================================ WARNING: inconsistent lock state 4.17.0-rc2+ #22 Not tainted -------------------------------- inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage. syz-fuzzer/4478 [HC1[1]:SC0[0]:HE0:SE1] takes: (ptrval) (fs_reclaim){?.+.}, at: fs_reclaim_acquire.part.82+0x0/0x30 mm/page_alloc.c:463 {HARDIRQ-ON-W} state was registered at: lock_acquire+0x1dc/0x520 kernel/locking/lockdep.c:3920 fs_reclaim_acquire.part.82+0x24/0x30 mm/page_alloc.c:3739 fs_reclaim_acquire+0x14/0x20 mm/page_alloc.c:3740 slab_pre_alloc_hook mm/slab.h:418 [inline] slab_alloc_node mm/slab.c:3299 [inline] kmem_cache_alloc_node_trace+0x39/0x770 mm/slab.c:3661 kmalloc_node include/linux/slab.h:550 [inline] kzalloc_node include/linux/slab.h:712 [inline] alloc_worker+0xbd/0x2e0 kernel/workqueue.c:1704 init_rescuer.part.25+0x1f/0x190 kernel/workqueue.c:4000 init_rescuer kernel/workqueue.c:3997 [inline] workqueue_init+0x51f/0x7d0 kernel/workqueue.c:5732 kernel_init_freeable+0x2ad/0x58e init/main.c:1115 kernel_init+0x11/0x1b3 init/main.c:1053 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:412 irq event stamp: 377518 hardirqs last enabled at (377517): [] entry_SYSCALL_64_after_hwframe+0x59/0xbe hardirqs last disabled at (377518): [] interrupt_entry+0x8b/0xf0 arch/x86/entry/entry_64.S:618 softirqs last enabled at (377498): [] __do_softirq+0x778/0xaf5 kernel/softirq.c:311 softirqs last disabled at (377471): [] invoke_softirq kernel/softirq.c:365 [inline] softirqs last disabled at (377471): [] irq_exit+0x1d1/0x200 kernel/softirq.c:405 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(fs_reclaim); lock(fs_reclaim); *** DEADLOCK *** no locks held by syz-fuzzer/4478. stack backtrace: CPU: 1 PID: 4478 Comm: syz-fuzzer Not tainted 4.17.0-rc2+ #22 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1b9/0x294 lib/dump_stack.c:113 print_usage_bug.cold.59+0x320/0x41a kernel/locking/lockdep.c:2542 valid_state kernel/locking/lockdep.c:2555 [inline] mark_lock_irq kernel/locking/lockdep.c:2749 [inline] mark_lock+0x1034/0x19e0 kernel/locking/lockdep.c:3147 mark_irqflags kernel/locking/lockdep.c:3022 [inline] __lock_acquire+0x1595/0x5140 kernel/locking/lockdep.c:3388 lock_acquire+0x1dc/0x520 kernel/locking/lockdep.c:3920 fs_reclaim_acquire.part.82+0x24/0x30 mm/page_alloc.c:3739 fs_reclaim_acquire+0x14/0x20 mm/page_alloc.c:3740 slab_pre_alloc_hook mm/slab.h:418 [inline] slab_alloc mm/slab.c:3378 [inline] __do_kmalloc mm/slab.c:3716 [inline] __kmalloc+0x45/0x760 mm/slab.c:3727 kmalloc_array include/linux/slab.h:631 [inline] kcalloc include/linux/slab.h:642 [inline] numa_crng_init drivers/char/random.c:798 [inline] crng_reseed+0x427/0x920 drivers/char/random.c:923 credit_entropy_bits+0x98d/0xa30 drivers/char/random.c:708 add_interrupt_randomness+0x494/0x860 drivers/char/random.c:1254 handle_irq_event_percpu+0xf9/0x1c0 kernel/irq/handle.c:191 handle_irq_event+0xa7/0x135 kernel/irq/handle.c:206 handle_edge_irq+0x20f/0x870 kernel/irq/chip.c:791 generic_handle_irq_desc include/linux/irqdesc.h:159 [inline] handle_irq+0x18c/0x2e7 arch/x86/kernel/irq_64.c:77 do_IRQ+0x78/0x190 arch/x86/kernel/irq.c:245 common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:642 RIP: 0033:0x40d7b3 RSP: 002b:000000c4263191b0 EFLAGS: 00000206 ORIG_RAX: ffffffffffffffd5 RAX: 000000000080bfa0 RBX: 0000000000000000 RCX: 000000000081b260 RDX: 000000000000004e RSI: 028876ff5d078e00 RDI: 00007fe138f9e028 RBP: 000000c426319238 R08: 0000000001db7b40 R09: 000000000080bfa0 R10: 0000000000942914 R11: 0000000000000004 R12: 0000000000000000 R13: 0000000000000020 R14: 0000000000000013 R15: 000000c428cf0fe8 BUG: sleeping function called from invalid context at mm/slab.h:421 in_atomic(): 1, irqs_disabled(): 1, pid: 4478, name: syz-fuzzer INFO: lockdep is turned off. irq event stamp: 377518 hardirqs last enabled at (377517): [] entry_SYSCALL_64_after_hwframe+0x59/0xbe hardirqs last disabled at (377518): [] interrupt_entry+0x8b/0xf0 arch/x86/entry/entry_64.S:618 softirqs last enabled at (377498): [] __do_softirq+0x778/0xaf5 kernel/softirq.c:311 softirqs last disabled at (377471): [] invoke_softirq kernel/softirq.c:365 [inline] softirqs last disabled at (377471): [] irq_exit+0x1d1/0x200 kernel/softirq.c:405 CPU: 1 PID: 4478 Comm: syz-fuzzer Not tainted 4.17.0-rc2+ #22 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1b9/0x294 lib/dump_stack.c:113 ___might_sleep.cold.87+0x11f/0x13a kernel/sched/core.c:6188 __might_sleep+0x95/0x190 kernel/sched/core.c:6141 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3378 [inline] __do_kmalloc mm/slab.c:3716 [inline] __kmalloc+0x2b9/0x760 mm/slab.c:3727 kmalloc_array include/linux/slab.h:631 [inline] kcalloc include/linux/slab.h:642 [inline] numa_crng_init drivers/char/random.c:798 [inline] crng_reseed+0x427/0x920 drivers/char/random.c:923 credit_entropy_bits+0x98d/0xa30 drivers/char/random.c:708 add_interrupt_randomness+0x494/0x860 drivers/char/random.c:1254 handle_irq_event_percpu+0xf9/0x1c0 kernel/irq/handle.c:191 handle_irq_event+0xa7/0x135 kernel/irq/handle.c:206 handle_edge_irq+0x20f/0x870 kernel/irq/chip.c:791 generic_handle_irq_desc include/linux/irqdesc.h:159 [inline] handle_irq+0x18c/0x2e7 arch/x86/kernel/irq_64.c:77 do_IRQ+0x78/0x190 arch/x86/kernel/irq.c:245 common_interrupt+0xf/0xf arch/x86/entry/entry_64.S:642 RIP: 0033:0x40d7b3 RSP: 002b:000000c4263191b0 EFLAGS: 00000206 ORIG_RAX: ffffffffffffffd5 RAX: 000000000080bfa0 RBX: 0000000000000000 RCX: 000000000081b260 RDX: 000000000000004e RSI: 028876ff5d078e00 RDI: 00007fe138f9e028 RBP: 000000c426319238 R08: 0000000001db7b40 R09: 000000000080bfa0 R10: 0000000000942914 R11: 0000000000000004 R12: 0000000000000000 R13: 0000000000000020 R14: 0000000000000013 R15: 000000c428cf0fe8 random: crng init done netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. device bridge0 entered promiscuous mode netlink: 12 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. device bridge0 left promiscuous mode device bridge0 entered promiscuous mode kernel msg: ebtables bug: please report to author: Valid hook without chain kernel msg: ebtables bug: please report to author: Valid hook without chain device bridge0 left promiscuous mode device bridge0 entered promiscuous mode device bridge0 left promiscuous mode device bridge0 entered promiscuous mode device bridge0 entered promiscuous mode kernel msg: ebtables bug: please report to author: Valid hook without chain kernel msg: ebtables bug: please report to author: Valid hook without chain device bridge0 left promiscuous mode device bridge0 left promiscuous mode nla_parse: 19 callbacks suppressed netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. kernel msg: ebtables bug: please report to author: Valid hook without chain device bridge0 entered promiscuous mode netlink: 3 bytes leftover after parsing attributes in process `syz-executor6'. kernel msg: ebtables bug: please report to author: Valid hook without chain device bridge0 entered promiscuous mode netlink: 12 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor6'. device bridge0 entered promiscuous mode netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor2'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. kernel msg: ebtables bug: please report to author: Valid hook without chain kernel msg: ebtables bug: please report to author: Valid hook without chain device bridge0 left promiscuous mode device bridge0 left promiscuous mode device bridge0 left promiscuous mode device bridge0 entered promiscuous mode device bridge0 entered promiscuous mode device bridge0 entered promiscuous mode device bridge0 entered promiscuous mode device bridge0 left promiscuous mode device bridge0 left promiscuous mode device bridge0 left promiscuous mode device bridge0 left promiscuous mode device bridge0 entered promiscuous mode device bridge0 entered promiscuous mode device bridge0 entered promiscuous mode device bridge0 left promiscuous mode device bridge0 left promiscuous mode device bridge0 left promiscuous mode device bridge0 entered promiscuous mode device bridge0 left promiscuous mode kernel msg: ebtables bug: please report to author: entry offsets not in right order kernel msg: ebtables bug: please report to author: entry offsets not in right order kernel msg: ebtables bug: please report to author: entry offsets not in right order kernel msg: ebtables bug: please report to author: entry offsets not in right order netlink: 'syz-executor5': attribute type 16 has an invalid length. netlink: 'syz-executor5': attribute type 16 has an invalid length. netlink: 'syz-executor5': attribute type 16 has an invalid length. netlink: 'syz-executor5': attribute type 16 has an invalid length. device bridge0 entered promiscuous mode device bridge0 left promiscuous mode