DUID 00:04:03:2c:e5:fc:a2:19:b8:8b:c5:bf:62:63:19:3a:75:c6 forked to background, child pid 3171 [ 27.241388][ T3172] 8021q: adding VLAN 0 to HW filter on device bond0 [ 27.251703][ T3172] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.118' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 49.349943][ T3588] [ 49.352284][ T3588] ============================================ [ 49.358512][ T3588] WARNING: possible recursive locking detected [ 49.364646][ T3588] 5.18.0-rc3-next-20220419-syzkaller #0 Not tainted [ 49.371215][ T3588] -------------------------------------------- [ 49.377353][ T3588] syz-executor162/3588 is trying to acquire lock: [ 49.383750][ T3588] ffff888011a453d8 (&ctx->timeout_lock){....}-{2:2}, at: io_disarm_next+0x545/0xaa0 [ 49.393150][ T3588] [ 49.393150][ T3588] but task is already holding lock: [ 49.400497][ T3588] ffff888011a453d8 (&ctx->timeout_lock){....}-{2:2}, at: io_kill_timeouts+0x4c/0x227 [ 49.411452][ T3588] [ 49.411452][ T3588] other info that might help us debug this: [ 49.419634][ T3588] Possible unsafe locking scenario: [ 49.419634][ T3588] [ 49.427079][ T3588] CPU0 [ 49.430349][ T3588] ---- [ 49.433611][ T3588] lock(&ctx->timeout_lock); [ 49.438879][ T3588] lock(&ctx->timeout_lock); [ 49.443542][ T3588] [ 49.443542][ T3588] *** DEADLOCK *** [ 49.443542][ T3588] [ 49.451663][ T3588] May be due to missing lock nesting notation [ 49.451663][ T3588] [ 49.459965][ T3588] 2 locks held by syz-executor162/3588: [ 49.465494][ T3588] #0: ffff888011a45398 (&ctx->completion_lock){+.+.}-{2:2}, at: io_kill_timeouts+0x38/0x227 [ 49.475772][ T3588] #1: ffff888011a453d8 (&ctx->timeout_lock){....}-{2:2}, at: io_kill_timeouts+0x4c/0x227 [ 49.485669][ T3588] [ 49.485669][ T3588] stack backtrace: [ 49.491541][ T3588] CPU: 1 PID: 3588 Comm: syz-executor162 Not tainted 5.18.0-rc3-next-20220419-syzkaller #0 [ 49.501496][ T3588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 49.511540][ T3588] Call Trace: [ 49.514807][ T3588] [ 49.517723][ T3588] dump_stack_lvl+0xcd/0x134 [ 49.522311][ T3588] __lock_acquire.cold+0x1f5/0x3b4 [ 49.527417][ T3588] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 49.533391][ T3588] ? debug_object_deactivate+0x264/0x300 [ 49.539016][ T3588] lock_acquire+0x1ab/0x570 [ 49.543510][ T3588] ? io_disarm_next+0x545/0xaa0 [ 49.548348][ T3588] ? lock_release+0x780/0x780 [ 49.553021][ T3588] ? find_held_lock+0x2d/0x110 [ 49.557789][ T3588] _raw_spin_lock_irq+0x32/0x50 [ 49.562632][ T3588] ? io_disarm_next+0x545/0xaa0 [ 49.567504][ T3588] io_disarm_next+0x545/0xaa0 [ 49.572259][ T3588] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 49.578488][ T3588] __io_req_complete_post+0x794/0xd90 [ 49.583851][ T3588] io_kill_timeout+0x210/0x21d [ 49.588722][ T3588] io_kill_timeouts+0xe2/0x227 [ 49.593484][ T3588] io_ring_ctx_wait_and_kill+0x1eb/0x360 [ 49.599106][ T3588] ? io_ring_exit_work+0xf9b/0xf9b [ 49.604401][ T3588] ? __sanitizer_cov_trace_const_cmp2+0x22/0x80 [ 49.610637][ T3588] io_uring_release+0x42/0x46 [ 49.615408][ T3588] __fput+0x277/0x9d0 [ 49.619385][ T3588] ? io_ring_ctx_wait_and_kill+0x360/0x360 [ 49.625187][ T3588] task_work_run+0xdd/0x1a0 [ 49.629682][ T3588] do_exit+0xaff/0x2a00 [ 49.633834][ T3588] ? lock_downgrade+0x6e0/0x6e0 [ 49.638678][ T3588] ? mm_update_next_owner+0x7a0/0x7a0 [ 49.644053][ T3588] do_group_exit+0xd2/0x2f0 [ 49.648558][ T3588] __x64_sys_exit_group+0x3a/0x50 [ 49.653612][ T3588] do_syscall_64+0x35/0xb0 [ 49.658109][ T3588] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 49.663994][ T3588] RIP: 0033:0x7f786cb8ccb9 [ 49.668664][ T3588] Code: Unable to access opcode bytes at RIP 0x7f786cb8cc8f. [ 49.676005][ T3588] RSP: 002b:00007ffcf6b5b088 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 49.684401][ T3588] RAX: ffffffffffffffda RBX: 00007f786cc01350 RCX: 00007f786cb8ccb9 [ 49.692358][ T3588] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 49.700312][ T3588] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000000 [ 49.708337][ T3588] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f786cc01350 [ 49.716396][ T3588] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 [ 49.724369][ T3588]