Warning: Permanently added '10.128.0.74' (ED25519) to the list of known hosts. 2024/03/17 17:48:30 ignoring optional flag "sandboxArg"="0" 2024/03/17 17:48:30 parsed 1 programs 2024/03/17 17:48:30 executed programs: 0 [ 44.583812][ T1793] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 45.159241][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.166729][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.200523][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.209120][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.217542][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.225447][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 45.459242][ T1798] device veth0_vlan entered promiscuous mode [ 45.465798][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 45.474629][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 45.482707][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 45.490120][ T21] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 45.617220][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 45.685450][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 45.694102][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 46.054470][ T2048] [ 46.056834][ T2048] ===================================================== [ 46.064083][ T2048] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 46.071854][ T2048] 5.18.0-rc1-syzkaller #0 Not tainted [ 46.077361][ T2048] ----------------------------------------------------- [ 46.084266][ T2048] syz-executor.0/2048 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 46.092592][ T2048] ffff888100e2d420 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0x4c/0xe0 [ 46.102947][ T2048] [ 46.102947][ T2048] and this task is already holding: [ 46.110575][ T2048] ffff888237d2d8d8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x156/0xa60 [ 46.119054][ T2048] which would create a new lock dependency: [ 46.125028][ T2048] (&rq->__lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 46.133507][ T2048] [ 46.133507][ T2048] but this new dependency connects a HARDIRQ-irq-safe lock: [ 46.143216][ T2048] (&rq->__lock){-.-.}-{2:2} [ 46.143222][ T2048] [ 46.143222][ T2048] ... which became HARDIRQ-irq-safe at: [ 46.156115][ T2048] lock_acquire+0x101/0x2f0 [ 46.161422][ T2048] _raw_spin_lock_nested+0x31/0x40 [ 46.166778][ T2048] scheduler_tick+0x4a/0x120 [ 46.171633][ T2048] update_process_times+0xa3/0xb0 [ 46.176803][ T2048] tick_periodic+0xcb/0xe0 [ 46.181304][ T2048] tick_handle_periodic+0x1e/0x80 [ 46.186380][ T2048] timer_interrupt+0x13/0x20 [ 46.191112][ T2048] __handle_irq_event_percpu+0xf1/0x390 [ 46.197059][ T2048] handle_irq_event+0x30/0x70 [ 46.202208][ T2048] handle_edge_irq+0xd4/0x1f0 [ 46.207227][ T2048] __common_interrupt+0xa4/0x150 [ 46.212234][ T2048] common_interrupt+0xa5/0xd0 [ 46.216967][ T2048] asm_common_interrupt+0x22/0x40 [ 46.222060][ T2048] console_unlock+0x5eb/0x7c0 [ 46.226801][ T2048] vprintk_emit+0x80/0x160 [ 46.231386][ T2048] _printk+0x58/0x72 [ 46.235641][ T2048] landlock_init+0x26/0x29 [ 46.240336][ T2048] initialize_lsm+0x24/0x54 [ 46.245217][ T2048] ordered_lsm_init+0x204/0x227 [ 46.250266][ T2048] security_init+0x40/0x46 [ 46.255541][ T2048] start_kernel+0x30d/0x3e0 [ 46.260287][ T2048] secondary_startup_64_no_verify+0xc4/0xcb [ 46.266515][ T2048] [ 46.266515][ T2048] to a HARDIRQ-irq-unsafe lock: [ 46.274316][ T2048] (&htab->buckets[i].lock){+...}-{2:2} [ 46.274324][ T2048] [ 46.274324][ T2048] ... which became HARDIRQ-irq-unsafe at: [ 46.287954][ T2048] ... [ 46.287956][ T2048] lock_acquire+0x101/0x2f0 [ 46.295725][ T2048] _raw_spin_lock_bh+0x35/0x50 [ 46.301648][ T2048] sock_hash_free+0x8e/0x290 [ 46.306676][ T2048] process_one_work+0x286/0x5b0 [ 46.312019][ T2048] worker_thread+0x244/0x3f0 [ 46.316761][ T2048] kthread+0xe5/0x100 [ 46.320813][ T2048] ret_from_fork+0x22/0x30 [ 46.325564][ T2048] [ 46.325564][ T2048] other info that might help us debug this: [ 46.325564][ T2048] [ 46.336520][ T2048] Possible interrupt unsafe locking scenario: [ 46.336520][ T2048] [ 46.346647][ T2048] CPU0 CPU1 [ 46.352167][ T2048] ---- ---- [ 46.357612][ T2048] lock(&htab->buckets[i].lock); [ 46.363747][ T2048] local_irq_disable(); [ 46.370586][ T2048] lock(&rq->__lock); [ 46.377936][ T2048] lock(&htab->buckets[i].lock); [ 46.385545][ T2048] [ 46.388974][ T2048] lock(&rq->__lock); [ 46.393625][ T2048] [ 46.393625][ T2048] *** DEADLOCK *** [ 46.393625][ T2048] [ 46.402026][ T2048] 2 locks held by syz-executor.0/2048: [ 46.407453][ T2048] #0: ffff888237d2d8d8 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x156/0xa60 [ 46.416806][ T2048] #1: ffffffff83185f30 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30 [ 46.426142][ T2048] [ 46.426142][ T2048] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 46.436933][ T2048] -> (&rq->__lock){-.-.}-{2:2} { [ 46.441960][ T2048] IN-HARDIRQ-W at: [ 46.446039][ T2048] lock_acquire+0x101/0x2f0 [ 46.452683][ T2048] _raw_spin_lock_nested+0x31/0x40 [ 46.459423][ T2048] scheduler_tick+0x4a/0x120 [ 46.465716][ T2048] update_process_times+0xa3/0xb0 [ 46.472449][ T2048] tick_periodic+0xcb/0xe0 [ 46.478863][ T2048] tick_handle_periodic+0x1e/0x80 [ 46.485591][ T2048] timer_interrupt+0x13/0x20 [ 46.491968][ T2048] __handle_irq_event_percpu+0xf1/0x390 [ 46.499482][ T2048] handle_irq_event+0x30/0x70 [ 46.505911][ T2048] handle_edge_irq+0xd4/0x1f0 [ 46.515244][ T2048] __common_interrupt+0xa4/0x150 [ 46.522074][ T2048] common_interrupt+0xa5/0xd0 [ 46.528548][ T2048] asm_common_interrupt+0x22/0x40 [ 46.535457][ T2048] console_unlock+0x5eb/0x7c0 [ 46.541941][ T2048] vprintk_emit+0x80/0x160 [ 46.548526][ T2048] _printk+0x58/0x72 [ 46.554489][ T2048] landlock_init+0x26/0x29 [ 46.561230][ T2048] initialize_lsm+0x24/0x54 [ 46.567452][ T2048] ordered_lsm_init+0x204/0x227 [ 46.574153][ T2048] security_init+0x40/0x46 [ 46.580572][ T2048] start_kernel+0x30d/0x3e0 [ 46.587661][ T2048] secondary_startup_64_no_verify+0xc4/0xcb [ 46.595469][ T2048] IN-SOFTIRQ-W at: [ 46.599419][ T2048] lock_acquire+0x101/0x2f0 [ 46.605982][ T2048] _raw_spin_lock_nested+0x31/0x40 [ 46.612800][ T2048] try_to_wake_up+0x25f/0x530 [ 46.619439][ T2048] call_timer_fn+0xe5/0x340 [ 46.625839][ T2048] __run_timers+0x16a/0x200 [ 46.632136][ T2048] run_timer_softirq+0x1f/0x40 [ 46.638976][ T2048] __do_softirq+0x205/0x51e [ 46.645459][ T2048] __irq_exit_rcu+0xb2/0x140 [ 46.651958][ T2048] irq_exit_rcu+0x9/0x20 [ 46.658003][ T2048] sysvec_apic_timer_interrupt+0x97/0xb0 [ 46.665434][ T2048] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 46.673200][ T2048] default_idle+0x13/0x20 [ 46.679474][ T2048] default_idle_call+0x4f/0x90 [ 46.685853][ T2048] do_idle+0xee/0x290 [ 46.691579][ T2048] cpu_startup_entry+0x18/0x20 [ 46.698397][ T2048] start_kernel+0x35d/0x3e0 [ 46.704604][ T2048] secondary_startup_64_no_verify+0xc4/0xcb [ 46.712295][ T2048] INITIAL USE at: [ 46.716156][ T2048] lock_acquire+0x101/0x2f0 [ 46.722444][ T2048] _raw_spin_lock_nested+0x31/0x40 [ 46.729718][ T2048] raw_spin_rq_lock_nested+0x1f/0x30 [ 46.736991][ T2048] rq_attach_root+0x51/0x1b0 [ 46.743218][ T2048] sched_init+0x30a/0x476 [ 46.749453][ T2048] start_kernel+0x185/0x3e0 [ 46.755618][ T2048] secondary_startup_64_no_verify+0xc4/0xcb [ 46.763948][ T2048] } [ 46.766659][ T2048] ... key at: [] sched_init.__key+0x0/0x10 [ 46.774811][ T2048] [ 46.774811][ T2048] the dependencies between the lock to be acquired [ 46.774813][ T2048] and HARDIRQ-irq-unsafe lock: [ 46.788626][ T2048] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 46.794777][ T2048] HARDIRQ-ON-W at: [ 46.798725][ T2048] lock_acquire+0x101/0x2f0 [ 46.805571][ T2048] _raw_spin_lock_bh+0x35/0x50 [ 46.812418][ T2048] sock_hash_free+0x8e/0x290 [ 46.819088][ T2048] process_one_work+0x286/0x5b0 [ 46.825908][ T2048] worker_thread+0x244/0x3f0 [ 46.832483][ T2048] kthread+0xe5/0x100 [ 46.838265][ T2048] ret_from_fork+0x22/0x30 [ 46.844393][ T2048] INITIAL USE at: [ 46.848268][ T2048] lock_acquire+0x101/0x2f0 [ 46.855553][ T2048] _raw_spin_lock_bh+0x35/0x50 [ 46.864236][ T2048] sock_hash_free+0x8e/0x290 [ 46.870556][ T2048] process_one_work+0x286/0x5b0 [ 46.877568][ T2048] worker_thread+0x244/0x3f0 [ 46.883968][ T2048] kthread+0xe5/0x100 [ 46.889671][ T2048] ret_from_fork+0x22/0x30 [ 46.896428][ T2048] } [ 46.899163][ T2048] ... key at: [] sock_hash_alloc.__key+0x0/0x10 [ 46.907642][ T2048] ... acquired at: [ 46.911525][ T2048] lock_acquire+0x101/0x2f0 [ 46.916846][ T2048] _raw_spin_lock_bh+0x35/0x50 [ 46.921861][ T2048] sock_hash_delete_elem+0x4c/0xe0 [ 46.927570][ T2048] bpf_map_delete_elem+0x31/0x40 [ 46.932760][ T2048] ___bpf_prog_run+0x13ea/0x1b70 [ 46.937922][ T2048] __bpf_prog_run32+0xbb/0xe0 [ 46.942738][ T2048] bpf_trace_run2+0x88/0x140 [ 46.947593][ T2048] trace_contention_end+0xb7/0xe0 [ 46.953195][ T2048] __pv_queued_spin_lock_slowpath+0x381/0x3c0 [ 46.959624][ T2048] queued_spin_lock_slowpath+0x11/0x20 [ 