syzbot

IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPVS: sync thread started: state = BACKUP, mcast_ifn = erspan0, syncid = 3, id = 0
============================================
WARNING: possible recursive locking detected
4.14.123 #17 Not tainted
--------------------------------------------
ksoftirqd/1/17 is trying to acquire lock:
 (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] spin_lock include/linux/spinlock.h:317 [inline]
 (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] __netif_tx_lock include/linux/netdevice.h:3530 [inline]
 (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] sch_direct_xmit+0x1fc/0x550 net/sched/sch_generic.c:184

but task is already holding lock:
 (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] spin_lock include/linux/spinlock.h:317 [inline]
 (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] __netif_tx_lock include/linux/netdevice.h:3530 [inline]
 (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] sch_direct_xmit+0x1fc/0x550 net/sched/sch_generic.c:184

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(_xmit_ETHER#2);
  lock(_xmit_ETHER#2);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

8 locks held by ksoftirqd/1/17:
 #0:  (((&in_dev->mr_ifc_timer))){+.-.}, at: [<ffffffff814f56d8>] lockdep_copy_map include/linux/lockdep.h:174 [inline]
 #0:  (((&in_dev->mr_ifc_timer))){+.-.}, at: [<ffffffff814f56d8>] call_timer_fn+0xc8/0x670 kernel/time/timer.c:1269
 #1:  (rcu_read_lock_bh){....}, at: [<ffffffff851ef916>] lwtunnel_xmit_redirect include/net/lwtunnel.h:92 [inline]
 #1:  (rcu_read_lock_bh){....}, at: [<ffffffff851ef916>] ip_finish_output2+0x256/0x14a0 net/ipv4/ip_output.c:213
 #2:  (rcu_read_lock_bh){....}, at: [<ffffffff84d33eb2>] __dev_queue_xmit+0x1e2/0x25e0 net/core/dev.c:3459
 #3:  (dev->qdisc_running_key ?: &qdisc_running_key){+...}, at: [<ffffffff84d362c8>] dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 #4:  (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] spin_lock include/linux/spinlock.h:317 [inline]
 #4:  (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] __netif_tx_lock include/linux/netdevice.h:3530 [inline]
 #4:  (_xmit_ETHER#2){+.-.}, at: [<ffffffff84e128bc>] sch_direct_xmit+0x1fc/0x550 net/sched/sch_generic.c:184
 #5:  (rcu_read_lock_bh){....}, at: [<ffffffff851ef916>] lwtunnel_xmit_redirect include/net/lwtunnel.h:92 [inline]
 #5:  (rcu_read_lock_bh){....}, at: [<ffffffff851ef916>] ip_finish_output2+0x256/0x14a0 net/ipv4/ip_output.c:213
 #6:  (rcu_read_lock_bh){....}, at: [<ffffffff84d33eb2>] __dev_queue_xmit+0x1e2/0x25e0 net/core/dev.c:3459
 #7:  (dev->qdisc_running_key ?: &qdisc_running_key){+...}, at: [<ffffffff84d362c8>] dev_queue_xmit+0x18/0x20 net/core/dev.c:3558

