cess permissive=1 [ 13.893858][ T24] audit: type=1400 audit(1774749895.610:63): avc: denied { siginh } for pid=217 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 Warning: Permanently added '10.128.0.180' (ED25519) to the list of known hosts. 2026/03/29 02:08:26 parsed 1 programs [ 224.992918][ T24] audit: type=1400 audit(1774750106.740:64): avc: denied { node_bind } for pid=275 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 225.013785][ T24] audit: type=1400 audit(1774750106.750:65): avc: denied { create } for pid=275 comm="syz-execprog" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 225.033736][ T24] audit: type=1400 audit(1774750106.750:66): avc: denied { module_request } for pid=275 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 225.641937][ T24] audit: type=1400 audit(1774750107.390:67): avc: denied { mounton } for pid=281 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 225.642821][ T281] cgroup: Unknown subsys name 'net' [ 225.664596][ T24] audit: type=1400 audit(1774750107.390:68): avc: denied { mount } for pid=281 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 225.691845][ T24] audit: type=1400 audit(1774750107.420:69): avc: denied { unmount } for pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 225.691991][ T281] cgroup: Unknown subsys name 'devices' [ 225.895179][ T281] cgroup: Unknown subsys name 'hugetlb' [ 225.900788][ T281] cgroup: Unknown subsys name 'rlimit' [ 226.043062][ T24] audit: type=1400 audit(1774750107.790:70): avc: denied { setattr } for pid=281 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 226.066251][ T24] audit: type=1400 audit(1774750107.800:71): avc: denied { create } for pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 226.086647][ T24] audit: type=1400 audit(1774750107.800:72): avc: denied { write } for pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 226.092485][ T285] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 226.106915][ T24] audit: type=1400 audit(1774750107.800:73): avc: denied { read } for pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 226.142469][ T281] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 226.632393][ T289] request_module fs-gadgetfs succeeded, but still no fs? [ 226.644737][ T289] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 226.695271][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.702300][ T295] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.709726][ T295] device bridge_slave_0 entered promiscuous mode [ 226.716490][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.723528][ T295] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.730843][ T295] device bridge_slave_1 entered promiscuous mode [ 226.763637][ T295] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.770660][ T295] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.778145][ T295] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.785191][ T295] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.800868][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 226.808603][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.816003][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.825753][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 226.833936][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.840967][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 226.849694][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 226.857993][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.865031][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 226.877052][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 