Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts. 2024/05/25 19:12:38 fuzzer started 2024/05/25 19:12:38 dialing manager at 10.128.0.163:30008 [ 21.360762][ T30] audit: type=1400 audit(1716664358.782:66): avc: denied { node_bind } for pid=284 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 21.381072][ T30] audit: type=1400 audit(1716664358.782:67): avc: denied { name_bind } for pid=284 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 21.408743][ T30] audit: type=1400 audit(1716664358.832:68): avc: denied { mounton } for pid=293 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 21.429543][ T292] cgroup: Unknown subsys name 'net' [ 21.433974][ T30] audit: type=1400 audit(1716664358.832:69): avc: denied { mount } for pid=293 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 21.461433][ T30] audit: type=1400 audit(1716664358.832:70): avc: denied { integrity } for pid=294 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 21.467147][ T292] cgroup: Unknown subsys name 'devices' [ 21.483511][ T30] audit: type=1400 audit(1716664358.842:71): avc: denied { integrity } for pid=292 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 21.489902][ T296] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 21.510944][ T30] audit: type=1400 audit(1716664358.852:72): avc: denied { mounton } for pid=292 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1926 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 21.541829][ T30] audit: type=1400 audit(1716664358.852:73): avc: denied { mount } for pid=292 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.564444][ T30] audit: type=1400 audit(1716664358.862:74): avc: denied { setattr } for pid=297 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 21.587680][ T30] audit: type=1400 audit(1716664358.862:75): avc: denied { unmount } for pid=292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 21.610107][ T295] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 21.778644][ T292] cgroup: Unknown subsys name 'hugetlb' [ 21.784103][ T292] cgroup: Unknown subsys name 'rlimit' 2024/05/25 19:12:39 starting 5 executor processes [ 22.837305][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.844147][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.851505][ T307] device bridge_slave_0 entered promiscuous mode [ 22.859005][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.865831][ T307] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.873084][ T307] device bridge_slave_1 entered promiscuous mode [ 22.893933][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.900879][ T308] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.908054][ T308] device bridge_slave_0 entered promiscuous mode [ 22.915643][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.922592][ T308] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.929735][ T308] device bridge_slave_1 entered promiscuous mode [ 23.010029][ T312] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.016979][ T312] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.024047][ T312] device bridge_slave_0 entered promiscuous mode [ 23.039794][ T309] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.046754][ T309] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.053914][ T309] device bridge_slave_0 entered promiscuous mode [ 23.060532][ T312] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.067424][ T312] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.074484][ T312] device bridge_slave_1 entered promiscuous mode [ 23.087855][ T309] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.094885][ T309] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.102357][ T309] device bridge_slave_1 entered promiscuous mode [ 23.171001][ T311] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.177901][ T311] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.184953][ T311] device bridge_slave_0 entered promiscuous mode [ 23.192735][ T311] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.199749][ T311] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.206927][ T311] device bridge_slave_1 entered promiscuous mode [ 23.261080][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.268039][ T307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.275130][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.281942][ T307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.329749][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.336733][ T308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.343831][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.350639][ T308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.392675][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.401105][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.408686][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 23.415668][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 23.423757][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 23.430932][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 23.460443][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 