============================= [ BUG: Invalid wait context ] 6.16.0-rc4-syzkaller-00348-g772b78c2abd8 #0 Not tainted ----------------------------- swapper/0/0 is trying to lock: ffffc90001a27410 (&gpc->lock){....}-{3:3}, at: kvm_xen_set_evtchn_fast+0x1fb/0x9b0 arch/x86/kvm/xen.c:1820 other info that might help us debug this: context-{2:2} 1 lock held by swapper/0/0: #0: ffffc90001a27960 (&kvm->srcu){.?.+}-{0:0}, at: srcu_lock_acquire include/linux/srcu.h:161 [inline] #0: ffffc90001a27960 (&kvm->srcu){.?.+}-{0:0}, at: srcu_read_lock include/linux/srcu.h:253 [inline] #0: ffffc90001a27960 (&kvm->srcu){.?.+}-{0:0}, at: kvm_xen_set_evtchn_fast+0x1c3/0x9b0 arch/x86/kvm/xen.c:1818 stack backtrace: CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc4-syzkaller-00348-g772b78c2abd8 #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 Call Trace: dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120 print_lock_invalid_wait_context kernel/locking/lockdep.c:4833 [inline] check_wait_context kernel/locking/lockdep.c:4905 [inline] __lock_acquire+0xbcb/0xd20 kernel/locking/lockdep.c:5190 lock_acquire+0x120/0x360 kernel/locking/lockdep.c:5871 __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:160 [inline] _raw_read_lock_irqsave+0xaf/0x100 kernel/locking/spinlock.c:236 kvm_xen_set_evtchn_fast+0x1fb/0x9b0 arch/x86/kvm/xen.c:1820 xen_timer_callback+0x109/0x220 arch/x86/kvm/xen.c:140 __run_hrtimer kernel/time/hrtimer.c:1761 [inline] __hrtimer_run_queues+0x4dd/0xc60 kernel/time/hrtimer.c:1825 hrtimer_interrupt+0x45b/0xaa0 kernel/time/hrtimer.c:1887 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1039 [inline] __sysvec_apic_timer_interrupt+0x10b/0x410 arch/x86/kernel/apic/apic.c:1056 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline] sysvec_apic_timer_interrupt+0xa1/0xc0 arch/x86/kernel/apic/apic.c:1050 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:pv_native_safe_halt+0x13/0x20 arch/x86/kernel/paravirt.c:82 Code: 03 de 02 00 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 03 26 19 00 f3 0f 1e fa fb f4 d8 dd 02 00 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 RSP: 0018:ffffffff8de07d80 EFLAGS: 000002c2 RAX: db13c2636555f100 RBX: ffffffff81975c78 RCX: db13c2636555f100 RDX: 0000000000000001 RSI: ffffffff8d99765e RDI: ffffffff8be29640 RBP: ffffffff8de07ea8 R08: ffff88801fc32f5b R09: 1ffff11003f865eb R10: dffffc0000000000 R11: ffffed1003f865ec R12: ffffffff8fa1e5f0 R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1bd2a50 arch_safe_halt arch/x86/include/asm/paravirt.h:107 [inline] default_idle+0x13/0x20 arch/x86/kernel/process.c:749 default_idle_call+0x74/0xb0 kernel/sched/idle.c:117 cpuidle_idle_call kernel/sched/idle.c:185 [inline] do_idle+0x1e8/0x510 kernel/sched/idle.c:325 cpu_startup_entry+0x44/0x60 kernel/sched/idle.c:423 rest_init+0x2de/0x300 init/main.c:745 start_kernel+0x47d/0x500 init/main.c:1102 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:307 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:288 common_startup_64+0x13e/0x147 ---------------- Code disassembly (best guess): 0: 03 de add %esi,%ebx 2: 02 00 add (%rax),%al 4: cc int3 5: cc int3 6: cc int3 7: 90 nop 8: 90 nop 9: 90 nop a: 90 nop b: 90 nop c: 90 nop d: 90 nop e: 90 nop f: 90 nop 10: 90 nop 11: 90 nop 12: 90 nop 13: 90 nop 14: 90 nop 15: 90 nop 16: 90 nop 17: f3 0f 1e fa endbr64 1b: 66 90 xchg %ax,%ax 1d: 0f 00 2d 03 26 19 00 verw 0x192603(%rip) # 0x192627 24: f3 0f 1e fa endbr64 28: fb sti 29: f4 hlt * 2a: e9 d8 dd 02 00 jmp 0x2de07 <-- trapping instruction 2f: cc int3 30: cc int3 31: cc int3 32: cc int3 33: cc int3 34: cc int3 35: cc int3 36: cc int3 37: 90 nop 38: 90 nop 39: 90 nop 3a: 90 nop 3b: 90 nop 3c: 90 nop 3d: 90 nop 3e: 90 nop 3f: 90 nop