Warning: Permanently added '10.128.0.68' (ED25519) to the list of known hosts. executing program [ 33.029922][ T6412] [ 33.030465][ T6412] ====================================================== [ 33.031914][ T6412] WARNING: possible circular locking dependency detected [ 33.033436][ T6412] 6.13.0-rc3-syzkaller-g573067a5a685 #0 Not tainted [ 33.034811][ T6412] ------------------------------------------------------ [ 33.036092][ T6412] syz-executor330/6412 is trying to acquire lock: [ 33.037367][ T6412] ffff0000d9ad0aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x48/0xa7c [ 33.039476][ T6412] [ 33.039476][ T6412] but task is already holding lock: [ 33.040899][ T6412] ffff0000d9ad0258 (sk_lock-AF_INET6){+.+.}-{0:0}, at: smc_sendmsg+0x60/0x9f8 [ 33.042820][ T6412] [ 33.042820][ T6412] which lock already depends on the new lock. [ 33.042820][ T6412] [ 33.044895][ T6412] [ 33.044895][ T6412] the existing dependency chain (in reverse order) is: [ 33.046882][ T6412] [ 33.046882][ T6412] -> #2 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 33.048567][ T6412] sockopt_lock_sock+0x88/0x148 [ 33.049696][ T6412] do_ipv6_setsockopt+0xab0/0x310c [ 33.050890][ T6412] ipv6_setsockopt+0x68/0x174 [ 33.051939][ T6412] udpv6_setsockopt+0xb8/0xd0 [ 33.053089][ T6412] sock_common_setsockopt+0xb0/0xcc [ 33.054336][ T6412] do_sock_setsockopt+0x2a0/0x4e0 [ 33.055520][ T6412] __arm64_sys_setsockopt+0x170/0x1e0 [ 33.056741][ T6412] invoke_syscall+0x98/0x2b8 [ 33.057944][ T6412] el0_svc_common+0x130/0x23c [ 33.059138][ T6412] do_el0_svc+0x48/0x58 [ 33.060167][ T6412] el0_svc+0x54/0x168 [ 33.061133][ T6412] el0t_64_sync_handler+0x84/0x108 [ 33.062270][ T6412] el0t_64_sync+0x198/0x19c [ 33.063354][ T6412] [ 33.063354][ T6412] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 33.064986][ T6412] __mutex_lock_common+0x218/0x28f4 [ 33.066191][ T6412] mutex_lock_nested+0x2c/0x38 [ 33.067272][ T6412] rtnl_lock+0x20/0x2c [ 33.068186][ T6412] do_ip_setsockopt+0xe34/0x3484 [ 33.069241][ T6412] ip_setsockopt+0x80/0x128 [ 33.070162][ T6412] tcp_setsockopt+0xcc/0xe8 [ 33.071198][ T6412] sock_common_setsockopt+0xb0/0xcc [ 33.072404][ T6412] smc_setsockopt+0x204/0x1104 [ 33.073536][ T6412] do_sock_setsockopt+0x2a0/0x4e0 [ 33.074636][ T6412] __arm64_sys_setsockopt+0x170/0x1e0 [ 33.075853][ T6412] invoke_syscall+0x98/0x2b8 [ 33.076843][ T6412] el0_svc_common+0x130/0x23c [ 33.077996][ T6412] do_el0_svc+0x48/0x58 [ 33.078962][ T6412] el0_svc+0x54/0x168 [ 33.079943][ T6412] el0t_64_sync_handler+0x84/0x108 [ 33.081182][ T6412] el0t_64_sync+0x198/0x19c [ 33.082272][ T6412] [ 33.082272][ T6412] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 33.084073][ T6412] __lock_acquire+0x34f0/0x7904 [ 