Warning: Permanently added '10.128.0.18' (ED25519) to the list of known hosts. 1970/01/01 00:00:39 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:00:40 parsed 1 programs [ 43.540057][ T6530] cgroup: Unknown subsys name 'net' [ 43.659939][ T6530] cgroup: Unknown subsys name 'cpuset' [ 43.663757][ T6530] cgroup: Unknown subsys name 'rlimit' [ 43.848740][ T6530] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 55.012870][ T6542] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 55.663474][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.665804][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.680047][ T476] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.681938][ T476] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.800617][ T6599] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 56.801331][ T6599] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 56.801702][ T6599] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 56.802357][ T6599] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 56.802866][ T6599] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 57.254230][ T6604] chnl_net:caif_netlink_parms(): no params data found [ 57.347386][ T6604] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.347486][ T6604] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.347623][ T6604] bridge_slave_0: entered allmulticast mode [ 57.348550][ T6604] bridge_slave_0: entered promiscuous mode [ 57.350190][ T6604] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.350262][ T6604] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.350352][ T6604] bridge_slave_1: entered allmulticast mode [ 57.351178][ T6604] bridge_slave_1: entered promiscuous mode [ 57.500122][ T6604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.501766][ T6604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.519198][ T6604] team0: Port device team_slave_0 added [ 57.521277][ T6604] team0: Port device team_slave_1 added [ 57.536015][ T6604] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.536081][ T6604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.536112][ T6604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.539247][ T6604] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.539274][ T6604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.539303][ T6604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.576689][ T6604] hsr_slave_0: entered promiscuous mode [ 57.578732][ T6604] hsr_slave_1: entered promiscuous mode [ 57.703239][ T6604] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 57.708218][ T6604] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 57.711970][ T6604] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 57.716091][ T6604] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 57.766319][ T6604] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.774179][ T6604] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.777193][ T476] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.777309][ T476] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.786228][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.786313][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.849933][ T6604] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.932315][ T6604] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.952961][ T6604] veth0_vlan: entered promiscuous mode [ 57.955975][ T6604] veth1_vlan: entered promiscuous mode [ 57.970652][ T6604] veth0_macvtap: entered promiscuous mode [ 57.972527][ T6604] veth1_macvtap: entered promiscuous mode [ 57.981156][ T6604] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.983119][ T6604] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.984669][ T6604] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.984727][ T6604] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.984756][ T6604] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.984785][ T6604] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.449921][ T4497] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.550251][ T4497] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.628765][ T4497] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.700634][ T4497] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 1970/01/01 00:00:58 executed programs: 0 [ 58.975140][ T6093] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 58.978282][ T6093] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 58.979385][ T6093] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 58.980318][ T6093] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 58.980795][ T6093] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.073773][ T6636] chnl_net:caif_netlink_parms(): no params data found [ 59.113803][ T6636] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.114288][ T6636] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.114410][ T6636] bridge_slave_0: entered allmulticast mode [ 59.115264][ T6636] bridge_slave_0: entered promiscuous mode [ 59.116954][ T6636] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.117191][ T6636] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.117310][ T6636] bridge_slave_1: entered allmulticast mode [ 59.118129][ T6636] bridge_slave_1: entered promiscuous mode [ 59.141181][ T6636] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.142947][ T6636] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.158441][ T6636] team0: Port device team_slave_0 added [ 59.159953][ T6636] team0: Port device team_slave_1 added [ 59.174843][ T6636] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.174909][ T6636] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.174943][ T6636] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.176484][ T6636] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.176510][ T6636] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.176542][ T6636] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.212053][ T6636] hsr_slave_0: entered promiscuous mode [ 59.212584][ T6636] hsr_slave_1: