===================================================== PM: Marking nosave pages: [mem 0x00000000-0x00000fff] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected 5.0.0-rc4+ #51 Not tainted kobject: 'rx-77' (00000000f4d3b52a): kobject_add_internal: parent: 'queues', set: 'queues' ----------------------------------------------------- syz-executor1/11640 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: 000000004ce6d27e (&fiq->waitq){+.+.}, at: spin_lock include/linux/spinlock.h:329 [inline] 000000004ce6d27e (&fiq->waitq){+.+.}, at: aio_poll+0x7b9/0x14e0 fs/aio.c:1772 and this task is already holding: 00000000cdda5a3d (&(&ctx->ctx_lock)->rlock){..-.}, at: spin_lock_irq include/linux/spinlock.h:354 [inline] 00000000cdda5a3d (&(&ctx->ctx_lock)->rlock){..-.}, at: aio_poll+0x790/0x14e0 fs/aio.c:1771 ------------[ cut here ]------------ which would create a new lock dependency: downgrading a read lock WARNING: CPU: 1 PID: 11638 at kernel/locking/lockdep.c:3553 __lock_downgrade kernel/locking/lockdep.c:3553 [inline] WARNING: CPU: 1 PID: 11638 at kernel/locking/lockdep.c:3553 lock_downgrade+0x4d2/0x910 kernel/locking/lockdep.c:3816 (&(&ctx->ctx_lock)->rlock){..-.} -> (&fiq->waitq){+.+.} Kernel panic - not syncing: panic_on_warn set ... but this new dependency connects a SOFTIRQ-irq-safe lock: CPU: 1 PID: 11638 Comm: blkid Not tainted 5.0.0-rc4+ #51 (&(&ctx->ctx_lock)->rlock){..-.} ... which became SOFTIRQ-irq-safe at: Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 Call Trace: __raw_spin_lock_irq include/linux/spinlock_api_smp.h:128 [inline] _raw_spin_lock_irq+0x60/0x80 kernel/locking/spinlock.c:160 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1db/0x2d0 lib/dump_stack.c:113 spin_lock_irq include/linux/spinlock.h:354 [inline] free_ioctx_users+0xa7/0x6e0 fs/aio.c:610 percpu_ref_put_many include/linux/percpu-refcount.h:285 [inline] percpu_ref_put include/linux/percpu-refcount.h:301 [inline] percpu_ref_call_confirm_rcu lib/percpu-refcount.c:123 [inline] percpu_ref_switch_to_atomic_rcu+0x50c/0x6b0 lib/percpu-refcount.c:158 __rcu_reclaim kernel/rcu/rcu.h:240 [inline] rcu_do_batch kernel/rcu/tree.c:2452 [inline] invoke_rcu_callbacks kernel/rcu/tree.c:2773 [inline] rcu_process_callbacks+0xc4a/0x1680 kernel/rcu/tree.c:2754 panic+0x2cb/0x65c kernel/panic.c:214 __do_softirq+0x30b/0xb11 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0x180/0x1d0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0x1b7/0x760 arch/x86/kernel/apic/apic.c:1062 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:807 check_preemption_disabled+0x13/0x290 lib/smp_processor_id.c:12 debug_smp_processor_id+0x1c/0x20 lib/smp_processor_id.c:56 rcu_dynticks_curr_cpu_in_eqs+0x69/0x170 kernel/rcu/tree.c:303 rcu_is_watching+0x10/0x30 kernel/rcu/tree.c:932 __warn.cold+0x20/0x48 kernel/panic.c:571 rcu_read_lock+0x43/0x70 include/linux/rcupdate.h:608 lock_page_memcg+0x75/0x2e0 mm/memcontrol.c:1885 report_bug+0x263/0x2b0 lib/bug.c:186 page_remove_file_rmap mm/rmap.c:1217 [inline] page_remove_rmap+0x7e8/0x1990 mm/rmap.c:1302 fixup_bug arch/x86/kernel/traps.c:178 [inline] fixup_bug arch/x86/kernel/traps.c:173 [inline] do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:271 zap_pte_range mm/memory.c:1090 [inline] zap_pmd_range mm/memory.c:1192 [inline] zap_pud_range mm/memory.c:1221 [inline] zap_p4d_range mm/memory.c:1242 [inline] unmap_page_range+0xf0f/0x25a0 mm/memory.c:1263 do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:290 unmap_single_vma+0x19d/0x300 mm/memory.c:1308 unmap_vmas+0x17c/0x310 mm/memory.c:1339 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:973 exit_mmap+0x2d4/0x5d0 mm/mmap.c:3140 RIP: 0010:__lock_downgrade kernel/locking/lockdep.c:3553 [inline] RIP: 0010:lock_downgrade+0x4d2/0x910 kernel/locking/lockdep.c:3816 __mmput kernel/fork.c:1047 [inline] mmput+0x240/0x640 kernel/fork.c:1068 Code: 00 00 00 fc ff df 41 c6 04 06 f8 e9 1f ff ff ff 48 c7 c7 40 aa 4b 88 4c 89 8d 58 ff ff ff 48 89 85 60 ff ff ff e8 7e 10 e7 ff <0f> 0b 48 8b 85 60 ff ff ff 4c 8d 5d d8 4c 89 f1 48 ba 00 00 00 00 exit_mm kernel/exit.c:545 [inline] do_exit+0x9e2/0x26e0 kernel/exit.c:854 RSP: 0018:ffff8880555e7bb8 EFLAGS: 00010082 do_group_exit+0x177/0x430 kernel/exit.c:971 RAX: 0000000000000000 RBX: 1ffff1100aabcf7d RCX: 0000000000000000 get_signal+0x8b4/0x19b0 kernel/signal.c:2517 RDX: 0000000000000000 RSI: ffffffff81685776 RDI: 0000000000000006 do_signal+0x91/0x1ea0 arch/x86/kernel/signal.c:816 RBP: ffff8880555e7c70 R08: ffff888055c06640 R09: fffffbfff1333349 exit_to_usermode_loop+0x2f7/0x3b0 arch/x86/entry/common.c:162 R10: fffffbfff1333348 R11: ffffffff89999a43 R12: ffff888055c06640 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x696/0x800 arch/x86/entry/common.c:293 R13: ffffffff8b56caa0 R14: ffff8880555e7c08 R15: 0000000000000001 entry_SYSCALL_64_after_hwframe+0x49/0xbe to a SOFTIRQ-irq-unsafe lock: (&fiq->waitq){+.+.} ... which became SOFTIRQ-irq-unsafe at: ... lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [inline] flush_bg_queue+0x28c/0x570 fs/fuse/dev.c:413 fuse_request_queue_background+0x360/0x640 fs/fuse/dev.c:652 fuse_request_send_background+0x58/0x120 fs/fuse/dev.c:663 cuse_send_init fs/fuse/cuse.c:458 [inline] cuse_channel_open+0x612/0x96a fs/fuse/cuse.c:518 downgrade_write+0x76/0x270 kernel/locking/rwsem.c:147 misc_open+0x398/0x4c0 drivers/char/misc.c:141 chrdev_open+0x270/0x7c0 fs/char_dev.c:417 do_dentry_open+0x48a/0x1210 fs/open.c:771 vfs_open+0xa0/0xd0 fs/open.c:880 do_last fs/namei.c:3418 [inline] path_openat+0x144f/0x5650 fs/namei.c:3534 do_filp_open+0x26f/0x370 fs/namei.c:3564 __do_munmap+0xc5a/0xef0 mm/mmap.c:2823 do_sys_open+0x59a/0x7c0 fs/open.c:1063 __vm_munmap+0x139/0x1f0 mm/mmap.c:2848 __do_sys_openat fs/open.c:1090 [inline] __se_sys_openat fs/open.c:1084 [inline] __x64_sys_openat+0x9d/0x100 fs/open.c:1084 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: __do_sys_munmap mm/mmap.c:2873 [inline] __se_sys_munmap mm/mmap.c:2870 [inline] __x64_sys_munmap+0x67/0x80 mm/mmap.c:2870 Possible interrupt unsafe locking scenario: CPU0 CPU1 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 ---- ---- lock(&fiq->waitq); local_irq_disable(); lock(&(&ctx->ctx_lock)->rlock); lock(&fiq->waitq); entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fed446cc417 lock(&(&ctx->ctx_lock)->rlock); Code: f0 ff ff 73 01 c3 48 8d 0d 8a ad 20 00 31 d2 48 29 c2 89 11 48 83 c8 ff eb eb 90 90 90 90 90 90 90 90 90 b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8d 0d 5d ad 20 00 31 d2 48 29 c2 89 *** DEADLOCK *** RSP: 002b:00007fff3a30d3e8 EFLAGS: 00000203 ORIG_RAX: 000000000000000b 1 lock held by syz-executor1/11640: RAX: ffffffffffffffda RBX: 00007fed448d71c8 RCX: 00007fed446cc417 #0: 00000000cdda5a3d (&(&ctx->ctx_lock)->rlock){..