Warning: Permanently added '10.128.0.149' (ED25519) to the list of known hosts.
2025/04/14 14:56:28 ignoring optional flag "sandboxArg"="0"
2025/04/14 14:56:28 ignoring optional flag "type"="gce"
2025/04/14 14:56:28 parsed 1 programs
[ 49.085688][ T24] kauditd_printk_skb: 18 callbacks suppressed
[ 49.085703][ T24] audit: type=1400 audit(1744642588.540:94): avc: denied { mount } for pid=346 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
2025/04/14 14:56:28 executed programs: 0
[ 49.115658][ T24] audit: type=1400 audit(1744642588.570:95): avc: denied { unlink } for pid=346 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 49.157800][ T346] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 49.211333][ T353] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.218456][ T353] bridge0: port 1(bridge_slave_0) entered disabled state
[ 49.226072][ T353] device bridge_slave_0 entered promiscuous mode
[ 49.232753][ T353] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.239713][ T353] bridge0: port 2(bridge_slave_1) entered disabled state
[ 49.247243][ T353] device bridge_slave_1 entered promiscuous mode
[ 49.282712][ T353] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.289554][ T353] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.296769][ T353] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.303634][ T353] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.320649][ T7] bridge0: port 1(bridge_slave_0) entered disabled state
[ 49.327773][ T7] bridge0: port 2(bridge_slave_1) entered disabled state
[ 49.335011][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 49.342427][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 49.352621][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 49.360614][ T7] bridge0: port 1(bridge_slave_0) entered blocking state
[ 49.367740][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 49.375992][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 49.384028][ T7] bridge0: port 2(bridge_slave_1) entered blocking state
[ 49.390940][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 49.403311][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 49.412233][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 49.425384][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 49.436946][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 49.444989][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 49.452997][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 49.460904][ T353] device veth0_vlan entered promiscuous mode
[ 49.471033][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 49.480044][ T353] device veth1_macvtap entered promiscuous mode
[ 49.489529][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 49.499451][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 49.514034][ T24] audit: type=1400 audit(1744642588.970:96): avc: denied { mounton } for pid=353 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 49.539734][ T24] audit: type=1400 audit(1744642589.000:97): avc: denied { create } for pid=359 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 49.559923][ T24] audit: type=1400 audit(1744642589.000:98): avc: denied { write } for pid=359 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 49.579848][ T24] audit: type=1400 audit(1744642589.000:99): avc: denied { setopt } for pid=359 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 49.599770][ T24] audit: type=1400 audit(1744642589.020:100): avc: denied { read } for pid=77 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 151.551190][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 151.557780][ C1] rcu: 1-...!: (10000 ticks this GP) idle=4fa/1/0x4000000000000000 softirq=3051/3059 fqs=0 last_accelerate: 9ea5/c5b5 dyntick_enabled: 1
