syzbot

 sign-in | mailing list | source | docs
🐞 Open [1605]
Subsystems
🐞 Fixed [6300]
🐞 Invalid [16050]
Missing Backports [190]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

upstream-arm64 test error: WARNING in __apply_to_page_range

Status: upstream: reported on 2025/05/10 10:27
Subsystems: arm
[Documentation on labels]
Reported-by: syzbot+5c0d9392e042f41d45c5@syzkaller.appspotmail.com
Fix commit: b81c688426a9 arm64/mm: Disable barrier batching in interrupt contexts
Patched on: [ci-qemu-gce-upstream-auto ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-snapshot-upstream-root ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci-upstream-rust-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu-native-arm64-kvm]
First crash: 40d, last: 35d
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] arm64/mm: Disable barrier batching in interrupt contexts 14 (14) 2025/05/14 15:14
[syzbot] [arm?] upstream-arm64 test error: WARNING in __apply_to_page_range 3 (4) 2025/05/12 09:31

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007160
x29: ffff800080007280 x28: ffff0001ffbb2fff x27: ffff0001fec50fe8
x26: ffff0001ffbb3000 x25: dfff800000000000 x24: ffff0001ffbb2000
x23: ffff0001fea8ed90 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 0000000006e02267
x17: 0000000000020010 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb977 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb978 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007360 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kmem_cache_free+0x250/0x550 mm/slub.c:4744
 skb_kfree_head net/core/skbuff.c:1056 [inline]
 skb_free_head+0xbc/0x198 net/core/skbuff.c:1070
 skb_release_data+0x66c/0x820 net/core/skbuff.c:1097
 skb_release_all net/core/skbuff.c:1162 [inline]
 __kfree_skb net/core/skbuff.c:1176 [inline]
 consume_skb+0xb0/0x130 net/core/skbuff.c:1408
 arp_process+0xb78/0x12b8 net/ipv4/arp.c:941
 NF_HOOK+0x2b8/0x34c include/linux/netfilter.h:314
 arp_rcv+0x2a8/0x430 net/ipv4/arp.c:991
 __netif_receive_skb_list_ptype net/core/dev.c:5935 [inline]
 __netif_receive_skb_list_core+0x60c/0x67c net/core/dev.c:5977
 __netif_receive_skb_list net/core/dev.c:6029 [inline]
 netif_receive_skb_list_internal+0x74c/0x9e0 net/core/dev.c:6120
 gro_normal_list include/net/gro.h:532 [inline]
 napi_complete_done+0x250/0x614 net/core/dev.c:6490
 gve_napi_poll+0x1f4/0x3ac drivers/net/ethernet/google/gve/gve_main.c:388
 __napi_poll+0xb4/0x3fc net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0x5d4/0xcc8 net/core/dev.c:7510
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 120319
hardirqs last  enabled at (120318): [<ffff80008adb3790>] __el1_irq arch/arm64/kernel/entry-common.c:588 [inline]
hardirqs last  enabled at (120318): [<ffff80008adb3790>] el1_interrupt+0x44/0x54 arch/arm64/kernel/entry-common.c:598
hardirqs last disabled at (120319): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (120270): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (120270): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (120277): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007120
x29: ffff800080007240 x28: ffff0001ffbb4fff x27: ffff0001fec50fe8
x26: ffff0001ffbb5000 x25: dfff800000000000 x24: ffff0001ffbb4000
x23: ffff0001fea8eda0 x22: 0000000000000500 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: 0000000000a000ae x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb950 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb951 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007320 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000500 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kmem_cache_free+0x250/0x550 mm/slub.c:4744
 kfree_skbmem+0x14c/0x1dc net/core/skbuff.c:-1
 __kfree_skb net/core/skbuff.c:1177 [inline]
 consume_skb+0xb8/0x130 net/core/skbuff.c:1408
 ifb_xmit+0x174/0x53c drivers/net/ifb.c:346
 __netdev_start_xmit include/linux/netdevice.h:5203 [inline]
 netdev_start_xmit include/linux/netdevice.h:5212 [inline]
 xmit_one net/core/dev.c:3776 [inline]
 dev_hard_start_xmit+0x2b0/0x8ac net/core/dev.c:3792
 sch_direct_xmit+0x1fc/0x468 net/sched/sch_generic.c:343
 __dev_xmit_skb net/core/dev.c:4018 [inline]
 __dev_queue_xmit+0x13b4/0x31f0 net/core/dev.c:4595
 dev_queue_xmit include/linux/netdevice.h:3350 [inline]
 lapbeth_data_transmit+0x1fc/0x2a8 drivers/net/wan/lapbether.c:260
 lapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447
 lapb_transmit_buffer+0x160/0x208 net/lapb/lapb_out.c:149
 lapb_send_control+0x21c/0x320 net/lapb/lapb_subr.c:251
 lapb_t1timer_expiry+0x490/0x864 net/lapb/lapb_timer.c:-1
 call_timer_fn+0x1b4/0x818 kernel/time/timer.c:1789
 expire_timers kernel/time/timer.c:1840 [inline]
 __run_timers kernel/time/timer.c:2414 [inline]
 __run_timer_base+0x51c/0x76c kernel/time/timer.c:2426
 run_timer_base kernel/time/timer.c:2435 [inline]
 run_timer_softirq+0xcc/0x194 kernel/time/timer.c:2445
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 120585
hardirqs last  enabled at (120584): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (120584): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (120585): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (120554): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (120554): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (120561): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6357 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 6357 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 6357 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 6357 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 6357 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 6357 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 6357 Comm: dhcpcd-run-hook Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007900
x29: ffff800080007a20 x28: ffff0001ffbb8fff x27: ffff0001fec50fe8
x26: ffff0001ffbb9000 x25: dfff800000000000 x24: ffff0001ffbb8000
x23: ffff0001fea8edc0 x22: 0000000000000100 x21: ffff0000d6a59e80
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb97a x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb97b x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000d6a59e80 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007b00 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x268/0x474 mm/slub.c:4841
 slab_free_after_rcu_debug+0x78/0x2f4 mm/slub.c:4679
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable arch/arm64/include/asm/irqflags.h:48 [inline] (P)
 raw_spin_rq_unlock_irq kernel/sched/sched.h:1525 [inline] (P)
 finish_lock_switch+0xb4/0x1c0 kernel/sched/core.c:5130 (P)
 finish_task_switch+0x120/0x5a4 kernel/sched/core.c:5248
