====================================================== WARNING: possible circular locking dependency detected 6.14.0-rc1-syzkaller-g245aece3750d #0 Not tainted ------------------------------------------------------ syz.1.1039/6792 is trying to acquire lock: ffffaf80317e8aa8 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_switch_to_fallback+0x3e/0xa96 net/smc/af_smc.c:903 but task is already holding lock: ffffaf80317e8258 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1624 [inline] ffffaf80317e8258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x4e/0xd12 net/smc/af_smc.c:2775 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (sk_lock-AF_INET){+.+.}-{0:0}: lock_acquire kernel/locking/lockdep.c:5851 [inline] lock_acquire+0x36a/0xb7c kernel/locking/lockdep.c:5816 lock_sock_nested+0x38/0xf6 net/core/sock.c:3645 lock_sock include/net/sock.h:1624 [inline] sockopt_lock_sock net/core/sock.c:1133 [inline] sockopt_lock_sock+0x62/0x82 net/core/sock.c:1124 do_ip_setsockopt+0x11c/0x32ee net/ipv4/ip_sockglue.c:1078 ip_setsockopt+0x52/0xe6 net/ipv4/ip_sockglue.c:1417 udp_setsockopt+0x7e/0xc2 net/ipv4/udp.c:3053 sock_common_setsockopt+0x90/0xc0 net/core/sock.c:3837 do_sock_setsockopt+0x20a/0x402 net/socket.c:2298 __sys_setsockopt+0x140/0x1cc net/socket.c:2323 __do_sys_setsockopt net/socket.c:2329 [inline] __se_sys_setsockopt net/socket.c:2326 [inline] __riscv_sys_setsockopt+0xa6/0x114 net/socket.c:2326 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197 -> #1 (rtnl_mutex){+.+.}-{4:4}: lock_acquire kernel/locking/lockdep.c:5851 [inline] lock_acquire+0x36a/0xb7c kernel/locking/lockdep.c:5816 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x166/0x1230 kernel/locking/mutex.c:730 mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:782 rtnl_lock+0x22/0x2a net/core/rtnetlink.c:79 ip_mroute_setsockopt+0x110/0x1276 net/ipv4/ipmr.c:1396 do_ip_setsockopt+0x24a/0x32ee net/ipv4/ip_sockglue.c:948 ip_setsockopt+0x52/0xe6 net/ipv4/ip_sockglue.c:1417 tcp_setsockopt+0x8e/0xe0 net/ipv4/tcp.c:4030 sock_common_setsockopt+0x90/0xc0 net/core/sock.c:3837 smc_setsockopt+0x196/0xd4e net/smc/af_smc.c:3081 do_sock_setsockopt+0x20a/0x402 net/socket.c:2298 __sys_setsockopt+0x140/0x1cc net/socket.c:2323 __do_sys_setsockopt net/socket.c:2329 [inline] __se_sys_setsockopt net/socket.c:2326 [inline] __riscv_sys_setsockopt+0xa6/0x114 net/socket.c:2326 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197 -> #0 (&smc->clcsock_release_lock){+.+.}-{4:4}: check_noncircular+0x2ba/0x354 kernel/locking/lockdep.c:2208 check_prev_add kernel/locking/lockdep.c:3163 [inline] check_prevs_add kernel/locking/lockdep.c:3282 [inline] validate_chain kernel/locking/lockdep.c:3906 [inline] __lock_acquire+0x2e4e/0x8594 kernel/locking/lockdep.c:5228 lock_acquire kernel/locking/lockdep.c:5851 [inline] lock_acquire+0x36a/0xb7c kernel/locking/lockdep.c:5816 __mutex_lock_common kernel/locking/mutex.c:585 [inline] __mutex_lock+0x166/0x1230 kernel/locking/mutex.c:730 mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:782 smc_switch_to_fallback+0x3e/0xa96 net/smc/af_smc.c:903 smc_sendmsg+0x14c/0xd12 net/smc/af_smc.c:2781 sock_sendmsg_nosec net/socket.c:713 [inline] __sock_sendmsg+0xcc/0x160 net/socket.c:728 __sys_sendto+0x27a/0x34c net/socket.c:2182 __do_sys_sendto net/socket.c:2189 [inline] __se_sys_sendto net/socket.c:2185 [inline] __riscv_sys_sendto+0xc0/0x158 net/socket.c:2185 syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197 other info that might help us debug this: Chain exists of: &smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(sk_lock-AF_INET); lock(rtnl_mutex); lock(sk_lock-AF_INET); lock(&smc->clcsock_release_lock); *** DEADLOCK *** 1 lock held by syz.1.1039/6792: #0: ffffaf80317e8258 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1624 [inline] #0: ffffaf80317e8258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x4e/0xd12 net/smc/af_smc.c:2775 stack backtrace: CPU: 1 UID: 0 PID: 6792 Comm: syz.1.1039 Not tainted 6.14.0-rc1-syzkaller-g245aece3750d #0 Hardware name: riscv-virtio,qemu (DT) Call Trace: [] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:132 [] show_stack+0x30/0x3c arch/riscv/kernel/stacktrace.c:138 [] __dump_stack lib/dump_stack.c:94 [inline] [] dump_stack_lvl+0x12e/0x1a6 lib/dump_stack.c:120 [] dump_stack+0x1c/0x24 lib/dump_stack.c:129 [] print_circular_bug+0x3a2/0x42c kernel/locking/lockdep.c:2076 [] check_noncircular+0x2ba/0x354 kernel/locking/lockdep.c:2208 [] check_prev_add kernel/locking/lockdep.c:3163 [inline] [] check_prevs_add kernel/locking/lockdep.c:3282 [inline] [] validate_chain kernel/locking/lockdep.c:3906 [inline] [] __lock_acquire+0x2e4e/0x8594 kernel/locking/lockdep.c:5228 [] lock_acquire kernel/locking/lockdep.c:5851 [inline] [] lock_acquire+0x36a/0xb7c kernel/locking/lockdep.c:5816 [] __mutex_lock_common kernel/locking/mutex.c:585 [inline] [] __mutex_lock+0x166/0x1230 kernel/locking/mutex.c:730 [] mutex_lock_nested+0x14/0x1c kernel/locking/mutex.c:782 [] smc_switch_to_fallback+0x3e/0xa96 net/smc/af_smc.c:903 [] smc_sendmsg+0x14c/0xd12 net/smc/af_smc.c:2781 [] sock_sendmsg_nosec net/socket.c:713 [inline] [] __sock_sendmsg+0xcc/0x160 net/socket.c:728 [] __sys_sendto+0x27a/0x34c net/socket.c:2182 [] __do_sys_sendto net/socket.c:2189 [inline] [] __se_sys_sendto net/socket.c:2185 [inline] [] __riscv_sys_sendto+0xc0/0x158 net/socket.c:2185 [] syscall_handler+0x94/0x118 arch/riscv/include/asm/syscall.h:90 [] do_trap_ecall_u+0x1aa/0x216 arch/riscv/kernel/traps.c:331 [] handle_exception+0x146/0x152 arch/riscv/kernel/entry.S:197