226.886136][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 226.898751][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 226.910152][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 226.918409][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 226.926220][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 226.935240][ T295] device veth0_vlan entered promiscuous mode [ 226.944331][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 226.953464][ T295] device veth1_macvtap entered promiscuous mode [ 226.961879][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 226.971412][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2026/03/29 02:08:29 executed programs: 0 [ 227.641795][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.649051][ T352] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.656770][ T352] device bridge_slave_0 entered promiscuous mode [ 227.663625][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.670654][ T352] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.678215][ T352] device bridge_slave_1 entered promiscuous mode [ 227.716014][ T352] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.723063][ T352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.730417][ T352] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.737458][ T352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.746373][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.753634][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.771375][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 227.778781][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 227.787448][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 227.795844][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 227.804626][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.811643][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.819898][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 227.828196][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 227.836372][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.843487][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.857007][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 227.864995][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 227.874336][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 227.882423][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 227.891853][ T49] device bridge_slave_1 left promiscuous mode [ 227.898198][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.905667][ T49] device bridge_slave_0 left promiscuous mode [ 227.911747][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.919583][ T49] device veth1_macvtap left promiscuous mode [ 227.925609][ T49] device veth0_vlan left promiscuous mode [ 228.000112][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 228.008743][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 228.019494][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 228.027309][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 228.035410][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 228.042878][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 228.051505][ T352] device veth0_vlan entered promiscuous mode [ 228.061013][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 228.069536][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 228.078692][ T352] device veth1_macvtap entered promiscuous mode [ 228.086908][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 228.094650][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 228.102823][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 228.112071][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 