============================================
WARNING: possible recursive locking detected
6.1.113-syzkaller #0 Not tainted
--------------------------------------------
syz.4.2017/9578 is trying to acquire lock:
ffff88807a790d88 (&hsr->seqnr_lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]
ffff88807a790d88 (&hsr->seqnr_lock){+.-.}-{2:2}, at: hsr_dev_xmit+0x13a/0x210 net/hsr/hsr_device.c:219

but task is already holding lock:
ffff88804f51ad88 (&hsr->seqnr_lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]
ffff88804f51ad88 (&hsr->seqnr_lock){+.-.}-{2:2}, at: send_hsr_supervision_frame+0x272/0xad0 net/hsr/hsr_device.c:300

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&hsr->seqnr_lock);
  lock(&hsr->seqnr_lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

9 locks held by syz.4.2017/9578:
 #0: ffff888143bd8360 (&lo->lo_mutex){+.+.}-{3:3}, at: loop_global_lock_killable drivers/block/loop.c:120 [inline]
 #0: ffff888143bd8360 (&lo->lo_mutex){+.+.}-{3:3}, at: loop_configure+0x1f9/0x1270 drivers/block/loop.c:1018
 #1: ffffffff8d2071e0 (console_lock){+.+.}-{0:0}, at: _printk+0xd1/0x111 kernel/printk/printk.c:2328
 #2: ffffc90000007bc0 ((&hsr->announce_timer)){+.-.}-{0:0}, at: call_timer_fn+0xc2/0x6b0 kernel/time/timer.c:1501
 #3: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 #3: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:791 [inline]
 #3: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: hsr_announce+0x9f/0x340 net/hsr/hsr_device.c:377
 #4: ffff88804f51ad88 (&hsr->seqnr_lock){+.-.}-{2:2}, at: spin_lock_bh include/linux/spinlock.h:356 [inline]
 #4: ffff88804f51ad88 (&hsr->seqnr_lock){+.-.}-{2:2}, at: send_hsr_supervision_frame+0x272/0xad0 net/hsr/hsr_device.c:300
 #5: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 #5: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:791 [inline]
 #5: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: hsr_forward_skb+0xaa/0x2390 net/hsr/hsr_forward.c:614
 #6: ffffffff8d32b020 (rcu_read_lock_bh){....}-{1:2}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #6: ffffffff8d32b020 (rcu_read_lock_bh){....}-{1:2}, at: rcu_read_lock_bh include/linux/rcupdate.h:843 [inline]
 #6: ffffffff8d32b020 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x2d6/0x3d50 net/core/dev.c:4220
 #7: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 #7: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:791 [inline]
 #7: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: br_dev_xmit+0x212/0x18e0 net/bridge/br_device.c:49
 #8: ffffffff8d32b020 (rcu_read_lock_bh){....}-{1:2}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #8: ffffffff8d32b020 (rcu_read_lock_bh){....}-{1:2}, at: rcu_read_lock_bh include/linux/rcupdate.h:843 [inline]
 #8: ffffffff8d32b020 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x2d6/0x3d50 net/core/dev.c:4220

