last executing test programs: 4m2.197609388s ago: executing program 3 (id=6127): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x44, r1, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x1c, 0x3, 0x0, 0x1, [@nested={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0x70, 0x0, 0x0, @ipv6=@empty}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @ipv4=@remote}]}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004040}, 0xc884) 4m1.9847593s ago: executing program 3 (id=6131): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) syz_clone(0x80f400, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) 4m1.407209198s ago: executing program 3 (id=6139): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) setrlimit$auto(0x1000000007, 0x0) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xae30, 0x8, 0xfff, 0xffffffffffffffff, 0x2e, 0x7ff}, 0x6f4) 4m1.124840973s ago: executing program 3 (id=6142): mmap$auto(0x200000000000, 0x2020009, 0x0, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x1, 0x106) getsockopt$auto_SO_REUSEPORT(r0, 0x0, 0xf, 0x0, 0x0) 4m0.896655113s ago: executing program 3 (id=6146): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x1, 0xb, 0x0, 0x4) 4m0.672422216s ago: executing program 3 (id=6150): shmctl$auto_SHM_LOCK(0x161, 0xb, &(0x7f00000001c0)={{0x1c0000, 0xee01, 0xffffffffffffffff, 0xff, 0x5, 0x0, 0x8}, 0x83, 0xb6, 0x101, 0x3, @raw=0x6, @raw=0x2, 0x7, 0x0, 0x0, &(0x7f0000000100)="4df7160100000000000000f98e1b1751994e0f626bda9c21979d2d0045ff96aa4c948b1b45"}) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3e", 0xfdef) 3m45.613534274s ago: executing program 32 (id=6150): shmctl$auto_SHM_LOCK(0x161, 0xb, &(0x7f00000001c0)={{0x1c0000, 0xee01, 0xffffffffffffffff, 0xff, 0x5, 0x0, 0x8}, 0x83, 0xb6, 0x101, 0x3, @raw=0x6, @raw=0x2, 0x7, 0x0, 0x0, &(0x7f0000000100)="4df7160100000000000000f98e1b1751994e0f626bda9c21979d2d0045ff96aa4c948b1b45"}) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3e", 0xfdef) 4.922791614s ago: executing program 2 (id=8488): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) clock_getres$auto(0x2, 0x0) alarm$auto(0x2) 4.582347809s ago: executing program 0 (id=8491): mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000) socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000040)=@l2tp={0x2, 0x0, @broadcast}, 0x6a) connect$auto(0x3, 0x0, 0x55) 4.35473036s ago: executing program 0 (id=8493): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) setreuid$auto(0x9, 0x1) r0 = geteuid() keyctl$auto(0x1f, r0, r0, 0x5, 0x8) 4.131084084s ago: executing program 0 (id=8495): mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r0, 0x8, 0xffffffffffffffff) fcntl$auto(r0, 0x10, 0x2) 3.978669676s ago: executing program 2 (id=8496): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x19, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) 2.699221144s ago: executing program 2 (id=8504): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) lchown$auto(&(0x7f0000000080)='./file0\x00', 0xee01, 0xee00) write$auto(r0, 0x0, 0x5) 1.554254157s ago: executing program 2 (id=8512): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x5, 0x0) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_WRITE_READ(r0, 0xc0306201, 0x0) 1.450335826s ago: executing program 1 (id=8514): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x82002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)="fb", 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/module/ocfs2_dlmfs/parameters/capabilities\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000840)=""/41, 0x29) 1.198921593s ago: executing program 4 (id=8515): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001d40), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="c79f25bd7000ffdbdf250ee4000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0xc031}, 0x44) 939.093929ms ago: executing program 4 (id=8516): socket(0x1d, 0x2, 0x7) r0 = socket(0x2, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) getsockname$auto(0x3, &(0x7f0000000d00), &(0x7f0000000d40)=0x4) 898.610459ms ago: executing program 1 (id=8517): close_range$auto(0x2, 0xa, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket(0xa, 0x2, 0x88) setsockopt$auto(0x3, 0x0, 0x17, 0x0, 0x0) 842.176068ms ago: executing program 2 (id=8518): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00', 0x0}) r2 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001140), 0xffffffffffffffff) sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x24, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r1}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000011}, 0x810) 717.264451ms ago: executing program 4 (id=8519): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x6, 0x4, 0x0, 0xfb3) 676.765636ms ago: executing program 1 (id=8520): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) sendfile$auto(r0, r1, 0x0, 0x1000200) 531.266257ms ago: executing program 4 (id=8521): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x29, 0x2, 0x0) accept$auto(0x3, 0x0, 0x0) 497.530921ms ago: executing program 1 (id=8522): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mincore$auto(0x1000, 0x8001, 0x0) 473.886995ms ago: executing program 0 (id=8523): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/lapb5/name_assign_type\x00', 0x8a180, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) 473.01858ms ago: executing program 2 (id=8524): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x2c, r0, 0x13, 0x70bd2c, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x6}, @NL80211_ATTR_WIPHY_ANTENNA_RX={0x8, 0x6a, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) 343.936009ms ago: executing program 4 (id=8525): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @multicast}, 0x6a) ioctl$auto(0x3, 0x89e0, 0x38) 268.342275ms ago: executing program 1 (id=8526): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WOWLAN(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010028bd7000fedbdf257a00000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x2400c815}, 0x804) 242.728943ms ago: executing program 0 (id=8527): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) 112.097429ms ago: executing program 4 (id=8528): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000884) lstat$auto(0x0, &(0x7f0000000180)={0xe, 0x0, 0x18000, 0x1000, 0x0, 0x0, 0x0, 0xfa98, 0xfffffffffffffffd, 0x7fffffffffffffff, 0x8000000004, 0x7, 0x5, 0xfffffffffffffffe, 0x6, 0x8, 0xb}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 62.044521ms ago: executing program 1 (id=8529): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x4004743c, 0x0) 0s ago: executing program 0 (id=8530): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x0, 0x100, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x20) kernel console output (not intermixed with test programs): 946] __mm_populate+0x107/0x3a0 [ 581.143605][T22946] ? __pfx___mm_populate+0x10/0x10 [ 581.143633][T22946] ? up_write+0x290/0x4f0 [ 581.143666][T22946] vm_mmap_pgoff+0x37f/0x470 [ 581.143693][T22946] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 581.143718][T22946] ? do_futex+0x192/0x350 [ 581.143746][T22946] ? __pfx_do_futex+0x10/0x10 [ 581.143778][T22946] ksys_mmap_pgoff+0xe1/0x650 [ 581.143800][T22946] ? __x64_sys_futex+0x34f/0x4d0 [ 581.143826][T22946] ? __x64_sys_futex+0x358/0x4d0 [ 581.143858][T22946] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 581.143881][T22946] ? xfd_validate_state+0x129/0x190 [ 581.143917][T22946] __x64_sys_mmap+0x125/0x190 [ 581.143951][T22946] do_syscall_64+0x106/0xf80 [ 581.143981][T22946] ? clear_bhb_loop+0x40/0x90 [ 581.144007][T22946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.144029][T22946] RIP: 0033:0x7f783459c799 [ 581.144046][T22946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 581.144066][T22946] RSP: 002b:00007f78354df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 581.144085][T22946] RAX: ffffffffffffffda RBX: 00007f7834815fa0 RCX: 00007f783459c799 [ 581.144099][T22946] RDX: 00000000000000df RSI: 0000000000000005 RDI: 0000000000000000 [ 581.144111][T22946] RBP: 00007f7834632c99 R08: 0000000000000002 R09: 0000000000008000 [ 581.144124][T22946] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 581.144137][T22946] R13: 00007f7834816038 R14: 00007f7834815fa0 R15: 00007ffdb49ca728 [ 581.144164][T22946] [ 582.010131][T22934] memory+swap: usage 3276kB, limit 9007199254740988kB, failcnt 0 [ 582.017879][T22934] kmem: usage 1240kB, limit 9007199254740988kB, failcnt 0 [ 582.088991][T22934] Memory cgroup stats for /syz0: [ 582.089129][T22934] cache 0 [ 582.097660][T22934] rss 1662976 [ 582.137697][T22934] rss_huge 0 [ 582.147795][T22934] shmem 0 [ 582.157889][T22934] mapped_file 0 [ 582.178779][T22934] dirty 0 [ 582.181736][T22934] writeback 0 [ 582.208473][T22934] workingset_refault_anon 3759 [ 582.208486][T22934] workingset_refault_file 52399 [ 582.208495][T22934] swap 413696 [ 582.208502][T22934] swapcached 314236928 [ 582.208510][T22934] pgpgin 252447 [ 582.208518][T22934] pgpgout 264303 [ 582.208526][T22934] pgfault 254121 [ 582.208533][T22934] pgmajfault 2645 [ 582.208541][T22934] inactive_anon 1441792 [ 582.208549][T22934] active_anon 229376 [ 582.208557][T22934] inactive_file 0 [ 582.208565][T22934] active_file 0 [ 582.208573][T22934] unevictable 0 [ 582.208581][T22934] hierarchical_memory_limit 3145728 [ 582.208590][T22934] hierarchical_memsw_limit 9223372036854771712 [ 582.208619][T22934] total_cache 0 [ 582.208627][T22934] total_rss 1662976 [ 582.208635][T22934] total_rss_huge 0 [ 582.208642][T22934] total_shmem 0 [ 582.208650][T22934] total_mapped_file 0 [ 582.208658][T22934] total_dirty 0 [ 582.208666][T22934] total_writeback 0 [ 582.208674][T22934] total_workingset_refault_anon 3759 [ 582.208683][T22934] total_workingset_refault_file 52399 [ 582.208692][T22934] total_swap 413696 [ 582.208700][T22934] total_swapcached 314236928 [ 582.208709][T22934] total_pgpgin 252447 [ 582.208717][T22934] total_pgpgout 264303 [ 582.208725][T22934] total_pgfault 254121 [ 582.208733][T22934] total_pgmajfault 2645 [ 582.208742][T22934] total_inactive_anon 1441792 [ 582.208750][T22934] total_active_anon 229376 [ 582.208759][T22934] total_inactive_file 0 [ 582.208767][T22934] total_active_file 0 [ 582.208775][T22934] total_unevictable 0 [ 582.208783][T22934] anon_cost 616 [ 582.208790][T22934] file_cost 0 [ 582.208806][T22934] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8003,pid=22933,uid=0 [ 582.208912][T22934] Memory cgroup out of memory: Killed process 22933 (syz.0.8003) total-vm:108376kB, anon-rss:2864kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 582.210491][T22973] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8021'. [ 582.647095][T22977] syz.0.8022 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 582.647129][T22977] CPU: 0 UID: 0 PID: 22977 Comm: syz.0.8022 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 582.647162][T22977] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 582.647171][T22977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 582.647183][T22977] Call Trace: [ 582.647189][T22977] [ 582.647197][T22977] dump_stack_lvl+0x100/0x190 [ 582.647231][T22977] dump_header+0xfb/0x606 [ 582.647254][T22977] oom_kill_process.cold+0xd/0x330 [ 582.647279][T22977] out_of_memory+0x340/0x14f0 [ 582.647315][T22977] ? __pfx_out_of_memory+0x10/0x10 [ 582.647353][T22977] mem_cgroup_out_of_memory+0xc6/0x130 [ 582.647383][T22977] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 582.647410][T22977] ? find_held_lock+0x2b/0x80 [ 582.647434][T22977] ? do_raw_spin_unlock+0x145/0x1e0 [ 582.647465][T22977] ? _raw_spin_unlock+0x28/0x50 [ 582.647494][T22977] try_charge_memcg+0x652/0xc90 [ 582.647520][T22977] ? __pfx_try_charge_memcg+0x10/0x10 [ 582.647542][T22977] ? find_held_lock+0x2b/0x80 [ 582.647559][T22977] ? rcu_read_unlock+0x17/0x60 [ 582.647581][T22977] ? rcu_read_unlock+0x17/0x60 [ 582.647612][T22977] charge_memcg+0xa6/0x280 [ 582.647632][T22977] __mem_cgroup_charge+0x2b/0x1e0 [ 582.647659][T22977] do_anonymous_page+0xb62/0x1fb0 [ 582.647696][T22977] __handle_mm_fault+0x1d42/0x2b60 [ 582.647732][T22977] ? __pfx___handle_mm_fault+0x10/0x10 [ 582.647766][T22977] ? pte_offset_map_lock+0x174/0x320 [ 582.647787][T22977] ? find_held_lock+0x2b/0x80 [ 582.647813][T22977] ? follow_page_pte+0x5b3/0x1400 [ 582.647840][T22977] handle_mm_fault+0x36d/0xa20 [ 582.647873][T22977] __get_user_pages+0xf9c/0x34d0 [ 582.647904][T22977] ? __pfx___get_user_pages+0x10/0x10 [ 582.647933][T22977] populate_vma_page_range+0x267/0x3f0 [ 582.647959][T22977] ? __pfx_populate_vma_page_range+0x10/0x10 [ 582.647983][T22977] ? __pfx_find_vma_intersection+0x10/0x10 [ 582.648006][T22977] ? do_mmap+0x93f/0x12f0 [ 582.648030][T22977] __mm_populate+0x107/0x3a0 [ 582.648055][T22977] ? __pfx___mm_populate+0x10/0x10 [ 582.648081][T22977] ? up_write+0x290/0x4f0 [ 582.648113][T22977] vm_mmap_pgoff+0x37f/0x470 [ 582.648138][T22977] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 582.648161][T22977] ? irqentry_exit+0x180/0x670 [ 582.648189][T22977] ? lockdep_hardirqs_on+0x78/0x100 [ 582.648225][T22977] ksys_mmap_pgoff+0xe1/0x650 [ 582.648246][T22977] ? kcov_ioctl+0x16a/0x720 [ 582.648263][T22977] ? kfree+0x2ec/0x6b0 [ 582.648287][T22977] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 582.648307][T22977] ? _raw_spin_unlock_irqrestore+0x31/0x80 [ 582.648340][T22977] __x64_sys_mmap+0x125/0x190 [ 582.648375][T22977] do_syscall_64+0x106/0xf80 [ 582.648402][T22977] ? clear_bhb_loop+0x40/0x90 [ 582.648427][T22977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.648448][T22977] RIP: 0033:0x7f549259c799 [ 582.648463][T22977] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 582.648483][T22977] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 582.648502][T22977] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 582.648516][T22977] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 582.648528][T22977] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 582.648541][T22977] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 582.648553][T22977] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 582.648579][T22977] [ 582.666872][T22977] memory: usage 3072kB, limit 3072kB, failcnt 139065 [ 582.666889][T22977] memory+swap: usage 3428kB, limit 9007199254740988kB, failcnt 0 [ 582.666903][T22977] kmem: usage 1408kB, limit 9007199254740988kB, failcnt 0 [ 582.666916][T22977] Memory cgroup stats for /syz0: [ 582.667039][T22977] cache 0 [ 582.667048][T22977] rss 1703936 [ 582.667056][T22977] rss_huge 0 [ 582.667063][T22977] shmem 0 [ 582.667070][T22977] mapped_file 0 [ 582.667078][T22977] dirty 0 [ 582.667085][T22977] writeback 0 [ 582.667092][T22977] workingset_refault_anon 3775 [ 582.667101][T22977] workingset_refault_file 52399 [ 582.667110][T22977] swap 364544 [ 582.667117][T22977] swapcached 314408960 [ 582.667125][T22977] pgpgin 252928 [ 582.667133][T22977] pgpgout 264776 [ 582.667140][T22977] pgfault 254628 [ 582.667148][T22977] pgmajfault 2654 [ 582.667156][T22977] inactive_anon 0 [ 582.667164][T22977] active_anon 1703936 [ 582.667172][T22977] inactive_file 0 [ 582.667179][T22977] active_file 0 [ 582.667186][T22977] unevictable 0 [ 582.667194][T22977] hierarchical_memory_limit 3145728 [ 582.667203][T22977] hierarchical_memsw_limit 9223372036854771712 [ 582.667212][T22977] total_cache 0 [ 582.667219][T22977] total_rss 1703936 [ 582.667227][T22977] total_rss_huge 0 [ 582.667235][T22977] total_shmem 0 [ 582.667242][T22977] total_mapped_file 0 [ 582.667250][T22977] total_dirty 0 [ 582.667257][T22977] total_writeback 0 [ 582.667265][T22977] total_workingset_refault_anon 3775 [ 582.667274][T22977] total_workingset_refault_file 52399 [ 582.667283][T22977] total_swap 364544 [ 582.667290][T22977] total_swapcached 314408960 [ 582.667299][T22977] total_pgpgin 252928 [ 582.667306][T22977] total_pgpgout 264776 [ 582.667314][T22977] total_pgfault 254628 [ 582.667323][T22977] total_pgmajfault 2654 [ 582.667331][T22977] total_inactive_anon 0 [ 582.667338][T22977] total_active_anon 1703936 [ 582.667347][T22977] total_inactive_file 0 [ 582.667354][T22977] total_active_file 0 [ 582.667362][T22977] total_unevictable 0 [ 582.667370][T22977] anon_cost 88 [ 582.667377][T22977] file_cost 0 [ 582.667385][T22977] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8022,pid=22976,uid=0 [ 582.667484][T22977] Memory cgroup out of memory: Killed process 22976 (syz.0.8022) total-vm:108376kB, anon-rss:2904kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 584.536911][T23004] FAULT_INJECTION: forcing a failure. [ 584.536911][T23004] name failslab, interval 1, probability 0, space 0, times 0 [ 584.536946][T23004] CPU: 0 UID: 0 PID: 23004 Comm: syz.0.8035 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 584.536980][T23004] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 584.536990][T23004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 584.537002][T23004] Call Trace: [ 584.537008][T23004] [ 584.537015][T23004] dump_stack_lvl+0x100/0x190 [ 584.537052][T23004] should_fail_ex.cold+0x5/0xa [ 584.537076][T23004] should_failslab+0xc2/0x120 [ 584.537099][T23004] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 584.537131][T23004] ? sk_prot_alloc+0x60/0x2a0 [ 584.537150][T23004] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 584.537181][T23004] ? security_inode_alloc+0x3b/0x2c0 [ 584.537205][T23004] sk_prot_alloc+0x60/0x2a0 [ 584.537226][T23004] sk_alloc+0x36/0xe80 [ 584.537254][T23004] __vsock_create.constprop.0+0x3c/0xba0 [ 584.537349][T23004] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 584.537387][T23004] vsock_create+0x126/0x510 [ 584.537416][T23004] __sock_create+0x339/0x860 [ 584.537442][T23004] __sys_socket+0x14d/0x260 [ 584.537465][T23004] ? __pfx___sys_socket+0x10/0x10 [ 584.537496][T23004] __x64_sys_socket+0x72/0xb0 [ 584.537518][T23004] ? lockdep_hardirqs_on+0x78/0x100 [ 584.537547][T23004] do_syscall_64+0x106/0xf80 [ 584.537576][T23004] ? clear_bhb_loop+0x40/0x90 [ 584.537611][T23004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.537633][T23004] RIP: 0033:0x7f549259c799 [ 584.537651][T23004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 584.537671][T23004] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 584.537690][T23004] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 584.537704][T23004] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000028 [ 584.537717][T23004] RBP: 00007f5492632c99 R08: 0000000000000000 R09: 0000000000000000 [ 584.537729][T23004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.537742][T23004] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 584.537768][T23004] [ 585.298732][T22985] Bluetooth: hci2: command 0x0406 tx timeout [ 590.498864][T23112] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8083'. [ 591.304992][T23140] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8097'. [ 592.003271][T12497] Bluetooth: hci0: Malformed HCI Event [ 592.215134][T23167] syz.0.8109 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 592.265102][T23167] CPU: 0 UID: 0 PID: 23167 Comm: syz.0.8109 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 592.265138][T23167] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 592.265147][T23167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 592.265159][T23167] Call Trace: [ 592.265165][T23167] [ 592.265172][T23167] dump_stack_lvl+0x100/0x190 [ 592.265207][T23167] dump_header+0xfb/0x606 [ 592.265230][T23167] oom_kill_process.cold+0xd/0x330 [ 592.265255][T23167] out_of_memory+0x340/0x14f0 [ 592.265291][T23167] ? __pfx_out_of_memory+0x10/0x10 [ 592.265329][T23167] mem_cgroup_out_of_memory+0xc6/0x130 [ 592.265358][T23167] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 592.265386][T23167] ? find_held_lock+0x2b/0x80 [ 592.265410][T23167] ? do_raw_spin_unlock+0x145/0x1e0 [ 592.265442][T23167] ? _raw_spin_unlock+0x28/0x50 [ 592.265470][T23167] try_charge_memcg+0x652/0xc90 [ 592.265497][T23167] ? __pfx_try_charge_memcg+0x10/0x10 [ 592.265519][T23167] ? find_held_lock+0x2b/0x80 [ 592.265537][T23167] ? rcu_read_unlock+0x17/0x60 [ 592.265558][T23167] ? rcu_read_unlock+0x17/0x60 [ 592.265588][T23167] charge_memcg+0xa6/0x280 [ 592.265610][T23167] __mem_cgroup_charge+0x2b/0x1e0 [ 592.265636][T23167] do_anonymous_page+0xb62/0x1fb0 [ 592.265673][T23167] __handle_mm_fault+0x1d42/0x2b60 [ 592.265708][T23167] ? __pfx___handle_mm_fault+0x10/0x10 [ 592.265738][T23167] ? pte_offset_map_lock+0x174/0x320 [ 592.265759][T23167] ? find_held_lock+0x2b/0x80 [ 592.265785][T23167] ? follow_page_pte+0x5b3/0x1400 [ 592.265813][T23167] handle_mm_fault+0x36d/0xa20 [ 592.265846][T23167] __get_user_pages+0xf9c/0x34d0 [ 592.265878][T23167] ? __pfx___get_user_pages+0x10/0x10 [ 592.265909][T23167] populate_vma_page_range+0x267/0x3f0 [ 592.265936][T23167] ? __pfx_populate_vma_page_range+0x10/0x10 [ 592.265961][T23167] ? __pfx_find_vma_intersection+0x10/0x10 [ 592.265985][T23167] ? do_mmap+0x93f/0x12f0 [ 592.266010][T23167] __mm_populate+0x107/0x3a0 [ 592.266041][T23167] ? __pfx___mm_populate+0x10/0x10 [ 592.266067][T23167] ? up_write+0x290/0x4f0 [ 592.266099][T23167] vm_mmap_pgoff+0x37f/0x470 [ 592.266127][T23167] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 592.266161][T23167] ksys_mmap_pgoff+0xe1/0x650 [ 592.266184][T23167] ? kcov_ioctl+0x16a/0x720 [ 592.266200][T23167] ? kfree+0x2ec/0x6b0 [ 592.266225][T23167] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 592.266246][T23167] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 592.266280][T23167] __x64_sys_mmap+0x125/0x190 [ 592.266314][T23167] do_syscall_64+0x106/0xf80 [ 592.266342][T23167] ? clear_bhb_loop+0x40/0x90 [ 592.266367][T23167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.266388][T23167] RIP: 0033:0x7f549259c799 [ 592.266405][T23167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 592.266425][T23167] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 592.266445][T23167] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 592.266459][T23167] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 592.266472][T23167] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 592.266485][T23167] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 592.266498][T23167] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 592.266524][T23167] [ 592.597788][T23167] memory: usage 3072kB, limit 3072kB, failcnt 139196 [ 592.605466][T23167] memory+swap: usage 3484kB, limit 9007199254740988kB, failcnt 0 [ 592.613260][T23167] kmem: usage 1236kB, limit 9007199254740988kB, failcnt 0 [ 592.620384][T23167] Memory cgroup stats for /syz0: [ 592.620522][T23167] cache 0 [ 592.628446][T23167] rss 1880064 [ 592.631728][T23167] rss_huge 0 [ 592.634916][T23167] shmem 0 [ 592.638539][T23167] mapped_file 0 [ 592.642015][T23167] dirty 0 [ 592.644942][T23167] writeback 0 [ 592.648216][T23167] workingset_refault_anon 3793 [ 592.653034][T23167] workingset_refault_file 52399 [ 592.657876][T23167] swap 421888 [ 592.661285][T23167] swapcached 314662912 [ 592.665385][T23167] pgpgin 254387 [ 592.668886][T23167] pgpgout 266192 [ 592.672432][T23167] pgfault 257801 [ 592.676006][T23167] pgmajfault 2664 [ 592.679685][T23167] inactive_anon 0 [ 592.683339][T23167] active_anon 1880064 [ 592.687346][T23167] inactive_file 0 [ 592.691985][T23167] active_file 0 [ 592.695447][T23167] unevictable 0 [ 592.698986][T23167] hierarchical_memory_limit 3145728 [ 592.704495][T23167] hierarchical_memsw_limit 9223372036854771712 [ 592.710758][T23167] total_cache 0 [ 592.714209][T23167] total_rss 1880064 [ 592.718064][T23167] total_rss_huge 0 [ 592.721863][T23167] total_shmem 0 [ 592.725314][T23167] total_mapped_file 0 [ 592.729327][T23167] total_dirty 0 [ 592.732822][T23167] total_writeback 0 [ 592.736619][T23167] total_workingset_refault_anon 3793 [ 592.742629][T23167] total_workingset_refault_file 52399 [ 592.748040][T23167] total_swap 421888 [ 592.751869][T23167] total_swapcached 314662912 [ 592.756462][T23167] total_pgpgin 254387 [ 592.760482][T23167] total_pgpgout 266192 [ 592.764541][T23167] total_pgfault 257801 [ 592.768629][T23167] total_pgmajfault 2664 [ 592.772809][T23167] total_inactive_anon 0 [ 592.776953][T23167] total_active_anon 1880064 [ 592.781476][T23167] total_inactive_file 0 [ 592.785655][T23167] total_active_file 0 [ 592.789677][T23167] total_unevictable 0 [ 592.794616][T23167] anon_cost 14 [ 592.798029][T23167] file_cost 0 [ 592.801326][T23167] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8109,pid=23166,uid=0 [ 592.816256][T23167] Memory cgroup out of memory: Killed process 23166 (syz.0.8109) total-vm:108376kB, anon-rss:3076kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 596.423749][T23267] netlink: 186 bytes leftover after parsing attributes in process `syz.2.8151'. [ 596.822352][T23281] random: crng reseeded on system resumption [ 597.510979][T23294] FAULT_INJECTION: forcing a failure. [ 597.510979][T23294] name failslab, interval 1, probability 0, space 0, times 0 [ 597.595484][T23294] CPU: 0 UID: 0 PID: 23294 Comm: syz.4.8161 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 597.595526][T23294] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 597.595536][T23294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 597.595549][T23294] Call Trace: [ 597.595556][T23294] [ 597.595564][T23294] dump_stack_lvl+0x100/0x190 [ 597.595607][T23294] should_fail_ex.cold+0x5/0xa [ 597.595632][T23294] should_failslab+0xc2/0x120 [ 597.595656][T23294] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 597.595689][T23294] ? alloc_empty_file+0x55/0x1c0 [ 597.595722][T23294] alloc_empty_file+0x55/0x1c0 [ 597.595750][T23294] alloc_file_pseudo+0x13a/0x230 [ 597.595779][T23294] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 597.595808][T23294] ? _raw_spin_unlock+0x28/0x50 [ 597.595835][T23294] ? alloc_fd+0x476/0x790 [ 597.595858][T23294] __anon_inode_getfile+0xe8/0x280 [ 597.595887][T23294] do_epoll_create+0x329/0x4b0 [ 597.595909][T23294] __x64_sys_epoll_create+0x45/0x70 [ 597.595933][T23294] do_syscall_64+0x106/0xf80 [ 597.595963][T23294] ? clear_bhb_loop+0x40/0x90 [ 597.595989][T23294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.596011][T23294] RIP: 0033:0x7f783459c799 [ 597.596028][T23294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 597.596049][T23294] RSP: 002b:00007f78354df028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 597.596070][T23294] RAX: ffffffffffffffda RBX: 00007f7834815fa0 RCX: 00007f783459c799 [ 597.596085][T23294] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000003e [ 597.596098][T23294] RBP: 00007f7834632c99 R08: 0000000000000000 R09: 0000000000000000 [ 597.596112][T23294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 597.596125][T23294] R13: 00007f7834816038 R14: 00007f7834815fa0 R15: 00007ffdb49ca728 [ 597.596151][T23294] [ 599.590103][T23318] random: crng reseeded on system resumption [ 599.921265][T23331] bridge0: port 5(batadv0) entered blocking state [ 599.983638][T23331] bridge0: port 5(batadv0) entered disabled state [ 600.016041][T23331] batadv0: entered allmulticast mode [ 600.078707][T23331] batadv0: entered promiscuous mode [ 600.100215][T23331] bridge0: port 5(batadv0) entered blocking state [ 600.106742][T23331] bridge0: port 5(batadv0) entered forwarding state [ 600.210726][T13129] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 600.220868][T13129] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 600.711290][T23343] syz.0.8184 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 600.751670][T23343] CPU: 0 UID: 0 PID: 23343 Comm: syz.0.8184 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 600.751706][T23343] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 600.751716][T23343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 600.751729][T23343] Call Trace: [ 600.751736][T23343] [ 600.751744][T23343] dump_stack_lvl+0x100/0x190 [ 600.751780][T23343] dump_header+0xfb/0x606 [ 600.751804][T23343] oom_kill_process.cold+0xd/0x330 [ 600.751829][T23343] out_of_memory+0x340/0x14f0 [ 600.751866][T23343] ? __pfx_out_of_memory+0x10/0x10 [ 600.751905][T23343] mem_cgroup_out_of_memory+0xc6/0x130 [ 600.751934][T23343] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 600.751963][T23343] ? find_held_lock+0x2b/0x80 [ 600.751988][T23343] ? do_raw_spin_unlock+0x145/0x1e0 [ 600.752020][T23343] ? _raw_spin_unlock+0x28/0x50 [ 600.752049][T23343] try_charge_memcg+0x652/0xc90 [ 600.752077][T23343] ? __pfx_try_charge_memcg+0x10/0x10 [ 600.752099][T23343] ? find_held_lock+0x2b/0x80 [ 600.752117][T23343] ? rcu_read_unlock+0x17/0x60 [ 600.752140][T23343] ? rcu_read_unlock+0x17/0x60 [ 600.752170][T23343] charge_memcg+0xa6/0x280 [ 600.752192][T23343] __mem_cgroup_charge+0x2b/0x1e0 [ 600.752219][T23343] do_anonymous_page+0xb62/0x1fb0 [ 600.752257][T23343] __handle_mm_fault+0x1d42/0x2b60 [ 600.752292][T23343] ? __pfx___handle_mm_fault+0x10/0x10 [ 600.752323][T23343] ? pte_offset_map_lock+0x174/0x320 [ 600.752345][T23343] ? find_held_lock+0x2b/0x80 [ 600.752377][T23343] ? follow_page_pte+0x5b3/0x1400 [ 600.752405][T23343] handle_mm_fault+0x36d/0xa20 [ 600.752438][T23343] __get_user_pages+0xf9c/0x34d0 [ 600.752470][T23343] ? __pfx___get_user_pages+0x10/0x10 [ 600.752501][T23343] populate_vma_page_range+0x267/0x3f0 [ 600.752527][T23343] ? __pfx_populate_vma_page_range+0x10/0x10 [ 600.752552][T23343] ? __pfx_find_vma_intersection+0x10/0x10 [ 600.752576][T23343] ? do_mmap+0x93f/0x12f0 [ 600.752601][T23343] __mm_populate+0x107/0x3a0 [ 600.752626][T23343] ? __pfx___mm_populate+0x10/0x10 [ 600.752653][T23343] ? up_write+0x290/0x4f0 [ 600.752685][T23343] vm_mmap_pgoff+0x37f/0x470 [ 600.752711][T23343] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 600.752746][T23343] ksys_mmap_pgoff+0xe1/0x650 [ 600.752768][T23343] ? kcov_ioctl+0x16a/0x720 [ 600.752785][T23343] ? kfree+0x2ec/0x6b0 [ 600.752810][T23343] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 600.752831][T23343] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 600.752864][T23343] __x64_sys_mmap+0x125/0x190 [ 600.752898][T23343] do_syscall_64+0x106/0xf80 [ 600.752925][T23343] ? clear_bhb_loop+0x40/0x90 [ 600.752950][T23343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.752971][T23343] RIP: 0033:0x7f549259c799 [ 600.752988][T23343] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 600.753008][T23343] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 600.753027][T23343] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 600.753041][T23343] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 600.753054][T23343] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 600.753067][T23343] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 600.753080][T23343] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 600.753106][T23343] [ 600.753114][T23343] memory: usage 3072kB, limit 3072kB, failcnt 140210 [ 601.747431][T23359] bridge0: port 4(batadv0) entered blocking state [ 601.811052][T23359] bridge0: port 4(batadv0) entered disabled state [ 601.861382][T23359] batadv0: entered allmulticast mode [ 601.892658][T23359] batadv0: entered promiscuous mode [ 601.935991][T23359] bridge0: port 4(batadv0) entered blocking state [ 601.942524][T23359] bridge0: port 4(batadv0) entered forwarding state [ 602.118887][T13129] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 602.128117][T13129] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 602.228462][T23343] memory+swap: usage 3448kB, limit 9007199254740988kB, failcnt 0 [ 602.236199][T23343] kmem: usage 1396kB, limit 9007199254740988kB, failcnt 0 [ 602.298689][T23343] Memory cgroup stats for /syz0: [ 602.298821][T23343] cache 0 [ 602.306681][T23343] rss 1712128 [ 602.329130][T23343] rss_huge 0 [ 602.332834][T23343] shmem 0 [ 602.356920][T23343] mapped_file 0 [ 602.363184][T23343] dirty 0 [ 602.382357][T23343] writeback 0 [ 602.385647][T23343] workingset_refault_anon 3919 [ 602.403647][T23343] workingset_refault_file 52399 [ 602.412121][T23371] FAULT_INJECTION: forcing a failure. [ 602.412121][T23371] name failslab, interval 1, probability 0, space 0, times 0 [ 602.438429][T23343] swap 385024 [ 602.441768][T23343] swapcached 324845568 [ 602.445834][T23343] pgpgin 258099 [ 602.478443][T23343] pgpgout 269945 [ 602.482006][T23343] pgfault 263371 [ 602.485544][T23343] pgmajfault 2755 [ 602.538711][T23343] inactive_anon 0 [ 602.542384][T23343] active_anon 1712128 [ 602.546403][T23343] inactive_file 0 [ 602.551212][T23373] sd 0:0:1:0: PR command failed: 1026 [ 602.556624][T23373] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 602.589281][T23343] active_file 0 [ 602.594873][T23371] CPU: 0 UID: 0 PID: 23371 Comm: syz.2.8195 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 602.594911][T23371] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 602.594922][T23371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 602.594936][T23371] Call Trace: [ 602.594943][T23371] [ 