====================================================== WARNING: possible circular locking dependency detected 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 Not tainted ------------------------------------------------------ syz.7.1511/14022 is trying to acquire lock: ffffffff8fac4da8 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_sock_ac_close+0xd9/0x110 net/ipv6/anycast.c:219 but task is already holding lock: ffff888066012d28 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_clcsock_release+0x75/0xe0 net/smc/smc_close.c:30 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&smc->clcsock_release_lock){+.+.}-{3:3}: __mutex_lock_common kernel/locking/mutex.c:608 [inline] __mutex_lock+0x175/0x9c0 kernel/locking/mutex.c:752 smc_switch_to_fallback+0x2d/0xa00 net/smc/af_smc.c:902 smc_sendmsg+0x13d/0x520 net/smc/af_smc.c:2771 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg net/socket.c:744 [inline] ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607 ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661 __sys_sendmsg+0x117/0x1f0 net/socket.c:2690 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: lock_sock_nested+0x3a/0xf0 net/core/sock.c:3611 lock_sock include/net/sock.h:1611 [inline] sockopt_lock_sock net/core/sock.c:1125 [inline] sockopt_lock_sock+0x54/0x70 net/core/sock.c:1116 do_ip_setsockopt+0x101/0x38c0 net/ipv4/ip_sockglue.c:1078 ip_setsockopt+0x59/0xf0 net/ipv4/ip_sockglue.c:1417 raw_setsockopt+0xb8/0x290 net/ipv4/raw.c:845 do_sock_setsockopt+0x222/0x480 net/socket.c:2334 __sys_setsockopt+0x1a4/0x270 net/socket.c:2357 __do_sys_setsockopt net/socket.c:2366 [inline] __se_sys_setsockopt net/socket.c:2363 [inline] __x64_sys_setsockopt+0xbd/0x160 net/socket.c:2363 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f -> #0 (rtnl_mutex){+.+.}-{3:3}: check_prev_add kernel/locking/lockdep.c:3161 [inline] check_prevs_add kernel/locking/lockdep.c:3280 [inline] validate_chain kernel/locking/lockdep.c:3904 [inline] __lock_acquire+0x250b/0x3ce0 kernel/locking/lockdep.c:5202 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5825 __mutex_lock_common kernel/locking/mutex.c:608 [inline] __mutex_lock+0x175/0x9c0 kernel/locking/mutex.c:752 ipv6_sock_ac_close+0xd9/0x110 net/ipv6/anycast.c:219 inet6_release+0x47/0x70 net/ipv6/af_inet6.c:487 __sock_release net/socket.c:658 [inline] sock_release+0x8e/0x1d0 net/socket.c:686 smc_clcsock_release+0xb7/0xe0 net/smc/smc_close.c:34 __smc_release+0x5c2/0x880 net/smc/af_smc.c:301 smc_release+0x1fc/0x5f0 net/smc/af_smc.c:344 __sock_release+0xb0/0x270 net/socket.c:658 sock_close+0x1c/0x30 net/socket.c:1426 __fput+0x3f6/0xb60 fs/file_table.c:431 task_work_run+0x14e/0x250 kernel/task_work.c:239 exit_task_work include/linux/task_work.h:43 [inline] do_exit+0xadd/0x2d70 kernel/exit.c:939 do_group_exit+0xd3/0x2a0 kernel/exit.c:1088 get_signal+0x2658/0x26d0 kernel/signal.c:2917 arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337 exit_to_user_mode_loop kernel/entry/common.c:111 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218 do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f other info that might help us debug this: Chain exists of: rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&smc->clcsock_release_lock); lock(sk_lock-AF_INET); lock(&smc->clcsock_release_lock); lock(rtnl_mutex); *** DEADLOCK *** 2 locks held by syz.7.1511/14022: #0: ffff88805a2ddc08 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:815 [inline] #0: ffff88805a2ddc08 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x270 net/socket.c:657 #1: ffff888066012d28 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_clcsock_release+0x75/0xe0 net/smc/smc_close.c:30 stack backtrace: CPU: 0 UID: 0 PID: 14022 Comm: syz.7.1511 Not tainted 6.12.0-rc5-syzkaller-00161-g90602c251cda #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_circular_bug+0x419/0x5d0 kernel/locking/lockdep.c:2074 check_noncircular+0x31a/0x400 kernel/locking/lockdep.c:2206 check_prev_add kernel/locking/lockdep.c:3161 [inline] check_prevs_add kernel/locking/lockdep.c:3280 [inline] validate_chain kernel/locking/lockdep.c:3904 [inline] __lock_acquire+0x250b/0x3ce0 kernel/locking/lockdep.c:5202 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5825 __mutex_lock_common kernel/locking/mutex.c:608 [inline] __mutex_lock+0x175/0x9c0 kernel/locking/mutex.c:752 ipv6_sock_ac_close+0xd9/0x110 net/ipv6/anycast.c:219 inet6_release+0x47/0x70 net/ipv6/af_inet6.c:487 __sock_release net/socket.c:658 [inline] sock_release+0x8e/0x1d0 net/socket.c:686 smc_clcsock_release+0xb7/0xe0 net/smc/smc_close.c:34 __smc_release+0x5c2/0x880 net/smc/af_smc.c:301 smc_release+0x1fc/0x5f0 net/smc/af_smc.c:344 __sock_release+0xb0/0x270 net/socket.c:658 sock_close+0x1c/0x30 net/socket.c:1426 __fput+0x3f6/0xb60 fs/file_table.c:431 task_work_run+0x14e/0x250 kernel/task_work.c:239 exit_task_work include/linux/task_work.h:43 [inline] do_exit+0xadd/0x2d70 kernel/exit.c:939 do_group_exit+0xd3/0x2a0 kernel/exit.c:1088 get_signal+0x2658/0x26d0 kernel/signal.c:2917 arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337 exit_to_user_mode_loop kernel/entry/common.c:111 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218 do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fcef7d7e719 Code: Unable to access opcode bytes at 0x7fcef7d7e6ef. RSP: 002b:00007fcef8b2f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007fcef7f35f88 RCX: 00007fcef7d7e719 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcef7f35f88 RBP: 00007fcef7f35f80 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcef7f35f8c R13: 0000000000000000 R14: 00007fffcf55d590 R15: 00007fffcf55d678