 schedule_tail+0x2c/0x3a4 kernel/sched/core.c:5307
 ret_from_fork+0x4/0x20 arch/arm64/kernel/entry.S:847
irq event stamp: 19
hardirqs last  enabled at (18): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (18): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (19): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (0): [<ffff8000803abfb0>] copy_process+0x112c/0x318c kernel/fork.c:2374
softirqs last disabled at (3): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007900
x29: ffff800080007a20 x28: ffff0001ffbc6fff x27: ffff0001fec50fe8
x26: ffff0001ffbc7000 x25: dfff800000000000 x24: ffff0001ffbc6000
x23: ffff0001fea8ee30 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: 0000000000000002 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb952 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb953 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007b00 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x268/0x474 mm/slub.c:4841
 slab_free_after_rcu_debug+0x78/0x2f4 mm/slub.c:4679
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 132857
hardirqs last  enabled at (132856): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (132856): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (132857): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (132680): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (132680): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (132817): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007900
x29: ffff800080007a20 x28: ffff0001ffbccfff x27: ffff0001fec50fe8
x26: ffff0001ffbcd000 x25: dfff800000000000 x24: ffff0001ffbcc000
x23: ffff0001fea8ee60 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: 0000000000000000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb97a x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb97b x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007b00 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x268/0x474 mm/slub.c:4841
 slab_free_after_rcu_debug+0x78/0x2f4 mm/slub.c:4679
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 141151
hardirqs last  enabled at (141150): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (141150): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (141151): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (141080): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (141080): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (141119): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6420 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 6420 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 6420 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 6420 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 6420 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 6420 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 6420 Comm: sed Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff8000800079c0
x29: ffff800080007ae0 x28: ffff0001ffbd0fff x27: ffff0001fec50fe8
x26: ffff0001ffbd1000 x25: dfff800000000000 x24: ffff0001ffbd0000
x23: ffff0001fea8ee80 x22: 0000000000000100 x21: ffff0000c7405b80
x20: 100000023ea8e403 x19: 0000000000000001 x18: 0000000000000000
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb970 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb971 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c7405b80 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007bc0 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 rcu_guarded_free+0x4c/0x5c mm/kfence/core.c:587
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 preempt_count+0x40/0x68 arch/arm64/include/asm/preempt.h:13 (P)
 check_preemption_disabled+0x30/0xe4 lib/smp_processor_id.c:16
 debug_smp_processor_id+0x20/0x2c lib/smp_processor_id.c:60
 rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
 rcu_is_watching+0x50/0x134 kernel/rcu/tree.c:736
 trace_lock_acquire include/trace/events/lock.h:24 [inline]
 lock_acquire+0x80/0x2e0 kernel/locking/lockdep.c:5829
 rcu_lock_acquire+0x40/0x4c include/linux/rcupdate.h:331
 rcu_read_lock include/linux/rcupdate.h:841 [inline]
 mntput_no_expire+0xb8/0x73c fs/namespace.c:1461
 mntput+0x60/0xcc fs/namespace.c:1531
 path_put fs/namei.c:627 [inline]
 put_link fs/namei.c:1095 [inline]
 walk_component+0x1b0/0x364 fs/namei.c:2143
 link_path_walk+0x5e8/0xc60 fs/namei.c:2500
 path_openat+0x1cc/0x2c40 fs/namei.c:4035
 do_filp_open+0x18c/0x36c fs/namei.c:4066
 do_sys_openat2+0x11c/0x1b4 fs/open.c:1429
 do_sys_open fs/open.c:1444 [inline]
 __do_sys_openat fs/open.c:1460 [inline]
 __se_sys_openat fs/open.c:1455 [inline]
 __arm64_sys_openat+0x120/0x158 fs/open.c:1455
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 2647
hardirqs last  enabled at (2646): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (2646): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (2647): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (1556): [<ffff8000801fbf10>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (2609): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff8000800079c0
x29: ffff800080007ae0 x28: ffff0001ffbdafff x27: ffff0001fec50fe8
x26: ffff0001ffbdb000 x25: dfff800000000000 x24: ffff0001ffbda000
x23: ffff0001fea8eed0 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: 0000000000000000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb940 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb941 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007bc0 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 rcu_guarded_free+0x4c/0x5c mm/kfence/core.c:587
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 152745
hardirqs last  enabled at (152744): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (152744): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (152745): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (152644): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (152644): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (152671): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007900
x29: ffff800080007a20 x28: ffff0001ffbeafff x27: ffff0001fec50fe8
x26: ffff0001ffbeb000 x25: dfff800000000000 x24: ffff0001ffbea000
x23: ffff0001fea8ef50 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfba01 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfba02 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007b00 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x268/0x474 mm/slub.c:4841
 slab_free_after_rcu_debug+0x78/0x2f4 mm/slub.c:4679
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 165745
