WARNING in enqueue_to_backlog
------------[ cut here ]------------
raw_local_irq_restore() called with IRQs enabled
WARNING: kernel/locking/irqflag-debug.c:10 at warn_bogus_irq_restore+0xc/0x20 kernel/locking/irqflag-debug.c:10, CPU#0: aoe_tx0/1317
Modules linked in:
CPU: 0 UID: 0 PID: 1317 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
RIP: 0010:warn_bogus_irq_restore+0xc/0x20 kernel/locking/irqflag-debug.c:10
Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 90 48 8d 3d 64 c2 37 04 <67> 48 0f b9 3a 90 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90
RSP: 0018:ffffc90004b6f728 EFLAGS: 00010293
RAX: ffffffff88eac6e0 RBX: 0000000000000001 RCX: ffff88802856bc80
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8f4ce510
RBP: ffff8880b883d720 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: fffffbfff1e9396f R12: ffff8880b883d738
R13: dffffc0000000000 R14: 0000000000000200 R15: ffff8880b883d718
FS: 0000000000000000(0000) GS:ffff888126578000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000555fa1fa0368 CR3: 000000003b9ec000 CR4: 00000000003526f0
Call Trace:
backlog_unlock_irq_restore net/core/dev.c:253 [inline]
enqueue_to_backlog+0x525/0xcf0 net/core/dev.c:5347
netif_rx_internal+0x120/0x550 net/core/dev.c:5659
__netif_rx+0xa9/0x110 net/core/dev.c:5679
loopback_xmit+0x43a/0x660 drivers/net/loopback.c:90
__netdev_start_xmit include/linux/netdevice.h:5275 [inline]
netdev_start_xmit include/linux/netdevice.h:5284 [inline]
xmit_one net/core/dev.c:3864 [inline]
dev_hard_start_xmit+0x2df/0x830 net/core/dev.c:3880
__dev_queue_xmit+0x16f4/0x3990 net/core/dev.c:4829
dev_queue_xmit include/linux/netdevice.h:3384 [inline]
tx+0x6b/0x190 drivers/block/aoe/aoenet.c:62
kthread+0x1e0/0x3f0 drivers/block/aoe/aoecmd.c:1241
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
----------------
Code disassembly (best guess):
0: cc int3
1: cc int3
2: cc int3
3: cc int3
4: cc int3
5: cc int3
6: cc int3
7: cc int3
8: cc int3
9: cc int3
a: cc int3
b: cc int3
c: cc int3
d: cc int3
e: 90 nop
f: 90 nop
10: 90 nop
11: 90 nop
12: 90 nop
13: 90 nop
14: 90 nop
15: 90 nop
16: 90 nop
17: 90 nop
18: 90 nop
19: 90 nop
1a: 90 nop
1b: 90 nop
1c: 90 nop
1d: 90 nop
1e: f3 0f 1e fa endbr64
22: 90 nop
23: 48 8d 3d 64 c2 37 04 lea 0x437c264(%rip),%rdi # 0x437c28e
* 2a: 67 48 0f b9 3a ud1 (%edx),%rdi <-- trapping instruction
2f: 90 nop
30: c3 ret
31: cc int3
32: cc int3
33: cc int3
34: cc int3
35: cc int3
36: cc int3
37: cc int3
38: cc int3
39: cc int3
3a: cc int3
3b: cc int3
3c: cc int3
3d: cc int3
3e: 90 nop
3f: 90 nop
[ 71.386039][ T1317] ------------[ cut here ]------------
[ 71.386054][ T1317] raw_local_irq_restore() called with IRQs enabled
[ 71.386069][ T1317] WARNING: kernel/locking/irqflag-debug.c:10 at warn_bogus_irq_restore+0xc/0x20, CPU#0: aoe_tx0/1317
[ 71.386121][ T1317] Modules linked in:
[ 71.386156][ T1317] CPU: 0 UID: 0 PID: 1317 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 71.386176][ T1317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 71.386190][ T1317] RIP: 0010:warn_bogus_irq_restore+0xc/0x20
[ 71.386210][ T1317] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 90 48 8d 3d 64 c2 37 04 <67> 48 0f b9 3a 90 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90
