Warning: Permanently added '10.128.0.82' (ED25519) to the list of known hosts. executing program executing program executing program [ 60.654043][ T26] [ 60.656412][ T26] ===================================================== [ 60.663339][ T26] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 60.670787][ T26] 6.1.82-syzkaller #0 Not tainted [ 60.675803][ T26] ----------------------------------------------------- [ 60.682744][ T26] kworker/1:1/26 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 60.690293][ T26] ffff888014a8c8d8 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xac/0x2f0 [ 60.700586][ T26] [ 60.700586][ T26] and this task is already holding: [ 60.707944][ T26] ffff8880b9928358 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 60.716821][ T26] which would create a new lock dependency: [ 60.722708][ T26] (&base->lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 60.730820][ T26] [ 60.730820][ T26] but this new dependency connects a HARDIRQ-irq-safe lock: [ 60.740270][ T26] (&base->lock){-.-.}-{2:2} [ 60.740293][ T26] [ 60.740293][ T26] ... which became HARDIRQ-irq-safe at: [ 60.752568][ T26] lock_acquire+0x1f8/0x5a0 [ 60.757168][ T26] _raw_spin_lock_irqsave+0xd1/0x120 [ 60.762550][ T26] lock_timer_base+0x120/0x260 [ 60.767402][ T26] add_timer_on+0x1eb/0x580 [ 60.771997][ T26] handle_irq_event+0xa9/0x1e0 [ 60.776850][ T26] handle_edge_irq+0x245/0xbf0 [ 60.781721][ T26] __common_interrupt+0xd7/0x1f0 [ 60.786755][ T26] common_interrupt+0x9f/0xc0 [ 60.791524][ T26] asm_common_interrupt+0x22/0x40 [ 60.796644][ T26] console_emit_next_record+0xc69/0xea0 [ 60.802276][ T26] console_unlock+0x278/0x7c0 [ 60.807051][ T26] vprintk_emit+0x523/0x740 [ 60.811651][ T26] _printk+0xd1/0x111 [ 60.815728][ T26] __clocksource_register_scale+0xb4/0x660 [ 60.821630][ T26] tsc_init+0x158/0x160 [ 60.825889][ T26] x86_late_time_init+0x79/0x86 [ 60.830843][ T26] start_kernel+0x414/0x53f [ 60.835442][ T26] secondary_startup_64_no_verify+0xcf/0xdb [ 60.841430][ T26] [ 60.841430][ T26] to a HARDIRQ-irq-unsafe lock: [ 60.848442][ T26] (&htab->buckets[i].lock){+...}-{2:2} [ 60.848467][ T26] [ 60.848467][ T26] ... which became HARDIRQ-irq-unsafe at: [ 60.861889][ T26] ... [ 60.861895][ T26] lock_acquire+0x1f8/0x5a0 [ 60.869067][ T26] _raw_spin_lock_bh+0x31/0x40 [ 60.873920][ T26] sock_hash_free+0x160/0x820 [ 60.878693][ T26] process_one_work+0x8a9/0x11d0 [ 60.883722][ T26] worker_thread+0xa47/0x1200 [ 60.888487][ T26] kthread+0x28d/0x320 [ 60.892654][ T26] ret_from_fork+0x1f/0x30 [ 60.897178][ T26] [ 60.897178][ T26] other info that might help us debug this: [ 60.897178][ T26] [ 60.907401][ T26] Possible interrupt unsafe locking scenario: [ 60.907401][ T26] [ 60.915715][ T26] CPU0 CPU1 [ 60.921074][ T26] ---- ---- [ 60.926439][ T26] lock(&htab->buckets[i].lock); [ 60.931464][ T26] local_irq_disable(); [ 