Warning: Permanently added '10.128.0.54' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program [ 66.004627][ T3553] [ 66.007019][ T3553] ===================================================== [ 66.013986][ T3553] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 66.021521][ T3553] 6.1.84-syzkaller #0 Not tainted [ 66.026563][ T3553] ----------------------------------------------------- [ 66.033537][ T3553] syz-executor383/3553 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 66.041816][ T3553] ffff88807ccffa40 (&stab->lock){+...}-{2:2}, at: sock_map_delete_elem+0x97/0x130 [ 66.051286][ T3553] [ 66.051286][ T3553] and this task is already holding: [ 66.058685][ T3553] ffff8880b983aa18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 66.068203][ T3553] which would create a new lock dependency: [ 66.074178][ T3553] (&rq->__lock){-.-.}-{2:2} -> (&stab->lock){+...}-{2:2} [ 66.081405][ T3553] [ 66.081405][ T3553] but this new dependency connects a HARDIRQ-irq-safe lock: [ 66.090938][ T3553] (&rq->__lock){-.-.}-{2:2} [ 66.090961][ T3553] [ 66.090961][ T3553] ... which became HARDIRQ-irq-safe at: [ 66.103249][ T3553] lock_acquire+0x1f8/0x5a0 [ 66.107849][ T3553] _raw_spin_lock_nested+0x2d/0x40 [ 66.113097][ T3553] raw_spin_rq_lock_nested+0x26/0x140 [ 66.118574][ T3553] scheduler_tick+0x9d/0x550 [ 66.123273][ T3553] update_process_times+0x17b/0x1b0 [ 66.128560][ T3553] tick_periodic+0x197/0x210 [ 66.133261][ T3553] tick_handle_periodic+0x46/0x150 [ 66.138486][ T3553] timer_interrupt+0x4d/0x60 [ 66.143893][ T3553] __handle_irq_event_percpu+0x2a8/0xb20 [ 66.149834][ T3553] handle_irq_event+0x85/0x1e0 [ 66.155084][ T3553] handle_level_irq+0x3ab/0x6c0 [ 66.160057][ T3553] __common_interrupt+0xd7/0x1f0 [ 66.165107][ T3553] common_interrupt+0x9f/0xc0 [ 66.169944][ T3553] asm_common_interrupt+0x22/0x40 [ 66.175155][ T3553] _raw_spin_unlock_irqrestore+0xd4/0x130 [ 66.180989][ T3553] __setup_irq+0x12fa/0x1d80 [ 66.185673][ T3553] request_threaded_irq+0x2a7/0x380 [ 66.190962][ T3553] setup_default_timer_irq+0x1f/0x30 [ 66.196361][ T3553] x86_late_time_init+0x51/0x86 [ 66.201383][ T3553] start_kernel+0x414/0x53f [ 66.206004][ T3553] secondary_startup_64_no_verify+0xcf/0xdb [ 66.212015][ T3553] [ 66.212015][ T3553] to a HARDIRQ-irq-unsafe lock: [ 66.219027][ T3553] (&stab->lock){+...}-{2:2} [ 66.219052][ T3553] [ 66.219052][ T3553] ... which became HARDIRQ-irq-unsafe at: [ 66.231861][ T3553] ... [ 66.231868][ T3553] lock_acquire+0x1f8/0x5a0 [ 66.239185][ T3553] _raw_spin_lock_bh+0x31/0x40 [ 66.244124][ T3553] sock_map_delete_elem+0x97/0x130 [ 66.249331][ T3553] 0xffffffffa0000686 [ 66.253398][ T3553] bpf_trace_run2+0x1fd/0x410 [ 66.258206][ T3553] trace_contention_end+0x12f/0x170 [ 66.263988][ T3553] __mutex_lock+0x2ed/0xd80 [ 66.268612][ T3553] __set_oom_adj+0x85/0xcc0 [ 66.273224][ T3553] oom_score_adj_write+0x1a6/0x250 [ 66.278496][ T3553] vfs_write+0x2d9/0xba0 [ 66.282834][ T3553] ksys_write+0x19c/0x2c0 [ 66.287271][ T3553] do_syscall_64+0x3d/0xb0 [ 66.291836][ T3553] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 66.297832][ T3553] [ 66.297832][ T3553] other info that might help us debug this: [ 66.297832][ T3553] [ 66.308061][ T3553] Possible interrupt unsafe locking scenario: [ 66.308061][ T3553] [ 66.316498][ T3553] CPU0 CPU1 [ 66.322071][ T3553] ---- ---- [ 