Warning: Permanently added '10.128.1.151' (ED25519) to the list of known hosts. 2025/05/07 03:45:46 ignoring optional flag "sandboxArg"="0" 2025/05/07 03:45:47 parsed 1 programs [ 54.976208][ T24] audit: type=1400 audit(1746589548.100:128): avc: denied { unlink } for pid=398 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 55.029248][ T398] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 55.798362][ T24] audit: type=1401 audit(1746589548.920:129): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768" [ 55.817671][ T423] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.840214][ T423] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.847714][ T423] device bridge_slave_0 entered promiscuous mode [ 55.855025][ T423] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.865468][ T423] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.873345][ T423] device bridge_slave_1 entered promiscuous mode [ 56.036356][ T423] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.043561][ T423] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.050960][ T423] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.058056][ T423] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.091084][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.100542][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.115540][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 56.126845][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 56.148056][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 56.156645][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.163998][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.172811][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 56.181254][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.188653][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.203829][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 56.212354][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 56.229191][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 56.240480][ T423] device veth0_vlan entered promiscuous mode [ 56.248451][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 56.257246][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 56.264862][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 56.274842][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 56.284352][ T423] device veth1_macvtap entered promiscuous mode [ 56.294501][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready 2025/05/07 03:45:49 executed programs: 0 [ 56.304935][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.408529][ T459] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.429468][ T459] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.437208][ T459] device bridge_slave_0 entered promiscuous mode [ 56.480539][ T459] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.487704][ T459] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.495558][ T459] device bridge_slave_1 entered promiscuous mode [ 56.588128][ T465] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.595382][ T465] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.603275][ T465] device bridge_slave_0 entered promiscuous mode [ 56.622008][ T465] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.629150][ T465] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.636685][ T465] device bridge_slave_1 entered promiscuous mode [ 56.655124][ T469] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.662379][ T469] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.669779][ T469] device bridge_slave_0 entered promiscuous mode [ 56.688430][ T469] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.695761][ T469] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.703298][ T469] device bridge_slave_1 entered promiscuous mode [ 56.723144][ T466] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.730332][ T466] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.737735][ T466] device bridge_slave_0 entered promiscuous mode [ 56.766121][ T466] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.773234][ T466] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.780793][ T466] device bridge_slave_1 entered promiscuous mode [ 56.889283][ T470] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.896521][ T470] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.905089][ T470] device bridge_slave_0 entered promiscuous mode [ 56.914733][ T470] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.922354][ T470] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.930212][ T470] device bridge_slave_1 entered promiscuous mode [ 