Warning: Permanently added '10.128.0.235' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 48.498397][ T1280] [ 48.501167][ T1280] ===================================================== [ 48.508473][ T1280] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 48.516179][ T1280] 5.15.153-syzkaller #0 Not tainted [ 48.521436][ T1280] ----------------------------------------------------- [ 48.528555][ T1280] kworker/0:3/1280 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 48.536627][ T1280] ffff888078408020 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xac/0x2f0 [ 48.547016][ T1280] [ 48.547016][ T1280] and this task is already holding: [ 48.554363][ T1280] ffff8880b9a28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 48.563675][ T1280] which would create a new lock dependency: [ 48.569909][ T1280] (&base->lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 48.578466][ T1280] [ 48.578466][ T1280] but this new dependency connects a HARDIRQ-irq-safe lock: [ 48.587947][ T1280] (&base->lock){-.-.}-{2:2} [ 48.587975][ T1280] [ 48.587975][ T1280] ... which became HARDIRQ-irq-safe at: [ 48.600434][ T1280] lock_acquire+0x1db/0x4f0 [ 48.605034][ T1280] _raw_spin_lock_irqsave+0xd1/0x120 [ 48.610520][ T1280] lock_timer_base+0x120/0x260 [ 48.615467][ T1280] add_timer_on+0x1eb/0x580 [ 48.620039][ T1280] handle_irq_event+0x124/0x2b0 [ 48.625071][ T1280] handle_edge_irq+0x245/0xbf0 [ 48.629914][ T1280] __common_interrupt+0xd7/0x1f0 [ 48.634933][ T1280] common_interrupt+0x9f/0xc0 [ 48.639793][ T1280] asm_common_interrupt+0x22/0x40 [ 48.645357][ T1280] console_unlock+0xe53/0x12b0 [ 48.650681][ T1280] vprintk_emit+0xbf/0x150 [ 48.655560][ T1280] _printk+0xd1/0x111 [ 48.659954][ T1280] __clocksource_register_scale+0xb4/0x660 [ 48.665959][ T1280] tsc_init+0x15d/0x165 [ 48.670466][ T1280] x86_late_time_init+0x79/0x86 [ 48.675602][ T1280] start_kernel+0x40a/0x535 [ 48.680186][ T1280] secondary_startup_64_no_verify+0xb1/0xbb [ 48.686321][ T1280] [ 48.686321][ T1280] to a HARDIRQ-irq-unsafe lock: [ 48.693765][ T1280] (&htab->buckets[i].lock){+...}-{2:2} [ 48.693787][ T1280] [ 48.693787][ T1280] ... which became HARDIRQ-irq-unsafe at: [ 48.707479][ T1280] ... [ 48.707487][ T1280] lock_acquire+0x1db/0x4f0 [ 48.715340][ T1280] _raw_spin_lock_bh+0x31/0x40 [ 48.720529][ T1280] sock_hash_free+0x14c/0x780 [ 48.725411][ T1280] process_one_work+0x8a1/0x10c0 [ 48.730929][ T1280] worker_thread+0xaca/0x1280 [ 48.736152][ T1280] kthread+0x3f6/0x4f0 [ 48.740489][ T1280] ret_from_fork+0x1f/0x30 [ 48.745151][ T1280] [ 48.745151][ T1280] other info that might help us debug this: [ 48.745151][ T1280] [ 48.755637][ T1280] Possible interrupt unsafe locking scenario: [ 48.755637][ T1280] [ 48.764306][ T1280] CPU0 CPU1 [ 48.770310][ T1280] ---- ---- [ 48.775681][ T1280] lock(&htab->buckets[i].lock); [ 