syzbot |
sign-in | mailing list | source | docs | 🏰 |
=====================================================
WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
syzkaller #0 Tainted: G L
-----------------------------------------------------
syz.2.23436/16104 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
ffff888075a1a320 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370 fs/fcntl.c:918
and this task is already holding:
ffff88804abc0750 (&new->fa_lock){....}-{3:3}, at: kill_fasync_rcu fs/fcntl.c:1135 [inline]
ffff88804abc0750 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x199/0x4d0 fs/fcntl.c:1159
which would create a new lock dependency:
(&new->fa_lock){....}-{3:3} -> (&f_owner->lock){....}-{3:3}
but this new dependency connects a SOFTIRQ-irq-safe lock:
(&client->buffer_lock){..-.}-{3:3}
... which became SOFTIRQ-irq-safe at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_spin_lock include/linux/spinlock_api_smp.h:158 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:158
spin_lock include/linux/spinlock.h:342 [inline]
evdev_pass_values+0xb9/0xbd0 drivers/input/evdev.c:261
evdev_events+0x1e6/0x340 drivers/input/evdev.c:306
input_pass_values+0x288/0x890 drivers/input/input.c:128
input_event_dispose+0x330/0x6b0 drivers/input/input.c:342
input_event+0x84/0xc0 drivers/input/input.c:396
input_sync include/linux/input.h:464 [inline]
xpad360_process_packet+0x641/0xdc0 drivers/input/joystick/xpad.c:933
xpad_irq_in+0x14e/0x25c0 drivers/input/joystick/xpad.c:1226
__usb_hcd_giveback_urb+0x376/0x540 drivers/usb/core/hcd.c:1657
dummy_timer+0xbc0/0x4650 drivers/usb/gadget/udc/dummy_hcd.c:2005
__run_hrtimer kernel/time/hrtimer.c:1930 [inline]
__hrtimer_run_queues+0x3c0/0xa20 kernel/time/hrtimer.c:1994
hrtimer_run_softirq+0x17a/0x240 kernel/time/hrtimer.c:2011
handle_softirqs+0x22a/0x840 kernel/softirq.c:622
__do_softirq kernel/softirq.c:656 [inline]
invoke_softirq kernel/softirq.c:496 [inline]
__irq_exit_rcu+0xca/0x220 kernel/softirq.c:735
irq_exit_rcu+0x9/0x30 kernel/softirq.c:752
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1061 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1061
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
unwind_get_return_address+0x68/0x90 arch/x86/kernel/unwind_orc.c:386
arch_stack_walk+0xfb/0x150 arch/x86/kernel/stacktrace.c:26
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:57 [inline]
kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
poison_kmalloc_redzone mm/kasan/common.c:398 [inline]
__kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:415
kasan_kmalloc include/linux/kasan.h:263 [inline]
__kmalloc_cache_noprof+0x31c/0x660 mm/slub.c:5419
kmalloc_noprof include/linux/slab.h:950 [inline]
dummy_urb_enqueue+0x7c/0x780 drivers/usb/gadget/udc/dummy_hcd.c:1277
usb_hcd_submit_urb+0x328/0x1b70 drivers/usb/core/hcd.c:1542
usb_start_wait_urb+0x13f/0x5b0 drivers/usb/core/message.c:62
usb_internal_control_msg drivers/usb/core/message.c:117 [inline]
usb_control_msg+0x234/0x3e0 drivers/usb/core/message.c:167
usb_control_msg_recv+0xd2/0x170 drivers/usb/core/message.c:291
xpad_start_input+0x242/0x310 drivers/input/joystick/xpad.c:1789
input_open_device+0x1f8/0x3b0 drivers/input/input.c:601
evdev_open_device drivers/input/evdev.c:391 [inline]
evdev_open+0x4b1/0x5b0 drivers/input/evdev.c:478
chrdev_open+0x4cd/0x5e0 fs/char_dev.c:411
do_dentry_open+0x785/0x14e0 fs/open.c:947
vfs_open+0x3b/0x340 fs/open.c:1079
do_open fs/namei.c:4699 [inline]
path_openat+0x2e08/0x3860 fs/namei.c:4858
do_file_open+0x23e/0x4a0 fs/namei.c:4887
do_sys_openat2+0x113/0x200 fs/open.c:1364
do_sys_open fs/open.c:1370 [inline]
__do_sys_openat fs/open.c:1386 [inline]
__se_sys_openat fs/open.c:1381 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1381
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
to a SOFTIRQ-irq-unsafe lock:
(tasklist_lock){.+.+}-{3:3}
... which became SOFTIRQ-irq-unsafe at:
...
