Nov 13 07:22:02 syzkaller kern.info kernel: [ 153.790276][T10686] bridge_slave_1: left promiscuous mode
Nov 13 07:22:02 syzkaller kern.info kernel: [ 153.791590][T10686] bridge0: port 2(bridge_slave_1) entered [ 153.806087][T10687]
disabled state
Nov 13 07:22:02 [ 153.808709][T10687] WARNING: suspicious RCU usage
syzkaller kern.i[ 153.812337][T10687] -----------------------------
nfo kernel: [ 1[ 153.814888][T10687] net/sched/sch_generic.c:1290 suspicious rcu_dereference_protected() usage!
53.794044][T1068[ 153.817459][T10687]
6] bridge_slave_0: left allmulti[ 153.820490][T10687]
cast mode
Nov 1[ 153.820517][T10687] 3 locks held by kworker/u32:29/10687:
3 07:22:02 syzka[ 153.820524][T10687] #0: ffff88804be0a948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 kernel/workqueue.c:3204
ller kern.info k[ 153.827341][T10687] #1: ffffc900049afd80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
ernel: [ 153.79[ 153.830368][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
ernel: [ 153.79[ 153.830368][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
ernel: [ 153.79[ 153.830368][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bond_mii_monitor+0x140/0x2d90 drivers/net/bonding/bond_main.c:2937
5366][T10686] br[ 153.832935][T10687]
idge_slave_0: le[ 153.832943][T10687] CPU: 1 UID: 0 PID: 10687 Comm: kworker/u32:29 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
ft promiscuous m[ 153.832979][T10687] Call Trace:
ode
Nov 13 07:2[ 153.832989][T10687] __dump_stack lib/dump_stack.c:94 [inline]
Nov 13 07:2[ 153.832989][T10687] dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120
2:02 syzkaller k[ 153.844645][T10687] lockdep_rcu_suspicious+0x210/0x3c0 kernel/locking/lockdep.c:6821
ern.info kernel:[ 153.846292][T10687] dev_deactivate_queue+0x167/0x190 net/sched/sch_generic.c:1290
[ 153.796799][[ 153.846310][T10687] netdev_for_each_tx_queue include/linux/netdevice.h:2504 [inline]
[ 153.796799][[ 153.846310][T10687] dev_deactivate_many+0xe7/0xb20 net/sched/sch_generic.c:1363
T10686] bridge0:[ 153.846326][T10687] dev_deactivate+0xf9/0x1c0 net/sched/sch_generic.c:1403
port 1(bridge_s[ 153.852249][T10687] ? __sanitizer_cov_trace_switch+0x54/0x90 kernel/kcov.c:351
lave_0) entered [ 153.853975][T10687] linkwatch_do_dev+0x11e/0x160 net/core/link_watch.c:175
disabled state
Nov 13 07:22:02 [ 153.855496][T10687] ? __pfx_ethtool_op_get_link+0x10/0x10 net/ethtool/ioctl.c:2712
syzkaller kern.w[ 153.855516][T10687] bond_check_dev_link+0x197/0x490 drivers/net/bonding/bond_main.c:873
arn kernel: [ 1[ 153.862750][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
arn kernel: [ 1[ 153.862750][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
53.806087][T1068[ 153.864236][T10687] bond_miimon_inspect drivers/net/bonding/bond_main.c:2717 [inline]
53.806087][T1068[ 153.864236][T10687] bond_mii_monitor+0x3c1/0x2d90 drivers/net/bonding/bond_main.c:2939
7]
Nov 13 07:2[ 153.868142][T10687] ? trace_lock_acquire+0x14a/0x1d0 include/trace/events/lock.h:24
2:02 syzkaller k[ 153.869866][T10687] ? process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
ern.warn kernel:[ 153.871529][T10687] ? lock_acquire+0x2f/0xb0 kernel/locking/lockdep.c:5796
[ 153.807372][[ 153.871542][T10687] ? process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
T10687] ========[ 153.871577][T10687] ? __pfx_process_one_work+0x10/0x10 include/linux/list.h:153
================[ 153.871590][T10687] ? assign_work+0x1a0/0x250 kernel/workqueue.c:1200
=====
Nov 13 07[ 153.871622][T10687] ? __pfx_worker_thread+0x10/0x10 include/linux/list.h:183
:22:02 syzkaller[ 153.871632][T10687] kthread+0x2c1/0x3a0 kernel/kthread.c:389
kern.warn kerne[ 153.884523][T10687] ? __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline]
kern.warn kerne[ 153.884523][T10687] ? _raw_spin_unlock_irq+0x23/0x50 kernel/locking/spinlock.c:202
l: [ 153.808709[ 153.886133][T10687] ? __pfx_kthread+0x10/0x10 include/linux/list.h:373
][T10687] WARNING: suspicious RCU usage
Nov 13 07:22:02 syzkaller kern.warn kernel: [ 153.8101[ 153.889636][T10687] ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
65][T10687] 6.12[ 153.889657][T10687] ? __pfx_kthread+0x10/0x10 include/linux/list.h:373
.0-rc7-syzkaller[ 153.889671][T10687] ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
-00012-g3022e9d0[ 153.889691][T10687] </TASK>
0ebe #0 Not tainted
Nov 13 07:22:02 syzkaller kern.warn kernel: [ 153.812337][T10687] -----------------------------
Nov 13 07:22:02 syzkaller kern.warn kernel: [ 153.814888][T10687] net/sched/sch_generic.c:1290 suspicious rcu_dereference_protected() usage!
