Warning: Permanently added '10.128.1.144' (ED25519) to the list of known hosts. 2025/08/12 11:06:22 ignoring optional flag "sandboxArg"="0" 2025/08/12 11:06:22 ignoring optional flag "type"="gce" 2025/08/12 11:06:22 parsed 1 programs [ 48.918477][ T24] kauditd_printk_skb: 18 callbacks suppressed [ 48.918487][ T24] audit: type=1400 audit(1754996782.820:92): avc: denied { unlink } for pid=319 comm="syz-executor" name="swap-file" dev="sda1" ino=2027 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" 2025/08/12 11:06:22 executed programs: 0 [ 48.961491][ T319] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 49.003143][ T324] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.010442][ T324] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.017836][ T324] device bridge_slave_0 entered promiscuous mode [ 49.024575][ T324] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.031577][ T324] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.038978][ T324] device bridge_slave_1 entered promiscuous mode [ 49.066375][ T324] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.073418][ T324] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.080624][ T324] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.087647][ T324] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.102339][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.109525][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.117096][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 49.125120][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 49.134060][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 49.142323][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.149419][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.157774][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 49.166179][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.173309][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.183949][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 49.193222][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 49.205603][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 49.215876][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.224089][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 49.231438][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 49.239629][ T324] device veth0_vlan entered promiscuous mode [ 49.248682][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.257569][ T324] device veth1_macvtap entered promiscuous mode [ 49.265886][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.275842][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.293460][ T24] audit: type=1400 audit(1754996783.200:93): avc: denied { create } for pid=328 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 49.313506][ T24] audit: type=1400 audit(1754996783.200:94): avc: denied { setopt } for pid=328 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 49.333866][ T24] audit: type=1400 audit(1754996783.220:95): avc: denied { write } for pid=328 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 149.661837][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 149.668480][ C0] rcu: 0-...!: (1 GPs behind) idle=466/1/0x4000000000000000 