Warning: Permanently added '10.128.1.13' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 26.245584][ T3073] [ 26.246256][ T3073] ======================================================== [ 26.248157][ T3073] WARNING: possible irq lock inversion dependency detected [ 26.250145][ T3073] 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 Not tainted [ 26.252045][ T3073] -------------------------------------------------------- [ 26.254000][ T3073] syz-executor533/3073 just changed the state of lock: [ 26.255832][ T3073] ffff0000cb5c12b8 (clock-AF_INET6){+++.}-{2:2}, at: l2tp_tunnel_register+0x354/0x79c [ 26.258436][ T3073] but this lock was taken by another, SOFTIRQ-safe lock in the past: [ 26.260595][ T3073] (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} [ 26.260604][ T3073] [ 26.260604][ T3073] [ 26.260604][ T3073] and interrupts could create inverse lock ordering between them. [ 26.260604][ T3073] [ 26.266070][ T3073] [ 26.266070][ T3073] other info that might help us debug this: [ 26.268240][ T3073] Possible interrupt unsafe locking scenario: [ 26.268240][ T3073] [ 26.270459][ T3073] CPU0 CPU1 [ 26.271904][ T3073] ---- ---- [ 26.273298][ T3073] lock(clock-AF_INET6); [ 26.274428][ T3073] local_irq_disable(); [ 26.276281][ T3073] lock(&tcp_hashinfo.bhash[i].lock); [ 26.278408][ T3073] lock(clock-AF_INET6); [ 26.280257][ T3073] [ 26.281157][ T3073] lock(&tcp_hashinfo.bhash[i].lock); [ 26.282652][ T3073] [ 26.282652][ T3073] *** DEADLOCK *** [ 26.282652][ T3073] [ 26.284872][ T3073] 1 lock held by syz-executor533/3073: [ 26.286309][ T3073] #0: ffff0000cae9e130 (sk_lock-AF_PPPOX){+.+.}-{0:0}, at: pppol2tp_connect+0x184/0x6c4 [ 26.289008][ T3073] [ 26.289008][ T3073] the shortest dependencies between 2nd lock and 1st lock: [ 26.291419][ T3073] -> (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} { [ 26.293045][ T3073] HARDIRQ-ON-W at: [ 26.294291][ T3073] lock_acquire+0x100/0x1f8 [ 26.296021][ T3073] _raw_spin_lock_bh+0x54/0x6c [ 26.297805][ T3073] inet_csk_get_port+0xe0/0xaf0 [ 26.299587][ T3073] __inet6_bind+0x688/0x8ac [ 26.301284][ T3073] inet6_bind+0xf4/0x150 [ 26.302976][ T3073] rds_tcp_listen_init+0x14c/0x1f0 [ 26.304836][ T3073] rds_tcp_init_net+0xcc/0x1dc [ 26.306609][ T3073] ops_init+0xe4/0x2e4 [ 26.308169][ T3073] register_pernet_operations+0x108/0x264 [ 26.310317][ T3073] register_pernet_device+0x3c/0x94 [ 26.312198][ T3073] rds_tcp_init+0x74/0xe0 [ 26.313867][ T3073] do_one_initcall+0x118/0x22c [ 26.315710][ T3073] do_initcall_level+0xac/0xe4 [ 26.317547][ T3073] do_initcalls+0x58/0xa8 [ 26.319203][ T3073] do_basic_setup+0x20/0x2c [ 26.320871][ T3073] kernel_init_freeable+0xb8/0x148 [ 26.322695][ T3073] kernel_init+0x24/0x290 [ 26.324347][ T3073] ret_from_fork+0x10/0x20 [ 26.326003][ T3073] IN-SOFTIRQ-W at: [ 26.327093][ T3073] lock_acquire+0x100/0x1f8 [ 26.328892][ T3073] _raw_spin_lock+0x54/0x6c [ 26.330567][ T3073] __inet_inherit_port+0x124/0x9ac [ 26.332427][ T3073] tcp_v4_syn_recv_sock+0x790/0x848 [ 26.334315][ T3073] tcp_check_req+0x75c/0x8e4 [ 26.336067][ T3073] tcp_v4_rcv+0xad4/0x11e8 [ 26.337751][ T3073] ip_protocol_deliver_rcu+0x224/0x414 [ 26.339758][ T3073] ip_local_deliver_finish+0x124/0x200 [ 26.341692][ T3073] ip_local_deliver+0xd0/0xf4 [ 26.343474][ T3073] ip_sublist_rcv+0x40c/0x474 [ 26.345210][ T3073] ip_list_rcv+0x184/0x1c8 [ 26.346857][ T3073] __netif_receive_skb_list_core+0x1f8/0x2b0 [ 26.348949][ T3073] __netif_receive_skb_list+0x16c/0x1d0 [ 26.350954][ T3073] netif_receive_skb_list_internal+0x1e8/0x340 [ 26.353095][ T3073] napi_complete_done+0x140/0x354 [ 26.354934][ T3073] gve_napi_poll+0xcc/0x1b4 [ 26.356629][ T3073] __napi_poll+0x5c/0x24c [ 26.358332][ T3073] napi_poll+0x110/0x484 [ 26.359949][ T3073] net_rx_action+0x18c/0x414 [ 26.361652][ T3073] _stext+0x168/0x37c [ 26.363183][ T3073] ____do_softirq+0x14/0x20 [ 26.364883][ T3073] call_on_irq_stack+0x2c/0x54 [ 26.366695][ T3073] do_softirq_own_stack+0x20/0x2c [ 26.368517][ T3073] invoke_softirq+0x70/0xbc [ 26.370294][ T3073] __irq_exit_rcu+0xf0/0x140 [ 26.371983][ T3073] irq_exit_rcu+0x10/0x40 [ 26.373646][ T3073] el1_interrupt+0x38/0x68 [ 26.375302][ T3073] el1h_64_irq_handler+0x18/0x24 [ 26.377111][ T3073] el1h_64_irq+0x64/0x68 [ 26.378820][ T3073] arch_local_irq_enable+0xc/0x18 [ 26.380704][ T3073] default_idle_call+0x48/0xb8 [ 26.382447][ T3073] do_idle+0x110/0x2d4 [ 26.384024][ T3073] cpu_startup_entry+0x24/0x28 [ 26.385759][ T3073] kernel_init+0x0/0x290 [ 26.387369][ T3073] start_kernel+0x0/0x620 [ 26.388977][ T3073] start_kernel+0x450/0x620 [ 26.390742][ T3073] __primary_switched+0xb4/0xbc [ 26.392558][ T3073] INITIAL USE at: [ 26.393605][ T3073] lock_acquire+0x100/0x1f8 [ 26.395298][ T3073] _raw_spin_lock_bh+0x54/0x6c [ 26.397104][ T3073] inet_csk_get_port+0xe0/0xaf0 [ 26.398885][ T3073] __inet6_bind+0x688/0x8ac [ 26.400535][ T3073] inet6_bind+0xf4/0x150 [ 26.402136][ T3073] rds_tcp_listen_init+0x14c/0x1f0 [ 26.403977][ T3073] rds_tcp_init_net+0xcc/0x1dc [ 26.405766][ T3073] ops_init+0xe4/0x2e4 [ 26.407305][ T3073] register_pernet_operations+0x108/0x264 [ 26.409325][ T3073] register_pernet_device+0x3c/0x94 [ 26.411029][ T3073] rds_tcp_init+0x74/0xe0 [ 26.412493][ T3073] do_one_initcall+0x118/0x22c [ 26.414274][ T3073] do_initcall_level+0xac/0xe4 [ 26.416018][ T3073] do_initcalls+0x58/0xa8 [ 26.417661][ T3073] do_basic_setup+0x20/0x2c [ 26.419359][ T3073] kernel_init_freeable+0xb8/0x148 [ 26.421203][ T3073] kernel_init+0x24/0x290 [ 26.422900][ T3073] ret_from_fork+0x10/0x20 [ 26.424546][ T3073] } [ 26.425214][ T3073] ... key at: [] tcp_init.