[�[0;32m OK �[0m] Started Getty on tty2.
[�[0;32m OK �[0m] Started Getty on tty1.
[�[0;32m OK �[0m] Started Serial Getty on ttyS0.
[�[0;32m OK �[0m] Reached target Login Prompts.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.60' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 27.456848] FAULT_INJECTION: forcing a failure.
[ 27.456848] name failslab, interval 1, probability 0, space 0, times 1
[ 27.468770] CPU: 1 PID: 7971 Comm: syz-executor178 Not tainted 4.14.301-syzkaller #0
[ 27.476625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 27.485959] Call Trace:
[ 27.488520] dump_stack+0x1b2/0x281
[ 27.492137] should_fail.cold+0x10a/0x149
[ 27.496262] should_failslab+0xd6/0x130
[ 27.500208] __kmalloc+0x6d/0x400
[ 27.503633] ? tty_buffer_alloc+0xc0/0x270
[ 27.507851] tty_buffer_alloc+0xc0/0x270
[ 27.511890] __tty_buffer_request_room+0x12c/0x290
[ 27.516797] tty_insert_flip_string_fixed_flag+0x8b/0x210
[ 27.522312] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 27.528255] pty_write+0xc3/0xf0
[ 27.531594] tty_put_char+0xfe/0x120
[ 27.535286] ? dev_match_devt+0x80/0x80
[ 27.539237] ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[ 27.544670] ? commit_echoes+0x108/0x1e0
[ 27.548708] do_output_char+0x126/0x750
[ 27.552662] __process_echoes+0x313/0x8c0
[ 27.556834] n_tty_receive_buf_common+0x9a3/0x25a0
[ 27.561745] ? n_tty_receive_buf2+0x40/0x40
[ 27.566038] tty_ioctl+0xe8a/0x1430
[ 27.569749] ? tty_fasync+0x2c0/0x2c0
[ 27.573526] ? proc_fail_nth_write+0x7b/0x180
[ 27.577991] ? trace_hardirqs_on+0x10/0x10
[ 27.582199] ? fsnotify+0x974/0x11b0
[ 27.585892] ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 27.590795] ? debug_check_no_obj_freed+0x2c0/0x680
[ 27.595785] ? SyS_write+0x1b7/0x210
[ 27.599471] ? tty_fasync+0x2c0/0x2c0
[ 27.603263] do_vfs_ioctl+0x75a/0xff0
[ 27.607043] ? lock_acquire+0x170/0x3f0
[ 27.611028] ? ioctl_preallocate+0x1a0/0x1a0
[ 27.615413] ? __fget+0x265/0x3e0
[ 27.619098] ? do_vfs_ioctl+0xff0/0xff0
[ 27.623048] ? security_file_ioctl+0x83/0xb0
[ 27.627429] SyS_ioctl+0x7f/0xb0
[ 27.630768] ? do_vfs_ioctl+0xff0/0xff0
[ 27.634717] do_syscall_64+0x1d5/0x640
[ 27.638591] entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[ 27.643758] RIP: 0033:0x7f7de54ef3d9
[ 27.647453] RSP: 002b:00007f7de5480268 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 27.655157] RAX: ffffffffffffffda RBX: 00007f7de55774d0 RCX: 00007f7de54ef3d9
[ 27.662407] RDX: 0000000020000140 RSI: 0000000000005412 RDI: 0000000000000004
[ 27.669647] RBP: 00007f7de5545040 R08: 0000000000000001 R09: 0000000000000000
[ 27.676892] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7de5480280
[ 27.684134] R13: 00007f7de55774d8 R14: 00007f7de548027c R15: 0000000000000001
[ 27.691391]
[ 27.691393] ======================================================
[ 27.691395] WARNING: possible circular locking dependency detected
[ 27.691396] 4.14.301-syzkaller #0 Not tainted
[ 27.691398] ------------------------------------------------------
[ 27.691399] syz-executor178/7971 is trying to acquire lock:
[ 27.691400] (console_owner){....}, at: [<ffffffff81440a47>] console_unlock+0x307/0xf20
[ 27.691404]
[ 27.691406] but task is already holding lock:
[ 27.691406] (&(&port->lock)->rlock){-.-.}, at: [<ffffffff8356022b>] tty_insert_flip_string_and_push_buffer+0x2b/0x160
[ 27.691411]
[ 27.691412] which lock already depends on the new lock.
