Insufficient stack space to handle exception! ====================================================== WARNING: possible circular locking dependency detected 6.11.0-rc2-syzkaller-g1ff95eb2bebd #0 Not tainted ------------------------------------------------------ syz-executor/3179 is trying to acquire lock: ffffffff87cd2780 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable kernel/printk/printk.c:1869 [inline] ffffffff87cd2780 (console_owner){-.-.}-{0:0}, at: console_emit_next_record kernel/printk/printk.c:2977 [inline] ffffffff87cd2780 (console_owner){-.-.}-{0:0}, at: console_flush_all+0x52e/0xcf4 kernel/printk/printk.c:3049 but task is already holding lock: ff6000006ec85f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:560 [inline] ff6000006ec85f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1415 [inline] ff6000006ec85f58 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1714 [inline] ff6000006ec85f58 (&rq->__lock){-.-.}-{2:2}, at: sched_tick+0xd2/0x2e8 kernel/sched/core.c:5458 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #4 (&rq->__lock){-.-.}-{2:2}: lock_acquire.part.0+0x2c6/0x820 kernel/locking/lockdep.c:5759 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5732 _raw_spin_lock_nested+0x36/0x4e kernel/locking/spinlock.c:378 raw_spin_rq_lock_nested+0x22/0x34 kernel/sched/core.c:560 raw_spin_rq_lock kernel/sched/sched.h:1415 [inline] rq_lock kernel/sched/sched.h:1714 [inline] task_fork_fair+0xca/0x198 kernel/sched/fair.c:12710 sched_cgroup_fork+0x3de/0x550 kernel/sched/core.c:4633 copy_process+0x60e0/0x8db6 kernel/fork.c:2483 kernel_clone+0x11e/0x946 kernel/fork.c:2781 user_mode_thread+0xea/0x11a kernel/fork.c:2859 rest_init+0x34/0x2d6 init/main.c:712 console_on_rootfs+0x0/0x96 init/main.c:1103 -> #3 (&p->pi_lock){-.-.}-{2:2}: lock_acquire.part.0+0x2c6/0x820 kernel/locking/lockdep.c:5759 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5732 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x3e/0x62 kernel/locking/spinlock.c:162 class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline] try_to_wake_up+0xa0/0x19c6 kernel/sched/core.c:4051 default_wake_function+0x28/0x4c kernel/sched/core.c:6863 woken_wake_function+0x38/0x64 kernel/sched/wait.c:444 __wake_up_common+0x106/0x184 kernel/sched/wait.c:89 __wake_up_common_lock kernel/sched/wait.c:106 [inline] __wake_up+0x32/0x58 kernel/sched/wait.c:127 tty_wakeup+0x60/0xfc drivers/tty/tty_io.c:527 tty_port_default_wakeup+0x2c/0x44 drivers/tty/tty_port.c:69 tty_port_tty_wakeup+0x52/0x72 drivers/tty/tty_port.c:435 uart_write_wakeup+0x40/0x5e drivers/tty/serial/serial_core.c:120 serial8250_tx_chars+0x5f8/0x7a6 drivers/tty/serial/8250/8250_port.c:1821 serial8250_handle_irq+0x526/0x69c drivers/tty/serial/8250/8250_port.c:1929 serial8250_default_handle_irq+0x8c/0x1c6 drivers/tty/serial/8250/8250_port.c:1949 serial8250_interrupt+0xda/0x1ee drivers/tty/serial/8250/8250_core.c:86 __handle_irq_event_percpu+0x250/0x902 kernel/irq/handle.c:158 handle_irq_event_percpu kernel/irq/handle.c:193 [inline] handle_irq_event+0xb4/0x1ea kernel/irq/handle.c:210 handle_fasteoi_irq+0x31c/0xcce kernel/irq/chip.c:720 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:691 [inline] generic_handle_domain_irq+0x84/0xb2 kernel/irq/irqdesc.c:747 plic_handle_irq+0x17a/0x3c8 drivers/irqchip/irq-sifive-plic.c:378 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:691 [inline] generic_handle_domain_irq+0x84/0xb2 kernel/irq/irqdesc.c:747 riscv_intc_irq+0x4a/0xcc drivers/irqchip/irq-riscv-intc.c:33 handle_riscv_irq+0x2e/0x4c arch/riscv/kernel/traps.c:376 call_on_irq_stack+0x32/0x40 arch/riscv/kernel/entry.S:268 -> #2 (&tty->write_wait){-.-.