Warning: Permanently added '10.128.1.15' (ED25519) to the list of known hosts. executing program executing program executing program [ 66.753429][ T18] [ 66.755831][ T18] ===================================================== [ 66.762756][ T18] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 66.770203][ T18] 6.8.0-syzkaller-05236-g443574b03387 #0 Not tainted [ 66.776873][ T18] ----------------------------------------------------- [ 66.783816][ T18] rcu_exp_gp_kthr/18 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 66.791700][ T18] ffff88802a3ca200 (&stab->lock){+...}-{2:2}, at: sock_map_delete_elem+0x97/0x140 [ 66.800951][ T18] [ 66.800951][ T18] and this task is already holding: [ 66.808317][ T18] ffffffff8e136558 (rcu_node_0){-.-.}-{2:2}, at: sync_rcu_exp_done_unlocked+0xe/0x140 [ 66.817880][ T18] which would create a new lock dependency: [ 66.823762][ T18] (rcu_node_0){-.-.}-{2:2} -> (&stab->lock){+...}-{2:2} [ 66.830817][ T18] [ 66.830817][ T18] but this new dependency connects a HARDIRQ-irq-safe lock: [ 66.840251][ T18] (rcu_node_0){-.-.}-{2:2} [ 66.840272][ T18] [ 66.840272][ T18] ... which became HARDIRQ-irq-safe at: [ 66.852461][ T18] lock_acquire+0x1e4/0x530 [ 66.857042][ T18] _raw_spin_lock_irqsave+0xd5/0x120 [ 66.862409][ T18] rcu_report_exp_cpu_mult+0x27/0x2f0 [ 66.867857][ T18] __flush_smp_call_function_queue+0xb2e/0x15b0 [ 66.874179][ T18] __sysvec_call_function_single+0xa8/0x3e0 [ 66.880155][ T18] sysvec_call_function_single+0x9e/0xc0 [ 66.885876][ T18] asm_sysvec_call_function_single+0x1a/0x20 [ 66.891939][ T18] memset_orig+0x84/0xb0 [ 66.896262][ T18] kasan_unpoison+0x46/0x70 [ 66.900841][ T18] __asan_register_globals+0x3c/0x70 [ 66.906206][ T18] asan.module_ctor+0x15/0x20 [ 66.910969][ T18] do_basic_setup+0x5c/0x90 [ 66.915567][ T18] kernel_init_freeable+0x435/0x5d0 [ 66.920844][ T18] kernel_init+0x1d/0x2a0 [ 66.925271][ T18] ret_from_fork+0x4b/0x80 [ 66.929791][ T18] ret_from_fork_asm+0x1a/0x30 [ 66.934644][ T18] [ 66.934644][ T18] to a HARDIRQ-irq-unsafe lock: [ 66.941662][ T18] (&stab->lock){+...}-{2:2} [ 66.941687][ T18] [ 66.941687][ T18] ... which became HARDIRQ-irq-unsafe at: [ 66.954135][ T18] ... [ 66.954141][ T18] lock_acquire+0x1e4/0x530 [ 66.961285][ T18] _raw_spin_lock_bh+0x35/0x50 [ 66.966147][ T18] sock_map_delete_elem+0x97/0x140 [ 66.971338][ T18] 0xffffffffa0001b26 [ 66.975410][ T18] bpf_trace_run2+0x204/0x420 [ 66.980173][ T18] trace_contention_end+0xd7/0x100 [ 66.985467][ T18] __mutex_lock+0x2e5/0xd70 [ 66.990070][ T18] futex_exit_release+0x34/0x1f0 [ 66.995172][ T18] exit_mm_release+0x1a/0x30 [ 66.999837][ T18] exit_mm+0xb0/0x310 [ 67.003897][ T18] do_exit+0x99e/0x27e0 [ 67.008145][ T18] do_group_exit+0x207/0x2c0 [ 67.012909][ T18] __x64_sys_exit_group+0x3f/0x40 [ 67.018025][ T18] do_syscall_64+0xfb/0x240 [ 67.022611][ T18] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 67.028590][ T18] [ 67.028590][ T18] other info that might help us debug this: [ 67.028590][ T18] [ 67.038815][ T18] Possible interrupt unsafe locking scenario: [ 67.038815][ T18] [ 67.047121][ T18] CPU0 CPU1 [ 67.052471][ T18] ---- ---- [ 67.057829][ T18] lock(&stab->lock); [ 67.061908][ T18] local_irq_disable(); [ 67.068664][ T18] lock(rcu_node_0); [ 67.075163][ T18] lock(&stab->lock); [ 67.081742][ T18] [ 67.085185][ T18] lock(rcu_node_0); [ 67.089347][ T18] [ 67.089347][ T18] *** DEADLOCK *** [ 67.089347][ T18] [ 67.097478][ T18] 2 locks held by rcu_exp_gp_kthr/18: [ 67.102839][ T18] #0: ffffffff8e136558 (rcu_node_0){-.