bridge0: port 2(bridge_slave_1) entered blocking state bridge0: port 2(bridge_slave_1) entered disabled state bridge_slave_1: entered allmulticast mode bridge_slave_1: entered promiscuous mode ================================ WARNING: inconsistent lock state 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted -------------------------------- inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage. syz-executor.4/6048 [HC0[0]:SC0[0]:HE0:SE1] takes: ffff8880150a0018 (&pool->lock){?.-.}-{2:2}, at: __queue_work+0x39e/0x1170 kernel/workqueue.c:2360 {IN-HARDIRQ-W} state was registered at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 __queue_work+0x39e/0x1170 kernel/workqueue.c:2360 queue_work_on+0xf4/0x120 kernel/workqueue.c:2435 tick_nohz_activate kernel/time/tick-sched.c:1491 [inline] tick_setup_sched_timer+0x47c/0x790 kernel/time/tick-sched.c:1592 hrtimer_switch_to_hres kernel/time/hrtimer.c:750 [inline] hrtimer_run_queues+0x33c/0x450 kernel/time/hrtimer.c:1918 run_local_timers kernel/time/timer.c:2453 [inline] update_process_times+0xcf/0x220 kernel/time/timer.c:2475 tick_periodic+0x7e/0x230 kernel/time/tick-common.c:100 tick_handle_periodic+0x45/0x120 kernel/time/tick-common.c:112 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline] __sysvec_apic_timer_interrupt+0x10f/0x410 arch/x86/kernel/apic/apic.c:1049 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline] sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1043 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 lock_acquire+0x1f2/0x540 kernel/locking/lockdep.c:5722 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:351 [inline] write_seqlock include/linux/seqlock.h:822 [inline] lock_mount_hash fs/namespace.c:108 [inline] vfs_create_mount+0x262/0x500 fs/namespace.c:1116 fc_mount fs/namespace.c:1128 [inline] fc_mount fs/namespace.c:1123 [inline] vfs_kern_mount.part.0+0x13f/0x170 fs/namespace.c:1155 vfs_kern_mount+0x3f/0x60 fs/namespace.c:1142 simple_pin_fs+0xf2/0x190 fs/libfs.c:1016 tracefs_start_creating+0x3b/0x2a0 fs/tracefs/inode.c:462 tracefs_create_file+0x9d/0x810 fs/tracefs/inode.c:567 trace_create_file+0x33/0x70 kernel/trace/trace.c:9167 event_trace_init+0xe5/0x1f0 kernel/trace/trace_events.c:4097 tracer_init_tracefs_work_func+0x12/0x3c0 kernel/trace/trace.c:10175 process_one_work+0x9a9/0x1a60 kernel/workqueue.c:3254 process_scheduled_works kernel/workqueue.c:3335 [inline] worker_thread+0x6c8/0xf70 kernel/workqueue.c:3416 kthread+0x2c1/0x3a0 kernel/kthread.c:388 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 irq event stamp: 33914 hardirqs last enabled at (33911): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (33911): [] _raw_spin_unlock_irqrestore+0x52/0x80 kernel/locking/spinlock.c:194 hardirqs last disabled at (33912): [] queue_work_on+0xb3/0x120 kernel/workqueue.c:2432 softirqs last enabled at (33914): [] spin_unlock_bh include/linux/spinlock.h:396 [inline] softirqs last enabled at (33914): [] __sock_map_delete net/core/sock_map.c:424 [inline] softirqs last enabled at (33914): [] sock_map_delete_elem+0xfd/0x150 net/core/sock_map.c:446 softirqs last disabled at (33913): [] spin_lock_bh include/linux/spinlock.h:356 [inline] softirqs last disabled at (33913): [] __sock_map_delete net/core/sock_map.c:414 [inline] softirqs last disabled at (33913): [] sock_map_delete_elem+0xc8/0x150 net/core/sock_map.c:446 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&pool->lock ); lock(&pool->lock ); *** DEADLOCK *** 4 locks held by syz-executor.4/6048: #0: ffffffff8f2f63c8 (rtnl_mutex ){+.+.}-{3:3} , at: rtnl_lock net/core/rtnetlink.c:79 [inline] , at: rtnetlink_rcv_msg+0x372/0xe60 net/core/rtnetlink.c:6592 #1: ffffffff8d7b08e0 (rcu_read_lock ){....}-{1:2} , at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] , at: rcu_read_lock include/linux/rcupdate.h:750 [inline] , at: __queue_work+0xf2/0x1170 kernel/workqueue.c:2324 #2: ffff8880150a0018 (&pool->lock ){?.-.}-{2:2} , at: __queue_work+0x39e/0x1170 kernel/workqueue.c:2360 #3: ffffffff8d7b08e0 (rcu_read_lock ){....}-{1:2} , at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] , at: rcu_read_lock include/linux/rcupdate.h:750 [inline] , at: __bpf_trace_run kernel/trace/bpf_trace.c:2380 [inline] , at: bpf_trace_run3+0xf8/0x440 kernel/trace/bpf_trace.c:2421 stack backtrace: CPU: 0 PID: 6048 Comm: syz-executor.4 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114 print_usage_bug kernel/locking/lockdep.c:3971 [inline] valid_state kernel/locking/lockdep.c:4013 [inline] mark_lock_irq kernel/locking/lockdep.c:4216 [inline] mark_lock+0x923/0xc60 kernel/locking/lockdep.c:4678 mark_held_locks+0x9f/0xe0 kernel/locking/lockdep.c:4274 __trace_hardirqs_on_caller kernel/locking/lockdep.c:4292 [inline] lockdep_hardirqs_on_prepare+0x137/0x420 kernel/locking/lockdep.c:4359 trace_hardirqs_on+0x36/0x40 kernel/trace/trace_preemptirq.c:61 __local_bh_enable_ip+0xa4/0x120 kernel/softirq.c:387 spin_unlock_bh include/linux/spinlock.h:396 [inline] __sock_map_delete net/core/sock_map.c:424 [inline] sock_map_delete_elem+0xfd/0x150 net/core/sock_map.c:446 ___bpf_prog_run+0x3e51/0xae80 kernel/bpf/core.c:1997