[ 151.571745][ C1] (t=10003 jiffies g=2193 q=320)
[ 151.576621][ C1] rcu: rcu_preempt kthread starved for 10003 jiffies! g2193 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[ 151.587784][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 151.597591][ C1] rcu: RCU grace-period kthread stack dump:
[ 151.603439][ C1] task:rcu_preempt state:I stack: 0 pid: 13 ppid: 2 flags:0x00004000
[ 151.612489][ C1] Call Trace:
[ 151.615621][ C1] __schedule+0xbe6/0x1330
[ 151.619859][ C1] ? release_firmware_map_entry+0x18d/0x18d
[ 151.625565][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210
[ 151.630925][ C1] ? _raw_spin_lock+0x1b0/0x1b0
[ 151.635647][ C1] ? _raw_spin_lock_irq+0xa5/0x1b0
[ 151.640648][ C1] schedule+0x13d/0x1d0
[ 151.644589][ C1] schedule_timeout+0x18c/0x360
[ 151.649375][ C1] ? prepare_to_swait_event+0x39f/0x3e0
[ 151.654763][ C1] ? console_conditional_schedule+0x10/0x10
[ 151.660478][ C1] ? run_local_timers+0x160/0x160
[ 151.665347][ C1] ? __note_gp_changes+0x2d8/0x6f0
[ 151.670327][ C1] rcu_gp_kthread+0xefc/0x23a0
[ 151.674899][ C1] ? dump_blkd_tasks+0x7e0/0x7e0
[ 151.679669][ C1] ? rcu_barrier_callback+0x50/0x50
[ 151.684686][ C1] ? _raw_spin_lock+0x1b0/0x1b0
[ 151.689373][ C1] ? __kasan_check_read+0x11/0x20
[ 151.694255][ C1] ? __kthread_parkme+0xb9/0x1c0
[ 151.699005][ C1] kthread+0x34b/0x3d0
[ 151.702916][ C1] ? rcu_barrier_callback+0x50/0x50
[ 151.708033][ C1] ? kthread_blkcg+0xd0/0xd0
[ 151.712473][ C1] ret_from_fork+0x1f/0x30
[ 151.716893][ C1] NMI backtrace for cpu 1
[ 151.721017][ C1] CPU: 1 PID: 1125 Comm: syz-executor.0 Not tainted 5.10.235-syzkaller-1007124-g7148b8d0d196 #0
[ 151.731859][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 151.741737][ C1] Call Trace:
[ 151.744890][ C1]
[ 151.747567][ C1] dump_stack_lvl+0x1e2/0x24b
[ 151.752088][ C1] ? panic+0x812/0x812
[ 151.755973][ C1] ? bfq_pos_tree_add_move+0x43b/0x43b
[ 151.761283][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210
[ 151.766563][ C1] ? _raw_spin_lock+0x1b0/0x1b0
[ 151.771368][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 151.777246][ C1] dump_stack+0x15/0x17
[ 151.781231][ C1] nmi_trigger_cpumask_backtrace+0x2b5/0x300
[ 151.787134][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20
[ 151.793133][ C1] arch_trigger_cpumask_backtrace+0x10/0x20
[ 151.798881][ C1] rcu_dump_cpu_stacks+0x199/0x2b0
[ 151.803986][ C1] rcu_sched_clock_irq+0xf8a/0x1890
[ 151.809012][ C1] ? rcutree_dead_cpu+0x340/0x340
[ 151.813877][ C1] ? hrtimer_run_queues+0x15f/0x440
[ 151.819004][ C1] update_process_times+0x198/0x200
[ 151.824041][ C1] tick_sched_timer+0x188/0x240
[ 151.828741][ C1] ? tick_setup_sched_timer+0x480/0x480
[ 151.834106][ C1] __hrtimer_run_queues+0x3d7/0xa50
[ 151.839140][ C1] ? hrtimer_interrupt+0x8b0/0x8b0
[ 151.844116][ C1] ? clockevents_program_event+0x214/0x2c0
[ 151.849894][ C1] ? ktime_get_update_offsets_now+0x266/0x280