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:163 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:232
__do_wait+0xde/0x740 kernel/exit.c:1677
do_wait+0x1e7/0x510 kernel/exit.c:1721
kernel_wait+0xd6/0x1c0 kernel/exit.c:1897
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xbe/0x230 kernel/umh.c:163
process_one_work kernel/workqueue.c:3302 [inline]
process_scheduled_works+0xb5d/0x1860 kernel/workqueue.c:3385
worker_thread+0xa53/0xfc0 kernel/workqueue.c:3466
kthread+0x388/0x470 kernel/kthread.c:436
ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
other info that might help us debug this:
Chain exists of:
&client->buffer_lock --> &new->fa_lock --> tasklist_lock
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(tasklist_lock);
local_irq_disable();
lock(&client->buffer_lock);
lock(&new->fa_lock);
<Interrupt>
lock(&client->buffer_lock);
*** DEADLOCK ***
4 locks held by syz.2.23436/16104:
#0: ffffffff8eb03ef0 (file_rwsem){++++}-{0:0}, at: __break_lease+0x4e1/0x1ea0 fs/locks.c:1640
#1: ffff888064a56228 (&ctx->flc_lock){+.+.}-{3:3}, at: spin_lock include/linux/spinlock.h:342 [inline]
#1: ffff888064a56228 (&ctx->flc_lock){+.+.}-{3:3}, at: __break_lease+0x4eb/0x1ea0 fs/locks.c:1641
#2: ffffffff8e95cd60 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:300 [inline]
#2: ffffffff8e95cd60 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:838 [inline]
#2: ffffffff8e95cd60 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x53/0x4d0 fs/fcntl.c:1158
#3: ffff88804abc0750 (&new->fa_lock){....}-{3:3}, at: kill_fasync_rcu fs/fcntl.c:1135 [inline]
#3: ffff88804abc0750 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x199/0x4d0 fs/fcntl.c:1159
the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
-> (&client->buffer_lock){..-.}-{3:3} {
IN-SOFTIRQ-W at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_spin_lock include/linux/spinlock_api_smp.h:158 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:158
spin_lock include/linux/spinlock.h:342 [inline]
evdev_pass_values+0xb9/0xbd0 drivers/input/evdev.c:261
evdev_events+0x1e6/0x340 drivers/input/evdev.c:306
input_pass_values+0x288/0x890 drivers/input/input.c:128
input_event_dispose+0x330/0x6b0 drivers/input/input.c:342
input_event+0x84/0xc0 drivers/input/input.c:396
input_sync include/linux/input.h:464 [inline]
xpad360_process_packet+0x641/0xdc0 drivers/input/joystick/xpad.c:933
xpad_irq_in+0x14e/0x25c0 drivers/input/joystick/xpad.c:1226
__usb_hcd_giveback_urb+0x376/0x540 drivers/usb/core/hcd.c:1657
dummy_timer+0xbc0/0x4650 drivers/usb/gadget/udc/dummy_hcd.c:2005
__run_hrtimer kernel/time/hrtimer.c:1930 [inline]
__hrtimer_run_queues+0x3c0/0xa20 kernel/time/hrtimer.c:1994
hrtimer_run_softirq+0x17a/0x240 kernel/time/hrtimer.c:2011
handle_softirqs+0x22a/0x840 kernel/softirq.c:622
__do_softirq kernel/softirq.c:656 [inline]
invoke_softirq kernel/softirq.c:496 [inline]
__irq_exit_rcu+0xca/0x220 kernel/softirq.c:735
irq_exit_rcu+0x9/0x30 kernel/softirq.c:752
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1061 [inline]
sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1061
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
unwind_get_return_address+0x68/0x90 arch/x86/kernel/unwind_orc.c:386
arch_stack_walk+0xfb/0x150 arch/x86/kernel/stacktrace.c:26
stack_trace_save+0xa9/0x100 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:57 [inline]
kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
poison_kmalloc_redzone mm/kasan/common.c:398 [inline]
__kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:415
kasan_kmalloc include/linux/kasan.h:263 [inline]
