Warning: Permanently added '10.128.0.46' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program [ 51.189939][ T5064] [ 51.192304][ T5064] ===================================================== [ 51.199228][ T5064] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 51.206671][ T5064] 6.8.0-syzkaller-05236-g443574b03387 #0 Not tainted [ 51.213323][ T5064] ----------------------------------------------------- [ 51.220230][ T5064] syz-executor158/5064 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 51.228279][ T5064] ffff88807e46f8f8 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xb0/0x300 [ 51.238549][ T5064] [ 51.238549][ T5064] and this task is already holding: [ 51.245895][ T5064] ffff8880b952c8d8 (hrtimer_bases.lock){-.-.}-{2:2}, at: hrtimer_start_range_ns+0xdf/0xc60 [ 51.255884][ T5064] which would create a new lock dependency: [ 51.261750][ T5064] (hrtimer_bases.lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 51.270440][ T5064] [ 51.270440][ T5064] but this new dependency connects a HARDIRQ-irq-safe lock: [ 51.279869][ T5064] (hrtimer_bases.lock){-.-.}-{2:2} [ 51.279889][ T5064] [ 51.279889][ T5064] ... which became HARDIRQ-irq-safe at: [ 51.292741][ T5064] lock_acquire+0x1e4/0x530 [ 51.297324][ T5064] _raw_spin_lock_irqsave+0xd5/0x120 [ 51.302688][ T5064] hrtimer_run_queues+0x18e/0x460 [ 51.307785][ T5064] update_process_times+0x80/0x230 [ 51.312963][ T5064] tick_periodic+0x190/0x220 [ 51.317628][ T5064] tick_handle_periodic+0x4a/0x160 [ 51.322808][ T5064] timer_interrupt+0x5c/0x70 [ 51.327472][ T5064] __handle_irq_event_percpu+0x28c/0xa30 [ 51.333176][ T5064] handle_irq_event+0x89/0x1f0 [ 51.338011][ T5064] handle_level_irq+0x3c5/0x6e0 [ 51.342936][ T5064] __common_interrupt+0x13a/0x230 [ 51.348034][ T5064] common_interrupt+0xa5/0xd0 [ 51.352783][ T5064] asm_common_interrupt+0x26/0x40 [ 51.357882][ T5064] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 51.363674][ T5064] __setup_irq+0x1277/0x1cf0 [ 51.368337][ T5064] request_threaded_irq+0x2ab/0x380 [ 51.373606][ T5064] setup_default_timer_irq+0x25/0x60 [ 51.378969][ T5064] x86_late_time_init+0x66/0xc0 [ 51.383890][ T5064] start_kernel+0x3f3/0x500 [ 51.388461][ T5064] x86_64_start_reservations+0x2a/0x30 [ 51.393990][ T5064] x86_64_start_kernel+0x99/0xa0 [ 51.398995][ T5064] common_startup_64+0x13e/0x147 [ 51.404001][ T5064] [ 51.404001][ T5064] to a HARDIRQ-irq-unsafe lock: [ 51.410995][ T5064] (&htab->buckets[i].lock){+...}-{2:2} [ 51.411017][ T5064] [ 51.411017][ T5064] ... which became HARDIRQ-irq-unsafe at: [ 51.424391][ T5064] ... [ 51.424397][ T5064] lock_acquire+0x1e4/0x530 [ 51.431529][ T5064] _raw_spin_lock_bh+0x35/0x50 [ 51.436363][ T5064] sock_hash_delete_elem+0xb0/0x300 [ 51.441634][ T5064] 0xffffffffa000082e [ 51.445683][ T5064] bpf_trace_run4+0x25a/0x490 [ 51.450431][ T5064] __alloc_pages+0x657/0x680 [ 51.455093][ T5064] alloc_pages_mpol+0x3de/0x650 [ 51.460015][ T5064] __pud_alloc+0x93/0x4b0 [ 51.464417][ T5064] __handle_mm_fault+0x4472/0x72d0 [ 51.469607][ T5064] handle_mm_fault+0x3c2/0x8a0 [ 51.474445][ T5064] exc_page_fault+0x2a8/0x890 [ 51.479192][ T5064] asm_exc_page_fault+0x26/0x30 [ 51.484118][ T5064] [ 51.484118][ T5064] other info that might help us debug this: [ 51.484118][ T5064] [ 51.494324][ T5064] Possible interrupt unsafe locking scenario: [ 51.494324][ T5064] [ 51.502623][ T5064] CPU0 CPU1 [ 51.507969][ T5064] ---- ---- [ 51.513311][ T5064] lock(&htab->buckets[i].lock); [ 51.518320][ T5064] local_irq_disable(); [ 51.525055][ T5064] lock(hrtimer_bases.lock); [ 51.532233][ T5064] lock(&htab->buckets[i].lock); [ 51.539762][ T5064] [ 51.543196][ T5064] lock(hrtimer_bases.lock); [ 51.548029][ T5064] [ 51.548029][ T5064] *** DEADLOCK *** [ 51.548029][ T5064] [ 51.556151][ T5064] 3 locks held by syz-executor158/5064: [ 51.561677][ T5064] #0: ffff8880b952c8d8 (hrtimer_bases.lock){-.-.}-{2:2}, at: hrtimer_start_range_ns+0xdf/0xc60 [ 51.572102][ T5064] #1: ffffffff8e818c60 (fill_pool_map-wait-type-override){+.+.}-{3:3}, at: debug_objects_fill_pool+0x80/0x9b0 [ 51.583824][ T5064] #2: ffffffff8e131920 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x16e/0x490 [ 51.593202][ T5064] [ 51.593202][ T5064] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 51.603587][ T5064] -> (hrtimer_bases.lock){-.-.}-{2:2} { [ 51.609134][ T5064] IN-HARDIRQ-W at: [ 51.613095][ T5064] lock_acquire+0x1e4/0x530 [ 51.619230][ T5064] _raw_spin_lock_irqsave+0xd5/0x120 [ 51.626149][ T5064] hrtimer_run_queues+0x18e/0x460 [ 51.632809][ T5064] update_process_times+0x80/0x230 [ 51.639563][ T5064] tick_periodic+0x190/0x220 [ 51.645800][ T5064] tick_handle_periodic+0x4a/0x160 [ 51.652550][ T5064] timer_interrupt+0x5c/0x70 [ 51.658778][ T5064] __handle_irq_event_percpu+0x28c/0xa30 [ 51.666043][ T5064] handle_irq_event+0x89/0x1f0 [ 51.672438][ T5064] handle_level_irq+0x3c5/0x6e0 [ 51.678920][ T5064] __common_interrupt+0x13a/0x230 [ 51.685597][ T5064] common_interrupt+0xa5/0xd0 [ 51.691931][ T5064] asm_common_interrupt+0x26/0x40 [ 51.698612][ T5064] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 51.705975][ T5064] __setup_irq+0x1277/0x1cf0 [ 51.712207][ T5064] request_threaded_irq+0x2ab/0x380 [ 51.719046][ T5064] setup_default_timer_irq+0x25/0x60 [ 51.725971][ T5064] x86_late_time_init+0x66/0xc0 [ 51.732456][ T5064] start_kernel+0x3f3/0x500 [ 51.738591][ T5064] x86_64_start_reservations+0x2a/0x30 [ 51.745684][ T5064] x86_64_start_kernel+0x99/0xa0 [ 51.752256][ T5064] common_startup_64+0x13e/0x147 [ 51.758830][ T5064] IN-SOFTIRQ-W at: [ 51.762794][ T5064] lock_acquire+0x1e4/0x530 [ 51.768932][ T5064] _raw_spin_lock_irqsave+0xd5/0x120 [ 51.775853][ T5064] hrtimer_interrupt+0xfb/0x990 [ 51.782335][ T5064] __sysvec_apic_timer_interrupt+0x107/0x3a0 [ 51.789951][ T5064] sysvec_apic_timer_interrupt+0x52/0xc0 [ 51.797215][ T5064] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 51.804833][ T5064] __do_softirq+0x1db/0x943 [ 51.810970][ T5064] __irq_exit_rcu+0xf2/0x1c0 [ 51.817190][ T5064] irq_exit_rcu+0x9/0x30 [ 51.823066][ T5064] sysvec_call_function_single+0xa3/0xc0 [ 51.830330][ T5064] asm_sysvec_call_function_single+0x1a/0x20 [ 51.837947][ T5064] default_idle+0x13/0x20 [ 51.843909][ T5064] default_idle_call+0x74/0xb0 [ 51.850308][ T5064] do_idle+0x22f/0x5d0 [ 51.856022][ T5064] cpu_startup_entry+0x42/0x60 [ 51.862441][ T5064] __pfx_ap_starting+0x0/0x10 [ 51.868766][ T5064] common_startup_64+0x13e/0x147 [ 51.875360][ T5064] INITIAL USE at: [ 51.879248][ T5064] lock_acquire+0x1e4/0x530 [ 51.885310][ T5064] _raw_spin_lock_irqsave+0xd5/0x120 [ 51.892162][ T5064] hrtimer_run_queues+0x18e/0x460 [ 51.898743][ T5064] update_process_times+0x80/0x230 [ 51.905413][ T5064] tick_periodic+0x190/0x220 [ 51.911567][ T5064] tick_handle_periodic+0x4a/0x160 [ 51.918237][ T5064] timer_interrupt+0x5c/0x70 [ 51.924386][ T5064] __handle_irq_event_percpu+0x28c/0xa30 [ 51.931574][ T5064] handle_irq_event+0x89/0x1f0 [ 51.937898][ T5064] handle_level_irq+0x3c5/0x6e0 [ 51.944303][ T5064] __common_interrupt+0x13a/0x230 [ 51.950890][ T5064] common_interrupt+0xa5/0xd0 [ 51.957120][ T5064] asm_common_interrupt+0x26/0x40 [ 51.963702][ T5064] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 51.970973][ T5064] __setup_irq+0x1277/0x1cf0 [ 51.977117][ T5064] request_threaded_irq+0x2ab/0x380 [ 51.983886][ T5064] setup_default_timer_irq+0x25/0x60 [ 51.990729][ T5064] x86_late_time_init+0x66/0xc0 [ 51.997133][ T5064] start_kernel+0x3f3/0x500 [ 52.003186][ T5064] x86_64_start_reservations+0x2a/0x30 [ 52.010197][ T5064] x86_64_start_kernel+0x99/0xa0 [ 52.016690][ T5064] common_startup_64+0x13e/0x147 [ 52.023177][ T5064] } [ 52.025664][ T5064] ... key at: [] 0xffff8880b942c8d8 [ 52.032932][ T5064] [ 52.032932][ T5064] the dependencies between the lock to be acquired [ 52.032939][ T5064] and HARDIRQ-irq-unsafe lock: [ 52.046431][ T5064] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 52.052321][ T5064] HARDIRQ-ON-W at: [ 52.056285][ T5064] lock_acquire+0x1e4/0x530 [ 52.062433][ T5064] _raw_spin_lock_bh+0x35/0x50 [ 52.068845][ T5064] sock_hash_delete_elem+0xb0/0x300 [ 52.075689][ T5064] 0xffffffffa000082e [ 52.081339][ T5064] bpf_trace_run4+0x25a/0x490 [ 52.087664][ T5064] __alloc_pages+0x657/0x680 [ 52.093901][ T5064] alloc_pages_mpol+0x3de/0x650 [ 52.100391][ T5064] __pud_alloc+0x93/0x4b0 [ 52.106365][ T5064] __handle_mm_fault+0x4472/0x72d0 [ 52.113130][ T5064] handle_mm_fault+0x3c2/0x8a0 [ 52.119547][ T5064] exc_page_fault+0x2a8/0x890 [ 52.125868][ T5064] asm_exc_page_fault+0x26/0x30 [ 52.132364][ T5064] INITIAL USE at: [ 52.136246][ T5064] lock_acquire+0x1e4/0x530 [ 52.142296][ T5064] _raw_spin_lock_bh+0x35/0x50 [ 52.148612][ T5064] sock_hash_delete_elem+0xb0/0x300 [ 52.155359][ T5064] 0xffffffffa000082e [ 52.160885][ T5064] bpf_trace_run4+0x25a/0x490 [ 52.167108][ T5064] __alloc_pages+0x657/0x680 [ 52.173268][ T5064] alloc_pages_mpol+0x3de/0x650 [ 52.179679][ T5064] __pud_alloc+0x93/0x4b0 [ 52.185564][ T5064] __handle_mm_fault+0x4472/0x72d0 [ 52.192227][ T5064] handle_mm_fault+0x3c2/0x8a0 [ 52.198553][ T5064] exc_page_fault+0x2a8/0x890 [ 52.204781][ T5064] asm_exc_page_fault+0x26/0x30 [ 52.211189][ T5064] } [ 52.213673][ T5064] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 52.221987][ T5064] ... acquired at: [ 52.225776][ T5064] lock_acquire+0x1e4/0x530 [ 52.230438][ T5064] _raw_spin_lock_bh+0x35/0x50 [ 52.235362][ T5064] sock_hash_delete_elem+0xb0/0x300 [ 52.240717][ T5064] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 52.246332][ T5064] bpf_trace_run4+0x25a/0x490 [ 52.251167][ T5064] __traceiter_mm_page_alloc+0x3a/0x60 [ 52.256788][ T5064] __alloc_pages+0x657/0x680 [ 52.261541][ T5064] alloc_slab_page+0x5f/0x160 [ 52.266375][ T5064] new_slab+0x84/0x2f0 [ 52.270600][ T5064] ___slab_alloc+0xd1b/0x13e0 [ 52.275430][ T5064] kmem_cache_alloc+0x250/0x350 [ 52.280444][ T5064] debug_objects_fill_pool+0x42f/0x9b0 [ 52.286060][ T5064] debug_object_activate+0x135/0x510 [ 52.291499][ T5064] enqueue_hrtimer+0x30/0x3a0 [ 52.296337][ T5064] hrtimer_start_range_ns+0xaa0/0xc60 [ 52.301869][ T5064] do_nanosleep+0x158/0x600 [ 52.306539][ T5064] hrtimer_nanosleep+0x227/0x470 [ 52.311637][ T5064] __se_sys_clock_nanosleep+0x32b/0x3c0 [ 52.317339][ T5064] do_syscall_64+0xfb/0x240 [ 52.321999][ T5064] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 52.328055][ T5064] [ 52.330361][ T5064] [ 52.330361][ T5064] stack backtrace: [ 52.336228][ T5064] CPU: 1 PID: 5064 Comm: syz-executor158 Not tainted 6.8.0-syzkaller-05236-g443574b03387 #0 [ 52.346270][ T5064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 52.356304][ T5064] Call Trace: [ 52.359568][ T5064] [ 52.362485][ T5064] dump_stack_lvl+0x1e7/0x2e0 [ 52.367154][ T5064] ? __pfx_dump_stack_lvl+0x10/0x10 [ 52.372337][ T5064] ? __pfx__printk+0x10/0x10 [ 52.376916][ T5064] ? print_shortest_lock_dependencies+0xf2/0x160 [ 52.383231][ T5064] validate_chain+0x4dc7/0x58e0 [ 52.388078][ T5064] ? __pfx_validate_chain+0x10/0x10 [ 52.393264][ T5064] ? __pfx_validate_chain+0x10/0x10 [ 52.398457][ T5064] ? mark_lock+0x9a/0x350 [ 52.402775][ T5064] __lock_acquire+0x1346/0x1fd0 [ 52.407617][ T5064] lock_acquire+0x1e4/0x530 [ 52.412101][ T5064] ? sock_hash_delete_elem+0xb0/0x300 [ 52.417460][ T5064] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 52.423164][ T5064] ? __pfx_lock_acquire+0x10/0x10 [ 52.428173][ T5064] ? sock_hash_delete_elem+0xb0/0x300 [ 52.433534][ T5064] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 52.439325][ T5064] ? __pfx_lock_acquire+0x10/0x10 [ 52.444331][ T5064] ? sock_hash_delete_elem+0xb0/0x300 [ 52.449687][ T5064] _raw_spin_lock_bh+0x35/0x50 [ 52.454436][ T5064] ? sock_hash_delete_elem+0xb0/0x300 [ 52.459792][ T5064] sock_hash_delete_elem+0xb0/0x300 [ 52.464975][ T5064] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 52.470420][ T5064] ? bpf_trace_run4+0x16e/0x490 [ 52.475256][ T5064] bpf_trace_run4+0x25a/0x490 [ 52.479916][ T5064] ? __pfx_bpf_trace_run4+0x10/0x10 [ 52.485100][ T5064] ? __pfx_get_page_from_freelist+0x10/0x10 [ 52.490980][ T5064] ? prepare_alloc_pages+0x1da/0x5b0 [ 52.496255][ T5064] __traceiter_mm_page_alloc+0x3a/0x60 [ 52.501703][ T5064] __alloc_pages+0x657/0x680 [ 52.506282][ T5064] ? __pfx___alloc_pages+0x10/0x10 [ 52.511383][ T5064] ? ___slab_alloc+0x1f0/0x13e0 [ 52.516218][ T5064] ? __pfx_lock_release+0x10/0x10 [ 52.521226][ T5064] alloc_slab_page+0x5f/0x160 [ 52.525890][ T5064] new_slab+0x84/0x2f0 [ 52.529946][ T5064] ___slab_alloc+0xd1b/0x13e0 [ 52.534609][ T5064] ? debug_objects_fill_pool+0x42f/0x9b0 [ 52.540226][ T5064] ? debug_objects_fill_pool+0x42f/0x9b0 [ 52.545841][ T5064] kmem_cache_alloc+0x250/0x350 [ 52.550678][ T5064] ? debug_objects_fill_pool+0x42f/0x9b0 [ 52.556293][ T5064] debug_objects_fill_pool+0x42f/0x9b0 [ 52.561734][ T5064] ? debug_objects_fill_pool+0x80/0x9b0 [ 52.567264][ T5064] ? __pfx_debug_objects_fill_pool+0x10/0x10 [ 52.573237][ T5064] debug_object_activate+0x135/0x510 [ 52.578509][ T5064] ? ktime_get+0x83/0x280 [ 52.582828][ T5064] ? __pfx_debug_object_activate+0x10/0x10 [ 52.588620][ T5064] ? _raw_spin_lock_irqsave+0xe1/0x120 [ 52.594063][ T5064] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 52.599941][ T5064] enqueue_hrtimer+0x30/0x3a0 [ 52.604607][ T5064] hrtimer_start_range_ns+0xaa0/0xc60 [ 52.609971][ T5064] do_nanosleep+0x158/0x600 [ 52.614459][ T5064] ? do_nanosleep+0x80/0x600 [ 52.619031][ T5064] ? __pfx_do_nanosleep+0x10/0x10 [ 52.624043][ T5064] ? __asan_memset+0x23/0x50 [ 52.628618][ T5064] ? __hrtimer_init+0x170/0x250 [ 52.633453][ T5064] hrtimer_nanosleep+0x227/0x470 [ 52.638379][ T5064] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 52.643822][ T5064] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 52.649009][ T5064] ? __pfx_get_timespec64+0x10/0x10 [ 52.654195][ T5064] __se_sys_clock_nanosleep+0x32b/0x3c0 [ 52.659727][ T5064] ? __pfx___se_sys_clock_nanosleep+0x10/0x10 [ 52.665777][ T5064] ? do_syscall_64+0x10a/0x240 [ 52.670529][ T5064] ? do_syscall_64+0xb6/0x240 [ 52.675190][ T5064] do_syscall_64+0xfb/0x240 [ 52.679680][ T5064] entry_SYSCALL_64_after_hwframe+0x6d/0x75 [ 52.685562][ T5064] RIP: 0033:0x7fcb1ca31983 [ 52.689962][ T5064] Code: 00 00 00 00 00 66 90 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d fe 06 05 00 00 74 14 b8 e6 00 00 00 0f 05 d8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 [ 52.709551][ T5064] RSP: 002b:00007ffe7a6938a8 EFLAGS: 00000202 ORIG_RAX: 00000000000000e6 [ 52.717949][ T5064] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007fcb1ca31983 [ 52.725904][ T5064] RDX: 00007ffe7a6938c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 52.733858][ T5064] RBP: 00000000000f4240 R08: 0000000000000010 R09: 00007fcb1c9c90b0 [ 52.741810][ T5064] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000c7de [ 52.749765][ T5064] R13: 00007ffe7a6938f4 R14: 00007ffe7a693910 R15: 00007ffe7a693900 [ 52.757726][ T5064]