====================================================== WARNING: possible circular locking dependency detected 6.13.0-rc3-syzkaller-g6f6ecce59d99 #0 Not tainted ------------------------------------------------------ syz.2.229/5068 is trying to acquire lock: ff60000019abaad8 (sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1617 [inline] ff60000019abaad8 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sockopt_lock_sock net/core/sock.c:1126 [inline] ff60000019abaad8 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sockopt_lock_sock+0x62/0x82 net/core/sock.c:1117 but task is already holding lock: ffffffff895e06c8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x22/0x2a net/core/rtnetlink.c:79 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (rtnl_mutex){+.+.}-{4:4}: lock_acquire.part.0+0x2c4/0x81a kernel/locking/lockdep.c:5849 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5822 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x166/0x1082 kernel/locking/mutex.c:735 mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:787 rtnl_lock+0x22/0x2a net/core/rtnetlink.c:79 ip_mroute_setsockopt+0x110/0x1276 net/ipv4/ipmr.c:1396 do_ip_setsockopt+0x24a/0x32ee net/ipv4/ip_sockglue.c:948 ip_setsockopt+0x52/0xe6 net/ipv4/ip_sockglue.c:1417 tcp_setsockopt+0x8e/0xe0 net/ipv4/tcp.c:4030 sock_common_setsockopt+0x90/0xc0 net/core/sock.c:3814 smc_setsockopt+0x196/0xd4e net/smc/af_smc.c:3064 do_sock_setsockopt+0x208/0x400 net/socket.c:2313 __sys_setsockopt+0x140/0x1cc net/socket.c:2338 __do_sys_setsockopt net/socket.c:2344 [inline] __se_sys_setsockopt net/socket.c:2341 [inline] __riscv_sys_setsockopt+0xa6/0x114 net/socket.c:2341 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197 -> #1 (&smc->clcsock_release_lock){+.+.}-{4:4}: lock_acquire.part.0+0x2c4/0x81a kernel/locking/lockdep.c:5849 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5822 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x166/0x1082 kernel/locking/mutex.c:735 mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:787 smc_switch_to_fallback+0x3e/0xa98 net/smc/af_smc.c:903 smc_sendmsg+0x14c/0xd12 net/smc/af_smc.c:2771 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0xcc/0x160 net/socket.c:726 ____sys_sendmsg+0x5ce/0x79e net/socket.c:2583 ___sys_sendmsg+0x144/0x1e6 net/socket.c:2637 __sys_sendmsg+0x188/0x22a net/socket.c:2669 __do_sys_sendmsg net/socket.c:2674 [inline] __se_sys_sendmsg net/socket.c:2672 [inline] __riscv_sys_sendmsg+0x70/0xa2 net/socket.c:2672 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197 -> #0 (sk_lock-AF_INET6){+.+.}-{0:0}: check_noncircular+0x2ba/0x354 kernel/locking/lockdep.c:2206 check_prev_add kernel/locking/lockdep.c:3161 [inline] check_prevs_add kernel/locking/lockdep.c:3280 [inline] validate_chain kernel/locking/lockdep.c:3904 [inline] __lock_acquire+0x2e4e/0x8594 kernel/locking/lockdep.c:5226 lock_acquire.part.0+0x2c4/0x81a kernel/locking/lockdep.c:5849 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5822 lock_sock_nested+0x38/0xf6 net/core/sock.c:3622 lock_sock include/net/sock.h:1617 [inline] sockopt_lock_sock net/core/sock.c:1126 [inline] sockopt_lock_sock+0x62/0x82 net/core/sock.c:1117 do_ipv6_setsockopt+0x277c/0x40f8 net/ipv6/ipv6_sockglue.c:567 ipv6_setsockopt+0xc8/0x16e net/ipv6/ipv6_sockglue.c:993 tcp_setsockopt+0x8e/0xe0 net/ipv4/tcp.c:4030 sock_common_setsockopt+0x90/0xc0 net/core/sock.c:3814 do_sock_setsockopt+0x208/0x400 net/socket.c:2313 __sys_setsockopt+0x140/0x1cc net/socket.c:2338 __do_sys_setsockopt net/socket.c:2344 [inline] __se_sys_setsockopt net/socket.c:2341 [inline] __riscv_sys_setsockopt+0xa6/0x114 net/socket.c:2341 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197 other info that might help us debug this: Chain exists of: sk_lock-AF_INET6 --> &smc->clcsock_release_lock --> rtnl_mutex Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(rtnl_mutex); lock(&smc->clcsock_release_lock); lock(rtnl_mutex); lock(sk_lock-AF_INET6); *** DEADLOCK *** 1 lock held by syz.2.229/5068: #0: ffffffff895e06c8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x22/0x2a net/core/rtnetlink.c:79 stack backtrace: CPU: 0 UID: 0 PID: 5068 Comm: syz.2.229 Not tainted 6.13.0-rc3-syzkaller-g6f6ecce59d99 #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:132 [] show_stack+0x30/0x3c arch/riscv/kernel/stacktrace.c:138 [] __dump_stack lib/dump_stack.c:94 [inline] [] dump_stack_lvl+0x12e/0x1a6 lib/dump_stack.c:120 [] dump_stack+0x1c/0x24 lib/dump_stack.c:129 [] print_circular_bug+0x3a2/0x42c kernel/locking/lockdep.c:2074 [] check_noncircular+0x2ba/0x354 kernel/locking/lockdep.c:2206 [] check_prev_add kernel/locking/lockdep.c:3161 [inline] [] check_prevs_add kernel/locking/lockdep.c:3280 [inline] [] validate_chain kernel/locking/lockdep.c:3904 [inline] [] __lock_acquire+0x2e4e/0x8594 kernel/locking/lockdep.c:5226 [] lock_acquire.part.0+0x2c4/0x81a kernel/locking/lockdep.c:5849 [] lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5822 [] lock_sock_nested+0x38/0xf6 net/core/sock.c:3622 [] lock_sock include/net/sock.h:1617 [inline] [] sockopt_lock_sock net/core/sock.c:1126 [inline] [] sockopt_lock_sock+0x62/0x82 net/core/sock.c:1117 [] do_ipv6_setsockopt+0x277c/0x40f8 net/ipv6/ipv6_sockglue.c:567 [] ipv6_setsockopt+0xc8/0x16e net/ipv6/ipv6_sockglue.c:993 [] tcp_setsockopt+0x8e/0xe0 net/ipv4/tcp.c:4030 [] sock_common_setsockopt+0x90/0xc0 net/core/sock.c:3814 [] do_sock_setsockopt+0x208/0x400 net/socket.c:2313 [] __sys_setsockopt+0x140/0x1cc net/socket.c:2338 [] __do_sys_setsockopt net/socket.c:2344 [inline] [] __se_sys_setsockopt net/socket.c:2341 [inline] [] __riscv_sys_setsockopt+0xa6/0x114 net/socket.c:2341 [] syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 [] do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 [] handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197