Warning: Permanently added '10.128.0.140' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 58.324418][ T26] [ 58.326789][ T26] ===================================================== [ 58.333708][ T26] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 58.341440][ T26] 6.1.84-syzkaller #0 Not tainted [ 58.346463][ T26] ----------------------------------------------------- [ 58.353818][ T26] kworker/1:1/26 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 58.361438][ T26] ffff888022be7020 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xac/0x2f0 [ 58.371886][ T26] [ 58.371886][ T26] and this task is already holding: [ 58.379325][ T26] ffff8880b9928358 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 58.388223][ T26] which would create a new lock dependency: [ 58.394197][ T26] (&base->lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 58.402548][ T26] [ 58.402548][ T26] but this new dependency connects a HARDIRQ-irq-safe lock: [ 58.412333][ T26] (&base->lock){-.-.}-{2:2} [ 58.412354][ T26] [ 58.412354][ T26] ... which became HARDIRQ-irq-safe at: [ 58.424787][ T26] lock_acquire+0x1f8/0x5a0 [ 58.429579][ T26] _raw_spin_lock_irqsave+0xd1/0x120 [ 58.435515][ T26] lock_timer_base+0x120/0x260 [ 58.440354][ T26] add_timer_on+0x1eb/0x580 [ 58.444934][ T26] handle_irq_event+0xa9/0x1e0 [ 58.449799][ T26] handle_edge_irq+0x245/0xbf0 [ 58.454638][ T26] __common_interrupt+0xd7/0x1f0 [ 58.459762][ T26] common_interrupt+0x9f/0xc0 [ 58.464920][ T26] asm_common_interrupt+0x22/0x40 [ 58.470302][ T26] console_emit_next_record+0xd67/0x1000 [ 58.476220][ T26] console_unlock+0x278/0x7c0 [ 58.480981][ T26] vprintk_emit+0x523/0x740 [ 58.485657][ T26] _printk+0xd1/0x111 [ 58.489713][ T26] cpu_select_mitigations+0x38/0x8f [ 58.495144][ T26] arch_cpu_finalize_init+0xf/0x81 [ 58.500524][ T26] start_kernel+0x423/0x53f [ 58.505113][ T26] secondary_startup_64_no_verify+0xcf/0xdb [ 58.511617][ T26] [ 58.511617][ T26] to a HARDIRQ-irq-unsafe lock: [ 58.518736][ T26] (&htab->buckets[i].lock){+...}-{2:2} [ 58.518777][ T26] [ 58.518777][ T26] ... which became HARDIRQ-irq-unsafe at: [ 58.532537][ T26] ... [ 58.532547][ T26] lock_acquire+0x1f8/0x5a0 [ 58.539722][ T26] _raw_spin_lock_bh+0x31/0x40 [ 58.544670][ T26] sock_hash_free+0x160/0x820 [ 58.549605][ T26] process_one_work+0x8a9/0x11d0 [ 58.554705][ T26] worker_thread+0xa47/0x1200 [ 58.559723][ T26] kthread+0x28d/0x320 [ 58.564598][ T26] ret_from_fork+0x1f/0x30 [ 58.569213][ T26] [ 58.569213][ T26] other info that might help us debug this: [ 58.569213][ T26] [ 58.579888][ T26] Possible interrupt unsafe locking scenario: [ 58.579888][ T26] [ 58.588374][ T26] CPU0 CPU1 [ 58.593913][ T26] ---- ---- [ 58.599260][ T26] lock(&htab->buckets[i].lock); [ 58.604360][ T26] local_irq_disable(); [ 58.611126][ T26] lock(&base->lock); [ 58.617708][ T26] lock(&htab->buckets[i].lock); [ 58.625250][ T26] [ 58.628697][ T26] lock(&base->lock); [ 58.633105][ T26] [ 58.633105][ T26] *** DEADLOCK *** [ 58.633105][ T26] [ 58.641251][ T26] 4 locks held by kworker/1:1/26: [ 58.646266][ T26] #0: ffff888012472138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 58.656632][ T26] #1: ffffc90000a1fd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 58.668191][ T26] #2: ffff8880b9928358 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 58.677661][ T26] #3: ffffffff8d12a980 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0x146/0x440 [ 58.687300][ T26] [ 58.687300][ T26] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 58.697780][ T26] -> (&base->lock){-.-.}-{2:2} { [ 58.702742][ T26] IN-HARDIRQ-W at: [ 58.706706][ T26] lock_acquire+0x1f8/0x5a0 [ 58.712995][ T26] _raw_spin_lock_irqsave+0xd1/0x120 [ 58.720186][ T26] lock_timer_base+0x120/0x260 [ 58.726934][ T26] add_timer_on+0x1eb/0x580 [ 58.733171][ T26] handle_irq_event+0xa9/0x1e0 [ 58.739596][ T26] handle_edge_irq+0x245/0xbf0 [ 58.745999][ T26] __common_interrupt+0xd7/0x1f0 [ 58.752579][ T26] common_interrupt+0x9f/0xc0 [ 58.759007][ T26] asm_common_interrupt+0x22/0x40 [ 58.765673][ T26] console_emit_next_record+0xd67/0x1000 [ 58.773119][ T26] console_unlock+0x278/0x7c0 [ 58.779440][ T26] vprintk_emit+0x523/0x740 [ 58.785599][ T26] _printk+0xd1/0x111 [ 58.791544][ T26] cpu_select_mitigations+0x38/0x8f [ 58.798491][ T26] arch_cpu_finalize_init+0xf/0x81 [ 58.805264][ T26] start_kernel+0x423/0x53f [ 58.811407][ T26] secondary_startup_64_no_verify+0xcf/0xdb [ 58.819698][ T26] IN-SOFTIRQ-W at: [ 58.823666][ T26] lock_acquire+0x1f8/0x5a0 [ 58.829995][ T26] _raw_spin_lock_irq+0xcf/0x110 [ 58.836578][ T26] __run_timers+0x111/0x890 [ 58.842720][ T26] run_timer_softirq+0x63/0xf0 [ 58.849294][ T26] __do_softirq+0x2e9/0xa4c [ 58.855711][ T26] __irq_exit_rcu+0x155/0x240 [ 58.862054][ T26] irq_exit_rcu+0x5/0x20 [ 58.868044][ T26] common_interrupt+0xa4/0xc0 [ 58.874538][ T26] asm_common_interrupt+0x22/0x40 [ 58.881217][ T26] console_emit_next_record+0xd67/0x1000 [ 58.888489][ T26] console_unlock+0x278/0x7c0 [ 58.894838][ T26] vprintk_emit+0x523/0x740 [ 58.901009][ T26] _printk+0xd1/0x111 [ 58.906636][ T26] spectre_v2_user_select_mitigation+0x453/0x47e [ 58.914622][ T26] cpu_select_mitigations+0x47/0x8f [ 58.921651][ T26] arch_cpu_finalize_init+0xf/0x81 [ 58.928548][ T26] start_kernel+0x423/0x53f [ 58.934863][ T26] secondary_startup_64_no_verify+0xcf/0xdb [ 58.942571][ T26] INITIAL USE at: [ 58.946456][ T26] lock_acquire+0x1f8/0x5a0 [ 58.952694][ T26] _raw_spin_lock_irqsave+0xd1/0x120 [ 58.959752][ T26] lock_timer_base+0x120/0x260 [ 58.966090][ T26] add_timer_on+0x1eb/0x580 [ 58.972237][ T26] handle_irq_event+0xa9/0x1e0 [ 58.978771][ T26] handle_edge_irq+0x245/0xbf0 [ 