Warning: Permanently added '10.128.1.243' (ED25519) to the list of known hosts.
2025/08/11 02:26:31 ignoring optional flag "sandboxArg"="0"
2025/08/11 02:26:32 parsed 1 programs
[ 100.152651][ T30] audit: type=1400 audit(1754879192.468:64): avc: denied { node_bind } for pid=281 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 100.173442][ T30] audit: type=1400 audit(1754879192.468:65): avc: denied { module_request } for pid=281 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 101.115714][ T30] audit: type=1400 audit(1754879193.438:66): avc: denied { mounton } for pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 101.117093][ T289] cgroup: Unknown subsys name 'net'
[ 101.138373][ T30] audit: type=1400 audit(1754879193.438:67): avc: denied { mount } for pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 101.165787][ T30] audit: type=1400 audit(1754879193.458:68): avc: denied { unmount } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 101.165981][ T289] cgroup: Unknown subsys name 'devices'
[ 101.305702][ T289] cgroup: Unknown subsys name 'hugetlb'
[ 101.311329][ T289] cgroup: Unknown subsys name 'rlimit'
[ 101.578260][ T30] audit: type=1400 audit(1754879193.898:69): avc: denied { setattr } for pid=289 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 101.601516][ T30] audit: type=1400 audit(1754879193.898:70): avc: denied { create } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 101.609026][ T292] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 101.622329][ T30] audit: type=1400 audit(1754879193.898:71): avc: denied { write } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 101.650974][ T30] audit: type=1400 audit(1754879193.898:72): avc: denied { read } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 101.671260][ T30] audit: type=1400 audit(1754879193.898:73): avc: denied { mounton } for pid=289 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 101.704585][ T289] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 102.148183][ T294] request_module fs-gadgetfs succeeded, but still no fs?
[ 102.417653][ T304] syz-executor (304) used greatest stack depth: 21920 bytes left
[ 102.659158][ T332] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.666270][ T332] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.673819][ T332] device bridge_slave_0 entered promiscuous mode
[ 102.680817][ T332] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.687929][ T332] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.695341][ T332] device bridge_slave_1 entered promiscuous mode
[ 102.747927][ T332] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.755027][ T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.762325][ T332] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.769387][ T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.787643][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 102.795841][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 102.803063][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 102.812850][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 102.821162][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 102.828235][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 102.837950][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 102.846130][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 102.853245][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.865601][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 102.874937][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 102.888755][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 102.899973][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 102.908252][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 102.915751][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 102.924421][ T332] device veth0_vlan entered promiscuous mode
