Warning: Permanently added '10.128.1.103' (ED25519) to the list of known hosts. 2025/10/04 19:56:14 parsed 1 programs [ 106.803083][ T4603] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS [ 108.631966][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.640331][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.662646][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 108.673774][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.681885][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.691234][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 109.801515][ T4647] chnl_net:caif_netlink_parms(): no params data found [ 109.863136][ T4647] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.870305][ T4647] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.878806][ T4647] device bridge_slave_0 entered promiscuous mode [ 109.887416][ T4647] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.894639][ T4647] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.903709][ T4647] device bridge_slave_1 entered promiscuous mode [ 109.931381][ T4647] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.943262][ T4647] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.973811][ T4647] team0: Port device team_slave_0 added [ 109.982877][ T4647] team0: Port device team_slave_1 added [ 110.004972][ T4647] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 110.012366][ T4647] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.038626][ T4647] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 110.051296][ T4647] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 110.058478][ T4647] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 110.084638][ T4647] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 110.125483][ T4647] device hsr_slave_0 entered promiscuous mode [ 110.132722][ T4647] device hsr_slave_1 entered promiscuous mode [ 110.850831][ T4647] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 110.862325][ T4647] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 110.881025][ T4647] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 110.891180][ T4647] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 111.013064][ T4647] 8021q: adding VLAN 0 to HW filter on device bond0 [ 111.027877][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 111.038425][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 111.050485][ T4647] 8021q: adding VLAN 0 to HW filter on device team0 [ 111.085133][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 111.095562][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 111.106466][ T144] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.113658][ T144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 111.123859][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 111.145379][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 111.154464][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 111.163494][ T144] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.170592][ T144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 111.205396][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 111.224919][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 111.235009][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 111.247079][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 111.259534][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 111.294220][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 111.304700][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 111.315090][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 111.326354][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 111.337779][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 111.348762][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 111.384129][ T4647] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 111.557785][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 111.565439][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 111.578928][ T4647] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.636469][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 111.647486][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 111.669458][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 111.680028][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 111.694295][ T4647] device veth0_vlan entered promiscuous mode [ 