Warning: Permanently added '10.128.1.160' (ED25519) to the list of known hosts. executing program [ 33.335829][ T4222] [ 33.336484][ T4222] ====================================================== [ 33.338220][ T4222] WARNING: possible circular locking dependency detected [ 33.340043][ T4222] 6.1.80-syzkaller #0 Not tainted [ 33.341386][ T4222] ------------------------------------------------------ [ 33.343281][ T4222] syz-executor166/4222 is trying to acquire lock: [ 33.345010][ T4222] ffff0000d5190130 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_diag_get_aux+0x680/0x750 [ 33.347523][ T4222] [ 33.347523][ T4222] but task is already holding lock: [ 33.349512][ T4222] ffff0000c4f993b0 (&h->lhash2[i].lock){+.+.}-{2:2}, at: inet_diag_dump_icsk+0xed8/0x1204 [ 33.352192][ T4222] [ 33.352192][ T4222] which lock already depends on the new lock. [ 33.352192][ T4222] [ 33.354983][ T4222] [ 33.354983][ T4222] the existing dependency chain (in reverse order) is: [ 33.357372][ T4222] [ 33.357372][ T4222] -> #1 (&h->lhash2[i].lock){+.+.}-{2:2}: [ 33.359453][ T4222] _raw_spin_lock+0x54/0x6c [ 33.360772][ T4222] __inet_hash+0x29c/0xb60 [ 33.362079][ T4222] inet_hash+0x74/0x9c [ 33.363288][ T4222] inet_csk_listen_start+0x1e4/0x2c8 [ 33.364806][ T4222] inet_listen+0x254/0x6d0 [ 33.366157][ T4222] mptcp_listen+0x198/0x43c [ 33.367452][ T4222] __sys_listen+0x1ac/0x21c [ 33.368730][ T4222] __arm64_sys_listen+0x5c/0x74 [ 33.370148][ T4222] invoke_syscall+0x98/0x2c0 [ 33.371484][ T4222] el0_svc_common+0x138/0x258 [ 33.372836][ T4222] do_el0_svc+0x64/0x218 [ 33.374064][ T4222] el0_svc+0x58/0x168 [ 33.375264][ T4222] el0t_64_sync_handler+0x84/0xf0 [ 33.376719][ T4222] el0t_64_sync+0x18c/0x190 [ 33.378032][ T4222] [ 33.378032][ T4222] -> #0 (k-sk_lock-AF_INET){+.+.}-{0:0}: [ 33.380168][ T4222] __lock_acquire+0x3338/0x7680 [ 33.381594][ T4222] lock_acquire+0x26c/0x7cc [ 33.382925][ T4222] subflow_get_info+0x164/0xba8 [ 33.384370][ T4222] tcp_diag_get_aux+0x680/0x750 [ 33.385807][ T4222] inet_sk_diag_fill+0xd60/0x1818 [ 33.387277][ T4222] inet_diag_dump_icsk+0x1040/0x1204 [ 33.388890][ T4222] tcp_diag_dump+0xac/0xc4 [ 33.390229][ T4222] __inet_diag_dump+0x1e8/0x33c [ 33.391569][ T4222] inet_diag_dump_compat+0x17c/0x288 [ 33.393162][ T4222] netlink_dump+0x46c/0xa78 [ 33.394491][ T4222] __netlink_dump_start+0x484/0x698 [ 33.396090][ T4222] inet_diag_rcv_msg_compat+0x1c8/0x41c [ 33.397763][ T4222] sock_diag_rcv_msg+0x174/0x39c [ 33.399201][ T4222] netlink_rcv_skb+0x20c/0x3b8 [ 33.400629][ T4222] sock_diag_rcv+0x3c/0x54 [ 33.401966][ T4222] netlink_unicast+0x65c/0x898 [ 33.403367][ T4222] netlink_sendmsg+0x834/0xb18 [ 33.404767][ T4222] ____sys_sendmsg+0x55c/0x848 [ 33.406184][ T4222] __sys_sendmsg+0x26c/0x33c [ 33.407542][ T4222] __arm64_sys_sendmsg+0x80/0x94 [ 33.408946][ T4222] invoke_syscall+0x98/0x2c0 [ 33.410249][ T4222] el0_svc_common+0x138/0x258 [ 33.411589][ T4222] do_el0_svc+0x64/0x218 [ 33.412825][ T4222] el0_svc+0x58/0x168 [ 33.414111][ T4222] el0t_64_sync_handler+0x84/0xf0 [ 33.415603][ T4222] el0t_64_sync+0x18c/0x190 [ 33.416937][ T4222] [ 33.416937][ T4222] other info that might help us debug this: [ 33.416937][ T4222] [ 33.419665][ T4222] Possible unsafe locking scenario: [ 33.419665][ T4222] [ 33.421604][ T4222] CPU0 CPU1 [ 33.423007][ T4222] ---- ---- [ 33.424382][ T4222] lock(&h->lhash2[i].lock); [ 33.425683][ T4222] lock(k-sk_lock-AF_INET); [ 33.427598][ T4222] lock(&h->lhash2[i].lock); [ 33.429491][ T4222] lock(k-sk_lock-AF_INET); [ 33.430728][ T4222] [ 33.430728][ T4222] *** DEADLOCK *** [ 33.430728][ T4222] [ 33.432961][ T4222] 5 locks held by syz-executor166/4222: [ 33.434410][ T4222] #0: ffff800017e05cc8 (sock_diag_mutex){+.+.}-{3:3}, at: sock_diag_rcv+0x2c/0x54 [ 33.436825][ T4222] #1: ffff800017e05b28 (sock_diag_table_mutex){+.+.}-{3:3}, at: sock_diag_rcv_msg+0x15c/0x39c [ 33.439530][ T4222] #2: ffff0000d3152690 (nlk_cb_mutex-SOCK_DIAG){+.+.}-{3:3}, at: netlink_dump+0xbc/0xa78 [ 33.442286][ T4222] #3: ffff800017edd7e8 (inet_diag_table_mutex){+.+.}-{3:3}, at: __inet_diag_dump+0x17c/0x33c [ 33.445003][ T4222] #4: ffff0000c4f993b0 (&h->lhash2[i].lock){+.+.}-{2:2}, at: inet_diag_dump_icsk+0xed8/0x1204 [ 33.447705][ T4222] [ 33.447705][ T4222] stack backtrace: [ 33.449287][ T4222] CPU: 1 PID: 4222 Comm: syz-executor166 Not tainted 6.1.80-syzkaller #0 [ 33.451529][ T4222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 33.454209][ T4222] Call trace: [ 33.455048][ T4222] dump_backtrace+0x1c8/0x1f4 [ 33.456280][ T4222] show_stack+0x2c/0x3c [ 33.457353][ T4222] dump_stack_lvl+0x108/0x170 [ 33.458620][ T4222] dump_stack+0x1c/0x58 [ 33.459781][ T4222] print_circular_bug+0x150/0x1b8 [ 33.461147][ T4222] check_noncircular+0x2cc/0x378 [ 33.462403][ T4222] __lock_acquire+0x3338/0x7680 [ 33.463643][ T4222] lock_acquire+0x26c/0x7cc [ 33.464824][ T4222] subflow_get_info+0x164/0xba8 [ 33.466113][ T4222] tcp_diag_get_aux+0x680/0x750 [ 33.467422][ T4222] inet_sk_diag_fill+0xd60/0x1818 [ 33.468763][ T4222] inet_diag_dump_icsk+0x1040/0x1204 [ 33.470194][ T4222] tcp_diag_dump+0xac/0xc4 [ 33.471398][ T4222] __inet_diag_dump+0x1e8/0x33c [ 33.472669][ T4222] inet_diag_dump_compat+0x17c/0x288 [ 33.474086][ T4222] netlink_dump+0x46c/0xa78 [ 33.475241][ T4222] __netlink_dump_start+0x484/0x698 [ 33.476605][ T4222] inet_diag_rcv_msg_compat+0x1c8/0x41c [ 33.478076][ T4222] sock_diag_rcv_msg+0x174/0x39c [ 33.479349][ T4222] netlink_rcv_skb+0x20c/0x3b8 [ 