./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor158498009
<...>
Warning: Permanently added '10.128.1.232' (ED25519) to the list of known hosts.
execve("./syz-executor158498009", ["./syz-executor158498009"], 0x7ffd9d925b60 /* 10 vars */) = 0
brk(NULL) = 0x555593a0a000
brk(0x555593a0ad00) = 0x555593a0ad00
arch_prctl(ARCH_SET_FS, 0x555593a0a380) = 0
set_tid_address(0x555593a0a650) = 5839
set_robust_list(0x555593a0a660, 24) = 0
rseq(0x555593a0aca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor158498009", 4096) = 27
getrandom("\xaa\x08\xfd\xff\x50\x89\xa0\xa2", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555593a0ad00
brk(0x555593a2bd00) = 0x555593a2bd00
brk(0x555593a2c000) = 0x555593a2c000
mprotect(0x7f468bc8f000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
executing program
write(1, "executing program\n", 18) = 18
socket(AF_INET, SOCK_RAW, IPPROTO_IGMP) = 3
setsockopt(3, SOL_IP, IP_ADD_SOURCE_MEMBERSHIP, NULL, 0) = -1 EINVAL (Invalid argument)
socket(AF_INET, SOCK_STREAM, 0x100 /* IPPROTO_??? */) = 4
sendto(4, NULL, 0, MSG_OOB|MSG_DONTROUTE|MSG_CTRUNC|MSG_PROBE|MSG_TRUNC|MSG_DONTWAIT|MSG_EOR|MSG_WAITALL|MSG_FIN|MSG_SYN|MSG_FASTOPEN, NULL, 0) = -1 EINVAL (Invalid argument)
socket(AF_SMC, SOCK_STREAM, SMCPROTO_SMC) = 5
[ 64.062094][ T5839]
[ 64.064474][ T5839] ======================================================
[ 64.071473][ T5839] WARNING: possible circular locking dependency detected
[ 64.078488][ T5839] 6.12.0-rc5-syzkaller-00181-g6c52d4da1c74 #0 Not tainted
[ 64.085577][ T5839] ------------------------------------------------------
[ 64.092577][ T5839] syz-executor158/5839 is trying to acquire lock:
[ 64.098988][ T5839] ffffffff8fcd3448 (rtnl_mutex){+.+.}-{3:3}, at: start_sync_thread+0xdc/0x2dc0
[ 64.107977][ T5839]
[ 64.107977][ T5839] but task is already holding lock:
[ 64.115326][ T5839] ffff888034ac8aa8 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_setsockopt+0x1c3/0xe50
[ 64.125394][ T5839]
[ 64.125394][ T5839] which lock already depends on the new lock.
[ 64.125394][ T5839]
[ 64.135864][ T5839]
[ 64.135864][ T5839] the existing dependency chain (in reverse order) is:
[ 64.144859][ T5839]
[ 64.144859][ T5839] -> #2 (&smc->clcsock_release_lock){+.+.}-{3:3}:
[ 64.153439][ T5839] lock_acquire+0x1ed/0x550
[ 64.158458][ T5839] __mutex_lock+0x136/0xd70
[ 64.163470][ T5839] smc_switch_to_fallback+0x35/0xdb0
[ 64.169260][ T5839] smc_sendmsg+0x11f/0x530
[ 64.174178][ T5839] __sock_sendmsg+0x221/0x270
[ 64.179362][ T5839] __sys_sendto+0x39b/0x4f0
[ 64.184374][ T5839] __x64_sys_sendto+0xde/0x100
[ 64.189637][ T5839] do_syscall_64+0xf3/0x230
[ 64.194642][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 64.201035][ T5839]
[ 64.201035][ T5839] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[ 64.208661][ T5839] lock_acquire+0x1ed/0x550
[ 64.213673][ T5839] lock_sock_nested+0x48/0x100
[ 64.218942][ T5839] do_ip_setsockopt+0x1a2d/0x3cd0
[ 64.224470][ T5839] ip_setsockopt+0x63/0x100
[ 64.229475][ T5839] do_sock_setsockopt+0x3af/0x720
[ 64.235008][ T5839] __sys_setsockopt+0x1a2/0x250
[ 64.240364][ T5839] __x64_sys_setsockopt+0xb5/0xd0
[ 64.245890][ T5839] do_syscall_64+0xf3/0x230