-.}, at: spin_lock_irq include/linux/spinlock.h:354 [inline] #0: 00000000cdda5a3d (&(&ctx->ctx_lock)->rlock){..-.}, at: aio_poll+0x790/0x14e0 fs/aio.c:1771 RDX: 0000000000143100 RSI: 00000000000033ef RDI: 00007fed448cf000 the dependencies between SOFTIRQ-irq-safe lock and the holding lock: RBP: 00007fff3a30d550 R08: 0000000000000001 R09: 0000000000000007 -> (&(&ctx->ctx_lock)->rlock){..-.} { R10: 00007fed446c6a0b R11: 0000000000000203 R12: 00000000db0f406e IN-SOFTIRQ-W at: R13: 0000009ddb0f406e R14: 0000009ddafd0bac R15: 00007fed448cc740 lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:128 [inline] _raw_spin_lock_irq+0x60/0x80 kernel/locking/spinlock.c:160 spin_lock_irq include/linux/spinlock.h:354 [inline] free_ioctx_users+0xa7/0x6e0 fs/aio.c:610 percpu_ref_put_many include/linux/percpu-refcount.h:285 [inline] percpu_ref_put include/linux/percpu-refcount.h:301 [inline] percpu_ref_call_confirm_rcu lib/percpu-refcount.c:123 [inline] percpu_ref_switch_to_atomic_rcu+0x50c/0x6b0 lib/percpu-refcount.c:158 __rcu_reclaim kernel/rcu/rcu.h:240 [inline] rcu_do_batch kernel/rcu/tree.c:2452 [inline] invoke_rcu_callbacks kernel/rcu/tree.c:2773 [inline] rcu_process_callbacks+0xc4a/0x1680 kernel/rcu/tree.c:2754 __do_softirq+0x30b/0xb11 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0x180/0x1d0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0x1b7/0x760 arch/x86/kernel/apic/apic.c:1062 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:807 check_preemption_disabled+0x13/0x290 lib/smp_processor_id.c:12 debug_smp_processor_id+0x1c/0x20 lib/smp_processor_id.c:56 rcu_dynticks_curr_cpu_in_eqs+0x69/0x170 kernel/rcu/tree.c:303 rcu_is_watching+0x10/0x30 kernel/rcu/tree.c:932 rcu_read_lock+0x43/0x70 include/linux/rcupdate.h:608 lock_page_memcg+0x75/0x2e0 mm/memcontrol.c:1885 page_remove_file_rmap mm/rmap.c:1217 [inline] page_remove_rmap+0x7e8/0x1990 mm/rmap.c:1302 zap_pte_range mm/memory.c:1090 [inline] zap_pmd_range mm/memory.c:1192 [inline] zap_pud_range mm/memory.c:1221 [inline] zap_p4d_range mm/memory.c:1242 [inline] unmap_page_range+0xf0f/0x25a0 mm/memory.c:1263 unmap_single_vma+0x19d/0x300 mm/memory.c:1308 unmap_vmas+0x17c/0x310 mm/memory.c:1339 exit_mmap+0x2d4/0x5d0 mm/mmap.c:3140 __mmput kernel/fork.c:1047 [inline] mmput+0x240/0x640 kernel/fork.c:1068 exit_mm kernel/exit.c:545 [inline] do_exit+0x9e2/0x26e0 kernel/exit.c:854 do_group_exit+0x177/0x430 kernel/exit.c:971 get_signal+0x8b4/0x19b0 kernel/signal.c:2517 do_signal+0x91/0x1ea0 arch/x86/kernel/signal.c:816 exit_to_usermode_loop+0x2f7/0x3b0 arch/x86/entry/common.c:162 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x696/0x800 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe INITIAL USE at: lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:128 [inline] _raw_spin_lock_irq+0x60/0x80 kernel/locking/spinlock.c:160 spin_lock_irq include/linux/spinlock.h:354 [inline] free_ioctx_users+0xa7/0x6e0 fs/aio.c:610 percpu_ref_put_many include/linux/percpu-refcount.h:285 [inline] percpu_ref_put include/linux/percpu-refcount.h:301 [inline] percpu_ref_call_confirm_rcu lib/percpu-refcount.c:123 [inline] percpu_ref_switch_to_atomic_rcu+0x50c/0x6b0 lib/percpu-refcount.c:158 __rcu_reclaim kernel/rcu/rcu.h:240 [inline] rcu_do_batch kernel/rcu/tree.c:2452 [inline] invoke_rcu_callbacks kernel/rcu/tree.c:2773 [inline] rcu_process_callbacks+0xc4a/0x1680 kernel/rcu/tree.c:2754 __do_softirq+0x30b/0xb11 kernel/softirq.c:292 invoke_softirq kernel/softirq.c:373 [inline] irq_exit+0x180/0x1d0 kernel/softirq.c:413 exiting_irq arch/x86/include/asm/apic.h:536 [inline] smp_apic_timer_interrupt+0x1b7/0x760 arch/x86/kernel/apic/apic.c:1062 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:807 check_preemption_disabled+0x13/0x290 lib/smp_processor_id.c:12 debug_smp_processor_id+0x1c/0x20 lib/smp_processor_id.c:56 rcu_dynticks_curr_cpu_in_eqs+0x69/0x170 kernel/rcu/tree.c:303 rcu_is_watching+0x10/0x30 kernel/rcu/tree.c:932 rcu_read_lock+0x43/0x70 include/linux/rcupdate.h:608 lock_page_memcg+0x75/0x2e0 mm/memcontrol.c:1885 page_remove_file_rmap mm/rmap.c:1217 [inline] page_remove_rmap+0x7e8/0x1990 mm/rmap.c:1302 zap_pte_range mm/memory.c:1090 [inline] zap_pmd_range mm/memory.c:1192 [inline] zap_pud_range mm/memory.c:1221 [inline] zap_p4d_range mm/memory.c:1242 [inline] unmap_page_range+0xf0f/0x25a0 mm/memory.c:1263 unmap_single_vma+0x19d/0x300 mm/memory.c:1308 unmap_vmas+0x17c/0x310 mm/memory.c:1339 exit_mmap+0x2d4/0x5d0 mm/mmap.c:3140 __mmput kernel/fork.c:1047 [inline] mmput+0x240/0x640 kernel/fork.c:1068 exit_mm kernel/exit.c:545 [inline] do_exit+0x9e2/0x26e0 kernel/exit.c:854 do_group_exit+0x177/0x430 kernel/exit.c:971 get_signal+0x8b4/0x19b0 kernel/signal.c:2517 do_signal+0x91/0x1ea0 arch/x86/kernel/signal.c:816 exit_to_usermode_loop+0x2f7/0x3b0 arch/x86/entry/common.c:162 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x696/0x800 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe } ... key at: [] __key.51971+0x0/0x40 ... acquired at: lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [inline] aio_poll+0x7b9/0x14e0 fs/aio.c:1772 __io_submit_one fs/aio.c:1875 [inline] io_submit_one+0xc39/0x1050 fs/aio.c:1908 __do_sys_io_submit fs/aio.c:1953 [inline] __se_sys_io_submit fs/aio.c:1923 [inline] __x64_sys_io_submit+0x1c4/0x5d0 fs/aio.c:1923 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe the dependencies between the lock to be acquired and SOFTIRQ-irq-unsafe lock: -> (&fiq->waitq){+.+.} { HARDIRQ-ON-W at: lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [inline] flush_bg_queue+0x28c/0x570 fs/fuse/dev.c:413 fuse_request_queue_background+0x360/0x640 fs/fuse/dev.c:652 fuse_request_send_background+0x58/0x120 fs/fuse/dev.c:663 cuse_send_init fs/fuse/cuse.c:458 [inline] cuse_channel_open+0x612/0x96a fs/fuse/cuse.c:518 misc_open+0x398/0x4c0 drivers/char/misc.c:141 chrdev_open+0x270/0x7c0 fs/char_dev.c:417 do_dentry_open+0x48a/0x1210 fs/open.c:771 vfs_open+0xa0/0xd0 fs/open.c:880 do_last fs/namei.c:3418 [inline] path_openat+0x144f/0x5650 fs/namei.c:3534 do_filp_open+0x26f/0x370 fs/namei.c:3564 do_sys_open+0x59a/0x7c0 fs/open.c:1063 __do_sys_openat fs/open.c:1090 [inline] __se_sys_openat fs/open.c:1084 [inline] __x64_sys_openat+0x9d/0x100 fs/open.c:1084 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe SOFTIRQ-ON-W at: lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [inline] flush_bg_queue+0x28c/0x570 fs/fuse/dev.c:413 fuse_request_queue_background+0x360/0x640 fs/fuse/dev.c:652 fuse_request_send_background+0x58/0x120 