hardirqs last  enabled at (165744): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (165744): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (165745): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (165684): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (165684): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (165699): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007900
x29: ffff800080007a20 x28: ffff0001ffbeefff x27: ffff0001fec50fe8
x26: ffff0001ffbef000 x25: dfff800000000000 x24: ffff0001ffbee000
x23: ffff0001fea8ef70 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfba01 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfba02 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007b00 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x268/0x474 mm/slub.c:4841
 slab_free_after_rcu_debug+0x78/0x2f4 mm/slub.c:4679
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 167077
hardirqs last  enabled at (167076): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (167076): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (167077): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (167030): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (167030): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (167043): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080006b20
x29: ffff800080006c40 x28: ffff0001ffbf2fff x27: ffff0001fec50fe8
x26: ffff0001ffbf3000 x25: dfff800000000000 x24: ffff0001ffbf2000
x23: ffff0001fea8ef90 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 00000000ffffffff
x17: ffff800092f37000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb977 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb978 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080006d20 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kmem_cache_free+0x250/0x550 mm/slub.c:4744
 skb_kfree_head net/core/skbuff.c:1056 [inline]
 skb_free_head+0xbc/0x198 net/core/skbuff.c:1070
 skb_release_data+0x66c/0x820 net/core/skbuff.c:1097
 skb_release_all net/core/skbuff.c:1162 [inline]
 __kfree_skb net/core/skbuff.c:1176 [inline]
 consume_skb+0xb0/0x130 net/core/skbuff.c:1408
 tcp_rcv_state_process+0x1288/0x3630 net/ipv4/tcp_input.c:6808
 tcp_v4_do_rcv+0x704/0xbc4 net/ipv4/tcp_ipv4.c:1948
 tcp_v4_rcv+0x1dd0/0x28b8 net/ipv4/tcp_ipv4.c:2353
 ip_protocol_deliver_rcu+0x1f8/0x484 net/ipv4/ip_input.c:205
 ip_local_deliver_finish+0x27c/0x4e8 net/ipv4/ip_input.c:233
 NF_HOOK+0x2c4/0x358 include/linux/netfilter.h:314
 ip_local_deliver+0x120/0x194 net/ipv4/ip_input.c:254
 dst_input include/net/dst.h:469 [inline]
 ip_sublist_rcv_finish net/ipv4/ip_input.c:578 [inline]
 ip_list_rcv_finish net/ipv4/ip_input.c:627 [inline]
 ip_sublist_rcv+0x8a0/0xb68 net/ipv4/ip_input.c:635
 ip_list_rcv+0x398/0x3ec net/ipv4/ip_input.c:669
 __netif_receive_skb_list_ptype net/core/dev.c:5930 [inline]
 __netif_receive_skb_list_core+0x4e4/0x67c net/core/dev.c:5977
 __netif_receive_skb_list net/core/dev.c:6029 [inline]
 netif_receive_skb_list_internal+0x74c/0x9e0 net/core/dev.c:6120
 gro_normal_list include/net/gro.h:532 [inline]
 napi_complete_done+0x250/0x614 net/core/dev.c:6490
 gve_napi_poll+0x1f4/0x3ac drivers/net/ethernet/google/gve/gve_main.c:388
 __napi_poll+0xb4/0x3fc net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0x5d4/0xcc8 net/core/dev.c:7510
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 168919
hardirqs last  enabled at (168918): [<ffff80008adb3790>] __el1_irq arch/arm64/kernel/entry-common.c:588 [inline]
hardirqs last  enabled at (168918): [<ffff80008adb3790>] el1_interrupt+0x44/0x54 arch/arm64/kernel/entry-common.c:598
hardirqs last disabled at (168919): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (168832): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (168832): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (168853): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007120
x29: ffff800080007240 x28: ffff0001ffbf8fff x27: ffff0001fec50fe8
x26: ffff0001ffbf9000 x25: dfff800000000000 x24: ffff0001ffbf8000
x23: ffff0001fea8efc0 x22: 0000000000000500 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: 0000000000a000ae x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb950 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb951 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007320 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000500 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kmem_cache_free+0x250/0x550 mm/slub.c:4744
 kfree_skbmem+0x14c/0x1dc net/core/skbuff.c:-1
 __kfree_skb net/core/skbuff.c:1177 [inline]
 consume_skb+0xb8/0x130 net/core/skbuff.c:1408
 ifb_xmit+0x174/0x53c drivers/net/ifb.c:346
 __netdev_start_xmit include/linux/netdevice.h:5203 [inline]
 netdev_start_xmit include/linux/netdevice.h:5212 [inline]
 xmit_one net/core/dev.c:3776 [inline]
 dev_hard_start_xmit+0x2b0/0x8ac net/core/dev.c:3792
 sch_direct_xmit+0x1fc/0x468 net/sched/sch_generic.c:343
 __dev_xmit_skb net/core/dev.c:4018 [inline]
 __dev_queue_xmit+0x13b4/0x31f0 net/core/dev.c:4595
 dev_queue_xmit include/linux/netdevice.h:3350 [inline]
 lapbeth_data_transmit+0x1fc/0x2a8 drivers/net/wan/lapbether.c:260
 lapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447
 lapb_transmit_buffer+0x160/0x208 net/lapb/lapb_out.c:149
 lapb_send_control+0x21c/0x320 net/lapb/lapb_subr.c:251
 lapb_t1timer_expiry+0x490/0x864 net/lapb/lapb_timer.c:-1
 call_timer_fn+0x1b4/0x818 kernel/time/timer.c:1789
 expire_timers kernel/time/timer.c:1840 [inline]
 __run_timers kernel/time/timer.c:2414 [inline]
 __run_timer_base+0x51c/0x76c kernel/time/timer.c:2426
 run_timer_base kernel/time/timer.c:2435 [inline]
 run_timer_softirq+0xcc/0x194 kernel/time/timer.c:2445
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 170883
hardirqs last  enabled at (170882): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (170882): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (170883): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (170838): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (170838): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (170851): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 6480 Comm: syz-executor Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff8000800079c0
x29: ffff800080007ae0 x28: ffff0001ffbfafff x27: ffff0001fec50fe8
x26: ffff0001ffbfb000 x25: dfff800000000000 x24: ffff0001ffbfa000
x23: ffff0001fea8efd0 x22: 0000000000000100 x21: ffff0000c97b0000
x20: 100000023ea8e403 x19: 0000000000000001 x18: 0000000000000000
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfba19 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfba1a x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c97b0000 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007bc0 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 rcu_guarded_free+0x4c/0x5c mm/kfence/core.c:587