48.781052][ T1280] local_irq_disable(); [ 48.787965][ T1280] lock(&base->lock); [ 48.795253][ T1280] lock(&htab->buckets[i].lock); [ 48.802966][ T1280] [ 48.806546][ T1280] lock(&base->lock); [ 48.811345][ T1280] [ 48.811345][ T1280] *** DEADLOCK *** [ 48.811345][ T1280] [ 48.819569][ T1280] 4 locks held by kworker/0:3/1280: [ 48.824854][ T1280] #0: ffff888011c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 48.835557][ T1280] #1: ffffc90005997d20 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 48.847912][ T1280] #2: ffff8880b9a28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 48.857494][ T1280] #3: ffffffff8c91f720 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 48.867010][ T1280] [ 48.867010][ T1280] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 48.877720][ T1280] -> (&base->lock){-.-.}-{2:2} { [ 48.883809][ T1280] IN-HARDIRQ-W at: [ 48.887796][ T1280] lock_acquire+0x1db/0x4f0 [ 48.893960][ T1280] _raw_spin_lock_irqsave+0xd1/0x120 [ 48.901075][ T1280] lock_timer_base+0x120/0x260 [ 48.907483][ T1280] add_timer_on+0x1eb/0x580 [ 48.913803][ T1280] handle_irq_event+0x124/0x2b0 [ 48.920385][ T1280] handle_edge_irq+0x245/0xbf0 [ 48.927071][ T1280] __common_interrupt+0xd7/0x1f0 [ 48.933748][ T1280] common_interrupt+0x9f/0xc0 [ 48.940211][ T1280] asm_common_interrupt+0x22/0x40 [ 48.947194][ T1280] console_unlock+0xe53/0x12b0 [ 48.953777][ T1280] vprintk_emit+0xbf/0x150 [ 48.960174][ T1280] _printk+0xd1/0x111 [ 48.966461][ T1280] __clocksource_register_scale+0xb4/0x660 [ 48.974027][ T1280] tsc_init+0x15d/0x165 [ 48.980202][ T1280] x86_late_time_init+0x79/0x86 [ 48.987039][ T1280] start_kernel+0x40a/0x535 [ 48.993497][ T1280] secondary_startup_64_no_verify+0xb1/0xbb [ 49.001294][ T1280] IN-SOFTIRQ-W at: [ 49.005267][ T1280] lock_acquire+0x1db/0x4f0 [ 49.011410][ T1280] _raw_spin_lock_irq+0xcf/0x110 [ 49.018216][ T1280] __run_timers+0x111/0x890 [ 49.024441][ T1280] run_timer_softirq+0x63/0xf0 [ 49.031384][ T1280] __do_softirq+0x3b3/0x93a [ 49.038804][ T1280] __irq_exit_rcu+0x155/0x240 [ 49.045486][ T1280] irq_exit_rcu+0x5/0x20 [ 49.051377][ T1280] common_interrupt+0xa4/0xc0 [ 49.057785][ T1280] asm_common_interrupt+0x22/0x40 [ 49.064711][ T1280] console_unlock+0xe53/0x12b0 [ 49.071122][ T1280] vprintk_emit+0xbf/0x150 [ 49.078268][ T1280] _printk+0xd1/0x111 [ 49.084062][ T1280] spectre_v2_select_mitigation+0x4f7/0x748 [ 49.091850][ T1280] cpu_select_mitigations+0x3d/0x8f [ 49.098895][ T1280] arch_cpu_finalize_init+0xf/0x81 [ 49.105816][ T1280] start_kernel+0x419/0x535 [ 49.111979][ T1280] secondary_startup_64_no_verify+0xb1/0xbb [ 49.119856][ T1280] INITIAL USE at: [ 49.123763][ T1280] lock_acquire+0x1db/0x4f0 [ 49.129934][ T1280] _raw_spin_lock_irqsave+0xd1/0x120 [ 49.136765][ T1280] lock_timer_base+0x120/0x260 [ 49.143077][ T1280] add_timer_on+0x1eb/0x580 [ 49.149478][ T1280] handle_irq_event+0x124/0x2b0 [ 49.155926][ T1280] handle_edge_irq+0x245/0xbf0 [ 49.162259][ T1280] __common_interrupt+0xd7/0x1f0 [ 49.168827][ T1280] common_interrupt+0x9f/0xc0 [ 49.175060][ T1280] asm_common_interrupt+0x22/0x40 [ 49.181801][ T1280] console_unlock+0xe53/0x12b0 [ 49.188831][ T1280] vprintk_emit+0xbf/0x150 [ 49.194796][ T1280] _printk+0xd1/0x111 [ 49.200714][ T1280] __clocksource_register_scale+0xb4/0x660 [ 49.209206][ T1280] tsc_init+0x15d/0x165 [ 49.215313][ T1280] x86_late_time_init+0x79/0x86 [ 49.221896][ T1280] start_kernel+0x40a/0x535 [ 49.228555][ T1280] secondary_startup_64_no_verify+0xb1/0xbb [ 49.236558][ T1280] } [ 49.239264][ T1280] ... key at: [] init_timer_cpu.__key+0x0/0x20 [ 49.248020][ T1280] [ 49.248020][ T1280] the dependencies between the lock to be acquired [ 49.248031][ T1280] and HARDIRQ-irq-unsafe lock: [ 49.263914][ T1280] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 49.271666][ T1280] HARDIRQ-ON-W at: [ 49.276018][ T1280] lock_acquire+0x1db/0x4f0 [ 49.282713][ T1280] _raw_spin_lock_bh+0x31/0x40 [ 49.289626][ T1280] sock_hash_free+0x14c/0x780 [ 49.297583][ T1280] process_one_work+0x8a1/0x10c0 [ 49.305254][ T1280] worker_thread+0xaca/0x1280 [ 49.311771][ T1280] kthread+0x3f6/0x4f0 [ 49.317691][ T1280] ret_from_fork+0x1f/0x30 [ 49.324043][ T1280] INITIAL USE at: [ 49.328182][ T1280] lock_acquire+0x1db/0x4f0 [ 49.334583][ T1280] _raw_spin_lock_bh+0x31/0x40 [ 49.341249][ T1280] sock_hash_free+0x14c/0x780 [ 49.347665][ T1280] process_one_work+0x8a1/0x10c0 [ 49.354585][ T1280] worker_thread+0xaca/0x1280 [ 49.361010][ T1280] kthread+0x3f6/0x4f0 [ 49.366747][ T1280] ret_from_fork+0x1f/0x30 [ 49.373004][ T1280] } [ 49.375492][ T1280] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 49.384522][ T1280] ... acquired at: [ 49.388411][ T1280] lock_acquire+0x1db/0x4f0 [ 49.393247][ T1280] _raw_spin_lock_bh+0x31/0x40 [ 49.398548][ T1280] sock_hash_delete_elem+0xac/0x2f0 [ 49.404008][ T1280] bpf_prog_2c29ac5cdc6b1842+0x3a/0x924 [ 49.410151][ T1280] bpf_trace_run3+0x1d1/0x380 [ 49.415580][ T1280] enqueue_timer+0x3ae/0x540 [ 49.421318][ T1280] __mod_timer+0xa60/0xeb0 [ 49.426696][ T1280] schedule_timeout+0x1b4/0x300 [ 49.433205][ T1280] rcu_exp_sel_wait_wake+0x7cb/0x1c00 [ 49.438845][ T1280] process_one_work+0x8a1/0x10c0 [ 49.444817][ T1280] worker_thread+0xaca/0x1280 [ 49.449742][ T1280] kthread+0x3f6/0x4f0 [ 49.454332][ T1280] ret_from_fork+0x1f/0x30 [ 49.459340][ T1280] [ 49.461737][ T1280] [ 49.461737][ T1280] stack backtrace: [ 49.468138][ T1280] CPU: 0 PID: 1280 Comm: kworker/0:3 Not tainted 5.15.153-syzkaller #0 [ 49.477229][ T1280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 49.488055][ T1280] Workqueue: rcu_gp wait_rcu_exp_gp [ 49.493615][ T1280] Call Trace: [ 