last executing test programs: 5.312678938s ago: executing program 2 (id=11454): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) sendto$auto(r0, 0x0, 0xb, 0x2, &(0x7f0000000000), 0x7) 5.121643676s ago: executing program 2 (id=11458): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) name_to_handle_at$auto(0x1010, &(0x7f00000001c0)='/\x00', &(0x7f0000000000)={0xc, 0x75c0237c, "6d962c000400003344980946"}, 0x0, 0x200) 5.085554307s ago: executing program 1 (id=11459): socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) setuid$auto(0x800000000008) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 5.026020288s ago: executing program 3 (id=11460): socket(0x10, 0xa, 0x4) socket(0x11, 0x3, 0x9) pipe2$auto(&(0x7f00000000c0), 0x0) writev$auto(0xca, &(0x7f0000000080)={&(0x7f00000000c0), 0x2}, 0x2000000000000003) 4.988272229s ago: executing program 0 (id=11461): sendmsg$auto_NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0xc000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) close_range$auto(0x2, 0x8, 0x0) 4.923039171s ago: executing program 2 (id=11462): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x85, 0x0) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x0, 0x483, 0x0, 0x0) 4.891034373s ago: executing program 1 (id=11463): r0 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r0, &(0x7f0000000180)={@sival_ptr=0x0, @raw=0x1, 0x1, @_sigev_thread={0x0, 0x0}}) r1 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r1, &(0x7f0000000140)={@sival_int=0x9, @raw=0xfffff02e, 0x1}) 4.834393655s ago: executing program 3 (id=11464): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2b, 0x1, 0x0) setsockopt$auto(0x3, 0x11e, 0x1, 0x0, 0x10001) 4.794482921s ago: executing program 0 (id=11465): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0x8004008, 0xfffffffffffffff8, 0x2000000010011, r0, 0x8000) syz_clone(0x40011, 0x0, 0x0, 0x0, 0x0, 0x0) 4.704959313s ago: executing program 1 (id=11466): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r0, 0x29, 0x20, 0x0, 0x0) 4.647870349s ago: executing program 3 (id=11467): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0xe, 0x0, 0x4) 3.935074293s ago: executing program 0 (id=11468): mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) io_uring_setup$auto(0x1, 0x0) r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x89b0, &(0x7f0000000080)={'bond0\x00'}) 3.842776015s ago: executing program 2 (id=11469): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00', 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 3.777054702s ago: executing program 0 (id=11470): mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0x8, 0x8000) sysfs$auto(0x2, 0xd, 0x0) r0 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r0, 0x40000000029, 0x20, 0xfffffffffffffffe, 0x0) 3.767920032s ago: executing program 3 (id=11471): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'veth1_to_bond\x00'}) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f00000015c0)={0x1c, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NETDEV_A_QUEUE_ID={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) 3.661899694s ago: executing program 1 (id=11472): landlock_create_ruleset$auto(0x0, 0x9, 0x0) socket(0xa, 0x2, 0x73) socket(0xa, 0x2, 0x73) close_range$auto(0x2, 0x8, 0x0) 3.614800857s ago: executing program 2 (id=11473): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x47, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x6, 0x0, 0x0, 0x0) 3.579023348s ago: executing program 0 (id=11474): socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x52, 0x0) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, 0x0, 0x2f}, 0x22) 3.575978067s ago: executing program 3 (id=11475): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="010029bd7000fedbdf250d0000000c000600010000000000000008000100"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r0 = socket(0xa, 0x2, 0x3a) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, r0, 0x3, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x100) 3.477828124s ago: executing program 1 (id=11476): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'caif0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x3f}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) 3.427466937s ago: executing program 2 (id=11477): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) 3.392387222s ago: executing program 0 (id=11478): socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) 3.371137802s ago: executing program 3 (id=11479): mmap$auto(0x0, 0x2020009, 0x6, 0x800000000000eb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) getcpu$auto(&(0x7f0000000000)=0x8, &(0x7f0000000080)=0x80, 0x0) 0s ago: executing program 1 (id=11480): setuid$auto(0xe) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000002100), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_DISCONNECT(r0, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000002200)={&(0x7f0000000000)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20044800}, 0x4000) kernel console output (not intermixed with test programs): ck_vma_under_rcu+0x17c/0x5a0 [ 745.486705][ T5823] ? get_timespec64+0x136/0x1b0 [ 745.486734][ T5823] handle_mm_fault+0x36d/0xa20 [ 745.486758][ T5823] do_user_addr_fault+0x5a3/0x12f0 [ 745.486785][ T5823] exc_page_fault+0x6f/0xd0 [ 745.486807][ T5823] asm_exc_page_fault+0x26/0x30 [ 745.486824][ T5823] RIP: 0033:0x7f165d268fb4 [ 745.486841][ T5823] Code: 85 62 0a 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 00 c8 ed 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d f9 c6 ed 00 48 01 d1 [ 745.486859][ T5823] RSP: 002b:00007ffdc16ec3d0 EFLAGS: 00010206 [ 745.486874][ T5823] RAX: 0000001b30824000 RBX: 0000000000001469 RCX: 00000000000b5e28 [ 745.486886][ T5823] RDX: 000000000484329b RSI: 00007ffdc16ec460 RDI: 0000000000000001 [ 745.486903][ T5823] RBP: 00007ffdc16ec40c R08: 00007f165e1bf010 R09: 0000000000000000 [ 745.486914][ T5823] R10: 00007f165e1bf000 R11: 00000000000233b6 R12: 0000000000001388 [ 745.486925][ T5823] R13: 00000000000927c0 R14: 00000000000b5e7c R15: 00007ffdc16ec460 [ 745.486948][ T5823] [ 745.486955][ T5823] memory: usage 3072kB, limit 3072kB, failcnt 43667 [ 746.009235][ T5823] memory+swap: usage 3300kB, limit 9007199254740988kB, failcnt 0 [ 746.020131][ T5823] kmem: usage 1352kB, limit 9007199254740988kB, failcnt 0 [ 746.028038][ T5823] Memory cgroup stats for /syz2: [ 746.028166][ T5823] cache 0 [ 746.037096][ T5823] rss 1761280 [ 746.040431][ T5823] rss_huge 0 [ 746.047918][ T5823] shmem 0 [ 746.051136][ T5823] mapped_file 0 [ 746.055351][ T5823] dirty 0 [ 746.058481][ T5823] writeback 0 [ 746.062092][ T5823] workingset_refault_anon 2581 [ 746.068707][ T5823] workingset_refault_file 13298 [ 746.075961][ T5823] swap 233472 [ 746.079699][ T5823] swapcached 4096 [ 746.092551][ T5823] pgpgin 190798 [ 746.097484][ T5823] pgpgout 209786 [ 746.101232][ T5823] pgfault 312390 [ 746.105440][ T5823] pgmajfault 1540 [ 746.109373][ T5823] inactive_anon 8192 [ 746.114743][ T5823] active_anon 1753088 [ 746.118787][ T5823] inactive_file 0 [ 746.123185][ T5823] active_file 0 [ 746.126990][ T5823] unevictable 0 [ 746.130527][ T5823] hierarchical_memory_limit 3145728 [ 746.136324][ T5823] hierarchical_memsw_limit 9223372036854771712 [ 746.147123][ T5823] total_cache 0 [ 746.156458][ T5823] total_rss 1761280 [ 746.160560][ T5823] total_rss_huge 0 [ 746.165613][ T5823] total_shmem 0 [ 746.169076][ T5823] total_mapped_file 0 [ 746.174630][ T5823] total_dirty 0 [ 746.178444][ T5823] total_writeback 0 [ 746.183987][ T5823] total_workingset_refault_anon 2581 [ 746.189683][ T5823] total_workingset_refault_file 13298 [ 746.196098][ T5823] total_swap 233472 [ 746.201348][ T5823] total_swapcached 4096 [ 746.206881][ T5823] total_pgpgin 190798 [ 746.210887][ T5823] total_pgpgout 209786 [ 746.215439][ T5823] total_pgfault 312390 [ 746.219515][ T5823] total_pgmajfault 1540 [ 746.224211][ T5823] total_inactive_anon 8192 [ 746.228814][ T5823] total_active_anon 1753088 [ 746.234020][ T5823] total_inactive_file 0 [ 746.238286][ T5823] total_active_file 0 [ 746.243008][ T5823] total_unevictable 0 [ 746.247090][ T5823] anon_cost 520 [ 746.251446][ T5823] file_cost 0 [ 746.255745][ T5823] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.10717,pid=30175,uid=0 [ 746.274901][ T5823] Memory cgroup out of memory: Killed process 30175 (syz.2.10717) total-vm:108344kB, anon-rss:2872kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 746.386537][T30198] bridge0: port 2(hsr0) entered blocking state [ 746.414119][T30198] bridge0: port 2(hsr0) entered disabled state [ 746.421746][T30198] hsr0: entered allmulticast mode [ 746.461031][T30198] hsr_slave_0: entered allmulticast mode [ 746.502800][T30198] hsr_slave_1: entered allmulticast mode [ 746.527380][T30198] hsr0: entered promiscuous mode [ 746.551289][T30198] bridge0: port 2(hsr0) entered blocking state [ 746.558145][T30198] bridge0: port 2(hsr0) entered forwarding state [ 747.793453][T30255] syz.2.10742 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 747.869000][T30255] CPU: 0 UID: 0 PID: 30255 Comm: syz.2.10742 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 747.869037][T30255] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 747.869045][T30255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 747.869055][T30255] Call Trace: [ 747.869061][T30255] [ 747.869069][T30255] dump_stack_lvl+0x100/0x190 [ 747.869095][T30255] dump_header+0xfb/0x606 [ 747.869115][T30255] oom_kill_process.cold+0xd/0x321 [ 747.869136][T30255] out_of_memory+0x340/0x14f0 [ 747.869164][T30255] ? __pfx_out_of_memory+0x10/0x10 [ 747.869194][T30255] mem_cgroup_out_of_memory+0xc6/0x130 [ 747.869214][T30255] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 747.869233][T30255] ? find_held_lock+0x2b/0x80 [ 747.869256][T30255] ? do_raw_spin_unlock+0x145/0x1e0 [ 747.869285][T30255] ? _raw_spin_unlock+0x28/0x50 [ 747.869306][T30255] try_charge_memcg+0x652/0xc90 [ 747.869337][T30255] ? __pfx_try_charge_memcg+0x10/0x10 [ 747.869362][T30255] ? find_held_lock+0x2b/0x80 [ 747.869380][T30255] ? rcu_read_unlock+0x17/0x60 [ 747.869406][T30255] ? rcu_read_unlock+0x17/0x60 [ 747.869440][T30255] charge_memcg+0xa6/0x280 [ 747.869465][T30255] __mem_cgroup_charge+0x2b/0x1e0 [ 747.869496][T30255] do_anonymous_page+0xb38/0x1f40 [ 747.869524][T30255] __handle_mm_fault+0x1d3a/0x2b50 [ 747.869551][T30255] ? __pfx___handle_mm_fault+0x10/0x10 [ 747.869574][T30255] ? __pte_offset_map_lock+0x174/0x320 [ 747.869602][T30255] ? find_held_lock+0x2b/0x80 [ 747.869626][T30255] ? follow_page_pte+0x5b4/0x1410 [ 747.869659][T30255] handle_mm_fault+0x36d/0xa20 [ 747.869690][T30255] __get_user_pages+0xf9c/0x34d0 [ 747.869727][T30255] ? __pfx___get_user_pages+0x10/0x10 [ 747.869762][T30255] populate_vma_page_range+0x267/0x3f0 [ 747.869794][T30255] ? __pfx_populate_vma_page_range+0x10/0x10 [ 747.869824][T30255] ? __pfx_find_vma_intersection+0x10/0x10 [ 747.869853][T30255] ? do_mmap+0x93f/0x12f0 [ 747.869883][T30255] __mm_populate+0x107/0x3a0 [ 747.869913][T30255] ? __pfx___mm_populate+0x10/0x10 [ 747.869945][T30255] ? up_write+0x290/0x4f0 [ 747.869975][T30255] vm_mmap_pgoff+0x37f/0x470 [ 747.870006][T30255] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 747.870036][T30255] ? rcu_is_watching+0x12/0xc0 [ 747.870055][T30255] ? kcov_ioctl+0x162/0x720 [ 747.870072][T30255] ? kcov_ioctl+0x162/0x720 [ 747.870094][T30255] ksys_mmap_pgoff+0x7d/0x5b0 [ 747.870121][T30255] ? kcov_ioctl+0x16a/0x720 [ 747.870140][T30255] __x64_sys_mmap+0x125/0x190 [ 747.870161][T30255] do_syscall_64+0xc9/0xf80 [ 747.870185][T30255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 747.870203][T30255] RIP: 0033:0x7f165d39aeb9 [ 747.870219][T30255] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 747.870236][T30255] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 747.870254][T30255] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 747.870265][T30255] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 747.870276][T30255] RBP: 00007f165d408c1f R08: 0000000000000002 R09: 0000000000008000 [ 747.870287][T30255] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 747.870297][T30255] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 747.870321][T30255] [ 747.870328][T30255] memory: usage 3072kB, limit 3072kB, failcnt 43830 [ 748.333923][T30270] netlink: 350 bytes leftover after parsing attributes in process `syz.0.10748'. [ 748.770900][T30255] memory+swap: usage 3608kB, limit 9007199254740988kB, failcnt 0 [ 748.800663][T30255] kmem: usage 1488kB, limit 9007199254740988kB, failcnt 0 [ 748.852440][T30255] Memory cgroup stats for /syz2: [ 748.852576][T30255] cache 0 [ 748.897314][T30255] rss 1601536 [ 748.922932][T30255] rss_huge 0 [ 748.926199][T30255] shmem 0 [ 748.929374][T30255] mapped_file 0 [ 748.962461][T30255] dirty 0 [ 748.978884][T30255] writeback 0 [ 748.994833][T30255] workingset_refault_anon 2599 [ 749.010705][T30255] workingset_refault_file 13299 [ 749.050798][T30255] swap 548864 [ 749.056328][T30255] swapcached 0 [ 749.060387][T30255] pgpgin 191371 [ 749.092875][T30255] pgpgout 210398 [ 749.120665][T30255] pgfault 313710 [ 749.132431][T30255] pgmajfault 1555 [ 749.154105][T30255] inactive_anon 0 [ 749.158549][T30255] active_anon 1601536 [ 749.203148][T30255] inactive_file 0 [ 749.217703][T30255] active_file 0 [ 749.221271][T30255] unevictable 0 [ 749.246227][T30255] hierarchical_memory_limit 3145728 [ 749.251815][T30255] hierarchical_memsw_limit 9223372036854771712 [ 749.315924][T30255] total_cache 0 [ 749.333082][T30255] total_rss 1601536 [ 749.356465][T30255] total_rss_huge 0 [ 749.360226][T30255] total_shmem 0 [ 749.393410][T30255] total_mapped_file 0 [ 749.397507][T30255] total_dirty 0 [ 749.400969][T30255] total_writeback 0 [ 749.452468][T30255] total_workingset_refault_anon 2599 [ 749.469888][T30255] total_workingset_refault_file 13299 [ 749.502888][T30255] total_swap 548864 [ 749.517183][T30255] total_swapcached 0 [ 749.533736][T30255] total_pgpgin 191371 [ 749.537747][T30255] total_pgpgout 210398 [ 749.541828][T30255] total_pgfault 313710 [ 749.603329][T30255] total_pgmajfault 1555 [ 749.607535][T30255] total_inactive_anon 0 [ 749.611813][T30255] total_active_anon 1601536 [ 749.677614][T30255] total_inactive_file 0 [ 749.687039][T30255] total_active_file 0 [ 749.692028][T30255] total_unevictable 0 [ 749.733681][T30255] anon_cost 536 [ 749.757064][T30255] file_cost 0 [ 749.760469][T30255] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.10742,pid=30253,uid=0 [ 749.845792][T30255] Memory