[ 102.934360][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 102.944029][ T332] device veth1_macvtap entered promiscuous mode
[ 102.953065][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 102.962852][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 102.990218][ T332] syz-executor (332) used greatest stack depth: 20544 bytes left
2025/08/11 02:26:35 executed programs: 0
[ 103.430448][ T362] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.437564][ T362] bridge0: port 1(bridge_slave_0) entered disabled state
[ 103.445025][ T362] device bridge_slave_0 entered promiscuous mode
[ 103.456342][ T362] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.463378][ T362] bridge0: port 2(bridge_slave_1) entered disabled state
[ 103.470788][ T362] device bridge_slave_1 entered promiscuous mode
[ 103.538760][ T362] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.546076][ T362] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 103.553362][ T362] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.560441][ T362] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 103.586044][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 103.595528][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 103.602802][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 103.621324][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 103.629522][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 103.636570][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 103.644024][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 103.652129][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 103.659168][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 103.666690][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 103.674918][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 103.688564][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 103.699526][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 103.707594][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 103.715136][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 103.723119][ T362] device veth0_vlan entered promiscuous mode
[ 103.733260][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 103.744588][ T362] device veth1_macvtap entered promiscuous mode
[ 103.754451][ T343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 103.764312][ T343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 104.294774][ T45] device bridge_slave_1 left promiscuous mode
[ 104.300954][ T45] bridge0: port 2(bridge_slave_1) entered disabled state
[ 104.308862][ T45] device bridge_slave_0 left promiscuous mode
[ 104.315107][ T45] bridge0: port 1(bridge_slave_0) entered disabled state
[ 104.323515][ T45] device veth1_macvtap left promiscuous mode
[ 104.329851][ T45] device veth0_vlan left promiscuous mode
[ 207.073606][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 207.080391][ C0] rcu: 0-...!: (9998 ticks this GP) idle=9f5/1/0x4000000000000000 softirq=4492/4492 fqs=1 last_accelerate: b448/db56 dyntick_enabled: 1
[ 207.094399][ C0] (t=10000 jiffies g=2485 q=231)
[ 207.099862][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 9997 jiffies! g2485 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 207.112002][ C0] rcu: Possible timer handling issue on cpu=1 timer-softirq=1059
[ 207.119790][ C0] rcu: rcu_preempt kthread starved for 9998 jiffies! g2485 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[ 207.131226][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 207.141182][ C0] rcu: RCU grace-period kthread stack dump:
[ 207.147066][ C0] task:rcu_preempt state:I stack:28752 pid: 14 ppid: 2 flags:0x00004000
[ 207.156274][ C0] Call Trace:
