------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x681/0x790 net/ipv4/af_inet.c:157
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.30-syzkaller-gd893caf112c8 #0 64e33962539d0ce7a45dea9f0941eea22919d800
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:inet_sock_destruct+0x681/0x790 net/ipv4/af_inet.c:157
Code: a3 e8 03 d8 c8 fc 0f 0b e9 53 fe ff ff e8 f7 d7 c8 fc 0f 0b e9 92 fe ff ff e8 eb d7 c8 fc 0f 0b e9 c4 fe ff ff e8 df d7 c8 fc <0f> 0b e9 f6 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 65 fc ff
RSP: 0018:ffffc900000079a0 EFLAGS: 00010246
RAX: ffffffff84bcd071 RBX: 0000000080002000 RCX: ffffffff87215540
RDX: 0000000000000100 RSI: 0000000080002000 RDI: 0000000000000000
RBP: ffffc900000079e8 R08: ffff888148d8957f R09: 1ffff110291b12af
R10: dffffc0000000000 R11: ffffed10291b12b0 R12: ffff888148d89400
R13: ffff888148d89400 R14: ffff888148d89564 R15: 1ffff110291b1282
FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f5d96ff3d58 CR3: 0000000137e48000 CR4: 00000000003526b0
DR0: 0000000000000045 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
__sk_destruct+0x6b/0x6a0 net/core/sock.c:2277
sk_destruct net/core/sock.c:2325 [inline]
__sk_free+0x313/0x410 net/core/sock.c:2336
sk_free+0x58/0xb0 net/core/sock.c:2347
tcp_wfree+0x299/0x500 net/ipv4/tcp_output.c:1240
skb_release_head_state+0x112/0x260 net/core/skbuff.c:1187
skb_release_all net/core/skbuff.c:1198 [inline]
__kfree_skb+0x29/0x210 net/core/skbuff.c:1214
sk_skb_reason_drop+0xd8/0x310 net/core/skbuff.c:1252
kfree_skb_reason include/linux/skbuff.h:1271 [inline]
arp_error_report+0xd7/0xf0 net/ipv4/arp.c:297
neigh_invalidate+0x25c/0x490 net/core/neighbour.c:1061
neigh_timer_handler+0x90b/0xf20 net/core/neighbour.c:1148
call_timer_fn+0x49/0x300 kernel/time/timer.c:1797
expire_timers kernel/time/timer.c:1848 [inline]
__run_timers kernel/time/timer.c:2422 [inline]
__run_timer_base+0x6b3/0x9a0 kernel/time/timer.c:2434
run_timer_base kernel/time/timer.c:2443 [inline]
run_timer_softirq+0x35/0x70 kernel/time/timer.c:2453
handle_softirqs+0x1ae/0x630 kernel/softirq.c:603
__do_softirq kernel/softirq.c:641 [inline]
invoke_softirq kernel/softirq.c:458 [inline]
__irq_exit_rcu+0x48/0xc0 kernel/softirq.c:690
irq_exit_rcu+0xd/0x30 kernel/softirq.c:702
instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
sysvec_apic_timer_interrupt+0x82/0x90 arch/x86/kernel/apic/apic.c:1049
asm_sysvec_apic_timer_interrupt+0x1f/0x30 arch/x86/include/asm/idtentry.h:702
RIP: 0010:pv_native_safe_halt+0x17/0x20 arch/x86/kernel/paravirt.c:106
Code: cc cc cc b8 85 52 9d b0 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 73 9c 41 00 f3 0f 1e fa 55 48 89 e5 fb f4 <5d> e9 83 57 02 00 cc cc cc b8 00 00 00 00 90 90 90 90 90 90 90 90
RSP: 0018:ffffffff87207da0 EFLAGS: 000002c6
RAX: ffff8881f6e00000 RBX: ffffffff87215540 RCX: ffffffff8585b00e
RDX: 0000000000000001 RSI: 0000000000000004 RDI: 0000000000c22a1c
RBP: ffffffff87207da0 R08: ffff8881f6e39733 R09: 1ffff1103edc72e6
R10: dffffc0000000000 R11: ffffed103edc72e7 R12: 1ffffffff0e42aa8
R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff87ca75e8
arch_safe_halt arch/x86/include/asm/paravirt.h:112 [inline]
default_idle+0x17/0x30 arch/x86/kernel/process.c:748
arch_cpu_idle+0xd/0x20 arch/x86/kernel/process.c:785
default_idle_call+0x3f/0x80 kernel/sched/idle.c:117
cpuidle_idle_call kernel/sched/idle.c:185 [inline]
do_idle+0x1a0/0x470 kernel/sched/idle.c:326
cpu_startup_entry+0x48/0x70 kernel/sched/idle.c:424
rest_init+0x10b/0x130 init/main.c:748
start_kernel+0x46a/0x4bb init/main.c:1135
x86_64_start_reservations+0x2e/0x30 arch/x86/kernel/head64.c:507
x86_64_start_kernel+0x6a/0x7b arch/x86/kernel/head64.c:488
common_startup_64+0x13b/0x157
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: cc int3
1: cc int3
2: cc int3
3: b8 85 52 9d b0 mov $0xb09d5285,%eax
8: 90 nop
9: 90 nop
a: 90 nop
b: 90 nop
c: 90 nop
d: 90 nop
e: 90 nop
f: 90 nop
10: 90 nop
11: 90 nop
12: 90 nop
13: f3 0f 1e fa endbr64
17: 66 90 xchg %ax,%ax
19: 0f 00 2d 73 9c 41 00 verw 0x419c73(%rip) # 0x419c93
20: f3 0f 1e fa endbr64
24: 55 push %rbp
25: 48 89 e5 mov %rsp,%rbp
28: fb sti
29: f4 hlt
* 2a: 5d pop %rbp <-- trapping instruction
2b: e9 83 57 02 00 jmp 0x257b3
30: cc int3
31: cc int3
32: cc int3
33: b8 00 00 00 00 mov $0x0,%eax
38: 90 nop
39: 90 nop
3a: 90 nop
3b: 90 nop
3c: 90 nop
3d: 90 nop
3e: 90 nop
3f: 90 nop