33.480644][ T4222] sock_diag_rcv+0x3c/0x54 [ 33.481815][ T4222] netlink_unicast+0x65c/0x898 [ 33.483123][ T4222] netlink_sendmsg+0x834/0xb18 [ 33.484431][ T4222] ____sys_sendmsg+0x55c/0x848 [ 33.485714][ T4222] __sys_sendmsg+0x26c/0x33c [ 33.486960][ T4222] __arm64_sys_sendmsg+0x80/0x94 [ 33.488295][ T4222] invoke_syscall+0x98/0x2c0 [ 33.489523][ T4222] el0_svc_common+0x138/0x258 [ 33.490771][ T4222] do_el0_svc+0x64/0x218 [ 33.491969][ T4222] el0_svc+0x58/0x168 [ 33.493009][ T4222] el0t_64_sync_handler+0x84/0xf0 [ 33.494349][ T4222] el0t_64_sync+0x18c/0x190 [ 33.495598][ T4222] BUG: sleeping function called from invalid context at net/core/sock.c:3516 [ 33.497834][ T4222] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4222, name: syz-executor166 [ 33.500268][ T4222] preempt_count: 1, expected: 0 [ 33.501525][ T4222] RCU nest depth: 0, expected: 0 [ 33.502804][ T4222] INFO: lockdep is turned off. [ 33.504035][ T4222] Preemption disabled at: [ 33.504044][ T4222] [] inet_diag_dump_icsk+0xed8/0x1204 [ 33.506968][ T4222] CPU: 1 PID: 4222 Comm: syz-executor166 Not tainted 6.1.80-syzkaller #0 [ 33.509110][ T4222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 33.511659][ T4222] Call trace: [ 33.512531][ T4222] dump_backtrace+0x1c8/0x1f4 [ 33.513786][ T4222] show_stack+0x2c/0x3c [ 33.514923][ T4222] dump_stack_lvl+0x108/0x170 [ 33.516183][ T4222] dump_stack+0x1c/0x58 [ 33.517293][ T4222] __might_resched+0x37c/0x4d8 [ 33.518570][ T4222] __might_sleep+0x90/0xe4 [ 33.519787][ T4222] __lock_sock_fast+0x38/0xec [ 33.521023][ T4222] subflow_get_info+0x16c/0xba8 [ 33.522327][ T4222] tcp_diag_get_aux+0x680/0x750 [ 33.523626][ T4222] inet_sk_diag_fill+0xd60/0x1818 [ 33.524980][ T4222] inet_diag_dump_icsk+0x1040/0x1204 [ 33.526487][ T4222] tcp_diag_dump+0xac/0xc4 [ 33.527665][ T4222] __inet_diag_dump+0x1e8/0x33c [ 33.529115][ T4222] inet_diag_dump_compat+0x17c/0x288 [ 33.530517][ T4222] netlink_dump+0x46c/0xa78 [ 33.531677][ T4222] __netlink_dump_start+0x484/0x698 [ 33.533055][ T4222] inet_diag_rcv_msg_compat+0x1c8/0x41c [ 33.534521][ T4222] sock_diag_rcv_msg+0x174/0x39c [ 33.535808][ T4222] netlink_rcv_skb+0x20c/0x3b8 [ 33.537032][ T4222] sock_diag_rcv+0x3c/0x54 [ 33.538204][ T4222] netlink_unicast+0x65c/0x898 [ 33.539475][ T4222] netlink_sendmsg+0x834/0xb18 [ 33.540734][ T4222] ____sys_sendmsg+0x55c/0x848 [ 33.542014][ T4222] __sys_sendmsg+0x26c/0x33c [ 33.543251][ T4222] __arm64_sys_sendmsg+0x80/0x94 [ 33.544571][ T4222] invoke_syscall+0x98/0x2c0 [ 33.545784][ T4222] el0_svc_common+0x138/0x258 [ 33.547047][ T4222] do_el0_svc+0x64/0x218 [ 33.548108][ T4222] el0_svc+0x58/0x168 [ 33.549176][ T4222] el0t_64_sync_handler+0x84/0xf0 [ 33.550502][ T4222] el0t_64_sync+0x18c/0x190