DUID 00:04:f1:66:da:08:a6:3b:05:18:d9:3c:3a:43:08:27:7f:45 forked to background, child pid 3172 [ 26.214784][ T3173] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.225286][ T3173] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.85' (ED25519) to the list of known hosts. executing program executing program executing program executing program syzkaller login: [ 48.465310][ T0] [ 48.467792][ T0] ===================================================== [ 48.475614][ T0] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 48.484476][ T0] 5.15.153-syzkaller #0 Not tainted [ 48.489933][ T0] ----------------------------------------------------- [ 48.498452][ T0] swapper/0/0 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 48.506197][ T0] ffff888023368468 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xac/0x2f0 [ 48.517634][ T0] [ 48.517634][ T0] and this task is already holding: [ 48.525250][ T0] ffff8880b9a3a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 48.535601][ T0] which would create a new lock dependency: [ 48.541865][ T0] (&rq->__lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 48.550287][ T0] [ 48.550287][ T0] but this new dependency connects a HARDIRQ-irq-safe lock: [ 48.561564][ T0] (&rq->__lock){-.-.}-{2:2} [ 48.561586][ T0] [ 48.561586][ T0] ... which became HARDIRQ-irq-safe at: [ 48.576885][ T0] lock_acquire+0x1db/0x4f0 [ 48.587870][ T0] _raw_spin_lock_nested+0x2d/0x40 [ 48.593649][ T0] raw_spin_rq_lock_nested+0x26/0x140 [ 48.599209][ T0] scheduler_tick+0x97/0x500 [ 48.604405][ T0] update_process_times+0x1ca/0x200 [ 48.610003][ T0] tick_periodic+0x197/0x210 [ 48.615200][ T0] tick_handle_periodic+0x46/0x150 [ 48.620569][ T0] timer_interrupt+0x4d/0x60 [ 48.625738][ T0] __handle_irq_event_percpu+0x292/0xa70 [ 48.631817][ T0] handle_irq_event+0xff/0x2b0 [ 48.636852][ T0] handle_level_irq+0x3ab/0x6c0 [ 48.642042][ T0] __common_interrupt+0xd7/0x1f0 [ 48.647165][ T0] common_interrupt+0x9f/0xc0 [ 48.651914][ T0] asm_common_interrupt+0x22/0x40 [ 48.657206][ T0] _raw_spin_unlock_irqrestore+0xd4/0x130 [ 48.663207][ T0] __setup_irq+0x1302/0x1d90 [ 48.668073][ T0] request_threaded_irq+0x2a7/0x380 [ 48.673486][ T0] setup_default_timer_irq+0x1f/0x30 [ 48.679061][ T0] x86_late_time_init+0x51/0x86 [ 48.684628][ T0] start_kernel+0x40a/0x535 [ 48.690605][ T0] secondary_startup_64_no_verify+0xb1/0xbb [ 48.698467][ T0] [ 48.698467][ T0] to a HARDIRQ-irq-unsafe lock: [ 48.706480][ T0] (&htab->buckets[i].lock){+...}-{2:2} [ 48.706506][ T0] [ 48.706506][ T0] ... which became HARDIRQ-irq-unsafe at: [ 48.721659][ T0] ... [ 48.721675][ T0] lock_acquire+0x1db/0x4f0 [ 48.731011][ T0] _raw_spin_lock_bh+0x31/0x40 [ 48.736521][ T0] sock_hash_free+0x14c/0x780 [ 48.742224][ T0] process_one_work+0x8a1/0x10c0 [ 48.748411][ T0] worker_thread+0xaca/0x1280 [ 48.753255][ T0] kthread+0x3f6/0x4f0 [ 48.757896][ T0] ret_from_fork+0x1f/0x30 [ 48.763409][ T0] [ 48.763409][ T0] other info that might help us debug this: [ 48.763409][ T0] [ 48.774440][ T0] Possible interrupt unsafe locking scenario: [ 48.774440][ T0] [ 48.785132][ T0] CPU0 CPU1 [ 48.791567][ T0] ---- ---- [ 48.797464][ T0] lock(&htab->buckets[i].lock); [ 48.802855][ T0] local_irq_disable(); [ 48.810506][ T0] lock(&rq->__lock); [ 48.817280][ T0] lock(&htab->buckets[i].lock); [ 48.825261][ T0] [ 48.829998][ T0] lock(&rq->__lock); [ 48.835925][ T0] [ 48.835925][ T0] *** DEADLOCK *** [ 48.835925][ T0] [ 48.844430][ T0] 2 locks held by swapper/0/0: [ 48.849706][ T0] #0: ffff8880b9a3a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 48.861701][ T0] #1: ffffffff8c91f720 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 48.871667][ T0] [ 48.871667][ T0] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 48.882687][ T0] -> (&rq->__lock){-.