57.012345][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.019764][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.053650][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.062207][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.070924][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.078012][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.086345][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.094741][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.103404][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.110575][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.118135][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.141103][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.148672][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.156455][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.164639][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.176114][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.184493][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.192625][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.201592][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.210721][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.217777][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.225502][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.242757][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.251008][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.258994][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.267967][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.276629][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.283976][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.291878][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.300835][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.309224][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.316346][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.324386][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.333188][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.341558][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.348590][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.356575][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.383728][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.392337][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.415256][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.424268][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.432110][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.439643][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.448421][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.457490][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.464555][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.472279][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.480848][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.489037][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.496113][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.503746][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.524356][ T466] device veth0_vlan entered promiscuous mode [ 57.539158][ T459] device veth0_vlan entered promiscuous mode [ 57.548088][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.556539][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.564252][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.571977][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.579923][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.588039][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.596465][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 57.604941][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.613501][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 57.621641][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.630413][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.637877][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.646885][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.667402][ T466] device veth1_macvtap entered promiscuous mode [ 57.694499][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.703953][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.712721][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.722008][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.729499][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.737387][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.745721][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.753365][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.761828][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.769051][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.776774][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.785132][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.792220][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.799810][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 57.808578][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.817377][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.826551][ T459] device veth1_macvtap entered promiscuous mode [ 57.833866][ T465] device veth0_vlan entered promiscuous mode [ 57.851256][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 57.859511][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.868465][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 57.877427][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.887112][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 57.895385][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.903604][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 57.912026][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.920641][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 57.928076][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 57.937138][ T469] device veth0_vlan entered promiscuous mode [ 57.955559][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 57.964265][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.973220][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 57.982886][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.991717][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 57.999969][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.014467][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.022698][ T297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.041339][ T465] device veth1_macvtap entered promiscuous mode [ 58.059475][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 58.068056][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.082597][ T24] audit: type=1400 audit(1746589551.210:130): avc: denied { create } for pid=483 comm="syz.1.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 58.084031][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.109278][ T24] audit: type=1400 audit(1746589551.210:131): avc: denied { create } for pid=485 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 58.111609][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.138310][ T24] audit: type=1400 audit(1746589551.210:132): avc: denied { setopt } for pid=485 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 58.139368][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.158278][ T24] audit: type=1400 audit(1746589551.210:133): avc: denied { write } for pid=485 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 58.169255][ T470] device veth0_vlan entered promiscuous mode [ 58.191277][ T24] audit: type=1400 audit(1746589551.210:134): avc: denied { read } for pid=485 comm="syz.0.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 58.193322][ T469] device veth1_macvtap entered promiscuous mode [ 58.220820][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 58.228809][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 58.237205][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 58.245608][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 58.253523][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 58.275321][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.283991][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.293073][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.301859][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.310420][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.318695][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.327485][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.336272][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.352878][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 58.361202][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 58.376795][ T470] device veth1_macvtap entered promiscuous mode [ 58.393623][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 58.402486][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 58.411510][ T289] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 58.428803][ T48] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 58.437331][ T48] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 58.651567][ T9] device bridge_slave_1 left promiscuous mode [ 58.658089][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.665894][ T9] device bridge_slave_0 left promiscuous mode [ 58.672697][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.680775][ T9] device veth1_macvtap left promiscuous mode [ 58.686880][ T9] device veth0_vlan left promiscuous mode 2025/05/07 03:45:54 executed programs: 30 2025/05/07 03:45:59 executed programs: 60 2025/05/07 03:46:04 executed programs: 90 2025/05/07 03:46:09 executed