[ 71.386229][ T1317] RSP: 0018:ffffc90004b6f728 EFLAGS: 00010293
[ 71.386244][ T1317] RAX: ffffffff88eac6e0 RBX: 0000000000000001 RCX: ffff88802856bc80
[ 71.386257][ T1317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8f4ce510
[ 71.386269][ T1317] RBP: ffff8880b883d720 R08: 0000000000000000 R09: 0000000000000000
[ 71.386281][ T1317] R10: dffffc0000000000 R11: fffffbfff1e9396f R12: ffff8880b883d738
[ 71.386294][ T1317] R13: dffffc0000000000 R14: 0000000000000200 R15: ffff8880b883d718
[ 71.386307][ T1317] FS: 0000000000000000(0000) GS:ffff888126578000(0000) knlGS:0000000000000000
[ 71.386322][ T1317] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 71.386335][ T1317] CR2: 0000555fa1fa0368 CR3: 000000003b9ec000 CR4: 00000000003526f0
[ 71.386350][ T1317] Call Trace:
[ 71.386361][ T1317]
[ 71.386368][ T1317] enqueue_to_backlog+0x525/0xcf0
[ 71.386408][ T1317] netif_rx_internal+0x120/0x550
[ 71.386434][ T1317] ? __lock_acquire+0x6b5/0x2cf0
[ 71.386458][ T1317] ? __pfx_netif_rx_internal+0x10/0x10
[ 71.386480][ T1317] ? eth_type_trans+0x35e/0x6d0
[ 71.386497][ T1317] ? rcu_is_watching+0x15/0xb0
[ 71.386524][ T1317] __netif_rx+0xa9/0x110
[ 71.386544][ T1317] loopback_xmit+0x43a/0x660
[ 71.386577][ T1317] dev_hard_start_xmit+0x2df/0x830
[ 71.386613][ T1317] __dev_queue_xmit+0x16f4/0x3990
[ 71.386631][ T1317] ? sched_clock+0x3f/0x60
[ 71.386660][ T1317] ? __pfx___schedule+0x10/0x10
[ 71.386684][ T1317] ? __dev_queue_xmit+0x27d/0x3990
[ 71.386716][ T1317] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 71.386736][ T1317] ? __pfx___dev_queue_xmit+0x10/0x10
[ 71.386758][ T1317] ? preempt_schedule_common+0x82/0xd0
[ 71.386786][ T1317] ? preempt_schedule_thunk+0x16/0x30
[ 71.386814][ T1317] ? rt_mutex_slowunlock+0x681/0x8b0
[ 71.386843][ T1317] ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 71.386869][ T1317] ? rt_spin_unlock+0x14f/0x200
[ 71.386900][ T1317] ? rt_spin_unlock+0x160/0x200
[ 71.386923][ T1317] tx+0x6b/0x190
[ 71.386941][ T1317] ? __pfx_tx+0x10/0x10
[ 71.386955][ T1317] kthread+0x1e0/0x3f0
[ 71.386965][ T1317] ? lock_acquire+0x106/0x330
[ 71.386983][ T1317] ? __pfx_kthread+0x10/0x10
[ 71.386993][ T1317] ? __pfx_default_wake_function+0x10/0x10
[ 71.387005][ T1317] ? __kthread_parkme+0x7a/0x1f0
[ 71.387024][ T1317] kthread+0x388/0x470
[ 71.387039][ T1317] ? __pfx_kthread+0x10/0x10
[ 71.387048][ T1317] ? __pfx_kthread+0x10/0x10
[ 71.387064][ T1317] ret_from_fork+0x51e/0xb90
[ 71.387078][ T1317] ? __pfx_ret_from_fork+0x10/0x10
[ 71.387090][ T1317] ? __switch_to+0xc7d/0x1400
[ 71.387103][ T1317] ? __pfx_kthread+0x10/0x10
[ 71.387119][ T1317] ret_from_fork_asm+0x1a/0x30
[ 71.387136][ T1317]
[ 71.387142][ T1317] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 71.387150][ T1317] CPU: 0 UID: 0 PID: 1317 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT_{RT,(full)}
[ 71.387162][ T1317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 71.387167][ T1317] Call Trace:
[ 71.387171][ T1317]
[ 71.387175][ T1317] vpanic+0x56c/0xa60
[ 71.387191][ T1317] ? __pfx__printk+0x10/0x10
[ 71.387201][ T1317] ? __pfx_vpanic+0x10/0x10
[ 71.387215][ T1317] ? is_bpf_text_address+0x292/0x2b0
[ 71.387226][ T1317] ? is_bpf_text_address+0x26/0x2b0
