Warning: Permanently added '10.128.1.160' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program [ 40.052765][ T15] [ 40.055148][ T15] ===================================================== [ 40.062069][ T15] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 40.069513][ T15] 5.15.152-syzkaller #0 Not tainted [ 40.074689][ T15] ----------------------------------------------------- [ 40.081596][ T15] rcu_preempt/15 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 40.089121][ T15] ffff888079dd1020 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xac/0x2f0 [ 40.099378][ T15] [ 40.099378][ T15] and this task is already holding: [ 40.106720][ T15] ffff8880b9b28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 40.115571][ T15] which would create a new lock dependency: [ 40.121438][ T15] (&base->lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 40.129509][ T15] [ 40.129509][ T15] but this new dependency connects a HARDIRQ-irq-safe lock: [ 40.138937][ T15] (&base->lock){-.-.}-{2:2} [ 40.138955][ T15] [ 40.138955][ T15] ... which became HARDIRQ-irq-safe at: [ 40.151204][ T15] lock_acquire+0x1db/0x4f0 [ 40.155782][ T15] _raw_spin_lock_irqsave+0xd1/0x120 [ 40.161137][ T15] lock_timer_base+0x120/0x260 [ 40.165970][ T15] add_timer_on+0x1eb/0x580 [ 40.170548][ T15] handle_irq_event+0x124/0x2b0 [ 40.175470][ T15] handle_edge_irq+0x245/0xbf0 [ 40.180299][ T15] __common_interrupt+0xd7/0x1f0 [ 40.185306][ T15] common_interrupt+0x9f/0xc0 [ 40.190066][ T15] asm_common_interrupt+0x22/0x40 [ 40.195178][ T15] console_unlock+0xe53/0x12b0 [ 40.200023][ T15] vprintk_emit+0xbf/0x150 [ 40.204509][ T15] _printk+0xd1/0x111 [ 40.208567][ T15] spectre_v2_select_mitigation+0x4f7/0x748 [ 40.214529][ T15] cpu_select_mitigations+0x3d/0x8f [ 40.219796][ T15] arch_cpu_finalize_init+0xf/0x81 [ 40.224973][ T15] start_kernel+0x419/0x535 [ 40.229548][ T15] secondary_startup_64_no_verify+0xb1/0xbb [ 40.235509][ T15] [ 40.235509][ T15] to a HARDIRQ-irq-unsafe lock: [ 40.242510][ T15] (&htab->buckets[i].lock){+...}-{2:2} [ 40.242530][ T15] [ 40.242530][ T15] ... which became HARDIRQ-irq-unsafe at: [ 40.255907][ T15] ... [ 40.255913][ T15] lock_acquire+0x1db/0x4f0 [ 40.263047][ T15] _raw_spin_lock_bh+0x31/0x40 [ 40.267880][ T15] sock_hash_free+0x14c/0x780 [ 40.272629][ T15] process_one_work+0x8a1/0x10c0 [ 40.277636][ T15] worker_thread+0xaca/0x1280 [ 40.282380][ T15] kthread+0x3f6/0x4f0 [ 40.286518][ T15] ret_from_fork+0x1f/0x30 [ 40.291001][ T15] [ 40.291001][ T15] other info that might help us debug this: [ 40.291001][ T15] [ 40.301207][ T15] Possible interrupt unsafe locking scenario: [ 40.301207][ T15] [ 40.309508][ T15] CPU0 CPU1 [ 40.314852][ T15] ---- ---- [ 40.320209][ T15] lock(&htab->buckets[i].lock); [ 40.325229][ T15] local_irq_disable(); [ 40.331966][ T15] lock(&base->lock); [ 40.338538][ T15] lock(&htab->buckets[i].lock); [ 40.346061][ T15] [ 40.349495][ T15] lock(&base->lock); [ 40.353715][ T15] [ 40.353715][ T15] *** DEADLOCK *** [ 40.353715][ T15] [ 40.361835][ T15] 2 locks held by rcu_preempt/15: [ 40.366836][ T15] #0: ffff8880b9b28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 40.376129][ T15] #1: ffffffff8c91f720 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 40.385431][ T15] [ 40.385431][ T15] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 40.395834][ T15] -> (&base->lock){-.-.