__kmalloc_cache_noprof+0x31c/0x660 mm/slub.c:5419
kmalloc_noprof include/linux/slab.h:950 [inline]
dummy_urb_enqueue+0x7c/0x780 drivers/usb/gadget/udc/dummy_hcd.c:1277
usb_hcd_submit_urb+0x328/0x1b70 drivers/usb/core/hcd.c:1542
usb_start_wait_urb+0x13f/0x5b0 drivers/usb/core/message.c:62
usb_internal_control_msg drivers/usb/core/message.c:117 [inline]
usb_control_msg+0x234/0x3e0 drivers/usb/core/message.c:167
usb_control_msg_recv+0xd2/0x170 drivers/usb/core/message.c:291
xpad_start_input+0x242/0x310 drivers/input/joystick/xpad.c:1789
input_open_device+0x1f8/0x3b0 drivers/input/input.c:601
evdev_open_device drivers/input/evdev.c:391 [inline]
evdev_open+0x4b1/0x5b0 drivers/input/evdev.c:478
chrdev_open+0x4cd/0x5e0 fs/char_dev.c:411
do_dentry_open+0x785/0x14e0 fs/open.c:947
vfs_open+0x3b/0x340 fs/open.c:1079
do_open fs/namei.c:4699 [inline]
path_openat+0x2e08/0x3860 fs/namei.c:4858
do_file_open+0x23e/0x4a0 fs/namei.c:4887
do_sys_openat2+0x113/0x200 fs/open.c:1364
do_sys_open fs/open.c:1370 [inline]
__do_sys_openat fs/open.c:1386 [inline]
__se_sys_openat fs/open.c:1381 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1381
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL USE at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_spin_lock include/linux/spinlock_api_smp.h:158 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:158
spin_lock include/linux/spinlock.h:342 [inline]
evdev_handle_get_val+0x70/0x9f0 drivers/input/evdev.c:898
evdev_do_ioctl drivers/input/evdev.c:-1 [inline]
evdev_ioctl_handler+0x127b/0x1fe0 drivers/input/evdev.c:1270
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:597 [inline]
__se_sys_ioctl+0xfc/0x170 fs/ioctl.c:583
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a7dd7e0>] evdev_open.__key.27+0x0/0x20
-> (&new->fa_lock){....}-{3:3} {
INITIAL USE at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_write_lock_irq include/linux/rwlock_api_smp.h:213 [inline]
_raw_write_lock_irq+0x3d/0x50 kernel/locking/spinlock.c:330
fasync_remove_entry+0xf1/0x1c0 fs/fcntl.c:1012
tun_chr_fasync+0x87/0x1a0 drivers/net/tun.c:3382
__fput+0x890/0xa60 fs/file_table.c:507
task_work_run+0x1d9/0x270 kernel/task_work.c:233
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
__exit_to_user_mode_loop kernel/entry/common.c:67 [inline]
exit_to_user_mode_loop+0xed/0x480 kernel/entry/common.c:98
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:238 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline]
do_syscall_64+0x33e/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL READ USE at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:174 [inline]
_raw_read_lock_irqsave+0x48/0x60 kernel/locking/spinlock.c:240
kill_fasync_rcu fs/fcntl.c:1135 [inline]
kill_fasync+0x199/0x4d0 fs/fcntl.c:1159
pipe_release+0x19c/0x330 fs/pipe.c:739
__fput+0x44f/0xa60 fs/file_table.c:510
task_work_run+0x1d9/0x270 kernel/task_work.c:233
resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
__exit_to_user_mode_loop kernel/entry/common.c:67 [inline]
exit_to_user_mode_loop+0xed/0x480 kernel/entry/common.c:98
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:238 [inline]
syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline]
do_syscall_64+0x33e/0xf80 arch/x86/entry/syscall_64.c:100
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a4bc8a0>] fasync_insert_entry.__key+0x0/0x20
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:174 [inline]
_raw_read_lock_irqsave+0x48/0x60 kernel/locking/spinlock.c:240
kill_fasync_rcu fs/fcntl.c:1135 [inline]
kill_fasync+0x199/0x4d0 fs/fcntl.c:1159
__pass_event drivers/input/evdev.c:240 [inline]
evdev_pass_values+0x627/0xbd0 drivers/input/evdev.c:278