stack backtrace:
CPU: 0 PID: 9578 Comm: syz.4.2017 Not tainted 6.1.113-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 print_deadlock_bug kernel/locking/lockdep.c:2983 [inline]
 check_deadlock kernel/locking/lockdep.c:3026 [inline]
 validate_chain+0x4711/0x5950 kernel/locking/lockdep.c:3812
 __lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5049
 lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:126 [inline]
 _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:178
 spin_lock_bh include/linux/spinlock.h:356 [inline]
 hsr_dev_xmit+0x13a/0x210 net/hsr/hsr_device.c:219
 __netdev_start_xmit include/linux/netdevice.h:4853 [inline]
 netdev_start_xmit include/linux/netdevice.h:4867 [inline]
 xmit_one net/core/dev.c:3627 [inline]
 dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3643
 __dev_queue_xmit+0x1b5d/0x3d50 net/core/dev.c:4297
 dev_queue_xmit include/linux/netdevice.h:3021 [inline]
 br_dev_queue_push_xmit+0x6fe/0x8c0 net/bridge/br_forward.c:53
 NF_HOOK+0x39f/0x450 include/linux/netfilter.h:302
 br_forward_finish+0xe1/0x130 net/bridge/br_forward.c:66
 NF_HOOK+0x39f/0x450 include/linux/netfilter.h:302
 __br_forward+0x430/0x5f0 net/bridge/br_forward.c:115
 deliver_clone net/bridge/br_forward.c:131 [inline]
 maybe_deliver+0xb3/0x150 net/bridge/br_forward.c:189
 br_flood+0x2e7/0x440 net/bridge/br_forward.c:231
 br_dev_xmit+0x1194/0x18e0
 __netdev_start_xmit include/linux/netdevice.h:4853 [inline]
 netdev_start_xmit include/linux/netdevice.h:4867 [inline]
 xmit_one net/core/dev.c:3627 [inline]
 dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3643
 __dev_queue_xmit+0x1b5d/0x3d50 net/core/dev.c:4297
 dev_queue_xmit include/linux/netdevice.h:3021 [inline]
 hsr_xmit net/hsr/hsr_forward.c:380 [inline]
 hsr_forward_do net/hsr/hsr_forward.c:471 [inline]
 hsr_forward_skb+0x17f3/0x2390 net/hsr/hsr_forward.c:619
 send_hsr_supervision_frame+0x540/0xad0 net/hsr/hsr_device.c:323
 hsr_announce+0x1a4/0x340 net/hsr/hsr_device.c:379
 call_timer_fn+0x1ad/0x6b0 kernel/time/timer.c:1504
 expire_timers kernel/time/timer.c:1549 [inline]
 __run_timers+0x67c/0x890 kernel/time/timer.c:1820
 run_timer_softirq+0x63/0xf0 kernel/time/timer.c:1833
 handle_softirqs+0x2ee/0xa40 kernel/softirq.c:571
 __do_softirq kernel/softirq.c:605 [inline]
 invoke_softirq kernel/softirq.c:445 [inline]
 __irq_exit_rcu+0x157/0x240 kernel/softirq.c:654
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:666
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1106 [inline]
 sysvec_apic_timer_interrupt+0xa0/0xc0 arch/x86/kernel/apic/apic.c:1106
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:691
RIP: 0010:console_emit_next_record+0xd67/0x1000 kernel/printk/printk.c:2786
Code: f6 1b 00 44 0f b6 74 24 1f 48 83 7c 24 30 00 75 07 e8 ad f6 1b 00 eb 06 e8 a6 f6 1b 00 fb 48 c7 84 24 a0 00 00 00 0e 36 e0 45 <43> c7 04 2c 00 00 00 00 4b c7 44 2c 0a 00 00 00 00 4b c7 44 2c 12
RSP: 0018:ffffc900039cec40 EFLAGS: 00000287
RAX: ffffffff816e9c1a RBX: ffffffff816e995c RCX: 0000000000040000
RDX: ffffc9000de4a000 RSI: 0000000000022770 RDI: 0000000000022771
RBP: ffffc900039ceef0 R08: ffffffff816e9bf2 R09: fffffbfff224604d
R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
R13: 1ffff92000739d9c R14: 0000000000000001 R15: 0000000000000000
 console_unlock+0x278/0x7c0 kernel/printk/printk.c:2906
 vprintk_emit+0x523/0x740 kernel/printk/printk.c:2303
 _printk+0xd1/0x111 kernel/printk/printk.c:2328
 set_capacity_and_notify+0x2b0/0x340 block/genhd.c:91
 loop_set_size+0x44/0xa0 drivers/block/loop.c:232
 loop_configure+0xd1d/0x1270 drivers/block/loop.c:1095
 lo_ioctl+0x882/0x2010
 blkdev_ioctl+0x3a9/0x760 block/ioctl.c:619
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0xf1/0x160 fs/ioctl.c:856
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x3b/0xb0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7f8a5db7dbfb
Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
RSP: 002b:00007f8a5e88fd10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00007f8a5db7dbfb
RDX: 0000000000000003 RSI: 0000000000004c00 RDI: 0000000000000004
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000607
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
R13: 00007f8a5e88fdec R14: 00007f8a5e88fdf0 R15: 00007f8a539f7000
 </TASK>
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	1b 00                	sbb    (%rax),%eax
   2:	44 0f b6 74 24 1f    	movzbl 0x1f(%rsp),%r14d
   8:	48 83 7c 24 30 00    	cmpq   $0x0,0x30(%rsp)
   e:	75 07                	jne    0x17
  10:	e8 ad f6 1b 00       	call   0x1bf6c2
  15:	eb 06                	jmp    0x1d
  17:	e8 a6 f6 1b 00       	call   0x1bf6c2
  1c:	fb                   	sti
  1d:	48 c7 84 24 a0 00 00 	movq   $0x45e0360e,0xa0(%rsp)
  24:	00 0e 36 e0 45
* 29:	43 c7 04 2c 00 00 00 	movl   $0x0,(%r12,%r13,1) <-- trapping instruction
  30:	00
  31:	4b c7 44 2c 0a 00 00 	movq   $0x0,0xa(%r12,%r13,1)
  38:	00 00
  3a:	4b                   	rex.WXB
  3b:	c7                   	.byte 0xc7
  3c:	44 2c 12             	rex.R sub $0x12,%al