Warning: Permanently added '10.128.0.210' (ED25519) to the list of known hosts. 2025/11/02 19:19:50 parsed 1 programs [ 100.293572][ T24] audit: type=1400 audit(1762111190.930:64): avc: denied { node_bind } for pid=276 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 100.314284][ T24] audit: type=1400 audit(1762111190.930:65): avc: denied { create } for pid=276 comm="syz-execprog" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 100.334005][ T24] audit: type=1400 audit(1762111190.930:66): avc: denied { module_request } for pid=276 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 100.979285][ T24] audit: type=1400 audit(1762111191.620:67): avc: denied { mounton } for pid=284 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 100.980221][ T284] cgroup: Unknown subsys name 'net' [ 101.001960][ T24] audit: type=1400 audit(1762111191.620:68): avc: denied { mount } for pid=284 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 101.029273][ T24] audit: type=1400 audit(1762111191.650:69): avc: denied { unmount } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 101.029467][ T284] cgroup: Unknown subsys name 'devices' [ 101.227604][ T284] cgroup: Unknown subsys name 'hugetlb' [ 101.233293][ T284] cgroup: Unknown subsys name 'rlimit' [ 101.404962][ T24] audit: type=1400 audit(1762111192.040:70): avc: denied { setattr } for pid=284 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 101.428175][ T24] audit: type=1400 audit(1762111192.040:71): avc: denied { create } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 101.448569][ T24] audit: type=1400 audit(1762111192.040:72): avc: denied { write } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 101.454058][ T287] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 101.468929][ T24] audit: type=1400 audit(1762111192.040:73): avc: denied { read } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 101.503162][ T284] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 101.985060][ T295] request_module fs-gadgetfs succeeded, but still no fs? [ 101.995931][ T295] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 102.497067][ T339] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.504269][ T339] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.511681][ T339] device bridge_slave_0 entered promiscuous mode [ 102.518689][ T339] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.525722][ T339] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.533163][ T339] device bridge_slave_1 entered promiscuous mode [ 102.563562][ T339] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.570746][ T339] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.578035][ T339] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.585071][ T339] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.601255][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 102.608794][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.616275][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.624868][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 102.633115][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.640142][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.648708][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 102.656931][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.663945][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.675239][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 