evdev_events+0x1e6/0x340 drivers/input/evdev.c:306
input_pass_values+0x288/0x890 drivers/input/input.c:128
input_event_dispose+0x330/0x6b0 drivers/input/input.c:342
input_inject_event+0x1dc/0x330 drivers/input/input.c:424
evdev_write+0x325/0x4c0 drivers/input/evdev.c:528
vfs_write+0x29a/0xb90 fs/read_write.c:686
ksys_write+0x150/0x270 fs/read_write.c:740
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
the dependencies between the lock to be acquired
and SOFTIRQ-irq-unsafe lock:
-> (tasklist_lock){.+.+}-{3:3} {
HARDIRQ-ON-R at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:163 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:232
__do_wait+0xde/0x740 kernel/exit.c:1677
do_wait+0x1e7/0x510 kernel/exit.c:1721
kernel_wait+0xd6/0x1c0 kernel/exit.c:1897
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xbe/0x230 kernel/umh.c:163
process_one_work kernel/workqueue.c:3302 [inline]
process_scheduled_works+0xb5d/0x1860 kernel/workqueue.c:3385
worker_thread+0xa53/0xfc0 kernel/workqueue.c:3466
kthread+0x388/0x470 kernel/kthread.c:436
ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
SOFTIRQ-ON-R at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:163 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:232
__do_wait+0xde/0x740 kernel/exit.c:1677
do_wait+0x1e7/0x510 kernel/exit.c:1721
kernel_wait+0xd6/0x1c0 kernel/exit.c:1897
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xbe/0x230 kernel/umh.c:163
process_one_work kernel/workqueue.c:3302 [inline]
process_scheduled_works+0xb5d/0x1860 kernel/workqueue.c:3385
worker_thread+0xa53/0xfc0 kernel/workqueue.c:3466
kthread+0x388/0x470 kernel/kthread.c:436
ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
INITIAL USE at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_write_lock_irq include/linux/rwlock_api_smp.h:213 [inline]
_raw_write_lock_irq+0x3d/0x50 kernel/locking/spinlock.c:330
copy_process+0x2b4c/0x4440 kernel/fork.c:2411
kernel_clone+0x284/0x8f0 kernel/fork.c:2721
user_mode_thread+0x110/0x180 kernel/fork.c:2797
rest_init+0x23/0x300 init/main.c:727
start_kernel+0x38a/0x3e0 init/main.c:1220
x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310
x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291
common_startup_64+0x13e/0x147
INITIAL READ USE at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_read_lock include/linux/rwlock_api_smp.h:163 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:232
__do_wait+0xde/0x740 kernel/exit.c:1677
do_wait+0x1e7/0x510 kernel/exit.c:1721
kernel_wait+0xd6/0x1c0 kernel/exit.c:1897
call_usermodehelper_exec_sync kernel/umh.c:136 [inline]
call_usermodehelper_exec_work+0xbe/0x230 kernel/umh.c:163
process_one_work kernel/workqueue.c:3302 [inline]
process_scheduled_works+0xb5d/0x1860 kernel/workqueue.c:3385
worker_thread+0xa53/0xfc0 kernel/workqueue.c:3466
kthread+0x388/0x470 kernel/kthread.c:436
ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
}
... key at: [<ffffffff8e60a058>] tasklist_lock+0x18/0x40
... acquired at:
__raw_read_lock include/linux/rwlock_api_smp.h:163 [inline]
_raw_read_lock+0x36/0x50 kernel/locking/spinlock.c:232
send_sigurg+0x12b/0x420 fs/fcntl.c:978
sk_send_sigurg+0x6c/0x2e0 net/core/sock.c:3672
queue_oob+0x42c/0x4f0 net/unix/af_unix.c:2368
unix_stream_sendmsg+0xcb1/0xe80 net/unix/af_unix.c:2502
sock_sendmsg_nosec net/socket.c:787 [inline]
__sock_sendmsg net/socket.c:802 [inline]
____sys_sendmsg+0x972/0x9f0 net/socket.c:2698
___sys_sendmsg+0x2a5/0x360 net/socket.c:2752
__sys_sendmsg net/socket.c:2784 [inline]
__do_sys_sendmsg net/socket.c:2789 [inline]
__se_sys_sendmsg net/socket.c:2787 [inline]
__x64_sys_sendmsg+0x1bd/0x2a0 net/socket.c:2787
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> (&f_owner->lock){....}-{3:3} {
