Warning: Permanently added '10.128.0.203' (ED25519) to the list of known hosts. executing program [ 40.582643][ T3500] [ 40.584988][ T3500] ============================================ [ 40.591131][ T3500] WARNING: possible recursive locking detected [ 40.597294][ T3500] 5.15.159-syzkaller #0 Not tainted [ 40.602467][ T3500] -------------------------------------------- [ 40.608592][ T3500] syz-executor425/3500 is trying to acquire lock: [ 40.614992][ T3500] ffff88801f21b168 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0x177/0x400 [ 40.625379][ T3500] [ 40.625379][ T3500] but task is already holding lock: [ 40.632733][ T3500] ffff88801f21b168 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0x177/0x400 [ 40.643071][ T3500] [ 40.643071][ T3500] other info that might help us debug this: [ 40.651113][ T3500] Possible unsafe locking scenario: [ 40.651113][ T3500] [ 40.658553][ T3500] CPU0 [ 40.661818][ T3500] ---- [ 40.665076][ T3500] lock(&htab->buckets[i].lock); [ 40.670078][ T3500] lock(&htab->buckets[i].lock); [ 40.675078][ T3500] [ 40.675078][ T3500] *** DEADLOCK *** [ 40.675078][ T3500] [ 40.683196][ T3500] May be due to missing lock nesting notation [ 40.683196][ T3500] [ 40.691491][ T3500] 4 locks held by syz-executor425/3500: [ 40.697014][ T3500] #0: ffffffff8c91fae0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 40.706308][ T3500] #1: ffff88801f21b168 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0x177/0x400 [ 40.717088][ T3500] #2: ffff88807c186290 (&psock->link_lock){+...}-{2:2}, at: sock_map_unref+0xcc/0x5d0 [ 40.726729][ T3500] #3: ffffffff8c91fae0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30 [ 40.736125][ T3500] [ 40.736125][ T3500] stack backtrace: [ 40.742003][ T3500] CPU: 0 PID: 3500 Comm: syz-executor425 Not tainted 5.15.159-syzkaller #0 [ 40.750582][ T3500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 40.760633][ T3500] Call Trace: [ 40.763901][ T3500] [ 40.766817][ T3500] dump_stack_lvl+0x1e3/0x2d0 [ 40.771484][ T3500] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 40.777101][ T3500] ? panic+0x860/0x860 [ 40.781154][ T3500] validate_chain+0x46d2/0x5930 [ 40.785989][ T3500] ? reacquire_held_locks+0x660/0x660 [ 40.791341][ T3500] ? check_noncircular+0x1e1/0x3b0 [ 40.796459][ T3500] ? lockdep_unlock+0x166/0x300 [ 40.801338][ T3500] ? lockdep_lock+0x2a0/0x2a0 [ 40.806378][ T3500] ? reacquire_held_locks+0x660/0x660 [ 40.811747][ T3500] ? mark_lock+0x98/0x340 [ 40.816084][ T3500] __lock_acquire+0x1295/0x1ff0 [ 40.820946][ T3500] lock_acquire+0x1db/0x4f0 [ 40.825433][ T3500] ? sock_hash_delete_elem+0x177/0x400 [ 40.830883][ T3500] ? read_lock_is_recursive+0x10/0x10 [ 40.836409][ T3500] ? sock_hash_delete_elem+0x177/0x400 [ 40.841996][ T3500] ? __bpf_trace_softirq+0x10/0x10 [ 40.847104][ T3500] ? sock_hash_delete_elem+0x177/0x400 [ 40.852554][ T3500] _raw_spin_lock_bh+0x31/0x40 [ 40.857312][ T3500] ? sock_hash_delete_elem+0x177/0x400 [ 40.862774][ T3500] sock_hash_delete_elem+0x177/0x400 [ 40.868048][ T3500] ? sock_hash_lookup+0x660/0x660 [ 40.873055][ T3500] bpf_prog_2c29ac5cdc6b1842+0x3a/0x84c [ 40.878583][ T3500] bpf_trace_run2+0x19e/0x340 [ 40.883256][ T3500] ? bpf_trace_run1+0x2f0/0x2f0 [ 40.888103][ T3500] ? sock_map_unref+0x3ac/0x5d0 [ 40.892967][ T3500] ? do_raw_spin_lock+0x14a/0x370 [ 40.897995][ T3500] ? __bpf_trace_softirq+0x10/0x10 [ 40.903092][ T3500] ? sock_map_unref+0x3ac/0x5d0 [ 40.907946][ T3500] __bpf_trace_kfree+0x6e/0x90 [ 40.912695][ T3500] ? sock_map_unref+0x3ac/0x5d0 [ 40.917554][ T3500] kfree+0x22f/0x270 [ 40.921463][ T3500] ? sock_map_unref+0xcc/0x5d0 [ 40.926285][ T3500] sock_map_unref+0x3ac/0x5d0 [ 40.930963][ T3500] sock_hash_delete_elem+0x388/0x400 [ 40.936498][ T3500] ? sock_hash_lookup+0x660/0x660 [ 40.941604][ T3500] bpf_prog_2c29ac5cdc6b1842+0x3a/0x84c [ 40.947150][ T3500] bpf_trace_run2+0x19e/0x340 [ 40.951826][ T3500] ? bpf_trace_run1+0x2f0/0x2f0 [ 40.956663][ T3500] ? exit_sem+0x1991/0x1a00 [ 40.961148][ T3500] ? exit_sem+0x18ec/0x1a00 [ 40.965632][ T3500] ? rcu_lock_release+0x5/0x20 [ 40.970376][ T3500] ? do_raw_spin_lock+0x14a/0x370 [ 40.975381][ T3500] ? exit_sem+0x1991/0x1a00 [ 40.979866][ T3500] __bpf_trace_kfree+0x6e/0x90 [ 40.984613][ T3500] ? exit_sem+0x1991/0x1a00 [ 40.989107][ T3500] kfree+0x22f/0x270 [ 40.992989][ T3500] exit_sem+0x1991/0x1a00 [ 40.997303][ T3500] ? __mmput+0x364/0x3b0 [ 41.001529][ T3500] ? exit_mm+0x6cd/0x7f0 [ 41.006014][ T3500] ? copy_semundo+0x230/0x230 [ 41.010686][ T3500] ? rcu_is_watching+0x11/0xa0 [ 41.015437][ T3500] do_exit+0x640/0x2480 [ 41.019580][ T3500] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 41.025552][ T3500] ? put_task_struct+0x80/0x80 [ 41.030299][ T3500] ? print_irqtrace_events+0x210/0x210 [ 41.035740][ T3500] ? _raw_spin_lock_irq+0xdb/0x110 [ 41.040845][ T3500] ? _raw_spin_unlock_irq+0x1f/0x40 [ 41.046051][ T3500] ? lockdep_hardirqs_on+0x94/0x130 [ 41.051238][ T3500] do_group_exit+0x144/0x310 [ 41.055814][ T3500] __x64_sys_exit_group+0x3b/0x40 [ 41.060821][ T3500] do_syscall_64+0x3b/0xb0 [ 41.065216][ T3500] ? clear_bhb_loop+0x15/0x70 [ 41.069874][ T3500] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 41.075744][ T3500] RIP: 0033:0x7f754b27f949 [ 41.080137][ T3500] Code: Unable to access opcode bytes at RIP 0x7f754b27f91f. [ 41.087476][ T3500] RSP: 002b:00007ffdd07303f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 41.095869][ T3500] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f754b27f949 [ 41.103824][ T3500] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 41.111786][ T3500] RBP: 00007f754b30b2d0 R08: ffffffffffffffb0 R09: 00007ffdd0730480 [ 41.119751][ T3500] R10: 00007ffdd0730480 R11: 0000000000000246 R12: 00007f754b30b2d0 [ 41.127710][ T3500] R13: 0000000000000000 R14: 00007f754b30be60 R15: 00007f754b24d760 [ 41.135768][ T3500]