Warning: Permanently added '10.128.0.225' (ED25519) to the list of known hosts. executing program executing program executing program executing program [ 58.450506][ T18] [ 58.452894][ T18] ===================================================== [ 58.459810][ T18] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 58.467264][ T18] 6.8.0-syzkaller-05271-gf99c5f563c17 #0 Not tainted [ 58.473952][ T18] ----------------------------------------------------- [ 58.480985][ T18] rcu_exp_gp_kthr/18 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 58.488866][ T18] ffff8880216f68d8 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xb0/0x300 [ 58.499246][ T18] [ 58.499246][ T18] and this task is already holding: [ 58.506796][ T18] ffff8880b942a758 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240 [ 58.515783][ T18] which would create a new lock dependency: [ 58.521660][ T18] (&base->lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 58.529773][ T18] [ 58.529773][ T18] but this new dependency connects a HARDIRQ-irq-safe lock: [ 58.539251][ T18] (&base->lock){-.-.}-{2:2} [ 58.539278][ T18] [ 58.539278][ T18] ... which became HARDIRQ-irq-safe at: [ 58.551533][ T18] lock_acquire+0x1e4/0x530 [ 58.556155][ T18] _raw_spin_lock_irqsave+0xd5/0x120 [ 58.561563][ T18] lock_timer_base+0x112/0x240 [ 58.566417][ T18] add_timer_on+0x1e5/0x5c0 [ 58.571020][ T18] handle_irq_event+0xad/0x1f0 [ 58.575877][ T18] handle_level_irq+0x3c5/0x6e0 [ 58.580813][ T18] __common_interrupt+0x13a/0x230 [ 58.585918][ T18] common_interrupt+0xa5/0xd0 [ 58.590776][ T18] asm_common_interrupt+0x26/0x40 [ 58.595996][ T18] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 58.601803][ T18] __setup_irq+0x1277/0x1cf0 [ 58.606479][ T18] request_threaded_irq+0x2ab/0x380 [ 58.611756][ T18] setup_default_timer_irq+0x25/0x60 [ 58.617118][ T18] x86_late_time_init+0x66/0xc0 [ 58.622043][ T18] start_kernel+0x3f3/0x500 [ 58.626619][ T18] x86_64_start_reservations+0x2a/0x30 [ 58.632253][ T18] x86_64_start_kernel+0x99/0xa0 [ 58.637282][ T18] common_startup_64+0x13e/0x147 [ 58.642307][ T18] [ 58.642307][ T18] to a HARDIRQ-irq-unsafe lock: [ 58.649355][ T18] (&htab->buckets[i].lock){+...}-{2:2} [ 58.649381][ T18] [ 58.649381][ T18] ... which became HARDIRQ-irq-unsafe at: [ 58.662771][ T18] ... [ 58.662779][ T18] lock_acquire+0x1e4/0x530 [ 58.669935][ T18] _raw_spin_lock_bh+0x35/0x50 [ 58.674800][ T18] sock_hash_free+0x164/0x820 [ 58.679589][ T18] bpf_map_free_deferred+0xe6/0x110 [ 58.684890][ T18] process_scheduled_works+0xa00/0x1770 [ 58.690540][ T18] worker_thread+0x86d/0xd70 [ 58.695453][ T18] kthread+0x2f0/0x390 [ 58.699614][ T18] ret_from_fork+0x4b/0x80 [ 58.704118][ T18] ret_from_fork_asm+0x1a/0x30 [ 58.708971][ T18] [ 58.708971][ T18] other info that