[ 27.691413]
[ 27.691414]
[ 27.691416] the existing dependency chain (in reverse order) is:
[ 27.691416]
[ 27.691417] -> #2 (&(&port->lock)->rlock){-.-.}:
[ 27.691421] _raw_spin_lock_irqsave+0x8c/0xc0
[ 27.691423] tty_port_tty_get+0x1d/0x80
[ 27.691424] tty_port_default_wakeup+0x11/0x40
[ 27.691425] serial8250_tx_chars+0x3fe/0xc70
[ 27.691427] serial8250_handle_irq.part.0+0x2c7/0x390
[ 27.691428] serial8250_default_handle_irq+0x8a/0x1f0
[ 27.691430] serial8250_interrupt+0xf3/0x210
[ 27.691431] __handle_irq_event_percpu+0xee/0x7f0
[ 27.691432] handle_irq_event+0xed/0x240
[ 27.691434] handle_edge_irq+0x224/0xc40
[ 27.691435] handle_irq+0x35/0x50
[ 27.691436] do_IRQ+0x93/0x1d0
[ 27.691437] ret_from_intr+0x0/0x1e
[ 27.691438] _raw_spin_unlock_irqrestore+0xa3/0xe0
[ 27.691440] uart_write+0x2dd/0x560
[ 27.691441] do_output_char+0x4f5/0x750
[ 27.691442] n_tty_write+0x3e3/0xda0
[ 27.691443] tty_write+0x410/0x740
[ 27.691444] redirected_tty_write+0x9c/0xb0
[ 27.691446] do_iter_write+0x3da/0x550
[ 27.691447] vfs_writev+0x125/0x290
[ 27.691448] do_writev+0xfc/0x2c0
[ 27.691449] do_syscall_64+0x1d5/0x640
[ 27.691451] entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[ 27.691451]
[ 27.691452] -> #1 (&port_lock_key){-.-.}:
[ 27.691456] _raw_spin_lock_irqsave+0x8c/0xc0
[ 27.691458] serial8250_console_write+0x8cb/0xb40
[ 27.691459] console_unlock+0x99d/0xf20
[ 27.691460] vprintk_emit+0x224/0x620
[ 27.691461] vprintk_func+0x58/0x160
[ 27.691462] printk+0x9e/0xbc
[ 27.691463] register_console+0x6f4/0xad0
[ 27.691465] univ8250_console_init+0x2f/0x3a
[ 27.691466] console_init+0x46/0x53
[ 27.691467] start_kernel+0x521/0x763
[ 27.691468] secondary_startup_64+0xa5/0xb0
[ 27.691469]
[ 27.691470] -> #0 (console_owner){....}:
[ 27.691474] lock_acquire+0x170/0x3f0
[ 27.691475] console_unlock+0x36f/0xf20
[ 27.691476] vprintk_emit+0x224/0x620
[ 27.691477] vprintk_func+0x58/0x160
[ 27.691478] printk+0x9e/0xbc
[ 27.691480] should_fail.cold+0xdf/0x149
[ 27.691481] should_failslab+0xd6/0x130
[ 27.691482] __kmalloc+0x6d/0x400
[ 27.691483] tty_buffer_alloc+0xc0/0x270
[ 27.691485] __tty_buffer_request_room+0x12c/0x290
[ 27.691486] tty_insert_flip_string_fixed_flag+0x8b/0x210
[ 27.691488] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 27.691489] pty_write+0xc3/0xf0
[ 27.691490] tty_put_char+0xfe/0x120
[ 27.691492] do_output_char+0x126/0x750
[ 27.691493] __process_echoes+0x313/0x8c0
[ 27.691494] n_tty_receive_buf_common+0x9a3/0x25a0
[ 27.691495] tty_ioctl+0xe8a/0x1430
[ 27.691497] do_vfs_ioctl+0x75a/0xff0
[ 27.691498] SyS_ioctl+0x7f/0xb0
[ 27.691499] do_syscall_64+0x1d5/0x640
[ 27.691500] entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[ 27.691501]
[ 27.691502] other info that might help us debug this:
[ 27.691503]
[ 27.691504] Chain exists of:
[ 27.691505] console_owner --> &port_lock_key --> &(&port->lock)->rlock
[ 27.691510]
[ 27.691511] Possible unsafe locking scenario:
[ 27.691512]
[ 27.691513] CPU0 CPU1
[ 27.691514] ---- ----
[ 27.691515] lock(&(&port->lock)->rlock);
[ 27.691518] lock(&port_lock_key);
[ 27.691521] lock(&(&port->lock)->rlock);
[ 27.691523] lock(console_owner);
[ 27.691525]
[ 27.691526] *** DEADLOCK ***
