===================================================== WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Not tainted ----------------------------------------------------- kworker/u8:8/3830 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: ffff888024878820 (&htab->buckets[i].lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline] ffff888024878820 (&htab->buckets[i].lock){+.-.}-{2:2}, at: sock_hash_delete_elem+0xcb/0x260 net/core/sock_map.c:939 and this task is already holding: ffff888148f8afa0 (&nna->lock){..-.}-{2:2}, at: node_activate_pending_pwq kernel/workqueue.c:1882 [inline] ffff888148f8afa0 (&nna->lock){..-.}-{2:2}, at: pwq_dec_nr_active kernel/workqueue.c:1993 [inline] ffff888148f8afa0 (&nna->lock){..-.}-{2:2}, at: pwq_dec_nr_in_flight+0x375/0xed0 kernel/workqueue.c:2017 which would create a new lock dependency: (&nna->lock){..-.}-{2:2} -> (&htab->buckets[i].lock){+.-.}-{2:2} but this new dependency connects a HARDIRQ-irq-safe lock: (&pool->lock){-.-.}-{2:2} ... which became HARDIRQ-irq-safe at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 __queue_work+0x39e/0x1170 kernel/workqueue.c:2360 queue_work_on+0xf4/0x120 kernel/workqueue.c:2435 tick_nohz_activate kernel/time/tick-sched.c:1491 [inline] tick_setup_sched_timer+0x47c/0x790 kernel/time/tick-sched.c:1592 hrtimer_switch_to_hres kernel/time/hrtimer.c:750 [inline] hrtimer_run_queues+0x33c/0x450 kernel/time/hrtimer.c:1918 run_local_timers kernel/time/timer.c:2453 [inline] update_process_times+0xcf/0x220 kernel/time/timer.c:2475 tick_periodic+0x7e/0x230 kernel/time/tick-common.c:100 tick_handle_periodic+0x45/0x120 kernel/time/tick-common.c:112 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline] __sysvec_apic_timer_interrupt+0x112/0x410 arch/x86/kernel/apic/apic.c:1049 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline] sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1043 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 __down_trylock_console_sem+0x62/0x140 kernel/printk/printk.c:324 console_trylock kernel/printk/printk.c:2678 [inline] console_trylock_spinning kernel/printk/printk.c:1958 [inline] vprintk_emit kernel/printk/printk.c:2341 [inline] vprintk_emit+0xe4/0x5a0 kernel/printk/printk.c:2297 vprintk+0x7f/0xa0 kernel/printk/printk_safe.c:45 _printk+0xc8/0x100 kernel/printk/printk.c:2367 __clocksource_select+0x33f/0x400 kernel/time/clocksource.c:1046 clocksource_select kernel/time/clocksource.c:1061 [inline] clocksource_done_booting+0x39/0x50 kernel/time/clocksource.c:1085 do_one_initcall+0x12b/0x690 init/main.c:1241 do_initcall_level init/main.c:1303 [inline] do_initcalls init/main.c:1319 [inline] do_basic_setup init/main.c:1338 [inline] kernel_init_freeable+0x69d/0xc40 init/main.c:1550 kernel_init+0x1c/0x2a0 init/main.c:1439 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 to a HARDIRQ-irq-unsafe lock: (&htab->buckets[i].lock){+.-.}-{2:2} ... which became HARDIRQ-irq-unsafe at: ... lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline] _raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178 spin_lock_bh include/linux/spinlock.h:356 [inline] sock_hash_free+0x130/0x820 net/core/sock_map.c:1154 map_create+0xf02/0x1c30 kernel/bpf/syscall.c:1402 __sys_bpf+0xae9/0x4b40 kernel/bpf/syscall.c:5613 __do_sys_bpf kernel/bpf/syscall.c:5738 [inline] __se_sys_bpf kernel/bpf/syscall.c:5736 [inline] __x64_sys_bpf+0x78/0xc0 kernel/bpf/syscall.c:5736 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xd5/0x260 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x6d/0x75 other info that might help us debug this: Chain exists of: &pool->lock --> &nna->lock --> &htab->buckets[i].lock Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&htab->buckets[i].lock); local_irq_disable(); lock(&pool->lock); lock(&nna->lock); lock(&pool->lock); *** DEADLOCK *** 3 locks held by kworker/u8:8/3830: #0: ffff888015098018 (&pool->lock){-.