[ 207.159545][ C0]
[ 207.162488][ C0] __schedule+0xb6e/0x14c0
[ 207.166927][ C0] ? release_firmware_map_entry+0x190/0x190
[ 207.172814][ C0] ? _raw_spin_unlock_irqrestore+0x5b/0x80
[ 207.178609][ C0] ? __mod_timer+0x7ae/0xb30
[ 207.183189][ C0] schedule+0x11e/0x1e0
[ 207.187338][ C0] schedule_timeout+0x12c/0x2e0
[ 207.192178][ C0] ? console_conditional_schedule+0x30/0x30
[ 207.198066][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 207.203517][ C0] ? update_process_times+0x200/0x200
[ 207.208880][ C0] ? prepare_to_swait_event+0x308/0x320
[ 207.214511][ C0] rcu_gp_fqs_loop+0x293/0xf60
[ 207.219268][ C0] ? rcu_cleanup_dead_rnp+0x180/0x180
[ 207.224642][ C0] ? rcu_gp_init+0xc00/0xc00
[ 207.229227][ C0] ? _raw_spin_unlock_irq+0x4e/0x70
[ 207.234424][ C0] ? rcu_gp_init+0x9a7/0xc00
[ 207.239009][ C0] rcu_gp_kthread+0x98/0x330
[ 207.243599][ C0] ? wake_nocb_gp+0x1d0/0x1d0
[ 207.248299][ C0] ? __kasan_check_read+0x11/0x20
[ 207.253319][ C0] ? __kthread_parkme+0xac/0x200
[ 207.258245][ C0] ? preempt_count_add+0x90/0x1b0
[ 207.263263][ C0] kthread+0x411/0x500
[ 207.267341][ C0] ? wake_nocb_gp+0x1d0/0x1d0
[ 207.272006][ C0] ? kthread_blkcg+0xd0/0xd0
[ 207.276584][ C0] ret_from_fork+0x1f/0x30
[ 207.280994][ C0]
[ 207.284007][ C0] rcu: Stack dump where RCU GP kthread last ran:
[ 207.290326][ C0] Sending NMI from CPU 0 to CPUs 1:
[ 207.295525][ C1] NMI backtrace for cpu 1
[ 207.295544][ C1] CPU: 1 PID: 970 Comm: syz.2.215 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[ 207.295561][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 207.295575][ C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x527/0x9c0
[ 207.295598][ C1] Code: 00 41 c6 45 00 00 48 8b 44 24 10 42 0f b6 04 38 84 c0 0f 85 1c 01 00 00 48 8b 44 24 08 c6 00 01 41 bd 00 80 ff ff eb 07 f3 90 <41> ff c5 74 47 43 0f b6 04 3e 84 c0 75 2b 80 3b 00 75 eb 48 89 df
[ 207.295612][ C1] RSP: 0018:ffffc90000d8f760 EFLAGS: 00000206
[ 207.295626][ C1] RAX: 0000000000000000 RBX: ffff88811c03d988 RCX: ffffffff814f3469
[ 207.295638][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff88811c03d988
[ 207.295653][ C1] RBP: ffffc90000d8f850 R08: dffffc0000000000 R09: ffffed1023807b32
[ 207.295665][ C1] R10: ffffed1023807b32 R11: 1ffff11023807b31 R12: 1ffff1103ee20001
[ 207.295677][ C1] R13: 00000000ffffe8f9 R14: 1ffff11023807b31 R15: dffffc0000000000
[ 207.295690][ C1] FS: 00007f30519c86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 207.295704][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 207.295715][ C1] CR2: 0000200000000000 CR3: 0000000120656000 CR4: 00000000003506a0
[ 207.295730][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 207.295739][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 207.295749][ C1] Call Trace:
[ 207.295754][ C1]
[ 207.295761][ C1] ? __pv_queued_spin_unlock_slowpath+0x300/0x300
[ 207.295780][ C1] ? avc_has_perm+0x158/0x240
[ 207.295797][ C1] queued_spin_lock_slowpath+0x47/0x50
[ 207.295813][ C1] _raw_spin_lock_bh+0xd8/0xe0
[ 207.295830][ C1] ? _raw_spin_lock_irq+0xe0/0xe0
[ 207.295848][ C1] lock_sock_nested+0x97/0x290
[ 207.295865][ C1] ? sock_init_data+0xc0/0xc0
[ 207.295879][ C1] ? _raw_spin_lock_bh+0x8e/0xe0
[ 207.295897][ C1] ? _raw_spin_unlock_bh+0x51/0x60
[ 207.295914][ C1] tipc_sendstream+0x47/0x70
[ 207.295928][ C1] ? tipc_getsockopt+0x4c0/0x4c0
[ 207.295942][ C1] ____sys_sendmsg+0x5a2/0x8c0
[ 207.295961][ C1] ? __sys_sendmsg_sock+0x40/0x40
[ 207.295979][ C1] ? import_iovec+0x7c/0xb0
[ 207.295996][ C1] ___sys_sendmsg+0x1f0/0x260
[ 207.296015][ C1] ? __sys_sendmsg+0x250/0x250
[ 207.296033][ C1] ? memcpy+0x56/0x70
[ 207.296051][ C1] ? __fdget+0x1a1/0x230
[ 207.296069][ C1] __x64_sys_sendmsg+0x1e2/0x2a0
[ 207.296086][ C1] ? ___sys_sendmsg+0x260/0x260
[ 207.296105][ C1] ? fpregs_assert_state_consistent+0xb1/0xe0
