Warning: Permanently added '10.128.1.164' (ED25519) to the list of known hosts. 1970/01/01 00:00:38 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:00:39 parsed 1 programs [ 42.407938][ T6534] cgroup: Unknown subsys name 'net' [ 42.534084][ T6534] cgroup: Unknown subsys name 'cpuset' [ 42.537951][ T6534] cgroup: Unknown subsys name 'rlimit' [ 42.730780][ T6534] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 53.396933][ T6550] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 53.509319][ T515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.509400][ T515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.554857][ T515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.554913][ T515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.862241][ T6565] chnl_net:caif_netlink_parms(): no params data found [ 54.056644][ T6565] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.056732][ T6565] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.056841][ T6565] bridge_slave_0: entered allmulticast mode [ 54.057731][ T6565] bridge_slave_0: entered promiscuous mode [ 54.059258][ T6565] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.059306][ T6565] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.059396][ T6565] bridge_slave_1: entered allmulticast mode [ 54.060213][ T6565] bridge_slave_1: entered promiscuous mode [ 54.079743][ T6565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.082037][ T6565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.136735][ T6565] team0: Port device team_slave_0 added [ 54.140764][ T6565] team0: Port device team_slave_1 added [ 54.154117][ T6565] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.154170][ T6565] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.154201][ T6565] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.155747][ T6565] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.155774][ T6565] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.155803][ T6565] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.320516][ T6565] hsr_slave_0: entered promiscuous mode [ 54.321408][ T6565] hsr_slave_1: entered promiscuous mode [ 54.537335][ T6565] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.543181][ T6565] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.550404][ T6565] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.554283][ T6565] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.614603][ T6565] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.624198][ T6565] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.629349][ T589] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.629477][ T589] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.636754][ T515] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.636827][ T515] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.658563][ T6565] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 54.659323][ T6565] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.732855][ T6565] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.757983][ T6565] veth0_vlan: entered promiscuous mode [ 54.761282][ T6565] veth1_vlan: entered promiscuous mode [ 54.773530][ T6565] veth0_macvtap: entered promiscuous mode [ 54.775374][ T6565] veth1_macvtap: entered promiscuous mode [ 54.782639][ T6565] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.784483][ T6565] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.786039][ T6565] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.786093][ T6565] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.786123][ T6565] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.786152][ T6565] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.194080][ T589] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.283465][ T589] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.393552][ T589] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.504247][ T589] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.747740][ T6604] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 55.748469][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 55.748795][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 55.749438][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 55.749838][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 1970/01/01 00:00:56 executed programs: 0 [ 57.073369][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 57.075706][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 57.077894][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 57.079029][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 57.079463][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 57.175215][ T6640] chnl_net:caif_netlink_parms(): no params data found [ 57.217081][ T6640] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.217189][ T6640] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.217307][ T6640] bridge_slave_0: entered allmulticast mode [ 57.218184][ T6640] bridge_slave_0: entered promiscuous mode [ 57.219966][ T6640] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.220038][ T6640] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.220303][ T6640] bridge_slave_1: entered allmulticast mode [ 57.222076][ T6640] bridge_slave_1: entered promiscuous mode [ 57.243691][ T6640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.245400][ T6640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.259651][ T6640] team0: Port device team_slave_0 added [ 57.262001][ T6640] team0: Port device team_slave_1 added [ 57.276772][ T6640] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.276846][ T6640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.276880][ T6640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.277999][ T6640] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.278024][ T6640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.278055][ T6640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.309486][ T6640] hsr_slave_0: entered promiscuous mode [ 57.310086][ T6640] hsr_slave_1: entered promiscuous mode [ 57.310458][ T6640] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.310552][ T6640] Cannot create hsr debugfs directory [ 58.007701][ T589] bridge_slave_1: left allmulticast mode [ 58.010044][ T589] bridge_slave_1: left promiscuous mode [ 58.011394][ T589] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.022719][ T589] bridge_slave_0: left allmulticast mode [ 58.022781][ T589] bridge_slave_0: left promiscuous mode [ 58.023115][ T589] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.131958][ T6097] Bluetooth: hci0: command tx timeout [ 59.703518][ T589] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 59.753617][ T589] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 59.802782][ T589] bond0 (unregistering): Released all slaves [ 59.878309][ T589] hsr_slave_0: left promiscuous mode [ 59.880265][ T589] hsr_slave_1: left promiscuous mode [ 59.883613][ T589] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 59.885897][ T589] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 59.889177][ T589] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 59.893391][ T589] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 59.907093][ T589] veth1_macvtap: left promiscuous mode [ 59.908938][ T589] veth0_macvtap: left promiscuous mode [ 59.910699][ T589] veth1_vlan: left promiscuous mode [ 59.912543][ T589] veth0_vlan: left promiscuous mode [ 61.211440][ T6097] Bluetooth: hci0: command tx timeout [ 61.813273][ T589] team0 (unregistering): Port device team_slave_1 removed [ 62.003683][ T589] team0 (unregistering): Port device team_slave_0 removed [ 63.291133][ T6097] Bluetooth: hci0: command tx timeout [ 64.636874][ T6640] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 64.643944][ T6640] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 64.648305][ T6640] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 64.653514][ T6640] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 64.732699][ T2410] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.732816][ T2410] ieee802154 phy1 wpan1: encryption failed: -22 [ 65.005145][ T6640] 8021q: adding VLAN 0 to HW filter on device bond0 [ 65.010495][ T6640] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.023322][ T364] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.023420][ T364] bridge0: port 1(bridge_slave_0) entered forwarding state [ 65.030520][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.030613][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 65.207829][ T6640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 65.371135][ T6097] Bluetooth: hci0: command tx timeout [ 65.625629][ T6640] veth0_vlan: entered promiscuous mode [ 65.628593][ T6640] veth1_vlan: entered promiscuous mode [ 65.644804][ T6640] veth0_macvtap: entered promiscuous mode [ 65.647432][ T6640] veth1_macvtap: entered promiscuous mode [ 65.657857][ T6640] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 65.659558][ T6640] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.667632][ T6640] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.667707][ T6640] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.667738][ T6640] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.667767][ T6640] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.725001][ T545] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.725057][ T545] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.743203][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.743262][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 