cgroup out of memory: Killed process 30253 (syz.2.10742) total-vm:106296kB, anon-rss:2744kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 750.356080][T30342] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ekl*[GCHFx^ĒPktkyve' [ 750.548783][T30342] CIFS mount error: No usable UNC path provided in device string! [ 750.548783][T30342] [ 750.591867][T30342] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 750.682896][T30351] netlink: 'syz.3.10788': attribute type 1 has an invalid length. [ 750.711772][T30353] netlink: 186 bytes leftover after parsing attributes in process `syz.0.10789'. [ 750.870244][T30355] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10790'. [ 751.436929][T30380] netlink: 206 bytes leftover after parsing attributes in process `syz.1.10802'. [ 751.532283][T30376] syz.2.10800 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 751.602524][T30376] CPU: 0 UID: 0 PID: 30376 Comm: syz.2.10800 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 751.602560][T30376] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 751.602569][T30376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 751.602580][T30376] Call Trace: [ 751.602586][T30376] [ 751.602593][T30376] dump_stack_lvl+0x100/0x190 [ 751.602623][T30376] dump_header+0xfb/0x606 [ 751.602650][T30376] oom_kill_process.cold+0xd/0x321 [ 751.602671][T30376] out_of_memory+0x340/0x14f0 [ 751.602701][T30376] ? __pfx_out_of_memory+0x10/0x10 [ 751.602731][T30376] mem_cgroup_out_of_memory+0xc6/0x130 [ 751.602752][T30376] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 751.602770][T30376] ? find_held_lock+0x2b/0x80 [ 751.602793][T30376] ? do_raw_spin_unlock+0x145/0x1e0 [ 751.602823][T30376] ? _raw_spin_unlock+0x28/0x50 [ 751.602843][T30376] try_charge_memcg+0x652/0xc90 [ 751.602874][T30376] ? __pfx_try_charge_memcg+0x10/0x10 [ 751.602900][T30376] ? find_held_lock+0x2b/0x80 [ 751.602917][T30376] ? rcu_read_unlock+0x17/0x60 [ 751.602943][T30376] ? rcu_read_unlock+0x17/0x60 [ 751.602978][T30376] charge_memcg+0xa6/0x280 [ 751.603004][T30376] __mem_cgroup_charge+0x2b/0x1e0 [ 751.603034][T30376] do_anonymous_page+0xb38/0x1f40 [ 751.603062][T30376] __handle_mm_fault+0x1d3a/0x2b50 [ 751.603089][T30376] ? __pfx___handle_mm_fault+0x10/0x10 [ 751.603111][T30376] ? __pte_offset_map_lock+0x174/0x320 [ 751.603138][T30376] ? find_held_lock+0x2b/0x80 [ 751.603163][T30376] ? follow_page_pte+0x5b4/0x1410 [ 751.603195][T30376] handle_mm_fault+0x36d/0xa20 [ 751.603219][T30376] __get_user_pages+0xf9c/0x34d0 [ 751.603256][T30376] ? __pfx___get_user_pages+0x10/0x10 [ 751.603292][T30376] populate_vma_page_range+0x267/0x3f0 [ 751.603324][T30376] ? __pfx_populate_vma_page_range+0x10/0x10 [ 751.603354][T30376] ? __pfx_find_vma_intersection+0x10/0x10 [ 751.603383][T30376] ? do_mmap+0x93f/0x12f0 [ 751.603413][T30376] __mm_populate+0x107/0x3a0 [ 751.603443][T30376] ? __pfx___mm_populate+0x10/0x10 [ 751.603475][T30376] ? up_write+0x290/0x4f0 [ 751.603505][T30376] vm_mmap_pgoff+0x37f/0x470 [ 751.603535][T30376] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 751.603566][T30376] ? rcu_is_watching+0x12/0xc0 [ 751.603584][T30376] ? kcov_ioctl+0x162/0x720 [ 751.603602][T30376] ? kcov_ioctl+0x162/0x720 [ 751.603627][T30376] ksys_mmap_pgoff+0x7d/0x5b0 [ 751.603655][T30376] ? kcov_ioctl+0x16a/0x720 [ 751.603675][T30376] __x64_sys_mmap+0x125/0x190 [ 751.603695][T30376] do_syscall_64+0xc9/0xf80 [ 751.603719][T30376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.603738][T30376] RIP: 0033:0x7f165d39aeb9 [ 751.603754][T30376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 751.603771][T30376] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 751.603790][T30376] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 751.603802][T30376] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 751.603813][T30376] RBP: 00007f165d408c1f R08: 0000000000000002 R09: 0000000000008000 [ 751.603824][T30376] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 751.603835][T30376] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 751.603858][T30376] [ 751.603864][T30376] memory: usage 3072kB, limit 3072kB, failcnt 43952 [ 752.733075][T30410] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10816'. [ 752.774722][T30376] memory+swap: usage 3464kB, limit 9007199254740988kB, failcnt 0 [ 752.805702][T30376] kmem: usage 1360kB, limit 9007199254740988kB, failcnt 0 [ 752.836571][T30376] Memory cgroup stats for /syz2: [ 752.837529][T30376] cache 0 [ 752.873424][T30376] rss 1732608 [ 752.877327][T30376] rss_huge 0 [ 752.880610][T30376] shmem 0 [ 752.909257][T30376] mapped_file 0 [ 752.926631][T30376] dirty 0 [ 752.929802][T30376] writeback 0 [ 752.963060][T30376] workingset_refault_anon 2613 [ 752.968402][T30376] workingset_refault_file 13300 [ 753.013836][T30376] swap 401408 [ 753.033616][T30376] swapcached 0 [ 753.045426][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 753.052512][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.060754][T30376] pgpgin 192042 [ 753.085077][T30376] pgpgout 211037 [ 753.088683][T30376] pgfault 314799 [ 753.092308][T30376] pgmajfault 1567 [ 753.139403][T30376] inactive_anon 0 [ 753.163016][T30376] active_anon 1732608 [ 753.167303][T30376] inactive_file 0 [ 753.171019][T30376] active_file 0 [ 753.205553][T30376] unevictable 0 [ 753.209568][T30376] hierarchical_memory_limit 3145728 [ 753.262161][T30376] hierarchical_memsw_limit 9223372036854771712 [ 753.296136][T30376] total_cache 0 [ 753.299727][T30376] total_rss 1732608 [ 753.346711][T30376] total_rss_huge 0 [ 753.350640][T30376] total_shmem 0 [ 753.375604][T30376] total_mapped_file 0 [ 753.392448][T30376] total_dirty 0 [ 753.396036][T30376] total_writeback 0 [ 753.399842][T30376] total_workingset_refault_anon 2613 [ 753.466053][T30376] total_workingset_refault_file 13300 [ 753.493589][T30376] total_swap 401408 [ 753.498070][T30376] total_swapcached 0 [ 753.534371][T30376] total_pgpgin 192042 [ 753.557176][T30376] total_pgpgout 211037 [ 753.572945][T30376] total_pgfault 314799 [ 753.577195][T30376] total_pgmajfault 1567 [ 753.581458][T30376] total_inactive_anon 0 [ 753.629147][T30376] total_active_anon 1732608 [ 753.648784][T30376] total_inactive_file 0 [ 753.679819][T30376] total_active_file 0 [ 753.703238][T30376] total_unevictable 0 [ 753.708299][T30376] anon_cost 513 [ 753.711762][T30376] file_cost 0 [ 753.747843][T30376] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.10800,pid=30375,uid=0 [ 753.815842][T30376] Memory cgroup out of memory: Killed process 30375 (syz.2.10800) total-vm:108344kB, anon-rss:2872kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 754.511296][T30453] zswap: compressor not available [ 755.221664][T30485] FAULT_INJECTION: forcing a failure. [ 755.221664][T30485] name failslab, interval 1, probability 0, space 0, times 0 [ 755.276910][T30485] CPU: 0 UID: 0 PID: 30485 Comm: syz.3.10849 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 755.276947][T30485] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 755.276956][T30485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 755.276967][T30485] Call Trace: [ 755.276973][T30485] [ 755.276981][T30485] dump_stack_lvl+0x100/0x190 [ 755.277006][T30485] should_fail_ex.cold+0x5/0xa [ 755.277037][T30485] should_failslab+0xc2/0x120 [ 755.277063][T30485] __kmalloc_cache_noprof+0x80/0x810 [ 755.277083][T30485] ? snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 755.277112][T30485] ? snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 755.277134][T30485] snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 755.277161][T30485] ? __mutex_lock+0x26a/0x1b90 [ 755.277185][T30485] ? snd_pcm_oss_get_active_substream+0x153/0x1d0 [ 755.277207][T30485] ? lockdep_hardirqs_on+0x78/0x100 [ 755.277231][T30485] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 755.277255][T30485] ? __pfx___mutex_lock+0x10/0x10 [ 755.277276][T30485] ? tomoyo_path_number_perm+0x28f/0x580 [ 755.277311][T30485] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 755.277337][T30485] ? futex_wait+0x125/0x380 [ 755.277357][T30485] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 755.277386][T30485] snd_pcm_oss_get_formats+0x7d/0x350 [ 755.277408][T30485] ? do_vfs_ioctl+0x226/0x13e0 [ 755.277434][T30485] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 755.277463][T30485] snd_pcm_oss_ioctl+0x1719/0x3720 [ 755.277486][T30485] ? find_held_lock+0x2b/0x80 [ 755.277503][T30485] ? hook_file_ioctl_common+0x146/0x410 [ 755.277531][T30485] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 755.277556][T30485] ? __fget_files+0x21f/0x3d0 [ 755.277578][T30485] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 755.277602][T30485] __x64_sys_ioctl+0x18e/0x210 [ 755.277641][T30485] do_syscall_64+0xc9/0xf80 [ 755.277664][T30485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.277683][T30485] RIP: 0033:0x7f8dacb9aeb9 [ 755.277698][T30485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 755.277716][T30485] RSP: 002b:00007f8dad980028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 755.277734][T30485] RAX: ffffffffffffffda RBX: 00007f8dace15fa0 RCX: 00007f8dacb9aeb9 [ 755.277746][T30485] RDX: 0000000000000000 RSI: 000000008004500b RDI: 0000000000000003 [ 755.277757][T30485] RBP: 00007f8dacc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 755.277768][T30485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.277778][T30485] R13: 00007f8dace16038 R14: 00007f8dace15fa0 R15: 00007ffdf4f0f388 [ 755.277801][T30485] [ 757.321377][ T5823] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 757.431363][ T5823] CPU: 0 UID: 0 PID: 5823 Comm: syz-executor Tainted: G U I L syzkaller #0 PREEMPT(full) [ 757.431399][ T5823] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 757.431407][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 757.431418][ T5823] Call Trace: [ 757.431424][ T5823] [ 757.431431][ T5823] dump_stack_lvl+0x100/0x190 [ 757.431458][ T5823] dump_header+0xfb/0x606 [ 757.431477][ T5823] oom_kill_process.cold+0xd/0x321 [ 757.431498][ T5823] out_of_memory+0x340/0x14f0 [ 757.431527][ T5823] ? __pfx_out_of_memory+0x10/0x10 [ 757.431557][ T5823] mem_cgroup_out_of_memory+0xc6/0x130 [ 757.431578][ T5823] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 757.431596][ T5823] ? find_held_lock+0x2b/0x80 [ 757.431618][ T5823] ? do_raw_spin_unlock+0x145/0x1e0 [ 757.431648][ T5823] ? _raw_spin_unlock+0x28/0x50 [ 757.431668][ T5823] try_charge_memcg+0x652/0xc90 [ 757.431705][ T5823] ? __pfx_try_charge_memcg+0x10/0x10 [ 757.431730][ T5823] ? find_held_lock+0x2b/0x80 [ 757.431748][ T5823] ? rcu_read_unlock+0x17/0x60 [ 757.431774][ T5823] ? rcu_read_unlock+0x17/0x60 [ 757.431808][ T5823] charge_memcg+0xa6/0x280 [ 757.431833][ T5823] __mem_cgroup_charge+0x2b/0x1e0 [ 757.431863][ T5823] filemap_add_folio+0xe7/0x690 [ 757.431890][ T5823] ? __pfx_filemap_add_folio+0x10/0x10 [ 757.431921][ T5823] __filemap_get_folio_mpol+0x5d5/0xe70 [ 757.431954][ T5823] filemap_fault+0x8b6/0x37c0 [ 757.431986][ T5823] ? __pfx_filemap_fault+0x10/0x10 [ 757.432014][ T5823] ? __pfx_filemap_map_pages+0x10/0x10 [ 757.432044][ T5823] __do_fault+0x10d/0x550 [ 757.432071][ T5823] do_fault+0xaf9/0x1990 [ 757.432103][ T5823] __handle_mm_fault+0x1807/0x2b50 [ 757.432128][ T5823] ? reacquire_held_locks+0xce/0x1e0 [ 757.432154][ T5823] ? __pfx___handle_mm_fault+0x10/0x10 [ 757.432178][ T5823] ? lock_vma_under_rcu+0x17c/0x5a0 [ 757.432203][ T5823] ? get_timespec64+0x136/0x1b0 [ 757.432232][ T5823] handle_mm_fault+0x36d/0xa20 [ 757.432256][ T5823] do_user_addr_fault+0x5a3/0x12f0 [ 757.432284][ T5823] exc_page_fault+0x6f/0xd0 [ 757.432305][ T5823] asm_exc_page_fault+0x26/0x30 [ 757.432328][ T5823] RIP: 0033:0x7f165d268fb4 [ 757.432343][ T5823] Code: 85 62 0a 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 00 c8 ed 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d f9 c6 ed 00 48 01 d1 [ 757.432361][ T5823] RSP: 002b:00007ffdc16ec3d0 EFLAGS: 00010202 [ 757.432376][ T5823] RAX: 0000001b30824000 RBX: 000000000000148e RCX: 00000000000b8d08 [ 757.432388][ T5823] RDX: 0000000002a9e360 RSI: 00007ffdc16ec460 RDI: 0000000000000001 [ 757.432399][ T5823] RBP: 00007ffdc16ec40c R08: 00007f165e1bf010 R09: 0000000000000000 [ 757.432409][ T5823] R10: 00007f165e1bf000 R11: 0000000000023ca8 R12: 0000000000001388 [ 757.432421][ T5823] R13: 00000000000927c0 R14: 00000000000b8c24 R15: 00007ffdc16ec460 [ 757.432444][ T5823] [ 758.766516][ T5823] memory: usage 3072kB, limit 3072kB, failcnt 45086 [ 758.803457][ T5823] memory+swap: usage 4716kB, limit 9007199254740988kB, failcnt 0 [ 758.832494][ T5823] kmem: usage 1368kB, limit 9007199254740988kB, failcnt 0 [ 758.868526][ T5823] Memory cgroup stats for /syz2: [ 758.868661][ T5823] cache 0 [ 758.905192][ T5823] rss 1744896 [ 758.908603][ T5823] rss_huge 0 [ 758.936668][ T5823] shmem 0 [ 758.939765][ T5823] mapped_file 0 [ 758.966138][ T5823] dirty 0 [ 758.969216][ T5823] writeback 0 [ 758.993636][ T5823] workingset_refault_anon 2665 [ 759.016359][ T5823] workingset_refault_file 13429 [ 759.032751][ T5823] swap 1683456 [ 759.046457][ T5823] swapcached 4096 [ 759.068650][ T5823] pgpgin 194294 [ 759.072205][ T5823] pgpgout 213286 [ 759.087781][ T5823] pgfault 317527 [ 759.105445][ T5823] pgmajfault 1596 [ 759.118409][ T5823] inactive_anon 0 [ 759.141502][ T5823] active_anon 1744896 [ 759.159113][ T5823] inactive_file 0 [ 759.172241][ T5823] active_file 0 [ 759.185255][ T5823] unevictable 0 [ 759.196610][ T5823] hierarchical_memory_limit 3145728 [ 759.218454][ T5823] hierarchical_memsw_limit 9223372036854771712 [ 759.243724][ T5823] total_cache 0 [ 759.259547][ T5823] total_rss 1744896 [ 759.274012][ T5823] total_rss_huge 0 [ 759.288415][ T5823] total_shmem 0 [ 759.300978][ T5823] total_mapped_file 0 [ 759.315285][ T5823] total_dirty 0 [ 759.326993][ T5823] total_writeback 0 [ 759.339562][ T5823] total_workingset_refault_anon 2665 [ 759.362789][ T5823] total_workingset_refault_file 13429 [ 759.381915][ T5823] total_swap 1683456 [ 759.398096][ T5823] total_swapcached 4096 [ 759.411324][ T5823] total_pgpgin 194294 [ 759.427430][ T5823] total_pgpgout 213286 [ 759.442048][ T5823] total_pgfault 317527 [ 759.464227][ T5823] total_pgmajfault 1596 [ 759.479921][ T5823] total_inactive_anon 0 [ 759.493589][ T5823] total_active_anon 1744896 [ 759.509110][ T5823] total_inactive_file 0 [ 759.522671][ T5823] total_active_file 0 [ 759.538042][ T5823] total_unevictable 0 [ 759.551948][ T5823] anon_cost 567 [ 759.568613][ T5823] file_cost 0 [ 759.580568][ T5823] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.10865,pid=30517,uid=0 [ 759.637191][ T5823] Memory cgroup out of memory: Killed process 30517 (syz.2.10865) total-vm:108344kB, anon-rss:2872kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 760.363345][T30570] syz.2.10890 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 760.422447][T30570] CPU: 0 UID: 0 PID: 30570 Comm: syz.2.10890 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 760.422482][T30570] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 760.422491][T30570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 760.422504][T30570] Call Trace: [ 760.422510][T30570] [ 760.422518][T30570] dump_stack_lvl+0x100/0x190 [ 760.422545][T30570] dump_header+0xfb/0x606 [ 760.422565][T30570] oom_kill_process.cold+0xd/0x321 [ 760.422585][T30570] out_of_memory+0x340/0x14f0 [ 760.422614][T30570] ? __pfx_out_of_memory+0x10/0x10 [ 760.422651][T30570] mem_cgroup_out_of_memory+0xc6/0x130 [ 760.422671][T30570] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 760.422689][T30570] ? find_held_lock+0x2b/0x80 [ 760.422712][T30570] ? do_raw_spin_unlock+0x145/0x1e0 [ 760.422741][T30570] ? _raw_spin_unlock+0x28/0x50 [ 760.422762][T30570] try_charge_memcg+0x652/0xc90 [ 760.422793][T30570] ? __pfx_try_charge_memcg+0x10/0x10 [ 760.422819][T30570] ? find_held_lock+0x2b/0x80 [ 760.422836][T30570] ? rcu_read_unlock+0x17/0x60 [ 760.422861][T30570] ? rcu_read_unlock+0x17/0x60 [ 760.422895][T30570] charge_memcg+0xa6/0x280 [ 760.422921][T30570] __mem_cgroup_charge+0x2b/0x1e0 [ 760.422951][T30570] do_anonymous_page+0xb38/0x1f40 [ 760.422980][T30570] __handle_mm_fault+0x1d3a/0x2b50 [ 760.423006][T30570] ? __pfx___handle_mm_fault+0x10/0x10 [ 760.423028][T30570] ? __pte_offset_map_lock+0x174/0x320 [ 760.423055][T30570] ? find_held_lock+0x2b/0x80 [ 760.423080][T30570] ? follow_page_pte+0x5b4/0x1410 [ 760.423111][T30570] handle_mm_fault+0x36d/0xa20 [ 760.423135][T30570] __get_user_pages+0xf9c/0x34d0 [ 760.423172][T30570] ? __pfx___get_user_pages+0x10/0x10 [ 760.423207][T30570] populate_vma_page_range+0x267/0x3f0 [ 760.423239][T30570] ? __pfx_populate_vma_page_range+0x10/0x10 [ 760.423269][T30570] ? __pfx_find_vma_intersection+0x10/0x10 [ 760.423297][T30570] ? do_mmap+0x93f/0x12f0 [ 760.423327][T30570] __mm_populate+0x107/0x3a0 [ 760.423357][T30570] ? __pfx___mm_populate+0x10/0x10 [ 760.423389][T30570] ? up_write+0x290/0x4f0 [ 760.423419][T30570] vm_mmap_pgoff+0x37f/0x470 [ 760.423449][T30570] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 760.423480][T30570] ? rcu_is_watching+0x12/0xc0 [ 760.423499][T30570] ? kcov_ioctl+0x162/0x720 [ 760.423516][T30570] ? kcov_ioctl+0x162/0x720 [ 760.423537][T30570] ksys_mmap_pgoff+0x7d/0x5b0 [ 760.423564][T30570] ? kcov_ioctl+0x16a/0x720 [ 760.423584][T30570] __x64_sys_mmap+0x125/0x190 [ 760.423604][T30570] do_syscall_64+0xc9/0xf80 [ 760.423635][T30570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 760.423654][T30570] RIP: 0033:0x7f165d39aeb9 [ 760.423669][T30570] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 760.423687][T30570] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 760.423705][T30570] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 760.423717][T30570] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 760.423728][T30570] RBP: 00007f165d408c1f R08: 0000000000000002 R09: 0000000000008000 [ 760.423739][T30570] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 760.423749][T30570] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 760.423773][T30570] [ 760.423780][T30570] memory: usage 3072kB, limit 3072kB, failcnt 45730 [ 761.624068][T30612] overlayfs: missing 'lowerdir' [ 761.693455][T30570] memory+swap: usage 5604kB, limit 9007199254740988kB, failcnt 0 [ 761.742500][T30570] kmem: usage 1388kB, limit 9007199254740988kB, failcnt 0 [ 761.749736][T30570] Memory cgroup stats for /syz2: [ 761.749867][T30570] cache 0 [ 761.789555][T30570] rss 1724416 [ 761.807125][T30570] rss_huge 0 [ 761.810361][T30570] shmem 0 [ 761.837819][T30570] mapped_file 0 [ 761.857004][T30570] dirty 0 [ 761.859984][T30570] writeback 0 [ 761.886903][T30570] workingset_refault_anon 2680 [ 761.891761][T30570] workingset_refault_file 13430 [ 761.928814][T30570] swap 2592768 [ 761.960989][T30570] swapcached 0 [ 761.968959][T30570] pgpgin 195322 [ 761.977859][T30570] pgpgout 214319 [ 761.981513][T30570] pgfault 318592 [ 762.016284][T30570] pgmajfault 1610 [ 762.038149][T30570] inactive_anon 0 [ 762.041935][T30570] active_anon 1724416 [ 762.081590][T30570] inactive_file 0 [ 762.093138][T30570] active_file 0 [ 762.102676][T30570] unevictable 0 [ 762.119913][T30570] hierarchical_memory_limit 3145728 [ 762.145687][T30570] hierarchical_memsw_limit 9223372036854771712 [ 762.182445][T30570] total_cache 0 [ 762.186022][T30570] total_rss 1724416 [ 762.189847][T30570] total_rss_huge 0 [ 762.234964][T30570] total_shmem 0 [ 762.238633][T30570] total_mapped_file 0 [ 762.281856][T30570] total_dirty 0 [ 762.292428][T30570] total_writeback 0 [ 762.316210][T30570] total_workingset_refault_anon 2680 [ 762.344773][T30570] total_workingset_refault_file 13430 [ 762.372998][T30570] total_swap 2592768 [ 762.377025][T30570] total_swapcached 0 [ 762.415313][T30570] total_pgpgin 195322 [ 762.419324][T30570] total_pgpgout 214319 [ 762.447717][T30570] total_pgfault 318592 [ 762.451907][T30570] total_pgmajfault 1610 [ 762.483823][T30570] total_inactive_anon 0 [ 762.488585][T30570] total_active_anon 1724416 [ 762.522445][T30570] total_inactive_file 0 [ 762.526633][T30570] total_active_file 0 [ 762.564823][T30570] total_unevictable 0 [ 762.583871][T30570] anon_cost 576 [ 762.602470][T30570] file_cost 0 [ 762.605803][T30570] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.10890,pid=30569,uid=0 [ 762.685766][T30570] Memory cgroup out of memory: Killed process 30569 (syz.2.10890) total-vm:108344kB, anon-rss:2872kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 764.524940][T30694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10943'. [ 765.640460][T30725] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10959'. [ 765.657418][T30679] kexec: Could not allocate control_code_buffer [ 765.725012][T30727] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10960'. [ 766.231461][ T5823] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 766.394097][ T5823] CPU: 0 UID: 0 PID: 5823 Comm: syz-executor Tainted: G U I L syzkaller #0 PREEMPT(full) [ 766.394133][ T5823] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 766.394142][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 766.394152][ T5823] Call Trace: [ 766.394158][ T5823] [ 766.394165][ T5823] dump_stack_lvl+0x100/0x190 [ 766.394192][ T5823] dump_header+0xfb/0x606 [ 766.394212][ T5823] oom_kill_process.cold+0xd/0x321 [ 766.394232][ T5823] out_of_memory+0x340/0x14f0 [ 766.394261][ T5823] ? __pfx_out_of_memory+0x10/0x10 [ 766.394290][ T5823] mem_cgroup_out_of_memory+0xc6/0x130 [ 766.394310][ T5823] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 766.394328][ T5823] ? find_held_lock+0x2b/0x80 [ 766.394351][ T5823] ? do_raw_spin_unlock+0x145/0x1e0 [ 766.394380][ T5823] ? _raw_spin_unlock+0x28/0x50 [ 766.394400][ T5823] try_charge_memcg+0x652/0xc90 [ 766.394431][ T5823] ? __pfx_try_charge_memcg+0x10/0x10 [ 766.394461][ T5823] ? find_held_lock+0x2b/0x80 [ 766.394479][ T5823] ? rcu_read_unlock+0x17/0x60 [ 766.394505][ T5823] ? rcu_read_unlock+0x17/0x60 [ 766.394534][ T5823] charge_memcg+0xa6/0x280 [ 766.394560][ T5823] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 766.394593][ T5823] __read_swap_cache_async+0x449/0x610 [ 766.394617][ T5823] ? __pfx___read_swap_cache_async+0x10/0x10 [ 766.394643][ T5823] ? prepare_alloc_pages+0x16d/0x5f0 [ 766.394681][ T5823] swap_cluster_readahead+0x414/0x770 [ 766.394707][ T5823] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 766.394729][ T5823] ? rcu_is_watching+0x12/0xc0 [ 766.394749][ T5823] ? __update_load_avg_se+0x5c7/0xe80 [ 766.394780][ T5823] ? get_vma_policy+0x23f/0x3b0 [ 766.394811][ T5823] swapin_readahead+0x14b/0x12e0 [ 766.394838][ T5823] ? __pfx_swapin_readahead+0x10/0x10 [ 766.394859][ T5823] ? find_held_lock+0x2b/0x80 [ 766.394877][ T5823] ? swap_cache_get_folio+0x272/0x920 [ 766.394900][ T5823] ? swap_cache_get_folio+0x272/0x920 [ 766.394918][ T5823] ? swap_cache_get_folio+0x1f/0x920 [ 766.394935][ T5823] ? swap_cache_get_folio+0x2a2/0x920 [ 766.394956][ T5823] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 766.394974][ T5823] ? __pfx_get_swap_device+0x10/0x10 [ 766.395005][ T5823] ? do_swap_page+0x9ba/0x6810 [ 766.395022][ T5823] do_swap_page+0x9ba/0x6810 [ 766.395044][ T5823] ? __lock_acquire+0x4a5/0x2630 [ 766.395075][ T5823] ? __pfx_do_swap_page+0x10/0x10 [ 766.395096][ T5823] ? __pfx_default_wake_function+0x10/0x10 [ 766.395119][ T5823] ? rcu_is_watching+0x12/0xc0 [ 766.395136][ T5823] ? __free_object+0x2a8/0x400 [ 766.395160][ T5823] ? rcu_is_watching+0x12/0xc0 [ 766.395177][ T5823] ? ___pte_offset_map+0x179/0x310 [ 766.395206][ T5823] __handle_mm_fault+0x18b9/0x2b50 [ 766.395231][ T5823] ? reacquire_held_locks+0xce/0x1e0 [ 766.395257][ T5823] ? __pfx___handle_mm_fault+0x10/0x10 [ 766.395281][ T5823] ? lock_vma_under_rcu+0x17c/0x5a0 [ 766.395307][ T5823] ? get_timespec64+0x136/0x1b0 [ 766.395336][ T5823] handle_mm_fault+0x36d/0xa20 [ 766.395360][ T5823] do_user_addr_fault+0x5a3/0x12f0 [ 766.395388][ T5823] exc_page_fault+0x6f/0xd0 [ 766.395409][ T5823] asm_exc_page_fault+0x26/0x30 [ 766.395431][ T5823] RIP: 0033:0x7f165d35b78e [ 766.395450][ T5823] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 766.395468][ T5823] RSP: 002b:00007ffdc16ec348 EFLAGS: 00010246 [ 766.395484][ T5823] RAX: 0000000000000000 RBX: 0000555584bc4500 RCX: 00007f165d35b78e [ 766.395496][ T5823] RDX: 00007ffdc16ec3a0 RSI: 0000000000000000 RDI: 0000000000000000 [ 766.395506][ T5823] RBP: 00007ffdc16ec40c R08: 0000000000000000 R09: 0000000000000000 [ 766.395517][ T5823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 766.395527][ T5823] R13: 00000000000927c0 R14: 00000000000baff9 R15: 00007ffdc16ec460 [ 766.395551][ T5823] [ 766.395772][ T5823] memory: usage 3072kB, limit 3072kB, failcnt 46586 [ 766.912535][T30757] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10972'. [ 767.216143][T30767] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10984'. [ 767.640822][ T5823] memory+swap: usage 3304kB, limit 9007199254740988kB, failcnt 0 [ 767.685590][ T5823] kmem: usage 1368kB, limit 9007199254740988kB, failcnt 0 [ 767.714907][ T5823] Memory cgroup stats for /syz2: [ 767.715030][ T5823] cache 0 [ 767.759050][ T5823] rss 1744896 [ 767.770878][ T5823] rss_huge 0 [ 767.787109][ T5823] shmem 0 [ 767.790092][ T5823] mapped_file 0 [ 767.825844][ T5823] dirty 0 [ 767.828814][ T5823] writeback 0 [ 767.863937][ T5823] workingset_refault_anon 2737 [ 767.869428][ T5823] workingset_refault_file 13431 [ 767.913183][ T5823] swap 237568 [ 767.916909][ T5823] swapcached 0 [ 767.920295][ T5823] pgpgin 197353 [ 767.956613][ T5823] pgpgout 216345 [ 767.960295][ T5823] pgfault 321668 [ 767.989935][ T5823] pgmajfault 1623 [ 768.006721][ T5823] inactive_anon 0 [ 768.029702][ T5823] active_anon 1744896 [ 768.043176][ T5823] inactive_file 0 [ 768.062995][ T5823] active_file 0 [ 768.066846][ T5823] unevictable 0 [ 768.101065][ T5823] hierarchical_memory_limit 3145728 [ 768.124614][ T5823] hierarchical_memsw_limit 9223372036854771712 [ 768.130891][ T5823] total_cache 0 [ 768.173238][ T5823] total_rss 1744896 [ 768.177088][ T5823] total_rss_huge 0 [ 768.180902][ T5823] total_shmem 0 [ 768.220115][ T5823] total_mapped_file 0 [ 768.244007][ T5823] total_dirty 0 [ 768.263025][ T5823] total_writeback 0 [ 768.277805][ T5823] total_workingset_refault_anon 2737 [ 768.313030][ T5823] total_workingset_refault_file 13431 [ 768.334716][ T5823] total_swap 237568 [ 768.348855][ T5823] total_swapcached 0 [ 768.375570][ T5823] total_pgpgin 197353 [ 768.380188][ T5823] total_pgpgout 216345 [ 768.408995][ T5823] total_pgfault 321668 [ 768.435814][ T5823] total_pgmajfault 1623 [ 768.451144][ T5823] total_inactive_anon 0 [ 768.470240][ T5823] total_active_anon 1744896 [ 768.492298][ T5823] total_inactive_file 0 [ 768.510062][ T5823] total_active_file 0 [ 768.529856][ T5823] total_unevictable 0 [ 768.544950][ T5823] anon_cost 507 [ 768.558338][ T5823] file_cost 0 [ 768.575431][ T5823] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.10966,pid=30739,uid=0 [ 768.631098][ T5823] Memory cgroup out of memory: Killed process 30739 (syz.2.10966) total-vm:108344kB, anon-rss:2872kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 768.926102][ T30] audit: type=1804 audit(2147483678.220:39): pid=30813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.10999" name="file0" dev="tmpfs" ino=13949 res=1 errno=0 [ 769.869110][T30851] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 770.574469][T30881] syz.2.11027 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 770.622902][T30881] CPU: 0 UID: 0 PID: 30881 Comm: syz.2.11027 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 770.622939][T30881] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 770.622947][T30881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 770.622958][T30881] Call Trace: [ 770.622964][T30881] [ 770.622971][T30881] dump_stack_lvl+0x100/0x190 [ 770.622998][T30881] dump_header+0xfb/0x606 [ 770.623018][T30881] oom_kill_process.cold+0xd/0x321 [ 770.623042][T30881] out_of_memory+0x340/0x14f0 [ 770.623072][T30881] ? __pfx_out_of_memory+0x10/0x10 [ 770.623101][T30881] mem_cgroup_out_of_memory+0xc6/0x130 [ 770.623121][T30881] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 770.623140][T30881] ? find_held_lock+0x2b/0x80 [ 770.623162][T30881] ? do_raw_spin_unlock+0x145/0x1e0 [ 770.623192][T30881] ? _raw_spin_unlock+0x28/0x50 [ 770.623213][T30881] try_charge_memcg+0x652/0xc90 [ 770.623243][T30881] ? __pfx_try_charge_memcg+0x10/0x10 [ 770.623269][T30881] ? find_held_lock+0x2b/0x80 [ 770.623286][T30881] ? rcu_read_unlock+0x17/0x60 [ 770.623313][T30881] ? rcu_read_unlock+0x17/0x60 [ 770.623347][T30881] charge_memcg+0xa6/0x280 [ 770.623373][T30881] __mem_cgroup_charge+0x2b/0x1e0 [ 770.623403][T30881] do_anonymous_page+0xb38/0x1f40 [ 770.623432][T30881] __handle_mm_fault+0x1d3a/0x2b50 [ 770.623459][T30881] ? __pfx___handle_mm_fault+0x10/0x10 [ 770.623481][T30881] ? __pte_offset_map_lock+0x174/0x320 [ 770.623508][T30881] ? find_held_lock+0x2b/0x80 [ 770.623539][T30881] ? follow_page_pte+0x5b4/0x1410 [ 770.623571][T30881] handle_mm_fault+0x36d/0xa20 [ 770.623596][T30881] __get_user_pages+0xf9c/0x34d0 [ 770.623633][T30881] ? __pfx___get_user_pages+0x10/0x10 [ 770.623669][T30881] populate_vma_page_range+0x267/0x3f0 [ 770.623701][T30881] ? __pfx_populate_vma_page_range+0x10/0x10 [ 770.623731][T30881] ? __pfx_find_vma_intersection+0x10/0x10 [ 770.623759][T30881] ? do_mmap+0x93f/0x12f0 [ 770.623789][T30881] __mm_populate+0x107/0x3a0 [ 770.623820][T30881] ? __pfx___mm_populate+0x10/0x10 [ 770.623858][T30881] ? up_write+0x290/0x4f0 [ 770.623888][T30881] vm_mmap_pgoff+0x37f/0x470 [ 770.623920][T30881] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 770.623954][T30881] ? rcu_is_watching+0x12/0xc0 [ 770.623976][T30881] ? kcov_ioctl+0x162/0x720 [ 770.623994][T30881] ? kcov_ioctl+0x162/0x720 [ 770.624015][T30881] ksys_mmap_pgoff+0x7d/0x5b0 [ 770.624043][T30881] ? kcov_ioctl+0x16a/0x720 [ 770.624062][T30881] __x64_sys_mmap+0x125/0x190 [ 770.624083][T30881] do_syscall_64+0xc9/0xf80 [ 770.624107][T30881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 770.624126][T30881] RIP: 0033:0x7f165d39aeb9 [ 770.624141][T30881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 770.624159][T30881] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 770.624178][T30881] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 770.624192][T30881] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 770.624203][T30881] RBP: 00007f165d408c1f R08: 00000000000001fe R09: 0000000000008000 [ 770.624214][T30881] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 770.624224][T30881] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 770.624248][T30881] [ 770.627615][T30881] memory: usage 3072kB, limit 3072kB, failcnt 46708 [ 771.292768][T30901] FAULT_INJECTION: forcing a failure. [ 771.292768][T30901] name failslab, interval 1, probability 0, space 0, times 0 [ 771.342506][T30901] CPU: 0 UID: 0 PID: 30901 Comm: syz.3.11045 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 771.342542][T30901] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 771.342550][T30901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 771.342561][T30901] Call Trace: [ 771.342576][T30901] [ 771.342583][T30901] dump_stack_lvl+0x100/0x190 [ 771.342611][T30901] should_fail_ex.cold+0x5/0xa [ 771.342641][T30901] should_failslab+0xc2/0x120 [ 771.342668][T30901] kmem_cache_alloc_noprof+0x83/0x780 [ 771.342692][T30901] ? alloc_uid+0xe2/0x4c0 [ 771.342714][T30901] ? alloc_uid+0x13d/0x4c0 [ 771.342740][T30901] ? alloc_uid+0x13d/0x4c0 [ 771.342762][T30901] alloc_uid+0x13d/0x4c0 [ 771.342785][T30901] ? __pfx_alloc_uid+0x10/0x10 [ 771.342810][T30901] ? bpf_lsm_capable+0x9/0x10 [ 771.342827][T30901] ? security_capable+0x80/0x260 [ 771.342851][T30901] __sys_setreuid+0x788/0xb00 [ 771.342871][T30901] ? rcu_is_watching+0x12/0xc0 [ 771.342892][T30901] do_syscall_64+0xc9/0xf80 [ 771.342919][T30901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.342939][T30901] RIP: 0033:0x7f8dacb9aeb9 [ 771.342955][T30901] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 771.342973][T30901] RSP: 002b:00007f8dad980028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 771.342991][T30901] RAX: ffffffffffffffda RBX: 00007f8dace15fa0 RCX: 00007f8dacb9aeb9 [ 771.343003][T30901] RDX: 0000000000000000 RSI: 7fffffffffffffff RDI: 0000000080000000 [ 771.343013][T30901] RBP: 00007f8dacc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 771.343024][T30901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 771.343035][T30901] R13: 00007f8dace16038 R14: 00007f8dace15fa0 R15: 00007ffdf4f0f388 [ 771.343058][T30901] [ 771.588998][T30907] FAULT_INJECTION: forcing a failure. [ 771.588998][T30907] name failslab, interval 1, probability 0, space 0, times 0 [ 771.602755][T30907] CPU: 0 UID: 0 PID: 30907 Comm: syz.3.11040 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 771.602790][T30907] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 771.602798][T30907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 771.602818][T30907] Call Trace: [ 771.602825][T30907] [ 771.602832][T30907] dump_stack_lvl+0x100/0x190 [ 771.602858][T30907] should_fail_ex.cold+0x5/0xa [ 771.602888][T30907] should_failslab+0xc2/0x120 [ 771.602914][T30907] __kmalloc_node_track_caller_noprof+0xf9/0x9d0 [ 771.602939][T30907] ? snd_timer_instance_new+0x65/0x2e0 [ 771.602965][T30907] ? kstrdup+0x51/0xe0 [ 771.602985][T30907] kstrdup+0x51/0xe0 [ 771.603008][T30907] snd_timer_instance_new+0x65/0x2e0 [ 771.603030][T30907] __snd_timer_user_ioctl.isra.0+0xbe6/0x27c0 [ 771.603058][T30907] ? __pfx___snd_timer_user_ioctl.isra.0+0x10/0x10 [ 771.603082][T30907] ? lock_acquire+0x17c/0x330 [ 771.603107][T30907] ? __pfx___might_resched+0x10/0x10 [ 771.603141][T30907] ? __mutex_lock+0x26a/0x1b90 [ 771.603164][T30907] ? do_vfs_ioctl+0x226/0x13e0 [ 771.603192][T30907] ? snd_timer_user_ioctl+0x4a/0xd0 [ 771.603215][T30907] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 771.603245][T30907] ? __pfx___mutex_lock+0x10/0x10 [ 771.603271][T30907] ? hook_file_ioctl_common+0x146/0x410 [ 771.603303][T30907] ? __fget_files+0x21f/0x3d0 [ 771.603325][T30907] snd_timer_user_ioctl+0x76/0xd0 [ 771.603348][T30907] ? __pfx_snd_timer_user_ioctl+0x10/0x10 [ 771.603374][T30907] __x64_sys_ioctl+0x18e/0x210 [ 771.603404][T30907] do_syscall_64+0xc9/0xf80 [ 771.603428][T30907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.603446][T30907] RIP: 0033:0x7f8dacb9aeb9 [ 771.603463][T30907] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 771.603480][T30907] RSP: 002b:00007f8dad980028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 771.603499][T30907] RAX: ffffffffffffffda RBX: 00007f8dace15fa0 RCX: 00007f8dacb9aeb9 [ 771.603510][T30907] RDX: 0000200000000080 RSI: 0000000040345410 RDI: 0000000000000003 [ 771.603521][T30907] RBP: 00007f8dacc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 771.603532][T30907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 771.603542][T30907] R13: 00007f8dace16038 R14: 00007f8dace15fa0 R15: 00007ffdf4f0f388 [ 771.603568][T30907] [ 772.089829][T30881] memory+swap: usage 3440kB, limit 9007199254740988kB, failcnt 0 [ 772.097823][T30881] kmem: usage 1368kB, limit 9007199254740988kB, failcnt 0 [ 772.105227][T30881] Memory cgroup stats for /syz2: [ 772.105353][T30881] cache 0 [ 772.114569][T30881] rss 1724416 [ 772.127372][T30881] rss_huge 0 [ 772.130608][T30881] shmem 0 [ 772.135718][T30881] mapped_file 0 [ 772.142438][T30881] dirty 0 [ 772.147304][T30881] writeback 0 [ 772.150722][T30881] workingset_refault_anon 2764 [ 772.158365][T30881] workingset_refault_file 13431 [ 772.163431][T30881] swap 376832 [ 772.167165][T30881] swapcached 0 [ 772.170766][T30881] pgpgin 198131 [ 772.175250][T30881] pgpgout 217128 [ 772.180087][T30881] pgfault 323028 [ 772.190512][T30881] pgmajfault 1628 [ 772.199087][T30881] inactive_anon 0 [ 772.214040][T30881] active_anon 1724416 [ 772.226343][T30881] inactive_file 0 [ 772.242891][T30881] active_file 0 [ 772.246590][T30881] unevictable 0 [ 772.255068][T30881] hierarchical_memory_limit 3145728 [ 772.278662][T30881] hierarchical_memsw_limit 9223372036854771712 [ 772.296473][T30881] total_cache 0 [ 772.305080][T30881] total_rss 1724416 [ 772.314781][T30881] total_rss_huge 0 [ 772.322642][T30881] total_shmem 0 [ 772.330676][T30881] total_mapped_file 0 [ 772.341045][T30881] total_dirty 0 [ 772.358702][T30881] total_writeback 0 [ 772.368911][T30881] total_workingset_refault_anon 2764 [ 772.381198][T30881] total_workingset_refault_file 13431 [ 772.398090][T30881] total_swap 376832 [ 772.407567][T30881] total_swapcached 0 [ 772.418986][T30881] total_pgpgin 198131 [ 772.427722][T30881] total_pgpgout 217128 [ 772.437819][T30881] total_pgfault 323028 [ 772.455412][T30881] total_pgmajfault 1628 [ 772.466192][T30881] total_inactive_anon 0 [ 772.479537][T30881] total_active_anon 1724416 [ 772.490785][T30881] total_inactive_file 0 [ 772.503674][T30881] total_active_file 0 [ 772.513400][T30881] total_unevictable 0 [ 772.521576][T30881] anon_cost 541 [ 772.536320][T30881] file_cost 0 [ 772.544799][T30881] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.11027,pid=30879,uid=0 [ 772.586767][T30881] Memory cgroup out of memory: Killed process 30879 (syz.2.11027) total-vm:106296kB, anon-rss:2872kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 773.439730][T30952] bridge0: port 3(veth0_to_bridge) entered blocking state [ 773.439852][T30952] bridge0: port 3(veth0_to_bridge) entered disabled state [ 773.439985][T30952] veth0_to_bridge: entered allmulticast mode [ 773.465308][T30952] veth0_to_bridge: entered promiscuous mode [ 773.465443][T30952] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 773.466243][T30952] bridge0: port 3(veth0_to_bridge) entered blocking state [ 773.466320][T30952] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 774.884671][T30989] syz.2.11076 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 774.927144][T30989] CPU: 0 UID: 0 PID: 30989 Comm: syz.2.11076 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 774.927180][T30989] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 774.927188][T30989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 774.927198][T30989] Call Trace: [ 774.927204][T30989] [ 774.927212][T30989] dump_stack_lvl+0x100/0x190 [ 774.927239][T30989] dump_header+0xfb/0x606 [ 774.927259][T30989] oom_kill_process.cold+0xd/0x321 [ 774.927280][T30989] out_of_memory+0x340/0x14f0 [ 774.927308][T30989] ? __pfx_out_of_memory+0x10/0x10 [ 774.927341][T30989] mem_cgroup_out_of_memory+0xc6/0x130 [ 774.927361][T30989] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 774.927379][T30989] ? find_held_lock+0x2b/0x80 [ 774.927402][T30989] ? do_raw_spin_unlock+0x145/0x1e0 [ 774.927431][T30989] ? _raw_spin_unlock+0x28/0x50 [ 774.927452][T30989] try_charge_memcg+0x652/0xc90 [ 774.927482][T30989] ? __pfx_try_charge_memcg+0x10/0x10 [ 774.927508][T30989] ? find_held_lock+0x2b/0x80 [ 774.927524][T30989] ? rcu_read_unlock+0x17/0x60 [ 774.927551][T30989] ? rcu_read_unlock+0x17/0x60 [ 774.927591][T30989] charge_memcg+0xa6/0x280 [ 774.927617][T30989] __mem_cgroup_charge+0x2b/0x1e0 [ 774.927647][T30989] do_anonymous_page+0xb38/0x1f40 [ 774.927676][T30989] __handle_mm_fault+0x1d3a/0x2b50 [ 774.927703][T30989] ? __pfx___handle_mm_fault+0x10/0x10 [ 774.927724][T30989] ? __pte_offset_map_lock+0x174/0x320 [ 774.927752][T30989] ? find_held_lock+0x2b/0x80 [ 774.927777][T30989] ? follow_page_pte+0x5b4/0x1410 [ 774.927809][T30989] handle_mm_fault+0x36d/0xa20 [ 774.927834][T30989] __get_user_pages+0xf9c/0x34d0 [ 774.927870][T30989] ? __pfx___get_user_pages+0x10/0x10 [ 774.927905][T30989] populate_vma_page_range+0x267/0x3f0 [ 774.927937][T30989] ? __pfx_populate_vma_page_range+0x10/0x10 [ 774.927967][T30989] ? __pfx_find_vma_intersection+0x10/0x10 [ 774.927995][T30989] ? do_mmap+0x93f/0x12f0 [ 774.928025][T30989] __mm_populate+0x107/0x3a0 [ 774.928056][T30989] ? __pfx___mm_populate+0x10/0x10 [ 774.928089][T30989] ? up_write+0x290/0x4f0 [ 774.928119][T30989] vm_mmap_pgoff+0x37f/0x470 [ 774.928155][T30989] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 774.928185][T30989] ? rcu_is_watching+0x12/0xc0 [ 774.928203][T30989] ? kcov_ioctl+0x162/0x720 [ 774.928221][T30989] ? kcov_ioctl+0x162/0x720 [ 774.928242][T30989] ksys_mmap_pgoff+0x7d/0x5b0 [ 774.928269][T30989] ? kcov_ioctl+0x16a/0x720 [ 774.928289][T30989] __x64_sys_mmap+0x125/0x190 [ 774.928310][T30989] do_syscall_64+0xc9/0xf80 [ 774.928334][T30989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 774.928353][T30989] RIP: 0033:0x7f165d39aeb9 [ 774.928372][T30989] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 774.928390][T30989] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 774.928408][T30989] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 774.928420][T30989] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 774.928431][T30989] RBP: 00007f165d408c1f R08: 0000000000000002 R09: 0000000000008000 [ 774.928442][T30989] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 774.928453][T30989] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 774.928477][T30989] [ 775.264005][T30989] memory: usage 3072kB, limit 3072kB, failcnt 46839 [ 775.270807][T30989] memory+swap: usage 3464kB, limit 9007199254740988kB, failcnt 0 [ 775.280603][T30989] kmem: usage 1364kB, limit 9007199254740988kB, failcnt 0 [ 775.288155][T30989] Memory cgroup stats for /syz2: [ 775.288283][T30989] cache 0 [ 775.296576][T30989] rss 1748992 [ 775.300040][T30989] rss_huge 0 [ 775.303290][T30989] shmem 0 [ 775.306392][T30989] mapped_file 0 [ 775.309909][T30989] dirty 0 [ 775.312899][T30989] writeback 0 [ 775.316181][T30989] workingset_refault_anon 2791 [ 775.321003][T30989] workingset_refault_file 13431 [ 775.325996][T30989] swap 401408 [ 775.329754][T30989] swapcached 4096 [ 775.333574][T30989] pgpgin 198988 [ 775.337026][T30989] pgpgout 217979 [ 775.340797][T30989] pgfault 324622 [ 775.344605][T30989] pgmajfault 1636 [ 775.348232][T30989] inactive_anon 0 [ 775.352457][T30989] active_anon 1748992 [ 775.357146][T30989] inactive_file 0 [ 775.360919][T30989] active_file 0 [ 775.364430][T30989] unevictable 0 [ 775.368080][T30989] hierarchical_memory_limit 3145728 [ 775.373431][T30989] hierarchical_memsw_limit 9223372036854771712 [ 775.379743][T30989] total_cache 0 [ 775.383926][T30989] total_rss 1748992 [ 775.387815][T30989] total_rss_huge 0 [ 775.391622][T30989] total_shmem 0 [ 775.395129][T30989] total_mapped_file 0 [ 775.399462][T30989] total_dirty 0 [ 775.402984][T30989] total_writeback 0 [ 775.406795][T30989] total_workingset_refault_anon 2791 [ 775.412204][T30989] total_workingset_refault_file 13431 [ 775.417784][T30989] total_swap 401408 [ 775.421592][T30989] total_swapcached 4096 [ 775.425828][T30989] total_pgpgin 198988 [ 775.429874][T30989] total_pgpgout 217979 [ 775.434663][T30989] total_pgfault 324622 [ 775.438730][T30989] total_pgmajfault 1636 [ 775.443135][T30989] total_inactive_anon 0 [ 775.447285][T30989] total_active_anon 1748992 [ 775.451777][T30989] total_inactive_file 0 [ 775.456497][T30989] total_active_file 0 [ 775.460808][T30989] total_unevictable 0 [ 775.464908][T30989] anon_cost 512 [ 775.468710][T30989] file_cost 0 [ 775.472018][T30989] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.11076,pid=30988,uid=0 [ 775.487640][T30989] Memory cgroup out of memory: Killed process 30988 (syz.2.11076) total-vm:108344kB, anon-rss:2876kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 776.294630][ T30] audit: type=1800 audit(2147483685.580:40): pid=31012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.11087" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 