INITIAL USE at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_write_lock_irq include/linux/rwlock_api_smp.h:213 [inline]
_raw_write_lock_irq+0x3d/0x50 kernel/locking/spinlock.c:330
__f_setown+0x67/0x370 fs/fcntl.c:136
tun_chr_fasync+0x127/0x1a0 drivers/net/tun.c:3386
ioctl_fioasync fs/ioctl.c:378 [inline]
do_vfs_ioctl+0x1117/0x1530 fs/ioctl.c:511
__do_sys_ioctl fs/ioctl.c:595 [inline]
__se_sys_ioctl+0x82/0x170 fs/ioctl.c:583
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
INITIAL READ USE at:
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:174 [inline]
_raw_read_lock_irqsave+0x48/0x60 kernel/locking/spinlock.c:240
send_sigio+0x38/0x370 fs/fcntl.c:918
dnotify_handle_event+0x169/0x440 fs/notify/dnotify/dnotify.c:113
fsnotify_handle_event fs/notify/fsnotify.c:327 [inline]
send_to_group fs/notify/fsnotify.c:375 [inline]
fsnotify+0x1831/0x1ae0 fs/notify/fsnotify.c:592
fsnotify_name include/linux/fsnotify.h:55 [inline]
fsnotify_dirent include/linux/fsnotify.h:61 [inline]
fsnotify_create include/linux/fsnotify.h:323 [inline]
open_last_lookups fs/namei.c:4614 [inline]
path_openat+0x15c2/0x3860 fs/namei.c:4855
do_file_open+0x23e/0x4a0 fs/namei.c:4887
do_sys_openat2+0x113/0x200 fs/open.c:1364
do_sys_open fs/open.c:1370 [inline]
__do_sys_openat fs/open.c:1386 [inline]
__se_sys_openat fs/open.c:1381 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1381
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
}
... key at: [<ffffffff9a4bc880>] file_f_owner_allocate.__key+0x0/0x20
... acquired at:
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:174 [inline]
_raw_read_lock_irqsave+0x48/0x60 kernel/locking/spinlock.c:240
send_sigio+0x38/0x370 fs/fcntl.c:918
kill_fasync_rcu fs/fcntl.c:1144 [inline]
kill_fasync+0x24d/0x4d0 fs/fcntl.c:1159
lease_break_callback+0x26/0x30 fs/locks.c:577
__break_lease+0x81f/0x1ea0 fs/locks.c:1669
break_lease include/linux/filelock.h:485 [inline]
do_dentry_open+0x1010/0x14e0 fs/open.c:938
vfs_open+0x3b/0x340 fs/open.c:1079
do_open fs/namei.c:4699 [inline]
path_openat+0x2e08/0x3860 fs/namei.c:4858
do_file_open+0x23e/0x4a0 fs/namei.c:4887
do_sys_openat2+0x113/0x200 fs/open.c:1364
do_sys_open fs/open.c:1370 [inline]
__do_sys_openat fs/open.c:1386 [inline]
__se_sys_openat fs/open.c:1381 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1381
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
stack backtrace:
CPU: 1 UID: 0 PID: 16104 Comm: syz.2.23436 Tainted: G L syzkaller #0 PREEMPT(full)
Tainted: [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
Call Trace:
<TASK>
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
print_bad_irq_dependency kernel/locking/lockdep.c:2616 [inline]
check_irq_usage kernel/locking/lockdep.c:2857 [inline]
check_prev_add kernel/locking/lockdep.c:3169 [inline]
check_prevs_add kernel/locking/lockdep.c:3284 [inline]
validate_chain kernel/locking/lockdep.c:3908 [inline]
__lock_acquire+0x2a94/0x2cf0 kernel/locking/lockdep.c:5237
lock_acquire+0x106/0x350 kernel/locking/lockdep.c:5868
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:174 [inline]
_raw_read_lock_irqsave+0x48/0x60 kernel/locking/spinlock.c:240
send_sigio+0x38/0x370 fs/fcntl.c:918
kill_fasync_rcu fs/fcntl.c:1144 [inline]
kill_fasync+0x24d/0x4d0 fs/fcntl.c:1159
lease_break_callback+0x26/0x30 fs/locks.c:577
__break_lease+0x81f/0x1ea0 fs/locks.c:1669
break_lease include/linux/filelock.h:485 [inline]
do_dentry_open+0x1010/0x14e0 fs/open.c:938
vfs_open+0x3b/0x340 fs/open.c:1079
do_open fs/namei.c:4699 [inline]
path_openat+0x2e08/0x3860 fs/namei.c:4858
do_file_open+0x23e/0x4a0 fs/namei.c:4887
