no interfaces have a carrier
[   59.471909][ T5493] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.488667][ T5493] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting crond: OK
Starting sshd: OK

syzkaller
Warning: Permanently added '10.128.1.76' (ED25519) to the list of known hosts.
2025/11/19 17:02:17 parsed 1 programs
syzkaller login: [   91.466253][ T5831] cgroup: Unknown subsys name 'net'
[   91.602714][ T5831] cgroup: Unknown subsys name 'cpuset'
[   91.617429][ T5831] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   92.168754][   T43] cfg80211: failed to load regulatory.db
[   93.301353][ T5831] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   96.487948][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   97.886067][ T5877] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   97.894979][ T5877] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   97.903518][ T5877] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   97.912393][ T5877] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   97.920295][ T5877] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   99.288855][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.296910][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.334448][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.343211][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.509725][ T5915] chnl_net:caif_netlink_parms(): no params data found
[  100.603869][ T5915] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.612745][ T5915] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.620904][ T5915] bridge_slave_0: entered allmulticast mode
[  100.628530][ T5915] bridge_slave_0: entered promiscuous mode
[  100.638794][ T5915] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.646158][ T5915] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.653593][ T5915] bridge_slave_1: entered allmulticast mode
[  100.661155][ T5915] bridge_slave_1: entered promiscuous mode
[  100.708572][ T5915] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.721319][ T5915] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.761255][ T5915] team0: Port device team_slave_0 added
[  100.769735][ T5915] team0: Port device team_slave_1 added
[  100.802335][ T5915] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.809374][ T5915] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  100.835668][ T5915] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.848980][ T5915] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.855959][ T5915] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  100.881923][ T5915] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.930339][ T5915] hsr_slave_0: entered promiscuous mode
[  100.936967][ T5915] hsr_slave_1: entered promiscuous mode
[  101.102952][ T5915] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  101.116137][ T5915] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  101.128294][ T5915] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  101.139424][ T5915] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  101.175395][ T5915] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.182779][ T5915] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.191204][ T5915] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.198454][ T5915] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.270921][ T5915] 8021q: adding VLAN 0 to HW filter on device bond0
[  101.292203][ T1333] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.302175][ T1333] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.318362][ T5915] 8021q: adding VLAN 0 to HW filter on device team0
[  101.334470][   T68] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.341718][   T68] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.356418][ T1333] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.363666][ T1333] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.568141][ T5915] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.623696][ T5915] veth0_vlan: entered promiscuous mode
