Warning: Permanently added '10.128.0.173' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 58.972861][ T6865] [ 58.975311][ T6865] ============================================ [ 58.982602][ T6865] WARNING: possible recursive locking detected [ 58.988844][ T6865] 5.8.0-next-20200812-syzkaller #0 Not tainted [ 58.995122][ T6865] -------------------------------------------- [ 59.001251][ T6865] syz-executor137/6865 is trying to acquire lock: [ 59.007632][ T6865] ffff88809f4a54d8 (&ctx->completion_lock){....}-{2:2}, at: io_queue_linked_timeout+0x4c/0x200 [ 59.017944][ T6865] [ 59.017944][ T6865] but task is already holding lock: [ 59.025499][ T6865] ffff88809f4a54d8 (&ctx->completion_lock){....}-{2:2}, at: io_cqring_overflow_flush+0x814/0xaa0 [ 59.036121][ T6865] [ 59.036121][ T6865] other info that might help us debug this: [ 59.044156][ T6865] Possible unsafe locking scenario: [ 59.044156][ T6865] [ 59.051577][ T6865] CPU0 [ 59.054835][ T6865] ---- [ 59.058088][ T6865] lock(&ctx->completion_lock); [ 59.063015][ T6865] lock(&ctx->completion_lock); [ 59.067923][ T6865] [ 59.067923][ T6865] *** DEADLOCK *** [ 59.067923][ T6865] [ 59.076047][ T6865] May be due to missing lock nesting notation [ 59.076047][ T6865] [ 59.084453][ T6865] 1 lock held by syz-executor137/6865: [ 59.089880][ T6865] #0: ffff88809f4a54d8 (&ctx->completion_lock){....}-{2:2}, at: io_cqring_overflow_flush+0x814/0xaa0 [ 59.101238][ T6865] [ 59.101238][ T6865] stack backtrace: [ 59.107125][ T6865] CPU: 1 PID: 6865 Comm: syz-executor137 Not tainted 5.8.0-next-20200812-syzkaller #0 [ 59.116636][ T6865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 59.126672][ T6865] Call Trace: [ 59.129941][ T6865] dump_stack+0x18f/0x20d [ 59.134248][ T6865] __lock_acquire.cold+0x115/0x396 [ 59.141139][ T6865] ? lockdep_hardirqs_on_prepare+0x530/0x530 [ 59.147369][ T6865] ? io_wqe_wake_worker+0x1ce/0x6a0 [ 59.152553][ T6865] lock_acquire+0x1f1/0xad0 [ 59.157040][ T6865] ? io_queue_linked_timeout+0x4c/0x200 [ 59.162576][ T6865] ? lock_release+0x8e0/0x8e0 [ 59.167232][ T6865] ? io_wqe_wake_worker+0x276/0x6a0 [ 59.172407][ T6865] ? io_wq_for_each_worker.isra.0+0x370/0x370 [ 59.178468][ T6865] ? lockdep_hardirqs_off+0x89/0xc0 [ 59.183643][ T6865] _raw_spin_lock_irq+0x5b/0x80 [ 59.188502][ T6865] ? io_queue_linked_timeout+0x4c/0x200 [ 59.194025][ T6865] io_queue_linked_timeout+0x4c/0x200 [ 59.199373][ T6865] __io_queue_async_work+0x1f8/0x4c0 [ 59.204633][ T6865] io_commit_cqring+0x456/0x7a0 [ 59.209482][ T6865] io_cqring_overflow_flush+0x5b8/0xaa0 [ 59.215288][ T6865] ? io_timeout_fn+0x3f0/0x3f0 [ 59.220134][ T6865] ? lockdep_hardirqs_on_prepare+0x354/0x530 [ 59.226866][ T6865] ? trace_hardirqs_on+0x5f/0x220 [ 59.231878][ T6865] io_ring_ctx_wait_and_kill+0x30e/0x600 [ 59.237482][ T6865] io_uring_release+0x3e/0x50 [ 59.242130][ T6865] __fput+0x285/0x920 [ 59.246098][ T6865] ? io_ring_ctx_wait_and_kill+0x600/0x600 [ 59.251877][ T6865] task_work_run+0xdd/0x190 [ 59.256354][ T6865] do_exit+0xb7d/0x29f0 [ 59.260577][ T6865] ? mm_update_next_owner+0x7a0/0x7a0 [ 59.265929][ T6865] ? io_submit_sqes+0x2380/0x2380 [ 59.270925][ T6865] ? fput_many+0x2f/0x1a0 [ 59.275404][ T6865] ? lock_is_held_type+0xbb/0xf0 [ 59.280315][ T6865] do_group_exit+0x125/0x310 [ 59.284878][ T6865] __x64_sys_exit_group+0x3a/0x50 [ 59.289900][ T6865] do_syscall_64+0x2d/0x70 [ 59.294306][ T6865] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 59.300170][ T6865] RIP: 0033:0x43f598 [ 59.304048][ T6865] Code: Bad RIP value. [ 59.308087][ T6865] RSP: 002b:00007ffd475e45e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 59.316469][ T6865] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000043f598 [ 59.324430][ T6865] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 59.332373][ T6865] RBP: 00000000004beda8 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 59.340315][ T6865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 59.348262][ T6865] R13: 00000000006d11a0 R14: 0000000000000000 R15: 0000000000000000