1970/01/01 00:01:05 executed programs: 2 [ 65.844086] ** replaying previous printk message ** [ 65.844086][ T6718] ------------[ cut here ]------------ [ 65.844506][ T6718] ODEBUG: activate active (active state 1) object: 000000006921da73 object type: rcu_head hint: 0x0 [ 65.844915][ T6718] WARNING: CPU: 0 PID: 6718 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 65.853303][ T6718] Modules linked in: [ 65.854366][ T6718] CPU: 0 UID: 0 PID: 6718 Comm: syz.0.17 Not tainted 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 65.857264][ T6718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 65.859980][ T6718] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 65.862123][ T6718] pc : debug_object_activate+0x344/0x460 [ 65.863634][ T6718] lr : debug_object_activate+0x344/0x460 [ 65.865122][ T6718] sp : ffff8000a03a76d0 [ 65.866262][ T6718] x29: ffff8000a03a76d0 x28: ffff8000976d7000 x27: dfff800000000000 [ 65.868392][ T6718] x26: ffff80008afc2480 x25: 0000000000000001 x24: ffff8000891ac9a0 [ 65.870609][ T6718] x23: 0000000000000003 x22: ffff80008b539420 x21: 0000000000000000 [ 65.872805][ T6718] x20: ffff80008afc2480 x19: ffff8000891ac9a0 x18: 00000000ffffffff [ 65.874954][ T6718] x17: 3761643132393630 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 65.877124][ T6718] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 65.879275][ T6718] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : 5fa3c1ffaf0ff000 [ 65.881440][ T6718] x8 : 5fa3c1ffaf0ff000 x7 : 0000000000000001 x6 : 0000000000000001 [ 65.883664][ T6718] x5 : ffff8000a03a7018 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 65.885769][ T6718] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 65.887911][ T6718] Call trace: [ 65.888845][ T6718] debug_object_activate+0x344/0x460 (P) [ 65.890427][ T6718] kvfree_call_rcu+0x4c/0x3f0 [ 65.891734][ T6718] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 65.893230][ T6718] netlbl_sock_setattr+0x240/0x334 [ 65.894739][ T6718] smack_netlbl_add+0xa8/0x158 [ 65.896127][ T6718] smack_inode_setsecurity+0x378/0x430 [ 65.897637][ T6718] security_inode_setsecurity+0x118/0x3c0 [ 65.899231][ T6718] __vfs_setxattr_noperm+0x174/0x5c4 [ 65.900626][ T6718] __vfs_setxattr_locked+0x1ec/0x218 [ 65.902044][ T6718] vfs_setxattr+0x158/0x2ac [ 65.903321][ T6718] file_setxattr+0x1b8/0x294 [ 65.904622][ T6718] path_setxattrat+0x2ac/0x320 [ 65.905975][ T6718] __arm64_sys_fsetxattr+0xc0/0xdc [ 65.907378][ T6718] invoke_syscall+0x98/0x2b8 [ 65.908623][ T6718] el0_svc_common+0x130/0x23c [ 65.909819][ T6718] do_el0_svc+0x48/0x58 [ 65.910944][ T6718] el0_svc+0x58/0x180 [ 65.912018][ T6718] el0t_64_sync_handler+0x84/0x12c [ 65.913454][ T6718] el0t_64_sync+0x198/0x19c [ 65.914681][ T6718] irq event stamp: 739 [ 65.915773][ T6718] hardirqs last enabled at (738): [] __console_unlock+0x70/0xc4 [ 65.918310][ T6718] hardirqs last disabled at (739): [] el1_brk64+0x1c/0x48 [ 65.920447][ T6718] softirqs last enabled at (668): [] release_sock+0x14c/0x1ac [ 65.922684][ T6718] softirqs last disabled at (712): [] local_bh_disable+0x10/0x34 [ 65.925365][ T6718] ---[ end trace 0000000000000000 ]--- [ 65.92693 ** replaying previous printk message ** [ 65.926935][ T6718] ------------[ cut here ]------------ [ 65.926967][ T6718] ODEBUG: active_state active (active state 1) object: 000000006921da73 object type: rcu_head hint: 0x0 [ 65.927363][ T6718] WARNING: CPU: 0 PID: 6718 at lib/debugobjects.c:615 debug_object_active_state+0x28c/0x350 [ 65.935508][ T6718] Modules linked in: [ 65.936583][ T6718] CPU: 0 UID: 0 PID: 6718 Comm: syz.0.17 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 65.939949][ T6718] Tainted: [W]=WARN [ 65.941089][ T6718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 65.943860][ T6718] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 65.946000][ T6718] pc : debug_object_active_state+0x28c/0x350 [ 65.947658][ T6718] lr : debug_object_active_state+0x28c/0x350 [ 65.949291][ T6718] sp : ffff8000a03a76c0 [ 65.950387][ T6718] x29: ffff8000a03a76d0 x28: ffff80008f671000 x27: dfff800000000000 [ 65.952562][ T6718] x26: 0000000000000003 x25: 0000000000000000 x24: ffff0000cb6fd7a8 [ 65.954678][ T6718] x23: 0000000000000001 x22: ffff80008afc2480 x21: ffff80008b539420 [ 65.956896][ T6718] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 00000000ffffffff [ 65.959158][ T6718] x17: 3239363030303030 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 65.961366][ T6718] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 65.963521][ T6718] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : 5fa3c1ffaf0ff000 [ 65.965734][ T6718] x8 : 5fa3c1ffaf0ff000 x7 : 0000000000000001 x6 : 0000000000000001 [ 65.968000][ T6718] x5 : ffff8000a03a7018 