}-{2:2} { [ 40.400767][ T15] IN-HARDIRQ-W at: [ 40.404729][ T15] lock_acquire+0x1db/0x4f0 [ 40.410869][ T15] _raw_spin_lock_irqsave+0xd1/0x120 [ 40.417787][ T15] lock_timer_base+0x120/0x260 [ 40.424184][ T15] add_timer_on+0x1eb/0x580 [ 40.430331][ T15] handle_irq_event+0x124/0x2b0 [ 40.436836][ T15] handle_edge_irq+0x245/0xbf0 [ 40.443235][ T15] __common_interrupt+0xd7/0x1f0 [ 40.449803][ T15] common_interrupt+0x9f/0xc0 [ 40.456109][ T15] asm_common_interrupt+0x22/0x40 [ 40.462770][ T15] console_unlock+0xe53/0x12b0 [ 40.469164][ T15] vprintk_emit+0xbf/0x150 [ 40.475208][ T15] _printk+0xd1/0x111 [ 40.480821][ T15] spectre_v2_select_mitigation+0x4f7/0x748 [ 40.488350][ T15] cpu_select_mitigations+0x3d/0x8f [ 40.495182][ T15] arch_cpu_finalize_init+0xf/0x81 [ 40.501936][ T15] start_kernel+0x419/0x535 [ 40.508087][ T15] secondary_startup_64_no_verify+0xb1/0xbb [ 40.515615][ T15] IN-SOFTIRQ-W at: [ 40.519576][ T15] lock_acquire+0x1db/0x4f0 [ 40.525711][ T15] _raw_spin_lock_irq+0xcf/0x110 [ 40.532283][ T15] __run_timers+0x111/0x890 [ 40.538421][ T15] run_timer_softirq+0x63/0xf0 [ 40.544814][ T15] __do_softirq+0x3b3/0x93a [ 40.550950][ T15] __irq_exit_rcu+0x155/0x240 [ 40.557257][ T15] irq_exit_rcu+0x5/0x20 [ 40.563130][ T15] common_interrupt+0xa4/0xc0 [ 40.569437][ T15] asm_common_interrupt+0x22/0x40 [ 40.576097][ T15] console_unlock+0xe53/0x12b0 [ 40.582493][ T15] vprintk_emit+0xbf/0x150 [ 40.588540][ T15] _printk+0xd1/0x111 [ 40.594157][ T15] print_xstate_feature+0x114/0x11b [ 40.600990][ T15] print_xstate_features+0x19/0x66 [ 40.607737][ T15] setup_init_fpu_buf+0x82/0x20e [ 40.614309][ T15] fpu__init_system_xstate+0x3e4/0x54e [ 40.621401][ T15] fpu__init_system+0x60/0xeb [ 40.627734][ T15] arch_cpu_finalize_init+0x1e/0x81 [ 40.634563][ T15] start_kernel+0x419/0x535 [ 40.640699][ T15] secondary_startup_64_no_verify+0xb1/0xbb [ 40.648228][ T15] INITIAL USE at: [ 40.652103][ T15] lock_acquire+0x1db/0x4f0 [ 40.658149][ T15] _raw_spin_lock_irqsave+0xd1/0x120 [ 40.664981][ T15] lock_timer_base+0x120/0x260 [ 40.671291][ T15] add_timer_on+0x1eb/0x580 [ 40.677347][ T15] handle_irq_event+0x124/0x2b0 [ 40.683742][ T15] handle_edge_irq+0x245/0xbf0 [ 40.690049][ T15] __common_interrupt+0xd7/0x1f0 [ 40.696533][ T15] common_interrupt+0x9f/0xc0 [ 40.702753][ T15] asm_common_interrupt+0x22/0x40 [ 40.709324][ T15] console_unlock+0xe53/0x12b0 [ 40.715635][ T15] vprintk_emit+0xbf/0x150 [ 40.721595][ T15] _printk+0xd1/0x111 [ 40.727123][ T15] spectre_v2_select_mitigation+0x4f7/0x748 [ 40.734564][ T15] cpu_select_mitigations+0x3d/0x8f [ 40.741318][ T15] arch_cpu_finalize_init+0xf/0x81 [ 40.747977][ T15] start_kernel+0x419/0x535 [ 40.754026][ T15] secondary_startup_64_no_verify+0xb1/0xbb [ 40.761466][ T15] } [ 40.763947][ T15] ... key at: [] init_timer_cpu.__key+0x0/0x20 [ 40.772167][ T15] [ 40.772167][ T15] the dependencies between the lock to be acquired [ 40.772175][ T15] and HARDIRQ-irq-unsafe lock: [ 40.785655][ T15] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 40.791546][ T15] HARDIRQ-ON-W at: [ 40.795507][ T15] lock_acquire+0x1db/0x4f0 [ 40.801642][ T15] _raw_spin_lock_bh+0x31/0x40 [ 40.808040][ T15] sock_hash_free+0x14c/0x780 [ 40.814346][ T15] process_one_work+0x8a1/0x10c0 [ 40.820918][ T15] worker_thread+0xaca/0x1280 [ 40.827228][ T15] kthread+0x3f6/0x4f0 [ 40.832927][ T15] ret_from_fork+0x1f/0x30 [ 40.838976][ T15] INITIAL USE at: [ 40.842852][ T15] lock_acquire+0x1db/0x4f0 [ 40.848896][ T15] _raw_spin_lock_bh+0x31/0x40 [ 40.855217][ T15] sock_hash_free+0x14c/0x780 [ 40.861446][ T15] process_one_work+0x8a1/0x10c0 [ 40.867930][ T15] worker_thread+0xaca/0x1280 [ 40.874156][ T15] kthread+0x3f6/0x4f0 [ 40.879770][ T15] ret_from_fork+0x1f/0x30 [ 40.885734][ T15] } [ 40.888212][ T15] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 40.896521][ T15] ... acquired at: [ 40.900307][ T15] lock_acquire+0x1db/0x4f0 [ 40.904972][ T15] _raw_spin_lock_bh+0x31/0x40 [ 40.909893][ T15] sock_hash_delete_elem+0xac/0x2f0 [ 40.915255][ T15] bpf_prog_2e01b746faa822d9+0x42/0xd38 [ 40.920959][ T15] bpf_trace_run3+0x1d1/0x380 [ 40.925798][ T15] enqueue_timer+0x3ae/0x540 [ 40.930723][ T15] __mod_timer+0xa60/0xeb0 [ 40.935298][ T15] schedule_timeout+0x1b4/0x300 [ 40.940307][ T15] rcu_gp_fqs_loop+0x2bf/0x1080 [ 40.945314][ T15] rcu_gp_kthread+0xa4/0x360 [ 40.950060][ T15] kthread+0x3f6/0x4f0 [ 40.954282][ T15] ret_from_fork+0x1f/0x30 [ 40.958857][ T15] [ 40.961163][ T15] [ 40.961163][ T15] stack backtrace: [ 40.967029][ T15] CPU: 1 PID: 15 Comm: rcu_preempt Not tainted 5.15.152-syzkaller #0 [ 40.975074][ T15] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 40.985111][ T15] Call Trace: [ 40.988382][ T15] [ 40.991296][ T15] dump_stack_lvl+0x1e3/0x2cb [ 40.995963][ T15] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 41.001583][ T15] ? panic+0x84d/0x84d [ 41.005642][ T15] ? print_shortest_lock_dependencies+0xee/0x150 [ 41.011960][ T15] validate_chain+0x4d01/0x5930 [ 41.016804][ T15] ? reacquire_held_locks+0x660/0x660 [ 41.022162][ T15] ? register_lock_class+0x100/0x9a0 [ 41.027435][ T15] ? validate_chain+0x112/0x5930 [ 41.032357][ T15] ? is_dynamic_key+0x1f0/0x1f0 [ 41.037194][ T15] ? mark_lock+0x98/0x340 [ 41.041512][ T15] __lock_acquire+0x1295/0x1ff0 [ 41.046354][ T15] lock_acquire+0x1db/0x4f0 [ 41.050840][ T15] ? sock_hash_delete_elem+0xac/0x2f0 [ 41.056199][ T15] ? lockdep_softirqs_on+0x590/0x590 [ 41.061466][ T15] ? read_lock_is_recursive+0x10/0x10 [ 41.066824][ T15] ? sock_hash_delete_elem+0xac/0x2f0 [ 41.072179][ T15] ? __bpf_trace_softirq+0x10/0x10 [ 41.077274][ T15] ? sock_hash_delete_elem+0xac/0x2f0 [ 41.082629][ T15] _raw_spin_lock_bh+0x31/0x40 [ 41.087379][ T15] ? sock_hash_delete_elem+0xac/0x2f0 [ 41.092738][ T15] sock_hash_delete_elem+0xac/0x2f0 [ 41.097923][ T15] bpf_prog_2e01b746faa822d9+0x42/0xd38 [ 41.103454][ T15] bpf_trace_run3+0x1d1/0x380 [ 41.108118][ T15] ? bpf_trace_run2+0x340/0x340 [ 41.112947][ T15] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 41.118824][ T15] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 41.124265][ T15] ? _raw_spin_lock+0x40/0x40 [ 41.128925][ T15] ? __debug_object_init+0x258/0xd30 [ 41.134195][ T15] enqueue_timer+0x3ae/0x540 [ 41.138770][ T15] __mod_timer+0xa60/0xeb0 [ 41.143173][ T15] ? mod_timer_pending+0x20/0x20 [ 41.148093][ T15] ? lockdep_softirqs_off+0x420/0x420 [ 41.153450][ T15] ? do_raw_spin_unlock+0x137/0x8b0 [ 41.158632][ T15] schedule_timeout+0x1b4/0x300 [ 41.163466][ T15] ? console_conditional_schedule+0x40/0x40 [ 41.169341][ T15] ? update_process_times+0x200/0x200 [ 41.174699][ T15] ? prepare_to_swait_event+0x321/0x340 [ 41.180330][ T15] rcu_gp_fqs_loop+0x2bf/0x1080 [ 41.185166][ T15] ? _raw_spin_unlock_irq+0x1f/0x40 [ 41.190349][ T15] ? lockdep_hardirqs_on+0x94/0x130 [ 41.195529][ T15] ? rcu_gp_init+0xdae/0x1140 [ 41.200187][ T15] ? rcu_gp_init+0x1140/0x1140 [ 41.204934][ T15] ? finish_swait+0xc5/0x1d0 [ 41.209506][ T15] rcu_gp_kthread+0xa4/0x360 [ 41.214081][ T15] ? _raw_spin_unlock+0x40/0x40 [ 41.218918][ T15] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 41.224008][ T15] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 41.229884][ T15] ? __kthread_parkme+0x15c/0x1c0 [ 41.234892][ T15] kthread+0x3f6/0x4f0 [ 41.238946][ T15] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 41.244038][ T15] ? kthread_blkcg+0xd0/0xd0 [ 41.248616][ T15] ret_from_fork+0x1f/0x30 [ 41.253016][ T15]