Warning: Permanently added '10.128.1.64' (ED25519) to the list of known hosts. 2025/07/15 11:53:40 ignoring optional flag "sandboxArg"="0" 2025/07/15 11:53:41 parsed 1 programs [ 216.747470][ T24] audit: type=1400 audit(1752580421.590:64): avc: denied { node_bind } for pid=275 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 216.768259][ T24] audit: type=1400 audit(1752580421.590:65): avc: denied { create } for pid=275 comm="syz-execprog" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 216.788048][ T24] audit: type=1400 audit(1752580421.590:66): avc: denied { module_request } for pid=275 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 217.697663][ T24] audit: type=1400 audit(1752580422.540:67): avc: denied { mounton } for pid=284 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 217.698990][ T284] cgroup: Unknown subsys name 'net' [ 217.720385][ T24] audit: type=1400 audit(1752580422.540:68): avc: denied { mount } for pid=284 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 217.747602][ T24] audit: type=1400 audit(1752580422.570:69): avc: denied { unmount } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 217.748030][ T284] cgroup: Unknown subsys name 'devices' [ 217.952337][ T284] cgroup: Unknown subsys name 'hugetlb' [ 217.957935][ T284] cgroup: Unknown subsys name 'rlimit' [ 218.188295][ T24] audit: type=1400 audit(1752580423.030:70): avc: denied { setattr } for pid=284 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 218.211501][ T24] audit: type=1400 audit(1752580423.030:71): avc: denied { create } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 218.231931][ T24] audit: type=1400 audit(1752580423.030:72): avc: denied { write } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 218.252208][ T24] audit: type=1400 audit(1752580423.030:73): avc: denied { read } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 218.259416][ T286] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 218.326581][ T284] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 218.793386][ T288] request_module fs-gadgetfs succeeded, but still no fs? [ 218.804374][ T288] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 219.435753][ T339] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.442944][ T339] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.450298][ T339] device bridge_slave_0 entered promiscuous mode [ 219.457248][ T339] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.464295][ T339] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.471726][ T339] device bridge_slave_1 entered promiscuous mode [ 219.507034][ T339] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.514093][ T339] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.521499][ T339] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.528529][ T339] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.546731][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 219.554681][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.562302][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.571806][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 219.580022][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.587265][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.596118][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 219.604531][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.611602][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.623307][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 219.632848][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 219.646122][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 219.657475][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 219.665753][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 219.673360][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 219.681892][ T339] device veth0_vlan entered promiscuous mode [ 219.692011][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 219.705866][ T339] device veth1_macvtap entered promiscuous mode [ 219.715590][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 219.725439][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2025/07/15 11:53:44 executed programs: 