111.716655][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 111.724916][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 111.738622][ T4647] device veth1_vlan entered promiscuous mode [ 111.764694][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 111.775954][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 111.784703][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 111.795669][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 111.813282][ T4647] device veth0_macvtap entered promiscuous mode [ 111.839106][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 111.867772][ T4647] device veth1_macvtap entered promiscuous mode [ 111.890160][ T4647] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.898239][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 111.917579][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 111.937013][ T4647] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.950752][ T4647] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.963041][ T4647] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.971884][ T4647] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.981136][ T4647] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 112.018366][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 112.027916][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2025/10/04 19:56:26 executed programs: 0 [ 114.180957][ T154] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.415417][ T4816] chnl_net:caif_netlink_parms(): no params data found [ 114.487214][ T4816] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.494682][ T4816] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.503382][ T4816] device bridge_slave_0 entered promiscuous mode [ 114.511955][ T4816] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.519636][ T4816] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.528019][ T4816] device bridge_slave_1 entered promiscuous mode [ 114.555540][ T4816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 114.567270][ T4816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 114.601784][ T4816] team0: Port device team_slave_0 added [ 114.609929][ T4816] team0: Port device team_slave_1 added [ 114.633676][ T4816] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 114.640782][ T4816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.671422][ T4816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 114.685382][ T4816] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 114.692411][ T4816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 114.718815][ T4816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 114.765826][ T4816] device hsr_slave_0 entered promiscuous mode [ 114.773162][ T4816] device hsr_slave_1 entered promiscuous mode [ 114.780035][ T4816] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.790659][ T4816] Cannot create hsr debugfs directory [ 116.302666][ T13] Bluetooth: hci0: command 0x0409 tx timeout [ 116.418079][ T154] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.481340][ T154] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.540212][ T154] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.448833][ T4816] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 117.459796][ T4816] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 117.470888][ T4816] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 117.499853][ T4816] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 117.597129][ T4816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 117.611000][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 117.621561][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 117.635049][ T4816] 8021q: adding VLAN 0 to HW filter on device team0 [ 117.668719][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 117.677882][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 117.686849][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.693989][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.705247][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 117.714027][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 117.722587][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.729792][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.737725][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 117.747123][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 117.763714][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 