============================================
WARNING: possible recursive locking detected
4.14.232-syzkaller #0 Not tainted
--------------------------------------------
syz-executor.1/10345 is trying to acquire lock:
 (&(&bond->stats_lock)->rlock#2/2){+.+.}, at: [<ffffffff83ca53b7>] bond_get_stats+0xb7/0x440 drivers/net/bonding/bond_main.c:3457

but task is already holding lock:
 (&(&bond->stats_lock)->rlock#2/2){+.+.}, at: [<ffffffff83ca53b7>] bond_get_stats+0xb7/0x440 drivers/net/bonding/bond_main.c:3457

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&(&bond->stats_lock)->rlock#2/2);
  lock(&(&bond->stats_lock)->rlock#2/2);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

3 locks held by syz-executor.1/10345:
 #0:  (rtnl_mutex){+.+.}, at: [<ffffffff85c772dd>] rtnl_lock net/core/rtnetlink.c:72 [inline]
 #0:  (rtnl_mutex){+.+.}, at: [<ffffffff85c772dd>] rtnetlink_rcv_msg+0x31d/0xb10 net/core/rtnetlink.c:4311
 #1:  (&(&bond->stats_lock)->rlock#2/2){+.+.}, at: [<ffffffff83ca53b7>] bond_get_stats+0xb7/0x440 drivers/net/bonding/bond_main.c:3457
 #2:  (rcu_read_lock){....}, at: [<ffffffff83ca539b>] bond_get_nest_level drivers/net/bonding/bond_main.c:3446 [inline]
 #2:  (rcu_read_lock){....}, at: [<ffffffff83ca539b>] bond_get_stats+0x9b/0x440 drivers/net/bonding/bond_main.c:3457