entered promiscuous mode [ 59.212954][ T6636] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.213069][ T6636] Cannot create hsr debugfs directory [ 61.057512][ T6093] Bluetooth: hci0: command tx timeout [ 61.553545][ T4497] bridge_slave_1: left allmulticast mode [ 61.555390][ T4497] bridge_slave_1: left promiscuous mode [ 61.557607][ T4497] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.563821][ T4497] bridge_slave_0: left allmulticast mode [ 61.565424][ T4497] bridge_slave_0: left promiscuous mode [ 61.568656][ T4497] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.138430][ T6093] Bluetooth: hci0: command tx timeout [ 63.262920][ T4497] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 63.299438][ T4497] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 63.348812][ T4497] bond0 (unregistering): Released all slaves [ 63.436616][ T4497] hsr_slave_0: left promiscuous mode [ 63.439229][ T4497] hsr_slave_1: left promiscuous mode [ 63.441556][ T4497] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 63.443968][ T4497] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 63.447158][ T4497] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 63.449318][ T4497] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 63.464884][ T4497] veth1_macvtap: left promiscuous mode [ 63.466960][ T4497] veth0_macvtap: left promiscuous mode [ 63.469670][ T4497] veth1_vlan: left promiscuous mode [ 63.469808][ T4497] veth0_vlan: left promiscuous mode [ 64.738606][ T2407] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.738721][ T2407] ieee802154 phy1 wpan1: encryption failed: -22 [ 65.217138][ T6093] Bluetooth: hci0: command tx timeout [ 65.379114][ T4497] team0 (unregistering): Port device team_slave_1 removed [ 65.560178][ T4497] team0 (unregistering): Port device team_slave_0 removed [ 67.297696][ T6093] Bluetooth: hci0: command tx timeout [ 68.101136][ T6636] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 68.107307][ T6636] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 68.111933][ T6636] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 68.116135][ T6636] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 68.173125][ T6636] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.182054][ T6636] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.186091][ T2191] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.186164][ T2191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.191293][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.192353][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 68.253002][ T6636] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 68.392695][ T6636] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 68.411750][ T6636] veth0_vlan: entered promiscuous mode [ 68.414774][ T6636] veth1_vlan: entered promiscuous mode [ 68.429588][ T6636] veth0_macvtap: entered promiscuous mode [ 68.431424][ T6636] veth1_macvtap: entered promiscuous mode [ 68.439771][ T6636] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.441515][ T6636] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.443042][ T6636] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.443083][ T6636] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.443113][ T6636] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.443142][ T6636] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.504175][ T2067] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.504230][ T2067] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.520342][ T2191] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.522674][ T2191] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 1970/01/01 00:01:08 executed programs: 2 [ ** replaying previous printk message ** [ 68.694051][ T6685] ------------[ cut here ]------------ [ 68.694140][ T6685] ODEBUG: activate active (active state 1) object: 00000000bc177d4c object type: rcu_head hint: 0x0 [ 68.694541][ T6685] WARNING: CPU: 0 PID: 6685 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 68.702793][ T6685] Modules linked in: [ 68.703863][ T6685] CPU: 0 UID: 0 PID: 6685 Comm: syz.0.17 Not tainted 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 68.706830][ T6685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.709537][ T6685] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 68.711653][ T6685] pc : debug_object_activate+0x344/0x460 [ 68.713236][ T6685] lr : debug_object_activate+0x344/0x460 [ 68.714729][ T6685] sp : ffff80009f2b76d0 [ 68.715963][ T6685] x29: ffff80009f2b76d0 x28: ffff8000976d7000 x27: dfff800000000000 [ 68.718191][ T6685] x26: ffff80008afc2480 x25: 0000000000000001 x24: ffff8000891ac9a0 [ 68.720424][ T6685] x23: 0000000000000003 x22: ffff80008b539420 x21: 0000000000000000 [ 68.722628][ T6685] x20: ffff80008afc2480 x19: ffff8000891ac9a0 x18: 00000000ffffffff [ 68.724836][ T6685] x17: 3464373731636230 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 68.727055][ T6685] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 68.729279][ T6685] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : d4943feae7160c00 [ 68.731457][ T6685] x8 : d4943feae7160c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.733617][ T6685] x5 : ffff80009f2b7018 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 68.735738][ T6685] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 68.737954][ T6685] Call trace: [ 68.738847][ T6685] debug_object_activate+0x344/0x460 (P) [ 68.740573][ T6685] kvfree_call_rcu+0x4c/0x3f0 [ 68.742027][ T6685] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 68.743481][ T6685] netlbl_sock_setattr+0x240/0x334 [ 68.744924][ T6685] smack_netlbl_add+0xa8/0x158 [ 68.746228][ T6685] smack_inode_setsecurity+0x378/0x430 [ 68.747709][ T6685] security_inode_setsecurity+0x118/0x3c0 [ 68.749224][ T6685] __vfs_setxattr_noperm+0x174/0x5c4 [ 68.750611][ T6685] __vfs_setxattr_locked+0x1ec/0x218 [ 68.752071][ T6685] vfs_setxattr+0x158/0x2ac [ 68.753346][ T6685] file_setxattr+0x1b8/0x294 [ 68.754629][ T6685] path_setxattrat+0x2ac/0x320 [ 68.755956][ T6685] __arm64_sys_fsetxattr+0xc0/0xdc [ 68.757338][ T6685] invoke_syscall+0x98/0x2b8 [ 68.758568][ T6685] el0_svc_common+0x130/0x23c [ 68.759812][ T6685] do_el0_svc+0x48/0x58 [ 68.760913][ T6685] el0_svc+0x58/0x180 [ 68.761975][ T6685] el0t_64_sync_handler+0x84/0x12c [ 68.763381][ T6685] el0t_64_sync+0x198/0x19c [ 68.764530][ T6685] irq event stamp: 715 [ 68.765637][ T6685] hardirqs last enabled at (714): [] __console_unlock+0x70/0xc4 [ 68.768032][ T6685] hardirqs last disabled at (715): [] el1_brk64+0x1c/0x48 [ 68.770532][ T6685] softirqs last enabled at (648): [] release_sock+0x14c/0x1ac [ 68.772971][ T6685] softirqs last disabled at (688): [] local_bh_disable+0x10/0x34 [ 68.775508][ T6685] ---[ end trace 0000000000000000 ]--- [ 68.777080][ ** replaying previous printk message ** [ 68.777080][ T6685] ------------[ cut here ]------------ [ 68.777120][ T6685] ODEBUG: active_state active (active state 1) object: 00000000bc177d4c object type: rcu_head hint: 0x0 [ 68.777503][ T6685] WARNING: CPU: 0 PID: 6685 at lib/debugobjects.c:615 debug_object_active_state+0x28c/0x350 [ 68.785834][ T6685] Modules linked in: [ 68.786968][ T6685] CPU: 0 UID: 0 PID: 6685 Comm: syz.0.17 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 68.790423][ T6685] Tainted: [W]=WARN [ 68.791543][ T6685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.794312][ T6685] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 68.796591][ T6685] pc : debug_object_active_state+0x28c/0x350 [ 68.798331][ T6685] lr : debug_object_active_state+0x28c/0x350 [ 68.800079][ T6685] sp : ffff80009f2b76c0 [ 68.801197][ T6685] x29: ffff80009f2b76d0 x28: ffff80008f671000 x27: dfff800000000000 [ 68.803369][ T6685] x26: 0000000000000003 x25: 0000000000000000 x24: ffff0000e9db6ce8 [ 68.805617][ T6685] x23: 0000000000000001 x22: ffff80008afc2480 x21: ffff80008b539420 [ 68.807902][ T6685] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 00000000ffffffff [ 68.810141][ T6685] x17: 3163623030303030 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 68.812378][ T6685] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 68.814643][ T6685] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : d4943feae7160c00 [ 68.816900][ T6685] x8 : d4943feae7160c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.819111][ T6685] x5 : ffff80009f2b7018 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 68.821345][ T6685] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 68.823538][ T6685] Call trace: [ 68.824440][ T6685] debug_object_active_state+0x28c/0x350 (P) [ 68.826170][ T6685] kvfree_call_rcu+0x64/0x3f0 [ 68.827489][ T6685] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 68.829062][ T6685] netlbl_sock_setattr+0x240/0x334 [ 68.830477][ T6685] smack_netlbl_add+0xa8/0x158 [ 68.831762][ T6685] smack_inode_setsecurity+0x378/0x430 [ 68.833272][ T6685] security_inode_setsecurity+0x118/0x3c0 [ 68.834792][ T6685] __vfs_setxattr_noperm+0x174/0x5c4 [ 68.836328][ T6685] __vfs_setxattr_locked+0x1ec/0x218 [ 68.837824][ T6685] vfs_setxattr+0x158/0x2ac [ 68.839025][ T6685] file_setxattr+0x1b8/0x294 [ 68.840326][ T6685] path_setxattrat+0x2ac/0x320 [ 68.841613][ T6685] __arm64_sys_fsetxattr+0xc0/0xdc [ 68.843035][ T6685] invoke_syscall+0x98/0x2b8 [ 68.844307][ T6685] el0_svc_common+0x130/0x23c [ 68.845552][ T6685] do_el0_svc+0x48/0x58 [ 68.846857][ T6685] el0_svc+0x58/0x180 [ 68.848023][ T6685] el0t_64_sync_handler+0x84/0x12c [ 68.849415][ T6685] el0t_64_sync+0x198/0x19c [ 68.850687][ T6685] irq event stamp: 739 [ 68.851802][ T6685] hardirqs last enabled at (738): [] __console_unlock+0x70/0xc4 [ 68.854349][ T6685] hardirqs last disabled at (739): [] el1_brk64+0x1c/0x48 [ 68.856811][ T6685] softirqs last enabled at (648): [] release_sock+0x14c/0x1ac [ 68.859346][ T6685] softirqs last disabled at (688): [] local_bh_disable+0x10/0x34 [ 68.861984][ T6685] ---[ end trace 0000000000000000 ]--- [ 68.863497][ T6685] ------------[ cut here ]------------ [ 68.863547][ T6685] kvfree_call_rcu(): Double-freed call. rcu_head 00000000bc177d4c [ 68.863660][ T6685] WARNING: CPU: 0 PID: 6685 at mm/slab_common.c:1956 kvfree_call_rcu+0x94/0x3f0 [ 68.869703][ T6685] Modules linked in: [ 68.870752][ T6685] CPU: 0 UID: 0 PID: 6685 Comm: syz.0.17 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 68.874310][ T6685] Tainted: [W]=WARN [ 68.875353][ T6685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.878095][ T6685] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 68.880231][ T6685] pc : kvfree_call_rcu+0x94/0x3f0 [ 68.881588][ T6685] lr : kvfree_call_rcu+0x94/0x3f0 [ 68.883007][ T6685] sp : ffff80009f2b7730 [ 68.884184][ T6685] x29: ffff80009f2b7730 x28: 00000000fffffff5 x27: 1fffe00018a99cc3 [ 68.886400][ T6685] x26: dfff800000000000 x25: ffff0000d7df936e x24: 0000000000000017 [ 68.888548][ T6685] x23: ffff8000891ac9a0 x22: 00000000ffffffea x21: ffff8000891ac9a0 [ 68.890979][ T6685] x20: ffff8000891ac9a0 x19: ffff80008afc2480 x18: 00000000ffffffff [ 68.893334][ T6685] x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 68.895614][ T6685] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 68.897827][ T6685] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : d4943feae7160c00 [ 68.900050][ T6685] x8 : d4943feae7160c00 x7 : 0000000000000001 x6 : 0000000000000001 [ 68.902269][ T6685] x5 : ffff80009f2b7078 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 68.904563][ T6685] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 68.906749][ T6685] Call trace: [ 68.907678][ T6685] kvfree_call_rcu+0x94/0x3f0 (P) [ 68.909130][ T6685] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 68.910550][ T6685] netlbl_sock_setattr+0x240/0x334 [ 68.911944][ T6685] smack_netlbl_add+0xa8/0x158 [ 68.913299][ T6685] smack_inode_setsecurity+0x378/0x430 [ 68.914813][ T6685] security_inode_setsecurity+0x118/0x3c0 [ 68.916359][ T6685] __vfs_setxattr_noperm+0x174/0x5c4 [ 68.917801][ T6685] __vfs_setxattr_locked+0x1ec/0x218 [ 68.919276][ T6685] vfs_setxattr+0x158/0x2ac [ 68.920591][ T6685] file_setxattr+0x1b8/0x294 [ 68.921903][ T6685] path_setxattrat+0x2ac/0x320 [ 68.923268][ T6685] __arm64_sys_fsetxattr+0xc0/0xdc [ 68.924664][ T6685] invoke_syscall+0x98/0x2b8 [ 68.925907][ T6685] el0_svc_common+0x130/0x23c [ 68.927215][ T6685] do_el0_svc+0x48/0x58 [ 68.928419][ T6685] el0_svc+0x58/0x180 [ 68.929538][ T6685] el0t_64_sync_handler+0x84/0x12c [ 68.931070][ T6685] el0t_64_sync+0x198/0x19c [ 68.932570][ T6685] irq event stamp: 765 [ 68.933655][ T6685] hardirqs last enabled at (764): [] __console_unlock+0x70/0xc4 [ 68.936350][ T6685] hardirqs last disabled at (765): [] el1_brk64+0x1c/0x48 [ 68.938795][ T6685] softirqs last enabled at (648): [] release_sock+0x14c/0x1ac [ 68.941233][ T6685] softirqs last disabled at (688): [] local_bh_disable+0x10/0x34 [ 68.943833][ T6685] ---[ end trace 0000000000000000 ]--- [ 68.961723][ T6686] ------------[ cut here ]------------ [ 68.961784][ T6686] ODEBUG: activate active (active state 1) object: 00000000bc177d4c object type: rcu_head hint: 0x0 [ 68.962200][ T6686] WARNING: CPU: 1 PID: 6686 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 68.969154][ T6686] Modules linked in: [ 68.970265][ T6686] CPU: 1 UID: 0 PID: 6686 Comm: syz.0.18 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 68.973642][ T6686] Tainted: [W]=WARN [ 68.974674][ T6686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.977488][ T6686] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 68.979682][ T6686] pc : debug_object_activate+0x344/0x460 [ 68.981299][ T6686] lr : debug_object_activate+0x344/0x460 [ 68.982789][ T6686] sp : ffff80009e7b76d0 [ 68.983945][ T6686] x29: ffff80009e7b76d0 x28: ffff8000976d7000 x27: dfff800000000000 [ 68.986264][ T6686] x26: ffff80008afc2480 x25: 0000000000000001 x24: ffff8000891ac9a0 [ 68.988406][ T6686] x23: 0000000000000003 x22: ffff80008b539420 x21: 0000000000000000 [ 68.990668][ T6686] x20: ffff80008afc2480 x19: ffff8000891ac9a0 x18: 00000000ffffffff [ 68.992835][ T6686] x17: 3464373731636230 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 68.995046][ T6686] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 68.997235][ T6686] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : bb581cd83fbf4400 [ 68.999442][ T6686] x8 : bb581cd83fbf4400 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.001501][ T6686] x5 : ffff80009e7b7018 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 69.003658][ T6686] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 69.005853][ T6686] Call trace: [ 69.006749][ T6686] debug_object_activate+0x344/0x460 (P) [ 69.008319][ T6686] kvfree_call_rcu+0x4c/0x3f0 [ 69.009583][ T6686] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 69.011004][ T6686] netlbl_sock_setattr+0x240/0x334 [ 69.012398][ T6686] smack_netlbl_add+0xa8/0x158 [ 69.013749][ T6686] smack_inode_setsecurity+0x378/0x430 [ 69.015200][ T6686] security_inode_setsecurity+0x118/0x3c0 [ 69.016808][ T6686] __vfs_setxattr_noperm+0x174/0x5c4 [ 69.018352][ T6686] __vfs_setxattr_locked+0x1ec/0x218 [ 69.019868][ T6686] vfs_setxattr+0x158/0x2ac [ 69.021154][ T6686] file_setxattr+0x1b8/0x294 [ 69.022429][ T6686] path_setxattrat+0x2ac/0x320 [ 69.023708][ T6686] __arm64_sys_fsetxattr+0xc0/0xdc [ 69.025125][ T6686] invoke_syscall+0x98/0x2b8 [ 69.026388][ T6686] el0_svc_common+0x130/0x23c [ 69.027674][ T6686] do_el0_svc+0x48/0x58 [ 69.028850][ T6686] el0_svc+0x58/0x180 [ 69.029980][ T6686] el0t_64_sync_handler+0x84/0x12c [ 69.031411][ T6686] el0t_64_sync+0x198/0x19c [ 69.032709][ T6686] irq event stamp: 757 [ 69.033818][ T6686] hardirqs last enabled at (756): [] __console_unlock+0x70/0xc4 [ 69.036340][ T6686] hardirqs last disabled at (757): [] el1_brk64+0x1c/0x48 [ 69.038684][ T6686] softirqs last enabled at (688): [] release_sock+0x14c/0x1ac [ 69.041144][ T6686] softirqs last disabled at (726): [] local_bh_disable+0x10/0x34 [ 69.043694][ T6686] ---[ end trace 0000000000000000 ]--- [ 69.045324][ ** replaying previous printk message ** [ 69.045324][ T6686] ------------[ cut here ]------------ [ 69.045372][ T6686] ODEBUG: active_state active (active state 1) object: 00000000bc177d4c object type: rcu_head hint: 0x0 [ 69.045784][ T6686] WARNING: CPU: 1 PID: 6686 at lib/debugobjects.c:615 debug_object_active_state+0x28c/0x350 [ 69.054207][ T6686] Modules linked in: [ 69.055285][ T6686] CPU: 1 UID: 0 PID: 6686 Comm: syz.0.18 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 69.058625][ T6686] Tainted: [W]=WARN [ 69.059745][ T6686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 69.062476][ T6686] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 69.064582][ T6686] pc : debug_object_active_state+0x28c/0x350 [ 69.066224][ T6686] lr : debug_object_active_state+0x28c/0x350 [ 69.067768][ T6686] sp : ffff80009e7b76c0 [ 69.068892][ T6686] x29: ffff80009e7b76d0 x28: ffff80008f671000 x27: dfff800000000000 [ 69.071135][ T6686] x26: 0000000000000003 x25: 0000000000000000 x24: ffff0000e9db6ce8 [ 69.073338][ T6686] x23: 0000000000000001 x22: ffff80008afc2480 x21: ffff80008b539420 [ 69.075578][ T6686] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 00000000ffffffff [ 69.077751][ T6686] x17: 3163623030303030 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 69.080050][ T6686] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 69.082330][ T6686] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : bb581cd83fbf4400 [ 69.084570][ T6686] x8 : bb581cd83fbf4400 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.086813][ T6686] x5 : ffff80009e7b7018 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 69.089047][ T6686] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 69.091270][ T6686] Call trace: [ 69.092170][ T6686] debug_object_active_state+0x28c/0x350 (P) [ 69.093804][ T6686] kvfree_call_rcu+0x64/0x3f0 [ 69.095132][ T6686] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 69.096532][ T6686] netlbl_sock_setattr+0x240/0x334 [ 69.097890][ T6686] smack_netlbl_add+0xa8/0x158 [ 69.099197][ T6686] smack_inode_setsecurity+0x378/0x430 [ 69.100759][ T6686] security_inode_setsecurity+0x118/0x3c0 [ 69.102385][ T6686] __vfs_setxattr_noperm+0x174/0x5c4 [ 69.103871][ T6686] __vfs_setxattr_locked+0x1ec/0x218 [ 69.105427][ T6686] vfs_setxattr+0x158/0x2ac [ 69.106700][ T6686] file_setxattr+0x1b8/0x294 [ 69.107950][ T6686] path_setxattrat+0x2ac/0x320 [ 69.109320][ T6686] __arm64_sys_fsetxattr+0xc0/0xdc [ 69.110696][ T6686] invoke_syscall+0x98/0x2b8 [ 69.112005][ T6686] el0_svc_common+0x130/0x23c [ 69.113239][ T6686] do_el0_svc+0x48/0x58 [ 69.114332][ T6686] el0_svc+0x58/0x180 [ 69.115451][ T6686] el0t_64_sync_handler+0x84/0x12c [ 69.116831][ T6686] el0t_64_sync+0x198/0x19c [ 69.118016][ T6686] irq event stamp: 781 [ 69.119066][ T6686] hardirqs last enabled at (780): [] __console_unlock+0x70/0xc4 [ 69.121594][ T6686] hardirqs last disabled at (781): [] el1_brk64+0x1c/0x48 [ 69.123907][ T6686] softirqs last enabled at (688): [] release_sock+0x14c/0x1ac [ 69.126442][ T6686] softirqs last disabled at (726): [] local_bh_disable+0x10/0x34 [ 69.129019][ T6686] ---[ end trace 0000000000000000 ]--- [ 69.145281] ** replaying previous printk message ** [ 69.145281][ T6687] ------------[ cut here ]------------ [ 69.145340][ T6687] ODEBUG: activate active (active state 1) object: 00000000bc177d4c object type: rcu_head hint: 0x0 [ 69.145755][ T6687] WARNING: CPU: 1 PID: 6687 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 69.153967][ T6687] Modules linked in: [ 69.155037][ T6687] CPU: 1 UID: 0 PID: 6687 Comm: syz.0.19 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 69.158382][ T6687] Tainted: [W]=WARN [ 69.159386][ T6687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 69.162239][ T6687] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 69.164368][ T6687] pc : debug_object_activate+0x344/0x460 [ 69.165900][ T6687] lr : debug_object_activate+0x344/0x460 [ 69.167415][ T6687] sp : ffff80009e7b76d0 [ 69.168590][ T6687] x29: ffff80009e7b76d0 x28: ffff8000976d7000 x27: dfff800000000000 [ 69.170805][ T6687] x26: ffff80008afc2480 x25: 0000000000000001 x24: ffff8000891ac9a0 [ 69.173026][ T6687] x23: 0000000000000003 x22: ffff80008b539420 x21: 0000000000000000 [ 69.175216][ T6687] x20: ffff80008afc2480 x19: ffff8000891ac9a0 x18: 0000000000000000 [ 69.177397][ T6687] x17: 3464373731636230 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 69.179633][ T6687] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 69.181859][ T6687] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : e73e527268ffb600 [ 69.184053][ T6687] x8 : e73e527268ffb600 x7 : 0000000000000001 x6 : 0000000000000001 [ 69.186262][ T6687] x5 : ffff80009e7b7018 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 69.188448][ T6687] x2 : 0000000000000000 x1 : 0000000000000201 x0 : 0000000000000000 [ 69.190710][ T6687] Call trace: [ 69.191651][ T6687] debug_object_activate+0x344/0x460 (P) [ 69.193179][ T6687] kvfree_call_rcu+0x4c/0x3f0 [ 69.194532][ T6687] cipso_v4_sock_setattr+0x2f0/0x3f4 [ 69.196038][ T6687] netlbl_sock_setattr+0x240/0x334 [ 69.197408][ T6687] smack_netlbl_add+0xa8/0x158 [ 69.198705][ T6687] smack_inode_setsecurity+0x378/0x430 [ 69.200186][ T6687] security_inode_setsecurity+0x118/0x3c0 [ 69.201769][ T6687] __vfs_setxattr_noperm+0x174/0x5c4 [ 69.203242][ T6687] __vfs_setxattr_locked+0x1ec/0x218 [ 69.204722][ T6687] vfs_setxattr+0x158/0x2ac [ 69.206002][ T6687] file_setxattr+0x1b8/0x294 [ 69.207311][ T6687] path_setxattrat+0x2ac/0x320 [ 69.208617][ T6687] __arm64_sys_fsetxattr+0xc0/0xdc [ 69.210095][ T6687] invoke_syscall+0x98/0x2b8 [ 69.211335][ T6687] el0_svc_common+0x130/0x23c [ 69.212628][ T6687] do_el0_svc+0x48/0x58 [ 69.213789][ T6687] el0_svc+0x58/0x180 [ 69.214867][ T6687] el0t_64_sync_handler+0x84/0x12c [ 69.216306][ T6687] el0t_64_sync+0x198/0x19c [ 69.217557][ T6687] irq event stamp: 735 [ 69.218712][ T6687] hardirqs last enabled at (734): [] __console_unlock+0x70/0xc4 [ 69.221317][ T6687] hardirqs last disabled at (735): [] el1_brk64+0x1c/0x48 [ 69.223699][ T6687] softirqs last enabled at (670): [] release_sock+0x14c/0x1ac [ 69.226240][ T6687] softirqs last disabled at (708): [] local_bh_disable+0x10/0x34 [ 69.228804][ T6687] ---[ end trace 0000000000000000 ]--- [ 69.859120][ T24] cfg80211: failed to load regulatory.db [ 73.142134][ T476] ------------[ cut here ]------------ [ 73.142233][ T476] Trying to vfree() bad address (00000000bc177d4c) [ 73.145857][ T476] WARNING: CPU: 0 PID: 476 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 73.148222][ T476] Modules linked in: [ 73.149338][ T476] CPU: 0 UID: 0 PID: 476 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 73.152835][ T476] Tainted: [W]=WARN [ 73.153827][ T476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 73.156641][ T476] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 73.158509][ T476] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 73.160558][ T476] pc : remove_vm_area+0x268/0x270 [ 73.161955][ T476] lr : remove_vm_area+0x264/0x270 [ 73.163394][ T476] sp : ffff80009c6b78e0 [ 73.164486][ T476] x29: ffff80009c6b78f0 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 73.166609][ T476] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 73.168863][ T476] x23: ffff0000c2b17028 x22: 1fffe00018ced001 x21: 0000000000000000 [ 73.171068][ T476] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 1fffe000337d4076 [ 73.173313][ T476] x17: ffff80008f66e000 x16: ffff80008aefca08 x15: 0000000000000001 [ 73.175506][ T476] x14: 1fffe000337d6af0 x13: 0000000000000000 x12: 0000000000000000 [ 73.177641][ T476] x11: ffff800093162c08 x10: 0000000000000003 x9 : af9a7221ec070700 [ 73.179887][ T476] x8 : af9a7221ec070700 x7 : ffff800080488aac x6 : 0000000000000000 [ 73.182134][ T476] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 73.184304][ T476] x2 : 0000000000000006 x1 : ffff80008b538920 x0 : 0000000000000001 [ 73.186493][ T476] Call trace: [ 73.187392][ T476] remove_vm_area+0x268/0x270 (P) [ 73.188752][ T476] vfree+0xac/0x3dc [ 73.189786][ T476] kvfree_rcu_bulk+0xc4/0x228 [ 73.191077][ T476] kfree_rcu_monitor+0x230/0x2b4 [ 73.192387][ T476] process_one_work+0x7e8/0x155c [ 73.193840][ T476] worker_thread+0x958/0xed8 [ 73.195122][ T476] kthread+0x5fc/0x75c [ 73.196208][ T476] ret_from_fork+0x10/0x20 [ 73.197410][ T476] irq event stamp: 1338734 [ 73.198663][ T476] hardirqs last enabled at (1338733): [] finish_lock_switch+0xb0/0x1c0 [ 73.201472][ T476] hardirqs last disabled at (1338734): [] el1_brk64+0x1c/0x48 [ 73.203945][ T476] softirqs last enabled at (1335108): [] batadv_nc_purge_paths+0x2f4/0x37c [ 73.206730][ T476] softirqs last disabled at (1335106): [] batadv_nc_purge_paths+0xd0/0x37c [ 73.209550][ T476] ---[ end trace 0000000000000000 ]--- [ 73.213591][ T476] ------------[ cut here ]------------ [ 73.213634][ T476] Trying to vfree() nonexistent vm area (00000000bc177d4c) [ 73.217420][ T476] WARNING: CPU: 0 PID: 476 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 73.219645][ T476] Modules linked in: [ 73.220760][ T476] CPU: 0 UID: 0 PID: 476 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 73.224145][ T476] Tainted: [W]=WARN [ 73.225176][ T476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 73.227944][ T476] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 73.229695][ T476] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 73.231811][ T476] pc : vfree+0x32c/0x3dc [ 73.233061][ T476] lr : vfree+0x32c/0x3dc [ 73.234262][ T476] sp : ffff80009c6b7950 [ 73.235423][ T476] x29: ffff80009c6b7960 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 73.237597][ T476] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 73.239850][ T476] x23: ffff0000c2b17028 x22: 1fffe00018ced001 x21: 0000000000000000 [ 73.242030][ T476] x20: ffff8000891ac9a0 x19: 0000000000000000 x18: 1fffe000337d4076 [ 73.244300][ T476] x17: ffff80008f66e000 x16: ffff80008aefca08 x15: 0000000000000001 [ 73.246518][ T476] x14: 1fffe000337d6af0 x13: 0000000000000000 x12: 0000000000000000 [ 73.248807][ T476] x11: ffff800093162c08 x10: 0000000000000003 x9 : af9a7221ec070700 [ 73.251015][ T476] x8 : af9a7221ec070700 x7 : ffff800080488aac x6 : 0000000000000000 [ 73.253146][ T476] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 73.255413][ T476] x2 : 0000000000000006 x1 : ffff80008b538920 x0 : 0000000000000001 [ 73.257599][ T476] Call trace: [ 73.258522][ T476] vfree+0x32c/0x3dc (P) [ 73.259837][ T476] kvfree_rcu_bulk+0xc4/0x228 [ 73.261171][ T476] kfree_rcu_monitor+0x230/0x2b4 [ 73.262681][ T476] process_one_work+0x7e8/0x155c [ 73.264057][ T476] worker_thread+0x958/0xed8 [ 73.265282][ T476] kthread+0x5fc/0x75c [ 73.266477][ T476] ret_from_fork+0x10/0x20 [ 73.267672][ T476] irq event stamp: 1338934 [ 73.268914][ T476] hardirqs last enabled at (1338933): [] finish_lock_switch+0xb0/0x1c0 [ 73.271580][ T476] hardirqs last disabled at (1338934): [] el1_brk64+0x1c/0x48 [ 73.274083][ T476] softirqs last enabled at (1338906): [] handle_softirqs+0xaf8/0xc88 [ 73.276710][ T476] softirqs last disabled at (1338737): [] __do_softirq+0x14/0x20 [ 73.279314][ T476] ---[ end trace 0000000000000000 ]--- [ ** replaying previous printk message ** [ 73.697952][ T2067] ------------[ cut here ]------------ [ 73.698006][ T2067] Trying to vfree() bad address (00000000bc177d4c) [ 73.698128][ T2067] WARNING: CPU: 1 PID: 2067 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 73.704679][ T2067] Modules linked in: [ 73.705826][ T2067] CPU: 1 UID: 0 PID: 2067 Comm: kworker/u8:7 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 73.709473][ T2067] Tainted: [W]=WARN [ 73.710521][ T2067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 73.713395][ T2067] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 73.715234][ T2067] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 73.717369][ T2067] pc : remove_vm_area+0x268/0x270 [ 73.718775][ T2067] lr : remove_vm_area+0x264/0x270 [ 73.720173][ T2067] sp : ffff8000a04978e0 [ 73.721310][ T2067] x29: ffff8000a04978f0 x28: ffff00019bed34d4 x27: ffff00019bed34c0 [ 73.723572][ T2067] x26: ffff00019bed34b0 x25: dfff800000000000 x24: 0000000000000001 [ 73.725734][ T2067] x23: ffff0000c487e028 x22: 1fffe0001973eb71 x21: 0000000000000000 [ 73.727974][ T2067] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 0000000000000000 [ 73.730158][ T2067] x17: 0000000000000000 x16: ffff80008aefca08 x15: 0000000000000001 [ 73.732334][ T2067] x14: 1fffe000337d88e2 x13: 0000000000000000 x12: 0000000000000000 [ 73.734567][ T2067] x11: ffff6000337d88e3 x10: 0000000000ff0100 x9 : 283639b8cbd2fd00 [ 73.736730][ T2067] x8 : 283639b8cbd2fd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.738979][ T2067] x5 : ffff8000a0497238 x4 : ffff80008f766c20 x3 : ffff8000807c0118 [ 73.741268][ T2067] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 73.743525][ T2067] Call trace: [ 73.744415][ T2067] remove_vm_area+0x268/0x270 (P) [ 73.745801][ T2067] vfree+0xac/0x3dc [ 73.746849][ T2067] kvfree_rcu_bulk+0xc4/0x228 [ 73.748161][ T2067] kfree_rcu_monitor+0x230/0x2b4 [ 73.749550][ T2067] process_one_work+0x7e8/0x155c [ 73.750856][ T2067] worker_thread+0x958/0xed8 [ 73.752181][ T2067] kthread+0x5fc/0x75c [ 73.753273][ T2067] ret_from_fork+0x10/0x20 [ 73.754590][ T2067] irq event stamp: 428736 [ 73.755770][ T2067] hardirqs last enabled at (428735): [] __console_unlock+0x70/0xc4 [ 73.758510][ T2067] hardirqs last disabled at (428736): [] el1_brk64+0x1c/0x48 [ 73.760917][ T2067] softirqs last enabled at (428696): [] ieee80211_ibss_work+0x294/0xd50 [ 73.763640][ T2067] softirqs last disabled at (428694): [] ieee80211_ibss_work+0xc0/0xd50 [ 73.766315][ T2067] ---[ end trace 0000000000000000 ]--- [ ** replaying previous printk message ** [ 73.768847][ T2067] ------------[ cut here ]------------ [ 73.768902][ T2067] Trying to vfree() nonexistent vm area (00000000bc177d4c) [ 73.769034][ T2067] WARNING: CPU: 1 PID: 2067 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 73.775689][ T2067] Modules linked in: [ 73.776803][ T2067] CPU: 1 UID: 0 PID: 2067 