softirq=1725/1740 fqs=41 last_accelerate: 9de7/c4f9 dyntick_enabled: 1 [ 149.682081][ C0] (t=10000 jiffies g=713 q=160) [ 149.686991][ C0] rcu: rcu_preempt kthread starved for 9918 jiffies! g713 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 149.698052][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 149.708087][ C0] rcu: RCU grace-period kthread stack dump: [ 149.714207][ C0] task:rcu_preempt state:I stack: 0 pid: 13 ppid: 2 flags:0x00004000 [ 149.723667][ C0] Call Trace: [ 149.726960][ C0] __schedule+0xb47/0x1310 [ 149.731345][ C0] ? release_firmware_map_entry+0x190/0x190 [ 149.737209][ C0] ? __mod_timer+0x7ae/0xb30 [ 149.741763][ C0] schedule+0x13c/0x1d0 [ 149.745890][ C0] schedule_timeout+0x12c/0x2d0 [ 149.750707][ C0] ? console_conditional_schedule+0x10/0x10 [ 149.756566][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 149.761995][ C0] ? run_local_timers+0x160/0x160 [ 149.767083][ C0] ? prepare_to_swait_event+0x320/0x340 [ 149.772597][ C0] rcu_gp_kthread+0x100a/0x26a0 [ 149.777415][ C0] ? dyntick_save_progress_counter+0x1b0/0x1b0 [ 149.783551][ C0] ? rcu_barrier_callback+0x50/0x50 [ 149.788758][ C0] ? __kasan_check_read+0x11/0x20 [ 149.793748][ C0] ? __kthread_parkme+0xb9/0x1c0 [ 149.798649][ C0] kthread+0x346/0x3d0 [ 149.802683][ C0] ? rcu_barrier_callback+0x50/0x50 [ 149.807844][ C0] ? kthread_blkcg+0xd0/0xd0 [ 149.812404][ C0] ret_from_fork+0x1f/0x30 [ 149.816828][ C0] NMI backtrace for cpu 0 [ 149.821130][ C0] CPU: 0 PID: 502 Comm: syz-executor.0 Not tainted 5.10.240-syzkaller-1008085-g1154f779f3f3 #0 [ 149.831413][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 149.841448][ C0] Call Trace: [ 149.844708][ C0] [ 149.847545][ C0] __dump_stack+0x21/0x24 [ 149.851849][ C0] dump_stack_lvl+0x169/0x1d8 [ 149.856537][ C0] ? show_regs_print_info+0x18/0x18 [ 149.861703][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 149.867142][ C0] ? _raw_spin_lock+0xe0/0xe0 [ 149.871794][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 149.877918][ C0] dump_stack+0x15/0x1c [ 149.882061][ C0] nmi_trigger_cpumask_backtrace+0x27f/0x2c0 [ 149.888012][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 149.893876][ C0] rcu_dump_cpu_stacks+0x19c/0x2c0 [ 149.898969][ C0] rcu_sched_clock_irq+0xf79/0x1870 [ 149.904149][ C0] ? rcutree_dead_cpu+0x2f0/0x2f0 [ 149.909143][ C0] ? hrtimer_run_queues+0x166/0x430 [ 149.914308][ C0] update_process_times+0x198/0x200 [ 149.919484][ C0] tick_sched_timer+0x17c/0x240 [ 149.924300][ C0] ? tick_setup_sched_timer+0x450/0x450 [ 149.929809][ C0] __hrtimer_run_queues+0x37a/0x960 [ 149.934991][ C0] ? hrtimer_interrupt+0xdc0/0xdc0 [ 149.940067][ C0] ? ktime_get_update_offsets_now+0x293/0x2b0 [ 149.946110][ C0] hrtimer_interrupt+0x3a6/0xdc0 [ 149.951114][ C0] __sysvec_apic_timer_interrupt+0xfa/0x3f0 [ 149.957245][ C0] asm_call_irq_on_stack+0xf/0x20 [ 149.962234][ C0] [ 149.965172][ C0] sysvec_apic_timer_interrupt+0x85/0xe0 [ 149.970771][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 149.976738][ C0] RIP: 0010:preempt_count_add+0x6a/0x1b0 [ 149.982358][ C0] Code: be 7e 48 c7 c0 c0 b8 c7 86 48 c1 e8 03 42 0f b6 04 38 84 c0 0f 85 fc 00 00 00 83 3d 0f a9 83 05 00 75 11 65 8b 05 d2 5d be 7e <0f> b6 c0 3d f5 00 00 00 73 6e 65 8b 05 c1 