23.468618][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.476521][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.483267][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.490795][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.518261][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.526054][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.534032][ T330] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.540863][ T330] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.548289][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.556160][ T330] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.562938][ T330] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.570391][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.578118][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.600316][ T307] device veth0_vlan entered promiscuous mode [ 23.606982][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 23.614382][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.622632][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.631039][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.638849][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.646067][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.654049][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.660885][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.668083][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.675956][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.682727][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.690012][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 23.712791][ T308] device veth0_vlan entered promiscuous mode [ 23.722730][ T307] device veth1_macvtap entered promiscuous mode [ 23.731420][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.739647][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.747384][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.754577][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.762628][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.770136][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.777858][ T63] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.796060][ T308] device veth1_macvtap entered promiscuous mode [ 23.805659][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.813795][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 23.821019][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.829013][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.835830][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.843031][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.850955][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.857785][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.864891][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.872846][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 23.887090][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 23.894913][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.903597][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.911599][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.919651][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.927635][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.939435][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.947883][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.955893][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.963906][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 4: syz_usb_connect(0x0, 0x10b, &(0x7f0000000000)=ANY=[@ANYBLOB="05010900b24b6a10e6040300770100000001090224000b010000000904000302ccd4280009050b02000000040009058a02"], 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) dup2(0xffffffffffffffff, 0xffffffffffffffff) [ 23.981755][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 23.990059][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.000323][ T309] device veth0_vlan entered promiscuous mode [ 24.016032][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 24.025980][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 24.033969][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.041585][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.048807][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 24.056907][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 24.064816][ T26] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.071556][ T26] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.078723][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 24.086810][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 24.094692][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.101462][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.113085][ T311] device veth0_vlan entered promiscuous mode [ 24.123359][ T309] device veth1_macvtap entered promiscuous mode [ 24.130507][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 24.137853][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 24.145066][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 24.152547][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 24.160899][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.169003][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready executing program 