[ 207.296125][ C1] x64_sys_call+0x4b/0x9a0
[ 207.296140][ C1] do_syscall_64+0x4c/0xa0
[ 207.296156][ C1] ? clear_bhb_loop+0x50/0xa0
[ 207.296172][ C1] ? clear_bhb_loop+0x50/0xa0
[ 207.296189][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 207.296207][ C1] RIP: 0033:0x7f3051b57be9
[ 207.296231][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 207.296244][ C1] RSP: 002b:00007f30519c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 207.296259][ C1] RAX: ffffffffffffffda RBX: 00007f3051d7efa0 RCX: 00007f3051b57be9
[ 207.296271][ C1] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000004
[ 207.296281][ C1] RBP: 00007f3051bdae19 R08: 0000000000000000 R09: 0000000000000000
[ 207.296291][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 207.296300][ C1] R13: 00007f3051d7f038 R14: 00007f3051d7efa0 R15: 00007ffc466f6f18
[ 207.296315][ C1]
[ 207.296565][ C0] NMI backtrace for cpu 0
[ 207.645017][ C0] CPU: 0 PID: 971 Comm: syz.2.215 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[ 207.654985][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 207.665035][ C0] Call Trace:
[ 207.668329][ C0]
[ 207.671165][ C0] __dump_stack+0x21/0x30
[ 207.675489][ C0] dump_stack_lvl+0xee/0x150
[ 207.680067][ C0] ? show_regs_print_info+0x20/0x20
[ 207.685257][ C0] ? resched_curr+0x9a/0x310
[ 207.689840][ C0] ? wake_up_process+0x20/0x20
[ 207.694601][ C0] dump_stack+0x15/0x20
[ 207.698755][ C0] nmi_cpu_backtrace+0x2b4/0x2c0
[ 207.703690][ C0] ? nmi_trigger_cpumask_backtrace+0x240/0x240
[ 207.709841][ C0] ? __kasan_check_write+0x14/0x20
[ 207.714942][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 207.720488][ C0] ? _raw_spin_lock+0xe0/0xe0
[ 207.725155][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 207.731219][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 207.737292][ C0] nmi_trigger_cpumask_backtrace+0x138/0x240
[ 207.743289][ C0] arch_trigger_cpumask_backtrace+0x10/0x20
[ 207.749185][ C0] rcu_dump_cpu_stacks+0x1c7/0x300
[ 207.754291][ C0] print_cpu_stall+0x320/0x600
[ 207.759146][ C0] rcu_sched_clock_irq+0x74a/0x12b0
[ 207.764334][ C0] ? rcu_boost_kthread_setaffinity+0x310/0x310
[ 207.770491][ C0] ? raise_softirq+0x71/0xe0
[ 207.775075][ C0] ? __raise_softirq_irqoff+0xd0/0xd0
[ 207.780445][ C0] ? hrtimer_run_queues+0x166/0x430
[ 207.785637][ C0] update_process_times+0x198/0x200
[ 207.791054][ C0] tick_sched_timer+0x17c/0x240
[ 207.795892][ C0] ? tick_setup_sched_timer+0x450/0x450
[ 207.801425][ C0] __hrtimer_run_queues+0x3b5/0x9e0
[ 207.806631][ C0] ? hrtimer_interrupt+0x8c0/0x8c0
[ 207.811731][ C0] ? ktime_get_update_offsets_now+0x2fa/0x310
[ 207.817791][ C0] hrtimer_interrupt+0x3c7/0x8c0
[ 207.822748][ C0] __sysvec_apic_timer_interrupt+0xfa/0x3e0
[ 207.828634][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0
[ 207.834267][ C0]
[ 207.837215][ C0]
[ 207.840146][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 207.846308][ C0] RIP: 0010:preempt_count_add+0x8/0x1b0
[ 207.851853][ C0] Code: 1e 00 00 00 48 89 df e8 76 81 61 03 bf 01 00 00 00 e8 bc 01 00 00 5b 5d c3 66 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 <53> 49 bf 00 00 00 00 00 fc ff df 48 c7 c0 20 5f 0c 87 48 c1 e8 03
[ 207.871448][ C0] RSP: 0018:ffffc9000128e700 EFLAGS: 00000a06
[ 207.877511][ C0] RAX: f3f3f304f1f1f1f1 RBX: ffff88811c03d988 RCX: ffff88810a823b40
[ 207.885486][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000201
[ 207.893461][ C0] RBP: ffffc9000128e710 R08: dffffc0000000000 R09: ffffed1023807b31
[ 207.901562][ C0] R10: ffffed1023807b31 R11: 1ffff11023807b30 R12: dffffc0000000000
[ 207.909535][ C0] R13: 1ffff92000251ce4 R14: ffffffff848cf5fb R15: ffff88811c03d900
[ 207.917517][ C0] ? tipc_sk_rcv+0x42b/0x2c60
[ 207.922197][ C0] ? tipc_sk_rcv+0x42b/0x2c60
[ 207.926873][ C0] _raw_spin_trylock_bh+0x6e/0x130