}-{2:2}: lock_acquire.part.0+0x2c6/0x820 kernel/locking/lockdep.c:5759 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5732 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x3e/0x62 kernel/locking/spinlock.c:162 __wake_up_common_lock kernel/sched/wait.c:105 [inline] __wake_up+0x22/0x58 kernel/sched/wait.c:127 tty_wakeup+0x60/0xfc drivers/tty/tty_io.c:527 tty_port_default_wakeup+0x2c/0x44 drivers/tty/tty_port.c:69 tty_port_tty_wakeup+0x52/0x72 drivers/tty/tty_port.c:435 uart_write_wakeup+0x40/0x5e drivers/tty/serial/serial_core.c:120 serial8250_tx_chars+0x5f8/0x7a6 drivers/tty/serial/8250/8250_port.c:1821 serial8250_handle_irq+0x526/0x69c drivers/tty/serial/8250/8250_port.c:1929 serial8250_default_handle_irq+0x8c/0x1c6 drivers/tty/serial/8250/8250_port.c:1949 serial8250_interrupt+0xda/0x1ee drivers/tty/serial/8250/8250_core.c:86 __handle_irq_event_percpu+0x250/0x902 kernel/irq/handle.c:158 handle_irq_event_percpu kernel/irq/handle.c:193 [inline] handle_irq_event+0xb4/0x1ea kernel/irq/handle.c:210 handle_fasteoi_irq+0x31c/0xcce kernel/irq/chip.c:720 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:691 [inline] generic_handle_domain_irq+0x84/0xb2 kernel/irq/irqdesc.c:747 plic_handle_irq+0x17a/0x3c8 drivers/irqchip/irq-sifive-plic.c:378 generic_handle_irq_desc include/linux/irqdesc.h:173 [inline] handle_irq_desc kernel/irq/irqdesc.c:691 [inline] generic_handle_domain_irq+0x84/0xb2 kernel/irq/irqdesc.c:747 riscv_intc_irq+0x4a/0xcc drivers/irqchip/irq-riscv-intc.c:33 handle_riscv_irq+0x2e/0x4c arch/riscv/kernel/traps.c:376 call_on_irq_stack+0x32/0x40 arch/riscv/kernel/entry.S:268 -> #1 (&port_lock_key){-.-.}-{2:2}: lock_acquire.part.0+0x2c6/0x820 kernel/locking/lockdep.c:5759 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5732 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x3e/0x62 kernel/locking/spinlock.c:162 uart_port_lock_irqsave include/linux/serial_core.h:618 [inline] serial8250_console_write+0x56a/0xe48 drivers/tty/serial/8250/8250_port.c:3352 univ8250_console_write+0x70/0x9c drivers/tty/serial/8250/8250_core.c:396 console_emit_next_record kernel/printk/printk.c:2983 [inline] console_flush_all+0x572/0xcf4 kernel/printk/printk.c:3049 console_unlock+0xde/0x296 kernel/printk/printk.c:3118 vprintk_emit kernel/printk/printk.c:2348 [inline] vprintk_emit+0x120/0x5fa kernel/printk/printk.c:2303 vprintk_default+0x26/0x32 kernel/printk/printk.c:2363 vprintk+0x226/0x296 kernel/printk/printk_safe.c:45 _printk+0x98/0xc0 kernel/printk/printk.c:2373 register_console+0x872/0xeaa kernel/printk/printk.c:3654 uart_configure_port drivers/tty/serial/serial_core.c:2664 [inline] serial_core_add_one_port drivers/tty/serial/serial_core.c:3192 [inline] serial_core_register_port+0x1dd2/0x1dfa drivers/tty/serial/serial_core.c:3429 serial_ctrl_register_port+0x20/0x2c drivers/tty/serial/serial_ctrl.c:41 uart_add_one_port+0x20/0x2c drivers/tty/serial/serial_port.c:143 serial8250_register_8250_port+0x11fa/0x1ebc drivers/tty/serial/8250/8250_core.c:820 of_platform_serial_probe+0x694/0xa86 drivers/tty/serial/8250/8250_of.c:236 platform_probe+0xfa/0x1e8 drivers/base/platform.c:1404 call_driver_probe drivers/base/dd.c:578 [inline] really_probe+0x232/0x9be drivers/base/dd.c:657 __driver_probe_device+0x1d4/0x3f2 drivers/base/dd.c:799 driver_probe_device+0x60/0x1ce drivers/base/dd.c:829 __driver_attach+0x250/0x4ee drivers/base/dd.c:1215 bus_for_each_dev+0x124/0x1ba drivers/base/bus.c:368 driver_attach+0x3e/0x52 drivers/base/dd.c:1233 bus_add_driver+0x29e/0x5e6 drivers/base/bus.c:673 driver_register+0x18e/0x3ee drivers/base/driver.c:246 __platform_driver_register+0x5e/0x7e drivers/base/platform.c:867 of_platform_serial_driver_init+0x22/0x2a drivers/tty/serial/8250/8250_of.c:358 do_one_initcall+0x19a/0x98a init/main.c:1267 do_initcall_level init/main.c:1329 [inline] do_initcalls init/main.c:1345 [inline] do_basic_setup init/main.c:1364 [inline] kernel_init_freeable+0x6ec/0x792 init/main.c:1578 kernel_init+0x28/0x224 init/main.c:1467 ret_from_fork+0xe/0x1c arch/riscv/kernel/entry.S:239 -> #0 (console_owner){-.-.