Warning: Permanently added '10.128.1.12' (ED25519) to the list of known hosts. executing program [ 41.797138][ T4025] [ 41.797788][ T4025] ====================================================== [ 41.799782][ T4025] WARNING: possible circular locking dependency detected [ 41.801791][ T4025] 5.15.181-syzkaller #0 Not tainted [ 41.803215][ T4025] ------------------------------------------------------ [ 41.805154][ T4025] syz-executor802/4025 is trying to acquire lock: [ 41.806951][ T4025] ffff0000cb808120 (sk_lock-AF_INET6){+.+.}-{0:0}, at: inet_sk_diag_fill+0xbb4/0x1584 [ 41.809679][ T4025] [ 41.809679][ T4025] but task is already holding lock: [ 41.811723][ T4025] ffff0000c54bc630 (&h->lhash2[i].lock){+.+.}-{2:2}, at: mptcp_diag_dump+0x830/0x10f0 [ 41.814432][ T4025] [ 41.814432][ T4025] which lock already depends on the new lock. [ 41.814432][ T4025] [ 41.817334][ T4025] [ 41.817334][ T4025] the existing dependency chain (in reverse order) is: [ 41.819848][ T4025] [ 41.819848][ T4025] -> #1 (&h->lhash2[i].lock){+.+.}-{2:2}: [ 41.822017][ T4025] _raw_spin_lock+0xb0/0x10c [ 41.823480][ T4025] __inet_hash+0xd0/0x858 [ 41.824883][ T4025] inet6_hash+0x74/0x9c [ 41.826123][ T4025] inet_csk_listen_start+0x1e4/0x2c8 [ 41.827712][ T4025] inet_listen+0x290/0x694 [ 41.829064][ T4025] __sys_listen+0x198/0x21c [ 41.830431][ T4025] __arm64_sys_listen+0x5c/0x74 [ 41.831889][ T4025] invoke_syscall+0x98/0x2b8 [ 41.833305][ T4025] el0_svc_common+0x138/0x258 [ 41.834749][ T4025] do_el0_svc+0x58/0x14c [ 41.836073][ T4025] el0_svc+0x78/0x1e0 [ 41.837333][ T4025] el0t_64_sync_handler+0xcc/0xe4 [ 41.838876][ T4025] el0t_64_sync+0x1a0/0x1a4 [ 41.840280][ T4025] [ 41.840280][ T4025] -> #0 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 41.842407][ T4025] __lock_acquire+0x2928/0x651c [ 41.843924][ T4025] lock_acquire+0x1f4/0x620 [ 41.845346][ T4025] mptcp_diag_get_info+0x1fc/0x868 [ 41.846893][ T4025] inet_sk_diag_fill+0xbb4/0x1584 [ 41.848451][ T4025] mptcp_diag_dump+0xb5c/0x10f0 [ 41.849911][ T4025] __inet_diag_dump+0x1dc/0x350 [ 41.851434][ T4025] inet_diag_dump+0x4c/0x5c [ 41.852836][ T4025] netlink_dump+0x49c/0xab4 [ 41.854212][ T4025] __netlink_dump_start+0x480/0x6f0 [ 41.855875][ T4025] inet_diag_handler_cmd+0x190/0x268 [ 41.857526][ T4025] sock_diag_rcv_msg+0x168/0x390 [ 41.859003][ T4025] netlink_rcv_skb+0x208/0x3c4 [ 41.860426][ T4025] sock_diag_rcv+0x3c/0x54 [ 41.861805][ T4025] netlink_unicast+0x60c/0x89c [ 41.863310][ T4025] netlink_sendmsg+0x6e8/0x9cc [ 41.864796][ T4025] sock_write_iter+0x23c/0x31c [ 41.866279][ T4025] do_iter_readv_writev+0x3a0/0x4f8 [ 41.867842][ T4025] do_iter_write+0x1c4/0x670 [ 41.869229][ T4025] do_writev+0x1e0/0x380 [ 41.870507][ T4025] __arm64_sys_writev+0x80/0x94 [ 41.871947][ T4025] invoke_syscall+0x98/0x2b8 [ 41.873333][ T4025] el0_svc_common+0x138/0x258 [ 41.874834][ T4025] do_el0_svc+0x58/0x14c [ 41.876279][ T4025] el0_svc+0x78/0x1e0 [ 41.877554][ T4025] el0t_64_sync_handler+0xcc/0xe4 [ 41.879123][ T4025] el0t_64_sync+0x1a0/0x1a4 [ 41.880574][ T4025] [ 41.880574][ T4025] other info that might help us debug this: [ 41.880574][ T4025] [ 41.883474][ T4025] Possible unsafe locking scenario: [ 41.883474][ T4025] [ 41.885538][ T4025] CPU0 CPU1 [ 41.887021][ T4025] ---- ---- [ 41.888469][ T4025] lock(&h->lhash2[i].lock); [ 41.889770][ T4025] lock(sk_lock-AF_INET6); [ 41.891738][ T4025] lock(&h->lhash2[i].lock); [ 41.893733][ T4025] lock(sk_lock-AF_INET6); [ 41.894961][ T4025] [ 41.894961][ T4025] *** DEADLOCK *** [ 41.894961][ T4025] [ 41.897230][ T4025] 6 locks held by syz-executor802/4025: [ 41.898748][ T4025] #0: ffff800016281a28 (sock_diag_mutex){+.+.}-{3:3}, at: sock_diag_rcv+0x2c/0x54 [ 41.901406][ T4025] #1: ffff8000162818e8 (sock_diag_table_mutex){+.+.}-{3:3}, at: sock_diag_rcv_msg+0x214/0x390 [ 41.904277][ T4025] #2: ffff0000da1bc690 (nlk_cb_mutex-SOCK_DIAG){+.+.}-{3:3}, at: __netlink_dump_start+0x108/0x6f0 [ 41.907237][ T4025] #3: ffff800016359188 (inet_diag_table_mutex){+.+.}-{3:3}, at: __inet_diag_dump+0x170/0x350 [ 41.910074][ T4025] #4: ffff8000143211e0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c [ 41.912717][ T4025] #5: ffff0000c54bc630 (&h->lhash2[i].lock){+.+.}-{2:2}, at: mptcp_diag_dump+0x830/0x10f0 [ 41.915479][ T4025] [ 41.915479][ T4025] stack backtrace: [ 41.917040][ T4025] CPU: 0 PID: 4025 Comm: syz-executor802 Not tainted 5.15.181-syzkaller #0 [ 41.919393][ T4025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 41.922166][ T4025] Call trace: [ 41.923051][ T4025] dump_backtrace+0x0/0x43c [ 41.924286][ T4025] show_stack+0x2c/0x3c [ 41.925439][ T4025] __dump_stack+0x30/0x40 [ 41.926616][ T4025] dump_stack_lvl+0xf8/0x160 [ 41.927907][ T4025] dump_stack+0x1c/0x5c [ 41.929059][ T4025] print_circular_bug+0x148/0x1b0 [ 41.930423][ T4025] check_noncircular+0x240/0x2d4 [ 41.931830][ T4025] __lock_acquire+0x2928/0x651c [ 41.933191][ T4025] lock_acquire+0x1f4/0x620 [ 41.934426][ T4025] mptcp_diag_get_info+0x1fc/0x868 [ 41.935936][ T4025] inet_sk_diag_fill+0xbb4/0x1584 [ 41.937422][ T4025] mptcp_diag_dump+0xb5c/0x10f0 [ 41.938806][ T4025] __inet_diag_dump+0x1dc/0x350 [ 41.940168][ T4025] inet_diag_dump+0x4c/0x5c [ 41.941432][ T4025] netlink_dump+0x49c/0xab4 [ 41.942695][ T4025] __netlink_dump_start+0x480/0x6f0 [ 41.944104][ T4025] inet_diag_handler_cmd+0x190/0x268 [ 41.945578][ T4025] sock_diag_rcv_msg+0x168/0x390 [ 41.946952][ T4025] netlink_rcv_skb+0x208/0x3c4 [ 41.948238][ T4025] sock_diag_rcv+0x3c/0x54 [ 41.949503][ T4025] netlink_unicast+0x60c/0x89c [ 41.950814][ T4025] netlink_sendmsg+0x6e8/0x9cc [ 41.952170][ T4025] sock_write_iter+0x23c/0x31c [ 41.953476][ T4025] do_iter_readv_writev+0x3a0/0x4f8 [ 41.954941][ T4025] do_iter_write+0x1c4/0x670 [ 41.956224][ T4025] do_writev+0x1e0/0x380 [ 41.957436][ T4025] __arm64_sys_writev+0x80/0x94 [ 41.958784][ T4025] invoke_syscall+0x98/0x2b8 [ 41.960082][ T4025] el0_svc_common+0x138/0x258 [ 41.961454][ T4025] do_el0_svc+0x58/0x14c [ 41.962585][ T4025] el0_svc+0x78/0x1e0 [ 41.963658][ T4025] el0t_64_sync_handler+0xcc/0xe4 [ 41.965048][ T4025] el0t_64_sync+0x1a0/0x1a4 [ 41.966379][ T4025] BUG: sleeping function called from invalid context at net/core/sock.c:3283 [ 41.968766][ T4025] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4025, name: syz-executor802 [ 41.971356][ T4025] INFO: lockdep is turned off. [ 41.972601][ T4025] Preemption disabled at: [ 41.972611][ T4025] [] mptcp_diag_dump+0x830/0x10f0 [ 41.975650][ T4025] CPU: 0 PID: 4025 Comm: syz-executor802 Not tainted 5.15.181-syzkaller #0 [ 41.978012][ T4025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 41.980803][ T4025] Call trace: [ 41.981686][ T4025] dump_backtrace+0x0/0x43c [ 41.982942][ T4025] show_stack+0x2c/0x3c [ 41.984116][ T4025] __dump_stack+0x30/0x40 [ 41.985316][ T4025] dump_stack_lvl+0xf8/0x160 [ 41.986650][ T4025] dump_stack+0x1c/0x5c [ 41.987809][ T4025] ___might_sleep+0x358/0x4d4 [ 41.989180][ T4025] __might_sleep+0x98/0x124 [ 41.990430][ T4025] __lock_sock_fast+0x3c/0xec [ 41.991687][ T4025] mptcp_diag_get_info+0x204/0x868 [ 41.993076][ T4025] inet_sk_diag_fill+0xbb4/0x1584 [ 41.994445][ T4025] mptcp_diag_dump+0xb5c/0x10f0 [ 41.995815][ T4025] __inet_diag_dump+0x1dc/0x350 [ 41.997110][ T4025] inet_diag_dump+0x4c/0x5c [ 41.998342][ T4025] netlink_dump+0x49c/0xab4 [ 41.999600][ T4025] __netlink_dump_start+0x480/0x6f0 [ 42.001059][ T4025] inet_diag_handler_cmd+0x190/0x268 [ 42.002507][ T4025] sock_diag_rcv_msg+0x168/0x390 [ 42.003828][ T4025] netlink_rcv_skb+0x208/0x3c4 [ 42.005077][ T4025] sock_diag_rcv+0x3c/0x54 [ 42.006245][ T4025] netlink_unicast+0x60c/0x89c [ 42.007507][ T4025] netlink_sendmsg+0x6e8/0x9cc [ 42.008768][ T4025] sock_write_iter+0x23c/0x31c [ 42.010017][ T4025] do_iter_readv_writev+0x3a0/0x4f8 [ 42.011381][ T4025] do_iter_write+0x1c4/0x670 [ 42.012593][ T4025] do_writev+0x1e0/0x380 [ 42.013754][ T4025] __arm64_sys_writev+0x80/0x94 [ 42.015134][ T4025] invoke_syscall+0x98/0x2b8 [ 42.016356][ T4025] el0_svc_common+0x138/0x258 [ 42.017607][ T4025] do_el0_svc+0x58/0x14c [ 42.018733][ T4025] el0_svc+0x78/0x1e0 [ 42.019782][ T4025] el0t_64_sync_handler+0xcc/0xe4 [ 42.021181][ T4025] el0t_64_sync+0x1a0/0x1a4