watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [aoe_tx0:2455] Modules linked in: irq event stamp: 76785285 hardirqs last enabled at (76785284): [] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] hardirqs last enabled at (76785284): [] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 hardirqs last disabled at (76785285): [] enter_from_kernel_mode+0x14/0x34 arch/arm64/kernel/entry-common.c:42 softirqs last enabled at (440158): [] softirq_handle_end kernel/softirq.c:468 [inline] softirqs last enabled at (440158): [] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:650 softirqs last disabled at (440162): [] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19 CPU: 0 UID: 0 PID: 2455 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) pc : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline] pc : _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 lr : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] lr : _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194 sp : ffff8000a1b876f0 x29: ffff8000a1b876f0 x28: ffff000111886570 x27: 0000000000000000 x26: ffff000111886500 x25: ffff0001118865d8 x24: dfff800000000000 x23: 0000000000000003 x22: 0000000000000000 x21: ffff8000911b18c0 x20: ffff8000976d7f60 x19: 0000000000000000 x18: 00000000ffffffff x17: ffff800093325000 x16: ffff80008052bd88 x15: 0000000000000001 x14: 1ffff00012edafec x13: 0000000000000000 x12: 0000000000000000 x11: ffff800093124c88 x10: 0000000000000003 x9 : 0000000000000000 x8 : 00000000000000c0 x7 : ffff800083b31bc4 x6 : 0000000000000000 x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 x2 : 0000000000000002 x1 : ffff80008eb9b3b1 x0 : ffff80010c9ca000 Call trace: __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P) arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P) __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P) _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P) spin_unlock_irqrestore include/linux/spinlock.h:406 [inline] uart_port_unlock_irqrestore include/linux/serial_core.h:788 [inline] uart_port_unlock_deref+0x108/0x2ec drivers/tty/serial/serial_core.c:91 uart_write+0xc4/0x130 drivers/tty/serial/serial_core.c:626 handle_tx+0x200/0x5fc drivers/net/caif/caif_serial.c:222 caif_xmit+0x108/0x150 drivers/net/caif/caif_serial.c:268 __netdev_start_xmit include/linux/netdevice.h:5248 [inline] netdev_start_xmit include/linux/netdevice.h:5257 [inline] xmit_one net/core/dev.c:3845 [inline] dev_hard_start_xmit+0x2b0/0x890 net/core/dev.c:3861 __dev_queue_xmit+0x1600/0x32a8 net/core/dev.c:4763 dev_queue_xmit include/linux/netdevice.h:3365 [inline] tx+0x9c/0x1cc drivers/block/aoe/aoenet.c:62 kthread+0x164/0x354 drivers/block/aoe/aoecmd.c:1241 kthread+0x5fc/0x75c kernel/kthread.c:463 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:844 Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 4311 Comm: kworker/R-bat_e Not tainted syzkaller #0 PREEMPT Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 Workqueue: bat_events batadv_tt_purge pstate: 23400005 (nzCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) pc : arch_counter_mmio_get_cnt+0x4bc/0x1060 __efistub_vsprintf.c:-1 lr : lock_is_held_type+0x68/0x198 kernel/locking/lockdep.c:5936 sp : ffff800097956400 x29: ffff800097956400 x28: 1fffe0001a0da61b x27: 1fffe0001a0da619 x26: ffff0000d34adc40 x25: ffff80008f4ed5b0 x24: 0000000000000001 x23: 0000000000000003 x22: ffff0000d06d30c8 x21: ffff80008f78b760 x20: 00000000ffffffff x19: 0000000000000000 x18: 1fffe000337db690 x17: 0000000000020010 x16: ffff80008052bd94 x15: 0000000000000002 x14: 0000000000000000 x13: 00000000ffffffff x12: 0000000000ff0100 x11: ffff0000d34adc40 x10: 0000000000000003 