[ 151.855740][ C1] hrtimer_interrupt+0x39a/0x8b0
[ 151.860518][ C1] __sysvec_apic_timer_interrupt+0xfb/0x3f0
[ 151.866246][ C1] asm_call_irq_on_stack+0xf/0x20
[ 151.871099][ C1]
[ 151.873983][ C1] sysvec_apic_timer_interrupt+0x85/0xe0
[ 151.879435][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 151.885264][ C1] RIP: 0010:__raw_callee_save___pv_queued_spin_unlock+0x10/0x17
[ 151.892861][ C1] Code: 41 51 41 52 41 53 e8 cb 0a 00 00 41 5b 41 5a 41 59 41 58 5f 5e 5a 59 5d c3 90 55 48 89 e5 52 b8 01 00 00 00 31 d2 f0 0f b0 17 <3c> 01 75 03 5a 5d c3 56 0f b6 f0 e8 bc ff ff ff 5e 5a 5d c3 0f 1f
[ 151.912698][ C1] RSP: 0018:ffffc90002926730 EFLAGS: 00000246
[ 151.918719][ C1] RAX: 0000000000000001 RBX: ffffc90002926bf4 RCX: dffffc0000000000
[ 151.926507][ C1] RDX: 0000000000000000 RSI: 00000000dbf833cf RDI: ffffc90002926bf4
[ 151.934331][ C1] RBP: ffffc90002926738 R08: ffffffff849a76b5 R09: 0000000000000003
[ 151.942335][ C1] R10: fffff52000524cdc R11: dffffc0000000001 R12: dffffc0000000000
[ 151.950200][ C1] R13: ffffc90002926be0 R14: 00000000dbf833cf R15: ffffc90002926be0
[ 151.958024][ C1] ? tipc_sk_rcv+0x305/0x1e30
[ 151.962531][ C1] _raw_spin_unlock_bh+0x41/0x60
[ 151.967298][ C1] tipc_sk_rcv+0x489/0x1e30
[ 151.971655][ C1] ? _raw_spin_unlock_irqrestore+0x5b/0x80
[ 151.977292][ C1] ? __stack_depot_save+0x468/0x4d0
[ 151.982327][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 151.987067][ C1] ? kasan_set_free_info+0x23/0x40
[ 151.991952][ C1] ? ____kasan_slab_free+0x121/0x160
[ 151.997077][ C1] ? __kasan_slab_free+0x11/0x20
[ 152.001891][ C1] ? slab_free_freelist_hook+0xc0/0x190
[ 152.007252][ C1] ? kfree_skbmem+0x104/0x170
[ 152.011827][ C1] ? kfree_skb+0xc1/0x320
[ 152.015992][ C1] ? tipc_sk_proto_rcv+0xaa9/0x1db0
[ 152.021117][ C1] ? tipc_sk_filter_rcv+0x3603/0x3e00
[ 152.026323][ C1] ? __skb_queue_purge+0x180/0x180
[ 152.031336][ C1] tipc_node_xmit+0x34b/0xe30
[ 152.035964][ C1] ? ____kasan_slab_free+0x12c/0x160
[ 152.041083][ C1] ? tipc_node_get_linkname+0x190/0x190
[ 152.046569][ C1] ? __kasan_slab_free+0x11/0x20
[ 152.051340][ C1] ? slab_free_freelist_hook+0xc0/0x190
[ 152.056719][ C1] tipc_node_distr_xmit+0x36a/0x4d0
[ 152.061753][ C1] ? tipc_node_xmit_skb+0x1b0/0x1b0
[ 152.066776][ C1] ? trace_tipc_sk_rej_msg+0x2b/0x6f0
[ 152.071998][ C1] tipc_sk_rcv+0x177d/0x1e30
[ 152.076475][ C1] ? __skb_queue_purge+0x180/0x180
[ 152.081368][ C1] tipc_node_xmit+0x34b/0xe30
[ 152.085901][ C1] ? tipc_node_get_linkname+0x190/0x190
[ 152.091257][ C1] tipc_sk_push_backlog+0x4da/0x7b0
[ 152.096573][ C1] tipc_sk_proto_rcv+0xaa9/0x1db0
[ 152.101460][ C1] ? trace_tipc_sk_dump+0x6e0/0x6e0
[ 152.106440][ C1] ? stack_trace_save+0x113/0x1c0
[ 152.111316][ C1] tipc_sk_filter_rcv+0x3603/0x3e00
[ 152.116346][ C1] ? kfree+0xc3/0x270
[ 152.120173][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 152.124946][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 152.129615][ C1] ? kasan_set_track+0x5d/0x70
[ 152.134224][ C1] ? kasan_set_free_info+0x23/0x40
[ 152.139689][ C1] ? ____kasan_slab_free+0x121/0x160
[ 152.145324][ C1] ? __kasan_slab_free+0x11/0x20
[ 152.150097][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 152.154784][ C1] ? kfree_skbmem+0x104/0x170
[ 152.159297][ C1] ? kfree_skb+0xc1/0x320
[ 152.163586][ C1] ? tipc_sk_filter_rcv+0xfbf/0x3e00