776.824645][T31031] netlink: 334 bytes leftover after parsing attributes in process `syz.1.11097'. [ 777.911067][T31068] FAULT_INJECTION: forcing a failure. [ 777.911067][T31068] name failslab, interval 1, probability 0, space 0, times 0 [ 777.972497][T31068] CPU: 0 UID: 0 PID: 31068 Comm: syz.2.11114 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 777.972532][T31068] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 777.972540][T31068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 777.972551][T31068] Call Trace: [ 777.972558][T31068] [ 777.972565][T31068] dump_stack_lvl+0x100/0x190 [ 777.972592][T31068] should_fail_ex.cold+0x5/0xa [ 777.972623][T31068] should_failslab+0xc2/0x120 [ 777.972649][T31068] __kmalloc_cache_noprof+0x80/0x810 [ 777.972670][T31068] ? refill_pi_state_cache+0x91/0x260 [ 777.972702][T31068] ? refill_pi_state_cache+0x91/0x260 [ 777.972728][T31068] ? futex_unqueue+0x133/0x2c0 [ 777.972751][T31068] refill_pi_state_cache+0x91/0x260 [ 777.972780][T31068] futex_lock_pi+0x177/0x7b0 [ 777.972811][T31068] ? __pfx_futex_lock_pi+0x10/0x10 [ 777.972848][T31068] ? __pfx___futex_wait+0x10/0x10 [ 777.972896][T31068] ? __pfx_futex_wake_mark+0x10/0x10 [ 777.972932][T31068] ? do_vfs_ioctl+0x226/0x13e0 [ 777.972965][T31068] do_futex+0x18a/0x350 [ 777.972991][T31068] ? __pfx_do_futex+0x10/0x10 [ 777.973018][T31068] ? find_held_lock+0x2b/0x80 [ 777.973039][T31068] __x64_sys_futex+0x34f/0x4d0 [ 777.973066][T31068] ? __fget_files+0x21f/0x3d0 [ 777.973086][T31068] ? __pfx___x64_sys_futex+0x10/0x10 [ 777.973110][T31068] ? xfd_validate_state+0x129/0x190 [ 777.973156][T31068] do_syscall_64+0xc9/0xf80 [ 777.973180][T31068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.973200][T31068] RIP: 0033:0x7f165d39aeb9 [ 777.973215][T31068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 777.973232][T31068] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 777.973251][T31068] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 777.973262][T31068] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 777.973272][T31068] RBP: 00007f165d408c1f R08: 0000000000000000 R09: 000000008000fff5 [ 777.973283][T31068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 777.973293][T31068] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 777.973315][T31068] [ 778.685333][T31085] syz.2.11122 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 778.710140][T31085] CPU: 0 UID: 0 PID: 31085 Comm: syz.2.11122 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 778.710176][T31085] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 778.710184][T31085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 778.710195][T31085] Call Trace: [ 778.710201][T31085] [ 778.710208][T31085] dump_stack_lvl+0x100/0x190 [ 778.710235][T31085] dump_header+0xfb/0x606 [ 778.710255][T31085] oom_kill_process.cold+0xd/0x321 [ 778.710276][T31085] out_of_memory+0x340/0x14f0 [ 778.710304][T31085] ? __pfx_out_of_memory+0x10/0x10 [ 778.710334][T31085] mem_cgroup_out_of_memory+0xc6/0x130 [ 778.710354][T31085] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 778.710373][T31085] ? find_held_lock+0x2b/0x80 [ 778.710395][T31085] ? do_raw_spin_unlock+0x145/0x1e0 [ 778.710425][T31085] ? _raw_spin_unlock+0x28/0x50 [ 778.710445][T31085] try_charge_memcg+0x652/0xc90 [ 778.710476][T31085] ? __pfx_try_charge_memcg+0x10/0x10 [ 778.710501][T31085] ? find_held_lock+0x2b/0x80 [ 778.710525][T31085] ? rcu_read_unlock+0x17/0x60 [ 778.710551][T31085] ? rcu_read_unlock+0x17/0x60 [ 778.710585][T31085] charge_memcg+0xa6/0x280 [ 778.710611][T31085] __mem_cgroup_charge+0x2b/0x1e0 [ 778.710642][T31085] do_anonymous_page+0xb38/0x1f40 [ 778.710670][T31085] __handle_mm_fault+0x1d3a/0x2b50 [ 778.710697][T31085] ? __pfx___handle_mm_fault+0x10/0x10 [ 778.710719][T31085] ? __pte_offset_map_lock+0x174/0x320 [ 778.710745][T31085] ? find_held_lock+0x2b/0x80 [ 778.710770][T31085] ? follow_page_pte+0x5b4/0x1410 [ 778.710803][T31085] handle_mm_fault+0x36d/0xa20 [ 778.710828][T31085] __get_user_pages+0xf9c/0x34d0 [ 778.710864][T31085] ? __pfx___get_user_pages+0x10/0x10 [ 778.710902][T31085] populate_vma_page_range+0x267/0x3f0 [ 778.710934][T31085] ? __pfx_populate_vma_page_range+0x10/0x10 [ 778.710963][T31085] ? __pfx_find_vma_intersection+0x10/0x10 [ 778.710991][T31085] ? do_mmap+0x93f/0x12f0 [ 778.711021][T31085] __mm_populate+0x107/0x3a0 [ 778.711052][T31085] ? __pfx___mm_populate+0x10/0x10 [ 778.711083][T31085] ? up_write+0x290/0x4f0 [ 778.711112][T31085] vm_mmap_pgoff+0x37f/0x470 [ 778.711143][T31085] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 778.711178][T31085] ? rcu_is_watching+0x12/0xc0 [ 778.711196][T31085] ? kcov_ioctl+0x162/0x720 [ 778.711214][T31085] ? kcov_ioctl+0x162/0x720 [ 778.711235][T31085] ksys_mmap_pgoff+0x7d/0x5b0 [ 778.711262][T31085] ? kcov_ioctl+0x16a/0x720 [ 778.711282][T31085] __x64_sys_mmap+0x125/0x190 [ 778.711302][T31085] do_syscall_64+0xc9/0xf80 [ 778.711327][T31085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 778.711345][T31085] RIP: 0033:0x7f165d39aeb9 [ 778.711361][T31085] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 778.711379][T31085] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 778.711398][T31085] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 778.711410][T31085] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 778.711421][T31085] RBP: 00007f165d408c1f R08: 0000000000000002 R09: 0000000000008000 [ 778.711432][T31085] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 778.711443][T31085] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 778.711467][T31085] [ 779.044917][T31085] memory: usage 3072kB, limit 3072kB, failcnt 46964 [ 779.052040][T31085] memory+swap: usage 3416kB, limit 9007199254740988kB, failcnt 0 [ 779.060459][T31085] kmem: usage 1728kB, limit 9007199254740988kB, failcnt 0 [ 779.067897][T31085] Memory cgroup stats for /syz2: [ 779.068023][T31085] cache 0 [ 779.076797][T31085] rss 1376256 [ 779.080167][T31085] rss_huge 0 [ 779.083403][T31085] shmem 0 [ 779.086344][T31085] mapped_file 0 [ 779.090062][T31085] dirty 0 [ 779.093299][T31085] writeback 0 [ 779.096578][T31085] workingset_refault_anon 2811 [ 779.101342][T31085] workingset_refault_file 13431 [ 779.106226][T31085] swap 352256 [ 779.109502][T31085] swapcached 0 [ 779.112892][T31085] pgpgin 199846 [ 779.116429][T31085] pgpgout 218928 [ 779.120518][T31085] pgfault 326350 [ 779.124315][T31085] pgmajfault 1642 [ 779.128441][T31085] inactive_anon 0 [ 779.132383][T31085] active_anon 1376256 [ 779.136555][T31085] inactive_file 0 [ 779.140755][T31085] active_file 0 [ 779.144450][T31085] unevictable 0 [ 779.147970][T31085] hierarchical_memory_limit 3145728 [ 779.153470][T31085] hierarchical_memsw_limit 9223372036854771712 [ 779.159719][T31085] total_cache 0 [ 779.163307][T31085] total_rss 1376256 [ 779.167120][T31085] total_rss_huge 0 [ 779.170830][T31085] total_shmem 0 [ 779.174970][T31085] total_mapped_file 0 [ 779.178949][T31085] total_dirty 0 [ 779.182463][T31085] total_writeback 0 [ 779.186261][T31085] total_workingset_refault_anon 2811 [ 779.191553][T31085] total_workingset_refault_file 13431 [ 779.197067][T31085] total_swap 352256 [ 779.201046][T31085] total_swapcached 0 [ 779.205067][T31085] total_pgpgin 199846 [ 779.209154][T31085] total_pgpgout 218928 [ 779.213519][T31085] total_pgfault 326350 [ 779.217758][T31085] total_pgmajfault 1642 [ 779.222474][T31085] total_inactive_anon 0 [ 779.226893][T31085] total_active_anon 1376256 [ 779.231401][T31085] total_inactive_file 0 [ 779.235893][T31085] total_active_file 0 [ 779.239986][T31085] total_unevictable 0 [ 779.244630][T31085] anon_cost 508 [ 779.248108][T31085] file_cost 0 [ 779.251397][T31085] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.11122,pid=31083,uid=0 [ 779.267097][T31085] Memory cgroup out of memory: Killed process 31083 (syz.2.11122) total-vm:108344kB, anon-rss:2488kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 780.681087][T31162] sctp: [Deprecated]: syz.1.11144 (pid 31162) Use of int in maxseg socket option. [ 780.681087][T31162] Use struct sctp_assoc_value instead [ 782.011729][T31217] hugetlbfs: syz.1.11163 (31217): Using mlock ulimits for SHM_HUGETLB is obsolete [ 783.157948][T31249] syz.2.11176 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 783.208965][T31249] CPU: 0 UID: 0 PID: 31249 Comm: syz.2.11176 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 783.209001][T31249] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 783.209009][T31249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 783.209019][T31249] Call Trace: [ 783.209027][T31249] [ 783.209035][T31249] dump_stack_lvl+0x100/0x190 [ 783.209062][T31249] dump_header+0xfb/0x606 [ 783.209082][T31249] oom_kill_process.cold+0xd/0x321 [ 783.209103][T31249] out_of_memory+0x340/0x14f0 [ 783.209132][T31249] ? __pfx_out_of_memory+0x10/0x10 [ 783.209162][T31249] mem_cgroup_out_of_memory+0xc6/0x130 [ 783.209183][T31249] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 783.209201][T31249] ? find_held_lock+0x2b/0x80 [ 783.209223][T31249] ? do_raw_spin_unlock+0x145/0x1e0 [ 783.209252][T31249] ? _raw_spin_unlock+0x28/0x50 [ 783.209273][T31249] try_charge_memcg+0x652/0xc90 [ 783.209303][T31249] ? __pfx_try_charge_memcg+0x10/0x10 [ 783.209329][T31249] ? find_held_lock+0x2b/0x80 [ 783.209346][T31249] ? rcu_read_unlock+0x17/0x60 [ 783.209372][T31249] ? rcu_read_unlock+0x17/0x60 [ 783.209406][T31249] charge_memcg+0xa6/0x280 [ 783.209432][T31249] __mem_cgroup_charge+0x2b/0x1e0 [ 783.209462][T31249] do_anonymous_page+0xb38/0x1f40 [ 783.209491][T31249] __handle_mm_fault+0x1d3a/0x2b50 [ 783.209515][T31249] ? irqentry_exit+0x180/0x670 [ 783.209538][T31249] ? __pfx___handle_mm_fault+0x10/0x10 [ 783.209577][T31249] ? follow_page_pte+0x5b4/0x1410 [ 783.209610][T31249] handle_mm_fault+0x36d/0xa20 [ 783.209635][T31249] __get_user_pages+0xf9c/0x34d0 [ 783.209672][T31249] ? __pfx___get_user_pages+0x10/0x10 [ 783.209707][T31249] populate_vma_page_range+0x267/0x3f0 [ 783.209739][T31249] ? __pfx_populate_vma_page_range+0x10/0x10 [ 783.209769][T31249] ? __pfx_find_vma_intersection+0x10/0x10 [ 783.209798][T31249] ? do_mmap+0x93f/0x12f0 [ 783.209828][T31249] __mm_populate+0x107/0x3a0 [ 783.209858][T31249] ? __pfx___mm_populate+0x10/0x10 [ 783.209890][T31249] ? up_write+0x290/0x4f0 [ 783.209919][T31249] vm_mmap_pgoff+0x37f/0x470 [ 783.209951][T31249] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 783.209984][T31249] ? __x64_sys_futex+0x34f/0x4d0 [ 783.210008][T31249] ? __x64_sys_futex+0x358/0x4d0 [ 783.210037][T31249] ksys_mmap_pgoff+0x7d/0x5b0 [ 783.210067][T31249] __x64_sys_mmap+0x125/0x190 [ 783.210088][T31249] do_syscall_64+0xc9/0xf80 [ 783.210112][T31249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 783.210132][T31249] RIP: 0033:0x7f165d39aeb9 [ 783.210147][T31249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 783.210165][T31249] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 783.210184][T31249] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 783.210196][T31249] RDX: 00000000000000df RSI: 0000000000400004 RDI: 0000000000000000 [ 783.210207][T31249] RBP: 00007f165d408c1f R08: 0000000000000002 R09: 0000000000008000 [ 783.210218][T31249] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 783.210228][T31249] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 783.210252][T31249] [ 783.210259][T31249] memory: usage 3072kB, limit 3072kB, failcnt 47734 [ 784.415540][T31249] memory+swap: usage 3440kB, limit 9007199254740988kB, failcnt 0 [ 784.444306][T31249] kmem: usage 1372kB, limit 9007199254740988kB, failcnt 0 [ 784.470575][T31249] Memory cgroup stats for /syz2: [ 784.470698][T31249] cache 0 [ 784.497869][T31249] rss 1740800 [ 784.510869][T31249] rss_huge 0 [ 784.522506][T31249] shmem 0 [ 784.532221][T31249] mapped_file 0 [ 784.544038][T31249] dirty 0 [ 784.555795][T31249] writeback 0 [ 784.570908][T31249] workingset_refault_anon 2871 [ 784.591717][T31249] workingset_refault_file 13431 [ 784.611433][T31249] swap 376832 [ 784.624279][T31249] swapcached 0 [ 784.636706][T31249] pgpgin 201968 [ 784.654636][T31249] pgpgout 220961 [ 784.665965][T31249] pgfault 329687 [ 784.680764][T31249] pgmajfault 1672 [ 784.691159][T31249] inactive_anon 0 [ 784.709239][T31249] active_anon 1740800 [ 784.723102][T31249] inactive_file 0 [ 784.738484][T31249] active_file 0 [ 784.750278][T31249] unevictable 0 [ 784.763078][T31249] hierarchical_memory_limit 3145728 [ 784.781817][T31249] hierarchical_memsw_limit 9223372036854771712 [ 784.801917][T31249] total_cache 0 [ 784.817313][T31249] total_rss 1740800 [ 784.830009][T31249] total_rss_huge 0 [ 784.845031][T31249] total_shmem 0 [ 784.860143][T31249] total_mapped_file 0 [ 784.874777][T31249] total_dirty 0 [ 784.887213][T31249] total_writeback 0 [ 784.900192][T31249] total_workingset_refault_anon 2871 [ 784.920453][T31249] total_workingset_refault_file 13431 [ 784.940993][T31249] total_swap 376832 [ 784.956145][T31249] total_swapcached 0 [ 784.969019][T31249] total_pgpgin 201968 [ 784.984043][T31249] total_pgpgout 220961 [ 785.001340][T31249] total_pgfault 329687 [ 785.015984][T31249] total_pgmajfault 1672 [ 785.029210][T31249] total_inactive_anon 0 [ 785.047115][T31249] total_active_anon 1740800 [ 785.082475][T31249] total_inactive_file 0 [ 785.086661][T31249] total_active_file 0 [ 785.132529][T31249] total_unevictable 0 [ 785.144693][T31249] anon_cost 537 [ 785.157946][T31249] file_cost 0 [ 785.177377][T31249] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.11176,pid=31248,uid=0 [ 785.223087][T31288] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11195'. [ 785.265777][T31249] Memory cgroup out of memory: Killed process 31248 (syz.2.11176) total-vm:108344kB, anon-rss:2872kB, file-rss:21780kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 786.701833][T31339] netlink: 342 bytes leftover after parsing attributes in process `syz.1.11221'. [ 788.259081][T31390] ovs_: entered promiscuous mode [ 788.498853][T31403] FAULT_INJECTION: forcing a failure. [ 788.498853][T31403] name failslab, interval 1, probability 0, space 0, times 0 [ 788.579083][T31403] CPU: 0 UID: 0 PID: 31403 Comm: syz.3.11248 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 788.579119][T31403] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 788.579127][T31403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 788.579137][T31403] Call Trace: [ 788.579144][T31403] [ 788.579151][T31403] dump_stack_lvl+0x100/0x190 [ 788.579178][T31403] should_fail_ex.cold+0x5/0xa [ 