syzbot

=============================
WARNING: suspicious RCU usage
6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 Not tainted
-----------------------------
net/sched/sch_generic.c:1251 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u8:7/5026:
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0 kernel/workqueue.c:3319
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0 kernel/workqueue.c:3319
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2959

stack backtrace:
CPU: 1 UID: 0 PID: 5026 Comm: kworker/u8:7 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 lockdep_rcu_suspicious+0x140/0x1d0 kernel/locking/lockdep.c:6865
 dev_activate+0xa1/0x1150 net/sched/sch_generic.c:1251
 linkwatch_do_dev+0x100/0x170 net/core/link_watch.c:182
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:866
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2739 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2961
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17a0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x4e/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

=============================
WARNING: suspicious RCU usage
6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 Not tainted
-----------------------------
net/sched/sch_generic.c:1229 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u8:7/5026:
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0 kernel/workqueue.c:3319
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0 kernel/workqueue.c:3319
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2959

stack backtrace:
CPU: 1 UID: 0 PID: 5026 Comm: kworker/u8:7 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 lockdep_rcu_suspicious+0x140/0x1d0 kernel/locking/lockdep.c:6865
 transition_one_qdisc+0x8f/0x1c0 net/sched/sch_generic.c:1229
 netdev_for_each_tx_queue include/linux/netdevice.h:2650 [inline]
 dev_activate+0x7cd/0x1150 net/sched/sch_generic.c:1259
 linkwatch_do_dev+0x100/0x170 net/core/link_watch.c:182
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:866
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2739 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2961
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17a0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x4e/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

=============================
WARNING: suspicious RCU usage
6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 Not tainted
-----------------------------
./include/linux/rtnetlink.h:163 suspicious rcu_dereference_protected() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u8:7/5026:
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0 kernel/workqueue.c:3319
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0 kernel/workqueue.c:3319
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2959

stack backtrace:
CPU: 0 UID: 0 PID: 5026 Comm: kworker/u8:7 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 lockdep_rcu_suspicious+0x140/0x1d0 kernel/locking/lockdep.c:6865
 dev_ingress_queue include/linux/rtnetlink.h:163 [inline]
 dev_activate+0x8a8/0x1150 net/sched/sch_generic.c:1260
 linkwatch_do_dev+0x100/0x170 net/core/link_watch.c:182
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:866
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2739 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2961
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17a0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x4e/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1523
in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 5026, name: kworker/u8:7
preempt_count: 0, expected: 0
RCU nest depth: 1, expected: 0
3 locks held by kworker/u8:7/5026:
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0 kernel/workqueue.c:3319
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0 kernel/workqueue.c:3319
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2959
CPU: 1 UID: 0 PID: 5026 Comm: kworker/u8:7 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 __might_resched+0x495/0x610 kernel/sched/core.c:8818
 down_read+0x22/0x2e0 kernel/locking/rwsem.c:1523
 wireless_nlevent_flush net/wireless/wext-core.c:351 [inline]
 wext_netdev_notifier_call+0x28/0x110 net/wireless/wext-core.c:371
 notifier_call_chain+0x1b6/0x3e0 kernel/notifier.c:85
 netif_state_change+0x284/0x3a0 net/core/dev.c:1530
 linkwatch_do_dev+0x117/0x170 net/core/link_watch.c:186
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:866
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2739 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2961
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17a0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x4e/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

=============================
[ BUG: Invalid wait context ]
6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 Tainted: G        W          
-----------------------------
kworker/u8:7/5026 is trying to lock:
ffffffff8f2ea6d0 (net_rwsem){++++}-{4:4}, at: wireless_nlevent_flush net/wireless/wext-core.c:351 [inline]
ffffffff8f2ea6d0 (net_rwsem){++++}-{4:4}, at: wext_netdev_notifier_call+0x28/0x110 net/wireless/wext-core.c:371
other info that might help us debug this:
context-{5:5}
3 locks held by kworker/u8:7/5026:
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
 #0: ffff888033bd2948 ((wq_completion)bond0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0 kernel/workqueue.c:3319
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
 #1: ffffc9000de07c60 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0 kernel/workqueue.c:3319
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
 #2: ffffffff8df3dce0 (rcu_read_lock){....}-{1:3}, at: bond_mii_monitor+0x153/0x2e00 drivers/net/bonding/bond_main.c:2959
stack backtrace:
CPU: 1 UID: 0 PID: 5026 Comm: kworker/u8:7 Tainted: G        W           6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 print_lock_invalid_wait_context kernel/locking/lockdep.c:4831 [inline]
 check_wait_context kernel/locking/lockdep.c:4903 [inline]
 __lock_acquire+0xbcf/0xd20 kernel/locking/lockdep.c:5185
 lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5866
 down_read+0x46/0x2e0 kernel/locking/rwsem.c:1524
 wireless_nlevent_flush net/wireless/wext-core.c:351 [inline]
 wext_netdev_notifier_call+0x28/0x110 net/wireless/wext-core.c:371
 notifier_call_chain+0x1b6/0x3e0 kernel/notifier.c:85
 netif_state_change+0x284/0x3a0 net/core/dev.c:1530
 linkwatch_do_dev+0x117/0x170 net/core/link_watch.c:186
 ethtool_op_get_link+0x15/0x70 net/ethtool/ioctl.c:63
 bond_check_dev_link+0x447/0x6c0 drivers/net/bonding/bond_main.c:866
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2739 [inline]
 bond_mii_monitor+0x428/0x2e00 drivers/net/bonding/bond_main.c:2961
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17a0 kernel/workqueue.c:3319
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3400
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x4e/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>