-.}-{2:2}, at: process_one_work+0xbb3/0x1a60 kernel/workqueue.c:3289 #1: ffff888148f8afa0 (&nna->lock){..-.}-{2:2}, at: node_activate_pending_pwq kernel/workqueue.c:1882 [inline] #1: ffff888148f8afa0 (&nna->lock){..-.}-{2:2}, at: pwq_dec_nr_active kernel/workqueue.c:1993 [inline] #1: ffff888148f8afa0 (&nna->lock){..-.}-{2:2}, at: pwq_dec_nr_in_flight+0x375/0xed0 kernel/workqueue.c:2017 #2: ffffffff8d7b49e0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:298 [inline] #2: ffffffff8d7b49e0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:750 [inline] #2: ffffffff8d7b49e0 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2380 [inline] #2: ffffffff8d7b49e0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run1+0xdc/0x410 kernel/trace/bpf_trace.c:2419 the dependencies between HARDIRQ-irq-safe lock and the holding lock: -> (&pool->lock){-.-.}-{2:2} { IN-HARDIRQ-W at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 __queue_work+0x39e/0x1170 kernel/workqueue.c:2360 queue_work_on+0xf4/0x120 kernel/workqueue.c:2435 tick_nohz_activate kernel/time/tick-sched.c:1491 [inline] tick_setup_sched_timer+0x47c/0x790 kernel/time/tick-sched.c:1592 hrtimer_switch_to_hres kernel/time/hrtimer.c:750 [inline] hrtimer_run_queues+0x33c/0x450 kernel/time/hrtimer.c:1918 run_local_timers kernel/time/timer.c:2453 [inline] update_process_times+0xcf/0x220 kernel/time/timer.c:2475 tick_periodic+0x7e/0x230 kernel/time/tick-common.c:100 tick_handle_periodic+0x45/0x120 kernel/time/tick-common.c:112 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1032 [inline] __sysvec_apic_timer_interrupt+0x112/0x410 arch/x86/kernel/apic/apic.c:1049 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline] sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1043 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 __down_trylock_console_sem+0x62/0x140 kernel/printk/printk.c:324 console_trylock kernel/printk/printk.c:2678 [inline] console_trylock_spinning kernel/printk/printk.c:1958 [inline] vprintk_emit kernel/printk/printk.c:2341 [inline] vprintk_emit+0xe4/0x5a0 kernel/printk/printk.c:2297 vprintk+0x7f/0xa0 kernel/printk/printk_safe.c:45 _printk+0xc8/0x100 kernel/printk/printk.c:2367 __clocksource_select+0x33f/0x400 kernel/time/clocksource.c:1046 clocksource_select kernel/time/clocksource.c:1061 [inline] clocksource_done_booting+0x39/0x50 kernel/time/clocksource.c:1085 do_one_initcall+0x12b/0x690 init/main.c:1241 do_initcall_level init/main.c:1303 [inline] do_initcalls init/main.c:1319 [inline] do_basic_setup init/main.c:1338 [inline] kernel_init_freeable+0x69d/0xc40 init/main.c:1550 kernel_init+0x1c/0x2a0 init/main.c:1439 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 IN-SOFTIRQ-W at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 __queue_work+0x39e/0x1170 kernel/workqueue.c:2360 call_timer_fn+0x1a3/0x5b0 kernel/time/timer.c:1792 expire_timers kernel/time/timer.c:1838 [inline] __run_timers+0x567/0xab0 kernel/time/timer.c:2408 __run_timer_base kernel/time/timer.c:2419 [inline] __run_timer_base kernel/time/timer.c:2412 [inline] run_timer_base+0x111/0x190 kernel/time/timer.c:2428 run_timer_softirq+0x1a/0x40 kernel/time/timer.c:2438 __do_softirq+0x21b/0x8de kernel/softirq.c:554 invoke_softirq kernel/softirq.c:428 [inline] __irq_exit_rcu kernel/softirq.c:633 [inline] irq_exit_rcu+0xb9/0x120 kernel/softirq.c:645 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline] sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1043 