[ 27.691527]
[ 27.691528] 6 locks held by syz-executor178/7971:
[ 27.691529] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff8355c6a2>] tty_ldisc_ref_wait+0x22/0x80
[ 27.691533] #1: (&port->buf.lock/1){+.+.}, at: [<ffffffff8354a660>] tty_ioctl+0xe20/0x1430
[ 27.691538] #2: (&o_tty->termios_rwsem/1){++++}, at: [<ffffffff83556a41>] n_tty_receive_buf_common+0x91/0x25a0
[ 27.691543] #3: (&ldata->output_lock){+.+.}, at: [<ffffffff83557315>] n_tty_receive_buf_common+0x965/0x25a0
[ 27.691548] #4: (&(&port->lock)->rlock){-.-.}, at: [<ffffffff8356022b>] tty_insert_flip_string_and_push_buffer+0x2b/0x160
[ 27.691553] #5: (console_lock){+.+.}, at: [<ffffffff814443a8>] vprintk_func+0x58/0x160
[ 27.691557]
[ 27.691558] stack backtrace:
[ 27.691560] CPU: 1 PID: 7971 Comm: syz-executor178 Not tainted 4.14.301-syzkaller #0
[ 27.691563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[ 27.691564] Call Trace:
[ 27.691565] dump_stack+0x1b2/0x281
[ 27.691566] print_circular_bug.constprop.0.cold+0x2d7/0x41e
[ 27.691568] __lock_acquire+0x2e0e/0x3f20
[ 27.691569] ? trace_hardirqs_on+0x10/0x10
[ 27.691570] ? snprintf+0xd0/0xd0
[ 27.691571] ? console_unlock+0x34a/0xf20
[ 27.691572] lock_acquire+0x170/0x3f0
[ 27.691573] ? console_unlock+0x307/0xf20
[ 27.691575] console_unlock+0x36f/0xf20
[ 27.691576] ? console_unlock+0x307/0xf20
[ 27.691577] vprintk_emit+0x224/0x620
[ 27.691578] vprintk_func+0x58/0x160
[ 27.691579] printk+0x9e/0xbc
[ 27.691580] ? log_store.cold+0x16/0x16
[ 27.691581] ? ___ratelimit+0x2b5/0x510
[ 27.691583] should_fail.cold+0xdf/0x149
[ 27.691584] should_failslab+0xd6/0x130
[ 27.691585] __kmalloc+0x6d/0x400
[ 27.691586] ? tty_buffer_alloc+0xc0/0x270
[ 27.691587] tty_buffer_alloc+0xc0/0x270
[ 27.691589] __tty_buffer_request_room+0x12c/0x290
[ 27.691590] tty_insert_flip_string_fixed_flag+0x8b/0x210
[ 27.691592] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 27.691593] pty_write+0xc3/0xf0
[ 27.691594] tty_put_char+0xfe/0x120
[ 27.691595] ? dev_match_devt+0x80/0x80
[ 27.691597] ? __ww_mutex_wakeup_for_backoff+0x210/0x210
[ 27.691598] ? commit_echoes+0x108/0x1e0
[ 27.691599] do_output_char+0x126/0x750
[ 27.691600] __process_echoes+0x313/0x8c0
[ 27.691602] n_tty_receive_buf_common+0x9a3/0x25a0
[ 27.691603] ? n_tty_receive_buf2+0x40/0x40
[ 27.691604] tty_ioctl+0xe8a/0x1430
[ 27.691605] ? tty_fasync+0x2c0/0x2c0
[ 27.691606] ? proc_fail_nth_write+0x7b/0x180
[ 27.691608] ? trace_hardirqs_on+0x10/0x10
[ 27.691609] ? fsnotify+0x974/0x11b0
[ 27.691610] ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 27.691611] ? debug_check_no_obj_freed+0x2c0/0x680
[ 27.691613] ? SyS_write+0x1b7/0x210
[ 27.691614] ? tty_fasync+0x2c0/0x2c0
[ 27.691615] do_vfs_ioctl+0x75a/0xff0
[ 27.691616] ? lock_acquire+0x170/0x3f0
[ 27.691617] ? ioctl_preallocate+0x1a0/0x1a0
[ 27.691618] ? __fget+0x265/0x3e0
[ 27.691620] ? do_vfs_ioctl+0xff0/0xff0
[ 27.691621] ? security_file_ioctl+0x83/0xb0
[ 27.691622] SyS_ioctl+0x7f/0xb0
[ 27.691623] ? do_vfs_ioctl+0xff0/0xff0
[ 27.691624] do_syscall_64+0x1d5/0x640
[ 27.691626] entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[ 27.691627] RIP: 0033:0x7f7de54ef3d9
[ 27.691628] RSP: 002b:00007f7de5480268 EFLA