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 65.970242][ T6718] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 65.972453][ T6718] Call trace: [ 65.973322][ T6718] debug_object_active_state+0x28c/0x350 (P) [ 65.974945][ T6718] kvfree_call_rcu+0x64/0x3f0 [ 65.976276][ T6718] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 65.977712][ T6718] netlbl_sock_setattr+0x240/0x334 [ 65.979094][ T6718] smack_netlbl_add+0xa8/0x158 [ 65.980420][ T6718] smack_inode_setsecurity+0x378/0x430 [ 65.982008][ T6718] security_inode_setsecurity+0x118/0x3c0 [ 65.983589][ T6718] __vfs_setxattr_noperm+0x174/0x5c4 [ 65.985044][ T6718] __vfs_setxattr_locked+0x1ec/0x218 [ 65.986547][ T6718] vfs_setxattr+0x158/0x2ac [ 65.987806][ T6718] file_setxattr+0x1b8/0x294 [ 65.989142][ T6718] path_setxattrat+0x2ac/0x320 [ 65.990546][ T6718] __arm64_sys_fsetxattr+0xc0/0xdc [ 65.991935][ T6718] invoke_syscall+0x98/0x2b8 [ 65.993236][ T6718] el0_svc_common+0x130/0x23c [ 65.994640][ T6718] do_el0_svc+0x48/0x58 [ 65.995795][ T6718] el0_svc+0x58/0x180 [ 65.996871][ T6718] el0t_64_sync_handler+0x84/0x12c [ 65.998241][ T6718] el0t_64_sync+0x198/0x19c [ 65.999470][ T6718] irq event stamp: 765 [ 66.000568][ T6718] hardirqs last enabled at (764): [] __console_unlock+0x70/0xc4 [ 66.003249][ T6718] hardirqs last disabled at (765): [] el1_brk64+0x1c/0x48 [ 66.005588][ T6718] softirqs last enabled at (668): [] release_sock+0x14c/0x1ac [ 66.008123][ T6718] softirqs last disabled at (712): [] local_bh_disable+0x10/0x34 [ 66.010688][ T6718] ---[ end trace 0000000000000000 ]--- [ ** replaying previous printk message ** [ 66.012242][ T6718] ------------[ cut here ]------------ [ 66.012285][ T6718] kvfree_call_rcu(): Double-freed call. rcu_head 000000006921da73 [ 66.012398][ T6718] WARNING: CPU: 0 PID: 6718 at mm/slab_common.c:1956 kvfree_call_rcu+0x94/0x3f0 [ 66.019178][ T6718] Modules linked in: [ 66.020286][ T6718] CPU: 0 UID: 0 PID: 6718 Comm: syz.0.17 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 66.023610][ T6718] Tainted: [W]=WARN [ 66.024728][ T6718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 66.027370][ T6718] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 66.029488][ T6718] pc : kvfree_call_rcu+0x94/0x3f0 [ 66.030909][ T6718] lr : kvfree_call_rcu+0x94/0x3f0 [ 66.032257][ T6718] sp : ffff8000a03a7730 [ 66.033451][ T6718] x29: ffff8000a03a7730 x28: 00000000fffffff5 x27: 1fffe000184823d3 [ 66.035661][ T6718] x26: dfff800000000000 x25: ffff0000c2411e9e x24: ffff0000dd88da00 [ 66.037835][ T6718] x23: ffff8000891ac9a0 x22: 00000000ffffffea x21: ffff8000891ac9a0 [ 66.039947][ T6718] x20: ffff8000891ac9a0 x19: ffff80008afc2480 x18: 00000000ffffffff [ 66.042008][ T6718] x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 66.044087][ T6718] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 66.046206][ T6718] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : 5fa3c1ffaf0ff000 [ 66.048371][ T6718] x8 : 5fa3c1ffaf0ff000 x7 : 0000000000000001 x6 : 0000000000000001 [ 66.050557][ T6718] x5 : ffff8000a03a7078 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 66.052606][ T6718] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 66.054741][ T6718] Call trace: [ 66.055672][ T6718] kvfree_call_rcu+0x94/0x3f0 (P) [ 66.057086][ T6718] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 66.058616][ T6718] netlbl_sock_setattr+0x240/0x334 [ 66.060057][ T6718] smack_netlbl_add+0xa8/0x158 [ 66.061416][ T6718] smack_inode_setsecurity+0x378/0x430 [ 66.062869][ T6718] security_inode_setsecurity+0x118/0x3c0 [ 66.064409][ T6718] __vfs_setxattr_noperm+0x174/0x5c4 [ 66.065917][ T6718] __vfs_setxattr_locked+0x1ec/0x218 [ 66.067321][ T6718] vfs_setxattr+0x158/0x2ac [ 66.068582][ T6718] file_setxattr+0x1b8/0x294 [ 66.069785][ T6718] path_setxattrat+0x2ac/0x320 [ 66.071054][ T6718] __arm64_sys_fsetxattr+0xc0/0xdc [ 66.072517][ T6718] invoke_syscall+0x98/0x2b8 [ 66.073790][ T6718] el0_svc_common+0x130/0x23c [ 66.075038][ T6718] do_el0_svc+0x48/0x58 [ 66.076175][ T6718] el0_svc+0x58/0x180 [ 66.077292][ T6718] el0t_64_sync_handler+0x84/0x12c [ 66.078737][ T6718] el0t_64_sync+0x198/0x19c [ 66.079984][ T6718] irq event stamp: 789 [ 66.081135][ T6718] hardirqs last enabled at (788): [] __console_unlock+0x70/0xc4 [ 66.083635][ T6718] hardirqs last disabled at (789): [] el1_brk64+0x1c/0x48 [ 66.086022][ T6718] softirqs last enabled at (668): [] release_sock+0x14c/0x1ac [ 66.088654][ T6718] softirqs last disabled at (712): [] local_bh_disable+0x10/0x34 [ 66.091302][ T6718] ---[ end trace 0000000000000000 ]--- [ 66.107521][ ** replaying previous printk message ** [ 66.107521][ T6719] ------------[ cut here ]------------ [ 66.107582][ T6719] ODEBUG: activate active (active state 1) object: 000000006921da73 object