=============================
[ BUG: Invalid wait context ]
6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 Not tainted
-----------------------------
kworker/u4:8/1041 is trying to lock:
ffffc900019d7410 (&gpc->lock){....}-{3:3}, at: kvm_xen_set_evtchn_fast+0x1fb/0x9b0 arch/x86/kvm/xen.c:1820
other info that might help us debug this:
context-{2:2}
6 locks held by kworker/u4:8/1041:
#0: ffff88801a479148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3213 [inline]
#0: ffff88801a479148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 kernel/workqueue.c:3321
#1: ffffc900025efbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3214 [inline]
#1: ffffc900025efbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 kernel/workqueue.c:3321
#2: ffff888052945250 (&devlink->lock_key){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xb80 drivers/net/netdevsim/dev.c:838
#3: ffff88804066bce0 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: spin_lock include/linux/spinlock.h:351 [inline]
#3: ffff88804066bce0 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report drivers/net/netdevsim/dev.c:791 [inline]
#3: ffff88804066bce0 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1a9/0xb80 drivers/net/netdevsim/dev.c:851
#4: ffffffff8e13ee20 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
#4: ffffffff8e13ee20 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]
#4: ffffffff8e13ee20 (rcu_read_lock){....}-{1:3}, at: class_rcu_constructor include/linux/rcupdate.h:1155 [inline]
#4: ffffffff8e13ee20 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame+0xa5/0x2390 arch/x86/kernel/unwind_orc.c:479
#5: ffffc900019d7960 (&kvm->srcu){.?.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:161 [inline]
#5: ffffc900019d7960 (&kvm->srcu){.?.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:253 [inline]
#5: ffffc900019d7960 (&kvm->srcu){.?.+}-{0:0}, at: kvm_xen_set_evtchn_fast+0x1c3/0x9b0 arch/x86/kvm/xen.c:1818
stack backtrace:
CPU: 0 UID: 0 PID: 1041 Comm: kworker/u4:8 Not tainted 6.16.0-rc4-syzkaller-00123-g4c06e63b9203 #0 PREEMPT(full)
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Workqueue: events_unbound nsim_dev_trap_report_work
Call Trace:
dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
print_lock_invalid_wait_context kernel/locking/lockdep.c:4833 [inline]
check_wait_context kernel/locking/lockdep.c:4905 [inline]
__lock_acquire+0xbcb/0xd20 kernel/locking/lockdep.c:5190
lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5871
__raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline]
_raw_read_lock_irqsave+0xaf/0x100 kernel/locking/spinlock.c:236
kvm_xen_set_evtchn_fast+0x1fb/0x9b0 arch/x86/kvm/xen.c:1820
xen_timer_callback+0x109/0x220 arch/x86/kvm/xen.c:140
__run_hrtimer kernel/time/hrtimer.c:1761 [inline]
__hrtimer_run_queues+0x4e0/0xc60 kernel/time/hrtimer.c:1825
hrtimer_interrupt+0x45b/0xaa0 kernel/time/hrtimer.c:1887
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1039 [inline]
__sysvec_apic_timer_interrupt+0x10b/0x410 arch/x86/kernel/apic/apic.c:1056
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
sysvec_apic_timer_interrupt+0xa1/0xc0 arch/x86/kernel/apic/apic.c:1050
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__orc_find arch/x86/kernel/unwind_orc.c:100 [inline]
RIP: 0010:orc_find arch/x86/kernel/unwind_orc.c:227 [inline]
RIP: 0010:unwind_next_frame+0x12e3/0x2390 arch/x86/kernel/unwind_orc.c:494
Code: 18 48 8b 10 48 c7 c7 a0 39 88 8b 89 de e8 35 f1 b4 ff e9 43 06 00 00 49 89 d5 48 89 d5 48 89 d8 48 29 e8 48 89 c1 48 c1 f9 02 <48> c1 e8 3f 48 01 c8 48 83 e0 fe 4c 8d 3c 45 00 00 00 00 49 01 ef
RSP: 0018:ffffc900025ef478 EFLAGS: 00000202
RAX: 0000000000000010 RBX: ffffffff8fb897f8 RCX: 0000000000000004
RDX: ffffffff8fb897e8 RSI: ffffffff9035e2d0 RDI: ffffffff8be28f60
RBP: ffffffff8fb897e8 R08: 000000000000000c R09: ffffffff81729af5
R10: ffffc900025ef598 R11: ffffffff81acf6d0 R12: ffffffff81acf67b
R13: ffffffff8fb897e8 R14: ffffc900025ef548 R15: ffffffff8fb897fc
arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
stack_trace_save+0x9c/0xe0 kernel/stacktrace.c:122
kasan_save_stack mm/kasan/common.c:47 [inline]
kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
unpoison_slab_object mm/kasan/common.c:319 [inline]
__kasan_slab_alloc+0x6c/0x80 mm/kasan/common.c:345
kasan_slab_alloc include/linux/kasan.h:250 [inline]
slab_post_alloc_hook mm/slub.c:4148 [inline]
slab_alloc_node mm/slub.c:4197 [inline]
kmem_cache_alloc_node_noprof+0x1bb/0x3c0 mm/slub.c:4249
__alloc_skb+0x112/0x2d0 net/core/skbuff.c:660
alloc_skb include/linux/skbuff.h:1336 [inline]
nsim_dev_trap_skb_build drivers/net/netdevsim/dev.c:748 [inline]
nsim_dev_trap_report drivers/net/netdevsim/dev.c:805 [inline]
nsim_dev_trap_report_work+0x29a/0xb80 drivers/net/netdevsim/dev.c:851
process_one_work kernel/workqueue.c:3238 [inline]
process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321
worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402
kthread+0x70e/0x8a0 kernel/kthread.c:464
ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
----------------
Code disassembly (best guess), 1 bytes skipped:
0: 48 8b 10 mov (%rax),%rdx
3: 48 c7 c7 a0 39 88 8b mov $0xffffffff8b8839a0,%rdi
a: 89 de mov %ebx,%esi
c: e8 35 f1 b4 ff call 0xffb4f146
11: e9 43 06 00 00 jmp 0x659
16: 49 89 d5 mov %rdx,%r13
19: 48 89 d5 mov %rdx,%rbp
1c: 48 89 d8 mov %rbx,%rax
1f: 48 29 e8 sub %rbp,%rax
22: 48 89 c1 mov %rax,%rcx
25: 48 c1 f9 02 sar $0x2,%rcx
* 29: 48 c1 e8 3f shr $0x3f,%rax <-- trapping instruction
2d: 48 01 c8 add %rcx,%rax
30: 48 83 e0 fe and $0xfffffffffffffffe,%rax
34: 4c 8d 3c 45 00 00 00 lea 0x0(,%rax,2),%r15
3b: 00
3c: 49 01 ef add %rbp,%r15