Warning: Permanently added '10.128.1.71' (ED25519) to the list of known hosts. executing program [ 42.314293][ T3960] [ 42.314983][ T3960] ====================================================== [ 42.316814][ T3960] WARNING: possible circular locking dependency detected [ 42.318687][ T3960] 5.15.152-syzkaller #0 Not tainted [ 42.320085][ T3960] ------------------------------------------------------ [ 42.321994][ T3960] syz-executor746/3960 is trying to acquire lock: [ 42.323707][ T3960] ffff0000c5d88120 (sk_lock-AF_INET6){+.+.}-{0:0}, at: inet_sk_diag_fill+0xcb8/0x17b4 [ 42.326293][ T3960] [ 42.326293][ T3960] but task is already holding lock: [ 42.328259][ T3960] ffff0000c5728e48 (&h->lhash2[i].lock){+.+.}-{2:2}, at: mptcp_diag_dump+0x7b0/0x10dc [ 42.330869][ T3960] [ 42.330869][ T3960] which lock already depends on the new lock. [ 42.330869][ T3960] [ 42.333673][ T3960] [ 42.333673][ T3960] the existing dependency chain (in reverse order) is: [ 42.336032][ T3960] [ 42.336032][ T3960] -> #1 (&h->lhash2[i].lock){+.+.}-{2:2}: [ 42.338188][ T3960] _raw_spin_lock+0xb0/0x10c [ 42.339561][ T3960] __inet_hash+0xd8/0x754 [ 42.340882][ T3960] inet6_hash+0x74/0x9c [ 42.342100][ T3960] inet_csk_listen_start+0x1e8/0x2cc [ 42.343640][ T3960] inet_listen+0x258/0x6d4 [ 42.345034][ T3960] __sys_listen+0x1ac/0x21c [ 42.346339][ T3960] __arm64_sys_listen+0x5c/0x74 [ 42.347838][ T3960] invoke_syscall+0x98/0x2b8 [ 42.349185][ T3960] el0_svc_common+0x138/0x258 [ 42.350560][ T3960] do_el0_svc+0x58/0x14c [ 42.351798][ T3960] el0_svc+0x7c/0x1f0 [ 42.352973][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 42.354413][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 42.355786][ T3960] [ 42.355786][ T3960] -> #0 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 42.357827][ T3960] __lock_acquire+0x32d4/0x7638 [ 42.359260][ T3960] lock_acquire+0x240/0x77c [ 42.360613][ T3960] mptcp_diag_get_info+0x208/0x8a0 [ 42.362300][ T3960] inet_sk_diag_fill+0xcb8/0x17b4 [ 42.363859][ T3960] mptcp_diag_dump+0xb4c/0x10dc [ 42.365289][ T3960] __inet_diag_dump+0x1e8/0x33c [ 42.366760][ T3960] inet_diag_dump_compat+0x17c/0x288 [ 42.368388][ T3960] netlink_dump+0x470/0xa88 [ 42.369774][ T3960] __netlink_dump_start+0x488/0x6ec [ 42.371261][ T3960] inet_diag_rcv_msg_compat+0x1c8/0x41c [ 42.372889][ T3960] sock_diag_rcv_msg+0x174/0x39c [ 42.374300][ T3960] netlink_rcv_skb+0x20c/0x3b8 [ 42.375711][ T3960] sock_diag_rcv+0x3c/0x54 [ 42.376988][ T3960] netlink_unicast+0x664/0x938 [ 42.378333][ T3960] netlink_sendmsg+0x844/0xb38 [ 42.379692][ T3960] ____sys_sendmsg+0x584/0x870 [ 42.381086][ T3960] ___sys_sendmsg+0x214/0x294 [ 42.382437][ T3960] __arm64_sys_sendmsg+0x1ac/0x25c [ 42.383854][ T3960] invoke_syscall+0x98/0x2b8 [ 42.385207][ T3960] el0_svc_common+0x138/0x258 [ 42.386569][ T3960] do_el0_svc+0x58/0x14c [ 42.387834][ T3960] el0_svc+0x7c/0x1f0 [ 42.389043][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 42.390479][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 42.391819][ T3960] [ 42.391819][ T3960] other info that might help us debug this: [ 42.391819][ T3960] [ 42.394444][ T3960] Possible unsafe locking scenario: [ 42.394444][ T3960] [ 42.396428][ T3960] CPU0 CPU1 [ 42.397849][ T3960] ---- ---- [ 42.399235][ T3960] lock(&h->lhash2[i].lock); [ 42.400440][ T3960] lock(sk_lock-AF_INET6); [ 42.402264][ T3960] lock(&h->lhash2[i].lock); [ 42.404128][ T3960] lock(sk_lock-AF_INET6); [ 42.405249][ T3960] [ 42.405249][ T3960] *** DEADLOCK *** [ 42.405249][ T3960] [ 42.407377][ T3960] 6 locks held by syz-executor746/3960: [ 42.408824][ T3960] #0: ffff800016a044c8 (sock_diag_mutex){+.+.}-{3:3}, at: sock_diag_rcv+0x2c/0x54 [ 42.411311][ T3960] #1: ffff800016a04328 (sock_diag_table_mutex){+.+.}-{3:3}, at: sock_diag_rcv_msg+0x15c/0x39c [ 42.414083][ T3960] #2: ffff0000dc498690 (nlk_cb_mutex-SOCK_DIAG){+.+.}-{3:3}, at: netlink_dump+0xbc/0xa88 [ 42.416699][ T3960] #3: ffff800016add668 (inet_diag_table_mutex){+.