58.985364][ T26] __common_interrupt+0xd7/0x1f0 [ 58.991953][ T26] common_interrupt+0x9f/0xc0 [ 58.998364][ T26] asm_common_interrupt+0x22/0x40 [ 59.005058][ T26] console_emit_next_record+0xd67/0x1000 [ 59.012726][ T26] console_unlock+0x278/0x7c0 [ 59.019686][ T26] vprintk_emit+0x523/0x740 [ 59.025762][ T26] _printk+0xd1/0x111 [ 59.031333][ T26] cpu_select_mitigations+0x38/0x8f [ 59.038097][ T26] arch_cpu_finalize_init+0xf/0x81 [ 59.044783][ T26] start_kernel+0x423/0x53f [ 59.050869][ T26] secondary_startup_64_no_verify+0xcf/0xdb [ 59.058346][ T26] } [ 59.060936][ T26] ... key at: [] init_timer_cpu.__key+0x0/0x20 [ 59.069228][ T26] [ 59.069228][ T26] the dependencies between the lock to be acquired [ 59.069238][ T26] and HARDIRQ-irq-unsafe lock: [ 59.083090][ T26] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 59.088995][ T26] HARDIRQ-ON-W at: [ 59.093095][ T26] lock_acquire+0x1f8/0x5a0 [ 59.099280][ T26] _raw_spin_lock_bh+0x31/0x40 [ 59.105871][ T26] sock_hash_free+0x160/0x820 [ 59.112456][ T26] process_one_work+0x8a9/0x11d0 [ 59.119121][ T26] worker_thread+0xa47/0x1200 [ 59.125608][ T26] kthread+0x28d/0x320 [ 59.131319][ T26] ret_from_fork+0x1f/0x30 [ 59.137464][ T26] INITIAL USE at: [ 59.141349][ T26] lock_acquire+0x1f8/0x5a0 [ 59.147427][ T26] _raw_spin_lock_bh+0x31/0x40 [ 59.153982][ T26] sock_hash_free+0x160/0x820 [ 59.160331][ T26] process_one_work+0x8a9/0x11d0 [ 59.166928][ T26] worker_thread+0xa47/0x1200 [ 59.173200][ T26] kthread+0x28d/0x320 [ 59.178855][ T26] ret_from_fork+0x1f/0x30 [ 59.184853][ T26] } [ 59.187451][ T26] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 59.196976][ T26] ... acquired at: [ 59.200808][ T26] lock_acquire+0x1f8/0x5a0 [ 59.205573][ T26] _raw_spin_lock_bh+0x31/0x40 [ 59.210502][ T26] sock_hash_delete_elem+0xac/0x2f0 [ 59.215871][ T26] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 59.221523][ T26] bpf_trace_run3+0x231/0x440 [ 59.226406][ T26] enqueue_timer+0x440/0x600 [ 59.231179][ T26] __mod_timer+0x92b/0xee0 [ 59.235948][ T26] schedule_timeout+0x1b4/0x300 [ 59.240978][ T26] rcu_exp_sel_wait_wake+0x764/0x1d50 [ 59.246557][ T26] process_one_work+0x8a9/0x11d0 [ 59.251693][ T26] worker_thread+0xa47/0x1200 [ 59.256575][ T26] kthread+0x28d/0x320 [ 59.260848][ T26] ret_from_fork+0x1f/0x30 [ 59.265509][ T26] [ 59.268174][ T26] [ 59.268174][ T26] stack backtrace: [ 59.274220][ T26] CPU: 1 PID: 26 Comm: kworker/1:1 Not tainted 6.1.84-syzkaller #0 [ 59.282187][ T26] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 59.292328][ T26] Workqueue: rcu_gp wait_rcu_exp_gp [ 59.297832][ T26] Call Trace: [ 59.301116][ T26] [ 59.304049][ T26] dump_stack_lvl+0x1e3/0x2cb [ 59.308757][ T26] ? nf_tcp_handle_invalid+0x642/0x642 [ 59.314216][ T26] ? panic+0x75d/0x75d [ 59.318272][ T26] ? print_shortest_lock_dependencies+0xee/0x150 [ 59.324596][ T26] validate_chain+0x4d16/0x5950 [ 59.329452][ T26] ? reacquire_held_locks+0x660/0x660 [ 59.334830][ T26] ? reacquire_held_locks+0x660/0x660 [ 59.340196][ T26] ? reacquire_held_locks+0x660/0x660 [ 59.345581][ T26] ? reacquire_held_locks+0x660/0x660 [ 59.350946][ T26] ? register_lock_class+0x100/0x990 [ 59.356310][ T26] ? validate_chain+0x112/0x5950 [ 59.361324][ T26] ? is_dynamic_key+0x260/0x260 [ 59.366274][ T26] ? mark_lock+0x9a/0x340 [ 59.370783][ T26] __lock_acquire+0x125b/0x1f80 [ 59.375829][ T26] lock_acquire+0x1f8/0x5a0 [ 59.380418][ T26] ? sock_hash_delete_elem+0xac/0x2f0 [ 59.386009][ T26] ? lockdep_softirqs_on+0x590/0x590 [ 59.391641][ T26] ? read_lock_is_recursive+0x10/0x10 [ 59.397184][ T26] ? sock_hash_delete_elem+0xac/0x2f0 [ 59.402901][ T26] ? __bpf_trace_softirq+0x10/0x10 [ 59.408210][ T26] ? read_lock_is_recursive+0x10/0x10 [ 59.413790][ T26] ? sock_hash_delete_elem+0xac/0x2f0 [ 59.419477][ T26] _raw_spin_lock_bh+0x31/0x40 [ 59.424353][ T26] ? sock_hash_delete_elem+0xac/0x2f0 [ 59.429810][ T26] sock_hash_delete_elem+0xac/0x2f0 [ 59.435099][ T26] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 59.440550][ T26] bpf_trace_run3+0x231/0x440 [ 59.445428][ T26] ? bpf_trace_run3+0x146/0x440 [ 59.450445][ T26] ? bpf_trace_run2+0x410/0x410 [ 59.455373][ T26] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 59.461348][ T26] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 59.466919][ T26] ? _raw_spin_lock+0x40/0x40 [ 59.471725][ T26] enqueue_timer+0x440/0x600 [ 59.476341][ T26] __mod_timer+0x92b/0xee0 [ 59.480767][ T26] ? mod_timer_pending+0x20/0x20 [ 59.486041][ T26] ? lockdep_softirqs_off+0x420/0x420 [ 59.491424][ T26] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 59.497308][ T26] ? _raw_spin_unlock+0x40/0x40 [ 59.502274][ T26] schedule_timeout+0x1b4/0x300 [ 59.507115][ T26] ? console_conditional_schedule+0x40/0x40 [ 59.513085][ T26] ? update_process_times+0x1b0/0x1b0 [ 59.518456][ T26] rcu_exp_sel_wait_wake+0x764/0x1d50 [ 59.523827][ T26] ? read_lock_is_recursive+0x10/0x10 [ 59.529261][ T26] ? rcu_check_gp_start_stall+0x450/0x450 [ 59.535002][ T26] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 59.540980][ T26] ? do_raw_spin_unlock+0x137/0x8a0 [ 59.546175][ T26] ? process_one_work+0x7a9/0x11d0 [ 59.551381][ T26] process_one_work+0x8a9/0x11d0 [ 59.556453][ T26] ? worker_detach_from_pool+0x260/0x260 [ 59.562091][ T26] ? _raw_spin_lock_irqsave+0x120/0x120 [ 59.567726][ T26] ? kthread_data+0x4e/0xc0 [ 59.572231][ T26] ? wq_worker_running+0x97/0x190 [ 59.577270][ T26] worker_thread+0xa47/0x1200 [ 59.582379][ T26] ? _raw_spin_unlock+0x40/0x40 [ 59.587224][ T26] kthread+0x28d/0x320 [ 59.591373][ T26] ? worker_clr_flags+0x190/0x190 [ 59.596595][ T26] ? kthread_blkcg+0xd0/0xd0 [ 59.601179][ T26] ret_from_fork+0x1f/0x30 [ 59.605613][ T26]