788.579209][T31403] should_failslab+0xc2/0x120 [ 788.579236][T31403] kmem_cache_alloc_noprof+0x83/0x780 [ 788.579261][T31403] ? copy_net_ns+0xe8/0x7c0 [ 788.579282][T31403] ? copy_net_ns+0xe8/0x7c0 [ 788.579298][T31403] copy_net_ns+0xe8/0x7c0 [ 788.579315][T31403] ? copy_cgroup_ns+0x71/0x970 [ 788.579338][T31403] create_new_namespaces+0x3ea/0xab0 [ 788.579364][T31403] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 788.579387][T31403] ksys_unshare+0x455/0xab0 [ 788.579415][T31403] ? __pfx_ksys_unshare+0x10/0x10 [ 788.579440][T31403] ? xfd_validate_state+0x129/0x190 [ 788.579475][T31403] __x64_sys_unshare+0x31/0x40 [ 788.579507][T31403] do_syscall_64+0xc9/0xf80 [ 788.579530][T31403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 788.579548][T31403] RIP: 0033:0x7f8dacb9aeb9 [ 788.579562][T31403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 788.579581][T31403] RSP: 002b:00007f8dad980028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 788.579599][T31403] RAX: ffffffffffffffda RBX: 00007f8dace15fa0 RCX: 00007f8dacb9aeb9 [ 788.579610][T31403] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 788.579621][T31403] RBP: 00007f8dacc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 788.579632][T31403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 788.579643][T31403] R13: 00007f8dace16038 R14: 00007f8dace15fa0 R15: 00007ffdf4f0f388 [ 788.579665][T31403] [ 789.422854][T31418] FAULT_INJECTION: forcing a failure. [ 789.422854][T31418] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 789.471055][T31418] CPU: 0 UID: 0 PID: 31418 Comm: syz.2.11254 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 789.471091][T31418] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 789.471100][T31418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 789.471110][T31418] Call Trace: [ 789.471117][T31418] [ 789.471125][T31418] dump_stack_lvl+0x100/0x190 [ 789.471154][T31418] should_fail_ex.cold+0x5/0xa [ 789.471183][T31418] _copy_from_user+0x2e/0xd0 [ 789.471213][T31418] get_itimerspec64+0x16c/0x2f0 [ 789.471238][T31418] ? __pfx_get_itimerspec64+0x10/0x10 [ 789.471263][T31418] ? __pfx_do_futex+0x10/0x10 [ 789.471286][T31418] ? _copy_from_user+0x59/0xd0 [ 789.471315][T31418] __x64_sys_timerfd_settime+0x15f/0x280 [ 789.471346][T31418] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 789.471374][T31418] ? __x64_sys_futex+0x358/0x4d0 [ 789.471407][T31418] ? rcu_is_watching+0x12/0xc0 [ 789.471427][T31418] do_syscall_64+0xc9/0xf80 [ 789.471450][T31418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.471469][T31418] RIP: 0033:0x7f165d39aeb9 [ 789.471492][T31418] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 789.471510][T31418] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 789.471530][T31418] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 789.471541][T31418] RDX: 0000200000000000 RSI: 0000000000000008 RDI: ffffffffffffffff [ 789.471552][T31418] RBP: 00007f165d408c1f R08: 0000000000000000 R09: 0000000000000000 [ 789.471563][T31418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 789.471574][T31418] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 789.471596][T31418] [ 791.520879][T31494] bridge0: port 3(syz_tun) entered blocking state [ 791.558018][T31494] bridge0: port 3(syz_tun) entered disabled state [ 791.596673][T31494] syz_tun: entered allmulticast mode [ 791.625306][T31494] syz_tun: entered promiscuous mode [ 791.651660][T31494] bridge0: port 3(syz_tun) entered blocking state [ 791.658324][T31494] bridge0: port 3(syz_tun) entered forwarding state [ 791.916453][T31508] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11297'. [ 792.234631][T31511] zswap: compressor not available [ 792.239894][T31515] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 792.544776][T31532] netlink: 21 bytes leftover after parsing attributes in process `syz.3.11308'. [ 792.970299][T31547] syz.2.11314 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 793.032995][T31547] CPU: 0 UID: 0 PID: 31547 Comm: syz.2.11314 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 793.033031][T31547] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 793.033039][T31547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 793.033050][T31547] Call Trace: [ 793.033056][T31547] [ 793.033063][T31547] dump_stack_lvl+0x100/0x190 [ 793.033091][T31547] dump_header+0xfb/0x606 [ 793.033111][T31547] oom_kill_process.cold+0xd/0x321 [ 793.033132][T31547] out_of_memory+0x340/0x14f0 [ 793.033161][T31547] ? __pfx_out_of_memory+0x10/0x10 [ 793.033191][T31547] mem_cgroup_out_of_memory+0xc6/0x130 [ 793.033211][T31547] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 793.033229][T31547] ? find_held_lock+0x2b/0x80 [ 793.033251][T31547] ? do_raw_spin_unlock+0x145/0x1e0 [ 793.033281][T31547] ? _raw_spin_unlock+0x28/0x50 [ 793.033302][T31547] try_charge_memcg+0x652/0xc90 [ 793.033332][T31547] ? __pfx_try_charge_memcg+0x10/0x10 [ 793.033358][T31547] ? find_held_lock+0x2b/0x80 [ 793.033376][T31547] ? rcu_read_unlock+0x17/0x60 [ 793.033402][T31547] ? rcu_read_unlock+0x17/0x60 [ 793.033436][T31547] charge_memcg+0xa6/0x280 [ 793.033462][T31547] __mem_cgroup_charge+0x2b/0x1e0 [ 793.033492][T31547] do_anonymous_page+0xb38/0x1f40 [ 793.033520][T31547] __handle_mm_fault+0x1d3a/0x2b50 [ 793.033547][T31547] ? __pfx___handle_mm_fault+0x10/0x10 [ 793.033576][T31547] ? __pte_offset_map_lock+0x174/0x320 [ 793.033603][T31547] ? find_held_lock+0x2b/0x80 [ 793.033628][T31547] ? follow_page_pte+0x5b4/0x1410 [ 793.033660][T31547] handle_mm_fault+0x36d/0xa20 [ 793.033685][T31547] __get_user_pages+0xf9c/0x34d0 [ 793.033721][T31547] ? __pfx___get_user_pages+0x10/0x10 [ 793.033756][T31547] populate_vma_page_range+0x267/0x3f0 [ 793.033789][T31547] ? __pfx_populate_vma_page_range+0x10/0x10 [ 793.033818][T31547] ? __pfx_find_vma_intersection+0x10/0x10 [ 793.033847][T31547] ? do_mmap+0x93f/0x12f0 [ 793.033877][T31547] __mm_populate+0x107/0x3a0 [ 793.033908][T31547] ? __pfx___mm_populate+0x10/0x10 [ 793.033939][T31547] ? up_write+0x290/0x4f0 [ 793.033969][T31547] vm_mmap_pgoff+0x37f/0x470 [ 793.034000][T31547] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 793.034031][T31547] ? rcu_is_watching+0x12/0xc0 [ 793.034050][T31547] ? kcov_ioctl+0x162/0x720 [ 793.034067][T31547] ? kcov_ioctl+0x162/0x720 [ 793.034088][T31547] ksys_mmap_pgoff+0x7d/0x5b0 [ 793.034116][T31547] ? kcov_ioctl+0x16a/0x720 [ 793.034136][T31547] __x64_sys_mmap+0x125/0x190 [ 793.034157][T31547] do_syscall_64+0xc9/0xf80 [ 793.034181][T31547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.034199][T31547] RIP: 0033:0x7f165d39aeb9 [ 793.034215][T31547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 793.034241][T31547] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 793.034259][T31547] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 793.034271][T31547] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 793.034282][T31547] RBP: 00007f165d408c1f R08: 0000000000000002 R09: 0000000000008000 [ 793.034293][T31547] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 793.034304][T31547] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 793.034327][T31547] [ 793.034334][T31547] memory: usage 3072kB, limit 3072kB, failcnt 47857 [ 793.441604][T31557] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 793.448301][T31557] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 793.807627][T31573] FAULT_INJECTION: forcing a failure. [ 793.807627][T31573] name failslab, interval 1, probability 0, space 0, times 0 [ 793.851761][T31573] CPU: 0 UID: 0 PID: 31573 Comm: syz.3.11328 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 793.851806][T31573] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 793.851815][T31573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 793.851827][T31573] Call Trace: [ 793.851833][T31573] [ 793.851840][T31573] dump_stack_lvl+0x100/0x190 [ 793.851867][T31573] should_fail_ex.cold+0x5/0xa [ 793.851896][T31573] should_failslab+0xc2/0x120 [ 793.851928][T31573] ? create_ruleset+0x21/0x140 [ 793.851950][T31573] __kmalloc_noprof+0xf6/0x9c0 [ 793.851969][T31573] ? find_held_lock+0x2b/0x80 [ 793.851991][T31573] ? create_ruleset+0x21/0x140 [ 793.852013][T31573] create_ruleset+0x21/0x140 [ 793.852037][T31573] landlock_create_ruleset+0x77/0x230 [ 793.852065][T31573] __do_sys_landlock_create_ruleset+0x255/0x4b0 [ 793.852090][T31573] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 793.852114][T31573] ? xfd_validate_state+0x129/0x190 [ 793.852151][T31573] do_syscall_64+0xc9/0xf80 [ 793.852175][T31573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.852194][T31573] RIP: 0033:0x7f8dacb9aeb9 [ 793.852209][T31573] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 793.852226][T31573] RSP: 002b:00007f8dad980028 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 793.852245][T31573] RAX: ffffffffffffffda RBX: 00007f8dace15fa0 RCX: 00007f8dacb9aeb9 [ 793.852256][T31573] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 793.852266][T31573] RBP: 00007f8dacc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 793.852277][T31573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 793.852286][T31573] R13: 00007f8dace16038 R14: 00007f8dace15fa0 R15: 00007ffdf4f0f388 [ 793.852309][T31573] [ 794.055272][T31547] memory+swap: usage 3484kB, limit 9007199254740988kB, failcnt 0 [ 794.063706][T31547] kmem: usage 1356kB, limit 9007199254740988kB, failcnt 0 [ 794.071356][T31547] Memory cgroup stats for /syz2: [ 794.071484][T31547] cache 0 [ 794.080072][T31547] rss 1757184 [ 794.083737][T31547] rss_huge 0 [ 794.087180][T31547] shmem 0 [ 794.090852][T31547] mapped_file 0 [ 794.094650][T31547] dirty 0 [ 794.097599][T31547] writeback 0 [ 794.101062][T31547] workingset_refault_anon 2890 [ 794.106152][T31547] workingset_refault_file 13431 [ 794.111209][T31547] swap 421888 [ 794.114758][T31547] swapcached 0 [ 794.118429][T31547] pgpgin 203470 [ 794.122481][T31547] pgpgout 222459 [ 794.126109][T31547] pgfault 333343 [ 794.130030][T31547] pgmajfault 1677 [ 794.133792][T31547] inactive_anon 0 [ 794.137438][T31547] active_anon 1757184 [ 794.141676][T31547] inactive_file 0 [ 794.145350][T31547] active_file 0 [ 794.149240][T31547] unevictable 0 [ 794.153230][T31547] hierarchical_memory_limit 3145728 [ 794.158626][T31547] hierarchical_memsw_limit 9223372036854771712 [ 794.165183][T31547] total_cache 0 [ 794.169019][T31547] total_rss 1757184 [ 794.173776][T31547] total_rss_huge 0 [ 794.178048][T31547] total_shmem 0 [ 794.181543][T31547] total_mapped_file 0 [ 794.185736][T31547] total_dirty 0 [ 794.189344][T31547] total_writeback 0 [ 794.194020][T31547] total_workingset_refault_anon 2890 [ 794.199771][T31547] total_workingset_refault_file 13431 [ 794.205284][T31547] total_swap 421888 [ 794.209176][T31547] total_swapcached 0 [ 794.213257][T31547] total_pgpgin 203470 [ 794.217331][T31547] total_pgpgout 222459 [ 794.221474][T31547] total_pgfault 333343 [ 794.225990][T31547] total_pgmajfault 1677 [ 794.230407][T31547] total_inactive_anon 0 [ 794.235071][T31547] total_active_anon 1757184 [ 794.239844][T31547] total_inactive_file 0 [ 794.244167][T31547] total_active_file 0 [ 794.252493][T31547] total_unevictable 0 [ 794.270017][T31547] anon_cost 512 [ 794.279964][T31547] file_cost 0 [ 794.283922][T31547] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.11314,pid=31544,uid=0 [ 794.302022][T31547] Memory cgroup out of memory: Killed process 31544 (syz.2.11314) total-vm:108344kB, anon-rss:2872kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 794.975740][T31611] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.11339'. [ 795.574557][T31638] netlink: 338 bytes leftover after parsing attributes in process `syz.2.11348'. [ 797.745352][T31735] syz.2.11381 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 797.792404][T31735] CPU: 0 UID: 0 PID: 31735 Comm: syz.2.11381 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 797.792440][T31735] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 797.792448][T31735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 797.792458][T31735] Call Trace: [ 797.792464][T31735] [ 797.792471][T31735] dump_stack_lvl+0x100/0x190 [ 797.792498][T31735] dump_header+0xfb/0x606 [ 797.792518][T31735] oom_kill_process.cold+0xd/0x321 [ 797.792539][T31735] out_of_memory+0x340/0x14f0 [ 797.792567][T31735] ? __pfx_out_of_memory+0x10/0x10 [ 797.792597][T31735] mem_cgroup_out_of_memory+0xc6/0x130 [ 797.792617][T31735] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 797.792636][T31735] ? find_held_lock+0x2b/0x80 [ 797.792659][T31735] ? do_raw_spin_unlock+0x145/0x1e0 [ 797.792688][T31735] ? _raw_spin_unlock+0x28/0x50 [ 797.792709][T31735] try_charge_memcg+0x652/0xc90 [ 797.792739][T31735] ? __pfx_try_charge_memcg+0x10/0x10 [ 797.792765][T31735] ? find_held_lock+0x2b/0x80 [ 797.792791][T31735] ? rcu_read_unlock+0x17/0x60 [ 797.792818][T31735] ? rcu_read_unlock+0x17/0x60 [ 797.792852][T31735] charge_memcg+0xa6/0x280 [ 797.792878][T31735] __mem_cgroup_charge+0x2b/0x1e0 [ 797.792909][T31735] do_anonymous_page+0xb38/0x1f40 [ 797.792937][T31735] __handle_mm_fault+0x1d3a/0x2b50 [ 797.792964][T31735] ? __pfx___handle_mm_fault+0x10/0x10 [ 797.792987][T31735] ? __pte_offset_map_lock+0x174/0x320 [ 797.793018][T31735] ? find_held_lock+0x2b/0x80 [ 797.793052][T31735] ? follow_page_pte+0x5b4/0x1410 [ 797.793085][T31735] handle_mm_fault+0x36d/0xa20 [ 797.793110][T31735] __get_user_pages+0xf9c/0x34d0 [ 797.793148][T31735] ? __pfx___get_user_pages+0x10/0x10 [ 797.793193][T31735] populate_vma_page_range+0x267/0x3f0 [ 797.793225][T31735] ? __pfx_populate_vma_page_range+0x10/0x10 [ 797.793255][T31735] ? __pfx_find_vma_intersection+0x10/0x10 [ 797.793284][T31735] ? do_mmap+0x93f/0x12f0 [ 797.793318][T31735] __mm_populate+0x107/0x3a0 [ 797.793350][T31735] ? __pfx___mm_populate+0x10/0x10 [ 797.793382][T31735] ? up_write+0x290/0x4f0 [ 797.793412][T31735] vm_mmap_pgoff+0x37f/0x470 [ 797.793444][T31735] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 797.793472][T31735] ? __sys_connect+0xe4/0x170 [ 797.793500][T31735] ? __x64_sys_futex+0x34f/0x4d0 [ 797.793525][T31735] ? __x64_sys_futex+0x358/0x4d0 [ 797.793553][T31735] ksys_mmap_pgoff+0x7d/0x5b0 [ 797.793585][T31735] __x64_sys_mmap+0x125/0x190 [ 797.793606][T31735] do_syscall_64+0xc9/0xf80 [ 797.793630][T31735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 797.793649][T31735] RIP: 0033:0x7f165d39aeb9 [ 797.793665][T31735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 797.793683][T31735] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 