Warning: Permanently added '10.128.1.206' (ED25519) to the list of known hosts.
2026/04/03 04:36:56 parsed 1 programs
[ 93.378227][ T4598] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 95.068706][ T156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.077005][ T156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.086221][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 95.101054][ T151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 95.109608][ T151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 95.121097][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 96.672531][ T4650] chnl_net:caif_netlink_parms(): no params data found
[ 96.739108][ T4650] bridge0: port 1(bridge_slave_0) entered blocking state
[ 96.746382][ T4650] bridge0: port 1(bridge_slave_0) entered disabled state
[ 96.754993][ T4650] device bridge_slave_0 entered promiscuous mode
[ 96.763734][ T4650] bridge0: port 2(bridge_slave_1) entered blocking state
[ 96.771686][ T4650] bridge0: port 2(bridge_slave_1) entered disabled state
[ 96.779438][ T4650] device bridge_slave_1 entered promiscuous mode
[ 96.811612][ T4650] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 96.823707][ T4650] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 96.939669][ T4650] team0: Port device team_slave_0 added
[ 96.953375][ T4650] team0: Port device team_slave_1 added
[ 96.980495][ T4650] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 96.988182][ T4650] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 97.015654][ T4650] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 97.028809][ T4650] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 97.036018][ T4650] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 97.063986][ T4650] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 97.089485][ T4650] device hsr_slave_0 entered promiscuous mode
[ 97.096670][ T4650] device hsr_slave_1 entered promiscuous mode
[ 97.624041][ T4650] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 97.662098][ T4650] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 97.673653][ T4650] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 97.684971][ T4650] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 97.781160][ T4650] 8021q: adding VLAN 0 to HW filter on device bond0
[ 97.825623][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 97.834218][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 97.851906][ T4650] 8021q: adding VLAN 0 to HW filter on device team0
[ 97.883935][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 97.893833][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 97.904533][ T156] bridge0: port 1(bridge_slave_0) entered blocking state
[ 97.912172][ T156] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 97.935570][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 97.943820][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 97.953229][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 97.962885][ T156] bridge0: port 2(bridge_slave_1) entered blocking state
[ 97.970036][ T156] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 97.980178][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 97.989685][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 98.000479][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 98.011231][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 98.023385][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 98.058056][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 98.068006][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 98.085331][ T4650] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 98.097764][ T4650] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 98.111113][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 98.120363][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 98.131592][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 98.143027][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 98.153925][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 98.341765][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 98.351648][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 98.369002][ T4650] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 98.429864][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 98.443728][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 98.479582][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 98.498601][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 98.518522][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 98.527237][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 98.537063][ T4650] device veth0_vlan entered promiscuous mode
[ 98.561222][ T4650] device veth1_vlan entered promiscuous mode
[ 98.605159][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 98.614947][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 98.638180][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 98.657513][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 98.680066][ T4650] device veth0_macvtap entered promiscuous mode
[ 98.701530][ T4650] device veth1_macvtap entered promiscuous mode
