Warning: Permanently added '10.128.0.61' (ED25519) to the list of known hosts. 1970/01/01 00:01:29 ignoring optional flag "sandboxArg"="0" 1970/01/01 00:01:31 parsed 1 programs [ 94.340802][ T6979] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 105.801678][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 105.804349][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 105.805165][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 105.805828][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 105.806245][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 106.406123][ T7053] chnl_net:caif_netlink_parms(): no params data found [ 106.450195][ T7053] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.450297][ T7053] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.450699][ T7053] bridge_slave_0: entered allmulticast mode [ 106.451666][ T7053] bridge_slave_0: entered promiscuous mode [ 106.454022][ T7053] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.454097][ T7053] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.454194][ T7053] bridge_slave_1: entered allmulticast mode [ 106.454992][ T7053] bridge_slave_1: entered promiscuous mode [ 106.479212][ T7053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.481621][ T7053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.498391][ T7053] team0: Port device team_slave_0 added [ 106.503429][ T7053] team0: Port device team_slave_1 added [ 106.518029][ T7053] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.520209][ T7053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.522215][ T7053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.523313][ T7053] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.523338][ T7053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.523368][ T7053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.556803][ T7053] hsr_slave_0: entered promiscuous mode [ 106.558947][ T7053] hsr_slave_1: entered promiscuous mode [ 107.507429][ T7053] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.511921][ T7053] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.521575][ T7053] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.525523][ T7053] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.576541][ T7053] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.587204][ T7053] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.590264][ T196] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.590348][ T196] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.603697][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.603792][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.696299][ T7053] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.718469][ T7053] veth0_vlan: entered promiscuous mode [ 107.728335][ T7053] veth1_vlan: entered promiscuous mode [ 107.745323][ T7053] veth0_macvtap: entered promiscuous mode [ 107.749325][ T7053] veth1_macvtap: entered promiscuous mode [ 107.761324][ T7053] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.767220][ T7053] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.775438][ T7053] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.778074][ T7053] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.780738][ T7053] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.783699][ T7053] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.205289][ T14] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.305823][ T14] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.410358][ T14] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.516129][ T14] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.841463][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.841539][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.861977][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.862039][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 1970/01/01 00:01:49 executed programs: 0 [ 109.747150][ T6092] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 109.748172][ T6092] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 109.748559][ T6092] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 109.749173][ T6092] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 109.749606][ T6092] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 109.858669][ T7275] chnl_net:caif_netlink_parms(): no params data found [ 109.918676][ T7275] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.918824][ T7275] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.918940][ T7275] bridge_slave_0: entered allmulticast mode [ 109.919815][ T7275] bridge_slave_0: entered promiscuous mode [ 109.921267][ T7275] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.921340][ T7275] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.921456][ T7275] bridge_slave_1: entered allmulticast mode [ 109.922913][ T7275] bridge_slave_1: entered promiscuous mode [ 109.941897][ T7275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.949266][ T7275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.968420][ T7275] team0: Port device team_slave_0 added [ 109.970311][ T7275] team0: Port device team_slave_1 added [ 109.988686][ T7275] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.988756][ T7275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.988801][ T7275] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.989922][ T7275] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.989947][ T7275] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.989979][ T7275] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.019754][ T7275] hsr_slave_0: entered promiscuous mode [ 110.020367][ T7275] hsr_slave_1: entered promiscuous mode [ 110.020703][ T7275] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 110.020744][ T7275] Cannot create hsr debugfs directory [ 110.721956][ T14] bridge_slave_1: left allmulticast mode [ 110.727217][ T14] bridge_slave_1: left promiscuous mode [ 110.727383][ T14] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.739339][ T14] bridge_slave_0: left allmulticast mode [ 110.743133][ T14] bridge_slave_0: left promiscuous mode [ 110.743539][ T14] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.772778][ T52] Bluetooth: hci0: command tx timeout [ 112.306283][ T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.344651][ T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 112.403752][ T14] bond0 (unregistering): Released all slaves [ 112.501964][ T14] hsr_slave_0: left promiscuous mode [ 112.504037][ T14] hsr_slave_1: left promiscuous mode [ 112.506100][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 112.508384][ T14] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 112.511188][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 112.517186][ T14] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 112.527352][ T14] veth1_macvtap: left promiscuous mode [ 112.529118][ T14] veth0_macvtap: left promiscuous mode [ 112.530817][ T14] veth1_vlan: left promiscuous mode [ 112.532611][ T14] veth0_vlan: left promiscuous mode [ 113.852536][ T52] Bluetooth: hci0: command tx timeout [ 114.254292][ T14] team0 (unregistering): Port device team_slave_1 removed [ 114.474248][ T14] team0 (unregistering): Port device team_slave_0 removed [ 115.942833][ T52] Bluetooth: hci0: command tx timeout [ 116.984320][ T7275] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 116.987247][ T7275] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 116.990784][ T7275] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 116.995334][ T7275] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 117.365396][ T7275] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.373404][ T7275] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.378584][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.378946][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.387561][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.387635][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.503866][ T7275] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 117.657661][ T7275] veth0_vlan: entered promiscuous mode [ 117.660494][ T7275] veth1_vlan: entered promiscuous mode [ 117.671488][ T7275] veth0_macvtap: entered promiscuous mode [ 117.673535][ T7275] veth1_macvtap: entered promiscuous mode [ 117.680379][ T7275] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 117.684517][ T7275] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 117.688693][ T7275] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.688988][ T7275] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.689021][ T7275] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.689051][ T7275] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.777796][ T196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.777855][ T196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 117.791999][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 117.792055][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 1970/01/01 00:01:57 executed programs: 2 [ 117.862804][ ** replaying previous printk message ** [ 117.862804][ T7470] ------------[ cut here ]------------ [ 117.862887][ T7470] ODEBUG: activate active (active state 1) object: 00000000d15d938c object type: rcu_head hint: 0x0 [ 117.863264][ T7470] WARNING: CPU: 0 PID: 7470 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 117.871345][ T7470] Modules linked in: [ 117.872437][ T7470] CPU: 0 UID: 0 PID: 7470 Comm: syz.0.17 Not tainted 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 117.875870][ T7470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 117.878657][ T7470] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 117.880854][ T7470] pc : debug_object_activate+0x344/0x460 [ 117.882411][ T7470] lr : debug_object_activate+0x344/0x460 [ 117.884014][ T7470] sp : ffff80009c3b76d0 [ 117.885167][ T7470] x29: ffff80009c3b76d0 x28: ffff8000976d8000 x27: dfff800000000000 [ 117.887393][ T7470] x26: ffff80008afc2440 x25: 0000000000000001 x24: ffff8000891ac400 [ 117.889540][ T7470] x23: 0000000000000003 x22: ffff80008b5399e0 x21: 0000000000000000 [ 117.891887][ T7470] x20: ffff80008afc2440 x19: ffff8000891ac400 x18: 0000000000000000 [ 117.894097][ T7470] x17: 3833396435316430 x16: ffff80008aefc458 x15: 0000000000000001 [ 117.896343][ T7470] x14: 1fffe000337d40e2 x13: 0000000000000000 x12: 0000000000000000 [ 117.898551][ T7470] x11: ffff6000337d40e3 x10: 0000000000ff0100 x9 : 5688875a670f5200 [ 117.900821][ T7470] x8 : 5688875a670f5200 x7 : 0000000000000001 x6 : 0000000000000001 [ 117.903031][ T7470] x5 : ffff80009c3b7018 x4 : ffff80008f766be0 x3 : ffff8000807bcfac [ 117.905260][ T7470] x2 : 0000000000000001 x1 : 0000000100000202 x0 : 0000000000000000 [ 117.907452][ T7470] Call trace: [ 117.908420][ T7470] debug_object_activate+0x344/0x460 (P) [ 117.910020][ T7470] kvfree_call_rcu+0x4c/0x3f0 [ 117.911388][ T7470] cipso_v4_sock_setattr+0x2fc/0x40c [ 117.912937][ T7470] netlbl_sock_setattr+0x240/0x334 [ 117.914357][ T7470] smack_netlbl_add+0xa8/0x158 [ 117.915708][ T7470] smack_inode_setsecurity+0x378/0x430 [ 117.917208][ T7470] security_inode_setsecurity+0x118/0x3c0 [ 117.918768][ T7470] __vfs_setxattr_noperm+0x174/0x5c4 [ 117.920233][ T7470] __vfs_setxattr_locked+0x1ec/0x218 [ 117.921647][ T7470] vfs_setxattr+0x158/0x2ac [ 117.922935][ T7470] file_setxattr+0x1b8/0x294 [ 117.924156][ T7470] path_setxattrat+0x2ac/0x320 [ 117.925467][ T7470] __arm64_sys_fsetxattr+0xc0/0xdc [ 117.926941][ T7470] invoke_syscall+0x98/0x2b8 [ 117.928165][ T7470] el0_svc_common+0x130/0x23c [ 117.929559][ T7470] do_el0_svc+0x48/0x58 [ 117.930722][ T7470] el0_svc+0x58/0x180 [ 117.931824][ T7470] el0t_64_sync_handler+0x84/0x12c [ 117.933186][ T7470] el0t_64_sync+0x198/0x19c [ 117.934474][ T7470] irq event stamp: 183 [ 117.935594][ T7470] hardirqs last enabled at (182): [] __console_unlock+0x70/0xc4 [ 117.938153][ T7470] hardirqs last disabled at (183): [] el1_brk64+0x1c/0x48 [ 117.940492][ T7470] softirqs last enabled at (138): [] local_bh_enable+0x10/0x34 [ 117.943154][ T7470] softirqs last disabled at (154): [] local_bh_disable+0x10/0x34 [ 117.945784][ T7470] ---[ end trace 0000000000000000 ]--- [ 117.947500][ ** replaying previous printk message ** [ 117.947500][ T7470] ------------[ cut here ]------------ [ 117.947537][ T7470] ODEBUG: active_state active (active state 1) object: 00000000d15d938c object type: rcu_head hint: 0x0 [ 117.947919][ T7470] WARNING: CPU: 0 PID: 7470 at lib/debugobjects.c:615 debug_object_active_state+0x28c/0x350 [ 117.956176][ T7470] Modules linked in: [ 117.957299][ T7470] CPU: 0 UID: 0 PID: 7470 Comm: syz.0.17 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 117.960962][ T7470] Tainted: [W]=WARN [ 117.961980][ T7470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 117.964758][ T7470] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 117.966894][ T7470] pc : debug_object_active_state+0x28c/0x350 [ 117.968569][ T7470] lr : debug_object_active_state+0x28c/0x350 [ 117.970196][ T7470] sp : ffff80009c3b76c0 [ 117.971338][ T7470] x29: ffff80009c3b76d0 x28: ffff80008f671000 x27: dfff800000000000 [ 117.973574][ T7470] x26: 0000000000000003 x25: 0000000000000000 x24: ffff0000d8051c08 [ 117.975835][ T7470] x23: 0000000000000001 x22: ffff80008afc2440 x21: ffff80008b5399e0 [ 117.978101][ T7470] x20: 0000000000000000 x19: ffff8000891ac400 x18: 0000000000000000 [ 117.980398][ T7470] x17: 3531643030303030 x16: ffff80008ae63d08 x15: ffff700011ede144 [ 117.982659][ T7470] x14: 1ffff00011ede144 x13: 0000000000000004 x12: ffffffffffffffff [ 117.984913][ T7470] x11: ffff700011ede144 x10: 0000000000ff0100 x9 : 5688875a670f5200 [ 117.987076][ T7470] x8 : 5688875a670f5200 x7 : 0000000000000001 x6 : 0000000000000001 [ 117.989295][ T7470] x5 : ffff80009c3b7018 x4 : ffff80008f766be0 x3 : ffff80008054d314 [ 117.991472][ T7470] x2 : 0000000000000000 x1 : 0000000000000202 x0 : 0000000000000000 [ 117.993676][ T7470] Call trace: [ 117.994660][ T7470] debug_object_active_state+0x28c/0x350 (P) [ 117.996301][ T7470] kvfree_call_rcu+0x64/0x3f0 [ 117.997622][ T7470] cipso_v4_sock_setattr+0x2fc/0x40c [ 117.999057][ T7470] netlbl_sock_setattr+0x240/0x334 [ 118.000513][ T7470] smack_netlbl_add+0xa8/0x158 [ 118.001847][ T7470] smack_inode_setsecurity+0x378/0x430 [ 118.003437][ T7470] security_inode_setsecurity+0x118/0x3c0 [ 118.005024][ T7470] __vfs_setxattr_noperm+0x174/0x5c4 [ 118.006510][ T7470] __vfs_setxattr_locked+0x1ec/0x218 [ 118.007989][ T7470] vfs_setxattr+0x158/0x2ac [ 118.009209][ T7470] file_setxattr+0x1b8/0x294 [ 118.010429][ T7470] path_setxattrat+0x2ac/0x320 [ 118.011840][ T7470] __arm64_sys_fsetxattr+0xc0/0xdc [ 118.012260][ T52] Bluetooth: hci0: command tx timeout [ 118.014761][ T7470] invoke_syscall+0x98/0x2b8 [ 118.016091][ T7470] el0_svc_common+0x130/0x23c [ 118.017374][ T7470] do_el0_svc+0x48/0x58 [ 118.018550][ T7470] el0_svc+0x58/0x180 [ 118.019662][ T7470] el0t_64_sync_handler+0x84/0x12c [ 118.021172][ T7470] el0t_64_sync+0x198/0x19c [ 118.022453][ T7470] irq event stamp: 211 [ 118.023551][ T7470] hardirqs last enabled at (210): [] __console_unlock+0x70/0xc4 [ 118.026130][ T7470] hardirqs last disabled at (211): [] el1_brk64+0x1c/0x48 [ 118.028535][ T7470] softirqs last enabled at (138): [] local_bh_enable+0x10/0x34 [ 118.031120][ T7470] softirqs last disabled at (154): [] local_bh_disable+0x10/0x34 [ 118.033755][ T7470] ---[ end trace 0000000000000000 ]--- [ 1 ** replaying previous printk message ** [ 118.035382][ T7470] ------------[ cut here ]------------ [ 118.035428][ T7470] kvfree_call_rcu(): Double-freed call. rcu_head 00000000d15d938c [ 118.035535][ T7470] WARNING: CPU: 0 PID: 7470 at mm/slab_common.c:1956 kvfree_call_rcu+0x94/0x3f0 [ 118.042197][ T7470] Modules linked in: [ 118.043170][ T7470] CPU: 0 UID: 0 PID: 7470 Comm: syz.0.17 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 118.046771][ T7470] Tainted: [W]=WARN [ 118.047814][ T7470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.050761][ T7470] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 118.053061][ T7470] pc : kvfree_call_rcu+0x94/0x3f0 [ 118.054531][ T7470] lr : kvfree_call_rcu+0x94/0x3f0 [ 118.055985][ T7470] sp : ffff80009c3b7730 [ 118.057193][ T7470] x29: ffff80009c3b7730 x28: 00000000fffffff5 x27: 1fffe000199fd6e3 [ 118.059492][ T7470] x26: dfff800000000000 x25: ffff0000d20c136e x24: 0000000000000017 [ 118.061791][ T7470] x23: ffff8000891ac400 x22: 00000000ffffffea x21: ffff8000891ac400 [ 118.064066][ T7470] x20: ffff8000891ac400 x19: ffff80008afc2440 x18: 0000000000000000 [ 118.066429][ T7470] x17: 0000000000000000 x16: ffff80008ae63d08 x15: ffff700011ede144 [ 118.068717][ T7470] x14: 1ffff00011ede144 x13: 0000000000000004 x12: ffffffffffffffff [ 118.070940][ T7470] x11: ffff700011ede144 x10: 0000000000ff0100 x9 : 5688875a670f5200 [ 118.073273][ T7470] x8 : 5688875a670f5200 x7 : 0000000000000001 x6 : 0000000000000001 [ 118.075475][ T7470] x5 : ffff80009c3b7078 x4 : ffff80008f766be0 x3 : ffff80008054d314 [ 118.077723][ T7470] x2 : 0000000000000000 x1 : 0000000000000202 x0 : 0000000000000000 [ 118.080041][ T7470] Call trace: [ 118.080925][ T7470] kvfree_call_rcu+0x94/0x3f0 (P) [ 118.082377][ T7470] cipso_v4_sock_setattr+0x2fc/0x40c [ 118.083872][ T7470] netlbl_sock_setattr+0x240/0x334 [ 118.085361][ T7470] smack_netlbl_add+0xa8/0x158 [ 118.086698][ T7470] smack_inode_setsecurity+0x378/0x430 [ 118.088265][ T7470] security_inode_setsecurity+0x118/0x3c0 [ 118.089794][ T7470] __vfs_setxattr_noperm+0x174/0x5c4 [ 118.091265][ T7470] __vfs_setxattr_locked+0x1ec/0x218 [ 118.092714][ T7470] vfs_setxattr+0x158/0x2ac [ 118.094001][ T7470] file_setxattr+0x1b8/0x294 [ 118.095322][ T7470] path_setxattrat+0x2ac/0x320 [ 118.096680][ T7470] __arm64_sys_fsetxattr+0xc0/0xdc [ 118.098157][ T7470] invoke_syscall+0x98/0x2b8 [ 118.099484][ T7470] el0_svc_common+0x130/0x23c [ 118.100839][ T7470] do_el0_svc+0x48/0x58 [ 118.101980][ T7470] el0_svc+0x58/0x180 [ 118.103108][ T7470] el0t_64_sync_handler+0x84/0x12c [ 118.104493][ T7470] el0t_64_sync+0x198/0x19c [ 118.105715][ T7470] irq event stamp: 233 [ 118.106927][ T7470] hardirqs last enabled at (232): [] __console_unlock+0x70/0xc4 [ 118.109551][ T7470] hardirqs last disabled at (233): [] el1_brk64+0x1c/0x48 [ 118.112076][ T7470] softirqs last enabled at (138): [] local_bh_enable+0x10/0x34 [ 118.114619][ T7470] softirqs last disabled at (154): [] local_bh_disable+0x10/0x34 [ 118.117178][ T7470] ---[ end trace 0000000000000000 ]--- [ 118.136198][ T7472] ------------[ cut here ]------------ [ 118.136262][ T7472] ODEBUG: activate active (active state 1) object: 00000000d15d938c object type: rcu_head hint: 0x0 [ 118.136659][ T7472] WARNING: CPU: 1 PID: 7472 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 118.143841][ T7472] Modules linked in: [ 118.144974][ T7472] CPU: 1 UID: 0 PID: 7472 Comm: syz.0.18 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 118.148666][ T7472] Tainted: [W]=WARN [ 118.149681][ T7472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.152479][ T7472] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 118.154677][ T7472] pc : debug_object_activate+0x344/0x460 [ 118.156380][ T7472] lr : debug_object_activate+0x344/0x460 [ 118.157993][ T7472] sp : ffff80009e2576d0 [ 118.159108][ T7472] x29: ffff80009e2576d0 x28: ffff8000976d8000 x27: dfff800000000000 [ 118.161430][ T7472] x26: ffff80008afc2440 x25: 0000000000000001 x24: ffff8000891ac400 [ 118.163750][ T7472] x23: 0000000000000003 x22: ffff80008b5399e0 x21: 0000000000000000 [ 118.165964][ T7472] x20: ffff80008afc2440 x19: ffff8000891ac400 x18: 00000000ffffffff [ 118.168227][ T7472] x17: 3833396435316430 x16: ffff80008ae63d08 x15: ffff700011ede144 [ 118.170457][ T7472] x14: 1ffff00011ede144 x13: 0000000000000004 x12: ffffffffffffffff [ 118.172701][ T7472] x11: ffff700011ede144 x10: 0000000000ff0100 x9 : fa91ff7817839000 [ 118.174907][ T7472] x8 : fa91ff7817839000 x7 : 0000000000000001 x6 : 0000000000000001 [ 118.177204][ T7472] x5 : ffff80009e257018 x4 : ffff80008f766be0 x3 : ffff80008054d314 [ 118.179454][ T7472] x2 : 0000000000000000 x1 : 0000000000000202 x0 : 0000000000000000 [ 118.181744][ T7472] Call trace: [ 118.182645][ T7472] debug_object_activate+0x344/0x460 (P) [ 118.184267][ T7472] kvfree_call_rcu+0x4c/0x3f0 [ 118.185640][ T7472] cipso_v4_sock_setattr+0x2fc/0x40c [ 118.187082][ T7472] netlbl_sock_setattr+0x240/0x334 [ 118.188528][ T7472] smack_netlbl_add+0xa8/0x158 [ 118.189943][ T7472] smack_inode_setsecurity+0x378/0x430 [ 118.191504][ T7472] security_inode_setsecurity+0x118/0x3c0 [ 118.193109][ T7472] __vfs_setxattr_noperm+0x174/0x5c4 [ 118.194626][ T7472] __vfs_setxattr_locked+0x1ec/0x218 [ 118.196135][ T7472] vfs_setxattr+0x158/0x2ac [ 118.197399][ T7472] file_setxattr+0x1b8/0x294 [ 118.198716][ T7472] path_setxattrat+0x2ac/0x320 [ 118.200080][ T7472] __arm64_sys_fsetxattr+0xc0/0xdc [ 118.201467][ T7472] invoke_syscall+0x98/0x2b8 [ 118.202762][ T7472] el0_svc_common+0x130/0x23c [ 118.204167][ T7472] do_el0_svc+0x48/0x58 [ 118.205305][ T7472] el0_svc+0x58/0x180 [ 118.206423][ T7472] el0t_64_sync_handler+0x84/0x12c [ 118.207979][ T7472] el0t_64_sync+0x198/0x19c [ 118.209234][ T7472] irq event stamp: 205 [ 118.210448][ T7472] hardirqs last enabled at (204): [] __console_unlock+0x70/0xc4 [ 118.213046][ T7472] hardirqs last disabled at (205): [] el1_brk64+0x1c/0x48 [ 118.215434][ T7472] softirqs last enabled at (160): [] local_bh_enable+0x10/0x34 [ 118.218024][ T7472] softirqs last disabled at (178): [] local_bh_disable+0x10/0x34 [ 118.220576][ T7472] ---[ end trace 0000000000000000 ]--- [ 118.222187][ T7472] ------------[ cut here ]------------ [ 118.222224][ T7472] ODEBUG: active_state active (active state 1) object: 00000000d15d938c object type: rcu_head hint: 0x0 [ 118.222605][ T7472] WARNING: CPU: 1 PID: 7472 at lib/debugobjects.c:615 debug_object_active_state+0x28c/0x350 [ 118.230023][ T7472] Modules linked in: [ 118.231119][ T7472] CPU: 1 UID: 0 PID: 7472 Comm: syz.0.18 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 118.234933][ T7472] Tainted: [W]=WARN [ 118.236072][ T7472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.239026][ T7472] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 118.241308][ T7472] pc : debug_object_active_state+0x28c/0x350 [ 118.243004][ T7472] lr : debug_object_active_state+0x28c/0x350 [ 118.244697][ T7472] sp : ffff80009e2576c0 [ 118.245933][ T7472] x29: ffff80009e2576d0 x28: ffff80008f671000 x27: dfff800000000000 [ 118.248210][ T7472] x26: 0000000000000003 x25: 0000000000000000 x24: ffff0000d8051c08 [ 118.250508][ T7472] x23: 0000000000000001 x22: ffff80008afc2440 x21: ffff80008b5399e0 [ 118.252858][ T7472] x20: 0000000000000000 x19: ffff8000891ac400 x18: 00000000ffffffff [ 118.255131][ T7472] x17: 3531643030303030 x16: ffff80008ae63d08 x15: ffff700011ede144 [ 118.257359][ T7472] x14: 1ffff00011ede144 x13: 0000000000000004 x12: ffffffffffffffff [ 118.259660][ T7472] x11: ffff700011ede144 x10: 0000000000ff0100 x9 : fa91ff7817839000 [ 118.261963][ T7472] x8 : fa91ff7817839000 x7 : 0000000000000001 x6 : 0000000000000001 [ 118.264223][ T7472] x5 : ffff80009e257018 x4 : ffff80008f766be0 x3 : ffff80008054d314 [ 118.266443][ T7472] x2 : 0000000000000000 x1 : 0000000000000202 x0 : 0000000000000000 [ 118.268708][ T7472] Call trace: [ 118.269696][ T7472] debug_object_active_state+0x28c/0x350 (P) [ 118.271475][ T7472] kvfree_call_rcu+0x64/0x3f0 [ 118.272878][ T7472] cipso_v4_sock_setattr+0x2fc/0x40c [ 118.274429][ T7472] netlbl_sock_setattr+0x240/0x334 [ 118.275882][ T7472] smack_netlbl_add+0xa8/0x158 [ 118.277262][ T7472] smack_inode_setsecurity+0x378/0x430 [ 118.278894][ T7472] security_inode_setsecurity+0x118/0x3c0 [ 118.280509][ T7472] __vfs_setxattr_noperm+0x174/0x5c4 [ 118.282040][ T7472] __vfs_setxattr_locked+0x1ec/0x218 [ 118.283471][ T7472] vfs_setxattr+0x158/0x2ac [ 118.284830][ T7472] file_setxattr+0x1b8/0x294 [ 118.286274][ T7472] path_setxattrat+0x2ac/0x320 [ 118.287671][ T7472] __arm64_sys_fsetxattr+0xc0/0xdc [ 118.289158][ T7472] invoke_syscall+0x98/0x2b8 [ 118.290493][ T7472] el0_svc_common+0x130/0x23c [ 118.291847][ T7472] do_el0_svc+0x48/0x58 [ 118.293036][ T7472] el0_svc+0x58/0x180 [ 118.294143][ T7472] el0t_64_sync_handler+0x84/0x12c [ 118.295606][ T7472] el0t_64_sync+0x198/0x19c [ 118.296955][ T7472] irq event stamp: 231 [ 118.298081][ T7472] hardirqs last enabled at (230): [] __console_unlock+0x70/0xc4 [ 118.300734][ T7472] hardirqs last disabled at (231): [] el1_brk64+0x1c/0x48 [ 118.303225][ T7472] softirqs last enabled at (160): [] local_bh_enable+0x10/0x34 [ 118.305917][ T7472] softirqs last disabled at (178): [] local_bh_disable+0x10/0x34 [ 118.308580][ T7472] ---[ end trace 0000000000000000 ]--- [ 118.335205][ T7474] ------------[ cut here ]------------ [ 118.335273][ T7474] ODEBUG: activate active (active state 1) object: 00000000d15d938c object type: rcu_head hint: 0x0 [ 118.335663][ T7474] WARNING: CPU: 1 PID: 7474 at lib/debugobjects.c:615 debug_object_activate+0x344/0x460 [ 118.342972][ T7474] Modules linked in: [ 118.344119][ T7474] CPU: 1 UID: 0 PID: 7474 Comm: syz.0.19 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 118.347857][ T7474] Tainted: [W]=WARN [ 118.348992][ T7474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.351902][ T7474] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 118.354098][ T7474] pc : debug_object_activate+0x344/0x460 [ 118.355702][ T7474] lr : debug_object_activate+0x344/0x460 [ 118.357420][ T7474] sp : ffff80009c4776d0 [ 118.358703][ T7474] x29: ffff80009c4776d0 x28: ffff8000976d8000 x27: dfff800000000000 [ 118.361033][ T7474] x26: ffff80008afc2440 x25: 0000000000000001 x24: ffff8000891ac400 [ 118.363361][ T7474] x23: 0000000000000003 x22: ffff80008b5399e0 x21: 0000000000000000 [ 118.365663][ T7474] x20: ffff80008afc2440 x19: ffff8000891ac400 x18: 0000000000000000 [ 118.367952][ T7474] x17: 3833396435316430 x16: ffff80008ae63d08 x15: ffff700011ede144 [ 118.370268][ T7474] x14: 1ffff00011ede144 x13: 0000000000000004 x12: ffffffffffffffff [ 118.372620][ T7474] x11: ffff700011ede144 x10: 0000000000ff0100 x9 : 36737a42cadb6a00 [ 118.374894][ T7474] x8 : 36737a42cadb6a00 x7 : 0000000000000001 x6 : 0000000000000001 [ 118.377111][ T7474] x5 : ffff80009c477018 x4 : ffff80008f766be0 x3 : ffff80008054d314 [ 118.379442][ T7474] x2 : 0000000000000000 x1 : 0000000000000202 x0 : 0000000000000000 [ 118.381758][ T7474] Call trace: [ 118.382689][ T7474] debug_object_activate+0x344/0x460 (P) [ 118.384374][ T7474] kvfree_call_rcu+0x4c/0x3f0 [ 118.385775][ T7474] cipso_v4_sock_setattr+0x2fc/0x40c [ 118.387323][ T7474] netlbl_sock_setattr+0x240/0x334 [ 118.388796][ T7474] smack_netlbl_add+0xa8/0x158 [ 118.390178][ T7474] smack_inode_setsecurity+0x378/0x430 [ 118.391752][ T7474] security_inode_setsecurity+0x118/0x3c0 [ 118.393358][ T7474] __vfs_setxattr_noperm+0x174/0x5c4 [ 118.394907][ T7474] __vfs_setxattr_locked+0x1ec/0x218 [ 118.396385][ T7474] vfs_setxattr+0x158/0x2ac [ 118.397656][ T7474] file_setxattr+0x1b8/0x294 [ 118.399031][ T7474] path_setxattrat+0x2ac/0x320 [ 118.400350][ T7474] __arm64_sys_fsetxattr+0xc0/0xdc [ 118.401855][ T7474] invoke_syscall+0x98/0x2b8 [ 118.403036][ T7474] el0_svc_common+0x130/0x23c [ 118.404374][ T7474] do_el0_svc+0x48/0x58 [ 118.405559][ T7474] el0_svc+0x58/0x180 [ 118.406694][ T7474] el0t_64_sync_handler+0x84/0x12c [ 118.408256][ T7474] el0t_64_sync+0x198/0x19c [ 118.409578][ T7474] irq event stamp: 181 [ 118.410771][ T7474] hardirqs last enabled at (180): [] __console_unlock+0x70/0xc4 [ 118.413433][ T7474] hardirqs last disabled at (181): [] el1_brk64+0x1c/0x48 [ 118.415915][ T7474] softirqs last enabled at (138): [] local_bh_enable+0x10/0x34 [ 118.418533][ T7474] softirqs last disabled at (154): [] local_bh_disable+0x10/0x34 [ 118.421131][ T7474] ---[ end trace 0000000000000000 ]--- [ ** replaying previous printk message ** [ 118.567287][ T149] ------------[ cut here ]------------ [ 118.567410][ T149] Trying to vfree() bad address (00000000d15d938c) [ 118.567531][ T149] WARNING: CPU: 1 PID: 149 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 118.574298][ T149] Modules linked in: [ 118.575522][ T149] CPU: 1 UID: 0 PID: 149 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 118.579418][ T149] Tainted: [W]=WARN [ 118.580485][ T149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.583283][ T149] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 118.585237][ T149] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 118.587350][ T149] pc : remove_vm_area+0x268/0x270 [ 118.588779][ T149] lr : remove_vm_area+0x264/0x270 [ 118.590183][ T149] sp : ffff800099fb78e0 [ 118.591384][ T149] x29: ffff800099fb78f0 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 118.593688][ T149] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 118.596039][ T149] x23: ffff0000c4702028 x22: 1fffe00018ac73d1 x21: 0000000000000000 [ 118.598266][ T149] x20: 0000000000000000 x19: ffff8000891ac400 x18: 1fffe000337d8876 [ 118.600543][ T149] x17: 0000000000000000 x16: ffff80008aefc458 x15: 0000000000000001 [ 118.602796][ T149] x14: 1fffe000337d88e2 x13: 0000000000000000 x12: 0000000000000000 [ 118.605092][ T149] x11: ffff6000337d88e3 x10: 0000000000ff0100 x9 : 672a4a3076b94300 [ 118.607361][ T149] x8 : 672a4a3076b94300 x7 : 0000000000000001 x6 : 0000000000000001 [ 118.609682][ T149] x5 : ffff800099fb7238 x4 : ffff80008f766be0 x3 : ffff8000807bcfac [ 118.612025][ T149] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 118.614320][ T149] Call trace: [ 118.615254][ T149] remove_vm_area+0x268/0x270 (P) [ 118.616669][ T149] vfree+0xac/0x3dc [ 118.617789][ T149] kvfree_rcu_bulk+0xc4/0x228 [ 118.619172][ T149] kfree_rcu_monitor+0x230/0x2b4 [ 118.620573][ T149] process_one_work+0x7e8/0x155c [ 118.622032][ T149] worker_thread+0x958/0xed8 [ 118.623327][ T149] kthread+0x5fc/0x75c [ 118.624429][ T149] ret_from_fork+0x10/0x20 [ 118.625762][ T149] irq event stamp: 2297526 [ 118.626977][ T149] hardirqs last enabled at (2297525): [] __console_unlock+0x70/0xc4 [ 118.629795][ T149] hardirqs last disabled at (2297526): [] el1_brk64+0x1c/0x48 [ 118.632316][ T149] softirqs last enabled at (2293288): [] handle_softirqs+0xaf8/0xc88 [ 118.635044][ T149] softirqs last disabled at (2293219): [] __do_softirq+0x14/0x20 [ 118.637697][ T149] ---[ end trace 0000000000000000 ]--- [ ** replaying previous printk message ** [ 118.668304][ T149] ------------[ cut here ]------------ [ 118.668361][ T149] Trying to vfree() nonexistent vm area (00000000d15d938c) [ 118.668662][ T149] WARNING: CPU: 1 PID: 149 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 118.675470][ T149] Modules linked in: [ 118.676525][ T149] CPU: 1 UID: 0 PID: 149 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 118.680364][ T149] Tainted: [W]=WARN [ 118.681400][ T149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 118.684214][ T149] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 118.686073][ T149] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 118.688216][ T149] pc : vfree+0x32c/0x3dc [ 118.689389][ T149] lr : vfree+0x32c/0x3dc [ 118.690586][ T149] sp : ffff800099fb7950 [ 118.691769][ T149] x29: ffff800099fb7960 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 118.694119][ T149] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 118.696376][ T149] x23: ffff0000c4702028 x22: 1fffe00018ac73d1 x21: 0000000000000000 [ 118.698595][ T149] x20: ffff8000891ac400 x19: 0000000000000000 x18: 1fffe000337d8876 [ 118.700944][ T149] x17: ffff80008f66e000 x16: ffff80008aefc458 x15: 0000000000000001 [ 118.703258][ T149] x14: 1fffe000337db2f0 x13: 0000000000000000 x12: 0000000000000000 [ 118.705575][ T149] x11: ffff800093163c08 x10: 0000000000000003 x9 : 672a4a3076b94300 [ 118.707848][ T149] x8 : 672a4a3076b94300 x7 : ffff800080488a2c x6 : 0000000000000000 [ 118.710045][ T149] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 118.712341][ T149] x2 : 0000000000000006 x1 : ffff80008b538ee0 x0 : 0000000000000001 [ 118.714573][ T149] Call trace: [ 118.715523][ T149] vfree+0x32c/0x3dc (P) [ 118.716707][ T149] kvfree_rcu_bulk+0xc4/0x228 [ 118.718094][ T149] kfree_rcu_monitor+0x230/0x2b4 [ 118.719452][ T149] process_one_work+0x7e8/0x155c [ 118.720961][ T149] worker_thread+0x958/0xed8 [ 118.722263][ T149] kthread+0x5fc/0x75c [ 118.723382][ T149] ret_from_fork+0x10/0x20 [ 118.724642][ T149] irq event stamp: 2297606 [ 118.725816][ T149] hardirqs last enabled at (2297605): [] finish_lock_switch+0xb0/0x1c0 [ 118.728721][ T149] hardirqs last disabled at (2297606): [] el1_brk64+0x1c/0x48 [ 118.731330][ T149] softirqs last enabled at (2297578): [] handle_softirqs+0xaf8/0xc88 [ 118.734081][ T149] softirqs last disabled at (2297529): [] __do_softirq+0x14/0x20 [ 118.736720][ T149] ---[ end trace 0000000000000000 ]--- [ 11 ** replaying previous printk message ** [ 119.018455][ T41] ------------[ cut here ]------------ [ 119.018523][ T41] Trying to vfree() bad address (00000000d15d938c) [ 119.018643][ T41] WARNING: CPU: 1 PID: 41 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 119.025412][ T41] Modules linked in: [ 119.026541][ T41] CPU: 1 UID: 0 PID: 41 Comm: kworker/u8:2 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 119.030327][ T41] Tainted: [W]=WARN [ 119.031387][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.034136][ T41] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 119.036012][ T41] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 119.038164][ T41] pc : remove_vm_area+0x268/0x270 [ 119.039529][ T41] lr : remove_vm_area+0x264/0x270 [ 119.040896][ T41] sp : ffff8000990e78e0 [ 119.041956][ T41] x29: ffff8000990e78f0 x28: ffff00019bed34d4 x27: ffff00019bed34c0 [ 119.044309][ T41] x26: ffff00019bed34b0 x25: dfff800000000000 x24: 0000000000000001 [ 119.046622][ T41] x23: ffff0000c3173028 x22: 1fffe000184b1b71 x21: 0000000000000000 [ 119.048926][ T41] x20: 0000000000000000 x19: ffff8000891ac400 x18: 1fffe000337d8876 [ 119.051209][ T41] x17: 0000000000000000 x16: ffff80008aefc458 x15: 0000000000000001 [ 119.053538][ T41] x14: 1fffe000337d88e2 x13: 0000000000000000 x12: 0000000000000000 [ 119.055781][ T41] x11: ffff6000337d88e3 x10: 0000000000ff0100 x9 : e346dabeb8964700 [ 119.058057][ T41] x8 : e346dabeb8964700 x7 : 0000000000000001 x6 : 0000000000000001 [ 119.060351][ T41] x5 : ffff8000990e7238 x4 : ffff80008f766be0 x3 : ffff8000807bcfac [ 119.062591][ T41] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 119.064894][ T41] Call trace: [ 119.065807][ T41] remove_vm_area+0x268/0x270 (P) [ 119.067169][ T41] vfree+0xac/0x3dc [ 119.068229][ T41] kvfree_rcu_bulk+0xc4/0x228 [ 119.069541][ T41] kfree_rcu_monitor+0x230/0x2b4 [ 119.071010][ T41] process_one_work+0x7e8/0x155c [ 119.072384][ T41] worker_thread+0x958/0xed8 [ 119.073750][ T41] kthread+0x5fc/0x75c [ 119.074904][ T41] ret_from_fork+0x10/0x20 [ 119.076218][ T41] irq event stamp: 848814 [ 119.077468][ T41] hardirqs last enabled at (848813): [] __console_unlock+0x70/0xc4 [ 119.080364][ T41] hardirqs last disabled at (848814): [] el1_brk64+0x1c/0x48 [ 119.082890][ T41] softirqs last enabled at (844656): [] batadv_nc_purge_paths+0x2f4/0x37c [ 119.085754][ T41] softirqs last disabled at (844654): [] batadv_nc_purge_paths+0xd0/0x37c [ 119.088623][ T41] ---[ end trace 0000000000000000 ]--- [ 119.128352][ T41] ------------[ cut here ]------------ [ 119.128406][ T41] Trying to vfree() nonexistent vm area (00000000d15d938c) [ 119.132122][ T41] WARNING: CPU: 0 PID: 41 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 119.134381][ T41] Modules linked in: [ 119.135504][ T41] CPU: 0 UID: 0 PID: 41 Comm: kworker/u8:2 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 119.139200][ T41] Tainted: [W]=WARN [ 119.140244][ T41] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.143060][ T41] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 119.144867][ T41] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 119.147066][ T41] pc : vfree+0x32c/0x3dc [ 119.148261][ T41] lr : vfree+0x32c/0x3dc [ 119.149410][ T41] sp : ffff8000990e7950 [ 119.150568][ T41] x29: ffff8000990e7960 x28: ffff00019bed34d4 x27: ffff00019bed34c0 [ 119.152920][ T41] x26: ffff00019bed34b0 x25: dfff800000000000 x24: 0000000000000001 [ 119.155254][ T41] x23: ffff0000c3173028 x22: 1fffe000184b1b71 x21: 0000000000000000 [ 119.157535][ T41] x20: ffff8000891ac400 x19: 0000000000000000 x18: 1fffe000337d4076 [ 119.159937][ T41] x17: ffff80008f66e000 x16: ffff80008aefc458 x15: 0000000000000001 [ 119.162181][ T41] x14: 1fffe000337d6af0 x13: 0000000000000000 x12: 0000000000000000 [ 119.164464][ T41] x11: ffff800093163c08 x10: 0000000000000003 x9 : e346dabeb8964700 [ 119.166710][ T41] x8 : e346dabeb8964700 x7 : ffff800080488a2c x6 : 0000000000000000 [ 119.168994][ T41] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 119.171228][ T41] x2 : 0000000000000006 x1 : ffff80008b538ee0 x0 : 0000000000000001 [ 119.173437][ T41] Call trace: [ 119.174423][ T41] vfree+0x32c/0x3dc (P) [ 119.175619][ T41] kvfree_rcu_bulk+0xc4/0x228 [ 119.176962][ T41] kfree_rcu_monitor+0x230/0x2b4 [ 119.178315][ T41] process_one_work+0x7e8/0x155c [ 119.179778][ T41] worker_thread+0x958/0xed8 [ 119.181132][ T41] kthread+0x5fc/0x75c [ 119.182262][ T41] ret_from_fork+0x10/0x20 [ 119.183504][ T41] irq event stamp: 849026 [ 119.184737][ T41] hardirqs last enabled at (849025): [] finish_lock_switch+0xb0/0x1c0 [ 119.187511][ T41] hardirqs last disabled at (849026): [] el1_brk64+0x1c/0x48 [ 119.189932][ T41] softirqs last enabled at (848998): [] handle_softirqs+0xaf8/0xc88 [ 119.192764][ T41] softirqs last disabled at (848817): [] __do_softirq+0x14/0x20 [ 119.195395][ T41] ---[ end trace 0000000000000000 ]--- [ 11 ** replaying previous printk message ** [ 119.207317][ T196] ------------[ cut here ]------------ [ 119.207373][ T196] Trying to vfree() bad address (00000000d15d938c) [ 119.207493][ T196] WARNING: CPU: 1 PID: 196 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 119.214310][ T196] Modules linked in: [ 119.215369][ T196] CPU: 1 UID: 0 PID: 196 Comm: kworker/u8:7 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 119.219279][ T196] Tainted: [W]=WARN [ 119.220394][ T196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.223243][ T196] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 119.225042][ T196] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 119.227317][ T196] pc : remove_vm_area+0x268/0x270 [ 119.228704][ T196] lr : remove_vm_area+0x264/0x270 [ 119.230182][ T196] sp : ffff80009bcf78e0 [ 119.231304][ T196] x29: ffff80009bcf78f0 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 119.233586][ T196] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 119.235898][ T196] x23: ffff0000c4703028 x22: 1fffe00018b583d1 x21: 0000000000000000 [ 119.238181][ T196] x20: 0000000000000000 x19: ffff8000891ac400 x18: 1fffe000337d8876 [ 119.240380][ T196] x17: 0000000000000000 x16: ffff80008ae63d08 x15: ffff700011ede144 [ 119.242642][ T196] x14: 1ffff00011ede144 x13: 0000000000000004 x12: ffffffffffffffff [ 119.244912][ T196] x11: ffff700011ede144 x10: 0000000000ff0100 