[  101.636799][ T5915] veth1_vlan: entered promiscuous mode
[  101.671451][ T5915] veth0_macvtap: entered promiscuous mode
[  101.682180][ T5915] veth1_macvtap: entered promiscuous mode
[  101.703402][ T5915] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.722309][ T5915] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.738723][ T1090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.748381][ T1090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.760697][ T1090] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.771069][ T1090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.922666][ T1333] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.001882][ T1333] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.061841][ T1333] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.165968][ T1333] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/11/19 17:02:31 executed programs: 0
[  102.394989][ T5877] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  102.405831][ T5877] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  102.415129][ T5877] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  102.425241][ T5877] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  102.433339][ T5877] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  102.622122][ T5940] chnl_net:caif_netlink_parms(): no params data found
[  102.711987][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.719617][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.727068][ T5940] bridge_slave_0: entered allmulticast mode
[  102.734840][ T5940] bridge_slave_0: entered promiscuous mode
[  102.744826][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.752601][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.761088][ T5940] bridge_slave_1: entered allmulticast mode
[  102.768599][ T5940] bridge_slave_1: entered promiscuous mode
[  102.809277][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.822308][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.862600][ T5940] team0: Port device team_slave_0 added
[  102.870976][ T5940] team0: Port device team_slave_1 added
[  102.909420][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.916521][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.942547][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.956104][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.964355][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.991427][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.042858][ T5940] hsr_slave_0: entered promiscuous mode
[  103.049634][ T5940] hsr_slave_1: entered promiscuous mode
[  103.056136][ T5940] debugfs: 'hsr0' already exists in 'hsr'
[  103.062072][ T5940] Cannot create hsr debugfs directory
[  104.424279][ T1333] bridge_slave_1: left allmulticast mode
[  104.430889][ T1333] bridge_slave_1: left promiscuous mode
[  104.437631][ T1333] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.455905][ T1333] bridge_slave_0: left allmulticast mode
[  104.464847][ T1333] bridge_slave_0: left promiscuous mode
[  104.473373][ T1333] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.488279][ T5148] Bluetooth: hci0: command tx timeout
[  104.826271][ T1333] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.839569][ T1333] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.850499][ T1333] bond0 (unregistering): Released all slaves
[  104.954966][ T1333] hsr_slave_0: left promiscuous mode
[  104.961228][ T1333] hsr_slave_1: left promiscuous mode
[  104.967502][ T1333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.974952][ T1333] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.983441][ T1333] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.993468][ T1333] batman_adv: batadv0: Removing interface: batadv_slave_1
