============================= [ BUG: Invalid wait context ] 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 Not tainted ----------------------------- ksoftirqd/1/24 is trying to lock: ffff8880b863e8d8 (&dev->master_mutex){+.+.}-{4:4}, at: raw_spin_rq_lock_nested+0xb0/0x140 kernel/sched/core.c:606 other info that might help us debug this: context-{3:3} 2 locks held by ksoftirqd/1/24: #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2361 [inline] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run1+0x1d6/0x520 kernel/trace/bpf_trace.c:2402 #1: ffff88802e89c618 (&p->pi_lock){-.-.}-{2:2}, at: class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline] #1: ffff88802e89c618 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0xc2/0x1470 kernel/sched/core.c:4205 stack backtrace: CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc5-syzkaller-00006-g56e6a3499e14 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_lock_invalid_wait_context kernel/locking/lockdep.c:4826 [inline] check_wait_context kernel/locking/lockdep.c:4898 [inline] __lock_acquire+0x15a8/0x2100 kernel/locking/lockdep.c:5176 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849 _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378 raw_spin_rq_lock_nested+0xb0/0x140 kernel/sched/core.c:606 raw_spin_rq_lock kernel/sched/sched.h:1523 [inline] rq_lock kernel/sched/sched.h:1822 [inline] ttwu_queue kernel/sched/core.c:3991 [inline] try_to_wake_up+0x7e2/0x1470 kernel/sched/core.c:4321 hrtimer_wakeup+0x62/0x80 kernel/time/hrtimer.c:1975 __run_hrtimer kernel/time/hrtimer.c:1739 [inline] __hrtimer_run_queues+0x59d/0xd30 kernel/time/hrtimer.c:1803 hrtimer_interrupt+0x403/0xa40 kernel/time/hrtimer.c:1865 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1038 [inline] __sysvec_apic_timer_interrupt+0x112/0x420 arch/x86/kernel/apic/apic.c:1055 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline] sysvec_apic_timer_interrupt+0xa1/0xc0 arch/x86/kernel/apic/apic.c:1049 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x7d/0x90 kernel/kcov.c:323 Code: c1 e1 05 48 8d 41 28 4c 39 c8 77 1e 49 ff c2 4c 89 12 48 c7 44 11 08 07 00 00 00 48 89 7c 11 10 48 89 74 11 18 4c 89 44 11 20 c9 c7 50 0a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 RSP: 0018:ffffc900001e7318 EFLAGS: 00000246 RAX: 0000000000000100 RBX: 0000000000000003 RCX: ffff88801d2f0000 RDX: 0000000000000100 RSI: 0000000000000003 RDI: 0000000000000020 RBP: ffffc900001e75a0 R08: ffffffff81a1f23f R09: 1ffff11003ad0000 R10: dffffc0000000000 R11: ffffed1003ad0001 R12: 0000000000000003 R13: dffffc0000000000 R14: ffff88801d6800c8 R15: 0000000000000000 trace_recursive_lock kernel/trace/ring_buffer.c:3950 [inline] ring_buffer_lock_reserve+0x36f/0x21c0 kernel/trace/ring_buffer.c:4508 __trace_buffer_lock_reserve kernel/trace/trace.c:1020 [inline] trace_event_buffer_lock_reserve+0x2ab/0x6a0 kernel/trace/trace.c:2748 trace_event_buffer_reserve+0x2b7/0x3f0 kernel/trace/trace_events.c:654 do_trace_event_raw_event_bpf_trace_printk kernel/trace/bpf_trace.h:11 [inline] trace_event_raw_event_bpf_trace_printk+0x102/0x260 kernel/trace/bpf_trace.h:11 trace_bpf_trace_printk+0x186/0x1f0 kernel/trace/bpf_trace.h:11 ____bpf_trace_printk kernel/trace/bpf_trace.c:391 [inline] bpf_trace_printk+0x1bf/0x230 kernel/trace/bpf_trace.c:374 bpf_prog_0605f9f479290f07+0x38/0x40 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline] __bpf_prog_run include/linux/filter.h:701 [inline] bpf_prog_run include/linux/filter.h:708 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2362 [inline] bpf_trace_run1+0x2cc/0x520 kernel/trace/bpf_trace.c:2402 trace_rcu_utilization+0x1b4/0x1e0 include/trace/events/rcu.h:27 rcu_core+0x133/0x17a0 kernel/rcu/tree.c:2795 handle_softirqs+0x2d6/0x9b0 kernel/softirq.c:561 run_ksoftirqd+0xca/0x130 kernel/softirq.c:950 smpboot_thread_fn+0x546/0xa30 kernel/smpboot.c:164 kthread+0x2f2/0x390 kernel/kthread.c:389 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 vkms_vblank_simulate: vblank timer overrun ---------------- Code disassembly (best guess): 0: c1 e1 05 shl $0x5,%ecx 3: 48 8d 41 28 lea 0x28(%rcx),%rax 7: 4c 39 c8 cmp %r9,%rax a: 77 1e ja 0x2a c: 49 ff c2 inc %r10 f: 4c 89 12 mov %r10,(%rdx) 12: 48 c7 44 11 08 07 00 movq $0x7,0x8(%rcx,%rdx,1) 19: 00 00 1b: 48 89 7c 11 10 mov %rdi,0x10(%rcx,%rdx,1) 20: 48 89 74 11 18 mov %rsi,0x18(%rcx,%rdx,1) 25: 4c 89 44 11 20 mov %r8,0x20(%rcx,%rdx,1) * 2a: e9 c9 c7 50 0a jmp 0xa50c7f8 <-- trapping instruction 2f: 66 2e 0f 1f 84 00 00 cs nopw 0x0(%rax,%rax,1) 36: 00 00 00 39: 0f 1f 40 00 nopl 0x0(%rax) 3d: 90 nop 3e: 90 nop 3f: 90 nop