might help us debug this: [ 58.708971][ T18] [ 58.719301][ T18] Possible interrupt unsafe locking scenario: [ 58.719301][ T18] [ 58.727652][ T18] CPU0 CPU1 [ 58.733018][ T18] ---- ---- [ 58.738462][ T18] lock(&htab->buckets[i].lock); [ 58.743476][ T18] local_irq_disable(); [ 58.750235][ T18] lock(&base->lock); [ 58.756830][ T18] lock(&htab->buckets[i].lock); [ 58.764381][ T18] [ 58.767823][ T18] lock(&base->lock); [ 58.772077][ T18] [ 58.772077][ T18] *** DEADLOCK *** [ 58.772077][ T18] [ 58.780231][ T18] 2 locks held by rcu_exp_gp_kthr/18: [ 58.785586][ T18] #0: ffff8880b942a758 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240 [ 58.794987][ T18] #1: ffffffff8e131920 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x114/0x420 [ 58.804369][ T18] [ 58.804369][ T18] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 58.814760][ T18] -> (&base->lock){-.-.}-{2:2} { [ 58.819700][ T18] IN-HARDIRQ-W at: [ 58.823663][ T18] lock_acquire+0x1e4/0x530 [ 58.829802][ T18] _raw_spin_lock_irqsave+0xd5/0x120 [ 58.836728][ T18] lock_timer_base+0x112/0x240 [ 58.843143][ T18] add_timer_on+0x1e5/0x5c0 [ 58.849285][ T18] handle_irq_event+0xad/0x1f0 [ 58.855684][ T18] handle_level_irq+0x3c5/0x6e0 [ 58.862170][ T18] __common_interrupt+0x13a/0x230 [ 58.868863][ T18] common_interrupt+0xa5/0xd0 [ 58.875180][ T18] asm_common_interrupt+0x26/0x40 [ 58.881842][ T18] _raw_spin_unlock_irqrestore+0xd8/0x140 [ 58.889194][ T18] __setup_irq+0x1277/0x1cf0 [ 58.895425][ T18] request_threaded_irq+0x2ab/0x380 [ 58.902270][ T18] setup_default_timer_irq+0x25/0x60 [ 58.909192][ T18] x86_late_time_init+0x66/0xc0 [ 58.915678][ T18] start_kernel+0x3f3/0x500 [ 58.921827][ T18] x86_64_start_reservations+0x2a/0x30 [ 58.928923][ T18] x86_64_start_kernel+0x99/0xa0 [ 58.935497][ T18] common_startup_64+0x13e/0x147 [ 58.942071][ T18] IN-SOFTIRQ-W at: [ 58.946040][ T18] lock_acquire+0x1e4/0x530 [ 58.952177][ T18] _raw_spin_lock_irq+0xd3/0x120 [ 58.958753][ T18] __run_timer_base+0x103/0x8e0 [ 58.965237][ T18] run_timer_softirq+0x67/0x170 [ 58.971720][ T18] __do_softirq+0x2be/0x943 [ 58.977944][ T18] __irq_exit_rcu+0xf2/0x1c0 [ 58.984170][ T18] irq_exit_rcu+0x9/0x30 [ 58.990135][ T18] common_interrupt+0xaa/0xd0 [ 58.996448][ T18] asm_common_interrupt+0x26/0x40 [ 59.003111][ T18] __mcheck_cpu_init_clear_banks+0x100/0x200 [ 59.010731][ T18] mcheck_cpu_init+0xcab/0x1200 [ 59.017229][ T18] identify_cpu+0x1939/0x3280 [ 59.023544][ T18] identify_boot_cpu+0xd/0xe0 [ 59.029874][ T18] arch_cpu_finalize_init+0x9/0xa0 [ 59.036819][ T18] start_kernel+0x402/0x500 [ 59.042953][ T18] x86_64_start_reservations+0x2a/0x30 [ 59.050062][ T18] x86_64_start_kernel+0x99/0xa0 [ 59.056662][ T18] common_startup_64+0x13e/0x147 [ 59.063251][ T18] INITIAL USE at: [ 59.067151][ T18] lock_acquire+0x1e4/0x530 [ 59.073230][ T18] _raw_spin_lock_irqsave+0xd5/0x120 [ 59.080166][ T18] lock_timer_base+0x112/0x240 [ 59.086491][ T18] __mod_timer+0x1ca/0xeb0 [ 59.092459][ T18] queue_delayed_work_on+0x15a/0x260 [ 59.099468][ T18] crng_reseed+0xe7/0x220 [ 59.105341][ T18] random_init+0x1a9/0x300 [ 59.111309][ T18] start_kernel+0x253/0x500 [ 59.117361][ T18] x86_64_start_reservations+0x2a/0x30 [ 59.124386][ T18] x86_64_start_kernel+0x99/0xa0 [ 59.130898][ T18] common_startup_64+0x13e/0x147 [ 59.137401][ T18] } [ 59.139885][ T18] ... key at: [] init_timer_cpu.__key+0x0/0x20 [ 59.148119][ T18] [ 59.148119][ T18] the dependencies between the lock to be acquired [ 59.148126][ T18] and HARDIRQ-irq-unsafe lock: [ 59.161633][ T18] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 59.167529][ T18] HARDIRQ-ON-W at: [ 59.171494][ T18] lock_acquire+0x1e4/0x530 [ 59.177632][ T18] _raw_spin_lock_bh+0x35/0x50 [ 59.184402][ T18] sock_hash_free+0x164/0x820 [ 59.190724][ T18] bpf_map_free_deferred+0xe6/0x110 [ 59.197574][ T18] process_scheduled_works+0xa00/0x1770 [ 59.204772][ T18] worker_thread+0x86d/0xd70 [ 59.211009][ T18] kthread+0x2f0/0x390 [ 59.216719][ T18] ret_from_fork+0x4b/0x80 [ 59.222795][ T18] ret_from_fork_asm+0x1a/0x30 [ 59.229213][ T18] INITIAL USE at: [ 59.233092][ T18] lock_acquire+0x1e4/0x530 [ 59.239143][ T18] _raw_spin_lock_bh+0x35/0x50 [ 59.245467][ T18] sock_hash_free+0x164/0x820 [ 59.251690][ T18] bpf_map_free_deferred+0xe6/0x110 [ 59.258451][ T18] process_scheduled_works+0xa00/0x1770 [ 59.265572][ T18] worker_thread+0x86d/0xd70 [ 59.272106][ T18] kthread+0x2f0/0x390 [ 59.277725][ T18] ret_from_fork+0x4b/0x80 [ 59.283694][ T18] ret_from_fork_asm+0x1a/0x30 [ 59.290009][ T18] } [ 59.292493][ T18] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 59.300804][ T18] ... acquired at: [ 59.304586][ T18] lock_acquire+0x1e4/0x530 [ 59.309249][ T18] _raw_spin_lock_bh+0x35/0x50 [ 59.314172][ T18] sock_hash_delete_elem+0xb0/0x300 [ 59.319531][ T18] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 59.325326][ T18] bpf_trace_run2+0x204/0x420 [ 59.330160][ T18] enqueue_timer+0x396/0x550 [ 59.334909][ T18] __mod_timer+0xa0e/0xeb0 [ 59.339577][ T18] schedule_timeout+0x1b9/0x310 [ 59.344587][ T18] rcu_exp_sel_wait_wake+0x77e/0x1df0 [ 59.350120][ T18] kthread_worker_fn+0x4bf/0xab0 [ 59.355221][ T18] kthread+0x2f0/0x390 [ 59.359914][ T18] ret_from_fork+0x4b/0x80 [ 59.364512][ T18] ret_from_fork_asm+0x1a/0x30 [ 59.369899][ T18] [ 59.372281][ T18] [ 59.372281][ T18] stack backtrace: [ 59.378162][ T18] CPU: 0 PID: 18 Comm: rcu_exp_gp_kthr Not tainted 6.8.0-syzkaller-05271-gf99c5f563c17 #0 [ 59.388041][ T18] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 59.398098][ T18] Call Trace: [ 59.401369][ T18] [ 