66.327435][ T3553] lock(&stab->lock); [ 66.331794][ T3553] local_irq_disable(); [ 66.338731][ T3553] lock(&rq->__lock); [ 66.345428][ T3553] lock(&stab->lock); [ 66.352039][ T3553] [ 66.355664][ T3553] lock(&rq->__lock); [ 66.359993][ T3553] [ 66.359993][ T3553] *** DEADLOCK *** [ 66.359993][ T3553] [ 66.368308][ T3553] 2 locks held by syz-executor383/3553: [ 66.373861][ T3553] #0: ffff8880b983aa18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140 [ 66.383880][ T3553] #1: ffffffff8d12a980 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x110/0x410 [ 66.393287][ T3553] [ 66.393287][ T3553] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 66.403777][ T3553] -> (&rq->__lock){-.-.}-{2:2} { [ 66.408733][ T3553] IN-HARDIRQ-W at: [ 66.412711][ T3553] lock_acquire+0x1f8/0x5a0 [ 66.418906][ T3553] _raw_spin_lock_nested+0x2d/0x40 [ 66.426136][ T3553] raw_spin_rq_lock_nested+0x26/0x140 [ 66.433191][ T3553] scheduler_tick+0x9d/0x550 [ 66.439531][ T3553] update_process_times+0x17b/0x1b0 [ 66.446567][ T3553] tick_periodic+0x197/0x210 [ 66.452994][ T3553] tick_handle_periodic+0x46/0x150 [ 66.459782][ T3553] timer_interrupt+0x4d/0x60 [ 66.466028][ T3553] __handle_irq_event_percpu+0x2a8/0xb20 [ 66.473313][ T3553] handle_irq_event+0x85/0x1e0 [ 66.479728][ T3553] handle_level_irq+0x3ab/0x6c0 [ 66.486342][ T3553] __common_interrupt+0xd7/0x1f0 [ 66.492956][ T3553] common_interrupt+0x9f/0xc0 [ 66.499290][ T3553] asm_common_interrupt+0x22/0x40 [ 66.506001][ T3553] _raw_spin_unlock_irqrestore+0xd4/0x130 [ 66.513385][ T3553] __setup_irq+0x12fa/0x1d80 [ 66.519997][ T3553] request_threaded_irq+0x2a7/0x380 [ 66.526969][ T3553] setup_default_timer_irq+0x1f/0x30 [ 66.534301][ T3553] x86_late_time_init+0x51/0x86 [ 66.540831][ T3553] start_kernel+0x414/0x53f [ 66.546993][ T3553] secondary_startup_64_no_verify+0xcf/0xdb [ 66.554541][ T3553] IN-SOFTIRQ-W at: [ 66.558522][ T3553] lock_acquire+0x1f8/0x5a0 [ 66.564684][ T3553] _raw_spin_lock_nested+0x2d/0x40 [ 66.571451][ T3553] raw_spin_rq_lock_nested+0x26/0x140 [ 66.578557][ T3553] try_to_wake_up+0x5bd/0x12e0 [ 66.584988][ T3553] __queue_work+0xb4b/0xf90 [ 66.591149][ T3553] call_timer_fn+0x1ad/0x6b0 [ 66.597747][ T3553] __run_timers+0x6a8/0x890 [ 66.603897][ T3553] run_timer_softirq+0x63/0xf0 [ 66.610396][ T3553] __do_softirq+0x2e9/0xa4c [ 66.616556][ T3553] __irq_exit_rcu+0x155/0x240 [ 66.622976][ T3553] irq_exit_rcu+0x5/0x20 [ 66.629317][ T3553] sysvec_apic_timer_interrupt+0x91/0xb0 [ 66.636704][ T3553] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 66.644442][ T3553] default_idle+0xb/0x10 [ 66.650337][ T3553] default_idle_call+0x84/0xc0 [ 66.656764][ T3553] do_idle+0x251/0x680 [ 66.662485][ T3553] cpu_startup_entry+0x3d/0x60 [ 66.668906][ T3553] rest_init+0x2da/0x300 [ 66.674812][ T3553] start_kernel+0x0/0x53f [ 66.680786][ T3553] start_kernel+0x496/0x53f [ 66.686938][ T3553] secondary_startup_64_no_verify+0xcf/0xdb [ 66.694586][ T3553] INITIAL USE at: [ 66.698805][ T3553] lock_acquire+0x1f8/0x5a0 [ 66.705069][ T3553] _raw_spin_lock_nested+0x2d/0x40 [ 66.711856][ T3553] raw_spin_rq_lock_nested+0x26/0x140 [ 66.718840][ T3553] rq_attach_root+0xec/0x540 [ 66.725024][ T3553] sched_init+0x6c7/0xcc9 [ 66.730931][ T3553] start_kernel+0x1bf/0x53f [ 66.736998][ T3553] secondary_startup_64_no_verify+0xcf/0xdb [ 66.744498][ T3553] } [ 66.747022][ T3553] ... key at: [] sched_init.