[ 71.387241][ T1317] panic+0xc5/0xd0
[ 71.387256][ T1317] ? __pfx_panic+0x10/0x10
[ 71.387274][ T1317] ? ret_from_fork_asm+0x1a/0x30
[ 71.387286][ T1317] __warn+0x315/0x4a0
[ 71.387300][ T1317] ? warn_bogus_irq_restore+0xc/0x20
[ 71.387311][ T1317] ? warn_bogus_irq_restore+0xc/0x20
[ 71.387324][ T1317] __report_bug+0x29a/0x540
[ 71.387338][ T1317] ? warn_bogus_irq_restore+0xc/0x20
[ 71.387348][ T1317] ? __pfx___report_bug+0x10/0x10
[ 71.387367][ T1317] report_bug_entry+0x19a/0x290
[ 71.387377][ T1317] ? warn_bogus_irq_restore+0xc/0x20
[ 71.387386][ T1317] ? warn_bogus_irq_restore+0x11/0x20
[ 71.387395][ T1317] handle_bug+0xca/0x200
[ 71.387408][ T1317] exc_invalid_op+0x1a/0x50
[ 71.387419][ T1317] asm_exc_invalid_op+0x1a/0x20
[ 71.387430][ T1317] RIP: 0010:warn_bogus_irq_restore+0xc/0x20
[ 71.387440][ T1317] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 90 48 8d 3d 64 c2 37 04 <67> 48 0f b9 3a 90 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90
[ 71.387448][ T1317] RSP: 0018:ffffc90004b6f728 EFLAGS: 00010293
[ 71.387457][ T1317] RAX: ffffffff88eac6e0 RBX: 0000000000000001 RCX: ffff88802856bc80
[ 71.387465][ T1317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8f4ce510
[ 71.387471][ T1317] RBP: ffff8880b883d720 R08: 0000000000000000 R09: 0000000000000000
[ 71.387477][ T1317] R10: dffffc0000000000 R11: fffffbfff1e9396f R12: ffff8880b883d738
[ 71.387484][ T1317] R13: dffffc0000000000 R14: 0000000000000200 R15: ffff8880b883d718
[ 71.387495][ T1317] ? enqueue_to_backlog+0x520/0xcf0
[ 71.387511][ T1317] enqueue_to_backlog+0x525/0xcf0
[ 71.387529][ T1317] netif_rx_internal+0x120/0x550
[ 71.387544][ T1317] ? __lock_acquire+0x6b5/0x2cf0
[ 71.387559][ T1317] ? __pfx_netif_rx_internal+0x10/0x10
[ 71.387573][ T1317] ? eth_type_trans+0x35e/0x6d0
[ 71.387584][ T1317] ? rcu_is_watching+0x15/0xb0
[ 71.387601][ T1317] __netif_rx+0xa9/0x110
[ 71.387614][ T1317] loopback_xmit+0x43a/0x660
[ 71.387633][ T1317] dev_hard_start_xmit+0x2df/0x830
[ 71.387652][ T1317] __dev_queue_xmit+0x16f4/0x3990
[ 71.387663][ T1317] ? sched_clock+0x3f/0x60
[ 71.387679][ T1317] ? __pfx___schedule+0x10/0x10
[ 71.387693][ T1317] ? __dev_queue_xmit+0x27d/0x3990
[ 71.387708][ T1317] ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 71.387719][ T1317] ? __pfx___dev_queue_xmit+0x10/0x10
[ 71.387731][ T1317] ? preempt_schedule_common+0x82/0xd0
[ 71.387747][ T1317] ? preempt_schedule_thunk+0x16/0x30
[ 71.387761][ T1317] ? rt_mutex_slowunlock+0x681/0x8b0
[ 71.387778][ T1317] ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 71.387793][ T1317] ? rt_spin_unlock+0x14f/0x200
[ 71.387809][ T1317] ? rt_spin_unlock+0x160/0x200
[ 71.387824][ T1317] tx+0x6b/0x190
[ 71.387836][ T1317] ? __pfx_tx+0x10/0x10
[ 71.387847][ T1317] kthread+0x1e0/0x3f0
[ 71.387857][ T1317] ? lock_acquire+0x106/0x330
[ 71.387875][ T1317] ? __pfx_kthread+0x10/0x10
[ 71.387891][ T1317] ? __pfx_default_wake_function+0x10/0x10
[ 71.387903][ T1317] ? __kthread_parkme+0x7a/0x1f0
[ 71.387920][ T1317] kthread+0x388/0x470
[ 71.387936][ T1317] ? __pfx_kthread+0x10/0x10
[ 71.387945][ T1317] ? __pfx_kthread+0x10/0x10
[ 71.387961][ T1317] ret_from_fork+0x51e/0xb90
[ 71.387975][ T1317] ? __pfx_ret_from_fork+0x10/0x10