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 preempt_count arch/arm64/include/asm/preempt.h:13 [inline] (P)
 check_kcov_mode kernel/kcov.c:183 [inline] (P)
 write_comp_data kernel/kcov.c:246 [inline] (P)
 __sanitizer_cov_trace_const_cmp1+0x14/0xa0 kernel/kcov.c:300 (P)
 vsnprintf+0xcc/0xd60 lib/vsprintf.c:2795
 seq_vprintf fs/seq_file.c:391 [inline]
 seq_printf+0x148/0x22c fs/seq_file.c:406
 s_show+0x194/0x294 kernel/kallsyms.c:743
 seq_read_iter+0x85c/0xc2c fs/seq_file.c:272
 seq_read+0x238/0x33c fs/seq_file.c:162
 pde_read fs/proc/inode.c:308 [inline]
 proc_reg_read+0x17c/0x2d4 fs/proc/inode.c:320
 vfs_read+0x22c/0x898 fs/read_write.c:568
 ksys_read+0x120/0x210 fs/read_write.c:713
 __do_sys_read fs/read_write.c:722 [inline]
 __se_sys_read fs/read_write.c:720 [inline]
 __arm64_sys_read+0x7c/0x90 fs/read_write.c:720
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 33537
hardirqs last  enabled at (33536): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (33536): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (33537): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (31960): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (31960): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (33519): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 6480 Comm: syz-executor Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 404000c5 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080006f80
x29: ffff8000800070a0 x28: ffff0001ffa0cfff x27: ffff0001fec50fe8
x26: ffff0001ffa0d000 x25: dfff800000000000 x24: ffff0001ffa0c000
x23: ffff0001fea8e060 x22: 0000000000000100 x21: ffff0000c97b0000
x20: 100000023ea8e403 x19: 0000000000000001 x18: 0000000000000000
x17: ffff80010d0e8000 x16: ffff80008adb82bc x15: ffff700010000e38
x14: 1ffff00010000e38 x13: 0000000000000004 x12: ffffffffffffffff
x11: 000000008e6001b3 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c97b0000 x7 : ffff800080c2c30c x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007180 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_unprotect mm/kfence/core.c:252 [inline]
 kfence_guarded_alloc+0x2e8/0xb08 mm/kfence/core.c:459
 __kfence_alloc+0x394/0x45c mm/kfence/core.c:1138
 kfence_alloc include/linux/kfence.h:129 [inline]
 slab_alloc_node mm/slub.c:4180 [inline]
 kmem_cache_alloc_node_noprof+0x34c/0x3f4 mm/slub.c:4248
 kmalloc_reserve+0xc4/0x268 net/core/skbuff.c:577
 __alloc_skb+0x170/0x2ec net/core/skbuff.c:668
 napi_alloc_skb+0xa0/0x5fc net/core/skbuff.c:810
 gve_rx_copy_data+0x40/0x1a0 drivers/net/ethernet/google/gve/gve_utils.c:72
 gve_rx_copy+0x8c/0xe8 drivers/net/ethernet/google/gve/gve_utils.c:89
 gve_rx_skb drivers/net/ethernet/google/gve/gve_rx.c:663 [inline]
 gve_rx drivers/net/ethernet/google/gve/gve_rx.c:884 [inline]
 gve_clean_rx_done drivers/net/ethernet/google/gve/gve_rx.c:1024 [inline]
 gve_rx_poll+0xa08/0x365c drivers/net/ethernet/google/gve/gve_rx.c:1095
 gve_napi_poll+0x140/0x3ac drivers/net/ethernet/google/gve/gve_main.c:372
 __napi_poll+0xb4/0x3fc net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0x5d4/0xcc8 net/core/dev.c:7510
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 vsnprintf+0x338/0xd60 lib/vsprintf.c:-1 (P)
 seq_vprintf fs/seq_file.c:391 [inline]
 seq_printf+0x148/0x22c fs/seq_file.c:406
 s_show+0x194/0x294 kernel/kallsyms.c:743
 seq_read_iter+0x85c/0xc2c fs/seq_file.c:272
 seq_read+0x238/0x33c fs/seq_file.c:162
 pde_read fs/proc/inode.c:308 [inline]
 proc_reg_read+0x17c/0x2d4 fs/proc/inode.c:320
 vfs_read+0x22c/0x898 fs/read_write.c:568
 ksys_read+0x120/0x210 fs/read_write.c:713
 __do_sys_read fs/read_write.c:722 [inline]
 __se_sys_read fs/read_write.c:720 [inline]
 __arm64_sys_read+0x7c/0x90 fs/read_write.c:720
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 61055
hardirqs last  enabled at (61054): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (61054): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (61055): [<ffff800080c2c300>] kfence_guarded_alloc+0x190/0xb08 mm/kfence/core.c:438
softirqs last  enabled at (60990): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (60990): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (61045): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:67 queue_pte_barriers arch/arm64/include/asm/pgtable.h:67 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:67 __set_pte_complete arch/arm64/include/asm/pgtable.h:387 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:67 __set_pte arch/arm64/include/asm/pgtable.h:393 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:67 change_page_range+0x188/0x1cc arch/arm64/mm/pageattr.c:48
Modules linked in:
CPU: 0 UID: 0 PID: 6480 Comm: syz-executor Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 404000c5 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : queue_pte_barriers arch/arm64/include/asm/pgtable.h:67 [inline]
pc : __set_pte_complete arch/arm64/include/asm/pgtable.h:387 [inline]
pc : __set_pte arch/arm64/include/asm/pgtable.h:393 [inline]
pc : change_page_range+0x188/0x1cc arch/arm64/mm/pageattr.c:48
lr : queue_pte_barriers arch/arm64/include/asm/pgtable.h:67 [inline]
lr : __set_pte_complete arch/arm64/include/asm/pgtable.h:387 [inline]
lr : __set_pte arch/arm64/include/asm/pgtable.h:393 [inline]
lr : change_page_range+0x188/0x1cc arch/arm64/mm/pageattr.c:48
sp : ffff800080006f40
x29: ffff800080006f40 x28: ffff0001ffa0cfff x27: ffff0001fec50fe8
x26: ffff0001ffa0d000 x25: ffff0001ffa0c000 x24: ffff0001ffa0c000
x23: 006800023fa0c707 x22: 0040000000000001 x21: dfff800000000000
x20: 0000000000000100 x19: ffff0000c97b0000 x18: 0000000000000000
x17: ffff80010d0e8000 x16: ffff80008adb82bc x15: 0000000000000001
x14: 1fffe000192f6000 x13: 0000000000000000 x12: 0000000000000000
x11: ffff6000192f6001 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c97b0000 x7 : ffff800080c2c30c x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007180 x3 : ffff800080ac62d0
x2 : ffff800080007180 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 queue_pte_barriers arch/arm64/include/asm/pgtable.h:67 [inline] (P)
 __set_pte_complete arch/arm64/include/asm/pgtable.h:387 [inline] (P)
 __set_pte arch/arm64/include/asm/pgtable.h:393 [inline] (P)
 change_page_range+0x188/0x1cc arch/arm64/mm/pageattr.c:48 (P)
 apply_to_pte_range mm/memory.c:2941 [inline]
 apply_to_pmd_range mm/memory.c:2985 [inline]
 apply_to_pud_range mm/memory.c:3021 [inline]
 apply_to_p4d_range mm/memory.c:3057 [inline]
 __apply_to_page_range+0xd58/0x13e4 mm/memory.c:3093
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_unprotect mm/kfence/core.c:252 [inline]
 kfence_guarded_alloc+0x2e8/0xb08 mm/kfence/core.c:459
