[�[0;32m OK �[0m] Started Getty on tty2.
[�[0;32m OK �[0m] Started Serial Getty on ttyS0.
[�[0;32m OK �[0m] Started Getty on tty1.
[�[0;32m OK �[0m] Reached target Login Prompts.
[�[0;32m OK �[0m] Reached target Multi-User System.
[�[0;32m OK �[0m] Reached target Graphical Interface.
Starting Update UTMP about System Runlevel Changes...
Starting Load/Save RF Kill Switch Status...
[�[0;32m OK �[0m] Started Load/Save RF Kill Switch Status.
[�[0;32m OK �[0m] Started Update UTMP about System Runlevel Changes.
Debian GNU/Linux 9 syzkaller ttyS0
Warning: Permanently added '10.128.0.87' (ECDSA) to the list of known hosts.
executing program
syzkaller login: [ 27.016921] FAULT_INJECTION: forcing a failure.
[ 27.016921] name failslab, interval 1, probability 0, space 0, times 1
[ 27.028742] CPU: 0 PID: 7974 Comm: syz-executor152 Not tainted 4.14.303-syzkaller #0
[ 27.036594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 27.045936] Call Trace:
[ 27.048494] dump_stack+0x1b2/0x281
[ 27.052106] should_fail.cold+0x10a/0x149
[ 27.056229] should_failslab+0xd6/0x130
[ 27.060197] __kmalloc+0x6d/0x400
[ 27.063638] ? tty_buffer_alloc+0xc0/0x270
[ 27.067845] tty_buffer_alloc+0xc0/0x270
[ 27.071879] __tty_buffer_request_room+0x12c/0x290
[ 27.076779] tty_insert_flip_string_fixed_flag+0x8b/0x210
[ 27.082292] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 27.088238] pty_write+0xc3/0xf0
[ 27.091595] tty_put_char+0xfe/0x120
[ 27.095278] ? dev_match_devt+0x80/0x80
[ 27.099223] ? pty_write_room+0xa9/0xd0
[ 27.103166] ? ptmx_open+0x300/0x300
[ 27.106850] __process_echoes+0x48c/0x8c0
[ 27.110976] n_tty_receive_buf_common+0x9a3/0x25a0
[ 27.115880] ? n_tty_receive_buf2+0x40/0x40
[ 27.120173] tty_ioctl+0xe8a/0x1430
[ 27.123769] ? tty_fasync+0x2c0/0x2c0
[ 27.127544] ? proc_fail_nth_write+0x7b/0x180
[ 27.132013] ? proc_tgid_io_accounting+0x6f0/0x7a0
[ 27.136926] ? fsnotify+0x974/0x11b0
[ 27.140610] ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 27.145509] ? debug_check_no_obj_freed+0x2c0/0x680
[ 27.150499] ? tty_fasync+0x2c0/0x2c0
[ 27.154288] do_vfs_ioctl+0x75a/0xff0
[ 27.158066] ? ioctl_preallocate+0x1a0/0x1a0
[ 27.162450] ? vfs_write+0x319/0x4d0
[ 27.166136] ? SyS_write+0x14d/0x210
[ 27.169833] ? security_file_ioctl+0x83/0xb0
[ 27.174215] SyS_ioctl+0x7f/0xb0
[ 27.177554] ? do_vfs_ioctl+0xff0/0xff0
[ 27.181504] do_syscall_64+0x1d5/0x640
[ 27.185366] entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[ 27.190526] RIP: 0033:0x7f9b04e42789
[ 27.194207] RSP: 002b:00007ffd28ccc568 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 27.201885] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f9b04e42789
[ 27.209140] RDX: 0000000020000180 RSI: 0000000000005412 RDI: 0000000000000004
[ 27.216392] RBP: 00007ffd28ccc580 R08: 0000000000000001 R09: 0000000000000001
[ 27.223634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 27.230874] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 27.238123]
[ 27.238125] ======================================================
[ 27.238127] WARNING: possible circular locking dependency detected
[ 27.238129] 4.14.303-syzkaller #0 Not tainted
[ 27.238131] ------------------------------------------------------
[ 27.238132] syz-executor152/7974 is trying to acquire lock:
[ 27.238133] (console_owner){....}, at: [<ffffffff81440a67>] console_unlock+0x307/0xf20
[ 27.238138]
[ 27.238139] but task is already holding lock:
[ 27.238140] (&(&port->lock)->rlock){-.-.}, at: [<ffffffff83560a7b>] tty_insert_flip_string_and_push_buffer+0x2b/0x160
[ 27.238145]
[ 27.238146] which lock already depends on the new lock.
