it(1713544907.192:64): avc: denied { rlimitinh } for pid=222 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 11.021110][ T30] audit: type=1400 audit(1713544907.192:65): avc: denied { siginh } for pid=222 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.571923][ T223] sshd (223) used greatest stack depth: 20448 bytes left Warning: Permanently added '10.128.1.50' (ED25519) to the list of known hosts. 2024/04/19 16:41:54 fuzzer started 2024/04/19 16:41:54 dialing manager at 10.128.0.163:30004 [ 18.682541][ T30] audit: type=1400 audit(1713544914.872:66): avc: denied { node_bind } for pid=281 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 18.687981][ T30] audit: type=1400 audit(1713544914.872:67): avc: denied { name_bind } for pid=281 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 18.966234][ T30] audit: type=1400 audit(1713544915.152:68): avc: denied { integrity } for pid=289 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 18.970888][ T289] cgroup: Unknown subsys name 'net' [ 18.988549][ T30] audit: type=1400 audit(1713544915.162:69): avc: denied { mounton } for pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 19.015959][ T30] audit: type=1400 audit(1713544915.162:70): avc: denied { mount } for pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.016130][ T289] cgroup: Unknown subsys name 'devices' [ 19.037815][ T30] audit: type=1400 audit(1713544915.182:71): avc: denied { unmount } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 19.179892][ T289] cgroup: Unknown subsys name 'hugetlb' [ 19.185353][ T289] cgroup: Unknown subsys name 'rlimit' [ 19.399960][ T30] audit: type=1400 audit(1713544915.592:72): avc: denied { mounton } for pid=289 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 19.424552][ T30] audit: type=1400 audit(1713544915.592:73): avc: denied { mount } for pid=289 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 19.431175][ T290] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 19.448005][ T30] audit: type=1400 audit(1713544915.592:74): avc: denied { setattr } for pid=289 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 19.479104][ T30] audit: type=1400 audit(1713544915.642:75): avc: denied { relabelto } for pid=290 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2024/04/19 16:41:55 code coverage: enabled 2024/04/19 16:41:55 comparison tracing: enabled 2024/04/19 16:41:55 extra coverage: enabled 2024/04/19 16:41:55 delay kcov mmap: mmap returned an invalid pointer 2024/04/19 16:41:55 setuid sandbox: enabled 2024/04/19 16:41:55 namespace sandbox: enabled 2024/04/19 16:41:55 Android sandbox: enabled 2024/04/19 16:41:55 fault injection: enabled 2024/04/19 16:41:55 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/19 16:41:55 net packet injection: enabled 2024/04/19 16:41:55 net device setup: enabled 2024/04/19 16:41:55 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/19 16:41:55 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/19 16:41:55 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/19 16:41:55 USB emulation: enabled 2024/04/19 16:41:55 hci packet injection: /dev/vhci does not exist 2024/04/19 16:41:55 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 2024/04/19 16:41:55 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 2024/04/19 16:41:55 swap file: enabled [ 19.522381][ T289] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/19 16:41:56 starting 5 executor processes [ 20.156933][ T300] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.163920][ T300] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.171331][ T300] device bridge_slave_0 entered promiscuous mode [ 20.186569][ T300] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.193560][ T300] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.200887][ T300] device bridge_slave_1 entered promiscuous mode [ 20.234268][ T301] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.241148][ T301] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.248464][ T301] device bridge_slave_0 entered promiscuous mode [ 20.255146][ T301] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.262118][ T301] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.269361][ T301] device bridge_slave_1 entered promiscuous mode [ 20.315531][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.322394][ T302] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.329734][ T302] device bridge_slave_0 entered promiscuous mode [ 20.352748][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.359677][ T302] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.366748][ T302] device bridge_slave_1 entered promiscuous mode [ 20.420562][ T303] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.427409][ T303] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.434684][ T303] device bridge_slave_0 entered promiscuous mode [ 20.441769][ T303] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.448627][ T303] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.455837][ T303] device bridge_slave_1 entered promiscuous mode [ 20.527994][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.534930][ T304] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.542370][ T304] device bridge_slave_0 entered promiscuous mode [ 20.549109][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.555955][ T304] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.563263][ T304] device bridge_slave_1 entered promiscuous mode [ 20.619748][ T300] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.626604][ T300] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.633759][ T300] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.640604][ T300] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.662345][ T301] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.669213][ T301] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.676287][ T301] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.683110][ T301] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.696440][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.703311][ T302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.710390][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.717170][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.778330][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.785486][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.792546][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.799910][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.807223][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.814557][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.821542][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.847864][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.855251][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 20.863389][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.880607][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.888579][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.895402][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.903041][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.911016][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.917866][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.925009][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.933012][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.940386][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.969139][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.977092][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.983942][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.991528][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.000103][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.008182][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.015002][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.022204][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.030150][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.036970][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.059973][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.067724][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 21.075475][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.083552][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.091593][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.098437][ T305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.105579][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.113548][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.120398][ T305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.127550][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.135579][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 21.155934][ T301] device veth0_vlan entered promiscuous mode [ 21.168396][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 21.176660][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.185212][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.192093][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.199262][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.207466][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.215905][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.224142][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.232434][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.240163][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.248042][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.255832][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.263689][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.271522][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.279418][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.287263][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.303988][ T302] device veth0_vlan entered promiscuous mode [ 21.313690][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 21.321346][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.328722][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.335940][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.344335][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.352375][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.359217][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.366584][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.374762][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.382853][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.390603][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.398411][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.406303][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.414319][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.422271][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.430735][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.438050][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.456178][ T302] device veth1_macvtap entered promiscuous mode [ 21.462684][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.470978][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.479413][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.487257][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.495261][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.503427][ T301] device veth1_macvtap entered promiscuous mode [ 21.513003][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.520624][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.528532][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.536582][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.544051][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.555474][ T300] device veth0_vlan entered promiscuous mode [ 21.564974][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.573128][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.581076][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.589260][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.597303][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.605315][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.621564][ T303] device veth0_vlan entered promiscuous mode [ 21.631438][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.639797][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.648597][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.656661][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.664988][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.672638][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.680903][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.688217][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.701902][ T300] device veth1_macvtap entered promiscuous mode [ 21.709571][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.717721][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.725827][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.733283][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.741763][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.749902][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.757941][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001440)={&(0x7f0000001480)='sched_switch\x00', r1}, 0x10) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddc1517600"}) r3 = syz_open_pts(r2, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000200)=0x2) read(r3, 0x0, 0x2006) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)) timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, 0x0) ioctl$INCFS_IOC_PERMIT_FILL(r3, 0x4b47, 0x0) r4 = gettid() timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) tkill(r4, 0x14) [ 21.778550][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.786712][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.795351][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.803516][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.827696][ T303] device veth1_macvtap entered promiscuous mode [ 21.839524][ T328] serio: Serial port pts0 [ 21.850011][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.859187][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.867128][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0) ftruncate(r0, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sched_setaffinity(0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0) sendfile(r1, r0, 0x0, 0x578410eb) executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f0000000000)='B') [ 21.874854][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.882924][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.905033][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.912980][ T307] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.923509][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.931762][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.939559][ T304] device veth0_vlan entered promiscuous mode [ 21.951696][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.959629][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.967600][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.976833][ T304] device veth1_macvtap entered promiscuous mode [ 21.985724][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.994460][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.012090][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 22.020329][ T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready executing program 3: socket$packet(0x11, 0x0, 0x300) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000), 0x4) r2 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000180)="10030600e0ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14) executing program 2: socket$packet(0x11, 0x2, 0x300) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000040000177b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0xe) [ 22.030824][ T324] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 22.045888][ T324] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 22.143049][ T343] device syzkaller0 entered promiscuous mode [ 