[ 9.902122][ T2658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 9.904823][ T2658] eql: remember to turn off Van-Jacobson compression on your slave devices [ 9.937122][ T49] gvnic 0000:00:00.0 enp0s0: Device link is up. [ 9.942573][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): enp0s0: link becomes ready Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.31' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 34.176383][ T3072] [ 34.176986][ T3072] ======================================================== [ 34.178808][ T3072] WARNING: possible irq lock inversion dependency detected [ 34.180600][ T3072] 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 Not tainted [ 34.182393][ T3072] -------------------------------------------------------- [ 34.184285][ T3072] syz-executor202/3072 just changed the state of lock: [ 34.186058][ T3072] ffff0000c9e383b8 (k-clock-AF_INET){+++.}-{2:2}, at: l2tp_tunnel_register+0x354/0x79c [ 34.188588][ T3072] but this lock was taken by another, SOFTIRQ-safe lock in the past: [ 34.190693][ T3072] (&tcp_hashinfo.bhash2[i].lock){+.-.}-{2:2} [ 34.190703][ T3072] [ 34.190703][ T3072] [ 34.190703][ T3072] and interrupts could create inverse lock ordering between them. [ 34.190703][ T3072] [ 34.195995][ T3072] [ 34.195995][ T3072] other info that might help us debug this: [ 34.198084][ T3072] Possible interrupt unsafe locking scenario: [ 34.198084][ T3072] [ 34.200240][ T3072] CPU0 CPU1 [ 34.201683][ T3072] ---- ---- [ 34.203048][ T3072] lock(k-clock-AF_INET); [ 34.204221][ T3072] local_irq_disable(); [ 34.205965][ T3072] lock(&tcp_hashinfo.bhash2[i].lock); [ 34.208073][ T3072] lock(k-clock-AF_INET); [ 34.209869][ T3072] [ 34.210769][ T3072] lock(&tcp_hashinfo.bhash2[i].lock); [ 34.212261][ T3072] [ 34.212261][ T3072] *** DEADLOCK *** [ 34.212261][ T3072] [ 34.214354][ T3072] 2 locks held by syz-executor202/3072: [ 34.215779][ T3072] #0: ffff80000d894668 (cb_lock){++++}-{3:3}, at: genl_rcv+0x28/0x50 [ 34.217910][ T3072] #1: ffff80000d894578 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x80/0x4f4 [ 34.220246][ T3072] [ 34.220246][ T3072] the shortest dependencies between 2nd lock and 1st lock: [ 34.222632][ T3072] -> (&tcp_hashinfo.bhash2[i].lock){+.-.}-{2:2} { [ 34.224356][ T3072] HARDIRQ-ON-W at: [ 34.225386][ T3072] lock_acquire+0x100/0x1f8 [ 34.227066][ T3072] _raw_spin_lock+0x54/0x6c [ 34.228688][ T3072] inet_csk_get_port+0x7d8/0xaf0 [ 34.230444][ T3072] __inet6_bind+0x688/0x8ac [ 34.232068][ T3072] inet6_bind+0xf4/0x150 [ 34.233635][ T3072] rds_tcp_listen_init+0x14c/0x1f0 [ 34.235440][ T3072] rds_tcp_init_net+0xcc/0x1dc [ 34.237198][ T3072] ops_init+0xe4/0x2e4 [ 34.238716][ T3072] register_pernet_operations+0x108/0x264 [ 34.240677][ T3072] register_pernet_device+0x3c/0x94 [ 34.242469][ T3072] rds_tcp_init+0x74/0xe0 [ 34.244106][ T3072] do_one_initcall+0x118/0x22c [ 34.245818][ T3072] do_initcall_level+0xac/0xe4 [ 34.247540][ T3072] do_initcalls+0x58/0xa8 [ 34.249158][ T3072] do_basic_setup+0x20/0x2c [ 34.250800][ T3072] kernel_init_freeable+0xb8/0x148 [ 34.252566][ T3072] kernel_init+0x24/0x290 [ 34.254182][ T3072] ret_from_fork+0x10/0x20 [ 34.255790][ T3072] IN-SOFTIRQ-W at: [ 34.256847][ T3072] lock_acquire+0x100/0x1f8 [ 34.258525][ T3072] _raw_spin_lock+0x54/0x6c [ 34.260158][ T3072] __inet_inherit_port+0x134/0x9ac [ 34.261939][ T3072] tcp_v4_syn_recv_sock+0x790/0x848 [ 34.263772][ T3072] tcp_check_req+0x75c/0x8e4 [ 34.265463][ T3072] tcp_v4_rcv+0xad4/0x11e8 [ 34.267092][ T3072] ip_protocol_deliver_rcu+0x224/0x414 [ 34.268954][ T3072] ip_local_deliver_finish+0x124/0x200 [ 34.270888][ T3072] ip_local_deliver+0xd0/0xf4 [ 34.272586][ T3072] ip_sublist_rcv+0x40c/0x474 [ 34.274317][ T3072] ip_list_rcv+0x184/0x1c8 [ 34.275943][ T3072] __netif_receive_skb_list_core+0x1f8/0x2b0 [ 34.277973][ T3072] __netif_receive_skb_list+0x16c/0x1d0 [ 34.279863][ T3072] netif_receive_skb_list_internal+0x1e8/0x340 [ 34.281944][ T3072] napi_complete_done+0x140/0x354 [ 34.283726][ T3072] gve_napi_poll+0xcc/0x1b4 [ 34.285326][ T3072] __napi_poll+0x5c/0x24c [ 34.286966][ T3072] napi_poll+0x110/0x484 [ 34.288521][ T3072] net_rx_action+0x18c/0x414 [ 34.290174][ T3072] _stext+0x168/0x37c [ 34.291673][ T3072] ____do_softirq+0x14/0x20 [ 34.293506][ T3072] call_on_irq_stack+0x2c/0x54 [ 34.295199][ T3072] do_softirq_own_stack+0x20/0x2c [ 34.296973][ T3072] invoke_softirq+0x70/0xbc [ 34.298609][ T3072] __irq_exit_rcu+0xf0/0x140 [ 34.300314][ T3072] irq_exit_rcu+0x10/0x40 [ 34.301890][ T3072] el1_interrupt+0x38/0x68 [ 34.303469][ T3072] el1h_64_irq_handler+0x18/0x24 [ 34.305243][ T3072] el1h_64_irq+0x64/0x68 [ 34.306807][ T3072] arch_local_irq_enable+0xc/0x18 [ 34.308554][ T3072] default_idle_call+0x48/0xb8 [ 34.310266][ T3072] do_idle+0x110/0x2d4 [ 34.311780][ T3072] cpu_startup_entry+0x24/0x28 [ 34.313473][ T3072] kernel_init+0x0/0x290 [ 34.315050][ T3072] start_kernel+0x0/0x620 [ 34.316610][ T3072] start_kernel+0x450/0x620 [ 34.318245][ T3072] __primary_switched+0xb4/0xbc [ 34.319997][ T3072] INITIAL USE at: [ 34.321034][ T3072] lock_acquire+0x100/0x1f8 [ 34.322688][ T3072] _raw_spin_lock+0x54/0x6c [ 34.324289][ T3072] inet_csk_get_port+0x7d8/0xaf0 [ 34.325995][ T3072] __inet6_bind+0x688/0x8ac [ 34.327610][ T3072] inet6_bind+0xf4/0x150 [ 34.329171][ T3072] rds_tcp_listen_init+0x14c/0x1f0 [ 34.330952][ T3072] rds_tcp_init_net+0xcc/0x1dc [ 34.332626][ T3072] ops_init+0xe4/0x2e4 [ 34.334120][ T3072] register_pernet_operations+0x108/0x264 [ 34.336059][ T3072] register_pernet_device+0x3c/0x94 [ 34.337836][ T3072] rds_tcp_init+0x74/0xe0 [ 34.339400][ T3072] do_one_initcall+0x118/0x22c [ 34.341115][ T3072] do_initcall_level+0xac/0xe4 [ 34.342825][ T3072] do_initcalls+0x58/0xa8 [ 34.344399][ T3072] do_basic_setup+0x20/0x2c [ 34.346053][ T3072] kernel_init_freeable+0xb8/0x148 [ 34.347796][ T3072] kernel_init+0x24/0x290 [ 34.349318][ T3072] ret_from_fork+0x10/0x20 [ 34.350900][ T3072] } [ 34.351552][ T3072] ... key at: [] tcp_init.__key.24+0x0/0x10 [ 34.353658][ T3072] ... acquired at: [ 34.354629][ T3072] _raw_read_lock_bh+0x64/0x7c [ 34.355901][ T3072] sock_i_uid+0x24/0x58 [ 34.356992][ T3072] inet_csk_update_fastreuse+0x34/0x2c0 [ 34.358445][ T3072] inet_csk_get_port+0x934/0xaf0 [ 34.359753][ T3072] inet_csk_listen_start+0x80/0x12c [ 34.361124][ T3072] inet_listen+0x14c/0x2f4 [ 34.362299][ T3072] kernel_listen+0x30/0x40 [ 34.363478][ T3072] smc_listen+0x2a4/0x340 [ 34.364625][ T3072] __sys_listen+0xfc/0x144 [ 34.365816][ T3072] __arm64_sys_listen+0x24/0x38 [ 34.367102][ T3072] el0_svc_common+0x138/0x220 [ 34.368327][ T3072] do_el0_svc+0x48/0x164 [ 34.369445][ T3072] el0_svc+0x58/0x150 [ 34.370511][ T3072] el0t_64_sync_handler+0x84/0xf0 [ 34.371837][ T3072] el0t_64_sync+0x190/0x194 [ 34.373052][ T3072] [ 34.373642][ T3072] -> (k-clock-AF_INET){+++.}-{2:2} { [ 34.375134][ T3072] HARDIRQ-ON-W at: [ 34.376163][ T3072] lock_acquire+0x100/0x1f8 [ 34.377768][ T3072] _raw_write_lock_bh+0x54/0x6c [ 34.379422][ T3072] smc_listen+0x1a8/0x340 [ 34.381082][ T3072] __sys_listen+0xfc/0x144 [ 34.382728][ T3072] __arm64_sys_listen+0x24/0x38 [ 34.384290][ T3072] el0_svc_common+0x138/0x220 [ 34.385834][ T3072] do_el0_svc+0x48/0x164 [ 34.387357][ T3072] el0_svc+0x58/0x150 [ 34.388841][ T3072] el0t_64_sync_handler+0x84/0xf0 [ 34.390575][ T3072] el0t_64_sync+0x190/0x194 [ 34.392157][ T3072] HARDIRQ-ON-R at: [ 34.393185][ T3072] lock_acquire+0x100/0x1f8 [ 34.394855][ T3072] _raw_read_lock_bh+0x64/0x7c [ 34.396517][ T3072] sock_i_uid+0x24/0x58 [ 34.397962][ T3072] udp_lib_lport_inuse+0x44/0x268 [ 34.399882][ T3072] udp_lib_get_port+0x2bc/0x8f8 [ 34.401557][ T3072] udp_v4_get_port+0xe0/0xf0 [ 34.403184][ T3072] __inet_bind+0x31c/0x45c [ 34.404738][ T3072] inet_bind+0xe8/0x144 [ 34.406240][ T3072] kernel_bind+0x3c/0x50 [ 34.407794][ T3072] udp_sock_create4+0xe8/0x208 [ 34.409460][ T3072] rxe_net_init+0x74/0x280 [ 34.411055][ T3072] rxe_module_init+0x18/0x64 [ 34.412651][ T3072] do_one_initcall+0x118/0x22c [ 34.414292][ T3072] do_initcall_level+0xac/0xe4 [ 34.415953][ T3072] do_initcalls+0x58/0xa8 [ 34.417500][ T3072] do_basic_setup+0x20/0x2c [ 34.419099][ T3072] kernel_init_freeable+0xb8/0x148 [ 34.420878][ T3072] kernel_init+0x24/0x290 [ 34.422415][ T3072] ret_from_fork+0x10/0x20 [ 34.424009][ T3072] SOFTIRQ-ON-W at: [ 34.425000][ T3072] lock_acquire+0x100/0x1f8 [ 34.426596][ T3072] _raw_write_lock+0x54/0x6c [ 34.428245][ T3072] l2tp_tunnel_register+0x354/0x79c [ 34.430047][ T3072] l2tp_nl_cmd_tunnel_create+0x1f8/0x330 [ 34.431919][ T3072] genl_rcv_msg+0x458/0x4f4 [ 34.433433][ T3072] netlink_rcv_skb+0xe8/0x1d4 [ 34.435140][ T3072] genl_rcv+0x38/0x50 [ 34.436685][ T3072] netlink_unicast_kernel+0xfc/0x1dc [ 34.438399][ T3072] netlink_unicast+0x164/0x248 [ 34.440123][ T3072] netlink_sendmsg+0x484/0x584 [ 34.441778][ T3072] ____sys_sendmsg+0x2f8/0x440 [ 34.443469][ T3072] __sys_sendmsg+0x1ac/0x228 [ 34.445093][ T3072] __arm64_sys_sendmsg+0x2c/0x3c [ 34.446842][ T3072] el0_svc_common+0x138/0x220 [ 34.448504][ T3072] do_el0_svc+0x48/0x164 [ 34.450054][ T3072] el0_svc+0x58/0x150 [ 34.451549][ T3072] el0t_64_sync_handler+0x84/0xf0 [ 34.453260][ T3072] el0t_64_sync+0x190/0x194 [ 34.454864][ T3072] INITIAL USE at: [ 34.455850][ T3072] lock_acquire+0x100/0x1f8 [ 34.457435][ T3072] _raw_write_lock_bh+0x54/0x6c [ 34.459137][ T3072] smc_listen+0x1a8/0x340 [ 34.460673][ T3072] __sys_listen+0xfc/0x144 [ 34.462211][ T3072] __arm64_sys_listen+0x24/0x38 [ 34.463858][ T3072] el0_svc_common+0x138/0x220 [ 34.465516][ T3072] do_el0_svc+0x48/0x164 [ 34.467024][ T3072] el0_svc+0x58/0x150 [ 34.468438][ T3072] el0t_64_sync_handler+0x84/0xf0 [ 34.470133][ T3072] el0t_64_sync+0x190/0x194 [ 34.471725][ T3072] INITIAL READ USE at: [ 34.472819][ T3072] lock_acquire+0x100/0x1f8 [ 34.474498][ T3072] _raw_read_lock_bh+0x64/0x7c [ 34.476234][ T3072] sock_i_uid+0x24/0x58 [ 34.477804][ T3072] udp_lib_lport_inuse+0x44/0x268 [ 34.479632][ T3072] udp_lib_get_port+0x2bc/0x8f8 [ 34.481406][ T3072] udp_v4_get_port+0xe0/0xf0 [ 34.483118][ T3072] __inet_bind+0x31c/0x45c [ 34.484798][ T3072] inet_bind+0xe8/0x144 [ 34.486396][ T3072] kernel_bind+0x3c/0x50 [ 34.488085][ T3072] udp_sock_create4+0xe8/0x208 [ 34.489896][ T3072] rxe_net_init+0x74/0x280 [ 34.491537][ T3072] rxe_module_init+0x18/0x64 [ 34.493263][ T3072] do_one_initcall+0x118/0x22c [ 34.495037][ T3072] do_initcall_level+0xac/0xe4 [ 34.496803][ T3072] do_initcalls+0x58/0xa8 [ 34.498415][ T3072] do_basic_setup+0x20/0x2c [ 34.500096][ T3072] kernel_init_freeable+0xb8/0x148 [ 34.501940][ T3072] kernel_init+0x24/0x290 [ 34.503577][ T3072] ret_from_fork+0x10/0x20 [ 