__key+0x0/0x20 [ 66.755176][ T3553] [ 66.755176][ T3553] the dependencies between the lock to be acquired [ 66.755188][ T3553] and HARDIRQ-irq-unsafe lock: [ 66.768937][ T3553] -> (&stab->lock){+...}-{2:2} { [ 66.774020][ T3553] HARDIRQ-ON-W at: [ 66.778013][ T3553] lock_acquire+0x1f8/0x5a0 [ 66.784180][ T3553] _raw_spin_lock_bh+0x31/0x40 [ 66.790596][ T3553] sock_map_delete_elem+0x97/0x130 [ 66.797386][ T3553] 0xffffffffa0000686 [ 66.803024][ T3553] bpf_trace_run2+0x1fd/0x410 [ 66.809379][ T3553] trace_contention_end+0x12f/0x170 [ 66.816343][ T3553] __mutex_lock+0x2ed/0xd80 [ 66.822509][ T3553] __set_oom_adj+0x85/0xcc0 [ 66.828936][ T3553] oom_score_adj_write+0x1a6/0x250 [ 66.835705][ T3553] vfs_write+0x2d9/0xba0 [ 66.841616][ T3553] ksys_write+0x19c/0x2c0 [ 66.847600][ T3553] do_syscall_64+0x3d/0xb0 [ 66.853782][ T3553] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 66.861452][ T3553] INITIAL USE at: [ 66.865462][ T3553] lock_acquire+0x1f8/0x5a0 [ 66.871578][ T3553] _raw_spin_lock_bh+0x31/0x40 [ 66.877960][ T3553] sock_map_delete_elem+0x97/0x130 [ 66.884670][ T3553] 0xffffffffa0000686 [ 66.890427][ T3553] bpf_trace_run2+0x1fd/0x410 [ 66.896936][ T3553] trace_contention_end+0x12f/0x170 [ 66.903705][ T3553] __mutex_lock+0x2ed/0xd80 [ 66.909809][ T3553] __set_oom_adj+0x85/0xcc0 [ 66.915885][ T3553] oom_score_adj_write+0x1a6/0x250 [ 66.922751][ T3553] vfs_write+0x2d9/0xba0 [ 66.928678][ T3553] ksys_write+0x19c/0x2c0 [ 66.934684][ T3553] do_syscall_64+0x3d/0xb0 [ 66.941085][ T3553] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 66.948595][ T3553] } [ 66.951198][ T3553] ... key at: [] sock_map_alloc.__key+0x0/0x20 [ 66.959557][ T3553] ... acquired at: [ 66.963363][ T3553] lock_acquire+0x1f8/0x5a0 [ 66.968069][ T3553] _raw_spin_lock_bh+0x31/0x40 [ 66.973129][ T3553] sock_map_delete_elem+0x97/0x130 [ 66.978429][ T3553] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 66.984082][ T3553] bpf_trace_run2+0x1fd/0x410 [ 66.988951][ T3553] __traceiter_contention_end+0x74/0xa0 [ 66.994694][ T3553] trace_contention_end+0x14c/0x190 [ 67.000151][ T3553] __pv_queued_spin_lock_slowpath+0x935/0xc50 [ 67.006503][ T3553] queued_spin_lock_slowpath+0x42/0x50 [ 67.012146][ T3553] do_raw_spin_lock+0x269/0x370 [ 67.017700][ T3553] raw_spin_rq_lock_nested+0x26/0x140 [ 67.023437][ T3553] __schedule+0x33d/0x4550 [ 67.028052][ T3553] schedule+0xbf/0x180 [ 67.032405][ T3553] exit_to_user_mode_loop+0x44/0x100 [ 67.037861][ T3553] exit_to_user_mode_prepare+0xb1/0x140 [ 67.043601][ T3553] syscall_exit_to_user_mode+0x60/0x270 [ 67.049516][ T3553] do_syscall_64+0x49/0xb0 [ 67.054116][ T3553] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 67.060318][ T3553] [ 67.062672][ T3553] [ 67.062672][ T3553] stack backtrace: [ 67.068748][ T3553] CPU: 0 PID: 3553 Comm: syz-executor383 Not tainted 6.1.84-syzkaller #0 [ 67.077616][ T3553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 67.087863][ T3553] Call Trace: [ 67.091390][ T3553] [ 67.094364][ T3553] dump_stack_lvl+0x1e3/0x2cb [ 67.099098][ T3553] ? nf_tcp_handle_invalid+0x642/0x642 [ 67.104603][ T3553] ? panic+0x75d/0x75d [ 67.108672][ T3553] ? print_shortest_lock_dependencies+0xee/0x150 [ 67.115007][ T3553] validate_chain+0x4d16/0x5950 [ 67.119911][ T3553] ? reacquire_held_locks+0x660/0x660 [ 