programs: 120 2025/05/07 03:46:14 executed programs: 150 2025/05/07 03:46:19 executed programs: 180 [ 190.350159][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 190.356853][ C1] rcu: 1-...!: (10001 ticks this GP) idle=dc2/1/0x4000000000000000 softirq=4744/4746 fqs=0 last_accelerate: adca/d4db dyntick_enabled: 1 [ 190.370930][ C1] (t=10000 jiffies g=3921 q=110) [ 190.375979][ C1] rcu: rcu_preempt kthread starved for 10000 jiffies! g3921 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 190.387368][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 190.397339][ C1] rcu: RCU grace-period kthread stack dump: [ 190.403227][ C1] task:rcu_preempt state:I stack: 0 pid: 13 ppid: 2 flags:0x00004000 [ 190.412449][ C1] Call Trace: [ 190.415768][ C1] __schedule+0xb47/0x1310 [ 190.420187][ C1] ? release_firmware_map_entry+0x190/0x190 [ 190.426082][ C1] ? __mod_timer+0x7ae/0xb30 [ 190.430676][ C1] schedule+0x13c/0x1d0 [ 190.434832][ C1] schedule_timeout+0x12c/0x2d0 [ 190.439677][ C1] ? console_conditional_schedule+0x10/0x10 [ 190.445652][ C1] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 190.451104][ C1] ? run_local_timers+0x160/0x160 [ 190.456588][ C1] ? prepare_to_swait_event+0x320/0x340 [ 190.462186][ C1] rcu_gp_kthread+0x100a/0x26a0 [ 190.467045][ C1] ? rcu_barrier_callback+0x50/0x50 [ 190.472330][ C1] ? __kasan_check_read+0x11/0x20 [ 190.477520][ C1] ? __kthread_parkme+0xb9/0x1c0 [ 190.482449][ C1] kthread+0x346/0x3d0 [ 190.486509][ C1] ? rcu_barrier_callback+0x50/0x50 [ 190.491723][ C1] ? kthread_blkcg+0xd0/0xd0 [ 190.496313][ C1] ret_from_fork+0x1f/0x30 [ 190.500767][ C1] Sending NMI from CPU 1 to CPUs 0: [ 190.506998][ C0] NMI backtrace for cpu 0 [ 190.507010][ C0] CPU: 0 PID: 1064 Comm: syz.4.209 Not tainted 5.10.236-syzkaller-1007372-gab07aeb2c93d #0 [ 190.507017][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 190.507020][ C0] RIP: 0010:__kasan_check_write+0x15/0x20 [ 190.507032][ C0] Code: d2 e8 bf ed ff ff 5d c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 55 48 89 e5 89 f6 48 8b 4d 08 ba 01 00 00 00 e8 9c ed ff ff 5d 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 53 48 89 [ 190.507036][ C0] RSP: 0018:ffffc90000dd6338 EFLAGS: 00000256 [ 190.507045][ C0] RAX: 0000000000000401 RBX: ffffc90000dd6854 RCX: ffffffff847467b1 [ 190.507050][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000dd6854 [ 190.507055][ C0] RBP: ffffc90000dd63d0 R08: dffffc0000000000 R09: fffff520001bad0b [ 190.507060][ C0] R10: fffff520001bad0b R11: 1ffff920001bad0a R12: dffffc0000000000 [ 190.507065][ C0] R13: ffffc90000dd6850 R14: ffffc90000dd6360 R15: 1ffff920001bac68 [ 190.507070][ C0] FS: 00007ff2b0ff16c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 190.507075][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.507080][ C0] CR2: 00007ff2b0ff0f98 CR3: 0000000128e44000 CR4: 00000000003506b0 [ 190.507085][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 190.507090][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 190.507093][ C0] Call Trace: [ 190.507096][ C0] ? _raw_spin_lock_bh+0x81/0xe0 [ 190.507100][ C0] ? _raw_spin_lock_irq+0xe0/0xe0 [ 190.507103][ C0] tipc_sk_rcv+0x221/0x1ef0 [ 190.507107][ C0] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 190.507111][ C0] ? __stack_depot_save+0x479/0x4c0 [ 190.507114][ C0] ? kasan_set_track+0x5b/0x70 [ 190.507117][ C0] ? kasan_set_track+0x4a/0x70 [ 190.507121][ C0] ? ____kasan_slab_free+0x125/0x160 [ 190.507125][ C0] ? __kasan_slab_free+0x11/0x20 [ 190.507128][ C0] ? kmem_cache_free+0x100/0x2d0 [ 190.507131][ C0] ? kfree_skbmem+0x10c/0x180 [ 190.507135][ C0] ? kfree_skb+0xc1/0x2f0 [ 190.507138][ C0] ? tipc_sk_backlog_rcv+0x16f/0x1f0 [ 190.507142][ C0] ? __release_sock+0x146/0x360 [ 190.507145][ C0] ? tipc_wait_for_rcvmsg+0x2ca/0x5e0 [ 190.507149][ C0] ? __skb_queue_purge+0x170/0x170 [ 190.507152][ C0] ? do_syscall_64+0x31/0x40 [ 190.507156][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 190.507160][ C0] tipc_node_xmit+0x256/0xcd0 [ 190.507163][ C0] ? debug_smp_processor_id+0x17/0x20 [ 190.507167][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 190.507171][ C0] ? ____kasan_slab_free+0x130/0x160 [ 190.507174][ C0] ? __kasan_slab_free+0x11/0x20 [ 190.507178][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 190.507181][ C0] ? kfree_skbmem+0x10c/0x180 [ 190.507185][ C0] tipc_node_distr_xmit+0x292/0x390 [ 190.507188][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 190.507192][ C0] ? trace_tipc_sk_rej_msg+0x2c/0x6d0 [ 190.507195][ C0] tipc_sk_rcv+0x19b9/0x1ef0 [ 190.507199][ C0] ? __skb_queue_purge+0x170/0x170 [ 190.507202][ C0] tipc_node_xmit+0x256/0xcd0 [ 190.507206][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 190.507209][ C0] tipc_sk_push_backlog+0x4dd/0x790 [ 