------------[ cut here ]------------
WARNING: CPU: 0 PID: 5160 at net/ipv4/af_inet.c:155 inet_sock_destruct+0x689/0x7a0 net/ipv4/af_inet.c:155
Modules linked in:
CPU: 0 PID: 5160 Comm: udevd Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:inet_sock_destruct+0x689/0x7a0 net/ipv4/af_inet.c:155
Code: ff ff e8 da 82 85 f8 0f 0b e9 48 fe ff ff e8 ce 82 85 f8 0f 0b 41 80 3c 1c 00 0f 85 74 fe ff ff e9 77 fe ff ff e8 b7 82 85 f8 <0f> 0b e9 dd fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 38 fc ff
RSP: 0018:ffffc90000007b48 EFLAGS: 00010246
RAX: ffffffff89000d89 RBX: dffffc0000000000 RCX: ffff88807e3e5a00
RDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000
RBP: 0000000000000fff R08: ffff88814c982977 R09: 1ffff1102993052e
R10: dffffc0000000000 R11: ffffed102993052f R12: ffff88814c982700
R13: 1ffff110299304e2 R14: ffff88814c982928 R15: ffffffff8e0d59a0
FS: 00007fb6e9976880(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055558b41b808 CR3: 000000001e64b000 CR4: 00000000003506f0
Call Trace:
<IRQ>
__sk_destruct+0x83/0x640 net/core/sock.c:2191
rcu_do_batch kernel/rcu/tree.c:2194 [inline]
rcu_core+0xcc4/0x1720 kernel/rcu/tree.c:2467
handle_softirqs+0x280/0x820 kernel/softirq.c:578
__do_softirq kernel/softirq.c:612 [inline]
invoke_softirq kernel/softirq.c:452 [inline]
__irq_exit_rcu+0xc7/0x190 kernel/softirq.c:661
irq_exit_rcu+0x9/0x20 kernel/softirq.c:673
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1088 [inline]
sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1088
</IRQ>
<TASK>
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:687
RIP: 0010:lock_acquire+0x1f2/0x410 kernel/locking/lockdep.c:5758
Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00
RSP: 0018:ffffc900032f7c20 EFLAGS: 00000206
RAX: 0000000000000001 RBX: 0000000000000000 RCX: c3c01f232ebd0900
RDX: 0000000000000000 RSI: ffffffff8aaace20 RDI: ffffffff8afc72c0
RBP: ffffc900032f7d38 R08: dffffc0000000000 R09: 1ffffffff21b4ea2
R10: dffffc0000000000 R11: fffffbfff21b4ea3 R12: 1ffff9200065ef90
R13: ffff88802b999680 R14: 0000000000000246 R15: dffffc0000000000
__raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
spin_lock include/linux/spinlock.h:351 [inline]
vfs_readlink+0x292/0x350 fs/namei.c:5114
do_readlinkat+0x23f/0x480 fs/stat.c:506
__do_sys_readlink fs/stat.c:527 [inline]
__se_sys_readlink fs/stat.c:524 [inline]
__x64_sys_readlink+0x7f/0x90 fs/stat.c:524
do_syscall_x64 arch/x86/entry/common.c:51 [inline]
do_syscall_64+0x55/0xb0 arch/x86/entry/common.c:81
entry_SYSCALL_64_after_hwframe+0x68/0xd2
RIP: 0033:0x7fb6e93153a7
Code: 00 00 90 48 83 ec 10 48 63 ff 45 31 c9 45 31 c0 6a 00 31 c9 e8 8a 20 f9 ff 48 83 c4 18 c3 0f 1f 44 00 00 b8 59 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 21 ba 0d 00 f7 d8 64 89 02 48
RSP: 002b:00007ffc2403f9a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000059
RAX: ffffffffffffffda RBX: 00007ffc2403fbb0 RCX: 00007fb6e93153a7
RDX: 0000000000000200 RSI: 00007ffc2403f9b0 RDI: 00007ffc2403fbb0
RBP: 000055c2a0915910 R08: 0000000000000064 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffc2403f9b0
R13: 000055c260cd6100 R14: 0000000000000001 R15: 00007ffc240401d0
</TASK>
----------------
Code disassembly (best guess):
0: 00 9c 8f 84 24 80 00 add %bl,0x802484(%rdi,%rcx,4)
7: 00 00 add %al,(%rax)
9: f6 84 24 81 00 00 00 testb $0x2,0x81(%rsp)
10: 02
11: 0f 85 f5 00 00 00 jne 0x10c
17: 41 f7 c6 00 02 00 00 test $0x200,%r14d
1e: 74 01 je 0x21
20: fb sti
21: 48 c7 44 24 60 0e 36 movq $0x45e0360e,0x60(%rsp)
28: e0 45
* 2a: 4b c7 04 3c 00 00 00 movq $0x0,(%r12,%r15,1) <-- trapping instruction
31: 00
32: 66 43 c7 44 3c 09 00 movw $0x0,0x9(%r12,%r15,1)
39: 00
3a: 43 c6 44 3c 0b 00 movb $0x0,0xb(%r12,%r15,1)