[ 98.747877][ T4650] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 98.755730][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 98.773116][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 98.796407][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 98.817700][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 98.840043][ T4650] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 98.858011][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 98.869038][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 98.883933][ T4650] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.894333][ T4650] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.904980][ T4650] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 98.918871][ T4650] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/04/03 04:37:05 executed programs: 0
[ 100.518182][ T4774] chnl_net:caif_netlink_parms(): no params data found
[ 100.628549][ T4774] bridge0: port 1(bridge_slave_0) entered blocking state
[ 100.646546][ T4774] bridge0: port 1(bridge_slave_0) entered disabled state
[ 100.654917][ T4774] device bridge_slave_0 entered promiscuous mode
[ 100.681844][ T4774] bridge0: port 2(bridge_slave_1) entered blocking state
[ 100.696593][ T4774] bridge0: port 2(bridge_slave_1) entered disabled state
[ 100.704918][ T4774] device bridge_slave_1 entered promiscuous mode
[ 100.758366][ T4774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 100.772201][ T4774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 100.829345][ T4774] team0: Port device team_slave_0 added
[ 100.840636][ T4774] team0: Port device team_slave_1 added
[ 100.878147][ T1276] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 100.899376][ T4774] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 100.910336][ T4774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.937764][ T4774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 100.951992][ T4774] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 100.961580][ T4774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.991677][ T4774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 101.028279][ T4774] device hsr_slave_0 entered promiscuous mode
[ 101.035354][ T4774] device hsr_slave_1 entered promiscuous mode
[ 101.043212][ T4774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 101.051316][ T4774] Cannot create hsr debugfs directory
[ 102.389262][ T4277] Bluetooth: hci0: command 0x0409 tx timeout
[ 104.011540][ T1276] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 104.071994][ T1276] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 104.122474][ T1276] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 104.466655][ T7] Bluetooth: hci0: command 0x041b tx timeout
[ 104.903885][ T4774] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 104.913197][ T4774] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 104.934844][ T4774] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 104.943949][ T4774] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 104.999948][ T4774] 8021q: adding VLAN 0 to HW filter on device bond0
[ 105.022891][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 105.031479][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 105.045088][ T4774] 8021q: adding VLAN 0 to HW filter on device team0
[ 105.055713][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 105.064685][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 105.073964][ T156] bridge0: port 1(bridge_slave_0) entered blocking state
[ 105.081279][ T156] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 105.090385][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 105.101718][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 105.110691][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 105.119981][ T156] bridge0: port 2(bridge_slave_1) entered blocking state
[ 105.127286][ T156] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 105.151705][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 105.162500][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 105.174339][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 105.183840][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 105.194198][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 105.217372][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 105.227323][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 105.238363][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 105.247349][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 105.261440][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 105.270597][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 105.283004][ T4774] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 105.373732][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 105.381649][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 105.397742][ T1276] device hsr_slave_0 left promiscuous mode
[ 105.404377][ T1276] device hsr_slave_1 left promiscuous mode
[ 105.411386][ T1276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 105.419535][ T1276] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 105.429354][ T1276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 105.438288][ T1276] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 105.446169][ T1276] device bridge_slave_1 left promiscuous mode
[ 105.452994][ T1276] bridge0: port 2(bridge_slave_1) entered disabled state
[ 105.461796][ T1276] device bridge_slave_0 left promiscuous mode
[ 105.468530][ T1276] bridge0: port 1(bridge_slave_0) entered disabled state
[ 105.480606][ T1276] device veth1_macvtap left promiscuous mode
[ 105.487630][ T1276] device veth0_macvtap left promiscuous mode
[ 105.493843][ T1276] device veth1_vlan left promiscuous mode
[ 105.499811][ T1276] device veth0_vlan left promiscuous mode
[ 105.614014][ T1276] team0 (unregistering): Port device team_slave_1 removed
[ 105.629655][ T1276] team0 (unregistering): Port device team_slave_0 removed