[ 207.932001][ C0] ? _raw_spin_trylock+0x140/0x140
[ 207.937112][ C0] tipc_sk_rcv+0x42b/0x2c60
[ 207.941613][ C0] ? stack_trace_save+0x98/0xe0
[ 207.946463][ C0] ? __stack_depot_save+0x442/0x480
[ 207.951680][ C0] ? kasan_set_free_info+0x23/0x40
[ 207.956789][ C0] ? __kasan_slab_free+0x11/0x20
[ 207.961728][ C0] ? tipc_node_xmit+0x256/0xce0
[ 207.966585][ C0] ? tipc_sk_backlog_rcv+0x16f/0x1f0
[ 207.971873][ C0] ? __release_sock+0x143/0x350
[ 207.976720][ C0] ? sock_setsockopt+0x1b65/0x2270
[ 207.981826][ C0] ? __skb_queue_purge+0x170/0x170
[ 207.986953][ C0] tipc_node_xmit+0x256/0xce0
[ 207.991669][ C0] ? kasan_quarantine_put+0x34/0x190
[ 207.996961][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0
[ 208.002538][ C0] ? ____kasan_slab_free+0x130/0x160
[ 208.007852][ C0] ? __kasan_slab_free+0x11/0x20
[ 208.012782][ C0] ? slab_free_freelist_hook+0xc2/0x190
[ 208.018327][ C0] ? kfree_skbmem+0x10c/0x180
[ 208.023002][ C0] tipc_node_distr_xmit+0x292/0x390
[ 208.028195][ C0] ? tipc_node_xmit_skb+0x130/0x130
[ 208.033414][ C0] tipc_sk_rcv+0x19de/0x2c60
[ 208.038020][ C0] ? __skb_queue_purge+0x170/0x170
[ 208.043138][ C0] tipc_node_xmit+0x256/0xce0
[ 208.047811][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0
[ 208.053361][ C0] tipc_sk_push_backlog+0x4dd/0x790
[ 208.058613][ C0] tipc_sk_proto_rcv+0x98d/0x1540
[ 208.063643][ C0] ? tipc_sk_filter_rcv+0x2c40/0x2c40
[ 208.069135][ C0] ? unwind_get_return_address+0x4d/0x90
[ 208.074776][ C0] ? stack_trace_save+0xe0/0xe0
[ 208.079636][ C0] ? arch_stack_walk+0xd0/0x140
[ 208.084502][ C0] tipc_sk_filter_rcv+0x2a55/0x2c40
[ 208.089708][ C0] ? stack_trace_save+0x98/0xe0
[ 208.094571][ C0] ? __stack_depot_save+0x34/0x480
[ 208.099771][ C0] ? kasan_set_track+0x5b/0x70
[ 208.104528][ C0] ? kasan_set_track+0x4a/0x70
[ 208.109724][ C0] ? kasan_set_free_info+0x23/0x40
[ 208.114837][ C0] ? kasan_set_track+0x5b/0x70
[ 208.119594][ C0] ? kasan_set_track+0x4a/0x70
[ 208.124351][ C0] ? kasan_set_free_info+0x23/0x40
[ 208.129459][ C0] ? ____kasan_slab_free+0x125/0x160
[ 208.134737][ C0] ? __kasan_slab_free+0x11/0x20
[ 208.139673][ C0] ? slab_free_freelist_hook+0xc2/0x190
[ 208.145215][ C0] ? kmem_cache_free+0x100/0x320
[ 208.150146][ C0] ? kfree_skbmem+0x10c/0x180
[ 208.154837][ C0] ? kfree_skb+0xc1/0x2f0
[ 208.159160][ C0] ? tipc_msg_reverse+0x698/0x900
[ 208.164178][ C0] ? tipc_sk_filter_rcv+0xbe5/0x2c40
[ 208.169458][ C0] ? tipc_sk_backlog_rcv+0x109/0x1f0
[ 208.174730][ C0] ? __release_sock+0x143/0x350
[ 208.179572][ C0] ? __sys_setsockopt+0x268/0x460
[ 208.184588][ C0] ? __x64_sys_setsockopt+0xbf/0xd0
[ 208.189782][ C0] ? do_syscall_64+0x4c/0xa0
[ 208.194375][ C0] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 208.200442][ C0] ? tipc_sk_publish+0x440/0x440
[ 208.205377][ C0] ? __kasan_check_write+0x14/0x20
[ 208.210482][ C0] ? _raw_spin_lock_bh+0x8e/0xe0
[ 208.215414][ C0] tipc_sk_rcv+0x7b7/0x2c60
[ 208.219915][ C0] ? kfree_skbmem+0x10c/0x180
[ 208.224587][ C0] ? skb_release_data+0x814/0xa10
[ 208.229620][ C0] ? __skb_queue_purge+0x170/0x170
[ 208.234756][ C0] ? tipc_sk_filter_rcv+0x29de/0x2c40
[ 208.240136][ C0] tipc_node_xmit+0x256/0xce0
[ 208.244811][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0
[ 208.250372][ C0] tipc_node_distr_xmit+0x292/0x390
[ 208.255568][ C0] ? tipc_node_xmit_skb+0x130/0x130
[ 208.260768][ C0] ? selinux_capable+0x29c/0x380
[ 208.265703][ C0] tipc_sk_backlog_rcv+0x16f/0x1f0
[ 208.270812][ C0] ? tipc_sk_timeout+0x970/0x970
[ 208.275745][ C0] ? lock_sock_nested+0x1f1/0x290
[ 208.280767][ C0] __release_sock+0x143/0x350
[ 208.285439][ C0] sock_setsockopt+0x1b65/0x2270
[ 208.290373][ C0] ? __sock_set_mark+0x160/0x160
[ 208.295303][ C0] ? selinux_socket_setsockopt+0x21c/0x300
[ 208.301110][ C0] ? selinux_socket_getsockopt+0x2e0/0x2e0