33.085210][ T6412] lock_acquire+0x23c/0x724 [ 33.086277][ T6412] __mutex_lock_common+0x218/0x28f4 [ 33.087482][ T6412] mutex_lock_nested+0x2c/0x38 [ 33.088753][ T6412] smc_switch_to_fallback+0x48/0xa7c [ 33.090042][ T6412] smc_sendmsg+0xfc/0x9f8 [ 33.091085][ T6412] ____sys_sendmsg+0x56c/0x840 [ 33.092267][ T6412] __sys_sendmsg+0x238/0x304 [ 33.093367][ T6412] __arm64_sys_sendmsg+0x80/0x94 [ 33.094529][ T6412] invoke_syscall+0x98/0x2b8 [ 33.095610][ T6412] el0_svc_common+0x130/0x23c [ 33.096616][ T6412] do_el0_svc+0x48/0x58 [ 33.097583][ T6412] el0_svc+0x54/0x168 [ 33.098612][ T6412] el0t_64_sync_handler+0x84/0x108 [ 33.099753][ T6412] el0t_64_sync+0x198/0x19c [ 33.100900][ T6412] [ 33.100900][ T6412] other info that might help us debug this: [ 33.100900][ T6412] [ 33.102897][ T6412] Chain exists of: [ 33.102897][ T6412] &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET6 [ 33.102897][ T6412] [ 33.105835][ T6412] Possible unsafe locking scenario: [ 33.105835][ T6412] [ 33.107330][ T6412] CPU0 CPU1 [ 33.108376][ T6412] ---- ---- [ 33.109642][ T6412] lock(sk_lock-AF_INET6); [ 33.110683][ T6412] lock(rtnl_mutex); [ 33.112068][ T6412] lock(sk_lock-AF_INET6); [ 33.113621][ T6412] lock(&smc->clcsock_release_lock); [ 33.114907][ T6412] [ 33.114907][ T6412] *** DEADLOCK *** [ 33.114907][ T6412] [ 33.116587][ T6412] 1 lock held by syz-executor330/6412: [ 33.117674][ T6412] #0: ffff0000d9ad0258 (sk_lock-AF_INET6){+.+.}-{0:0}, at: smc_sendmsg+0x60/0x9f8 [ 33.119733][ T6412] [ 33.119733][ T6412] stack backtrace: [ 33.120999][ T6412] CPU: 1 UID: 0 PID: 6412 Comm: syz-executor330 Not tainted 6.13.0-rc3-syzkaller-g573067a5a685 #0 [ 33.123196][ T6412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 33.125190][ T6412] Call trace: [ 33.125903][ T6412] show_stack+0x2c/0x3c (C) [ 33.126853][ T6412] dump_stack_lvl+0xe4/0x150 [ 33.127881][ T6412] dump_stack+0x1c/0x28 [ 33.128661][ T6412] print_circular_bug+0x154/0x1c0 [ 33.129819][ T6412] check_noncircular+0x310/0x404 [ 33.130779][ T6412] __lock_acquire+0x34f0/0x7904 [ 33.131697][ T6412] lock_acquire+0x23c/0x724 [ 33.132672][ T6412] __mutex_lock_common+0x218/0x28f4 [ 33.133862][ T6412] mutex_lock_nested+0x2c/0x38 [ 33.134841][ T6412] smc_switch_to_fallback+0x48/0xa7c [ 33.135994][ T6412] smc_sendmsg+0xfc/0x9f8 [ 33.136894][ T6412] ____sys_sendmsg+0x56c/0x840 [ 33.137918][ T6412] __sys_sendmsg+0x238/0x304 [ 33.138909][ T6412] __arm64_sys_sendmsg+0x80/0x94 [ 33.139938][ T6412] invoke_syscall+0x98/0x2b8 [ 33.140969][ T6412] el0_svc_common+0x130/0x23c [ 33.141959][ T6412] do_el0_svc+0x48/0x58 [ 33.142812][ T6412] el0_svc+0x54/0x168 [ 33.143636][ T6412] el0t_64_sync_handler+0x84/0x108 [ 33.144706][ T6412] el0t_64_sync+0x198/0x19c