[ 71.387987][ T1317] ? __switch_to+0xc7d/0x1400
[ 71.388000][ T1317] ? __pfx_kthread+0x10/0x10
[ 71.388015][ T1317] ret_from_fork_asm+0x1a/0x30
[ 71.388032][ T1317]
[ 71.388550][ T1317] Kernel Offset: disabled
syzkaller build log:
go env (err=)
AR='ar'
CC='gcc'
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_ENABLED='1'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
CXX='g++'
GCCGO='gccgo'
GO111MODULE='auto'
GOAMD64='v1'
GOARCH='amd64'
GOAUTH='netrc'
GOBIN=''
GOCACHE='/syzkaller/.cache/go-build'
GOCACHEPROG=''
GODEBUG=''
GOENV='/syzkaller/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFIPS140='off'
GOFLAGS=''
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build32504931=/tmp/go-build -gno-record-gcc-switches'
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMOD='/syzkaller/jobs-2/linux/gopath/src/github.com/google/syzkaller/go.mod'
GOMODCACHE='/syzkaller/jobs-2/linux/gopath/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/syzkaller/jobs-2/linux/gopath'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/usr/local/go'
GOSUMDB='sum.golang.org'
GOTELEMETRY='local'
GOTELEMETRYDIR='/syzkaller/.config/go/telemetry'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/usr/local/go/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.24.4'
GOWORK=''
PKG_CONFIG='pkg-config'
git status (err=)
HEAD detached at 2a40360c27f
nothing to commit, working tree clean
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
go list -f '{{.Stale}}' ./sys/syz-sysgen | grep -q false || go install ./sys/syz-sysgen
make .descriptions
tput: No value for $TERM and no -T specified
tput: No value for $TERM and no -T specified
Makefile:31: run command via tools/syz-env for best compatibility, see:
Makefile:32: https://github.com/google/syzkaller/blob/master/docs/contributing.md#using-syz-env
bin/syz-sysgen
go fmt ./sys/... >/dev/null
touch .descriptions
GOOS=linux GOARCH=amd64 go build "-ldflags=-s -w -X github.com/google/syzkaller/prog.GitRevision=2a40360c27f1cd827c9fa0183aa402ef505d07db -X 'github.com/google/syzkaller/prog.gitRevisionDate=20240705-075141'" "-tags=syz_target syz_os_linux syz_arch_amd64 " -o ./bin/linux_amd64/syz-execprog github.com/google/syzkaller/tools/syz-execprog
mkdir -p ./bin/linux_amd64
g++ -o ./bin/linux_amd64/syz-executor executor/executor.cc \
-m64 -O2 -pthread -Wall -Werror -Wparentheses -Wunused-const-variable -Wframe-larger-than=16384 -Wno-stringop-overflow -Wno-array-bounds -Wno-format-overflow -Wno-unused-but-set-variable -Wno-unused-command-line-argument -static-pie -std=c++17 -I. -Iexecutor/_include -fpermissive -w -DGOOS_linux=1 -DGOARCH_amd64=1 \
-DHOSTGOOS_linux=1 -DGIT_REVISION=\"2a40360c27f1cd827c9fa0183aa402ef505d07db\"
/usr/bin/ld: /tmp/ccdbXOvw.o: in function `test_cover_filter()':
executor.cc:(.text+0x13b7b): warning: the use of `tempnam' is dangerous, better use `mkstemp'
/usr/bin/ld: /tmp/ccdbXOvw.o: in function `Connection::Connect(char const*, char const*)':
executor.cc:(.text._ZN10Connection7ConnectEPKcS1_[_ZN10Connection7ConnectEPKcS1_]+0x19b): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
# Temporal hack to pre-created removed syz-fuzzer,
# since old version of syz-ci still wants to copy it.
touch ./bin/linux_amd64/syz-fuzzer