+.}-{3:3}, at: __inet_diag_dump+0x17c/0x33c [ 42.419405][ T3960] #4: ffff800014ae14a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c [ 42.421930][ T3960] #5: ffff0000c5728e48 (&h->lhash2[i].lock){+.+.}-{2:2}, at: mptcp_diag_dump+0x7b0/0x10dc [ 42.424553][ T3960] [ 42.424553][ T3960] stack backtrace: [ 42.426117][ T3960] CPU: 1 PID: 3960 Comm: syz-executor746 Not tainted 5.15.152-syzkaller #0 [ 42.428397][ T3960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 42.431033][ T3960] Call trace: [ 42.431864][ T3960] dump_backtrace+0x0/0x530 [ 42.433057][ T3960] show_stack+0x2c/0x3c [ 42.434130][ T3960] dump_stack_lvl+0x108/0x170 [ 42.435320][ T3960] dump_stack+0x1c/0x58 [ 42.436405][ T3960] print_circular_bug+0x150/0x1b8 [ 42.437757][ T3960] check_noncircular+0x2cc/0x378 [ 42.439011][ T3960] __lock_acquire+0x32d4/0x7638 [ 42.440237][ T3960] lock_acquire+0x240/0x77c [ 42.441381][ T3960] mptcp_diag_get_info+0x208/0x8a0 [ 42.442674][ T3960] inet_sk_diag_fill+0xcb8/0x17b4 [ 42.443980][ T3960] mptcp_diag_dump+0xb4c/0x10dc [ 42.445229][ T3960] __inet_diag_dump+0x1e8/0x33c [ 42.446435][ T3960] inet_diag_dump_compat+0x17c/0x288 [ 42.447818][ T3960] netlink_dump+0x470/0xa88 [ 42.448989][ T3960] __netlink_dump_start+0x488/0x6ec [ 42.450351][ T3960] inet_diag_rcv_msg_compat+0x1c8/0x41c [ 42.451745][ T3960] sock_diag_rcv_msg+0x174/0x39c [ 42.453034][ T3960] netlink_rcv_skb+0x20c/0x3b8 [ 42.454276][ T3960] sock_diag_rcv+0x3c/0x54 [ 42.455428][ T3960] netlink_unicast+0x664/0x938 [ 42.456661][ T3960] netlink_sendmsg+0x844/0xb38 [ 42.457917][ T3960] ____sys_sendmsg+0x584/0x870 [ 42.459200][ T3960] ___sys_sendmsg+0x214/0x294 [ 42.460410][ T3960] __arm64_sys_sendmsg+0x1ac/0x25c [ 42.461696][ T3960] invoke_syscall+0x98/0x2b8 [ 42.462896][ T3960] el0_svc_common+0x138/0x258 [ 42.464156][ T3960] do_el0_svc+0x58/0x14c [ 42.465301][ T3960] el0_svc+0x7c/0x1f0 [ 42.466358][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 42.467600][ T3960] el0t_64_sync+0x1a0/0x1a4 [ 42.468887][ T3960] BUG: sleeping function called from invalid context at net/core/sock.c:3271 [ 42.471108][ T3960] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3960, name: syz-executor746 [ 42.473531][ T3960] INFO: lockdep is turned off. [ 42.474705][ T3960] Preemption disabled at: [ 42.474727][ T3960] [] mptcp_diag_dump+0x7b0/0x10dc [ 42.477590][ T3960] CPU: 1 PID: 3960 Comm: syz-executor746 Not tainted 5.15.152-syzkaller #0 [ 42.479920][ T3960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024 [ 42.482499][ T3960] Call trace: [ 42.483370][ T3960] dump_backtrace+0x0/0x530 [ 42.484552][ T3960] show_stack+0x2c/0x3c [ 42.485650][ T3960] dump_stack_lvl+0x108/0x170 [ 42.486906][ T3960] dump_stack+0x1c/0x58 [ 42.488030][ T3960] ___might_sleep+0x380/0x4dc [ 42.489260][ T3960] __might_sleep+0x98/0xf0 [ 42.490426][ T3960] __lock_sock_fast+0x3c/0xf0 [ 42.491634][ T3960] mptcp_diag_get_info+0x210/0x8a0 [ 42.493054][ T3960] inet_sk_diag_fill+0xcb8/0x17b4 [ 42.494336][ T3960] mptcp_diag_dump+0xb4c/0x10dc [ 42.495604][ T3960] __inet_diag_dump+0x1e8/0x33c [ 42.496929][ T3960] inet_diag_dump_compat+0x17c/0x288 [ 42.498321][ T3960] netlink_dump+0x470/0xa88 [ 42.499523][ T3960] __netlink_dump_start+0x488/0x6ec [ 42.500908][ T3960] inet_diag_rcv_msg_compat+0x1c8/0x41c [ 42.502371][ T3960] sock_diag_rcv_msg+0x174/0x39c [ 42.503696][ T3960] netlink_rcv_skb+0x20c/0x3b8 [ 42.505048][ T3960] sock_diag_rcv+0x3c/0x54 [ 42.506238][ T3960] netlink_unicast+0x664/0x938 [ 42.507468][ T3960] netlink_sendmsg+0x844/0xb38 [ 42.508765][ T3960] ____sys_sendmsg+0x584/0x870 [ 42.510053][ T3960] ___sys_sendmsg+0x214/0x294 [ 42.511240][ T3960] __arm64_sys_sendmsg+0x1ac/0x25c [ 42.512586][ T3960] invoke_syscall+0x98/0x2b8 [ 42.513801][ T3960] el0_svc_common+0x138/0x258 [ 42.515006][ T3960] do_el0_svc+0x58/0x14c [ 42.516141][ T3960] el0_svc+0x7c/0x1f0 [ 42.517197][ T3960] el0t_64_sync_handler+0x84/0xe4 [ 42.518539][ T3960] el0t_64_sync+0x1a0/0x1a4