][ T3599]  ? new_sync_read+0x5f0/0x5f0
[   48.646646][ T3599]  ? _raw_spin_lock_irq+0x41/0x50
[   48.646661][ T3599]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   48.646674][ T3599]  ? security_file_permission+0xab/0xd0
[   48.646690][ T3599]  vfs_write+0x7c0/0xac0
[   48.646702][ T3599]  ksys_write+0x127/0x250
[   48.646713][ T3599]  ? __ia32_sys_read+0xb0/0xb0
[   48.646725][ T3599]  ? lockdep_hardirqs_on+0x79/0x100
[   48.646737][ T3599]  ? _raw_spin_unlock_irq+0x2a/0x40
[   48.646750][ T3599]  ? ptrace_notify+0xfa/0x140
[   48.646767][ T3599]  do_syscall_64+0x35/0xb0
[   48.646781][ T3599]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   48.646796][ T3599] RIP: 0033:0x7f0b7eb528f9
[   48.646807][ T3599] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   48.646818][ T3599] RSP: 002b:00007ffccb7e4998 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   48.646830][ T3599] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f0b7eb528f9
[   48.646853][ T3599] RDX: 00000000ffffffde RSI: 00000000200001c0 RDI: 0000000000000003
[   48.646860][ T3599] RBP: 00007ffccb7e49b0 R08: 0000000000000001 R09: 0000000000000001
[   48.646868][ T3599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[   48.646876][ T3599] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   48.646886][ T3599]  </TASK>
[   49.605641][ T3599] CPU: 0 PID: 3599 Comm: syz-executor758 Not tainted 5.18.0-rc6-syzkaller-00161-gbc403203d65a #0
[   49.616128][ T3599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   49.626169][ T3599] Call Trace:
[   49.629440][ T3599]  <TASK>
[   49.632360][ T3599]  dump_stack_lvl+0xcd/0x134
[   49.636947][ T3599]  should_fail.cold+0x5/0xa
[   49.641443][ T3599]  should_failslab+0x5/0x10
[   49.645935][ T3599]  __kmalloc+0x7e/0x350
[   49.650079][ T3599]  ? tty_buffer_alloc+0x23f/0x2a0
[   49.655114][ T3599]  tty_buffer_alloc+0x23f/0x2a0
[   49.659970][ T3599]  __tty_buffer_request_room+0x156/0x2a0
[   49.665598][ T3599]  tty_insert_flip_string_fixed_flag+0x8c/0x240
[   49.671834][ T3599]  pty_write+0x11c/0x1e0
[   49.676068][ T3599]  ? __sanitizer_cov_trace_switch+0xbb/0xf0
[   49.681958][ T3599]  n_tty_write+0x410/0xfc0
[   49.686369][ T3599]  ? n_tty_check_unthrottle+0x440/0x440
[   49.691900][ T3599]  ? rcu_read_lock_sched_held+0x3a/0x70
[   49.697440][ T3599]  ? __init_waitqueue_head+0xd0/0xd0
[   49.702720][ T3599]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   49.708952][ T3599]  ? __phys_addr+0xc4/0x140
[   49.713473][ T3599]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[   49.719703][ T3599]  ? __phys_addr_symbol+0x2c/0x70
[   49.724729][ T3599]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[   49.730437][ T3599]  ? __check_object_size+0x16c/0x4f0
[   49.735714][ T3599]  file_tty_write.constprop.0+0x520/0x900
[   49.741431][ T3599]  ? n_tty_check_unthrottle+0x440/0x440
[   49.746965][ T3599]  new_sync_write+0x38a/0x560
[   49.751629][ T3599]  ? new_sync_read+0x5f0/0x5f0
[   49.756379][ T3599]  ? _raw_spin_lock_irq+0x41/0x50
[   49.761404][ T3599]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[   49.767636][ T3599]  ? security_file_permission+0xab/0xd0
[   49.773186][ T3599]  vfs_write+0x7c0/0xac0
[   49.777420][ T3599]  ksys_write+0x127/0x250
[   49.781737][ T3599]  ? __ia32_sys_read+0xb0/0xb0
[   49.786485][ T3599]  ? lockdep_hardirqs_on+0x79/0x100
[   49.791675][ T3599]  ? _raw_spin_unlock_irq+0x2a/0x40
[   49.796952][ T3599]  ? ptrace_notify+0xfa/0x140
[   49.801627][ T3599]  do_syscall_64+0x35/0xb0
[   49.806038][ T3599]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[   49.811922][ T3599] RIP: 0033:0x7f0b7eb528f9
[   49.816325][ T3599] Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[   49.835928][ T3599] RSP: 002b:00007ffccb7e4998 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   49.844415][ T3599] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f0b7eb528f9
[   49.852372][ T3599] RDX: 00000000ffffffde RSI: 00000000200001c0 RDI: 0000000000000003
[   49.860329][ T3599] RBP: 00007ffccb7e49b0 R08: 0000000000000001 R09: 0000000000000001
[   49.868287][ T3599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[   49.876248][ T3599] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   49.884208][ T3599]  </TASK>