228.120454][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 330.803217][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 330.809854][ C1] rcu: 1-...!: (10000 ticks this GP) idle=a46/1/0x4000000000000000 softirq=2533/2539 fqs=0 last_accelerate: e4ac/0bbc dyntick_enabled: 1 [ 330.823974][ C1] (t=10003 jiffies g=1161 q=197) [ 330.828982][ C1] rcu: rcu_preempt kthread starved for 10003 jiffies! g1161 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 330.840246][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 330.850289][ C1] rcu: RCU grace-period kthread stack dump: [ 330.856168][ C1] task:rcu_preempt state:I stack: 0 pid: 13 ppid: 2 flags:0x00004000 [ 330.865357][ C1] Call Trace: [ 330.868631][ C1] __schedule+0xb53/0x1320 [ 330.873026][ C1] ? __sched_text_start+0x8/0x8 [ 330.877858][ C1] ? __mod_timer+0x7da/0xb50 [ 330.882429][ C1] schedule+0x13c/0x1d0 [ 330.886564][ C1] schedule_timeout+0x159/0x330 [ 330.891403][ C1] ? console_conditional_schedule+0x10/0x10 [ 330.897301][ C1] ? _raw_spin_lock_irqsave+0xc2/0x130 [ 330.902914][ C1] ? run_local_timers+0x160/0x160 [ 330.907919][ C1] ? prepare_to_swait_event+0x320/0x340 [ 330.913448][ C1] rcu_gp_kthread+0x1045/0x2730 [ 330.918283][ C1] ? rcu_barrier_callback+0x50/0x50 [ 330.923490][ C1] ? __kasan_check_read+0x11/0x20 [ 330.928510][ C1] ? __kthread_parkme+0xb9/0x1c0 [ 330.933437][ C1] kthread+0x346/0x3d0 [ 330.937495][ C1] ? rcu_barrier_callback+0x50/0x50 [ 330.942675][ C1] ? kthread_blkcg+0xd0/0xd0 [ 330.947291][ C1] ret_from_fork+0x1f/0x30 [ 330.951960][ C1] NMI backtrace for cpu 1 [ 330.956285][ C1] CPU: 1 PID: 880 Comm: syz.2.178 Not tainted syzkaller #0 [ 330.963464][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 330.973623][ C1] Call Trace: [ 330.976929][ C1] [ 330.979777][ C1] __dump_stack+0x21/0x24 [ 330.984109][ C1] dump_stack_lvl+0x1a7/0x208 [ 330.988783][ C1] ? show_regs_print_info+0x18/0x18 [ 330.993974][ C1] ? _raw_spin_lock_irqsave+0xc2/0x130 [ 330.999615][ C1] ? _raw_spin_lock+0xf0/0xf0 [ 331.004777][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 331.010856][ C1] dump_stack+0x15/0x1c [ 331.014998][ C1] nmi_trigger_cpumask_backtrace+0x27f/0x2c0 [ 331.020978][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 331.026882][ C1] rcu_dump_cpu_stacks+0x19c/0x2c0 [ 331.032002][ C1] rcu_sched_clock_irq+0xf88/0x1880 [ 331.037190][ C1] ? rcutree_dead_cpu+0x310/0x310 [ 331.042226][ C1] ? hrtimer_run_queues+0x166/0x430 [ 331.047403][ C1] update_process_times+0x198/0x200 [ 331.052603][ C1] tick_sched_timer+0x17c/0x240 [ 331.057457][ C1] ? tick_setup_sched_timer+0x450/0x450 [ 331.062995][ C1] __hrtimer_run_queues+0x34f/0x820 [ 331.068174][ C1] ? hrtimer_interrupt+0xdc0/0xdc0 [ 331.073270][ C1] ? ktime_get_update_offsets_now+0x293/0x2b0 [ 331.079318][ C1] hrtimer_interrupt+0x3a6/0xdc0 [ 331.084236][ C1] ? sched_clock_cpu+0x1b/0x3d0 [ 331.089069][ C1] __sysvec_apic_timer_interrupt+0xfa/0x3f0 [ 331.094948][ C1] asm_call_irq_on_stack+0xf/0x20 [ 331.099960][ C1] [ 331.102909][ C1] sysvec_apic_timer_interrupt+0x85/0xe0 [ 331.108515][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 331.114495][ C1] RIP: 0010:_raw_spin_lock_bh+0xa1/0xf0 [ 331.120023][ C1] Code: 00 00 00 48 89 df be 04 00 00 00 e8 39 7c 1c fd 4c 89 f7 be 04 00 00 00 e8 2c 7c 1c fd 8b 44 24 20 b9 01 00 00 00 f0 0f b1 0b <75> 33 43 c6 44 27 04 f8 48 c7 04 24 0e 36 e0 45 4b c7 04 27 00 00 [ 331.139606][ C1] RSP: 0018:ffffc90003206780 EFLAGS: 00000246 [ 331.145826][ C1] RAX: 0000000000000000 RBX: ffffc90003206c94 RCX: 0000000000000001 [ 331.153779][ C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc900032067a0 [ 