3: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001440)={0x24, 0x0, 0x0, &(0x7f00000013c0)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x0, "741cb976"}]}}, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000900)={0x24, 0x0, &(0x7f0000000840)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) syz_usb_control_io$hid(r0, &(0x7f0000001840)={0x24, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="000312"], 0x0, 0x0}, 0x0) [ 24.176592][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 24.184334][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 24.192222][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 24.200187][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 24.216595][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 24.225225][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready executing program 1: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001e80)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1886d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd364158a4591c559f76c0130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce74c4dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f00c484d339c480f70006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08ef74c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d3287a7b01ab84d336f3c0f45a0642d6f2c494160cb7f46ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe91ff799a11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d253e8778e6e8ffe4ea50b076446f35efffc806b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd3153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00f80b58fd76e4bc46c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be15579518540000bc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e99948a9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676080000007229e0237c1e34641848531712ff09e89fb062a3e66f4f3c9d7a7fc9aab1ced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a690bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b270a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b380380020000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x57, 0x10, &(0x7f0000000000), 0xffffffffffffffc9}, 0x48) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r0, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'wg0\x00', 0x0}) sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b03feffe0ff020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14) [ 24.232456][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 24.240624][ T328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 24.253365][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 24.261360][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 24.290941][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 24.299467][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 24.307432][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 24.315288][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 24.323323][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 24.331646][ T340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.341405][ T312] device veth0_vlan entered promiscuous mode [ 24.354247][ T311] device veth1_macvtap entered promiscuous mode [ 24.361000][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 24.368842][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 24.376662][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 24.384722][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 24.393048][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 24.400535][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 24.406892][ T328] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 24.415197][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 24.435458][ T312] device veth1_macvtap entered promiscuous mode [ 24.449537][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 24.457612][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 24.465555][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 24.473800][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 24.482039][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 24.489965][ T20] usb 4-1: new high-speed USB device number 2 using dummy_hcd executing program 2: bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeae, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x23, 0x0}}, 0xffffff8b) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000006500000008"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f00000001c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)='./file0\x00') [ 24.497640][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 24.505679][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 24.534977][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready executing program 0: syz_open_dev$loop(0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r1, &(0x7f0000000000), 0x100000008) [ 24.545428][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 24.553725][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 24.562484][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) close(r2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'}) close(r0) executing program 1: openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) unshare(0x44000680) executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{r0}, &(0x7f00000007c0), &(0x7f0000000800)='%pi6 \x00'}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io(r2, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0) [ 24.712380][ T328] usb 5-1: Using ep0 maxpacket: 16 [ 24.990096][ T328] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 25.012411][ T328] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 25.063618][ T328] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 25.073344][ T328] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 25.084216][ T328] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 25.093892][ T328] usb 5-1: config 1 interface 0 has no altsetting 0 [ 25.100446][ T328] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 25.109416][ T328] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 25.126787][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 25.138043][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 25.147674][ T20] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 25.156864][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 25.157182][ T328] ums-sddr09 5-1:1.0: USB Mass Storage device detected [ 25.168501][ T20] usb 4-1: config 0 descriptor?? executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[], 0x0) executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000940)={r0, &(0x7f0000000780), &(0x7f0000000900)=@udp=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000380)=ANY=[@ANYBLOB="12010003020000082505a1a44000010203010902"], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0}) [ 25.277647][ T340] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 125.306693][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 125.313236][ C1] rcu: 1-...!: (1 GPs behind) idle=747/1/0x4000000000000000 softirq=2312/2313 fqs=2 last_accelerate: 946b/bb7b dyntick_enabled: 1 [ 125.326510][ C1] (t=10001 jiffies g=969 q=147) [ 125.331286][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 9997 jiffies! g969 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 125.343164][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=282 [ 125.350711][ C1] rcu: rcu_preempt kthread starved for 10000 jiffies! g969 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 125.361735][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 125.371543][ C1] rcu: RCU grace-period kthread stack dump: [ 125.377290][ C1] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 125.386309][ C1] Call Trace: [ 125.389433][ C1] [ 125.392237][ C1] __schedule+0xccc/0x1590 [ 125.396463][ C1] ? __sched_text_start+0x8/0x8 [ 125.401139][ C1] ? del_timer_sync+0x1bc/0x230 [ 125.405835][ C1] ? __kasan_check_write+0x14/0x20 [ 125.410783][ C1] schedule+0x11f/0x1e0 [ 125.414767][ C1] schedule_timeout+0x18c/0x370 [ 125.419453][ C1] ? __kasan_check_write+0x14/0x20 [ 125.424400][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 125.429693][ C1] ? console_conditional_schedule+0x30/0x30 [ 125.435426][ C1] ? update_process_times+0x200/0x200 [ 125.440655][ C1] ? prepare_to_swait_event+0x308/0x320 [ 125.446032][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 125.450621][ C1] ? dyntick_save_progress_counter+0x1e0/0x1e0 [ 125.456600][ C1] ? rcu_gp_init+0xc30/0xc30 [ 125.461025][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 125.466068][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 125.470486][ C1] rcu_gp_kthread+0xa4/0x350 [ 125.474914][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 125.479598][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 125.484121][ C1] ? __kasan_check_read+0x11/0x20 [ 125.488971][ C1] ? __kthread_parkme+0xb2/0x200 [ 125.493747][ C1] kthread+0x421/0x510 [ 125.497652][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 125.502183][ C1] ? kthread_blkcg+0xd0/0xd0 [ 125.506621][ C1] ret_from_fork+0x1f/0x30 [ 125.510846][ C1] [ 125.513715][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 125.519874][ C1] Sending NMI from CPU 1 to CPUs 0: [ 125.524949][ C0] NMI backtrace for cpu 0 [ 125.524971][ C0] CPU: 0 PID: 6 Comm: kworker/0:0 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 125.524989][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 125.525003][ C0] Workqueue: mld mld_dad_work [ 125.525024][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 125.525042][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 125.525055][ C0] RSP: 0018:ffffc90000007540 EFLAGS: 00000246 [ 125.525069][ C0] RAX: 0000000000000001 RBX: 1ffff92000000eac RCX: 1ffffffff0d1aa9c [ 125.525081][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 125.525092][ C0] RBP: ffffc900000075f0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 125.525105][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 125.525116][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000000eb0 [ 125.525128][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 125.525142][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 125.525154][ C0] CR2: 00007fece2c6289d CR3: 0000000127fca000 CR4: 00000000003506b0 [ 125.525169][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 125.525178][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 