117.775341][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 117.788162][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 117.809629][ T154] device hsr_slave_0 left promiscuous mode [ 117.818751][ T154] device hsr_slave_1 left promiscuous mode [ 117.828367][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 117.839355][ T154] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 117.848554][ T154] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 117.858621][ T154] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 117.866715][ T154] device bridge_slave_1 left promiscuous mode [ 117.877723][ T154] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.886715][ T154] device bridge_slave_0 left promiscuous mode [ 117.893588][ T154] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.907248][ T154] device veth1_macvtap left promiscuous mode [ 117.914154][ T154] device veth0_macvtap left promiscuous mode [ 117.922376][ T154] device veth1_vlan left promiscuous mode [ 117.928185][ T154] device veth0_vlan left promiscuous mode [ 118.138676][ T154] team0 (unregistering): Port device team_slave_1 removed [ 118.159252][ T154] team0 (unregistering): Port device team_slave_0 removed [ 118.173783][ T154] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 118.198116][ T154] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 118.281575][ T154] bond0 (unregistering): Released all slaves [ 118.351951][ T4816] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 118.367449][ T4816] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 118.380251][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 118.388015][ T4293] Bluetooth: hci0: command 0x041b tx timeout [ 118.396398][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 118.405936][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 118.415246][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 118.424252][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 118.433559][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 118.442566][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 118.451042][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 118.658899][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 118.666498][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 118.679038][ T4816] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 118.719673][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 118.729672][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 118.750454][ T4816] device veth0_vlan entered promiscuous mode [ 118.758414][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 118.767763][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 118.779717][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 118.788788][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 118.814215][ T4816] device veth1_vlan entered promiscuous mode [ 118.843231][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 118.855711][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 118.866944][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 118.878007][ T3087] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 118.889021][ T4816] device veth0_macvtap entered promiscuous mode [ 118.905091][ T4816] device veth1_macvtap entered promiscuous mode [ 118.925593][ T4816] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 118.937325][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 118.946520][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 118.955757][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 118.965970][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 118.977599][ T4816] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 118.992803][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 119.001638][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 119.021284][ T4816] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.042074][ T4816] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.050816][ T4816] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.060080][ T4816] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 119.125268][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.138148][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.155887][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready 2025/10/04 19:56:31 executed programs: 2 [ 119.174681][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 