602.594951][T23371] dump_stack_lvl+0x100/0x190 [ 602.594988][T23371] should_fail_ex.cold+0x5/0xa [ 602.595014][T23371] should_failslab+0xc2/0x120 [ 602.595036][T23371] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 602.595069][T23371] ? ptlock_alloc+0x1f/0x70 [ 602.595102][T23371] ptlock_alloc+0x1f/0x70 [ 602.595131][T23371] pte_alloc_one+0x82/0x3d0 [ 602.595155][T23371] do_fault+0x88e/0x1990 [ 602.595179][T23371] ? __pmd_alloc+0x3fb/0x950 [ 602.595218][T23371] __handle_mm_fault+0x180f/0x2b60 [ 602.595272][T23371] ? mt_find+0x45e/0x8e0 [ 602.595312][T23371] ? __pfx___handle_mm_fault+0x10/0x10 [ 602.595345][T23371] ? __pfx_mt_find+0x10/0x10 [ 602.595399][T23371] ? find_vma+0xbf/0x140 [ 602.595422][T23371] ? __pfx_find_vma+0x10/0x10 [ 602.595449][T23371] handle_mm_fault+0x36d/0xa20 [ 602.595490][T23371] do_user_addr_fault+0x74c/0x12f0 [ 602.595539][T23371] exc_page_fault+0x6f/0xd0 [ 602.595575][T23371] asm_exc_page_fault+0x26/0x30 [ 602.595601][T23371] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 602.595631][T23371] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 602.595656][T23371] RSP: 0018:ffffc900057dfd90 EFLAGS: 00050216 [ 602.595676][T23371] RAX: 0000000000000001 RBX: 0000000000001298 RCX: 0000000000000020 [ 602.595692][T23371] RDX: 0000000000000001 RSI: 0000000000001298 RDI: ffffc900057dfe30 [ 602.595708][T23371] RBP: 0000000000000020 R08: 0000000000000001 R09: fffff52000afbfc9 [ 602.595724][T23371] R10: ffffc900057dfe4f R11: 0000000000000000 R12: 0000000000000000 [ 602.595740][T23371] R13: ffffc900057dfe30 R14: ffffc900057dfe30 R15: dffffc0000000000 [ 602.595771][T23371] _copy_from_user+0x98/0xd0 [ 602.595804][T23371] do_fcntl+0xf0c/0x1670 [ 602.595838][T23371] ? __pfx_do_fcntl+0x10/0x10 [ 602.595869][T23371] ? __fget_files+0x215/0x3d0 [ 602.595903][T23371] ? tomoyo_file_fcntl+0x6c/0xc0 [ 602.596027][T23371] __x64_sys_fcntl+0x163/0x200 [ 602.596065][T23371] do_syscall_64+0x106/0xf80 [ 602.596100][T23371] ? clear_bhb_loop+0x40/0x90 [ 602.596131][T23371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 602.596157][T23371] RIP: 0033:0x7fcb30f9c799 [ 602.596177][T23371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 602.596208][T23371] RSP: 002b:00007fcb31d8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 602.596231][T23371] RAX: ffffffffffffffda RBX: 00007fcb31215fa0 RCX: 00007fcb30f9c799 [ 602.596248][T23371] RDX: 0000000000001298 RSI: 0000000000000026 RDI: 0000000000000003 [ 602.596263][T23371] RBP: 00007fcb31032c99 R08: 0000000000000000 R09: 0000000000000000 [ 602.596279][T23371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 602.596295][T23371] R13: 00007fcb31216038 R14: 00007fcb31215fa0 R15: 00007fffb2716d18 [ 602.596327][T23371] [ 602.596428][T23373] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 602.940622][T23343] unevictable 0 [ 602.944182][T23343] hierarchical_memory_limit 3145728 [ 602.967351][T23343] hierarchical_memsw_limit 9223372036854771712 [ 602.993827][T23343] total_cache 0 [ 602.997293][T23343] total_rss 1712128 [ 603.011315][T23343] total_rss_huge 0 [ 603.015042][T23343] total_shmem 0 [ 603.038641][T23343] total_mapped_file 0 [ 603.058489][T23343] total_dirty 0 [ 603.061981][T23343] total_writeback 0 [ 603.065918][T23343] total_workingset_refault_anon 3919 [ 603.094200][T23343] total_workingset_refault_file 52399 [ 603.106678][T23343] total_swap 385024 [ 603.128501][T23343] total_swapcached 324845568 [ 603.133124][T23343] total_pgpgin 258099 [ 603.138127][T23343] total_pgpgout 269945 [ 603.164074][T23343] total_pgfault 263371 [ 603.168153][T23343] total_pgmajfault 2755 [ 603.200967][T23343] total_inactive_anon 0 [ 603.205348][T23343] total_active_anon 1712128 [ 603.238515][T23343] total_inactive_file 0 [ 603.242927][T23343] total_active_file 0 [ 603.246981][T23343] total_unevictable 0 [ 603.288332][T23343] anon_cost 23 [ 603.291850][T23343] file_cost 0 [ 603.295133][T23343] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8184,pid=23341,uid=0 [ 603.365087][T23343] Memory cgroup out of memory: Killed process 23341 (syz.0.8184) total-vm:106328kB, anon-rss:2912kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 603.494235][T23377] NFSD: Failed to start, no listeners configured. [ 604.513665][T23399] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8209'. [ 604.788612][T23404] FAULT_INJECTION: forcing a failure. [ 604.788612][T23404] name failslab, interval 1, probability 0, space 0, times 0 [ 604.839719][T23404] CPU: 0 UID: 0 PID: 23404 Comm: syz.0.8212 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 604.839760][T23404] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 604.839771][T23404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 604.839785][T23404] Call Trace: [ 604.839792][T23404] [ 604.839801][T23404] dump_stack_lvl+0x100/0x190 [ 604.839840][T23404] should_fail_ex.cold+0x5/0xa [ 604.839867][T23404] should_failslab+0xc2/0x120 [ 604.839891][T23404] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 604.839925][T23404] ? mas_alloc_nodes+0x280/0x390 [ 604.839959][T23404] mas_alloc_nodes+0x280/0x390 [ 604.839988][T23404] mas_preallocate+0x39c/0xf10 [ 604.840024][T23404] ? __pfx_mas_preallocate+0x10/0x10 [ 604.840069][T23404] ? vm_area_alloc+0x1f/0x160 [ 604.840100][T23404] ? lockdep_init_map_type+0x5c/0x250 [ 604.840133][T23404] __mmap_region+0x12b5/0x29e0 [ 604.840169][T23404] ? __pfx___mmap_region+0x10/0x10 [ 604.840206][T23404] ? set_next_entity+0x11e/0x9c0 [ 604.840241][T23404] ? __lock_acquire+0x4a5/0x2630 [ 604.840279][T23404] ? find_held_lock+0x2b/0x80 [ 604.840298][T23404] ? finish_task_switch.isra.0+0x200/0xb80 [ 604.840322][T23404] ? finish_task_switch.isra.0+0x200/0xb80 [ 604.840355][T23404] ? trace_sched_exit_tp+0x13a/0x180 [ 604.840381][T23404] ? __schedule+0x1000/0x6120 [ 604.840440][T23404] ? rcu_is_watching+0x12/0xc0 [ 604.840473][T23404] ? cap_capable+0x107/0x460 [ 604.840513][T23404] mmap_region+0x180/0x3e0 [ 604.840550][T23404] do_mmap+0xc63/0x12f0 [ 604.840578][T23404] ? __pfx_do_mmap+0x10/0x10 [ 604.840602][T23404] ? __pfx_down_write_killable+0x10/0x10 [ 604.840642][T23404] vm_mmap_pgoff+0x29e/0x470 [ 604.840671][T23404] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 604.840697][T23404] ? do_futex+0x192/0x350 [ 604.840729][T23404] ? __pfx_do_futex+0x10/0x10 [ 604.840761][T23404] ksys_mmap_pgoff+0xe1/0x650 [ 604.840784][T23404] ? __x64_sys_futex+0x34f/0x4d0 [ 604.840810][T23404] ? __x64_sys_futex+0x358/0x4d0 [ 604.840839][T23404] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 604.840861][T23404] ? xfd_validate_state+0x129/0x190 [ 604.840898][T23404] __x64_sys_mmap+0x125/0x190 [ 604.840933][T23404] do_syscall_64+0x106/0xf80 [ 604.840962][T23404] ? clear_bhb_loop+0x40/0x90 [ 604.840989][T23404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.841011][T23404] RIP: 0033:0x7f549259c799 [ 604.841033][T23404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.841054][T23404] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 604.841075][T23404] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 604.841090][T23404] RDX: 00000000000000df RSI: 0000000004020009 RDI: 0000000000000000 [ 604.841104][T23404] RBP: 00007f5492632c99 R08: 0000000000000401 R09: 0000000000008000 [ 604.841118][T23404] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 604.841131][T23404] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 604.841158][T23404] [ 605.565966][T23410] sd 0:0:1:0: PR command failed: 1026 [ 605.582823][T23410] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 605.609191][T23410] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 605.847892][T23419] FAULT_INJECTION: forcing a failure. [ 605.847892][T23419] name failslab, interval 1, probability 0, space 0, times 0 [ 605.921046][T23419] CPU: 0 UID: 0 PID: 23419 Comm: syz.4.8218 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 605.921086][T23419] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 605.921096][T23419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 605.921110][T23419] Call Trace: [ 605.921117][T23419] [ 605.921125][T23419] dump_stack_lvl+0x100/0x190 [ 605.921163][T23419] should_fail_ex.cold+0x5/0xa [ 605.921187][T23419] ? sk_prot_alloc+0x10b/0x2a0 [ 605.921209][T23419] should_failslab+0xc2/0x120 [ 605.921232][T23419] __kmalloc_noprof+0xe0/0x850 [ 605.921270][T23419] sk_prot_alloc+0x10b/0x2a0 [ 605.921292][T23419] sk_alloc+0x36/0xe80 [ 605.921321][T23419] xsk_create+0x117/0x760 [ 605.921404][T23419] __sock_create+0x339/0x860 [ 605.921432][T23419] __sys_socket+0x14d/0x260 [ 605.921456][T23419] ? __pfx___sys_socket+0x10/0x10 [ 605.921487][T23419] __x64_sys_socket+0x72/0xb0 [ 605.921510][T23419] ? lockdep_hardirqs_on+0x78/0x100 [ 605.921541][T23419] do_syscall_64+0x106/0xf80 [ 605.921570][T23419] ? clear_bhb_loop+0x40/0x90 [ 605.921597][T23419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.921619][T23419] RIP: 0033:0x7f783459c799 [ 605.921636][T23419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 605.921657][T23419] RSP: 002b:00007f78354df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 605.921678][T23419] RAX: ffffffffffffffda RBX: 00007f7834815fa0 RCX: 00007f783459c799 [ 605.921693][T23419] RDX: 0000000000000000 RSI: 0000000000080003 RDI: 000000000000002c [ 605.921706][T23419] RBP: 00007f7834632c99 R08: 0000000000000000 R09: 0000000000000000 [ 605.921720][T23419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.921733][T23419] R13: 00007f7834816038 R14: 00007f7834815fa0 R15: 00007ffdb49ca728 [ 605.921760][T23419] [ 607.501141][T23443] syz.0.8227 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 607.571526][T23443] CPU: 0 UID: 0 PID: 23443 Comm: syz.0.8227 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 607.571562][T23443] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 607.571572][T23443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 607.571585][T23443] Call Trace: [ 607.571592][T23443] [ 607.571600][T23443] dump_stack_lvl+0x100/0x190 [ 607.571635][T23443] dump_header+0xfb/0x606 [ 607.571660][T23443] oom_kill_process.cold+0xd/0x330 [ 607.571685][T23443] out_of_memory+0x340/0x14f0 [ 607.571722][T23443] ? __pfx_out_of_memory+0x10/0x10 [ 607.571760][T23443] mem_cgroup_out_of_memory+0xc6/0x130 [ 607.571791][T23443] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 607.571826][T23443] ? find_held_lock+0x2b/0x80 [ 607.571850][T23443] ? do_raw_spin_unlock+0x145/0x1e0 [ 607.571881][T23443] ? _raw_spin_unlock+0x28/0x50 [ 607.571910][T23443] try_charge_memcg+0x652/0xc90 [ 607.571936][T23443] ? __pfx_try_charge_memcg+0x10/0x10 [ 607.571958][T23443] ? find_held_lock+0x2b/0x80 [ 607.571976][T23443] ? rcu_read_unlock+0x17/0x60 [ 607.571998][T23443] ? rcu_read_unlock+0x17/0x60 [ 607.572029][T23443] charge_memcg+0xa6/0x280 [ 607.572050][T23443] __mem_cgroup_charge+0x2b/0x1e0 [ 607.572077][T23443] do_anonymous_page+0xb62/0x1fb0 [ 607.572114][T23443] __handle_mm_fault+0x1d42/0x2b60 [ 607.572149][T23443] ? __pfx___handle_mm_fault+0x10/0x10 [ 607.572178][T23443] ? pte_offset_map_lock+0x174/0x320 [ 607.572200][T23443] ? find_held_lock+0x2b/0x80 [ 607.572227][T23443] ? follow_page_pte+0x5b3/0x1400 [ 607.572255][T23443] handle_mm_fault+0x36d/0xa20 [ 607.572287][T23443] __get_user_pages+0xf9c/0x34d0 [ 607.572319][T23443] ? __pfx___get_user_pages+0x10/0x10 [ 607.572350][T23443] populate_vma_page_range+0x267/0x3f0 [ 607.572376][T23443] ? __pfx_populate_vma_page_range+0x10/0x10 [ 607.572401][T23443] ? __pfx_find_vma_intersection+0x10/0x10 [ 607.572424][T23443] ? do_mmap+0x93f/0x12f0 [ 607.572448][T23443] __mm_populate+0x107/0x3a0 [ 607.572473][T23443] ? __pfx___mm_populate+0x10/0x10 [ 607.572499][T23443] ? up_write+0x290/0x4f0 [ 607.572532][T23443] vm_mmap_pgoff+0x37f/0x470 [ 607.572558][T23443] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 607.572592][T23443] ksys_mmap_pgoff+0xe1/0x650 [ 607.572614][T23443] ? kcov_ioctl+0x16a/0x720 [ 607.572632][T23443] ? kfree+0x2ec/0x6b0 [ 607.572657][T23443] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 607.572677][T23443] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 607.572711][T23443] __x64_sys_mmap+0x125/0x190 [ 607.572745][T23443] do_syscall_64+0x106/0xf80 [ 607.572773][T23443] ? clear_bhb_loop+0x40/0x90 [ 607.572798][T23443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.572823][T23443] RIP: 0033:0x7f549259c799 [ 607.572839][T23443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 607.572860][T23443] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 607.572880][T23443] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 607.572894][T23443] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 607.572907][T23443] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 607.572921][T23443] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 607.572933][T23443] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 607.572960][T23443] [ 607.572968][T23443] memory: usage 3072kB, limit 3072kB, failcnt 140394 [ 608.558017][T23469] FAULT_INJECTION: forcing a failure. [ 608.558017][T23469] name failslab, interval 1, probability 0, space 0, times 0 [ 608.612146][T23469] CPU: 0 UID: 0 PID: 23469 Comm: syz.4.8242 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 608.612185][T23469] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 608.612196][T23469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 608.612210][T23469] Call Trace: [ 608.612217][T23469] [ 608.612225][T23469] dump_stack_lvl+0x100/0x190 [ 608.612262][T23469] should_fail_ex.cold+0x5/0xa [ 608.612288][T23469] should_failslab+0xc2/0x120 [ 608.612311][T23469] __kmalloc_cache_noprof+0x7a/0x6f0 [ 608.612340][T23469] ? sctp_endpoint_new+0xfc/0xb20 [ 608.612452][T23469] ? __debug_object_init+0x2de/0x3d0 [ 608.612493][T23469] sctp_endpoint_new+0xfc/0xb20 [ 608.612528][T23469] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 608.612561][T23469] ? lockdep_init_map_type+0x5c/0x250 [ 608.612591][T23469] ? lockdep_init_map_type+0x5c/0x250 [ 608.612620][T23469] ? lockdep_init_map_type+0x5c/0x250 [ 608.612652][T23469] sctp_init_sock+0xe2b/0x1300 [ 608.612710][T23469] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 608.612748][T23469] sctp_v6_init_sock+0x16/0x70 [ 608.612778][T23469] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 608.612809][T23469] inet6_create+0xb21/0x12b0 [ 608.612899][T23469] ? inet6_create+0x7f/0x12b0 [ 608.612933][T23469] __sock_create+0x339/0x860 [ 608.612960][T23469] __sys_socket+0x14d/0x260 [ 608.612984][T23469] ? __pfx___sys_socket+0x10/0x10 [ 608.613018][T23469] __x64_sys_socket+0x72/0xb0 [ 608.613041][T23469] ? lockdep_hardirqs_on+0x78/0x100 [ 608.613072][T23469] do_syscall_64+0x106/0xf80 [ 608.613102][T23469] ? clear_bhb_loop+0x40/0x90 [ 608.613128][T23469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.613151][T23469] RIP: 0033:0x7f783459c799 [ 608.613168][T23469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 608.613190][T23469] RSP: 002b:00007f78354df028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 608.613210][T23469] RAX: ffffffffffffffda RBX: 00007f7834815fa0 RCX: 00007f783459c799 [ 608.613225][T23469] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 608.613239][T23469] RBP: 00007f7834632c99 R08: 0000000000000000 R09: 0000000000000000 [ 608.613252][T23469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 608.613265][T23469] R13: 00007f7834816038 R14: 00007f7834815fa0 R15: 00007ffdb49ca728 [ 608.613292][T23469] [ 609.102887][T23443] memory+swap: usage 3936kB, limit 9007199254740988kB, failcnt 0 [ 609.138493][T23443] kmem: usage 1416kB, limit 9007199254740988kB, failcnt 0 [ 609.145627][T23443] Memory cgroup stats for /syz0: [ 609.145773][T23443] cache 0 [ 609.170060][T23443] rss 1695744 [ 609.173365][T23443] rss_huge 0 [ 609.188607][T23443] shmem 0 [ 609.191564][T23443] mapped_file 0 [ 609.195015][T23443] dirty 0 [ 609.199599][T23443] writeback 0 [ 609.202944][T23443] workingset_refault_anon 3934 [ 609.207703][T23443] workingset_refault_file 52399 [ 609.212788][T23443] swap 884736 [ 609.216342][T23443] swapcached 325545984 [ 609.220665][T23443] pgpgin 258938 [ 609.224179][T23443] pgpgout 270788 [ 609.228380][T23443] pgfault 264708 [ 609.231925][T23443] pgmajfault 2768 [ 609.248452][T23443] inactive_anon 0 [ 609.252122][T23443] active_anon 1695744 [ 609.256090][T23443] inactive_file 0 [ 609.278711][T23443] active_file 0 [ 609.289101][T23443] unevictable 0 [ 609.292564][T23443] hierarchical_memory_limit 3145728 [ 609.297761][T23443] hierarchical_memsw_limit 