Nov 13 07:22:02 syzkaller kern.warn kernel: [ 153.817459][T10687]
Nov 13 07:22:02 syzkaller kern.warn kernel: [ 153.81[ 153.906040][T10687]
7459][T10687] ot[ 153.906683][T10687] =============================
her info that mi[ 153.908229][T10687] WARNING: suspicious RCU usage
ght help us debu[ 153.912493][T10687] include/linux/rtnetlink.h:100 suspicious rcu_dereference_protected() usage!
g this:
Nov 13 [ 153.915026][T10687]
07:22:02 syzkall[ 153.917895][T10687]
er kern.warn ker[ 153.917904][T10687] 3 locks held by kworker/u32:29/10687:
nel: [ 153.8174[ 153.917947][T10687] #1: ffffc900049afd80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
59][T10687]
Nov 13 07:22:02 sy[ 153.927150][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
Nov 13 07:22:02 sy[ 153.927150][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
Nov 13 07:22:02 sy[ 153.927150][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bond_mii_monitor+0x140/0x2d90 drivers/net/bonding/bond_main.c:2937
zkaller kern.war[ 153.930460][T10687]
n kernel: [ 153[ 153.932266][T10687] CPU: 2 UID: 0 PID: 10687 Comm: kworker/u32:29 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
.820490][T10687][ 153.932280][T10687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Nov 13 07:22:[ 153.932288][T10687] Workqueue: bond0 bond_mii_monitor
02 syzkaller ker[ 153.932309][T10687] <TASK>
n.warn kernel: [[ 153.942478][T10687] lockdep_rcu_suspicious+0x210/0x3c0 kernel/locking/lockdep.c:6821
153.820490][T1[ 153.945289][T10687] dev_deactivate+0xf9/0x1c0 net/sched/sch_generic.c:1403
0687] rcu_schedu[ 153.946820][T10687] ? __pfx_dev_deactivate+0x10/0x10 net/sched/sch_generic.c:1379
ler_active = 2, [ 153.948564][T10687] ? __sanitizer_cov_trace_switch+0x54/0x90 kernel/kcov.c:351
debug_locks = 1[ 153.948585][T10687] linkwatch_do_dev+0x11e/0x160 net/core/link_watch.c:175
Nov 13 07:22:02[ 153.948600][T10687] linkwatch_sync_dev+0x181/0x210 net/core/link_watch.c:263
syzkaller kern.[ 153.948623][T10687] ethtool_op_get_link+0x1d/0x70 net/ethtool/ioctl.c:62
warn kernel: [ [ 153.956478][T10687] bond_check_dev_link+0x197/0x490 drivers/net/bonding/bond_main.c:873
153.820517][T106[ 153.959301][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
153.820517][T106[ 153.959301][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
87] 3 locks held[ 153.962048][T10687] ? __pfx_bond_mii_monitor+0x10/0x10 drivers/net/bonding/bond_main.c:2806
by kworker/u32:[ 153.962064][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
by kworker/u32:[ 153.962064][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
29/10687:
Nov 1[ 153.962075][T10687] ? trace_lock_acquire+0x14a/0x1d0 include/trace/events/lock.h:24
3 07:22:02 syzka[ 153.967894][T10687] ? lock_acquire+0x2f/0xb0 kernel/locking/lockdep.c:5796
ller kern.warn k[ 153.970512][T10687] process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
ernel: [ 153.82[ 153.972119][T10687] ? __pfx_lock_acquire.part.0+0x10/0x10 kernel/locking/lockdep.c:122
0524][T10687] #[ 153.973933][T10687] ? __pfx_process_one_work+0x10/0x10 include/linux/list.h:153
0: ffff88804be0a[ 153.973948][T10687] ? assign_work+0x1a0/0x250 kernel/workqueue.c:1200
948 ((wq_complet[ 153.973989][T10687] kthread+0x2c1/0x3a0 kernel/kthread.c:389
ion)bond0#2){+.+[ 153.981690][T10687] ? __pfx_kthread+0x10/0x10 include/linux/list.h:373
.}-{0:0}, at: pr[ 153.983071][T10687] ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
ocess_one_work+0[ 153.984543][T10687] ? __pfx_kthread+0x10/0x10 include/linux/list.h:373
x129b/0x1ba0
No[ 153.984558][T10687] ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
v 13 07:22:02 sy[ 153.984578][T10687] </TASK>
zkaller kern.war[ 153.991427][T10687] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 10687, name: kworker/u32:29
n kernel: [ 153[ 153.995364][T10687] RCU nest depth: 1, expected: 0
.827341][T10687][ 153.997124][T10687] 3 locks held by kworker/u32:29/10687:
#1: ffffc90004[ 153.998911][T10687] #0: ffff88804be0a948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 kernel/workqueue.c:3204
9afd80 ((work_co[ 153.998950][T10687] #1: ffffc900049afd80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