do_sys_openat2+0x113/0x200 fs/open.c:1364
do_sys_open fs/open.c:1370 [inline]
__do_sys_openat fs/open.c:1386 [inline]
__se_sys_openat fs/open.c:1381 [inline]
__x64_sys_openat+0x138/0x170 fs/open.c:1381
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x15f/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f51f1d9cdd9
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f51f2c7a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 00007f51f2015fa0 RCX: 00007f51f1d9cdd9
RDX: 000000000010103f RSI: 0000200000000180 RDI: ffffffffffffff9c
RBP: 00007f51f1e32d69 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000140 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f51f2016038 R14: 00007f51f2015fa0 R15: 00007f51f213fa48
</TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2026/05/06 02:57 | upstream | 9207d47f966b | 26da2c66 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/05 01:12 | upstream | c7e4e4d5f7dc | a898ba9c | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/04 17:56 | upstream | 6d35786de281 | 85f1bcf2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/04 07:46 | upstream | 6d35786de281 | a0d91488 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/03 18:27 | upstream | f377d0025eb0 | a0d91488 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/03 12:13 | upstream | 66edb901bf87 | a0d91488 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/03 10:31 | upstream | 66edb901bf87 | a0d91488 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/03 09:14 | upstream | 66edb901bf87 | a0d91488 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/02 11:00 | upstream | f1a5e78a55eb | a0d91488 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/02 06:00 | upstream | ef5f46b63023 | 753c55b9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/01 22:01 | upstream | ef5f46b63023 | 753c55b9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/05/01 08:29 | upstream | 26fd6bff2c05 | 753c55b9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/30 13:41 | upstream | e75a43c7cec4 | a7464baf | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/30 00:27 | upstream | 57b8e2d666a3 | 005438fc | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/29 11:30 | upstream | dca922e019dd | 804ea88f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/29 11:21 | upstream | dca922e019dd | 804ea88f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/28 10:07 | upstream | 3b3bea6d4b9c | b4209743 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/27 21:25 | upstream | 254f49634ee1 | ce741359 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/27 07:25 | upstream | 20b64cf8705a | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/27 00:56 | upstream | 20b64cf8705a | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/26 17:12 | upstream | 897d54018cc9 | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/26 15:56 | upstream | 897d54018cc9 | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/26 10:54 | upstream | 897d54018cc9 | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2026/04/24 13:24 | upstream | dd6c438c3e64 | 1c2b9291 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/23 04:18 | upstream | 2a4c0c11c019 | b10da5ec | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/21 16:31 | upstream | b4e07588e743 | 0b6ab7ec | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/21 02:45 | upstream | a5d1079c28a5 | e65da4ee | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/20 20:33 | upstream | a5d1079c28a5 | e65da4ee | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/20 12:19 | upstream | c1f49dea2b8f | 303e2802 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/17 03:51 | upstream | 3cd8b194bf34 | de0a551d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/16 16:04 | upstream | 1d51b370a0f8 | 321ae225 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/15 14:20 | upstream | 1f5ffc672165 | c441f497 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | possible deadlock in evdev_pass_values | ||
