Warning: Permanently added '10.128.0.101' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 49.187840][ T13] [ 49.191016][ T13] ===================================================== [ 49.198299][ T13] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 49.207026][ T13] 5.15.153-syzkaller #0 Not tainted [ 49.213152][ T13] ----------------------------------------------------- [ 49.220717][ T13] kworker/0:1/13 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 49.228427][ T13] ffff88802394d020 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xac/0x2f0 [ 49.239612][ T13] [ 49.239612][ T13] and this task is already holding: [ 49.247704][ T13] ffff8880b9a28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 49.258394][ T13] which would create a new lock dependency: [ 49.265533][ T13] (&base->lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 49.274742][ T13] [ 49.274742][ T13] but this new dependency connects a HARDIRQ-irq-safe lock: [ 49.284775][ T13] (&base->lock){-.-.}-{2:2} [ 49.284805][ T13] [ 49.284805][ T13] ... which became HARDIRQ-irq-safe at: [ 49.297634][ T13] lock_acquire+0x1db/0x4f0 [ 49.302408][ T13] _raw_spin_lock_irqsave+0xd1/0x120 [ 49.308225][ T13] lock_timer_base+0x120/0x260 [ 49.313852][ T13] add_timer_on+0x1eb/0x580 [ 49.318900][ T13] handle_irq_event+0x124/0x2b0 [ 49.324457][ T13] handle_level_irq+0x3ab/0x6c0 [ 49.329558][ T13] __common_interrupt+0xd7/0x1f0 [ 49.334811][ T13] common_interrupt+0x9f/0xc0 [ 49.339570][ T13] asm_common_interrupt+0x22/0x40 [ 49.345013][ T13] console_unlock+0xe53/0x12b0 [ 49.350096][ T13] vprintk_emit+0xbf/0x150 [ 49.355275][ T13] _printk+0xd1/0x111 [ 49.359389][ T13] apic_intr_mode_init+0x50/0x9b [ 49.364493][ T13] x86_late_time_init+0x74/0x86 [ 49.369656][ T13] start_kernel+0x40a/0x535 [ 49.374424][ T13] secondary_startup_64_no_verify+0xb1/0xbb [ 49.380411][ T13] [ 49.380411][ T13] to a HARDIRQ-irq-unsafe lock: [ 49.387520][ T13] (&htab->buckets[i].lock){+...}-{2:2} [ 49.387557][ T13] [ 49.387557][ T13] ... which became HARDIRQ-irq-unsafe at: [ 49.401288][ T13] ... [ 49.401300][ T13] lock_acquire+0x1db/0x4f0 [ 49.408716][ T13] _raw_spin_lock_bh+0x31/0x40 [ 49.413727][ T13] sock_hash_free+0x14c/0x780 [ 49.418748][ T13] process_one_work+0x8a1/0x10c0 [ 49.424202][ T13] worker_thread+0xaca/0x1280 [ 49.428981][ T13] kthread+0x3f6/0x4f0 [ 49.433664][ T13] ret_from_fork+0x1f/0x30 [ 49.438420][ T13] [ 49.438420][ T13] other info that might help us debug this: [ 49.438420][ T13] [ 49.448994][ T13] Possible interrupt unsafe locking scenario: [ 49.448994][ T13] [ 49.457642][ T13] CPU0 CPU1 [ 49.462996][ T13] ---- ---- [ 49.468604][ T13] lock(&htab->buckets[i].lock); [ 49.473888][ T13] local_irq_disable(); [ 49.480976][ T13] lock(&base->lock); [ 49.488083][ T13] lock(&htab->buckets[i].lock); [ 49.497366][ T13] [ 49.501371][ T13] lock(&base->lock); [ 49.506047][ T13] [ 49.506047][ T13] *** DEADLOCK *** [ 49.506047][ T13] [ 49.516246][ T13] 4 locks held by kworker/0:1/13: [ 49.521820][ T13] #0: ffff888011c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0 [ 49.532723][ T13] #1: ffffc90000d27d20 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0 [ 49.544410][ T13] #2: ffff8880b9a28098 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x120/0x260 [ 49.553978][ T13] #3: ffffffff8c91f720 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 49.563997][ T13] [ 49.563997][ T13] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 49.576218][ T13] -> (&base->lock){-.-.