331.161739][ C1] RBP: ffffc90003206810 R08: 0000000000000003 R09: 0000000000000004 [ 331.169794][ C1] R10: dffffc0000000000 R11: fffff52000640cf4 R12: dffffc0000000000 [ 331.177759][ C1] R13: ffff888118b02d80 R14: ffffc900032067a0 R15: 1ffff92000640cf0 [ 331.185727][ C1] ? _raw_spin_lock_irq+0xf0/0xf0 [ 331.190738][ C1] ? tipc_sk_rcv+0x18fe/0x1dc0 [ 331.195529][ C1] tipc_sk_rcv+0x230/0x1dc0 [ 331.200079][ C1] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 331.205876][ C1] ? __stack_depot_save+0x47d/0x4c0 [ 331.211231][ C1] ? kasan_set_track+0x5b/0x70 [ 331.215993][ C1] ? kasan_set_track+0x4a/0x70 [ 331.220756][ C1] ? ____kasan_slab_free+0x125/0x160 [ 331.226022][ C1] ? __kasan_slab_free+0x11/0x20 [ 331.230956][ C1] ? slab_free_freelist_hook+0xc5/0x190 [ 331.236508][ C1] ? kmem_cache_free+0x100/0x2d0 [ 331.241427][ C1] ? tipc_node_distr_xmit+0x2a3/0x3b0 [ 331.246777][ C1] ? tipc_sk_backlog_rcv+0x17d/0x210 [ 331.252050][ C1] ? __release_sock+0x146/0x360 [ 331.256903][ C1] ? __sys_setsockopt+0x272/0x480 [ 331.261907][ C1] ? __skb_queue_purge+0x170/0x170 [ 331.266999][ C1] tipc_node_xmit+0x26c/0xd80 [ 331.271813][ C1] ? debug_smp_processor_id+0x17/0x20 [ 331.277190][ C1] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 331.282817][ C1] ? ____kasan_slab_free+0x130/0x160 [ 331.288105][ C1] ? __kasan_slab_free+0x11/0x20 [ 331.293022][ C1] ? kfree_skbmem+0x10c/0x180 [ 331.297724][ C1] tipc_node_distr_xmit+0x2a3/0x3b0 [ 331.303637][ C1] ? tipc_node_xmit_skb+0x150/0x150 [ 331.308877][ C1] ? trace_tipc_sk_rej_msg+0x2c/0x6d0 [ 331.314239][ C1] tipc_sk_rcv+0x18ed/0x1dc0 [ 331.318816][ C1] ? __skb_queue_purge+0x170/0x170 [ 331.323911][ C1] tipc_node_xmit+0x26c/0xd80 [ 331.328570][ C1] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 331.334119][ C1] tipc_sk_push_backlog+0x4dd/0x790 [ 331.339300][ C1] tipc_sk_proto_rcv+0xa65/0x1af0 [ 331.344300][ C1] ? trace_tipc_sk_dump+0x6c0/0x6c0 [ 331.349482][ C1] tipc_sk_filter_rcv+0x315a/0x3910 [ 331.354660][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 331.359761][ C1] ? kasan_set_track+0x5b/0x70 [ 331.364511][ C1] ? kasan_set_track+0x5b/0x70 [ 331.369248][ C1] ? kasan_set_track+0x4a/0x70 [ 331.373990][ C1] ? kasan_set_free_info+0x23/0x40 [ 331.379081][ C1] ? ____kasan_slab_free+0x125/0x160 [ 331.384360][ C1] ? __kasan_slab_free+0x11/0x20 [ 331.389273][ C1] ? slab_free_freelist_hook+0xc5/0x190 [ 331.394814][ C1] ? kmem_cache_free+0x100/0x2d0 [ 331.399729][ C1] ? kfree_skbmem+0x10c/0x180 [ 331.404380][ C1] ? tipc_msg_reverse+0x698/0x900 [ 331.409379][ C1] ? tipc_sk_filter_rcv+0xcd2/0x3910 [ 331.414660][ C1] ? tipc_sk_backlog_rcv+0x117/0x210 [ 331.419922][ C1] ? __release_sock+0x146/0x360 [ 331.424765][ C1] ? sock_setsockopt+0x1840/0x2680 [ 331.429853][ C1] ? __x64_sys_setsockopt+0xbf/0xd0 [ 331.435028][ C1] ? do_syscall_64+0x31/0x40 [ 331.439601][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 331.445807][ C1] ? tipc_sk_dump+0xfc0/0xfc0 [ 331.450497][ C1] ? __kasan_check_write+0x14/0x20 [ 331.455603][ C1] ? _raw_spin_lock_bh+0x94/0xf0 [ 331.460566][ C1] tipc_sk_rcv+0x742/0x1dc0 [ 331.465073][ C1] ? kfree_skbmem+0x10c/0x180 [ 331.469742][ C1] ? __skb_queue_purge+0x170/0x170 [ 331.474849][ C1] ? tipc_sk_filter_rcv+0x30d7/0x3910 [ 331.480213][ C1] tipc_node_xmit+0x26c/0xd80 [ 331.484873][ C1] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 331.490576][ C1] tipc_node_distr_xmit+0x2a3/0x3b0 [ 331.495771][ C1] ? tipc_node_xmit_skb+0x150/0x150 [ 331.500962][ C1] tipc_sk_backlog_rcv+0x17d/0x210 [ 331.506159][ C1] ? tipc_sk_timeout+0x990/0x990 [ 331.511184][ C1] ? __local_bh_enable_ip+0x53/0x80 [ 331.516364][ C1] ? lock_sock_nested+0x21c/0x2a0 [ 331.521368][ C1] ? _raw_spin_unlock+0x4d/0x70 [ 331.526374][ C1] __release_sock+0x146/0x360 [ 331.531034][ C1] sock_setsockopt+0x1840/0x2680 [ 331.536057][ C1] ? __sock_set_mark+0x160/0x160 [ 331.541001][ C1] ? selinux_socket_setsockopt+0x282/0x360 [ 331.546784][ C1] ? selinux_socket_getsockopt+0x340/0x340 [ 331.552584][ C1] ? __kasan_check_write+0x14/0x20 [ 331.557806][ C1] ? __fget_files+0x2c4/0x320 [ 331.562470][ C1] ? security_socket_setsockopt+0x82/0xa0 [ 331.568167][ C1] __sys_setsockopt+0x272/0x480 [ 331.573015][ C1] ? __ia32_sys_recv+0xb0/0xb0 [ 331.577775][ C1] __x64_sys_setsockopt+0xbf/0xd0 [ 331.582795][ C1] do_syscall_64+0x31/0x40 [ 331.587200][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 331.593114][ C1] RIP: 0033:0x7f89e411e819 [ 331.597627][ C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 331.617304][ C1] RSP: 002b:00007f89e3f60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 331.625811][ C1] RAX: ffffffffffffffda RBX: 00007f89e4398090 RCX: 00007f89e411e819 [ 331.633765][ C1] RDX: 0000000000000021 RSI: 0000000000000001 RDI: 0000000000000003 [ 331.641736][ C1] RBP: 00007f89e41b4c91 R08: 0000000000000004 R09: 0000000000000000 [ 331.649687][ C1] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000 [ 331.657645][ C1] R13: 00007f89e4398128 R14: 00007f89e4398090 R15: 00007ffdd0fc5988 [ 374.920147][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [syz.2.178:879] [ 374.928243][ C0] Modules linked in: [ 374.932147][ C0] CPU: 0 PID: 879 Comm: syz.2.178 Not tainted syzkaller #0 [ 374.939423][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 374.949498][ C0] RIP: 0010:kvm_wait+0xce/0x130 [ 374.954354][ C0] Code: 38 f0 75 26 41 f7 c4 00 02 00 00 75 0f 0f 1f 44 00 00 0f 00 2d 33 1e b8 03 f4 eb 0e 0f 1f 44 00 00 0f 00 2d 24 1e b8 03 fb f4 <4c> 89 64 24 18 ff 74 24 18 9d 48 c7 44 24 20 0e 36 e0 45 4b c7 04 [ 374.974046][ C0] RSP: 0018:ffffc9000314f6e0 EFLAGS: 00000246 [ 374.980117][ C0] RAX: 0000000000000003 RBX: ffff888118b02d88 RCX: ffffffff814bebea [ 374.988095][ C0] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff888118b02d88 [ 374.996064][ C0] RBP: ffffc9000314f790 R08: ffff888118b02d88 R09: 1ffff110231605b1 [ 375.004039][ C0] R10: dffffc0000000000 R11: ffffed10231605b2 R12: 0000000000000246 [ 375.012008][ C0] R13: 1ffff110231605b1 R14: dffffc0000000000 R15: 1ffff92000629ee0 [ 375.019981][ C0] FS: 00007f89e3f816c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 375.028911][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 375.035554][ C0] CR2: 0000200000000000 CR3: 000000011a4b9000 CR4: 00000000003506b0 [ 375.043525][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 375.051501][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 375.059470][ C0] Call Trace: [ 375.062761][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 375.067959][ C0] __pv_queued_spin_lock_slowpath+0x714/0xb70 [ 375.074104][ C0] ? __pv_queued_spin_unlock_slowpath+0x280/0x280 [ 375.080526][ C0] queued_spin_lock_slowpath+0x47/0x50 [ 375.086078][ C0] _raw_spin_lock_bh+0xe4/0xf0 [ 375.090846][ C0] ? _raw_spin_lock_irq+0xf0/0xf0 [ 375.095955][ C0] ? selinux_socket_sendmsg+0x22f/0x340 [ 375.101495][ C0] lock_sock_nested+0x90/0x2a0 [ 375.106261][ C0] ? sock_init_data+0xc0/0xc0 [ 375.110937][ C0] ? _raw_spin_lock_bh+0x94/0xf0 [ 375.115877][ C0] ? _raw_spin_unlock_bh+0x51/0x60 [ 375.120985][ C0] tipc_sendstream+0x47/0x70 [ 375.125568][ C0] ? tipc_getsockopt+0x4d0/0x4d0 [ 375.130510][ C0] ____sys_sendmsg+0x5b7/0x8f0 [ 375.135271][ C0] ? __sys_sendmsg_sock+0x40/0x40 [ 375.140339][ C0] ? import_iovec+0x7c/0xb0 [ 375.144876][ C0] ___sys_sendmsg+0x236/0x2e0 [ 