BUG: sleeping function called from invalid context at kernel/printk/printk.c:2656 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 22, name: kworker/1:0 preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 3 locks held by kworker/1:0/22: #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a0/0x14b0 kernel/workqueue.c:2260 #1: ffffc900001c7db8 ((work_completion)(&gsm->tx_work)){+.+.}-{0:0}, at: process_one_work+0x7cf/0x14b0 kernel/workqueue.c:2264 #2: ffff88807d3b93e0 (&gsm->tx_lock){....}-{2:2}, at: gsmld_write_task+0x2c/0xd60 drivers/tty/n_gsm.c:3192 irq event stamp: 106430 hardirqs last enabled at (106429): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline] hardirqs last enabled at (106429): [] _raw_spin_unlock_irq+0x1f/0x40 kernel/locking/spinlock.c:202 hardirqs last disabled at (106430): [] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline] hardirqs last disabled at (106430): [] _raw_spin_lock_irqsave+0x4e/0x50 kernel/locking/spinlock.c:162 softirqs last enabled at (106408): [] spin_unlock_bh include/linux/spinlock.h:395 [inline] softirqs last enabled at (106408): [] nsim_dev_trap_report drivers/net/netdevsim/dev.c:823 [inline] softirqs last enabled at (106408): [] nsim_dev_trap_report_work+0x7fd/0xbc0 drivers/net/netdevsim/dev.c:853 softirqs last disabled at (106406): [] spin_lock_bh include/linux/spinlock.h:355 [inline] softirqs last disabled at (106406): [] nsim_dev_trap_report drivers/net/netdevsim/dev.c:819 [inline] softirqs last disabled at (106406): [] nsim_dev_trap_report_work+0x79b/0xbc0 drivers/net/netdevsim/dev.c:853 Preemption disabled at: [<0000000000000000>] 0x0 CPU: 1 PID: 22 Comm: kworker/1:0 Not tainted 6.2.0-rc7-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 Workqueue: events gsmld_write_task Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x57/0x7d lib/dump_stack.c:106 __might_resched.cold+0x222/0x26b kernel/sched/core.c:10042 console_lock+0x11/0x60 kernel/printk/printk.c:2656 do_con_write+0xf2/0x1990 drivers/tty/vt/vt.c:2908 con_write+0xb/0x20 drivers/tty/vt/vt.c:3295 gsmld_output drivers/tty/n_gsm.c:3159 [inline] gsm_send_packet+0x35d/0x930 drivers/tty/n_gsm.c:947 gsm_data_kick drivers/tty/n_gsm.c:1009 [inline] gsmld_write_task+0x1d6/0xd60 drivers/tty/n_gsm.c:3194 process_one_work+0x8ba/0x14b0 kernel/workqueue.c:2289 worker_thread+0x598/0xec0 kernel/workqueue.c:2436 kthread+0x294/0x330 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 ===================================================== WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected 6.2.0-rc7-syzkaller #0 Tainted: G W ----------------------------------------------------- kworker/1:0/22 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: ffffffff8b16e580 (console_lock){+.+.}-{0:0}, at: do_con_write+0xf2/0x1990 drivers/tty/vt/vt.c:2908 and this task is already holding: ffff88807d3b93e0 (&gsm->tx_lock){..-.}-{2:2}, at: gsmld_write_task+0x2c/0xd60 drivers/tty/n_gsm.c:3192 which would create a new lock dependency: (&gsm->tx_lock){..-.}-{2:2} -> (console_lock){+.+.}-{0:0} but this new dependency connects a SOFTIRQ-irq-safe lock: (&gsm->tx_lock){..-.