9223372036854771712 [ 609.362987][T23474] zswap: compressor not available [ 609.369324][T23443] total_cache 0 [ 609.372801][T23443] total_rss 1695744 [ 609.376610][T23443] total_rss_huge 0 [ 609.403604][T23443] total_shmem 0 [ 609.407075][T23443] total_mapped_file 0 [ 609.421434][T23443] total_dirty 0 [ 609.424898][T23443] total_writeback 0 [ 609.483198][T23443] total_workingset_refault_anon 3934 [ 609.498519][T23443] total_workingset_refault_file 52399 [ 609.503897][T23443] total_swap 884736 [ 609.507694][T23443] total_swapcached 325545984 [ 609.535762][T23443] total_pgpgin 258938 [ 609.544154][T23443] total_pgpgout 270788 [ 609.554398][T23443] total_pgfault 264708 [ 609.573449][T23443] total_pgmajfault 2768 [ 609.628549][T23443] total_inactive_anon 0 [ 609.632712][T23443] total_active_anon 1695744 [ 609.653955][T23443] total_inactive_file 0 [ 609.676857][T23443] total_active_file 0 [ 609.694463][T23443] total_unevictable 0 [ 609.714658][T23443] anon_cost 21 [ 609.734845][T23443] file_cost 0 [ 609.747619][T23443] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8227,pid=23441,uid=0 [ 609.828458][T23443] Memory cgroup out of memory: Killed process 23441 (syz.0.8227) total-vm:108376kB, anon-rss:2896kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 613.324073][T23572] syz.0.8289 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 613.373197][T23572] CPU: 0 UID: 0 PID: 23572 Comm: syz.0.8289 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 613.373233][T23572] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 613.373242][T23572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 613.373256][T23572] Call Trace: [ 613.373262][T23572] [ 613.373270][T23572] dump_stack_lvl+0x100/0x190 [ 613.373305][T23572] dump_header+0xfb/0x606 [ 613.373328][T23572] oom_kill_process.cold+0xd/0x330 [ 613.373370][T23572] out_of_memory+0x340/0x14f0 [ 613.373407][T23572] ? __pfx_out_of_memory+0x10/0x10 [ 613.373445][T23572] mem_cgroup_out_of_memory+0xc6/0x130 [ 613.373474][T23572] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 613.373502][T23572] ? find_held_lock+0x2b/0x80 [ 613.373525][T23572] ? do_raw_spin_unlock+0x145/0x1e0 [ 613.373557][T23572] ? _raw_spin_unlock+0x28/0x50 [ 613.373585][T23572] try_charge_memcg+0x652/0xc90 [ 613.373612][T23572] ? __pfx_try_charge_memcg+0x10/0x10 [ 613.373633][T23572] ? find_held_lock+0x2b/0x80 [ 613.373652][T23572] ? rcu_read_unlock+0x17/0x60 [ 613.373673][T23572] ? rcu_read_unlock+0x17/0x60 [ 613.373703][T23572] charge_memcg+0xa6/0x280 [ 613.373724][T23572] __mem_cgroup_charge+0x2b/0x1e0 [ 613.373751][T23572] do_anonymous_page+0xb62/0x1fb0 [ 613.373788][T23572] __handle_mm_fault+0x1d42/0x2b60 [ 613.373823][T23572] ? __pfx___handle_mm_fault+0x10/0x10 [ 613.373852][T23572] ? pte_offset_map_lock+0x174/0x320 [ 613.373873][T23572] ? find_held_lock+0x2b/0x80 [ 613.373900][T23572] ? follow_page_pte+0x5b3/0x1400 [ 613.373927][T23572] handle_mm_fault+0x36d/0xa20 [ 613.373960][T23572] __get_user_pages+0xf9c/0x34d0 [ 613.373992][T23572] ? __pfx___get_user_pages+0x10/0x10 [ 613.374022][T23572] populate_vma_page_range+0x267/0x3f0 [ 613.374049][T23572] ? __pfx_populate_vma_page_range+0x10/0x10 [ 613.374073][T23572] ? __pfx_find_vma_intersection+0x10/0x10 [ 613.374096][T23572] ? do_mmap+0x93f/0x12f0 [ 613.374121][T23572] __mm_populate+0x107/0x3a0 [ 613.374146][T23572] ? __pfx___mm_populate+0x10/0x10 [ 613.374172][T23572] ? up_write+0x290/0x4f0 [ 613.374204][T23572] vm_mmap_pgoff+0x37f/0x470 [ 613.374229][T23572] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 613.374264][T23572] ksys_mmap_pgoff+0xe1/0x650 [ 613.374285][T23572] ? kcov_ioctl+0x16a/0x720 [ 613.374303][T23572] ? kfree+0x2ec/0x6b0 [ 613.374327][T23572] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 613.374348][T23572] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 613.374395][T23572] __x64_sys_mmap+0x125/0x190 [ 613.374429][T23572] do_syscall_64+0x106/0xf80 [ 613.374457][T23572] ? clear_bhb_loop+0x40/0x90 [ 613.374482][T23572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 613.374504][T23572] RIP: 0033:0x7f549259c799 [ 613.374521][T23572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 613.374541][T23572] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 613.374561][T23572] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 613.374575][T23572] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 613.374588][T23572] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 613.374601][T23572] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 613.374613][T23572] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 613.374639][T23572] [ 614.058440][T23572] memory: usage 3072kB, limit 3072kB, failcnt 140524 [ 614.065139][T23572] memory+swap: usage 3456kB, limit 9007199254740988kB, failcnt 0 [ 614.088451][T23572] kmem: usage 1416kB, limit 9007199254740988kB, failcnt 0 [ 614.096516][T23572] Memory cgroup stats for /syz0: [ 614.096652][T23572] cache 0 [ 614.118418][T23572] rss 1695744 [ 614.121713][T23572] rss_huge 0 [ 614.124902][T23572] shmem 0 [ 614.127864][T23572] mapped_file 0 [ 614.138276][T23572] dirty 0 [ 614.143382][T23572] writeback 0 [ 614.149068][T23572] workingset_refault_anon 3949 [ 614.153850][T23572] workingset_refault_file 52399 [ 614.178476][T23572] swap 393216 [ 614.181787][T23572] swapcached 325971968 [ 614.185860][T23572] pgpgin 259841 [ 614.198451][T23572] pgpgout 271691 [ 614.202015][T23572] pgfault 266496 [ 614.205554][T23572] pgmajfault 2781 [ 614.235407][T23572] inactive_anon 0 [ 614.268433][T23572] active_anon 1695744 [ 614.272558][T23572] inactive_file 0 [ 614.276183][T23572] active_file 0 [ 614.306446][T23572] unevictable 0 [ 614.309962][T23572] hierarchical_memory_limit 3145728 [ 614.315152][T23572] hierarchical_memsw_limit 9223372036854771712 [ 614.338569][T23572] total_cache 0 [ 614.346985][T23572] total_rss 1695744 [ 614.364106][T23572] total_rss_huge 0 [ 614.367831][T23572] total_shmem 0 [ 614.383014][T23572] total_mapped_file 0 [ 614.393112][T23572] total_dirty 0 [ 614.396575][T23572] total_writeback 0 [ 614.408427][T23572] total_workingset_refault_anon 3949 [ 614.413718][T23572] total_workingset_refault_file 52399 [ 614.438526][T23572] total_swap 393216 [ 614.442336][T23572] total_swapcached 325971968 [ 614.446916][T23572] total_pgpgin 259841 [ 614.456242][T23572] total_pgpgout 271691 [ 614.466377][T23572] total_pgfault 266496 [ 614.478424][T23572] total_pgmajfault 2781 [ 614.482684][T23572] total_inactive_anon 0 [ 614.497920][T23572] total_active_anon 1695744 [ 614.507456][T23572] total_inactive_file 0 [ 614.518436][T23572] total_active_file 0 [ 614.526062][T23572] total_unevictable 0 [ 614.534916][T23572] anon_cost 35 [ 614.545024][T23572] file_cost 0 [ 614.548317][T23572] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8289,pid=23570,uid=0 [ 614.568865][T23572] Memory cgroup out of memory: Killed process 23570 (syz.0.8289) total-vm:108376kB, anon-rss:2896kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 616.912207][T23639] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 617.053137][T23635] syz.0.8318 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 617.107115][T23635] CPU: 0 UID: 0 PID: 23635 Comm: syz.0.8318 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 617.107163][T23635] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 617.107173][T23635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 617.107186][T23635] Call Trace: [ 617.107193][T23635] [ 617.107200][T23635] dump_stack_lvl+0x100/0x190 [ 617.107236][T23635] dump_header+0xfb/0x606 [ 617.107260][T23635] oom_kill_process.cold+0xd/0x330 [ 617.107285][T23635] out_of_memory+0x340/0x14f0 [ 617.107322][T23635] ? __pfx_out_of_memory+0x10/0x10 [ 617.107360][T23635] mem_cgroup_out_of_memory+0xc6/0x130 [ 617.107390][T23635] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 617.107418][T23635] ? find_held_lock+0x2b/0x80 [ 617.107443][T23635] ? do_raw_spin_unlock+0x145/0x1e0 [ 617.107475][T23635] ? _raw_spin_unlock+0x28/0x50 [ 617.107505][T23635] try_charge_memcg+0x652/0xc90 [ 617.107533][T23635] ? __pfx_try_charge_memcg+0x10/0x10 [ 617.107554][T23635] ? find_held_lock+0x2b/0x80 [ 617.107573][T23635] ? rcu_read_unlock+0x17/0x60 [ 617.107596][T23635] ? rcu_read_unlock+0x17/0x60 [ 617.107626][T23635] charge_memcg+0xa6/0x280 [ 617.107648][T23635] __mem_cgroup_charge+0x2b/0x1e0 [ 617.107675][T23635] do_anonymous_page+0xb62/0x1fb0 [ 617.107713][T23635] __handle_mm_fault+0x1d42/0x2b60 [ 617.107749][T23635] ? __pfx___handle_mm_fault+0x10/0x10 [ 617.107779][T23635] ? pte_offset_map_lock+0x174/0x320 [ 617.107801][T23635] ? find_held_lock+0x2b/0x80 [ 617.107828][T23635] ? follow_page_pte+0x5b3/0x1400 [ 617.107857][T23635] handle_mm_fault+0x36d/0xa20 [ 617.107890][T23635] __get_user_pages+0xf9c/0x34d0 [ 617.107923][T23635] ? __pfx___get_user_pages+0x10/0x10 [ 617.107954][T23635] populate_vma_page_range+0x267/0x3f0 [ 617.107981][T23635] ? __pfx_populate_vma_page_range+0x10/0x10 [ 617.108006][T23635] ? __pfx_find_vma_intersection+0x10/0x10 [ 617.108030][T23635] ? do_mmap+0x93f/0x12f0 [ 617.108055][T23635] __mm_populate+0x107/0x3a0 [ 617.108092][T23635] ? __pfx___mm_populate+0x10/0x10 [ 617.108118][T23635] ? up_write+0x290/0x4f0 [ 617.108170][T23635] vm_mmap_pgoff+0x37f/0x470 [ 617.108196][T23635] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 617.108221][T23635] ? do_futex+0x192/0x350 [ 617.108249][T23635] ? __pfx_do_futex+0x10/0x10 [ 617.108276][T23635] ? fd_install+0x223/0x580 [ 617.108298][T23635] ksys_mmap_pgoff+0xe1/0x650 [ 617.108320][T23635] ? __x64_sys_futex+0x34f/0x4d0 [ 617.108349][T23635] ? __x64_sys_futex+0x358/0x4d0 [ 617.108376][T23635] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 617.108398][T23635] ? xfd_validate_state+0x129/0x190 [ 617.108432][T23635] __x64_sys_mmap+0x125/0x190 [ 617.108465][T23635] do_syscall_64+0x106/0xf80 [ 617.108493][T23635] ? clear_bhb_loop+0x40/0x90 [ 617.108518][T23635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 617.108539][T23635] RIP: 0033:0x7f549259c799 [ 617.108556][T23635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 617.108576][T23635] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 617.108596][T23635] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 617.108610][T23635] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 617.108622][T23635] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 617.108635][T23635] R10: 0000100000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 617.108647][T23635] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 617.108674][T23635] [ 617.987085][T23646] bridge0: port 5(veth0_to_bridge) entered blocking state [ 618.010576][T23646] bridge0: port 5(veth0_to_bridge) entered disabled state [ 618.017861][T23646] veth0_to_bridge: entered allmulticast mode [ 618.055223][T23646] veth0_to_bridge: entered promiscuous mode [ 618.085598][T23646] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 618.124084][T23646] bridge0: port 5(veth0_to_bridge) entered blocking state [ 618.131311][T23646] bridge0: port 5(veth0_to_bridge) entered forwarding state [ 618.641447][T23660] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 618.873012][T23635] memory: usage 3072kB, limit 3072kB, failcnt 141320 [ 618.900602][T23635] memory+swap: usage 3452kB, limit 9007199254740988kB, failcnt 0 [ 618.934924][T23635] kmem: usage 1432kB, limit 9007199254740988kB, failcnt 0 [ 618.965956][T23635] Memory cgroup stats for /syz0: [ 618.966086][T23635] cache 0 [ 619.018471][T23635] rss 1679360 [ 619.028709][T23635] rss_huge 0 [ 619.031912][T23635] shmem 0 [ 619.057170][T23635] mapped_file 0 [ 619.112703][T23635] dirty 0 [ 619.115659][T23635] writeback 0 [ 619.127236][T23635] workingset_refault_anon 4019 [ 619.148253][T23635] workingset_refault_file 52399 [ 619.199255][T23635] swap 389120 [ 619.203108][T23635] swapcached 329342976 [ 619.231418][ T29] audit: type=1804 audit(4294967398.440:28): pid=23669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.8335" name="/newroot/2234/file0" dev="tmpfs" ino=11258 res=1 errno=0 [ 619.265670][T23635] pgpgin 261608 [ 619.280755][T23635] pgpgout 273462 [ 619.284317][T23635] pgfault 268817 [ 619.287991][T23635] pgmajfault 2813 [ 619.348446][T23635] inactive_anon 0 [ 619.352091][T23635] active_anon 1679360 [ 619.356062][T23635] inactive_file 0 [ 619.393848][T23635] active_file 0 [ 619.429874][T23635] unevictable 0 [ 619.433345][T23635] hierarchical_memory_limit 3145728 [ 619.460398][T23672] delete_channel: no stack [ 619.488433][T23635] hierarchical_memsw_limit 9223372036854771712 [ 619.504753][T23635] total_cache 0 [ 619.508222][T23635] total_rss 1679360 [ 619.535245][T23635] total_rss_huge 0 [ 619.556312][T23635] total_shmem 0 [ 619.572473][T23635] total_mapped_file 0 [ 619.576472][T23635] total_dirty 0 [ 619.603924][T23635] total_writeback 0 [ 619.627076][T23635] total_workingset_refault_anon 4019 [ 619.661650][T23635] total_workingset_refault_file 52399 [ 619.687971][T23635] total_swap 389120 [ 619.702931][T23635] total_swapcached 329342976 [ 619.728792][T23635] total_pgpgin 261608 [ 619.770138][T23635] total_pgpgout 273462 [ 619.798545][T23635] total_pgfault 268817 [ 619.821327][T23635] total_pgmajfault 2813 [ 619.854653][T23635] total_inactive_anon 0 [ 619.871759][T23635] total_active_anon 1679360 [ 619.901343][T23635] total_inactive_file 0 [ 619.910938][T23635] total_active_file 0 [ 619.916796][T23684] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8342'. [ 619.943589][T23635] total_unevictable 0 [ 619.947622][T23635] anon_cost 6 [ 619.962090][T23635] file_cost 0 [ 619.977513][T23635] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8318,pid=23634,uid=0 [ 620.058433][T23635] Memory cgroup out of memory: Killed process 23635 (syz.0.8318) total-vm:108376kB, anon-rss:2676kB, file-rss:22368kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 620.544967][T23694] syz.0.8347 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 620.585722][T23694] CPU: 0 UID: 0 PID: 23694 Comm: syz.0.8347 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 620.585758][T23694] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 620.585768][T23694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 620.585780][T23694] Call Trace: [ 620.585788][T23694] [ 620.585795][T23694] dump_stack_lvl+0x100/0x190 [ 620.585837][T23694] dump_header+0xfb/0x606 [ 620.585862][T23694] oom_kill_process.cold+0xd/0x330 [ 620.585887][T23694] out_of_memory+0x340/0x14f0 [ 620.585924][T23694] ? __pfx_out_of_memory+0x10/0x10 [ 620.585962][T23694] mem_cgroup_out_of_memory+0xc6/0x130 [ 620.585994][T23694] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 620.586021][T23694] ? find_held_lock+0x2b/0x80 [ 620.586045][T23694] ? do_raw_spin_unlock+0x145/0x1e0 [ 620.586076][T23694] ? _raw_spin_unlock+0x28/0x50 [ 620.586105][T23694] try_charge_memcg+0x652/0xc90 [ 620.586132][T23694] ? __pfx_try_charge_memcg+0x10/0x10 [ 620.586154][T23694] ? find_held_lock+0x2b/0x80 [ 620.586172][T23694] ? rcu_read_unlock+0x17/0x60 [ 620.586194][T23694] ? rcu_read_unlock+0x17/0x60 [ 620.586224][T23694] charge_memcg+0xa6/0x280 [ 620.586245][T23694] __mem_cgroup_charge+0x2b/0x1e0 [ 620.586272][T23694] do_anonymous_page+0xb62/0x1fb0 [ 620.586309][T23694] __handle_mm_fault+0x1d42/0x2b60 [ 620.586345][T23694] ? __pfx___handle_mm_fault+0x10/0x10 [ 620.586374][T23694] ? pte_offset_map_lock+0x174/0x320 [ 620.586395][T23694] ? find_held_lock+0x2b/0x80 [ 620.586422][T23694] ? follow_page_pte+0x5b3/0x1400 [ 620.586451][T23694] handle_mm_fault+0x36d/0xa20 [ 620.586483][T23694] __get_user_pages+0xf9c/0x34d0 [ 620.586516][T23694] ? __pfx___get_user_pages+0x10/0x10 [ 620.586546][T23694] populate_vma_page_range+0x267/0x3f0 [ 620.586572][T23694] ? __pfx_populate_vma_page_range+0x10/0x10 [ 620.586597][T23694] ? __pfx_find_vma_intersection+0x10/0x10 [ 620.586620][T23694] ? do_mmap+0x93f/0x12f0 [ 620.586645][T23694] __mm_populate+0x107/0x3a0 [ 620.586671][T23694] ? __pfx___mm_populate+0x10/0x10 [ 620.586697][T23694] ? up_write+0x290/0x4f0 [ 620.586729][T23694] vm_mmap_pgoff+0x37f/0x470 [ 620.586755][T23694] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 620.586790][T23694] ksys_mmap_pgoff+0xe1/0x650 [ 620.586812][T23694] ? kcov_ioctl+0x16a/0x720 [ 620.586833][T23694] ? kfree+0x2ec/0x6b0 [ 620.586858][T23694] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 620.586879][T23694] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 