stack backtrace:
CPU: 0 PID: 10345 Comm: syz-executor.1 Not tainted 4.14.232-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x1b2/0x281 lib/dump_stack.c:58
 print_deadlock_bug kernel/locking/lockdep.c:1800 [inline]
 check_deadlock kernel/locking/lockdep.c:1847 [inline]
 validate_chain kernel/locking/lockdep.c:2448 [inline]
 __lock_acquire.cold+0x180/0x97c kernel/locking/lockdep.c:3491
 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
 _raw_spin_lock_nested+0x30/0x40 kernel/locking/spinlock.c:362
 bond_get_stats+0xb7/0x440 drivers/net/bonding/bond_main.c:3457
 dev_get_stats+0xa5/0x280 net/core/dev.c:8011
 bond_get_stats+0x1da/0x440 drivers/net/bonding/bond_main.c:3463
 dev_get_stats+0xa5/0x280 net/core/dev.c:8011
 rtnl_fill_stats+0x48/0xa90 net/core/rtnetlink.c:1079
 rtnl_fill_ifinfo+0xe16/0x3050 net/core/rtnetlink.c:1385
 rtmsg_ifinfo_build_skb+0x8e/0x130 net/core/rtnetlink.c:2913
 rtmsg_ifinfo_event net/core/rtnetlink.c:2943 [inline]
 rtmsg_ifinfo_event net/core/rtnetlink.c:2934 [inline]
 rtnetlink_event+0xee/0x1a0 net/core/rtnetlink.c:4360
 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93
 call_netdevice_notifiers_info net/core/dev.c:1667 [inline]
 call_netdevice_notifiers net/core/dev.c:1683 [inline]
 netdev_features_change net/core/dev.c:1296 [inline]
 netdev_change_features+0x7e/0xa0 net/core/dev.c:7449
 bond_compute_features+0x444/0x860 drivers/net/bonding/bond_main.c:1122
 bond_slave_netdev_event drivers/net/bonding/bond_main.c:3191 [inline]
 bond_netdev_event+0x664/0xbd0 drivers/net/bonding/bond_main.c:3232
 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93
 call_netdevice_notifiers_info net/core/dev.c:1667 [inline]
 call_netdevice_notifiers net/core/dev.c:1683 [inline]
 netdev_features_change net/core/dev.c:1296 [inline]
 netdev_change_features+0x7e/0xa0 net/core/dev.c:7449
 bond_compute_features+0x444/0x860 drivers/net/bonding/bond_main.c:1122
 bond_enslave+0x37e2/0x4cc0 drivers/net/bonding/bond_main.c:1757
 do_set_master+0x19e/0x200 net/core/rtnetlink.c:1961
 rtnl_newlink+0x136f/0x1860 net/core/rtnetlink.c:2757
 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316
 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433
 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline]
 netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313
 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878
 sock_sendmsg_nosec net/socket.c:646 [inline]
 sock_sendmsg+0xb5/0x100 net/socket.c:656
 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062
 __sys_sendmsg+0xa3/0x120 net/socket.c:2096
 SYSC_sendmsg net/socket.c:2107 [inline]
 SyS_sendmsg+0x27/0x40 net/socket.c:2103
 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x4665d9
RSP: 002b:00007f0a568d5188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665d9
RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000006
RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007fff21d122af R14: 00007f0a568d5300 R15: 0000000000022000
bond1: Enslaving bridge2 as an active interface with a down link
syz-executor.1 (10345) used greatest stack depth: 23480 bytes left
bond2: making interface bridge3 the new active one
bond2: Enslaving bridge3 as an active interface with an up link
bond1: making interface bridge1 the new active one
bond1: Enslaving bridge1 as an active interface with an up link
8021q: adding VLAN 0 to HW filter on device bond2
bond0: Enslaving bond2 as an active interface with an up link
bond1: making interface bridge1 the new active one
bond1: Enslaving bridge1 as an active interface with an up link
8021q: adding VLAN 0 to HW filter on device bond1
bond0: Enslaving bond1 as an active interface with an up link
8021q: adding VLAN 0 to HW filter on device bond1
vxfs: WRONG superblock magic 00000000 at 1
bond0: Enslaving bond1 as an active interface with an up link
vxfs: WRONG superblock magic 00000000 at 8
vxfs: can't find superblock.
bond3: making interface bridge4 the new active one
bond3: Enslaving bridge4 as an active interface with an up link
vxfs: WRONG superblock magic 00000000 at 1
vxfs: WRONG superblock magic 00000000 at 8
vxfs: can't find superblock.
print_req_error: I/O error, dev loop2, sector 0
Buffer I/O error on dev loop2, logical block 0, async page read
print_req_error: I/O error, dev loop2, sector 4
Buffer I/O error on dev loop2, logical block 2, async page read
print_req_error: I/O error, dev loop2, sector 6
Buffer I/O error on dev loop2, logical block 3, async page read
vxfs: WRONG superblock magic 00000000 at 1
8021q: adding VLAN 0 to HW filter on device bond3
vxfs: WRONG superblock magic 00000000 at 8
vxfs: can't find superblock.
bond0: Enslaving bond3 as an active interface with an up link
bond2: making interface bridge2 the new active one
bond2: Enslaving bridge2 as an active interface with an up link
vxfs: WRONG superblock magic 00000000 at 1
bond2: making interface bridge2 the new active one
vxfs: WRONG superblock magic 00000000 at 8
bond2: Enslaving bridge2 as an active interface with an up link
vxfs: can't find superblock.
8021q: adding VLAN 0 to HW filter on device bond2
bond0: Enslaving bond2 as an active interface with an up link
8021q: adding VLAN 0 to HW filter on device bond2
bond0: Enslaving bond2 as an active interface with an up link
bond4: making interface bridge5 the new active one
bond4: Enslaving bridge5 as an active interface with an up link
8021q: adding VLAN 0 to HW filter on device bond4
bond0: Enslaving bond4 as an active interface with an up link
bond3: making interface bridge3 the new active one
bond3: Enslaving bridge3 as an active interface with an up link
bond3: making interface bridge3 the new active one
bond3: Enslaving bridge3 as an active interface with an up link
8021q: adding VLAN 0 to HW filter on device bond3
bond0: Enslaving bond3 as an active interface with an up link
8021q: adding VLAN 0 to HW filter on device bond3
encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
bond0: Enslaving bond3 as an active interface with an up link
encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
tc_ctl_action: received NO action attribs
bond2: link status definitely down for interface bridge2, disabling it
bond2: now running without any active interface!
bond1: link status definitely down for interface bridge1, disabling it
bond1: now running without any active interface!
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
bond3: link status definitely down for interface bridge3, disabling it
bond3: now running without any active interface!
bond3: link status definitely down for interface bridge4, disabling it
bond3: now running without any active interface!
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
bond4: link status definitely down for interface bridge5, disabling it
bond4: now running without any active interface!
F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
bond3: link status definitely down for interface bridge3, disabling it
F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
bond3: now running without any active interface!
F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
bond2: link status definitely down for interface bridge2, disabling it
F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
bond2: now running without any active interface!
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
bond1: link status definitely down for interface bridge1, disabling it
F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
bond1: now running without any active interface!
bond2: link status definitely down for interface bridge3, disabling it
bond2: now running without any active interface!
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
bridge0: port 2(bridge_slave_1) entered disabled state
bridge0: port 1(bridge_slave_0) entered disabled state
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
device bridge0 entered promiscuous mode
netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
new mount options do not match the existing superblock, will be ignored
sd 0:0:1:0: PR command failed: 134217730
sd 0:0:1:0: Sense Key : Illegal Request [current] 
sd 0:0:1:0: Add. Sense: Invalid command operation code
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
nla_parse: 3 callbacks suppressed
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'.
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored
new mount options do not match the existing superblock, will be ignored