22.219453][ T324] usb 1-1: new high-speed USB device number 2 using dummy_hcd executing program 3: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket(0x1e, 0x0, 0x0) socket(0x1e, 0x4, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000540)=ANY=[@ANYBLOB="e1"]) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2600}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0) executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x3, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410017ff5d810009050f1f050400100009058303"], 0x0) executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r1, &(0x7f00000004c0)={0x2c, 0x0, &(0x7f0000000640)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r2}, 0x10) close_range(r0, r2, 0x2) [ 22.487890][ T324] usb 1-1: device descriptor read/64, error -71 [ 22.607887][ T338] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 22.637854][ T305] usb 4-1: new high-speed USB device number 2 using dummy_hcd executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000940)={r0, &(0x7f0000000780), &(0x7f0000000900)=@udp=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = dup2(r3, r3) setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000040), 0x8) setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, 0x0, 0x0) [ 122.737820][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 122.744288][ C0] rcu: 0-...!: (9999 ticks this GP) idle=8bf/1/0x4000000000000000 softirq=2673/2675 fqs=1 last_accelerate: 9364/ba74 dyntick_enabled: 1 [ 122.758067][ C0] (t=10002 jiffies g=985 q=128) [ 122.762835][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 9999 jiffies! g985 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 122.774729][ C0] rcu: Possible timer handling issue on cpu=1 timer-softirq=396 [ 122.782282][ C0] rcu: rcu_preempt kthread starved for 10002 jiffies! g985 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 122.793305][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 122.803245][ C0] rcu: RCU grace-period kthread stack dump: [ 122.808978][ C0] task:rcu_preempt state:I stack:28248 pid: 14 ppid: 2 flags:0x00004000 [ 122.818011][ C0] Call Trace: [ 122.821123][ C0] [ 122.823908][ C0] __schedule+0xccc/0x1590 [ 122.828160][ C0] ? __sched_text_start+0x8/0x8 [ 122.832927][ C0] ? del_timer_sync+0x1bc/0x230 [ 122.837700][ C0] ? __kasan_check_write+0x14/0x20 [ 122.842732][ C0] schedule+0x11f/0x1e0 [ 122.846724][ C0] schedule_timeout+0x18c/0x370 [ 122.851419][ C0] ? __kasan_check_write+0x14/0x20 [ 122.856358][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 122.861655][ C0] ? console_conditional_schedule+0x30/0x30 [ 122.867470][ C0] ? update_process_times+0x200/0x200 [ 122.872676][ C0] ? prepare_to_swait_event+0x308/0x320 [ 122.878438][ C0] rcu_gp_fqs_loop+0x2af/0xf80 [ 122.883005][ C0] ? dump_blkd_tasks+0x7e0/0x7e0 [ 122.887779][ C0] ? rcu_gp_init+0xc30/0xc30 [ 122.892206][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 122.897240][ C0] ? rcu_gp_init+0x9cf/0xc30 [ 122.901664][ C0] rcu_gp_kthread+0xa4/0x350 [ 122.906087][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.910777][ C0] ? rcu_barrier_callback+0x50/0x50 [ 122.915914][ C0] ? __kasan_check_read+0x11/0x20 [ 122.920774][ C0] ? __kthread_parkme+0xb2/0x200 [ 122.925549][ C0] kthread+0x421/0x510 [ 122.929453][ C0] ? rcu_barrier_callback+0x50/0x50 [ 122.934527][ C0] ? kthread_blkcg+0xd0/0xd0 [ 122.938920][ C0] ret_from_fork+0x1f/0x30 [ 122.943172][ C0] [ 122.946041][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 122.952203][ C0] Sending NMI from CPU 0 to CPUs 1: [ 122.957267][ C1] NMI backtrace for cpu 1 [ 122.957290][ C1] CPU: 1 PID: 60 Comm: kworker/1:2 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 122.957311][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 122.957327][ C1] Workqueue: mld mld_dad_work [ 122.957349][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 122.957369][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 122.957383][ C1] RSP: 0000:ffffc900001d0540 EFLAGS: 00000246 [ 122.957398][ C1] RAX: 0000000000000001 RBX: 1ffff9200003a0ac RCX: 1ffffffff0d1aa9c [ 122.957411][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4 [ 122.957423][ C1] RBP: ffffc900001d05f0 R08: dffffc0000000000 R09: ffffed103ee26fdb [ 122.957436][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 122.957449][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff9200003a0b0 [ 122.957462][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 122.957478][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.957490][ C1] CR2: 000000c003aebd40 CR3: 000000011e6e9000 CR4: 00000000003506a0 [ 122.957506][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 122.957516][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 122.957527][ C1] Call Trace: [ 122.957532][ C1] [ 122.957540][ C1] ? show_regs+0x58/0x60 [ 122.957559][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 122.957580][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 122.957601][ C1] ? kvm_wait+0x147/0x180 [ 122.957616][ C1] ? kvm_wait+0x147/0x180 [ 122.957632][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 122.957651][ C1] ? nmi_handle+0xa8/0x280 [ 122.957669][ C1] ? kvm_wait+0x147/0x180 [ 122.957684][ C1] ? default_do_nmi+0x69/0x160 [ 122.957709][ C1] ? exc_nmi+0xaf/0x120 [ 122.957725][ C1] ? end_repeat_nmi+0x16/0x31 [ 122.957747][ C1] ? kvm_wait+0x147/0x180 [ 122.957762][ C1] ? kvm_wait+0x147/0x180 [ 122.957778][ C1] ? kvm_wait+0x147/0x180 [ 122.957794][ C1] [ 122.957799][ C1] [ 122.957804][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 122.957821][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 122.957840][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 122.957862][ C1] ? skb_clone+0x205/0x360 [ 122.957879][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 122.957901][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 122.957920][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 122.957939][ C1] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 122.957959][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 122.957977][ C1] ? skb_release_data+0x8a9/0xa80 [ 122.957993][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xa74 [ 122.958012][ C1] bpf_trace_run2+0xec/0x210 [ 122.958030][ C1] ? ip6_route_input+0x245/0xb60 [ 122.958049][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 122.958066][ C1] ? skb_release_data+0x8a9/0xa80 [ 122.958082][ C1] ? ip6_route_input+0x724/0xb60 [ 122.958099][ C1] ? skb_release_data+0x8a9/0xa80 [ 122.958115][ C1] __bpf_trace_kfree+0x6f/0x90 [ 122.958132][ C1] ? skb_release_data+0x8a9/0xa80 [ 122.958148][ C1] kfree+0x1f3/0x220 [ 122.958167][ C1] skb_release_data+0x8a9/0xa80 [ 122.958184][ C1] ? ip6_mc_input+0x233/0x2a0 [ 122.958203][ C1] kfree_skb+0xba/0x360 [ 122.958218][ C1] ip6_mc_input+0x233/0x2a0 [ 122.958237][ C1] ip6_rcv_finish+0x186/0x350 [ 122.958256][ C1] ipv6_rcv+0xeb/0x270 [ 122.958274][ C1] ? ip6_rcv_finish+0x350/0x350 [ 122.958293][ C1] ? refcount_add+0x80/0x80 [ 122.958311][ C1] ? try_to_wake_up+0x697/0x1160 [ 122.958332][ C1] ? ip6_rcv_finish+0x350/0x350 [ 122.958350][ C1] __netif_receive_skb+0x1c6/0x530 [ 122.958368][ C1] ? __kasan_check_write+0x14/0x20 [ 122.958385][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 122.958403][ C1] ? deliver_ptype_list_skb+0x3b0/0x3b0 [ 122.958419][ C1] ? __kasan_check_write+0x14/0x20 [ 122.958436][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 122.958455][ C1] ? _raw_spin_trylock_bh+0x190/0x190 [ 122.958474][ C1] ? __queue_work+0x94d/0xcd0 [ 122.958493][ C1] process_backlog+0x31c/0x650 [ 122.958512][ C1] __napi_poll+0xc4/0x5a0 [ 122.958527][ C1] net_rx_action+0x47d/0xc50 [ 122.958546][ C1] ? net_tx_action+0x550/0x550 [ 122.958561][ C1] ? kvm_sched_clock_read+0x18/0x40 [ 122.958578][ C1] ? sched_clock+0x9/0x10 [ 122.958595][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 122.958614][ C1] __do_softirq+0x26d/0x5bf [ 122.958631][ C1] do_softirq+0xf6/0x150 [ 122.958648][ C1] [ 122.958653][ C1] [ 122.958658][ C1] ? __local_bh_enable_ip+0x80/0x80 [ 122.958676][ C1] ? ip6_finish_output2+0xd90/0x16e0 [ 122.958702][ C1] __local_bh_enable_ip+0x75/0x80 [ 122.958719][ C1] local_bh_enable+0x1f/0x30 [ 122.958737][ C1] ip6_finish_output2+0xf9c/0x16e0 [ 122.958758][ C1] ? __ip6_finish_output+0x7c0/0x7c0 [ 122.958777][ C1] ? ip6t_do_table+0x1662/0x1850 [ 122.958797][ C1] __ip6_finish_output+0x60f/0x7c0 [ 122.958818][ C1] ip6_finish_output+0x31/0x210 [ 122.958835][ C1] ? ip6_output+0x486/0x4d0 [ 122.958864][ C1] ip6_output+0x1f7/0x4d0 [ 122.958882][ C1] ? ac6_seq_show+0xf0/0xf0 [ 122.958900][ C1] ? ip6_output+0x4d0/0x4d0 [ 122.958920][ C1] mld_sendpack+0x662/0xbb0 [ 122.958938][ C1] ? add_grec+0x13a0/0x13a0 [ 122.958953][ C1] ? igmp6_send+0x10a0/0x10a0 [ 122.958970][ C1] ? finish_task_switch+0x167/0x7b0 [ 122.958990][ C1] mld_dad_work+0x236/0x620 [ 122.959006][ C1] process_one_work+0x6bb/0xc10 [ 122.959024][ C1] worker_thread+0xad5/0x12a0 [ 122.959040][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.959062][ C1] kthread+0x421/0x510 [ 122.959078][ C1] ? worker_clr_flags+0x180/0x180 [ 122.959094][ C1] ? kthread_blkcg+0xd0/0xd0 [ 122.959111][ C1] ret_from_fork+0x1f/0x30 [ 122.959130][ C1] [ 122.959332][ C0] NMI backtrace for cpu 0 [ 123.523382][ C0] CPU: 0 PID: 353 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 123.533377][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 123.543328][ C0] Call Trace: [ 123.546453][ C0] [ 123.549145][ C0] dump_stack_lvl+0x151/0x1b7 [ 123.553745][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 123.559213][ C0] ? ttwu_do_wakeup+0x187/0x430 [ 123.563906][ C0] dump_stack+0x15/0x17 [ 123.567894][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 123.572667][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 123.578743][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 123.584042][ C0] ? __kasan_check_write+0x14/0x20 [ 123.588980][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 123.593669][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 123.599570][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 123.605387][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 123.611469][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 123.617196][ C0] rcu_dump_cpu_stacks+0x1d8/0x330 [ 123.622140][ C0] print_cpu_stall+0x315/0x5f0 [ 123.628878][ C0] rcu_sched_clock_irq+0x989/0x12f0 [ 123.634569][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 123.641614][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 123.646671][ C0] update_process_times+0x198/0x200 [ 123.651677][ C0] tick_sched_timer+0x188/0x240 [ 123.656361][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 