./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3047595499

<...>
Warning: Permanently added '10.128.1.43' (ED25519) to the list of known hosts.
execve("./syz-executor3047595499", ["./syz-executor3047595499"], 0x7fff756cdcf0 /* 10 vars */) = 0
brk(NULL)                               = 0x55558803c000
brk(0x55558803cd00)                     = 0x55558803cd00
arch_prctl(ARCH_SET_FS, 0x55558803c380) = 0
set_tid_address(0x55558803c650)         = 5831
set_robust_list(0x55558803c660, 24)     = 0
rseq(0x55558803cca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3047595499", 4096) = 28
getrandom("\x54\xe4\x53\x0b\x44\xc6\x55\x10", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55558803cd00
brk(0x55558805dd00)                     = 0x55558805dd00
brk(0x55558805e000)                     = 0x55558805e000
mprotect(0x7f1dae08d000, 16384, PROT_READ) = 0
mmap(0x3ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x3ffffffff000
mmap(0x400000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400000000000
mmap(0x400001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400001000000
executing program
write(1, "executing program\n", 18)     = 18
socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
setsockopt(3, SOL_IP, IP_ADD_MEMBERSHIP, NULL, 0) = -1 EINVAL (Invalid argument)
socket(AF_INET, SOCK_STREAM, 256)       = 4
setsockopt(4, SOL_IP, MCAST_MSFILTER, NULL, 0) = -1 EINVAL (Invalid argument)
[   61.735167][ T5831] 
[   61.737520][ T5831] ======================================================
[   61.744548][ T5831] WARNING: possible circular locking dependency detected
[   61.751861][ T5831] 6.14.0-rc1-syzkaller-00197-gacdefab0dcbc #0 Not tainted
[   61.758951][ T5831] ------------------------------------------------------
[   61.765969][ T5831] syz-executor304/5831 is trying to acquire lock:
[   61.772362][ T5831] ffff888035068aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x35/0xd90
[   61.783283][ T5831] 
[   61.783283][ T5831] but task is already holding lock:
[   61.790659][ T5831] ffff888035068258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x55/0x530
[   61.799515][ T5831] 
[   61.799515][ T5831] which lock already depends on the new lock.
[   61.799515][ T5831] 
[   61.809899][ T5831] 
[   61.809899][ T5831] the existing dependency chain (in reverse order) is:
[   61.818891][ T5831] 
[   61.818891][ T5831] -> #2 (sk_lock-AF_INET){+.+.}-{0:0}:
[   61.826524][ T5831]        lock_acquire+0x1ed/0x550
[   61.831541][ T5831]        lock_sock_nested+0x48/0x100
[   61.836821][ T5831]        do_ip_setsockopt+0x1a2d/0x3cd0
[   61.842356][ T5831]        ip_setsockopt+0x63/0x100
[   61.847368][ T5831]        do_sock_setsockopt+0x3af/0x720
[   61.852903][ T5831]        __x64_sys_setsockopt+0x1ee/0x280
[   61.858678][ T5831]        do_syscall_64+0xf3/0x230
[   61.863729][ T5831]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.870220][ T5831] 
[   61.870220][ T5831] -> #1 (rtnl_mutex){+.+.}-{4:4}:
[   61.877413][ T5831]        lock_acquire+0x1ed/0x550
[   61.882428][ T5831]        __mutex_lock+0x19c/0x1010
[   61.887593][ T5831]        do_ip_setsockopt+0x127d/0x3cd0
[   61.893131][ T5831]        ip_setsockopt+0x63/0x100
[   61.898164][ T5831]        smc_setsockopt+0x275/0xe50
[   61.903372][ T5831]        do_sock_setsockopt+0x3af/0x720
[   61.909103][ T5831]        __x64_sys_setsockopt+0x1ee/0x280
[   61.914912][ T5831]        do_syscall_64+0xf3/0x230
[   61.919928][ T5831]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.926340][ T5831] 
[   61.926340][ T5831] -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[   61.935025][ T5831]        validate_chain+0x18ef/0x5920
[   61.940399][ T5831]        __lock_acquire+0x1397/0x2100
[   61.945770][ T5831]        lock_acquire+0x1ed/0x550
[   61.950811][ T5831]        __mutex_lock+0x19c/0x1010
[   61.955952][ T5831]        smc_switch_to_fallback+0x35/0xd90
[   61.961784][ T5831]        smc_sendmsg+0x11f/0x530
[   61.966718][ T5831]        __sock_sendmsg+0x221/0x270
[   61.971954][ T5831]        ____sys_sendmsg+0x52a/0x7e0
[   61.977238][ T5831]        __sys_sendmsg+0x269/0x350
[   61.982344][ T5831]        do_syscall_64+0xf3/0x230
[   61.987365][ T5831]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.993925][ T5831] 
[   61.993925][ T5831] other info that might help us debug this:
[   61.993925][ T5831] 
[   62.004166][ T5831] Chain exists of:
[   62.004166][ T5831]   &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET
[   62.004166][ T5831] 
[   62.017744][ T5831]  Possible unsafe locking scenario:
[   62.017744][ T5831] 