fs/fuse/dev.c:663 cuse_send_init fs/fuse/cuse.c:458 [inline] cuse_channel_open+0x612/0x96a fs/fuse/cuse.c:518 misc_open+0x398/0x4c0 drivers/char/misc.c:141 chrdev_open+0x270/0x7c0 fs/char_dev.c:417 do_dentry_open+0x48a/0x1210 fs/open.c:771 vfs_open+0xa0/0xd0 fs/open.c:880 do_last fs/namei.c:3418 [inline] path_openat+0x144f/0x5650 fs/namei.c:3534 do_filp_open+0x26f/0x370 fs/namei.c:3564 do_sys_open+0x59a/0x7c0 fs/open.c:1063 __do_sys_openat fs/open.c:1090 [inline] __se_sys_openat fs/open.c:1084 [inline] __x64_sys_openat+0x9d/0x100 fs/open.c:1084 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe INITIAL USE at: lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [inline] flush_bg_queue+0x28c/0x570 fs/fuse/dev.c:413 fuse_request_queue_background+0x360/0x640 fs/fuse/dev.c:652 fuse_request_send_background+0x58/0x120 fs/fuse/dev.c:663 cuse_send_init fs/fuse/cuse.c:458 [inline] cuse_channel_open+0x612/0x96a fs/fuse/cuse.c:518 misc_open+0x398/0x4c0 drivers/char/misc.c:141 chrdev_open+0x270/0x7c0 fs/char_dev.c:417 do_dentry_open+0x48a/0x1210 fs/open.c:771 vfs_open+0xa0/0xd0 fs/open.c:880 do_last fs/namei.c:3418 [inline] path_openat+0x144f/0x5650 fs/namei.c:3534 do_filp_open+0x26f/0x370 fs/namei.c:3564 do_sys_open+0x59a/0x7c0 fs/open.c:1063 __do_sys_openat fs/open.c:1090 [inline] __se_sys_openat fs/open.c:1084 [inline] __x64_sys_openat+0x9d/0x100 fs/open.c:1084 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe } ... key at: [] __key.43074+0x0/0x40 ... acquired at: lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [inline] aio_poll+0x7b9/0x14e0 fs/aio.c:1772 __io_submit_one fs/aio.c:1875 [inline] io_submit_one+0xc39/0x1050 fs/aio.c:1908 __do_sys_io_submit fs/aio.c:1953 [inline] __se_sys_io_submit fs/aio.c:1923 [inline] __x64_sys_io_submit+0x1c4/0x5d0 fs/aio.c:1923 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe stack backtrace: CPU: 0 PID: 11640 Comm: syz-executor1 Not tainted 5.0.0-rc4+ #51 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1db/0x2d0 lib/dump_stack.c:113 print_bad_irq_dependency kernel/locking/lockdep.c:1573 [inline] check_usage.cold+0x5e2/0x917 kernel/locking/lockdep.c:1605 check_irq_usage kernel/locking/lockdep.c:1661 [inline] check_prev_add_irq kernel/locking/lockdep_states.h:8 [inline] check_prev_add kernel/locking/lockdep.c:1871 [inline] check_prevs_add kernel/locking/lockdep.c:1979 [inline] validate_chain kernel/locking/lockdep.c:2350 [inline] __lock_acquire+0x2169/0x4a30 kernel/locking/lockdep.c:3338 lock_acquire+0x1db/0x570 kernel/locking/lockdep.c:3841 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:329 [inline] aio_poll+0x7b9/0x14e0 fs/aio.c:1772 __io_submit_one fs/aio.c:1875 [inline] io_submit_one+0xc39/0x1050 fs/aio.c:1908 __do_sys_io_submit fs/aio.c:1953 [inline] __se_sys_io_submit fs/aio.c:1923 [inline] __x64_sys_io_submit+0x1c4/0x5d0 fs/aio.c:1923 do_syscall_64+0x1a3/0x800 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x458089 Code: 6d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f3245f9dc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458089 RDX: 0000000020000280 RSI: 0000000000000001 RDI: 00007f3245f7d000 RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3245f9e6d4 R13: 00000000004bf2ab R14: 00000000004d0ad8 R15: 00000000ffffffff Kernel Offset: disabled Rebooting in 86400 seconds..