 __kfence_alloc+0x394/0x45c mm/kfence/core.c:1138
 kfence_alloc include/linux/kfence.h:129 [inline]
 slab_alloc_node mm/slub.c:4180 [inline]
 kmem_cache_alloc_node_noprof+0x34c/0x3f4 mm/slub.c:4248
 kmalloc_reserve+0xc4/0x268 net/core/skbuff.c:577
 __alloc_skb+0x170/0x2ec net/core/skbuff.c:668
 napi_alloc_skb+0xa0/0x5fc net/core/skbuff.c:810
 gve_rx_copy_data+0x40/0x1a0 drivers/net/ethernet/google/gve/gve_utils.c:72
 gve_rx_copy+0x8c/0xe8 drivers/net/ethernet/google/gve/gve_utils.c:89
 gve_rx_skb drivers/net/ethernet/google/gve/gve_rx.c:663 [inline]
 gve_rx drivers/net/ethernet/google/gve/gve_rx.c:884 [inline]
 gve_clean_rx_done drivers/net/ethernet/google/gve/gve_rx.c:1024 [inline]
 gve_rx_poll+0xa08/0x365c drivers/net/ethernet/google/gve/gve_rx.c:1095
 gve_napi_poll+0x140/0x3ac drivers/net/ethernet/google/gve/gve_main.c:372
 __napi_poll+0xb4/0x3fc net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0x5d4/0xcc8 net/core/dev.c:7510
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 vsnprintf+0x338/0xd60 lib/vsprintf.c:-1 (P)
 seq_vprintf fs/seq_file.c:391 [inline]
 seq_printf+0x148/0x22c fs/seq_file.c:406
 s_show+0x194/0x294 kernel/kallsyms.c:743
 seq_read_iter+0x85c/0xc2c fs/seq_file.c:272
 seq_read+0x238/0x33c fs/seq_file.c:162
 pde_read fs/proc/inode.c:308 [inline]
 proc_reg_read+0x17c/0x2d4 fs/proc/inode.c:320
 vfs_read+0x22c/0x898 fs/read_write.c:568
 ksys_read+0x120/0x210 fs/read_write.c:713
 __do_sys_read fs/read_write.c:722 [inline]
 __se_sys_read fs/read_write.c:720 [inline]
 __arm64_sys_read+0x7c/0x90 fs/read_write.c:720
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 61055
hardirqs last  enabled at (61054): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (61054): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (61055): [<ffff800080c2c300>] kfence_guarded_alloc+0x190/0xb08 mm/kfence/core.c:438
softirqs last  enabled at (60990): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (60990): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (61045): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 6480 Comm: syz-executor Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007160
x29: ffff800080007280 x28: ffff0001ffa0cfff x27: ffff0001fec50fe8
x26: ffff0001ffa0d000 x25: dfff800000000000 x24: ffff0001ffa0c000
x23: ffff0001fea8e060 x22: 0000000000000100 x21: ffff0000c97b0000
x20: 100000023ea8e403 x19: 0000000000000001 x18: 0000000000000000
x17: 0000000000020010 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb977 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb978 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c97b0000 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007360 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kmem_cache_free+0x250/0x550 mm/slub.c:4744
 skb_kfree_head net/core/skbuff.c:1056 [inline]
 skb_free_head+0xbc/0x198 net/core/skbuff.c:1070
 skb_release_data+0x66c/0x820 net/core/skbuff.c:1097
 skb_release_all net/core/skbuff.c:1162 [inline]
 __kfree_skb net/core/skbuff.c:1176 [inline]
 consume_skb+0xb0/0x130 net/core/skbuff.c:1408
 arp_process+0xb78/0x12b8 net/ipv4/arp.c:941
 NF_HOOK+0x2b8/0x34c include/linux/netfilter.h:314
 arp_rcv+0x2a8/0x430 net/ipv4/arp.c:991
 __netif_receive_skb_list_ptype net/core/dev.c:5935 [inline]
 __netif_receive_skb_list_core+0x60c/0x67c net/core/dev.c:5977
 __netif_receive_skb_list net/core/dev.c:6029 [inline]
 netif_receive_skb_list_internal+0x74c/0x9e0 net/core/dev.c:6120
 gro_normal_list include/net/gro.h:532 [inline]
 napi_complete_done+0x250/0x614 net/core/dev.c:6490
 gve_napi_poll+0x1f4/0x3ac drivers/net/ethernet/google/gve/gve_main.c:388
 __napi_poll+0xb4/0x3fc net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0x5d4/0xcc8 net/core/dev.c:7510
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 vsnprintf+0x338/0xd60 lib/vsprintf.c:-1 (P)
 seq_vprintf fs/seq_file.c:391 [inline]
 seq_printf+0x148/0x22c fs/seq_file.c:406
 s_show+0x194/0x294 kernel/kallsyms.c:743
 seq_read_iter+0x85c/0xc2c fs/seq_file.c:272
 seq_read+0x238/0x33c fs/seq_file.c:162
 pde_read fs/proc/inode.c:308 [inline]
 proc_reg_read+0x17c/0x2d4 fs/proc/inode.c:320
 vfs_read+0x22c/0x898 fs/read_write.c:568
 ksys_read+0x120/0x210 fs/read_write.c:713
 __do_sys_read fs/read_write.c:722 [inline]
 __se_sys_read fs/read_write.c:720 [inline]
 __arm64_sys_read+0x7c/0x90 fs/read_write.c:720
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 61077
hardirqs last  enabled at (61076): [<ffff80008adb5b48>] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:85 [inline]
hardirqs last  enabled at (61076): [<ffff80008adb5b48>] exit_to_kernel_mode+0xc0/0xf0 arch/arm64/kernel/entry-common.c:95
hardirqs last disabled at (61077): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (60990): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (60990): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (61045): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 6480 Comm: syz-executor Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff8000800078a0
x29: ffff8000800079c0 x28: ffff0001ffa22fff x27: ffff0001fec50fe8
x26: ffff0001ffa23000 x25: dfff800000000000 x24: ffff0001ffa22000
x23: ffff0001fea8e110 x22: 0000000000000100 x21: ffff0000c97b0000
x20: 100000023ea8e403 x19: 0000000000000001 x18: 0000000000000000
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb994 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb995 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c97b0000 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007aa0 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kmem_cache_free+0x250/0x550 mm/slub.c:4744
 ptlock_free+0x54/0x6c mm/memory.c:7364
 pagetable_dtor include/linux/mm.h:3109 [inline]
 pagetable_dtor_free include/linux/mm.h:3116 [inline]
 __tlb_remove_table+0x30/0x274 include/asm-generic/tlb.h:215
 __tlb_remove_table_free mm/mmu_gather.c:227 [inline]
 tlb_remove_table_rcu+0x8c/0x19c mm/mmu_gather.c:290
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 resched_offsets_ok kernel/sched/core.c:8767 [inline] (P)
 __might_resched+0xfc/0x4c4 kernel/sched/core.c:8782 (P)
 __might_sleep+0x94/0x110 kernel/sched/core.c:8747
 __mutex_lock_common+0x10c/0x2190 kernel/locking/mutex.c:578
 __mutex_lock kernel/locking/mutex.c:746 [inline]
 mutex_lock_nested+0x2c/0x38 kernel/locking/mutex.c:798
 seq_read_iter+0xa8/0xc2c fs/seq_file.c:182
 seq_read+0x238/0x33c fs/seq_file.c:162
 pde_read fs/proc/inode.c:308 [inline]
 proc_reg_read+0x17c/0x2d4 fs/proc/inode.c:320
 vfs_read+0x22c/0x898 fs/read_write.c:568
 ksys_read+0x120/0x210 fs/read_write.c:713
 __do_sys_read fs/read_write.c:722 [inline]
 __se_sys_read fs/read_write.c:720 [inline]
 __arm64_sys_read+0x7c/0x90 fs/read_write.c:720
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 174473