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline] arch_safe_halt arch/x86/include/asm/irqflags.h:86 [inline] default_idle+0xf/0x20 arch/x86/kernel/process.c:742 default_idle_call+0x6d/0xb0 kernel/sched/idle.c:117 cpuidle_idle_call kernel/sched/idle.c:191 [inline] do_idle+0x32c/0x3f0 kernel/sched/idle.c:332 cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:430 rest_init+0x16f/0x2b0 init/main.c:730 arch_call_rest_init+0x13/0x40 init/main.c:831 start_kernel+0x3a3/0x490 init/main.c:1077 x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:509 x86_64_start_kernel+0xb2/0xc0 arch/x86/kernel/head64.c:490 common_startup_64+0x13e/0x148 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 __queue_work+0x39e/0x1170 kernel/workqueue.c:2360 queue_work_on+0xf4/0x120 kernel/workqueue.c:2435 queue_work include/linux/workqueue.h:605 [inline] start_poll_synchronize_rcu_expedited+0x147/0x180 kernel/rcu/tree_exp.h:1017 rcu_init+0x1625/0x20c0 kernel/rcu/tree.c:5240 start_kernel+0x19e/0x490 init/main.c:969 x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:509 x86_64_start_kernel+0xb2/0xc0 arch/x86/kernel/head64.c:490 common_startup_64+0x13e/0x148 } ... key at: [] __key.17+0x0/0x40 -> (&nna->lock){..-.}-{2:2} { IN-SOFTIRQ-W at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 pwq_tryinc_nr_active+0x3ef/0x850 kernel/workqueue.c:1774 __queue_work+0x8a7/0x1170 kernel/workqueue.c:2395 call_timer_fn+0x1a3/0x5b0 kernel/time/timer.c:1792 expire_timers kernel/time/timer.c:1838 [inline] __run_timers+0x567/0xab0 kernel/time/timer.c:2408 __run_timer_base kernel/time/timer.c:2419 [inline] __run_timer_base kernel/time/timer.c:2412 [inline] run_timer_base+0x111/0x190 kernel/time/timer.c:2428 run_timer_softirq+0x1a/0x40 kernel/time/timer.c:2438 __do_softirq+0x21b/0x8de kernel/softirq.c:554 invoke_softirq kernel/softirq.c:428 [inline] __irq_exit_rcu kernel/softirq.c:633 [inline] irq_exit_rcu+0xb9/0x120 kernel/softirq.c:645 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline] sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1043 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 unwind_next_frame+0x10fb/0x23a0 arch/x86/kernel/unwind_orc.c:664 arch_stack_walk+0x100/0x170 arch/x86/kernel/stacktrace.c:25 stack_trace_save+0x95/0xd0 kernel/stacktrace.c:122 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 unpoison_slab_object mm/kasan/common.c:312 [inline] __kasan_slab_alloc+0x89/0x90 mm/kasan/common.c:338 kasan_slab_alloc include/linux/kasan.h:201 [inline] slab_post_alloc_hook mm/slub.c:3798 [inline] slab_alloc_node mm/slub.c:3845 [inline] kmem_cache_alloc+0x136/0x320 mm/slub.c:3852 kmem_cache_zalloc include/linux/slab.h:739 [inline] __kernfs_new_node+0xd3/0x8a0 fs/kernfs/dir.c:615 kernfs_new_node+0x18c/0x240 fs/kernfs/dir.c:691 __kernfs_create_file+0x53/0x340 fs/kernfs/file.c:1025 sysfs_add_file_mode_ns+0x1ff/0x3b0 fs/sysfs/file.c:307 create_files fs/sysfs/group.c:64 [inline] internal_create_group+0x31f/0xb50 fs/sysfs/group.c:152 kernel_add_sysfs_param kernel/params.c:819 [inline] param_sysfs_builtin kernel/params.c:856 [inline] param_sysfs_builtin_init+0x309/0x460 kernel/params.c:990 do_one_initcall+0x12b/0x690 init/main.c:1241 do_initcall_level init/main.c:1303 [inline] do_initcalls init/main.c:1319 [inline] do_basic_setup init/main.c:1338 [inline] kernel_init_freeable+0x69d/0xc40 init/main.c:1550 kernel_init+0x1c/0x2a0 init/main.c:1439 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 pwq_tryinc_nr_active+0x3ef/0x850 kernel/workqueue.c:1774 __queue_work+0x8a7/0x1170 kernel/workqueue.c:2395 queue_work_on+0xf4/0x120 kernel/workqueue.c:2435 queue_work include/linux/workqueue.h:605 [inline] call_usermodehelper_exec+0x1d2/0x4d0 kernel/umh.c:434 