5d be 7e 25 ff ff ff 7f [ 150.002036][ C0] RSP: 0018:ffffc90000f36778 EFLAGS: 00000246 [ 150.008083][ C0] RAX: 0000000000000402 RBX: ffffc90000f36cb4 RCX: ffffffff86c7b803 [ 150.016028][ C0] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000201 [ 150.023974][ C0] RBP: ffffc90000f36790 R08: dffffc0000000000 R09: ffffed1021eca651 [ 150.031920][ C0] R10: ffffed1021eca651 R11: 1ffff11021eca650 R12: dffffc0000000000 [ 150.039910][ C0] R13: ffffc90000f36cb0 R14: ffffc90000f367c0 R15: dffffc0000000000 [ 150.047860][ C0] _raw_spin_lock_bh+0x6c/0xe0 [ 150.052679][ C0] ? _raw_spin_lock_irq+0xe0/0xe0 [ 150.057700][ C0] ? preempt_count_sub+0x18/0x170 [ 150.062703][ C0] tipc_sk_rcv+0x221/0x1ef0 [ 150.067258][ C0] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 150.073033][ C0] ? __stack_depot_save+0x479/0x4c0 [ 150.078366][ C0] ? kasan_set_track+0x5b/0x70 [ 150.083112][ C0] ? kasan_set_track+0x4a/0x70 [ 150.087865][ C0] ? ____kasan_slab_free+0x125/0x160 [ 150.093124][ C0] ? __kasan_slab_free+0x11/0x20 [ 150.098138][ C0] ? kmem_cache_free+0x100/0x2d0 [ 150.103051][ C0] ? kfree_skbmem+0x10c/0x180 [ 150.107699][ C0] ? kfree_skb+0xc1/0x2f0 [ 150.112006][ C0] ? tipc_sk_backlog_rcv+0x16f/0x1f0 [ 150.117261][ C0] ? __release_sock+0x146/0x360 [ 150.122085][ C0] ? __sys_setsockopt+0x265/0x460 [ 150.127080][ C0] ? __skb_queue_purge+0x170/0x170 [ 150.132164][ C0] tipc_node_xmit+0x256/0xcd0 [ 150.136814][ C0] ? debug_smp_processor_id+0x17/0x20 [ 150.142162][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 150.147691][ C0] ? ____kasan_slab_free+0x130/0x160 [ 150.152950][ C0] ? __kasan_slab_free+0x11/0x20 [ 150.157882][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 150.163398][ C0] ? kfree_skbmem+0x10c/0x180 [ 150.168045][ C0] tipc_node_distr_xmit+0x292/0x390 [ 150.173210][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 150.178373][ C0] ? trace_tipc_sk_rej_msg+0x2c/0x6d0 [ 150.183739][ C0] tipc_sk_rcv+0x19b9/0x1ef0 [ 150.188295][ C0] ? __skb_queue_purge+0x170/0x170 [ 150.193374][ C0] tipc_node_xmit+0x256/0xcd0 [ 150.198026][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 150.203539][ C0] tipc_sk_push_backlog+0x4dd/0x790 [ 150.208718][ C0] tipc_sk_proto_rcv+0x98d/0x1ac0 [ 150.213712][ C0] ? trace_tipc_sk_dump+0x6c0/0x6c0 [ 150.218898][ C0] ? __kasan_check_write+0x14/0x20 [ 150.223976][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 150.229399][ C0] ? _raw_spin_lock+0xe0/0xe0 [ 150.234046][ C0] tipc_sk_filter_rcv+0x30ac/0x3850 [ 150.239227][ C0] ? __stack_depot_save+0x479/0x4c0 [ 150.244390][ C0] ? kasan_set_track+0x5b/0x70 [ 150.249117][ C0] ? kasan_set_track+0x4a/0x70 [ 150.253849][ C0] ? kasan_set_free_info+0x23/0x40 [ 150.258923][ C0] ? ____kasan_slab_free+0x125/0x160 [ 150.264192][ C0] ? __kasan_slab_free+0x11/0x20 [ 150.269094][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 150.274604][ C0] ? kmem_cache_free+0x100/0x2d0 [ 150.279508][ C0] ? kfree_skb+0xc1/0x2f0 [ 150.283803][ C0] ? tipc_msg_reverse+0x698/0x900 [ 150.288795][ C0] ? tipc_sk_filter_rcv+0xca0/0x3850 [ 150.294056][ C0] ? tipc_sk_backlog_rcv+0x109/0x1f0 [ 150.299315][ C0] ? __release_sock+0x146/0x360 [ 150.304222][ C0] ? __sys_setsockopt+0x265/0x460 [ 150.309213][ C0] ? __x64_sys_setsockopt+0xbf/0xd0 [ 150.314375][ C0] ? do_syscall_64+0x31/0x40 [ 150.319045][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 150.325083][ C0] ? tipc_sk_dump+0xfc0/0xfc0 [ 150.329752][ C0] ? __kasan_check_write+0x14/0x20 [ 150.334842][ C0] ? _raw_spin_lock_bh+0x8e/0xe0 [ 150.339744][ C0] tipc_sk_rcv+0x7cc/0x1ef0 [ 150.344221][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 150.349732][ C0] ? kmem_cache_free+0x100/0x2d0 [ 150.354634][ C0] ? __skb_queue_purge+0x170/0x170 [ 150.359712][ C0] ? tipc_sk_filter_rcv+0x3034/0x3850 [ 150.365062][ C0] ? __kasan_check_write+0x14/0x20 [ 150.370145][ C0] tipc_node_xmit+0x256/0xcd0 [ 150.374789][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 150.380301][ C0] tipc_node_distr_xmit+0x292/0x390 [ 150.385462][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 150.390628][ C0] ? futex_wait+0x526/0x680 [ 150.395187][ C0] ? selinux_capable+0x29c/0x380 [ 150.400136][ C0] tipc_sk_backlog_rcv+0x16f/0x1f0 [ 150.405229][ C0] ? tipc_sk_timeout+0x970/0x970 [ 150.410143][ C0] ? __local_bh_enable_ip+0x53/0x80 [ 150.415311][ C0] ? lock_sock_nested+0x1f5/0x290 [ 150.420392][ C0] __release_sock+0x146/0x360 [ 150.425125][ C0] sock_setsockopt+0x125e/0x2350 [ 150.430026][ C0] ? __sock_set_mark+0x160/0x160 [ 150.434928][ C0] ? selinux_socket_setsockopt+0x21c/0x300 [ 150.440700][ C0] ? selinux_socket_getsockopt+0x2e0/0x2e0 [ 150.446473][ C0] ? __fget_files+0x2c4/0x320 [ 150.451117][ C0] ? security_socket_setsockopt+0x82/0xa0 [ 150.456802][ C0] __sys_setsockopt+0x265/0x460 [ 150.461630][ C0] ? preempt_count_add+0x90/0x1b0 [ 150.466618][ C0] ? __ia32_sys_recv+0xb0/0xb0 [ 150.471347][ C0] ? __kasan_check_write+0x14/0x20 [ 150.476426][ C0] ? switch_fpu_return+0x197/0x340 [ 150.481504][ C0] ? fpu__clear_all+0x20/0x20 [ 150.486147][ C0] __x64_sys_setsockopt+0xbf/0xd0 [ 150.491149][ C0] do_syscall_64+0x31/0x40 [ 150.495531][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 150.501387][ C0] RIP: 0033:0x7f3c7d0abca9 [ 150.505778][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 150.525525][ C0] RSP: 002b:00007f3c7cc2d0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 150.533906][ C0] RAX: ffffffffffffffda RBX: 00007f3c7d1d9f80 RCX: 00007f3c7d0abca9 [ 150.541856][ C0] RDX: 0000000000000021 RSI: 0000000000000001 RDI: 0000000000000003 [ 150.549891][ C0] RBP: 00007f3c7d0f747e R08: 0000000000000004 R09: 0000000000000000 [ 150.557833][ C0] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000 [ 150.565779][ C0] R13: 000000000000000b R14: 00007f3c7d1d9f80 R15: 00007ffc3de52d18 [ 198.922483][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 123s! [syz-executor.0:501] [ 198.931008][ C1] Modules linked in: [ 198.934892][ C1] CPU: 1 PID: 501 Comm: syz-executor.0 Not tainted 5.10.240-syzkaller-1008085-g1154f779f3f3 #0 [ 198.945447][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 198.955498][ C1] RIP: 0010:__pv_queued_spin_lock_slowpath+0x584/0xb70 [ 198.962336][ C1] Code: 00 00 41 c6 06 00 48 8b 44 24 10 42 0f b6 04 38 84 c0 0f 85 c4 01 00 00 48 8b 44 24 08 c6 00 01 41 be 00 80 ff ff eb 07 f3 90 <41> ff c6 74 4b 43 0f b6 44 3d 00 84 c0 75 2e 80 3b 00 75 ea 48 89 [ 198.982360][ C1] RSP: 0018:ffffc9000132fa80 EFLAGS: 00000206 [ 198.988407][ C1] RAX: 0000000000000000 RBX: ffff88810f653288 RCX: ffffffff814b22ca [ 198.996707][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff88810f653288 [ 199.004677][ C1] RBP: ffffc9000132fb70 R08: dffffc0000000000 R09: ffffed1021eca652 [ 199.012637][ C1] R10: ffffed1021eca652 R11: 1ffff11021eca651 R12: ffff8881f73d30c0 [ 199.020604][ C1] R13: 1ffff11021eca651 R14: 00000000fffffe1f R15: dffffc0000000000 [ 199.028581][ C1] FS: 0000555588fa0480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 199.037496][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.044147][ C1] CR2: 000000c0005b3000 CR3: 0000000110920000 CR4: 00000000003506a0 [ 199.052106][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 199.060060][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 199.068097][ C1] Call Trace: [ 199.071400][ C1] ? arch_stack_walk+0xee/0x140 [ 199.076236][ C1] ? __pv_queued_spin_unlock_slowpath+0x280/0x280 [ 199.082645][ C1] ? stack_trace_save+0x98/0xe0 [ 199.087477][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 199.092568][ C1] queued_spin_lock_slowpath+0x47/0x50 [ 199.098006][ C1] _raw_spin_lock_bh+0xd8/0xe0 [ 199.102761][ C1] ? _raw_spin_lock_irq+0xe0/0xe0 [ 199.107771][ C1] ? kasan_save_stack+0x49/0x60 [ 199.112605][ C1] ? __kasan_record_aux_stack+0xd2/0x100 [ 199.118215][ C1] ? task_work_add+0x27/0x1e0 [ 199.122882][ C1] ? filp_close+0x105/0x150 [ 199.127451][ C1] ? __close_fd+0x35/0x50 [ 199.131764][ C1] ? __x64_sys_close+0x66/0xb0 [ 199.136520][ C1] ? do_syscall_64+0x31/0x40 [ 199.141089][ C1] lock_sock_nested+0x92/0x290 [ 199.145833][ C1] ? locks_remove_posix+0x530/0x530 [ 199.151014][ C1] ? sock_init_data+0xc0/0xc0 [ 199.155672][ C1] ? fsnotify+0x1967/0x1a80 [ 199.160170][ C1] tipc_release+0x56/0x1490 [ 199.164657][ C1] ? down_read_killable+0xe0/0xe0 [ 199.169837][ C1] sock_close+0xe0/0x270 [ 199.174063][ C1] ? sock_mmap+0xa0/0xa0 [ 199.178430][ C1] __fput+0x2fb/0x770 [ 199.182406][ C1] ____fput+0x15/0x20 [ 199.186390][ C1] task_work_run+0x127/0x190 [ 199.190966][ C1] exit_to_user_mode_loop+0xcb/0xe0 [ 199.196166][ C1] syscall_exit_to_user_mode+0x68/0x90 [ 199.201623][ C1] do_syscall_64+0x3d/0x40 [ 199.206041][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 199.211919][ C1] RIP: 0033:0x7f3c7d0aab9a [ 199.216327][ C1] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 03 7f 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 63 7f 02 00 8b 44 24 [ 199.236007][ C1] RSP: 002b:00007ffc3de52de0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 199.244429][ C1] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007f3c7d0aab9a [ 199.252391][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 199.260351][ C1] RBP: 00007f3c7d1db980 R08: 0000001b2ff60000 R09: 001b5fff4163db0d [ 199.268310][ C1] R10: 0000001ac8ce8bf3 R11: 0000000000000293 R12: 000000000000c51f [ 199.276264][ C1] R13: 00007f3c7d1da05c R14: 00007f3c7d1da050 R15: 0000000000000032 [ 199.284226][ C1] Sending NMI from CPU 1 to CPUs 0: [ 199.290382][ C0] NMI backtrace for cpu 0 [ 199.290392][ C0] CPU: 0 PID: 502 Comm: syz-executor.0 Not tainted 5.10.240-syzkaller-1008085-g1154f779f3f3 #0 [ 199.290397][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 199.290400][ C0] RIP: 