syzbot

======================================================
[ INFO: possible circular locking dependency detected ]
4.4.174+ #4 Not tainted
-------------------------------------------------------
syz-executor971/2096 is trying to acquire lock:
 (rtnl_mutex){+.+.+.}, at: [<ffffffff8226e537>] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70

but task is already holding lock:
 (sk_lock-AF_INET6){+.+.+.}, at: [<ffffffff825fd4aa>] lock_sock include/net/sock.h:1497 [inline]
 (sk_lock-AF_INET6){+.+.+.}, at: [<ffffffff825fd4aa>] do_ipv6_setsockopt.isra.0+0x28a/0x30c0 net/ipv6/ipv6_sockglue.c:166

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

       [<ffffffff81205f6e>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592
       [<ffffffff821e4f06>] lock_sock_nested+0xc6/0x120 net/core/sock.c:2463
       [<ffffffff826000da>] lock_sock include/net/sock.h:1497 [inline]
       [<ffffffff826000da>] do_ipv6_setsockopt.isra.0+0x2eba/0x30c0 net/ipv6/ipv6_sockglue.c:166
       [<ffffffff826003ba>] ipv6_setsockopt+0xda/0x140 net/ipv6/ipv6_sockglue.c:904
       [<ffffffff823f782a>] tcp_setsockopt net/ipv4/tcp.c:2643 [inline]
       [<ffffffff823f782a>] tcp_setsockopt+0x8a/0xe0 net/ipv4/tcp.c:2637
       [<ffffffff821def2a>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2663
       [<ffffffff821dcb59>] SYSC_setsockopt net/socket.c:1780 [inline]
       [<ffffffff821dcb59>] SyS_setsockopt+0x159/0x240 net/socket.c:1759
       [<ffffffff82718ba1>] entry_SYSCALL_64_fastpath+0x1e/0x9a

       [<ffffffff81202d86>] check_prev_add kernel/locking/lockdep.c:1853 [inline]
       [<ffffffff81202d86>] check_prevs_add kernel/locking/lockdep.c:1958 [inline]
       [<ffffffff81202d86>] validate_chain kernel/locking/lockdep.c:2144 [inline]
       [<ffffffff81202d86>] __lock_acquire+0x37d6/0x4f50 kernel/locking/lockdep.c:3213
       [<ffffffff81205f6e>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592
       [<ffffffff8270c191>] __mutex_lock_common kernel/locking/mutex.c:521 [inline]
       [<ffffffff8270c191>] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621
       [<ffffffff8226e537>] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70
       [<ffffffff826369ee>] ipv6_sock_mc_close+0x10e/0x350 net/ipv6/mcast.c:288
       [<ffffffff825fedf1>] do_ipv6_setsockopt.isra.0+0x1bd1/0x30c0 net/ipv6/ipv6_sockglue.c:202
       [<ffffffff826003ba>] ipv6_setsockopt+0xda/0x140 net/ipv6/ipv6_sockglue.c:904
       [<ffffffff823f782a>] tcp_setsockopt net/ipv4/tcp.c:2643 [inline]
       [<ffffffff823f782a>] tcp_setsockopt+0x8a/0xe0 net/ipv4/tcp.c:2637
       [<ffffffff821def2a>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2663
       [<ffffffff821dcb59>] SYSC_setsockopt net/socket.c:1780 [inline]
       [<ffffffff821dcb59>] SyS_setsockopt+0x159/0x240 net/socket.c:1759
       [<ffffffff82718ba1>] entry_SYSCALL_64_fastpath+0x1e/0x9a

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(sk_lock-AF_INET6);
                               lock(rtnl_mutex);
                               lock(sk_lock-AF_INET6);
  lock(rtnl_mutex);

 *** DEADLOCK ***

1 lock held by syz-executor971/2096:
 #0:  (sk_lock-AF_INET6){+.+.+.}, at: [<ffffffff825fd4aa>] lock_sock include/net/sock.h:1497 [inline]
 #0:  (sk_lock-AF_INET6){+.+.+.}, at: [<ffffffff825fd4aa>] do_ipv6_setsockopt.isra.0+0x28a/0x30c0 net/ipv6/ipv6_sockglue.c:166

stack backtrace:
CPU: 0 PID: 2096 Comm: syz-executor971 Not tainted 4.4.174+ #4
 0000000000000000 f70e933b7c74fc82 ffff8801cf3b75b0 ffffffff81aad1a1
 ffffffff84057a80 ffff8801d521c740 ffffffff83a8db50 ffffffff83acc5b0
 ffffffff83a8db50 ffff8801cf3b7600 ffffffff813abcda ffff8801cf3b76e0
Call Trace:
 [<ffffffff81aad1a1>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81aad1a1>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
 [<ffffffff813abcda>] print_circular_bug.cold+0x2f7/0x44e kernel/locking/lockdep.c:1226
 [<ffffffff81202d86>] check_prev_add kernel/locking/lockdep.c:1853 [inline]
 [<ffffffff81202d86>] check_prevs_add kernel/locking/lockdep.c:1958 [inline]
 [<ffffffff81202d86>] validate_chain kernel/locking/lockdep.c:2144 [inline]
 [<ffffffff81202d86>] __lock_acquire+0x37d6/0x4f50 kernel/locking/lockdep.c:3213
 [<ffffffff81205f6e>] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592
 [<ffffffff8270c191>] __mutex_lock_common kernel/locking/mutex.c:521 [inline]
 [<ffffffff8270c191>] mutex_lock_nested+0xc1/0xb80 kernel/locking/mutex.c:621
 [<ffffffff8226e537>] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70
 [<ffffffff826369ee>] ipv6_sock_mc_close+0x10e/0x350 net/ipv6/mcast.c:288
 [<ffffffff825fedf1>] do_ipv6_setsockopt.isra.0+0x1bd1/0x30c0 net/ipv6/ipv6_sockglue.c:202
 [<ffffffff826003ba>] ipv6_setsockopt+0xda/0x140 net/ipv6/ipv6_sockglue.c:904
 [<ffffffff823f782a>] tcp_setsockopt net/ipv4/tcp.c:2643 [inline]
 [<ffffffff823f782a>] tcp_setsockopt+0x8a/0xe0 net/ipv4/tcp.c:2637
 [<ffffffff821def2a>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2663
 [<ffffffff821dcb59>] SYSC_setsockopt net/socket.c:1780 [inline]
 [<ffffffff821dcb59>] SyS_setsockopt+0x159/0x240 net/socket.c:1759