./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor200068876

<...>
Warning: Permanently added '10.128.0.117' (ED25519) to the list of known hosts.
execve("./syz-executor200068876", ["./syz-executor200068876"], 0x7ffe5235bc60 /* 10 vars */) = 0
brk(NULL)                               = 0x55558507d000
brk(0x55558507dd00)                     = 0x55558507dd00
arch_prctl(ARCH_SET_FS, 0x55558507d380) = 0
set_tid_address(0x55558507d650)         = 5838
set_robust_list(0x55558507d660, 24)     = 0
rseq(0x55558507dca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor200068876", 4096) = 27
getrandom("\xa0\xa8\xe7\xc2\x12\xad\x32\x98", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55558507dd00
brk(0x55558509ed00)                     = 0x55558509ed00
brk(0x55558509f000)                     = 0x55558509f000
mprotect(0x7fd6e1b8d000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
executing program
write(1, "executing program\n", 18)     = 18
socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_IP) = 3
setsockopt(3, SOL_IPV6, IPV6_JOIN_ANYCAST, NULL, 0) = -1 EINVAL (Invalid argument)
socket(AF_INET6, SOCK_STREAM, 0x100 /* IPPROTO_??? */) = 4
setsockopt(4, SOL_IPV6, IPV6_ROUTER_ALERT_ISOLATE, "\xfe\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\x00\x00\x00\x00", 20) = 0
setsockopt(4, SOL_IPV6, IPV6_JOIN_ANYCAST, {inet_pton(AF_INET6, "fe80::bb", &ipv6mr_multiaddr), ipv6mr_interface=0}, 20) = 0
exit_group(0)                           = ?
[   87.575980][ T5838] 
[   87.578426][ T5838] ======================================================
[   87.585429][ T5838] WARNING: possible circular locking dependency detected
[   87.592440][ T5838] 6.14.0-syzkaller-13189-ge48e99b6edf4 #0 Not tainted
[   87.599199][ T5838] ------------------------------------------------------
[   87.606220][ T5838] syz-executor200/5838 is trying to acquire lock:
[   87.612632][ T5838] ffffffff900fc808 (rtnl_mutex){+.+.}-{4:4}, at: ipv6_sock_ac_close+0xc9/0x130
[   87.621630][ T5838] 
[   87.621630][ T5838] but task is already holding lock:
[   87.628990][ T5838] ffff888035260aa0 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_clcsock_release+0x82/0xf0
[   87.639353][ T5838] 
[   87.639353][ T5838] which lock already depends on the new lock.
[   87.639353][ T5838] 
[   87.649773][ T5838] 
[   87.649773][ T5838] the existing dependency chain (in reverse order) is:
[   87.658849][ T5838] 
[   87.658849][ T5838] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[   87.667458][ T5838]        lock_acquire+0x116/0x2f0
[   87.672478][ T5838]        __mutex_lock+0x1a5/0x10c0
[   87.677587][ T5838]        smc_switch_to_fallback+0x35/0xda0
[   87.683428][ T5838]        smc_setsockopt+0x765/0xd50
[   87.688641][ T5838]        do_sock_setsockopt+0x3b1/0x710
[   87.694203][ T5838]        __x64_sys_setsockopt+0x1ee/0x280
[   87.699915][ T5838]        do_syscall_64+0xf3/0x230
[   87.704928][ T5838]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.711338][ T5838] 
[   87.711338][ T5838] -> #1 (sk_lock-AF_INET6){+.+.}-{0:0}:
[   87.719069][ T5838]        lock_acquire+0x116/0x2f0
[   87.724088][ T5838]        lock_sock_nested+0x48/0x100
[   87.729370][ T5838]        do_ipv6_setsockopt+0xccd/0x3680
[   87.735002][ T5838]        ipv6_setsockopt+0x5d/0x170
[   87.740201][ T5838]        do_sock_setsockopt+0x3b1/0x710
[   87.745740][ T5838]        __x64_sys_setsockopt+0x1ee/0x280
[   87.751453][ T5838]        do_syscall_64+0xf3/0x230
[   87.756476][ T5838]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.762877][ T5838] 
[   87.762877][ T5838] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[   87.770086][ T5838]        validate_chain+0xa69/0x24e0
[   87.775363][ T5838]        __lock_acquire+0xad5/0xd80
[   87.780551][ T5838]        lock_acquire+0x116/0x2f0
[   87.785569][ T5838]        __mutex_lock+0x1a5/0x10c0
[   87.790679][ T5838]        ipv6_sock_ac_close+0xc9/0x130
[   87.796138][ T5838]        inet6_release+0x4f/0x70
[   87.801066][ T5838]        sock_release+0x82/0x150
[   87.806000][ T5838]        smc_clcsock_release+0xcc/0xf0
[   87.811455][ T5838]        __smc_release+0x683/0x800
[   87.816568][ T5838]        smc_release+0x2dc/0x540
[   87.821495][ T5838]        sock_close+0xbc/0x240
[   87.826278][ T5838]        __fput+0x3e9/0x9f0