0010:kasan_check_range+0x63/0x290 [ 199.290409][ C0] Code: 00 00 fc ff df 49 89 fb 49 c1 eb 03 49 b8 00 00 00 00 00 fc ff df 4f 8d 0c 03 48 8d 5c 37 ff 48 c1 eb 03 4e 8d 14 3b 4d 89 d6 <4d> 29 ce 49 83 fe 10 7f 26 4d 85 f6 0f 84 39 01 00 00 48 f7 d3 4c [ 199.290413][ C0] RSP: 0018:ffffc90000f36768 EFLAGS: 00000a02 [ 199.290420][ C0] RAX: 0000000000000401 RBX: 1ffff11021eca651 RCX: ffffffff8477a65b [ 199.290424][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88810f653288 [ 199.290428][ C0] RBP: ffffc90000f36780 R08: dffffc0000000000 R09: ffffed1021eca651 [ 199.290432][ C0] R10: ffffed1021eca652 R11: 1ffff11021eca651 R12: dffffc0000000000 [ 199.290437][ C0] R13: 1ffff920001e6cf4 R14: ffffed1021eca652 R15: dffffc0000000001 [ 199.290441][ C0] FS: 00007f3c7cc2d6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 199.290445][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.290449][ C0] CR2: 0000000020000000 CR3: 0000000110920000 CR4: 00000000003506b0 [ 199.290453][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 199.290457][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 199.290460][ C0] Call Trace: [ 199.290463][ C0] ? tipc_sk_rcv+0x41a/0x1ef0 [ 199.290466][ C0] __kasan_check_read+0x11/0x20 [ 199.290468][ C0] _raw_spin_trylock_bh+0x7b/0x130 [ 199.290471][ C0] ? _raw_spin_trylock+0x140/0x140 [ 199.290474][ C0] tipc_sk_rcv+0x41a/0x1ef0 [ 199.290477][ C0] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 199.290481][ C0] ? __stack_depot_save+0x479/0x4c0 [ 199.290484][ C0] ? kasan_set_track+0x5b/0x70 [ 199.290486][ C0] ? kasan_set_track+0x4a/0x70 [ 199.290489][ C0] ? ____kasan_slab_free+0x125/0x160 [ 199.290492][ C0] ? __kasan_slab_free+0x11/0x20 [ 199.290495][ C0] ? kmem_cache_free+0x100/0x2d0 [ 199.290498][ C0] ? kfree_skbmem+0x10c/0x180 [ 199.290500][ C0] ? kfree_skb+0xc1/0x2f0 [ 199.290503][ C0] ? tipc_sk_backlog_rcv+0x16f/0x1f0 [ 199.290505][ C0] ? __release_sock+0x146/0x360 [ 199.290507][ C0] ? __sys_setsockopt+0x265/0x460 [ 199.290509][ C0] ? __skb_queue_purge+0x170/0x170 [ 199.290512][ C0] tipc_node_xmit+0x256/0xcd0 [ 199.290514][ C0] ? debug_smp_processor_id+0x17/0x20 [ 199.290516][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 199.290519][ C0] ? ____kasan_slab_free+0x130/0x160 [ 199.290521][ C0] ? __kasan_slab_free+0x11/0x20 [ 199.290523][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 199.290526][ C0] ? kfree_skbmem+0x10c/0x180 [ 199.290528][ C0] tipc_node_distr_xmit+0x292/0x390 [ 199.290531][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 199.290533][ C0] ? trace_tipc_sk_rej_msg+0x2c/0x6d0 [ 199.290535][ C0] tipc_sk_rcv+0x19b9/0x1ef0 [ 199.290538][ C0] ? __skb_queue_purge+0x170/0x170 [ 199.290540][ C0] tipc_node_xmit+0x256/0xcd0 [ 199.290542][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 199.290545][ C0] tipc_sk_push_backlog+0x4dd/0x790 [ 199.290547][ C0] tipc_sk_proto_rcv+0x98d/0x1ac0 [ 199.290549][ C0] ? trace_tipc_sk_dump+0x6c0/0x6c0 [ 199.290551][ C0] ? __kasan_check_write+0x14/0x20 [ 199.290554][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 199.290556][ C0] ? _raw_spin_lock+0xe0/0xe0 [ 199.290558][ C0] tipc_sk_filter_rcv+0x30ac/0x3850 [ 199.290561][ C0] ? __stack_depot_save+0x479/0x4c0 [ 199.290563][ C0] ? kasan_set_track+0x5b/0x70 [ 199.290565][ C0] ? kasan_set_track+0x4a/0x70 [ 199.290567][ C0] ? kasan_set_free_info+0x23/0x40 [ 199.290570][ C0] ? ____kasan_slab_free+0x125/0x160 [ 199.290572][ C0] ? __kasan_slab_free+0x11/0x20 [ 199.290574][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 199.290576][ C0] ? kmem_cache_free+0x100/0x2d0 [ 199.290579][ C0] ? kfree_skb+0xc1/0x2f0 [ 199.290581][ C0] ? tipc_msg_reverse+0x698/0x900 [ 199.290583][ C0] ? tipc_sk_filter_rcv+0xca0/0x3850 [ 199.290586][ C0] ? tipc_sk_backlog_rcv+0x109/0x1f0 [ 199.290588][ C0] ? __release_sock+0x146/0x360 [ 199.290590][ C0] ? __sys_setsockopt+0x265/0x460 [ 199.290592][ C0] ? __x64_sys_setsockopt+0xbf/0xd0 [ 199.290594][ C0] ? do_syscall_64+0x31/0x40 [ 199.290597][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 199.290599][ C0] ? tipc_sk_dump+0xfc0/0xfc0 [ 199.290601][ C0] ? __kasan_check_write+0x14/0x20 [ 199.290604][ C0] ? _raw_spin_lock_bh+0x8e/0xe0 [ 199.290606][ C0] tipc_sk_rcv+0x7cc/0x1ef0 [ 199.290608][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 199.290610][ C0] ? kmem_cache_free+0x100/0x2d0 [ 199.290613][ C0] ? __skb_queue_purge+0x170/0x170 [ 199.290615][ C0] ? tipc_sk_filter_rcv+0x3034/0x3850 [ 199.290617][ C0] ? __kasan_check_write+0x14/0x20 [ 199.290620][ C0] tipc_node_xmit+0x256/0xcd0 [ 199.290622][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 199.290624][ C0] tipc_node_distr_xmit+0x292/0x390 [ 199.290627][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 199.290629][ C0] ? futex_wait+0x526/0x680 [ 199.290631][ C0] ? selinux_capable+0x29c/0x380 [ 199.290634][ C0] tipc_sk_backlog_rcv+0x16f/0x1f0 [ 199.290636][ C0] ? tipc_sk_timeout+0x970/0x970 [ 199.290638][ C0] ? __local_bh_enable_ip+0x53/0x80 [ 199.290641][ C0] ? lock_sock_nested+0x1f5/0x290 [ 199.290643][ C0] __release_sock+0x146/0x360 [ 199.290645][ C0] sock_setsockopt+0x125e/0x2350 [ 199.290648][ C0] ? __sock_set_mark+0x160/0x160 [ 199.290650][ C0] ? selinux_socket_setsockopt+0x21c/0x300 [ 199.290653][ C0] ? selinux_socket_getsockopt+0x2e0/0x2e0 [ 199.290655][ C0] ? __fget_files+0x2c4/0x320 [ 199.290658][ C0] ? security_socket_setsockopt+0x82/0xa0 [ 199.290660][ C0] __sys_setsockopt+0x265/0x460 [ 199.290662][ C0] ? preempt_count_add+0x90/0x1b0 [ 199.290664][ C0] ? __ia32_sys_recv+0xb0/0xb0 [ 199.290667][ C0] ? __kasan_check_write+0x14/0x20 [ 199.290669][ C0] ? switch_fpu_return+0x197/0x340 [ 199.290671][ C0] ? fpu__clear_all+0x20/0x20 [ 199.290673][ C0] __x64_sys_setsockopt+0xbf/0xd0 [ 199.290675][ C0] do_syscall_64+0x31/0x40 [ 199.290678][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 199.290680][ C0] RIP: 0033:0x7f3c7d0abca9 [ 199.290688][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 199.290691][ C0] RSP: 002b:00007f3c7cc2d0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 199.290697][ C0] RAX: ffffffffffffffda RBX: 00007f3c7d1d9f80 RCX: 00007f3c7d0abca9 [ 199.290700][ C0] RDX: 0000000000000021 RSI: 0000000000000001 RDI: 0000000000000003 [ 199.290703][ C0] RBP: 00007f3c7d0f747e R08: 0000000000000004 R09: 0000000000000000 [ 199.290707][ C0] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000 [ 199.290710][ C0] R13: 000000000000000b R14: 00007f3c7d1d9f80 R15: 00007ffc3de52d18