119.192411][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 119.201594][ T1167] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 120.473547][ T2305] Bluetooth: hci0: command 0x040f tx timeout [ 122.542159][ T4291] Bluetooth: hci0: command 0x0419 tx timeout [ 132.946096][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.952502][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.992124][ T21] Bluetooth: hci1: command 0x0409 tx timeout [ 140.092298][ T23] Bluetooth: hci1: command 0x041b tx timeout [ 142.142155][ T23] Bluetooth: hci1: command 0x040f tx timeout [ 144.242266][ T23] Bluetooth: hci1: command 0x0419 tx timeout [ 194.394475][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.400919][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.092161][ T21] Bluetooth: hci2: command 0x0409 tx timeout [ 200.142189][ T21] Bluetooth: hci2: command 0x041b tx timeout [ 202.242179][ T21] Bluetooth: hci2: command 0x040f tx timeout [ 204.343277][ T21] Bluetooth: hci2: command 0x0419 tx timeout [ 225.941985][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 225.949155][ C1] rcu: 0-...!: (0 ticks this GP) idle=45f/1/0x4000000000000002 softirq=10168/10168 fqs=0 [ 225.960084][ C1] (detected by 1, t=10505 jiffies, g=12417, q=490) [ 225.966793][ C1] Sending NMI from CPU 1 to CPUs 0: [ 225.972020][ C0] NMI backtrace for cpu 0 [ 225.972050][ C0] CPU: 0 PID: 5078 Comm: syz.0.29 Not tainted syzkaller #0 [ 225.972067][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 225.972083][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 [ 225.972117][ C0] Code: 66 2e 0f 1f 84 00 00 00 00 00 53 48 89 fb e8 17 00 00 00 48 8b 3d 90 cd f1 0b 48 89 de 5b e9 47 9e 43 00 00 00 cc cc 00 00 cc <48> 8b 04 24 65 48 8b 0d 64 a5 8a 7e 65 8b 15 65 a5 8a 7e 81 e2 00 [ 225.972131][ C0] RSP: 0018:ffffc9000300f320 EFLAGS: 00000097 [ 225.972145][ C0] RAX: ffffffff817deaab RBX: 0000000000000000 RCX: ffff88802a148000 [ 225.972158][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 225.972167][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 225.972177][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 225.972186][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 225.972196][ C0] FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 225.972210][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 225.972222][ C0] CR2: 00004000000003c0 CR3: 000000007de20000 CR4: 00000000003506f0 [ 225.972236][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 225.972246][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 225.972256][ C0] Call Trace: [ 225.972262][ C0] [ 225.972269][ C0] trace_hardirqs_off_finish+0x85/0x1f0 [ 225.972292][ C0] irqentry_enter+0x33/0x50 [ 225.972316][ C0] sysvec_irq_work+0xa/0xc0 [ 225.972332][ C0] asm_sysvec_irq_work+0x16/0x20 [ 225.972350][ C0] RIP: 0010:rcu_read_unlock_special+0x84/0x480 [ 225.972368][ C0] Code: f1 f1 f1 00 f2 f2 f2 4a 89 04 2b 66 42 c7 44 2b 09 f3 f3 42 c6 44 2b 0b f3 65 44 8b 35 ad 13 9e 7e 41 f7 c6 00 00 f0 00 74 45 <48> c7 44 24 20 0e 36 e0 45 4a c7 04 2b 00 00 00 00 66 42 c7 44 2b [ 225.972381][ C0] RSP: 0018:ffffc9000300f420 EFLAGS: 00000206 [ 225.972393][ C0] RAX: 02dd9152ca45d800 RBX: 1ffff92000601e88 RCX: 02dd9152ca45d800 [ 225.972406][ C0] RDX: dffffc0000000000 RSI: ffffffff8a0b1820 RDI: ffffffff8a59a4c0 [ 225.972418][ C0] RBP: ffffc9000300f4f0 R08: dffffc0000000000 R09: fffffbfff1ff7a19 [ 225.972430][ C0] R10: fffffbfff1ff7a19 R11: 1ffffffff1ff7a18 R12: ffffffff8c120b00 [ 225.972443][ C0] R13: dffffc0000000000 R14: 0000000000000246 R15: 0000000000000001 [ 225.972463][ C0] ? __rcu_read_unlock+0xd0/0xd0 [ 225.972479][ C0] ? rcu_lock_acquire+0x30/0x30 [ 225.972497][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 225.972519][ C0] __rcu_read_unlock+0x78/0xd0 [ 225.972535][ C0] __unlock_page_memcg+0xea/0x100 [ 225.972556][ C0] unmap_page_range+0xfbc/0x2520 [ 225.972580][ C0] ? uprobe_munmap+0x165/0x3f0 [ 225.972603][ C0] unmap_vmas+0x11b/0x230 [ 225.972617][ C0] ? uprobe_clear_state+0x4f/0x460 [ 225.972633][ C0] ? unmap_page_range+0x2520/0x2520 [ 225.972647][ C0] ? __mutex_lock_common+0x431/0x2390 [ 225.972670][ C0] ? memset+0x1e/0x40 [ 225.972689][ C0] exit_mmap+0x38f/0x5f0 [ 225.972708][ C0] ? vm_brk+0x20/0x20 [ 225.972730][ C0] ? uprobe_clear_state+0x2f6/0x460 [ 225.972746][ C0] ? mm_update_next_owner+0x522/0x640 [ 225.972768][ C0] __mmput+0x115/0x3b0 [ 225.972784][ C0] exit_mm+0x567/0x6c0 [ 