kobject_uevent_env+0x1718/0x1830 lib/kobject_uevent.c:618 kset_register+0x1b6/0x2b0 lib/kobject.c:877 class_register+0x22e/0x340 drivers/base/class.c:203 iscsi_transport_init+0x14f/0x2f0 drivers/scsi/scsi_transport_iscsi.c:4983 do_one_initcall+0x12b/0x690 init/main.c:1241 do_initcall_level init/main.c:1303 [inline] do_initcalls init/main.c:1319 [inline] do_basic_setup init/main.c:1338 [inline] kernel_init_freeable+0x69d/0xc40 init/main.c:1550 kernel_init+0x1c/0x2a0 init/main.c:1439 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 } ... key at: [] __key.2+0x0/0x40 ... acquired at: __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 pwq_tryinc_nr_active+0x3ef/0x850 kernel/workqueue.c:1774 __queue_work+0x8a7/0x1170 kernel/workqueue.c:2395 queue_work_on+0xf4/0x120 kernel/workqueue.c:2435 queue_work include/linux/workqueue.h:605 [inline] call_usermodehelper_exec+0x1d2/0x4d0 kernel/umh.c:434 kobject_uevent_env+0x1718/0x1830 lib/kobject_uevent.c:618 kset_register+0x1b6/0x2b0 lib/kobject.c:877 class_register+0x22e/0x340 drivers/base/class.c:203 iscsi_transport_init+0x14f/0x2f0 drivers/scsi/scsi_transport_iscsi.c:4983 do_one_initcall+0x12b/0x690 init/main.c:1241 do_initcall_level init/main.c:1303 [inline] do_initcalls init/main.c:1319 [inline] do_basic_setup init/main.c:1338 [inline] kernel_init_freeable+0x69d/0xc40 init/main.c:1550 kernel_init+0x1c/0x2a0 init/main.c:1439 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 the dependencies between the lock to be acquired and HARDIRQ-irq-unsafe lock: -> (&htab->buckets[i].lock){+.-.}-{2:2} { HARDIRQ-ON-W at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline] _raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178 spin_lock_bh include/linux/spinlock.h:356 [inline] sock_hash_free+0x130/0x820 net/core/sock_map.c:1154 map_create+0xf02/0x1c30 kernel/bpf/syscall.c:1402 __sys_bpf+0xae9/0x4b40 kernel/bpf/syscall.c:5613 __do_sys_bpf kernel/bpf/syscall.c:5738 [inline] __se_sys_bpf kernel/bpf/syscall.c:5736 [inline] __x64_sys_bpf+0x78/0xc0 kernel/bpf/syscall.c:5736 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xd5/0x260 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x6d/0x75 IN-SOFTIRQ-W at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline] _raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178 spin_lock_bh include/linux/spinlock.h:356 [inline] sock_hash_delete_elem+0xcb/0x260 net/core/sock_map.c:939 bpf_prog_2c29ac5cdc6b1842+0x42/0x4a bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline] __bpf_prog_run include/linux/filter.h:657 [inline] bpf_prog_run include/linux/filter.h:664 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2381 [inline] bpf_trace_run3+0x16a/0x440 kernel/trace/bpf_trace.c:2421 trace_kmem_cache_free include/trace/events/kmem.h:114 [inline] kmem_cache_free+0x1d4/0x360 mm/slub.c:4343 rcu_do_batch kernel/rcu/tree.c:2196 [inline] rcu_core+0x82b/0x16b0 kernel/rcu/tree.c:2471 __do_softirq+0x21b/0x8de kernel/softirq.c:554 invoke_softirq kernel/softirq.c:428 [inline] __irq_exit_rcu kernel/softirq.c:633 [inline] irq_exit_rcu+0xb9/0x120 kernel/softirq.c:645 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline] sysvec_apic_timer_interrupt+0x95/0xb0 arch/x86/kernel/apic/apic.c:1043 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 get_current arch/x86/include/asm/current.h:49 [inline] __sanitizer_cov_trace_pc+0xc/0x60 kernel/kcov.c:206 batadv_nc_purge_orig_hash net/batman-adv/network-coding.c:406 [inline] batadv_nc_worker+0x12a/0x10f0 net/batman-adv/network-coding.c:719 process_one_work+0x9ac/0x1a60 kernel/workqueue.c:3254 process_scheduled_works kernel/workqueue.c:3335 [inline] worker_thread+0x6c8/0xf70 kernel/workqueue.c:3416 