[ 9.950252][ T2658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9.957803][ T2658] eql: remember to turn off Van-Jacobson compression on your slave devices [ 9.986548][ T49] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 9.990033][ T1291] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.141' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 26.623807][ T3079] [ 26.624477][ T3079] ======================================================== [ 26.626428][ T3079] WARNING: possible irq lock inversion dependency detected [ 26.628510][ T3079] 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 Not tainted [ 26.630421][ T3079] -------------------------------------------------------- [ 26.632398][ T3079] syz-executor291/3079 just changed the state of lock: [ 26.634240][ T3079] ffff0000cbb412b8 (clock-AF_INET6){+++.}-{2:2}, at: l2tp_tunnel_register+0x354/0x79c [ 26.636829][ T3079] but this lock was taken by another, SOFTIRQ-safe lock in the past: [ 26.639000][ T3079] (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} [ 26.639009][ T3079] [ 26.639009][ T3079] [ 26.639009][ T3079] and interrupts could create inverse lock ordering between them. [ 26.639009][ T3079] [ 26.644443][ T3079] [ 26.644443][ T3079] other info that might help us debug this: [ 26.646633][ T3079] Possible interrupt unsafe locking scenario: [ 26.646633][ T3079] [ 26.648874][ T3079] CPU0 CPU1 [ 26.650461][ T3079] ---- ---- [ 26.651902][ T3079] lock(clock-AF_INET6); [ 26.653056][ T3079] local_irq_disable(); [ 26.654860][ T3079] lock(&tcp_hashinfo.bhash[i].lock); [ 26.656992][ T3079] lock(clock-AF_INET6); [ 26.658847][ T3079] [ 26.659770][ T3079] lock(&tcp_hashinfo.bhash[i].lock); [ 26.661310][ T3079] [ 26.661310][ T3079] *** DEADLOCK *** [ 26.661310][ T3079] [ 26.663502][ T3079] 1 lock held by syz-executor291/3079: [ 26.664980][ T3079] #0: ffff0000cb08d930 (sk_lock-AF_PPPOX){+.+.}-{0:0}, at: pppol2tp_connect+0x184/0x6c4 [ 26.667618][ T3079] [ 26.667618][ T3079] the shortest dependencies between 2nd lock and 1st lock: [ 26.670127][ T3079] -> (&tcp_hashinfo.bhash[i].lock){+.-.}-{2:2} { [ 26.671827][ T3079] HARDIRQ-ON-W at: [ 26.672888][ T3079] lock_acquire+0x100/0x1f8 [ 26.674576][ T3079] _raw_spin_lock_bh+0x54/0x6c [ 26.676351][ T3079] inet_csk_get_port+0xe0/0xaf0 [ 26.678153][ T3079] __inet6_bind+0x688/0x8ac [ 26.679837][ T3079] inet6_bind+0xf4/0x150 [ 26.681472][ T3079] rds_tcp_listen_init+0x14c/0x1f0 [ 26.683343][ T3079] rds_tcp_init_net+0xcc/0x1dc [ 26.685077][ T3079] ops_init+0xe4/0x2e4 [ 26.686650][ T3079] register_pernet_operations+0x108/0x264 [ 26.688677][ T3079] register_pernet_device+0x3c/0x94 [ 26.690556][ T3079] rds_tcp_init+0x74/0xe0 [ 26.692231][ T3079] do_one_initcall+0x118/0x22c [ 26.694005][ T3079] do_initcall_level+0xac/0xe4 [ 26.695774][ T3079] do_initcalls+0x58/0xa8 [ 26.697458][ T3079] do_basic_setup+0x20/0x2c [ 26.699189][ T3079] kernel_init_freeable+0xb8/0x148 [ 26.701063][ T3079] kernel_init+0x24/0x290 [ 26.702749][ T3079] ret_from_fork+0x10/0x20 [ 26.704479][ T3079] IN-SOFTIRQ-W at: [ 26.705548][ T3079] lock_acquire+0x100/0x1f8 [ 26.707246][ T3079] _raw_spin_lock+0x54/0x6c [ 26.708932][ T3079] __inet_inherit_port+0x124/0x9ac [ 26.710813][ T3079] tcp_v4_syn_recv_sock+0x790/0x848 [ 26.712725][ T3079] tcp_check_req+0x75c/0x8e4 [ 26.714450][ T3079] tcp_v4_rcv+0xad4/0x11e8 [ 26.716088][ T3079] ip_protocol_deliver_rcu+0x224/0x414 [ 26.718049][ T3079] ip_local_deliver_finish+0x124/0x200 [ 26.720029][ T3079] ip_local_deliver+0xd0/0xf4 [ 26.721801][ T3079] ip_sublist_rcv+0x40c/0x474 [ 26.723532][ T3079] ip_list_rcv+0x184/0x1c8 [ 26.725226][ T3079] __netif_receive_skb_list_core+0x1f8/0x2b0 [ 26.727302][ T3079] __netif_receive_skb_list+0x16c/0x1d0 [ 26.729252][ T3079] netif_receive_skb_list_internal+0x1e8/0x340 [ 26.731406][ T3079] napi_complete_done+0x140/0x354 [ 26.733261][ T3079] gve_napi_poll+0xcc/0x1b4 [ 26.734954][ T3079] __napi_poll+0x5c/0x24c [ 26.736586][ T3079] napi_poll+0x110/0x484 [ 26.738229][ T3079] net_rx_action+0x18c/0x414 [ 26.739959][ T3079] _stext+0x168/0x37c [ 26.741476][ T3079] ____do_softirq+0x14/0x20 [ 26.743171][ T3079] call_on_irq_stack+0x2c/0x54 [ 26.744959][ T3079] do_softirq_own_stack+0x20/0x2c [ 26.746771][ T3079] invoke_softirq+0x70/0xbc [ 26.748433][ T3079] __irq_exit_rcu+0xf0/0x140 [ 26.750150][ T3079] irq_exit_rcu+0x10/0x40 [ 26.751790][ T3079] el1_interrupt+0x38/0x68 [ 26.753443][ T3079] el1h_64_irq_handler+0x18/0x24 [ 26.755273][ T3079] el1h_64_irq+0x64/0x68 [ 26.756888][ T3079] arch_local_irq_enable+0xc/0x18 [ 26.758714][ T3079] default_idle_call+0x48/0xb8 [ 26.760572][ T3079] do_idle+0x110/0x2d4 [ 26.762148][ T3079] cpu_startup_entry+0x24/0x28 [ 26.763931][ T3079] kernel_init+0x0/0x290 [ 26.765604][ T3079] start_kernel+0x0/0x620 [ 26.767284][ T3079] start_kernel+0x450/0x620 [ 26.768980][ T3079] __primary_switched+0xb4/0xbc [ 26.770760][ T3079] INITIAL USE at: [ 26.771807][ T3079] lock_acquire+0x100/0x1f8 [ 26.773480][ T3079] _raw_spin_lock_bh+0x54/0x6c [ 26.775235][ T3079] inet_csk_get_port+0xe0/0xaf0 [ 26.777058][ T3079] __inet6_bind+0x688/0x8ac [ 26.778740][ T3079] inet6_bind+0xf4/0x150 [ 26.780389][ T3079] rds_tcp_listen_init+0x14c/0x1f0 [ 26.782290][ T3079] rds_tcp_init_net+0xcc/0x1dc [ 26.784065][ T3079] ops_init+0xe4/0x2e4 [ 26.785731][ T3079] register_pernet_operations+0x108/0x264 [ 26.787657][ T3079] register_pernet_device+0x3c/0x94 [ 26.789436][ T3079] rds_tcp_init+0x74/0xe0 [ 26.791092][ T3079] do_one_initcall+0x118/0x22c [ 26.792838][ T3079] do_initcall_level+0xac/0xe4 [ 26.794598][ T3079] do_initcalls+0x58/0xa8 [ 26.796210][ T3079] do_basic_setup+0x20/0x2c [ 26.797865][ T3079] kernel_init_freeable+0xb8/0x148 [ 26.799693][ T3079] kernel_init+0x24/0x290 [ 26.801326][ T3079] ret_from_fork+0x10/0x20 [ 26.803060][ T3079] } [ 26.803756][ T3079] ... key at: [] tcp_init.__key.22+0x0/0x10 [ 26.806014][ T3079] ... acquired at: [ 26.807087][ T3079] _raw_read_lock_bh+0x64/0x7c [ 26.808418][ T3079] sock_i_uid+0x24/0x58 [ 26.809573][ T3079] inet_csk_get_port+0x674/0xaf0 [ 26.810940][ T3079] __inet6_bind+0x688/0x8ac [ 26.812207][ T3079] inet6_bind+0xf4/0x150 [ 26.813361][ T3079] __sys_bind+0x148/0x1b0 [ 26.814573][ T3079] __arm64_sys_bind+0x28/0x3c [ 26.815850][ T3079] el0_svc_common+0x138/0x220 [ 26.817193][ T3079] do_el0_svc+0x48/0x164 [ 26.818370][ T3079] el0_svc+0x58/0x150 [ 26.819478][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.820868][ T3079] el0t_64_sync+0x190/0x194 [ 26.822097][ T3079] [ 26.822701][ T3079] -> (clock-AF_INET6){+++.}-{2:2} { [ 26.824115][ T3079] HARDIRQ-ON-W at: [ 26.825159][ T3079] lock_acquire+0x100/0x1f8 [ 26.826824][ T3079] _raw_write_lock_bh+0x54/0x6c [ 26.828669][ T3079] sk_common_release+0x58/0x1d4 [ 26.830346][ T3079] udp_lib_close+0x20/0x30 [ 26.831917][ T3079] inet_release+0xc8/0xe4 [ 26.833656][ T3079] inet6_release+0x3c/0x58 [ 26.835323][ T3079] sock_close+0x50/0xf0 [ 26.836875][ T3079] __fput+0x198/0x3e4 [ 26.838377][ T3079] ____fput+0x20/0x30 [ 26.839870][ T3079] task_work_run+0x100/0x148 [ 26.841567][ T3079] do_notify_resume+0x174/0x1f0 [ 26.843287][ T3079] el0_svc+0x9c/0x150 [ 26.844772][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.846553][ T3079] el0t_64_sync+0x190/0x194 [ 26.848174][ T3079] HARDIRQ-ON-R at: [ 26.849207][ T3079] lock_acquire+0x100/0x1f8 [ 26.850844][ T3079] _raw_read_lock_bh+0x64/0x7c [ 26.852581][ T3079] sock_i_uid+0x24/0x58 [ 26.854130][ T3079] udp_lib_lport_inuse+0x44/0x268 [ 26.855911][ T3079] udp_lib_get_port+0x2bc/0x8f8 [ 26.857652][ T3079] udp_v6_get_port+0x60/0x74 [ 26.859343][ T3079] __inet6_bind+0x688/0x8ac [ 26.861024][ T3079] inet6_bind+0xf4/0x150 [ 26.862591][ T3079] __sys_bind+0x148/0x1b0 [ 26.864238][ T3079] __arm64_sys_bind+0x28/0x3c [ 26.865902][ T3079] el0_svc_common+0x138/0x220 [ 26.867630][ T3079] do_el0_svc+0x48/0x164 [ 26.869185][ T3079] el0_svc+0x58/0x150 [ 26.870701][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.872512][ T3079] el0t_64_sync+0x190/0x194 [ 26.874149][ T3079] SOFTIRQ-ON-W at: [ 26.875207][ T3079] lock_acquire+0x100/0x1f8 [ 26.876849][ T3079] _raw_write_lock+0x54/0x6c [ 26.878614][ T3079] l2tp_tunnel_register+0x354/0x79c [ 26.880465][ T3079] pppol2tp_connect+0x3e8/0x6c4 [ 26.882208][ T3079] __sys_connect+0x184/0x190 [ 26.883893][ T3079] __arm64_sys_connect+0x28/0x3c [ 26.885850][ T3079] el0_svc_common+0x138/0x220 [ 26.887768][ T3079] do_el0_svc+0x48/0x164 [ 26.889346][ T3079] el0_svc+0x58/0x150 [ 26.890848][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.892650][ T3079] el0t_64_sync+0x190/0x194 [ 26.894328][ T3079] INITIAL USE at: [ 26.895408][ T3079] lock_acquire+0x100/0x1f8 [ 26.897038][ T3079] _raw_write_lock_bh+0x54/0x6c [ 26.898832][ T3079] sk_common_release+0x58/0x1d4 [ 26.900651][ T3079] udp_lib_close+0x20/0x30 [ 26.902200][ T3079] inet_release+0xc8/0xe4 [ 26.903716][ T3079] inet6_release+0x3c/0x58 [ 26.905537][ T3079] sock_close+0x50/0xf0 [ 26.907158][ T3079] __fput+0x198/0x3e4 [ 26.908688][ T3079] ____fput+0x20/0x30 [ 26.910151][ T3079] task_work_run+0x100/0x148 [ 26.911831][ T3079] do_notify_resume+0x174/0x1f0 [ 26.913533][ T3079] el0_svc+0x9c/0x150 [ 26.915035][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.916812][ T3079] el0t_64_sync+0x190/0x194 [ 26.918464][ T3079] INITIAL READ USE at: [ 26.919621][ T3079] lock_acquire+0x100/0x1f8 [ 26.921364][ T3079] _raw_read_lock_bh+0x64/0x7c [ 26.923205][ T3079] sock_i_uid+0x24/0x58 [ 26.924829][ T3079] udp_lib_lport_inuse+0x44/0x268 [ 26.926741][ T3079] udp_lib_get_port+0x2bc/0x8f8 [ 26.928570][ T3079] udp_v6_get_port+0x60/0x74 [ 26.930320][ T3079] __inet6_bind+0x688/0x8ac [ 26.932051][ T3079] inet6_bind+0xf4/0x150 [ 26.933699][ T3079] __sys_bind+0x148/0x1b0 [ 26.935414][ T3079] __arm64_sys_bind+0x28/0x3c [ 26.937179][ T3079] el0_svc_common+0x138/0x220 [ 26.938996][ T3079] do_el0_svc+0x48/0x164 [ 26.940660][ T3079] el0_svc+0x58/0x150 [ 26.942293][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.944181][ T3079] el0t_64_sync+0x190/0x194 [ 26.945954][ T3079] } [ 26.946596][ T3079] ... key at: [] af_callback_keys+0xa0/0x2e0 [ 26.948734][ T3079] ... acquired at: [ 26.949762][ T3079] mark_lock+0x154/0x1b4 [ 26.950934][ T3079] __lock_acquire+0x618/0x3084 [ 26.952250][ T3079] lock_acquire+0x100/0x1f8 [ 26.953517][ T3079] _raw_write_lock+0x54/0x6c [ 26.954771][ T3079] l2tp_tunnel_register+0x354/0x79c [ 26.956205][ T3079] pppol2tp_connect+0x3e8/0x6c4 [ 26.957523][ T3079] __sys_connect+0x184/0x190 [ 26.958817][ T3079] __arm64_sys_connect+0x28/0x3c [ 26.960173][ T3079] el0_svc_common+0x138/0x220 [ 26.961463][ T3079] do_el0_svc+0x48/0x164 [ 26.962628][ T3079] el0_svc+0x58/0x150 [ 26.963727][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.965127][ T3079] el0t_64_sync+0x190/0x194 [ 26.966386][ T3079] [ 26.967016][ T3079] [ 26.967016][ T3079] stack backtrace: [ 26.968637][ T3079] CPU: 0 PID: 3079 Comm: syz-executor291 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 26.971455][ T3079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 26.974172][ T3079] Call trace: [ 26.975036][ T3079] dump_backtrace+0x1c4/0x1f0 [ 26.976274][ T3079] show_stack+0x2c/0x54 [ 26.977395][ T3079] dump_stack_lvl+0x104/0x16c [ 26.978625][ T3079] dump_stack+0x1c/0x58 [ 26.979746][ T3079] print_irq_inversion_bug+0x2f8/0x300 [ 26.981188][ T3079] mark_lock_irq+0x3ec/0x4b4 [ 26.982387][ T3079] mark_lock+0x154/0x1b4 [ 26.983495][ T3079] __lock_acquire+0x618/0x3084 [ 26.984784][ T3079] lock_acquire+0x100/0x1f8 [ 26.985985][ T3079] _raw_write_lock+0x54/0x6c [ 26.987215][ T3079] l2tp_tunnel_register+0x354/0x79c [ 26.988595][ T3079] pppol2tp_connect+0x3e8/0x6c4 [ 26.989883][ T3079] __sys_connect+0x184/0x190 [ 26.991112][ T3079] __arm64_sys_connect+0x28/0x3c [ 26.992469][ T3079] el0_svc_common+0x138/0x220 [ 26.993747][ T3079] do_el0_svc+0x48/0x164 [ 26.994897][ T3079] el0_svc+0x58/0x150 [ 26.995977][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 26.997304][ T3079] el0t_64_sync+0x190/0x194 [ 26.998643][ T3079] BUG: sleeping function called from invalid context at include/linux/percpu-rwsem.h:49 [ 27.001276][ T3079] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3079, name: syz-executor291 [ 27.003659][ T3079] preempt_count: 1, expected: 0 [ 27.004897][ T3079] RCU nest depth: 0, expected: 0 [ 27.006148][ T3079] INFO: lockdep is turned off. [ 27.007372][ T3079] Preemption disabled at: [ 27.007377][ T3079] [] l2tp_tunnel_register+0x354/0x79c [ 27.010296][ T3079] CPU: 0 PID: 3079 Comm: syz-executor291 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 27.012967][ T3079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 27.015525][ T3079] Call trace: [ 27.016332][ T3079] dump_backtrace+0x1c4/0x1f0 [ 27.017537][ T3079] show_stack+0x2c/0x54 [ 27.018545][ T3079] dump_stack_lvl+0x104/0x16c [ 27.019733][ T3079] dump_stack+0x1c/0x58 [ 27.020822][ T3079] __might_resched+0x208/0x218 [ 27.022095][ T3079] __might_sleep+0x48/0x78 [ 27.023246][ T3079] cpus_read_lock+0x28/0x1e0 [ 27.024453][ T3079] static_key_slow_inc+0x1c/0x38 [ 27.025733][ T3079] udpv6_encap_enable+0x1c/0x28 [ 27.027005][ T3079] setup_udp_tunnel_sock+0xec/0x124 [ 27.028366][ T3079] l2tp_tunnel_register+0x68c/0x79c [ 27.029736][ T3079] pppol2tp_connect+0x3e8/0x6c4 [ 27.031015][ T3079] __sys_connect+0x184/0x190 [ 27.032203][ T3079] __arm64_sys_connect+0x28/0x3c [ 27.033534][ T3079] el0_svc_common+0x138/0x220 [ 27.034753][ T3079] do_el0_svc+0x48/0x164 [ 27.035862][ T3079] el0_svc+0x58/0x150 [ 27.036895][ T3079] el0t_64_sync_handler+0x84/0xf0 [ 27.038200][ T3079] el0t_64_sync+0x190/0x194