797.793702][T31735] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 797.793715][T31735] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 797.793726][T31735] RBP: 00007f165d408c1f R08: 0000000000000002 R09: 0000000000008000 [ 797.793738][T31735] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 797.793749][T31735] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 797.793774][T31735] [ 798.243685][T31735] memory: usage 3072kB, limit 3072kB, failcnt 47986 [ 798.250322][T31735] memory+swap: usage 3396kB, limit 9007199254740988kB, failcnt 0 [ 798.258568][T31735] kmem: usage 1608kB, limit 9007199254740988kB, failcnt 0 [ 798.266007][T31735] Memory cgroup stats for /syz2: [ 798.266139][T31735] cache 0 [ 798.274784][T31735] rss 1499136 [ 798.278161][T31735] rss_huge 0 [ 798.281598][T31735] shmem 0 [ 798.284678][T31735] mapped_file 0 [ 798.288677][T31735] dirty 0 [ 798.291626][T31735] writeback 0 [ 798.295600][T31735] workingset_refault_anon 2914 [ 798.300681][T31735] workingset_refault_file 13431 [ 798.305689][T31735] swap 331776 [ 798.308989][T31735] swapcached 4096 [ 798.312825][T31735] pgpgin 204359 [ 798.316514][T31735] pgpgout 223411 [ 798.321211][T31735] pgfault 335405 [ 798.325052][T31735] pgmajfault 1687 [ 798.328894][T31735] inactive_anon 0 [ 798.332723][T31735] active_anon 1499136 [ 798.336989][T31735] inactive_file 0 [ 798.340669][T31735] active_file 0 [ 798.344314][T31735] unevictable 0 [ 798.347843][T31735] hierarchical_memory_limit 3145728 [ 798.353174][T31735] hierarchical_memsw_limit 9223372036854771712 [ 798.359391][T31735] total_cache 0 [ 798.362977][T31735] total_rss 1499136 [ 798.366883][T31735] total_rss_huge 0 [ 798.371025][T31735] total_shmem 0 [ 798.374742][T31735] total_mapped_file 0 [ 798.378716][T31735] total_dirty 0 [ 798.382249][T31735] total_writeback 0 [ 798.386293][T31735] total_workingset_refault_anon 2914 [ 798.392582][T31735] total_workingset_refault_file 13431 [ 798.398055][T31735] total_swap 331776 [ 798.401854][T31735] total_swapcached 4096 [ 798.406122][T31735] total_pgpgin 204359 [ 798.410272][T31735] total_pgpgout 223411 [ 798.414726][T31735] total_pgfault 335405 [ 798.419030][T31735] total_pgmajfault 1687 [ 798.423896][T31735] total_inactive_anon 0 [ 798.428048][T31735] total_active_anon 1499136 [ 798.433419][T31735] total_inactive_file 0 [ 798.437623][T31735] total_active_file 0 [ 798.441609][T31735] total_unevictable 0 [ 798.445905][T31735] anon_cost 514 [ 798.449363][T31735] file_cost 0 [ 798.452777][T31735] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.11381,pid=31734,uid=0 [ 798.467902][T31735] Memory cgroup out of memory: Killed process 31734 (syz.2.11381) total-vm:108344kB, anon-rss:2616kB, file-rss:22624kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 799.196977][T31768] netlink: 342 bytes leftover after parsing attributes in process `syz.3.11385'. [ 800.501889][T31837] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11417'. [ 802.643910][T27257] Bluetooth: hci0: Malformed HCI Event [ 802.927505][T31926] syz.2.11462 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 802.975561][T31926] CPU: 0 UID: 0 PID: 31926 Comm: syz.2.11462 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 802.975598][T31926] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 802.975607][T31926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 802.975618][T31926] Call Trace: [ 802.975625][T31926] [ 802.975632][T31926] dump_stack_lvl+0x100/0x190 [ 802.975660][T31926] dump_header+0xfb/0x606 [ 802.975680][T31926] oom_kill_process.cold+0xd/0x321 [ 802.975701][T31926] out_of_memory+0x340/0x14f0 [ 802.975733][T31926] ? __pfx_out_of_memory+0x10/0x10 [ 802.975764][T31926] mem_cgroup_out_of_memory+0xc6/0x130 [ 802.975784][T31926] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 802.975803][T31926] ? find_held_lock+0x2b/0x80 [ 802.975827][T31926] ? do_raw_spin_unlock+0x145/0x1e0 [ 802.975857][T31926] ? _raw_spin_unlock+0x28/0x50 [ 802.975879][T31926] try_charge_memcg+0x652/0xc90 [ 802.975910][T31926] ? __pfx_try_charge_memcg+0x10/0x10 [ 802.975936][T31926] ? find_held_lock+0x2b/0x80 [ 802.975953][T31926] ? rcu_read_unlock+0x17/0x60 [ 802.975980][T31926] ? rcu_read_unlock+0x17/0x60 [ 802.976014][T31926] charge_memcg+0xa6/0x280 [ 802.976041][T31926] __mem_cgroup_charge+0x2b/0x1e0 [ 802.976071][T31926] do_anonymous_page+0xb38/0x1f40 [ 802.976100][T31926] __handle_mm_fault+0x1d3a/0x2b50 [ 802.976128][T31926] ? __pfx___handle_mm_fault+0x10/0x10 [ 802.976150][T31926] ? __pte_offset_map_lock+0x174/0x320 [ 802.976178][T31926] ? find_held_lock+0x2b/0x80 [ 802.976203][T31926] ? follow_page_pte+0x5b4/0x1410 [ 802.976236][T31926] handle_mm_fault+0x36d/0xa20 [ 802.976261][T31926] __get_user_pages+0xf9c/0x34d0 [ 802.976298][T31926] ? __pfx___get_user_pages+0x10/0x10 [ 802.976334][T31926] populate_vma_page_range+0x267/0x3f0 [ 802.976366][T31926] ? __pfx_populate_vma_page_range+0x10/0x10 [ 802.976397][T31926] ? __pfx_find_vma_intersection+0x10/0x10 [ 802.976426][T31926] ? do_mmap+0x93f/0x12f0 [ 802.976463][T31926] __mm_populate+0x107/0x3a0 [ 802.976495][T31926] ? __pfx___mm_populate+0x10/0x10 [ 802.976527][T31926] ? up_write+0x290/0x4f0 [ 802.976557][T31926] vm_mmap_pgoff+0x37f/0x470 [ 802.976589][T31926] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 802.976619][T31926] ? rcu_is_watching+0x12/0xc0 [ 802.976639][T31926] ? kcov_ioctl+0x162/0x720 [ 802.976657][T31926] ? kcov_ioctl+0x162/0x720 [ 802.976678][T31926] ksys_mmap_pgoff+0x7d/0x5b0 [ 802.976708][T31926] ? kcov_ioctl+0x16a/0x720 [ 802.976729][T31926] __x64_sys_mmap+0x125/0x190 [ 802.976755][T31926] do_syscall_64+0xc9/0xf80 [ 802.976780][T31926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.976799][T31926] RIP: 0033:0x7f165d39aeb9 [ 802.976815][T31926] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 802.976834][T31926] RSP: 002b:00007f165e1be028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 802.976853][T31926] RAX: ffffffffffffffda RBX: 00007f165d615fa0 RCX: 00007f165d39aeb9 [ 802.976866][T31926] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 802.976877][T31926] RBP: 00007f165d408c1f R08: ffffffffffffffff R09: 0000000000008000 [ 802.976889][T31926] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 802.976900][T31926] R13: 00007f165d616038 R14: 00007f165d615fa0 R15: 00007ffdc16ec068 [ 802.976925][T31926] [ 803.367612][T31926] memory: usage 3072kB, limit 3072kB, failcnt 48115 [ 803.374344][T31926] memory+swap: usage 3464kB, limit 9007199254740988kB, failcnt 0 [ 803.382265][T31926] kmem: usage 1356kB, limit 9007199254740988kB, failcnt 0 [ 803.390101][T31926] Memory cgroup stats for /syz2: [ 803.390229][T31926] cache 0 [ 803.398310][T31926] rss 1757184 [ 803.401754][T31926] rss_huge 0 [ 803.405267][T31926] shmem 0 [ 803.409164][T31926] mapped_file 0 [ 803.413236][T31926] dirty 0 [ 803.416285][T31926] writeback 0 [ 803.419883][T31926] workingset_refault_anon 2932 [ 803.424837][T31926] workingset_refault_file 13431 [ 803.429886][T31926] swap 401408 [ 803.433453][T31926] swapcached 0 [ 803.437819][T31926] pgpgin 205549 [ 803.442594][T31926] pgpgout 224538 [ 803.446381][T31926] pgfault 338010 [ 803.450035][T31926] pgmajfault 1700 [ 803.453816][T31926] inactive_anon 0 [ 803.458372][T31926] active_anon 1757184 [ 803.462538][T31926] inactive_file 0 [ 803.466190][T31926] active_file 0 [ 803.470219][T31926] unevictable 0 [ 803.473869][T31926] hierarchical_memory_limit 3145728 [ 803.479159][T31926] hierarchical_memsw_limit 9223372036854771712 [ 803.485448][T31926] total_cache 0 [ 803.489425][T31926] total_rss 1757184 [ 803.493653][T31926] total_rss_huge 0 [ 803.497443][T31926] total_shmem 0 [ 803.501077][T31926] total_mapped_file 0 [ 803.505168][T31926] total_dirty 0 [ 803.508788][T31926] total_writeback 0 [ 803.513548][T31926] total_workingset_refault_anon 2932 [ 803.518900][T31926] total_workingset_refault_file 13431 [ 803.524351][T31926] total_swap 401408 [ 803.528325][T31926] total_swapcached 0 [ 803.532533][T31926] total_pgpgin 205549 [ 803.536595][T31926] total_pgpgout 224538 [ 803.540857][T31926] total_pgfault 338010 [ 803.545467][T31926] total_pgmajfault 1700 [ 803.550253][T31926] total_inactive_anon 0 [ 803.554731][T31926] total_active_anon 1757184 [ 803.559729][T31926] total_inactive_file 0 [ 803.563905][T31926] total_active_file 0 [ 803.567968][T31926] total_unevictable 0 [ 803.571999][T31926] anon_cost 512 [ 803.575587][T31926] file_cost 0 [ 803.578898][T31926] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.11462,pid=31925,uid=0 [ 803.594708][T31926] Memory cgroup out of memory: Killed process 31925 (syz.2.11462) total-vm:108344kB, anon-rss:2872kB, file-rss:21376kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 804.242673][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.255938][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.268776][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.281397][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.294012][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.307091][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.319750][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.332381][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.345413][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 804.357805][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.252450][ C0] net_ratelimit: 18807 callbacks suppressed [ 809.252470][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.271121][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.284027][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.297187][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.310187][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.323169][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.335999][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.349210][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.362001][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 809.374947][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 810.802345][ C0] sched: DL replenish lagged too much [ 814.262890][ C0] net_ratelimit: 5395 callbacks suppressed [ 814.262910][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.282055][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.295596][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.309011][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.322280][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.335867][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.349139][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.362595][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.375590][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 814.388808][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.272428][ C0] net_ratelimit: 5759 callbacks suppressed [ 819.272448][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.291742][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.305184][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.319419][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.332849][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.346450][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.359921][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.373251][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.386402][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 819.399402][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.282657][ C0] net_ratelimit: 5772 callbacks suppressed [ 824.282675][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.302509][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.316358][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.329531][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.342779][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.356305][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.369303][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.383716][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.397428][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 824.410738][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.292618][ C0] net_ratelimit: 5857 callbacks suppressed [ 829.292637][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.312001][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.324920][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.338342][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.351726][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.365300][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.378320][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.391640][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.404714][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 829.417916][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 831.936968][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 834.303163][ C0] net_ratelimit: 5868 callbacks suppressed [ 834.303184][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.322108][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.335400][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.349824][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.363123][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.377004][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.390361][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.403601][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.416657][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 834.430763][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.312801][ C0] net_ratelimit: 5757 callbacks suppressed [ 839.312820][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.332115][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.346446][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.359856][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.373327][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.386479][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.399691][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.413212][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.426571][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 839.440197][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 844.322394][ C0] net_ratelimit: 10315 callbacks suppressed [ 844.322415][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 844.341569][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 844.354190][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 844.367184][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 