225.972802][ C0] ? xacct_add_tsk+0x4b0/0x4b0 [ 225.972820][ C0] ? do_exit+0x20a0/0x20a0 [ 225.972839][ C0] ? taskstats_exit+0x439/0xab0 [ 225.972857][ C0] ? tty_audit_exit+0x14e/0x1f0 [ 225.972877][ C0] do_exit+0x5a1/0x20a0 [ 225.972897][ C0] ? rcu_nmi_exit+0x6f/0xf0 [ 225.972913][ C0] ? put_task_struct+0x80/0x80 [ 225.972931][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 225.972951][ C0] ? lock_chain_count+0x20/0x20 [ 225.972969][ C0] ? _raw_spin_lock_irq+0xab/0xe0 [ 225.972986][ C0] do_group_exit+0x12e/0x300 [ 225.973004][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 225.973022][ C0] get_signal+0x6ca/0x12c0 [ 225.973047][ C0] arch_do_signal_or_restart+0xc1/0x1300 [ 225.973072][ C0] ? perf_trace_run_bpf_submit+0xf3/0x1c0 [ 225.973092][ C0] ? perf_trace_preemptirq_template+0x2be/0x380 [ 225.973111][ C0] ? get_sigframe_size+0x10/0x10 [ 225.973130][ C0] ? rcu_nmi_exit+0x6f/0xf0 [ 225.973154][ C0] ? exit_to_user_mode_loop+0x3b/0x130 [ 225.973175][ C0] exit_to_user_mode_loop+0x9e/0x130 [ 225.973195][ C0] exit_to_user_mode_prepare+0xee/0x180 [ 225.973214][ C0] syscall_exit_to_user_mode+0x16/0x40 [ 225.973231][ C0] do_syscall_64+0x58/0xa0 [ 225.973246][ C0] ? clear_bhb_loop+0x30/0x80 [ 225.973261][ C0] ? clear_bhb_loop+0x30/0x80 [ 225.973277][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 225.973293][ C0] RIP: 0033:0x7f51eb147de9 [ 225.973312][ C0] Code: Unable to access opcode bytes at RIP 0x7f51eb147dbf. [ 225.973319][ C0] RSP: 002b:00007f51ea3b90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 225.973335][ C0] RAX: fffffffffffffe00 RBX: 00007f51eb360fa8 RCX: 00007f51eb147de9 [ 225.973347][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f51eb360fa8 [ 225.973357][ C0] RBP: 00007f51eb360fa0 R08: 0000000000000000 R09: 0000000000000000 [ 225.973367][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f51eb360fac [ 225.973378][ C0] R13: 0000000000000000 R14: 00007ffe5b05a870 R15: 00007ffe5b05a958 [ 225.973396][ C0] [ 225.974016][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10504 jiffies! g12417 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 226.505234][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=6914 [ 226.513071][ C1] rcu: rcu_preempt kthread starved for 10505 jiffies! g12417 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 226.524747][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 226.534746][ C1] rcu: RCU grace-period kthread stack dump: [ 226.540656][ C1] task:rcu_preempt state:I stack:27848 pid: 15 ppid: 2 flags:0x00004000 [ 226.549892][ C1] Call Trace: [ 226.553184][ C1] [ 226.556136][ C1] __schedule+0x11bb/0x4390 [ 226.560672][ C1] ? _raw_spin_lock_irqsave+0x7f/0xf0 [ 226.566159][ C1] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 226.572073][ C1] ? _raw_spin_unlock_irqrestore+0x82/0x100 [ 226.578172][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 226.584087][ C1] ? _raw_spin_unlock+0x40/0x40 [ 226.588961][ C1] ? rcu_is_watching+0x11/0xa0 [ 226.593747][ C1] ? release_firmware_map_entry+0x190/0x190 [ 226.599671][ C1] schedule+0x11b/0x1e0 [ 226.603847][ C1] schedule_timeout+0x15c/0x280 [ 226.608814][ C1] ? console_conditional_schedule+0x40/0x40 [ 226.615080][ C1] ? update_process_times+0x200/0x200 [ 226.620642][ C1] ? prepare_to_swait_event+0x331/0x350 [ 226.626242][ C1] rcu_gp_fqs_loop+0x29e/0x11b0 [ 226.631146][ C1] ? _raw_spin_unlock_irq+0x1f/0x40 [ 226.636437][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 226.641678][ C1] ? rcu_gp_init+0xd58/0x10e0 [ 226.646509][ C1] ? rcu_gp_init+0x10e0/0x10e0 [ 226.651324][ C1] ? _raw_spin_unlock_irq+0x1f/0x40 [ 226.656562][ C1] ? _raw_spin_unlock_irq+0x1f/0x40 [ 226.661790][ C1] ? lockdep_hardirqs_on+0x94/0x140 [ 226.667008][ C1] rcu_gp_kthread+0x98/0x350 [ 226.671620][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 226.676758][ C1] ? _raw_spin_unlock_irqrestore+0xaa/0x100 [ 226.682761][ C1] ? __kthread_parkme+0x157/0x1b0 [ 226.687902][ C1] kthread+0x436/0x520 [ 226.692103][ C1] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 226.697231][ C1] ? kthread_blkcg+0xd0/0xd0 [ 226.701934][ C1] ret_from_fork+0x1f/0x30 [ 226.706381][ C1] [ 226.709412][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 226.715831][ C1] Sending NMI from CPU 1 to CPUs 0: [ 226.721221][ C0] NMI backtrace for cpu 0 [ 226.721231][ C0] CPU: 0 PID: 5078 Comm: syz.0.29 Not tainted syzkaller #0 [ 226.721247][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 