[ 9.925092][ T2659] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9.931355][ T2659] eql: remember to turn off Van-Jacobson compression on your slave devices [ 9.960055][ T49] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 9.963395][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.45' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.733665][ T3073] [ 27.734342][ T3073] ======================================================== [ 27.736127][ T3073] WARNING: possible irq lock inversion dependency detected [ 27.737989][ T3073] 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 Not tainted [ 27.739844][ T3073] -------------------------------------------------------- [ 27.741744][ T3073] syz-executor114/3073 just changed the state of lock: [ 27.743471][ T3073] ffff0000c10d1138 (clock-AF_INET6){+++.}-{2:2}, at: l2tp_tunnel_register+0x354/0x79c [ 27.745975][ T3073] but this lock was taken by another, SOFTIRQ-safe lock in the past: [ 27.748085][ T3073] (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} [ 27.748095][ T3073] [ 27.748095][ T3073] [ 27.748095][ T3073] and interrupts could create inverse lock ordering between them. [ 27.748095][ T3073] [ 27.753327][ T3073] [ 27.753327][ T3073] other info that might help us debug this: [ 27.755376][ T3073] Possible interrupt unsafe locking scenario: [ 27.755376][ T3073] [ 27.757519][ T3073] CPU0 CPU1 [ 27.758869][ T3073] ---- ---- [ 27.760229][ T3073] lock(clock-AF_INET6); [ 27.761350][ T3073] local_irq_disable(); [ 27.763086][ T3073] lock(&tcp_hashinfo.bhash[i].lock); [ 27.765140][ T3073] lock(clock-AF_INET6); [ 27.766939][ T3073] [ 27.767824][ T3073] lock(&tcp_hashinfo.bhash[i].lock); [ 27.769274][ T3073] [ 27.769274][ T3073] *** DEADLOCK *** [ 27.769274][ T3073] [ 27.771328][ T3073] 2 locks held by syz-executor114/3073: [ 27.772736][ T3073] #0: ffff80000d894668 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 [ 27.774873][ T3073] #1: ffff80000d894578 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x80/0x4f4 [ 27.777255][ T3073] [ 27.777255][ T3073] the shortest dependencies between 2nd lock and 1st lock: [ 27.779751][ T3073] -> (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} { [ 27.781432][ T3073] HARDIRQ-ON-W at: [ 27.782452][ T3073] lock_acquire+0x100/0x1f8 [ 27.784193][ T3073] _raw_spin_lock_bh+0x54/0x6c [ 27.785934][ T3073] inet_csk_get_port+0xe0/0xaf0 [ 27.787665][ T3073] __inet6_bind+0x688/0x8ac [ 27.789332][ T3073] inet6_bind+0xf4/0x150 [ 27.790936][ T3073] rds_tcp_listen_init+0x14c/0x1f0 [ 27.792803][ T3073] rds_tcp_init_net+0xcc/0x1dc [ 27.794361][ T3073] ops_init+0xe4/0x2e4 [ 27.795730][ T3073] register_pernet_operations+0x108/0x264 [ 27.797667][ T3073] register_pernet_device+0x3c/0x94 [ 27.799560][ T3073] rds_tcp_init+0x74/0xe0 [ 27.801151][ T3073] do_one_initcall+0x118/0x22c [ 27.802879][ T3073] do_initcall_level+0xac/0xe4 [ 27.804435][ T3073] do_initcalls+0x58/0xa8 [ 27.805862][ T3073] do_basic_setup+0x20/0x2c [ 27.807501][ T3073] kernel_init_freeable+0xb8/0x148 [ 27.809323][ T3073] kernel_init+0x24/0x290 [ 27.810909][ T3073] ret_from_fork+0x10/0x20 [ 27.812508][ T3073] IN-SOFTIRQ-W at: [ 27.813531][ T3073] lock_acquire+0x100/0x1f8 [ 27.815158][ T3073] _raw_spin_lock+0x54/0x6c [ 27.816652][ T3073] __inet_inherit_port+0x124/0x9ac [ 27.818477][ T3073] tcp_v4_syn_recv_sock+0x790/0x848 [ 27.820280][ T3073] tcp_check_req+0x75c/0x8e4 [ 27.821923][ T3073] tcp_v4_rcv+0xad4/0x11e8 [ 27.823612][ T3073] ip_protocol_deliver_rcu+0x224/0x414 [ 27.825653][ T3073] ip_local_deliver_finish+0x124/0x200 [ 27.827562][ T3073] ip_local_deliver+0xd0/0xf4 [ 27.829242][ T3073] ip_sublist_rcv+0x40c/0x474 [ 27.831000][ T3073] ip_list_rcv+0x184/0x1c8 [ 27.832637][ T3073] __netif_receive_skb_list_core+0x1f8/0x2b0 [ 27.834655][ T3073] __netif_receive_skb_list+0x16c/0x1d0 [ 27.836550][ T3073] netif_receive_skb_list_internal+0x1e8/0x340 [ 27.838616][ T3073] napi_complete_done+0x140/0x354 [ 27.840409][ T3073] gve_napi_poll+0xcc/0x1b4 [ 27.842021][ T3073] __napi_poll+0x5c/0x24c [ 27.843627][ T3073] napi_poll+0x110/0x484 [ 27.845231][ T3073] net_rx_action+0x18c/0x414 [ 27.846871][ T3073] _stext+0x168/0x37c [ 27.848380][ T3073] ____do_softirq+0x14/0x20 [ 27.850044][ T3073] call_on_irq_stack+0x2c/0x54 [ 27.851585][ T3073] do_softirq_own_stack+0x20/0x2c [ 27.853161][ T3073] invoke_softirq+0x70/0xbc [ 27.854906][ T3073] __irq_exit_rcu+0xf0/0x140 [ 27.856630][ T3073] irq_exit_rcu+0x10/0x40 [ 27.858260][ T3073] el1_interrupt+0x38/0x68 [ 27.859974][ T3073] el1h_64_irq_handler+0x18/0x24 [ 27.861688][ T3073] el1h_64_irq+0x64/0x68 [ 27.863256][ T3073] arch_local_irq_enable+0xc/0x18 [ 27.865134][ T3073] default_idle_call+0x48/0xb8 [ 27.866889][ T3073] do_idle+0x110/0x2d4 [ 27.868398][ T3073] cpu_startup_entry+0x24/0x28 [ 27.870096][ T3073] kernel_init+0x0/0x290 [ 27.871548][ T3073] start_kernel+0x0/0x620 [ 27.872995][ T3073] start_kernel+0x450/0x620 [ 27.874664][ T3073] __primary_switched+0xb4/0xbc [ 27.876370][ T3073] INITIAL USE at: [ 27.877373][ T3073] lock_acquire+0x100/0x1f8 [ 27.878974][ T3073] _raw_spin_lock_bh+0x54/0x6c [ 27.880679][ T3073] inet_csk_get_port+0xe0/0xaf0 [ 27.882397][ T3073] __inet6_bind+0x688/0x8ac [ 27.884140][ T3073] inet6_bind+0xf4/0x150 [ 27.885652][ T3073] rds_tcp_listen_init+0x14c/0x1f0 [ 27.887272][ T3073] rds_tcp_init_net+0xcc/0x1dc [ 27.888898][ T3073] ops_init+0xe4/0x2e4 [ 27.890391][ T3073] register_pernet_operations+0x108/0x264 [ 27.892317][ T3073] register_pernet_device+0x3c/0x94 [ 27.894089][ T3073] rds_tcp_init+0x74/0xe0 [ 27.895669][ T3073] do_one_initcall+0x118/0x22c [ 27.897346][ T3073] do_initcall_level+0xac/0xe4 [ 27.899007][ T3073] do_initcalls+0x58/0xa8 [ 27.900574][ T3073] do_basic_setup+0x20/0x2c [ 27.902213][ T3073] kernel_init_freeable+0xb8/0x148 [ 27.904159][ T3073] kernel_init+0x24/0x290 [ 27.905555][ T3073] ret_from_fork+0x10/0x20 [ 27.906998][ T3073] } [ 27.907593][ T3073] ... key at: [] tcp_init.__key.22+0x0/0x10 [ 27.909766][ T3073] ... acquired at: [ 27.910791][ T3073] _raw_read_lock_bh+0x64/0x7c [ 27.912073][ T3073] sock_i_uid+0x24/0x58 [ 27.913196][ T3073] inet_csk_get_port+0x674/0xaf0 [ 27.914542][ T3073] __inet6_bind+0x688/0x8ac [ 27.915786][ T3073] inet6_bind+0xf4/0x150 [ 27.916908][ T3073] __sys_bind+0x148/0x1b0 [ 27.918041][ T3073] __arm64_sys_bind+0x28/0x3c [ 27.919308][ T3073] el0_svc_common+0x138/0x220 [ 27.920550][ T3073] do_el0_svc+0x48/0x164 [ 27.921700][ T3073] el0_svc+0x58/0x150 [ 27.922788][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 27.924113][ T3073] el0t_64_sync+0x190/0x194 [ 27.925312][ T3073] [ 27.925886][ T3073] -> (clock-AF_INET6){+++.