syzbot

============================================
WARNING: possible recursive locking detected
6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 Not tainted
--------------------------------------------
syz-executor174/5963 is trying to acquire lock:
ffff88802ea401e0 (&qs->lock){....}-{2:2}, at: __queue_map_get+0x2b6/0x360 kernel/bpf/queue_stack_maps.c:105

but task is already holding lock:
ffff8880239cb1e0 (&qs->lock){....}-{2:2}, at: __queue_map_get+0x2b6/0x360 kernel/bpf/queue_stack_maps.c:105

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&qs->lock);
  lock(&qs->lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

4 locks held by syz-executor174/5963:
 #0: ffff88802ad33830 (&tsk->futex_exit_mutex){+.+.}-{4:4}, at: futex_cleanup_begin kernel/futex/core.c:1070 [inline]
 #0: ffff88802ad33830 (&tsk->futex_exit_mutex){+.+.}-{4:4}, at: futex_exit_release+0x2a/0x220 kernel/futex/core.c:1122
 #1: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #1: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #1: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2361 [inline]
 #1: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 kernel/trace/bpf_trace.c:2403
 #2: ffff8880239cb1e0 (&qs->lock){....}-{2:2}, at: __queue_map_get+0x2b6/0x360 kernel/bpf/queue_stack_maps.c:105
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2361 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 kernel/trace/bpf_trace.c:2403

stack backtrace:
CPU: 3 UID: 0 PID: 5963 Comm: syz-executor174 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_deadlock_bug+0x2e3/0x410 kernel/locking/lockdep.c:3037
 check_deadlock kernel/locking/lockdep.c:3089 [inline]
 validate_chain kernel/locking/lockdep.c:3891 [inline]
 __lock_acquire+0x2117/0x3c40 kernel/locking/lockdep.c:5226
 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5849
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162
 __queue_map_get+0x2b6/0x360 kernel/bpf/queue_stack_maps.c:105
 bpf_prog_583c8da43158804c+0x4b/0x4f
 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline]
 __bpf_prog_run include/linux/filter.h:701 [inline]
 bpf_prog_run include/linux/filter.h:708 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2362 [inline]
 bpf_trace_run2+0x231/0x590 kernel/trace/bpf_trace.c:2403
 __bpf_trace_contention_end+0xca/0x110 include/trace/events/lock.h:122
 __traceiter_contention_end+0x5a/0xa0 include/trace/events/lock.h:122
 trace_contention_end.constprop.0+0xf0/0x170 include/trace/events/lock.h:122
 __pv_queued_spin_lock_slowpath+0x27e/0xc90 kernel/locking/qspinlock.c:557
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:584 [inline]
 queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x210/0x2c0 kernel/locking/spinlock_debug.c:116
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0x42/0x60 kernel/locking/spinlock.c:162
 __queue_map_get+0x2b6/0x360 kernel/bpf/queue_stack_maps.c:105
 bpf_prog_583c8da43158804c+0x4b/0x4f
 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline]
 __bpf_prog_run include/linux/filter.h:701 [inline]
 bpf_prog_run include/linux/filter.h:708 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2362 [inline]
 bpf_trace_run2+0x231/0x590 kernel/trace/bpf_trace.c:2403
 __bpf_trace_contention_end+0xca/0x110 include/trace/events/lock.h:122
 __traceiter_contention_end+0x5a/0xa0 include/trace/events/lock.h:122
 trace_contention_end+0xd2/0x140 include/trace/events/lock.h:122
 __mutex_lock_common kernel/locking/mutex.c:594 [inline]
 __mutex_lock+0x1c2/0xa60 kernel/locking/mutex.c:735
 futex_cleanup_begin kernel/futex/core.c:1070 [inline]
 futex_exit_release+0x2a/0x220 kernel/futex/core.c:1122
 exit_mm_release+0x19/0x30 kernel/fork.c:1655
 exit_mm kernel/exit.c:543 [inline]
 do_exit+0x886/0x2d70 kernel/exit.c:925
 do_group_exit+0xd3/0x2a0 kernel/exit.c:1087
 __do_sys_exit_group kernel/exit.c:1098 [inline]
 __se_sys_exit_group kernel/exit.c:1096 [inline]
 __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1096
 x64_sys_call+0x151f/0x1720 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1a6aeec0f9
Code: 90 49 c7 c0 b8 ff ff ff be e7 00 00 00 ba 3c 00 00 00 eb 12 0f 1f 44 00 00 89 d0 0f 05 48 3d 00 f0 ff ff 77 1c f4 89 f0 0f 05 <48> 3d 00 f0 ff ff 76 e7 f7 d8 64 41 89 00 eb df 0f 1f 80 00 00 00
RSP: 002b:00007ffc56d0eba8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1a6aeec0f9
RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
RBP: 00007f1a6af672b0 R08: ffffffffffffffb8 R09: 00000000000000a0
R10: 00000000000000a0 R11: 0000000000000246 R12: 00007f1a6af672b0
R13: 0000000000000000 R14: 00007f1a6af67d20 R15: 00007f1a6aebd2a0
 </TASK>