844.380165][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 844.392871][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 844.405812][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 844.418752][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 844.431567][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 844.445633][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 849.332854][ C0] net_ratelimit: 11059 callbacks suppressed [ 849.332874][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 849.351753][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 849.364663][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 849.377420][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 849.390271][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 849.403119][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 849.415757][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 849.428904][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 849.441674][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 849.454094][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 854.342497][ C0] net_ratelimit: 11045 callbacks suppressed [ 854.342518][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 854.361386][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 854.374212][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 854.386528][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 854.399430][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 854.412405][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 854.424918][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 854.438445][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 854.452030][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 854.465022][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 859.352540][ C0] net_ratelimit: 10994 callbacks suppressed [ 859.352561][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 859.371472][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 859.384424][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 859.397044][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 859.409892][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 859.423541][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 859.435999][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 859.449042][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 859.461941][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 859.474924][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 864.362513][ C0] net_ratelimit: 11044 callbacks suppressed [ 864.362533][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 864.380899][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 864.394760][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 864.408007][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 864.420879][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 864.434261][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 864.447196][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 864.460074][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 864.473968][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 864.487224][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 869.372722][ C0] net_ratelimit: 11030 callbacks suppressed [ 869.372743][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 869.391708][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 869.405420][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 869.418678][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 869.431201][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 869.444136][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 869.457444][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 869.469996][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 869.482915][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 869.495886][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 874.382332][ C0] net_ratelimit: 12089 callbacks suppressed [ 874.382353][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 874.401078][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 874.414129][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 874.427022][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 874.440439][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 874.453075][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 874.465876][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 874.478877][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 874.491450][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 874.504458][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 879.392649][ C0] net_ratelimit: 12357 callbacks suppressed [ 879.392670][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 879.411090][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 879.423648][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 879.436287][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 879.449511][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 879.461861][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 879.474453][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 879.487539][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 879.500303][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 879.512714][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 884.402333][ C0] net_ratelimit: 12573 callbacks suppressed [ 884.402356][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 884.422481][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 884.434913][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 884.447347][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 884.460394][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 884.473157][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 884.485697][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 884.498271][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 884.511053][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 884.524081][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 889.412481][ C0] net_ratelimit: 12612 callbacks suppressed [ 889.412501][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 889.431675][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 889.444875][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 889.458595][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 889.471250][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 889.483935][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 889.497227][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 889.510289][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 889.522795][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 889.535368][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 894.422333][ C0] net_ratelimit: 12391 callbacks suppressed [ 894.422355][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 894.441589][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 894.454491][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 894.467081][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 894.479521][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 894.492716][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 894.505736][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 894.518772][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 894.531395][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 894.544277][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 899.432669][ C0] net_ratelimit: 12375 callbacks suppressed [ 899.432693][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 899.452238][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 899.465571][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 899.478710][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 899.491855][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 899.505673][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 899.518688][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 899.531349][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 899.544276][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 899.557745][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 904.442632][ C0] net_ratelimit: 12547 callbacks suppressed [ 904.442653][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 904.461600][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 904.474636][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 904.487580][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 904.500410][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 904.513369][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 904.526458][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 904.539469][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 904.552156][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 904.564801][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 909.452527][ C0] net_ratelimit: 12417 callbacks suppressed [ 909.452548][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 909.471218][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 909.483634][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 909.496840][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 909.509618][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 909.522764][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 909.535144][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 909.547841][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 909.560645][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 909.573608][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 912.582260][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 912.589255][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P31962/1:b..l [ 912.597964][ C0] rcu: (detected by 0, t=10502 jiffies, g=136105, q=468 ncpus=1) [ 912.605853][ C0] task:syz.3.11479 state:R running task stack:27320 pid:31962 tgid:31960 ppid:5822 task_flags:0x400140 flags:0x00080002 [ 912.620646][ C0] Call Trace: [ 912.623935][ C0] [ 912.626864][ C0] ? __schedule+0xf65/0x5e10 [ 912.631453][ C0] __schedule+0xfe4/0x5e10 [ 912.635860][ C0] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 912.643039][ C0] ? do_fault+0x6a4/0x1990 [ 912.647544][ C0] ? __pfx___schedule+0x10/0x10 [ 912.652395][ C0] preempt_schedule_irq+0x50/0x90 [ 912.657592][ C0] irqentry_exit+0x17b/0x670 [ 912.662182][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 912.668250][ C0] RIP: 0010:lock_is_held_type+0x0/0x140 [ 912.673965][ C0] Code: df 48 8d 3d 82 c4 46 05 48 c7 c6 27 b4 c1 8d 67 48 0f b9 3a eb c7 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 8b 0d ea ab 43 05 b8 ff ff ff ff 85 c9 0f 84 ed 00 00 [ 912.693583][ C0] RSP: 0018:ffffc9000b8079f8 EFLAGS: 00000202 [ 912.699909][ C0] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffc9000c93c000 [ 912.707895][ C0] RDX: 0000000000000001 RSI: 00000000ffffffff RDI: ffffffff8e5e3060 [ 912.715862][ C0] RBP: ffff88807f0e0000 R08: 0000000000000005 R09: 0000000000000000 [ 912.723827][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88807d050000 [ 912.731806][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 912.740044][ C0] rcu_read_lock_sched_held+0x40/0x70 [ 912.745504][ C0] mem_cgroup_from_task+0x73/0x150 [ 912.751139][ C0] count_memcg_events_mm.constprop.0+0xae/0x2a0 [ 912.757386][ C0] handle_mm_fault+0x7ea/0xa20 [ 912.762244][ C0] __get_user_pages+0xf9c/0x34d0 [ 912.767283][ C0] ? down_read_killable+0x30e/0x4c0 [ 912.772573][ C0] ? __pfx___get_user_pages+0x10/0x10 [ 912.778130][ C0] faultin_page_range+0x1f1/0x9e0 [ 912.783363][ C0] madvise_do_behavior+0x354/0x510 [ 912.788579][ C0] ? __pfx_madvise_do_behavior+0x10/0x10 [ 912.794826][ C0] ? down_read+0x13b/0x460 [ 912.799359][ C0] do_madvise+0x195/0x240 [ 912.803773][ C0] ? __pfx_do_madvise+0x10/0x10 [ 912.808990][ C0] ? do_futex+0x192/0x350 [ 912.813521][ C0] ? xfd_validate_state+0x129/0x190 [ 912.818836][ C0] __x64_sys_madvise+0xa9/0x110 [ 912.823717][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 912.829106][ C0] do_syscall_64+0xc9/0xf80 [ 912.833788][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 912.839880][ C0] RIP: 0033:0x7f8dacb9aeb9 [ 912.844407][ C0] RSP: 002b:00007f8dad980028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 912.853140][ C0] RAX: ffffffffffffffda RBX: 00007f8dace15fa0 RCX: 00007f8dacb9aeb9 [ 912.861645][ C0] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 912.869683][ C0] RBP: 00007f8dacc08c1f R08: 0000000000000000 R09: 0000000000000000 [ 912.877782][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 912.885858][ C0] R13: 00007f8dace16038 R14: 00007f8dace15fa0 R15: 00007ffdf4f0f388 [ 912.894045][ C0] [ 914.462416][ C0] net_ratelimit: 10928 callbacks suppressed [ 914.462438][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 914.481127][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 914.494256][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 914.507862][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 914.520551][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 914.533285][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 914.546605][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 914.560008][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 914.572544][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 914.585083][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 915.957350][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 918.697247][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 919.369698][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 919.472554][ C0] net_ratelimit: 11089 callbacks suppressed [ 919.472575][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 919.491220][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 919.504281][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 919.517837][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 919.531603][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 919.544819][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 919.557683][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 919.570583][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0e:46:3e:ea:e0:10, vlan:0) [ 919.584345][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 919.596829][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)