46.965317][ T2048] do_raw_spin_lock+0x8f/0xa0 [ 46.970876][ T2048] __schedule+0x156/0xa60 [ 46.975695][ T2048] __cond_resched+0x34/0x90 [ 46.980542][ T2048] dentry_kill+0x62/0x120 [ 46.985275][ T2048] dput+0xca/0x170 [ 46.989631][ T2048] __fput+0x16f/0x210 [ 46.993776][ T2048] task_work_run+0x66/0xa0 [ 46.998848][ T2048] exit_to_user_mode_loop+0xcd/0xe0 [ 47.004470][ T2048] exit_to_user_mode_prepare+0xb1/0x150 [ 47.010304][ T2048] syscall_exit_to_user_mode+0x62/0x2a0 [ 47.016431][ T2048] do_syscall_64+0x55/0xc0 [ 47.021165][ T2048] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 47.027918][ T2048] [ 47.030320][ T2048] [ 47.030320][ T2048] stack backtrace: [ 47.037406][ T2048] CPU: 1 PID: 2048 Comm: syz-executor.0 Not tainted 5.18.0-rc1-syzkaller #0 [ 47.046160][ T2048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024 [ 47.056277][ T2048] Call Trace: [ 47.059631][ T2048] [ 47.062824][ T2048] dump_stack_lvl+0x8d/0xdb [ 47.067403][ T2048] validate_chain+0x20a2/0x20e0 [ 47.072589][ T2048] __lock_acquire+0x8d8/0xb30 [ 47.077253][ T2048] lock_acquire+0x101/0x2f0 [ 47.081824][ T2048] ? sock_hash_delete_elem+0x4c/0xe0 [ 47.087099][ T2048] ? sock_hash_delete_elem+0x4c/0xe0 [ 47.092352][ T2048] _raw_spin_lock_bh+0x35/0x50 [ 47.097128][ T2048] ? sock_hash_delete_elem+0x4c/0xe0 [ 47.102555][ T2048] sock_hash_delete_elem+0x4c/0xe0 [ 47.107631][ T2048] bpf_map_delete_elem+0x31/0x40 [ 47.112723][ T2048] ___bpf_prog_run+0x13ea/0x1b70 [ 47.117921][ T2048] __bpf_prog_run32+0xbb/0xe0 [ 47.122737][ T2048] bpf_trace_run2+0x88/0x140 [ 47.127467][ T2048] trace_contention_end+0xb7/0xe0 [ 47.132478][ T2048] __pv_queued_spin_lock_slowpath+0x381/0x3c0 [ 47.138769][ T2048] queued_spin_lock_slowpath+0x11/0x20 [ 47.144195][ T2048] do_raw_spin_lock+0x8f/0xa0 [ 47.149022][ T2048] __schedule+0x156/0xa60 [ 47.153319][ T2048] __cond_resched+0x34/0x90 [ 47.157787][ T2048] dentry_kill+0x62/0x120 [ 47.162254][ T2048] dput+0xca/0x170 [ 47.166199][ T2048] __fput+0x16f/0x210 [ 47.170234][ T2048] task_work_run+0x66/0xa0 [ 47.174922][ T2048] exit_to_user_mode_loop+0xcd/0xe0 [ 47.180442][ T2048] exit_to_user_mode_prepare+0xb1/0x150 [ 47.186041][ T2048] syscall_exit_to_user_mode+0x62/0x2a0 [ 47.192696][ T2048] do_syscall_64+0x55/0xc0 [ 47.197082][ T2048] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 47.202945][ T2048] RIP: 0033:0x559c94b6cc9a [ 47.207332][ T2048] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24 [ 47.227098][ T2048] RSP: 002b:00007fffec5681b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 47.235570][ T2048] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000559c94b6cc9a [ 47.243697][ T2048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 47.251905][ T2048] RBP: 0000000000000226 R08: 0000001b2c160000 R09: 0000559c94c9bf8c [ 47.259901][ T2048] R10: 00007fffec568300 R11: 0000000000000293 R12: 00007f8f72f15910 [ 47.268041][ T2048] R13: ffffffffffffffff R14: 00007f8f72f15000 R15: 000000000000b3b2 [ 47.276188][ T2048]