375.149560][ C0] ? __sys_sendmsg+0x280/0x280 [ 375.154320][ C0] ? memcpy+0x56/0x70 [ 375.158302][ C0] ? __fdget+0x1a1/0x230 [ 375.162538][ C0] __x64_sys_sendmsg+0x1f9/0x2c0 [ 375.167477][ C0] ? __kasan_check_write+0x14/0x20 [ 375.172582][ C0] ? ___sys_sendmsg+0x2e0/0x2e0 [ 375.177440][ C0] ? debug_smp_processor_id+0x17/0x20 [ 375.182850][ C0] ? fpregs_assert_state_consistent+0xb1/0xe0 [ 375.188914][ C0] ? exit_to_user_mode_prepare+0x2f/0xa0 [ 375.194541][ C0] do_syscall_64+0x31/0x40 [ 375.198953][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 375.204944][ C0] RIP: 0033:0x7f89e411e819 [ 375.209365][ C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 375.229145][ C0] RSP: 002b:00007f89e3f81028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 375.237556][ C0] RAX: ffffffffffffffda RBX: 00007f89e4397fa0 RCX: 00007f89e411e819 [ 375.245521][ C0] RDX: 0000000000000000 RSI: 0000200000003280 RDI: 0000000000000004 [ 375.253497][ C0] RBP: 00007f89e41b4c91 R08: 0000000000000000 R09: 0000000000000000 [ 375.261552][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 375.269518][ C0] R13: 00007f89e4398038 R14: 00007f89e4397fa0 R15: 00007ffdd0fc5988 [ 375.277491][ C0] Sending NMI from CPU 0 to CPUs 1: [ 375.283423][ C1] NMI backtrace for cpu 1 [ 375.283428][ C1] CPU: 1 PID: 880 Comm: syz.2.178 Not tainted syzkaller #0 [ 375.283433][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 375.283436][ C1] RIP: 0010:_raw_spin_lock_bh+0xa1/0xf0 [ 375.283445][ C1] Code: 00 00 00 48 89 df be 04 00 00 00 e8 39 7c 1c fd 4c 89 f7 be 04 00 00 00 e8 2c 7c 1c fd 8b 44 24 20 b9 01 00 00 00 f0 0f b1 0b <75> 33 43 c6 44 27 04 f8 48 c7 04 24 0e 36 e0 45 4b c7 04 27 00 00 [ 375.283448][ C1] RSP: 0018:ffffc90003206780 EFLAGS: 00000246 [ 375.283456][ C1] RAX: 0000000000000000 RBX: ffffc90003206c94 RCX: 0000000000000001 [ 375.283460][ C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc900032067a0 [ 375.283464][ C1] RBP: ffffc90003206810 R08: 0000000000000003 R09: 0000000000000004 [ 375.283468][ C1] R10: dffffc0000000000 R11: fffff52000640cf4 R12: dffffc0000000000 [ 375.283472][ C1] R13: ffff888118b02d80 R14: ffffc900032067a0 R15: 1ffff92000640cf0 [ 375.283476][ C1] FS: 00007f89e3f606c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 375.283480][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 375.283484][ C1] CR2: 00007f89e3f5fff8 CR3: 000000011a4b9000 CR4: 00000000003506a0 [ 375.283488][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 375.283492][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 375.283494][ C1] Call Trace: [ 375.283497][ C1] ? _raw_spin_lock_irq+0xf0/0xf0 [ 375.283500][ C1] ? tipc_sk_rcv+0x191a/0x1dc0 [ 375.283503][ C1] tipc_sk_rcv+0x230/0x1dc0 [ 375.283506][ C1] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 375.283509][ C1] ? __stack_depot_save+0x47d/0x4c0 [ 375.283512][ C1] ? kasan_set_track+0x5b/0x70 [ 375.283515][ C1] ? kasan_set_track+0x4a/0x70 [ 375.283518][ C1] ? ____kasan_slab_free+0x125/0x160 [ 375.283521][ C1] ? __kasan_slab_free+0x11/0x20 [ 375.283524][ C1] ? slab_free_freelist_hook+0xc5/0x190 [ 375.283527][ C1] ? kmem_cache_free+0x100/0x2d0 [ 375.283530][ C1] ? tipc_node_distr_xmit+0x2a3/0x3b0 [ 375.283534][ C1] ? tipc_sk_backlog_rcv+0x17d/0x210 [ 375.283536][ C1] ? __release_sock+0x146/0x360 [ 375.283539][ C1] ? __sys_setsockopt+0x272/0x480 [ 375.283542][ C1] ? __skb_queue_purge+0x170/0x170 [ 375.283545][ C1] tipc_node_xmit+0x26c/0xd80 [ 375.283548][ C1] ? debug_smp_processor_id+0x17/0x20 [ 375.283552][ C1] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 375.283555][ C1] ? ____kasan_slab_free+0x130/0x160 [ 375.283558][ C1] ? __kasan_slab_free+0x11/0x20 [ 375.283560][ C1] ? kfree_skbmem+0x10c/0x180 [ 375.283563][ C1] tipc_node_distr_xmit+0x2a3/0x3b0 [ 375.283566][ C1] ? tipc_node_xmit_skb+0x150/0x150 [ 375.283570][ C1] ? trace_tipc_sk_rej_msg+0x2c/0x6d0 [ 375.283572][ C1] tipc_sk_rcv+0x18ed/0x1dc0 [ 375.283575][ C1] ? __skb_queue_purge+0x170/0x170 [ 375.283578][ C1] tipc_node_xmit+0x26c/0xd80 [ 375.283581][ C1] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 375.283584][ C1] tipc_sk_push_backlog+0x4dd/0x790 [ 375.283587][ C1] tipc_sk_proto_rcv+0xa65/0x1af0 [ 375.283590][ C1] ? trace_tipc_sk_dump+0x6c0/0x6c0 [ 375.283593][ C1] tipc_sk_filter_rcv+0x315a/0x3910 [ 375.283597][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 375.283599][ C1] ? kasan_set_track+0x5b/0x70 [ 375.283602][ C1] ? kasan_set_track+0x5b/0x70 [ 375.283605][ C1] ? kasan_set_track+0x4a/0x70 [ 375.283608][ C1] ? kasan_set_free_info+0x23/0x40 [ 375.283611][ C1] ? ____kasan_slab_free+0x125/0x160 [ 375.283614][ C1] ? __kasan_slab_free+0x11/0x20 [ 375.283617][ C1] ? slab_free_freelist_hook+0xc5/0x190 [ 375.283620][ C1] ? kmem_cache_free+0x100/0x2d0 [ 375.283623][ C1] ? kfree_skbmem+0x10c/0x180 [ 375.283626][ C1] ? tipc_msg_reverse+0x698/0x900 [ 375.283629][ C1] ? tipc_sk_filter_rcv+0xcd2/0x3910 [ 375.283632][ C1] ? tipc_sk_backlog_rcv+0x117/0x210 [ 375.283635][ C1] ? __release_sock+0x146/0x360 [ 375.283638][ C1] ? sock_setsockopt+0x1840/0x2680 [ 375.283649][ C1] ? __x64_sys_setsockopt+0xbf/0xd0 [ 375.283652][ C1] ? do_syscall_64+0x31/0x40 [ 375.283655][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 375.283658][ C1] ? tipc_sk_dump+0xfc0/0xfc0 [ 375.283661][ C1] ? __kasan_check_write+0x14/0x20 [ 375.283664][ C1] ? _raw_spin_lock_bh+0x94/0xf0 [ 375.283667][ C1] tipc_sk_rcv+0x742/0x1dc0 [ 375.283670][ C1] ? kfree_skbmem+0x10c/0x180 [ 375.283673][ C1] ? __skb_queue_purge+0x170/0x170 [ 375.283676][ C1] ? tipc_sk_filter_rcv+0x30d7/0x3910 [ 375.283679][ C1] tipc_node_xmit+0x26c/0xd80 [ 375.283682][ C1] ? tipc_node_get_linkname+0x1a0/0x1a0 [ 375.283685][ C1] tipc_node_distr_xmit+0x2a3/0x3b0 [ 375.283688][ C1] ? tipc_node_xmit_skb+0x150/0x150 [ 375.283691][ C1] tipc_sk_backlog_rcv+0x17d/0x210 [ 375.283693][ C1] ? tipc_sk_timeout+0x990/0x990 [ 375.283696][ C1] ? __local_bh_enable_ip+0x53/0x80 [ 375.283699][ C1] ? lock_sock_nested+0x21c/0x2a0 [ 375.283701][ C1] ? _raw_spin_unlock+0x4d/0x70 [ 375.283704][ C1] __release_sock+0x146/0x360 [ 375.283706][ C1] sock_setsockopt+0x1840/0x2680 [ 375.283709][ C1] ? __sock_set_mark+0x160/0x160 [ 375.283712][ C1] ? selinux_socket_setsockopt+0x282/0x360 [ 375.283715][ C1] ? selinux_socket_getsockopt+0x340/0x340 [ 375.283718][ C1] ? __kasan_check_write+0x14/0x20 [ 375.283720][ C1] ? __fget_files+0x2c4/0x320 [ 375.283723][ C1] ? security_socket_setsockopt+0x82/0xa0 [ 375.283726][ C1] __sys_setsockopt+0x272/0x480 [ 375.283728][ C1] ? __ia32_sys_recv+0xb0/0xb0 [ 375.283731][ C1] __x64_sys_setsockopt+0xbf/0xd0 [ 375.283733][ C1] do_syscall_64+0x31/0x40 [ 375.283736][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 375.283739][ C1] RIP: 0033:0x7f89e411e819 [ 375.283747][ C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 375.283750][ C1] RSP: 002b:00007f89e3f60028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 375.283756][ C1] RAX: ffffffffffffffda RBX: 00007f89e4398090 RCX: 00007f89e411e819 [ 375.283760][ C1] RDX: 0000000000000021 RSI: 0000000000000001 RDI: 0000000000000003 [ 375.283764][ C1] RBP: 00007f89e41b4c91 R08: 0000000000000004 R09: 0000000000000000 [ 375.283767][ C1] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000 [ 375.283771][ C1] R13: 00007f89e4398128 R14: 00007f89e4398090 R15: 00007ffdd0fc5988