============================= [ BUG: Invalid wait context ] 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 Not tainted ----------------------------- syz-executor/5832 is trying to lock: ffff8880b873e958 (&sch->root_lock_key#69){+...}-{3:3}, at: raw_spin_rq_lock_nested+0x2a/0x140 kernel/sched/core.c:598 other info that might help us debug this: context-{5:5} 5 locks held by syz-executor/5832: #0: ffffffff8e9ece70 (dup_mmap_sem){.+.+}-{0:0}, at: dup_mm kernel/fork.c:1699 [inline] #0: ffffffff8e9ece70 (dup_mmap_sem){.+.+}-{0:0}, at: copy_mm+0x1db/0x2160 kernel/fork.c:1752 #1: ffff88807cdb33e0 (&mm->mmap_lock){++++}-{4:4}, at: mmap_write_lock_killable include/linux/mmap_lock.h:152 [inline] #1: ffff88807cdb33e0 (&mm->mmap_lock){++++}-{4:4}, at: dup_mmap kernel/fork.c:642 [inline] #1: ffff88807cdb33e0 (&mm->mmap_lock){++++}-{4:4}, at: dup_mm kernel/fork.c:1700 [inline] #1: ffff88807cdb33e0 (&mm->mmap_lock){++++}-{4:4}, at: copy_mm+0x2b7/0x2160 kernel/fork.c:1752 #2: ffff888029a0dbe0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: mmap_write_lock_nested include/linux/mmap_lock.h:142 [inline] #2: ffff888029a0dbe0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: dup_mmap kernel/fork.c:649 [inline] #2: ffff888029a0dbe0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: dup_mm kernel/fork.c:1700 [inline] #2: ffff888029a0dbe0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: copy_mm+0x458/0x2160 kernel/fork.c:1752 #3: ffffffff8e93dab0 (&rcu_state.gp_wq){..-.}-{2:2}, at: swake_up_one+0x20/0x160 kernel/sched/swait.c:51 #4: ffff88801d2d0a28 (&p->pi_lock){-.-.}-{2:2}, at: class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline] #4: ffff88801d2d0a28 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0xc2/0x1470 kernel/sched/core.c:4213 stack backtrace: CPU: 0 UID: 0 PID: 5832 Comm: syz-executor Not tainted 6.14.0-rc1-syzkaller-00034-g92514ef226f5 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_lock_invalid_wait_context kernel/locking/lockdep.c:4828 [inline] check_wait_context kernel/locking/lockdep.c:4900 [inline] __lock_acquire+0x15a8/0x2100 kernel/locking/lockdep.c:5178 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5851 _raw_spin_lock_nested+0x31/0x40 kernel/locking/spinlock.c:378 raw_spin_rq_lock_nested+0x2a/0x140 kernel/sched/core.c:598 raw_spin_rq_lock kernel/sched/sched.h:1521 [inline] rq_lock kernel/sched/sched.h:1852 [inline] ttwu_queue kernel/sched/core.c:3999 [inline] try_to_wake_up+0x7e2/0x1470 kernel/sched/core.c:4329 swake_up_locked kernel/sched/swait.c:29 [inline] swake_up_one+0x70/0x160 kernel/sched/swait.c:52 rcu_report_unblock_qs_rnp kernel/rcu/tree.c:2355 [inline] rcu_preempt_deferred_qs_irqrestore+0xa3e/0xca0 kernel/rcu/tree_plugin.h:569 rcu_read_unlock_special+0x497/0x570 kernel/rcu/tree_plugin.h:693 __rcu_read_unlock+0xa1/0x110 kernel/rcu/tree_plugin.h:438 rcu_read_unlock include/linux/rcupdate.h:882 [inline] pte_unmap include/linux/pgtable.h:136 [inline] copy_pte_range mm/memory.c:1201 [inline] copy_pmd_range+0x6e56/0x77a0 mm/memory.c:1262 copy_pud_range mm/memory.c:1299 [inline] copy_p4d_range mm/memory.c:1323 [inline] copy_page_range+0x99f/0xe90 mm/memory.c:1421 dup_mmap kernel/fork.c:748 [inline] dup_mm kernel/fork.c:1700 [inline] copy_mm+0x1269/0x2160 kernel/fork.c:1752 copy_process+0x1845/0x3d50 kernel/fork.c:2403 kernel_clone+0x226/0x8e0 kernel/fork.c:2815 __do_sys_clone kernel/fork.c:2958 [inline] __se_sys_clone kernel/fork.c:2942 [inline] __x64_sys_clone+0x258/0x2a0 kernel/fork.c:2942 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f744b783653 Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 RSP: 002b:00007ffdc54ada18 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f744b783653 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001 R10: 0000555571b3d7d0 R11: 0000000000000246 R12: 0000000000000000 R13: 00000000000927c0 R14: 0000000000037a04 R15: 00007ffdc54adbb0