[ 10.049003][ T2658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 10.051635][ T2658] eql: remember to turn off Van-Jacobson compression on your slave devices [ 10.081281][ T9] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 10.085841][ T2464] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.85' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 26.697168][ T3079] [ 26.697795][ T3079] ======================================================== [ 26.699734][ T3079] WARNING: possible irq lock inversion dependency detected [ 26.701657][ T3079] 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 Not tainted [ 26.703488][ T3079] -------------------------------------------------------- [ 26.705422][ T3079] syz-executor991/3079 just changed the state of lock: [ 26.707318][ T3079] ffff0000cb971a38 (clock-AF_INET6){+++.}-{2:2}, at: l2tp_tunnel_register+0x354/0x79c [ 26.709900][ T3079] but this lock was taken by another, SOFTIRQ-safe lock in the past: [ 26.712060][ T3079] (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} [ 26.712070][ T3079] [ 26.712070][ T3079] [ 26.712070][ T3079] and interrupts could create inverse lock ordering between them. [ 26.712070][ T3079] [ 26.717605][ T3079] [ 26.717605][ T3079] other info that might help us debug this: [ 26.719795][ T3079] Possible interrupt unsafe locking scenario: [ 26.719795][ T3079] [ 26.722108][ T3079] CPU0 CPU1 [ 26.723562][ T3079] ---- ---- [ 26.724976][ T3079] lock(clock-AF_INET6); [ 26.726107][ T3079] local_irq_disable(); [ 26.727909][ T3079] lock(&tcp_hashinfo.bhash[i].lock); [ 26.730026][ T3079] lock(clock-AF_INET6); [ 26.731840][ T3079] [ 26.732737][ T3079] lock(&tcp_hashinfo.bhash[i].lock); [ 26.734227][ T3079] [ 26.734227][ T3079] *** DEADLOCK *** [ 26.734227][ T3079] [ 26.736373][ T3079] 1 lock held by syz-executor991/3079: [ 26.737897][ T3079] #0: ffff0000cae2e930 (sk_lock-AF_PPPOX){+.+.}-{0:0}, at: pppol2tp_connect+0x184/0x6c4 [ 26.740569][ T3079] [ 26.740569][ T3079] the shortest dependencies between 2nd lock and 1st lock: [ 26.743087][ T3079] -> (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} { [ 26.744822][ T3079] HARDIRQ-ON-W at: [ 26.745906][ T3079] lock_acquire+0x100/0x1f8 [ 26.747610][ T3079] _raw_spin_lock_bh+0x54/0x6c [ 26.749368][ T3079] inet_csk_get_port+0xe0/0xaf0 [ 26.751166][ T3079] __inet6_bind+0x688/0x8ac [ 26.752877][ T3079] inet6_bind+0xf4/0x150 [ 26.754499][ T3079] rds_tcp_listen_init+0x14c/0x1f0 [ 26.756343][ T3079] rds_tcp_init_net+0xcc/0x1dc [ 26.758077][ T3079] ops_init+0xe4/0x2e4 [ 26.759641][ T3079] register_pernet_operations+0x108/0x264 [ 26.761670][ T3079] register_pernet_device+0x3c/0x94 [ 26.763513][ T3079] rds_tcp_init+0x74/0xe0 [ 26.765175][ T3079] do_one_initcall+0x118/0x22c [ 26.766933][ T3079] do_initcall_level+0xac/0xe4 [ 26.768717][ T3079] do_initcalls+0x58/0xa8 [ 26.770352][ T3079] do_basic_setup+0x20/0x2c [ 26.772043][ T3079] kernel_init_freeable+0xb8/0x148 [ 26.773947][ T3079] kernel_init+0x24/0x290 [ 26.775653][ T3079] ret_from_fork+0x10/0x20 [ 26.777223][ T3079] IN-SOFTIRQ-W at: [ 26.778273][ T3079] lock_acquire+0x100/0x1f8 [ 26.779997][ T3079] _raw_spin_lock+0x54/0x6c [ 26.781667][ T3079] __inet_inherit_port+0x124/0x9ac [ 26.783735][ T3079] tcp_v4_syn_recv_sock+0x790/0x848 [ 26.785571][ T3079] tcp_check_req+0x75c/0x8e4 [ 26.787318][ T3079] tcp_v4_rcv+0xad4/0x11e8 [ 26.788993][ T3079] ip_protocol_deliver_rcu+0x224/0x414 [ 26.790969][ T3079] ip_local_deliver_finish+0x124/0x200 [ 26.792896][ T3079] ip_local_deliver+0xd0/0xf4 [ 26.794611][ T3079] ip_sublist_rcv+0x40c/0x474 [ 26.796337][ T3079] ip_list_rcv+0x184/0x1c8 [ 26.797977][ T3079] __netif_receive_skb_list_core+0x1f8/0x2b0 [ 26.800094][ T3079] __netif_receive_skb_list+0x16c/0x1d0 [ 26.802132][ T3079] netif_receive_skb_list_internal+0x1e8/0x340 [ 26.804247][ T3079] napi_complete_done+0x140/0x354 [ 26.806099][ T3079] gve_napi_poll+0xcc/0x1b4 [ 26.807786][ T3079] __napi_poll+0x5c/0x24c [ 26.809410][ T3079] napi_poll+0x110/0x484 [ 26.811096][ T3079] net_rx_action+0x18c/0x414 [ 26.812786][ T3079] _stext+0x168/0x37c [ 26.814299][ T3079] ____do_softirq+0x14/0x20 [ 26.816026][ T3079] call_on_irq_stack+0x2c/0x54 [ 26.817905][ T3079] do_softirq_own_stack+0x20/0x2c [ 26.819743][ T3079] invoke_softirq+0x70/0xbc [ 26.821481][ T3079] __irq_exit_rcu+0xf0/0x140 [ 26.823206][ T3079] irq_exit_rcu+0x10/0x40 [ 26.824848][ T3079] el1_interrupt+0x38/0x68 [ 26.826520][ T3079] el1h_64_irq_handler+0x18/0x24 [ 26.828376][ T3079] el1h_64_irq+0x64/0x68 [ 26.830004][ T3079] arch_local_irq_enable+0xc/0x18 [ 26.831792][ T3079] default_idle_call+0x48/0xb8 [ 26.833529][ T3079] do_idle+0x110/0x2d4 [ 26.835147][ T3079] cpu_startup_entry+0x24/0x28 [ 26.836905][ T3079] kernel_init+0x0/0x290 [ 26.838504][ T3079] start_kernel+0x0/0x620 [ 26.840147][ T3079] start_kernel+0x450/0x620 [ 26.841830][ T3079] __primary_switched+0xb4/0xbc [ 26.843681][ T3079] INITIAL USE at: [ 26.844719][ T3079] lock_acquire+0x100/0x1f8 [ 26.846373][ T3079] _raw_spin_lock_bh+0x54/0x6c [ 26.848086][ T3079] inet_csk_get_port+0xe0/0xaf0 [ 26.849811][ T3079] __inet6_bind+0x688/0x8ac [ 26.851458][ T3079] inet6_bind+0xf4/0x150 [ 26.853067][ T3079] rds_tcp_listen_init+0x14c/0x1f0 [ 26.854893][ T3079] rds_tcp_init_net+0xcc/0x1dc [ 26.856652][ T3079] ops_init+0xe4/0x2e4 [ 26.858187][ T3079] register_pernet_operations+0x108/0x264 [ 26.860236][ T3079] register_pernet_device+0x3c/0x94 [ 26.862133][ T3079] rds_tcp_init+0x74/0xe0 [ 26.863756][ T3079] do_one_initcall+0x118/0x22c [ 26.865431][ T3079] do_initcall_level+0xac/0xe4 [ 26.867311][ T3079] do_initcalls+0x58/0xa8 [ 26.868918][ T3079] do_basic_setup+0x20/0x2c [ 26.870611][ T3079] kernel_init_freeable+0xb8/0x148 [ 26.872431][ T3079] kernel_init+0x24/0x290 [ 26.874012][ T3079] ret_from_fork+0x10/0x20 [ 26.875693][ T3079] } [ 26.876347][ T3079] ... key at: [] tcp_init.__key.22+0x0/0x10 [ 26.878499][ T3079] ... acquired at: [ 26.879633][ T3079] _raw_read_lock_bh+0x64/0x7c [ 26.880958][ T3079] sock_i_uid+0x24/0x58 [ 26.882121][ T3079] inet_csk_get_port+0x674/0xaf0 [ 26.883510][ T3079] __inet6_bind+0x688/0x8ac [ 26.884786][ T3079] inet6_bind+0xf4/0x150 [ 26.885888][ T3079] __sys_bind+0x148/0x1b0 [ 26.887074][ T3079] __arm64_sys_bind+0x28/0x3c [ 26.888400][ T3079] el0_svc_common+0x138/0x220 [ 26.889691][ T3079] do_el0_svc+0x48/0x164 [ 26.890862][ T3079] el0_svc+0x58/0x150 [ 26.891962][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.893306][ T3079] el0t_64_sync+0x190/0x194 [ 26.894537][ T3079] [ 26.895158][ T3079] -> (clock-AF_INET6){+++.}-{2:2} { [ 26.896557][ T3079] HARDIRQ-ON-W at: [ 26.897598][ T3079] lock_acquire+0x100/0x1f8 [ 26.899235][ T3079] _raw_write_lock_bh+0x54/0x6c [ 26.900953][ T3079] sk_common_release+0x58/0x1d4 [ 26.902710][ T3079] udp_lib_close+0x20/0x30 [ 26.904306][ T3079] inet_release+0xc8/0xe4 [ 26.905880][ T3079] inet6_release+0x3c/0x58 [ 26.907467][ T3079] sock_close+0x50/0xf0 [ 26.909005][ T3079] __fput+0x198/0x3e4 [ 26.910493][ T3079] ____fput+0x20/0x30 [ 26.911981][ T3079] task_work_run+0x100/0x148 [ 26.913611][ T3079] do_notify_resume+0x174/0x1f0 [ 26.915338][ T3079] el0_svc+0x9c/0x150 [ 26.916818][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.918580][ T3079] el0t_64_sync+0x190/0x194 [ 26.920183][ T3079] HARDIRQ-ON-R at: [ 26.921233][ T3079] lock_acquire+0x100/0x1f8 [ 26.922889][ T3079] _raw_read_lock_bh+0x64/0x7c [ 26.924601][ T3079] sock_i_uid+0x24/0x58 [ 26.926111][ T3079] udp_lib_lport_inuse+0x44/0x268 [ 26.927871][ T3079] udp_lib_get_port+0x2bc/0x8f8 [ 26.929585][ T3079] udp_v6_get_port+0x60/0x74 [ 26.931253][ T3079] __inet6_bind+0x688/0x8ac [ 26.932885][ T3079] inet6_bind+0xf4/0x150 [ 26.934457][ T3079] __sys_bind+0x148/0x1b0 [ 26.936038][ T3079] __arm64_sys_bind+0x28/0x3c [ 26.937740][ T3079] el0_svc_common+0x138/0x220 [ 26.939389][ T3079] do_el0_svc+0x48/0x164 [ 26.940993][ T3079] el0_svc+0x58/0x150 [ 26.942473][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.944241][ T3079] el0t_64_sync+0x190/0x194 [ 26.945880][ T3079] SOFTIRQ-ON-W at: [ 26.946974][ T3079] lock_acquire+0x100/0x1f8 [ 26.948628][ T3079] _raw_write_lock+0x54/0x6c [ 26.950290][ T3079] l2tp_tunnel_register+0x354/0x79c [ 26.952064][ T3079] pppol2tp_connect+0x3e8/0x6c4 [ 26.953786][ T3079] __sys_connect+0x184/0x190 [ 26.955434][ T3079] __arm64_sys_connect+0x28/0x3c [ 26.957168][ T3079] el0_svc_common+0x138/0x220 [ 26.958865][ T3079] do_el0_svc+0x48/0x164 [ 26.960399][ T3079] el0_svc+0x58/0x150 [ 26.961895][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.963580][ T3079] el0t_64_sync+0x190/0x194 [ 26.965233][ T3079] INITIAL USE at: [ 26.966286][ T3079] lock_acquire+0x100/0x1f8 [ 26.967966][ T3079] _raw_write_lock_bh+0x54/0x6c [ 26.969632][ T3079] sk_common_release+0x58/0x1d4 [ 26.971323][ T3079] udp_lib_close+0x20/0x30 [ 26.972923][ T3079] inet_release+0xc8/0xe4 [ 26.974474][ T3079] inet6_release+0x3c/0x58 [ 26.976170][ T3079] sock_close+0x50/0xf0 [ 26.977673][ T3079] __fput+0x198/0x3e4 [ 26.979163][ T3079] ____fput+0x20/0x30 [ 26.980635][ T3079] task_work_run+0x100/0x148 [ 26.982285][ T3079] do_notify_resume+0x174/0x1f0 [ 26.983964][ T3079] el0_svc+0x9c/0x150 [ 26.985433][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.987190][ T3079] el0t_64_sync+0x190/0x194 [ 26.988771][ T3079] INITIAL READ USE at: [ 26.989932][ T3079] lock_acquire+0x100/0x1f8 [ 26.991645][ T3079] _raw_read_lock_bh+0x64/0x7c [ 26.993501][ T3079] sock_i_uid+0x24/0x58 [ 26.995131][ T3079] udp_lib_lport_inuse+0x44/0x268 [ 26.997001][ T3079] udp_lib_get_port+0x2bc/0x8f8 [ 26.998863][ T3079] udp_v6_get_port+0x60/0x74 [ 27.000609][ T3079] __inet6_bind+0x688/0x8ac [ 27.002400][ T3079] inet6_bind+0xf4/0x150 [ 27.004062][ T3079] __sys_bind+0x148/0x1b0 [ 27.005735][ T3079] __arm64_sys_bind+0x28/0x3c [ 27.007498][ T3079] el0_svc_common+0x138/0x220 [ 27.009256][ T3079] do_el0_svc+0x48/0x164 [ 27.010928][ T3079] el0_svc+0x58/0x150 [ 27.012445][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 27.014283][ T3079] el0t_64_sync+0x190/0x194 [ 27.015993][ T3079] } [ 27.016638][ T3079] ... key at: [] af_callback_keys+0xa0/0x2e0 [ 27.018775][ T3079] ... acquired at: [ 27.019772][ T3079] mark_lock+0x154/0x1b4 [ 27.020951][ T3079] __lock_acquire+0x618/0x3084 [ 27.022283][ T3079] lock_acquire+0x100/0x1f8 [ 27.023511][ T3079] _raw_write_lock+0x54/0x6c [ 27.024767][ T3079] l2tp_tunnel_register+0x354/0x79c [ 27.026170][ T3079] pppol2tp_connect+0x3e8/0x6c4 [ 27.027522][ T3079] __sys_connect+0x184/0x190 [ 27.028835][ T3079] __arm64_sys_connect+0x28/0x3c [ 27.030207][ T3079] el0_svc_common+0x138/0x220 [ 27.031589][ T3079] do_el0_svc+0x48/0x164 [ 27.032843][ T3079] el0_svc+0x58/0x150 [ 27.033922][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 27.035303][ T3079] el0t_64_sync+0x190/0x194 [ 27.036503][ T3079] [ 27.037105][ T3079] [ 27.037105][ T3079] stack backtrace: [ 27.038806][ T3079] CPU: 