[   62.025222][ T5831]        CPU0                    CPU1
[   62.030600][ T5831]        ----                    ----
[   62.036005][ T5831]   lock(sk_lock-AF_INET);
[   62.040524][ T5831]                                lock(rtnl_mutex);
[   62.047046][ T5831]                                lock(sk_lock-AF_INET);
[   62.053992][ T5831]   lock(&smc->clcsock_release_lock);
[   62.059385][ T5831] 
[   62.059385][ T5831]  *** DEADLOCK ***
[   62.059385][ T5831] 
[   62.067535][ T5831] 1 lock held by syz-executor304/5831:
[   62.072996][ T5831]  #0: ffff888035068258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x55/0x530
[   62.082214][ T5831] 
[   62.082214][ T5831] stack backtrace:
[   62.088360][ T5831] CPU: 1 UID: 0 PID: 5831 Comm: syz-executor304 Not tainted 6.14.0-rc1-syzkaller-00197-gacdefab0dcbc #0
[   62.088372][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   62.088381][ T5831] Call Trace:
[   62.088388][ T5831]  <TASK>
[   62.088393][ T5831]  dump_stack_lvl+0x241/0x360
[   62.088407][ T5831]  ? __pfx_dump_stack_lvl+0x10/0x10
[   62.088416][ T5831]  ? __pfx__printk+0x10/0x10
[   62.088431][ T5831]  print_circular_bug+0x13a/0x1b0
[   62.088441][ T5831]  check_noncircular+0x36a/0x4a0
[   62.088451][ T5831]  ? __pfx_check_noncircular+0x10/0x10
[   62.088460][ T5831]  ? lockdep_lock+0x123/0x2b0
[   62.088473][ T5831]  validate_chain+0x18ef/0x5920
[   62.088483][ T5831]  ? validate_chain+0x11e/0x5920
[   62.088493][ T5831]  ? __pfx_validate_chain+0x10/0x10
[   62.088501][ T5831]  ? __lock_acquire+0x1397/0x2100
[   62.088512][ T5831]  ? validate_chain+0x11e/0x5920
[   62.088520][ T5831]  ? mark_lock+0x9a/0x360
[   62.088532][ T5831]  ? validate_chain+0x11e/0x5920
[   62.088539][ T5831]  ? validate_chain+0x11e/0x5920
[   62.088548][ T5831]  ? validate_chain+0x11e/0x5920
[   62.088557][ T5831]  ? mark_lock+0x9a/0x360
[   62.088568][ T5831]  ? __pfx_validate_chain+0x10/0x10
[   62.088576][ T5831]  __lock_acquire+0x1397/0x2100
[   62.088590][ T5831]  lock_acquire+0x1ed/0x550
[   62.088601][ T5831]  ? smc_switch_to_fallback+0x35/0xd90
[   62.088615][ T5831]  ? __pfx_lock_acquire+0x10/0x10
[   62.088626][ T5831]  ? __pfx___might_resched+0x10/0x10
[   62.088637][ T5831]  ? __lock_acquire+0x1397/0x2100
[   62.088649][ T5831]  __mutex_lock+0x19c/0x1010
[   62.088661][ T5831]  ? smc_switch_to_fallback+0x35/0xd90
[   62.088673][ T5831]  ? mark_lock+0x9a/0x360
[   62.088685][ T5831]  ? smc_switch_to_fallback+0x35/0xd90
[   62.088695][ T5831]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   62.088706][ T5831]  ? __pfx___mutex_lock+0x10/0x10
[   62.088717][ T5831]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   62.088730][ T5831]  ? __local_bh_enable_ip+0x168/0x200
[   62.088739][ T5831]  ? lockdep_hardirqs_on+0x99/0x150
[   62.088750][ T5831]  ? __local_bh_enable_ip+0x168/0x200
[   62.088759][ T5831]  smc_switch_to_fallback+0x35/0xd90
[   62.088770][ T5831]  ? do_raw_spin_unlock+0x13c/0x8b0
[   62.088785][ T5831]  smc_sendmsg+0x11f/0x530
[   62.088797][ T5831]  ? __pfx_smc_sendmsg+0x10/0x10
[   62.088807][ T5831]  __sock_sendmsg+0x221/0x270
[   62.088819][ T5831]  ____sys_sendmsg+0x52a/0x7e0
[   62.088829][ T5831]  ? __pfx_____sys_sendmsg+0x10/0x10
[   62.088839][ T5831]  ? do_raw_spin_lock+0x14f/0x370
[   62.088849][ T5831]  __sys_sendmsg+0x269/0x350
[   62.088858][ T5831]  ? __pfx___sys_sendmsg+0x10/0x10
[   62.088868][ T5831]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   62.088882][ T5831]  ? _raw_spin_unlock_irq+0x2e/0x50
[   62.088891][ T5831]  ? ptrace_notify+0x279/0x380
[   62.088901][ T5831]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   62.088913][ T5831]  ? exc_page_fault+0x590/0x8b0
[   62.088924][ T5831]  do_syscall_64+0xf3/0x230
[   62.088936][ T5831]  ? clear_bhb_loop+0x35/0x90
[   62.088949][ T5831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.088961][ T5831] RIP: 0033:0x7f1dae01a369
[   62.088973][ T5831] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   62.088980][ T5831] RSP: 002b:00007ffd2c2dabd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.088990][ T5831] RAX: ffffffffffffffda RBX: 00007ffd2c2dada8 RCX: 00007f1dae01a369
[   62.088996][ T5831] RDX: 0000000020001090 RSI: 00004000000003c0 RDI: 0000000000000004
sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=NULL, iov_len=0}], msg_iovlen=1, msg_controllen=0, msg_flags=MSG_ZEROCOPY}, MSG_PROBE|MSG_EOR|MSG_RST|MSG_FASTOPEN) = -1 EINVAL (Invalid argument)
exit_group(0)                           = ?
+++ exited with 0 +++
[   62.089002][ T5831] RBP: 00007f1dae08d610 R08: 00007ffd2c2dada8 R09: 00007ffd2c2dada8