[ 152.168700][ C1] ? tipc_sk_backlog_rcv+0x122/0x210
[ 152.173829][ C1] ? __release_sock+0x148/0x410
[ 152.178688][ C1] ? sock_setsockopt+0x1e3b/0x2e00
[ 152.183650][ C1] ? __sys_setsockopt+0x441/0x870
[ 152.188506][ C1] ? __x64_sys_setsockopt+0xbf/0xd0
[ 152.193535][ C1] ? do_syscall_64+0x34/0x70
[ 152.197960][ C1] ? tipc_sk_dump+0xf50/0xf50
[ 152.202595][ C1] ? __kasan_check_write+0x14/0x20
[ 152.207650][ C1] ? _raw_spin_lock_bh+0xa4/0x1b0
[ 152.212493][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 152.217315][ C1] tipc_sk_rcv+0x8a1/0x1e30
[ 152.221726][ C1] ? __skb_queue_purge+0x180/0x180
[ 152.226663][ C1] ? tipc_sk_filter_rcv+0x3583/0x3e00
[ 152.231872][ C1] tipc_node_xmit+0x34b/0xe30
[ 152.236415][ C1] ? tipc_node_get_linkname+0x190/0x190
[ 152.241764][ C1] tipc_node_distr_xmit+0x36a/0x4d0
[ 152.246799][ C1] ? tipc_node_xmit_skb+0x1b0/0x1b0
[ 152.251863][ C1] tipc_sk_backlog_rcv+0x18b/0x210
[ 152.256778][ C1] ? tipc_sk_timeout+0xab0/0xab0
[ 152.261564][ C1] ? __local_bh_enable_ip+0x53/0x80
[ 152.266590][ C1] ? lock_sock_nested+0x26a/0x300
[ 152.271446][ C1] __release_sock+0x148/0x410
[ 152.276055][ C1] sock_setsockopt+0x1e3b/0x2e00
[ 152.280971][ C1] ? __sock_set_mark+0x160/0x160
[ 152.285677][ C1] ? selinux_socket_getsockopt+0x340/0x340
[ 152.291412][ C1] ? security_socket_setsockopt+0x82/0xb0
[ 152.296963][ C1] __sys_setsockopt+0x441/0x870
[ 152.301657][ C1] ? __ia32_sys_recv+0xb0/0xb0
[ 152.306510][ C1] ? __kasan_check_write+0x14/0x20
[ 152.311511][ C1] ? switch_fpu_return+0x1e4/0x3c0
[ 152.316431][ C1] __x64_sys_setsockopt+0xbf/0xd0
[ 152.321269][ C1] do_syscall_64+0x34/0x70
[ 152.325529][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 152.331323][ C1] RIP: 0033:0x7faeeaeb3da9
[ 152.335647][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 152.355242][ C1] RSP: 002b:00007faeeaa140c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 152.363483][ C1] RAX: ffffffffffffffda RBX: 00007faeeafe2050 RCX: 00007faeeaeb3da9
[ 152.371300][ C1] RDX: 0000000000000021 RSI: 0000000000000001 RDI: 0000000000000003
[ 152.379188][ C1] RBP: 00007faeeaf0047a R08: 0000000000000004 R09: 0000000000000000
[ 152.387098][ C1] R10: 0000000020000540 R11: 0000000000000246 R12: 0000000000000000
[ 152.394914][ C1] R13: 000000000000000b R14: 00007faeeafe2050 R15: 00007ffc563f0be8
[ 198.946580][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [syz-executor.0:1124]
[ 198.955021][ C0] Modules linked in:
[ 198.958730][ C0] CPU: 0 PID: 1124 Comm: syz-executor.0 Not tainted 5.10.235-syzkaller-1007124-g7148b8d0d196 #0
[ 198.969137][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 198.979057][ C0] RIP: 0010:kvm_wait+0xfc/0x150
[ 198.983735][ C0] Code: 38 f0 75 26 41 f7 c7 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d 05 4e d5 03 f4 eb 0e 0f 1f 44 00 00 0f 00 2d f6 4d d5 03 fb f4 <4c> 89 7c 24 18 ff 74 24 18 9d 48 c7 44 24 20 0e 36 e0 45 49 c7 04
[ 199.003857][ C0] RSP: 0018:ffffc900026f7680 EFLAGS: 00000246
[ 199.009843][ C0] RAX: 0000000000000003 RBX: 1ffff920004deed4 RCX: ffffffff8150d014
[ 199.017742][ C0] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffc900026f76c0
[ 199.025554][ C0] RBP: ffffc900026f7730 R08: dffffc0000000000 R09: ffffed10239835b2