}-{2:2} { [ 27.927361][ T3073] HARDIRQ-ON-W at: [ 27.928433][ T3073] lock_acquire+0x100/0x1f8 [ 27.930051][ T3073] _raw_write_lock_bh+0x54/0x6c [ 27.931744][ T3073] sk_common_release+0x58/0x1d4 [ 27.933374][ T3073] udp_lib_close+0x20/0x30 [ 27.935007][ T3073] inet_release+0xc8/0xe4 [ 27.936566][ T3073] inet6_release+0x3c/0x58 [ 27.938149][ T3073] sock_close+0x50/0xf0 [ 27.939670][ T3073] __fput+0x198/0x3e4 [ 27.941169][ T3073] ____fput+0x20/0x30 [ 27.942608][ T3073] task_work_run+0x100/0x148 [ 27.944236][ T3073] do_notify_resume+0x174/0x1f0 [ 27.945914][ T3073] el0_svc+0x9c/0x150 [ 27.947391][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 27.949129][ T3073] el0t_64_sync+0x190/0x194 [ 27.950796][ T3073] HARDIRQ-ON-R at: [ 27.951804][ T3073] lock_acquire+0x100/0x1f8 [ 27.953387][ T3073] _raw_read_lock_bh+0x64/0x7c [ 27.955052][ T3073] sock_i_uid+0x24/0x58 [ 27.956604][ T3073] udp_lib_lport_inuse+0x44/0x268 [ 27.958381][ T3073] udp_lib_get_port+0x2bc/0x8f8 [ 27.960054][ T3073] udp_v6_get_port+0x60/0x74 [ 27.961712][ T3073] __inet6_bind+0x688/0x8ac [ 27.963270][ T3073] inet6_bind+0xf4/0x150 [ 27.964956][ T3073] __sys_bind+0x148/0x1b0 [ 27.966552][ T3073] __arm64_sys_bind+0x28/0x3c [ 27.968351][ T3073] el0_svc_common+0x138/0x220 [ 27.970040][ T3073] do_el0_svc+0x48/0x164 [ 27.971554][ T3073] el0_svc+0x58/0x150 [ 27.973013][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 27.974903][ T3073] el0t_64_sync+0x190/0x194 [ 27.976484][ T3073] SOFTIRQ-ON-W at: [ 27.977523][ T3073] lock_acquire+0x100/0x1f8 [ 27.979107][ T3073] _raw_write_lock+0x54/0x6c [ 27.980727][ T3073] l2tp_tunnel_register+0x354/0x79c [ 27.982470][ T3073] l2tp_nl_cmd_tunnel_create+0x1f8/0x330 [ 27.984338][ T3073] genl_rcv_msg+0x458/0x4f4 [ 27.985912][ T3073] netlink_rcv_skb+0xe8/0x1d4 [ 27.987582][ T3073] genl_rcv+0x38/0x50 [ 27.989043][ T3073] netlink_unicast_kernel+0xfc/0x1dc [ 27.990810][ T3073] netlink_unicast+0x164/0x248 [ 27.992453][ T3073] netlink_sendmsg+0x484/0x584 [ 27.994126][ T3073] ____sys_sendmsg+0x2f8/0x440 [ 27.995812][ T3073] __sys_sendmsg+0x1ac/0x228 [ 27.997475][ T3073] __arm64_sys_sendmsg+0x2c/0x3c [ 27.999201][ T3073] el0_svc_common+0x138/0x220 [ 28.000818][ T3073] do_el0_svc+0x48/0x164 [ 28.002418][ T3073] el0_svc+0x58/0x150 [ 28.003908][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 28.005665][ T3073] el0t_64_sync+0x190/0x194 [ 28.007296][ T3073] INITIAL USE at: [ 28.008282][ T3073] lock_acquire+0x100/0x1f8 [ 28.009901][ T3073] _raw_write_lock_bh+0x54/0x6c [ 28.011543][ T3073] sk_common_release+0x58/0x1d4 [ 28.013221][ T3073] udp_lib_close+0x20/0x30 [ 28.014892][ T3073] inet_release+0xc8/0xe4 [ 28.016291][ T3073] inet6_release+0x3c/0x58 [ 28.017677][ T3073] sock_close+0x50/0xf0 [ 28.018987][ T3073] __fput+0x198/0x3e4 [ 28.020434][ T3073] ____fput+0x20/0x30 [ 28.021841][ T3073] task_work_run+0x100/0x148 [ 28.023439][ T3073] do_notify_resume+0x174/0x1f0 [ 28.025123][ T3073] el0_svc+0x9c/0x150 [ 28.026625][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 28.028414][ T3073] el0t_64_sync+0x190/0x194 [ 28.030022][ T3073] INITIAL READ USE at: [ 28.031149][ T3073] lock_acquire+0x100/0x1f8 [ 28.032801][ T3073] _raw_read_lock_bh+0x64/0x7c [ 