60.938229][ T26] lock(&base->lock); [ 60.944837][ T26] lock(&htab->buckets[i].lock); [ 60.952391][ T26] [ 60.955843][ T26] lock(&base->lock); [ 60.960113][ T26] [ 60.960113][ T26] *** DEADLOCK *** [ 60.960113][ T26] [ 60.968262][ T26] 4 locks held by kworker/1:1/26: [ 60.973283][ T26] #0: ffff888012472138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 60.983654][ T26] #1: ffffc90000a1fd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 60.995060][ T26] #2: ffff8880b9928358 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 61.004378][ T26] #3: ffffffff8d12a940 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0x146/0x440 [ 61.013780][ T26] [ 61.013780][ T26] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 61.024195][ T26] -> (&base->lock){-.-.}-{2:2} { [ 61.029148][ T26] IN-HARDIRQ-W at: [ 61.033128][ T26] lock_acquire+0x1f8/0x5a0 [ 61.039290][ T26] _raw_spin_lock_irqsave+0xd1/0x120 [ 61.046227][ T26] lock_timer_base+0x120/0x260 [ 61.052641][ T26] add_timer_on+0x1eb/0x580 [ 61.058797][ T26] handle_irq_event+0xa9/0x1e0 [ 61.065216][ T26] handle_edge_irq+0x245/0xbf0 [ 61.071635][ T26] __common_interrupt+0xd7/0x1f0 [ 61.078227][ T26] common_interrupt+0x9f/0xc0 [ 61.084563][ T26] asm_common_interrupt+0x22/0x40 [ 61.091240][ T26] console_emit_next_record+0xc69/0xea0 [ 61.098438][ T26] console_unlock+0x278/0x7c0 [ 61.104775][ T26] vprintk_emit+0x523/0x740 [ 61.110934][ T26] _printk+0xd1/0x111 [ 61.116573][ T26] __clocksource_register_scale+0xb4/0x660 [ 61.124040][ T26] tsc_init+0x158/0x160 [ 61.129843][ T26] x86_late_time_init+0x79/0x86 [ 61.136355][ T26] start_kernel+0x414/0x53f [ 61.142516][ T26] secondary_startup_64_no_verify+0xcf/0xdb [ 61.150068][ T26] IN-SOFTIRQ-W at: [ 61.154060][ T26] lock_acquire+0x1f8/0x5a0 [ 61.160235][ T26] _raw_spin_lock_irq+0xcf/0x110 [ 61.166831][ T26] __run_timers+0x111/0x890 [ 61.173005][ T26] run_timer_softirq+0x63/0xf0 [ 61.179425][ T26] __do_softirq+0x2e9/0xa4c [ 61.185603][ T26] __irq_exit_rcu+0x155/0x240 [ 61.191944][ T26] irq_exit_rcu+0x5/0x20 [ 61.197887][ T26] common_interrupt+0xa4/0xc0 [ 61.204227][ T26] asm_common_interrupt+0x22/0x40 [ 61.210910][ T26] console_emit_next_record+0xc69/0xea0 [ 61.218108][ T26] console_unlock+0x278/0x7c0 [ 61.224444][ T26] vprintk_emit+0x523/0x740 [ 61.230603][ T26] _printk+0xd1/0x111 [ 61.236242][ T26] cpu_select_mitigations+0x38/0x8f [ 61.243096][ T26] arch_cpu_finalize_init+0xf/0x81 [ 61.249857][ T26] start_kernel+0x423/0x53f [ 61.256023][ T26] secondary_startup_64_no_verify+0xcf/0xdb [ 61.263573][ T26] INITIAL USE at: [ 61.267465][ T26] lock_acquire+0x1f8/0x5a0 [ 61.273547][ T26] _raw_spin_lock_irqsave+0xd1/0x120 [ 61.280395][ T26] lock_timer_base+0x120/0x260 [ 61.286724][ T26] add_timer_on+0x1eb/0x580 [ 61.292787][ T26] handle_irq_event+0xa9/0x1e0 [ 61.299114][ T26] handle_edge_irq+0x245/0xbf0 [ 61.305446][ T26] __common_interrupt+0xd7/0x1f0 [ 61.311955][ T26] common_interrupt+0x9f/0xc0 [ 61.318209][ T26] asm_common_interrupt+0x22/0x40 [ 61.324799][ T26] console_emit_next_record+0xc69/0xea0 [ 61.331906][ T26] console_unlock+0x278/0x7c0 [ 61.338154][ T26] vprintk_emit+0x523/0x740 [ 61.344230][ T26] _printk+0xd1/0x111 [ 61.349795][ T26] __clocksource_register_scale+0xb4/0x660 [ 61.357170][ T26] tsc_init+0x158/0x160 [ 61.362887][ T26] x86_late_time_init+0x79/0x86 [ 61.369305][ T26] start_kernel+0x414/0x53f [ 61.375381][ T26] secondary_startup_64_no_verify+0xcf/0xdb [ 61.382843][ T26] } [ 61.385340][ T26] ... key at: [] init_timer_cpu.__key+0x0/0x20 [ 61.393589][ T26] [ 61.393589][ T26] the dependencies between the lock to be acquired [ 61.393597][ T26] and HARDIRQ-irq-unsafe lock: [ 61.407107][ T26] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 61.413021][ T26] HARDIRQ-ON-W at: [ 61.417000][ T26] lock_acquire+0x1f8/0x5a0 [ 61.423164][ T26] _raw_spin_lock_bh+0x31/0x40 [ 61.429578][ T26] sock_hash_free+0x160/0x820 [ 61.435910][ T26] process_one_work+0x8a9/0x11d0 [ 61.442500][ T26] worker_thread+0xa47/0x1200 [ 61.448832][ T26] kthread+0x28d/0x320 [ 61.454600][ T26] ret_from_fork+0x1f/0x30 [ 61.460689][ T26] INITIAL USE at: [ 61.464593][ T26] lock_acquire+0x1f8/0x5a0 [ 61.470675][ T26] _raw_spin_lock_bh+0x31/0x40 [ 61.477010][ T26] sock_hash_free+0x160/0x820 [ 61.483262][ T26] process_one_work+0x8a9/0x11d0 [ 61.489775][ T26] worker_thread+0xa47/0x1200 [ 61.496020][ T26] kthread+0x28d/0x320 [ 61.501664][ T26] ret_from_fork+0x1f/0x30 [ 61.507652][ T26] } [ 61.510151][ T26] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 61.518488][ T26] ... acquired at: [ 61.522292][ T26] lock_acquire+0x1f8/0x5a0 [ 61.526978][ T26] _raw_spin_lock_bh+0x31/0x40 [ 61.531933][ T26] sock_hash_delete_elem+0xac/0x2f0 [ 61.537345][ T26] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 61.542993][ T26] bpf_trace_run3+0x231/0x440 [ 61.547857][ T26] enqueue_timer+0x440/0x600 [ 61.552629][ T26] __mod_timer+0x92b/0xee0 [ 61.557224][ T26] schedule_timeout+0x1b4/0x300 [ 61.562250][ T26] rcu_exp_sel_wait_wake+0x764/0x1d50 [ 61.567802][ T26] process_one_work+0x8a9/0x11d0 [ 61.572916][ T26] worker_thread+0xa47/0x1200 [ 61.577768][ T26] kthread+0x28d/0x320 [ 61.582035][ T26] ret_from_fork+0x1f/0x30 [ 61.586632][ T26] [ 61.588959][ T26] [ 61.588959][ T26] stack backtrace: [ 61.594840][ T26] CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 6.1.82-syzkaller #0 [ 61.602816][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 61.612870][ T26] Workqueue: rcu_gp wait_rcu_exp_gp [ 61.618076][ T26] Call Trace: [ 61.621374][ T26] [ 61.624307][ T26] dump_stack_lvl+0x1e3/0x2cb [ 61.628995][ T26] ? nf_tcp_handle_invalid+0x642/0x642 [ 61.634461][ T26] ? panic+0x75d/0x75d [ 61.638552][ T26] ? print_shortest_lock_dependencies+0xee/0x150 [ 61.644895][ T26] validate_chain+0x4d16/0x5950 [ 61.649765][ T26] ? reacquire_held_locks+0x660/0x660 [ 61.655153][ T26] ? reacquire_held_locks+0x660/0x660 [ 61.660538][ T26] ? register_lock_class+0x100/0x990 [ 61.665839][ T26] ? validate_chain+0x112/0x5950 [ 61.670787][ T26] ? is_dynamic_key+0x260/0x260 [ 61.675646][ T26] ? mark_lock+0x9a/0x340 [ 61.679985][ T26] __lock_acquire+0x125b/0x1f80 [ 61.684849][ T26] lock_acquire+0x1f8/0x5a0 [ 61.689358][ T26] ? sock_hash_delete_elem+0xac/0x2f0 [ 61.694747][ T26] ? lockdep_softirqs_on+0x590/0x590 [ 61.700041][ T26] ? read_lock_is_recursive+0x10/0x10 [ 61.705424][ T26] ? sock_hash_delete_elem+0xac/0x2f0 [ 61.710805][ T26] ? __bpf_trace_softirq+0x10/0x10 [ 61.715927][ T26] ? read_lock_is_recursive+0x10/0x10 [ 61.721311][ T26] ? sock_hash_delete_elem+0xac/0x2f0 [ 61.726692][ T26] _raw_spin_lock_bh+0x31/0x40 [ 61.731462][ T26] ? sock_hash_delete_elem+0xac/0x2f0 [ 61.736844][ T26] sock_hash_delete_elem+0xac/0x2f0 [ 61.742057][ T26] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 61.747515][ T26] bpf_trace_run3+0x231/0x440 [ 61.752196][ T26] ? bpf_trace_run3+0x146/0x440 [ 61.757053][ T26] ? bpf_trace_run2+0x410/0x410 [ 61.761902][ T26] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 61.767801][ T26] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 61.773265][ T26] ? _raw_spin_lock+0x40/0x40 [ 61.777946][ T26] enqueue_timer+0x440/0x600 [ 61.782545][ T26] __mod_timer+0x92b/0xee0 [ 61.786970][ T26] ? mod_timer_pending+0x20/0x20 [ 61.791908][ T26] ? lockdep_softirqs_off+0x420/0x420 [ 61.797291][ T26] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 61.803187][ T26] ? _raw_spin_unlock+0x40/0x40 [ 61.808045][ T26] schedule_timeout+0x1b4/0x300 [ 61.812899][ T26] ? console_conditional_schedule+0x40/0x40 [ 61.818792][ T26] ? update_process_times+0x1b0/0x1b0 [ 61.824172][ T26] rcu_exp_sel_wait_wake+0x764/0x1d50 [ 61.829555][ T26] ? read_lock_is_recursive+0x10/0x10 [ 61.834942][ T26] ? rcu_check_gp_start_stall+0x450/0x450 [ 61.840661][ T26] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 61.846564][ T26] ? do_raw_spin_unlock+0x137/0x8a0 [ 61.851778][ T26] ? process_one_work+0x7a9/0x11d0 [ 61.856898][ T26] process_one_work+0x8a9/0x11d0 [ 61.861846][ T26] ? worker_detach_from_pool+0x260/0x260 [ 61.867487][ T26] ? _raw_spin_lock_irqsave+0x120/0x120 [ 61.873042][ T26] ? kthread_data+0x4e/0xc0 [ 61.877563][ T26] ? wq_worker_running+0x97/0x190 [ 61.882599][ T26] worker_thread+0xa47/0x1200 [ 61.887280][ T26] ? _raw_spin_unlock+0x40/0x40 [ 61.892131][ T26] ? __sched_text_start+0x8/0x8 [ 61.896994][ T26] ? _raw_spin_unlock+0x40/0x40 [ 61.901853][ T26] kthread+0x28d/0x320 [ 61.905942][ T26] ? worker_clr_flags+0x190/0x190 [ 61.910975][ T26] ? kthread_blkcg+0xd0/0xd0 [ 61.915576][ T26] ret_from_fork+0x1f/0x30 [ 61.920011][ T26]