hardirqs last  enabled at (174472): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (174472): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (174473): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (173946): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (173946): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (174395): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007900
x29: ffff800080007a20 x28: ffff0001ffa2afff x27: ffff0001fec50fe8
x26: ffff0001ffa2b000 x25: dfff800000000000 x24: ffff0001ffa2a000
x23: ffff0001fea8e150 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: 0000000000000001 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb981 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb982 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007b00 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x268/0x474 mm/slub.c:4841
 slab_free_after_rcu_debug+0x78/0x2f4 mm/slub.c:4679
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 172259
hardirqs last  enabled at (172258): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (172258): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (172259): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (172210): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (172210): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (172229): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 6480 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 6480 Comm: syz-executor Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007900
x29: ffff800080007a20 x28: ffff0001ffa7afff x27: ffff0001fec50fe8
x26: ffff0001ffa7b000 x25: dfff800000000000 x24: ffff0001ffa7a000
x23: ffff0001fea8e3d0 x22: 0000000000000100 x21: ffff0000c97b0000
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb981 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb982 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff0000c97b0000 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007b00 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x268/0x474 mm/slub.c:4841
 slab_free_after_rcu_debug+0x78/0x2f4 mm/slub.c:4679
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_restore arch/arm64/include/asm/irqflags.h:175 [inline] (P)
 arch_local_irq_restore arch/arm64/include/asm/irqflags.h:195 [inline] (P)
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline] (P)
 _raw_spin_unlock_irqrestore+0x44/0x98 kernel/locking/spinlock.c:194 (P)
 __debug_check_no_obj_freed lib/debugobjects.c:1108 [inline]
 debug_check_no_obj_freed+0x454/0x470 lib/debugobjects.c:1129
 free_pages_prepare mm/page_alloc.c:1269 [inline]
 __free_frozen_pages+0x4cc/0xd14 mm/page_alloc.c:2725
 free_frozen_pages+0x14/0x20 mm/page_alloc.c:2763
 __folio_put+0x2cc/0x3a0 mm/swap.c:112
 folio_put include/linux/mm.h:1580 [inline]
 put_page include/linux/mm.h:1649 [inline]
 skb_page_unref include/linux/skbuff_ref.h:43 [inline]
 __skb_frag_unref include/linux/skbuff_ref.h:56 [inline]
 skb_release_data+0x528/0x820 net/core/skbuff.c:1091
 skb_release_all net/core/skbuff.c:1162 [inline]
 __kfree_skb+0x58/0x78 net/core/skbuff.c:1176
 tcp_wmem_free_skb include/net/tcp.h:309 [inline]
 tcp_rtx_queue_unlink_and_free+0x2e8/0x4a0 include/net/tcp.h:2163
 tcp_clean_rtx_queue net/ipv4/tcp_input.c:3446 [inline]
 tcp_ack+0x1a3c/0x49b4 net/ipv4/tcp_input.c:4054
 tcp_rcv_established+0xe04/0x1cc0 net/ipv4/tcp_input.c:6220
 tcp_v4_do_rcv+0x3c0/0xbc4 net/ipv4/tcp_ipv4.c:1925
 sk_backlog_rcv include/net/sock.h:1132 [inline]
 __release_sock+0x19c/0x39c net/core/sock.c:3163
 __sk_flush_backlog+0x34/0xa0 net/core/sock.c:3183
 sk_flush_backlog include/net/sock.h:1195 [inline]
 tcp_sendmsg_locked+0x33d8/0x4160 net/ipv4/tcp.c:1172
 tcp_sendmsg+0x40/0x64 net/ipv4/tcp.c:1366
 inet_sendmsg+0x154/0x284 net/ipv4/af_inet.c:851
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg net/socket.c:727 [inline]
 sock_write_iter+0x25c/0x378 net/socket.c:1131
 new_sync_write fs/read_write.c:591 [inline]
 vfs_write+0x62c/0x97c fs/read_write.c:684
 ksys_write+0x120/0x210 fs/read_write.c:736
 __do_sys_write fs/read_write.c:747 [inline]
 __se_sys_write fs/read_write.c:744 [inline]
 __arm64_sys_write+0x7c/0x90 fs/read_write.c:744
 __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
 el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
 do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
 el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
 el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
 el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
irq event stamp: 570791
hardirqs last  enabled at (570790): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (570790): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (570791): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (570612): [<ffff800089049148>] spin_unlock_bh include/linux/spinlock.h:396 [inline]
softirqs last  enabled at (570612): [<ffff800089049148>] __release_sock+0x98/0x39c net/core/sock.c:3156
softirqs last disabled at (570619): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 404000c5 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080006f80
x29: ffff8000800070a0 x28: ffff0001ffa82fff x27: ffff0001fec50fe8
x26: ffff0001ffa83000 x25: dfff800000000000 x24: ffff0001ffa82000
x23: ffff0001fea8e410 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: ffff80010d0e8000 x16: ffff80008adb82bc x15: ffff700010000e38
x14: 1ffff00010000e38 x13: 0000000000000004 x12: ffffffffffffffff
x11: 000000008e6001b3 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2c30c x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007180 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_unprotect mm/kfence/core.c:252 [inline]
 kfence_guarded_alloc+0x2e8/0xb08 mm/kfence/core.c:459
 __kfence_alloc+0x394/0x45c mm/kfence/core.c:1138
 kfence_alloc include/linux/kfence.h:129 [inline]
 slab_alloc_node mm/slub.c:4180 [inline]
 kmem_cache_alloc_node_noprof+0x34c/0x3f4 mm/slub.c:4248
 kmalloc_reserve+0xc4/0x268 net/core/skbuff.c:577
 __alloc_skb+0x170/0x2ec net/core/skbuff.c:668
 napi_alloc_skb+0xa0/0x5fc net/core/skbuff.c:810
 gve_rx_copy_data+0x40/0x1a0 drivers/net/ethernet/google/gve/gve_utils.c:72
 gve_rx_copy+0x8c/0xe8 drivers/net/ethernet/google/gve/gve_utils.c:89
 gve_rx_skb drivers/net/ethernet/google/gve/gve_rx.c:663 [inline]
 gve_rx drivers/net/ethernet/google/gve/gve_rx.c:884 [inline]
 gve_clean_rx_done drivers/net/ethernet/google/gve/gve_rx.c:1024 [inline]
 gve_rx_poll+0xa08/0x365c drivers/net/ethernet/google/gve/gve_rx.c:1095
 gve_napi_poll+0x140/0x3ac drivers/net/ethernet/google/gve/gve_main.c:372