[ 208.306910][ C0] ? __kasan_check_write+0x14/0x20
[ 208.312013][ C0] ? put_vma+0x44/0x60
[ 208.316074][ C0] ? __fget_files+0x2c4/0x320
[ 208.320744][ C0] ? security_socket_setsockopt+0x82/0xa0
[ 208.326460][ C0] __sys_setsockopt+0x268/0x460
[ 208.331344][ C0] ? __ia32_sys_recv+0xb0/0xb0
[ 208.336110][ C0] __x64_sys_setsockopt+0xbf/0xd0
[ 208.341124][ C0] x64_sys_call+0x982/0x9a0
[ 208.345626][ C0] do_syscall_64+0x4c/0xa0
[ 208.350036][ C0] ? clear_bhb_loop+0x50/0xa0
[ 208.354705][ C0] ? clear_bhb_loop+0x50/0xa0
[ 208.359381][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 208.365282][ C0] RIP: 0033:0x7f3051b57be9
[ 208.369691][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 208.389285][ C0] RSP: 002b:00007f30519a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 208.397692][ C0] RAX: ffffffffffffffda RBX: 00007f3051d7f090 RCX: 00007f3051b57be9
[ 208.405657][ C0] RDX: 0000000000000021 RSI: 0000000000000001 RDI: 0000000000000003
[ 208.413625][ C0] RBP: 00007f3051bdae19 R08: 0000000000000004 R09: 0000000000000000
[ 208.421604][ C0] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000000
[ 208.429664][ C0] R13: 00007f3051d7f128 R14: 00007f3051d7f090 R15: 00007ffc466f6f18
[ 208.437639][ C0]
[ 353.272599][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 246s! [syz.2.215:971]
[ 353.280721][ C0] Modules linked in:
[ 353.284625][ C0] CPU: 0 PID: 971 Comm: syz.2.215 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[ 353.294600][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 353.304667][ C0] RIP: 0010:__rcu_read_lock+0x14/0x50
[ 353.310061][ C0] Code: ff df 0f 85 c1 fb ff ff e8 15 b7 a9 ff e9 b7 fb ff ff 0f 1f 40 00 55 48 89 e5 53 65 48 8b 1d b3 ad ab 7e 48 81 c3 4c 04 00 00 <48> 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84
[ 353.329661][ C0] RSP: 0018:ffffc9000128e6a8 EFLAGS: 00000282
[ 353.335751][ C0] RAX: 0000000000000000 RBX: ffff88810a823f8c RCX: ffff88810a823b40
[ 353.343737][ C0] RDX: 0000000000000000 RSI: 000000005f13c2af RDI: ffff888102df8000
[ 353.351930][ C0] RBP: ffffc9000128e6b0 R08: 0000000000000004 R09: 0000000000000003
[ 353.359899][ C0] R10: fffff52000251ce8 R11: 1ffff92000251ce8 R12: dffffc0000000000
[ 353.367890][ C0] R13: dffffc0000000000 R14: 0000000000000026 R15: 000000005f13c2af
[ 353.376031][ C0] FS: 00007f30519a76c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 353.384978][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 353.391561][ C0] CR2: 00007f30519a6f98 CR3: 0000000120656000 CR4: 00000000003506b0
[ 353.399532][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 353.407497][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 353.415478][ C0] Call Trace:
[ 353.418770][ C0]
[ 353.421709][ C0] tipc_sk_lookup+0xa1/0x5f0
[ 353.426303][ C0] ? __kasan_check_write+0x14/0x20
[ 353.431410][ C0] ? _raw_spin_lock_bh+0x8e/0xe0
[ 353.436340][ C0] ? tipc_sk_rcv+0x2c60/0x2c60
[ 353.441101][ C0] tipc_sk_rcv+0x3fe/0x2c60
[ 353.445685][ C0] ? stack_trace_save+0x98/0xe0
[ 353.450533][ C0] ? __stack_depot_save+0x442/0x480
[ 353.455739][ C0] ? kasan_set_free_info+0x23/0x40
[ 353.460864][ C0] ? __kasan_slab_free+0x11/0x20
[ 353.465798][ C0] ? tipc_node_xmit+0x256/0xce0
[ 353.470654][ C0] ? tipc_sk_backlog_rcv+0x16f/0x1f0
[ 353.475932][ C0] ? __release_sock+0x143/0x350
[ 353.480773][ C0] ? sock_setsockopt+0x1b65/0x2270
[ 353.485877][ C0] ? __skb_queue_purge+0x170/0x170
[ 353.491005][ C0] tipc_node_xmit+0x256/0xce0
[ 353.495673][ C0] ? kasan_quarantine_put+0x34/0x190
[ 353.500954][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0
[ 353.506489][ C0] ? ____kasan_slab_free+0x130/0x160
[ 353.511854][ C0] ? __kasan_slab_free+0x11/0x20
[ 353.516784][ C0] ? slab_free_freelist_hook+0xc2/0x190
[ 353.522426][ C0] ? kfree_skbmem+0x10c/0x180
