syzbot

list_del corruption, ffff888126c56580->next is NULL
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:52!
Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
CPU: 1 UID: 0 PID: 2991 Comm: kworker/u8:0 Not tainted syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Workqueue: events_unbound linkwatch_event
RIP: 0010:__list_del_entry_valid_or_report+0xf2/0x200 lib/list_debug.c:52
Code: 00 49 3b 5c 24 08 0f 85 a8 00 00 00 5b b8 01 00 00 00 5d 41 5c c3 cc cc cc cc 48 89 de 48 c7 c7 c0 66 89 87 e8 9f 87 ce fe 90 <0f> 0b 48 89 de 48 c7 c7 20 67 89 87 e8 8d 87 ce fe 90 0f 0b 4c 89
RSP: 0018:ffffc900018bf888 EFLAGS: 00010082
RAX: 0000000000000033 RBX: ffff888126c56580 RCX: ffffffff815cfb09
RDX: 0000000000000000 RSI: ffffffff815d79a6 RDI: 0000000000000005
RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000202 R11: 0000000000000001 R12: 0000000000000000
R13: ffffc900018bf8d8 R14: ffff88810376c630 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff888268ff9000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055c4e9b8bce8 CR3: 00000000090a4000 CR4: 00000000003506f0
Call Trace:
 <TASK>
 __list_del_entry_valid include/linux/list.h:124 [inline]
 __list_del_entry include/linux/list.h:215 [inline]
 list_move_tail include/linux/list.h:310 [inline]
 ref_tracker_free+0x1a5/0x830 lib/ref_tracker.c:330
 netdev_tracker_free include/linux/netdevice.h:4369 [inline]
 netdev_put include/linux/netdevice.h:4386 [inline]
 netdev_put include/linux/netdevice.h:4382 [inline]
 netdev_watchdog_down net/sched/sch_generic.c:572 [inline]
 dev_deactivate_many+0x286/0xd30 net/sched/sch_generic.c:1370
 dev_deactivate+0xf8/0x1c0 net/sched/sch_generic.c:1401
 linkwatch_do_dev+0x11e/0x160 net/core/link_watch.c:184
 __linkwatch_run_queue+0x2a3/0x7a0 net/core/link_watch.c:244
 linkwatch_event+0x8f/0xc0 net/core/link_watch.c:304
 process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3236
 process_scheduled_works kernel/workqueue.c:3319 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400
 kthread+0x3c5/0x780 kernel/kthread.c:463
 ret_from_fork+0x5b6/0x6c0 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__list_del_entry_valid_or_report+0xf2/0x200 lib/list_debug.c:52
Code: 00 49 3b 5c 24 08 0f 85 a8 00 00 00 5b b8 01 00 00 00 5d 41 5c c3 cc cc cc cc 48 89 de 48 c7 c7 c0 66 89 87 e8 9f 87 ce fe 90 <0f> 0b 48 89 de 48 c7 c7 20 67 89 87 e8 8d 87 ce fe 90 0f 0b 4c 89
RSP: 0018:ffffc900018bf888 EFLAGS: 00010082
RAX: 0000000000000033 RBX: ffff888126c56580 RCX: ffffffff815cfb09
RDX: 0000000000000000 RSI: ffffffff815d79a6 RDI: 0000000000000005
RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000202 R11: 0000000000000001 R12: 0000000000000000
R13: ffffc900018bf8d8 R14: ffff88810376c630 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff888268ff9000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055c4e9b8bce8 CR3: 00000000090a4000 CR4: 00000000003506f0