------------[ cut here ]------------
WARNING: CPU: 1 PID: 149 at mm/page_alloc.c:5234 __alloc_pages_noprof+0xe8/0x7b0 mm/page_alloc.c:5234
Modules linked in:
CPU: 1 UID: 0 PID: 149 Comm: dhcpcd Not tainted syzkaller #0 82d251c860f9666d1b439a89588215a6c0522fea
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
RIP: 0010:__alloc_pages_noprof+0xe8/0x7b0 mm/page_alloc.c:5234
Code: 00 0f 1f 44 00 00 83 fb 0b 72 28 b8 00 20 00 00 23 44 24 40 75 1d 80 3d 02 10 ee 05 00 0f 85 be 00 00 00 c6 05 f5 0f ee 05 01 <0f> 0b 31 c0 e9 b0 00 00 00 83 fb 0a 0f 87 a5 00 00 00 44 8b 64 24
RSP: 0018:ffffc900002309a0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 000000000000000c RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90000230a58
RBP: ffffc90000230ad0 R08: ffffc90000230a57 R09: 0000000000000000
R10: ffffc90000230a40 R11: fffff5200004614b R12: ffffc900002309e0
R13: dffffc0000000000 R14: 1ffff92000046138 R15: 0000000000000000
FS:  00007fbf9ead3740(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000559ce1b74da8 CR3: 000000011e148000 CR4: 00000000003526b0
Call Trace:
 <IRQ>
 ___kmalloc_large_node+0x81/0x220 mm/slub.c:-1
 __kmalloc_large_node_noprof+0x1e/0xe0 mm/slub.c:4343
 __do_kmalloc_node mm/slub.c:4359 [inline]
 __kmalloc_node_track_caller_noprof+0x321/0x520 mm/slub.c:4390
 kmalloc_reserve+0x380/0x500 net/core/skbuff.c:626
 __alloc_skb+0x144/0x370 net/core/skbuff.c:687
 __netdev_alloc_skb+0x108/0x420 net/core/skbuff.c:751
 rx_submit+0x110/0x8e0 drivers/net/usb/usbnet.c:-1
 rx_alloc_submit+0xaa/0x140 drivers/net/usb/usbnet.c:1531
 usbnet_bh+0x76c/0x990 drivers/net/usb/usbnet.c:1600
 usbnet_bh_tasklet+0x20/0x30 drivers/net/usb/usbnet.c:1618
 tasklet_action_common+0x235/0x630 kernel/softirq.c:856
 tasklet_action+0x28/0x30 kernel/softirq.c:882
 handle_softirqs+0x1ab/0x630 kernel/softirq.c:621
 __do_softirq kernel/softirq.c:659 [inline]
 invoke_softirq kernel/softirq.c:476 [inline]
 __irq_exit_rcu+0x48/0xc0 kernel/softirq.c:708
 irq_exit_rcu+0xd/0x30 kernel/softirq.c:720
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x82/0x90 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1f/0x30 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__pm_runtime_resume+0x33/0xa0 drivers/base/power/runtime.c:1169
Code: 57 41 56 41 54 53 89 f3 49 89 fe e8 a7 00 49 fe 89 de 83 e6 04 31 ff e8 db 04 49 fe 89 d8 83 e0 04 75 07 e8 8f 00 49 fe eb 1e <e8> 88 00 49 fe 49 8d be e0 01 00 00 be 04 00 00 00 e8 f7 70 9f fe
RSP: 0018:ffffc90000fbf6c0 EFLAGS: 00000202
RAX: 0000000000000004 RBX: 0000000000000004 RCX: 0000000000000000
RDX: ffff88811e1c2600 RSI: 0000000000000004 RDI: 0000000000000000
RBP: ffffc90000fbf6e0 R08: ffff88811a3b2ba3 R09: 1ffff11023476574
R10: dffffc0000000000 R11: ffffed1023476575 R12: 0000000000000000
R13: 1ffff11023476559 R14: ffff888116f44050 R15: ffff88811a3b2ba0
 pm_runtime_resume_and_get include/linux/pm_runtime.h:432 [inline]
 usb_autopm_get_interface+0x25/0xf0 drivers/usb/core/driver.c:1886
 cdc_mbim_manage_power+0xbd/0x180 drivers/net/usb/cdc_mbim.c:53
 usbnet_open+0x6bf/0xd90 drivers/net/usb/usbnet.c:960
 __dev_open+0x36f/0x500 net/core/dev.c:1547
 __dev_change_flags+0x21a/0x6a0 net/core/dev.c:8935
 dev_change_flags+0x89/0x1a0 net/core/dev.c:9007
 devinet_ioctl+0x798/0x1950 net/ipv4/devinet.c:1188
 inet_ioctl+0x3ca/0x4d0 net/ipv4/af_inet.c:1008
 sock_do_ioctl+0x105/0x330 net/socket.c:1228
 sock_ioctl+0x634/0x7b0 net/socket.c:1347
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:907 [inline]
 __se_sys_ioctl+0x135/0x1b0 fs/ioctl.c:893
 __x64_sys_ioctl+0x7f/0xa0 fs/ioctl.c:893
 x64_sys_call+0x1878/0x2ee0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x58/0xf0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x76/0x7e
RIP: 0033:0x7fbf9ebd3378
Code: 00 00 48 8d 44 24 08 48 89 54 24 e0 48 89 44 24 c0 48 8d 44 24 d0 48 89 44 24 c8 b8 10 00 00 00 c7 44 24 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 07 89 d0 c3 0f 1f 40 00 48 8b 15 49 3a 0d
RSP: 002b:00007ffde7105928 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000012 RCX: 00007fbf9ebd3378
RDX: 00007ffde7115b20 RSI: 0000000000008914 RDI: 0000000000000012
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffde7125cc0
R13: 00007fbf9ead36c8 R14: 0000000000000028 R15: 0000000000008914
 </TASK>
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	57                   	push   %rdi
   1:	41 56                	push   %r14
   3:	41 54                	push   %r12
   5:	53                   	push   %rbx
   6:	89 f3                	mov    %esi,%ebx
   8:	49 89 fe             	mov    %rdi,%r14
   b:	e8 a7 00 49 fe       	call   0xfe4900b7
  10:	89 de                	mov    %ebx,%esi
  12:	83 e6 04             	and    $0x4,%esi
  15:	31 ff                	xor    %edi,%edi
  17:	e8 db 04 49 fe       	call   0xfe4904f7
  1c:	89 d8                	mov    %ebx,%eax
  1e:	83 e0 04             	and    $0x4,%eax
  21:	75 07                	jne    0x2a
  23:	e8 8f 00 49 fe       	call   0xfe4900b7
  28:	eb 1e                	jmp    0x48
* 2a:	e8 88 00 49 fe       	call   0xfe4900b7 <-- trapping instruction
  2f:	49 8d be e0 01 00 00 	lea    0x1e0(%r14),%rdi
  36:	be 04 00 00 00       	mov    $0x4,%esi
  3b:	e8 f7 70 9f fe       	call   0xfe9f7137