0 [ 219.902197][ T349] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.909238][ T349] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.916687][ T349] device bridge_slave_0 entered promiscuous mode [ 219.923538][ T349] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.930705][ T349] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.938038][ T349] device bridge_slave_1 entered promiscuous mode [ 219.979944][ T349] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.987005][ T349] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.994282][ T349] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.001310][ T349] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.018758][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 220.026333][ T329] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.033687][ T329] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.050051][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 220.058554][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 220.066934][ T329] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.074012][ T329] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.082344][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 220.091034][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 220.099155][ T329] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.106202][ T329] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.121819][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 220.129865][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 220.139440][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 220.147928][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 220.165788][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 220.174407][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 220.191745][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 220.199722][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 220.207999][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 220.215603][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 220.223934][ T349] device veth0_vlan entered promiscuous mode [ 220.234672][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 220.242900][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 220.252273][ T349] device veth1_macvtap entered promiscuous mode [ 220.262415][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 220.270048][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 220.278685][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 220.291602][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 220.299867][ T329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 220.841533][ T49] device bridge_slave_1 left promiscuous mode [ 220.847656][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.855714][ T49] device bridge_slave_0 left promiscuous mode [ 220.862190][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.871855][ T49] device veth1_macvtap left promiscuous mode [ 220.877928][ T49] device veth0_vlan left promiscuous mode [ 321.220318][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 321.227301][ C1] rcu: 0-...!: (1 GPs behind) idle=4be/1/0x4000000000000000 softirq=2255/2256 fqs=0 last_accelerate: e0e0/07f5 dyntick_enabled: 1 [ 321.240830][ C1] (detected by 1, t=10005 jiffies, g=1049, q=204) [ 321.247335][ C1] Sending NMI from CPU 1 to CPUs 0: [ 321.253524][ C1] NMI backtrace for cpu 0 [ 321.253530][ C1] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.10.238-syzkaller-00316-gd0d90e085c21 #0 [ 321.253535][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 321.253539][ C1] Workqueue: ipv6_addrconf addrconf_dad_work [ 321.253545][ C1] RIP: 0010:kvm_wait+0xb2/0x120 [ 321.253554][ C1] Code: c1 e8 03 42 0f b6 04 30 84 c0 75 6d 0f b6 07 40 38 f0 75 26 41 f7 c4 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d 0f 9d 98 03 f4 0e 0f 1f 44 00 00 0f 00 2d 00 9d 98 03 fb f4 4c 89 64 24 18 ff [ 321.253558][ C1] RSP: 0018:ffffc90000057220 EFLAGS: 00000046 [ 321.253564][ C1] RAX: 0000000000000003 RBX: ffff8881f7047840 RCX: ffffffff814b179a [ 321.253568][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8881f7047840 [ 321.253573][ C1] RBP: ffffc900000572d0 R08: dffffc0000000000 R09: ffffed103ee08f09 [ 321.253577][ C1] R10: ffffed103ee08f09 R11: 1ffff1103ee08f08 R12: 0000000000000046 [ 321.253581][ C1] R13: 1ffff1103ee08f08 R14: dffffc0000000000 R15: 1ffff9200000ae48 [ 321.253585][ C1] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 321.253589][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 321.253593][ C1] CR2: 0000000000000000 CR3: 000000010aa16000 CR4: 00000000003506b0 [ 321.253597][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 321.253601][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 321.253603][ C1] Call Trace: [ 321.253606][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 321.253610][ C1] __pv_queued_spin_lock_slowpath+0x714/0xb70 [ 321.253613][ C1] ? __pv_queued_spin_unlock_slowpath+0x280/0x280 [ 321.253616][ C1] ? dev_queue_xmit+0x20/0x20 [ 321.253619][ C1] queued_spin_lock_slowpath+0x47/0x50 [ 321.253622][ C1] _raw_spin_lock_irqsave+0x108/0x110 [ 321.253625][ C1] ? _raw_spin_lock+0xe0/0xe0 [ 321.253628][ C1] ? __this_cpu_preempt_check+0x13/0x20 [ 321.253631][ C1] ? do_softirq_own_stack+0x6c/0x80 [ 321.253634][ C1] lock_timer_base+0x127/0x270 [ 321.253637][ C1] __mod_timer+0x10a/0xb30 [ 321.253640][ C1] add_timer+0x68/0x80 [ 321.253643][ C1] __queue_delayed_work+0x173/0x200 [ 321.253645][ C1] queue_delayed_work_on+0xde/0x130 [ 321.253648][ C1] ? _raw_spin_lock+0x8e/0xe0 [ 321.253651][ C1] ? delayed_work_timer_fn+0x80/0x80 [ 321.253654][ C1] ? __kasan_check_write+0x14/0x20 [ 321.253657][ C1] kvfree_call_rcu+0x417/0x620 [ 321.253660][ C1] ? __ip6_finish_output+0x5ff/0x790 [ 321.253717][ C1] ? call_rcu+0x1040/0x1040 [ 321.253728][ C1] ? ip6_finish_output+0x33/0x1f0 [ 321.253731][ C1] ? __kasan_check_write+0x14/0x20 [ 321.253734][ C1] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 321.253737][ C1] ? _raw_spin_lock+0xe0/0xe0 [ 321.253740][ C1] ? longest_prefix_match+0x43c/0x640 [ 321.253743][ C1] ? ac6_seq_show+0xf0/0xf0 [ 321.253746][ C1] trie_delete_elem+0x57a/0x710 [ 321.253749][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x4cc [ 321.253751][ C1] bpf_trace_run3+0xcb/0x230 [ 321.253754][ C1] ? bpf_trace_run2+0x200/0x200 [ 321.253757][ C1] ? ndisc_error_report+0xc0/0xc0 [ 321.253760][ C1] __bpf_trace_timer_start+0x2b/0x40 [ 321.253763][ C1] enqueue_timer+0x337/0x480 [ 321.253765][ C1] __mod_timer+0x79f/0xb30 [ 321.253768][ C1] mod_timer+0x1f/0x30 [ 321.253771][ C1] addrconf_dad_completed+0xb1d/0xe80 [ 321.253774][ C1] ? addrconf_dad_stop+0x460/0x460 [ 321.253777][ C1] addrconf_dad_work+0xc18/0x1410 [ 321.253780][ C1] ? rcu_segcblist_insert_count+0x48/0x70 [ 321.253783][ C1] ? ipv6_get_saddr_eval+0xf70/0xf70 [ 321.253786][ C1] ? __kasan_check_write+0x14/0x20 [ 321.253789][ C1] ? _raw_spin_lock_irq+0x8f/0xe0 [ 321.253792][ C1] ? __kasan_check_read+0x11/0x20 [ 321.253795][ C1] ? read_word_at_a_time+0x12/0x20 [ 321.253797][ C1] ? strscpy+0x9b/0x290 [ 321.253800][ C1] process_one_work+0x6e1/0xba0 [ 321.253803][ C1] worker_thread+0xa6a/0x13b0 [ 321.253805][ C1] kthread+0x346/0x3d0 [ 321.253808][ C1] ? worker_clr_flags+0x190/0x190 [ 321.253810][ C1] ? kthread_blkcg+0xd0/0xd0 [ 321.253813][ C1] ret_from_fork+0x1f/0x30 [ 321.253829][ C1] rcu: rcu_preempt kthread starved for 10005 jiffies! g1049 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 321.661326][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 321.671279][ C1] rcu: RCU grace-period kthread stack dump: [ 321.677148][ C1] task:rcu_preempt state:R running task stack: 0 pid: 13 ppid: 2 flags:0x00004000 [ 321.687892][ C1] Call Trace: [ 321.691171][ C1] __schedule+0xb47/0x1310 [ 321.695578][ C1] ? release_firmware_map_entry+0x190/0x190 [ 321.701452][ C1] ? __mod_timer+0x7ae/0xb30 [ 321.706023][ C1] schedule+0x13c/0x1d0 [ 321.710162][ C1] schedule_timeout+0x12c/0x2d0 [ 321.714996][ C1] ? console_conditional_schedule+0x10/0x10 [ 321.720891][ C1] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 321.726335][ C1] ? run_local_timers+0x160/0x160 [ 321.731344][ C1] ? prepare_to_swait_event+0x320/0x340 [ 321.736872][ C1] rcu_gp_kthread+0x100a/0x26a0 [ 321.741707][ C1] ? rcu_barrier_callback+0x50/0x50 [ 321.746890][ C1] ? __kasan_check_read+0x11/0x20 [ 321.751898][ C1] ? __kthread_parkme+0xb9/0x1c0 [ 321.756816][ C1] kthread+0x346/0x3d0 [ 321.760866][ C1] ? rcu_barrier_callback+0x50/0x50 [ 321.766064][ C1] ? kthread_blkcg+0xd0/0xd0 [ 321.770635][ C1] ret_from_fork+0x1f/0x30 [ 463.040944][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 123s! [syz.2.51:419] [ 463.048955][ C1] Modules linked in: [ 463.052854][ C1] CPU: 1 PID: 419 Comm: syz.2.51 Not tainted 5.10.238-syzkaller-00316-gd0d90e085c21 #0 [ 463.062475][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 463.072530][ C1] RIP: 0010:smp_call_function_single+0x1f5/0x470 [ 463.078842][ C1] Code: 48 44 89 f6 83 e6 01 31 ff e8 d7 6e 0a 00 41 83 e6 01 49 bc 00 00 00 00 00 fc ff df 75 0a e8 12 6b 0a 00 e9 a9 00 00 00 f3 90 44 24 48 01 00 00 00 0f 84 94 00 00 00 e8 f8 6a 0a 00 eb e9 e8 [ 463.098866][ C1] RSP: 0018:ffffc90000c47820 EFLAGS: 00000293 [ 463.104927][ C1] RAX: ffffffff81592a38 RBX: 0000000000000000 RCX: ffff8881127c93c0 [ 463.112892][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 463.120852][ C1] RBP: ffffc90000c47910 R08: dffffc0000000000 R09: ffffed103ee0aec9 [ 463.128809][ C1] R10: ffffed103ee0aec9 R11: 1ffff1103ee0aec8 R12: dffffc0000000000 [ 463.136762][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff92000188f08 [ 463.144723][ C1] FS: 000055557f1bf500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 463.153634][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 463.160200][ C1] CR2: 0000200000010000 CR3: 000000012946e000 CR4: 00000000003506a0 [ 463.168157][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 463.176114][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 463.184067][ C1] Call Trace: [ 463.187350][ C1] ? text_poke_sync+0x20/0x20 [ 463.192012][ C1] ? flush_smp_call_function_from_idle+0x180/0x180 [ 463.198511][ C1] ? insn_get_modrm+0x4b6/0x790 [ 463.203343][ C1] ? text_poke_sync+0x20/0x20 [ 463.208097][ C1] smp_call_function_many_cond+0x8f2/0x9e0 [ 463.213888][ C1] ? cpumask_any_but+0xa4/0xc0 [ 463.218635][ C1] ? text_poke_sync+0x20/0x20 [ 463.223313][ C1] ? smp_call_function_many+0x40/0x40 [ 463.228694][ C1] ? enqueue_timer+0x16a/0x480 [ 463.233550][ C1] ? __text_poke+0x5af/0x640 [ 463.238135][ C1] ? text_poke_sync+0x20/0x20 [ 463.242798][ C1] on_each_cpu+0xab/0x170 [ 463.247112][ C1] ? text_poke+0x20/0x20 [ 463.251338][ C1] ? enqueue_timer+0x16a/0x480 [ 463.256082][ C1] ? smp_call_function+0x90/0x90 [ 463.261002][ C1] ? text_poke_finish+0x30/0x30 [ 463.265832][ C1] text_poke_bp_batch+0x1b3/0x4a0 [ 463.270861][ C1] ? mutex_lock+0x8c/0xe0 [ 463.275173][ C1] ? text_poke_loc_init+0x4f0/0x4f0 [ 463.280356][ C1] ? __kasan_check_write+0x14/0x20 [ 463.285451][ C1] ? mutex_lock+0x8c/0xe0 [ 463.289779][ C1] ? mutex_trylock+0xa0/0xa0 [ 463.294381][ C1] ? mutex_unlock+0x1c/0x40 [ 463.298875][ C1] text_poke_finish+0x1a/0x30 [ 463.303546][ C1] arch_jump_label_transform_apply+0x15/0x30 [ 463.309521][ C1] __jump_label_update+0x37c/0x3a0 [ 463.314622][ C1] jump_label_update+0x34c/0x3e0 [ 463.319549][ C1] static_key_disable_cpuslocked+0xc5/0x1a0 [ 463.325435][ C1] static_key_disable+0x1a/0x30 [ 463.330268][ C1] tracepoint_probe_unregister+0x6cb/0x950 [ 463.336065][ C1] bpf_probe_unregister+0x61/0x70 [ 463.341074][ C1] bpf_raw_tp_link_release+0x63/0x90 [ 463.346342][ C1] bpf_link_put+0x1f6/0x280 [ 463.350827][ C1] ? bpf_prog_uncharge_memlock+0xc0/0xc0 [ 463.356533][ C1] bpf_link_release+0x3b/0x40 [ 463.361196][ C1] __fput+0x2fb/0x770 [ 463.365163][ C1] ____fput+0x15/0x20 [ 463.369139][ C1] task_work_run+0x127/0x190 [ 463.373739][ C1] exit_to_user_mode_loop+0xcb/0xe0 [ 463.378962][ C1] syscall_exit_to_user_mode+0x68/0x90 [ 463.384515][ C1] do_syscall_64+0x3d/0x40 [ 463.388930][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 463.394817][ C1] RIP: 0033:0x7fe0b5b9b929 [ 463.399297][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.419022][ C1] RSP: 002b:00007ffe56582c08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 463.427428][ C1] RAX: 0000000000000000 RBX: 0000000000035fc4 RCX: 00007fe0b5b9b929 [ 463.435391][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 463.443350][ C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000656582eff [ 463.451310][ C1] R10: 00007fe0b5a0d000 R11: 0000000000000246 R12: 00007fe0b5dc2fac [ 463.459266][ C1] R13: 00007fe0b5dc2fa0 R14: ffffffffffffffff R15: 0000000000000003 [ 463.467230][ C1] Sending NMI from CPU 1 to CPUs 0: [ 463.473413][ C1] NMI backtrace for cpu 0 [ 463.473420][ C1] CPU: 0 PID: 5 Comm: kworker/0:0 Not tainted 5.10.238-syzkaller-00316-gd0d90e085c21 #0 [ 463.473426][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 463.473429][ C1] Workqueue: ipv6_addrconf addrconf_dad_work [ 463.473435][ C1] RIP: 0010:kvm_wait+0xb2/0x120 [ 463.473444][ C1] Code: c1 e8 03 42 0f b6 04 30 84 c0 75 6d 0f b6 07 40 38 f0 75 26 41 f7 c4 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d 0f 9d 98 03 f4 0e 0f 1f 44 00 00 0f 00 2d 00 9d 98 03 fb f4 4c 89 64 24 18 ff [ 463.473448][ C1] RSP: 0018:ffffc90000057220 EFLAGS: 00000046 [ 463.473454][ C1] RAX: 0000000000000003 RBX: ffff8881f7047840 RCX: ffffffff814b179a [ 463.473458][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8881f7047840 [ 463.473462][ C1] RBP: ffffc900000572d0 R08: dffffc0000000000 R09: ffffed103ee08f09 [ 463.473466][ C1] R10: ffffed103ee08f09 R11: 1ffff1103ee08f08 R12: 0000000000000046 [ 463.473470][ C1] R13: 1ffff1103ee08f08 R14: dffffc0000000000 R15: 1ffff9200000ae48 [ 463.473475][ C1] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 463.473478][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 463.473482][ C1] CR2: 0000000000000000 CR3: 000000010aa16000 CR4: 00000000003506b0 [ 463.473486][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 463.473490][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 463.473492][ C1] Call Trace: [ 463.473495][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 463.473498][ C1] __pv_queued_spin_lock_slowpath+0x714/0xb70 [ 463.473502][ C1] ? __pv_queued_spin_unlock_slowpath+0x280/0x280 [ 463.473505][ C1] ? dev_queue_xmit+0x20/0x20 [ 463.473508][ C1] queued_spin_lock_slowpath+0x47/0x50 [ 463.473511][ C1] _raw_spin_lock_irqsave+0x108/0x110 [ 463.473513][ C1] ? _raw_spin_lock+0xe0/0xe0 [ 463.473516][ C1] ? __this_cpu_preempt_check+0x13/0x20 [ 463.473519][ C1] ? do_softirq_own_stack+0x6c/0x80 [ 463.473522][ C1] lock_timer_base+0x127/0x270 [ 463.473524][ C1] __mod_timer+0x10a/0xb30 [ 463.473527][ C1] add_timer+0x68/0x80 [ 463.473530][ C1] __queue_delayed_work+0x173/0x200 [ 463.473533][ C1] queue_delayed_work_on+0xde/0x130 [ 463.473535][ C1] ? _raw_spin_lock+0x8e/0xe0 [ 463.473538][ C1] ? delayed_work_timer_fn+0x80/0x80 [ 463.473541][ C1] ? __kasan_check_write+0x14/0x20 [ 463.473544][ C1] kvfree_call_rcu+0x417/0x620 [ 463.473547][ C1] ? __ip6_finish_output+0x5ff/0x790 [ 463.473550][ C1] ? call_rcu+0x1040/0x1040 [ 463.473552][ C1] ? ip6_finish_output+0x33/0x1f0 [ 463.473555][ C1] ? __kasan_check_write+0x14/0x20 [ 463.473559][ C1] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 463.473561][ C1] ? _raw_spin_lock+0xe0/0xe0 [ 463.473564][ C1] ? longest_prefix_match+0x43c/0x640 [ 463.473567][ C1] ? ac6_seq_show+0xf0/0xf0 [ 463.473570][ C1] trie_delete_elem+0x57a/0x710 [ 463.473573][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0x4cc [ 463.473575][ C1] bpf_trace_run3+0xcb/0x230 [ 463.473578][ C1] ? bpf_trace_run2+0x200/0x200 [ 463.473581][ C1] ? ndisc_error_report+0xc0/0xc0 [ 463.473584][ C1] __bpf_trace_timer_start+0x2b/0x40 [ 463.473587][ C1] enqueue_timer+0x337/0x480 [ 463.473589][ C1] __mod_timer+0x79f/0xb30 [ 463.473592][ C1] mod_timer+0x1f/0x30 [ 463.473595][ C1] addrconf_dad_completed+0xb1d/0xe80 [ 463.473597][ C1] ? addrconf_dad_stop+0x460/0x460 [ 463.473600][ C1] addrconf_dad_work+0xc18/0x1410 [ 463.473603][ C1] ? rcu_segcblist_insert_count+0x48/0x70 [ 463.473606][ C1] ? ipv6_get_saddr_eval+0xf70/0xf70 [ 463.473609][ C1] ? __kasan_check_write+0x14/0x20 [ 463.473612][ C1] ? _raw_spin_lock_irq+0x8f/0xe0 [ 463.473615][ C1] ? __kasan_check_read+0x11/0x20 [ 463.473617][ C1] ? read_word_at_a_time+0x12/0x20 [ 463.473620][ C1] ? strscpy+0x9b/0x290 [ 463.473622][ C1] process_one_work+0x6e1/0xba0 [ 463.473625][ C1] worker_thread+0xa6a/0x13b0 [ 463.473628][ C1] kthread+0x346/0x3d0 [ 463.473630][ C1] ? worker_clr_flags+0x190/0x190 [ 463.473633][ C1] ? kthread_blkcg+0xd0/0xd0 [ 463.473635][ C1] ret_from_fork+0x1f/0x30