125.525189][ C0] Call Trace: [ 125.525194][ C0] [ 125.525199][ C0] ? show_regs+0x58/0x60 [ 125.525216][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 125.525236][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 125.525256][ C0] ? kvm_wait+0x147/0x180 [ 125.525271][ C0] ? kvm_wait+0x147/0x180 [ 125.525285][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 125.525304][ C0] ? nmi_handle+0xa8/0x280 [ 125.525320][ C0] ? kvm_wait+0x147/0x180 [ 125.525335][ C0] ? default_do_nmi+0x69/0x160 [ 125.525352][ C0] ? exc_nmi+0xaf/0x120 [ 125.525368][ C0] ? end_repeat_nmi+0x16/0x31 [ 125.525386][ C0] ? kvm_wait+0x147/0x180 [ 125.525400][ C0] ? kvm_wait+0x147/0x180 [ 125.525416][ C0] ? kvm_wait+0x147/0x180 [ 125.525431][ C0] [ 125.525435][ C0] [ 125.525440][ C0] ? asm_common_interrupt+0x27/0x40 [ 125.525455][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 125.525473][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 125.525494][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 125.525513][ C0] ? kfree_skb+0xc2/0x360 [ 125.525529][ C0] ? get_stack_info_noinstr+0x1b/0x130 [ 125.525547][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 125.525566][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 125.525585][ C0] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 125.525605][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 125.525622][ C0] ? skb_release_data+0x8a9/0xa80 [ 125.525638][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c0 [ 125.525653][ C0] bpf_trace_run2+0xec/0x210 [ 125.525677][ C0] ? ip6_route_input+0x245/0xb60 [ 125.525695][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 125.525711][ C0] ? skb_release_data+0x8a9/0xa80 [ 125.525727][ C0] ? ip6_route_input+0x724/0xb60 [ 125.525744][ C0] ? skb_release_data+0x8a9/0xa80 [ 125.525760][ C0] __bpf_trace_kfree+0x6f/0x90 [ 125.525775][ C0] ? skb_release_data+0x8a9/0xa80 [ 125.525791][ C0] kfree+0x1f3/0x220 [ 125.525809][ C0] skb_release_data+0x8a9/0xa80 [ 125.525825][ C0] ? ip6_mc_input+0x233/0x2a0 [ 125.525840][ C0] kfree_skb+0xba/0x360 [ 125.525855][ C0] ip6_mc_input+0x233/0x2a0 [ 125.525869][ C0] ip6_rcv_finish+0x186/0x350 [ 125.525884][ C0] ipv6_rcv+0xeb/0x270 [ 125.525898][ C0] ? ip6_rcv_finish+0x350/0x350 [ 125.525913][ C0] ? refcount_add+0x80/0x80 [ 125.525927][ C0] ? try_to_wake_up+0x697/0x1160 [ 125.525946][ C0] ? ip6_rcv_finish+0x350/0x350 [ 125.525961][ C0] __netif_receive_skb+0x1c6/0x530 [ 125.525978][ C0] ? __kasan_check_write+0x14/0x20 [ 125.525995][ C0] ? deliver_ptype_list_skb+0x3b0/0x3b0 [ 125.526012][ C0] ? __kasan_check_write+0x14/0x20 [ 125.526028][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 125.526046][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 125.526066][ C0] process_backlog+0x31c/0x650 [ 125.526084][ C0] __napi_poll+0xc4/0x5a0 [ 125.526100][ C0] net_rx_action+0x47d/0xc50 [ 125.526128][ C0] ? net_tx_action+0x550/0x550 [ 125.526142][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 125.526157][ C0] ? sched_clock+0x9/0x10 [ 125.526172][ C0] ? irqtime_account_irq+0x79/0x3c0 [ 125.526189][ C0] __do_softirq+0x26d/0x5bf [ 125.526205][ C0] do_softirq+0xf6/0x150 [ 125.526220][ C0] [ 125.526225][ C0] [ 125.526229][ C0] ? __local_bh_enable_ip+0x80/0x80 [ 125.526246][ C0] ? ip6_finish_output2+0xd90/0x16e0 [ 125.526261][ C0] __local_bh_enable_ip+0x75/0x80 [ 125.526276][ C0] local_bh_enable+0x1f/0x30 [ 125.526289][ C0] ip6_finish_output2+0xf9c/0x16e0 [ 125.526306][ C0] ? __ip6_finish_output+0x7c0/0x7c0 [ 125.526320][ C0] ? ip6t_do_table+0x1662/0x1850 [ 125.526337][ C0] __ip6_finish_output+0x60f/0x7c0 [ 125.526353][ C0] ip6_finish_output+0x31/0x210 [ 125.526369][ C0] ? ip6_output+0x486/0x4d0 [ 125.526385][ C0] ip6_output+0x1f7/0x4d0 [ 125.526402][ C0] ? ac6_seq_show+0xf0/0xf0 [ 125.526420][ C0] ? ip6_output+0x4d0/0x4d0 [ 125.526438][ C0] mld_sendpack+0x662/0xbb0 [ 125.526454][ C0] ? add_grec+0x13a0/0x13a0 [ 125.526468][ C0] ? igmp6_send+0x10a0/0x10a0 [ 125.526484][ C0] ? finish_task_switch+0x167/0x7b0 [ 125.526503][ C0] mld_dad_work+0x236/0x620 [ 125.526517][ C0] process_one_work+0x6bb/0xc10 [ 125.526533][ C0] worker_thread+0xad5/0x12a0 [ 125.526551][ C0] kthread+0x421/0x510 [ 125.526566][ C0] ? worker_clr_flags+0x180/0x180 [ 125.526579][ C0] ? kthread_blkcg+0xd0/0xd0 [ 125.526595][ C0] ret_from_fork+0x1f/0x30 [ 125.526611][ C0] [ 125.526987][ C1] NMI backtrace for cpu 1 [ 126.077930][ C1] CPU: 1 PID: 365 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 126.087902][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 126.097797][ C1] Call Trace: [ 126.100924][ C1] [ 126.103630][ C1] dump_stack_lvl+0x151/0x1b7 [ 126.108126][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 126.113593][ C1] ? ttwu_do_wakeup+0x187/0x430 [ 126.118286][ C1] dump_stack+0x15/0x17 [ 126.122271][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 126.127047][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 126.133034][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 126.138328][ C1] ? __kasan_check_write+0x14/0x20 [ 126.143276][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 126.147963][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 126.153873][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 