mpletion)(&(&bon[ 154.005280][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
mpletion)(&(&bon[ 154.005280][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
mpletion)(&(&bon[ 154.005280][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bond_mii_monitor+0x140/0x2d90 drivers/net/bonding/bond_main.c:2937
d->mii_work)->wo[ 154.008225][T10687] CPU: 3 UID: 0 PID: 10687 Comm: kworker/u32:29 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
rk)){+.+.}-{0:0}[ 154.014163][T10687] Workqueue: bond0 bond_mii_monitor
, at: process_on[ 154.016850][T10687] <TASK>
e_work+0x921/0x1[ 154.018021][T10687] __dump_stack lib/dump_stack.c:94 [inline]
e_work+0x921/0x1[ 154.018021][T10687] dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120
ba0
Nov 13 07:2[ 154.019721][T10687] __might_resched+0x3c0/0x5e0 kernel/sched/core.c:8656
2:02 syzkaller k[ 154.019737][T10687] ? __pfx___might_resched+0x10/0x10 kernel/sched/core.c:5828
ern.warn kernel:[ 154.019765][T10687] synchronize_net+0x1b/0x60 net/core/dev.c:11284
[ 153.830368][[ 154.027281][T10687] dev_deactivate+0xf9/0x1c0 net/sched/sch_generic.c:1403
T10687] #2: fff[ 154.030197][T10687] ? __sanitizer_cov_trace_switch+0x54/0x90 kernel/kcov.c:351
fffff8e1b8340 (r[ 154.030233][T10687] linkwatch_sync_dev+0x181/0x210 net/core/link_watch.c:263
cu_read_lock){..[ 154.030247][T10687] ? __pfx_ethtool_op_get_link+0x10/0x10 net/ethtool/ioctl.c:2712
..}-{1:2}, at: b[ 154.037894][T10687] bond_check_dev_link+0x197/0x490 drivers/net/bonding/bond_main.c:873
ond_mii_monitor+[ 154.039571][T10687] ? __pfx_bond_check_dev_link+0x10/0x10 drivers/net/bonding/bond_main.c:4594
0x140/0x2d90
No[ 154.041412][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
No[ 154.041412][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
v 13 07:22:02 sy[ 154.041433][T10687] bond_miimon_inspect drivers/net/bonding/bond_main.c:2717 [inline]
v 13 07:22:02 sy[ 154.041433][T10687] bond_mii_monitor+0x3c1/0x2d90 drivers/net/bonding/bond_main.c:2939
zkaller kern.war[ 154.041452][T10687] ? __pfx_bond_mii_monitor+0x10/0x10 drivers/net/bonding/bond_main.c:2806
n kernel: [ 153[ 154.046285][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
n kernel: [ 153[ 154.046285][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
.832935][T10687][ 154.049183][T10687] ? process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
Nov 13 07:22:[ 154.050894][T10687] ? lock_acquire+0x2f/0xb0 kernel/locking/lockdep.c:5796
02 syzkaller ker[ 154.053821][T10687] process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
n.warn kernel: [[ 154.053839][T10687] ? __pfx_lock_acquire.part.0+0x10/0x10 kernel/locking/lockdep.c:122
153.832935][T1[ 154.053862][T10687] ? assign_work+0x1a0/0x250 kernel/workqueue.c:1200
0687] stack back[ 154.060141][T10687] process_scheduled_works kernel/workqueue.c:3310 [inline]
0687] stack back[ 154.060141][T10687] worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391
trace:
Nov 13 0[ 154.063073][T10687] kthread+0x2c1/0x3a0 kernel/kthread.c:389
7:22:02 syzkalle[ 154.064533][T10687] ? __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline]
7:22:02 syzkalle[ 154.064533][T10687] ? _raw_spin_unlock_irq+0x23/0x50 kernel/locking/spinlock.c:202
r kern.warn kern[ 154.066305][T10687] ? __pfx_kthread+0x10/0x10 include/linux/list.h:373
el: [ 153.83294[ 154.066320][T10687] ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
3][T10687] CPU: [ 154.066341][T10687] ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
1 UID: 0 PID: 10[ 154.072229][T10687] </TASK>
687 Comm: kworke[ 154.073787][T10687]
r/u32:29 Not tai[ 154.074619][T10687] =============================
nted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0[ 154.076385][T10687] WARNING: suspicious RCU usage
Nov 13 07:22:0[ 154.076392][T10687] 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 Tainted: G W
2 syzkaller kern[ 154.076399][T10687] -----------------------------
.warn kernel: [ [ 154.076402][T10687] kernel/rcu/tree_exp.h:946 Illegal synchronize_rcu_expedited() in RCU read-side critical section!
