====================================================== WARNING: possible circular locking dependency detected 6.12.0-rc6-syzkaller-g57f7c7dc78cd #0 Not tainted ------------------------------------------------------ syz.4.1396/10084 is trying to acquire lock: ffffffff895c2aa8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x22/0x2a net/core/rtnetlink.c:79 but task is already holding lock: ff6000001b3ecfa8 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_setsockopt+0x112/0xd4e net/smc/af_smc.c:3056 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&smc->clcsock_release_lock){+.+.}-{3:3}: lock_acquire.part.0+0x2c6/0x81c kernel/locking/lockdep.c:5825 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5798 __mutex_lock_common kernel/locking/mutex.c:608 [inline] __mutex_lock+0x150/0x1022 kernel/locking/mutex.c:752 mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:804 smc_switch_to_fallback+0x3a/0x9d8 net/smc/af_smc.c:902 smc_sendmsg+0x14c/0xd12 net/smc/af_smc.c:2771 sock_sendmsg_nosec net/socket.c:729 [inline] __sock_sendmsg+0xcc/0x160 net/socket.c:744 __sys_sendto+0x230/0x320 net/socket.c:2214 __do_sys_sendto net/socket.c:2226 [inline] __se_sys_sendto net/socket.c:2222 [inline] __riscv_sys_sendto+0xc0/0x158 net/socket.c:2222 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 _new_vmalloc_restore_context_a0+0xc2/0xce -> #1 (sk_lock-AF_INET6){+.+.}-{0:0}: lock_acquire.part.0+0x2c6/0x81c kernel/locking/lockdep.c:5825 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5798 lock_sock_nested+0x38/0xf6 net/core/sock.c:3611 lock_sock include/net/sock.h:1611 [inline] sockopt_lock_sock net/core/sock.c:1125 [inline] sockopt_lock_sock+0x62/0x82 net/core/sock.c:1116 do_ipv6_setsockopt+0x2626/0x4170 net/ipv6/ipv6_sockglue.c:567 ipv6_setsockopt+0xc8/0x16e net/ipv6/ipv6_sockglue.c:993 udpv6_setsockopt+0x7a/0xc2 net/ipv6/udp.c:1704 sock_common_setsockopt+0x90/0xc0 net/core/sock.c:3803 do_sock_setsockopt+0x20a/0x402 net/socket.c:2334 __sys_setsockopt+0xf0/0x1aa net/socket.c:2357 __do_sys_setsockopt net/socket.c:2366 [inline] __se_sys_setsockopt net/socket.c:2363 [inline] __riscv_sys_setsockopt+0xa6/0x114 net/socket.c:2363 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 _new_vmalloc_restore_context_a0+0xc2/0xce -> #0 (rtnl_mutex){+.+.}-{3:3}: check_noncircular+0x2ba/0x354 kernel/locking/lockdep.c:2206 check_prev_add kernel/locking/lockdep.c:3161 [inline] check_prevs_add kernel/locking/lockdep.c:3280 [inline] validate_chain kernel/locking/lockdep.c:3904 [inline] __lock_acquire+0x2d00/0x8320 kernel/locking/lockdep.c:5202 lock_acquire.part.0+0x2c6/0x81c kernel/locking/lockdep.c:5825 lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5798 __mutex_lock_common kernel/locking/mutex.c:608 [inline] __mutex_lock+0x150/0x1022 kernel/locking/mutex.c:752 mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:804 rtnl_lock+0x22/0x2a net/core/rtnetlink.c:79 ip_mroute_setsockopt+0x110/0x1276 net/ipv4/ipmr.c:1370 do_ip_setsockopt+0x24a/0x32ee net/ipv4/ip_sockglue.c:948 ip_setsockopt+0x52/0xe6 net/ipv4/ip_sockglue.c:1417 tcp_setsockopt+0x8e/0xe0 net/ipv4/tcp.c:4029 sock_common_setsockopt+0x90/0xc0 net/core/sock.c:3803 smc_setsockopt+0x196/0xd4e net/smc/af_smc.c:3064 do_sock_setsockopt+0x20a/0x402 net/socket.c:2334 __sys_setsockopt+0xf0/0x1aa net/socket.c:2357 __do_sys_setsockopt net/socket.c:2366 [inline] __se_sys_setsockopt net/socket.c:2363 [inline] __riscv_sys_setsockopt+0xa6/0x114 net/socket.c:2363 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 _new_vmalloc_restore_context_a0+0xc2/0xce other info that might help us debug this: Chain exists of: rtnl_mutex --> sk_lock-AF_INET6 --> &smc->clcsock_release_lock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&smc->clcsock_release_lock); lock(sk_lock-AF_INET6); lock(&smc->clcsock_release_lock); lock(rtnl_mutex); *** DEADLOCK *** 1 lock held by syz.4.1396/10084: #0: ff6000001b3ecfa8 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_setsockopt+0x112/0xd4e net/smc/af_smc.c:3056 stack backtrace: CPU: 1 UID: 0 PID: 10084 Comm: syz.4.1396 Not tainted 6.12.0-rc6-syzkaller-g57f7c7dc78cd #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:130 [] show_stack+0x34/0x40 arch/riscv/kernel/stacktrace.c:136 [] __dump_stack lib/dump_stack.c:94 [inline] [] dump_stack_lvl+0x122/0x196 lib/dump_stack.c:120 [] dump_stack+0x1c/0x24 lib/dump_stack.c:129 [] print_circular_bug+0x6be/0x748 kernel/locking/lockdep.c:2074 [] check_noncircular+0x2ba/0x354 kernel/locking/lockdep.c:2206 [] check_prev_add kernel/locking/lockdep.c:3161 [inline] [] check_prevs_add kernel/locking/lockdep.c:3280 [inline] [] validate_chain kernel/locking/lockdep.c:3904 [inline] [] __lock_acquire+0x2d00/0x8320 kernel/locking/lockdep.c:5202 [] lock_acquire.part.0+0x2c6/0x81c kernel/locking/lockdep.c:5825 [] lock_acquire+0x74/0x98 kernel/locking/lockdep.c:5798 [] __mutex_lock_common kernel/locking/mutex.c:608 [inline] [] __mutex_lock+0x150/0x1022 kernel/locking/mutex.c:752 [] mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:804 [] rtnl_lock+0x22/0x2a net/core/rtnetlink.c:79 [] ip_mroute_setsockopt+0x110/0x1276 net/ipv4/ipmr.c:1370 [] do_ip_setsockopt+0x24a/0x32ee net/ipv4/ip_sockglue.c:948 [] ip_setsockopt+0x52/0xe6 net/ipv4/ip_sockglue.c:1417 [] tcp_setsockopt+0x8e/0xe0 net/ipv4/tcp.c:4029 [] sock_common_setsockopt+0x90/0xc0 net/core/sock.c:3803 [] smc_setsockopt+0x196/0xd4e net/smc/af_smc.c:3064 [] do_sock_setsockopt+0x20a/0x402 net/socket.c:2334 [] __sys_setsockopt+0xf0/0x1aa net/socket.c:2357 [] __do_sys_setsockopt net/socket.c:2366 [inline] [] __se_sys_setsockopt net/socket.c:2363 [inline] [] __riscv_sys_setsockopt+0xa6/0x114 net/socket.c:2363 [] syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 [] do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 [] _new_vmalloc_restore_context_a0+0xc2/0xce