}-{0:0}: check_noncircular+0x2ba/0x354 kernel/locking/lockdep.c:2186 check_prev_add kernel/locking/lockdep.c:3133 [inline] check_prevs_add kernel/locking/lockdep.c:3252 [inline] validate_chain kernel/locking/lockdep.c:3868 [inline] __lock_acquire+0x2cb0/0x82d8 kernel/locking/lockdep.c:5142 lock_acquire.part.0+0x2c6/0x820 kernel/locking/lockdep.c:5759 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5732 console_lock_spinning_enable kernel/printk/printk.c:1873 [inline] console_emit_next_record kernel/printk/printk.c:2977 [inline] console_flush_all+0x554/0xcf4 kernel/printk/printk.c:3049 console_unlock+0xde/0x296 kernel/printk/printk.c:3118 vprintk_emit kernel/printk/printk.c:2348 [inline] vprintk_emit+0x120/0x5fa kernel/printk/printk.c:2303 vprintk_default+0x26/0x32 kernel/printk/printk.c:2363 vprintk+0x226/0x296 kernel/printk/printk_safe.c:45 _printk+0x98/0xc0 kernel/printk/printk.c:2373 handle_bad_stack+0x9a/0x10c arch/riscv/kernel/traps.c:420 __this_cpu_preempt_check+0x16/0x1e lib/smp_processor_id.c:66 other info that might help us debug this: Chain exists of: console_owner --> &p->pi_lock --> &rq->__lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&rq->__lock); lock(&p->pi_lock); lock(&rq->__lock); lock(console_owner); *** DEADLOCK *** 13 locks held by syz-executor/3179: #0: ff6000001d040d88 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:799 [inline] #0: ff6000001d040d88 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x82/0x246 net/socket.c:658 #1: ff60000017b52718 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1607 [inline] #1: ff60000017b52718 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_close+0x26/0x13e net/ipv4/tcp.c:2961 #2: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: INIT_LIST_HEAD include/linux/list.h:38 [inline] #2: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: list_splice_init include/linux/list.h:573 [inline] #2: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: netif_receive_skb_list_internal+0x358/0xc26 net/core/dev.c:5879 #3: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: __skb_pull include/linux/skbuff.h:2752 [inline] #3: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: ip_local_deliver_finish+0x216/0x57c net/ipv4/ip_input.c:230 #4: ff6000001d41a698 (slock-AF_INET/1){+.-.}-{2:2}, at: tcp_v4_rcv+0x3242/0x47bc net/ipv4/tcp_ipv4.c:2340 #5: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: read_pnet include/net/net_namespace.h:383 [inline] #5: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: sock_net include/net/sock.h:653 [inline] #5: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: __ip_queue_xmit+0x52/0x1b20 net/ipv4/ip_output.c:460 #6: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: lwtunnel_xmit_redirect include/net/lwtunnel.h:98 [inline] #6: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x458/0x2d1e net/ipv4/ip_output.c:221 #7: ffffffff87dc5a20 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x266/0x499c net/core/dev.c:4342 #8: ff6000001872c258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: spin_trylock include/linux/spinlock.h:361 [inline] #8: ff6000001872c258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: qdisc_run_begin include/net/sch_generic.h:197 [inline] #8: ff6000001872c258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: qdisc_run_begin include/net/sch_generic.h:194 [inline] #8: ff6000001872c258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_xmit_skb net/core/dev.c:3796 [inline] #8: ff6000001872c258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x1422/0x499c net/core/dev.c:4389 #9: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: __skb_pull include/linux/skbuff.h:2752 [inline] #9: ffffffff87dc59c0 (rcu_read_lock){....