x9 : 041103a251cbc900 [ 119.247082][ T196] x8 : 041103a251cbc900 x7 : 0000000000000001 x6 : 0000000000000001 [ 119.249311][ T196] x5 : ffff80009bcf7238 x4 : ffff80008f766be0 x3 : ffff80008054d314 [ 119.251553][ T196] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 119.253812][ T196] Call trace: [ 119.254723][ T196] remove_vm_area+0x268/0x270 (P) [ 119.256194][ T196] vfree+0xac/0x3dc [ 119.257261][ T196] kvfree_rcu_bulk+0xc4/0x228 [ 119.258552][ T196] kfree_rcu_monitor+0x230/0x2b4 [ 119.260074][ T196] process_one_work+0x7e8/0x155c [ 119.261454][ T196] worker_thread+0x958/0xed8 [ 119.262765][ T196] kthread+0x5fc/0x75c [ 119.263873][ T196] ret_from_fork+0x10/0x20 [ 119.265157][ T196] irq event stamp: 950690 [ 119.266323][ T196] hardirqs last enabled at (950689): [] __console_unlock+0x70/0xc4 [ 119.269002][ T196] hardirqs last disabled at (950690): [] el1_brk64+0x1c/0x48 [ 119.271547][ T196] softirqs last enabled at (949940): [] handle_softirqs+0xaf8/0xc88 [ 119.274259][ T196] softirqs last disabled at (949829): [] __do_softirq+0x14/0x20 [ 119.276834][ T196] ---[ end trace 0000000000000000 ]--- [ 11 ** replaying previous printk message ** [ 119.281648][ T196] ------------[ cut here ]------------ [ 119.281693][ T196] Trying to vfree() nonexistent vm area (00000000d15d938c) [ 119.281822][ T196] WARNING: CPU: 1 PID: 196 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 119.288716][ T196] Modules linked in: [ 119.289911][ T196] CPU: 1 UID: 0 PID: 196 Comm: kworker/u8:7 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 119.293713][ T196] Tainted: [W]=WARN [ 119.294793][ T196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.297704][ T196] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 119.299503][ T196] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 119.301743][ T196] pc : vfree+0x32c/0x3dc [ 119.302974][ T196] lr : vfree+0x32c/0x3dc [ 119.304194][ T196] sp : ffff80009bcf7950 [ 119.305357][ T196] x29: ffff80009bcf7960 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 119.307630][ T196] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 119.309911][ T196] x23: ffff0000c4703028 x22: 1fffe00018b583d1 x21: 0000000000000000 [ 119.312206][ T196] x20: ffff8000891ac400 x19: 0000000000000000 x18: 1fffe000337d8876 [ 119.314538][ T196] x17: 0000000000000000 x16: ffff80008aefc458 x15: 0000000000000001 [ 119.316761][ T196] x14: 1fffe000337d88e2 x13: 0000000000000000 x12: 0000000000000000 [ 119.318989][ T196] x11: ffff6000337d88e3 x10: 0000000000ff0100 x9 : 041103a251cbc900 [ 119.321160][ T196] x8 : 041103a251cbc900 x7 : 0000000000000001 x6 : 0000000000000001 [ 119.323354][ T196] x5 : ffff80009bcf7298 x4 : ffff80008f766be0 x3 : ffff8000807bcfac [ 119.325614][ T196] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 119.327908][ T196] Call trace: [ 119.328790][ T196] vfree+0x32c/0x3dc (P) [ 119.330053][ T196] kvfree_rcu_bulk+0xc4/0x228 [ 119.331370][ T196] kfree_rcu_monitor+0x230/0x2b4 [ 119.332810][ T196] process_one_work+0x7e8/0x155c [ 119.334258][ T196] worker_thread+0x958/0xed8 [ 119.335580][ T196] kthread+0x5fc/0x75c [ 119.336747][ T196] ret_from_fork+0x10/0x20 [ 119.338028][ T196] irq event stamp: 950876 [ 119.339228][ T196] hardirqs last enabled at (950875): [] __console_unlock+0x70/0xc4 [ 119.341924][ T196] hardirqs last disabled at (950876): [] el1_brk64+0x1c/0x48 [ 119.344490][ T196] softirqs last enabled at (950852): [] handle_softirqs+0xaf8/0xc88 [ 119.347205][ T196] softirqs last disabled at (950693): [] __do_softirq+0x14/0x20 [ 119.349817][ T196] ---[ end trace 0000000000000000 ]--- [ 119.399397][ T14] ------------[ cut here ]------------ [ 119.399500][ T14] Trying to vfree() bad address (00000000d15d938c) [ 119.399646][ T14] WARNING: CPU: 0 PID: 14 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 119.405320][ T14] Modules linked in: [ 119.406505][ T14] CPU: 0 UID: 0 PID: 14 Comm: kworker/u8:1 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 119.410220][ T14] Tainted: [W]=WARN [ 119.411273][ T14] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.414168][ T14] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 119.415909][ T14] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 119.418087][ T14] pc : remove_vm_area+0x268/0x270 [ 119.419435][ T14] lr : remove_vm_area+0x264/0x270 [ 119.420846][ T14] sp : ffff800097aa78f0 [ 119.422011][ T14] x29: ffff800097aa7900 x28: 1ffff00011ece29b x27: dfff800000000000 [ 119.424219][ T14] x26: ffff0000c1a1ec18 x25: dfff800000000000 x24: 0000000000000001 [ 119.426388][ T14] x23: ffff0000c4702028 x22: 1fffe0001833f3d1 x21: 0000000000000000 [ 119.428601][ T14] x20: 0000000000000000 x19: ffff8000891ac400 x18: 00000000ffffffff [ 119.430861][ T14] x17: 0000000000000000 x16: ffff80008aefc458 x15: 0000000000000001 [ 119.433115][ T14] x14: 1fffe000337d6af0 x13: 0000000000000000 x12: 0000000000000000 [ 119.435385][ T14] x11: ffff800093163c08 x10: 0000000000000003 x9 : f2262904befb8400 [ 119.437628][ T14] x8 : f2262904befb8400 x7 : ffff80008af07ce0 x6 : 0000000000000000 [ 119.439843][ T14] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 119.442011][ T14] x2 : 0000000000000006 x1 : ffff80008b538ee0 x0 : 0000000000000001 [ 119.444230][ T14] Call trace: [ 119.445141][ T14] remove_vm_area+0x268/0x270 (P) [ 119.446518][ T14] vfree+0xac/0x3dc [ 119.447568][ T14] kvfree_rcu_bulk+0xc4/0x228 [ 119.448831][ T14] kfree_rcu_work+0xe0/0x140 [ 119.450136][ T14] process_one_work+0x7e8/0x155c [ 119.451500][ T14] worker_thread+0x958/0xed8 [ 119.452819][ T14] kthread+0x5fc/0x75c [ 119.454009][ T14] ret_from_fork+0x10/0x20 [ 119.455269][ T14] irq event stamp: 1034600 [ 119.456616][ T14] hardirqs last enabled at (1034599): [] raw_spin_rq_unlock_irq+0x14/0x24 [ 119.459568][ T14] hardirqs last disabled at (1034600): [] el1_brk64+0x1c/0x48 [ 119.462117][ T14] softirqs last enabled at (1033772): [] batadv_nc_purge_paths+0x2f4/0x37c [ 119.464989][ T14] softirqs last disabled at (1033770): [] batadv_nc_purge_paths+0xd0/0x37c [ 119.467892][ T14] ---[ end trace 0000000000000000 ]--- [ 119.47 ** replaying previous printk message ** [ 119.472401][ T14] ------------[ cut here ]------------ [ 119.472461][ T14] Trying to vfree() nonexistent vm area (00000000d15d938c) [ 119.472872][ T14] WARNING: CPU: 0 PID: 14 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 119.479464][ T14] Modules linked in: [ 119.480643][ T14] CPU: 0 UID: 0 PID: 14 Comm: kworker/u8:1 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 119.484338][ T14] Tainted: [W]=WARN [ 119.485409][ T14] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.488202][ T14] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 119.489933][ T14] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 119.492064][ T14] pc : vfree+0x32c/0x3dc [ 119.493205][ T14] lr : vfree+0x32c/0x3dc [ 119.494350][ T14] sp : ffff800097aa7960 [ 119.495432][ T14] x29: ffff800097aa7970 x28: 1ffff00011ece29b x27: dfff800000000000 [ 119.497627][ T14] x26: ffff0000c1a1ec18 x25: dfff800000000000 x24: 0000000000000001 [ 119.499803][ T14] x23: ffff0000c4702028 x22: 1fffe0001833f3d1 x21: 0000000000000000 [ 119.502023][ T14] x20: ffff8000891ac400 x19: 0000000000000000 x18: 1fffe000337d4076 [ 119.504158][ T14] x17: ffff80008f66e000 x16: ffff80008aefc458 x15: 0000000000000001 [ 119.506388][ T14] x14: 1fffe000337d6af0 x13: 0000000000000000 x12: 0000000000000000 [ 119.508670][ T14] x11: ffff800093163c08 x10: 0000000000000003 x9 : f2262904befb8400 [ 119.511022][ T14] x8 : f2262904befb8400 x7 : ffff800080488a2c x6 : 0000000000000000 [ 119.513190][ T14] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 119.515464][ T14] x2 : 0000000000000006 x1 : ffff80008b538ee0 x0 : 0000000000000001 [ 119.517697][ T14] Call trace: [ 119.518588][ T14] vfree+0x32c/0x3dc (P) [ 119.519770][ T14] kvfree_rcu_bulk+0xc4/0x228 [ 