===================================================== WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected 6.6.0-rc3-syzkaller-00044-g633b47cb009d #0 Not tainted ----------------------------------------------------- kworker/0:12/28866 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: ffffffff8db5d198 (disc_data_lock){.+.+}-{2:2}, at: ap_get+0x18/0xf0 drivers/net/ppp/ppp_async.c:136 and this task is already holding: ffffffff92561858 (&port_lock_key){-.-.}-{2:2}, at: serial_port_runtime_resume+0xcf/0x330 drivers/tty/serial/serial_port.c:38 which would create a new lock dependency: (&port_lock_key){-.-.}-{2:2} -> (disc_data_lock){.+.+}-{2:2} but this new dependency connects a HARDIRQ-irq-safe lock: (&port_lock_key){-.-.}-{2:2} ... which became HARDIRQ-irq-safe at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x3a/0x50 kernel/locking/spinlock.c:162 serial8250_handle_irq+0x91/0xbd0 drivers/tty/serial/8250/8250_port.c:1921 serial8250_default_handle_irq+0x94/0x210 drivers/tty/serial/8250/8250_port.c:1967 serial8250_interrupt+0xfc/0x200 drivers/tty/serial/8250/8250_core.c:127 __handle_irq_event_percpu+0x22a/0x740 kernel/irq/handle.c:158 handle_irq_event_percpu kernel/irq/handle.c:193 [inline] handle_irq_event+0xab/0x1e0 kernel/irq/handle.c:210 handle_edge_irq+0x261/0xcf0 kernel/irq/chip.c:831 generic_handle_irq_desc include/linux/irqdesc.h:161 [inline] handle_irq arch/x86/kernel/irq.c:238 [inline] __common_interrupt+0xdb/0x240 arch/x86/kernel/irq.c:257 common_interrupt+0xa9/0xd0 arch/x86/kernel/irq.c:247 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:636 native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:86 [inline] acpi_safe_halt+0x1b/0x20 drivers/acpi/processor_idle.c:112 acpi_idle_enter+0xc5/0x160 drivers/acpi/processor_idle.c:707 cpuidle_enter_state+0x82/0x500 drivers/cpuidle/cpuidle.c:267 cpuidle_enter+0x4e/0xa0 drivers/cpuidle/cpuidle.c:388 cpuidle_idle_call kernel/sched/idle.c:215 [inline] do_idle+0x315/0x3f0 kernel/sched/idle.c:282 cpu_startup_entry+0x50/0x60 kernel/sched/idle.c:380 rest_init+0x16f/0x2b0 init/main.c:726 arch_call_rest_init+0x13/0x30 init/main.c:823 start_kernel+0x39f/0x480 init/main.c:1068 x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:556 x86_64_start_kernel+0xb2/0xc0 arch/x86/kernel/head64.c:537 secondary_startup_64_no_verify+0x166/0x16b to a HARDIRQ-irq-unsafe lock: (disc_data_lock){.+.+}-{2:2} ... which became HARDIRQ-irq-unsafe at: ... lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_read_lock include/linux/rwlock_api_smp.h:150 [inline] _raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228 ap_get+0x18/0xf0 drivers/net/ppp/ppp_async.c:136 ppp_asynctty_receive+0x2d/0x15a0 drivers/net/ppp/ppp_async.c:335 tty_ldisc_receive_buf+0x14c/0x180 drivers/tty/tty_buffer.c:391 tty_port_default_receive_buf+0x70/0xb0 drivers/tty/tty_port.c:37 receive_buf drivers/tty/tty_buffer.c:445 [inline] flush_to_ldisc+0x261/0x780 drivers/tty/tty_buffer.c:495 process_one_work+0x884/0x15c0 kernel/workqueue.c:2630 process_scheduled_works kernel/workqueue.c:2703 [inline] worker_thread+0x8b9/0x1290 kernel/workqueue.c:2784 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 other info that might help us debug this: Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(disc_data_lock); local_irq_disable(); lock(&port_lock_key); lock(disc_data_lock); lock(&port_lock_key); *** DEADLOCK *** 4 locks held by kworker/0:12/28866: #0: ffff888141e42538 ((wq_completion)pm){+.