67.125377][ T3553] ? validate_chain+0x112/0x5950 [ 67.130695][ T3553] ? reacquire_held_locks+0x660/0x660 [ 67.136092][ T3553] ? validate_chain+0x112/0x5950 [ 67.141216][ T3553] ? reacquire_held_locks+0x660/0x660 [ 67.146600][ T3553] ? validate_chain+0x112/0x5950 [ 67.151724][ T3553] ? reacquire_held_locks+0x660/0x660 [ 67.157106][ T3553] ? mark_lock+0x9a/0x340 [ 67.161491][ T3553] __lock_acquire+0x125b/0x1f80 [ 67.166372][ T3553] lock_acquire+0x1f8/0x5a0 [ 67.170896][ T3553] ? sock_map_delete_elem+0x97/0x130 [ 67.176727][ T3553] ? read_lock_is_recursive+0x10/0x10 [ 67.182172][ T3553] ? sock_map_delete_elem+0x97/0x130 [ 67.187487][ T3553] ? __bpf_trace_softirq+0x10/0x10 [ 67.192608][ T3553] ? read_lock_is_recursive+0x10/0x10 [ 67.198109][ T3553] ? reacquire_held_locks+0x660/0x660 [ 67.203505][ T3553] ? sock_map_delete_elem+0x97/0x130 [ 67.209289][ T3553] _raw_spin_lock_bh+0x31/0x40 [ 67.214065][ T3553] ? sock_map_delete_elem+0x97/0x130 [ 67.219444][ T3553] sock_map_delete_elem+0x97/0x130 [ 67.224567][ T3553] bpf_prog_2c29ac5cdc6b1842+0x3a/0x3e [ 67.230028][ T3553] bpf_trace_run2+0x1fd/0x410 [ 67.234725][ T3553] ? bpf_trace_run2+0x110/0x410 [ 67.239624][ T3553] ? bpf_trace_run1+0x3d0/0x3d0 [ 67.244476][ T3553] ? mark_lock+0x9a/0x340 [ 67.248818][ T3553] ? __bpf_trace_contention_begin+0x10/0x10 [ 67.254739][ T3553] __traceiter_contention_end+0x74/0xa0 [ 67.260316][ T3553] trace_contention_end+0x14c/0x190 [ 67.265516][ T3553] __pv_queued_spin_lock_slowpath+0x935/0xc50 [ 67.276211][ T3553] ? __pv_queued_spin_unlock_slowpath+0x2e0/0x2e0 [ 67.282660][ T3553] ? trace_rcu_utilization+0x71/0x230 [ 67.288039][ T3553] queued_spin_lock_slowpath+0x42/0x50 [ 67.293609][ T3553] do_raw_spin_lock+0x269/0x370 [ 67.298668][ T3553] ? __rwlock_init+0x140/0x140 [ 67.303708][ T3553] raw_spin_rq_lock_nested+0x26/0x140 [ 67.309112][ T3553] __schedule+0x33d/0x4550 [ 67.313554][ T3553] ? __might_fault+0xa1/0x110 [ 67.318407][ T3553] ? rcu_is_watching+0x11/0xb0 [ 67.323195][ T3553] ? __rseq_handle_notify_resume+0x3b7/0x1500 [ 67.329285][ T3553] ? __sched_text_start+0x8/0x8 [ 67.334177][ T3553] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 67.340267][ T3553] ? print_irqtrace_events+0x210/0x210 [ 67.345759][ T3553] schedule+0xbf/0x180 [ 67.349850][ T3553] exit_to_user_mode_loop+0x44/0x100 [ 67.355160][ T3553] exit_to_user_mode_prepare+0xb1/0x140 [ 67.360718][ T3553] syscall_exit_to_user_mode+0x60/0x270 [ 67.366270][ T3553] do_syscall_64+0x49/0xb0 [ 67.370697][ T3553] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 67.376597][ T3553] RIP: 0033:0x7f1089a0d083 [ 67.381027][ T3553] Code: 00 00 00 00 00 66 90 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 1e 10 05 00 00 74 14 b8 e6 00 00 00 0f 05 d8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 [ 67.400638][ T3553] RSP: 002b:00007fff722b8478 EFLAGS: 00000202 ORIG_RAX: 00000000000000e6 [ 67.409145][ T3553] RAX: 0000000000000000 RBX: 0000000000000dec RCX: 00007f1089a0d083 [ 67.417152][ T3553] RDX: 00007fff722b8490 RSI: 0000000000000000 RDI: 0000000000000000 [ 67.425147][ T3553] RBP: 00000000000f4240 R08: 00007fff723530b0 R09: 0000000000000010 [ 67.433124][ T3553] R10: 0000000000000000 R11: 0000000000000202 R12: 00000000000101b6 [ 67.441110][ T3553] R13: 00007fff722b84ec R14: 00007fff722b84f0 R15: 00007fff722b84ed [ 67.449093][ T3553]