[  105.010121][ T1333] veth1_macvtap: left promiscuous mode
[  105.016288][ T1333] veth0_macvtap: left promiscuous mode
[  105.022100][ T1333] veth1_vlan: left promiscuous mode
[  105.028034][ T1333] veth0_vlan: left promiscuous mode
[  105.378763][ T1333] team0 (unregistering): Port device team_slave_1 removed
[  105.410569][ T1333] team0 (unregistering): Port device team_slave_0 removed
[  105.964198][ T5940] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  105.989077][ T5940] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.013707][ T5940] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.026435][ T5940] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.235792][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.269736][ T5940] 8021q: adding VLAN 0 to HW filter on device team0
[  106.302751][ T1333] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.310104][ T1333] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.326546][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.333821][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.568029][ T5148] Bluetooth: hci0: command tx timeout
[  106.642719][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.723206][ T5940] veth0_vlan: entered promiscuous mode
[  106.744610][ T5940] veth1_vlan: entered promiscuous mode
[  106.790087][ T5940] veth0_macvtap: entered promiscuous mode
[  106.803831][ T5940] veth1_macvtap: entered promiscuous mode
[  106.835390][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.856875][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.882117][ T1090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.902244][ T1090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.926002][ T1090] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.936569][ T1090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.996033][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.010810][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.038507][ T1333] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.046428][ T1333] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.096976][ T6002] vmg ffffc90003287c00 dumped because: VM_WARN_ON_VMG(prev && start <= prev->vm_start)
[  107.107640][ T6002] vmg ffffc90003287c00 state: mm ffff88807858c080 pgoff 2
[  107.107640][ T6002] vmi ffffc90003287dc0 [200000ffe000,200001000000)
[  107.107640][ T6002] prev ffff88802cc37500 middle ffff88802cc37500 next 0000000000000000 target 0000000000000000
[  107.107640][ T6002] start 200000ffe000 end 200001000000 flags 80000d1
[  107.107640][ T6002] file ffff88803406a380 anon_vma 0000000000000000 policy 0000000000000000
[  107.107640][ T6002] uffd_ctx 0000000000000000
[  107.107640][ T6002] anon_name 0000000000000000
[  107.107640][ T6002] state 0
[  107.107640][ T6002] just_expand 0
[  107.107640][ T6002] __adjust_middle_start 0 __adjust_next_start 0
[  107.107640][ T6002] __remove_middle 0 __remove_next 0
[  107.175484][ T6002] vmg ffffc90003287c00 mm:
[  107.180111][ T6002] mm ffff88807858c080 task_size 140737488351232
[  107.180111][ T6002] mmap_base 140111088128000 mmap_legacy_base 47521707040768
[  107.180111][ T6002] pgd ffff8880740d8000 mm_users 1 mm_count 1 pgtables_bytes 81920 map_count 20
[  107.180111][ T6002] hiwater_rss 225 hiwater_vm 2ba9 total_vm 2ba9 locked_vm 2
[  107.180111][ T6002] pinned_vm 0 data_vm 249c exec_vm 1a7 stack_vm 21
[  107.180111][ T6002] start_code 7f6e26a49000 end_code 7f6e26bed079 start_data 7f6e26dc0000 end_data 7f6e26dc0000
[  107.180111][ T6002] start_brk 55558c04e000 brk 55558c070000 start_stack 7ffd02d906b0
[  107.180111][ T6002] arg_start 7ffd02d91f6d arg_end 7ffd02d91f81 env_start 7ffd02d91f81 env_end 7ffd02d91fe9
[  107.180111][ T6002] binfmt ffffffff8e4b7880 flags 00000000,800007fd
[  107.180111][ T6002] ioctx_table 0000000000000000