| 2026/04/15 01:18 | upstream | 508fed679541 | e2e976a8 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/14 01:44 | upstream | 0f0013213293 | 1a086e7c | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/13 22:46 | upstream | 0f0013213293 | 1a086e7c | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/13 21:33 | upstream | 0f0013213293 | 9530ccf9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/13 10:27 | upstream | 028ef9c96e96 | 9530ccf9 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/13 00:14 | upstream | f5459048c38a | 38c8e246 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/12 05:22 | upstream | e753c16cb3dd | 38c8e246 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/11 21:51 | upstream | e774d5f1bc27 | 38c8e246 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/04/06 01:31 | upstream | 1791c390149f | 4440e7c2 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | possible deadlock in evdev_pass_values | ||
| 2026/02/25 12:52 | upstream | 7dff99b35460 | df2e85d4 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/04 21:27 | upstream | 54e82e93ca93 | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | possible deadlock in evdev_pass_values | ||
| 2025/08/23 14:33 | upstream | 038d61fd6422 | bf27483f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | possible deadlock in evdev_pass_values | ||
| 2026/05/05 22:28 | upstream | a293ec25d59d | 06e69a27 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/05/05 17:41 | upstream | a293ec25d59d | 06e69a27 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/04/25 08:42 | upstream | 27d128c1cff6 | 9c2d0995 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/04/22 10:39 | upstream | 6596a02b2078 | 4595e353 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/04/22 04:09 | upstream | 4ee64205ffaa | 0b6ab7ec | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/04/19 11:57 | upstream | faeab166167f | 303e2802 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/04/18 22:17 | upstream | eb5249b12507 | 303e2802 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/04/18 01:12 | upstream | 43cfbdda5af6 | 24ecfc1e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/04/17 18:58 | upstream | 43cfbdda5af6 | 24ecfc1e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/04/15 10:56 | upstream | 508fed679541 | e2e976a8 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | possible deadlock in evdev_pass_values | ||
| 2026/02/03 22:16 | upstream | de0674d9bc69 | 42b01fab | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | possible deadlock in evdev_pass_values | ||
| 2026/03/22 15:44 | upstream | 113ae7b4decc | 5b92003d | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | possible deadlock in evdev_pass_values | ||
| 2023/04/19 19:50 | upstream | 789b4a41c247 | a219f34e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2023/04/16 17:07 | upstream | 3e7bb4f24617 | ec410564 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/03/23 11:19 | linux-next | 785f0eb2f85d | 5b92003d | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-rust-kasan-gce | possible deadlock in evdev_pass_values | ||
| 2026/01/13 02:58 | linux-next | f417b7ffcbef | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | possible deadlock in evdev_pass_values |