+.}-{0:0}, at: process_one_work+0x787/0x15c0 kernel/workqueue.c:2605 #1: ffffc900034d7d80 ((work_completion)(&dev->power.work)){+.+.}-{0:0}, at: process_one_work+0x7e9/0x15c0 kernel/workqueue.c:2606 #2: ffffffff92561858 (&port_lock_key){-.-.}-{2:2}, at: serial_port_runtime_resume+0xcf/0x330 drivers/tty/serial/serial_port.c:38 #3: ffff88807cdbd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref+0x1c/0x80 drivers/tty/tty_ldisc.c:263 the dependencies between HARDIRQ-irq-safe lock and the holding lock: -> (&port_lock_key){-.-.}-{2:2} { IN-HARDIRQ-W at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x3a/0x50 kernel/locking/spinlock.c:162 serial8250_handle_irq+0x91/0xbd0 drivers/tty/serial/8250/8250_port.c:1921 serial8250_default_handle_irq+0x94/0x210 drivers/tty/serial/8250/8250_port.c:1967 serial8250_interrupt+0xfc/0x200 drivers/tty/serial/8250/8250_core.c:127 __handle_irq_event_percpu+0x22a/0x740 kernel/irq/handle.c:158 handle_irq_event_percpu kernel/irq/handle.c:193 [inline] handle_irq_event+0xab/0x1e0 kernel/irq/handle.c:210 handle_edge_irq+0x261/0xcf0 kernel/irq/chip.c:831 generic_handle_irq_desc include/linux/irqdesc.h:161 [inline] handle_irq arch/x86/kernel/irq.c:238 [inline] __common_interrupt+0xdb/0x240 arch/x86/kernel/irq.c:257 common_interrupt+0xa9/0xd0 arch/x86/kernel/irq.c:247 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:636 native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:86 [inline] acpi_safe_halt+0x1b/0x20 drivers/acpi/processor_idle.c:112 acpi_idle_enter+0xc5/0x160 drivers/acpi/processor_idle.c:707 cpuidle_enter_state+0x82/0x500 drivers/cpuidle/cpuidle.c:267 cpuidle_enter+0x4e/0xa0 drivers/cpuidle/cpuidle.c:388 cpuidle_idle_call kernel/sched/idle.c:215 [inline] do_idle+0x315/0x3f0 kernel/sched/idle.c:282 cpu_startup_entry+0x50/0x60 kernel/sched/idle.c:380 rest_init+0x16f/0x2b0 init/main.c:726 arch_call_rest_init+0x13/0x30 init/main.c:823 start_kernel+0x39f/0x480 init/main.c:1068 x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:556 x86_64_start_kernel+0xb2/0xc0 arch/x86/kernel/head64.c:537 secondary_startup_64_no_verify+0x166/0x16b IN-SOFTIRQ-W at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x3a/0x50 kernel/locking/spinlock.c:162 serial8250_handle_irq+0x91/0xbd0 drivers/tty/serial/8250/8250_port.c:1921 serial8250_default_handle_irq+0x94/0x210 drivers/tty/serial/8250/8250_port.c:1967 serial8250_interrupt+0xfc/0x200 drivers/tty/serial/8250/8250_core.c:127 __handle_irq_event_percpu+0x22a/0x740 kernel/irq/handle.c:158 handle_irq_event_percpu kernel/irq/handle.c:193 [inline] handle_irq_event+0xab/0x1e0 kernel/irq/handle.c:210 handle_edge_irq+0x261/0xcf0 