Warning: Permanently added '10.128.10.37' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 65.304678][ T8381] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 65.328601][ T8381] [ 65.330939][ T8381] ======================================================== [ 65.338123][ T8381] WARNING: possible irq lock inversion dependency detected [ 65.345308][ T8381] 5.12.0-rc3-syzkaller #0 Not tainted [ 65.350673][ T8381] -------------------------------------------------------- [ 65.357928][ T8381] syz-executor859/8381 just changed the state of lock: [ 65.369003][ T8381] ffffc9000162a230 (&kvm->arch.pvclock_gtod_sync_lock){+...}-{2:2}, at: kvm_synchronize_tsc+0x459/0x1230 [ 65.380219][ T8381] but this lock was taken by another, HARDIRQ-safe lock in the past: [ 65.388260][ T8381] (&rq->lock){-.-.}-{2:2} [ 65.388280][ T8381] [ 65.388280][ T8381] [ 65.388280][ T8381] and interrupts could create inverse lock ordering between them. [ 65.388280][ T8381] [ 65.407001][ T8381] [ 65.407001][ T8381] other info that might help us debug this: [ 65.415040][ T8381] Possible interrupt unsafe locking scenario: [ 65.415040][ T8381] [ 65.423337][ T8381] CPU0 CPU1 [ 65.428693][ T8381] ---- ---- [ 65.434040][ T8381] lock(&kvm->arch.pvclock_gtod_sync_lock); [ 65.440006][ T8381] local_irq_disable(); [ 65.446740][ T8381] lock(&rq->lock); [ 65.453269][ T8381] lock(&kvm->arch.pvclock_gtod_sync_lock); [ 65.461746][ T8381] [ 65.465178][ T8381] lock(&rq->lock); [ 65.469225][ T8381] [ 65.469225][ T8381] *** DEADLOCK *** [ 65.469225][ T8381] [ 65.477357][ T8381] 1 lock held by syz-executor859/8381: [ 65.482808][ T8381] #0: ffff8880316e80c8 (&vcpu->mutex){+.+.}-{3:3}, at: kvm_arch_vcpu_postcreate+0x3e/0x180 [ 65.492883][ T8381] [ 65.492883][ T8381] the shortest dependencies between 2nd lock and 1st lock: [ 65.502246][ T8381] -> (&rq->lock){-.-.}-{2:2} { [ 65.507087][ T8381] IN-HARDIRQ-W at: [ 65.511148][ T8381] lock_acquire+0x1ab/0x740 [ 65.517473][ T8381] _raw_spin_lock+0x2a/0x40 [ 65.523805][ T8381] scheduler_tick+0xa4/0x4b0 [ 65.530217][ T8381] update_process_times+0x191/0x200 [ 65.537220][ T8381] tick_periodic+0x79/0x230 [ 65.543540][ T8381] tick_handle_periodic+0x41/0x120 [ 65.550459][ T8381] timer_interrupt+0x3f/0x60 [ 65.556856][ T8381] __handle_irq_event_percpu+0x303/0x8f0 [ 65.564296][ T8381] handle_irq_event+0x102/0x290 [ 65.570954][ T8381] handle_level_irq+0x256/0x6e0 [ 65.578179][ T8381] __common_interrupt+0x9e/0x200 [ 65.585386][ T8381] common_interrupt+0x9f/0xd0 [ 65.591875][ T8381] asm_common_interrupt+0x1e/0x40 [ 65.598711][ T8381] _raw_spin_unlock_irqrestore+0x38/0x70 [ 65.606152][ T8381] __setup_irq+0xc72/0x1ce0 [ 65.612460][ T8381] request_threaded_irq+0x28a/0x3b0 [ 65.619466][ T8381] hpet_time_init+0x28/0x42 [ 65.625788][ T8381] x86_late_time_init+0x58/0x94 [ 65.632450][ T8381] start_kernel+0x3ee/0x496 [ 65.638878][ T8381] secondary_startup_64_no_verify+0xb0/0xbb [ 65.646586][ T8381] IN-SOFTIRQ-W at: [ 65.650636][ T8381] lock_acquire+0x1ab/0x740 [ 65.656948][ T8381] _raw_spin_lock+0x2a/0x40 [ 65.663261][ T8381] try_to_wake_up+0x5e6/0x14a0 [ 65.669835][ T8381] call_timer_fn+0x1a5/0x6b0 [ 65.676246][ T8381] __run_timers.part.0+0x67c/0xa50 [ 65.683172][ T8381] run_timer_softirq+0xb3/0x1d0 [ 65.689827][ T8381] __do_softirq+0x29b/0x9f6 [ 65.696145][ T8381] irq_exit_rcu+0x134/0x200 [ 65.702462][ T8381] sysvec_apic_timer_interrupt+0x93/0xc0 [ 65.709899][ T8381] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 65.717689][ T8381] delay_tsc+0x2e/0xb0 [ 65.723568][ T8381] try_check_zero+0x223/0x430 [ 65.730061][ T8381] process_srcu+0x2f2/0xe90 [ 65.736385][ T8381] process_one_work+0x98d/0x1600 [ 65.743131][ T8381] worker_thread+0x64c/0x1120 [ 65.749625][ T8381] kthread+0x3b1/0x4a0 [ 65.755510][ T8381] ret_from_fork+0x1f/0x30 [ 65.761832][ T8381] INITIAL USE at: [ 65.765805][ T8381] lock_acquire+0x1ab/0x740 [ 65.772036][ T8381] _raw_spin_lock_irqsave+0x39/0x50 [ 65.778961][ T8381] rq_attach_root+0x20/0x2e0 [ 65.785279][ T8381] sched_init+0x6e8/0xbf3 [ 65.791328][ T8381] start_kernel+0x18e/0x496 [ 65.797550][ T8381] secondary_startup_64_no_verify+0xb0/0xbb [ 65.805523][ T8381] } [ 65.808089][ T8381] ... key at: [] __key.298+0x0/0x40 [ 65.815445][ T8381] ... acquired at: [ 65.819312][ T8381] _raw_spin_lock+0x2a/0x40 [ 65.824033][ T8381] get_kvmclock_ns+0x25/0x390 [ 65.828868][ T8381] kvm_xen_update_runstate+0x3d/0x2c0 [ 65.834394][ T8381] kvm_xen_update_runstate_guest+0x74/0x320 [ 65.840442][ T8381] kvm_arch_vcpu_put+0x2d8/0x5a0 [ 65.845535][ T8381] kvm_sched_out+0xbf/0x100 [ 65.850194][ T8381] __schedule+0xfd0/0x21b0 [ 65.854768][ T8381] preempt_schedule_common+0x45/0xc0 [ 65.860204][ T8381] preempt_schedule_thunk+0x16/0x18 [ 65.865561][ T8381] _raw_spin_unlock_irqrestore+0x57/0x70 [ 65.871349][ T8381] kvm_synchronize_tsc+0x451/0x1230 [ 65.876705][ T8381] kvm_arch_vcpu_postcreate+0x73/0x180 [ 65.882335][ T8381] kvm_vm_ioctl+0x1b2d/0x2800 [ 65.887219][ T8381] kvm_vm_compat_ioctl+0x125/0x230 [ 65.892484][ T8381] __do_compat_sys_ioctl+0x1d3/0x230 [ 65.897924][ T8381] __do_fast_syscall_32+0x56/0x90 [ 65.903110][ T8381] do_fast_syscall_32+0x2f/0x70 [ 65.908116][ T8381] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 65.914601][ T8381] [ 65.916904][ T8381] -> (&kvm->arch.pvclock_gtod_sync_lock){+...