}-{1:2}, at: skb_mac_gso_segment+0x188/0x65c net/core/gso.c:48 #10: ff6000006ec85f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:560 [inline] #10: ff6000006ec85f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1415 [inline] #10: ff6000006ec85f58 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1714 [inline] #10: ff6000006ec85f58 (&rq->__lock){-.-.}-{2:2}, at: sched_tick+0xd2/0x2e8 kernel/sched/core.c:5458 #11: ffffffff87cd2380 (console_lock){+.+.}-{0:0}, at: vprintk_default+0x26/0x32 kernel/printk/printk.c:2363 #12: ffffffff87cd24d0 (console_srcu){....}-{0:0}, at: arch_atomic_read arch/riscv/include/asm/atomic.h:29 [inline] #12: ffffffff87cd24d0 (console_srcu){....}-{0:0}, at: raw_atomic_read include/linux/atomic/atomic-arch-fallback.h:457 [inline] #12: ffffffff87cd24d0 (console_srcu){....}-{0:0}, at: atomic_read include/linux/atomic/atomic-instrumented.h:33 [inline] #12: ffffffff87cd24d0 (console_srcu){....}-{0:0}, at: panic_in_progress kernel/printk/printk.c:347 [inline] #12: ffffffff87cd24d0 (console_srcu){....}-{0:0}, at: console_lock_spinning_enable kernel/printk/printk.c:1864 [inline] #12: ffffffff87cd24d0 (console_srcu){....}-{0:0}, at: console_emit_next_record kernel/printk/printk.c:2977 [inline] #12: ffffffff87cd24d0 (console_srcu){....}-{0:0}, at: console_flush_all+0x112/0xcf4 kernel/printk/printk.c:3049 stack backtrace: CPU: 0 UID: 0 PID: 3179 Comm: syz-executor Not tainted 6.11.0-rc2-syzkaller-g1ff95eb2bebd #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:130 [] show_stack+0x34/0x40 arch/riscv/kernel/stacktrace.c:136 [] __dump_stack lib/dump_stack.c:93 [inline] [] dump_stack_lvl+0x122/0x196 lib/dump_stack.c:119 [] dump_stack+0x1c/0x24 lib/dump_stack.c:128 [] print_circular_bug+0x6ba/0x740 kernel/locking/lockdep.c:2059 [] check_noncircular+0x2ba/0x354 kernel/locking/lockdep.c:2186 [] check_prev_add kernel/locking/lockdep.c:3133 [inline] [] check_prevs_add kernel/locking/lockdep.c:3252 [inline] [] validate_chain kernel/locking/lockdep.c:3868 [inline] [] __lock_acquire+0x2cb0/0x82d8 kernel/locking/lockdep.c:5142 [] lock_acquire.part.0+0x2c6/0x820 kernel/locking/lockdep.c:5759 [] lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5732 [] console_lock_spinning_enable kernel/printk/printk.c:1873 [inline] [] console_emit_next_record kernel/printk/printk.c:2977 [inline] [] console_flush_all+0x554/0xcf4 kernel/printk/printk.c:3049 [] console_unlock+0xde/0x296 kernel/printk/printk.c:3118 [] vprintk_emit kernel/printk/printk.c:2348 [inline] [] vprintk_emit+0x120/0x5fa kernel/printk/printk.c:2303 [] vprintk_default+0x26/0x32 kernel/printk/printk.c:2363 [] vprintk+0x226/0x296 kernel/printk/printk_safe.c:45 [] _printk+0x98/0xc0 kernel/printk/printk.c:2373 [] handle_bad_stack+0x9a/0x10c arch/riscv/kernel/traps.c:420 [] __this_cpu_preempt_check+0x16/0x1e lib/smp_processor_id.c:66 Task stack: [0xff20000002b68000..0xff20000002b6c000] Overflow stack: [0xff6000006ec70070..0xff6000006ec71070] CPU: 0 UID: 0 PID: 3179 Comm: syz-executor Not tainted 6.11.0-rc2-syzkaller-g1ff95eb2bebd #0 Hardware name: riscv-virtio,qemu (DT) epc : check_preemption_disabled+0x2/0xce lib/smp_processor_id.c:13 ra : __this_cpu_preempt_check+0x16/0x1e lib/smp_processor_id.c:66 epc : ffffffff85f3ba80 ra : ffffffff85f3bb88 sp : ff1fffffffffffc0 gp : ffffffff8954c0a0 tp : 0000000000000000 t0 : ff20000000000590 t1 : 0000000000000001 t2 : ff6000001bff0b20 s0 : ff20000000000010 s1 : 0000000000000002 a0 : ffffffff8670f3a0 a1 : ffffffff8643eb20 a2 : 0000000000010304 a3 : 0000000000000000 a4 : ff6000001bff1000 a5 : 0000000000000000 a6 : ffffffff804ac992 a7 : 0000000000000001 s2 : 0000000000000000 s3 : 0000000000000000 s4 : ffffffff87dc59c0 s5 : 1fe400000000000c s6 : 0000000000000000 s7 : ffffffff804ac992 s8 : 0000000000000000 s9 : ffffffff86257708 s10: ffffffff908a1980 s11: 0000000200000120 t3 : ff6000001bff0008 t4 : 0000000000000000 t5 : 1fec0000037fe001 t6 : 1fec0000037fe19f status: 0000000200000100 badaddr: ff1ffffffffffff0 cause: 000000000000000f