============================================ WARNING: possible recursive locking detected 6.9.0-syzkaller-10219-g70ec81c2e2b4 #0 Not tainted -------------------------------------------- modprobe/19383 is trying to acquire lock: ffff88807bc4d220 (&stab->lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline] ffff88807bc4d220 (&stab->lock){+.-.}-{2:2}, at: __sock_map_delete net/core/sock_map.c:429 [inline] ffff88807bc4d220 (&stab->lock){+.-.}-{2:2}, at: sock_map_delete_elem+0x175/0x250 net/core/sock_map.c:461 but task is already holding lock: ffff888050a79a20 (&stab->lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline] ffff888050a79a20 (&stab->lock){+.-.}-{2:2}, at: __sock_map_delete net/core/sock_map.c:429 [inline] ffff888050a79a20 (&stab->lock){+.-.}-{2:2}, at: sock_map_delete_elem+0x175/0x250 net/core/sock_map.c:461 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&stab->lock); lock(&stab->lock); *** DEADLOCK *** May be due to missing lock nesting notation 8 locks held by modprobe/19383: #0: ffff88804e57edf0 (&vma->vm_lock->lock){++++}-{3:3}, at: vma_start_read include/linux/mm.h:678 [inline] #0: ffff88804e57edf0 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0 mm/memory.c:5844 #1: ffff88806ce9ba98 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_trylock include/linux/mmap_lock.h:163 [inline] #1: ffff88806ce9ba98 (&mm->mmap_lock){++++}-{3:3}, at: vmf_anon_prepare mm/memory.c:3240 [inline] #1: ffff88806ce9ba98 (&mm->mmap_lock){++++}-{3:3}, at: do_anonymous_page mm/memory.c:4457 [inline] #1: ffff88806ce9ba98 (&mm->mmap_lock){++++}-{3:3}, at: do_pte_missing mm/memory.c:3901 [inline] #1: ffff88806ce9ba98 (&mm->mmap_lock){++++}-{3:3}, at: handle_pte_fault+0x5810/0x70f0 mm/memory.c:5380 #2: ffff8880b9538828 (lock#10){+.+.}-{2:2}, at: local_lock_acquire include/linux/local_lock_internal.h:29 [inline] #2: ffff8880b9538828 (lock#10){+.+.}-{2:2}, at: __mmap_lock_do_trace_acquire_returned+0x8f/0x630 mm/mmap_lock.c:237 #3: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline] #3: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline] #3: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: get_memcg_path_buf mm/mmap_lock.c:139 [inline] #3: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: get_mm_memcg_path+0xb1/0x600 mm/mmap_lock.c:209 #4: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline] #4: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline] #4: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2402 [inline] #4: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x590 kernel/trace/bpf_trace.c:2446 #5: ffff888050a79a20 (&stab->lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline] #5: ffff888050a79a20 (&stab->lock){+.-.}-{2:2}, at: __sock_map_delete net/core/sock_map.c:429 [inline] #5: ffff888050a79a20 (&stab->lock){+.-.}-{2:2}, at: sock_map_delete_elem+0x175/0x250 net/core/sock_map.c:461 #6: ffff88804b6ea2b0 (&psock->link_lock){+...}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline] #6: ffff88804b6ea2b0 (&psock->link_lock){+...}-{2:2}, at: sock_map_del_link net/core/sock_map.c:157 [inline] #6: ffff88804b6ea2b0 (&psock->link_lock){+...}-{2:2}, at: sock_map_unref+0xcc/0x5e0 net/core/sock_map.c:192 #7: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:329 [inline] #7: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:781 [inline] #7: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2402 [inline] #7: ffffffff8e333d20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1fc/0x540 kernel/trace/bpf_trace.c:2444 stack backtrace: CPU: 1 PID: 19383 Comm: modprobe Not tainted 6.9.0-syzkaller-10219-g70ec81c2e2b4 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114 check_deadlock kernel/locking/lockdep.c:3062 [inline] validate_chain+0x15c1/0x58e0 kernel/locking/lockdep.c:3856 __lock_acquire+0x1346/0x1fd0 kernel/locking/lockdep.c:5137 lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline] _raw_spin_lock_bh+0x35/0x50 kernel/locking/spinlock.c:178 spin_lock_bh include/linux/spinlock.h:356 [inline] __sock_map_delete net/core/sock_map.c:429 [inline] sock_map_delete_elem+0x175/0x250 net/core/sock_map.c:461 bpf_prog_d284ea97e99fac5b+0x47/0x4f bpf_dispatcher_nop_func include/linux/bpf.h:1243 [inline] __bpf_prog_run include/linux/filter.h:691 [inline] bpf_prog_run include/linux/filter.h:698 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2403 [inline] bpf_trace_run2+0x2ee/0x540 kernel/trace/bpf_trace.c:2444 __traceiter_kfree+0x2d/0x50 include/trace/events/kmem.h:94 trace_kfree include/trace/events/kmem.h:94 [inline] kfree+0x2bb/0x360 mm/slub.c:4544 sk_psock_free_link include/linux/skmsg.h:423 [inline] sock_map_del_link net/core/sock_map.c:170 [inline] sock_map_unref+0x3ac/0x5e0 net/core/sock_map.c:192 __sock_map_delete net/core/sock_map.c:435 [inline] sock_map_delete_elem+0x1a2/0x250 net/core/sock_map.c:461 bpf_prog_2c29ac5cdc6b1842+0x42/0x4a bpf_dispatcher_nop_func include/linux/bpf.h:1243 [inline] __bpf_prog_run include/linux/filter.h:691 [inline] bpf_prog_run include/linux/filter.h:698 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2403 [inline] bpf_trace_run4+0x336/0x590 kernel/trace/bpf_trace.c:2446 trace_mmap_lock_acquire_returned include/trace/events/mmap_lock.h:52 [inline] __mmap_lock_do_trace_acquire_returned+0x5c8/0x630 mm/mmap_lock.c:237 __mmap_lock_trace_acquire_returned include/linux/mmap_lock.h:36 [inline] mmap_read_trylock include/linux/mmap_lock.h:164 [inline] vmf_anon_prepare mm/memory.c:3240 [inline] do_anonymous_page mm/memory.c:4457 [inline] do_pte_missing mm/memory.c:3901 [inline] handle_pte_fault+0x6fbb/0x70f0 mm/memory.c:5380 __handle_mm_fault mm/memory.c:5523 [inline] handle_mm_fault+0x10df/0x1ba0 mm/memory.c:5688 do_user_addr_fault arch/x86/mm/fault.c:1338 [inline] handle_page_fault arch/x86/mm/fault.c:1481 [inline] exc_page_fault+0x459/0x8c0 arch/x86/mm/fault.c:1539 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 RIP: 0033:0x7f6cbb74b3f3 Code: 00 c7 05 74 76 02 00 00 00 00 00 4c 8d 3d 15 16 02 00 48 c1 e0 02 48 89 45 c8 31 c0 4b 8b 0c d7 4c 89 cf 48 89 13 48 83 c3 08 <4c> 89 4a 18 49 89 d5 4c 89 72 08 4d 8d 4c 09 01 48 c7 42 10 00 00 RSP: 002b:00007ffc21e2fed0 EFLAGS: 00010206 RAX: 0000000000000000 RBX: 00007f6cbb775f48 RCX: 0000000000000007 RDX: 00007f6cbb73d000 RSI: 0000000000000050 RDI: 00007f6cbb766010 RBP: 00007ffc21e2ff10 R08: 00007f6cbb775f50 R09: 00007f6cbb766010 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000002 R14: 00007f6cbb768022 R15: 00007f6cbb76c9f0