[ 199.033377][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 199.041222][ C0] R13: ffff88811cc1ad88 R14: 0000000000000003 R15: 0000000000000246
[ 199.049040][ C0] FS: 00007faeeaa356c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 199.057852][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 199.064266][ C0] CR2: 0000000020000000 CR3: 000000010f1da000 CR4: 00000000003506b0
[ 199.072082][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 199.079986][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 199.087795][ C0] Call Trace:
[ 199.090910][ C0]
[ 199.093619][ C0] ? show_regs+0x58/0x60
[ 199.097690][ C0] ? watchdog_timer_fn+0x471/0x590
[ 199.102639][ C0] ? proc_watchdog_cpumask+0xd0/0xd0
[ 199.107750][ C0] ? __hrtimer_run_queues+0x3d7/0xa50
[ 199.113057][ C0] ? hrtimer_interrupt+0x8b0/0x8b0
[ 199.117996][ C0] ? clockevents_program_event+0x214/0x2c0
[ 199.123637][ C0] ? ktime_get_update_offsets_now+0x266/0x280
[ 199.129539][ C0] ? hrtimer_interrupt+0x39a/0x8b0
[ 199.134490][ C0] ? __sysvec_apic_timer_interrupt+0xfb/0x3f0
[ 199.140420][ C0] ? asm_call_irq_on_stack+0xf/0x20
[ 199.145416][ C0]
[ 199.148205][ C0] ? sysvec_apic_timer_interrupt+0x85/0xe0
[ 199.153850][ C0] ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 199.159917][ C0] ? __pv_queued_spin_lock_slowpath+0x6d4/0xc70
[ 199.166009][ C0] ? kvm_wait+0xfc/0x150
[ 199.170076][ C0] ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 199.176065][ C0] ? kvm_arch_para_hints+0x30/0x30
[ 199.181016][ C0] ? __pv_queued_spin_lock_slowpath+0x6d4/0xc70
[ 199.187118][ C0] __pv_queued_spin_lock_slowpath+0x72f/0xc70
[ 199.193000][ C0] ? __pv_queued_spin_unlock_slowpath+0x280/0x280
[ 199.199417][ C0] _raw_spin_lock_bh+0x139/0x1b0
[ 199.204198][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 199.209223][ C0] ? selinux_socket_sendmsg+0x243/0x340
[ 199.214602][ C0] lock_sock_nested+0x92/0x300
[ 199.219282][ C0] ? sock_init_data+0xc0/0xc0
[ 199.223804][ C0] ? _raw_spin_unlock_bh+0x51/0x60
[ 199.229010][ C0] tipc_sendstream+0x47/0x70
[ 199.233432][ C0] ? tipc_getsockopt+0x790/0x790
[ 199.238213][ C0] ____sys_sendmsg+0x59e/0x8f0
[ 199.242808][ C0] ? __sys_sendmsg_sock+0x40/0x40
[ 199.247839][ C0] ? import_iovec+0xe5/0x120
[ 199.252266][ C0] ___sys_sendmsg+0x252/0x2e0
[ 199.256792][ C0] ? __sys_sendmsg+0x280/0x280
[ 199.261382][ C0] ? alloc_file_pseudo+0x280/0x2f0
[ 199.266330][ C0] ? __fdget+0x1bc/0x240
[ 199.270500][ C0] __se_sys_sendmsg+0x1b1/0x280
[ 199.275179][ C0] ? __x64_sys_sendmsg+0x90/0x90
[ 199.279962][ C0] ? debug_smp_processor_id+0x17/0x20
[ 199.285243][ C0] __x64_sys_sendmsg+0x7b/0x90
[ 199.289844][ C0] do_syscall_64+0x34/0x70
[ 199.294096][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 199.300269][ C0] RIP: 0033:0x7faeeaeb3da9
[ 199.304603][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 199.324079][ C0] RSP: 002b:00007faeeaa350c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 199.332400][ C0] RAX: ffffffffffffffda RBX: 00007faeeafe1f80 RCX: 00007faeeaeb3da9
[ 199.340229][ C0] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000004
[ 199.347998][ C0] RBP: 00007faeeaf0047a R08: 0000000000000000 R09: 0000000000000000
[ 199.355893][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 199.363706][ C0] R13: 000000000000000b R14: 00007faeeafe1f80 R15: 00007ffc563f0be8
[ 199.371525][ C0] Sending NMI from CPU 0 to CPUs 1:
[ 199.377541][ C1] NMI backtrace for cpu 1
[ 199.377557][ C1] CPU: 1 PID: 1125 Comm: syz-executor.0 Not tainted 5.10.235-syzkaller-1007124-g7148b8d0d196 #0
[ 199.377562][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 199.377566][ C1] RIP: 0010:__kasan_check_write+0x14/0x20
[ 199.377576][ C1] Code: 31 d2 e8 ef ed ff ff 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 48 89 e5 89 f6 48 8b 4d 08 ba 01 00 00 00 e8 cc ed ff ff <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 53 49
[ 199.377579][ C1] RSP: 0018:ffffc900029266b0 EFLAGS: 00000256
[ 199.377587][ C1] RAX: 0000000000000001 RBX: 1ffff92000524cd8 RCX: ffffffff84b3c6e7
[ 199.377592][ C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90002926bf4
[ 199.377596][ C1] RBP: ffffc900029266b0 R08: dffffc0000000000 R09: fffff52000524d7f
[ 199.377601][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[ 199.377605][ C1] R13: ffffc90002926bf4 R14: 1ffff92000524cdc R15: ffffc900029266e0
[ 199.377609][ C1] FS: 00007faeeaa146c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 199.377613][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 199.377617][ C1] CR2: 00007faeeaa14d58 CR3: 000000010f1da000 CR4: 00000000003506a0
[ 199.377621][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 199.377625][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 199.377628][ C1] Call Trace:
[ 199.377630][ C1]
[ 199.377632][ C1] ? show_regs+0x58/0x60
[ 199.377635][ C1] ? nmi_cpu_backtrace+0x133/0x160
[ 199.377638][ C1] ? __kasan_check_write+0x14/0x20
[ 199.377641][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20
[ 199.377644][ C1] ? nmi_handle+0xa8/0x280
[ 199.377647][ C1] ? __kasan_check_write+0x14/0x20
[ 199.377650][ C1] ? default_do_nmi+0x69/0x160
[ 199.377652][ C1] ? exc_nmi+0xad/0x100
[ 199.377655][ C1] ? end_repeat_nmi+0x16/0x31
[ 199.377658][ C1] ? _raw_spin_lock_bh+0x97/0x1b0
[ 199.377661][ C1] ? __kasan_check_write+0x14/0x20
[ 199.377664][ C1] ? __kasan_check_write+0x14/0x20
[ 199.377667][ C1] ? __kasan_check_write+0x14/0x20
[ 199.377669][ C1]
[ 199.377671][ C1] _raw_spin_lock_bh+0x97/0x1b0
[ 199.377674][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0
[ 199.377677][ C1] ? tipc_sk_rcv+0x305/0x1e30
[ 199.377680][ C1] tipc_sk_rcv+0x2d6/0x1e30
[ 199.377683][ C1] ? _raw_spin_unlock_irqrestore+0x5b/0x80
[ 199.377686][ C1] ? __stack_depot_save+0x468/0x4d0
[ 199.377689][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 199.377692][ C1] ? kasan_set_free_info+0x23/0x40
[ 199.377695][ C1] ? ____kasan_slab_free+0x121/0x160
[ 199.377698][ C1] ? __kasan_slab_free+0x11/0x20
[ 199.377701][ C1] ? slab_free_freelist_hook+0xc0/0x190
[ 199.377704][ C1] ? kfree_skbmem+0x104/0x170
[ 199.377706][ C1] ? kfree_skb+0xc1/0x320
[ 199.377709][ C1] ? tipc_sk_proto_rcv+0xaa9/0x1db0
[ 199.377712][ C1] ? tipc_sk_filter_rcv+0x3603/0x3e00
[ 199.377715][ C1] ? __skb_queue_purge+0x180/0x180
[ 199.377718][ C1] tipc_node_xmit+0x34b/0xe30
[ 199.377721][ C1] ? ____kasan_slab_free+0x12c/0x160
[ 199.377724][ C1] ? tipc_node_get_linkname+0x190/0x190
[ 199.377727][ C1] ? __kasan_slab_free+0x11/0x20
[ 199.377730][ C1] ? slab_free_freelist_hook+0xc0/0x190
[ 199.377733][ C1] tipc_node_distr_xmit+0x36a/0x4d0
[ 199.377736][ C1] ? tipc_node_xmit_skb+0x1b0/0x1b0
[ 199.377739][ C1] ? trace_tipc_sk_rej_msg+0x2b/0x6f0