620.586913][T23694] __x64_sys_mmap+0x125/0x190 [ 620.586946][T23694] do_syscall_64+0x106/0xf80 [ 620.586974][T23694] ? clear_bhb_loop+0x40/0x90 [ 620.586999][T23694] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.587020][T23694] RIP: 0033:0x7f549259c799 [ 620.587037][T23694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.587057][T23694] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 620.587076][T23694] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 620.587090][T23694] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 620.587103][T23694] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 620.587116][T23694] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 620.587128][T23694] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 620.587154][T23694] [ 621.276575][T23694] memory: usage 3072kB, limit 3072kB, failcnt 141470 [ 621.283402][T23694] memory+swap: usage 3464kB, limit 9007199254740988kB, failcnt 0 [ 621.308426][T23694] kmem: usage 1436kB, limit 9007199254740988kB, failcnt 0 [ 621.316205][T23694] Memory cgroup stats for /syz0: [ 621.316340][T23694] cache 0 [ 621.338403][T23694] rss 1675264 [ 621.341694][T23694] rss_huge 0 [ 621.344883][T23694] shmem 0 [ 621.347832][T23694] mapped_file 0 [ 621.358409][T23694] dirty 0 [ 621.361600][T23694] writeback 0 [ 621.365673][T23694] workingset_refault_anon 4040 [ 621.378457][T23694] workingset_refault_file 52399 [ 621.383398][T23694] swap 401408 [ 621.386673][T23694] swapcached 329752576 [ 621.408432][T23694] pgpgin 262096 [ 621.412492][T23694] pgpgout 273951 [ 621.416039][T23694] pgfault 269328 [ 621.449159][T23696] zswap: compressor not available [ 621.454321][T23694] pgmajfault 2826 [ 621.457964][T23694] inactive_anon 0 [ 621.490394][T23694] active_anon 1675264 [ 621.494382][T23694] inactive_file 0 [ 621.498003][T23694] active_file 0 [ 621.531374][T23694] unevictable 0 [ 621.534873][T23694] hierarchical_memory_limit 3145728 [ 621.568439][T23694] hierarchical_memsw_limit 9223372036854771712 [ 621.598953][T23694] total_cache 0 [ 621.608399][T23694] total_rss 1675264 [ 621.622805][T23694] total_rss_huge 0 [ 621.626530][T23694] total_shmem 0 [ 621.648797][T23694] total_mapped_file 0 [ 621.652869][T23694] total_dirty 0 [ 621.656330][T23694] total_writeback 0 [ 621.726277][T23694] total_workingset_refault_anon 4040 [ 621.748422][T23694] total_workingset_refault_file 52399 [ 621.753885][T23694] total_swap 401408 [ 621.778500][T23694] total_swapcached 329752576 [ 621.783125][T23694] total_pgpgin 262096 [ 621.787108][T23694] total_pgpgout 273951 [ 621.825761][T23694] total_pgfault 269328 [ 621.838426][T23694] total_pgmajfault 2826 [ 621.842830][T23694] total_inactive_anon 0 [ 621.846984][T23694] total_active_anon 1675264 [ 621.899151][T23694] total_inactive_file 0 [ 621.903405][T23694] total_active_file 0 [ 621.928418][T23694] total_unevictable 0 [ 621.932441][T23694] anon_cost 83 [ 621.935808][T23694] file_cost 0 [ 621.950489][T23711] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8354'. [ 621.971226][T23694] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8347,pid=23692,uid=0 [ 622.023668][T23694] Memory cgroup out of memory: Killed process 23692 (syz.0.8347) total-vm:108376kB, anon-rss:2876kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 622.107290][T23713] FAULT_INJECTION: forcing a failure. [ 622.107290][T23713] name failslab, interval 1, probability 0, space 0, times 0 [ 622.178621][T23713] CPU: 0 UID: 0 PID: 23713 Comm: syz.1.8355 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 622.178659][T23713] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 622.178670][T23713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 622.178683][T23713] Call Trace: [ 622.178690][T23713] [ 622.178698][T23713] dump_stack_lvl+0x100/0x190 [ 622.178743][T23713] should_fail_ex.cold+0x5/0xa [ 622.178768][T23713] should_failslab+0xc2/0x120 [ 622.178791][T23713] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 622.178824][T23713] ? prepare_creds+0x2c/0x950 [ 622.178856][T23713] ? __sys_socket+0xac/0x260 [ 622.178885][T23713] prepare_creds+0x2c/0x950 [ 622.178920][T23713] __sys_setuid+0x9c/0x440 [ 622.178941][T23713] do_syscall_64+0x106/0xf80 [ 622.178971][T23713] ? clear_bhb_loop+0x40/0x90 [ 622.178998][T23713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.179021][T23713] RIP: 0033:0x7f47fef9c799 [ 622.179038][T23713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 622.179058][T23713] RSP: 002b:00007f47ffdef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000069 [ 622.179078][T23713] RAX: ffffffffffffffda RBX: 00007f47ff215fa0 RCX: 00007f47fef9c799 [ 622.179093][T23713] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 622.179106][T23713] RBP: 00007f47ff032c99 R08: 0000000000000000 R09: 0000000000000000 [ 622.179119][T23713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 622.179132][T23713] R13: 00007f47ff216038 R14: 00007f47ff215fa0 R15: 00007ffc89318b68 [ 622.179159][T23713] [ 624.184485][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.191024][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.899693][T23792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8391'. [ 625.937028][T23794] random: crng reseeded on system resumption [ 627.751541][T23833] syz.0.8410 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 627.808722][T23833] CPU: 0 UID: 0 PID: 23833 Comm: syz.0.8410 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 627.808758][T23833] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 627.808769][T23833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 627.808782][T23833] Call Trace: [ 627.808789][T23833] [ 627.808797][T23833] dump_stack_lvl+0x100/0x190 [ 627.808833][T23833] dump_header+0xfb/0x606 [ 627.808857][T23833] oom_kill_process.cold+0xd/0x330 [ 627.808882][T23833] out_of_memory+0x340/0x14f0 [ 627.808919][T23833] ? __pfx_out_of_memory+0x10/0x10 [ 627.808957][T23833] mem_cgroup_out_of_memory+0xc6/0x130 [ 627.808988][T23833] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 627.809017][T23833] ? find_held_lock+0x2b/0x80 [ 627.809042][T23833] ? do_raw_spin_unlock+0x145/0x1e0 [ 627.809075][T23833] ? _raw_spin_unlock+0x28/0x50 [ 627.809104][T23833] try_charge_memcg+0x652/0xc90 [ 627.809132][T23833] ? __pfx_try_charge_memcg+0x10/0x10 [ 627.809154][T23833] ? find_held_lock+0x2b/0x80 [ 627.809173][T23833] ? rcu_read_unlock+0x17/0x60 [ 627.809195][T23833] ? rcu_read_unlock+0x17/0x60 [ 627.809226][T23833] charge_memcg+0xa6/0x280 [ 627.809247][T23833] __mem_cgroup_charge+0x2b/0x1e0 [ 627.809282][T23833] do_anonymous_page+0xb62/0x1fb0 [ 627.809320][T23833] __handle_mm_fault+0x1d42/0x2b60 [ 627.809355][T23833] ? __pfx___handle_mm_fault+0x10/0x10 [ 627.809384][T23833] ? pte_offset_map_lock+0x174/0x320 [ 627.809405][T23833] ? find_held_lock+0x2b/0x80 [ 627.809432][T23833] ? follow_page_pte+0x5b3/0x1400 [ 627.809460][T23833] handle_mm_fault+0x36d/0xa20 [ 627.809493][T23833] __get_user_pages+0xf9c/0x34d0 [ 627.809525][T23833] ? __pfx___get_user_pages+0x10/0x10 [ 627.809555][T23833] populate_vma_page_range+0x267/0x3f0 [ 627.809582][T23833] ? __pfx_populate_vma_page_range+0x10/0x10 [ 627.809606][T23833] ? __pfx_find_vma_intersection+0x10/0x10 [ 627.809630][T23833] ? do_mmap+0x93f/0x12f0 [ 627.809654][T23833] __mm_populate+0x107/0x3a0 [ 627.809679][T23833] ? __pfx___mm_populate+0x10/0x10 [ 627.809706][T23833] ? up_write+0x290/0x4f0 [ 627.809739][T23833] vm_mmap_pgoff+0x37f/0x470 [ 627.809765][T23833] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 627.809790][T23833] ? do_futex+0x192/0x350 [ 627.809822][T23833] ? __pfx_do_futex+0x10/0x10 [ 627.809856][T23833] ksys_mmap_pgoff+0xe1/0x650 [ 627.809878][T23833] ? __x64_sys_futex+0x34f/0x4d0 [ 627.809903][T23833] ? __x64_sys_futex+0x358/0x4d0 [ 627.809931][T23833] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 627.809953][T23833] ? xfd_validate_state+0x129/0x190 [ 627.809987][T23833] __x64_sys_mmap+0x125/0x190 [ 627.810021][T23833] do_syscall_64+0x106/0xf80 [ 627.810049][T23833] ? clear_bhb_loop+0x40/0x90 [ 627.810074][T23833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.810095][T23833] RIP: 0033:0x7f549259c799 [ 627.810112][T23833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 627.810132][T23833] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 627.810152][T23833] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 627.810166][T23833] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 627.810179][T23833] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 627.810192][T23833] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 627.810204][T23833] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 627.810231][T23833] [ 627.811946][T23833] memory: usage 3072kB, limit 3072kB, failcnt 141878 [ 628.792121][T23833] memory+swap: usage 3364kB, limit 9007199254740988kB, failcnt 0 [ 628.828722][T23833] kmem: usage 1428kB, limit 9007199254740988kB, failcnt 0 [ 628.853893][T23833] Memory cgroup stats for /syz0: [ 628.854025][T23833] cache 0 [ 628.878787][T23833] rss 1683456 [ 628.891155][T23833] rss_huge 0 [ 628.903335][T23833] shmem 0 [ 628.913940][T23833] mapped_file 0 [ 628.926325][T23833] dirty 0 [ 628.937482][T23833] writeback 0 [ 628.951070][T23833] workingset_refault_anon 4142 [ 628.967005][T23833] workingset_refault_file 52399 [ 628.983856][T23833] swap 299008 [ 628.995036][T23833] swapcached 331083776 [ 629.009107][T23833] pgpgin 264311 [ 629.020729][T23833] pgpgout 276164 [ 629.034199][T23833] pgfault 272769 [ 629.052666][T23833] pgmajfault 2904 [ 629.063494][T23833] inactive_anon 0 [ 629.075887][T23833] active_anon 1683456 [ 629.087695][T23833] inactive_file 0 [ 629.100188][T23833] active_file 0 [ 629.113553][T23833] unevictable 0 [ 629.123658][T23833] hierarchical_memory_limit 3145728 [ 629.142448][T23833] hierarchical_memsw_limit 9223372036854771712 [ 629.166191][T23833] total_cache 0 [ 629.179816][T23833] total_rss 1683456 [ 629.193522][T23833] total_rss_huge 0 [ 629.205796][T23833] total_shmem 0 [ 629.217002][T23833] total_mapped_file 0 [ 629.240585][T23833] total_dirty 0 [ 629.259836][T23833] total_writeback 0 [ 629.263642][T23833] total_workingset_refault_anon 4142 [ 629.342720][T23833] total_workingset_refault_file 52399 [ 629.348213][T23833] total_swap 299008 [ 629.377531][T23833] total_swapcached 331083776 [ 629.410263][T23833] total_pgpgin 264311 [ 629.414465][T23833] total_pgpgout 276164 [ 629.436665][T23833] total_pgfault 272769 [ 629.456993][T23833] total_pgmajfault 2904 [ 629.484560][T23833] total_inactive_anon 0 [ 629.529070][T23833] total_active_anon 1683456 [ 629.533595][T23833] total_inactive_file 0 [ 629.537740][T23833] total_active_file 0 [ 629.592590][T23833] total_unevictable 0 [ 629.596581][T23833] anon_cost 39 [ 629.609419][T23869] netlink: 'syz.4.8426': attribute type 4 has an invalid length. [ 629.622302][T23833] file_cost 0 [ 629.625593][T23833] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8410,pid=23832,uid=0 [ 629.652654][T23869] netlink: 62 bytes leftover after parsing attributes in process `syz.4.8426'. [ 629.701925][T23833] Memory cgroup out of memory: Killed process 23832 (syz.0.8410) total-vm:108376kB, anon-rss:2676kB, file-rss:22376kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 631.216296][T23911] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8446'. [ 631.232270][T23886] syz.2.8430 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 631.272560][T23886] CPU: 0 UID: 0 PID: 23886 Comm: syz.2.8430 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 631.272596][T23886] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 631.272606][T23886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 631.272618][T23886] Call Trace: [ 631.272626][T23886] [ 631.272633][T23886] dump_stack_lvl+0x100/0x190 [ 631.272669][T23886] dump_header+0xfb/0x606 [ 631.272693][T23886] oom_kill_process.cold+0xd/0x330 [ 631.272718][T23886] out_of_memory+0x340/0x14f0 [ 631.272754][T23886] ? __pfx_out_of_memory+0x10/0x10 [ 631.272792][T23886] mem_cgroup_out_of_memory+0xc6/0x130 [ 631.272822][T23886] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 631.272850][T23886] ? find_held_lock+0x2b/0x80 [ 631.272874][T23886] ? do_raw_spin_unlock+0x145/0x1e0 [ 631.272905][T23886] ? _raw_spin_unlock+0x28/0x50 [ 631.272933][T23886] try_charge_memcg+0x652/0xc90 [ 631.272960][T23886] ? __pfx_try_charge_memcg+0x10/0x10 [ 631.272986][T23886] ? find_held_lock+0x2b/0x80 [ 631.273004][T23886] ? rcu_read_unlock+0x17/0x60 [ 631.273026][T23886] ? rcu_read_unlock+0x17/0x60 [ 631.273056][T23886] charge_memcg+0xa6/0x280 [ 631.273077][T23886] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 631.273106][T23886] __swap_cache_prepare_and_add+0x528/0x9e0 [ 631.273145][T23886] ? __pfx___swap_cache_prepare_and_add+0x10/0x10 [ 631.273174][T23886] ? __pfx_swap_entry_swapped+0x10/0x10 [ 631.273201][T23886] swap_cache_alloc_folio+0x1cb/0x300 [ 631.273231][T23886] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 631.273262][T23886] ? finish_task_switch.isra.0+0x205/0xb80 [ 631.273291][T23886] swap_cluster_readahead+0x411/0x770 [ 631.273327][T23886] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 631.273359][T23886] ? __lock_acquire+0x4a5/0x2630 [ 631.273394][T23886] ? get_vma_policy+0x23f/0x3b0 [ 631.273419][T23886] swapin_readahead+0x160/0x12c0 [ 631.273447][T23886] ? __lock_acquire+0x4a5/0x2630 [ 631.273480][T23886] ? __pfx_swapin_readahead+0x10/0x10 [ 631.273508][T23886] ? find_held_lock+0x2b/0x80 [ 631.273526][T23886] ? swap_table_get+0x103/0x2c0 [ 631.273552][T23886] ? swap_table_get+0x103/0x2c0 [ 631.273583][T23886] ? swap_table_get+0x10d/0x2c0 [ 631.273611][T23886] ? swap_cache_get_folio+0x1ae/0x600 [ 631.273640][T23886] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 631.273667][T23886] ? __pfx_get_swap_device+0x10/0x10 [ 631.273692][T23886] ? do_swap_page+0xb2e/0x6900 [ 631.273718][T23886] do_swap_page+0xb2e/0x6900 [ 631.273750][T23886] ? do_wp_page+0x1914/0x4f00 [ 631.273778][T23886] ? __pfx_do_swap_page+0x10/0x10 [ 631.273808][T23886] ? do_raw_spin_lock+0x128/0x260 [ 631.273839][T23886] ? rcu_is_watching+0x12/0xc0 [ 631.273870][T23886] ? __pte_offset_map+0x179/0x310 [ 631.273894][T23886] __handle_mm_fault+0x18c1/0x2b60 [ 631.273926][T23886] ? reacquire_held_locks+0xce/0x1e0 [ 631.273953][T23886] ? __pfx___handle_mm_fault+0x10/0x10 [ 631.273986][T23886] ? lock_vma_under_rcu+0x17c/0x590 [ 631.274028][T23886] handle_mm_fault+0x36d/0xa20 [ 631.274067][T23886] do_user_addr_fault+0x5a3/0x12f0 [ 631.274108][T23886] exc_page_fault+0x6f/0xd0 [ 631.274136][T23886] asm_exc_page_fault+0x26/0x30 [ 631.274156][T23886] RIP: 0033:0x7fcb30e5077f [ 631.274172][T23886] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d 92 18 3b 00 89 f0 4c 8d 05 89 f8 3a 00 89 c2 81 e2 ff 1f 00 00 <49> 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 45 38 1c 10 75 23 83 c0 [ 631.274192][T23886] RSP: 002b:00007fffb2716d58 EFLAGS: 00010206 [ 631.274208][T23886] RAX: 0000000084a5284d RBX: ffffffff84a5284d RCX: 0000001b30f1d748 [ 631.274221][T23886] RDX: 000000000000084d RSI: ffffffff84a5284d RDI: 0000000000000001 [ 631.274234][T23886] RBP: 0000000000000007 R08: 00007fcb31200000 R09: 00007fcb31202000 [ 631.274247][T23886] R10: 0000000084a52851 R11: 0000000000000001 R12: 00007fcb31216038 [ 631.274260][T23886] R13: 0000000000000007 R14: ffffffff84a52674 R15: 00007fcb31d45720 [ 631.274274][T23886] ? cap_task_prctl+0x104/0xa50 [ 631.274308][T23886] ? cap_task_prctl+0x2dd/0xa50 [ 631.274343][T23886] ? cap_task_prctl+0x2dd/0xa50 [ 631.274378][T23886] [ 631.673102][T23886] memory: usage 3072kB, limit 3072kB, failcnt 176002 [ 631.679843][T23886] memory+swap: usage 127948kB, limit 9007199254740988kB, failcnt 0 [ 631.687771][T23886] kmem: usage 2516kB, limit 9007199254740988kB, failcnt 0 [ 631.694927][T23886] Memory cgroup stats for /syz2: [ 631.695061][T23886] cache 495616 [ 631.703443][T23886] rss 65536 [ 631.707570][T23886] rss_huge 0 [ 631.710791][T23886] shmem 425984 [ 631.714214][T23886] mapped_file 0 [ 631.717721][T23886] dirty 0 [ 631.720684][T23886] writeback 4096 [ 631.724220][T23886] workingset_refault_anon 8221 [ 631.729047][T23886] workingset_refault_file 62133 [ 631.733923][T23886] swap 127873024 [ 631.737460][T23886] swapcached 482992128 [ 631.741600][T23886] pgpgin 324073 [ 631.745065][T23886] pgpgout 332621 [ 631.748841][T23886] pgfault 322609 [ 631.752482][T23886] pgmajfault 4195 [ 631.756687][T23886] inactive_anon 262144 [ 631.760785][T23886] active_anon 