[ 353.527117][ C0] tipc_node_distr_xmit+0x292/0x390
[ 353.532314][ C0] ? tipc_node_xmit_skb+0x130/0x130
[ 353.537507][ C0] tipc_sk_rcv+0x19de/0x2c60
[ 353.542185][ C0] ? __skb_queue_purge+0x170/0x170
[ 353.547292][ C0] tipc_node_xmit+0x256/0xce0
[ 353.551969][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0
[ 353.557511][ C0] tipc_sk_push_backlog+0x4dd/0x790
[ 353.562706][ C0] tipc_sk_proto_rcv+0x98d/0x1540
[ 353.567731][ C0] ? tipc_sk_filter_rcv+0x2c40/0x2c40
[ 353.573111][ C0] ? unwind_get_return_address+0x4d/0x90
[ 353.578741][ C0] ? stack_trace_save+0xe0/0xe0
[ 353.583586][ C0] ? arch_stack_walk+0xd0/0x140
[ 353.588434][ C0] tipc_sk_filter_rcv+0x2a55/0x2c40
[ 353.593718][ C0] ? stack_trace_save+0x98/0xe0
[ 353.598569][ C0] ? __stack_depot_save+0x34/0x480
[ 353.603704][ C0] ? kasan_set_track+0x5b/0x70
[ 353.608464][ C0] ? kasan_set_track+0x4a/0x70
[ 353.613224][ C0] ? kasan_set_free_info+0x23/0x40
[ 353.618338][ C0] ? kasan_set_track+0x5b/0x70
[ 353.623105][ C0] ? kasan_set_track+0x4a/0x70
[ 353.627860][ C0] ? kasan_set_free_info+0x23/0x40
[ 353.632972][ C0] ? ____kasan_slab_free+0x125/0x160
[ 353.638250][ C0] ? __kasan_slab_free+0x11/0x20
[ 353.643199][ C0] ? slab_free_freelist_hook+0xc2/0x190
[ 353.648748][ C0] ? kmem_cache_free+0x100/0x320
[ 353.653717][ C0] ? kfree_skbmem+0x10c/0x180
[ 353.658409][ C0] ? kfree_skb+0xc1/0x2f0
[ 353.662728][ C0] ? tipc_msg_reverse+0x698/0x900
[ 353.667747][ C0] ? tipc_sk_filter_rcv+0xbe5/0x2c40
[ 353.673026][ C0] ? tipc_sk_backlog_rcv+0x109/0x1f0
[ 353.678301][ C0] ? __release_sock+0x143/0x350
[ 353.683145][ C0] ? __sys_setsockopt+0x268/0x460
[ 353.688173][ C0] ? __x64_sys_setsockopt+0xbf/0xd0
[ 353.693365][ C0] ? do_syscall_64+0x4c/0xa0
[ 353.697944][ C0] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 353.704007][ C0] ? tipc_sk_publish+0x440/0x440
[ 353.708948][ C0] ? __kasan_check_write+0x14/0x20
[ 353.714054][ C0] ? _raw_spin_lock_bh+0x8e/0xe0
[ 353.718989][ C0] tipc_sk_rcv+0x7b7/0x2c60
[ 353.723489][ C0] ? kfree_skbmem+0x10c/0x180
[ 353.728170][ C0] ? skb_release_data+0x814/0xa10
[ 353.733190][ C0] ? __skb_queue_purge+0x170/0x170
[ 353.738296][ C0] ? tipc_sk_filter_rcv+0x29de/0x2c40
[ 353.743663][ C0] tipc_node_xmit+0x256/0xce0
[ 353.748355][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0
[ 353.753898][ C0] tipc_node_distr_xmit+0x292/0x390
[ 353.759094][ C0] ? tipc_node_xmit_skb+0x130/0x130
[ 353.764290][ C0] ? selinux_capable+0x29c/0x380
[ 353.769228][ C0] tipc_sk_backlog_rcv+0x16f/0x1f0
[ 353.774337][ C0] ? tipc_sk_timeout+0x970/0x970
[ 353.779270][ C0] ? lock_sock_nested+0x1f1/0x290
[ 353.784287][ C0] __release_sock+0x143/0x350
[ 353.788963][ C0] sock_setsockopt+0x1b65/0x2270
[ 353.793895][ C0] ? __sock_set_mark+0x160/0x160
[ 353.798829][ C0] ? selinux_socket_setsockopt+0x21c/0x300
[ 353.804639][ C0] ? selinux_socket_getsockopt+0x2e0/0x2e0
[ 353.810442][ C0] ? __kasan_check_write+0x14/0x20
[ 353.815566][ C0] ? put_vma+0x44/0x60
[ 353.819633][ C0] ? __fget_files+0x2c4/0x320
[ 353.824581][ C0] ? security_socket_setsockopt+0x82/0xa0
[ 353.830299][ C0] __sys_setsockopt+0x268/0x460
[ 353.835169][ C0] ? __ia32_sys_recv+0xb0/0xb0
[ 353.839928][ C0] __x64_sys_setsockopt+0xbf/0xd0
[ 353.844957][ C0] x64_sys_call+0x982/0x9a0
[ 353.849475][ C0] do_syscall_64+0x4c/0xa0
[ 353.853895][ C0] ? clear_bhb_loop+0x50/0xa0
[ 353.858597][ C0] ? clear_bhb_loop+0x50/0xa0
[ 353.863280][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 353.869165][ C0] RIP: 0033:0x7f3051b57be9
[ 353.873600][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 353.893199][ C0] RSP: 002b:00007f30519a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 353.901620][ C0] RAX: ffffffffffffffda RBX: 00007f3051d7f090 RCX: 00007f3051b57be9
[ 353.909586][ C0] RDX: 0000000000000021 RSI: 0000000000000001 RDI: 0000000000000003