126.159680][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 126.165592][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 126.171309][ C1] rcu_dump_cpu_stacks+0x1d8/0x330 [ 126.176257][ C1] print_cpu_stall+0x315/0x5f0 [ 126.180867][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 126.185908][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 126.191880][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 126.196916][ C1] update_process_times+0x198/0x200 [ 126.201948][ C1] tick_sched_timer+0x188/0x240 [ 126.206635][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 126.212016][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 126.217052][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 126.222006][ C1] ? clockevents_program_event+0x22f/0x300 [ 126.227639][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 126.233541][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 126.238322][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 126.244049][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 126.249512][ C1] [ 126.252286][ C1] [ 126.255063][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 126.260878][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 126.265654][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 126.285096][ C1] RSP: 0018:ffffc900057773a0 EFLAGS: 00000246 [ 126.291012][ C1] RAX: 0000000000000003 RBX: 1ffff92000aeee78 RCX: ffffffff8154fa7f [ 126.298829][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810bac8c08 [ 126.306621][ C1] RBP: ffffc90005777450 R08: dffffc0000000000 R09: ffffed1021759182 [ 126.314442][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 126.322241][ C1] R13: ffff88810bac8c08 R14: 0000000000000003 R15: 1ffff92000aeee7c [ 126.330057][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 126.336129][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 126.342119][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 126.347064][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 126.353140][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 126.359051][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 126.365291][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 126.370064][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 126.375107][ C1] ? get_page_from_freelist+0x3550/0x35d0 [ 126.380663][ C1] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 126.385949][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 126.390983][ C1] ? sock_map_unref+0x352/0x4d0 [ 126.395669][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c0 [ 126.401050][ C1] bpf_trace_run2+0xec/0x210 [ 126.405475][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 126.410162][ C1] ? sock_map_unref+0x352/0x4d0 [ 126.414850][ C1] ? sock_map_unref+0x352/0x4d0 [ 126.419651][ C1] __bpf_trace_kfree+0x6f/0x90 [ 126.424248][ C1] ? sock_map_unref+0x352/0x4d0 [ 126.428944][ C1] kfree+0x1f3/0x220 [ 126.432667][ C1] sock_map_unref+0x352/0x4d0 [ 126.437180][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 126.442299][ C1] ? ida_alloc_range+0x987/0xa80 [ 126.447076][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c0 [ 126.452565][ C1] bpf_trace_run2+0xec/0x210 [ 126.456991][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 126.461684][ C1] ? ida_alloc_range+0x987/0xa80 [ 126.466465][ C1] ? ida_alloc_range+0x987/0xa80 [ 126.471222][ C1] __bpf_trace_kfree+0x6f/0x90 [ 126.475822][ C1] ? ida_alloc_range+0x987/0xa80 [ 126.480597][ C1] kfree+0x1f3/0x220 [ 126.484333][ C1] ? xas_nomem+0x19a/0x1d0 [ 126.488582][ C1] ida_alloc_range+0x987/0xa80 [ 126.493185][ C1] ? idr_replace+0x230/0x230 [ 126.497608][ C1] ? __kasan_check_write+0x14/0x20 [ 126.502554][ C1] ? _copy_from_user+0x96/0xd0 [ 126.507155][ C1] raw_ioctl+0x1a38/0x3510 [ 126.511409][ C1] ? ioctl_has_perm+0x3f5/0x560 [ 126.516095][ C1] ? audio_source_pcm_show+0xd0/0xd0 [ 126.521215][ C1] ? has_cap_mac_admin+0x3c0/0x3c0 [ 126.526168][ C1] ? security_file_ioctl+0x84/0xb0 [ 126.531196][ C1] ? audio_source_pcm_show+0xd0/0xd0 [ 126.536341][ C1] __se_sys_ioctl+0x114/0x190 [ 126.540857][ C1] __x64_sys_ioctl+0x7b/0x90 [ 126.545256][ C1] do_syscall_64+0x3d/0xb0 [ 126.549510][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 126.555243][ C1] RIP: 0033:0x7fece2c06c4b [ 126.559506][ C1] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 126.578932][ C1] RSP: 002b:00007fece1978fa0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 126.587177][ C1] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fece2c06c4b [ 126.595014][ C1] RDX: 00007fece197a070 RSI: 0000000041015500 RDI: 0000000000000007 [ 126.602800][ C1] RBP: 00007fece197a070 R08: 0000000000000010 R09: 00302e6364755f79 [ 126.610611][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.618425][ C1] R13: 00007fece1979040 R14: 0000000020000380 R15: 00007fece2e5a320 [ 126.626237][ C1] [ 264.989600][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 225s! [kworker/0:0:6] [ 264.997519][ C0] Modules linked in: [ 265.001252][ C0] CPU: 0 PID: 6 Comm: kworker/0:0 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 265.010794][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 265.020737][ C0] Workqueue: mld mld_dad_work [ 265.025203][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 265.029975][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.049852][ C0] RSP: 0018:ffffc90000007540 EFLAGS: 00000246 [ 265.055753][ C0] RAX: 0000000000000001 RBX: 1ffff92000000eac RCX: 1ffffffff0d1aa9c [ 265.063561][ C0] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7037ed4 [ 265.071377][ C0] RBP: ffffc900000075f0 R08: dffffc0000000000 R09: ffffed103ee06fdb [ 265.079186][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.087000][ C0] R13: ffff8881f7037ed4 R14: 0000000000000001 R15: 1ffff92000000eb0 [ 265.094810][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 265.103574][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.109996][ C0] CR2: 00007fece2c6289d CR3: 0000000127fca000 CR4: 00000000003506b0 [ 265.117821][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.125631][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.133432][ C0] Call Trace: [ 265.136564][ C0] [ 265.139292][ C0] ? show_regs+0x58/0x60 [ 265.143324][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 265.148276][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 265.153400][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 265.158603][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 265.163547][ C0] ? clockevents_program_event+0x22f/0x300 [ 265.169190][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 265.175093][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 265.180060][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 265.185968][ C0] ? sysvec_apic_timer_interrupt+0x44/0xc0 [ 265.191583][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.197574][ C0] ? kvm_wait+0x147/0x180 [ 265.201736][ C0] ? asm_common_interrupt+0x27/0x40 [ 265.206781][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 265.211719][ C0] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 265.217623][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.223868][ C0] ? kfree_skb+0xc2/0x360 [ 265.228036][ C0] ? get_stack_info_noinstr+0x1b/0x130 [ 265.233332][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 265.238103][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.243143][ C0] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 265.248434][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 265.253465][ C0] ? skb_release_data+0x8a9/0xa80 [ 265.258329][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c0 [ 265.263708][ C0] bpf_trace_run2+0xec/0x210 [ 265.268137][ C0] ? ip6_route_input+0x245/0xb60 [ 265.272907][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.277594][ C0] ? skb_release_data+0x8a9/0xa80 [ 265.282453][ C0] ? ip6_route_input+0x724/0xb60 [ 265.287227][ C0] ? skb_release_data+0x8a9/0xa80 [ 265.292102][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.296694][ C0] ? skb_release_data+0x8a9/0xa80 [ 265.301564][ C0] kfree+0x1f3/0x220 [ 265.305291][ C0] skb_release_data+0x8a9/0xa80 [ 265.309969][ C0] ? ip6_mc_input+0x233/0x2a0 [ 265.314487][ C0] kfree_skb+0xba/0x360 [ 265.318475][ C0] ip6_mc_input+0x233/0x2a0 [ 265.322812][ C0] ip6_rcv_finish+0x186/0x350 [ 265.327326][ C0] ipv6_rcv+0xeb/0x270 [ 265.331232][ C0] ? ip6_rcv_finish+0x350/0x350 [ 265.335917][ C0] ? refcount_add+0x80/0x80 [ 265.340259][ C0] ? try_to_wake_up+0x697/0x1160 [ 265.345032][ C0] ? ip6_rcv_finish+0x350/0x350 [ 265.349720][ C0] __netif_receive_skb+0x1c6/0x530 [ 265.354668][ C0] ? __kasan_check_write+0x14/0x20 [ 265.359614][ C0] ? deliver_ptype_list_skb+0x3b0/0x3b0 [ 265.364993][ C0] ? __kasan_check_write+0x14/0x20 [ 265.370086][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 265.374669][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 265.379882][ C0] process_backlog+0x31c/0x650 [ 265.384701][ C0] __napi_poll+0xc4/0x5a0 [ 265.388861][ C0] net_rx_action+0x47d/0xc50 [ 265.393285][ C0] ? net_tx_action+0x550/0x550 [ 265.397895][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 265.402922][ C0] ? sched_clock+0x9/0x10 [ 265.407088][ C0] ? irqtime_account_irq+0x79/0x3c0 [ 265.412119][ C0] __do_softirq+0x26d/0x5bf [ 265.416460][ C0] do_softirq+0xf6/0x150 [ 265.420539][ C0] [ 265.423314][ C0] [ 265.426094][ C0] ? __local_bh_enable_ip+0x80/0x80 [ 265.431127][ C0] ? ip6_finish_output2+0xd90/0x16e0 [ 265.436248][ C0] __local_bh_enable_ip+0x75/0x80 [ 265.441108][ C0] local_bh_enable+0x1f/0x30 [ 265.445536][ C0] ip6_finish_output2+0xf9c/0x16e0 [ 265.450485][ C0] ? __ip6_finish_output+0x7c0/0x7c0 [ 265.455602][ C0] ? ip6t_do_table+0x1662/0x1850 [ 265.460378][ C0] __ip6_finish_output+0x60f/0x7c0 [ 265.465324][ C0] ip6_finish_output+0x31/0x210 [ 265.470010][ C0] ? ip6_output+0x486/0x4d0 [ 265.474356][ C0] ip6_output+0x1f7/0x4d0 [ 265.478555][ C0] ? ac6_seq_show+0xf0/0xf0 [ 265.482860][ C0] ? ip6_output+0x4d0/0x4d0 [ 265.487207][ C0] mld_sendpack+0x662/0xbb0 [ 265.491537][ C0] ? add_grec+0x13a0/0x13a0 [ 265.495874][ C0] ? igmp6_send+0x10a0/0x10a0 [ 265.500388][ C0] ? finish_task_switch+0x167/0x7b0 [ 265.505443][ C0] mld_dad_work+0x236/0x620 [ 265.509761][ C0] process_one_work+0x6bb/0xc10 [ 265.514449][ C0] worker_thread+0xad5/0x12a0 [ 265.518965][ C0] kthread+0x421/0x510 [ 265.522865][ C0] ? worker_clr_flags+0x180/0x180 [ 265.527733][ C0] ? kthread_blkcg+0xd0/0xd0 [ 265.532154][ C0] ret_from_fork+0x1f/0x30 [ 265.536408][ C0] [ 265.539282][ C0] Sending NMI from CPU 0 to CPUs 1: [ 265.544337][ C1] NMI backtrace for cpu 1 [ 265.544347][ C1] CPU: 1 PID: 365 Comm: syz-executor.0 Not tainted 5.15.149-syzkaller-00055-g424f92bcbe8f #0 [ 265.544364][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 265.544373][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 265.544391][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.544403][ C1] RSP: 0018:ffffc900057773a0 EFLAGS: 00000246 [ 265.544417][ C1] RAX: 0000000000000003 RBX: 1ffff92000aeee78 RCX: ffffffff8154fa7f [ 265.544429][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810bac8c08 [ 265.544439][ C1] RBP: ffffc90005777450 R08: dffffc0000000000 R09: ffffed1021759182 [ 265.544451][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.544466][ C1] R13: ffff88810bac8c08 R14: 0000000000000003 R15: 1ffff92000aeee7c [ 265.544476][ C1] FS: 00007fece197b6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 265.544490][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.544501][ C1] CR2: 00007fece197a070 CR3: 000000012a946000 CR4: 00000000003506a0 [ 265.544514][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.544523][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.544533][ C1] Call Trace: [ 265.544537][ C1] [ 265.544542][ C1] ? show_regs+0x58/0x60 [ 265.544558][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 265.544576][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 265.544595][ C1] ? kvm_wait+0x147/0x180 [ 265.544608][ C1] ? kvm_wait+0x147/0x180 [ 265.544622][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 265.544639][ C1] ? nmi_handle+0xa8/0x280 [ 265.544654][ C1] ? kvm_wait+0x147/0x180 [ 265.544668][ C1] ? default_do_nmi+0x69/0x160 [ 265.544684][ C1] ? exc_nmi+0xaf/0x120 [ 265.544699][ C1] ? end_repeat_nmi+0x16/0x31 [ 265.544714][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.544732][ C1] ? kvm_wait+0x147/0x180 [ 265.544746][ C1] ? kvm_wait+0x147/0x180 [ 265.544760][ C1] ? kvm_wait+0x147/0x180 [ 265.544773][ C1] [ 265.544777][ C1] [ 265.544781][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.544797][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 265.544812][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.544830][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 265.544849][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.544868][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 265.544885][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.544901][ C1] ? get_page_from_freelist+0x3550/0x35d0 [ 265.544919][ C1] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 265.544937][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 265.544954][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.544969][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c0 [ 265.544982][ C1] bpf_trace_run2+0xec/0x210 [ 265.544999][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.545014][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.545030][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.545046][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.545061][ C1] ? sock_map_unref+0x352/0x4d0 [ 265.545076][ C1] kfree+0x1f3/0x220 [ 265.545092][ C1] sock_map_unref+0x352/0x4d0 [ 265.545109][ C1] sock_hash_delete_elem+0x274/0x2f0 [ 265.545125][ C1] ? ida_alloc_range+0x987/0xa80 [ 265.545141][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x9c0 [ 265.545152][ C1] bpf_trace_run2+0xec/0x210 [ 265.545168][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.545184][ C1] ? ida_alloc_range+0x987/0xa80 [ 265.545199][ C1] ? ida_alloc_range+0x987/0xa80 [ 265.545215][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.545229][ C1] ? ida_alloc_range+0x987/0xa80 [ 265.545244][ C1] kfree+0x1f3/0x220 [ 265.545259][ C1] ? xas_nomem+0x19a/0x1d0 [ 265.545274][ C1] ida_alloc_range+0x987/0xa80 [ 265.545291][ C1] ? idr_replace+0x230/0x230 [ 265.545308][ C1] ? __kasan_check_write+0x14/0x20 [ 265.545324][ C1] ? _copy_from_user+0x96/0xd0 [ 265.545338][ C1] raw_ioctl+0x1a38/0x3510 [ 265.545354][ C1] ? ioctl_has_perm+0x3f5/0x560 [ 265.545370][ C1] ? audio_source_pcm_show+0xd0/0xd0 [ 265.545386][ C1] ? has_cap_mac_admin+0x3c0/0x3c0 [ 265.545409][ C1] ? security_file_ioctl+0x84/0xb0 [ 265.545425][ C1] ? audio_source_pcm_show+0xd0/0xd0 [ 265.545442][ C1] __se_sys_ioctl+0x114/0x190 [ 265.545461][ C1] __x64_sys_ioctl+0x7b/0x90 [ 265.545474][ C1] do_syscall_64+0x3d/0xb0 [ 265.545489][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.545503][ C1] RIP: 0033:0x7fece2c06c4b [ 265.545527][ C1] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 265.545538][ C1] RSP: 002b:00007fece1978fa0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.545553][ C1] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007fece2c06c4b [ 265.545566][ C1] RDX: 00007fece197a070 RSI: 0000000041015500 RDI: 0000000000000007 [ 265.545576][ C1] RBP: 00007fece197a070 R08: 0000000000000010 R09: 00302e6364755f79 [ 265.545586][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.545595][ C1] R13: 00007fece1979040 R14: 0000000020000380 R15: 00007fece2e5a320 [ 265.545609][ C1]