 __napi_poll+0xb4/0x3fc net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0x5d4/0xcc8 net/core/dev.c:7510
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 201929
hardirqs last  enabled at (201928): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (201928): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (201929): [<ffff800080c2c300>] kfence_guarded_alloc+0x190/0xb08 mm/kfence/core.c:438
softirqs last  enabled at (201912): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (201912): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (201919): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:67 queue_pte_barriers arch/arm64/include/asm/pgtable.h:67 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:67 __set_pte_complete arch/arm64/include/asm/pgtable.h:387 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:67 __set_pte arch/arm64/include/asm/pgtable.h:393 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:67 change_page_range+0x188/0x1cc arch/arm64/mm/pageattr.c:48
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 404000c5 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : queue_pte_barriers arch/arm64/include/asm/pgtable.h:67 [inline]
pc : __set_pte_complete arch/arm64/include/asm/pgtable.h:387 [inline]
pc : __set_pte arch/arm64/include/asm/pgtable.h:393 [inline]
pc : change_page_range+0x188/0x1cc arch/arm64/mm/pageattr.c:48
lr : queue_pte_barriers arch/arm64/include/asm/pgtable.h:67 [inline]
lr : __set_pte_complete arch/arm64/include/asm/pgtable.h:387 [inline]
lr : __set_pte arch/arm64/include/asm/pgtable.h:393 [inline]
lr : change_page_range+0x188/0x1cc arch/arm64/mm/pageattr.c:48
sp : ffff800080006f40
x29: ffff800080006f40 x28: ffff0001ffa82fff x27: ffff0001fec50fe8
x26: ffff0001ffa83000 x25: ffff0001ffa82000 x24: ffff0001ffa82000
x23: 006800023fa82707 x22: 0040000000000001 x21: dfff800000000000
x20: 0000000000000100 x19: ffff80008f346040 x18: 1fffe0003386aa76
x17: ffff80010d0e8000 x16: ffff80008adb82bc x15: 0000000000000001
x14: 1ffff00011e68c08 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700011e68c09 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2c30c x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007180 x3 : ffff800080ac62d0
x2 : ffff800080007180 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 queue_pte_barriers arch/arm64/include/asm/pgtable.h:67 [inline] (P)
 __set_pte_complete arch/arm64/include/asm/pgtable.h:387 [inline] (P)
 __set_pte arch/arm64/include/asm/pgtable.h:393 [inline] (P)
 change_page_range+0x188/0x1cc arch/arm64/mm/pageattr.c:48 (P)
 apply_to_pte_range mm/memory.c:2941 [inline]
 apply_to_pmd_range mm/memory.c:2985 [inline]
 apply_to_pud_range mm/memory.c:3021 [inline]
 apply_to_p4d_range mm/memory.c:3057 [inline]
 __apply_to_page_range+0xd58/0x13e4 mm/memory.c:3093
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_unprotect mm/kfence/core.c:252 [inline]
 kfence_guarded_alloc+0x2e8/0xb08 mm/kfence/core.c:459
 __kfence_alloc+0x394/0x45c mm/kfence/core.c:1138
 kfence_alloc include/linux/kfence.h:129 [inline]
 slab_alloc_node mm/slub.c:4180 [inline]
 kmem_cache_alloc_node_noprof+0x34c/0x3f4 mm/slub.c:4248
 kmalloc_reserve+0xc4/0x268 net/core/skbuff.c:577
 __alloc_skb+0x170/0x2ec net/core/skbuff.c:668
 napi_alloc_skb+0xa0/0x5fc net/core/skbuff.c:810
 gve_rx_copy_data+0x40/0x1a0 drivers/net/ethernet/google/gve/gve_utils.c:72
 gve_rx_copy+0x8c/0xe8 drivers/net/ethernet/google/gve/gve_utils.c:89
 gve_rx_skb drivers/net/ethernet/google/gve/gve_rx.c:663 [inline]
 gve_rx drivers/net/ethernet/google/gve/gve_rx.c:884 [inline]
 gve_clean_rx_done drivers/net/ethernet/google/gve/gve_rx.c:1024 [inline]
 gve_rx_poll+0xa08/0x365c drivers/net/ethernet/google/gve/gve_rx.c:1095
 gve_napi_poll+0x140/0x3ac drivers/net/ethernet/google/gve/gve_main.c:372
 __napi_poll+0xb4/0x3fc net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0x5d4/0xcc8 net/core/dev.c:7510
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 201929
hardirqs last  enabled at (201928): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (201928): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (201929): [<ffff800080c2c300>] kfence_guarded_alloc+0x190/0xb08 mm/kfence/core.c:438
softirqs last  enabled at (201912): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (201912): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (201919): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007160
x29: ffff800080007280 x28: ffff0001ffa82fff x27: ffff0001fec50fe8
x26: ffff0001ffa83000 x25: dfff800000000000 x24: ffff0001ffa82000
x23: ffff0001fea8e410 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: 0000000000020010 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb977 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb978 x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007360 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kmem_cache_free+0x250/0x550 mm/slub.c:4744
 skb_kfree_head net/core/skbuff.c:1056 [inline]
 skb_free_head+0xbc/0x198 net/core/skbuff.c:1070
 skb_release_data+0x66c/0x820 net/core/skbuff.c:1097
 skb_release_all net/core/skbuff.c:1162 [inline]
 __kfree_skb net/core/skbuff.c:1176 [inline]
 consume_skb+0xb0/0x130 net/core/skbuff.c:1408
 arp_process+0xb78/0x12b8 net/ipv4/arp.c:941
 NF_HOOK+0x2b8/0x34c include/linux/netfilter.h:314
 arp_rcv+0x2a8/0x430 net/ipv4/arp.c:991
 __netif_receive_skb_list_ptype net/core/dev.c:5935 [inline]
 __netif_receive_skb_list_core+0x3b0/0x67c net/core/dev.c:5967
 __netif_receive_skb_list net/core/dev.c:6029 [inline]
 netif_receive_skb_list_internal+0x74c/0x9e0 net/core/dev.c:6120
 gro_normal_list include/net/gro.h:532 [inline]
 napi_complete_done+0x250/0x614 net/core/dev.c:6490
 gve_napi_poll+0x1f4/0x3ac drivers/net/ethernet/google/gve/gve_main.c:388
 __napi_poll+0xb4/0x3fc net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0x5d4/0xcc8 net/core/dev.c:7510
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 201967
hardirqs last  enabled at (201966): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (201966): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (201967): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (201912): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (201912): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (201919): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff8000800078a0
x29: ffff8000800079c0 x28: ffff0001ffa88fff x27: ffff0001fec50fe8
x26: ffff0001ffa89000 x25: dfff800000000000 x24: ffff0001ffa88000
x23: ffff0001fea8e440 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb9a9 x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb9aa x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007aa0 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kmem_cache_free+0x250/0x550 mm/slub.c:4744