[ 353.917553][ C0] RBP: 00007f3051bdae19 R08: 0000000000000004 R09: 0000000000000000
[ 353.925517][ C0] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000000
[ 353.933602][ C0] R13: 00007f3051d7f128 R14: 00007f3051d7f090 R15: 00007ffc466f6f18
[ 353.941688][ C0]
[ 353.944725][ C0] Sending NMI from CPU 0 to CPUs 1:
[ 353.949988][ C1] NMI backtrace for cpu 1
[ 353.950001][ C1] CPU: 1 PID: 970 Comm: syz.2.215 Not tainted 5.15.189-syzkaller-android13-5.15.189_r00 #0
[ 353.950020][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 353.950029][ C1] RIP: 0010:kvm_wait+0xf2/0x140
[ 353.950053][ C1] Code: 92 d6 03 f4 eb 9a fa 48 89 f8 48 c1 e8 03 42 0f b6 04 30 84 c0 75 3f 0f b6 07 40 38 f0 75 10 66 90 0f 00 2d 00 92 d6 03 fb f4 71 ff ff ff fb e9 6b ff ff ff e8 5e 2b 72 03 89 f9 80 e1 07 38
[ 353.950071][ C1] RSP: 0018:ffffc90000d8f6c0 EFLAGS: 00000246
[ 353.950085][ C1] RAX: 0000000000000003 RBX: ffff88811c03d988 RCX: ffffffff814f3469
[ 353.950097][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff88811c03d988
[ 353.950107][ C1] RBP: ffffc90000d8f750 R08: dffffc0000000000 R09: ffffed1023807b32
[ 353.950119][ C1] R10: ffffed1023807b32 R11: 1ffff11023807b31 R12: 1ffff1103ee20001
[ 353.950135][ C1] R13: ffff8881f7138ad4 R14: dffffc0000000000 R15: 1ffff920001b1ed8
[ 353.950148][ C1] FS: 00007f30519c86c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 353.950162][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 353.950173][ C1] CR2: 0000200000000000 CR3: 0000000120656000 CR4: 00000000003506a0
[ 353.950194][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 353.950204][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 353.950213][ C1] Call Trace:
[ 353.950219][ C1]
[ 353.950225][ C1] ? kvm_arch_para_hints+0x30/0x30
[ 353.950243][ C1] ? __pv_queued_spin_lock_slowpath+0x5b9/0x9c0
[ 353.950263][ C1] __pv_queued_spin_lock_slowpath+0x60f/0x9c0
[ 353.950282][ C1] ? __pv_queued_spin_unlock_slowpath+0x300/0x300
[ 353.950300][ C1] ? avc_has_perm+0x158/0x240
[ 353.950316][ C1] queued_spin_lock_slowpath+0x47/0x50
[ 353.950333][ C1] _raw_spin_lock_bh+0xd8/0xe0
[ 353.950350][ C1] ? _raw_spin_lock_irq+0xe0/0xe0
[ 353.950372][ C1] lock_sock_nested+0x97/0x290
[ 353.950392][ C1] ? sock_init_data+0xc0/0xc0
[ 353.950407][ C1] ? _raw_spin_lock_bh+0x8e/0xe0
[ 353.950424][ C1] ? _raw_spin_unlock_bh+0x51/0x60
[ 353.950441][ C1] tipc_sendstream+0x47/0x70
[ 353.950456][ C1] ? tipc_getsockopt+0x4c0/0x4c0
[ 353.950470][ C1] ____sys_sendmsg+0x5a2/0x8c0
[ 353.950497][ C1] ? __sys_sendmsg_sock+0x40/0x40
[ 353.950515][ C1] ? import_iovec+0x7c/0xb0
[ 353.950532][ C1] ___sys_sendmsg+0x1f0/0x260
[ 353.950550][ C1] ? __sys_sendmsg+0x250/0x250
[ 353.950569][ C1] ? memcpy+0x56/0x70
[ 353.950588][ C1] ? __fdget+0x1a1/0x230
[ 353.950610][ C1] __x64_sys_sendmsg+0x1e2/0x2a0
[ 353.950628][ C1] ? ___sys_sendmsg+0x260/0x260
[ 353.950647][ C1] ? fpregs_assert_state_consistent+0xb1/0xe0
[ 353.950667][ C1] x64_sys_call+0x4b/0x9a0
[ 353.950683][ C1] do_syscall_64+0x4c/0xa0
[ 353.950700][ C1] ? clear_bhb_loop+0x50/0xa0
[ 353.950716][ C1] ? clear_bhb_loop+0x50/0xa0
[ 353.950734][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 353.950752][ C1] RIP: 0033:0x7f3051b57be9
[ 353.950766][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 353.950778][ C1] RSP: 002b:00007f30519c8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 353.950805][ C1] RAX: ffffffffffffffda RBX: 00007f3051d7efa0 RCX: 00007f3051b57be9
[ 353.950817][ C1] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000004
[ 353.950827][ C1] RBP: 00007f3051bdae19 R08: 0000000000000000 R09: 0000000000000000
[ 353.950837][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 353.950846][ C1] R13: 00007f3051d7f038 R14: 00007f3051d7efa0 R15: 00007ffc466f6f18
[ 353.950860][ C1]