28.034592][ T3073] sock_i_uid+0x24/0x58 [ 28.036226][ T3073] udp_lib_lport_inuse+0x44/0x268 [ 28.038105][ T3073] udp_lib_get_port+0x2bc/0x8f8 [ 28.039858][ T3073] udp_v6_get_port+0x60/0x74 [ 28.041619][ T3073] __inet6_bind+0x688/0x8ac [ 28.043309][ T3073] inet6_bind+0xf4/0x150 [ 28.044933][ T3073] __sys_bind+0x148/0x1b0 [ 28.046527][ T3073] __arm64_sys_bind+0x28/0x3c [ 28.048272][ T3073] el0_svc_common+0x138/0x220 [ 28.050088][ T3073] do_el0_svc+0x48/0x164 [ 28.051692][ T3073] el0_svc+0x58/0x150 [ 28.053082][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 28.054735][ T3073] el0t_64_sync+0x190/0x194 [ 28.056558][ T3073] } [ 28.057194][ T3073] ... key at: [] af_callback_keys+0xa0/0x2e0 [ 28.059376][ T3073] ... acquired at: [ 28.060321][ T3073] mark_lock+0x154/0x1b4 [ 28.061469][ T3073] __lock_acquire+0x618/0x3084 [ 28.062784][ T3073] lock_acquire+0x100/0x1f8 [ 28.064142][ T3073] _raw_write_lock+0x54/0x6c [ 28.065399][ T3073] l2tp_tunnel_register+0x354/0x79c [ 28.066734][ T3073] l2tp_nl_cmd_tunnel_create+0x1f8/0x330 [ 28.068221][ T3073] genl_rcv_msg+0x458/0x4f4 [ 28.069418][ T3073] netlink_rcv_skb+0xe8/0x1d4 [ 28.070641][ T3073] genl_rcv+0x38/0x50 [ 28.071710][ T3073] netlink_unicast_kernel+0xfc/0x1dc [ 28.073105][ T3073] netlink_unicast+0x164/0x248 [ 28.074396][ T3073] netlink_sendmsg+0x484/0x584 [ 28.075635][ T3073] ____sys_sendmsg+0x2f8/0x440 [ 28.076935][ T3073] __sys_sendmsg+0x1ac/0x228 [ 28.078260][ T3073] __arm64_sys_sendmsg+0x2c/0x3c [ 28.079600][ T3073] el0_svc_common+0x138/0x220 [ 28.080943][ T3073] do_el0_svc+0x48/0x164 [ 28.082089][ T3073] el0_svc+0x58/0x150 [ 28.083146][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 28.084485][ T3073] el0t_64_sync+0x190/0x194 [ 28.085674][ T3073] [ 28.086273][ T3073] [ 28.086273][ T3073] stack backtrace: [ 28.087758][ T3073] CPU: 0 PID: 3073 Comm: syz-executor114 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 28.090418][ T3073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 28.093117][ T3073] Call trace: [ 28.093924][ T3073] dump_backtrace+0x1c4/0x1f0 [ 28.095037][ T3073] show_stack+0x2c/0x54 [ 28.095992][ T3073] dump_stack_lvl+0x104/0x16c [ 28.097095][ T3073] dump_stack+0x1c/0x58 [ 28.098218][ T3073] print_irq_inversion_bug+0x2f8/0x300 [ 28.099653][ T3073] mark_lock_irq+0x3ec/0x4b4 [ 28.100833][ T3073] mark_lock+0x154/0x1b4 [ 28.101913][ T3073] __lock_acquire+0x618/0x3084 [ 28.103161][ T3073] lock_acquire+0x100/0x1f8 [ 28.104524][ T3073] _raw_write_lock+0x54/0x6c [ 28.105716][ T3073] l2tp_tunnel_register+0x354/0x79c [ 28.107036][ T3073] l2tp_nl_cmd_tunnel_create+0x1f8/0x330 [ 28.108491][ T3073] genl_rcv_msg+0x458/0x4f4 [ 28.109652][ T3073] netlink_rcv_skb+0xe8/0x1d4 [ 28.110841][ T3073] genl_rcv+0x38/0x50 [ 28.111870][ T3073] netlink_unicast_kernel+0xfc/0x1dc [ 28.113399][ T3073] netlink_unicast+0x164/0x248 [ 28.114601][ T3073] netlink_sendmsg+0x484/0x584 [ 28.115717][ T3073] ____sys_sendmsg+0x2f8/0x440 [ 28.116797][ T3073] __sys_sendmsg+0x1ac/0x228 [ 28.117884][ T3073] __arm64_sys_sendmsg+0x2c/0x3c [ 28.119148][ T3073] el0_svc_common+0x138/0x220 [ 28.120380][ T3073] do_el0_svc+0x48/0x164 [ 28.121451][ T3073] el0_svc+0x58/0x150 [ 28.122485][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 28.123790][ T3073] el0t_64_sync+0x190/0x194