EEVDF scheduling fail, picking leftmost ====================================================== WARNING: possible circular locking dependency detected 6.6.0-rc6-syzkaller-g78124b0c1d10 #0 Not tainted ------------------------------------------------------ udevd/11809 is trying to acquire lock: ffff80008e2509b8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x28/0xd8 kernel/locking/semaphore.c:139 but task is already holding lock: ffff0001b41f2d58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:558 [inline] ffff0001b41f2d58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1372 [inline] ffff0001b41f2d58 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1681 [inline] ffff0001b41f2d58 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2d8/0x23b4 kernel/sched/core.c:6612 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&rq->__lock){-.-.}-{2:2}: _raw_spin_lock_nested+0x50/0x6c kernel/locking/spinlock.c:378 raw_spin_rq_lock_nested+0x2c/0x44 kernel/sched/core.c:558 raw_spin_rq_lock kernel/sched/sched.h:1372 [inline] rq_lock kernel/sched/sched.h:1681 [inline] task_fork_fair+0x74/0x128 kernel/sched/fair.c:12416 sched_cgroup_fork+0x38c/0x464 kernel/sched/core.c:4816 copy_process+0x24bc/0x34b8 kernel/fork.c:2609 kernel_clone+0x1d8/0x80c kernel/fork.c:2909 user_mode_thread+0x110/0x178 kernel/fork.c:2987 rest_init+0x2c/0x2f4 init/main.c:691 start_kernel+0x0/0x4e8 init/main.c:823 start_kernel+0x3e8/0x4e8 init/main.c:1068 __primary_switched+0xb8/0xc0 arch/arm64/kernel/head.S:523 -> #1 (&p->pi_lock){-.-.}-{2:2}: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x5c/0x7c kernel/locking/spinlock.c:162 class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:518 [inline] try_to_wake_up+0xb0/0xe80 kernel/sched/core.c:4230 wake_up_process+0x18/0x24 kernel/sched/core.c:4478 __up+0x11c/0x148 kernel/locking/semaphore.c:278 up+0x90/0xb0 kernel/locking/semaphore.c:191 __up_console_sem kernel/printk/printk.c:346 [inline] __console_unlock kernel/printk/printk.c:2718 [inline] console_unlock+0x174/0x3d4 kernel/printk/printk.c:3037 vprintk_emit+0x150/0x2e8 kernel/printk/printk.c:2307 vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2322 vprintk+0x200/0x2d4 kernel/printk/printk_safe.c:45 _printk+0xdc/0x128 kernel/printk/printk.c:2332 usb_gadget_register_driver_owner+0x1f0/0x224 drivers/usb/gadget/udc/core.c:1684 raw_ioctl_run drivers/usb/gadget/legacy/raw_gadget.c:548 [inline] raw_ioctl+0x10c0/0x33bc drivers/usb/gadget/legacy/raw_gadget.c:1255 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:871 [inline] __se_sys_ioctl fs/ioctl.c:857 [inline] __arm64_sys_ioctl+0x14c/0x1c8 fs/ioctl.c:857 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155 el0_svc+0x54/0x158 arch/arm64/kernel/entry-common.c:678 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:595 -> #0 ((console_sem).lock){-.-.}-{2:2}: check_prev_add kernel/locking/lockdep.c:3134 [inline] check_prevs_add kernel/locking/lockdep.c:3253 [inline] validate_chain kernel/locking/lockdep.c:3868 [inline] __lock_acquire+0x3370/0x75e8 kernel/locking/lockdep.c:5136 lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5753 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x5c/0x7c kernel/locking/spinlock.c:162 down_trylock+0x28/0xd8 kernel/locking/semaphore.c:139 __down_trylock_console_sem+0x58/0xf8 kernel/printk/printk.c:329 console_trylock kernel/printk/printk.c:2671 [inline] console_trylock_spinning+0xd8/0x3d8 kernel/printk/printk.c:1927 vprintk_emit+0x134/0x2e8 kernel/printk/printk.c:2306 vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2322 vprintk+0x200/0x2d4 kernel/printk/printk_safe.c:45 _printk+0xdc/0x128 kernel/printk/printk.c:2332 pick_eevdf+0x610/0x618 kernel/sched/fair.c:976 pick_next_entity kernel/sched/fair.c:5278 [inline] pick_next_task_fair+0x104/0x930 kernel/sched/fair.c:8222 __pick_next_task kernel/sched/core.c:6004 [inline] pick_next_task kernel/sched/core.c:6514 [inline] __schedule+0x638/0x23b4 kernel/sched/core.c:6659 preempt_schedule_irq+0x80/0x188 kernel/sched/core.c:7007 arm64_preempt_schedule_irq arch/arm64/kernel/entry-common.c:267 [inline] __el1_irq arch/arm64/kernel/entry-common.c:505 [inline] el1_interrupt+0x4c/0x68 arch/arm64/kernel/entry-common.c:517 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:522 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:591 