[ 64.250898][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 64.257298][ T5839]
[ 64.257298][ T5839] -> #0 (rtnl_mutex){+.+.}-{3:3}:
[ 64.264510][ T5839] validate_chain+0x18ef/0x5920
[ 64.269876][ T5839] __lock_acquire+0x1384/0x2050
[ 64.275234][ T5839] lock_acquire+0x1ed/0x550
[ 64.280243][ T5839] __mutex_lock+0x136/0xd70
[ 64.285250][ T5839] start_sync_thread+0xdc/0x2dc0
[ 64.290712][ T5839] do_ip_vs_set_ctl+0x442/0x13d0
[ 64.296194][ T5839] nf_setsockopt+0x295/0x2c0
[ 64.301293][ T5839] smc_setsockopt+0x275/0xe50
[ 64.306479][ T5839] do_sock_setsockopt+0x3af/0x720
[ 64.312010][ T5839] __sys_setsockopt+0x1a2/0x250
[ 64.317387][ T5839] __x64_sys_setsockopt+0xb5/0xd0
[ 64.322915][ T5839] do_syscall_64+0xf3/0x230
[ 64.327922][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 64.334320][ T5839]
[ 64.334320][ T5839] other info that might help us debug this:
[ 64.334320][ T5839]
[ 64.344536][ T5839] Chain exists of:
[ 64.344536][ T5839] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[ 64.344536][ T5839]
[ 64.358075][ T5839] Possible unsafe locking scenario:
[ 64.358075][ T5839]
[ 64.365510][ T5839] CPU0 CPU1
[ 64.370854][ T5839] ---- ----
[ 64.376217][ T5839] lock(&smc->clcsock_release_lock);
[ 64.381575][ T5839] lock(sk_lock-AF_INET);
[ 64.388493][ T5839] lock(&smc->clcsock_release_lock);
[ 64.396366][ T5839] lock(rtnl_mutex);
[ 64.400337][ T5839]
[ 64.400337][ T5839] *** DEADLOCK ***
[ 64.400337][ T5839]
[ 64.408466][ T5839] 1 lock held by syz-executor158/5839:
[ 64.413906][ T5839] #0: ffff888034ac8aa8 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_setsockopt+0x1c3/0xe50
[ 64.424421][ T5839]
[ 64.424421][ T5839] stack backtrace:
[ 64.430304][ T5839] CPU: 0 UID: 0 PID: 5839 Comm: syz-executor158 Not tainted 6.12.0-rc5-syzkaller-00181-g6c52d4da1c74 #0
[ 64.441389][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 64.451467][ T5839] Call Trace:
[ 64.454761][ T5839] <TASK>
[ 64.457698][ T5839] dump_stack_lvl+0x241/0x360
[ 64.462387][ T5839] ? __pfx_dump_stack_lvl+0x10/0x10
[ 64.467566][ T5839] ? __pfx__printk+0x10/0x10
[ 64.472141][ T5839] print_circular_bug+0x13a/0x1b0
[ 64.477153][ T5839] check_noncircular+0x36a/0x4a0
[ 64.482083][ T5839] ? __pfx_check_noncircular+0x10/0x10
[ 64.487526][ T5839] ? lockdep_lock+0x123/0x2b0
[ 64.492192][ T5839] ? rcu_is_watching+0x15/0xb0
[ 64.496942][ T5839] validate_chain+0x18ef/0x5920
[ 64.501774][ T5839] ? __pfx_lock_acquire+0x10/0x10
[ 64.506809][ T5839] ? preempt_count_add+0x93/0x190
[ 64.511821][ T5839] ? __pfx_validate_chain+0x10/0x10
[ 64.517009][ T5839] ? is_bpf_text_address+0x285/0x2a0
[ 64.522282][ T5839] ? is_bpf_text_address+0x26/0x2a0
[ 64.527464][ T5839] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 64.533602][ T5839] ? kernel_text_address+0xa7/0xe0
[ 64.538697][ T5839] ? __kernel_text_address+0xd/0x40
[ 64.543891][ T5839] ? unwind_get_return_address+0x4d/0x90
[ 64.549513][ T5839] ? arch_stack_walk+0xfd/0x150
[ 64.554357][ T5839] ? stack_trace_save+0x118/0x1d0
[ 64.559380][ T5839] ? __pfx_stack_trace_save+0x10/0x10
[ 64.564739][ T5839] ? mark_lock+0x9a/0x360
[ 64.569054][ T5839] __lock_acquire+0x1384/0x2050