__key.22+0x0/0x10 [ 26.427463][ T3073] ... acquired at: [ 26.428527][ T3073] _raw_read_lock_bh+0x64/0x7c [ 26.429845][ T3073] sock_i_uid+0x24/0x58 [ 26.431052][ T3073] inet_csk_get_port+0x674/0xaf0 [ 26.432462][ T3073] __inet6_bind+0x688/0x8ac [ 26.433706][ T3073] inet6_bind+0xf4/0x150 [ 26.434904][ T3073] __sys_bind+0x148/0x1b0 [ 26.436123][ T3073] __arm64_sys_bind+0x28/0x3c [ 26.437445][ T3073] el0_svc_common+0x138/0x220 [ 26.438713][ T3073] do_el0_svc+0x48/0x164 [ 26.439913][ T3073] el0_svc+0x58/0x150 [ 26.441026][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.442443][ T3073] el0t_64_sync+0x190/0x194 [ 26.443969][ T3073] [ 26.444629][ T3073] -> (clock-AF_INET6){+++.}-{2:2} { [ 26.445911][ T3073] HARDIRQ-ON-W at: [ 26.446894][ T3073] lock_acquire+0x100/0x1f8 [ 26.448384][ T3073] _raw_write_lock_bh+0x54/0x6c [ 26.450216][ T3073] sk_common_release+0x58/0x1d4 [ 26.451970][ T3073] udp_lib_close+0x20/0x30 [ 26.453659][ T3073] inet_release+0xc8/0xe4 [ 26.455286][ T3073] inet6_release+0x3c/0x58 [ 26.456929][ T3073] sock_close+0x50/0xf0 [ 26.458503][ T3073] __fput+0x198/0x3e4 [ 26.460203][ T3073] ____fput+0x20/0x30 [ 26.461824][ T3073] task_work_run+0x100/0x148 [ 26.463379][ T3073] do_notify_resume+0x174/0x1f0 [ 26.464930][ T3073] el0_svc+0x9c/0x150 [ 26.466536][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.468390][ T3073] el0t_64_sync+0x190/0x194 [ 26.470040][ T3073] HARDIRQ-ON-R at: [ 26.471104][ T3073] lock_acquire+0x100/0x1f8 [ 26.472841][ T3073] _raw_read_lock_bh+0x64/0x7c [ 26.474604][ T3073] sock_i_uid+0x24/0x58 [ 26.476184][ T3073] udp_lib_lport_inuse+0x44/0x268 [ 26.477990][ T3073] udp_lib_get_port+0x2bc/0x8f8 [ 26.479755][ T3073] udp_v6_get_port+0x60/0x74 [ 26.481460][ T3073] __inet6_bind+0x688/0x8ac [ 26.483147][ T3073] inet6_bind+0xf4/0x150 [ 26.484801][ T3073] __sys_bind+0x148/0x1b0 [ 26.486450][ T3073] __arm64_sys_bind+0x28/0x3c [ 26.488170][ T3073] el0_svc_common+0x138/0x220 [ 26.489897][ T3073] do_el0_svc+0x48/0x164 [ 26.491480][ T3073] el0_svc+0x58/0x150 [ 26.493019][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.494856][ T3073] el0t_64_sync+0x190/0x194 [ 26.496536][ T3073] SOFTIRQ-ON-W at: [ 26.497606][ T3073] lock_acquire+0x100/0x1f8 [ 26.499294][ T3073] _raw_write_lock+0x54/0x6c [ 26.501026][ T3073] l2tp_tunnel_register+0x354/0x79c [ 26.502889][ T3073] pppol2tp_connect+0x3e8/0x6c4 [ 26.504654][ T3073] __sys_connect+0x184/0x190 [ 26.506315][ T3073] __arm64_sys_connect+0x28/0x3c [ 26.508300][ T3073] el0_svc_common+0x138/0x220 [ 26.510067][ T3073] do_el0_svc+0x48/0x164 [ 26.511631][ T3073] el0_svc+0x58/0x150 [ 26.513163][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.514967][ T3073] el0t_64_sync+0x190/0x194 [ 26.516614][ T3073] INITIAL USE at: [ 26.517616][ T3073] lock_acquire+0x100/0x1f8 [ 26.519241][ T3073] _raw_write_lock_bh+0x54/0x6c [ 26.520983][ T3073] sk_common_release+0x58/0x1d4 [ 26.522723][ T3073] udp_lib_close+0x20/0x30 [ 26.524301][ T3073] inet_release+0xc8/0xe4 [ 26.525870][ T3073] inet6_release+0x3c/0x58 [ 26.527474][ T3073] sock_close+0x50/0xf0 [ 26.529030][ T3073] __fput+0x198/0x3e4 [ 26.530519][ T3073] ____fput+0x20/0x30 [ 26.532050][ T3073] task_work_run+0x100/0x148 [ 26.533725][ T3073] do_notify_resume+0x174/0x1f0 [ 26.535443][ T3073] el0_svc+0x9c/0x150 [ 26.536940][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.538728][ T3073] el0t_64_sync+0x190/0x194 [ 26.540384][ T3073] INITIAL READ USE at: [ 26.541531][ T3073] lock_acquire+0x100/0x1f8 [ 26.543301][ T3073] _raw_read_lock_bh+0x64/0x7c [ 26.545139][ T3073] sock_i_uid+0x24/0x58 [ 26.546828][ T3073] udp_lib_lport_inuse+0x44/0x268 [ 26.548711][ T3073] udp_lib_get_port+0x2bc/0x8f8 [ 26.550702][ T3073] udp_v6_get_port+0x60/0x74 [ 26.552462][ T3073] __inet6_bind+0x688/0x8ac [ 26.554228][ T3073] inet6_bind+0xf4/0x150 [ 26.555886][ T3073] __sys_bind+0x148/0x1b0 [ 26.557594][ T3073] __arm64_sys_bind+0x28/0x3c [ 26.559418][ T3073] el0_svc_common+0x138/0x220 [ 26.561202][ T3073] do_el0_svc+0x48/0x164 [ 26.562842][ T3073] el0_svc+0x58/0x150 [ 26.564451][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.566336][ T3073] el0t_64_sync+0x190/0x194 [ 26.568044][ T3073] } [ 26.568713][ T3073] ... key at: [] af_callback_keys+0xa0/0x2e0 [ 26.570911][ T3073] ... acquired at: [ 26.571936][ T3073] mark_lock+0x154/0x1b4 [ 26.573152][ T3073] __lock_acquire+0x618/0x3084 [ 26.574501][ T3073] lock_acquire+0x100/0x1f8 [ 26.575760][ T3073] _raw_write_lock+0x54/0x6c [ 26.577063][ T3073] l2tp_tunnel_register+0x354/0x79c [ 26.578478][ T3073] pppol2tp_connect+0x3e8/0x6c4 [ 26.579813][ T3073] __sys_connect+0x184/0x190 [ 26.581116][ T3073] __arm64_sys_connect+0x28/0x3c [ 26.582535][ T3073] el0_svc_common+0x138/0x220 [ 26.583844][ T3073] do_el0_svc+0x48/0x164 [ 26.585046][ T3073] el0_svc+0x58/0x150 [ 26.586147][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.587531][ T3073] el0t_64_sync+0x190/0x194 [ 26.588799][ T3073] [ 26.589399][ T3073] [ 26.589399][ T3073] stack backtrace: [ 26.590998][ T3073] CPU: 0 PID: 3073 Comm: syz-executor533 