}-{2:2} ... which became SOFTIRQ-irq-safe at: lock_acquire kernel/locking/lockdep.c:5668 [inline] lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:162 gsm_send.isra.0+0x32d/0x840 drivers/tty/n_gsm.c:819 gsm_command drivers/tty/n_gsm.c:883 [inline] gsm_dlci_begin_close+0x111/0x1f0 drivers/tty/n_gsm.c:2268 gsm_dlci_t1+0x1a4/0x530 drivers/tty/n_gsm.c:2163 call_timer_fn+0x19b/0x5b0 kernel/time/timer.c:1700 expire_timers+0x259/0x4e0 kernel/time/timer.c:1751 __run_timers kernel/time/timer.c:2022 [inline] __run_timers kernel/time/timer.c:1995 [inline] run_timer_softirq+0x292/0x790 kernel/time/timer.c:2035 __do_softirq+0x1f7/0xad8 kernel/softirq.c:571 invoke_softirq kernel/softirq.c:445 [inline] __irq_exit_rcu+0x123/0x180 kernel/softirq.c:650 irq_exit_rcu+0x5/0x20 kernel/softirq.c:662 sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1107 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:649 rep_nop arch/x86/include/asm/vdso/processor.h:13 [inline] cpu_relax arch/x86/include/asm/vdso/processor.h:18 [inline] csd_lock_wait kernel/smp.c:413 [inline] smp_call_function_many_cond+0x34c/0xc90 kernel/smp.c:987 on_each_cpu_cond_mask+0x3f/0x70 kernel/smp.c:1155 on_each_cpu include/linux/smp.h:71 [inline] text_poke_sync arch/x86/kernel/alternative.c:1772 [inline] text_poke_bp_batch+0x22e/0x6b0 arch/x86/kernel/alternative.c:1963 text_poke_flush arch/x86/kernel/alternative.c:2131 [inline] text_poke_flush arch/x86/kernel/alternative.c:2128 [inline] text_poke_finish+0x16/0x30 arch/x86/kernel/alternative.c:2138 arch_jump_label_transform_apply+0x13/0x20 arch/x86/kernel/jump_label.c:146 static_key_enable_cpuslocked+0x15f/0x220 kernel/jump_label.c:205 static_key_enable+0x11/0x20 kernel/jump_label.c:218 toggle_allocation_gate mm/kfence/core.c:799 [inline] toggle_allocation_gate+0xd7/0x1e0 mm/kfence/core.c:791 process_one_work+0x8ba/0x14b0 kernel/workqueue.c:2289 worker_thread+0x598/0xec0 kernel/workqueue.c:2436 kthread+0x294/0x330 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 to a SOFTIRQ-irq-unsafe lock: (console_lock){+.+.}-{0:0} ... which became SOFTIRQ-irq-unsafe at: ... lock_acquire kernel/locking/lockdep.c:5668 [inline] lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633 console_lock+0x40/0x60 kernel/printk/printk.c:2658 con_init+0xd/0x5d0 drivers/tty/vt/vt.c:3488 console_init+0x26b/0x383 kernel/printk/printk.c:3560 start_kernel+0x24c/0x332 init/main.c:1077 secondary_startup_64_no_verify+0xce/0xdb other info that might help us debug this: Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(console_lock); local_irq_disable(); lock(&gsm->tx_lock); lock(console_lock); lock(&gsm->tx_lock); *** DEADLOCK *** 3 locks held by kworker/1:0/22: #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: arch_atomic_long_set include/linux/atomic/atomic-long.h:41 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: atomic_long_set include/linux/atomic/atomic-instrumented.h:1280 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:636 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:663 [inline] #0: ffff888010c70d38 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a0/0x14b0 kernel/workqueue.c:2260 #1: ffffc900001c7db8 ((work_completion)(&gsm->tx_work)){+.+.}-{0:0}, at: process_one_work+0x7cf/0x14b0 kernel/workqueue.c:2264 #2: ffff88807d3b93e0 (&gsm->tx_lock){..-.}-{2:2}, at: gsmld_write_task+0x2c/0xd60 drivers/tty/n_gsm.c:3192 the dependencies between SOFTIRQ-irq-safe lock and the holding lock: -> (&gsm->tx_lock){..-.