190.507213][ C0] tipc_sk_proto_rcv+0x98d/0x1ac0 [ 190.507216][ C0] ? trace_tipc_sk_dump+0x6c0/0x6c0 [ 190.507220][ C0] ? __kasan_check_write+0x14/0x20 [ 190.507224][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 190.507227][ C0] ? _raw_spin_lock+0xe0/0xe0 [ 190.507230][ C0] tipc_sk_filter_rcv+0x30ac/0x3850 [ 190.507234][ C0] ? __stack_depot_save+0x479/0x4c0 [ 190.507237][ C0] ? kasan_set_track+0x5b/0x70 [ 190.507241][ C0] ? kasan_set_track+0x4a/0x70 [ 190.507244][ C0] ? kasan_set_free_info+0x23/0x40 [ 190.507248][ C0] ? ____kasan_slab_free+0x125/0x160 [ 190.507251][ C0] ? __kasan_slab_free+0x11/0x20 [ 190.507255][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 190.507258][ C0] ? kmem_cache_free+0x100/0x2d0 [ 190.507261][ C0] ? kfree_skb+0xc1/0x2f0 [ 190.507265][ C0] ? tipc_msg_reverse+0x698/0x900 [ 190.507268][ C0] ? tipc_sk_filter_rcv+0xca0/0x3850 [ 190.507272][ C0] ? tipc_sk_backlog_rcv+0x109/0x1f0 [ 190.507275][ C0] ? __release_sock+0x146/0x360 [ 190.507279][ C0] ? tipc_wait_for_rcvmsg+0x2ca/0x5e0 [ 190.507282][ C0] ? tipc_recvstream+0x1f7/0xe80 [ 190.507286][ C0] ? ____sys_recvmsg+0x291/0x580 [ 190.507289][ C0] ? ___sys_recvmsg+0x1af/0x4f0 [ 190.507293][ C0] ? __x64_sys_recvmsg+0x1dd/0x2a0 [ 190.507296][ C0] ? do_syscall_64+0x31/0x40 [ 190.507300][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 190.507303][ C0] ? tipc_sk_dump+0xfc0/0xfc0 [ 190.507307][ C0] ? __kasan_check_write+0x14/0x20 [ 190.507310][ C0] ? _raw_spin_lock_bh+0x8e/0xe0 [ 190.507313][ C0] tipc_sk_rcv+0x7cc/0x1ef0 [ 190.507317][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 190.507320][ C0] ? kmem_cache_free+0x100/0x2d0 [ 190.507324][ C0] ? __skb_queue_purge+0x170/0x170 [ 190.507327][ C0] ? tipc_sk_filter_rcv+0x3034/0x3850 [ 190.507330][ C0] tipc_node_xmit+0x256/0xcd0 [ 190.507341][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 190.507344][ C0] ? kasan_set_track+0x5b/0x70 [ 190.507348][ C0] tipc_node_distr_xmit+0x292/0x390 [ 190.507351][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 190.507355][ C0] tipc_sk_backlog_rcv+0x16f/0x1f0 [ 190.507358][ C0] ? tipc_sk_timeout+0x970/0x970 [ 190.507362][ C0] ? __kasan_check_write+0x14/0x20 [ 190.507365][ C0] __release_sock+0x146/0x360 [ 190.507369][ C0] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 190.507372][ C0] release_sock+0x60/0x1b0 [ 190.507376][ C0] tipc_wait_for_rcvmsg+0x2ca/0x5e0 [ 190.507379][ C0] ? tsk_importance+0x150/0x150 [ 190.507382][ C0] ? wait_woken+0x180/0x180 [ 190.507385][ C0] ? kfree_skb+0xc1/0x2f0 [ 190.507389][ C0] ? tsk_advance_rx_queue+0x10a/0x700 [ 190.507392][ C0] tipc_recvstream+0x1f7/0xe80 [ 190.507396][ C0] ? tipc_sendstream+0x70/0x70 [ 190.507399][ C0] ____sys_recvmsg+0x291/0x580 [ 190.507402][ C0] ? __sys_recvmsg_sock+0x50/0x50 [ 190.507406][ C0] ? import_iovec+0x7c/0xb0 [ 190.507409][ C0] ___sys_recvmsg+0x1af/0x4f0 [ 190.507412][ C0] ? __sys_recvmsg+0x250/0x250 [ 190.507415][ C0] ? __fdget+0x1a1/0x230 [ 190.507419][ C0] __x64_sys_recvmsg+0x1dd/0x2a0 [ 190.507422][ C0] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 190.507426][ C0] ? ___sys_recvmsg+0x4f0/0x4f0 [ 190.507430][ C0] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 190.507433][ C0] ? irqentry_exit_to_user_mode+0x41/0x80 [ 190.507437][ C0] do_syscall_64+0x31/0x40 [ 190.507440][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 190.507444][ C0] RIP: 0033:0x7ff2b15a1169 [ 190.507454][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.507459][ C0] RSP: 002b:00007ff2b0ff1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 190.507468][ C0] RAX: ffffffffffffffda RBX: 00007ff2b17c9080 RCX: 00007ff2b15a1169 [ 190.507473][ C0] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 190.507478][ C0] RBP: 00007ff2b1623a68 R08: 0000000000000000 R09: 0000000000000000 [ 190.507483][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.507488][ C0] R13: 0000000000000001 R14: 00007ff2b17c9080 R15: 00007ffc9c519718 [ 190.507965][ C1] NMI backtrace for cpu 1 [ 191.220484][ C1] CPU: 1 PID: 1063 Comm: syz.4.209 Not tainted 5.10.236-syzkaller-1007372-gab07aeb2c93d #0 [ 191.230448][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 191.240609][ C1] Call Trace: [ 191.243900][ C1] [ 191.246764][ C1] __dump_stack+0x21/0x24 [ 191.251112][ C1] dump_stack_lvl+0x169/0x1d8 [ 191.255940][ C1] ? show_regs_print_info+0x18/0x18 [ 191.261198][ C1] ? cpumask_next+0x12/0x30 [ 191.265703][ C1] ? cpumask_next+0x25/0x30 [ 191.270294][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 191.276359][ C1] dump_stack+0x15/0x1c [ 191.280599][ C1] nmi_trigger_cpumask_backtrace+0x27f/0x2c0 [ 191.286666][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 191.292578][ C1] rcu_dump_cpu_stacks+0x19c/0x2c0 [ 191.297796][ C1] rcu_sched_clock_irq+0xf79/0x1870 [ 191.303040][ C1] ? rcutree_dead_cpu+0x2f0/0x2f0 [ 191.308067][ C1] ? hrtimer_run_queues+0x166/0x430 [ 191.313262][ C1] update_process_times+0x198/0x200 [ 191.318454][ C1] tick_sched_timer+0x17c/0x240 [ 191.323304][ C1] ? tick_setup_sched_timer+0x450/0x450 [ 191.328843][ C1] __hrtimer_run_queues+0x37a/0x960 [ 191.334037][ C1] ? hrtimer_interrupt+0xdc0/0xdc0 [ 191.339173][ C1] ? ktime_get_update_offsets_now+0x293/0x2b0 [ 191.345361][ C1] hrtimer_interrupt+0x3a6/0xdc0 [ 191.350438][ C1] __sysvec_apic_timer_interrupt+0xfa/0x3f0 [ 191.356335][ C1] asm_call_irq_on_stack+0xf/0x20 [ 191.361452][ C1] [ 191.364424][ C1] sysvec_apic_timer_interrupt+0x85/0xe0 [ 191.370163][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 191.376284][ C1] RIP: 0010:kvm_wait+0xc2/0x120 [ 191.381219][ C1] Code: 38 f0 75 26 41 f7 c4 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d 8f 9e 98 03 f4 eb 0e 0f 1f 44 00 00 0f 00 2d 80 9e 98 03 fb f4 <4c> 89 64 24 18 ff 74 24 18 9d 48 c7 44 24 20 0e 36 e0 45 4b c7 04 [ 191.401103][ C1] RSP: 0018:ffffc90000dc76e0 EFLAGS: 00000246 [ 191.407283][ C1] RAX: 0000000000000003 RBX: ffff88810df5a388 RCX: ffffffff814b0f6a [ 191.415337][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff88810df5a388 [ 191.423304][ C1] RBP: ffffc90000dc7790 R08: dffffc0000000000 R09: ffffed1021beb472 [ 191.431277][ C1] R10: ffffed1021beb472 R11: 1ffff11021beb471 R12: 0000000000000246 [ 191.439253][ C1] R13: 1ffff11021beb471 R14: dffffc0000000000 R15: 1ffff920001b8ee0 [ 191.447316][ C1] ? __pv_queued_spin_lock_slowpath+0x6ba/0xb70 [ 191.453561][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 191.459711][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 191.464907][ C1] ? __pv_queued_spin_lock_slowpath+0x6ba/0xb70 [ 191.471156][ C1] __pv_queued_spin_lock_slowpath+0x714/0xb70 [ 191.477218][ C1] ? memcpy+0x56/0x70 [ 191.481202][ C1] ? __pv_queued_spin_unlock_slowpath+0x280/0x280 [ 191.487612][ C1] ? avc_has_perm_noaudit+0x240/0x240 [ 191.492989][ C1] queued_spin_lock_slowpath+0x47/0x50 [ 191.498549][ C1] _raw_spin_lock_bh+0xd8/0xe0 [ 191.503395][ C1] ? _raw_spin_lock_irq+0xe0/0xe0 [ 191.508415][ C1] lock_sock_nested+0x92/0x290 [ 191.513291][ C1] ? sock_init_data+0xc0/0xc0 [ 191.517969][ C1] ? _raw_spin_lock_bh+0x8e/0xe0 [ 191.522999][ C1] ? _raw_spin_unlock_bh+0x51/0x60 [ 191.528226][ C1] tipc_sendstream+0x47/0x70 [ 191.532812][ C1] ? tipc_getsockopt+0x4c0/0x4c0 [ 191.537741][ C1] ____sys_sendmsg+0x5a2/0x8c0 [ 191.542585][ C1] ? __sys_sendmsg_sock+0x40/0x40 [ 191.547618][ C1] ? import_iovec+0x7c/0xb0 [ 191.552221][ C1] ___sys_sendmsg+0x1f0/0x260 [ 191.556981][ C1] ? __sys_sendmsg+0x250/0x250 [ 191.561744][ C1] ? __fdget+0x1a1/0x230 [ 191.566024][ C1] __x64_sys_sendmsg+0x1e2/0x2a0 [ 191.570956][ C1] ? ___sys_sendmsg+0x260/0x260 [ 191.575801][ C1] ? switch_fpu_return+0x197/0x340 [ 191.580913][ C1] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 191.587152][ C1] do_syscall_64+0x31/0x40 [ 191.591564][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 191.597447][ C1] RIP: 0033:0x7ff2b15a1169 [ 191.601865][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.621488][ C1] RSP: 002b:00007ff2b1012038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 191.629898][ C1] RAX: ffffffffffffffda RBX: 00007ff2b17c8fa0 RCX: 00007ff2b15a1169 [ 191.637869][ C1] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004 [ 191.645832][ C1] RBP: 00007ff2b1623a68 R08: 0000000000000000 R09: 0000000000000000 [ 191.653810][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.661774][ C1] R13: 0000000000000000 R14: 00007ff2b17c8fa0 R15: 00007ffc9c519718 [ 330.998070][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [syz.4.209:1064] [ 331.006755][ C0] Modules linked in: [ 331.010658][ C0] CPU: 0 PID: 1064 Comm: syz.4.209 Not tainted 5.10.236-syzkaller-1007372-gab07aeb2c93d #0 [ 331.021491][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 331.031966][ C0] RIP: 0010:__local_bh_enable_ip+0x53/0x80 [ 331.038088][ C0] Code: a9 00 ff ff 00 75 19 48 c7 c7 a0 9f c7 84 e8 94 ce 33 03 65 66 8b 05 5c dd c9 7e 66 85 c0 75 22 bf 01 00 00 00 e8 dd 83 08 00 <65> 8b 05 92 f3 c6 7e 85 c0 74 02 5d c3 e8 bf f0 c4 ff 5d c3 0f 0b [ 331.060377][ C0] RSP: 0018:ffffc90000dd6330 EFLAGS: 00000213 [ 331.067066][ C0] RAX: 0000000000000202 RBX: ffff88810df5a388 RCX: 0000000000000200 [ 331.075458][ C0] RDX: 0000000000000000 RSI: 0000000000000201 RDI: 00000000ffffffff [ 331.083522][ C0] RBP: ffffc90000dd6330 R08: dffffc0000000000 R09: ffffed1021beb472 [ 331.092166][ C0] R10: ffffed1021beb472 R11: 1ffff11021beb471 R12: dffffc0000000000 [ 331.100415][ C0] R13: 1ffff920001bac68 R14: ffffffff8459b45a R15: 0000000036a4fb69 [ 331.108620][ C0] FS: 00007ff2b0ff16c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 