syzbot

CFI failure at __traceiter_neigh_update+0x9d/0xf0 include/trace/events/neigh.h:72 (target: 0xffffc900001b04d0; expected type: 0xcdd4cfdd)
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 0 Comm: swapper/1 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/14/2025
RIP: 0010:__traceiter_neigh_update+0x9d/0xf0 include/trace/events/neigh.h:72
Code: 05 e8 f7 4a b9 fd 49 8b 7e 08 48 8b 75 c8 48 8b 55 c0 44 89 e9 44 8b 45 d4 44 8b 4d d0 41 ba 23 30 2b 32 45 03 54 24 fc 74 02 <0f> 0b 41 ff d4 48 83 c3 18 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74
RSP: 0018:ffffc900001b04d0 EFLAGS: 00010282
RAX: 1ffff110227656c9 RBX: ffff888113b2b640 RCX: 0000000000000004
RDX: ffff88810b9fa456 RSI: ffff88810f6a3400 RDI: ffffc90001133000
RBP: ffffc900001b0510 R08: 0000000000000001 R09: 0000000000000000
R10: 00000000d76b972f R11: 0000000000000100 R12: ffffffff817125c0
R13: 0000000000000004 R14: ffff888113b2b640 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c00635a000 CR3: 000000012ed5a000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 trace_neigh_update include/trace/events/neigh.h:72 [inline]
 __neigh_update+0x1f4b/0x2080 net/core/neighbour.c:1307
 neigh_update net/core/neighbour.c:1488 [inline]
 neigh_event_ns+0xb3/0x120 net/core/neighbour.c:1517
 arp_process+0x119c/0x1920 net/ipv4/arp.c:851
 NF_HOOK+0x14d/0x1a0 include/linux/netfilter.h:305
 arp_rcv+0x2ef/0x480 net/ipv4/arp.c:990
 __netif_receive_skb_list_ptype net/core/dev.c:5633 [inline]
 __netif_receive_skb_list_core+0x713/0x770 net/core/dev.c:5676
 __netif_receive_skb_list net/core/dev.c:5728 [inline]
 netif_receive_skb_list_internal+0x7d2/0xa60 net/core/dev.c:5819
 gro_normal_list include/net/gro.h:433 [inline]
 napi_complete_done+0x36f/0x790 net/core/dev.c:6160
 virtqueue_napi_complete drivers/net/virtio_net.c:403 [inline]
 virtnet_poll+0x991/0x1150 drivers/net/virtio_net.c:1717
 __napi_poll+0xd0/0x5e0 net/core/dev.c:6594
 napi_poll net/core/dev.c:6661 [inline]
 net_rx_action+0x49b/0xaa0 net/core/dev.c:6775
 handle_softirqs+0x1d7/0x600 kernel/softirq.c:642
 __do_softirq kernel/softirq.c:680 [inline]
 invoke_softirq kernel/softirq.c:497 [inline]
 __irq_exit_rcu+0x52/0xf0 kernel/softirq.c:729
 irq_exit_rcu+0x9/0x10 kernel/softirq.c:741
 common_interrupt+0xbe/0xe0 arch/x86/kernel/irq.c:242
 </IRQ>
 <TASK>
 asm_common_interrupt+0x27/0x40 arch/x86/include/asm/idtentry.h:682
RIP: 0010:default_idle+0xf/0x20 arch/x86/kernel/process.c:742
Code: e9 47 ff ff ff 00 00 cc cc 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 55 48 89 e5 66 90 0f 00 2d 53 c2 52 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 90 90 90 90
RSP: 0018:ffffc90000147dd8 EFLAGS: 00000257
RAX: ffff8881f7100000 RBX: ffff8881003b2880 RCX: 766bfe924ef5c900
RDX: 0000000000000001 RSI: ffffffff85aa0bc0 RDI: ffffffff85aa0b80
RBP: ffffc90000147dd8 R08: dffffc0000000000 R09: ffffed103ee26917
R10: 0000000000000000 R11: ffffffff84f37120 R12: 0000000000000000
R13: 0000000000000000 R14: ffff8881003b2880 R15: dffffc0000000000
 arch_cpu_idle+0x1c/0x20 arch/x86/kernel/process.c:733
 default_idle_call+0x71/0x1d0 kernel/sched/idle.c:109
 cpuidle_idle_call kernel/sched/idle.c:191 [inline]
 do_idle+0x1a7/0x520 kernel/sched/idle.c:303
 cpu_startup_entry+0x43/0x60 kernel/sched/idle.c:401
 start_secondary+0x119/0x120 arch/x86/kernel/smpboot.c:281
 secondary_startup_64_no_verify+0xce/0xdb
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__traceiter_neigh_update+0x9d/0xf0 include/trace/events/neigh.h:72
Code: 05 e8 f7 4a b9 fd 49 8b 7e 08 48 8b 75 c8 48 8b 55 c0 44 89 e9 44 8b 45 d4 44 8b 4d d0 41 ba 23 30 2b 32 45 03 54 24 fc 74 02 <0f> 0b 41 ff d4 48 83 c3 18 48 89 d8 48 c1 e8 03 42 80 3c 38 00 74
RSP: 0018:ffffc900001b04d0 EFLAGS: 00010282
RAX: 1ffff110227656c9 RBX: ffff888113b2b640 RCX: 0000000000000004
RDX: ffff88810b9fa456 RSI: ffff88810f6a3400 RDI: ffffc90001133000
RBP: ffffc900001b0510 R08: 0000000000000001 R09: 0000000000000000
R10: 00000000d76b972f R11: 0000000000000100 R12: ffffffff817125c0
R13: 0000000000000004 R14: ffff888113b2b640 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c00635a000 CR3: 0000000006e0f000 CR4: 00000000003506a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	e9 47 ff ff ff       	jmp    0xffffff4c
   5:	00 00                	add    %al,(%rax)
   7:	cc                   	int3
   8:	cc                   	int3
   9:	00 00                	add    %al,(%rax)
   b:	90                   	nop
   c:	90                   	nop
   d:	90                   	nop
   e:	90                   	nop
   f:	90                   	nop
  10:	90                   	nop
  11:	90                   	nop
  12:	90                   	nop
  13:	90                   	nop
  14:	90                   	nop
  15:	90                   	nop
  16:	b8 0c 67 40 a5       	mov    $0xa540670c,%eax
  1b:	55                   	push   %rbp
  1c:	48 89 e5             	mov    %rsp,%rbp
  1f:	66 90                	xchg   %ax,%ax
  21:	0f 00 2d 53 c2 52 00 	verw   0x52c253(%rip)        # 0x52c27b
  28:	fb                   	sti
  29:	f4                   	hlt
* 2a:	5d                   	pop    %rbp <-- trapping instruction
  2b:	c3                   	ret
  2c:	66 2e 0f 1f 84 00 00 	cs nopw 0x0(%rax,%rax,1)
  33:	00 00 00
  36:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  3b:	90                   	nop
  3c:	90                   	nop
  3d:	90                   	nop
  3e:	90                   	nop
  3f:	90                   	nop