59.404287][ T18] dump_stack_lvl+0x1e7/0x2e0 [ 59.409050][ T18] ? __pfx_dump_stack_lvl+0x10/0x10 [ 59.414304][ T18] ? __pfx__printk+0x10/0x10 [ 59.418892][ T18] ? print_shortest_lock_dependencies+0xf2/0x160 [ 59.425326][ T18] validate_chain+0x4dc7/0x58e0 [ 59.430218][ T18] ? __pfx_validate_chain+0x10/0x10 [ 59.435419][ T18] ? __pfx_validate_chain+0x10/0x10 [ 59.440611][ T18] ? register_lock_class+0x102/0x980 [ 59.445885][ T18] ? __pfx_register_lock_class+0x10/0x10 [ 59.451504][ T18] ? mark_lock+0x9a/0x350 [ 59.455822][ T18] __lock_acquire+0x1346/0x1fd0 [ 59.460693][ T18] lock_acquire+0x1e4/0x530 [ 59.465177][ T18] ? sock_hash_delete_elem+0xb0/0x300 [ 59.470539][ T18] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 59.476259][ T18] ? __pfx_lock_acquire+0x10/0x10 [ 59.481317][ T18] ? sock_hash_delete_elem+0xb0/0x300 [ 59.486673][ T18] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 59.492465][ T18] ? __pfx_lock_acquire+0x10/0x10 [ 59.497475][ T18] ? do_raw_spin_unlock+0x13c/0x8b0 [ 59.502666][ T18] ? sock_hash_delete_elem+0xb0/0x300 [ 59.508141][ T18] _raw_spin_lock_bh+0x35/0x50 [ 59.512923][ T18] ? sock_hash_delete_elem+0xb0/0x300 [ 59.518299][ T18] sock_hash_delete_elem+0xb0/0x300 [ 59.523495][ T18] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 59.528945][ T18] bpf_trace_run2+0x204/0x420 [ 59.533611][ T18] ? bpf_trace_run2+0x114/0x420 [ 59.538448][ T18] ? __pfx_bpf_trace_run2+0x10/0x10 [ 59.543631][ T18] ? __pfx_debug_object_activate+0x10/0x10 [ 59.549425][ T18] ? lockdep_hardirqs_on+0x99/0x150 [ 59.554608][ T18] enqueue_timer+0x396/0x550 [ 59.559709][ T18] __mod_timer+0xa0e/0xeb0 [ 59.564120][ T18] ? __asan_memset+0x23/0x50 [ 59.568808][ T18] ? __pfx___mod_timer+0x10/0x10 [ 59.573746][ T18] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 59.579539][ T18] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 59.585621][ T18] schedule_timeout+0x1b9/0x310 [ 59.590474][ T18] ? __pfx_schedule_timeout+0x10/0x10 [ 59.595834][ T18] ? __pfx_process_timeout+0x10/0x10 [ 59.601108][ T18] rcu_exp_sel_wait_wake+0x77e/0x1df0 [ 59.606475][ T18] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 59.612448][ T18] ? __pfx_rcu_exp_sel_wait_wake+0x10/0x10 [ 59.618240][ T18] ? _raw_spin_lock_irq+0xdf/0x120 [ 59.623342][ T18] kthread_worker_fn+0x4bf/0xab0 [ 59.628282][ T18] ? kthread_worker_fn+0xdc/0xab0 [ 59.633289][ T18] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 59.638579][ T18] ? __pfx_kthread_worker_fn+0x10/0x10 [ 59.644024][ T18] kthread+0x2f0/0x390 [ 59.648088][ T18] ? __pfx_kthread_worker_fn+0x10/0x10 [ 59.653540][ T18] ? __pfx_kthread+0x10/0x10 [ 59.658122][ T18] ret_from_fork+0x4b/0x80 [ 59.662532][ T18] ? __pfx_kthread+0x10/0x10 [ 59.667109][ T18] ret_from_fork_asm+0x1a/0x30 [ 59.671899][ T18]