kthread+0x2c4/0x3a0 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 INITIAL USE at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline] _raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178 spin_lock_bh include/linux/spinlock.h:356 [inline] sock_hash_free+0x130/0x820 net/core/sock_map.c:1154 map_create+0xf02/0x1c30 kernel/bpf/syscall.c:1402 __sys_bpf+0xae9/0x4b40 kernel/bpf/syscall.c:5613 __do_sys_bpf kernel/bpf/syscall.c:5738 [inline] __se_sys_bpf kernel/bpf/syscall.c:5736 [inline] __x64_sys_bpf+0x78/0xc0 kernel/bpf/syscall.c:5736 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xd5/0x260 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x6d/0x75 } ... key at: [] __key.0+0x0/0x40 ... acquired at: lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline] _raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178 spin_lock_bh include/linux/spinlock.h:356 [inline] sock_hash_delete_elem+0xcb/0x260 net/core/sock_map.c:939 bpf_prog_2c29ac5cdc6b1842+0x42/0x4a bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline] __bpf_prog_run include/linux/filter.h:657 [inline] bpf_prog_run include/linux/filter.h:664 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2381 [inline] bpf_trace_run1+0x14c/0x410 kernel/trace/bpf_trace.c:2419 __bpf_trace_workqueue_activate_work+0x98/0xd0 include/trace/events/workqueue.h:59 trace_workqueue_activate_work include/trace/events/workqueue.h:59 [inline] __pwq_activate_work+0x1e5/0x320 kernel/workqueue.c:1675 node_activate_pending_pwq kernel/workqueue.c:1926 [inline] pwq_dec_nr_active kernel/workqueue.c:1993 [inline] pwq_dec_nr_in_flight+0x762/0xed0 kernel/workqueue.c:2017 process_one_work+0xe2a/0x1a60 kernel/workqueue.c:3309 process_scheduled_works kernel/workqueue.c:3335 [inline] worker_thread+0x6c8/0xf70 kernel/workqueue.c:3416 kthread+0x2c4/0x3a0 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243 stack backtrace: CPU: 0 PID: 3830 Comm: kworker/u8:8 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 Workqueue: 0x0 (bat_events) Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114 print_bad_irq_dependency kernel/locking/lockdep.c:2626 [inline] check_irq_usage+0xe3c/0x1490 kernel/locking/lockdep.c:2865 check_prev_add kernel/locking/lockdep.c:3138 [inline] check_prevs_add kernel/locking/lockdep.c:3253 [inline] validate_chain kernel/locking/lockdep.c:3869 [inline] __lock_acquire+0x248e/0x3b30 kernel/locking/lockdep.c:5137 lock_acquire kernel/locking/lockdep.c:5754 [inline] lock_acquire+0x1b1/0x540 kernel/locking/lockdep.c:5719 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline] _raw_spin_lock_bh+0x33/0x40 kernel/locking/spinlock.c:178 spin_lock_bh include/linux/spinlock.h:356 [inline] sock_hash_delete_elem+0xcb/0x260 net/core/sock_map.c:939 bpf_prog_2c29ac5cdc6b1842+0x42/0x4a bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline] __bpf_prog_run include/linux/filter.h:657 [inline] bpf_prog_run include/linux/filter.h:664 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2381 [inline] bpf_trace_run1+0x14c/0x410 kernel/trace/bpf_trace.c:2419 __bpf_trace_workqueue_activate_work+0x98/0xd0 include/trace/events/workqueue.h:59 trace_workqueue_activate_work include/trace/events/workqueue.h:59 [inline] __pwq_activate_work+0x1e5/0x320 kernel/workqueue.c:1675 node_activate_pending_pwq kernel/workqueue.c:1926 [inline] pwq_dec_nr_active kernel/workqueue.c:1993 [inline] pwq_dec_nr_in_flight+0x762/0xed0 kernel/workqueue.c:2017 process_one_work+0xe2a/0x1a60 kernel/workqueue.c:3309 process_scheduled_works kernel/workqueue.c:3335 [inline] worker_thread+0x6c8/0xf70 kernel/workqueue.c:3416 kthread+0x2c4/0x3a0 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243