------------[ cut here ]------------ GID entry ref leak for dev syz1 index 2 ref=2 WARNING: CPU: 0 PID: 5305 at drivers/infiniband/core/cache.c:809 release_gid_table drivers/infiniband/core/cache.c:806 [inline] WARNING: CPU: 0 PID: 5305 at drivers/infiniband/core/cache.c:809 gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886 Modules linked in: CPU: 0 PID: 5305 Comm: kworker/u4:13 Not tainted syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 Workqueue: ib-unreg-wq ib_unregister_work pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) pc : release_gid_table drivers/infiniband/core/cache.c:806 [inline] pc : gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886 lr : release_gid_table drivers/infiniband/core/cache.c:806 [inline] lr : gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886 sp : ffff8000219f7920 x29: ffff8000219f7970 x28: ffff0000c9756600 x27: ffff0000cee21cd8 x26: ffff0000cee21c00 x25: 0000000000000010 x24: 0000000000000001 x23: ffff800017a15000 x22: dfff800000000000 x21: 0000000000000003 x20: 1fffe00019dc439b x19: 1fffe00019dc4380 x18: ffff800011a5bd40 x17: 0000000000000000 x16: ffff8000082d3a08 x15: 0000000000000000 x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000ff0100 x11: ff008000081924a8 x10: 0000000000000000 x9 : 14319758bf1fd600 x8 : 14319758bf1fd600 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff8000219f73b8 x4 : ffff800015134e00 x3 : ffff80000852f9b8 x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 Call trace: release_gid_table drivers/infiniband/core/cache.c:806 [inline] gid_table_release_one+0x284/0x3cc drivers/infiniband/core/cache.c:886 ib_cache_release_one+0x144/0x174 drivers/infiniband/core/cache.c:1654 ib_device_release+0xc4/0x18c drivers/infiniband/core/device.c:498 device_release+0x8c/0x1ac drivers/base/core.c:-1 kobject_cleanup lib/kobject.c:681 [inline] kobject_release lib/kobject.c:712 [inline] kref_put include/linux/kref.h:65 [inline] kobject_put+0x2b0/0x438 lib/kobject.c:729 put_device+0x28/0x40 drivers/base/core.c:3805 ib_unregister_work+0x28/0x38 drivers/infiniband/core/device.c:1596 process_one_work+0x7f4/0x13a8 kernel/workqueue.c:2292 worker_thread+0x8c8/0xfbc kernel/workqueue.c:2439 kthread+0x250/0x2d8 kernel/kthread.c:376 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:850 irq event stamp: 703892 hardirqs last enabled at (703891): [] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:261 hardirqs last disabled at (703892): [] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405 softirqs last enabled at (698008): [] softirq_handle_end kernel/softirq.c:439 [inline] softirqs last enabled at (698008): [] handle_softirqs+0xaf8/0xc6c kernel/softirq.c:624 softirqs last disabled at (697989): [] __do_softirq+0x14/0x20 kernel/softirq.c:630 ---[ end trace 0000000000000000 ]--- netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 tipc: Left network mode device hsr_slave_0 left promiscuous mode batman_adv: batadv0: Interface deactivated: batadv_slave_0 batman_adv: batadv0: Removing interface: batadv_slave_0 batman_adv: batadv0: Interface deactivated: batadv_slave_1 batman_adv: batadv0: Removing interface: batadv_slave_1 device bridge_slave_1 left promiscuous mode bridge0: port 2(bridge_slave_1) entered disabled state device bridge_slave_0 left promiscuous mode bridge0: port 1(bridge_slave_0) entered disabled state device veth1_macvtap left promiscuous mode device veth0_macvtap left promiscuous mode device veth1_vlan left promiscuous mode device veth0_vlan left promiscuous mode team0 (unregistering): Port device team_slave_1 removed team0 (unregistering): Port device team_slave_0 removed bond0 (unregistering): (slave bond_slave_1): Releasing backup interface bond0 (unregistering): (slave bond_slave_0): Releasing backup interface bond0 (unregistering): Released all slaves