153.832956][T10[ 154.076414][T10687]
687] Hardware na[ 154.076428][T10687] #0: ffff88804be0a948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 kernel/workqueue.c:3204
me: QEMU Standar[ 154.076488][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
me: QEMU Standar[ 154.076488][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
me: QEMU Standar[ 154.076488][T10687] #2: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: bond_mii_monitor+0x140/0x2d90 drivers/net/bonding/bond_main.c:2937
d PC (Q35 + ICH9[ 154.076524][T10687] CPU: 3 UID: 0 PID: 10687 Comm: kworker/u32:29 Tainted: G W 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
, 2009), BIOS 1.[ 154.076541][T10687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
16.3-debian-1.16[ 154.076548][T10687] Workqueue: bond0 bond_mii_monitor
.3-2~bpo12+1 04/[ 154.076561][T10687] Call Trace:
01/2014
Nov 13 [ 154.076565][T10687] <TASK>
07:22:02 syzkall[ 154.076569][T10687] __dump_stack lib/dump_stack.c:94 [inline]
07:22:02 syzkall[ 154.076569][T10687] dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120
er kern.warn ker[ 154.076582][T10687] lockdep_rcu_suspicious+0x210/0x3c0 kernel/locking/lockdep.c:6821
nel: [ 153.8329[ 154.076600][T10687] synchronize_rcu_expedited+0x1e5/0x450 kernel/rcu/tree_exp.h:946
64][T10687] Work[ 154.076611][T10687] ? __pfx_synchronize_rcu_expedited+0x10/0x10 kernel/rcu/tree_exp.h:796
queue: bond0 bon[ 154.076620][T10687] ? native_irq_enable arch/x86/include/asm/irqflags.h:42 [inline]
queue: bond0 bon[ 154.076620][T10687] ? arch_local_irq_enable arch/x86/include/asm/irqflags.h:97 [inline]
queue: bond0 bon[ 154.076620][T10687] ? arch_local_irq_restore arch/x86/include/asm/irqflags.h:155 [inline]
queue: bond0 bon[ 154.076620][T10687] ? dump_stack_lvl+0x1a1/0x1f0 lib/dump_stack.c:123
d_mii_monitor
N[ 154.076630][T10687] ? dump_stack_lvl+0x1a3/0x1f0 lib/dump_stack.c:124
ov 13 07:22:02 s[ 154.076640][T10687] ? add_taint+0x5f/0xd0 kernel/panic.c:607
yzkaller kern.wa[ 154.076655][T10687] ? __pfx___might_resched+0x10/0x10 kernel/sched/core.c:5828
rn kernel: [ 15[ 154.076666][T10687] ? local_bh_enable include/linux/bottom_half.h:33 [inline]
rn kernel: [ 15[ 154.076666][T10687] ? netif_tx_unlock_bh include/linux/netdevice.h:4463 [inline]
rn kernel: [ 15[ 154.076666][T10687] ? dev_watchdog_down net/sched/sch_generic.c:577 [inline]
rn kernel: [ 15[ 154.076666][T10687] ? dev_deactivate_many+0x260/0xb20 net/sched/sch_generic.c:1369
3.832979][T10687[ 154.076683][T10687] synchronize_net+0x3e/0x60 net/core/dev.c:11286
] Call Trace:
N[ 154.076719][T10687] dev_deactivate+0xf9/0x1c0 net/sched/sch_generic.c:1403
ov 13 07:22:02 s[ 154.076732][T10687] ? __pfx_dev_deactivate+0x10/0x10 net/sched/sch_generic.c:1379
yzkaller kern.wa[ 154.076746][T10687] ? __sanitizer_cov_trace_switch+0x54/0x90 kernel/kcov.c:351
rn kernel: [ 15[ 154.076764][T10687] linkwatch_do_dev+0x11e/0x160 net/core/link_watch.c:175
3.832984][T10687[ 154.076790][T10687] ? __pfx_ethtool_op_get_link+0x10/0x10 net/ethtool/ioctl.c:2712
] <TASK>
Nov 1[ 154.076800][T10687] ethtool_op_get_link+0x1d/0x70 net/ethtool/ioctl.c:62
3 07:22:02 syzka[ 154.076810][T10687] bond_check_dev_link+0x197/0x490 drivers/net/bonding/bond_main.c:873
ller kern.warn k[ 154.076834][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
ller kern.warn k[ 154.076834][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
ernel: [ 153.83[ 154.076868][T10687] ? __pfx_bond_mii_monitor+0x10/0x10 drivers/net/bonding/bond_main.c:2806
2989][T10687] d[ 154.076892][T10687] ? trace_lock_acquire+0x14a/0x1d0 include/trace/events/lock.h:24
ump_stack_lvl+0x[ 154.076904][T10687] ? process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
16c/0x1f0
Nov 1[ 154.076923][T10687] ? process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
