====================================================== [ INFO: possible circular locking dependency detected ] 4.4.141-g1b37d68 #7 Not tainted ------------------------------------------------------- syz-executor7/6537 is trying to acquire lock: ([ 82.157171] but task is already holding lock: (sk_lock-AF_INET6){+.+.+.}, at: [] lock_sock include/net/sock.h:1493 [inline] (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.9+0x40d/0x32c0 net/ipv6/ipv6_sockglue.c:166 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (sk_lock-AF_INET6){+.+.+.}: [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] lock_sock_nested+0xc6/0x120 net/core/sock.c:2459 [] lock_sock include/net/sock.h:1493 [inline] [] do_ipv6_setsockopt.isra.9+0x3da/0x32c0 net/ipv6/ipv6_sockglue.c:166 [] compat_ipv6_setsockopt+0xe9/0x1d0 net/ipv6/ipv6_sockglue.c:935 [] compat_udpv6_setsockopt+0x4a/0x90 net/ipv6/udp.c:1446 [] compat_sock_common_setsockopt+0xb4/0x150 net/core/sock.c:2670 [] C_SYSC_setsockopt net/compat.c:385 [inline] [] compat_SyS_setsockopt+0x14c/0x2a0 net/compat.c:368 [] do_syscall_32_irqs_on arch/x86/entry/common.c:393 [inline] [] do_fast_syscall_32+0x326/0x8b0 arch/x86/entry/common.c:460 [] sysenter_flags_fixed+0xd/0x17 -> #0 (rtnl_mutex){+.+.+.}: [] check_prev_add kernel/locking/lockdep.c:1853 [inline] [] check_prevs_add kernel/locking/lockdep.c:1958 [inline] [] validate_chain kernel/locking/lockdep.c:2144 [inline] [] __lock_acquire+0x3902/0x5270 kernel/locking/lockdep.c:3213 [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_nested+0xbb/0x850 kernel/locking/mutex.c:621 [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70 [] ipv6_sock_mc_close+0x10e/0x350 net/ipv6/mcast.c:288 [] do_ipv6_setsockopt.isra.9+0x28dc/0x32c0 net/ipv6/ipv6_sockglue.c:202 [] compat_ipv6_setsockopt+0xe9/0x1d0 net/ipv6/ipv6_sockglue.c:935 [] compat_udpv6_setsockopt+0x4a/0x90 net/ipv6/udp.c:1446 [] compat_sock_common_setsockopt+0xb4/0x150 net/core/sock.c:2670 [] C_SYSC_setsockopt net/compat.c:385 [inline] [] compat_SyS_setsockopt+0x14c/0x2a0 net/compat.c:368 [] do_syscall_32_irqs_on arch/x86/entry/common.c:393 [inline] [] do_fast_syscall_32+0x326/0x8b0 arch/x86/entry/common.c:460 [] sysenter_flags_fixed+0xd/0x17 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(sk_lock-AF_INET6); lock(rtnl_mutex); lock(sk_lock-AF_INET6); lock(rtnl_mutex); *** DEADLOCK *** 1 lock held by syz-executor7/6537: #0: (sk_lock-AF_INET6){+.+.+.}, at: [] lock_sock include/net/sock.h:1493 [inline] #0: (sk_lock-AF_INET6){+.+.+.}, at: [] do_ipv6_setsockopt.isra.9+0x40d/0x32c0 net/ipv6/ipv6_sockglue.c:166 stack backtrace: CPU: 1 PID: 6537 Comm: syz-executor7 Not tainted 4.4.141-g1b37d68 #7 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 0fee4b7de7739684 ffff8801ba5c7588 ffffffff81e0e18d ffffffff8539cdf0 ffffffff853e47c0 ffffffff8539cdf0 ffff8800acae3900 ffff8800acae3000 ffff8801ba5c75d0 ffffffff8140e71b 0000000000000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] print_circular_bug.cold.50+0x1bd/0x27d kernel/locking/lockdep.c:1226 [] check_prev_add kernel/locking/lockdep.c:1853 [inline] [] check_prevs_add kernel/locking/lockdep.c:1958 [inline] [] validate_chain kernel/locking/lockdep.c:2144 [inline] [] __lock_acquire+0x3902/0x5270 kernel/locking/lockdep.c:3213 [] lock_acquire+0x15e/0x450 kernel/locking/lockdep.c:3592 [] __mutex_lock_common kernel/locking/mutex.c:521 [inline] [] mutex_lock_nested+0xbb/0x850 kernel/locking/mutex.c:621 [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70 [] ipv6_sock_mc_close+0x10e/0x350 net/ipv6/mcast.c:288 [] do_ipv6_setsockopt.isra.9+0x28dc/0x32c0 net/ipv6/ipv6_sockglue.c:202 [] compat_ipv6_setsockopt+0xe9/0x1d0 net/ipv6/ipv6_sockglue.c:935 [] compat_udpv6_setsockopt+0x4a/0x90 net/ipv6/udp.c:1446 [] compat_sock_common_setsockopt+0xb4/0x150 net/core/sock.c:2670 [] C_SYSC_setsockopt net/compat.c:385 [inline] [] compat_SyS_setsockopt+0x14c/0x2a0 net/compat.c:368 [] do_syscall_32_irqs_on arch/x86/entry/common.c:393 [inline] [] do_fast_syscall_32+0x326/0x8b0 arch/x86/entry/common.c:460 [] sysenter_flags_fixed+0xd/0x17 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=30100 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=4 nlmsg_type=2618 sclass=netlink_tcpdiag_socket SELinux: unrecognized netlink message: protocol=4 nlmsg_type=8224 sclass=netlink_tcpdiag_socket SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17225 sclass=netlink_tcpdiag_socket SELinux: unrecognized netlink message: protocol=4 nlmsg_type=2618 sclass=netlink_tcpdiag_socket SELinux: unrecognized netlink message: protocol=4 nlmsg_type=8224 sclass=netlink_tcpdiag_socket SELinux: unrecognized netlink message: protocol=4 nlmsg_type=17225 sclass=netlink_tcpdiag_socket pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads netlink: 36 bytes leftover after parsing attributes in process `syz-executor0'. IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready netlink: 12 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 20 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 20 bytes leftover after parsing attributes in process `syz-executor0'. blk_update_request: I/O error, dev loop0, sector 0 Buffer I/O error on dev loop0, logical block 0, lost async page write blk_update_request: I/O error, dev loop0, sector 8 Buffer I/O error on dev loop0, logical block 1, lost async page write blk_update_request: I/O error, dev loop0, sector 16 Buffer I/O error on dev loop0, logical block 2, lost async page write blk_update_request: I/O error, dev loop0, sector 24 Buffer I/O error on dev loop0, logical block 3, lost async page write blk_update_request: I/O error, dev loop0, sector 32 Buffer I/O error on dev loop0, logical block 4, lost async page write blk_update_request: I/O error, dev loop0, sector 40 Buffer I/O error on dev loop0, logical block 5, lost async page write blk_update_request: I/O error, dev loop0, sector 48 Buffer I/O error on dev loop0, logical block 6, lost async page write blk_update_request: I/O error, dev loop0, sector 56 Buffer I/O error on dev loop0, logical block 7, lost async page write blk_update_request: I/O error, dev loop0, sector 64 Buffer I/O error on dev loop0, logical block 8, lost async page write blk_update_request: I/O error, dev loop0, sector 72 Buffer I/O error on dev loop0, logical block 9, lost async page write