}-{2:2} { [ 65.923744][ T8381] HARDIRQ-ON-W at: [ 65.927735][ T8381] lock_acquire+0x1ab/0x740 [ 65.933870][ T8381] _raw_spin_lock+0x2a/0x40 [ 65.940111][ T8381] kvm_synchronize_tsc+0x459/0x1230 [ 65.946943][ T8381] kvm_arch_vcpu_postcreate+0x73/0x180 [ 65.954042][ T8381] kvm_vm_ioctl+0x1b2d/0x2800 [ 65.960353][ T8381] kvm_vm_compat_ioctl+0x125/0x230 [ 65.967101][ T8381] __do_compat_sys_ioctl+0x1d3/0x230 [ 65.974020][ T8381] __do_fast_syscall_32+0x56/0x90 [ 65.980678][ T8381] do_fast_syscall_32+0x2f/0x70 [ 65.987157][ T8381] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 65.995122][ T8381] INITIAL USE at: [ 65.999003][ T8381] lock_acquire+0x1ab/0x740 [ 66.005049][ T8381] _raw_spin_lock+0x2a/0x40 [ 66.011096][ T8381] get_kvmclock_ns+0x25/0x390 [ 66.017319][ T8381] kvm_xen_update_runstate+0x3d/0x2c0 [ 66.024235][ T8381] kvm_xen_update_runstate_guest+0x74/0x320 [ 66.031673][ T8381] kvm_arch_vcpu_put+0x2d8/0x5a0 [ 66.038161][ T8381] kvm_sched_out+0xbf/0x100 [ 66.044211][ T8381] __schedule+0xfd0/0x21b0 [ 66.050173][ T8381] preempt_schedule_common+0x45/0xc0 [ 66.057001][ T8381] preempt_schedule_thunk+0x16/0x18 [ 66.063786][ T8381] _raw_spin_unlock_irqrestore+0x57/0x70 [ 66.070962][ T8381] kvm_synchronize_tsc+0x451/0x1230 [ 66.077752][ T8381] kvm_arch_vcpu_postcreate+0x73/0x180 [ 66.084774][ T8381] kvm_vm_ioctl+0x1b2d/0x2800 [ 66.090995][ T8381] kvm_vm_compat_ioctl+0x125/0x230 [ 66.097650][ T8381] __do_compat_sys_ioctl+0x1d3/0x230 [ 66.104483][ T8381] __do_fast_syscall_32+0x56/0x90 [ 66.111057][ T8381] do_fast_syscall_32+0x2f/0x70 [ 66.117463][ T8381] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 66.125337][ T8381] } [ 66.127815][ T8381] ... key at: [] __key.4+0x0/0x40 [ 66.134903][ T8381] ... acquired at: [ 66.138725][ T8381] __lock_acquire+0x837/0x54c0 [ 66.143643][ T8381] lock_acquire+0x1ab/0x740 [ 66.148301][ T8381] _raw_spin_lock+0x2a/0x40 [ 66.153095][ T8381] kvm_synchronize_tsc+0x459/0x1230 [ 66.158451][ T8381] kvm_arch_vcpu_postcreate+0x73/0x180 [ 66.164067][ T8381] kvm_vm_ioctl+0x1b2d/0x2800 [ 66.168898][ T8381] kvm_vm_compat_ioctl+0x125/0x230 [ 66.174163][ T8381] __do_compat_sys_ioctl+0x1d3/0x230 [ 66.179604][ T8381] __do_fast_syscall_32+0x56/0x90 [ 66.184785][ T8381] do_fast_syscall_32+0x2f/0x70 [ 66.189786][ T8381] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 66.196308][ T8381] [ 66.198614][ T8381] [ 66.198614][ T8381] stack backtrace: [ 66.204487][ T8381] CPU: 1 PID: 8381 Comm: syz-executor859 Not tainted 5.12.0-rc3-syzkaller #0 [ 66.213223][ T8381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.223255][ T8381] Call Trace: [ 66.226519][ T8381] dump_stack+0x141/0x1d7 [ 66.230851][ T8381] mark_lock.cold+0x1d/0x8e [ 66.235340][ T8381] ? lock_chain_count+0x20/0x20 [ 66.240173][ T8381] ? __pi_post_block+0x580/0x580 [ 66.245098][ T8381] ? vmx_prepare_switch_to_guest+0x820/0x820 [ 66.251072][ T8381] ? find_held_lock+0x2d/0x110 [ 66.255825][ T8381] __lock_acquire+0x837/0x54c0 [ 66.260574][ T8381] ? finish_task_switch.isra.0+0x239/0x810 [ 66.266361][ T8381] ? __switch_to+0x57c/0x1090 [ 66.271022][ T8381] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 66.277002][ T8381] lock_acquire+0x1ab/0x740 [ 66.281507][ T8381] ? kvm_synchronize_tsc+0x459/0x1230 [ 66.286866][ T8381] ? lock_release+0x720/0x720 [ 66.291524][ T8381] ? preempt_schedule_thunk+0x16/0x18 [ 66.296880][ T8381] ? preempt_schedule_common+0x59/0xc0 [ 66.302320][ T8381] ? preempt_schedule_thunk+0x16/0x18 [ 66.307673][ T8381] _raw_spin_lock+0x2a/0x40 [ 66.312159][ T8381] ? kvm_synchronize_tsc+0x459/0x1230 [ 66.317514][ T8381] kvm_synchronize_tsc+0x459/0x1230 [ 66.322700][ T8381] kvm_arch_vcpu_postcreate+0x73/0x180 [ 66.328163][ T8381] kvm_vm_ioctl+0x1b2d/0x2800 [ 66.332826][ T8381] ? kvm_unregister_device_ops+0x90/0x90 [ 66.338463][ T8381] ? find_held_lock+0x2d/0x110 [ 66.343207][ T8381] ? tomoyo_path_number_perm+0x204/0x590 [ 66.348866][ T8381] ? lock_downgrade+0x6e0/0x6e0 [ 66.353698][ T8381] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 66.359921][ T8381] ? tomoyo_path_number_perm+0x441/0x590 [ 66.365544][ T8381] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 66.371814][ T8381] ? tomoyo_path_number_perm+0x24e/0x590 [ 66.377451][ T8381] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 66.383780][ T8381] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 66.390018][ T8381] ? do_vfs_ioctl+0x27d/0x1090 [ 66.394776][ T8381] ? generic_block_fiemap+0x60/0x60 [ 66.399959][ T8381] ? find_held_lock+0x2d/0x110 [ 66.404714][ T8381] kvm_vm_compat_ioctl+0x125/0x230 [ 66.409811][ T8381] ? lock_downgrade+0x6e0/0x6e0 [ 66.414771][ T8381] ? kvm_vm_ioctl+0x2800/0x2800 [ 66.419617][ T8381] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 66.425845][ T8381] ? kvm_vm_ioctl+0x2800/0x2800 [ 66.430678][ T8381] __do_compat_sys_ioctl+0x1d3/0x230 [ 66.435959][ T8381] __do_fast_syscall_32+0x56/0x90 [ 66.440975][ T8381] do_fast_syscall_32+0x2f/0x70 [ 66.445857][ T8381] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 66.452173][ T8381] RIP: 0023:0xf7fde549 [ 66.456261][ T8381] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 66.475848][ T8381] RSP: 002b:00000000ff89f2ec EFLAGS: 00000217 ORIG_RAX: 0000000000000036 [ 66.484417][ T8381] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000ae41 [ 66.492372][ T8381] RDX: 0000000000000000 RSI: 0000000000000036 RDI: 0000000000000004 [ 66.500432][ T8381] RBP: 000000004038ae7a R08: 0000000000000000 R09: 0000000000000000 executing program [ 66.508381][ T8381] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 66.516329][ T8381] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program