0 PID: 3079 Comm: syz-executor991 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 27.041654][ T3079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 27.044301][ T3079] Call trace: [ 27.045169][ T3079] dump_backtrace+0x1c4/0x1f0 [ 27.046469][ T3079] show_stack+0x2c/0x54 [ 27.047564][ T3079] dump_stack_lvl+0x104/0x16c [ 27.048788][ T3079] dump_stack+0x1c/0x58 [ 27.049875][ T3079] print_irq_inversion_bug+0x2f8/0x300 [ 27.051331][ T3079] mark_lock_irq+0x3ec/0x4b4 [ 27.052597][ T3079] mark_lock+0x154/0x1b4 [ 27.053721][ T3079] __lock_acquire+0x618/0x3084 [ 27.054979][ T3079] lock_acquire+0x100/0x1f8 [ 27.056165][ T3079] _raw_write_lock+0x54/0x6c [ 27.057380][ T3079] l2tp_tunnel_register+0x354/0x79c [ 27.058748][ T3079] pppol2tp_connect+0x3e8/0x6c4 [ 27.060050][ T3079] __sys_connect+0x184/0x190 [ 27.061242][ T3079] __arm64_sys_connect+0x28/0x3c [ 27.062543][ T3079] el0_svc_common+0x138/0x220 [ 27.063761][ T3079] do_el0_svc+0x48/0x164 [ 27.064853][ T3079] el0_svc+0x58/0x150 [ 27.065887][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 27.067236][ T3079] el0t_64_sync+0x190/0x194 [ 27.068660][ T3079] BUG: sleeping function called from invalid context at include/linux/percpu-rwsem.h:49 [ 27.071189][ T3079] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3079, name: syz-executor991 [ 27.073650][ T3079] preempt_count: 1, expected: 0 [ 27.074822][ T3079] RCU nest depth: 0, expected: 0 [ 27.076066][ T3079] INFO: lockdep is turned off. [ 27.077317][ T3079] Preemption disabled at: [ 27.077322][ T3079] [] l2tp_tunnel_register+0x354/0x79c [ 27.080122][ T3079] CPU: 0 PID: 3079 Comm: syz-executor991 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 27.082825][ T3079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 27.085525][ T3079] Call trace: [ 27.086377][ T3079] dump_backtrace+0x1c4/0x1f0 [ 27.087572][ T3079] show_stack+0x2c/0x54 [ 27.088685][ T3079] dump_stack_lvl+0x104/0x16c [ 27.089860][ T3079] dump_stack+0x1c/0x58 [ 27.090932][ T3079] __might_resched+0x208/0x218 [ 27.092205][ T3079] __might_sleep+0x48/0x78 [ 27.093314][ T3079] cpus_read_lock+0x28/0x1e0 [ 27.094499][ T3079] static_key_slow_inc+0x1c/0x38 [ 27.095786][ T3079] udpv6_encap_enable+0x1c/0x28 [ 27.097031][ T3079] setup_udp_tunnel_sock+0xec/0x124 [ 27.098366][ T3079] l2tp_tunnel_register+0x68c/0x79c [ 27.099796][ T3079] pppol2tp_connect+0x3e8/0x6c4 [ 27.101079][ T3079] __sys_connect+0x184/0x190 [ 27.102282][ T3079] __arm64_sys_connect+0x28/0x3c [ 27.103606][ T3079] el0_svc_common+0x138/0x220 [ 27.104838][ T3079] do_el0_svc+0x48/0x164 [ 27.105935][ T3079] el0_svc+0x58/0x150 [ 27.106963][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 27.108282][ T3079] el0t_64_sync+0x190/0x194