preempt_count arch/arm64/include/asm/preempt.h:13 [inline] check_kcov_mode kernel/kcov.c:173 [inline] write_comp_data kernel/kcov.c:236 [inline] __sanitizer_cov_trace_const_cmp4+0x14/0x98 kernel/kcov.c:304 mntput+0x60/0xcc fs/namespace.c:1350 path_put fs/namei.c:562 [inline] terminate_walk+0x2d8/0x3c4 fs/namei.c:689 path_parentat fs/namei.c:2537 [inline] __filename_parentat+0x44c/0x5d0 fs/namei.c:2553 filename_parentat fs/namei.c:2571 [inline] do_renameat2+0x318/0x10b0 fs/namei.c:4928 __do_sys_renameat fs/namei.c:5052 [inline] __se_sys_renameat fs/namei.c:5049 [inline] __arm64_sys_renameat+0xc8/0xe4 fs/namei.c:5049 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155 el0_svc+0x54/0x158 arch/arm64/kernel/entry-common.c:678 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:595 other info that might help us debug this: Chain exists of: (console_sem).lock --> &p->pi_lock --> &rq->__lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&rq->__lock); lock(&p->pi_lock); lock(&rq->__lock); lock((console_sem).lock); *** DEADLOCK *** 2 locks held by udevd/11809: #0: ffff80008e3737c0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c include/linux/rcupdate.h:302 #1: ffff0001b41f2d58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:558 [inline] #1: ffff0001b41f2d58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1372 [inline] #1: ffff0001b41f2d58 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1681 [inline] #1: ffff0001b41f2d58 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x2d8/0x23b4 kernel/sched/core.c:6612 stack backtrace: CPU: 1 PID: 11809 Comm: udevd Not tainted 6.6.0-rc6-syzkaller-g78124b0c1d10 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 Call trace: dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233 show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 print_circular_bug+0x150/0x1b8 kernel/locking/lockdep.c:2060 check_noncircular+0x310/0x404 kernel/locking/lockdep.c:2187 check_prev_add kernel/locking/lockdep.c:3134 [inline] check_prevs_add kernel/locking/lockdep.c:3253 [inline] validate_chain kernel/locking/lockdep.c:3868 [inline] __lock_acquire+0x3370/0x75e8 kernel/locking/lockdep.c:5136 lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5753 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x5c/0x7c kernel/locking/spinlock.c:162 down_trylock+0x28/0xd8 kernel/locking/semaphore.c:139 __down_trylock_console_sem+0x58/0xf8 kernel/printk/printk.c:329 console_trylock kernel/printk/printk.c:2671 [inline] console_trylock_spinning+0xd8/0x3d8 kernel/printk/printk.c:1927 vprintk_emit+0x134/0x2e8 kernel/printk/printk.c:2306 vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2322 vprintk+0x200/0x2d4 kernel/printk/printk_safe.c:45 _printk+0xdc/0x128 kernel/printk/printk.c:2332 pick_eevdf+0x610/0x618 kernel/sched/fair.c:976 pick_next_entity kernel/sched/fair.c:5278 [inline] pick_next_task_fair+0x104/0x930 kernel/sched/fair.c:8222 __pick_next_task kernel/sched/core.c:6004 [inline] pick_next_task kernel/sched/core.c:6514 [inline] __schedule+0x638/0x23b4 kernel/sched/core.c:6659 preempt_schedule_irq+0x80/0x188 kernel/sched/core.c:7007 arm64_preempt_schedule_irq arch/arm64/kernel/entry-common.c:267 [inline] __el1_irq arch/arm64/kernel/entry-common.c:505 [inline] el1_interrupt+0x4c/0x68 arch/arm64/kernel/entry-common.c:517 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:522 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:591 preempt_count arch/arm64/include/asm/preempt.h:13 [inline] check_kcov_mode kernel/kcov.c:173 [inline] write_comp_data kernel/kcov.c:236 [inline] __sanitizer_cov_trace_const_cmp4+0x14/0x98 kernel/kcov.c:304 mntput+0x60/0xcc fs/namespace.c:1350 path_put fs/namei.c:562 [inline] terminate_walk+0x2d8/0x3c4 fs/namei.c:689 path_parentat fs/namei.c:2537 [inline] __filename_parentat+0x44c/0x5d0 fs/namei.c:2553 filename_parentat fs/namei.c:2571 [inline] do_renameat2+0x318/0x10b0 fs/namei.c:4928 __do_sys_renameat fs/namei.c:5052 [inline] __se_sys_renameat fs/namei.c:5049 [inline] __arm64_sys_renameat+0xc8/0xe4 fs/namei.c:5049 __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline] invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155 el0_svc+0x54/0x158 arch/arm64/kernel/entry-common.c:678 el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:595