123.661742][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 123.666780][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 123.671725][ C0] ? clockevents_program_event+0x22f/0x300 [ 123.677366][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 123.683269][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 123.688046][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 123.693773][ C0] sysvec_apic_timer_interrupt+0x95/0xc0 [ 123.699418][ C0] [ 123.702186][ C0] [ 123.704975][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.710781][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 123.715556][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 123.735089][ C0] RSP: 0018:ffffc900052c72a0 EFLAGS: 00000246 [ 123.740991][ C0] RAX: 0000000000000003 RBX: 1ffff92000a58e58 RCX: ffffffff8154f88f [ 123.748914][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888109efaae8 [ 123.757297][ C0] RBP: ffffc900052c7350 R08: dffffc0000000000 R09: ffffed10213df55e [ 123.765312][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 123.773216][ C0] R13: ffff888109efaae8 R14: 0000000000000003 R15: 1ffff92000a58e5c [ 123.781118][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 123.787291][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.793276][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 123.798223][ C0] ? pv_hash+0x86/0x150 [ 123.802214][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 123.808205][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 123.814460][ C0] ? __sched_text_start+0x8/0x8 [ 123.819141][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 123.824004][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 123.829210][ C0] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 123.834853][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 123.839894][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.844665][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xa74 [ 123.850046][ C0] bpf_trace_run2+0xec/0x210 [ 123.854745][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.859421][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.864107][ C0] ? try_invoke_on_locked_down_task+0x2a0/0x2a0 [ 123.870307][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.874991][ C0] __bpf_trace_kfree+0x6f/0x90 [ 123.879596][ C0] ? sock_map_unref+0x352/0x4d0 [ 123.884278][ C0] kfree+0x1f3/0x220 [ 123.888011][ C0] sock_map_unref+0x352/0x4d0 [ 123.892808][ C0] sock_hash_delete_elem+0x274/0x2f0 [ 123.899849][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 123.905408][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xa74 [ 123.910783][ C0] bpf_trace_run2+0xec/0x210 [ 123.915393][ C0] ? context_to_sid+0x5a8/0x600 [ 123.920075][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.924765][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 123.930137][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 123.935609][ C0] __bpf_trace_kfree+0x6f/0x90 [ 123.940235][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 123.945591][ C0] kfree+0x1f3/0x220 [ 123.949319][ C0] ? policydb_context_isvalid+0x1de/0x430 [ 123.954960][ C0] security_compute_sid+0x1d7d/0x1f40 [ 123.960173][ C0] ? security_transition_sid+0x90/0x90 [ 123.965460][ C0] ? alloc_file_pseudo+0x280/0x2f0 [ 123.970499][ C0] ? __kasan_check_write+0x14/0x20 [ 123.975466][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 123.980304][ C0] ? fd_install+0x144/0x250 [ 123.984817][ C0] ? bpf_raw_tracepoint_open+0x8a0/0x950 [ 123.990286][ C0] security_transition_sid+0x7d/0x90 [ 123.995408][ C0] selinux_socket_create+0x204/0x330 [ 124.000532][ C0] ? selinux_socket_unix_may_send+0x2f0/0x2f0 [ 124.006438][ C0] security_socket_create+0x77/0xb0 [ 124.011466][ C0] __sock_create+0xd6/0x760 [ 124.015978][ C0] __sys_socket+0x132/0x370 [ 124.020405][ C0] ? sock_create_kern+0x50/0x50 [ 124.025088][ C0] ? __kasan_check_read+0x11/0x20 [ 124.030511][ C0] __x64_sys_socket+0x7a/0x90 [ 124.035106][ C0] do_syscall_64+0x3d/0xb0 [ 124.039376][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 124.045084][ C0] RIP: 0033:0x7f03d3894ea9 [ 124.049354][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 124.068892][ C0] RSP: 002b:00007f03d26080c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 124.077286][ C0] RAX: ffffffffffffffda RBX: 00007f03d39c2f80 RCX: 00007f03d3894ea9 [ 124.085101][ C0] RDX: 000000000000003a RSI: 0000000000000003 RDI: 000000000000000a [ 124.092908][ C0] RBP: 00007f03d38e14a4 R08: 0000000000000000 R09: 0000000000000000 [ 124.100914][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.108726][ C0] R13: 000000000000000b R14: 00007f03d39c2f80 R15: 00007fff9043b318 [ 124.116632][ C0] [ 265.040384][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [syz-executor.1:353] [ 265.048823][ C0] Modules linked in: [ 265.052615][ C0] CPU: 0 PID: 353 Comm: syz-executor.1 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 265.062529][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.072522][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 265.077288][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.097269][ C0] RSP: 0018:ffffc900052c72a0 EFLAGS: 00000246 [ 265.103320][ C0] RAX: 0000000000000003 RBX: 1ffff92000a58e58 RCX: ffffffff8154f88f [ 265.111232][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff888109efaae8 [ 265.119218][ C0] RBP: ffffc900052c7350 R08: dffffc0000000000 R09: ffffed10213df55e [ 265.127026][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.135274][ C0] R13: ffff888109efaae8 R14: 0000000000000003 R15: 1ffff92000a58e5c [ 265.143082][ C0] FS: 00007f03d26086c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 265.151850][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.158273][ C0] CR2: 0000001b2e221000 CR3: 000000012896f000 CR4: 00000000003506b0 [ 265.166092][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.173893][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.181886][ C0] Call Trace: [ 265.185019][ C0] [ 265.187705][ C0] ? show_regs+0x58/0x60 [ 265.191778][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 265.196726][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 265.201863][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 265.207165][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 265.212090][ C0] ? clockevents_program_event+0x22f/0x300 [ 265.217737][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 265.223637][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 265.228824][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 265.234744][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 265.240431][ C0] [ 265.243208][ C0] [ 265.245990][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.251977][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.258053][ C0] ? kvm_wait+0x147/0x180 [ 265.262215][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.268206][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 265.273171][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 265.279230][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 265.285131][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.291467][ C0] ? __sched_text_start+0x8/0x8 [ 265.296155][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 265.300927][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.305969][ C0] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 265.311255][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 265.316289][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.320979][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xa74 [ 265.326358][ C0] bpf_trace_run2+0xec/0x210 [ 265.330785][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.335471][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.340157][ C0] ? try_invoke_on_locked_down_task+0x2a0/0x2a0 [ 265.346327][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.351014][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.355797][ C0] ? sock_map_unref+0x352/0x4d0 [ 265.360476][ C0] kfree+0x1f3/0x220 [ 265.364213][ C0] sock_map_unref+0x352/0x4d0 [ 265.368723][ C0] sock_hash_delete_elem+0x274/0x2f0 [ 265.373842][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 265.379309][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xa74 [ 265.384694][ C0] bpf_trace_run2+0xec/0x210 [ 265.389230][ C0] ? context_to_sid+0x5a8/0x600 [ 265.393911][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.398612][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 265.403981][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 265.409514][ C0] __bpf_trace_kfree+0x6f/0x90 [ 265.414112][ C0] ? security_compute_sid+0x1d7d/0x1f40 [ 265.419495][ C0] kfree+0x1f3/0x220 [ 265.423225][ C0] ? policydb_context_isvalid+0x1de/0x430 [ 265.428781][ C0] security_compute_sid+0x1d7d/0x1f40 [ 265.433994][ C0] ? security_transition_sid+0x90/0x90 [ 265.439368][ C0] ? alloc_file_pseudo+0x280/0x2f0 [ 265.444317][ C0] ? __kasan_check_write+0x14/0x20 [ 265.449262][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 265.454124][ C0] ? fd_install+0x144/0x250 [ 265.458465][ C0] ? bpf_raw_tracepoint_open+0x8a0/0x950 [ 265.463931][ C0] security_transition_sid+0x7d/0x90 [ 265.469052][ C0] selinux_socket_create+0x204/0x330 [ 265.474176][ C0] ? selinux_socket_unix_may_send+0x2f0/0x2f0 [ 265.480085][ C0] security_socket_create+0x77/0xb0 [ 265.485107][ C0] __sock_create+0xd6/0x760 [ 265.489449][ C0] __sys_socket+0x132/0x370 [ 265.493789][ C0] ? sock_create_kern+0x50/0x50 [ 265.498536][ C0] ? __kasan_check_read+0x11/0x20 [ 265.503343][ C0] __x64_sys_socket+0x7a/0x90 [ 265.507853][ C0] do_syscall_64+0x3d/0xb0 [ 265.512103][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 265.517832][ C0] RIP: 0033:0x7f03d3894ea9 [ 265.522103][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 265.541526][ C0] RSP: 002b:00007f03d26080c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 265.549856][ C0] RAX: ffffffffffffffda RBX: 00007f03d39c2f80 RCX: 00007f03d3894ea9 [ 265.557669][ C0] RDX: 000000000000003a RSI: 0000000000000003 RDI: 000000000000000a [ 265.565480][ C0] RBP: 00007f03d38e14a4 R08: 0000000000000000 R09: 0000000000000000 [ 265.573289][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.581102][ C0] R13: 000000000000000b R14: 00007f03d39c2f80 R15: 00007fff9043b318 [ 265.588917][ C0] [ 265.591785][ C0] Sending NMI from CPU 0 to CPUs 1: [ 265.596845][ C1] NMI backtrace for cpu 1 [ 265.596855][ C1] CPU: 1 PID: 60 Comm: kworker/1:2 Not tainted 5.15.148-syzkaller-00013-gad06eaf051cd #0 [ 265.596875][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 265.596886][ C1] Workqueue: mld mld_dad_work [ 265.596905][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 