3 07:22:02 syzka[ 154.076933][T10687] process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
ller kern.warn k[ 154.076947][T10687] ? __pfx_lock_acquire.part.0+0x10/0x10 kernel/locking/lockdep.c:122
ernel: [ 153.84[ 154.076969][T10687] ? assign_work+0x1a0/0x250 kernel/workqueue.c:1200
4645][T10687] l[ 154.076985][T10687] process_scheduled_works kernel/workqueue.c:3310 [inline]
4645][T10687] l[ 154.076985][T10687] worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391
ockdep_rcu_suspi[ 154.077000][T10687] ? __pfx_worker_thread+0x10/0x10 include/linux/list.h:183
cious+0x210/0x3c[ 154.077020][T10687] ? __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline]
cious+0x210/0x3c[ 154.077020][T10687] ? _raw_spin_unlock_irq+0x23/0x50 kernel/locking/spinlock.c:202
0
Nov 13 07:22:[ 154.077034][T10687] ? __pfx_kthread+0x10/0x10 include/linux/list.h:373
02 syzkaller ker[ 154.077045][T10687] ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
n.warn kernel: [[ 154.077066][T10687] ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
153.846292][T1[ 154.077101][T10687]
0687] dev_deact[ 154.077103][T10687] =============================
ivate_queue+0x16[ 154.077110][T10687] 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0 Tainted: G W
7/0x190
Nov 13 [ 154.077117][T10687] kworker/u32:29/10687 is trying to lock:
07:22:02 syzkall[ 154.077145][T10687] other info that might help us debug this:
er kern.warn ker[ 154.077151][T10687] context-{4:4}
nel: [ 153.8463[ 154.077160][T10687] #0: ffff88804be0a948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 kernel/workqueue.c:3204
10][T10687] dev[ 154.077183][T10687] #1: ffffc900049afd80 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
_deactivate_many[ 154.077229][T10687] stack backtrace:
+0xe7/0xb20
Nov[ 154.077232][T10687] CPU: 3 UID: 0 PID: 10687 Comm: kworker/u32:29 Tainted: G W 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
13 07:22:02 syz[ 154.077245][T10687] Tainted: [W]=WARN
kaller kern.warn[ 154.077248][T10687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
kernel: [ 153.[ 154.077254][T10687] Workqueue: bond0 bond_mii_monitor
846326][T10687] [ 154.077265][T10687] Call Trace:
dev_deactivate+[ 154.077268][T10687] <TASK>
0xf9/0x1c0
Nov [ 154.077271][T10687] __dump_stack lib/dump_stack.c:94 [inline]
Nov [ 154.077271][T10687] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
13 07:22:02 syzk[ 154.077290][T10687] ? __pfx___lock_acquire+0x10/0x10 kernel/locking/lockdep.c:4387
aller kern.warn [ 154.077310][T10687] ? __list_add_valid include/linux/list.h:88 [inline]
aller kern.warn [ 154.077310][T10687] ? __list_add_rcu include/linux/rculist.h:79 [inline]
aller kern.warn [ 154.077310][T10687] ? list_add_tail_rcu include/linux/rculist.h:128 [inline]
aller kern.warn [ 154.077310][T10687] ? add_lock_to_list+0x17d/0x390 kernel/locking/lockdep.c:1444
kernel: [ 153.8[ 154.077331][T10687] ? exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
46340][T10687] [ 154.077344][T10687] ? __pfx_lock_acquire.part.0+0x10/0x10 kernel/locking/lockdep.c:122
? __pfx_dev_deac[ 154.077363][T10687] ? trace_lock_acquire+0x14a/0x1d0 include/trace/events/lock.h:24
tivate+0x10/0x10[ 154.077383][T10687] ? exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
Nov 13 07:22:0[ 154.077396][T10687] ? lock_acquire+0x2f/0xb0 kernel/locking/lockdep.c:5796
2 syzkaller kern[ 154.077404][T10687] ? exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
.warn kernel: [ [ 154.077417][T10687] __mutex_lock_common kernel/locking/mutex.c:608 [inline]
.warn kernel: [ [ 154.077417][T10687] __mutex_lock+0x175/0x9c0 kernel/locking/mutex.c:752
153.852249][T10[ 154.077426][T10687] ? exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