102.684327][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 102.697098][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 102.707922][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 102.716370][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 102.723803][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 102.732093][ T339] device veth0_vlan entered promiscuous mode [ 102.741742][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 102.750701][ T339] device veth1_macvtap entered promiscuous mode [ 102.766050][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 102.776517][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2025/11/02 19:19:53 executed programs: 0 [ 103.098654][ T354] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.105701][ T354] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.113176][ T354] device bridge_slave_0 entered promiscuous mode [ 103.120368][ T354] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.127471][ T354] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.134923][ T354] device bridge_slave_1 entered promiscuous mode [ 103.172180][ T354] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.179259][ T354] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.186548][ T354] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.193765][ T354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.210848][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 103.219535][ T330] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.227836][ T330] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.242099][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 103.250322][ T330] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.257384][ T330] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.264725][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 103.272920][ T330] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.279945][ T330] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.297629][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 103.306339][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 103.314327][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 103.327402][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 103.335453][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 103.343119][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 103.352006][ T354] device veth0_vlan entered promiscuous mode [ 103.361908][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 103.370921][ T354] device veth1_macvtap entered promiscuous mode [ 103.380214][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 103.389813][ T330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 203.455824][ C0] rcu: INFO: rcu_preempt self-detected stall on CPU [ 203.462462][ C0] rcu: 0-...!: (10000 ticks this GP) idle=f9a/1/0x4000000000000000 softirq=1971/1971 fqs=0 last_accelerate: b2e7/d9f7 dyntick_enabled: 1 [ 203.476520][ C0] (t=10000 jiffies g=565 q=87) [ 203.481372][ C0] rcu: rcu_preempt kthread starved for 10000 jiffies! g565 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 203.492704][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 203.502762][ C0] rcu: RCU grace-period kthread stack dump: [ 203.508634][ C0] task:rcu_preempt state:I stack: 0 pid: 13 ppid: 2 flags:0x00004000 [ 203.517858][ C0] Call Trace: [ 203.521134][ C0] __schedule+0xb47/0x1310 [ 203.525534][ C0] ? release_firmware_map_entry+0x190/0x190 [ 203.531479][ C0] ? __mod_timer+0x7ae/0xb30 [ 203.536166][ C0] schedule+0x13c/0x1d0 [ 203.540313][ C0] schedule_timeout+0x12c/0x2d0 [ 203.545227][ C0] ? console_conditional_schedule+0x10/0x10 [ 203.551121][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 203.556578][ C0] ? run_local_timers+0x160/0x160 [ 203.561588][ C0] ? prepare_to_swait_event+0x320/0x340 [ 203.567116][ C0] rcu_gp_kthread+0x100a/0x26a0 [ 203.571945][ C0] ? rcu_barrier_callback+0x50/0x50 [ 203.577134][ C0] ? __kasan_check_read+0x11/0x20 [ 203.582140][ C0] ? __kthread_parkme+0xb9/0x1c0 [ 203.587062][ C0] kthread+0x346/0x3d0 [ 203.591124][ C0] ? rcu_barrier_callback+0x50/0x50 [ 203.596404][ C0] ? kthread_blkcg+0xd0/0xd0 [ 203.600978][ C0] ret_from_fork+0x1f/0x30 [ 203.605402][ C0] NMI backtrace for cpu 0 [ 203.609712][ C0] CPU: 0 PID: 392 Comm: syz.2.17 Not tainted syzkaller #0 [ 203.616797][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 203.626929][ C0] Call Trace: [ 203.630191][ C0] [ 203.633033][ C0] __dump_stack+0x21/0x24 [ 203.637338][ C0] dump_stack_lvl+0x169/0x1d8 [ 203.641993][ C0] ? show_regs_print_info+0x18/0x18 [ 203.647186][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 203.652621][ C0] ? _raw_spin_lock+0xe0/0xe0 [ 203.657279][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 203.663324][ C0] dump_stack+0x15/0x1c [ 203.667464][ C0] nmi_trigger_cpumask_backtrace+0x27f/0x2c0 [ 203.673423][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 203.679293][ C0] rcu_dump_cpu_stacks+0x19c/0x2c0 [ 203.684382][ C0] rcu_sched_clock_irq+0xf79/0x1870 [ 203.689560][ C0] ? rcutree_dead_cpu+0x2f0/0x2f0 [ 203.694565][ C0] ? hrtimer_run_queues+0x166/0x430 [ 203.699753][ C0] update_process_times+0x198/0x200 [ 203.704964][ C0] tick_sched_timer+0x17c/0x240 [ 203.709802][ C0] ? tick_setup_sched_timer+0x450/0x450 [ 203.715324][ C0] __hrtimer_run_queues+0x37a/0x960 [ 203.720503][ C0] ? process_backlog+0x5e0/0x600 [ 203.725421][ C0] ? hrtimer_interrupt+0xdc0/0xdc0 [ 203.730537][ C0] ? ktime_get_update_offsets_now+0x293/0x2b0 [ 203.736601][ C0] hrtimer_interrupt+0x3a6/0xdc0 [ 203.741528][ C0] ? sched_clock_cpu+0x1b/0x3d0 [ 203.746385][ C0] ? do_sync_core+0x22/0x30 [ 203.750898][ C0] __sysvec_apic_timer_interrupt+0xfa/0x3f0 [ 203.756776][ C0] asm_call_irq_on_stack+0xf/0x20 [ 203.761780][ C0] [ 203.764716][ C0] sysvec_apic_timer_interrupt+0x85/0xe0 [ 203.770395][ C0] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 203.776461][ C0] RIP: 0010:_raw_spin_lock_bh+0x9b/0xe0 [ 203.781998][ C0] Code: 00 00 00 48 89 df be 04 00 00 00 e8 7f 84 25 fd 4c 89 f7 be 04 00 00 00 e8 72 84 25 fd 8b 44 24 20 b9 01 00 00 00 f0 0f b1 0b <75> 2d 48 c7 04 24 0e 36 e0 45 4b c7 04 27 00 00 00 00 65 48 8b 04 [ 203.801585][ C0] RSP: 0018:ffffc90000f36a00 EFLAGS: 00000246 [ 203.807720][ C0] RAX: 0000000000000000 RBX: ffffc90000f36ed4 RCX: 0000000000000001 [ 203.815688][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc90000f36a20 [ 203.823649][ C0] RBP: ffffc90000f36a90 R08: 0000000000000004 R09: 0000000000000003 [ 203.831717][ C0] R10: fffff520001e6d44 R11: 1ffff920001e6d44 R12: dffffc0000000000 [ 203.839695][ C0] R13: ffffc90000f36ed0 R14: ffffc90000f36a20 R15: 1ffff920001e6d40 [ 203.847667][ C0] ? _raw_spin_lock_irq+0xe0/0xe0 [ 203.852675][ C0] ? kasan_check_range+0x7f/0x290 [ 203.857677][ C0] tipc_sk_rcv+0x221/0x1ef0 [ 203.862160][ C0] ? __stack_depot_save+0x479/0x4c0 [ 203.867446][ C0] ? kasan_set_track+0x5b/0x70 [ 203.872205][ C0] ? kasan_set_track+0x4a/0x70 [ 203.876954][ C0] ? kasan_set_free_info+0x23/0x40 [ 203.882046][ C0] ? ____kasan_slab_free+0x125/0x160 [ 203.887307][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 203.892831][ C0] ? kmem_cache_free+0x100/0x2d0 [ 203.897749][ C0] ? kfree_skbmem+0x10c/0x180 [ 203.902404][ C0] ? kfree_skb+0xc1/0x2f0 [ 203.906715][ C0] ? tipc_msg_reverse+0x698/0x900 [ 203.911723][ C0] ? tipc_node_xmit+0x256/0xcd0 [ 203.916553][ C0] ? tipc_sk_filter_rcv+0x1581/0x3850 [ 203.921904][ C0] ? tipc_node_xmit+0x256/0xcd0 [ 203.926860][ C0] ? tipc_node_distr_xmit+0x292/0x390 [ 203.932231][ C0] ? tipc_sk_backlog_rcv+0x16f/0x1f0 [ 203.937507][ C0] ? syscall_exit_to_user_mode+0x1d/0x40 [ 203.943118][ C0] ? do_syscall_64+0x3d/0x40 [ 203.947696][ C0] ? __skb_queue_purge+0x170/0x170 [ 203.952798][ C0] tipc_node_xmit+0x256/0xcd0 [ 203.957457][ C0] ? ____kasan_slab_free+0x130/0x160 [ 203.962717][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 203.968245][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 203.973767][ C0] ? kfree_skbmem+0x10c/0x180 [ 203.978426][ C0] ? kmem_cache_free+0x100/0x2d0 [ 203.983339][ C0] tipc_node_xmit_skb+0xe9/0x130 [ 203.988257][ C0] ? kfree_skb+0xc1/0x2f0 [ 203.992564][ C0] ? __skb_queue_purge+0x170/0x170 [ 203.997690][ C0] ? trace_tipc_sk_rej_msg+0x2c/0x6d0 [ 204.003038][ C0] tipc_sk_rcv+0x1d77/0x1ef0 [ 204.007608][ C0] ? __skb_queue_purge+0x170/0x170 [ 204.012702][ C0] tipc_node_xmit+0x256/0xcd0 [ 204.017358][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 204.022881][ C0] ? unwind_get_return_address+0x4d/0x90 [ 204.028490][ C0] ? __kasan_check_write+0x14/0x20 [ 204.033605][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 204.039490][ C0] ? _raw_spin_lock+0xe0/0xe0 [ 204.044161][ C0] tipc_sk_filter_rcv+0x1581/0x3850 [ 204.049425][ C0] ? tipc_sk_dump+0xfc0/0xfc0 [ 204.054089][ C0] ? __kasan_check_write+0x14/0x20 [ 204.059196][ C0] ? _raw_spin_lock_bh+0x8e/0xe0 [ 204.064118][ C0] tipc_sk_rcv+0x7cc/0x1ef0 [ 204.068598][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 204.074132][ C0] ? kmem_cache_free+0x100/0x2d0 [ 204.079060][ C0] ? __skb_queue_purge+0x170/0x170 [ 204.084159][ C0] ? tipc_sk_filter_rcv+0x3034/0x3850 [ 204.089507][ C0] ? ____fput+0x15/0x20 [ 204.093665][ C0] ? task_work_run+0x127/0x190 [ 204.098426][ C0] tipc_node_xmit+0x256/0xcd0 [ 204.103084][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 204.108696][ C0] tipc_node_distr_xmit+0x292/0x390 [ 204.113890][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 204.119161][ C0] ? kfree_skbmem+0x10c/0x180 [ 204.123857][ C0] tipc_sk_backlog_rcv+0x16f/0x1f0 [ 204.128954][ C0] ? tipc_sk_timeout+0x970/0x970 [ 204.133893][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 204.139343][ C0] __release_sock+0x146/0x360 [ 204.144175][ C0] ? _raw_write_lock_irq+0xe0/0xe0 [ 204.149264][ C0] release_sock+0x60/0x1b0 [ 204.153712][ C0] tipc_release+0xbd4/0x1490 [ 204.158277][ C0] ? down_read_killable+0xe0/0xe0 [ 204.163294][ C0] sock_close+0xe0/0x270 [ 204.167527][ C0] ? sock_mmap+0xa0/0xa0 [ 204.171758][ C0] __fput+0x2fb/0x770 [ 204.175714][ C0] ____fput+0x15/0x20 [ 204.179678][ C0] task_work_run+0x127/0x190 [ 204.184248][ C0] exit_to_user_mode_loop+0xcb/0xe0 [ 204.189457][ C0] exit_to_user_mode_prepare+0x76/0xa0 [ 204.194893][ C0] syscall_exit_to_user_mode+0x1d/0x40 [ 204.200343][ C0] do_syscall_64+0x3d/0x40 [ 204.204743][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 204.210702][ C0] RIP: 0033:0x7f13f8499fc9 [ 204.215099][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.234769][ C0] RSP: 002b:00007f13f830a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 204.243160][ C0] RAX: 00000000000203a0 RBX: 00007f13f86f0fa0 RCX: 00007f13f8499fc9 [ 204.251114][ C0] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 204.259067][ C0] RBP: 00007f13f851cf91 R08: 0000000000000000 R09: 0000000000000000 [ 204.267044][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.275021][ C0] R13: 00007f13f86f1038 R14: 00007f13f86f0fa0 R15: 00007ffdf8bc4078 [ 243.001611][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 123s! [syz.2.17:391] [ 243.009622][ C1] Modules linked in: [ 243.013530][ C1] CPU: 1 PID: 391 Comm: syz.2.17 Not tainted syzkaller #0 [ 243.020639][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 243.030704][ C1] RIP: 0010:kvm_wait+0xc2/0x120 [ 243.035557][ C1] Code: 38 f0 75 26 41 f7 c4 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d af 98 98 03 f4 eb 0e 0f 1f 44 00 00 0f 00 2d a0 98 98 03 fb f4 <4c> 89 64 24 18 ff 74 24 18 9d 48 c7 44 24 20 0e 36 e0 45 4b c7 04 [ 243.055162][ C1] RSP: 0018:ffffc90000f279a0 EFLAGS: 00000246 [ 243.061230][ C1] RAX: 0000000000000003 RBX: ffff888105789e88 RCX: ffffffff814b25ba [ 243.069290][ C1] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff888105789e88 [ 243.077346][ C1] RBP: ffffc90000f27a50 R08: dffffc0000000000 R09: ffffed1020af13d2 [ 243.085404][ C1] R10: ffffed1020af13d2 R11: 1ffff11020af13d1 R12: 0000000000000246 [ 243.093373][ C1] R13: 1ffff11020af13d1 R14: dffffc0000000000 R15: 1ffff920001e4f38 [ 243.101359][ C1] FS: 0000555557322500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 243.110282][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.116873][ C1] CR2: 00007f13f9222d60 CR3: 000000010fe3c000 CR4: 00000000003506a0 [ 243.124849][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 243.132818][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 243.140785][ C1] Call Trace: [ 243.144163][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 243.150314][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 243.155427][ C1] ? __pv_queued_spin_lock_slowpath+0x6ba/0xb70 [ 243.161749][ C1] __pv_queued_spin_lock_slowpath+0x714/0xb70 [ 243.167817][ C1] ? __pv_queued_spin_unlock_slowpath+0x280/0x280 [ 243.174230][ C1] ? kasan_save_stack+0x49/0x60 [ 243.179166][ C1] ? __kasan_record_aux_stack+0xd2/0x100 [ 243.184800][ C1] ? kasan_record_aux_stack+0xe/0x10 [ 243.190085][ C1] ? task_work_add+0x27/0x1e0 [ 243.194763][ C1] ? fput+0x1a/0x20 [ 243.198572][ C1] ? filp_close+0x105/0x150 [ 243.203069][ C1] ? __close_range+0x1ca/0x430 [ 243.207837][ C1] ? __x64_sys_close_range+0x7a/0x90 [ 243.213131][ C1] queued_spin_lock_slowpath+0x47/0x50 [ 243.218676][ C1] _raw_spin_lock_bh+0xd8/0xe0 [ 243.223531][ C1] ? _raw_spin_lock_irq+0xe0/0xe0 [ 243.228571][ C1] lock_sock_nested+0x92/0x290 [ 243.233447][ C1] ? locks_remove_posix+0x530/0x530 [ 243.238653][ C1] ? sock_init_data+0xc0/0xc0 [ 243.243414][ C1] ? fsnotify+0x1967/0x1a80 [ 243.247916][ C1] tipc_release+0x56/0x1490 [ 243.252420][ C1] ? down_read_killable+0xe0/0xe0 [ 243.257443][ C1] sock_close+0xe0/0x270 [ 243.261683][ C1] ? sock_mmap+0xa0/0xa0 [ 243.265925][ C1] __fput+0x2fb/0x770 [ 243.269908][ C1] ____fput+0x15/0x20 [ 243.273889][ C1] task_work_run+0x127/0x190 [ 243.278496][ C1] exit_to_user_mode_loop+0xcb/0xe0 [ 243.283713][ C1] exit_to_user_mode_prepare+0x76/0xa0 [ 243.289182][ C1] syscall_exit_to_user_mode+0x1d/0x40 [ 243.294641][ C1] do_syscall_64+0x3d/0x40 [ 243.299066][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 243.304956][ C1] RIP: 0033:0x7f13f8499fc9 [ 243.309370][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.329064][ C1] RSP: 002b:00007ffdf8bc41d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 243.337476][ C1] RAX: 0000000000000000 RBX: 00007f13f86f2da0 RCX: 00007f13f8499fc9 [ 243.345444][ C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 243.353419][ C1] RBP: 00007f13f86f2da0 R08: 0000000000000000 R09: 00000006f8bc44cf [ 243.361681][ C1] R10: 00007f13f86f2cb0 R11: 0000000000000246 R12: 000000000001971a [ 243.369662][ C1] R13: 00007f13f86f1090 R14: ffffffffffffffff R15: 00007ffdf8bc42f0 [ 243.377862][ C1] Sending NMI from CPU 1 to CPUs 0: [ 243.383804][ C0] NMI backtrace for cpu 0 [ 243.383809][ C0] CPU: 0 PID: 392 Comm: syz.2.17 Not tainted syzkaller #0 [ 243.383814][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 243.383817][ C0] RIP: 0010:__rcu_read_unlock+0x0/0xa0 [ 243.383825][ C0] Code: b6 04 08 84 c0 75 05 ff 03 5b 5d c3 89 d9 80 e1 07 80 c1 03 38 c1 7c ef 48 89 df e8 2a cf 4b 00 eb e5 0f 1f 84 00 00 00 00 00 <55> 48 89 e5 41 57 41 56 53 49 be 00 00 00 00 00 fc ff df 65 48 8b [ 243.383835][ C0] RSP: 0018:ffffc90000f36998 EFLAGS: 00000293 [ 243.383843][ C0] RAX: ffffffff845d6f1a RBX: ffff888105789e80 RCX: ffff8881105a62c0 [ 243.383847][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000007ffffffe [ 243.383851][ C0] RBP: ffffc90000f36a90 R08: dffffc0000000000 R09: ffffed1020af13d1 [ 243.383855][ C0] R10: ffffed1020af13d1 R11: 1ffff11020af13d0 R12: dffffc0000000000 [ 243.383859][ C0] R13: ffff888105789e00 R14: 0000000000000004 R15: fffffffffffffc18 [ 243.383863][ C0] FS: 00007f13f830a6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 243.383867][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 243.383870][ C0] CR2: 00002000000071e0 CR3: 000000010fe3c000 CR4: 00000000003506b0 [ 243.383874][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 243.383878][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 243.383881][ C0] Call Trace: [ 243.383884][ C0] ? tipc_sk_lookup+0x544/0x5f0 [ 243.383887][ C0] ? tipc_sk_rcv+0x1ef0/0x1ef0 [ 243.383889][ C0] tipc_sk_rcv+0x3eb/0x1ef0 [ 243.383892][ C0] ? __stack_depot_save+0x479/0x4c0 [ 243.383895][ C0] ? kasan_set_track+0x5b/0x70 [ 243.383898][ C0] ? kasan_set_track+0x4a/0x70 [ 243.383901][ C0] ? kasan_set_free_info+0x23/0x40 [ 243.383904][ C0] ? ____kasan_slab_free+0x125/0x160 [ 243.383907][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 243.383910][ C0] ? kmem_cache_free+0x100/0x2d0 [ 243.383913][ C0] ? kfree_skbmem+0x10c/0x180 [ 243.383916][ C0] ? kfree_skb+0xc1/0x2f0 [ 243.383918][ C0] ? tipc_msg_reverse+0x698/0x900 [ 243.383921][ C0] ? tipc_node_xmit+0x256/0xcd0 [ 243.383925][ C0] ? tipc_sk_filter_rcv+0x1581/0x3850 [ 243.383927][ C0] ? tipc_node_xmit+0x256/0xcd0 [ 243.383930][ C0] ? tipc_node_distr_xmit+0x292/0x390 [ 243.383934][ C0] ? tipc_sk_backlog_rcv+0x16f/0x1f0 [ 243.383937][ C0] ? syscall_exit_to_user_mode+0x1d/0x40 [ 243.383940][ C0] ? do_syscall_64+0x3d/0x40 [ 243.383942][ C0] ? __skb_queue_purge+0x170/0x170 [ 243.383945][ C0] tipc_node_xmit+0x256/0xcd0 [ 243.383948][ C0] ? ____kasan_slab_free+0x130/0x160 [ 243.383952][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 243.383955][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 243.383957][ C0] ? kfree_skbmem+0x10c/0x180 [ 243.383960][ C0] ? kmem_cache_free+0x100/0x2d0 [ 243.383963][ C0] tipc_node_xmit_skb+0xe9/0x130 [ 243.383966][ C0] ? kfree_skb+0xc1/0x2f0 [ 243.383969][ C0] ? __skb_queue_purge+0x170/0x170 [ 243.383972][ C0] ? trace_tipc_sk_rej_msg+0x2c/0x6d0 [ 243.383975][ C0] tipc_sk_rcv+0x1d77/0x1ef0 [ 243.383978][ C0] ? __skb_queue_purge+0x170/0x170 [ 243.383980][ C0] tipc_node_xmit+0x256/0xcd0 [ 243.383984][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 243.383987][ C0] ? unwind_get_return_address+0x4d/0x90 [ 243.383990][ C0] ? __kasan_check_write+0x14/0x20 [ 243.383993][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 243.383995][ C0] ? _raw_spin_lock+0xe0/0xe0 [ 243.383998][ C0] tipc_sk_filter_rcv+0x1581/0x3850 [ 243.384001][ C0] ? tipc_sk_dump+0xfc0/0xfc0 [ 243.384004][ C0] ? __kasan_check_write+0x14/0x20 [ 243.384007][ C0] ? _raw_spin_lock_bh+0x8e/0xe0 [ 243.384010][ C0] tipc_sk_rcv+0x7cc/0x1ef0 [ 243.384013][ C0] ? slab_free_freelist_hook+0xc5/0x190 [ 243.384016][ C0] ? kmem_cache_free+0x100/0x2d0 [ 243.384019][ C0] ? __skb_queue_purge+0x170/0x170 [ 243.384022][ C0] ? tipc_sk_filter_rcv+0x3034/0x3850 [ 243.384025][ C0] ? ____fput+0x15/0x20 [ 243.384028][ C0] ? task_work_run+0x127/0x190 [ 243.384030][ C0] tipc_node_xmit+0x256/0xcd0 [ 243.384034][ C0] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 243.384037][ C0] tipc_node_distr_xmit+0x292/0x390 [ 243.384039][ C0] ? tipc_node_xmit_skb+0x130/0x130 [ 243.384042][ C0] ? kfree_skbmem+0x10c/0x180 [ 243.384045][ C0] tipc_sk_backlog_rcv+0x16f/0x1f0 [ 243.384048][ C0] ? tipc_sk_timeout+0x970/0x970 [ 243.384051][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 243.384054][ C0] __release_sock+0x146/0x360 [ 243.384057][ C0] ? _raw_write_lock_irq+0xe0/0xe0 [ 243.384060][ C0] release_sock+0x60/0x1b0 [ 243.384063][ C0] tipc_release+0xbd4/0x1490 [ 243.384066][ C0] ? down_read_killable+0xe0/0xe0 [ 243.384068][ C0] sock_close+0xe0/0x270 [ 243.384071][ C0] ? sock_mmap+0xa0/0xa0 [ 243.384073][ C0] __fput+0x2fb/0x770 [ 243.384075][ C0] ____fput+0x15/0x20 [ 243.384078][ C0] task_work_run+0x127/0x190 [ 243.384081][ C0] exit_to_user_mode_loop+0xcb/0xe0 [ 243.384084][ C0] exit_to_user_mode_prepare+0x76/0xa0 [ 243.384087][ C0] syscall_exit_to_user_mode+0x1d/0x40 [ 243.384089][ C0] do_syscall_64+0x3d/0x40 [ 243.384092][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 243.384094][ C0] RIP: 0033:0x7f13f8499fc9 [ 243.384102][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.384105][ C0] RSP: 002b:00007f13f830a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 243.384111][ C0] RAX: 00000000000203a0 RBX: 00007f13f86f0fa0 RCX: 00007f13f8499fc9 [ 243.384115][ C0] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 243.384118][ C0] RBP: 00007f13f851cf91 R08: 0000000000000000 R09: 0000000000000000 [ 243.384122][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.384125][ C0] R13: 00007f13f86f1038 R14: 00007f13f86f0fa0 R15: 00007ffdf8bc4078