[ 199.377741][ C1] tipc_sk_rcv+0x177d/0x1e30
[ 199.377744][ C1] ? __skb_queue_purge+0x180/0x180
[ 199.377747][ C1] tipc_node_xmit+0x34b/0xe30
[ 199.377750][ C1] ? tipc_node_get_linkname+0x190/0x190
[ 199.377753][ C1] tipc_sk_push_backlog+0x4da/0x7b0
[ 199.377756][ C1] tipc_sk_proto_rcv+0xaa9/0x1db0
[ 199.377759][ C1] ? trace_tipc_sk_dump+0x6e0/0x6e0
[ 199.377762][ C1] ? stack_trace_save+0x113/0x1c0
[ 199.377765][ C1] tipc_sk_filter_rcv+0x3603/0x3e00
[ 199.377767][ C1] ? kfree+0xc3/0x270
[ 199.377770][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 199.377773][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 199.377776][ C1] ? kasan_set_track+0x5d/0x70
[ 199.377779][ C1] ? kasan_set_free_info+0x23/0x40
[ 199.377782][ C1] ? ____kasan_slab_free+0x121/0x160
[ 199.377785][ C1] ? __kasan_slab_free+0x11/0x20
[ 199.377787][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 199.377790][ C1] ? kfree_skbmem+0x104/0x170
[ 199.377793][ C1] ? kfree_skb+0xc1/0x320
[ 199.377796][ C1] ? tipc_sk_filter_rcv+0xfbf/0x3e00
[ 199.377799][ C1] ? tipc_sk_backlog_rcv+0x122/0x210
[ 199.377802][ C1] ? __release_sock+0x148/0x410
[ 199.377805][ C1] ? sock_setsockopt+0x1e3b/0x2e00
[ 199.377808][ C1] ? __sys_setsockopt+0x441/0x870
[ 199.377811][ C1] ? __x64_sys_setsockopt+0xbf/0xd0
[ 199.377814][ C1] ? do_syscall_64+0x34/0x70
[ 199.377816][ C1] ? tipc_sk_dump+0xf50/0xf50
[ 199.377819][ C1] ? __kasan_check_write+0x14/0x20
[ 199.377822][ C1] ? _raw_spin_lock_bh+0xa4/0x1b0
[ 199.377825][ C1] ? kmem_cache_free+0xa9/0x1e0
[ 199.377828][ C1] tipc_sk_rcv+0x8a1/0x1e30
[ 199.377831][ C1] ? __skb_queue_purge+0x180/0x180
[ 199.377834][ C1] ? tipc_sk_filter_rcv+0x3583/0x3e00
[ 199.377836][ C1] tipc_node_xmit+0x34b/0xe30
[ 199.377840][ C1] ? tipc_node_get_linkname+0x190/0x190
[ 199.377843][ C1] tipc_node_distr_xmit+0x36a/0x4d0
[ 199.377846][ C1] ? tipc_node_xmit_skb+0x1b0/0x1b0
[ 199.377849][ C1] tipc_sk_backlog_rcv+0x18b/0x210
[ 199.377852][ C1] ? tipc_sk_timeout+0xab0/0xab0
[ 199.377855][ C1] ? __local_bh_enable_ip+0x53/0x80
[ 199.377858][ C1] ? lock_sock_nested+0x26a/0x300
[ 199.377861][ C1] __release_sock+0x148/0x410
[ 199.377863][ C1] sock_setsockopt+0x1e3b/0x2e00
[ 199.377866][ C1] ? __sock_set_mark+0x160/0x160
[ 199.377870][ C1] ? selinux_socket_getsockopt+0x340/0x340
[ 199.377873][ C1] ? security_socket_setsockopt+0x82/0xb0
[ 199.377875][ C1] __sys_setsockopt+0x441/0x870
[ 199.377878][ C1] ? __ia32_sys_recv+0xb0/0xb0
[ 199.377881][ C1] ? __kasan_check_write+0x14/0x20
[ 199.377884][ C1] ? switch_fpu_return+0x1e4/0x3c0
[ 199.377887][ C1] __x64_sys_setsockopt+0xbf/0xd0
[ 199.377890][ C1] do_syscall_64+0x34/0x70
[ 199.377893][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 199.377895][ C1] RIP: 0033:0x7faeeaeb3da9
[ 199.377905][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 199.377908][ C1] RSP: 002b:00007faeeaa140c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 199.377917][ C1] RAX: ffffffffffffffda RBX: 00007faeeafe2050 RCX: 00007faeeaeb3da9
[ 199.377921][ C1] RDX: 0000000000000021 RSI: 0000000000000001 RDI: 0000000000000003
[ 199.377925][ C1] RBP: 00007faeeaf0047a R08: 0000000000000004 R09: 0000000000000000
[ 199.377929][ C1] R10: 0000000020000540 R11: 0000000000000246 R12: 0000000000000000
[ 199.377934][ C1] R13: 000000000000000b R14: 00007faeeafe2050 R15: 00007ffc563f0be8