 ptlock_free+0x54/0x6c mm/memory.c:7364
 pagetable_dtor include/linux/mm.h:3109 [inline]
 pagetable_dtor_free include/linux/mm.h:3116 [inline]
 __tlb_remove_table+0x30/0x274 include/asm-generic/tlb.h:215
 __tlb_remove_table_free mm/mmu_gather.c:227 [inline]
 tlb_remove_table_rcu+0x8c/0x19c mm/mmu_gather.c:290
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 207561
hardirqs last  enabled at (207560): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (207560): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (207561): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (207358): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (207358): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (207373): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pte_range mm/memory.c:2936 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pmd_range mm/memory.c:2985 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_pud_range mm/memory.c:3021 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 apply_to_p4d_range mm/memory.c:3057 [inline]
WARNING: CPU: 0 PID: 0 at ./arch/arm64/include/asm/pgtable.h:82 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G        W           6.15.0-rc5-syzkaller-gac57c6b0f09c #0 PREEMPT 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
pc : apply_to_pte_range mm/memory.c:2936 [inline]
pc : apply_to_pmd_range mm/memory.c:2985 [inline]
pc : apply_to_pud_range mm/memory.c:3021 [inline]
pc : apply_to_p4d_range mm/memory.c:3057 [inline]
pc : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
lr : arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline]
lr : apply_to_pte_range mm/memory.c:2936 [inline]
lr : apply_to_pmd_range mm/memory.c:2985 [inline]
lr : apply_to_pud_range mm/memory.c:3021 [inline]
lr : apply_to_p4d_range mm/memory.c:3057 [inline]
lr : __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093
sp : ffff800080007900
x29: ffff800080007a20 x28: ffff0001ffa8cfff x27: ffff0001fec50fe8
x26: ffff0001ffa8d000 x25: dfff800000000000 x24: ffff0001ffa8c000
x23: ffff0001fea8e460 x22: 0000000000000100 x21: ffff80008f346040
x20: 100000023ea8e403 x19: 0000000000000001 x18: 1fffe0003386aa76
x17: ffff80010d0e8000 x16: ffff80008051bab8 x15: 0000000000000001
x14: 1ffff00012dfb97a x13: 0000000000000000 x12: 0000000000000000
x11: ffff700012dfb97b x10: 0000000000ff0100 x9 : 0000000000000000
x8 : ffff80008f346040 x7 : ffff800080c2b0a4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff800080007b00 x3 : ffff8000802595f4
x2 : 0000000000001000 x1 : 0000000000000100 x0 : 0000000000000000
Call trace:
 arch_enter_lazy_mmu_mode arch/arm64/include/asm/pgtable.h:82 [inline] (P)
 apply_to_pte_range mm/memory.c:2936 [inline] (P)
 apply_to_pmd_range mm/memory.c:2985 [inline] (P)
 apply_to_pud_range mm/memory.c:3021 [inline] (P)
 apply_to_p4d_range mm/memory.c:3057 [inline] (P)
 __apply_to_page_range+0xdb4/0x13e4 mm/memory.c:3093 (P)
 apply_to_page_range+0x4c/0x64 mm/memory.c:3112
 __change_memory_common+0xac/0x3f8 arch/arm64/mm/pageattr.c:64
 set_memory_valid+0x68/0x7c arch/arm64/mm/pageattr.c:-1
 kfence_protect_page arch/arm64/include/asm/kfence.h:17 [inline]
 kfence_protect mm/kfence/core.c:247 [inline]
 kfence_guarded_free+0x278/0x5a8 mm/kfence/core.c:565
 __kfence_free+0x104/0x198 mm/kfence/core.c:1187
 kfence_free include/linux/kfence.h:187 [inline]
 slab_free_hook mm/slub.c:2318 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x268/0x474 mm/slub.c:4841
 slab_free_after_rcu_debug+0x78/0x2f4 mm/slub.c:4679
 rcu_do_batch kernel/rcu/tree.c:2568 [inline]
 rcu_core+0x848/0x17a4 kernel/rcu/tree.c:2824
 rcu_core_si+0x10/0x1c kernel/rcu/tree.c:2841
 handle_softirqs+0x328/0xc88 kernel/softirq.c:579
 __do_softirq+0x14/0x20 kernel/softirq.c:613
 ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:81
 call_on_irq_stack+0x24/0x30 arch/arm64/kernel/entry.S:891
 do_softirq_own_stack+0x20/0x2c arch/arm64/kernel/irq.c:86
 invoke_softirq kernel/softirq.c:460 [inline]
 __irq_exit_rcu+0x1b0/0x478 kernel/softirq.c:680
 irq_exit_rcu+0x14/0x84 kernel/softirq.c:696
 __el1_irq arch/arm64/kernel/entry-common.c:584 [inline]
 el1_interrupt+0x38/0x54 arch/arm64/kernel/entry-common.c:598
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:603
 el1h_64_irq+0x6c/0x70 arch/arm64/kernel/entry.S:596
 __daif_local_irq_enable arch/arm64/include/asm/irqflags.h:26 [inline] (P)
 arch_local_irq_enable+0x8/0xc arch/arm64/include/asm/irqflags.h:48 (P)
 cpuidle_idle_call kernel/sched/idle.c:185 [inline]
 do_idle+0x1d8/0x454 kernel/sched/idle.c:325
 cpu_startup_entry+0x5c/0x74 kernel/sched/idle.c:423
 rest_init+0x2d8/0x2f4 init/main.c:743
 start_kernel+0x44c/0x4a8 init/main.c:1099
 __primary_switched+0x8c/0x94 arch/arm64/kernel/head.S:246
irq event stamp: 209075
hardirqs last  enabled at (209074): [<ffff80008add91e8>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last  enabled at (209074): [<ffff80008add91e8>] _raw_spin_unlock_irqrestore+0x38/0x98 kernel/locking/spinlock.c:194
hardirqs last disabled at (209075): [<ffff80008adb3680>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:511
softirqs last  enabled at (209040): [<ffff8000803ce71c>] softirq_handle_end kernel/softirq.c:425 [inline]
softirqs last  enabled at (209040): [<ffff8000803ce71c>] handle_softirqs+0xaf8/0xc88 kernel/softirq.c:607
softirqs last disabled at (209057): [<ffff800080020efc>] __do_softirq+0x14/0x20 kernel/softirq.c:613
---[ end trace 0000000000000000 ]---

Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/05/14 14:34 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ac57c6b0f09c a4fa04ef .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 upstream-arm64 test error: WARNING in __apply_to_page_range
2025/05/13 15:46 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ac57c6b0f09c 7344edeb .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 upstream-arm64 test error: WARNING in __apply_to_page_range
2025/05/12 16:45 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ac57c6b0f09c f6671af7 .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 upstream-arm64 test error: WARNING in __apply_to_page_range
2025/05/10 04:43 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ac57c6b0f09c 77908e5f .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 upstream-arm64 test error: WARNING in __apply_to_page_range
2025/05/09 17:41 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ac57c6b0f09c bb813bcc .config console log report [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 upstream-arm64 test error: WARNING in __apply_to_page_range
* Struck through repros no longer work on HEAD.