./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2333665246 <...> Warning: Permanently added '10.128.0.78' (ED25519) to the list of known hosts. execve("./syz-executor2333665246", ["./syz-executor2333665246"], 0x7ffd4c29f9b0 /* 10 vars */) = 0 brk(NULL) = 0x555571fb3000 brk(0x555571fb3d00) = 0x555571fb3d00 arch_prctl(ARCH_SET_FS, 0x555571fb3380) = 0 set_tid_address(0x555571fb3650) = 5845 set_robust_list(0x555571fb3660, 24) = 0 rseq(0x555571fb3ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2333665246", 4096) = 28 getrandom("\xbe\x49\xe1\x85\xb3\x1d\xe5\x96", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555571fb3d00 brk(0x555571fd4d00) = 0x555571fd4d00 brk(0x555571fd5000) = 0x555571fd5000 mprotect(0x7f018ecf5000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 write(1, "executing program\n", 18executing program ) = 18 socket(AF_NETLINK, SOCK_RAW, NETLINK_RDMA) = 3 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\x38\x00\x00\x00\x03\x14\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x09\x00\x02\x00\x73\x79\x7a\x30\x00\x00\x00\x00\x08\x00\x41\x00\x73\x69\x77\x00\x14\x00\x33\x00\x6c\x6f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", iov_len=56}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 56 socket(AF_INET, SOCK_STREAM, 0x100 /* IPPROTO_??? */) = 4 sendto(4, NULL, 0, MSG_OOB|MSG_DONTROUTE|MSG_CTRUNC|MSG_PROBE|MSG_TRUNC|MSG_DONTWAIT|MSG_EOR|MSG_WAITALL|MSG_FIN|MSG_SYN|MSG_FASTOPEN, {sa_family=AF_INET, sin_port=htons(20003), sin_addr=inet_addr("172.20.20.19")}, 16) = -1 EINPROGRESS (Operation now in progress) socket(AF_SMC, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, SMCPROTO_SMC6) = 5 [ 57.370607][ T5845] lo speed is unknown, defaulting to 1000 [ 57.376449][ T5845] lo speed is unknown, defaulting to 1000 [ 57.383087][ T5845] lo speed is unknown, defaulting to 1000 [ 57.391041][ T5845] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 57.400970][ T5845] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 57.445733][ T5845] [ 57.448091][ T5845] ====================================================== [ 57.455084][ T5845] WARNING: possible circular locking dependency detected [ 57.462085][ T5845] 6.12.0-syzkaller-05480-gfcc79e1714e8 #0 Not tainted [ 57.468817][ T5845] ------------------------------------------------------ [ 57.475806][ T5845] syz-executor233/5845 is trying to acquire lock: [ 57.482199][ T5845] ffffffff8fce2348 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x15b/0x1190 [ 57.491513][ T5845] [ 57.491513][ T5845] but task is already holding lock: [ 57.498854][ T5845] ffff88807cfc0aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1c3/0xe50 [ 57.508924][ T5845] [ 57.508924][ T5845] which lock already depends on the new lock. [ 57.508924][ T5845] [ 57.519301][ T5845] [ 57.519301][ T5845] the existing dependency chain (in reverse order) is: [ 57.528290][ T5845] [ 57.528290][ T5845] -> #3 (&smc->clcsock_release_lock){+.+.}-{4:4}: [ 57.536868][ T5845] lock_acquire+0x1ed/0x550 [ 57.541875][ T5845] __mutex_lock+0x1ac/0xee0 [ 57.546880][ T5845] smc_switch_to_fallback+0x35/0xdb0 [ 57.552665][ T5845] smc_sendmsg+0x11f/0x530 [ 57.557585][ T5845] __sock_sendmsg+0x221/0x270 [ 57.562763][ T5845] __sys_sendto+0x363/0x4c0 [ 57.567763][ T5845] __x64_sys_sendto+0xde/0x100 [ 57.573023][ T5845] do_syscall_64+0xf3/0x230 [ 57.578023][ T5845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.584415][ T5845] [ 57.584415][ T5845] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}: [ 57.592061][ T5845] lock_acquire+0x1ed/0x550 [ 57.597063][ T5845] lock_sock_nested+0x48/0x100 [ 57.602332][ T5845] sock_set_reuseaddr+0x17/0x60 [ 57.607679][ T5845] siw_create_listen+0x196/0xfe0 [ 57.613120][ T5845] iw_cm_listen+0x15e/0x230 [ 57.618124][ T5845] rdma_listen+0x941/0xd60 [ 57.623038][ T5845] cma_listen_on_dev+0x3e3/0x6f0 [ 57.628473][ T5845] cma_add_one+0x7d7/0xcd0 [ 57.633388][ T5845] add_client_context+0x536/0x8b0 [ 57.638925][ T5845] enable_device_and_get+0x1e6/0x440 [ 57.644711][ T5845] ib_register_device+0x10d4/0x13e0 [ 57.650409][ T5845] siw_newlink+0x9d9/0xe50 [ 57.655325][ T5845] nldev_newlink+0x5c0/0x640 [ 57.660424][ T5845] rdma_nl_rcv+0x6dd/0x9e0 [ 57.665343][ T5845] netlink_unicast+0x7f6/0x990 [ 57.670603][ T5845] netlink_sendmsg+0x8e4/0xcb0 [ 57.675866][ T5845] __sock_sendmsg+0x221/0x270 [ 57.681065][ T5845] ____sys_sendmsg+0x52a/0x7e0 [ 57.686327][ T5845] __sys_sendmsg+0x269/0x350 [ 57.691418][ T5845] do_syscall_64+0xf3/0x230 [ 57.696425][ T5845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.702818][ T5845] [ 57.702818][ T5845] -> #1 (lock#7){+.+.}-{4:4}: [ 57.709661][ T5845] lock_acquire+0x1ed/0x550 [ 57.714663][ T5845] __mutex_lock+0x1ac/0xee0 [ 57.719667][ T5845] cma_init+0x1e/0x140 [ 57.724237][ T5845] do_one_initcall+0x248/0x880 [ 57.729500][ T5845] do_initcall_level+0x157/0x210 [ 57.734935][ T5845] do_initcalls+0x3f/0x80 [ 57.739765][ T5845] kernel_init_freeable+0x435/0x5d0 [ 57.745463][ T5845] kernel_init+0x1d/0x2b0 [ 57.750291][ T5845] ret_from_fork+0x4b/0x80 [ 57.755206][ T5845] ret_from_fork_asm+0x1a/0x30 [ 57.760472][ T5845] [ 57.760472][ T5845] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 57.767661][ T5845] validate_chain+0x18ef/0x5920 [ 57.773012][ T5845] __lock_acquire+0x1397/0x2100 [ 57.778359][ T5845] lock_acquire+0x1ed/0x550 [ 57.783366][ T5845] __mutex_lock+0x1ac/0xee0 [ 57.788372][ T5845] ip_mroute_setsockopt+0x15b/0x1190 [ 57.794165][ T5845] do_ip_setsockopt+0x129f/0x3cd0 [ 57.799692][ T5845] ip_setsockopt+0x63/0x100 [ 57.804696][ T5845] smc_setsockopt+0x275/0xe50 [ 57.809873][ T5845] do_sock_setsockopt+0x3af/0x720 [ 57.815399][ T5845] __x64_sys_setsockopt+0x1ee/0x280 [ 57.821096][ T5845] do_syscall_64+0xf3/0x230 [ 57.826096][ T5845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.832490][ T5845] [ 57.832490][ T5845] other info that might help us debug this: [ 57.832490][ T5845] [ 57.842697][ T5845] Chain exists of: [ 57.842697][ T5845] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 57.842697][ T5845] [ 57.856226][ T5845] Possible unsafe locking scenario: [ 57.856226][ T5845] [ 57.863651][ T5845] CPU0 CPU1 [ 57.868994][ T5845] ---- ---- [ 57.874334][ T5845] lock(&smc->clcsock_release_lock); [ 57.879684][ T5845] lock(sk_lock-AF_INET); [ 57.886596][ T5845] lock(&smc->clcsock_release_lock); [ 57.894466][ T5845] lock(rtnl_mutex); [ 57.898427][ T5845] [ 57.898427][ T5845] *** DEADLOCK *** [ 57.898427][ T5845] [ 57.906548][ T5845] 1 lock held by syz-executor233/5845: [ 57.911981][ T5845] #0: ffff88807cfc0aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1c3/0xe50 [ 57.922491][ T5845] [ 57.922491][ T5845] stack backtrace: [ 57.928367][ T5845] CPU: 0 UID: 0 PID: 5845 Comm: syz-executor233 Not tainted 6.12.0-syzkaller-05480-gfcc79e1714e8 #0 [ 57.939108][ T5845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 57.949167][ T5845] Call Trace: [ 57.952440][ T5845] [ 57.955384][ T5845] dump_stack_lvl+0x241/0x360 [ 57.960055][ T5845] ? __pfx_dump_stack_lvl+0x10/0x10 [ 57.965235][ T5845] ? __pfx__printk+0x10/0x10 [ 57.969817][ T5845] print_circular_bug+0x13a/0x1b0 [ 57.974826][ T5845] check_noncircular+0x36a/0x4a0 [ 57.979748][ T5845] ? __pfx_check_noncircular+0x10/0x10 [ 57.985189][ T5845] ? lockdep_lock+0x123/0x2b0 [ 57.989853][ T5845] ? validate_chain+0x11e/0x5920 [ 57.994779][ T5845] validate_chain+0x18ef/0x5920 [ 57.999615][ T5845] ? validate_chain+0x11e/0x5920 [ 58.004532][ T5845] ? validate_chain+0x11e/0x5920 [ 58.009454][ T5845] ? __pfx_validate_chain+0x10/0x10 [ 58.014633][ T5845] ? validate_chain+0x11e/0x5920 [ 58.019551][ T5845] ? __pfx_validate_chain+0x10/0x10 [ 58.024729][ T5845] ? __pfx_validate_chain+0x10/0x10 [ 58.029908][ T5845] ? validate_chain+0x11e/0x5920 [ 58.034826][ T5845] ? validate_chain+0x11e/0x5920 [ 58.039747][ T5845] ? mark_lock+0x9a/0x360 [ 58.044060][ T5845] __lock_acquire+0x1397/0x2100 [ 58.048892][ T5845] lock_acquire+0x1ed/0x550 [ 58.053372][ T5845] ? ip_mroute_setsockopt+0x15b/0x1190 [ 58.058815][ T5845] ? __pfx_lock_acquire+0x10/0x10 [ 58.063821][ T5845] ? __pfx___might_resched+0x10/0x10 [ 58.069090][ T5845] ? validate_chain+0x11e/0x5920 [ 58.074007][ T5845] __mutex_lock+0x1ac/0xee0 [ 58.078489][ T5845] ? ip_mroute_setsockopt+0x15b/0x1190 [ 58.083931][ T5845] ? register_lock_class+0x102/0x980 [ 58.089198][ T5845] ? ip_mroute_setsockopt+0x15b/0x1190 [ 58.094642][ T5845] ? __pfx___mutex_lock+0x10/0x10 [ 58.099646][ T5845] ? __lock_acquire+0x1397/0x2100 [ 58.104648][ T5845] ip_mroute_setsockopt+0x15b/0x1190 [ 58.109918][ T5845] ? __pfx_ip_mroute_setsockopt+0x10/0x10 [ 58.115619][ T5845] ? __pfx___might_resched+0x10/0x10 [ 58.120886][ T5845] ? __pfx___mutex_trylock_common+0x10/0x10 [ 58.126758][ T5845] do_ip_setsockopt+0x129f/0x3cd0 [ 58.131768][ T5845] ? trace_contention_end+0x3c/0x120 [ 58.137032][ T5845] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 58.142389][ T5845] ? smc_setsockopt+0x1c3/0xe50 [ 58.147224][ T5845] ? __pfx___mutex_lock+0x10/0x10 [ 58.152227][ T5845] ? do_raw_spin_lock+0x14f/0x370 [ 58.157234][ T5845] ip_setsockopt+0x63/0x100 [ 58.161719][ T5845] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 58.167596][ T5845] smc_setsockopt+0x275/0xe50 [ 58.172258][ T5845] ? __pfx_smc_setsockopt+0x10/0x10 [ 58.177439][ T5845] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 58.183401][ T5845] ? aa_sock_opt_perm+0x79/0x120 [ 58.188338][ T5845] ? __pfx_smc_setsockopt+0x10/0x10 [ 58.193530][ T5845] do_sock_setsockopt+0x3af/0x720 [ 58.198537][ T5845] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 58.204062][ T5845] ? ptrace_notify+0x279/0x380 [ 58.208814][ T5845] __x64_sys_setsockopt+0x1ee/0x280 [ 58.213993][ T5845] do_syscall_64+0xf3/0x230 [ 58.218474][ T5845] ? clear_bhb_loop+0x35/0x90 [ 58.223129][ T5845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.228999][ T5845] RIP: 0033:0x7f018ec824a9 [ 58.233403][ T5845] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 58.252987][ T5845] RSP: 002b:00007ffe0c6806e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 58.261383][ T5845] RAX: ffffffffffffffda RBX: 00007ffe0c6808b8 RCX: 00007f018ec824a9 [ 58.269333][ T5845] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000005 [ 58.277284][ T5845] RBP: 00007f018ecf5610 R08: 0000000000000000 R09: 00007ffe0c6808b8 [ 58.285234][ T5845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 setsockopt(5, SOL_IP, 0xd2 /* IP_??? */, NULL, 0) = -1 EINVAL (Invalid argument) exit_group(0) = ? +++ exited with 0 +++ [ 58.293191][ T5845] R13: 00007ffe0c6808a8 R14: 0000000000000001 R15: 0