}-{2:2} { IN-SOFTIRQ-W at: lock_acquire kernel/locking/lockdep.c:5668 [inline] lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:162 gsm_send.isra.0+0x32d/0x840 drivers/tty/n_gsm.c:819 gsm_command drivers/tty/n_gsm.c:883 [inline] gsm_dlci_begin_close+0x111/0x1f0 drivers/tty/n_gsm.c:2268 gsm_dlci_t1+0x1a4/0x530 drivers/tty/n_gsm.c:2163 call_timer_fn+0x19b/0x5b0 kernel/time/timer.c:1700 expire_timers+0x259/0x4e0 kernel/time/timer.c:1751 __run_timers kernel/time/timer.c:2022 [inline] __run_timers kernel/time/timer.c:1995 [inline] run_timer_softirq+0x292/0x790 kernel/time/timer.c:2035 __do_softirq+0x1f7/0xad8 kernel/softirq.c:571 invoke_softirq kernel/softirq.c:445 [inline] __irq_exit_rcu+0x123/0x180 kernel/softirq.c:650 irq_exit_rcu+0x5/0x20 kernel/softirq.c:662 sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1107 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:649 rep_nop arch/x86/include/asm/vdso/processor.h:13 [inline] cpu_relax arch/x86/include/asm/vdso/processor.h:18 [inline] csd_lock_wait kernel/smp.c:413 [inline] smp_call_function_many_cond+0x34c/0xc90 kernel/smp.c:987 on_each_cpu_cond_mask+0x3f/0x70 kernel/smp.c:1155 on_each_cpu include/linux/smp.h:71 [inline] text_poke_sync arch/x86/kernel/alternative.c:1772 [inline] text_poke_bp_batch+0x22e/0x6b0 arch/x86/kernel/alternative.c:1963 text_poke_flush arch/x86/kernel/alternative.c:2131 [inline] text_poke_flush arch/x86/kernel/alternative.c:2128 [inline] text_poke_finish+0x16/0x30 arch/x86/kernel/alternative.c:2138 arch_jump_label_transform_apply+0x13/0x20 arch/x86/kernel/jump_label.c:146 static_key_enable_cpuslocked+0x15f/0x220 kernel/jump_label.c:205 static_key_enable+0x11/0x20 kernel/jump_label.c:218 toggle_allocation_gate mm/kfence/core.c:799 [inline] toggle_allocation_gate+0xd7/0x1e0 mm/kfence/core.c:791 process_one_work+0x8ba/0x14b0 kernel/workqueue.c:2289 worker_thread+0x598/0xec0 kernel/workqueue.c:2436 kthread+0x294/0x330 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5668 [inline] lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x39/0x50 kernel/locking/spinlock.c:162 gsm_send.isra.0+0x32d/0x840 drivers/tty/n_gsm.c:819 gsm_command drivers/tty/n_gsm.c:883 [inline] gsm_dlci_begin_open+0x2b2/0x580 drivers/tty/n_gsm.c:2215 gsm_config drivers/tty/n_gsm.c:3136 [inline] gsmld_ioctl+0x868/0x10f0 drivers/tty/n_gsm.c:3471 tty_ioctl+0x4b9/0x11d0 drivers/tty/tty_io.c:2784 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:870 [inline] __se_sys_ioctl fs/ioctl.c:856 [inline] __x64_sys_ioctl+0x11f/0x190 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd } ... key at: [] __key.9+0x0/0x40 the dependencies between the lock to be acquired and SOFTIRQ-irq-unsafe lock: -> (console_lock){+.+.}-{0:0} { HARDIRQ-ON-W at: lock_acquire kernel/locking/lockdep.c:5668 [inline] lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633 console_lock+0x40/0x60 kernel/printk/printk.c:2658 con_init+0xd/0x5d0 drivers/tty/vt/vt.c:3488 console_init+0x26b/0x383 kernel/printk/printk.c:3560 start_kernel+0x24c/0x332 init/main.c:1077 secondary_startup_64_no_verify+0xce/0xdb SOFTIRQ-ON-W at: lock_acquire kernel/locking/lockdep.c:5668 [inline] lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633 console_lock+0x40/0x60 kernel/printk/printk.c:2658 con_init+0xd/0x5d0 drivers/tty/vt/vt.c:3488 console_init+0x26b/0x383 kernel/printk/printk.c:3560 start_kernel+0x24c/0x332 init/main.c:1077 secondary_startup_64_no_verify+0xce/0xdb INITIAL USE at: } ... key at: [] console_lock_dep_map+0x0/0x60 ... acquired at: lock_acquire kernel/locking/lockdep.c:5668 [inline] lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633 console_lock+0x40/0x60 kernel/printk/printk.c:2658 do_con_write+0xf2/0x1990 drivers/tty/vt/vt.c:2908 con_write+0xb/0x20 drivers/tty/vt/vt.c:3295 gsmld_output drivers/tty/n_gsm.c:3159 [inline] gsm_send_packet+0x35d/0x930 drivers/tty/n_gsm.c:947 gsm_data_kick drivers/tty/n_gsm.c:1009 [inline] gsmld_write_task+0x1d6/0xd60 drivers/tty/n_gsm.c:3194 