106496 [ 631.764714][T23886] inactive_file 69632 [ 631.768831][T23886] active_file 0 [ 631.772280][T23886] unevictable 0 [ 631.775766][T23886] hierarchical_memory_limit 3145728 [ 631.781017][T23886] hierarchical_memsw_limit 9223372036854771712 [ 631.787226][T23886] total_cache 495616 [ 631.791126][T23886] total_rss 65536 [ 631.794751][T23886] total_rss_huge 0 [ 631.798530][T23886] total_shmem 425984 [ 631.802418][T23886] total_mapped_file 0 [ 631.806612][T23886] total_dirty 0 [ 631.810581][T23886] total_writeback 4096 [ 631.814663][T23886] total_workingset_refault_anon 8221 [ 631.820275][T23886] total_workingset_refault_file 62133 [ 631.825677][T23886] total_swap 127873024 [ 631.829754][T23886] total_swapcached 482992128 [ 631.834335][T23886] total_pgpgin 324073 [ 631.838368][T23886] total_pgpgout 332621 [ 631.842428][T23886] total_pgfault 322609 [ 631.846512][T23886] total_pgmajfault 4195 [ 631.850717][T23886] total_inactive_anon 262144 [ 631.855296][T23886] total_active_anon 106496 [ 631.860321][T23886] total_inactive_file 69632 [ 631.864863][T23886] total_active_file 0 [ 631.868875][T23886] total_unevictable 0 [ 631.872856][T23886] anon_cost 0 [ 631.876177][T23886] file_cost 16 [ 631.879611][T23886] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.8153,pid=23277,uid=0 [ 631.894550][T23886] Memory cgroup out of memory: Killed process 23277 (syz.2.8153) total-vm:137176kB, anon-rss:1232kB, file-rss:55336kB, shmem-rss:0kB, UID:0 pgtables:264kB oom_score_adj:1000 [ 632.913601][T23927] FAULT_INJECTION: forcing a failure. [ 632.913601][T23927] name failslab, interval 1, probability 0, space 0, times 0 [ 632.957532][T23927] CPU: 0 UID: 0 PID: 23927 Comm: syz.1.8453 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 632.957571][T23927] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 632.957582][T23927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 632.957596][T23927] Call Trace: [ 632.957604][T23927] [ 632.957612][T23927] dump_stack_lvl+0x100/0x190 [ 632.957648][T23927] should_fail_ex.cold+0x5/0xa [ 632.957673][T23927] should_failslab+0xc2/0x120 [ 632.957696][T23927] __kmalloc_cache_noprof+0x7a/0x6f0 [ 632.957725][T23927] ? __do_sys_fanotify_init+0x690/0xe50 [ 632.957765][T23927] __do_sys_fanotify_init+0x690/0xe50 [ 632.957802][T23927] do_syscall_64+0x106/0xf80 [ 632.957832][T23927] ? clear_bhb_loop+0x40/0x90 [ 632.957858][T23927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.957880][T23927] RIP: 0033:0x7f47fef9c799 [ 632.957897][T23927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 632.957925][T23927] RSP: 002b:00007f47ffdef028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 632.957946][T23927] RAX: ffffffffffffffda RBX: 00007f47ff215fa0 RCX: 00007f47fef9c799 [ 632.957960][T23927] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 632.957974][T23927] RBP: 00007f47ff032c99 R08: 0000000000000000 R09: 0000000000000000 [ 632.957988][T23927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 632.958003][T23927] R13: 00007f47ff216038 R14: 00007f47ff215fa0 R15: 00007ffc89318b68 [ 632.958030][T23927] [ 633.256377][T23933] aoe: could not set interface list: too many interfaces [ 633.440835][T23938] syz.0.8455 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 633.475720][T23938] CPU: 0 UID: 0 PID: 23938 Comm: syz.0.8455 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 633.475757][T23938] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 633.475766][T23938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 633.475779][T23938] Call Trace: [ 633.475786][T23938] [ 633.475794][T23938] dump_stack_lvl+0x100/0x190 [ 633.475831][T23938] dump_header+0xfb/0x606 [ 633.475854][T23938] oom_kill_process.cold+0xd/0x330 [ 633.475885][T23938] out_of_memory+0x340/0x14f0 [ 633.475922][T23938] ? __pfx_out_of_memory+0x10/0x10 [ 633.475959][T23938] mem_cgroup_out_of_memory+0xc6/0x130 [ 633.475989][T23938] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 633.476016][T23938] ? find_held_lock+0x2b/0x80 [ 633.476041][T23938] ? do_raw_spin_unlock+0x145/0x1e0 [ 633.476072][T23938] ? _raw_spin_unlock+0x28/0x50 [ 633.476101][T23938] try_charge_memcg+0x652/0xc90 [ 633.476128][T23938] ? __pfx_try_charge_memcg+0x10/0x10 [ 633.476149][T23938] ? find_held_lock+0x2b/0x80 [ 633.476167][T23938] ? rcu_read_unlock+0x17/0x60 [ 633.476189][T23938] ? rcu_read_unlock+0x17/0x60 [ 633.476220][T23938] charge_memcg+0xa6/0x280 [ 633.476241][T23938] __mem_cgroup_charge+0x2b/0x1e0 [ 633.476268][T23938] do_anonymous_page+0xb62/0x1fb0 [ 633.476304][T23938] __handle_mm_fault+0x1d42/0x2b60 [ 633.476340][T23938] ? __pfx___handle_mm_fault+0x10/0x10 [ 633.476369][T23938] ? pte_offset_map_lock+0x174/0x320 [ 633.476391][T23938] ? find_held_lock+0x2b/0x80 [ 633.476417][T23938] ? follow_page_pte+0x5b3/0x1400 [ 633.476445][T23938] handle_mm_fault+0x36d/0xa20 [ 633.476478][T23938] __get_user_pages+0xf9c/0x34d0 [ 633.476510][T23938] ? __pfx___get_user_pages+0x10/0x10 [ 633.476540][T23938] populate_vma_page_range+0x267/0x3f0 [ 633.476567][T23938] ? __pfx_populate_vma_page_range+0x10/0x10 [ 633.476592][T23938] ? __pfx_find_vma_intersection+0x10/0x10 [ 633.476615][T23938] ? do_mmap+0x93f/0x12f0 [ 633.476640][T23938] __mm_populate+0x107/0x3a0 [ 633.476666][T23938] ? __pfx___mm_populate+0x10/0x10 [ 633.476692][T23938] ? up_write+0x290/0x4f0 [ 633.476724][T23938] vm_mmap_pgoff+0x37f/0x470 [ 633.476750][T23938] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 633.476785][T23938] ksys_mmap_pgoff+0xe1/0x650 [ 633.476807][T23938] ? kcov_ioctl+0x16a/0x720 [ 633.476825][T23938] ? kfree+0x2ec/0x6b0 [ 633.476850][T23938] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 633.476870][T23938] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 633.476908][T23938] __x64_sys_mmap+0x125/0x190 [ 633.476943][T23938] do_syscall_64+0x106/0xf80 [ 633.476971][T23938] ? clear_bhb_loop+0x40/0x90 [ 633.476996][T23938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.477017][T23938] RIP: 0033:0x7f549259c799 [ 633.477033][T23938] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 633.477054][T23938] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 633.477073][T23938] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 633.477087][T23938] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 633.477100][T23938] RBP: 00007f5492632c99 R08: 0000000000000002 R09: 0000000000008000 [ 633.477113][T23938] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 633.477125][T23938] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 633.477152][T23938] [ 633.477159][T23938] memory: usage 3072kB, limit 3072kB, failcnt 141914 [ 634.040071][ T31] oom_reaper: reaped process 23277 (syz.2.8153), now anon-rss:0kB, file-rss:54308kB, shmem-rss:0kB [ 634.697200][T23961] FAULT_INJECTION: forcing a failure. [ 634.697200][T23961] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 634.785117][T23961] CPU: 0 UID: 0 PID: 23961 Comm: syz.1.8469 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 634.785156][T23961] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 634.785167][T23961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 634.785181][T23961] Call Trace: [ 634.785188][T23961] [ 634.785197][T23961] dump_stack_lvl+0x100/0x190 [ 634.785234][T23961] should_fail_ex.cold+0x5/0xa [ 634.785259][T23961] _copy_from_user+0x2e/0xd0 [ 634.785284][T23961] copy_mnt_id_req+0x108/0x350 [ 634.785316][T23961] __do_sys_listmount+0x184/0xee0 [ 634.785350][T23961] ? __pfx_do_futex+0x10/0x10 [ 634.785379][T23961] ? do_set_mempolicy+0x20a/0x3e0 [ 634.785401][T23961] ? __pfx_do_set_mempolicy+0x10/0x10 [ 634.785424][T23961] ? __pfx___do_sys_listmount+0x10/0x10 [ 634.785474][T23961] do_syscall_64+0x106/0xf80 [ 634.785505][T23961] ? clear_bhb_loop+0x40/0x90 [ 634.785531][T23961] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 634.785553][T23961] RIP: 0033:0x7f47fef9c799 [ 634.785570][T23961] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 634.785592][T23961] RSP: 002b:00007f47ffdef028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 634.785613][T23961] RAX: ffffffffffffffda RBX: 00007f47ff215fa0 RCX: 00007f47fef9c799 [ 634.785628][T23961] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 634.785641][T23961] RBP: 00007f47ff032c99 R08: 0000000000000000 R09: 0000000000000000 [ 634.785655][T23961] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 634.785668][T23961] R13: 00007f47ff216038 R14: 00007f47ff215fa0 R15: 00007ffc89318b68 [ 634.785695][T23961] [ 635.045989][T23938] memory+swap: usage 3184kB, limit 9007199254740988kB, failcnt 0 [ 635.053795][T23938] kmem: usage 1396kB, limit 9007199254740988kB, failcnt 0 [ 635.061061][T23938] Memory cgroup stats for /syz0: [ 635.061205][T23938] cache 0 [ 635.069099][T23938] rss 1712128 [ 635.072424][T23938] rss_huge 0 [ 635.075647][T23938] shmem 0 [ 635.078628][T23938] mapped_file 0 [ 635.082081][T23938] dirty 0 [ 635.085704][T23938] writeback 0 [ 635.089450][T23938] workingset_refault_anon 4156 [ 635.094211][T23938] workingset_refault_file 52399 [ 635.099130][T23938] swap 114688 [ 635.102449][T23938] swapcached 331231232 [ 635.106508][T23938] pgpgin 265008 [ 635.110117][T23938] pgpgout 276854 [ 635.113658][T23938] pgfault 274114 [ 635.117199][T23938] pgmajfault 2915 [ 635.120914][T23938] inactive_anon 1683456 [ 635.125099][T23938] active_anon 28672 [ 635.128956][T23938] inactive_file 0 [ 635.132640][T23938] active_file 0 [ 635.136690][T23938] unevictable 0 [ 635.148436][T23938] hierarchical_memory_limit 3145728 [ 635.153645][T23938] hierarchical_memsw_limit 9223372036854771712 [ 635.203093][T23938] total_cache 0 [ 635.214100][T23938] total_rss 1712128 [ 635.217941][T23938] total_rss_huge 0 [ 635.232578][T23938] total_shmem 0 [ 635.243254][T23938] total_mapped_file 0 [ 635.260847][T23938] total_dirty 0 [ 635.265016][T23938] total_writeback 0 [ 635.297263][T23938] total_workingset_refault_anon 4156 [ 635.327746][T23938] total_workingset_refault_file 52399 [ 635.353459][T23938] total_swap 114688 [ 635.357363][T23938] total_swapcached 331231232 [ 635.369863][T23938] total_pgpgin 265008 [ 635.373866][T23938] total_pgpgout 276854 [ 635.398800][T23938] total_pgfault 274114 [ 635.402890][T23938] total_pgmajfault 2915 [ 635.435449][T23938] total_inactive_anon 1683456 [ 635.486586][T23938] total_active_anon 28672 [ 635.493454][T23938] total_inactive_file 0 [ 635.518579][T23938] total_active_file 0 [ 635.522570][T23938] total_unevictable 0 [ 635.526541][T23938] anon_cost 600 [ 635.557885][T23938] file_cost 0 [ 635.573427][T23938] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8455,pid=23934,uid=0 [ 635.649940][T23938] Memory cgroup out of memory: Killed process 23934 (syz.0.8455) total-vm:108376kB, anon-rss:2896kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 635.990224][T23984] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input33 [ 637.193887][T24015] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8492'. [ 637.624396][T24022] syz.0.8495 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 637.659552][T24024] device-mapper: ioctl: device name cannot be "control", ".", or ".." [ 637.676676][T24022] CPU: 0 UID: 0 PID: 24022 Comm: syz.0.8495 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 637.676713][T24022] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 637.676723][T24022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 637.676735][T24022] Call Trace: [ 637.676742][T24022] [ 637.676750][T24022] dump_stack_lvl+0x100/0x190 [ 637.676786][T24022] dump_header+0xfb/0x606 [ 637.676810][T24022] oom_kill_process.cold+0xd/0x330 [ 637.676834][T24022] out_of_memory+0x340/0x14f0 [ 637.676871][T24022] ? __pfx_out_of_memory+0x10/0x10 [ 637.676908][T24022] mem_cgroup_out_of_memory+0xc6/0x130 [ 637.676938][T24022] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 637.676966][T24022] ? find_held_lock+0x2b/0x80 [ 637.676990][T24022] ? do_raw_spin_unlock+0x145/0x1e0 [ 637.677022][T24022] ? _raw_spin_unlock+0x28/0x50 [ 637.677050][T24022] try_charge_memcg+0x652/0xc90 [ 637.677077][T24022] ? __pfx_try_charge_memcg+0x10/0x10 [ 637.677099][T24022] ? find_held_lock+0x2b/0x80 [ 637.677117][T24022] ? rcu_read_unlock+0x17/0x60 [ 637.677138][T24022] ? rcu_read_unlock+0x17/0x60 [ 637.677168][T24022] charge_memcg+0xa6/0x280 [ 637.677189][T24022] __mem_cgroup_charge+0x2b/0x1e0 [ 637.677216][T24022] do_anonymous_page+0xb62/0x1fb0 [ 637.677254][T24022] __handle_mm_fault+0x1d42/0x2b60 [ 637.677289][T24022] ? __pfx___handle_mm_fault+0x10/0x10 [ 637.677320][T24022] ? pte_offset_map_lock+0x174/0x320 [ 637.677341][T24022] ? find_held_lock+0x2b/0x80 [ 637.677369][T24022] ? follow_page_pte+0x5b3/0x1400 [ 637.677397][T24022] handle_mm_fault+0x36d/0xa20 [ 637.677431][T24022] __get_user_pages+0xf9c/0x34d0 [ 637.677463][T24022] ? __pfx___get_user_pages+0x10/0x10 [ 637.677499][T24022] populate_vma_page_range+0x267/0x3f0 [ 637.677526][T24022] ? __pfx_populate_vma_page_range+0x10/0x10 [ 637.677550][T24022] ? __pfx_find_vma_intersection+0x10/0x10 [ 637.677573][T24022] ? do_mmap+0x93f/0x12f0 [ 637.677598][T24022] __mm_populate+0x107/0x3a0 [ 637.677623][T24022] ? __pfx___mm_populate+0x10/0x10 [ 637.677650][T24022] ? up_write+0x290/0x4f0 [ 637.677682][T24022] vm_mmap_pgoff+0x37f/0x470 [ 637.677709][T24022] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 637.677744][T24022] ksys_mmap_pgoff+0xe1/0x650 [ 637.677766][T24022] ? kcov_ioctl+0x16a/0x720 [ 637.677784][T24022] ? kfree+0x2ec/0x6b0 [ 637.677809][T24022] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 637.677830][T24022] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 637.677864][T24022] __x64_sys_mmap+0x125/0x190 [ 637.677898][T24022] do_syscall_64+0x106/0xf80 [ 637.677926][T24022] ? clear_bhb_loop+0x40/0x90 [ 637.677951][T24022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.677973][T24022] RIP: 0033:0x7f549259c799 [ 637.677990][T24022] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 637.678011][T24022] RSP: 002b:00007f54934e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 637.678030][T24022] RAX: ffffffffffffffda RBX: 00007f5492815fa0 RCX: 00007f549259c799 [ 637.678045][T24022] RDX: 00000000000000df RSI: 0000000000400009 RDI: 0000000000000000 [ 637.678058][T24022] RBP: 00007f5492632c99 R08: 8000000000000003 R09: 0000000000008000 [ 637.678071][T24022] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 637.678084][T24022] R13: 00007f5492816038 R14: 00007f5492815fa0 R15: 00007ffea406e9e8 [ 637.678111][T24022] [ 639.448601][T24022] memory: usage 3072kB, limit 3072kB, failcnt 141996 [ 639.455304][T24022] memory+swap: usage 3236kB, limit 9007199254740988kB, failcnt 0 [ 639.531981][T24022] kmem: usage 1396kB, limit 9007199254740988kB, failcnt 0 [ 639.601351][T24022] Memory cgroup stats for /syz0: [ 639.601492][T24022] cache 0 [ 639.663465][T24022] rss 1695744 [ 639.666778][T24022] rss_huge 0 [ 639.698463][T24022] shmem 0 [ 639.701456][T24022] mapped_file 0 [ 639.704909][T24022] dirty 0 [ 639.768647][T24022] writeback 0 [ 639.771965][T24022] workingset_refault_anon 4156 [ 639.776732][T24022] workingset_refault_file 52399 [ 639.859455][T24022] swap 167936 [ 639.875247][T24022] swapcached 331284480 [ 639.896023][T24022] pgpgin 265625 [ 639.919681][T24022] pgpgout 277475 [ 639.959005][T24022] pgfault 275153 [ 639.978039][T24022] pgmajfault 2915 [ 640.018454][T24022] inactive_anon 0 [ 640.022137][T24022] active_anon 1695744 [ 640.026110][T24022] inactive_file 0 [ 640.085432][T24022] active_file 0 [ 640.112151][T24022] unevictable 0 [ 640.115625][T24022] hierarchical_memory_limit 3145728 [ 640.156805][T24022] hierarchical_memsw_limit 9223372036854771712 [ 640.187483][T24022] total_cache 0 [ 640.198526][T24022] total_rss 1695744 [ 640.227524][T24022] total_rss_huge 0 [ 640.253682][T24022] total_shmem 0 [ 640.284193][T24022] total_mapped_file 0 [ 640.288298][T24022] total_dirty 0 [ 640.315640][T24067] binder: 24065:24067 unknown command 1869768547 [ 640.334882][T24022] total_writeback 0 [ 640.356014][T24022] total_workingset_refault_anon 4156 [ 640.394629][T24022] total_workingset_refault_file 52399 [ 640.401272][T24067] binder: 24065:24067 ioctl c0306201 0 returned -22 [ 640.426526][T24022] total_swap 167936 [ 640.444728][T24022] total_swapcached 331284480 [ 640.474165][T24022] total_pgpgin 265625 [ 640.486455][T24064] zswap: compressor not available [ 640.512231][T24022] total_pgpgout 277475 [ 640.550067][T24022] total_pgfault 275153 [ 640.561047][T24022] total_pgmajfault 2915 [ 640.609078][T24022] total_inactive_anon 0 [ 640.628447][T24022] total_active_anon 1695744 [ 640.645347][T24022] total_inactive_file 0 [ 640.668428][T24022] total_active_file 0 [ 640.705811][T24022] total_unevictable 0 [ 640.727147][T24022] anon_cost 49 [ 640.750264][T24022] file_cost 0 [ 640.759832][T24022] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.8495,pid=24021,uid=0 [ 640.844105][T24022] Memory cgroup out of memory: Killed process 24022 (syz.0.8495) total-vm:108376kB, anon-rss:2896kB, file-rss:21460kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 641.510971][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.524120][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.537129][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.549830][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.562425][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.575151][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.587814][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.600497][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.613287][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.625986][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.518397][ C0] net_ratelimit: 7386 callbacks suppressed [ 646.518415][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.537049][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.549631][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.562246][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.574814][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.587425][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.599949][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.612553][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.625412][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.638100][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.528594][ C0] net_ratelimit: 7460 callbacks suppressed [ 651.528614][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.547378][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.559922][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.572570][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.585217][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.597850][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.610396][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.623001][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.635689][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.648296][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.838411][ C0] sched: DL replenish lagged too much [ 656.538584][ C0] net_ratelimit: 7559 callbacks suppressed [ 656.538602][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.556983][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.569635][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.582157][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.594753][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.607288][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.619884][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.632462][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.645111][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.657654][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.548612][ C0] net_ratelimit: 7819 callbacks suppressed [ 661.548630][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.567112][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.579667][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.592284][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.604847][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.617453][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.629978][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.642664][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.655191][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.667846][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.558674][ C0] net_ratelimit: 7833 callbacks suppressed [ 666.558693][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.577084][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.589718][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.602267][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.614952][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.627500][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.640111][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.652687][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.665415][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.678023][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.568634][ C0] net_ratelimit: 7810 callbacks suppressed [ 671.568653][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.587048][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.599680][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.612235][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.624917][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.637500][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.650142][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.662750][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.675466][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.688009][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.578744][ C0] net_ratelimit: 7835 callbacks suppressed [ 676.578763][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.597311][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.609937][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.622557][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.635082][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.647699][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.660215][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.672865][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.685421][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.698030][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.588821][ C0] net_ratelimit: 7692 callbacks suppressed [ 681.588841][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.607303][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.620301][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.632975][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.645516][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.658133][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.670695][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.683394][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.695940][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.708570][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 685.747516][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.763984][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.598496][ C0] net_ratelimit: 7731 callbacks suppressed [ 686.598516][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.616977][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.629603][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.642199][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.654853][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.667410][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.680060][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.692591][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.705209][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.717769][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.608630][ C0] net_ratelimit: 7711 callbacks suppressed [ 691.608649][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.627129][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.640112][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.652795][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.665342][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.677984][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.690528][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.703208][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.715739][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.728375][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.618492][ C0] net_ratelimit: 7758 callbacks suppressed [ 696.618512][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.636978][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.649618][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.662330][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.674896][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.687524][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.700111][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.712727][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.725286][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.737897][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.628487][ C0] net_ratelimit: 7917 callbacks suppressed [ 701.628506][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.646908][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.659548][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.672128][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.684748][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.697282][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.709965][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.722629][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.735258][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.747781][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.638712][ C0] net_ratelimit: 7935 callbacks suppressed [ 706.638731][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.657172][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.669746][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.682372][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.694885][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.707488][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.720009][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.732638][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.745244][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.757946][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.648807][ C0] net_ratelimit: 7814 callbacks suppressed [ 711.648826][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.667406][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.680010][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.692842][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.705449][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.718100][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.730625][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.743263][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.755840][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.768486][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.658557][ C0] net_ratelimit: 7791 callbacks suppressed [ 716.658575][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.676976][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.689667][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.702184][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.715405][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.727949][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.740563][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.753100][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.765713][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.778281][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.668562][ C0] net_ratelimit: 7853 callbacks suppressed [ 721.668581][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.687067][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.699650][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.712250][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.724759][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.737380][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.749891][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.762499][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.775005][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 721.788211][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.678778][ C0] net_ratelimit: 7973 callbacks suppressed [ 726.678798][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.697211][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.709737][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.722280][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.734929][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.747442][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.759952][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.772489][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.785029][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 726.797620][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.688551][ C0] net_ratelimit: 8283 callbacks suppressed [ 731.688571][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.707107][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.719743][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.732403][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.744992][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.757567][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.770133][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.782685][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.795311][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 731.807913][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.698715][ C0] net_ratelimit: 8248 callbacks suppressed [ 736.698734][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.717231][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.729867][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:be:36:3f:59:5d:ad, vlan:0) [ 736.742622][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.755198][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.767761][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.780471][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.793068][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:be:36:3f:59:5d:ad, vlan:0) [ 736.805735][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 736.818265][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 741.708344][ C0] net_ratelimit: 6098 callbacks suppressed [ 741.708362][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 741.727932][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 741.740457][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 741.753015][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 741.765574][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:be:36:3f:59:5d:ad, vlan:0) [ 741.778119][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 741.790674][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 741.804566][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 741.817053][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 741.829633][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 746.498295][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 746.505280][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P24090/1:b..l [ 746.513778][ C0] rcu: (detected by 0, t=10502 jiffies, g=120001, q=892 ncpus=1) [ 746.521590][ C0] task:syz.2.8524 state:R running task stack:27320 pid:24090 tgid:24089 ppid:5823 task_flags:0x40054c flags:0x00080000 [ 746.535981][ C0] Call Trace: [ 746.539299][ C0] [ 746.542233][ C0] __schedule+0xfee/0x6120 [ 746.546684][ C0] ? __call_rcu_common.constprop.0+0xa5/0x9b0 [ 746.552861][ C0] ? __lock_acquire+0x4a5/0x2630 [ 746.557816][ C0] ? __pfx___schedule+0x10/0x10 [ 746.562673][ C0] ? mark_held_locks+0x40/0x70 [ 746.567440][ C0] preempt_schedule_irq+0x50/0x90 [ 746.572466][ C0] irqentry_exit+0x17b/0x670 [ 746.577076][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 746.583068][ C0] RIP: 0010:__memcg_slab_free_hook+0xaa/0x630 [ 746.589146][ C0] Code: 49 8d 44 2d 00 4d 89 fd 48 89 44 24 10 48 c7 c0 28 4f 12 8e 48 c1 e8 03 48 89 44 24 18 eb 54 48 89 d8 48 c1 e8 03 80 3c 28 00 <0f> 85 13 05 00 00 48 8b 03 a8 03 0f 85 70 03 00 00 65 48 ff 08 e8 [ 746.608754][ C0] RSP: 0018:ffffc90004c7f7d0 EFLAGS: 00000246 [ 746.614818][ C0] RAX: 1ffff1100609ca30 RBX: ffff8880304e5180 RCX: 0000000000000001 [ 746.622784][ C0] RDX: 0000000000000000 RSI: ffffffff8c1b05a0 RDI: ffffffff8e12d8e0 [ 746.630752][ C0] RBP: dffffc0000000000 R08: 00000000a1bbbf67 R09: 0000000000000007 [ 746.638722][ C0] R10: 0000000000000200 R11: 0000000000000000 R12: ffff88801ce8cb40 [ 746.646688][ C0] R13: ffffea000078b280 R14: ffffc90004c7f860 R15: 0000000000000000 [ 746.654670][ C0] ? rcu_is_watching+0x12/0xc0 [ 746.659444][ C0] ? tear_down_vmas+0x2a5/0x600 [ 746.664296][ C0] kmem_cache_free+0x493/0x6a0 [ 746.669070][ C0] tear_down_vmas+0x2a5/0x600 [ 746.673756][ C0] exit_mmap+0x469/0xa30 [ 746.678020][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 746.682814][ C0] __mmput+0x12a/0x410 [ 746.686885][ C0] mmput+0x67/0x80 [ 746.690605][ C0] do_exit+0x819/0x2b60 [ 746.694770][ C0] ? __pfx_do_exit+0x10/0x10 [ 746.699367][ C0] ? do_raw_spin_lock+0x128/0x260 [ 746.704400][ C0] ? find_held_lock+0x2b/0x80 [ 746.709102][ C0] ? get_signal+0x7e0/0x21e0 [ 746.713698][ C0] do_group_exit+0xd5/0x2a0 [ 746.718227][ C0] get_signal+0x1ec7/0x21e0 [ 746.722737][ C0] ? __pfx_get_signal+0x10/0x10 [ 746.727588][ C0] ? do_futex+0x192/0x350 [ 746.731922][ C0] arch_do_signal_or_restart+0x91/0x770 [ 746.737473][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 746.743673][ C0] ? __pfx___x64_sys_futex+0x10/0x10 [ 746.748977][ C0] exit_to_user_mode_loop+0x86/0x4a0 [ 746.754284][ C0] do_syscall_64+0x668/0xf80 [ 746.758881][ C0] ? clear_bhb_loop+0x40/0x90 [ 746.763557][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 746.769448][ C0] RIP: 0033:0x7fcb30f9c799 [ 746.773860][ C0] RSP: 002b:00007fcb31d8e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 746.782269][ C0] RAX: fffffffffffffe00 RBX: 00007fcb31215fa8 RCX: 00007fcb30f9c799 [ 746.790237][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcb31215fa8 [ 746.798234][ C0] RBP: 00007fcb31215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 746.806234][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 746.814200][ C0] R13: 00007fcb31216038 R14: 00007fffb2716c30 R15: 00007fffb2716d18 [ 746.822179][ C0] [ 746.825214][ C0] rcu: rcu_preempt kthread starved for 914 jiffies! g120001 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 746.836316][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 746.846279][ C0] rcu: RCU grace-period kthread stack dump: [ 746.852158][ C0] task:rcu_preempt state:R running task stack:27736 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 746.865693][ C0] Call Trace: [ 746.869005][ C0] [ 746.871935][ C0] __schedule+0xfee/0x6120 [ 746.876357][ C0] ? __lock_acquire+0x4a5/0x2630 [ 746.881308][ C0] ? __pfx___schedule+0x10/0x10 [ 746.886164][ C0] ? find_held_lock+0x2b/0x80 [ 746.890834][ C0] ? schedule+0x2bf/0x390 [ 746.895169][ C0] schedule+0xdd/0x390 [ 746.899240][ C0] schedule_timeout+0x127/0x280 [ 746.904100][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 746.909474][ C0] ? __pfx_process_timeout+0x10/0x10 [ 746.914775][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 746.920596][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 746.926061][ C0] rcu_gp_fqs_loop+0x1a9/0x900 [ 746.930830][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 746.936118][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 746.941056][ C0] ? __pfx_rcu_gp_cleanup+0x10/0x10 [ 746.946257][ C0] ? rcu_is_watching+0x12/0xc0 [ 746.951025][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 746.956854][ C0] rcu_gp_kthread+0x179/0x230 [ 746.961543][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 746.966741][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 746.972551][ C0] ? __kthread_parkme+0x18c/0x230 [ 746.977598][ C0] ? kthread+0x13a/0x450 [ 746.981844][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 746.987093][ C0] kthread+0x370/0x450 [ 746.991163][ C0] ? __pfx_kthread+0x10/0x10 [ 746.995760][ C0] ret_from_fork+0x754/0xd80 [ 747.000414][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 747.005536][ C0] ? __switch_to+0x7b4/0x1120 [ 747.010212][ C0] ? __pfx_kthread+0x10/0x10 [ 747.014806][ C0] ret_from_fork_asm+0x1a/0x30 [ 747.019581][ C0] [ 747.022610][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 747.028931][ C0] CPU: 0 UID: 0 PID: 3411 Comm: kworker/R-bat_e Tainted: G U I L syzkaller #0 PREEMPT(full) [ 747.040214][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 747.047587][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 747.057684][ C0] Workqueue: bat_events batadv_tt_purge [ 747.063297][ C0] RIP: 0010:lock_acquire+0x5e/0x380 [ 747.068498][ C0] Code: 05 bb 02 29 12 83 f8 07 0f 87 f0 00 00 00 48 0f a3 05 86 5f f5 0e 0f 82 c2 02 00 00 8b 35 4e 93 f5 0e 85 f6 0f 85 dd 00 00 00 <48> 8b 44 24 30 65 48 2b 05 5d 02 29 12 0f 85 02 03 00 00 48 83 c4 [ 747.088117][ C0] RSP: 0018:ffffc90000006440 EFLAGS: 00000206 [ 747.094195][ C0] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000007 [ 747.102162][ C0] RDX: 0000000000000000 RSI: ffffffff8de59622 RDI: ffffffff8c1b0620 [ 747.110129][ C0] RBP: ffffffff8e7e74e0 R08: 000000006a7b52ce R09: 0000000000000007 [ 747.118099][ C0] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002 [ 747.126066][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 747.134040][ C0] FS: 0000000000000000(0000) GS:ffff88812434a000(0000) knlGS:0000000000000000 [ 747.142965][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 747.149548][ C0] CR2: 00007fa6790abb78 CR3: 00000000351f4000 CR4: 00000000003526f0 [ 747.157546][ C0] Call Trace: [ 747.160827][ C0] [ 747.163684][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 747.168880][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 747.174078][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 747.180237][ C0] unwind_next_frame+0xd1/0x1ea0 [ 747.185170][ C0] ? unwind_next_frame+0xbd/0x1ea0 [ 747.190279][ C0] ? __local_bh_enable_ip+0xf8/0x120 [ 747.195565][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 747.201717][ C0] arch_stack_walk+0x94/0xf0 [ 747.206325][ C0] ? batadv_tt_purge+0x25d/0xbd0 [ 747.211260][ C0] ? __local_bh_enable_ip+0xf8/0x120 [ 747.216572][ C0] ? __skb_ext_put+0x102/0x2f0 [ 747.221378][ C0] stack_trace_save+0x8e/0xc0 [ 747.226052][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 747.231429][ C0] ? __lock_acquire+0x4a5/0x2630 [ 747.236374][ C0] ? stack_depot_save_flags+0x27/0x9d0 [ 747.241851][ C0] kasan_save_stack+0x30/0x50 [ 747.246536][ C0] ? kasan_save_stack+0x30/0x50 [ 747.251400][ C0] ? kasan_save_track+0x14/0x30 [ 747.256279][ C0] ? kasan_save_free_info+0x3b/0x70 [ 747.261481][ C0] ? __kasan_slab_free+0x5f/0x80 [ 747.266429][ C0] ? kmem_cache_free+0x124/0x6a0 [ 747.271367][ C0] ? __skb_ext_put+0x102/0x2f0 [ 747.276139][ C0] ? skb_scrub_packet+0x377/0x430 [ 747.281170][ C0] ? __dev_forward_skb2+0x38a/0x740 [ 747.286393][ C0] ? veth_xmit+0x2c2/0xe90 [ 747.290843][ C0] ? dev_hard_start_xmit+0x121/0x7d0 [ 747.296185][ C0] ? __dev_queue_xmit+0x32c1/0x4800 [ 747.301398][ C0] ? br_dev_queue_push_xmit+0x360/0x550 [ 747.306976][ C0] ? br_nf_dev_queue_xmit+0x741/0x2a20 [ 747.312441][ C0] ? br_nf_post_routing+0xcbb/0x16a0 [ 747.317729][ C0] ? nf_hook_slow+0xbf/0x220 [ 747.322349][ C0] ? br_forward_finish+0x261/0x4d0 [ 747.327462][ C0] ? br_nf_hook_thresh+0x30d/0x420 [ 747.332579][ C0] ? br_nf_forward_finish+0x693/0xb30 [ 747.337952][ C0] ? br_nf_forward_ip.part.0+0x61e/0x820 [ 747.343588][ C0] ? br_nf_forward+0xfe5/0x19f0 [ 747.348443][ C0] ? nf_hook_slow+0xbf/0x220 [ 747.353036][ C0] ? __br_forward+0x2f6/0x970 [ 747.357715][ C0] ? maybe_deliver+0xf0/0x180 [ 747.362388][ C0] ? br_flood+0x193/0x650 [ 747.366727][ C0] ? br_handle_frame_finish+0xff4/0x1f60 [ 747.372383][ C0] ? br_nf_hook_thresh+0x30d/0x420 [ 747.377495][ C0] ? br_nf_pre_routing_finish_ipv6+0x769/0xfb0 [ 747.383663][ C0] ? br_nf_pre_routing_ipv6+0x39c/0x8b0 [ 747.389234][ C0] ? br_nf_pre_routing+0x90d/0x1550 [ 747.394432][ C0] ? br_handle_frame+0xcdd/0x1520 [ 747.399456][ C0] ? __netif_receive_skb_core.constprop.0+0x6c5/0x3550 [ 747.406303][ C0] ? __netif_receive_skb_one_core+0xb0/0x1e0 [ 747.412282][ C0] ? __netif_receive_skb+0x1f/0x120 [ 747.417482][ C0] ? process_backlog+0x37a/0x1580 [ 747.422505][ C0] ? __napi_poll.constprop.0+0xaf/0x450 [ 747.428048][ C0] ? net_rx_action+0xa40/0xf20 [ 747.432844][ C0] ? handle_softirqs+0x1eb/0x9e0 [ 747.437778][ C0] ? do_softirq+0xac/0xe0 [ 747.442109][ C0] ? __local_bh_enable_ip+0xf8/0x120 [ 747.447409][ C0] kasan_save_track+0x14/0x30 [ 747.452092][ C0] kasan_save_free_info+0x3b/0x70 [ 747.457121][ C0] __kasan_slab_free+0x5f/0x80 [ 747.461891][ C0] kmem_cache_free+0x124/0x6a0 [ 747.466683][ C0] ? find_held_lock+0x2b/0x80 [ 747.471377][ C0] __skb_ext_put+0x102/0x2f0 [ 747.475970][ C0] skb_scrub_packet+0x377/0x430 [ 747.480818][ C0] __dev_forward_skb2+0x38a/0x740 [ 747.485842][ C0] veth_xmit+0x2c2/0xe90 [ 747.490091][ C0] dev_hard_start_xmit+0x121/0x7d0 [ 747.495205][ C0] __dev_queue_xmit+0x32c1/0x4800 [ 747.500229][ C0] ? ip6t_do_table+0xc1d/0x1c90 [ 747.505134][ C0] ? __pfx___dev_queue_xmit+0x10/0x10 [ 747.510513][ C0] ? lock_acquire+0x1cf/0x380 [ 747.515198][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 747.520309][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 747.525504][ C0] ? nf_nat_ipv6_fn+0xff/0x2d0 [ 747.530306][ C0] br_dev_queue_push_xmit+0x360/0x550 [ 747.535681][ C0] br_nf_dev_queue_xmit+0x741/0x2a20 [ 747.540978][ C0] ? find_held_lock+0x2b/0x80 [ 747.545654][ C0] ? __pfx_br_nf_dev_queue_xmit+0x10/0x10 [ 747.551376][ C0] ? br_nf_post_routing+0xafb/0x16a0 [ 747.556671][ C0] br_nf_post_routing+0xcbb/0x16a0 [ 747.561800][ C0] ? __pfx_br_nf_post_routing+0x10/0x10 [ 747.567362][ C0] ? __pfx_br_nf_dev_queue_xmit+0x10/0x10 [ 747.573095][ C0] ? lock_acquire+0x1cf/0x380 [ 747.577785][ C0] nf_hook_slow+0xbf/0x220 [ 747.582210][ C0] br_forward_finish+0x261/0x4d0 [ 747.587151][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 747.592648][ C0] ? __pfx_br_dev_queue_push_xmit+0x10/0x10 [ 747.598545][ C0] ? nf_hook_slow+0x167/0x220 [ 747.603235][ C0] br_nf_hook_thresh+0x30d/0x420 [ 747.608180][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 747.613671][ C0] ? __pfx_br_nf_hook_thresh+0x10/0x10 [ 747.619147][ C0] ? lock_acquire+0x1cf/0x380 [ 747.623833][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 747.629292][ C0] ? net_generic+0xea/0x2a0 [ 747.633812][ C0] br_nf_forward_finish+0x693/0xb30 [ 747.639015][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 747.644481][ C0] br_nf_forward_ip.part.0+0x61e/0x820 [ 747.649963][ C0] br_nf_forward+0xfe5/0x19f0 [ 747.654648][ C0] nf_hook_slow+0xbf/0x220 [ 747.659085][ C0] __br_forward+0x2f6/0x970 [ 747.663589][ C0] ? __pfx___br_forward+0x10/0x10 [ 747.668613][ C0] ? __asan_memcpy+0x3c/0x60 [ 747.673211][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 747.678670][ C0] ? __skb_clone+0x570/0x760 [ 747.683268][ C0] maybe_deliver+0xf0/0x180 [ 747.687777][ C0] br_flood+0x193/0x650 [ 747.691948][ C0] br_handle_frame_finish+0xff4/0x1f60 [ 747.697416][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 747.703321][ C0] ? __lock_acquire+0x4a5/0x2630 [ 747.708261][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 747.713371][ C0] ? nf_hook_slow+0x167/0x220 [ 747.718065][ C0] br_nf_hook_thresh+0x30d/0x420 [ 747.723006][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 747.728907][ C0] ? __pfx_br_nf_hook_thresh+0x10/0x10 [ 747.734375][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 747.740274][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 747.746205][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 747.752129][ C0] br_nf_pre_routing_finish_ipv6+0x769/0xfb0 [ 747.758121][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 747.764023][ C0] br_nf_pre_routing_ipv6+0x39c/0x8b0 [ 747.769430][ C0] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 747.775328][ C0] ? lock_acquire+0x1cf/0x380 [ 747.780008][ C0] ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10 [ 747.786518][ C0] ? net_generic+0xea/0x2a0 [ 747.791045][ C0] br_nf_pre_routing+0x90d/0x1550 [ 747.796077][ C0] br_handle_frame+0xcdd/0x1520 [ 747.800949][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 747.806238][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 747.812140][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 747.817428][ C0] __netif_receive_skb_core.constprop.0+0x6c5/0x3550 [ 747.824137][ C0] ? mark_held_locks+0x40/0x70 [ 747.828907][ C0] ? kmem_cache_free+0x124/0x6a0 [ 747.833848][ C0] ? skb_release_data+0x7a0/0x9d0 [ 747.838878][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 747.845990][ C0] ? kfree_skbmem+0x19f/0x210 [ 747.850668][ C0] ? sk_skb_reason_drop+0x114/0x1b0 [ 747.855875][ C0] ? ip6_mc_input+0x51a/0xf50 [ 747.860556][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 747.865613][ C0] ? __lock_acquire+0x4a5/0x2630 [ 747.870557][ C0] ? process_backlog+0x32a/0x1580 [ 747.875578][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 747.881410][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 747.887826][ C0] ? lock_acquire+0x1cf/0x380 [ 747.892508][ C0] ? process_backlog+0x32a/0x1580 [ 747.897573][ C0] ? process_backlog+0x32a/0x1580 [ 747.902598][ C0] __netif_receive_skb+0x1f/0x120 [ 747.907631][ C0] process_backlog+0x37a/0x1580 [ 747.912491][ C0] __napi_poll.constprop.0+0xaf/0x450 [ 747.917899][ C0] net_rx_action+0xa40/0xf20 [ 747.922510][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 747.927622][ C0] ? mark_held_locks+0x40/0x70 [ 747.932389][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 747.937607][ C0] ? tmigr_handle_remote+0x132/0x380 [ 747.942909][ C0] ? run_timer_base+0x121/0x190 [ 747.947758][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 747.952956][ C0] handle_softirqs+0x1eb/0x9e0 [ 747.957721][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 747.963011][ C0] ? batadv_tt_purge+0x25d/0xbd0 [ 747.967973][ C0] do_softirq+0xac/0xe0 [ 747.972160][ C0] [ 747.975088][ C0] [ 747.978021][ C0] __local_bh_enable_ip+0xf8/0x120 [ 747.983128][ C0] batadv_tt_purge+0x25d/0xbd0 [ 747.987893][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 747.993183][ C0] ? rcu_is_watching+0x12/0xc0 [ 747.998012][ C0] process_one_work+0xa23/0x19a0 [ 748.002987][ C0] ? __pfx_process_one_work+0x10/0x10 [ 748.008464][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 748.013748][ C0] rescuer_thread+0x905/0x14a0 [ 748.018560][ C0] ? rescuer_thread+0x240/0x14a0 [ 748.023504][ C0] ? rescuer_thread+0x118/0x14a0 [ 748.028447][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 748.033654][ C0] ? __kthread_parkme+0x18c/0x230 [ 748.038685][ C0] ? kthread+0x13a/0x450 [ 748.042938][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 748.048147][ C0] kthread+0x370/0x450 [ 748.052226][ C0] ? __pfx_kthread+0x10/0x10 [ 748.056826][ C0] ret_from_fork+0x754/0xd80 [ 748.061422][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 748.066541][ C0] ? __switch_to+0x7b4/0x1120 [ 748.071232][ C0] ? __pfx_kthread+0x10/0x10 [ 748.075824][ C0] ret_from_fork_asm+0x1a/0x30 [ 748.080599][ C0] [ 748.084661][ C0] net_ratelimit: 5764 callbacks suppressed [ 748.084676][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 748.107295][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 748.119933][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:be:36:3f:59:5d:ad, vlan:0) [ 748.132504][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 748.145124][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 748.158920][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 748.171450][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 748.184178][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 748.196717][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:be:36:3f:59:5d:ad, vlan:0) [ 748.209352][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 753.088377][ C0] net_ratelimit: 5670 callbacks suppressed [ 753.088396][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 753.108136][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 753.120643][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 753.133232][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 753.145986][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:be:36:3f:59:5d:ad, vlan:0) [ 753.158674][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 753.171265][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 753.185224][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 753.197751][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 753.210381][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)