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 26.593784][ T3073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 26.596448][ T3073] Call trace: [ 26.597308][ T3073] dump_backtrace+0x1c4/0x1f0 [ 26.598510][ T3073] show_stack+0x2c/0x54 [ 26.599627][ T3073] dump_stack_lvl+0x104/0x16c [ 26.600867][ T3073] dump_stack+0x1c/0x58 [ 26.601957][ T3073] print_irq_inversion_bug+0x2f8/0x300 [ 26.603427][ T3073] mark_lock_irq+0x3ec/0x4b4 [ 26.604655][ T3073] mark_lock+0x154/0x1b4 [ 26.605809][ T3073] __lock_acquire+0x618/0x3084 [ 26.607122][ T3073] lock_acquire+0x100/0x1f8 [ 26.608295][ T3073] _raw_write_lock+0x54/0x6c [ 26.609524][ T3073] l2tp_tunnel_register+0x354/0x79c [ 26.610939][ T3073] pppol2tp_connect+0x3e8/0x6c4 [ 26.612237][ T3073] __sys_connect+0x184/0x190 [ 26.613454][ T3073] __arm64_sys_connect+0x28/0x3c [ 26.614775][ T3073] el0_svc_common+0x138/0x220 [ 26.616028][ T3073] do_el0_svc+0x48/0x164 [ 26.617171][ T3073] el0_svc+0x58/0x150 [ 26.618281][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.619608][ T3073] el0t_64_sync+0x190/0x194 [ 26.620958][ T3073] BUG: sleeping function called from invalid context at include/linux/percpu-rwsem.h:49 [ 26.623476][ T3073] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3073, name: syz-executor533 [ 26.625895][ T3073] preempt_count: 1, expected: 0 [ 26.627164][ T3073] RCU nest depth: 0, expected: 0 [ 26.628402][ T3073] INFO: lockdep is turned off. [ 26.629604][ T3073] Preemption disabled at: [ 26.629609][ T3073] [] l2tp_tunnel_register+0x354/0x79c [ 26.632470][ T3073] CPU: 0 PID: 3073 Comm: syz-executor533 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 26.635114][ T3073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 26.637761][ T3073] Call trace: [ 26.638615][ T3073] dump_backtrace+0x1c4/0x1f0 [ 26.639849][ T3073] show_stack+0x2c/0x54 [ 26.640924][ T3073] dump_stack_lvl+0x104/0x16c [ 26.642147][ T3073] dump_stack+0x1c/0x58 [ 26.643226][ T3073] __might_resched+0x208/0x218 [ 26.644464][ T3073] __might_sleep+0x48/0x78 [ 26.645649][ T3073] cpus_read_lock+0x28/0x1e0 [ 26.646819][ T3073] static_key_slow_inc+0x1c/0x38 [ 26.648123][ T3073] udpv6_encap_enable+0x1c/0x28 [ 26.649371][ T3073] setup_udp_tunnel_sock+0xec/0x124 [ 26.650773][ T3073] l2tp_tunnel_register+0x68c/0x79c [ 26.652118][ T3073] pppol2tp_connect+0x3e8/0x6c4 [ 26.653354][ T3073] __sys_connect+0x184/0x190 [ 26.654559][ T3073] __arm64_sys_connect+0x28/0x3c [ 26.655813][ T3073] el0_svc_common+0x138/0x220 [ 26.657006][ T3073] do_el0_svc+0x48/0x164 [ 26.658117][ T3073] el0_svc+0x58/0x150 [ 26.659137][ T3073] el0t_64_sync_handler+0x84/0xf0 [ 26.660452][ T3073] el0t_64_sync+0x190/0x194