hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network 8021q: adding VLAN 0 to HW filter on device batadv0 ============================= [ BUG: Invalid wait context ] 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0 Not tainted ----------------------------- syz-executor/8383 is trying to lock: ffffffff8eabdbb8 (kernfs_rename_lock){....}-{3:3}, at: kernfs_path_from_node+0x92/0xb00 fs/kernfs/dir.c:229 other info that might help us debug this: context-{5:5} 4 locks held by syz-executor/8383: #0: ffffffff8fcb2f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock net/core/rtnetlink.c:79 [inline] #0: ffffffff8fcb2f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_nets_lock net/core/rtnetlink.c:326 [inline] #0: ffffffff8fcb2f48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xce2/0x2210 net/core/rtnetlink.c:4011 #1: ffff8880b873e8d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 kernel/sched/core.c:598 #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline] #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline] #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2361 [inline] #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1fc/0x540 kernel/trace/bpf_trace.c:2403 #3: ffff888012824620 (&mm->mmap_lock){++++}-{4:4}, at: mmap_read_trylock include/linux/mmap_lock.h:163 [inline] #3: ffff888012824620 (&mm->mmap_lock){++++}-{4:4}, at: stack_map_get_build_id_offset+0x431/0x870 kernel/bpf/stackmap.c:157 stack backtrace: CPU: 1 UID: 0 PID: 8383 Comm: syz-executor Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_lock_invalid_wait_context kernel/locking/lockdep.c:4826 [inline] check_wait_context kernel/locking/lockdep.c:4898 [inline] __lock_acquire+0x15a8/0x2100 kernel/locking/lockdep.c:5176 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline] _raw_read_lock_irqsave+0xdd/0x130 kernel/locking/spinlock.c:236 kernfs_path_from_node+0x92/0xb00 fs/kernfs/dir.c:229 kernfs_path include/linux/kernfs.h:598 [inline] cgroup_path include/linux/cgroup.h:599 [inline] get_mm_memcg_path+0x95/0x350 mm/mmap_lock.c:59 __mmap_lock_do_trace_acquire_returned+0xfc/0x300 mm/mmap_lock.c:79 __mmap_lock_trace_acquire_returned include/linux/mmap_lock.h:36 [inline] mmap_read_trylock include/linux/mmap_lock.h:164 [inline] stack_map_get_build_id_offset+0x84d/0x870 kernel/bpf/stackmap.c:157 __bpf_get_stack+0x8da/0xad0 kernel/bpf/stackmap.c:483 ____bpf_get_stack kernel/bpf/stackmap.c:499 [inline] bpf_get_stack+0x33/0x50 kernel/bpf/stackmap.c:496 ____bpf_get_stack_raw_tp kernel/trace/bpf_trace.c:1944 [inline] bpf_get_stack_raw_tp+0x1a3/0x240 kernel/trace/bpf_trace.c:1934 bpf_prog_ec3b2eefa702d8d3+0x43/0x47 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline] __bpf_prog_run include/linux/filter.h:692 [inline] bpf_prog_run include/linux/filter.h:708 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2362 [inline] bpf_trace_run2+0x47d/0x540 kernel/trace/bpf_trace.c:2403 trace_tlb_flush+0x11c/0x140 include/trace/events/tlb.h:38 switch_mm_irqs_off+0x77a/0xa70 context_switch kernel/sched/core.c:5353 [inline] __schedule+0x10c8/0x4c30 kernel/sched/core.c:6756 preempt_schedule_irq+0xfb/0x1c0 kernel/sched/core.c:7078 