[ 64.573917][ T5839] lock_acquire+0x1ed/0x550
[ 64.578407][ T5839] ? start_sync_thread+0xdc/0x2dc0
[ 64.583530][ T5839] ? __pfx_lock_acquire+0x10/0x10
[ 64.588540][ T5839] ? __pfx___might_resched+0x10/0x10
[ 64.593811][ T5839] ? __pfx_validate_chain+0x10/0x10
[ 64.598992][ T5839] __mutex_lock+0x136/0xd70
[ 64.603481][ T5839] ? start_sync_thread+0xdc/0x2dc0
[ 64.608595][ T5839] ? validate_chain+0x15c0/0x5920
[ 64.613648][ T5839] ? start_sync_thread+0xdc/0x2dc0
[ 64.618761][ T5839] ? __pfx___mutex_lock+0x10/0x10
[ 64.623777][ T5839] start_sync_thread+0xdc/0x2dc0
[ 64.628704][ T5839] ? __lock_acquire+0x1384/0x2050
[ 64.633722][ T5839] ? __pfx_start_sync_thread+0x10/0x10
[ 64.639208][ T5839] ? __pfx___might_resched+0x10/0x10
[ 64.644497][ T5839] ? __might_fault+0xaa/0x120
[ 64.649194][ T5839] ? __pfx_lock_release+0x10/0x10
[ 64.654210][ T5839] ? apparmor_capable+0x13b/0x1b0
[ 64.659236][ T5839] ? read_word_at_a_time+0xe/0x20
[ 64.664250][ T5839] ? sized_strscpy+0x8d/0x220
[ 64.668912][ T5839] do_ip_vs_set_ctl+0x442/0x13d0
[ 64.673863][ T5839] ? __pfx___might_resched+0x10/0x10
[ 64.679137][ T5839] ? __pfx_do_ip_vs_set_ctl+0x10/0x10
[ 64.684511][ T5839] ? rcu_is_watching+0x15/0xb0
[ 64.689262][ T5839] ? __mutex_unlock_slowpath+0x21d/0x750
[ 64.694879][ T5839] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 64.700843][ T5839] ? __pfx___mutex_lock+0x10/0x10
[ 64.705861][ T5839] nf_setsockopt+0x295/0x2c0
[ 64.710460][ T5839] ? __pfx_sock_common_setsockopt+0x10/0x10
[ 64.716346][ T5839] smc_setsockopt+0x275/0xe50
[ 64.721014][ T5839] ? __pfx_smc_setsockopt+0x10/0x10
[ 64.726216][ T5839] ? aa_sock_opt_perm+0x79/0x120
[ 64.731141][ T5839] ? __pfx_smc_setsockopt+0x10/0x10
[ 64.736324][ T5839] do_sock_setsockopt+0x3af/0x720
[ 64.741336][ T5839] ? __pfx_do_sock_setsockopt+0x10/0x10
[ 64.746868][ T5839] ? _raw_spin_unlock_irq+0x2e/0x50
[ 64.752050][ T5839] ? ptrace_notify+0x279/0x380
[ 64.756798][ T5839] ? __pfx_ptrace_notify+0x10/0x10
[ 64.761896][ T5839] __sys_setsockopt+0x1a2/0x250
[ 64.766736][ T5839] __x64_sys_setsockopt+0xb5/0xd0
[ 64.771744][ T5839] do_syscall_64+0xf3/0x230
[ 64.776234][ T5839] ? clear_bhb_loop+0x35/0x90
[ 64.780892][ T5839] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 64.786777][ T5839] RIP: 0033:0x7f468bc1c369
[ 64.791199][ T5839] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 64.810793][ T5839] RSP: 002b:00007ffe79331b18 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 64.819190][ T5839] RAX: ffffffffffffffda RBX: 00007ffe79331ce8 RCX: 00007f468bc1c369
[ 64.827148][ T5839] RDX: 000000000000048b RSI: 0000000000000000 RDI: 0000000000000005
[ 64.835099][ T5839] RBP: 00007f468bc8f610 R08: 0000000000000018 R09: 00007ffe79331ce8
[ 64.843079][ T5839] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[ 64.851032][ T5839] R13: 00007ffe79331cd8 R14: 0000000000000001 R15: 0000000000000001
[ 64.858997][ T5839] </TASK>
setsockopt(5, SOL_IP, IP_VS_SO_SET_STARTDAEMON, "\x02\x00\x00\x00\x6d\x61\x63\x76\x6c\x61\x6e\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24) = -1 ENODEV (No such device)
exit_group(0) = ?
+++ exited with 0 +++
[ 64.862739][ T5839] IPVS: Unkn