[  107.180111][ T6002] owner ffff8880298d0000 exe_file ffff88801e2d0c40
[  107.180111][ T6002] notifier_subscriptions 0000000000000000
[  107.180111][ T6002] numa_next_scan 4294947895 numa_scan_offset 0 numa_scan_seq 0
[  107.180111][ T6002] tlb_flush_pending 0
[  107.180111][ T6002] def_flags: 0x0()
[  107.286212][ T6002] vmg ffffc90003287c00 prev:
[  107.291402][ T6002] vma ffff88802cc37500 start 0000200000ffe000 end 0000200001000000 mm ffff88807858c080
[  107.291402][ T6002] prot 8000000000000025 anon_vma 0000000000000000 vm_ops ffffffff8bd798e0
[  107.291402][ T6002] pgoff 2 file ffff88803406a380 private_data 0000000000000000
[  107.291402][ T6002] refcnt 1
[  107.291402][ T6002] flags: 0x80020d1(read|mayread|mayexec|mayshare|locked|softdirty)
[  107.329514][ T6002] vmg ffffc90003287c00 middle:
[  107.334325][ T6002] vma ffff88802cc37500 start 0000200000ffe000 end 0000200001000000 mm ffff88807858c080
[  107.334325][ T6002] prot 8000000000000025 anon_vma 0000000000000000 vm_ops ffffffff8bd798e0
[  107.334325][ T6002] pgoff 2 file ffff88803406a380 private_data 0000000000000000
[  107.334325][ T6002] refcnt 1
[  107.334325][ T6002] flags: 0x80020d1(read|mayread|mayexec|mayshare|locked|softdirty)
[  107.371193][ T6002] vmg ffffc90003287c00 next: (NULL)
[  107.376434][ T6002] vmg ffffc90003287c00 vmi:
[  107.381512][ T6002] MAS: tree=ffff88807858c0c0 enode=ffff88807637420c 
[  107.381536][ T6002] (ma_active)
[  107.388376][ T6002] Store Type: 
[  107.391676][ T6002] invalid store type
[  107.399623][ T6002] [8/13] index=200000ffe000 last=200000ffffff
[  107.405728][ T6002]      min=0 max=7f6e261fffff sheaf=0000000000000000, request 0 depth=0, flags=0
[  107.415889][ T6002] maple_tree(ffff88807858c0c0) flags 30B, height 2 root ffff88807637461e
[  107.424439][ T6002] 0-ffffffffffffffff: node ffff888076374600 depth 0 type 3 parent ffff88807858c0c1 contents: 35558b04d000 ffff8002fd26e000 0 0 0 0 0 0 0 0 | 01 01| ffff88807637420c 7F6E261FFFFF ffff88807637440c FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000
[  107.459495][ T6002]   0-7f6e261fffff: node ffff888076374200 depth 1 type 1 parent ffff888076374606 contents: 0000000000000000 1B2EF1FFFF ffff88807630f000 1B2F31FFFF 0000000000000000 1B2FF23FFF ffff8880763ffdc0 1B2FF63FFF 0000000000000000 1FFFFFFFEFFF ffff8880751f7b40 1FFFFFFFFFFF ffff8880751f8a00 200000FFBFFF ffff88802cc373c0 200000FFDFFF ffff88802cc37500 200000FFFFFF ffff8880751f7280 200001000FFF 0000000000000000 55558C04DFFF ffff8880751f7140 55558C06FFFF 0000000000000000 7F6E261FEFFF ffff8880751f7000 7F6E261FFFFF 0000000000000000 0 000000000000000d
[  107.509075][ T6002]     0-1b2ef1ffff: 0000000000000000
[  107.514392][ T6002]     1b2ef20000-1b2f31ffff: ffff88807630f000
[  107.521371][ T6002]     1b2f320000-1b2ff23fff: 0000000000000000
[  107.527778][ T6002]     1b2ff24000-1b2ff63fff: ffff8880763ffdc0
[  107.533914][ T6002]     1b2ff64000-1fffffffefff: 0000000000000000
[  107.540386][ T6002]     1ffffffff000-1fffffffffff: ffff8880751f7b40
[  107.546841][ T6002]     200000000000-200000ffbfff: ffff8880751f8a00
[  107.553324][ T6002]     200000ffc000-200000ffdfff: ffff88802cc373c0
[  107.559818][ T6002]     200000ffe000-200000ffffff: ffff88802cc37500
[  107.566255][ T6002]     200001000000-200001000fff: ffff8880751f7280
[  107.572757][ T6002]     200001001000-55558c04dfff: 0000000000000000
[  107.579266][ T6002]     55558c04e000-55558c06ffff: ffff8880751f7140
[  107.585706][ T6002]     55558c070000-7f6e261fefff: 0000000000000000
[  107.592475][ T6002]     7f6e261ff000-7f6e261fffff: ffff8880751f7000
[  107.598973][ T6002]   7f6e26200000-ffffffffffffffff: node ffff888076374400 depth 1 type 1 parent ffff88807637460e contents: ffff8880751f8140 7F6E269FFFFF ffff8880751f8000 7F6E26A48FFF ffff8880751f88c0 7F6E26BEDFFF ffff8880751f8780 7F6E26C9CFFF ffff8880751f8640 7F6E26DB3FFF ffff8880751f8500 7F6E26DBCFFF 0000000000000000 7F6E26DBFFFF ffff8880751f83c0 7F6E2791DFFF 0000000000000000 7F6E27A28FFF ffff8880751f8280 7F6E27A2CFFF ffff8880751f8dc0 7F6E27A2EFFF ffff8880751f8c80 7F6E27A30FFF 0000000000000000 7FFD02D70FFF ffff8880751f8b40 7FFD02D91FFF 0000000000000000 FFFFFFFFFFFFFFFF 000000000000000e