x9 : 0000000100000101 x8 : 0000000000000000 x7 : ffff800097956750 x6 : 0000000000000003 x5 : ffff800097956750 x4 : ffff800097956740 x3 : 0000000000000003 x2 : 000000000000000d x1 : 00000000ffffffff x0 : 0000000000000000 Call trace: arch_counter_mmio_get_cnt+0x4bc/0x1060 __efistub_vsprintf.c:-1 (P) lock_is_held include/linux/lockdep.h:249 [inline] rcu_read_lock_held+0x34/0x50 kernel/rcu/update.c:351 __in6_dev_get include/net/addrconf.h:347 [inline] ip6_ignore_linkdown include/net/addrconf.h:443 [inline] find_match+0xf0/0xacc net/ipv6/route.c:780 __find_rr_leaf+0x204/0x5c8 net/ipv6/route.c:868 find_rr_leaf net/ipv6/route.c:889 [inline] rt6_select net/ipv6/route.c:933 [inline] fib6_table_lookup+0x308/0x8b8 net/ipv6/route.c:2233 ip6_pol_route+0x1f8/0x1014 net/ipv6/route.c:2269 ip6_pol_route_input+0x74/0x94 net/ipv6/route.c:2326 pol_lookup_func include/net/ip6_fib.h:617 [inline] fib6_rule_lookup+0x174/0x45c net/ipv6/fib6_rules.c:120 ip6_route_input_lookup net/ipv6/route.c:2338 [inline] ip6_route_input+0x5d0/0x930 net/ipv6/route.c:2641 ip6_rcv_finish_core+0x218/0x3c8 net/ipv6/ip6_input.c:66 ip6_rcv_finish+0x120/0x21c net/ipv6/ip6_input.c:77 ip_sabotage_in+0x1a8/0x220 net/bridge/br_netfilter_hooks.c:990 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline] nf_hook_slow+0xb4/0x21c net/netfilter/core.c:623 nf_hook include/linux/netfilter.h:273 [inline] NF_HOOK+0x1c8/0x358 include/linux/netfilter.h:316 ipv6_rcv+0x9c/0xbc net/ipv6/ip6_input.c:311 __netif_receive_skb_one_core net/core/dev.c:6079 [inline] __netif_receive_skb+0xcc/0x2a8 net/core/dev.c:6192 netif_receive_skb_internal net/core/dev.c:6278 [inline] netif_receive_skb+0x1e0/0x844 net/core/dev.c:6337 br_netif_receive_skb+0x144/0x18c net/bridge/br_input.c:30 NF_HOOK+0xa8/0x35c include/linux/netfilter.h:318 br_pass_frame_up+0x284/0x424 net/bridge/br_input.c:70 br_handle_frame_finish+0x1088/0x1658 net/bridge/br_input.c:235 br_nf_hook_thresh+0x344/0x3d8 net/bridge/br_netfilter_hooks.c:-1 br_nf_pre_routing_finish_ipv6+0x8bc/0xbe4 net/bridge/br_netfilter_ipv6.c:-1 NF_HOOK include/linux/netfilter.h:318 [inline] br_nf_pre_routing_ipv6+0x2c4/0x5ac net/bridge/br_netfilter_ipv6.c:184 br_nf_pre_routing+0x578/0x1130 net/bridge/br_netfilter_hooks.c:508 nf_hook_entry_hookfn include/linux/netfilter.h:158 [inline] nf_hook_bridge_pre net/bridge/br_input.c:291 [inline] br_handle_frame+0x79c/0x10ec net/bridge/br_input.c:442 __netif_receive_skb_core+0xe68/0x3b98 net/core/dev.c:5966 __netif_receive_skb_one_core net/core/dev.c:6077 [inline] __netif_receive_skb+0x78/0x2a8 net/core/dev.c:6192 process_backlog+0x60c/0x10e4 net/core/dev.c:6544 __napi_poll+0xb4/0x310 net/core/dev.c:7594 napi_poll net/core/dev.c:7657 [inline] net_rx_action+0x548/0xd00 net/core/dev.c:7784 handle_softirqs+0x328/0xc88 kernel/softirq.c:622 __do_softirq+0x14/0x20 kernel/softirq.c:656 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:68 call_on_irq_stack+0x30/0x48 arch/arm64/kernel/entry.S:891 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:73 do_softirq+0x90/0xf8 kernel/softirq.c:523 __local_bh_enable_ip+0x240/0x35c kernel/softirq.c:450 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline] _raw_spin_unlock_bh+0x3c/0x4c kernel/locking/spinlock.c:210 spin_unlock_bh include/linux/spinlock.h:396 [inline] batadv_tt_local_purge+0x25c/0x2e0 net/batman-adv/translation-table.c:1315 batadv_tt_purge+0x44/0x8ec net/batman-adv/translation-table.c:3509 process_one_work+0x7e8/0x155c kernel/workqueue.c:3263 process_scheduled_works kernel/workqueue.c:3346 [inline] rescuer_thread+0x504/0xec8 kernel/workqueue.c:3523 kthread+0x5fc/0x75c kernel/kthread.c:463 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:844