331.117902][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 331.124522][ C0] CR2: 00007ff2b0ff0f98 CR3: 0000000128e44000 CR4: 00000000003506b0 [ 331.132609][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 331.140722][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 331.148972][ C0] Call Trace: [ 331.152379][ C0] _raw_spin_trylock_bh+0xd5/0x130 [ 331.157488][ C0] ? _raw_spin_trylock+0x140/0x140 [ 331.162795][ C0] ? tipc_sk_rcv+0x3b6/0x1ef0 [ 331.167494][ C0] tipc_sk_rcv+0x41a/0x1ef0 [ 331.172019][ C0] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 331.177833][ C0] ? __stack_depot_save+0x479/0x4c0 [ 331.183042][ C0] ? kasan_set_track+0x5b/0x70 [ 331.187847][ C0] ? kasan_set_track+0x4a/0x70 [ 331.192619][ C0] ? ____kasan_slab_free+0x125/0x160 [ 331.197927][ C0] ? __kasan_slab_free+0x11/0x20 [ 331.202898][ C0] ? kmem_cache_free+0x100/0x2d0 [ 331.207922][ C0] ? kfree_skbmem+0x10c/0x180 [ 331.212628][ C0] ? kfree_skb+0xc1/0x2f0 [ 331.216939][ C0] ? tipc_sk_backlog_rcv+0x16f/0x1f0 [ 331.222226][ C0] ? __release_sock+0x146/0x360 [ 331.227198][ C0] ? tipc_wait_for_rcvmsg+0x2ca/0x5e0 [ 331.232741][ C0] ? __skb_queue_purge+0x170/0x170 [ 331.237882][ C0] ? do_syscall_64+0x31/0x40 [ 331.242459][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 331.248642][ C0] tipc_node_xmit+0x256/0xcd0 [ 331.253322][ C0] ? debug_smp_processor_id+0x17/0x20 [ 331.258802][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 331.264483][ C0] ? ____kasan_slab_free+0x130/0x160 [ 331.269825][ C0] ? __kasan_slab_free+0x11/0x20 [ 331.274838][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 331.280393][ C0] ? kfree_skbmem+0x10c/0x180 [ 331.285300][ C0] tipc_node_distr_xmit+0x292/0x390 [ 331.290848][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 331.296153][ C0] ? trace_tipc_sk_rej_msg+0x2c/0x6d0 [ 331.301698][ C0] tipc_sk_rcv+0x19b9/0x1ef0 [ 331.306379][ C0] ? __skb_queue_purge+0x170/0x170 [ 331.311723][ C0] tipc_node_xmit+0x256/0xcd0 [ 331.316421][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 331.322108][ C0] tipc_sk_push_backlog+0x4dd/0x790 [ 331.327305][ C0] tipc_sk_proto_rcv+0x98d/0x1ac0 [ 331.332332][ C0] ? trace_tipc_sk_dump+0x6c0/0x6c0 [ 331.337514][ C0] ? __kasan_check_write+0x14/0x20 [ 331.342606][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 331.348044][ C0] ? _raw_spin_lock+0xe0/0xe0 [ 331.352833][ C0] tipc_sk_filter_rcv+0x30ac/0x3850 [ 331.358144][ C0] ? __stack_depot_save+0x479/0x4c0 [ 331.363447][ C0] ? kasan_set_track+0x5b/0x70 [ 331.368197][ C0] ? kasan_set_track+0x4a/0x70 [ 331.372966][ C0] ? kasan_set_free_info+0x23/0x40 [ 331.378509][ C0] ? ____kasan_slab_free+0x125/0x160 [ 331.384066][ C0] ? __kasan_slab_free+0x11/0x20 [ 331.389415][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 331.394982][ C0] ? kmem_cache_free+0x100/0x2d0 [ 331.399908][ C0] ? kfree_skb+0xc1/0x2f0 [ 331.404383][ C0] ? tipc_msg_reverse+0x698/0x900 [ 331.409765][ C0] ? tipc_sk_filter_rcv+0xca0/0x3850 [ 331.415380][ C0] ? tipc_sk_backlog_rcv+0x109/0x1f0 [ 331.420923][ C0] ? __release_sock+0x146/0x360 [ 331.425801][ C0] ? tipc_wait_for_rcvmsg+0x2ca/0x5e0 [ 331.431161][ C0] ? tipc_recvstream+0x1f7/0xe80 [ 331.436539][ C0] ? ____sys_recvmsg+0x291/0x580 [ 331.441494][ C0] ? ___sys_recvmsg+0x1af/0x4f0 [ 331.446344][ C0] ? __x64_sys_recvmsg+0x1dd/0x2a0 [ 331.451441][ C0] ? do_syscall_64+0x31/0x40 [ 331.456018][ C0] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 331.462071][ C0] ? tipc_sk_dump+0xfc0/0xfc0 [ 331.466736][ C0] ? __kasan_check_write+0x14/0x20 [ 331.471998][ C0] ? _raw_spin_lock_bh+0x8e/0xe0 [ 331.476948][ C0] tipc_sk_rcv+0x7cc/0x1ef0 [ 331.481449][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 331.486989][ C0] ? kmem_cache_free+0x100/0x2d0 [ 331.491916][ C0] ? __skb_queue_purge+0x170/0x170 [ 331.497026][ C0] ? tipc_sk_filter_rcv+0x3034/0x3850 [ 331.502456][ C0] tipc_node_xmit+0x256/0xcd0 [ 331.507272][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 331.512821][ C0] ? kasan_set_track+0x5b/0x70 [ 331.517591][ C0] tipc_node_distr_xmit+0x292/0x390 [ 331.522777][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 331.527958][ C0] tipc_sk_backlog_rcv+0x16f/0x1f0 [ 331.533067][ C0] ? tipc_sk_timeout+0x970/0x970 [ 331.537987][ C0] ? __kasan_check_write+0x14/0x20 [ 331.543089][ C0] __release_sock+0x146/0x360 [ 331.547757][ C0] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 331.553540][ C0] release_sock+0x60/0x1b0 [ 331.557952][ C0] tipc_wait_for_rcvmsg+0x2ca/0x5e0 [ 331.563251][ C0] ? tsk_importance+0x150/0x150 [ 331.568177][ C0] ? wait_woken+0x180/0x180 [ 331.572836][ C0] ? kfree_skb+0xc1/0x2f0 [ 331.577197][ C0] ? tsk_advance_rx_queue+0x10a/0x700 [ 331.582659][ C0] tipc_recvstream+0x1f7/0xe80 [ 331.587409][ C0] ? tipc_sendstream+0x70/0x70 [ 331.592365][ C0] ____sys_recvmsg+0x291/0x580 [ 331.597116][ C0] ? __sys_recvmsg_sock+0x50/0x50 [ 331.602122][ C0] ? import_iovec+0x7c/0xb0 [ 331.606617][ C0] ___sys_recvmsg+0x1af/0x4f0 [ 331.611281][ C0] ? __sys_recvmsg+0x250/0x250 [ 331.616063][ C0] ? __fdget+0x1a1/0x230 [ 331.620315][ C0] __x64_sys_recvmsg+0x1dd/0x2a0 [ 331.625253][ C0] ? __x64_sys_rt_sigprocmask+0xb0/0xb0 [ 331.630955][ C0] ? ___sys_recvmsg+0x4f0/0x4f0 [ 331.636236][ C0] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 331.642311][ C0] ? irqentry_exit_to_user_mode+0x41/0x80 [ 331.648064][ C0] do_syscall_64+0x31/0x40 [ 331.652526][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 331.658414][ C0] RIP: 0033:0x7ff2b15a1169 [ 331.662847][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.682544][ C0] RSP: 002b:00007ff2b0ff1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 331.691429][ C0] RAX: ffffffffffffffda RBX: 00007ff2b17c9080 RCX: 00007ff2b15a1169 [ 331.699823][ C0] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 331.707917][ C0] RBP: 00007ff2b1623a68 R08: 0000000000000000 R09: 0000000000000000 [ 331.715980][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 331.723942][ C0] R13: 0000000000000001 R14: 00007ff2b17c9080 R15: 00007ffc9c519718 [ 331.732057][ C0] Sending NMI from CPU 0 to CPUs 1: [ 331.737775][ C1] NMI backtrace for cpu 1 [ 331.737783][ C1] CPU: 1 PID: 1063 Comm: syz.4.209 Not tainted 5.10.236-syzkaller-1007372-gab07aeb2c93d #0 [ 331.737789][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 331.737793][ C1] RIP: 0010:kvm_wait+0xc2/0x120 [ 331.737804][ C1] Code: 38 f0 75 26 41 f7 c4 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d 8f 9e 98 03 f4 eb 0e 0f 1f 44 00 00 0f 00 2d 80 9e 98 03 fb f4 <4c> 89 64 24 18 ff 74 24 18 9d 48 c7 44 24 20 0e 36 e0 45 4b c7 04 [ 331.737808][ C1] RSP: 0018:ffffc90000dc76e0 EFLAGS: 00000246 [ 331.737817][ C1] RAX: 0000000000000003 RBX: ffff88810df5a388 RCX: ffffffff814b0f6a [ 331.737822][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff88810df5a388 [ 331.737827][ C1] RBP: ffffc90000dc7790 R08: dffffc0000000000 R09: ffffed1021beb472 [ 331.737832][ C1] R10: ffffed1021beb472 R11: 1ffff11021beb471 R12: 0000000000000246 [ 331.737837][ C1] R13: 1ffff11021beb471 R14: dffffc0000000000 R15: 1ffff920001b8ee0 [ 331.737849][ C1] FS: 00007ff2b10126c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 331.737854][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 331.737859][ C1] CR2: 00007ff2b0ff1d58 CR3: 0000000128e44000 CR4: 00000000003506a0 [ 331.737864][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 331.737869][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 331.737871][ C1] Call Trace: [ 331.737875][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 331.737879][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 331.737883][ C1] ? __pv_queued_spin_lock_slowpath+0x6ba/0xb70 [ 331.737887][ C1] __pv_queued_spin_lock_slowpath+0x714/0xb70 [ 331.737890][ C1] ? memcpy+0x56/0x70 [ 331.737894][ C1] ? __pv_queued_spin_unlock_slowpath+0x280/0x280 [ 331.737897][ C1] ? avc_has_perm_noaudit+0x240/0x240 [ 331.737901][ C1] queued_spin_lock_slowpath+0x47/0x50 [ 331.737905][ C1] _raw_spin_lock_bh+0xd8/0xe0 [ 331.737908][ C1] ? _raw_spin_lock_irq+0xe0/0xe0 [ 331.737912][ C1] lock_sock_nested+0x92/0x290 [ 331.737915][ C1] ? sock_init_data+0xc0/0xc0 [ 331.737919][ C1] ? _raw_spin_lock_bh+0x8e/0xe0 [ 331.737922][ C1] ? _raw_spin_unlock_bh+0x51/0x60 [ 331.737925][ C1] tipc_sendstream+0x47/0x70 [ 331.737929][ C1] ? tipc_getsockopt+0x4c0/0x4c0 [ 331.737932][ C1] ____sys_sendmsg+0x5a2/0x8c0 [ 331.737936][ C1] ? __sys_sendmsg_sock+0x40/0x40 [ 331.737939][ C1] ? import_iovec+0x7c/0xb0 [ 331.737942][ C1] ___sys_sendmsg+0x1f0/0x260 [ 331.737946][ C1] ? __sys_sendmsg+0x250/0x250 [ 331.737949][ C1] ? __fdget+0x1a1/0x230 [ 331.737952][ C1] __x64_sys_sendmsg+0x1e2/0x2a0 [ 331.737956][ C1] ? ___sys_sendmsg+0x260/0x260 [ 331.737959][ C1] ? switch_fpu_return+0x197/0x340 [ 331.737963][ C1] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 331.737966][ C1] do_syscall_64+0x31/0x40 [ 331.737970][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 331.737973][ C1] RIP: 0033:0x7ff2b15a1169 [ 331.737984][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.737988][ C1] RSP: 002b:00007ff2b1012038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 331.737996][ C1] RAX: ffffffffffffffda RBX: 00007ff2b17c8fa0 RCX: 00007ff2b15a1169 [ 331.738001][ C1] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004 [ 331.738006][ C1] RBP: 00007ff2b1623a68 R08: 0000000000000000 R09: 0000000000000000 [ 331.738011][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 331.738016][ C1] R13: 0000000000000000 R14: 00007ff2b17c8fa0 R15: 00007ffc9c519718