-.}-{2:2}, at: sync_rcu_exp_done_unlocked+0xe/0x140 [ 67.112837][ T18] #1: ffffffff8e131920 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x114/0x420 [ 67.122242][ T18] [ 67.122242][ T18] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 67.132631][ T18] -> (rcu_node_0){-.-.}-{2:2} { [ 67.137497][ T18] IN-HARDIRQ-W at: [ 67.141481][ T18] lock_acquire+0x1e4/0x530 [ 67.147627][ T18] _raw_spin_lock_irqsave+0xd5/0x120 [ 67.154554][ T18] rcu_report_exp_cpu_mult+0x27/0x2f0 [ 67.161564][ T18] __flush_smp_call_function_queue+0xb2e/0x15b0 [ 67.169454][ T18] __sysvec_call_function_single+0xa8/0x3e0 [ 67.177004][ T18] sysvec_call_function_single+0x9e/0xc0 [ 67.184277][ T18] asm_sysvec_call_function_single+0x1a/0x20 [ 67.191999][ T18] memset_orig+0x84/0xb0 [ 67.197924][ T18] kasan_unpoison+0x46/0x70 [ 67.204134][ T18] __asan_register_globals+0x3c/0x70 [ 67.211073][ T18] asan.module_ctor+0x15/0x20 [ 67.217394][ T18] do_basic_setup+0x5c/0x90 [ 67.223552][ T18] kernel_init_freeable+0x435/0x5d0 [ 67.230422][ T18] kernel_init+0x1d/0x2a0 [ 67.236402][ T18] ret_from_fork+0x4b/0x80 [ 67.242467][ T18] ret_from_fork_asm+0x1a/0x30 [ 67.248876][ T18] IN-SOFTIRQ-W at: [ 67.252848][ T18] lock_acquire+0x1e4/0x530 [ 67.259454][ T18] _raw_spin_lock_irqsave+0xd5/0x120 [ 67.266388][ T18] rcu_core+0x3ae/0x1830 [ 67.272368][ T18] __do_softirq+0x2bc/0x943 [ 67.278521][ T18] __irq_exit_rcu+0xf2/0x1c0 [ 67.284774][ T18] irq_exit_rcu+0x9/0x30 [ 67.290707][ T18] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 67.297999][ T18] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 67.305691][ T18] unwind_next_frame+0x8c8/0x2a00 [ 67.312375][ T18] __unwind_start+0x641/0x7c0 [ 67.318703][ T18] arch_stack_walk+0x103/0x1b0 [ 67.325121][ T18] stack_trace_save+0x118/0x1d0 [ 67.331622][ T18] save_stack+0xfb/0x1f0 [ 67.337612][ T18] __set_page_owner+0x29/0x380 [ 67.344063][ T18] post_alloc_hook+0x1ea/0x210 [ 67.350564][ T18] get_page_from_freelist+0x33ea/0x3580 [ 67.357785][ T18] __alloc_pages+0x256/0x680 [ 67.364033][ T18] alloc_slab_page+0x5f/0x160 [ 67.370461][ T18] new_slab+0x84/0x2f0 [ 67.376176][ T18] ___slab_alloc+0xd1b/0x13e0 [ 67.382495][ T18] kmalloc_trace+0x267/0x360 [ 67.388734][ T18] ddebug_add_module+0x88/0x800 [ 67.395236][ T18] dynamic_debug_init+0x205/0x5a0 [ 67.401910][ T18] do_one_initcall+0x238/0x830 [ 67.408325][ T18] do_pre_smp_initcalls+0x57/0xa0 [ 67.414993][ T18] kernel_init_freeable+0x40d/0x5d0 [ 67.421837][ T18] kernel_init+0x1d/0x2a0 [ 67.427941][ T18] ret_from_fork+0x4b/0x80 [ 67.434028][ T18] ret_from_fork_asm+0x1a/0x30 [ 67.440466][ T18] INITIAL USE at: [ 67.444356][ T18] lock_acquire+0x1e4/0x530 [ 