119.521081][ T14] kfree_rcu_work+0xe0/0x140 [ 119.522326][ T14] process_one_work+0x7e8/0x155c [ 119.523668][ T14] worker_thread+0x958/0xed8 [ 119.524986][ T14] kthread+0x5fc/0x75c [ 119.526282][ T14] ret_from_fork+0x10/0x20 [ 119.527561][ T14] irq event stamp: 1034822 [ 119.528892][ T14] hardirqs last enabled at (1034821): [] finish_lock_switch+0xb0/0x1c0 [ 119.531754][ T14] hardirqs last disabled at (1034822): [] el1_brk64+0x1c/0x48 [ 119.534274][ T14] softirqs last enabled at (1034796): [] handle_softirqs+0xaf8/0xc88 [ 119.537043][ T14] softirqs last disabled at (1034603): [] __do_softirq+0x14/0x20 [ 119.539696][ T14] ---[ end trace 0000000000000000 ]--- 1970/01/01 00:02:02 executed programs: 237 [ 124.172277][ T149] ------------[ cut here ]------------ [ 124.172329][ T149] Trying to vfree() bad address (00000000d15d938c) [ 124.177215][ T149] WARNING: CPU: 1 PID: 149 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 124.179543][ T149] Modules linked in: [ 124.180634][ T149] CPU: 1 UID: 0 PID: 149 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 124.184444][ T149] Tainted: [W]=WARN [ 124.185493][ T149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.188311][ T149] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 124.190168][ T149] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 124.192379][ T149] pc : remove_vm_area+0x268/0x270 [ 124.193838][ T149] lr : remove_vm_area+0x264/0x270 [ 124.195313][ T149] sp : ffff800099fb78e0 [ 124.196488][ T149] x29: ffff800099fb78f0 x28: ffff00019bed34d4 x27: ffff00019bed34c0 [ 124.198809][ T149] x26: ffff00019bed34b0 x25: dfff800000000000 x24: 0000000000000001 [ 124.201087][ T149] x23: ffff0000c3172028 x22: 1fffe00018ac73d1 x21: 0000000000000000 [ 124.203394][ T149] x20: 0000000000000000 x19: ffff8000891ac400 x18: 1fffe000337d8876 [ 124.205703][ T149] x17: ffff80008f66e000 x16: ffff80008aefc458 x15: 0000000000000001 [ 124.207904][ T149] x14: 1fffe000337db2f0 x13: 0000000000000000 x12: 0000000000000000 [ 124.210163][ T149] x11: ffff800093163c08 x10: 0000000000000003 x9 : 672a4a3076b94300 [ 124.212477][ T149] x8 : 672a4a3076b94300 x7 : ffff800080488a2c x6 : 0000000000000000 [ 124.214646][ T149] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 124.216933][ T149] x2 : 0000000000000006 x1 : ffff80008b538ee0 x0 : 0000000000000001 [ 124.219126][ T149] Call trace: [ 124.220048][ T149] remove_vm_area+0x268/0x270 (P) [ 124.221559][ T149] vfree+0xac/0x3dc [ 124.222648][ T149] kvfree_rcu_bulk+0xc4/0x228 [ 124.223996][ T149] kfree_rcu_monitor+0x230/0x2b4 [ 124.225365][ T149] process_one_work+0x7e8/0x155c [ 124.226717][ T149] worker_thread+0x958/0xed8 [ 124.228049][ T149] kthread+0x5fc/0x75c [ 124.229229][ T149] ret_from_fork+0x10/0x20 [ 124.230512][ T149] irq event stamp: 2366036 [ 124.231740][ T149] hardirqs last enabled at (2366035): [] finish_lock_switch+0xb0/0x1c0 [ 124.234569][ T149] hardirqs last disabled at (2366036): [] el1_brk64+0x1c/0x48 [ 124.237148][ T149] softirqs last enabled at (2365986): [] nsim_dev_trap_report_work+0x67c/0x9fc [ 124.240071][ T149] softirqs last disabled at (2365984): [] nsim_dev_trap_report_work+0x5f4/0x9fc [ 124.243017][ T149] ---[ end trace 0000000000000000 ]--- [ 1 ** replaying previous printk message ** [ 124.246189][ T149] ------------[ cut here ]------------ [ 124.246239][ T149] Trying to vfree() nonexistent vm area (00000000d15d938c) [ 124.246359][ T149] WARNING: CPU: 0 PID: 149 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 124.252916][ T149] Modules linked in: [ 124.254017][ T149] CPU: 0 UID: 0 PID: 149 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 124.257915][ T149] Tainted: [W]=WARN [ 124.259036][ T149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.261956][ T149] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 124.263815][ T149] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 124.265979][ T149] pc : vfree+0x32c/0x3dc [ 124.267210][ T149] lr : vfree+0x32c/0x3dc [ 124.268462][ T149] sp : ffff800099fb7950 [ 124.269642][ T149] x29: ffff800099fb7960 x28: ffff00019bed34d4 x27: ffff00019bed34c0 [ 124.271940][ T149] x26: ffff00019bed34b0 x25: dfff800000000000 x24: 0000000000000001 [ 124.274239][ T149] x23: ffff0000c3172028 x22: 1fffe00018ac73d1 x21: 0000000000000000 [ 124.276456][ T149] x20: ffff8000891ac400 x19: 0000000000000000 x18: 1fffe000337d8876 [ 124.278743][ T149] x17: 0000000000000000 x16: ffff80008ae63d08 x15: ffff700011ede144 [ 124.280999][ T149] x14: 1ffff00011ede144 x13: 0000000000000004 x12: ffffffffffffffff [ 124.283231][ T149] x11: ffff700011ede144 x10: 0000000000ff0100 x9 : 672a4a3076b94300 [ 124.285622][ T149] x8 : 672a4a3076b94300 x7 : 0000000000000001 x6 : 0000000000000001 [ 124.287920][ T149] x5 : ffff800099fb7298 x4 : ffff80008f766be0 x3 : ffff80008054d314 [ 124.290320][ T149] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 124.292632][ T149] Call trace: [ 124.293614][ T149] vfree+0x32c/0x3dc (P) [ 124.294847][ T149] kvfree_rcu_bulk+0xc4/0x228 [ 124.296206][ T149] kfree_rcu_monitor+0x230/0x2b4 [ 124.297614][ T149] process_one_work+0x7e8/0x155c [ 124.299036][ T149] worker_thread+0x958/0xed8 [ 124.300272][ T149] kthread+0x5fc/0x75c [ 124.301598][ T149] ret_from_fork+0x10/0x20 [ 124.302894][ T149] irq event stamp: 2366118 [ 124.304134][ T149] hardirqs last enabled at (2366117): [] __console_unlock+0x70/0xc4 [ 124.306840][ T149] hardirqs last disabled at (2366118): [] el1_brk64+0x1c/0x48 [ 124.309440][ T149] softirqs last enabled at (2366084): [] handle_softirqs+0xaf8/0xc88 [ 124.312303][ T149] softirqs last disabled at (2366039): [] __do_softirq+0x14/0x20 [ 124.315016][ T149] ---[ end trace 0000000000000000 ]--- [ 124.318610][ T149] ------------[ cut here ]------------ [ 124.318661][ T149] Trying to vfree() bad address (00000000d15d938c) [ 124.322638][ T149] WARNING: CPU: 1 PID: 149 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 124.325115][ T149] Modules linked in: [ 124.326257][ T149] CPU: 1 UID: 0 PID: 149 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 124.330209][ T149] Tainted: [W]=WARN [ 124.331347][ T149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.334188][ T149] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 124.336037][ T149] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 124.338238][ T149] pc : remove_vm_area+0x268/0x270 [ 124.339642][ T149] lr : remove_vm_area+0x264/0x270 [ 124.341125][ T149] sp : ffff800099fb78e0 [ 124.342336][ T149] x29: ffff800099fb78f0 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 124.344595][ T149] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 124.346927][ T149] x23: ffff0000c4702028 x22: 1fffe00018ac73d1 x21: 0000000000000000 [ 124.349213][ T149] x20: 0000000000000000 x19: ffff8000891ac400 x18: 1fffe000337d8876 [ 124.351423][ T149] x17: ffff80008f66e000 x16: ffff80008aefc458 x15: 0000000000000001 [ 124.353812][ T149] x14: 1fffe000337db2f0 x13: 0000000000000000 x12: 0000000000000000 [ 124.356056][ T149] x11: ffff800093163c08 x10: 0000000000000003 x9 : 672a4a3076b94300 [ 124.358397][ T149] x8 : 672a4a3076b94300 x7 : ffff800080488a2c x6 : 0000000000000000 [ 124.360732][ T149] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 124.363049][ T149] x2 : 0000000000000006 x1 : ffff80008b538ee0 x0 : 0000000000000001 [ 124.365445][ T149] Call trace: [ 124.366437][ T149] remove_vm_area+0x268/0x270 (P) [ 124.367879][ T149] vfree+0xac/0x3dc [ 124.368941][ T149] kvfree_rcu_bulk+0xc4/0x228 [ 124.370315][ T149] kfree_rcu_monitor+0x230/0x2b4 [ 124.371692][ T149] process_one_work+0x7e8/0x155c [ 124.373096][ T149] worker_thread+0x958/0xed8 [ 124.374387][ T149] kthread+0x5fc/0x75c [ 124.375556][ T149] ret_from_fork+0x10/0x20 [ 124.376795][ T149] irq event stamp: 2366362 [ 124.378028][ T149] hardirqs last enabled at (2366361): [] finish_lock_switch+0xb0/0x1c0 [ 124.380846][ T149] hardirqs last disabled at (2366362): [] el1_brk64+0x1c/0x48 [ 124.383450][ T149] softirqs last enabled at (2366322): [] handle_softirqs+0xaf8/0xc88 [ 124.386297][ T149] softirqs last disabled at (2366121): [] __do_softirq+0x14/0x20 [ 124.389060][ T149] ---[ end trace 0000000000000000 ]--- [ 124.392699][ T149] ------------[ cut here ]------------ [ 124.392750][ T149] Trying to vfree() nonexistent vm area (00000000d15d938c) [ 124.396763][ T149] WARNING: CPU: 1 PID: 149 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 124.398996][ T149] Modules linked in: [ 124.400076][ T149] CPU: 1 UID: 0 PID: 149 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 124.403932][ T149] Tainted: [W]=WARN [ 124.405025][ T149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.407922][ T149] Workqueue: kvfree_rcu_reclaim kfree_rcu_monitor [ 124.409773][ T149] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 124.412070][ T149] pc : vfree+0x32c/0x3dc [ 124.413334][ T149] lr : vfree+0x32c/0x3dc [ 124.414553][ T149] sp : ffff800099fb7950 [ 124.415740][ T149] x29: ffff800099fb7960 x28: ffff00019beaf4d4 x27: ffff00019beaf4c0 [ 124.418072][ T149] x26: ffff00019beaf4b0 x25: dfff800000000000 x24: 0000000000000001 [ 124.420340][ T149] x23: ffff0000c4702028 x22: 1fffe00018ac73d1 x21: 0000000000000000 [ 124.422658][ T149] x20: ffff8000891ac400 x19: 0000000000000000 x18: 1fffe000337d8876 [ 124.424981][ T149] x17: ffff80008f66e000 x16: ffff80008aefc458 x15: 0000000000000001 [ 124.427289][ T149] x14: 1fffe000337db2f0 x13: 0000000000000000 x12: 0000000000000000 [ 124.429614][ T149] x11: ffff800093163c08 x10: 0000000000000003 x9 : 672a4a3076b94300 [ 124.431942][ T149] x8 : 672a4a3076b94300 x7 : ffff800080488a2c x6 : 0000000000000000 [ 124.433992][ T149] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 124.435908][ T149] x2 : 0000000000000006 x1 : ffff80008b538ee0 x0 : 0000000000000001 [ 124.437829][ T149] Call trace: [ 124.438605][ T149] vfree+0x32c/0x3dc (P) [ 124.439645][ T149] kvfree_rcu_bulk+0xc4/0x228 [ 124.440983][ T149] kfree_rcu_monitor+0x230/0x2b4 [ 124.442466][ T149] process_one_work+0x7e8/0x155c [ 124.443931][ T149] worker_thread+0x958/0xed8 [ 124.445253][ T149] kthread+0x5fc/0x75c [ 124.446466][ T149] ret_from_fork+0x10/0x20 [ 124.447691][ T149] irq event stamp: 2366430 [ 124.449075][ T149] hardirqs last enabled at (2366429): [] finish_lock_switch+0xb0/0x1c0 [ 124.451939][ T149] hardirqs last disabled at (2366430): [] el1_brk64+0x1c/0x48 [ 124.454479][ T149] softirqs last enabled at (2366402): [] handle_softirqs+0xaf8/0xc88 [ 124.457128][ T149] softirqs last disabled at (2366367): [] __do_softirq+0x14/0x20 [ 124.460035][ T149] ---[ end trace 0000000000000000 ]--- [ 124.493777][ T149] ------------[ cut here ]------------ [ 124.493835 ** replaying previous printk message ** [ 124.493835][ T149] Trying to vfree() bad address (00000000d15d938c) [ 124.495661][ T149] WARNING: CPU: 0 PID: 149 at mm/vmalloc.c:3274 remove_vm_area+0x268/0x270 [ 124.500896][ T149] Modules linked in: [ 124.501898][ T149] CPU: 0 UID: 0 PID: 149 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 124.505753][ T149] Tainted: [W]=WARN [ 124.506834][ T149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.509701][ T149] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 124.511426][ T149] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 124.513655][ T149] pc : remove_vm_area+0x268/0x270 [ 124.515105][ T149] lr : remove_vm_area+0x264/0x270 [ 124.516458][ T149] sp : ffff800099fb78f0 [ 124.517661][ T149] x29: ffff800099fb7900 x28: 1ffff00011ece29b x27: dfff800000000000 [ 124.520039][ T149] x26: ffff0000c48c3518 x25: dfff800000000000 x24: 0000000000000001 [ 124.522297][ T149] x23: ffff0000c4704028 x22: 1fffe00018ac73d1 x21: 0000000000000000 [ 124.524510][ T149] x20: 0000000000000000 x19: ffff8000891ac400 x18: 1fffe000337d4076 [ 124.526786][ T149] x17: ffff80008f66e000 x16: ffff80008aefc458 x15: 0000000000000001 [ 124.529042][ T149] x14: 1fffe000337d6af0 x13: 0000000000000000 x12: 0000000000000000 [ 124.531351][ T149] x11: ffff800093163c08 x10: 0000000000000003 x9 : 672a4a3076b94300 [ 124.533701][ T149] x8 : 672a4a3076b94300 x7 : ffff800080488a2c x6 : 0000000000000000 [ 124.536035][ T149] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010 [ 124.538321][ T149] x2 : 0000000000000006 x1 : ffff80008b538ee0 x0 : 0000000000000001 [ 124.540724][ T149] Call trace: [ 124.541657][ T149] remove_vm_area+0x268/0x270 (P) [ 124.543112][ T149] vfree+0xac/0x3dc [ 124.544191][ T149] kvfree_rcu_bulk+0xc4/0x228 [ 124.545530][ T149] kfree_rcu_work+0xe0/0x140 [ 124.546824][ T149] process_one_work+0x7e8/0x155c [ 124.548218][ T149] worker_thread+0x958/0xed8 [ 124.549543][ T149] kthread+0x5fc/0x75c [ 124.550743][ T149] ret_from_fork+0x10/0x20 [ 124.552049][ T149] irq event stamp: 2367860 [ 124.553265][ T149] hardirqs last enabled at (2367859): [] finish_lock_switch+0xb0/0x1c0 [ 124.556111][ T149] hardirqs last disabled at (2367860): [] el1_brk64+0x1c/0x48 [ 124.558641][ T149] softirqs last enabled at (2366576): [] ieee80211_ibss_work+0x294/0xd50 [ 124.561506][ T149] softirqs last disabled at (2366574): [] ieee80211_ibss_work+0xc0/0xd50 [ 124.564333][ T149] ---[ end trace 0000000000000000 ]--- [ 124.568914][ T149] ------------[ cut here ]------------ [ 124.568961][ T149] Trying to vfree() nonexistent vm area (00000000d15d938c) [ 124.569087][ T149] WARNING: CPU: 0 PID: 149 at mm/vmalloc.c:3409 vfree+0x32c/0x3dc [ 124.574867][ T149] Modules linked in: [ 124.575970][ T149] CPU: 0 UID: 0 PID: 149 Comm: kworker/u8:5 Tainted: G W 6.16.0-rc5-syzkaller-00067-gec4801305969-dirty #0 PREEMPT [ 124.579829][ T149] Tainted: [W]=WARN [ 124.580952][ T149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.583720][ T149] Workqueue: kvfree_rcu_reclaim kfree_rcu_work [ 124.585478][ T149] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 124.587655][ T149] pc : vfree+0x32c/0x3dc [ 124.588902][ T149] lr : vfree+0x32c/0x3dc [ 124.590091][ T149] sp : ffff800099fb7960 [ 124.591291][ T149] x29: ffff800099fb7970 x28: 1ffff00011ece29b x27: dfff800000000000 [ 124.593585][ T149] x26: ffff0000c48c3518 x25: dfff800000000000 x24: 0000000000000001 [ 124.595818][ T149] x23: ffff0000c4704028 x22: 1fffe00018ac73d1 x21: 0000000000000000 [ 124.598160][ T149] x20: ffff8000891ac400 x19: 0000000000000000 x18: 1fffe000337d4076 [ 124.600365][ T149] x17: 0000000000000000 x16: ffff80008ae63d08 x15: ffff700011ede144 [ 124.602689][ T149] x14: 1ffff00011ede144 x13: 0000000000000004 x12: ffffffffffffffff [ 124.604883][ T149] x11: ffff700011ede144 x10: 0000000000ff0100 x9 : 672a4a3076b94300 [ 124.607203][ T149] x8 : 672a4a3076b94300 x7 : 0000000000000001 x6 : 0000000000000001 [ 124.609464][ T149] x5 : ffff800099fb72b8 x4 : ffff80008f766be0 x3 : ffff80008054d314 [ 124.611742][ T149] x2 : 0000000000000000 x1 : 0000000100000000 x0 : 0000000000000000 [ 124.614061][ T149] Call trace: [ 124.614955][ T149] vfree+0x32c/0x3dc (P) [ 124.616138][ T149] kvfree_rcu_bulk+0xc4/0x228 [ 124.617500][ T149] kfree_rcu_work+0xe0/0x140 [ 124.618765][ T149] process_one_work+0x7e8/0x155c [ 124.620151][ T149] worker_thread+0x958/0xed8 [ 124.621492][ T149] kthread+0x5fc/0x75c [ 124.622606][ T149] ret_from_fork+0x10/0x20 [ 124.623836][ T149] irq event stamp: 2367924 [ 124.625111][ T149] hardirqs last enabled at (2367923): [] __console_unlock+0x70/0xc4 [ 124.627781][ T149] hardirqs last disabled at (2367924): [] el1_brk64+0x1c/0x48 [ 124.630433][ T149] softirqs last enabled at (2367898): [] handle_softirqs+0xaf8/0xc88 [ 124.633219][ T149] softirqs last disabled at (2367865): [] __do_softirq+0x14/0x20 [ 124.635894][ T149] ---[ end trace 0000000000000000 ]--- [ 126.173892][ T2407] ieee802154 phy0 wpan0: encryption failed: -22 [ 126.173981][ T2407] ieee802154 phy1 wpan1: encryption failed: -22