[   87.830792][ T5838]        task_work_run+0x251/0x310
[   87.835900][ T5838]        do_exit+0xa11/0x27f0
[   87.840572][ T5838]        do_group_exit+0x207/0x2c0
[   87.845688][ T5838]        __x64_sys_exit_group+0x3f/0x40
[   87.851235][ T5838]        x64_sys_call+0x26c3/0x26d0
[   87.856423][ T5838]        do_syscall_64+0xf3/0x230
[   87.861438][ T5838]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.867866][ T5838] 
[   87.867866][ T5838] other info that might help us debug this:
[   87.867866][ T5838] 
[   87.878082][ T5838] Chain exists of:
[   87.878082][ T5838]   rtnl_mutex --> sk_lock-AF_INET6 --> &smc->clcsock_release_lock
[   87.878082][ T5838] 
[   87.891725][ T5838]  Possible unsafe locking scenario:
[   87.891725][ T5838] 
[   87.899165][ T5838]        CPU0                    CPU1
[   87.904516][ T5838]        ----                    ----
[   87.909872][ T5838]   lock(&smc->clcsock_release_lock);
[   87.915261][ T5838]                                lock(sk_lock-AF_INET6);
[   87.922281][ T5838]                                lock(&smc->clcsock_release_lock);
[   87.930180][ T5838]   lock(rtnl_mutex);
[   87.934165][ T5838] 
[   87.934165][ T5838]  *** DEADLOCK ***
[   87.934165][ T5838] 
[   87.942323][ T5838] 2 locks held by syz-executor200/5838:
[   87.947863][ T5838]  #0: ffff888078efc408 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x90/0x240
[   87.958065][ T5838]  #1: ffff888035260aa0 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_clcsock_release+0x82/0xf0
[   87.968860][ T5838] 
[   87.968860][ T5838] stack backtrace:
[   87.974759][ T5838] CPU: 0 UID: 0 PID: 5838 Comm: syz-executor200 Not tainted 6.14.0-syzkaller-13189-ge48e99b6edf4 #0 PREEMPT(full) 
[   87.974777][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   87.974789][ T5838] Call Trace:
[   87.974797][ T5838]  <TASK>
[   87.974804][ T5838]  dump_stack_lvl+0x241/0x360
[   87.974830][ T5838]  ? __pfx_dump_stack_lvl+0x10/0x10
[   87.974851][ T5838]  ? __pfx__printk+0x10/0x10
[   87.974871][ T5838]  ? print_lock+0x171/0x1a0
[   87.974889][ T5838]  print_circular_bug+0x2e1/0x300
[   87.974910][ T5838]  check_noncircular+0x142/0x160
[   87.974931][ T5838]  validate_chain+0xa69/0x24e0
[   87.974951][ T5838]  ? lockdep_unlock+0x8d/0x120
[   87.974964][ T5838]  ? validate_chain+0x8a7/0x24e0
[   87.974986][ T5838]  __lock_acquire+0xad5/0xd80
[   87.975003][ T5838]  lock_acquire+0x116/0x2f0
[   87.975016][ T5838]  ? ipv6_sock_ac_close+0xc9/0x130
[   87.975034][ T5838]  ? __mutex_trylock_common+0x184/0x2e0
[   87.975056][ T5838]  __mutex_lock+0x1a5/0x10c0
[   87.975072][ T5838]  ? ipv6_sock_ac_close+0xc9/0x130
[   87.975089][ T5838]  ? rcu_is_watching+0x15/0xb0
[   87.975107][ T5838]  ? trace_contention_end+0x3c/0x120
[   87.975126][ T5838]  ? ipv6_sock_ac_close+0xc9/0x130
[   87.975142][ T5838]  ? __pfx___mutex_lock+0x10/0x10
[   87.975157][ T5838]  ? __lock_acquire+0xad5/0xd80
[   87.975173][ T5838]  ? smc_clcsock_release+0x82/0xf0
[   87.975191][ T5838]  ? __pfx___mutex_lock+0x10/0x10
[   87.975209][ T5838]  ipv6_sock_ac_close+0xc9/0x130
[   87.975226][ T5838]  inet6_release+0x4f/0x70
[   87.975240][ T5838]  sock_release+0x82/0x150
[   87.975258][ T5838]  smc_clcsock_release+0xcc/0xf0
[   87.975276][ T5838]  __smc_release+0x683/0x800
[   87.975291][ T5838]  smc_release+0x2dc/0x540
[   87.975306][ T5838]  sock_close+0xbc/0x240
[   87.975322][ T5838]  ? __pfx_sock_close+0x10/0x10
[   87.975339][ T5838]  __fput+0x3e9/0x9f0
[   87.975356][ T5838]  task_work_run+0x251/0x310
[   87.975381][ T5838]  ? __pfx_task_work_run+0x10/0x10
[   87.975404][ T5838]  ? switch_task_namespaces+0xe4/0x110
[   87.975421][ T5838]  do_exit+0xa11/0x27f0
[   87.975444][ T5838]  ? __pfx_do_exit+0x10/0x10
[   87.975466][ T5838]  ? _raw_spin_unlock_irq+0x23/0x50
[   87.975479][ T5838]  ? lockdep_hardirqs_on+0x9d/0x150
[   87.975495][ T5838]  do_group_exit+0x207/0x2c0
[   87.975515][ T5838]  __x64_sys_exit_group+0x3f/0x40
[   87.975534][ T5838]  x64_sys_call+0x26c3/0x26d0
[   87.975547][ T5838]  do_syscall_64+0xf3/0x230
[   87.975564][ T5838]  ? clear_bhb_loop+0x45/0xa0
[   87.975580][ T5838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.975594][ T5838] RIP: 0033:0x7fd6e1b18d39
[   87.975609][ T5838] Code: Unable to access opcode bytes at 0x7fd6e1b18d0f.
+++ exited with 0 +++
[   87.975616][ T5838] R