226.721257][ C0] RIP: 0010:perf_tp_event+0x21a/0xb50 [ 226.721277][ C0] Code: d8 01 00 00 4c 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 0f b6 04 08 84 c0 0f 85 d2 01 00 00 45 8b 3f 44 89 fe 83 e6 01 <31> ff e8 1f ec e0 ff 41 83 e7 01 75 44 4d 8d bd 00 01 00 00 4c 89 [ 226.721290][ C0] RSP: 0018:ffffc9000300ef40 EFLAGS: 00000046 [ 226.721304][ C0] RAX: 0000000000000000 RBX: 1ffff11017206a35 RCX: dffffc0000000000 [ 226.721317][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 226.721326][ C0] RBP: ffffc9000300f1c8 R08: dffffc0000000000 R09: fffffbfff1ad32b6 [ 226.721339][ C0] R10: fffffbfff1ad32b6 R11: 1ffffffff1ad32b5 R12: ffff8880b90351a8 [ 226.721351][ C0] R13: ffff888073ec23d0 R14: 0000000000000000 R15: 0000000000000000 [ 226.721362][ C0] FS: 0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000 [ 226.721376][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 226.721388][ C0] CR2: 00004000000003c0 CR3: 000000007de20000 CR4: 00000000003506f0 [ 226.721403][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 226.721412][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 226.721422][ C0] Call Trace: [ 226.721428][ C0] [ 226.721433][ C0] ? __perf_event_overflow+0x415/0x530 [ 226.721453][ C0] ? perf_trace_run_bpf_submit+0x1c0/0x1c0 [ 226.721469][ C0] ? perf_swevent_event+0x33e/0x530 [ 226.721504][ C0] ? update_load_avg+0x507/0x1130 [ 226.721525][ C0] perf_trace_run_bpf_submit+0xf3/0x1c0 [ 226.721544][ C0] perf_trace_preemptirq_template+0x2be/0x380 [ 226.721565][ C0] ? asm_sysvec_irq_work+0x16/0x20 [ 226.721583][ C0] ? trace_event_raw_event_preemptirq_template+0x270/0x270 [ 226.721601][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 226.721623][ C0] ? lock_chain_count+0x20/0x20 [ 226.721642][ C0] ? asm_sysvec_irq_work+0x16/0x20 [ 226.721658][ C0] trace_irq_enable_rcuidle+0x108/0x180 [ 226.721676][ C0] trace_hardirqs_on+0x57/0x80 [ 226.721692][ C0] asm_sysvec_irq_work+0x16/0x20 [ 226.721708][ C0] RIP: 0010:rcu_read_unlock_special+0x84/0x480 [ 226.721725][ C0] Code: f1 f1 f1 00 f2 f2 f2 4a 89 04 2b 66 42 c7 44 2b 09 f3 f3 42 c6 44 2b 0b f3 65 44 8b 35 ad 13 9e 7e 41 f7 c6 00 00 f0 00 74 45 <48> c7 44 24 20 0e 36 e0 45 4a c7 04 2b 00 00 00 00 66 42 c7 44 2b [ 226.721737][ C0] RSP: 0018:ffffc9000300f420 EFLAGS: 00000206 [ 226.721750][ C0] RAX: 02dd9152ca45d800 RBX: 1ffff92000601e88 RCX: 02dd9152ca45d800 [ 226.721763][ C0] RDX: dffffc0000000000 RSI: ffffffff8a0b1820 RDI: ffffffff8a59a4c0 [ 226.721775][ C0] RBP: ffffc9000300f4f0 R08: dffffc0000000000 R09: fffffbfff1ff7a19 [ 226.721787][ C0] R10: fffffbfff1ff7a19 R11: 1ffffffff1ff7a18 R12: ffffffff8c120b00 [ 226.721800][ C0] R13: dffffc0000000000 R14: 0000000000000246 R15: 0000000000000001 [ 226.721820][ C0] ? __rcu_read_unlock+0xd0/0xd0 [ 226.721836][ C0] ? rcu_lock_acquire+0x30/0x30 [ 226.721853][ C0] ? __lock_acquire+0x7c60/0x7c60 [ 226.721873][ C0] __rcu_read_unlock+0x78/0xd0 [ 226.721889][ C0] __unlock_page_memcg+0xea/0x100 [ 226.721910][ C0] unmap_page_range+0xfbc/0x2520 [ 226.721933][ C0] ? uprobe_munmap+0x165/0x3f0 [ 226.721956][ C0] unmap_vmas+0x11b/0x230 [ 226.721969][ C0] ? uprobe_clear_state+0x4f/0x460 [ 226.721985][ C0] ? unmap_page_range+0x2520/0x2520 [ 226.722005][ C0] ? __mutex_lock_common+0x431/0x2390 [ 226.722027][ C0] ? memset+0x1e/0x40 [ 226.722047][ C0] exit_mmap+0x38f/0x5f0 [ 226.722066][ C0] ? vm_brk+0x20/0x20 [ 226.722089][ C0] ? uprobe_clear_state+0x2f6/0x460 [ 226.722103][ C0] ? mm_update_next_owner+0x522/0x640 [ 226.722125][ C0] __mmput+0x115/0x3b0 [ 226.722141][ C0] exit_mm+0x567/0x6c0 [ 226.722159][ C0] ? xacct_add_tsk+0x4b0/0x4b0 [ 226.722179][ C0] ? do_exit+0x20a0/0x20a0 [ 226.722197][ C0] ? taskstats_exit+0x439/0xab0 [ 226.722215][ C0] ? tty_audit_exit+0x14e/0x1f0 [ 226.722236][ C0] do_exit+0x5a1/0x20a0 [ 226.722256][ C0] ? rcu_nmi_exit+0x6f/0xf0 [ 226.722273][ C0] ? put_task_struct+0x80/0x80 [ 226.722291][ C0] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 226.722312][ C0] ? lock_chain_count+0x20/0x20 [ 226.722330][ C0] ? _raw_spin_lock_irq+0xab/0xe0 [ 226.722346][ C0] do_group_exit+0x12e/0x300 [ 226.722365][ C0] ? lockdep_hardirqs_on+0x94/0x140 [ 226.722382][ C0] get_signal+0x6ca/0x12c0 [ 226.722407][ C0] arch_do_signal_or_restart+0xc1/0x1300 [ 226.722431][ C0] ? perf_trace_run_bpf_submit+0xf3/0x1c0 [ 226.722450][ C0] ? perf_trace_preemptirq_template+0x2be/0x380 [ 226.722469][ C0] ? get_sigframe_size+0x10/0x10 [ 226.722487][ C0] ? rcu_nmi_exit+0x6f/0xf0 [ 226.722511][ C0] ? exit_to_user_mode_loop+0x3b/0x130 [ 226.722532][ C0] exit_to_user_mode_loop+0x9e/0x130 [ 226.722551][ C0] exit_to_user_mode_prepare+0xee/0x180 [ 226.722570][ C0] syscall_exit_to_user_mode+0x16/0x40 [ 226.722588][ C0] do_syscall_64+0x58/0xa0 [ 226.722602][ C0] ? clear_bhb_loop+0x30/0x80 [ 226.722617][ C0] ? clear_bhb_loop+0x30/0x80 [ 226.722633][ C0] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 226.722650][ C0] RIP: 0033:0x7f51eb147de9 [ 226.722663][ C0] Code: Unable to access opcode bytes at RIP 0x7f51eb147dbf. [ 226.722670][ C0] RSP: 002b:00007f51ea3b90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 226.722685][ C0] RAX: fffffffffffffe00 RBX: 00007f51eb360fa8 RCX: 00007f51eb147de9 [ 226.722698][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f51eb360fa8 [ 226.722708][ C0] RBP: 00007f51eb360fa0 R08: 0000000000000000 R09: 0000000000000000 [ 226.722718][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f51eb360fac [ 226.722729][ C0] R13: 0000000000000000 R14: 00007ffe5b05a870 R15: 00007ffe5b05a958 [ 226.722747][ C0] [ 230.262108][ T2305] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-... } 10937 jiffies s: 6189 root: 0x1/. [ 230.275182][ T2305] rcu: blocking rcu_node structures (internal RCU debug): [ 230.282798][ T2305] Task dump for CPU 0: [ 230.286885][ T2305] task:syz.0.29 state:R running task stack:25920 pid: 5078 ppid: 4816 flags:0x00004008 [ 230.297943][ T2305] Call Trace: [ 230.301239][ T2305] [ 230.304217][ T2305] ? perf_trace_preemptirq_template+0x2be/0x380 [ 230.310488][ T2305] ? asm_sysvec_irq_work+0x16/0x20 [ 230.315838][ T2305] ? trace_event_raw_event_preemptirq_template+0x270/0x270 [ 230.323090][ T2305] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 230.329101][ T2305] ? lock_chain_count+0x20/0x20 [ 230.334022][ T2305] ? asm_sysvec_irq_work+0x16/0x20 [ 230.339155][ T2305] ? trace_irq_enable_rcuidle+0x108/0x180 [ 230.344930][ T2305] ? asm_sysvec_irq_work+0x16/0x20 [ 230.350095][ T2305] ? rcu_read_unlock_special+0x84/0x480 [ 230.355748][ T2305] ? __rcu_read_unlock+0xd0/0xd0 [ 230.360714][ T2305] ? rcu_lock_acquire+0x30/0x30 [ 230.365679][ T2305] ? __lock_acquire+0x7c60/0x7c60 [ 230.370756][ T2305] ? __rcu_read_unlock+0x78/0xd0 [ 230.375789][ T2305] ? __unlock_page_memcg+0xea/0x100 [ 230.381016][ T2305] ? unmap_page_range+0xfbc/0x2520 [ 230.386198][ T2305] ? uprobe_munmap+0x165/0x3f0 [ 230.391007][ T2305] ? unmap_vmas+0x11b/0x230 [ 230.395554][ T2305] ? uprobe_clear_state+0x4f/0x460 [ 230.400689][ T2305] ? unmap_page_range+0x2520/0x2520 [ 230.405937][ T2305] ? __mutex_lock_common+0x431/0x2390 [ 230.411362][ T2305] ? memset+0x1e/0x40 [ 230.415412][ T2305] ? exit_mmap+0x38f/0x5f0 [ 230.419862][ T2305] ? vm_brk+0x20/0x20 [ 230.423909][ T2305] ? uprobe_clear_state+0x2f6/0x460 [ 230.429128][ T2305] ? mm_update_next_owner+0x522/0x640 [ 230.434595][ T2305] ? __mmput+0x115/0x3b0 [ 230.438883][ T2305] ? exit_mm+0x567/0x6c0 [ 230.443192][ T2305] ? xacct_add_tsk+0x4b0/0x4b0 [ 230.447990][ T2305] ? do_exit+0x20a0/0x20a0 [ 230.452460][ T2305] ? taskstats_exit+0x439/0xab0 [ 230.457336][ T2305] ? tty_audit_exit+0x14e/0x1f0 [ 230.462286][ T2305] ? do_exit+0x5a1/0x20a0 [ 230.466692][ T2305] ? rcu_nmi_exit+0x6f/0xf0 [ 230.471238][ T2305] ? put_task_struct+0x80/0x80 [ 230.476106][ T2305] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 230.482156][ T2305] ? lock_chain_count+0x20/0x20 [ 230.487043][ T2305] ? _raw_spin_lock_irq+0xab/0xe0 [ 230.492120][ T2305] ? do_group_exit+0x12e/0x300 [ 230.496982][ T2305] ? lockdep_hardirqs_on+0x94/0x140 [ 230.502271][ T2305] ? get_signal+0x6ca/0x12c0 [ 230.506909][ T2305] ? arch_do_signal_or_restart+0xc1/0x1300 [ 230.512815][ T2305] ? perf_trace_run_bpf_submit+0xf3/0x1c0 [ 230.518565][ T2305] ? perf_trace_preemptirq_template+0x2be/0x380 [ 230.524975][ T2305] ? get_sigframe_size+0x10/0x10 [ 230.529942][ T2305] ? rcu_nmi_exit+0x6f/0xf0 [ 230.534521][ T2305] ? exit_to_user_mode_loop+0x3b/0x130 [ 230.540097][ T2305] ? exit_to_user_mode_loop+0x9e/0x130 [ 230.545614][ T2305] ? exit_to_user_mode_prepare+0xee/0x180 [ 230.551366][ T2305] ? syscall_exit_to_user_mode+0x16/0x40 [ 230.557052][ T2305] ? do_syscall_64+0x58/0xa0 [ 230.561691][ T2305] ? clear_bhb_loop+0x30/0x80 [ 230.566483][ T2305] ? clear_bhb_loop+0x30/0x80 [ 230.571210][ T2305] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 230.577343][ T2305]