[  107.652906][ T6002]     7f6e26200000-7f6e269fffff: ffff8880751f8140
[  107.659495][ T6002]     7f6e26a00000-7f6e26a48fff: ffff8880751f8000
[  107.665966][ T6002]     7f6e26a49000-7f6e26bedfff: ffff8880751f88c0
[  107.672529][ T6002]     7f6e26bee000-7f6e26c9cfff: ffff8880751f8780
[  107.679040][ T6002]     7f6e26c9d000-7f6e26db3fff: ffff8880751f8640
[  107.685488][ T6002]     7f6e26db4000-7f6e26dbcfff: ffff8880751f8500
[  107.692538][ T6002]     7f6e26dbd000-7f6e26dbffff: 0000000000000000
[  107.699171][ T6002]     7f6e26dc0000-7f6e2791dfff: ffff8880751f83c0
[  107.705640][ T6002]     7f6e2791e000-7f6e27a28fff: 0000000000000000
[  107.712373][ T6002]     7f6e27a29000-7f6e27a2cfff: ffff8880751f8280
[  107.718951][ T6002]     7f6e27a2d000-7f6e27a2efff: ffff8880751f8dc0
[  107.725655][ T6002]     7f6e27a2f000-7f6e27a30fff: ffff8880751f8c80
[  107.732214][ T6002]     7f6e27a31000-7ffd02d70fff: 0000000000000000
[  107.738709][ T6002]     7ffd02d71000-7ffd02d91fff: ffff8880751f8b40
[  107.745140][ T6002]     7ffd02d92000-ffffffffffffffff: 0000000000000000
[  107.752200][ T6002] ------------[ cut here ]------------
[  107.757752][ T6002] WARNING: mm/vma.c:818 at vma_modify+0x1614/0x1a70, CPU#0: syz.0.17/6002
[  107.766288][ T6002] Modules linked in:
[  107.771154][ T6002] CPU: 0 UID: 0 PID: 6002 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  107.780454][ T6002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  107.790708][ T6002] RIP: 0010:vma_modify+0x1614/0x1a70
[  107.796048][ T6002] Code: 0b 90 e9 c4 ec ff ff e8 ea e5 a8 ff 90 0f 0b 90 e9 04 ec ff ff e8 dc e5 a8 ff 4c 89 f7 48 c7 c6 60 e6 96 8b e8 5d 85 f2 ff 90 <0f> 0b 90 e9 6a ec ff ff e8 bf e5 a8 ff e9 59 ed ff ff e8 b5 e5 a8
[  107.815965][ T6002] RSP: 0018:ffffc90003287ae8 EFLAGS: 00010282
[  107.822140][ T6002] RAX: ffffffff8b5d946d RBX: 0000200000ffe000 RCX: ffff8880298d0000
[  107.830512][ T6002] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff
[  107.838786][ T6002] RBP: ffffc90003287c20 R08: 0000000000000003 R09: 0000000000000004
[  107.846795][ T6002] R10: dffffc0000000000 R11: fffffbfff1c3a708 R12: 0000200000ffe000
[  107.855152][ T6002] R13: dffffc0000000000 R14: ffffc90003287c00 R15: 1ffff92000650f84
[  107.863228][ T6002] FS:  000055558c04e500(0000) GS:ffff888125a72000(0000) knlGS:0000000000000000
[  107.872339][ T6002] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  107.879044][ T6002] CR2: 000055574d204db0 CR3: 00000000740d8000 CR4: 00000000003526f0
[  107.887185][ T6002] Call Trace:
[  107.890500][ T6002]  <TASK>
[  107.893454][ T6002]  vma_modify_flags+0x1e8/0x230
[  107.898403][ T6002]  ? __pfx_vma_modify_flags+0x10/0x10
[  107.903926][ T6002]  mlock_fixup+0x24b/0x3b0
[  107.908434][ T6002]  apply_vma_lock_flags+0x285/0x390
[  107.913826][ T6002]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  107.919638][ T6002]  ? __pfx___se_sys_futex+0x10/0x10
[  107.924878][ T6002]  __se_sys_munlock+0x150/0x270
[  107.930377][ T6002]  do_syscall_64+0xfa/0xfa0
[  107.934934][ T6002]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.941514][ T6002]  ? clear_bhb_loop+0x60/0xb0
[  107.946240][ T6002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.952221][ T6002] RIP: 0033:0x7f6e26b8f749
[  107.956682][ T6002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.977092][ T6002] RSP: 002b:00007ffd02d8ff18 EFLAGS: 00000246 ORIG_RAX: 0000000000000096
[  107.985742][ T6002] RAX: ffffffffffffffda RBX: 00007f6e26de5fa0 RCX: 00007f6e26b8f749
[  107.993862][ T6002] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000ffd000
