From: syzbot <syzbot+bef85a6996d1737c1a2f@syzkaller.appspotmail.com>
To: agordeev@linux.ibm.com, alibuda@linux.alibaba.com,
davem@davemloft.net, edumazet@google.com,
guwen@linux.alibaba.com, jaka@linux.ibm.com, kuba@kernel.org,
linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org,
netdev@vger.kernel.org, pabeni@redhat.com,
syzkaller-bugs@googlegroups.com, tonylu@linux.alibaba.com,
wenjia@linux.ibm.com
Subject: [syzbot] [net?] [s390?] possible deadlock in smc_switch_to_fallback (2)
Date: Mon, 24 Jun 2024 08:15:21 -0700 [thread overview]
Message-ID: <000000000000ec1f6b061ba43f7d@google.com> (raw)
Hello,
syzbot found the following issue on:
HEAD commit: 568ebdaba637 MAINTAINERS: adjust file entry in FREESCALE Q..
git tree: net-next
console output: https://syzkaller.appspot.com/x/log.txt?x=12f58a61980000
kernel config: https://syzkaller.appspot.com/x/.config?x=e78fc116033e0ab7
dashboard link: https://syzkaller.appspot.com/bug?extid=bef85a6996d1737c1a2f
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/1d754ea220a6/disk-568ebdab.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/232f2545fca4/vmlinux-568ebdab.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6398bb41810d/bzImage-568ebdab.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bef85a6996d1737c1a2f@syzkaller.appspotmail.com
======================================================
WARNING: possible circular locking dependency detected
6.10.0-rc4-syzkaller-00875-g568ebdaba637 #0 Not tainted
------------------------------------------------------
syz-executor.1/11818 is trying to acquire lock:
ffff888023600a50 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_switch_to_fallback+0x35/0xd00 net/smc/af_smc.c:902
but task is already holding lock:
ffff888023600258 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1602 [inline]
ffff888023600258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x55/0x530 net/smc/af_smc.c:2773
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #2 (sk_lock-AF_INET){+.+.}-{0:0}:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754
lock_sock_nested+0x48/0x100 net/core/sock.c:3543
do_ip_setsockopt+0x1a2d/0x3cd0 net/ipv4/ip_sockglue.c:1078
ip_setsockopt+0x63/0x100 net/ipv4/ip_sockglue.c:1417
do_sock_setsockopt+0x3af/0x720 net/socket.c:2312
__sys_setsockopt+0x1ae/0x250 net/socket.c:2335
__do_sys_setsockopt net/socket.c:2344 [inline]
__se_sys_setsockopt net/socket.c:2341 [inline]
__x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2341
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> #1 (rtnl_mutex){+.+.}-{3:3}:
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754
__mutex_lock_common kernel/locking/mutex.c:608 [inline]
__mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752
do_ip_setsockopt+0x127d/0x3cd0 net/ipv4/ip_sockglue.c:1077
ip_setsockopt+0x63/0x100 net/ipv4/ip_sockglue.c:1417
smc_setsockopt+0x275/0xe50 net/smc/af_smc.c:3072
do_sock_setsockopt+0x3af/0x720 net/socket.c:2312
__sys_setsockopt+0x1ae/0x250 net/socket.c:2335
__do_sys_setsockopt net/socket.c:2344 [inline]
__se_sys_setsockopt net/socket.c:2341 [inline]
__x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2341
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> #0 (&smc->clcsock_release_lock){+.+.}-{3:3}:
check_prev_add kernel/locking/lockdep.c:3134 [inline]
check_prevs_add kernel/locking/lockdep.c:3253 [inline]
validate_chain+0x18e0/0x5900 kernel/locking/lockdep.c:3869
__lock_acquire+0x1346/0x1fd0 kernel/locking/lockdep.c:5137
lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5754
__mutex_lock_common kernel/locking/mutex.c:608 [inline]
__mutex_lock+0x136/0xd70 kernel/locking/mutex.c:752
smc_switch_to_fallback+0x35/0xd00 net/smc/af_smc.c:902
smc_sendmsg+0x11f/0x530 net/smc/af_smc.c:2779
sock_sendmsg_nosec net/socket.c:730 [inline]
__sock_sendmsg+0x221/0x270 net/socket.c:745
____sys_sendmsg+0x525/0x7d0 net/socket.c:2585
___sys_sendmsg net/socket.c:2639 [inline]
__sys_sendmsg+0x2b0/0x3a0 net/socket.c:2668
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
other info that might help us debug this:
Chain exists of:
&smc->clcsock_release_lock --> rtnl_mutex --> sk_lock-AF_INET
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(sk_lock-AF_INET);
lock(rtnl_mutex);
lock(sk_lock-AF_INET);
lock(&smc->clcsock_release_lock);
*** DEADLOCK ***
1 lock held by syz-executor.1/11818:
#0: ffff888023600258 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1602 [inline]
#0: ffff888023600258 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_sendmsg+0x55/0x530 net/smc/af_smc.c:2773
stack backtrace:
CPU: 0 PID: 11818 Comm: syz-executor.1 Not tainted 6.10.0-rc4-syzkaller-00875-g568ebdaba637 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
next reply other threads:[~2024-06-24 15:15 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-24 15:15 syzbot [this message]
2024-07-27 17:46 ` [syzbot] [net?] [s390?] possible deadlock in smc_switch_to_fallback (2) syzbot
2025-05-31 16:20 ` [syzbot] [smc?] " syzbot
2025-07-04 14:26 ` [syzbot] [net?] [s390?] " Tetsuo Handa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=000000000000ec1f6b061ba43f7d@google.com \
--to=syzbot+bef85a6996d1737c1a2f@syzkaller.appspotmail.com \
--cc=agordeev@linux.ibm.com \
--cc=alibuda@linux.alibaba.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=guwen@linux.alibaba.com \
--cc=jaka@linux.ibm.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=tonylu@linux.alibaba.com \
--cc=wenjia@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.