49.497265][ T1280] [ 49.500890][ T1280] dump_stack_lvl+0x1e3/0x2cb [ 49.505922][ T1280] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 49.511999][ T1280] ? panic+0x84d/0x84d [ 49.517066][ T1280] ? print_shortest_lock_dependencies+0xee/0x150 [ 49.523907][ T1280] validate_chain+0x4d01/0x5930 [ 49.529827][ T1280] ? reacquire_held_locks+0x660/0x660 [ 49.535732][ T1280] ? register_lock_class+0x100/0x9a0 [ 49.541996][ T1280] ? is_dynamic_key+0x1f0/0x1f0 [ 49.547043][ T1280] ? mark_lock+0x98/0x340 [ 49.551574][ T1280] __lock_acquire+0x1295/0x1ff0 [ 49.556720][ T1280] lock_acquire+0x1db/0x4f0 [ 49.561267][ T1280] ? sock_hash_delete_elem+0xac/0x2f0 [ 49.566669][ T1280] ? lockdep_softirqs_on+0x590/0x590 [ 49.573263][ T1280] ? read_lock_is_recursive+0x10/0x10 [ 49.579084][ T1280] ? sock_hash_delete_elem+0xac/0x2f0 [ 49.584594][ T1280] ? __bpf_trace_softirq+0x10/0x10 [ 49.589694][ T1280] ? sock_hash_delete_elem+0xac/0x2f0 [ 49.596507][ T1280] _raw_spin_lock_bh+0x31/0x40 [ 49.602217][ T1280] ? sock_hash_delete_elem+0xac/0x2f0 [ 49.608389][ T1280] sock_hash_delete_elem+0xac/0x2f0 [ 49.614006][ T1280] bpf_prog_2c29ac5cdc6b1842+0x3a/0x924 [ 49.620331][ T1280] bpf_trace_run3+0x1d1/0x380 [ 49.625823][ T1280] ? bpf_trace_run2+0x340/0x340 [ 49.631690][ T1280] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 49.638688][ T1280] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 49.644596][ T1280] ? _raw_spin_lock+0x40/0x40 [ 49.650281][ T1280] ? __debug_object_init+0x258/0xd30 [ 49.655956][ T1280] enqueue_timer+0x3ae/0x540 [ 49.662995][ T1280] __mod_timer+0xa60/0xeb0 [ 49.667683][ T1280] ? mod_timer_pending+0x20/0x20 [ 49.673650][ T1280] ? lockdep_softirqs_off+0x420/0x420 [ 49.679279][ T1280] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 49.685973][ T1280] ? print_irqtrace_events+0x210/0x210 [ 49.693035][ T1280] schedule_timeout+0x1b4/0x300 [ 49.698554][ T1280] ? console_conditional_schedule+0x40/0x40 [ 49.705071][ T1280] ? update_process_times+0x200/0x200 [ 49.710956][ T1280] rcu_exp_sel_wait_wake+0x7cb/0x1c00 [ 49.717030][ T1280] ? rcu_check_gp_start_stall+0x450/0x450 [ 49.723385][ T1280] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 49.729661][ T1280] ? do_raw_spin_unlock+0x137/0x8b0 [ 49.735420][ T1280] process_one_work+0x8a1/0x10c0 [ 49.741206][ T1280] ? worker_detach_from_pool+0x260/0x260 [ 49.747904][ T1280] ? _raw_spin_lock_irqsave+0x120/0x120 [ 49.754297][ T1280] ? kthread_data+0x4e/0xc0 [ 49.758893][ T1280] ? wq_worker_running+0x97/0x170 [ 49.764373][ T1280] worker_thread+0xaca/0x1280 [ 49.769629][ T1280] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 49.775833][ T1280] kthread+0x3f6/0x4f0 [ 49.782193][ T1280] ? rcu_lock_release+0x20/0x20 [ 49.788385][ T1280] ? kthread_blkcg+0xd0/0xd0 [ 49.793070][ T1280] ret_from_fork+0x1f/0x30 [ 49.797881][ T1280]