type: rcu_head hint: 0x0 [ 66.107975][ T6719] WARNING: CPU: 0 PID: 6719 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 66.116105][ T6719] Modules linked in: [ 66.117186][ T6719] CPU: 0 UID: 0 PID: 6719 Comm: syz.0.18 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 66.120546][ T6719] Tainted: [W]=WARN [ 66.121641][ T6719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 66.124465][ T6719] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 66.126651][ T6719] pc : debug_object_activate+0x344/0x460 [ 66.128226][ T6719] lr : debug_object_activate+0x344/0x460 [ 66.129719][ T6719] sp : ffff8000a03a76d0 [ 66.130833][ T6719] x29: ffff8000a03a76d0 x28: ffff8000976d7000 x27: dfff800000000000 [ 66.133017][ T6719] x26: ffff80008afc2480 x25: 0000000000000001 x24: ffff8000891ac9a0 [ 66.135157][ T6719] x23: 0000000000000003 x22: ffff80008b539420 x21: 0000000000000000 [ 66.137343][ T6719] x20: ffff80008afc2480 x19: ffff8000891ac9a0 x18: 0000000000000000 [ 66.139518][ T6719] x17: 3761643132393630 x16: ffff80008aefca08 x15: 0000000000000001 [ 66.141625][ T6719] x14: 1fffe000337d40e2 x13: 0000000000000000 x12: 0000000000000000 [ 66.143832][ T6719] x11: ffff6000337d40e3 x10: 0000000000ff0100 x9 : 2bc802a3921fe700 [ 66.146127][ T6719] x8 : 2bc802a3921fe700 x7 : 0000000000000001 x6 : 0000000000000001 [ 66.148306][ T6719] x5 : ffff8000a03a7018 x4 : ffff80008f766c20 x3 : ffff8000807c0118 [ 66.150561][ T6719] x2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000000 [ 66.152771][ T6719] Call trace: [ 66.153647][ T6719] debug_object_activate+0x344/0x460 (P) [ 66.155207][ T6719] kvfree_call_rcu+0x4c/0x3f0 [ 66.156507][ T6719] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 66.157965][ T6719] netlbl_sock_setattr+0x240/0x334 [ 66.159399][ T6719] smack_netlbl_add+0xa8/0x158 [ 66.160709][ T6719] smack_inode_setsecurity+0x378/0x430 [ 66.162386][ T6719] security_inode_setsecurity+0x118/0x3c0 [ 66.163972][ T6719] __vfs_setxattr_noperm+0x174/0x5c4 [ 66.165461][ T6719] __vfs_setxattr_locked+0x1ec/0x218 [ 66.166873][ T6719] vfs_setxattr+0x158/0x2ac [ 66.168090][ T6719] file_setxattr+0x1b8/0x294 [ 66.169386][ T6719] path_setxattrat+0x2ac/0x320 [ 66.170656][ T6719] __arm64_sys_fsetxattr+0xc0/0xdc [ 66.172106][ T6719] invoke_syscall+0x98/0x2b8 [ 66.173370][ T6719] el0_svc_common+0x130/0x23c [ 66.174713][ T6719] do_el0_svc+0x48/0x58 [ 66.175853][ T6719] el0_svc+0x58/0x180 [ 66.176992][ T6719] el0t_64_sync_handler+0x84/0x12c [ 66.178450][ T6719] el0t_64_sync+0x198/0x19c [ 66.179724][ T6719] irq event stamp: 733 [ 66.180847][ T6719] hardirqs last enabled at (732): [] __console_unlock+0x70/0xc4 [ 66.183391][ T6719] hardirqs last disabled at (733): [] el1_brk64+0x1c/0x48 [ 66.185829][ T6719] softirqs last enabled at (670): [] release_sock+0x14c/0x1ac [ 66.188402][ T6719] softirqs last disabled at (708): [] local_bh_disable+0x10/0x34 [ 66.191059][ T6719] ---[ end trace 0000000000000000 ]--- [ 66.192672][ T ** replaying previous printk message ** [ 66.192672][ T6719] ------------[ cut here ]------------ [ 66.192712][ T6719] ODEBUG: active_state active (active state 1) object: 000000006921da73 object type: rcu_head hint: 0x0 [ 66.193121][ T6719] WARNING: CPU: 0 PID: 6719 at lib/debugobjects.c:615 debug_object_active_state+0x28c/0x350 [ 66.201402][ T6719] Modules linked in: [ 66.202469][ T6719] CPU: 0 UID: 0 PID: 6719 Comm: syz.0.18 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 66.205901][ T6719] Tainted: [W]=WARN [ 66.206911][ T6719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 66.209774][ T6719] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 66.211988][ T6719] pc : debug_object_active_state+0x28c/0x350 [ 66.213690][ T6719] lr : debug_object_active_state+0x28c/0x350 [ 66.215338][ T6719] sp : ffff8000a03a76c0 [ 66.216464][ T6719] x29: ffff8000a03a76d0 x28: ffff80008f671000 x27: dfff800000000000 [ 66.218683][ T6719] x26: 0000000000000003 x25: 0000000000000000 x24: ffff0000cb6fd7a8 [ 66.220960][ T6719] x23: 0000000000000001 x22: ffff80008afc2480 x21: ffff80008b539420 [ 66.223208][ T6719] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 0000000000000000 [ 66.225503][ T6719] x17: 3239363030303030 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 66.227737][ T6719] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 66.229950][ T6719] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : 2bc802a3921fe700 [ 66.232176][ T6719] x8 : 2bc802a3921fe700 x7 : 0000000000000001 x6 : 0000000000000001 [ 66.234368][ T6719] x5 : ffff8000a03a7018 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 66.236607][ T6719] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 66.238815][ T6719] Call trace: [ 66.239719][ T6719] debug_object_active_state+0x28c/0x350 (P) [ 66.241465][ T6719] kvfree_call_rcu+0x64/0x3f0 [ 66.242857][ T6719] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 66.244344][ T6719] netlbl_sock_setattr+0x240/0x334 [ 66.245765][ T6719] smack_netlbl_add+0xa8/0x158 [ 66.247081][ T6719] smack_inode_setsecurity+0x378/0x430 [ 66.248575][ T6719] security_inode_setsecurity+0x118/0x3c0 [ 66.250181][ T6719] __vfs_setxattr_noperm+0x174/0x5c4 [ 66.251583][ T6719] __vfs_setxattr_locked+0x1ec/0x218 [ 66.253017][ T6719] vfs_setxattr+0x158/0x2ac [ 66.254311][ T6719] file_setxattr+0x1b8/0x294 [ 66.255593][ T6719] path_setxattrat+0x2ac/0x320 [ 66.256984][ T6719] __arm64_sys_fsetxattr+0xc0/0xdc [ 66.258413][ T6719] invoke_syscall+0x98/0x2b8 [ 66.259725][ T6719] el0_svc_common+0x130/0x23c [ 66.261056][ T6719] do_el0_svc+0x48/0x58 [ 66.262280][ T6719] el0_svc+0x58/0x180 [ 66.263437][ T6719] el0t_64_sync_handler+0x84/0x12c [ 66.264859][ T6719] el0t_64_sync+0x198/0x19c [ 66.266197][ T6719] irq event stamp: 759 [ 66.267364][ T6719] hardirqs last enabled at (758): [] __console_unlock+0x70/0xc4 [ 66.269961][ T6719] hardirqs last disabled at (759): [] el1_brk64+0x1c/0x48 [ 66.272379][ T6719] softirqs last enabled at (670): [] release_sock+0x14c/0x1ac [ 66.274934][ T6719] softirqs last disabled at (708): [] local_bh_disable+0x10/0x34 [ 66.277529][ T6719] ---[ end trace 0000000000000000 ]--- [ 66.299591] ** replaying previous printk message ** [ 66.299591][ T6720] ------------[ cut here ]------------ [ 66.299661][ T6720] ODEBUG: activate active (active state 1) object: 000000006921da73 object type: rcu_head hint: 0x0 [ 66.300063][ T6720] WARNING: CPU: 0 PID: 6720 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 66.308257][ T6720] Modules linked in: [ 66.309361][ T6720] CPU: 0 UID: 0 PID: 6720 Comm: syz.0.19 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 66.312880][ T6720] Tainted: [W]=WARN [ 66.313975][ T6720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 66.316703][ T6720] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 66.318890][ T6720] pc : debug_object_activate+0x344/0x460 [ 66.320447][ T6720] lr : debug_object_activate+0x344/0x460 [ 66.322022][ T6720] sp : ffff8000a03a76d0 [ 66.323184][ T6720] x29: ffff8000a03a76d0 x28: ffff8000976d7000 x27: dfff800000000000 [ 66.325581][ T6720] x26: ffff80008afc2480 x25: 0000000000000001 x24: ffff8000891ac9a0 [ 66.327849][ T6720] x23: 0000000000000003 x22: ffff80008b539420 x21: 0000000000000000 [ 66.330107][ T6720] x20: ffff80008afc2480 x19: ffff8000891ac9a0 x18: 0000000000000000 [ 66.332340][ T6720] x17: 3761643132393630 x16: ffff80008aefca08 x15: 0000000000000001 [ 66.334551][ T6720] x14: 1fffe000337d40e2 x13: 0000000000000000 x12: 0000000000000000 [ 66.336805][ T6720] x11: ffff6000337d40e3 x10: 0000000000ff0100 x9 : d2d64fa95575dc00 [ 66.339151][ T6720] x8 : d2d64fa95575dc00 x7 : 0000000000000001 x6 : 0000000000000001 [ 66.341402][ T6720] x5 : ffff8000a03a7018 x4 : ffff80008f766c20 x3 : ffff8000807c0118 [ 66.343578][ T6720] x2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000000 [ 66.345903][ T6720] Call trace: [ 66.346829][ T6720] debug_object_activate+0x344/0x460 (P) [ 66.348369][ T6720] kvfree_call_rcu+0x4c/0x3f0 [ 66.349660][ T6720] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 66.351118][ T6720] netlbl_sock_setattr+0x240/0x334 [ 66.352543][ T6720] smack_netlbl_add+0xa8/0x158 [ 66.354019][ T6720] smack_inode_setsecurity+0x378/0x430 [ 66.355573][ T6720] security_inode_setsecurity+0x118/0x3c0 [ 66.357194][ T6720] __vfs_setxattr_noperm+0x174/0x5c4 [ 66.358634][ T6720] __vfs_setxattr_locked+0x1ec/0x218 [ 66.360217][ T6720] vfs_setxattr+0x158/0x2ac [ 66.361468][ T6720] file_setxattr+0x1b8/0x294 [ 66.362711][ T6720] path_setxattrat+0x2ac/0x320 [ 66.364033][ T6720] __arm64_sys_fsetxattr+0xc0/0xdc [ 66.365402][ T6720] invoke_syscall+0x98/0x2b8 [ 66.366743][ T6720] el0_svc_common+0x130/0x23c [ 66.368098][ T6720] do_el0_svc+0x48/0x58 [ 66.369305][ T6720] el0_svc+0x58/0x180 [ 66.370422][ T6720] el0t_64_sync_handler+0x84/0x12c [ 66.371817][ T6720] el0t_64_sync+0x198/0x19c [ 66.373037][ T6720] irq event stamp: 1263 [ 66.374143][ T6720] hardirqs last enabled at (1262): [] __console_unlock+0x70/0xc4 [ 66.376701][ T6720] hardirqs last disabled at (1263): [] el1_brk64+0x1c/0x48 [ 66.379125][ T6720] softirqs last enabled at (1200): [] release_sock+0x14c/0x1ac [ 66.381560][ T6720] softirqs last disabled at (1238): [] local_bh_disable+0x10/0x34 [ 66.384165][ T6720] ---[ end trace 0000000000000000 ]--- [ 69.862758][ T2332] cfg80211: failed to load regulatory.db [ 70.817398][ T515] ------------[ cut here ]------------ [ 70.817489][ T515] Trying to vfree() bad address (000000006921da73) [ 70.823664][ T515] WARNING: CPU: 1 PID: 515 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 70.825997][ T515] Modules