[  108.001943][ T6002] RBP: 00007f6e26c13f91 R08: 0000000000000000 R09: 0000000000000000
[  108.010210][ T6002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  108.018307][ T6002] R13: 00007f6e26de5fa0 R14: 00007f6e26de5fa0 R15: 0000000000000002
[  108.026333][ T6002]  </TASK>
[  108.029535][ T6002] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  108.036873][ T6002] CPU: 0 UID: 0 PID: 6002 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
[  108.046105][ T6002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  108.056184][ T6002] Call Trace:
[  108.059477][ T6002]  <TASK>
[  108.062417][ T6002]  dump_stack_lvl+0x99/0x250
[  108.067036][ T6002]  ? __asan_memcpy+0x40/0x70
[  108.071653][ T6002]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.076875][ T6002]  ? __pfx__printk+0x10/0x10
[  108.081504][ T6002]  vpanic+0x237/0x6d0
[  108.085509][ T6002]  ? __pfx_vpanic+0x10/0x10
[  108.090029][ T6002]  ? is_bpf_text_address+0x292/0x2b0
[  108.095423][ T6002]  ? is_bpf_text_address+0x26/0x2b0
[  108.100703][ T6002]  panic+0xb9/0xc0
[  108.104445][ T6002]  ? __pfx_panic+0x10/0x10
[  108.108880][ T6002]  __warn+0x318/0x4d0
[  108.112866][ T6002]  ? vma_modify+0x1614/0x1a70
[  108.117551][ T6002]  ? vma_modify+0x1614/0x1a70
[  108.122249][ T6002]  report_bug+0x2be/0x4f0
[  108.126598][ T6002]  ? vma_modify+0x1614/0x1a70
[  108.131291][ T6002]  ? vma_modify+0x1614/0x1a70
[  108.135977][ T6002]  ? vma_modify+0x1616/0x1a70
[  108.140678][ T6002]  handle_bug+0x84/0x160
[  108.144949][ T6002]  exc_invalid_op+0x1a/0x50
[  108.149469][ T6002]  asm_exc_invalid_op+0x1a/0x20
[  108.154334][ T6002] RIP: 0010:vma_modify+0x1614/0x1a70
[  108.159654][ T6002] Code: 0b 90 e9 c4 ec ff ff e8 ea e5 a8 ff 90 0f 0b 90 e9 04 ec ff ff e8 dc e5 a8 ff 4c 89 f7 48 c7 c6 60 e6 96 8b e8 5d 85 f2 ff 90 <0f> 0b 90 e9 6a ec ff ff e8 bf e5 a8 ff e9 59 ed ff ff e8 b5 e5 a8
[  108.179273][ T6002] RSP: 0018:ffffc90003287ae8 EFLAGS: 00010282
[  108.185355][ T6002] RAX: ffffffff8b5d946d RBX: 0000200000ffe000 RCX: ffff8880298d0000
[  108.193339][ T6002] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff
[  108.201325][ T6002] RBP: ffffc90003287c20 R08: 0000000000000003 R09: 0000000000000004
[  108.209310][ T6002] R10: dffffc0000000000 R11: fffffbfff1c3a708 R12: 0000200000ffe000
[  108.218076][ T6002] R13: dffffc0000000000 R14: ffffc90003287c00 R15: 1ffff92000650f84
[  108.226093][ T6002]  ? mt_dump_node+0x18cd/0x26b0
[  108.230972][ T6002]  ? vma_modify+0x1613/0x1a70
[  108.235688][ T6002]  vma_modify_flags+0x1e8/0x230
[  108.240567][ T6002]  ? __pfx_vma_modify_flags+0x10/0x10
[  108.246156][ T6002]  mlock_fixup+0x24b/0x3b0
[  108.250595][ T6002]  apply_vma_lock_flags+0x285/0x390
[  108.255821][ T6002]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  108.261567][ T6002]  ? __pfx___se_sys_futex+0x10/0x10
[  108.266785][ T6002]  __se_sys_munlock+0x150/0x270
[  108.271657][ T6002]  do_syscall_64+0xfa/0xfa0
[  108.276229][ T6002]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.282311][ T6002]  ? clear_bhb_loop+0x60/0xb0
[  108.287182][ T6002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.293112][ T6002] RIP: 0033:0x7f6e26b8f749
[  108.297557][ T6002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.317181][ T6002] RSP: 002b:00007ffd02d8ff18 EFLAGS: 00000246 ORIG_RAX: 0000000000000096
[  108.325634][ T6002] RAX: ffffffffffffffda RBX: 00007f6e26de5fa0 RCX: 00007f6e26b8f749
[  108.333630][ T6002] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000ffd000
[  108.341640][ T6002] RBP: 00007f6e26c13f91 R08: 0000000000000000 R09: 0000000000000000
[  108.349654][ T6002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  108.357682][ T6002] R13: 00007f6e26de5fa0 R14: 00007f6e26de5fa0 R15: 0000000000000002
[  108.365719][ T6002]  </TASK>
[  108.369126][ T6002] Kernel Offset: disabled
[  108.373460][ T6002] Rebooting in 86400 seconds..