687] ? __saniti[ 154.077439][T10687] ? find_held_lock+0x2d/0x110 kernel/locking/lockdep.c:5315
zer_cov_trace_sw[ 154.077449][T10687] ? exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
itch+0x54/0x90
Nov 13 07:22:02 [ 154.077471][T10687] ? spin_unlock include/linux/spinlock.h:391 [inline]
Nov 13 07:22:02 [ 154.077471][T10687] ? exp_funnel_lock+0x171/0x3b0 kernel/rcu/tree_exp.h:325
syzkaller kern.w[ 154.077484][T10687] ? __pfx_do_raw_spin_lock+0x10/0x10 kernel/locking/spinlock_debug.c:64
arn kernel: [ 1[ 154.077494][T10687] ? lock_acquire+0x2f/0xb0 kernel/locking/lockdep.c:5796
53.853975][T1068[ 154.077502][T10687] ? spin_lock include/linux/spinlock.h:351 [inline]
53.853975][T1068[ 154.077502][T10687] ? exp_funnel_lock+0x13c/0x3b0 kernel/rcu/tree_exp.h:312
7] linkwatch_do[ 154.077515][T10687] ? exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
_dev+0x11e/0x160[ 154.077541][T10687] ? __pfx_exp_funnel_lock+0x10/0x10 kernel/rcu/tree.c:1448
Nov 13 07:22:02 [ 154.271249][T10687] ? dump_stack_lvl+0x1a3/0x1f0 lib/dump_stack.c:124
syzkaller kern.w[ 154.272916][T10687] ? add_taint+0x5f/0xd0 kernel/panic.c:607
arn kernel: [ 1[ 154.275804][T10687] ? local_bh_enable include/linux/bottom_half.h:33 [inline]
arn kernel: [ 1[ 154.275804][T10687] ? netif_tx_unlock_bh include/linux/netdevice.h:4463 [inline]
arn kernel: [ 1[ 154.275804][T10687] ? dev_watchdog_down net/sched/sch_generic.c:577 [inline]
arn kernel: [ 1[ 154.275804][T10687] ? dev_deactivate_many+0x260/0xb20 net/sched/sch_generic.c:1369
53.855480][T1068[ 154.278828][T10687] dev_deactivate_many+0x2a1/0xb20 net/sched/sch_generic.c:1377
7] linkwatch_sy[ 154.280555][T10687] dev_deactivate+0xf9/0x1c0 net/sched/sch_generic.c:1403
nc_dev+0x181/0x2[ 154.280570][T10687] ? __pfx_dev_deactivate+0x10/0x10 net/sched/sch_generic.c:1379
10
Nov 13 07:22:02 [ 154.289552][T10687] ethtool_op_get_link+0x1d/0x70 net/ethtool/ioctl.c:62
syzkaller kern.w[ 154.291370][T10687] bond_check_dev_link+0x197/0x490 drivers/net/bonding/bond_main.c:873
arn kernel: [ 1[ 154.294427][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
arn kernel: [ 1[ 154.294427][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
53.855496][T1068[ 154.294448][T10687] bond_miimon_inspect drivers/net/bonding/bond_main.c:2717 [inline]
53.855496][T1068[ 154.294448][T10687] bond_mii_monitor+0x3c1/0x2d90 drivers/net/bonding/bond_main.c:2939
7] ? __pfx_etht[ 154.294463][T10687] ? __pfx_bond_mii_monitor+0x10/0x10 drivers/net/bonding/bond_main.c:2806
ool_op_get_link+[ 154.299551][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
ool_op_get_link+[ 154.299551][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
0x10/0x10
Nov 1[ 154.303858][T10687] ? lock_acquire+0x2f/0xb0 kernel/locking/lockdep.c:5796
3 07:22:02 syzka[ 154.306765][T10687] process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
ller kern.warn k[ 154.306779][T10687] ? __pfx_lock_acquire.part.0+0x10/0x10 kernel/locking/lockdep.c:122
ernel: [ 153.85[ 154.306799][T10687] ? assign_work+0x1a0/0x250 kernel/workqueue.c:1200
5506][T10687] e[ 154.314624][T10687] ? __pfx_worker_thread+0x10/0x10 include/linux/list.h:183
thtool_op_get_li[ 154.317399][T10687] ? __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline]
thtool_op_get_li[ 154.317399][T10687] ? _raw_spin_unlock_irq+0x23/0x50 kernel/locking/spinlock.c:202
nk+0x1d/0x70
No[ 154.320303][T10687] ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
v 13 07:22:02 sy[ 154.321849][T10687] ? __pfx_kthread+0x10/0x10 include/linux/list.h:373
zkaller kern.war[ 154.323418][T10687] ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
n kernel: [ 153[ 154.323437][T10687] </TASK>
.855516][T10687][ 154.327640][T10687] Voluntary context switch within RCU read-side critical section!