linked in: [ 70.827181][ T515] CPU: 1 UID: 0 PID: 515 Comm: kworker/u8:8 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 70.830758][ T515] Tainted: [W]=WARN [ 70.831854][ T515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 70.834797][ T515] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 70.836703][ T515] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 70.838675][ T515] pc : remove_vm_area+0x268/0x270 [ 70.840169][ T515] lr : remove_vm_area+0x264/0x270 [ 70.841617][ T515] sp : ffff80009c4d78e0 [ 70.842879][ T515] x29: ffff80009c4d78f0 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 70.845148][ T515] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 70.847505][ T515] x23: ffff0000c2b24028 x22: 1fffe00018d4e001 x21: 0000000000000000 [ 70.849693][ T515] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 1fffe000337d8876 [ 70.851811][ T515] x17: ffff80008f66e000 x16: ffff80008aefca08 x15: 0000000000000001 [ 70.854068][ T515] x14: 1fffe000337db2f0 x13: 0000000000000000 x12: 0000000000000000 [ 70.856324][ T515] x11: ffff800093162c08 x10: 0000000000000003 x9 : 43a55bca3cacae00 [ 70.858629][ T515] x8 : 43a55bca3cacae00 x7 : ffff800080488aac x6 : 0000000000000000 [ 70.860863][ T515] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 70.863254][ T515] x2 : 0000000000000006 x1 : ffff80008b538920 x0 : 0000000000000001 [ 70.865640][ T515] Call trace: [ 70.866649][ T515] remove_vm_area+0x268/0x270 (P) [ 70.868091][ T515] vfree+0xac/0x3dc [ 70.869162][ T515] kvfree_rcu_bulk+0xc4/0x228 [ 70.870536][ T515] kfree_rcu_monitor+0x230/0x2b4 [ 70.872072][ T515] process_one_work+0x7e8/0x155c [ 70.873514][ T515] worker_thread+0x958/0xed8 [ 70.874873][ T515] kthread+0x5fc/0x75c [ 70.876051][ T515] ret_from_fork+0x10/0x20 [ 70.877397][ T515] irq event stamp: 1058292 [ 70.878624][ T515] hardirqs last enabled at (1058291): [] finish_lock_switch+0xb0/0x1c0 1970/01/01 00:01:10 executed programs: 261 [ 70.881374][ T515] hardirqs last disabled at (1058292): [] el1_brk64+0x1c/0x48 [ 70.883988][ T515] softirqs last enabled at (1054508): [] batadv_forw_packet_steal+0x11c/0x13c [ 70.886982][ T515] softirqs last disabled at (1054506): [] batadv_forw_packet_steal+0x38/0x13c [ 70.889991][ T515] ---[ end trace 0000000000000000 ]--- [ 70.892698][ T515] ------------[ cut here ]------------ [ 70.892740][ T515] Trying to vfree() nonexistent vm area (000000006921da73) [ 70.896352][ T515] WARNING: CPU: 1 PID: 515 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 70.898452][ T515] Modules linked in: [ 70.899451][ T515] CPU: 1 UID: 0 PID: 515 Comm: kworker/u8:8 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 70.902810][ T515] Tainted: [W]=WARN [ 70.903850][ T515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 70.906508][ T515] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 70.908317][ T515] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 70.910536][ T515] pc : vfree+0x32c/0x3dc [ 70.911638][ T515] lr : vfree+0x32c/0x3dc [ 70.912757][ T515] sp : ffff80009c4d7950 [ 70.914060][ T515] x29: ffff80009c4d7960 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 70.916400][ T515] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 70.918582][ T515] x23: ffff0000c2b24028 x22: 1fffe00018d4e001 x21: 0000000000000000 [ 70.920828][ T515] x20: ffff8000891ac9a0 x19: 0000000000000000 x18: 1fffe000337d8876 [ 70.923058][ T515] x17: ffff80008f66e000 x16: ffff80008aefca08 x15: 0000000000000001 [ 70.925380][ T515] x14: 1fffe000337db2f0 x13: 0000000000000000 x12: 0000000000000000 [ 70.927677][ T515] x11: ffff800093162c08 x10: 0000000000000003 x9 : 43a55bca3cacae00 [ 70.930109][ T515] x8 : 43a55bca3cacae00 x7 : ffff800080488aac x6 : 0000000000000000 [ 70.932422][ T515] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 70.934648][ T515] x2 : 0000000000000006 x1 : ffff80008b538920 x0 : 0000000000000001 [ 70.936919][ T515] Call trace: [ 70.937891][ T515] vfree+0x32c/0x3dc (P) [ 70.939064][ T515] kvfree_rcu_bulk+0xc4/0x228 [ 70.940408][ T515] kfree_rcu_monitor+0x230/0x2b4 [ 70.941894][ T515] process_one_work+0x7e8/0x155c [ 70.943212][ T515] worker_thread+0x958/0xed8 [ 70.944585][ T515] kthread+0x5fc/0x75c [ 70.945810][ T515] ret_from_fork+0x10/0x20 [ 70.947069][ T515] irq event stamp: 1058364 [ 70.948255][ T515] hardirqs last enabled at (1058363): [] finish_lock_switch+0xb0/0x1c0 [ 70.950976][ T515] hardirqs last disabled at (1058364): [] el1_brk64+0x1c/0x48 [ 70.953477][ T515] softirqs last enabled at (1058336): [] handle_softirqs+0xaf8/0xc88 [ 70.956211][ T515] softirqs last disabled at (1058297): [] __do_softirq+0x14/0x20 [ 70.958787][ T515] ---[ end trace 0000000000000000 ]--- [ 70.981481][ T589] ------------[ cut here ]------------ [ 70.981555][ T589] Trying to vfree() bad address (000000006921da73) [ 70.985513][ T589] WARNING: CPU: 1 PID: 589 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 70.987746][ T589] Modules linked in: [ 70.988856][ T589] CPU: 1 UID: 0 PID: 589 Comm: kworker/u8:11 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 70.992209][ T589] Tainted: [W]=WARN [ 70.993209][ T589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 70.996021][ T589] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 70.997751][ T589] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 70.999846][ T589] pc : remove_vm_area+0x268/0x270 [ 71.001253][ T589] lr : remove_vm_area+0x264/0x270 [ 71.002601][ T589] sp : ffff80009cfc78f0 [ 71.003729][ T589] x29: ffff80009cfc7900 x28: 1ffff00011ece29b x27: dfff800000000000 [ 71.005824][ T589] x26: ffff0000c58aff18 x25: dfff800000000000 x24: 0000000000000001 [ 71.007955][ T589] x23: ffff0000c2b25028 x22: 1fffe00018db63d1 x21: 0000000000000000 [ 71.010188][ T589] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 1fffe000337d8876 [ 71.012322][ T589] x17: ffff80008f66e000 x16: ffff80008aefca08 x15: 0000000000000001 [ 71.014669][ T589] x14: 1fffe000337db2f0 x13: 0000000000000000 x12: 0000000000000000 [ 71.016859][ T589] x11: ffff800093162c08 x10: 0000000000000003 x9 : d0f2895afb56c900 [ 71.019013][ T589] x8 : d0f2895afb56c900 x7 : ffff800080488aac x6 : 0000000000000000 [ 71.021285][ T589] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 71.023625][ T589] x2 : 0000000000000006 x1 : ffff80008b538920 x0 : 0000000000000001 [ 71.025964][ T589] Call trace: [ 71.026851][ T589] remove_vm_area+0x268/0x270 (P) [ 71.028335][ T589] vfree+0xac/0x3dc [ 71.029429][ T589] kvfree_rcu_bulk+0xc4/0x228 [ 71.030727][ T589] kfree_rcu_work+0xe0/0x140 [ 71.031957][ T589] process_one_work+0x7e8/0x155c [ 71.033411][ T589] worker_thread+0x958/0xed8 [ 71.034640][ T589] kthread+0x5fc/0x75c [ 71.035712][ T589] ret_from_fork+0x10/0x20 [ 71.036988][ T589] irq event stamp: 1029438 [ 71.038187][ T589] hardirqs last enabled at (1029437): [] finish_lock_switch+0xb0/0x1c0 [ 71.040840][ T589] hardirqs last disabled at (1029438): [] el1_brk64+0x1c/0x48 [ 71.043391][ T589] softirqs last enabled at (1029336): [] macvlan_process_broadcast+0x1c4/0x5c4 [ 71.046357][ T589] softirqs last disabled at (1029334): [] macvlan_process_broadcast+0xdc/0x5c4 [ 71.049461][ T589] ---[ end trace 0000000000000000 ]--- [ 71.053140][ T589] ------------[ cut here ]------------ [ 71.053186][ T589] Trying to vfree() nonexistent vm area (000000006921da73) [ 71.056784][ T589] WARNING: CPU: 1 PID: 589 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 71.058724][ T589] Modules linked in: [ 71.059785][ T589] CPU: 1 UID: 0 PID: 589 Comm: kworker/u8:11 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 71.063214][ T589] Tainted: [W]=WARN [ 71.064210][ T589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 71.067018][ T589] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 71.068835][ T589] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 71.071070][ T589] pc : vfree+0x32c/0x3dc [ 71.072334][ T589] lr : vfree+0x32c/0x3dc [ 71.073550][ T589] sp : ffff80009cfc7960 [ 71.074710][ T589] x29: ffff80009cfc7970 x28: 1ffff00011ece29b x27: dfff800000000000 [ 71.076937][ T589] x26: ffff0000c58aff18 x25: dfff800000000000 x24: 0000000000000001 [ 71.079244][ T589] x23: ffff0000c2b25028 x22: 1fffe00018db63d1 x21: 0000000000000000 [ 71.081622][ T589] x20: ffff8000891ac9a0 x19: 0000000000000000 x18: 1fffe000337d8876 [ 71.083882][ T589] x17: ffff80008f66e000 x16: ffff80008aefca08 x15: 0000000000000001 [ 71.086077][ T589] x14: 1fffe000337db2f0 x13: 0000000000000000 x12: 0000000000000000 [ 71.088325][ T589] x11: ffff800093162c08 x10: 0000000000000003 x9 : d0f2895afb56c900 [ 71.090641][ T589] x8 : d0f2895afb56c900 x7 : ffff800080488aac x6 : 0000000000000000 [ 71.092856][ T589] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 71.095261][ T589] x2 : 0000000000000006 x1 : ffff80008b538920 x0 : 0000000000000001 [ 71.097588][ T589] Call trace: [ 71.098501][ T589] vfree+0x32c/0x3dc (P) [ 71.099659][ T589] kvfree_rcu_bulk+0xc4/0x228 [ 71.100971][ T589] kfree_rcu_work+0xe0/0x140 [ 71.102275][ T589] process_one_work+0x7e8/0x155c [ 71.103815][ T589] worker_thread+0x958/0xed8 [ 71.105119][ T589] kthread+0x5fc/0x75c [ 71.106202][ T589] ret_from_fork+0x10/0x20 [ 71.107436][ T589] irq event stamp: 1029496 [ 71.108631][ T589] hardirqs last enabled at (1029495): [] finish_lock_switch+0xb0/0x1c0 [ 71.111495][ T589] hardirqs last disabled at (1029496): [] el1_brk64+0x1c/0x48 [ 71.114038][ T589] softirqs last enabled at (1029468): [] handle_softirqs+0xaf8/0xc88 [ 71.116685][ T589] softirqs last disabled at (1029441): [] __do_softirq+0x14/0x20 [ 71.119280][ T589] ---[ end trace 0000000000000000 ]---