Warning: Permanently added '10.128.0.46' (ED25519) to the list of known hosts. executing program [ 33.771582][ T6439] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 0, id = 0 [ 33.771875][ T6438] [ 33.774686][ T6438] ====================================================== [ 33.776603][ T6438] WARNING: possible circular locking dependency detected [ 33.778398][ T6438] 6.14.0-rc7-syzkaller-ga2392f333575 #0 Not tainted [ 33.780038][ T6438] ------------------------------------------------------ [ 33.781898][ T6438] syz-executor365/6438 is trying to acquire lock: [ 33.783549][ T6438] ffff0000dc410aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x48/0xa7c [ 33.786367][ T6438] [ 33.786367][ T6438] but task is already holding lock: [ 33.788369][ T6438] ffff0000dc410258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x60/0x9f8 [ 33.790525][ T6438] [ 33.790525][ T6438] which lock already depends on the new lock. [ 33.790525][ T6438] [ 33.793284][ T6438] [ 33.793284][ T6438] the existing dependency chain (in reverse order) is: [ 33.795532][ T6438] [ 33.795532][ T6438] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}: [ 33.797543][ T6438] sockopt_lock_sock+0x88/0x148 [ 33.798937][ T6438] do_ip_setsockopt+0x138c/0x32c0 [ 33.800431][ T6438] ip_setsockopt+0x80/0x128 [ 33.801713][ T6438] raw_setsockopt+0xfc/0x290 [ 33.803094][ T6438] sock_common_setsockopt+0xb0/0xcc [ 33.804486][ T6438] do_sock_setsockopt+0x2a0/0x4e0 [ 33.805938][ T6438] __arm64_sys_setsockopt+0x170/0x1e0 [ 33.807377][ T6438] invoke_syscall+0x98/0x2b8 [ 33.808724][ T6438] el0_svc_common+0x130/0x23c [ 33.810056][ T6438] do_el0_svc+0x48/0x58 [ 33.811254][ T6438] el0_svc+0x54/0x168 [ 33.812336][ T6438] el0t_64_sync_handler+0x84/0x108 [ 33.813777][ T6438] el0t_64_sync+0x198/0x19c [ 33.815391][ T6438] [ 33.815391][ T6438] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 33.817288][ T6438] __mutex_lock_common+0x1f0/0x24b8 [ 33.818815][ T6438] mutex_lock_nested+0x2c/0x38 [ 33.820231][ T6438] rtnl_lock+0x20/0x2c [ 33.821429][ T6438] start_sync_thread+0xe0/0x24bc [ 33.822866][ T6438] do_ip_vs_set_ctl+0x550/0xd70 [ 33.824278][ T6438] nf_setsockopt+0x270/0x290 [ 33.825634][ T6438] ip_setsockopt+0x118/0x128 [ 33.826936][ T6438] tcp_setsockopt+0xcc/0xe8 [ 33.828229][ T6438] sock_common_setsockopt+0xb0/0xcc [ 33.829680][ T6438] smc_setsockopt+0x1f8/0xd0c [ 33.831014][ T6438] do_sock_setsockopt+0x2a0/0x4e0 [ 33.832387][ T6438] __arm64_sys_setsockopt+0x170/0x1e0 [ 33.833928][ T6438] invoke_syscall+0x98/0x2b8 [ 33.835328][ T6438] el0_svc_common+0x130/0x23c [ 33.836669][ T6438] do_el0_svc+0x48/0x58 [ 33.837962][ T6438] el0_svc+0x54/0x168 [ 33.839177][ T6438] el0t_64_sync_handler+0x84/0x108 [ 33.840756][ T6438] el0t_64_sync+0x198/0x19c [ 33.842150][ T6438] [ 33.842150][ T6438] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 33.844415][ T6438] __lock_acquire+0x34f0/0x7904 [ 33.845906][ T6438] lock_acquire+0x23c/0x724 [ 33.847278][ T6438] __mutex_lock_common+0x1f0/0x24b8 [ 33.848780][ T6438] mutex_lock_nested+0x2c/0x38 [ 33.850177][ T6438] smc_switch_to_fallback+0x48/0xa7c [ 33.851754][ T6438] smc_sendmsg+0xfc/0x9f8 [ 33.853090][ T6438] __sys_sendto+0x360/0x4d8 [ 33.854457][ T6438] __arm64_sys_sendto+0xd8/0xf8 [ 33.855899][ T6438] invoke_syscall+0x98/0x2b8 [ 33.857235][ T6438] el0_svc_common+0x130/0x23c [ 33.858555][ T6438] do_el0_svc+0x48/0x58 [ 33.859831][ T6438] el0_svc+0x54/0x168 [ 33.861067][ T6438] el0t_64_sync_handler+0x84/0x108 [ 33.862614][ T6438] el0t_64_sync+0x198/0x19c [ 33.863998][ T6438] [ 33.863998][ T6438] other info that might help us debug this: [ 33.863998][ T6438] [ 33.866693][ T6438] Chain exists of: [ 33.866693][ T6438] &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET [ 33.866693][ T6438] [ 33.870255][ T6438] Possible unsafe locking scenario: [ 33.870255][ T6438] [ 33.872258][ T6438] CPU0 CPU1 [ 33.873679][ T6438] ---- ---- [ 33.875046][ T6438] lock(sk_lock-AF_INET); [ 33.876057][ T6438] lock(rtnl_mutex); [ 33.877224][ T6438] lock(sk_lock-AF_INET); [ 33.878589][ T6438] lock(&smc->clcsock_release_lock); [ 33.879644][ T6438] [ 33.879644][ T6438] *** DEADLOCK *** [ 33.879644][ T6438] [ 33.881582][ T6438] 1 lock held by syz-executor365/6438: [ 33.883010][ T6438] #0: ffff0000dc410258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x60/0x9f8 [ 33.885474][ T6438] [ 33.885474][ T6438] stack backtrace: [ 33.887079][ T6438] CPU: 0 UID: 0 PID: 6438 Comm: syz-executor365 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0 [ 33.887093][ T6438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 33.887101][ T6438] Call trace: [ 33.887104][ T6438] show_stack+0x2c/0x3c (C) [ 33.887124][ T6438] dump_stack_lvl+0xe4/0x150 [ 33.887138][ T6438] dump_stack+0x1c/0x28 [ 33.887151][ T6438] print_circular_bug+0x154/0x1c0 [ 33.887164][ T6438] check_noncircular+0x310/0x404 [ 33.887175][ T6438] __lock_acquire+0x34f0/0x7904 [ 33.887186][ T6438] lock_acquire+0x23c/0x724 [ 33.887197][ T6438] __mutex_lock_common+0x1f0/0x24b8 [ 33.887212][ T6438] mutex_lock_nested+0x2c/0x38 [ 33.887225][ T6438] smc_switch_to_fallback+0x48/0xa7c [ 33.887239][ T6438] smc_sendmsg+0xfc/0x9f8 [ 33.887252][ T6438] __sys_sendto+0x360/0x4d8 [ 33.887265][ T6438] __arm64_sys_sendto+0xd8/0xf8 [ 33.887277][ T6438] invoke_syscall+0x98/0x2b8 [ 33.887290][ T6438] el0_svc_common+0x130/0x23c [ 33.887303][ T6438] do_el0_svc+0x48/0x58 [ 33.887315][ T6438] el0_svc+0x54/0x168 [ 33.887325][ T6438] el0t_64_sync_handler+0x84/0x108 [ 33.887336][ T6438] el0t_64_sync+0x198/0x19c