Warning: Permanently added '10.128.1.73' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 34.014244][ T3073] [ 34.014708][ T3073] ======================================================== [ 34.016025][ T3073] WARNING: possible irq lock inversion dependency detected [ 34.017534][ T3073] 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 Not tainted [ 34.018952][ T3073] -------------------------------------------------------- [ 34.020462][ T3073] syz-executor252/3073 just changed the state of lock: [ 34.021846][ T3073] ffff0000cae5d638 (clock-AF_INET6){+++.}-{2:2}, at: l2tp_tunnel_register+0x354/0x79c [ 34.023785][ T3073] but this lock was taken by another, SOFTIRQ-safe lock in the past: [ 34.026815][ T3073] (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} [ 34.026825][ T3073] [ 34.026825][ T3073] [ 34.026825][ T3073] and interrupts could create inverse lock ordering between them. [ 34.026825][ T3073] [ 34.031060][ T3073] [ 34.031060][ T3073] other info that might help us debug this: [ 34.032725][ T3073] Possible interrupt unsafe locking scenario: [ 34.032725][ T3073] [ 34.034526][ T3073] CPU0 CPU1 [ 34.035463][ T3073] ---- ---- [ 34.036602][ T3073] lock(clock-AF_INET6); [ 34.037506][ T3073] local_irq_disable(); [ 34.038924][ T3073] lock(&tcp_hashinfo.bhash[i].lock); [ 34.040559][ T3073] lock(clock-AF_INET6); [ 34.041976][ T3073] [ 34.042686][ T3073] lock(&tcp_hashinfo.bhash[i].lock); [ 34.043883][ T3073] [ 34.043883][ T3073] *** DEADLOCK *** [ 34.043883][ T3073] [ 34.045370][ T3073] 1 lock held by syz-executor252/3073: [ 34.046526][ T3073] #0: ffff0000cae31930 (sk_lock-AF_PPPOX){+.+.}-{0:0}, at: pppol2tp_connect+0x184/0x6c4 [ 34.048581][ T3073] [ 34.048581][ T3073] the shortest dependencies between 2nd lock and 1st lock: [ 34.050504][ T3073] -> (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} { [ 34.051815][ T3073] HARDIRQ-ON-W at: [ 34.052635][ T3073] lock_acquire+0x100/0x1f8 [ 34.053979][ T3073] _raw_spin_lock_bh+0x54/0x6c [ 34.055145][ T3073] inet_csk_get_port+0xe0/0xaf0 [ 34.056432][ T3073] __inet6_bind+0x688/0x8ac [ 34.057839][ T3073] inet6_bind+0xf4/0x150 [ 34.059257][ T3073] rds_tcp_listen_init+0x14c/0x1f0 [ 34.060709][ T3073] rds_tcp_init_net+0xcc/0x1dc [ 34.062127][ T3073] ops_init+0xe4/0x2e4 [ 34.063441][ T3073] register_pernet_operations+0x108/0x264 [ 34.064993][ T3073] register_pernet_device+0x3c/0x94 [ 34.066456][ T3073] rds_tcp_init+0x74/0xe0 [ 34.067887][ T3073] do_one_initcall+0x118/0x22c [ 34.069456][ T3073] do_initcall_level+0xac/0xe4 [ 34.071070][ T3073] do_initcalls+0x58/0xa8 [ 34.072436][ T3073] do_basic_setup+0x20/0x2c [ 34.073966][ T3073] kernel_init_freeable+0xb8/0x148 [ 34.077093][ T3073] kernel_init+0x24/0x290 [ 34.078504][ T3073] ret_from_fork+0x10/0x20 [ 34.080048][ T3073] IN-SOFTIRQ-W at: [ 34.081075][ T3073] lock_acquire+0x100/0x1f8 [ 34.082548][ T3073] _raw_spin_lock+0x54/0x6c [ 34.083898][ T3073] __inet_inherit_port+0x124/0x9ac [ 34.085168][ T3073] tcp_v4_syn_recv_sock+0x790/0x848 [ 34.086613][ T3073] tcp_check_req+0x75c/0x8e4 [ 34.088226][ T3073] tcp_v4_rcv+0xad4/0x11e8 [ 34.089753][ T3073] ip_protocol_deliver_rcu+0x224/0x414 [ 34.091457][ T3073] ip_local_deliver_finish+0x124/0x200 [ 34.093317][ T3073] ip_local_deliver+0xd0/0xf4 [ 34.094700][ T3073] ip_sublist_rcv+0x40c/0x474 [ 34.095814][ T3073] ip_list_rcv+0x184/0x1c8 [ 34.097301][ T3073] __netif_receive_skb_list_core+0x1f8/0x2b0 [ 34.099137][ T3073] __netif_receive_skb_list+0x16c/0x1d0 [ 34.100815][ T3073] netif_receive_skb_list_internal+0x1e8/0x340 [ 34.102649][ T3073] napi_complete_done+0x140/0x354 [ 34.104221][ T3073] gve_napi_poll+0xcc/0x1b4 [ 34.105355][ T3073] __napi_poll+0x5c/0x24c [ 34.106807][ T3073] napi_poll+0x110/0x484 [ 34.108203][ T3073] net_rx_action+0x18c/0x414 [ 34.109673][ T3073] _stext+0x168/0x37c [ 34.111181][ T3073] ____do_softirq+0x14/0x20 [ 34.112690][ T3073] call_on_irq_stack+0x2c/0x54 [ 34.114135][ T3073] do_softirq_own_stack+0x20/0x2c [ 34.115347][ T3073] invoke_softirq+0x70/0xbc [ 34.116964][ T3073] __irq_exit_rcu+0xf0/0x140 [ 34.118345][ T3073] irq_exit_rcu+0x10/0x40 [ 34.119773][ T3073] el1_interrupt+0x38/0x68 [ 34.121366][ T3073] el1h_64_irq_handler+0x18/0x24 [ 34.123062][ T3073] el1h_64_irq+0x64/0x68 [ 34.124432][ T3073] arch_local_irq_enable+0xc/0x18 [ 34.125714][ T3073] default_idle_call+0x48/0xb8 [ 34.127272][ T3073] do_idle+0x110/0x2d4 [ 34.128641][ T3073] cpu_startup_entry+0x24/0x28 [ 34.130165][ T3073] kernel_init+0x0/0x290 [ 34.131648][ T3073] start_kernel+0x0/0x620 [ 34.133155][ T3073] start_kernel+0x450/0x620 [ 34.134529][ T3073] __primary_switched+0xb4/0xbc [ 34.135770][ T3073] INITIAL USE at: [ 34.136730][ T3073] lock_acquire+0x100/0x1f8 [ 34.138221][ T3073] _raw_spin_lock_bh+0x54/0x6c [ 34.139772][ T3073] inet_csk_get_port+0xe0/0xaf0 [ 34.141302][ T3073] __inet6_bind+0x688/0x8ac [ 34.142700][ T3073] inet6_bind+0xf4/0x150 [ 34.144137][ T3073] rds_tcp_listen_init+0x14c/0x1f0 [ 34.145364][ T3073] rds_tcp_init_net+0xcc/0x1dc [ 34.146814][ T3073] ops_init+0xe4/0x2e4 [ 34.148201][ T3073] register_pernet_operations+0x108/0x264 [ 34.149817][ T3073] register_pernet_device+0x3c/0x94 [ 34.151460][ T3073] rds_tcp_init+0x74/0xe0 [ 34.152767][ T3073] do_one_initcall+0x118/0x22c [ 34.154249][ T3073] do_initcall_level+0xac/0xe4 [ 34.157352][ T3073] do_initcalls+0x58/0xa8 [ 34.158843][ T3073] do_basic_setup+0x20/0x2c [ 34.160179][ T3073] kernel_init_freeable+0xb8/0x148 [ 34.161883][ T3073] kernel_init+0x24/0x290 [ 34.163380][ T3073] ret_from_fork+0x10/0x20 [ 34.164516][ T3073] } [ 34.164966][ T3073] ... key at: [] tcp_init.__key.22+0x0/0x10 [ 34.166700][ T3073] ... acquired at: [ 34.167723][ T3073] _raw_read_lock_bh+0x64/0x7c [ 34.168873][ T3073] sock_i_uid+0x24/0x58 [ 34.169939][ T3073] inet_csk_get_port+0x674/0xaf0 [ 34.171247][ T3073] __inet6_bind+0x688/0x8ac [ 34.172282][ T3073] inet6_bind+0xf4/0x150 [ 34.173302][ T3073] __sys_bind+0x148/0x1b0 [ 34.174343][ T3073] __arm64_sys_bind+0x28/0x3c [ 34.175174][ T3073] el0_svc_common+0x138/0x220 [ 34.176157][ T3073] do_el0_svc+0x48/0x164 [ 34.177168][ T3073] el0_svc+0x58/0x150 [ 34.178157][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.179403][ T3073] el0t_64_sync+0x190/0x194 [ 34.180446][ T3073] [ 34.181056][ T3073] -> (clock-AF_INET6){+++.