34.505306][ T3072] } [ 34.505927][ T3072] ... key at: [] af_kern_callback_keys+0x20/0x2e0 [ 34.508179][ T3072] ... acquired at: [ 34.509166][ T3072] mark_lock+0x154/0x1b4 [ 34.510277][ T3072] __lock_acquire+0x618/0x3084 [ 34.511532][ T3072] lock_acquire+0x100/0x1f8 [ 34.512713][ T3072] _raw_write_lock+0x54/0x6c [ 34.514101][ T3072] l2tp_tunnel_register+0x354/0x79c [ 34.515498][ T3072] l2tp_nl_cmd_tunnel_create+0x1f8/0x330 [ 34.516993][ T3072] genl_rcv_msg+0x458/0x4f4 [ 34.518231][ T3072] netlink_rcv_skb+0xe8/0x1d4 [ 34.519534][ T3072] genl_rcv+0x38/0x50 [ 34.520601][ T3072] netlink_unicast_kernel+0xfc/0x1dc [ 34.522021][ T3072] netlink_unicast+0x164/0x248 [ 34.523369][ T3072] netlink_sendmsg+0x484/0x584 [ 34.524661][ T3072] ____sys_sendmsg+0x2f8/0x440 [ 34.525968][ T3072] __sys_sendmsg+0x1ac/0x228 [ 34.527168][ T3072] __arm64_sys_sendmsg+0x2c/0x3c [ 34.528491][ T3072] el0_svc_common+0x138/0x220 [ 34.529728][ T3072] do_el0_svc+0x48/0x164 [ 34.530889][ T3072] el0_svc+0x58/0x150 [ 34.531953][ T3072] el0t_64_sync_handler+0x84/0xf0 [ 34.533277][ T3072] el0t_64_sync+0x190/0x194 [ 34.534457][ T3072] [ 34.535038][ T3072] [ 34.535038][ T3072] stack backtrace: [ 34.536551][ T3072] CPU: 1 PID: 3072 Comm: syz-executor202 Not tainted 6.1.0-rc6-syzkaller-32653-g65762d97e6fa #0 [ 34.539434][ T3072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/30/2022 [ 34.542174][ T3072] Call trace: [ 34.543015][ T3072] dump_backtrace+0x1c4/0x1f0 [ 34.544306][ T3072] show_stack+0x2c/0x54 [ 34.545419][ T3072] dump_stack_lvl+0x104/0x16c [ 34.546606][ T3072] dump_stack+0x1c/0x58 [ 34.547643][ T3072] print_irq_inversion_bug+0x2f8/0x300 [ 34.549069][ T3072] mark_lock_irq+0x3ec/0x4b4 [ 34.550253][ T3072] mark_lock+0x154/0x1b4 [ 34.551321][ T3072] __lock_acquire+0x618/0x3084 [ 34.552514][ T3072] lock_acquire+0x100/0x1f8 [ 34.553648][ T3072] _raw_write_lock+0x54/0x6c [ 34.554973][ T3072] l2tp_tunnel_register+0x354/0x79c [ 34.556327][ T3072] l2tp_nl_cmd_tunnel_create+0x1f8/0x330 [ 34.557787][ T3072] genl_rcv_msg+0x458/0x4f4 [ 34.558972][ T3072] netlink_rcv_skb+0xe8/0x1d4 [ 34.560171][ T3072] genl_rcv+0x38/0x50 [ 34.561171][ T3072] netlink_unicast_kernel+0xfc/0x1dc [ 34.562548][ T3072] netlink_unicast+0x164/0x248 [ 34.563790][ T3072] netlink_sendmsg+0x484/0x584 [ 34.564994][ T3072] ____sys_sendmsg+0x2f8/0x440 [ 34.566241][ T3072] __sys_sendmsg+0x1ac/0x228 [ 34.567402][ T3072] __arm64_sys_sendmsg+0x2c/0x3c [ 34.568676][ T3072] el0_svc_common+0x138/0x220 [ 34.569918][ T3072] do_el0_svc+0x48/0x164 [ 34.571012][ T3072] el0_svc+0x58/0x150 [ 34.572077][ T3072] el0t_64_sync_handler+0x84/0xf0 [ 34.573400][ T3072] el0t_64_sync+0x190/0x194