}-{2:2} { [ 49.581276][ T13] IN-HARDIRQ-W at: [ 49.585244][ T13] lock_acquire+0x1db/0x4f0 [ 49.591473][ T13] _raw_spin_lock_irqsave+0xd1/0x120 [ 49.598532][ T13] lock_timer_base+0x120/0x260 [ 49.605021][ T13] add_timer_on+0x1eb/0x580 [ 49.611606][ T13] handle_irq_event+0x124/0x2b0 [ 49.618945][ T13] handle_level_irq+0x3ab/0x6c0 [ 49.626022][ T13] __common_interrupt+0xd7/0x1f0 [ 49.632613][ T13] common_interrupt+0x9f/0xc0 [ 49.638967][ T13] asm_common_interrupt+0x22/0x40 [ 49.645725][ T13] console_unlock+0xe53/0x12b0 [ 49.652435][ T13] vprintk_emit+0xbf/0x150 [ 49.658500][ T13] _printk+0xd1/0x111 [ 49.664677][ T13] apic_intr_mode_init+0x50/0x9b [ 49.671455][ T13] x86_late_time_init+0x74/0x86 [ 49.677949][ T13] start_kernel+0x40a/0x535 [ 49.684106][ T13] secondary_startup_64_no_verify+0xb1/0xbb [ 49.691651][ T13] IN-SOFTIRQ-W at: [ 49.695630][ T13] lock_acquire+0x1db/0x4f0 [ 49.701889][ T13] _raw_spin_lock_irq+0xcf/0x110 [ 49.708928][ T13] __run_timers+0x111/0x890 [ 49.715069][ T13] run_timer_softirq+0x63/0xf0 [ 49.721846][ T13] __do_softirq+0x3b3/0x93a [ 49.728228][ T13] __irq_exit_rcu+0x155/0x240 [ 49.734825][ T13] irq_exit_rcu+0x5/0x20 [ 49.740727][ T13] common_interrupt+0xa4/0xc0 [ 49.747588][ T13] asm_common_interrupt+0x22/0x40 [ 49.755742][ T13] console_unlock+0xe53/0x12b0 [ 49.762276][ T13] vprintk_emit+0xbf/0x150 [ 49.768828][ T13] _printk+0xd1/0x111 [ 49.774586][ T13] cpu_select_mitigations+0x38/0x8f [ 49.781430][ T13] arch_cpu_finalize_init+0xf/0x81 [ 49.788268][ T13] start_kernel+0x419/0x535 [ 49.794849][ T13] secondary_startup_64_no_verify+0xb1/0xbb [ 49.802469][ T13] INITIAL USE at: [ 49.806351][ T13] lock_acquire+0x1db/0x4f0 [ 49.812487][ T13] _raw_spin_lock_irqsave+0xd1/0x120 [ 49.819320][ T13] lock_timer_base+0x120/0x260 [ 49.825808][ T13] add_timer_on+0x1eb/0x580 [ 49.831961][ T13] handle_irq_event+0x124/0x2b0 [ 49.838941][ T13] handle_level_irq+0x3ab/0x6c0 [ 49.845811][ T13] __common_interrupt+0xd7/0x1f0 [ 49.852411][ T13] common_interrupt+0x9f/0xc0 [ 49.858815][ T13] asm_common_interrupt+0x22/0x40 [ 49.866194][ T13] console_unlock+0xe53/0x12b0 [ 49.872795][ T13] vprintk_emit+0xbf/0x150 [ 49.879566][ T13] _printk+0xd1/0x111 [ 49.885750][ T13] apic_intr_mode_init+0x50/0x9b [ 49.893206][ T13] x86_late_time_init+0x74/0x86 [ 49.900744][ T13] start_kernel+0x40a/0x535 [ 49.907958][ T13] secondary_startup_64_no_verify+0xb1/0xbb [ 49.916274][ T13] } [ 49.918985][ T13] ... key at: [] init_timer_cpu.__key+0x0/0x20 [ 49.927588][ T13] [ 49.927588][ T13] the dependencies between the lock to be acquired [ 49.927599][ T13] and HARDIRQ-irq-unsafe lock: [ 49.941263][ T13] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 49.947676][ T13] HARDIRQ-ON-W at: [ 49.951636][ T13] lock_acquire+0x1db/0x4f0 [ 49.957948][ T13] _raw_spin_lock_bh+0x31/0x40 [ 49.964520][ T13] sock_hash_free+0x14c/0x780 [ 49.970918][ T13] process_one_work+0x8a1/0x10c0 [ 49.977714][ T13] worker_thread+0xaca/0x1280 [ 49.984802][ T13] kthread+0x3f6/0x4f0 [ 49.990533][ T13] ret_from_fork+0x1f/0x30 [ 49.996859][ T13] INITIAL USE at: [ 50.000877][ T13] lock_acquire+0x1db/0x4f0 [ 50.007687][ T13] _raw_spin_lock_bh+0x31/0x40 [ 50.014211][ T13] sock_hash_free+0x14c/0x780 [ 50.020555][ T13] process_one_work+0x8a1/0x10c0 [ 50.027066][ T13] worker_thread+0xaca/0x1280 [ 50.033407][ T13] kthread+0x3f6/0x4f0 [ 50.040688][ T13] ret_from_fork+0x1f/0x30 [ 50.046760][ T13] } [ 50.049504][ T13] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 50.058697][ T13] ... acquired at: [ 50.062672][ T13] lock_acquire+0x1db/0x4f0 [ 50.067897][ T13] _raw_spin_lock_bh+0x31/0x40 [ 50.073667][ T13] sock_hash_delete_elem+0xac/0x2f0 [ 50.079978][ T13] bpf_prog_2c29ac5cdc6b1842+0x3a/0x340 [ 50.086838][ T13] bpf_trace_run3+0x1d1/0x380 [ 50.091721][ T13] enqueue_timer+0x3ae/0x540 [ 50.097292][ T13] __mod_timer+0xa60/0xeb0 [ 50.102153][ T13] schedule_timeout+0x1b4/0x300 [ 50.107166][ T13] rcu_exp_sel_wait_wake+0x7cb/0x1c00 [ 50.113037][ T13] process_one_work+0x8a1/0x10c0 [ 50.118445][ T13] worker_thread+0xaca/0x1280 [ 50.123623][ T13] kthread+0x3f6/0x4f0 [ 50.128040][ T13] ret_from_fork+0x1f/0x30 [ 50.132627][ T13] [ 50.134932][ T13] [ 50.134932][ T13] stack backtrace: [ 50.140893][ T13] CPU: 0 PID: 13 Comm: kworker/0:1 Not tainted 5.15.153-syzkaller #0 [ 50.149207][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 50.159510][ T13] Workqueue: rcu_gp wait_rcu_exp_gp [ 50.164817][ T13] Call Trace: [ 50.168085][ T13] [ 50.171005][ T13] dump_stack_lvl+0x1e3/0x2cb [ 50.175847][ T13] ? io_uring_drop_tctx_refs+0x19d/0x19d [ 50.181494][ T13] ? panic+0x84d/0x84d [ 50.185815][ T13] ? print_shortest_lock_dependencies+0xee/0x150 [ 50.192217][ T13] validate_chain+0x4d01/0x5930 [ 50.197597][ T13] ? reacquire_held_locks+0x660/0x660 [ 50.203326][ T13] ? register_lock_class+0x100/0x9a0 [ 50.208717][ T13] ? validate_chain+0x112/0x5930 [ 50.213832][ T13] ? is_dynamic_key+0x1f0/0x1f0 [ 50.218792][ T13] ? mark_lock+0x98/0x340 [ 50.223194][ T13] __lock_acquire+0x1295/0x1ff0 [ 50.228121][ T13] lock_acquire+0x1db/0x4f0 [ 50.232742][ T13] ? sock_hash_delete_elem+0xac/0x2f0 [ 50.238542][ T13] ? lockdep_softirqs_on+0x590/0x590 [ 50.244074][ T13] ? read_lock_is_recursive+0x10/0x10 [ 50.249531][ T13] ? sock_hash_delete_elem+0xac/0x2f0 [ 50.254988][ T13] ? __bpf_trace_softirq+0x10/0x10 [ 50.260089][ T13] ? sock_hash_delete_elem+0xac/0x2f0 [ 50.266001][ T13] _raw_spin_lock_bh+0x31/0x40 [ 50.270929][ T13] ? sock_hash_delete_elem+0xac/0x2f0 [ 50.276927][ T13] sock_hash_delete_elem+0xac/0x2f0 [ 50.282412][ T13] bpf_prog_2c29ac5cdc6b1842+0x3a/0x340 [ 50.287946][ T13] bpf_trace_run3+0x1d1/0x380 [ 50.292955][ T13] ? bpf_trace_run2+0x340/0x340 [ 50.299719][ T13] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 50.305803][ T13] ? _raw_spin_lock_irqsave+0xdd/0x120 [ 50.311522][ T13] ? _raw_spin_lock+0x40/0x40 [ 50.317090][ T13] ? __debug_object_init+0x258/0xd30 [ 50.322450][ T13] enqueue_timer+0x3ae/0x540 [ 50.327643][ T13] __mod_timer+0xa60/0xeb0 [ 50.332059][ T13] ? mod_timer_pending+0x20/0x20 [ 50.337417][ T13] ? lockdep_softirqs_off+0x420/0x420 [ 50.343035][ T13] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 50.349202][ T13] ? print_irqtrace_events+0x210/0x210 [ 50.355282][ T13] schedule_timeout+0x1b4/0x300 [ 50.360554][ T13] ? console_conditional_schedule+0x40/0x40 [ 50.366693][ T13] ? update_process_times+0x200/0x200 [ 50.372447][ T13] rcu_exp_sel_wait_wake+0x7cb/0x1c00 [ 50.378610][ T13] ? rcu_check_gp_start_stall+0x450/0x450 [ 50.385296][ T13] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 50.392884][ T13] ? do_raw_spin_unlock+0x137/0x8b0 [ 50.398829][ T13] process_one_work+0x8a1/0x10c0 [ 50.404410][ T13] ? worker_detach_from_pool+0x260/0x260 [ 50.410414][ T13] ? _raw_spin_lock_irqsave+0x120/0x120 [ 50.416693][ T13] ? kthread_data+0x4e/0xc0 [ 50.422790][ T13] ? wq_worker_running+0x97/0x170 [ 50.428420][ T13] worker_thread+0xaca/0x1280 [ 50.434612][ T13] kthread+0x3f6/0x4f0 [ 50.439760][ T13] ? rcu_lock_release+0x20/0x20 [ 50.445498][ T13] ? kthread_blkcg+0xd0/0xd0 [ 50.450734][ T13] ret_from_fork+0x1f/0x30 [ 50.455705][ T13]