[ 27.238147]
[ 27.238148]
[ 27.238150] the existing dependency chain (in reverse order) is:
[ 27.238150]
[ 27.238151] -> #2 (&(&port->lock)->rlock){-.-.}:
[ 27.238156] _raw_spin_lock_irqsave+0x8c/0xc0
[ 27.238157] tty_port_tty_get+0x1d/0x80
[ 27.238158] tty_port_default_wakeup+0x11/0x40
[ 27.238160] serial8250_tx_chars+0x3fe/0xc70
[ 27.238161] serial8250_handle_irq.part.0+0x2c7/0x390
[ 27.238163] serial8250_default_handle_irq+0x8a/0x1f0
[ 27.238165] serial8250_interrupt+0xf3/0x210
[ 27.238166] __handle_irq_event_percpu+0xee/0x7f0
[ 27.238168] handle_irq_event+0xed/0x240
[ 27.238169] handle_edge_irq+0x224/0xc40
[ 27.238170] handle_irq+0x35/0x50
[ 27.238171] do_IRQ+0x93/0x1d0
[ 27.238173] ret_from_intr+0x0/0x1e
[ 27.238174] native_safe_halt+0xe/0x10
[ 27.238175] default_idle+0x47/0x370
[ 27.238176] do_idle+0x250/0x3c0
[ 27.238178] cpu_startup_entry+0x14/0x20
[ 27.238179] start_kernel+0x743/0x763
[ 27.238181] secondary_startup_64+0xa5/0xb0
[ 27.238181]
[ 27.238182] -> #1 (&port_lock_key){-.-.}:
[ 27.238187] _raw_spin_lock_irqsave+0x8c/0xc0
[ 27.238188] serial8250_console_write+0x8cb/0xb40
[ 27.238189] console_unlock+0x99d/0xf20
[ 27.238191] vprintk_emit+0x224/0x620
[ 27.238192] vprintk_func+0x58/0x160
[ 27.238193] printk+0x9e/0xbc
[ 27.238195] register_console+0x6f4/0xad0
[ 27.238196] univ8250_console_init+0x2f/0x3a
[ 27.238197] console_init+0x46/0x53
[ 27.238199] start_kernel+0x521/0x763
[ 27.238200] secondary_startup_64+0xa5/0xb0
[ 27.238201]
[ 27.238201] -> #0 (console_owner){....}:
[ 27.238205] lock_acquire+0x170/0x3f0
[ 27.238207] console_unlock+0x36f/0xf20
[ 27.238208] vprintk_emit+0x224/0x620
[ 27.238210] vprintk_func+0x58/0x160
[ 27.238211] printk+0x9e/0xbc
[ 27.238212] should_fail.cold+0xdf/0x149
[ 27.238214] should_failslab+0xd6/0x130
[ 27.238215] __kmalloc+0x6d/0x400
[ 27.238217] tty_buffer_alloc+0xc0/0x270
[ 27.238218] __tty_buffer_request_room+0x12c/0x290
[ 27.238220] tty_insert_flip_string_fixed_flag+0x8b/0x210
[ 27.238222] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 27.238223] pty_write+0xc3/0xf0
[ 27.238225] tty_put_char+0xfe/0x120
[ 27.238226] __process_echoes+0x48c/0x8c0
[ 27.238228] n_tty_receive_buf_common+0x9a3/0x25a0
[ 27.238229] tty_ioctl+0xe8a/0x1430
[ 27.238231] do_vfs_ioctl+0x75a/0xff0
[ 27.238232] SyS_ioctl+0x7f/0xb0
[ 27.238234] do_syscall_64+0x1d5/0x640
[ 27.238235] entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[ 27.238236]
[ 27.238237] other info that might help us debug this:
[ 27.238238]
[ 27.238239] Chain exists of:
[ 27.238240] console_owner --> &port_lock_key --> &(&port->lock)->rlock
[ 27.238245]
[ 27.238246] Possible unsafe locking scenario:
[ 27.238247]
[ 27.238248] CPU0 CPU1
[ 27.238250] ---- ----
[ 27.238250] lock(&(&port->lock)->rlock);
[ 27.238253] lock(&port_lock_key);
[ 27.238256] lock(&(&port->lock)->rlock);
[ 27.238259] lock(console_owner);
[ 27.238261]
[ 27.238262] *** DEADLOCK ***
[ 27.238263]
[ 27.238264] 6 locks held by syz-executor152/7974:
[ 27.238265] #0: (&tty->ldisc_sem){++++}, at: [<ffffffff8355cef2>] tty_ldisc_ref_wait+0x22/0x80
[ 27.238270] #1: (&port->buf.lock/1){+.+.}, at: [<ffffffff8354aeb0>] tty_ioctl+0xe20/0x1430
[ 27.238275] #2: (&o_tty->termios_rwsem/1){++++}, at: [<ffffffff83557291>] n_tty_receive_buf_common+0x91/0x25a0
[ 27.238281] #3: (&ldata->output_lock){+.+.}, at: [<ffffffff83557b65>] n_tty_receive_buf_common+0x965/0x25a0
[ 27.238286] #4: (&(&port->lock)->rlock){-.-.}, at: [<ffffffff83560a7b>] tty_insert_flip_string_and_push_buffer+0x2b/0x160
[ 27.238291] #5: (console_lock){+.+.}, at: [<ffffffff814443c8>] vprintk_func+0x58/0x160
[ 27.238296]
[ 27.238297] stack backtrace:
[ 27.238299] CPU: 0 PID: 7974 Comm: syz-executor152 Not tainted 4.14.303-syzkaller #0
[ 27.238301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 27.238302] Call Trace:
[ 27.238304] dump_stack+0x1b2/0x281
[ 27.238305] print_circular_bug.constprop.0.cold+0x2d7/0x41e
[ 27.238307] __lock_acquire+0x2e0e/0x3f20
[ 27.238308] ? trace_hardirqs_on+0x10/0x10
[ 27.238309] ? snprintf+0xd0/0xd0
[ 27.238310] ? console_unlock+0x34a/0xf20
[ 27.238312] lock_acquire+0x170/0x3f0
[ 27.238313] ? console_unlock+0x307/0xf20
[ 27.238314] console_unlock+0x36f/0xf20
[ 27.238316] ? console_unlock+0x307/0xf20
[ 27.238317] vprintk_emit+0x224/0x620
[ 27.238318] vprintk_func+0x58/0x160
[ 27.238319] printk+0x9e/0xbc
[ 27.238320] ? log_store.cold+0x16/0x16
[ 27.238322] ? ___ratelimit+0x2b5/0x510
[ 27.238323] should_fail.cold+0xdf/0x149
[ 27.238324] should_failslab+0xd6/0x130
[ 27.238326] __kmalloc+0x6d/0x400
[ 27.238327] ? tty_buffer_alloc+0xc0/0x270
[ 27.238328] tty_buffer_alloc+0xc0/0x270
[ 27.238330] __tty_buffer_request_room+0x12c/0x290
[ 27.238331] tty_insert_flip_string_fixed_flag+0x8b/0x210
[ 27.238333] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 27.238334] pty_write+0xc3/0xf0
[ 27.238335] tty_put_char+0xfe/0x120
[ 27.238337] ? dev_match_devt+0x80/0x80
[ 27.238338] ? pty_write_room+0xa9/0xd0
[ 27.238339] ? ptmx_open+0x300/0x300
[ 27.238340] __process_echoes+0x48c/0x8c0
[ 27.238342] n_tty_receive_buf_common+0x9a3/0x25a0
[ 27.238343] ? n_tty_receive_buf2+0x40/0x40
[ 27.238344] tty_ioctl+0xe8a/0x1430
[ 27.238346] ? tty_fasync+0x2c0/0x2c0
[ 27.238347] ? proc_fail_nth_write+0x7b/0x180
[ 27.238348] ? proc_tgid_io_accounting+0x6f0/0x7a0
[ 27.238350] ? fsnotify+0x974/0x11b0
[ 27.238351] ? proc_tgid_io_accounting+0x7a0/0x7a0
[ 27.238353] ? debug_check_no_obj_freed+0x2c0/0x680
[ 27.238354] ? tty_fasync+0x2c0/0x2c0
[ 27.238355] do_vfs_ioctl+0x75a/0xff0
[ 27.238357] ? ioctl_preallocate+0x1a0/0x1a0
[ 27.238358] ? vfs_write+0x319/0x4d0
[ 27.238360] ? SyS_write+0x14d/0x210
[ 27.238361] ? security_file_ioctl+0x83/0xb0
[ 27.238362] SyS_ioctl+0x7f/0xb0
[ 27.238364] ? do_vfs_ioctl+0xff0/0xff0
[ 27.238365] do_syscall_64+0x1d5/0x640
[ 27.238367] entry_SYSCALL_64_after_hwframe+0x5e/0xd3
[ 27.238368] RIP: 0033:0x7f9b04e42789
[ 27.238370] RSP: 002b:00007ffd28ccc568 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 27.238373] RAX: fffffff