}-{2:2} { [ 34.182384][ T3073] HARDIRQ-ON-W at: [ 34.183400][ T3073] lock_acquire+0x100/0x1f8 [ 34.186256][ T3073] _raw_write_lock_bh+0x54/0x6c [ 34.187660][ T3073] sk_common_release+0x58/0x1d4 [ 34.189202][ T3073] udp_lib_close+0x20/0x30 [ 34.190574][ T3073] inet_release+0xc8/0xe4 [ 34.192017][ T3073] inet6_release+0x3c/0x58 [ 34.193587][ T3073] sock_close+0x50/0xf0 [ 34.194775][ T3073] __fput+0x198/0x3e4 [ 34.195791][ T3073] ____fput+0x20/0x30 [ 34.197199][ T3073] task_work_run+0x100/0x148 [ 34.198810][ T3073] do_notify_resume+0x174/0x1f0 [ 34.200353][ T3073] el0_svc+0x9c/0x150 [ 34.201701][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.203374][ T3073] el0t_64_sync+0x190/0x194 [ 34.206202][ T3073] HARDIRQ-ON-R at: [ 34.207181][ T3073] lock_acquire+0x100/0x1f8 [ 34.208588][ T3073] _raw_read_lock_bh+0x64/0x7c [ 34.210078][ T3073] sock_i_uid+0x24/0x58 [ 34.211691][ T3073] udp_lib_lport_inuse+0x44/0x268 [ 34.213214][ T3073] udp_lib_get_port+0x2bc/0x8f8 [ 34.216279][ T3073] udp_v6_get_port+0x60/0x74 [ 34.217877][ T3073] __inet6_bind+0x688/0x8ac [ 34.219393][ T3073] inet6_bind+0xf4/0x150 [ 34.220757][ T3073] __sys_bind+0x148/0x1b0 [ 34.222031][ T3073] __arm64_sys_bind+0x28/0x3c [ 34.223673][ T3073] el0_svc_common+0x138/0x220 [ 34.226767][ T3073] do_el0_svc+0x48/0x164 [ 34.228146][ T3073] el0_svc+0x58/0x150 [ 34.229577][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.231188][ T3073] el0t_64_sync+0x190/0x194 [ 34.232735][ T3073] SOFTIRQ-ON-W at: [ 34.233650][ T3073] lock_acquire+0x100/0x1f8 [ 34.234878][ T3073] _raw_write_lock+0x54/0x6c [ 34.235988][ T3073] l2tp_tunnel_register+0x354/0x79c [ 34.237713][ T3073] pppol2tp_connect+0x3e8/0x6c4 [ 34.239409][ T3073] __sys_connect+0x184/0x190 [ 34.240811][ T3073] __arm64_sys_connect+0x28/0x3c [ 34.242314][ T3073] el0_svc_common+0x138/0x220 [ 34.243726][ T3073] do_el0_svc+0x48/0x164 [ 34.246562][ T3073] el0_svc+0x58/0x150 [ 34.247918][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.249534][ T3073] el0t_64_sync+0x190/0x194 [ 34.251028][ T3073] INITIAL USE at: [ 34.251838][ T3073] lock_acquire+0x100/0x1f8 [ 34.253278][ T3073] _raw_write_lock_bh+0x54/0x6c [ 34.256305][ T3073] sk_common_release+0x58/0x1d4 [ 34.257819][ T3073] udp_lib_close+0x20/0x30 [ 34.259246][ T3073] inet_release+0xc8/0xe4 [ 34.260589][ T3073] inet6_release+0x3c/0x58 [ 34.261777][ T3073] sock_close+0x50/0xf0 [ 34.263152][ T3073] __fput+0x198/0x3e4 [ 34.264408][ T3073] ____fput+0x20/0x30 [ 34.265610][ T3073] task_work_run+0x100/0x148 [ 34.266958][ T3073] do_notify_resume+0x174/0x1f0 [ 34.268382][ T3073] el0_svc+0x9c/0x150 [ 34.269658][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.271129][ T3073] el0t_64_sync+0x190/0x194 [ 34.272535][ T3073] INITIAL READ USE at: [ 34.273529][ T3073] lock_acquire+0x100/0x1f8 [ 34.276588][ T3073] _raw_read_lock_bh+0x64/0x7c [ 34.278249][ T3073] sock_i_uid+0x24/0x58 [ 34.279611][ T3073] udp_lib_lport_inuse+0x44/0x268 [ 34.281352][ T3073] udp_lib_get_port+0x2bc/0x8f8 [ 34.282850][ T3073] udp_v6_get_port+0x60/0x74 [ 34.284335][ T3073] __inet6_bind+0x688/0x8ac [ 34.285449][ T3073] inet6_bind+0xf4/0x150 [ 34.286787][ T3073] __sys_bind+0x148/0x1b0 [ 34.288225][ T3073] __arm64_sys_bind+0x28/0x3c [ 34.289819][ T3073] el0_svc_common+0x138/0x220 [ 34.291426][ T3073] do_el0_svc+0x48/0x164 [ 34.292892][ T3073] el0_svc+0x58/0x150 [ 34.294227][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.295443][ T3073] el0t_64_sync+0x190/0x194 [ 34.296949][ T3073] } [ 34.297556][ T3073] ... key at: [] af_callback_keys+0xa0/0x2e0 [ 34.299503][ T3073] ... acquired at: [ 34.300475][ T3073] mark_lock+0x154/0x1b4 [ 34.301544][ T3073] __lock_acquire+0x618/0x3084 [ 34.302692][ T3073] lock_acquire+0x100/0x1f8 [ 34.303832][ T3073] _raw_write_lock+0x54/0x6c [ 34.304747][ T3073] l2tp_tunnel_register+0x354/0x79c [ 34.305669][ T3073] pppol2tp_connect+0x3e8/0x6c4 [ 34.306814][ T3073] __sys_connect+0x184/0x190 [ 34.308014][ T3073] __arm64_sys_connect+0x28/0x3c [ 34.309298][ T3073] el0_svc_common+0x138/0x220 [ 34.310460][ T3073] do_el0_svc+0x48/0x164 [ 34.311621][ T3073] el0_svc+0x58/0x150 [ 34.312543][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.313787][ T3073] el0t_64_sync+0x190/0x194 [ 34.314756][ T3073] [ 34.315151][ T3073] [ 34.315151][ T3073] stack backtrace: [ 34.316397][ T3073] CPU: 0 PID: 3073 Comm: syz-executor252 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 34.318862][ T3073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 34.321556][ T3073] Call trace: [ 34.322390][ T3073] dump_backtrace+0x1c4/0x1f0 [ 34.323522][ T3073] show_stack+0x2c/0x54 [ 34.326125][ T3073] dump_stack_lvl+0x104/0x16c [ 34.327253][ T3073] dump_stack+0x1c/0x58 [ 34.328301][ T3073] print_irq_inversion_bug+0x2f8/0x300 [ 34.329665][ T3073] mark_lock_irq+0x3ec/0x4b4 [ 34.330842][ T3073] mark_lock+0x154/0x1b4 [ 34.331766][ T3073] __lock_acquire+0x618/0x3084 [ 34.332915][ T3073] lock_acquire+0x100/0x1f8 [ 34.334003][ T3073] _raw_write_lock+0x54/0x6c [ 34.334862][ T3073] l2tp_tunnel_register+0x354/0x79c [ 34.335756][ T3073] pppol2tp_connect+0x3e8/0x6c4 [ 34.336904][ T3073] __sys_connect+0x184/0x190 [ 34.337985][ T3073] __arm64_sys_connect+0x28/0x3c [ 34.339029][ T3073] el0_svc_common+0x138/0x220 [ 34.340155][ T3073] do_el0_svc+0x48/0x164 [ 34.341113][ T3073] el0_svc+0x58/0x150 [ 34.342003][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.343363][ T3073] el0t_64_sync+0x190/0x194 [ 34.344537][ T3073] BUG: sleeping function called from invalid context at include/linux/percpu-rwsem.h:49 [ 34.346171][ T3073] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3073, name: syz-executor252 [ 34.348140][ T3073] preempt_count: 1, expected: 0 [ 34.349216][ T3073] RCU nest depth: 0, expected: 0 [ 34.350390][ T3073] INFO: lockdep is turned off. [ 34.351524][ T3073] Preemption disabled at: [ 34.351529][ T3073] [] l2tp_tunnel_register+0x354/0x79c [ 34.354044][ T3073] CPU: 0 PID: 3073 Comm: syz-executor252 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 34.355791][ T3073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 34.358197][ T3073] Call trace: [ 34.358921][ T3073] dump_backtrace+0x1c4/0x1f0 [ 34.359995][ T3073] show_stack+0x2c/0x54 [ 34.360845][ T3073] dump_stack_lvl+0x104/0x16c [ 34.361877][ T3073] dump_stack+0x1c/0x58 [ 34.362849][ T3073] __might_resched+0x208/0x218 [ 34.364023][ T3073] __might_sleep+0x48/0x78 [ 34.364862][ T3073] cpus_read_lock+0x28/0x1e0 [ 34.365625][ T3073] static_key_slow_inc+0x1c/0x38 [ 34.366720][ T3073] udpv6_encap_enable+0x1c/0x28 [ 34.367881][ T3073] setup_udp_tunnel_sock+0xec/0x124 [ 34.369074][ T3073] l2tp_tunnel_register+0x68c/0x79c [ 34.370341][ T3073] pppol2tp_connect+0x3e8/0x6c4 [ 34.371468][ T3073] __sys_connect+0x184/0x190 [ 34.372431][ T3073] __arm64_sys_connect+0x28/0x3c [ 34.373563][ T3073] el0_svc_common+0x138/0x220 [ 34.374549][ T3073] do_el0_svc+0x48/0x164 [ 34.375250][ T3073] el0_svc+0x58/0x150 [ 34.376089][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 34.377223][ T3073] el0t_64_sync+0x190/0x194