-.}-{2:2} { [ 48.888544][ T0] IN-HARDIRQ-W at: [ 48.892758][ T0] lock_acquire+0x1db/0x4f0 [ 48.899349][ T0] _raw_spin_lock_nested+0x2d/0x40 [ 48.906202][ T0] raw_spin_rq_lock_nested+0x26/0x140 [ 48.913797][ T0] scheduler_tick+0x97/0x500 [ 48.921451][ T0] update_process_times+0x1ca/0x200 [ 48.928942][ T0] tick_periodic+0x197/0x210 [ 48.935433][ T0] tick_handle_periodic+0x46/0x150 [ 48.942425][ T0] timer_interrupt+0x4d/0x60 [ 48.948947][ T0] __handle_irq_event_percpu+0x292/0xa70 [ 48.956545][ T0] handle_irq_event+0xff/0x2b0 [ 48.963149][ T0] handle_level_irq+0x3ab/0x6c0 [ 48.971167][ T0] __common_interrupt+0xd7/0x1f0 [ 48.978485][ T0] common_interrupt+0x9f/0xc0 [ 48.985196][ T0] asm_common_interrupt+0x22/0x40 [ 48.992079][ T0] _raw_spin_unlock_irqrestore+0xd4/0x130 [ 48.999778][ T0] __setup_irq+0x1302/0x1d90 [ 49.006101][ T0] request_threaded_irq+0x2a7/0x380 [ 49.013492][ T0] setup_default_timer_irq+0x1f/0x30 [ 49.021431][ T0] x86_late_time_init+0x51/0x86 [ 49.028339][ T0] start_kernel+0x40a/0x535 [ 49.034664][ T0] secondary_startup_64_no_verify+0xb1/0xbb [ 49.042225][ T0] IN-SOFTIRQ-W at: [ 49.046305][ T0] lock_acquire+0x1db/0x4f0 [ 49.054473][ T0] _raw_spin_lock_nested+0x2d/0x40 [ 49.062895][ T0] raw_spin_rq_lock_nested+0x26/0x140 [ 49.070105][ T0] try_to_wake_up+0x6dd/0x1300 [ 49.076848][ T0] call_timer_fn+0x16d/0x560 [ 49.083622][ T0] __run_timers+0x67c/0x890 [ 49.090054][ T0] run_timer_softirq+0x63/0xf0 [ 49.097174][ T0] __do_softirq+0x3b3/0x93a [ 49.103856][ T0] __irq_exit_rcu+0x155/0x240 [ 49.110534][ T0] irq_exit_rcu+0x5/0x20 [ 49.116710][ T0] sysvec_apic_timer_interrupt+0x91/0xb0 [ 49.124568][ T0] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 49.133230][ T0] default_idle+0xb/0x10 [ 49.140056][ T0] default_idle_call+0x81/0xc0 [ 49.147453][ T0] do_idle+0x271/0x670 [ 49.153969][ T0] cpu_startup_entry+0x14/0x20 [ 49.160625][ T0] start_kernel+0x48c/0x535 [ 49.166911][ T0] secondary_startup_64_no_verify+0xb1/0xbb [ 49.174634][ T0] INITIAL USE at: [ 49.178525][ T0] lock_acquire+0x1db/0x4f0 [ 49.185169][ T0] _raw_spin_lock_nested+0x2d/0x40 [ 49.192230][ T0] raw_spin_rq_lock_nested+0x26/0x140 [ 49.199187][ T0] rq_attach_root+0xec/0x440 [ 49.205594][ T0] sched_init+0x6a4/0xbdd [ 49.211907][ T0] start_kernel+0x1b6/0x535 [ 49.218128][ T0] secondary_startup_64_no_verify+0xb1/0xbb [ 49.226358][ T0] } [ 49.228841][ T0] ... key at: [] sched_init.__key+0x0/0x20 [ 49.236824][ T0] [ 49.236824][ T0] the dependencies between the lock to be acquired [ 49.236832][ T0] and HARDIRQ-irq-unsafe lock: [ 49.250896][ T0] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 49.256975][ T0] HARDIRQ-ON-W at: [ 49.261003][ T0] lock_acquire+0x1db/0x4f0 [ 49.267230][ T0] _raw_spin_lock_bh+0x31/0x40 [ 49.274603][ T0] sock_hash_free+0x14c/0x780 [ 49.281318][ T0] process_one_work+0x8a1/0x10c0 [ 49.288355][ T0] worker_thread+0xaca/0x1280 [ 49.294958][ T0] kthread+0x3f6/0x4f0 [ 49.301089][ T0] ret_from_fork+0x1f/0x30 [ 49.307289][ T0] INITIAL USE at: [ 49.311396][ T0] lock_acquire+0x1db/0x4f0 [ 49.317983][ T0] _raw_spin_lock_bh+0x31/0x40 [ 49.324401][ T0] sock_hash_free+0x14c/0x780 [ 49.331903][ T0] process_one_work+0x8a1/0x10c0 [ 49.341091][ T0] worker_thread+0xaca/0x1280 [ 49.349592][ T0] kthread+0x3f6/0x4f0 [ 49.355668][ T0] ret_from_fork+0x1f/0x30 [ 49.362265][ T0] } [ 49.364819][ T0] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 49.373276][ T0] ... acquired at: [ 49.377337][ T0] lock_acquire+0x1db/0x4f0 [ 49.382360][ T0] _raw_spin_lock_bh+0x31/0x40 [ 49.387452][ T0] sock_hash_delete_elem+0xac/0x2f0 [ 49.392991][ T0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x6d0 [ 49.403644][ T0] bpf_trace_run3+0x1d1/0x380 [ 49.409041][ T0] __schedule+0x1e8d/0x45b0 [ 49.414828][ T0] schedule_idle+0x4a/0x90 [ 49.420223][ T0] do_idle+0x61e/0x670 [ 49.424740][ T0] cpu_startup_entry+0x14/0x20 [ 49.430756][ T0] start_kernel+0x48c/0x535 [ 49.436645][ T0] secondary_startup_64_no_verify+0xb1/0xbb [ 49.443894][ T0] [ 49.446492][ T0] [ 49.446492][ T0] stack backtrace: [ 49.453084][ T0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.15.153-syzkaller #0 [ 49.462096][ T0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 49.472434][ T0] Call Trace: [ 49.475916][ T0] [ 49.478857][ T0] dump_stack_lvl+0x1e3/0x2cb [ 49.483555][ T0] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 49.489199][ T0] ? panic+0x84d/0x84d [ 49.493279][ T0] ? print_shortest_lock_dependencies+0xee/0x150 [ 49.499946][ T0] validate_chain+0x4d01/0x5930 [ 49.504804][ T0] ? reacquire_held_locks+0x660/0x660 [ 49.510281][ T0] ? reacquire_held_locks+0x660/0x660 [ 49.515784][ T0] ? register_lock_class+0x100/0x9a0 [ 49.521511][ T0] ? is_dynamic_key+0x1f0/0x1f0 [ 49.526581][ T0] ? mark_lock+0x98/0x340 [ 49.531068][ T0] __lock_acquire+0x1295/0x1ff0 [ 49.535945][ T0] lock_acquire+0x1db/0x4f0 [ 49.540462][ T0] ? sock_hash_delete_elem+0xac/0x2f0 [ 49.546391][ T0] ? lockdep_softirqs_on+0x590/0x590 [ 49.551783][ T0] ? read_lock_is_recursive+0x10/0x10 [ 49.557247][ T0] ? sock_hash_delete_elem+0xac/0x2f0 [ 49.562990][ T0] ? __bpf_trace_softirq+0x10/0x10 [ 49.568560][ T0] ? sock_hash_delete_elem+0xac/0x2f0 [ 49.574006][ T0] _raw_spin_lock_bh+0x31/0x40 [ 49.578850][ T0] ? sock_hash_delete_elem+0xac/0x2f0 [ 49.584469][ T0] sock_hash_delete_elem+0xac/0x2f0 [ 49.589847][ T0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x6d0 [ 49.596009][ T0] bpf_trace_run3+0x1d1/0x380 [ 49.600886][ T0] ? bpf_trace_run2+0x340/0x340 [ 49.606283][ T0] __schedule+0x1e8d/0x45b0 [ 49.610812][ T0] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 49.616850][ T0] ? print_irqtrace_events+0x210/0x210 [ 49.622371][ T0] ? tick_nohz_idle_exit+0x429/0x550 [ 49.627936][ T0] ? __sched_text_start+0x8/0x8 [ 49.632780][ T0] ? flush_smp_call_function_from_idle+0x13e/0x280 [ 49.639700][ T0] ? generic_smp_call_function_single_interrupt+0x10/0x10 [ 49.646796][ T0] ? tick_nohz_restart_sched_tick+0x200/0x200 [ 49.652855][ T0] ? tick_nohz_idle_got_tick+0x96/0x100 [ 49.658735][ T0] schedule_idle+0x4a/0x90 [ 49.663617][ T0] do_idle+0x61e/0x670 [ 49.667717][ T0] ? idle_inject_timer_fn+0x60/0x60 [ 49.672920][ T0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 49.678893][ T0] cpu_startup_entry+0x14/0x20 [ 49.683863][ T0] ? time_init+0x33/0x33 [ 49.688091][ T0] start_kernel+0x48c/0x535 [ 49.692583][ T0] secondary_startup_64_no_verify+0xb1/0xbb [ 49.698638][ T0]