kernel/irq/chip.c:831 generic_handle_irq_desc include/linux/irqdesc.h:161 [inline] handle_irq arch/x86/kernel/irq.c:238 [inline] __common_interrupt+0xdb/0x240 arch/x86/kernel/irq.c:257 common_interrupt+0xa9/0xd0 arch/x86/kernel/irq.c:247 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:636 __sanitizer_cov_trace_cmp8+0x0/0x20 kernel/kcov.c:278 orc_find arch/x86/kernel/unwind_orc.c:206 [inline] unwind_next_frame+0x1d2/0x2390 arch/x86/kernel/unwind_orc.c:494 arch_stack_walk+0xfa/0x170 arch/x86/kernel/stacktrace.c:25 stack_trace_save+0x96/0xd0 kernel/stacktrace.c:122 kasan_save_stack+0x33/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 kasan_save_free_info+0x2b/0x40 mm/kasan/generic.c:522 ____kasan_slab_free mm/kasan/common.c:236 [inline] ____kasan_slab_free+0x15b/0x1b0 mm/kasan/common.c:200 kasan_slab_free include/linux/kasan.h:164 [inline] slab_free_hook mm/slub.c:1800 [inline] slab_free_freelist_hook+0x114/0x1e0 mm/slub.c:1826 slab_free mm/slub.c:3809 [inline] kmem_cache_free+0xf0/0x480 mm/slub.c:3831 vma_lock_free kernel/fork.c:471 [inline] __vm_area_free+0xee/0x140 kernel/fork.c:527 rcu_do_batch kernel/rcu/tree.c:2139 [inline] rcu_core+0x805/0x1bb0 kernel/rcu/tree.c:2403 __do_softirq+0x218/0x965 kernel/softirq.c:553 run_ksoftirqd kernel/softirq.c:921 [inline] run_ksoftirqd+0x31/0x60 kernel/softirq.c:913 smpboot_thread_fn+0x660/0xa00 kernel/smpboot.c:164 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x3a/0x50 kernel/locking/spinlock.c:162 serial8250_do_set_termios+0x334/0x1240 drivers/tty/serial/8250/8250_port.c:2798 serial8250_set_termios+0x6b/0x80 drivers/tty/serial/8250/8250_port.c:2917 uart_set_options+0x316/0x5f0 drivers/tty/serial/serial_core.c:2278 serial8250_console_setup+0x18a/0x430 drivers/tty/serial/8250/8250_port.c:3512 univ8250_console_setup+0x168/0x210 drivers/tty/serial/8250/8250_core.c:632 try_enable_preferred_console+0x24d/0x470 kernel/printk/printk.c:3294 register_console+0x331/0x10d0 kernel/printk/printk.c:3467 univ8250_console_init+0x35/0x50 drivers/tty/serial/8250/8250_core.c:717 console_init+0xba/0x5c0 kernel/printk/printk.c:3667 start_kernel+0x25a/0x480 init/main.c:1004 x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:556 x86_64_start_kernel+0xb2/0xc0 arch/x86/kernel/head64.c:537 secondary_startup_64_no_verify+0x166/0x16b } ... key at: [] port_lock_key+0x0/0x40 the dependencies between the lock to be acquired and HARDIRQ-irq-unsafe lock: -> (disc_data_lock){.+.+}-{2:2} { HARDIRQ-ON-R at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_read_lock include/linux/rwlock_api_smp.h:150 [inline] _raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228 ap_get+0x18/0xf0 drivers/net/ppp/ppp_async.c:136 ppp_asynctty_receive+0x2d/0x15a0 drivers/net/ppp/ppp_async.c:335 tty_ldisc_receive_buf+0x14c/0x180 drivers/tty/tty_buffer.c:391 tty_port_default_receive_buf+0x70/0xb0 drivers/tty/tty_port.c:37 receive_buf drivers/tty/tty_buffer.c:445 [inline] flush_to_ldisc+0x261/0x780 drivers/tty/tty_buffer.c:495 process_one_work+0x884/0x15c0 kernel/workqueue.c:2630 process_scheduled_works