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:lockdep_register_key+0x11f/0x3f0 kernel/locking/lockdep.c:1240 Code: 45 01 48 c7 c1 00 80 16 93 48 39 c8 76 18 4c 89 ef e8 55 6e 6b 00 84 c0 75 0c 4c 89 ef e8 69 4e 0f 00 84 c0 74 4d 90 0f 0b 90 <48> c7 44 24 20 0e 36 e0 45 4b c7 04 3e 00 00 00 00 66 43 c7 44 3e RSP: 0018:ffffc90003d9e9c0 EFLAGS: 00000206 RAX: 8fe4ee1df2b80500 RBX: 1ffff920007b3d40 RCX: ffffffff9a3ac903 RDX: 0000000000000001 RSI: ffffffff8c0aa620 RDI: ffffffff8c5fb220 RBP: ffffc90003d9ea90 R08: 0000000000000003 R09: fffff520007b3d24 R10: dffffc0000000000 R11: fffff520007b3d24 R12: ffffc90003d9ea00 R13: ffff888024eb8298 R14: dffffc0000000000 R15: 1ffff920007b3d3c qdisc_alloc+0x19f/0xa80 net/sched/sch_generic.c:959 qdisc_create_dflt+0x62/0x4b0 net/sched/sch_generic.c:1014 attach_one_default_qdisc net/sched/sch_generic.c:1180 [inline] netdev_for_each_tx_queue include/linux/netdevice.h:2562 [inline] attach_default_qdiscs net/sched/sch_generic.c:1198 [inline] dev_activate+0x3c0/0x1240 net/sched/sch_generic.c:1257 __dev_open+0x352/0x450 net/core/dev.c:1515 __dev_change_flags+0x1e2/0x6f0 net/core/dev.c:8968 dev_change_flags+0x8b/0x1a0 net/core/dev.c:9040 do_setlink+0xc90/0x4210 net/core/rtnetlink.c:3109 rtnl_changelink net/core/rtnetlink.c:3723 [inline] __rtnl_newlink net/core/rtnetlink.c:3875 [inline] rtnl_newlink+0x1bb6/0x2210 net/core/rtnetlink.c:4012 rtnetlink_rcv_msg+0x791/0xcf0 net/core/rtnetlink.c:6922 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:726 __sys_sendto+0x363/0x4c0 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2200 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f6e1458ebbc Code: Unable to access opcode bytes at 0x7f6e1458eb92. RSP: 002b:00007ffc56c37520 EFLAGS: 00000293 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f6e152d4620 RCX: 00007f6e1458ebbc RDX: 000000000000002c RSI: 00007f6e152d4670 RDI: 0000000000000003 RBP: 0000000000000000 R08: 00007ffc56c37574 R09: 000000000000000c R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 R13: 0000000000000000 R14: 00007f6e152d4670 R15: 0000000000000000 veth0_vlan: entered promiscuous mode veth1_vlan: entered promiscuous mode veth0_macvtap: entered promiscuous mode veth1_macvtap: entered promiscuous mode batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: batadv0: Interface activated: batadv_slave_0 batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: batadv0: Interface activated: batadv_slave_1 netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 ieee80211 phy24: Selected rate control algorithm 'minstrel_ht' ieee80211 phy25: Selected rate control algorithm 'minstrel_ht' ---------------- Code disassembly (best guess), 2 bytes skipped: 0: 48 c7 c1 00 80 16 93 mov $0xffffffff93168000,%rcx 7: 48 39 c8 cmp %rcx,%rax a: 76 18 jbe 0x24 c: 4c 89 ef mov %r13,%rdi f: e8 55 6e 6b 00 call 0x6b6e69 14: 84 c0 test %al,%al 16: 75 0c jne 0x24 18: 4c 89 ef mov %r13,%rdi 1b: e8 69 4e 0f 00 call 0xf4e89 20: 84 c0 test %al,%al 22: 74 4d je 0x71 24: 90 nop 25: 0f 0b ud2 27: 90 nop * 28: 48 c7 44 24 20 0e 36 movq $0x45e0360e,0x20(%rsp) <-- trapping instruction 2f: e0 45 31: 4b c7 04 3e 00 00 00 movq $0x0,(%r14,%r15,1) 38: 00 39: 66 data16 3a: 43 rex.XB 3b: c7 .byte 0xc7 3c: 44 rex.R 3d: 3e ds