Comm: kworker/u8:7 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 73.780218][ T2067] Tainted: [W]=WARN [ 73.781284][ T2067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 73.784017][ T2067] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 73.785750][ T2067] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 73.787856][ T2067] pc : vfree+0x32c/0x3dc [ 73.788984][ T2067] lr : vfree+0x32c/0x3dc [ 73.790143][ T2067] sp : ffff8000a0497950 [ 73.791310][ T2067] x29: ffff8000a0497960 x28: ffff00019bed34d4 x27: ffff00019bed34c0 [ 73.793492][ T2067] x26: ffff00019bed34b0 x25: dfff800000000000 x24: 0000000000000001 [ 73.795708][ T2067] x23: ffff0000c487e028 x22: 1fffe0001973eb71 x21: 0000000000000000 [ 73.797939][ T2067] x20: ffff8000891ac9a0 x19: 0000000000000000 x18: 0000000000000000 [ 73.800089][ T2067] x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c 1970/01/01 00:01:13 executed programs: 255 [ 73.802232][ T2067] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 73.804424][ T2067] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : 283639b8cbd2fd00 [ 73.806654][ T2067] x8 : 283639b8cbd2fd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 73.808912][ T2067] x5 : ffff8000a0497298 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 73.811201][ T2067] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 73.813452][ T2067] Call trace: [ 73.814334][ T2067] vfree+0x32c/0x3dc (P) [ 73.815573][ T2067] kvfree_rcu_bulk+0xc4/0x228 [ 73.816840][ T2067] kfree_rcu_monitor+0x230/0x2b4 [ 73.818256][ T2067] process_one_work+0x7e8/0x155c [ 73.819585][ T2067] worker_thread+0x958/0xed8 [ 73.820822][ T2067] kthread+0x5fc/0x75c [ 73.821895][ T2067] ret_from_fork+0x10/0x20 [ 73.823099][ T2067] irq event stamp: 428794 [ 73.824289][ T2067] hardirqs last enabled at (428793): [] __console_unlock+0x70/0xc4 [ 73.826959][ T2067] hardirqs last disabled at (428794): [] el1_brk64+0x1c/0x48 [ 73.829436][ T2067] softirqs last enabled at (428768): [] handle_softirqs+0xaf8/0xc88 [ 73.832051][ T2067] softirqs last disabled at (428741): [] __do_softirq+0x14/0x20 [ 73.834510][ T2067] ---[ end trace 0000000000000000 ]--- [ ** replaying previous printk message ** [ 78.337624][ T476] ------------[ cut here ]------------ [ 78.337685][ T476] Trying to vfree() bad address (00000000bc177d4c) [ 78.337827][ T476] WARNING: CPU: 1 PID: 476 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 78.344334][ T476] Modules linked in: [ 78.345476][ T476] CPU: 1 UID: 0 PID: 476 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 78.348924][ T476] Tainted: [W]=WARN [ 78.350024][ T476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 78.352789][ T476] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 78.354501][ T476] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 78.356666][ T476] pc : remove_vm_area+0x268/0x270 [ 78.358032][ T476] lr : remove_vm_area+0x264/0x270 [ 78.359430][ T476] sp : ffff80009c6b78e0 [ 78.360544][ T476] x29: ffff80009c6b78f0 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 78.362837][ T476] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 78.365186][ T476] x23: ffff0000c2b15028 x22: 1fffe00018ced001 x21: 0000000000000000 [ 78.367404][ T476] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 1fffe000337d8876 [ 78.369610][ T476] x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 78.371822][ T476] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 78.374090][ T476] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : af9a7221ec070700 [ 78.376300][ T476] x8 : af9a7221ec070700 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.378732][ T476] x5 : ffff80009c6b7238 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 78.381125][ T476] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 78.383411][ T476] Call trace: [ 78.384313][ T476] remove_vm_area+0x268/0x270 (P) [ 78.385741][ T476] vfree+0xac/0x3dc [ 78.386819][ T476] kvfree_rcu_bulk+0xc4/0x228 [ 78.388156][ T476] kfree_rcu_monitor+0x230/0x2b4 [ 78.389586][ T476] process_one_work+0x7e8/0x155c [ 78.390990][ T476] worker_thread+0x958/0xed8 [ 78.392262][ T476] kthread+0x5fc/0x75c [ 78.393386][ T476] ret_from_fork+0x10/0x20 [ 78.394600][ T476] irq event stamp: 1477764 [ 78.395830][ T476] hardirqs last enabled at (1477763): [] __console_unlock+0x70/0xc4 [ 78.398518][ T476] hardirqs last disabled at (1477764): [] el1_brk64+0x1c/0x48 [ 78.401063][ T476] softirqs last enabled at (1477302): [] batadv_nc_purge_paths+0x2f4/0x37c [ 78.403905][ T476] softirqs last disabled at (1477300): [] batadv_nc_purge_paths+0xd0/0x37c [ 78.406674][ T476] ---[ end trace 0000000000000000 ]--- [ ** replaying previous printk message ** [ 78.411606][ T476] ------------[ cut here ]------------ [ 78.411652][ T476] Trying to vfree() nonexistent vm area (00000000bc177d4c) [ 78.411774][ T476] WARNING: CPU: 1 PID: 476 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 78.418368][ T476] Modules linked in: [ 78.419489][ T476] CPU: 1 UID: 0 PID: 476 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 78.422985][ T476] Tainted: [W]=WARN [ 78.424002][ T476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 78.426798][ T476] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 78.428572][ T476] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 78.430670][ T476] pc : vfree+0x32c/0x3dc [ 78.431820][ T476] lr : vfree+0x32c/0x3dc [ 78.432964][ T476] sp : ffff80009c6b7950 [ 78.434126][ T476] x29: ffff80009c6b7960 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 78.436360][ T476] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 78.438594][ T476] x23: ffff0000c2b15028 x22: 1fffe00018ced001 x21: 0000000000000000 [ 78.440843][ T476] x20: ffff8000891ac9a0 x19: 0000000000000000 x18: 1fffe000337d8876 [ 78.443140][ T476] x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 78.445395][ T476] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 78.447704][ T476] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : af9a7221ec070700 [ 78.449975][ T476] x8 : af9a7221ec070700 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.452160][ T476] x5 : ffff80009c6b7298 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 78.454433][ T476] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 78.456666][ T476] Call trace: [ 78.457617][ T476] vfree+0x32c/0x3dc (P) [ 78.458860][ T476] kvfree_rcu_bulk+0xc4/0x228 [ 78.460134][ T476] kfree_rcu_monitor+0x230/0x2b4 [ 78.461526][ T476] process_one_work+0x7e8/0x155c [ 78.462963][ T476] worker_thread+0x958/0xed8 [ 78.464230][ T476] kthread+0x5fc/0x75c [ 78.465379][ T476] ret_from_fork+0x10/0x20 [ 78.466677][ T476] irq event stamp: 1478010 [ 78.467956][ T476] hardirqs last enabled at (1478009): [] __console_unlock+0x70/0xc4 [ 78.470632][ T476] hardirqs last disabled at (1478010): [] el1_brk64+0x1c/0x48 [ 78.473230][ T476] softirqs last enabled at (1477986): [] handle_softirqs+0xaf8/0xc88 [ 78.475978][ T476] softirqs last disabled at (1477769): [] __do_softirq+0x14/0x20 [ 78.478642][ T476] ---[ end trace 0000000000000000 ]--- [ 78.522027][ T2067] ------------[ cut here ]------------ [ 78.522129][ T2067] Trying to vfree() bad address (00000000bc177d4c) [ 78.522271][ T2067] WARNING: CPU: 0 PID: 2067 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 78.527695][ T2067] Modules linked in: [ 78.528729][ T2067] CPU: 0 UID: 0 PID: 2067 Comm: kworker/u8:7 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 78.532059][ T2067] Tainted: [W]=WARN [ 78.533082][ T2067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 78.535744][ T2067] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 78.537410][ T2067] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 78.539491][ T2067] pc : remove_vm_area+0x268/0x270 [ 78.540852][ T2067] lr : remove_vm_area+0x264/0x270 [ 78.542226][ T2067] sp : ffff8000a04978f0 [ 78.543327][ T2067] x29: ffff8000a0497900 x28: 1ffff00011ece29b x27: dfff800000000000 [ 78.545496][ T2067] x26: ffff0000cb815718 x25: dfff800000000000 x24: 0000000000000001 [ 78.547670][ T2067] x23: ffff0000c2b17028 x22: 1fffe0001973eb71 x21: 0000000000000000 [ 78.549903][ T2067] x20: 0000000000000000 x19: ffff8000891ac9a0 x18: 00000000ffffffff [ 78.552175][ T2067] x17: 0000000000000000 x16: ffff80008ae642c8 x15: ffff700011ede14c [ 78.554350][ T2067] x14: 1ffff00011ede14c x13: 0000000000000004 x12: ffffffffffffffff [ 78.556483][ T2067] x11: ffff700011ede14c x10: 0000000000ff0100 x9 : 283639b8cbd2fd00 [ 78.558597][ T2067] x8 : 283639b8cbd2fd00 x7 : 0000000000000001 x6 : 0000000000000001 [ 78.560724][ T2067] x5 : ffff8000a0497238 x4 : ffff80008f766c20 x3 : ffff80008054d360 [ 78.562920][ T2067] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 78.565072][ T2067] Call trace: [ 78.565983][ T2067] remove_vm_area+0x268/0x270 (P) [ 78.567302][ T2067] vfree+0xac/0x3dc [ 78.568322][ T2067] kvfree_rcu_bulk+0xc4/0x228 [ 78.569521][ T2067] kfree_rcu_work+0xe0/0x140 [ 78.570727][ T2067] process_one_work+0x7e8/0x155c [ 78.572028][ T2067] worker_thread+0x958/0xed8 [ 78.573259][ T2067] kthread+0x5fc/0x75c [ 78.574336][ T2067] ret_from_fork+0x10/0x20 [ 78.575531][ T2067] irq event stamp: 573540 [ 78.576710][ T2067] hardirqs last enabled at (573539): [] __console_unlock+0x70/0xc4 [ 78.579343][ T2067] hardirqs last disabled at (573540): [] el1_brk64+0x1c/0x48 [ 78.581792][ T2067] softirqs last enabled at (573474): [] batadv_nc_purge_paths+0x2f4/0x37c [ 78.584528][ T2067] softirqs last disabled at (573472): [] batadv_nc_purge_paths+0xd0/0x37c [ 78.587260][ T2067] ---[ end trace 0000000000000000 ]--- [ 78.5920 ** replaying previous printk message ** [ 78.592006][ T2067] ------------[ cut here ]------------ [ 78.592061][ T2067] Trying to vfree() nonexistent vm area (00000000bc177d4c) [ 78.592361][ T2067] WARNING: CPU: 0 PID: 2067 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 78.598743][ T2067] Modules linked in: [ 78.599795][ T2067] CPU: 0 UID: 0 PID: 2067 Comm: kworker/u8:7 Tainted: G W 6.16.0-rc4-syzkaller-g7482bb149b9f #0 PREEMPT [ 78.603176][ T2067] Tainted: [W]=WARN [ 78.604200][ T2067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 78.606850][ T2067] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 78.608462][ T2067] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 78.610508][ T2067] pc : vfree+0x32c/0x3dc [ 78.611635][ T2067] lr : vfree+0x32c/0x3dc [ 78.612783][ T2067] sp : ffff8000a0497960 [ 78.613839][ T2067] x29: ffff8000a0497970 x28: 1ffff00011ece29b x27: dfff800000000000 [ 78.616030][ T2067] x26: ffff0000cb815718 x25: dfff800000000000 x24: 0000000000000001 [ 78.618184][ T2067] x23: ffff0000c2b17028 x22: 1fffe0001973eb71 x21: 0000000000000000 [ 78.620379][ T2067] x20: ffff8000891ac9a0 x19: 0000000000000000 x18: 1fffe000337d4076 [ 78.622462][ T2067] x17: ffff80008f66e000 x16: ffff80008aefca08 x15: 0000000000000001 [ 78.624582][ T2067] x14: 1fffe000337d6af0 x13: 0000000000000000 x12: 0000000000000000 [ 78.626827][ T2067] x11: ffff800093162c08 x10: 0000000000000003 x9 : 283639b8cbd2fd00 [ 78.629118][ T2067] x8 : 283639b8cbd2fd00 x7 : ffff800080488aac x6 : 0000000000000000 [ 78.631341][ T2067] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 78.633674][ T2067] x2 : 0000000000000006 x1 : ffff80008b538920 x0 : 0000000000000001 [ 78.635912][ T2067] Call trace: [ 78.636772][ T2067] vfree+0x32c/0x3dc (P) [ 78.637958][ T2067] kvfree_rcu_bulk+0xc4/0x228 [ 78.639238][ T2067] kfree_rcu_work+0xe0/0x140 [ 78.640438][ T2067] process_one_work+0x7e8/0x155c [ 78.641746][ T2067] worker_thread+0x958/0xed8 [ 78.642974][ T2067] kthread+0x5fc/0x75c [ 78.644091][ T2067] ret_from_fork+0x10/0x20 [ 78.645236][ T2067] irq event stamp: 573750 [ 78.646348][ T2067] hardirqs last enabled at (573749): [] finish_lock_switch+0xb0/0x1c0 [ 78.648915][ T2067] hardirqs last disabled at (573750): [] el1_brk64+0x1c/0x48 [ 78.651477][ T2067] softirqs last enabled at (573722): [] handle_softirqs+0xaf8/0xc88 [ 78.654121][ T2067] softirqs last disabled at (573543): [] __do_softirq+0x14/0x20 [ 78.656535][ T2067] ---[ end trace 0000000000000000 ]---