bond_check_dev[ 154.332634][T10687] Modules linked in:
_link+0x197/0x49[ 154.334119][T10687] CPU: 3 UID: 0 PID: 10687 Comm: kworker/u32:29 Tainted: G W 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
0
Nov 13 07:22:[ 154.341443][T10687] Workqueue: bond0 bond_mii_monitor
02 syzkaller ker[ 154.344795][T10687] Code: 79 00 4c 8b 54 24 30 48 8b 44 24 28 8b 4c 24 10 e9 c6 03 00 00 c6 05 53 c1 d2 0e 01 90 48 c7 c7 c0 a5 6e 8b e8 f5 1d d9 ff 90 <0f> 0b 90 90 e9 a8 f4 ff ff 38 d0 7f 08 84 c0 0f 85 2b 08 00 00 80
n.warn kernel: [[ 154.344807][T10687] RSP: 0018:ffffc900049af3b0 EFLAGS: 00010086
153.855530][T1[ 154.344822][T10687] RDX: ffff88804f7a0000 RSI: ffffffff814e6e86 RDI: 0000000000000001
0687] ? __pfx_b[ 154.358024][T10687] R10: 0000000000000000 R11: 000000002d2d2d2d R12: ffff88804f7a0000
ond_check_dev_li[ 154.362386][T10687] FS: 0000000000000000(0000) GS:ffff88806a900000(0000) knlGS:0000000000000000
nk+0x10/0x10
No[ 154.365037][T10687] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
v 13 07:22:02 sy[ 154.367229][T10687] CR2: 00007fc53c267d60 CR3: 0000000025398000 CR4: 0000000000352ef0
zkaller kern.war[ 154.367239][T10687] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
n kernel: [ 153[ 154.367254][T10687] <TASK>
.862750][T10687][ 154.367273][T10687] ? bpf_ksym_find+0x127/0x1c0 kernel/bpf/core.c:736
? rcu_is_watch[ 154.380100][T10687] ? __report_bug lib/bug.c:199 [inline]
? rcu_is_watch[ 154.380100][T10687] ? report_bug+0x3c0/0x580 lib/bug.c:219
ing+0x12/0xc0
N[ 154.380129][T10687] ? exc_invalid_op+0x17/0x50 arch/x86/kernel/traps.c:309
ov 13 07:22:02 s[ 154.385613][T10687] ? warn_rcu_exit include/linux/context_tracking.h:161 [inline]
ov 13 07:22:02 s[ 154.385613][T10687] ? __warn_printk+0x199/0x350 kernel/panic.c:799
yzkaller kern.wa[ 154.387288][T10687] ? __warn_printk+0x1a6/0x350 include/linux/context_tracking.h:161
rn kernel: [ 15[ 154.388939][T10687] ? rcu_note_context_switch+0xc5c/0x1ae0 kernel/rcu/tree_plugin.h:331
3.864236][T10687[ 154.390790][T10687] ? lockdep_unlock+0x11a/0x290 kernel/locking/lockdep.c:157
] bond_mii_moni[ 154.392549][T10687] ? graph_lock kernel/locking/lockdep.c:178 [inline]
] bond_mii_moni[ 154.392549][T10687] ? lookup_chain_cache_add kernel/locking/lockdep.c:3839 [inline]
] bond_mii_moni[ 154.392549][T10687] ? validate_chain kernel/locking/lockdep.c:3872 [inline]
] bond_mii_moni[ 154.392549][T10687] ? __lock_acquire+0x2167/0x3ce0 kernel/locking/lockdep.c:5202
tor+0x3c1/0x2d90[ 154.394225][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
tor+0x3c1/0x2d90[ 154.394225][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
Nov 13 07:22:02 [ 154.398213][T10687] ? trace_irq_enable.constprop.0+0xe4/0x130 include/trace/events/preemptirq.h:40
syzkaller kern.w[ 154.400158][T10687] ? __pfx___schedule+0x10/0x10
arn kernel: [ 1[ 154.401811][T10687] ? instrument_atomic_read include/linux/instrumented.h:68 [inline]
arn kernel: [ 1[ 154.401811][T10687] ? atomic_long_read include/linux/atomic/atomic-instrumented.h:3188 [inline]
arn kernel: [ 1[ 154.401811][T10687] ? __mutex_trylock_common+0x78/0x250 kernel/locking/mutex.c:107
53.865772][T1068[ 154.403587][T10687] ? __pfx___mutex_trylock_common+0x10/0x10 arch/x86/include/asm/atomic64_64.h:15
7] ? __pfx_bond[ 154.405524][T10687] ? exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
_mii_monitor+0x1[ 154.407205][T10687] ? mutex_optimistic_spin kernel/locking/mutex.c:509 [inline]
_mii_monitor+0x1[ 154.407205][T10687] ? __mutex_lock_common kernel/locking/mutex.c:612 [inline]
_mii_monitor+0x1[ 154.407205][T10687] ? __mutex_lock+0x7ca/0x9c0 kernel/locking/mutex.c:752
0/0x10[ 154.408845][T10687] __schedule_loop kernel/sched/core.c:6770 [inline]
0/0x10[ 154.408845][T10687] schedule+0xe7/0x350 kernel/sched/core.c:6785