stack backtrace:
CPU: 1 PID: 17 Comm: ksoftirqd/1 Not tainted 4.14.123 #17
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x138/0x19c lib/dump_stack.c:53
 print_deadlock_bug kernel/locking/lockdep.c:1796 [inline]
 check_deadlock kernel/locking/lockdep.c:1843 [inline]
 validate_chain kernel/locking/lockdep.c:2444 [inline]
 __lock_acquire.cold+0x52a/0x8e2 kernel/locking/lockdep.c:3487
 lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3991
 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
 _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:152
 spin_lock include/linux/spinlock.h:317 [inline]
 __netif_tx_lock include/linux/netdevice.h:3530 [inline]
 sch_direct_xmit+0x1fc/0x550 net/sched/sch_generic.c:184
 __dev_xmit_skb net/core/dev.c:3218 [inline]
 __dev_queue_xmit+0x1b6e/0x25e0 net/core/dev.c:3493
 dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 neigh_resolve_output net/core/neighbour.c:1361 [inline]
 neigh_resolve_output+0x4d8/0x870 net/core/neighbour.c:1341
 neigh_output include/net/neighbour.h:500 [inline]
 ip_finish_output2+0x766/0x14a0 net/ipv4/ip_output.c:229
 ip_finish_output+0x56d/0xc60 net/ipv4/ip_output.c:317
 NF_HOOK_COND include/linux/netfilter.h:239 [inline]
 ip_output+0x1e6/0x590 net/ipv4/ip_output.c:405
 dst_output include/net/dst.h:459 [inline]
 ip_local_out+0x97/0x170 net/ipv4/ip_output.c:124
 iptunnel_xmit+0x564/0x930 net/ipv4/ip_tunnel_core.c:91
 ip_tunnel_xmit+0xfd9/0x3189 net/ipv4/ip_tunnel.c:795
 __gre_xmit+0x4eb/0x890 net/ipv4/ip_gre.c:444
 erspan_xmit net/ipv4/ip_gre.c:750 [inline]
 erspan_xmit+0x441/0x11c0 net/ipv4/ip_gre.c:725
 __netdev_start_xmit include/linux/netdevice.h:4033 [inline]
 netdev_start_xmit include/linux/netdevice.h:4042 [inline]
 xmit_one net/core/dev.c:3009 [inline]
 dev_hard_start_xmit+0x18c/0x8b0 net/core/dev.c:3025
 sch_direct_xmit+0x27a/0x550 net/sched/sch_generic.c:186
 __dev_xmit_skb net/core/dev.c:3218 [inline]
 __dev_queue_xmit+0x1b6e/0x25e0 net/core/dev.c:3493
 dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 neigh_resolve_output net/core/neighbour.c:1361 [inline]
 neigh_resolve_output+0x4d8/0x870 net/core/neighbour.c:1341
 neigh_output include/net/neighbour.h:500 [inline]
 ip_finish_output2+0x766/0x14a0 net/ipv4/ip_output.c:229
 ip_finish_output+0x56d/0xc60 net/ipv4/ip_output.c:317
 NF_HOOK_COND include/linux/netfilter.h:239 [inline]
 ip_output+0x1e6/0x590 net/ipv4/ip_output.c:405
 dst_output include/net/dst.h:459 [inline]
 ip_local_out+0x97/0x170 net/ipv4/ip_output.c:124
 igmpv3_sendpack+0x1a2/0x2b0 net/ipv4/igmp.c:420
 igmpv3_send_cr net/ipv4/igmp.c:708 [inline]
 igmp_ifc_timer_expire+0x543/0x8b0 net/ipv4/igmp.c:796
 call_timer_fn+0x161/0x670 kernel/time/timer.c:1279
 expire_timers kernel/time/timer.c:1318 [inline]
 __run_timers kernel/time/timer.c:1634 [inline]
 __run_timers kernel/time/timer.c:1602 [inline]
 run_timer_softirq+0x5b4/0x1570 kernel/time/timer.c:1647
 __do_softirq+0x244/0x9a0 kernel/softirq.c:288
 run_ksoftirqd kernel/softirq.c:670 [inline]
 run_ksoftirqd+0x8c/0x1b0 kernel/softirq.c:662
 smpboot_thread_fn+0x5f4/0x960 kernel/smpboot.c:164
 kthread+0x319/0x430 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
kobject: 'loop0' (ffff8880a49377a0): kobject_uevent_env
kobject: 'loop0' (ffff8880a49377a0): fill_kobj_path: path = '/devices/virtual/block/loop0'
kobject: 'loop0' (ffff8880a49377a0): kobject_uevent_env
kobject: 'loop0' (ffff8880a49377a0): fill_kobj_path: path = '/devices/virtual/block/loop0'
IPVS: ftp: loaded support on port[0] = 21
NET: Registered protocol family 30
Failed to register TIPC socket type
kobject: 'loop0' (ffff8880a49377a0): kobject_uevent_env
kobject: 'loop0' (ffff8880a49377a0): fill_kobj_path: path = '/devices/virtual/block/loop0'
kobject: 'loop0' (ffff8880a49377a0): kobject_uevent_env
kobject: 'loop0' (ffff8880a49377a0): fill_kobj_path: path = '/devices/virtual/block/loop0'
kobject: 'loop0' (ffff8880a49377a0): kobject_uevent_env
kobject: 'loop0' (ffff8880a49377a0): fill_kobj_path: path = '/devices/virtual/block/loop0'
kobject: 'loop0' (ffff8880a49377a0): kobject_uevent_env
kobject: 'loop0' (ffff8880a49377a0): fill_kobj_path: path = '/devices/virtual/block/loop0'
kobject: 'loop0' (ffff8880a49377a0): kobject_uevent_env
kobject: 'loop0' (ffff8880a49377a0): fill_kobj_path: path = '/devices/virtual/block/loop0'
kobject: 'loop0' (ffff8880a49377a0): kobject_uevent_env
kobject: 'loop0' (ffff8880a49377a0): fill_kobj_path: path = '/devices/virtual/block/loop0'
IPVS: ftp: loaded support on port[0] = 21
NET: Registered protocol family 30
Failed to register TIPC socket type
IPVS: ftp: loaded support on port[0] = 21
NET: Registered protocol family 30
Failed to register TIPC socket type
IPVS: ftp: loaded support on port[0] = 21
NET: Registered protocol family 30
Failed to register TIPC socket type
IPVS: ftp: loaded support on port[0] = 21
NET: Registered protocol family 30
Failed to register TIPC socket type
IPVS: ftp: loaded support on port[0] = 21
NET: Registered protocol family 30
Failed to register TIPC socket type