67.450414][ T18] _raw_spin_lock_irqsave+0xd5/0x120 [ 67.457286][ T18] rcutree_prepare_cpu+0x71/0x640 [ 67.463872][ T18] rcu_init+0x9b/0x140 [ 67.469504][ T18] start_kernel+0x1f7/0x500 [ 67.475565][ T18] x86_64_start_reservations+0x2a/0x30 [ 67.482596][ T18] x86_64_start_kernel+0x99/0xa0 [ 67.489101][ T18] common_startup_64+0x13e/0x147 [ 67.495614][ T18] } [ 67.498104][ T18] ... key at: [] rcu_init_one.rcu_node_class+0x0/0x20 [ 67.506953][ T18] [ 67.506953][ T18] the dependencies between the lock to be acquired [ 67.506962][ T18] and HARDIRQ-irq-unsafe lock: [ 67.520466][ T18] -> (&stab->lock){+...}-{2:2} { [ 67.525416][ T18] HARDIRQ-ON-W at: [ 67.529391][ T18] lock_acquire+0x1e4/0x530 [ 67.535536][ T18] _raw_spin_lock_bh+0x35/0x50 [ 67.541961][ T18] sock_map_delete_elem+0x97/0x140 [ 67.548752][ T18] 0xffffffffa0001b26 [ 67.554373][ T18] bpf_trace_run2+0x204/0x420 [ 67.560694][ T18] trace_contention_end+0xd7/0x100 [ 67.567468][ T18] __mutex_lock+0x2e5/0xd70 [ 67.573618][ T18] futex_exit_release+0x34/0x1f0 [ 67.580215][ T18] exit_mm_release+0x1a/0x30 [ 67.586462][ T18] exit_mm+0xb0/0x310 [ 67.592092][ T18] do_exit+0x99e/0x27e0 [ 67.597992][ T18] do_group_exit+0x207/0x2c0 [ 67.604316][ T18] __x64_sys_exit_group+0x3f/0x40 [ 67.611025][ T18] do_syscall_64+0xfb/0x240 [ 67.617192][ T18] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 67.624752][ T18] INITIAL USE at: [ 67.628690][ T18] lock_acquire+0x1e4/0x530 [ 67.634766][ T18] _raw_spin_lock_bh+0x35/0x50 [ 67.641124][ T18] sock_map_delete_elem+0x97/0x140 [ 67.647812][ T18] 0xffffffffa0001b26 [ 67.653378][ T18] bpf_trace_run2+0x204/0x420 [ 67.659637][ T18] trace_contention_end+0xd7/0x100 [ 67.666317][ T18] __mutex_lock+0x2e5/0xd70 [ 67.672406][ T18] futex_exit_release+0x34/0x1f0 [ 67.679005][ T18] exit_mm_release+0x1a/0x30 [ 67.685252][ T18] exit_mm+0xb0/0x310 [ 67.690967][ T18] do_exit+0x99e/0x27e0 [ 67.696724][ T18] do_group_exit+0x207/0x2c0 [ 67.702886][ T18] __x64_sys_exit_group+0x3f/0x40 [ 67.709478][ T18] do_syscall_64+0xfb/0x240 [ 67.715663][ T18] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 67.723140][ T18] } [ 67.725635][ T18] ... key at: [] sock_map_alloc.__key+0x0/0x20 [ 67.733958][ T18] ... acquired at: [ 67.737773][ T18] lock_acquire+0x1e4/0x530 [ 67.742464][ T18] _raw_spin_lock_bh+0x35/0x50 [ 67.747413][ T18] sock_map_delete_elem+0x97/0x140 [ 67.752703][ T18] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 67.758347][ T18] bpf_trace_run2+0x204/0x420 [ 67.763210][ T18] trace_contention_end+0xf6/0x120 [ 67.768514][ T18] __pv_queued_spin_lock_slowpath+0x939/0xc60 [ 67.774820][ T18] queued_spin_lock_slowpath+0x42/0x50 [ 67.780477][ T18] do_raw_spin_lock+0x272/0x370 [ 67.785506][ T18] _raw_spin_lock_irqsave+0xe1/0x120 [ 67.791509][ T18] sync_rcu_exp_done_unlocked+0xe/0x140 [ 67.798021][ T18] rcu_exp_sel_wait_wake+0x628/0x1df0 [ 67.803584][ T18] kthread_worker_fn+0x4bf/0xab0 [ 67.808741][ T18] kthread+0x2f0/0x390 [ 67.813002][ T18] ret_from_fork+0x4b/0x80 [ 67.817688][ T18] ret_from_fork_asm+0x1a/0x30 [ 67.822655][ T18] [ 67.824974][ T18] [ 67.824974][ T18] stack backtrace: [ 67.830870][ T18] CPU: 0 PID: 18 Comm: rcu_exp_gp_kthr Not tainted 6.8.0-syzkaller-05236-g443574b03387 #0 [ 67.840755][ T18] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 67.850824][ T18] Call Trace: [ 67.854116][ T18] [ 67.857040][ T18] dump_stack_lvl+0x1e7/0x2e0 [ 67.861715][ T18] ? __pfx_dump_stack_lvl+0x10/0x10 [ 67.866916][ T18] ? __pfx__printk+0x10/0x10 [ 67.871504][ T18] ? print_shortest_lock_dependencies+0xf2/0x160 [ 67.877869][ T18] validate_chain+0x4dc7/0x58e0 [ 67.882759][ T18] ? __pfx_validate_chain+0x10/0x10 [ 67.887981][ T18] ? __pfx_validate_chain+0x10/0x10 [ 67.893190][ T18] ? validate_chain+0x11b/0x58e0 [ 67.898139][ T18] ? validate_chain+0x11b/0x58e0 [ 67.903095][ T18] ? mark_lock+0x9a/0x350 [ 67.907416][ T18] __lock_acquire+0x1346/0x1fd0 [ 67.912274][ T18] lock_acquire+0x1e4/0x530 [ 67.916778][ T18] ? sock_map_delete_elem+0x97/0x140 [ 67.922139][ T18] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 67.927865][ T18] ? __pfx_lock_acquire+0x10/0x10 [ 67.932908][ T18] ? sock_map_delete_elem+0x97/0x140 [ 67.938204][ T18] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 67.944005][ T18] ? __pfx___cant_migrate+0x10/0x10 [ 67.949211][ T18] ? sock_map_delete_elem+0x97/0x140 [ 67.954505][ T18] _raw_spin_lock_bh+0x35/0x50 [ 67.959259][ T18] ? sock_map_delete_elem+0x97/0x140 [ 67.964537][ T18] sock_map_delete_elem+0x97/0x140 [ 67.969658][ T18] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 67.975120][ T18] bpf_trace_run2+0x204/0x420 [ 67.979795][ T18] ? mark_lock+0x9a/0x350 [ 67.984118][ T18] ? bpf_trace_run2+0x114/0x420 [ 67.988956][ T18] ? __pfx_bpf_trace_run2+0x10/0x10 [ 67.994147][ T18] trace_contention_end+0xf6/0x120 [ 67.999272][ T18] __pv_queued_spin_lock_slowpath+0x939/0xc60 [ 68.005358][ T18] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 68.011964][ T18] queued_spin_lock_slowpath+0x42/0x50 [ 68.017421][ T18] do_raw_spin_lock+0x272/0x370 [ 68.022268][ T18] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 68.027638][ T18] _raw_spin_lock_irqsave+0xe1/0x120 [ 68.032918][ T18] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 68.038814][ T18] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 68.044714][ T18] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 68.051044][ T18] sync_rcu_exp_done_unlocked+0xe/0x140 [ 68.056606][ T18] rcu_exp_sel_wait_wake+0x628/0x1df0 [ 68.062162][ T18] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 68.068162][ T18] ? __pfx_rcu_exp_sel_wait_wake+0x10/0x10 [ 68.073998][ T18] ? _raw_spin_lock_irq+0xdf/0x120 [ 68.079129][ T18] kthread_worker_fn+0x4bf/0xab0 [ 68.084548][ T18] ? kthread_worker_fn+0xdc/0xab0 [ 68.090353][ T18] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 68.095640][ T18] ? __pfx_kthread_worker_fn+0x10/0x10 [ 68.101098][ T18] kthread+0x2f0/0x390 [ 68.105168][ T18] ? __pfx_kthread_worker_fn+0x10/0x10 [ 68.110627][ T18] ? __pfx_kthread+0x10/0x10 [ 68.115234][ T18] ret_from_fork+0x4b/0x80 [ 68.119648][ T18] ? __pfx_kthread+0x10/0x10 [ 68.124257][ T18] ret_from_fork_asm+0x1a/0x30 [ 68.129032][ T18]