Nov 13 07:22:02 [ 154.420241][T10687] ? spin_lock include/linux/spinlock.h:351 [inline]
Nov 13 07:22:02 [ 154.420241][T10687] ? exp_funnel_lock+0x13c/0x3b0 kernel/rcu/tree_exp.h:312
syzkaller kern.w[ 154.421948][T10687] ? exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
arn kernel: [ 1[ 154.423556][T10687] exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329
53.867016][T1068[ 154.425181][T10687] ? __pfx_exp_funnel_lock+0x10/0x10 kernel/rcu/tree.c:1448
7] ? rcu_is_wat[ 154.425198][T10687] ? lock_is_held include/linux/lockdep.h:249 [inline]
7] ? rcu_is_wat[ 154.425198][T10687] ? __might_resched+0x4ca/0x5e0 kernel/sched/core.c:8618
ching+0x12/0xc0[ 154.425220][T10687] ? nbcon_get_cpu_emergency_nesting+0x3b/0x50 kernel/printk/nbcon.c:1359
Nov 13 07:22:02 [ 154.433380][T10687] ? lockdep_rcu_suspicious+0x215/0x3c0 kernel/locking/lockdep.c:6822
syzkaller kern.w[ 154.435139][T10687] synchronize_rcu_expedited+0x290/0x450 kernel/rcu/tree_exp.h:976
arn kernel: [ 1[ 154.436925][T10687] ? __pfx_synchronize_rcu_expedited+0x10/0x10 kernel/rcu/tree_exp.h:796
53.868142][T1068[ 154.440070][T10687] ? dump_stack_lvl+0x1a3/0x1f0 lib/dump_stack.c:124
7] ? trace_lock[ 154.441675][T10687] ? add_taint+0x5f/0xd0 kernel/panic.c:607
_acquire+0x14a/0[ 154.443220][T10687] ? __pfx___might_resched+0x10/0x10 kernel/sched/core.c:5828
x1d0
Nov 13 07:22:02 [ 154.443262][T10687] dev_deactivate_many+0x2a1/0xb20 net/sched/sch_generic.c:1377
syzkaller kern.w[ 154.449309][T10687] dev_deactivate+0xf9/0x1c0 net/sched/sch_generic.c:1403
arn kernel: [ 1[ 154.452222][T10687] ? __sanitizer_cov_trace_switch+0x54/0x90 kernel/kcov.c:351
53.869866][T1068[ 154.452242][T10687] linkwatch_do_dev+0x11e/0x160 net/core/link_watch.c:175
7] ? process_on[ 154.457001][T10687] ? __pfx_ethtool_op_get_link+0x10/0x10 net/ethtool/ioctl.c:2712
e_work+0x921/0x1[ 154.460054][T10687] bond_check_dev_link+0x197/0x490 drivers/net/bonding/bond_main.c:873
ba0
Nov 13 07:2[ 154.461814][T10687] ? __pfx_bond_check_dev_link+0x10/0x10 drivers/net/bonding/bond_main.c:4594
2:02 syzkaller k[ 154.463712][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
2:02 syzkaller k[ 154.463712][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
ern.warn kernel:[ 154.463729][T10687] bond_miimon_inspect drivers/net/bonding/bond_main.c:2717 [inline]
ern.warn kernel:[ 154.463729][T10687] bond_mii_monitor+0x3c1/0x2d90 drivers/net/bonding/bond_main.c:2939
[ 153.871529][[ 154.463744][T10687] ? __pfx_bond_mii_monitor+0x10/0x10 drivers/net/bonding/bond_main.c:2806
T10687] ? lock_[ 154.468786][T10687] ? rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
T10687] ? lock_[ 154.468786][T10687] ? rcu_is_watching+0x12/0xc0 kernel/rcu/tree.c:737
acquire+0x2f/0xb[ 154.471759][T10687] ? process_one_work+0x921/0x1ba0 kernel/workqueue.c:3205
0
Nov 13 07:22:[ 154.471772][T10687] ? lock_acquire+0x2f/0xb0 kernel/locking/lockdep.c:5796
02 syzkaller ker[ 154.471789][T10687] process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229
n.warn kernel: [[ 154.477566][T10687] ? __pfx_lock_acquire.part.0+0x10/0x10 kernel/locking/lockdep.c:122
153.871542][T1[ 154.480665][T10687] ? assign_work+0x1a0/0x250 kernel/workqueue.c:1200
0687] ? process[ 154.483453][T10687] ? __pfx_worker_thread+0x10/0x10 include/linux/list.h:183
_one_work+0x921/[ 154.483464][T10687] kthread+0x2c1/0x3a0 kernel/kthread.c:389
0x1ba0
Nov 13 0[ 154.483476][T10687] ? __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline]
Nov 13 0[ 154.483476][T10687] ? _raw_spin_unlock_irq+0x23/0x50 kernel/locking/spinlock.c:202
7:22:03 syzkalle[ 154.483500][T10687] ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
r kern.warn kern[ 154.490650][T10687] ? __pfx_kthread+0x10/0x10 include/linux/list.h:373
el: [ [ 1 5135.4.84791252512][T10687] ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244