265.596925][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 265.596939][ C1] RSP: 0000:ffffc900001d0540 EFLAGS: 00000246 [ 265.596953][ C1] RAX: 0000000000000001 RBX: 1ffff9200003a0ac RCX: 1ffffffff0d1aa9c [ 265.596966][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4 [ 265.596977][ C1] RBP: ffffc900001d05f0 R08: dffffc0000000000 R09: ffffed103ee26fdb [ 265.596990][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 265.597002][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff9200003a0b0 [ 265.597015][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 265.597029][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 265.597042][ C1] CR2: 000000c003aebd40 CR3: 000000011e6e9000 CR4: 00000000003506a0 [ 265.597057][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 265.597067][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 265.597078][ C1] Call Trace: [ 265.597083][ C1] [ 265.597089][ C1] ? show_regs+0x58/0x60 [ 265.597107][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 265.597128][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 265.597150][ C1] ? kvm_wait+0x147/0x180 [ 265.597165][ C1] ? kvm_wait+0x147/0x180 [ 265.597180][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 265.597200][ C1] ? nmi_handle+0xa8/0x280 [ 265.597217][ C1] ? kvm_wait+0x147/0x180 [ 265.597232][ C1] ? kvm_wait+0x147/0x180 [ 265.597248][ C1] ? default_do_nmi+0x69/0x160 [ 265.597267][ C1] ? exc_nmi+0xaf/0x120 [ 265.597283][ C1] ? end_repeat_nmi+0x16/0x31 [ 265.597301][ C1] ? kvm_wait+0x147/0x180 [ 265.597317][ C1] ? kvm_wait+0x147/0x180 [ 265.597333][ C1] ? kvm_wait+0x147/0x180 [ 265.597348][ C1] [ 265.597353][ C1] [ 265.597358][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 265.597375][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 265.597394][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 265.597416][ C1] ? skb_clone+0x205/0x360 [ 265.597433][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 265.597455][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 265.597474][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 265.597493][ C1] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 265.597513][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 265.597532][ C1] ? skb_release_data+0x8a9/0xa80 [ 265.597548][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xa74 [ 265.597563][ C1] bpf_trace_run2+0xec/0x210 [ 265.597582][ C1] ? ip6_route_input+0x245/0xb60 [ 265.597601][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 265.597618][ C1] ? skb_release_data+0x8a9/0xa80 [ 265.597634][ C1] ? ip6_route_input+0x724/0xb60 [ 265.597652][ C1] ? skb_release_data+0x8a9/0xa80 [ 265.597668][ C1] __bpf_trace_kfree+0x6f/0x90 [ 265.597688][ C1] ? skb_release_data+0x8a9/0xa80 [ 265.597704][ C1] kfree+0x1f3/0x220 [ 265.597723][ C1] skb_release_data+0x8a9/0xa80 [ 265.597740][ C1] ? ip6_mc_input+0x233/0x2a0 [ 265.597759][ C1] kfree_skb+0xba/0x360 [ 265.597774][ C1] ip6_mc_input+0x233/0x2a0 [ 265.597793][ C1] ip6_rcv_finish+0x186/0x350 [ 265.597812][ C1] ipv6_rcv+0xeb/0x270 [ 265.597837][ C1] ? ip6_rcv_finish+0x350/0x350 [ 265.597856][ C1] ? refcount_add+0x80/0x80 [ 265.597874][ C1] ? try_to_wake_up+0x697/0x1160 [ 265.597895][ C1] ? ip6_rcv_finish+0x350/0x350 [ 265.597913][ C1] __netif_receive_skb+0x1c6/0x530 [ 265.597931][ C1] ? __kasan_check_write+0x14/0x20 [ 265.597949][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 265.597966][ C1] ? deliver_ptype_list_skb+0x3b0/0x3b0 [ 265.597983][ C1] ? __kasan_check_write+0x14/0x20 [ 265.598001][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 265.598018][ C1] ? _raw_spin_trylock_bh+0x190/0x190 [ 265.598037][ C1] ? __queue_work+0x94d/0xcd0 [ 265.598057][ C1] process_backlog+0x31c/0x650 [ 265.598076][ C1] __napi_poll+0xc4/0x5a0 [ 265.598092][ C1] net_rx_action+0x47d/0xc50 [ 265.598110][ C1] ? net_tx_action+0x550/0x550 [ 265.598125][ C1] ? kvm_sched_clock_read+0x18/0x40 [ 265.598143][ C1] ? sched_clock+0x9/0x10 [ 265.598160][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 265.598179][ C1] __do_softirq+0x26d/0x5bf [ 265.598197][ C1] do_softirq+0xf6/0x150 [ 265.598215][ C1] [ 265.598219][ C1] [ 265.598224][ C1] ? __local_bh_enable_ip+0x80/0x80 [ 265.598243][ C1] ? ip6_finish_output2+0xd90/0x16e0 [ 265.598263][ C1] __local_bh_enable_ip+0x75/0x80 [ 265.598280][ C1] local_bh_enable+0x1f/0x30 [ 265.598298][ C1] ip6_finish_output2+0xf9c/0x16e0 [ 265.598320][ C1] ? __ip6_finish_output+0x7c0/0x7c0 [ 265.598339][ C1] ? ip6t_do_table+0x1662/0x1850 [ 265.598359][ C1] __ip6_finish_output+0x60f/0x7c0 [ 265.598380][ C1] ip6_finish_output+0x31/0x210 [ 265.598398][ C1] ? ip6_output+0x486/0x4d0 [ 265.598416][ C1] ip6_output+0x1f7/0x4d0 [ 265.598434][ C1] ? ac6_seq_show+0xf0/0xf0 [ 265.598452][ C1] ? ip6_output+0x4d0/0x4d0 [ 265.598472][ C1] mld_sendpack+0x662/0xbb0 [ 265.598490][ C1] ? add_grec+0x13a0/0x13a0 [ 265.598505][ C1] ? igmp6_send+0x10a0/0x10a0 [ 265.598522][ C1] ? finish_task_switch+0x167/0x7b0 [ 265.598543][ C1] mld_dad_work+0x236/0x620 [ 265.598559][ C1] process_one_work+0x6bb/0xc10 [ 265.598578][ C1] worker_thread+0xad5/0x12a0 [ 265.598594][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 265.598616][ C1] kthread+0x421/0x510 [ 265.598632][ C1] ? worker_clr_flags+0x180/0x180 [ 265.598647][ C1] ? kthread_blkcg+0xd0/0xd0 [ 265.598665][ C1] ret_from_fork+0x1f/0x30 [ 265.598684][ C1]