process_one_work+0x8ba/0x14b0 kernel/workqueue.c:2289 worker_thread+0x598/0xec0 kernel/workqueue.c:2436 kthread+0x294/0x330 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 stack backtrace: CPU: 1 PID: 22 Comm: kworker/1:0 Tainted: G W 6.2.0-rc7-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 Workqueue: events gsmld_write_task Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x57/0x7d lib/dump_stack.c:106 print_bad_irq_dependency kernel/locking/lockdep.c:2611 [inline] check_irq_usage.cold+0x4e4/0x761 kernel/locking/lockdep.c:2850 check_prev_add kernel/locking/lockdep.c:3101 [inline] check_prevs_add kernel/locking/lockdep.c:3216 [inline] validate_chain kernel/locking/lockdep.c:3831 [inline] __lock_acquire+0x2a5b/0x56d0 kernel/locking/lockdep.c:5055 lock_acquire kernel/locking/lockdep.c:5668 [inline] lock_acquire+0x1df/0x630 kernel/locking/lockdep.c:5633 console_lock+0x40/0x60 kernel/printk/printk.c:2658 do_con_write+0xf2/0x1990 drivers/tty/vt/vt.c:2908 con_write+0xb/0x20 drivers/tty/vt/vt.c:3295 gsmld_output drivers/tty/n_gsm.c:3159 [inline] gsm_send_packet+0x35d/0x930 drivers/tty/n_gsm.c:947 gsm_data_kick drivers/tty/n_gsm.c:1009 [inline] gsmld_write_task+0x1d6/0xd60 drivers/tty/n_gsm.c:3194 process_one_work+0x8ba/0x14b0 kernel/workqueue.c:2289 worker_thread+0x598/0xec0 kernel/workqueue.c:2436 kthread+0x294/0x330 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 BUG: sleeping function called from invalid context at kernel/printk/printk.c:2656 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 22, name: kworker/1:0 preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 INFO: lockdep is turned off. irq event stamp: 106430 hardirqs last enabled at (106429): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline] hardirqs last enabled at (106429): [] _raw_spin_unlock_irq+0x1f/0x40 kernel/locking/spinlock.c:202 hardirqs last disabled at (106430): [] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline] hardirqs last disabled at (106430): [] _raw_spin_lock_irqsave+0x4e/0x50 kernel/locking/spinlock.c:162 softirqs last enabled at (106408): [] spin_unlock_bh include/linux/spinlock.h:395 [inline] softirqs last enabled at (106408): [] nsim_dev_trap_report drivers/net/netdevsim/dev.c:823 [inline] softirqs last enabled at (106408): [] nsim_dev_trap_report_work+0x7fd/0xbc0 drivers/net/netdevsim/dev.c:853 softirqs last disabled at (106406): [] spin_lock_bh include/linux/spinlock.h:355 [inline] softirqs last disabled at (106406): [] nsim_dev_trap_report drivers/net/netdevsim/dev.c:819 [inline] softirqs last disabled at (106406): [] nsim_dev_trap_report_work+0x79b/0xbc0 drivers/net/netdevsim/dev.c:853 Preemption disabled at: [<0000000000000000>] 0x0 CPU: 1 PID: 22 Comm: kworker/1:0 Tainted: G W 6.2.0-rc7-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023 Workqueue: events gsmld_write_task Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x57/0x7d lib/dump_stack.c:106 __might_resched.cold+0x222/0x26b kernel/sched/core.c:10042 console_lock+0x11/0x60 kernel/printk/printk.c:2656 do_con_write+0xf2/0x1990 drivers/tty/vt/vt.c:2908 con_write+0xb/0x20 drivers/tty/vt/vt.c:3295 gsmld_output drivers/tty/n_gsm.c:3159 [inline] gsm_send_packet+0x35d/0x930 drivers/tty/n_gsm.c:947 gsm_data_kick drivers/tty/n_gsm.c:1009 [inline] gsmld_write_task+0x1d6/0xd60 drivers/tty/n_gsm.c:3194 process_one_work+0x8ba/0x14b0 kernel/workqueue.c:2289 worker_thread+0x598/0xec0 kernel/workqueue.c:2436 kthread+0x294/0x330 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308