kernel/workqueue.c:2703 [inline] worker_thread+0x8b9/0x1290 kernel/workqueue.c:2784 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 SOFTIRQ-ON-R at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_read_lock include/linux/rwlock_api_smp.h:150 [inline] _raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228 ap_get+0x18/0xf0 drivers/net/ppp/ppp_async.c:136 ppp_asynctty_receive+0x2d/0x15a0 drivers/net/ppp/ppp_async.c:335 tty_ldisc_receive_buf+0x14c/0x180 drivers/tty/tty_buffer.c:391 tty_port_default_receive_buf+0x70/0xb0 drivers/tty/tty_port.c:37 receive_buf drivers/tty/tty_buffer.c:445 [inline] flush_to_ldisc+0x261/0x780 drivers/tty/tty_buffer.c:495 process_one_work+0x884/0x15c0 kernel/workqueue.c:2630 process_scheduled_works kernel/workqueue.c:2703 [inline] worker_thread+0x8b9/0x1290 kernel/workqueue.c:2784 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_write_lock_irq include/linux/rwlock_api_smp.h:195 [inline] _raw_write_lock_irq+0x36/0x50 kernel/locking/spinlock.c:326 ppp_asynctty_close+0x1c/0x1c0 drivers/net/ppp/ppp_async.c:219 tty_ldisc_close+0x111/0x190 drivers/tty/tty_ldisc.c:455 tty_ldisc_kill+0x8e/0x150 drivers/tty/tty_ldisc.c:607 tty_ldisc_release+0x116/0x2a0 drivers/tty/tty_ldisc.c:775 tty_release_struct+0x23/0xe0 drivers/tty/tty_io.c:1688 tty_release+0xe2c/0x1420 drivers/tty/tty_io.c:1859 __fput+0x3f7/0xa70 fs/file_table.c:384 __fput_sync+0x47/0x50 fs/file_table.c:465 __do_sys_close fs/open.c:1572 [inline] __se_sys_close fs/open.c:1557 [inline] __ia32_sys_close+0x87/0xf0 fs/open.c:1557 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline] __do_fast_syscall_32+0x61/0xe0 arch/x86/entry/common.c:178 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203 entry_SYSENTER_compat_after_hwframe+0x70/0x82 INITIAL READ USE at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_read_lock include/linux/rwlock_api_smp.h:150 [inline] _raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228 ap_get+0x18/0xf0 drivers/net/ppp/ppp_async.c:136 ppp_asynctty_receive+0x2d/0x15a0 drivers/net/ppp/ppp_async.c:335 tty_ldisc_receive_buf+0x14c/0x180 drivers/tty/tty_buffer.c:391 tty_port_default_receive_buf+0x70/0xb0 drivers/tty/tty_port.c:37 receive_buf drivers/tty/tty_buffer.c:445 [inline] flush_to_ldisc+0x261/0x780 drivers/tty/tty_buffer.c:495 process_one_work+0x884/0x15c0 kernel/workqueue.c:2630 process_scheduled_works kernel/workqueue.c:2703 [inline] worker_thread+0x8b9/0x1290 kernel/workqueue.c:2784 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 } ... key at: [] disc_data_lock+0x18/0x60 ... acquired at: lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_read_lock include/linux/rwlock_api_smp.h:150 [inline] _raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228 ap_get+0x18/0xf0 drivers/net/ppp/ppp_async.c:136 ppp_asynctty_wakeup+0x18/0xb0 drivers/net/ppp/ppp_async.c:352 tty_wakeup+0xe5/0x120 drivers/tty/tty_io.c:523 tty_port_default_wakeup+0x2a/0x40 drivers/tty/tty_port.c:69 serial8250_tx_chars+0x542/0xf60 drivers/tty/serial/8250/8250_port.c:1843 __start_tx drivers/tty/serial/8250/8250_port.c:1552 [inline] serial8250_start_tx+0x7a8/0x980 drivers/tty/serial/8250/8250_port.c:1661 serial_port_runtime_resume+0x29e/0x330 drivers/tty/serial/serial_port.c:40 __rpm_callback+0xc5/0x4c0 drivers/base/power/runtime.c:392 rpm_callback+0x1da/0x220 drivers/base/power/runtime.c:446 rpm_resume+0xdb5/0x1980 drivers/base/power/runtime.c:912 pm_runtime_work+0x12e/0x180 drivers/base/power/runtime.c:977 process_one_work+0x884/0x15c0 kernel/workqueue.c:2630 process_scheduled_works kernel/workqueue.c:2703 [inline] worker_thread+0x8b9/0x1290 kernel/workqueue.c:2784 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 stack backtrace: CPU: 0 PID: 28866 Comm: kworker/0:12 Not tainted 6.6.0-rc3-syzkaller-00044-g633b47cb009d #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023 Workqueue: pm pm_runtime_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106 print_bad_irq_dependency kernel/locking/lockdep.c:2626 [inline] check_irq_usage+0x10b8/0x1c70 kernel/locking/lockdep.c:2865 check_prev_add kernel/locking/lockdep.c:3138 [inline] check_prevs_add kernel/locking/lockdep.c:3253 [inline] validate_chain kernel/locking/lockdep.c:3868 [inline] __lock_acquire+0x2e53/0x5de0 kernel/locking/lockdep.c:5136 lock_acquire kernel/locking/lockdep.c:5753 [inline] lock_acquire+0x1ae/0x510 kernel/locking/lockdep.c:5718 __raw_read_lock include/linux/rwlock_api_smp.h:150 [inline] _raw_read_lock+0x5f/0x70 kernel/locking/spinlock.c:228 ap_get+0x18/0xf0 drivers/net/ppp/ppp_async.c:136 ppp_asynctty_wakeup+0x18/0xb0 drivers/net/ppp/ppp_async.c:352 tty_wakeup+0xe5/0x120 drivers/tty/tty_io.c:523 tty_port_default_wakeup+0x2a/0x40 drivers/tty/tty_port.c:69 serial8250_tx_chars+0x542/0xf60 drivers/tty/serial/8250/8250_port.c:1843 __start_tx drivers/tty/serial/8250/8250_port.c:1552 [inline] serial8250_start_tx+0x7a8/0x980 drivers/tty/serial/8250/8250_port.c:1661 serial_port_runtime_resume+0x29e/0x330 drivers/tty/serial/serial_port.c:40 __rpm_callback+0xc5/0x4c0 drivers/base/power/runtime.c:392 rpm_callback+0x1da/0x220 drivers/base/power/runtime.c:446 rpm_resume+0xdb5/0x1980 drivers/base/power/runtime.c:912 pm_runtime_work+0x12e/0x180 drivers/base/power/runtime.c:977 process_one_work+0x884/0x15c0 kernel/workqueue.c:2630 process_scheduled_works kernel/workqueue.c:2703 [inline] worker_thread+0x8b9/0x1290 kernel/workqueue.c:2784 kthread+0x33c/0x440 kernel/kthread.c:388 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 usb 4-1: new high-speed USB device number 71 using dummy_hcd usb 4-1: Using ep0 maxpacket: 32 usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 usb 4-1: Product: syz usb 4-1: Manufacturer: syz usb 4-1: SerialNumber: syz cdc_ether: probe of 4-1:1.0 failed with error -22 usb 3-1: USB disconnect, device number 66 usb 3-1: USB disconnect, device number 67 usb 3-1: new high-speed USB device number 68 using dummy_hcd usb 3-1: Using ep0 maxpacket: 32 usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 usb 3-1: Product: syz usb 3-1: Manufacturer: syz usb 3-1: SerialNumber: syz cdc_ether: probe of 3-1:1.0 failed with error -22