[ 105.640330][ T1276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 105.653031][ T1276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 105.696963][ T1276] bond0 (unregistering): Released all slaves
[ 105.740795][ T4774] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 105.758040][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 105.769071][ T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 105.794877][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 105.803410][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 105.815685][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 105.824544][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 105.832740][ T4774] device veth0_vlan entered promiscuous mode
[ 105.845196][ T4774] device veth1_vlan entered promiscuous mode
[ 105.861764][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 105.870252][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 105.880214][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 105.889443][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 105.902550][ T4774] device veth0_macvtap entered promiscuous mode
[ 105.914347][ T4774] device veth1_macvtap entered promiscuous mode
[ 105.938057][ T4774] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 105.945490][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 105.953821][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 105.962487][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 105.971614][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 105.982327][ T4774] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 106.003001][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 106.012376][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 106.023771][ T4774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.034233][ T4774] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.043279][ T4774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.052479][ T4774] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.106152][ T156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.116260][ T156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.125739][ T3039] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
2026/04/03 04:37:11 executed programs: 2
[ 106.153782][ T3039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 106.162941][ T3039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 106.173675][ T151] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 106.576773][ T1325] Bluetooth: hci0: command 0x040f tx timeout
[ 108.626625][ T1325] Bluetooth: hci0: command 0x0419 tx timeout
[ 132.729975][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.736780][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 194.178981][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 194.185313][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[ 211.276410][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 211.283614][ C0] rcu: 1-...!: (0 ticks this GP) idle=fb9/1/0x4000000000000000 softirq=9325/9325 fqs=0
[ 211.294714][ C0] (detected by 0, t=10506 jiffies, g=11057, q=568)
[ 211.301350][ C0] Sending NMI from CPU 0 to CPUs 1:
[ 211.306876][ C1] NMI backtrace for cpu 1
[ 211.306886][ C1] CPU: 1 PID: 5059 Comm: syz.0.17 Not tainted syzkaller #0
[ 211.306902][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 211.306909][ C1] RIP: 0010:kasan_check_range+0x1b2/0x290
[ 211.306933][ C1] Code: 01 f3 49 89 df 49 8d 5f 07 4d 85 ff 49 0f 49 df 48 83 e3 f8 49 29 df 74 0e 41 80 3b 00 75 69 49 ff c3 49 ff cf 75 f2 5b 41 5c <41> 5e 41 5f 5d c3 45 84 ff 0f 85 91 00 00 00 41 f7 c7 00 ff 00 00
[ 211.306945][ C1] RSP: 0018:ffffc90000dd0ac0 EFLAGS: 00000056
[ 211.306960][ C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff815d82c4
[ 211.306970][ C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8d89e368
[ 211.306979][ C1] RBP: ffffc90000dd0bf0 R08: ffffffff8d89e36f R09: 1ffffffff1b13c6d
[ 211.306989][ C1] R10: dffffc0000000000 R11: fffffbfff1b13c6e R12: 1ffff920001ba168
[ 211.306999][ C1] R13: dffffc0000000000 R14: 1ffffffff1b13c6d R15: 0000000000000001
[ 211.307009][ C1] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[ 211.307021][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 211.307031][ C1] CR2: 00007f04411384c0 CR3: 000000000c08e000 CR4: 00000000003506e0
[ 211.307046][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 211.307055][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 211.307064][ C1] Call Trace:
[ 211.307069][ C1]
[ 211.307076][ C1] lock_release+0xa4/0x8a0
[ 211.307096][ C1] ? debug_object_activate+0x2f3/0x4e0
[ 211.307111][ C1] ? do_raw_spin_lock+0x128/0x2f0
[ 211.307125][ C1] ? __lock_acquire+0x7d10/0x7d10
[ 211.307140][ C1] ? __rwlock_init+0x140/0x140
[ 211.307158][ C1] _raw_spin_unlock_irqrestore+0x6d/0x120
[ 211.307174][ C1] ? _raw_spin_unlock+0x40/0x40
[ 211.307191][ C1] debug_object_activate+0x2f3/0x4e0
[ 211.307207][ C1] enqueue_hrtimer+0x30/0x370
[ 211.307227][ C1] __hrtimer_run_queues+0x5fa/0xb70
[ 211.307250][ C1] ? hrtimer_interrupt+0x8d0/0x8d0
[ 211.307265][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 211.307282][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 211.307307][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 211.307323][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 211.307341][ C1]
[ 211.307345][ C1]
[ 211.307349][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 211.307365][ C1] RIP: 0010:lock_page_memcg+0x23d/0x440
[ 211.307379][ C1] Code: 00 00 9c 8f 44 24 40 f7 44 24 40 00 02 00 00 c6 44 01 04 f8 0f 85 f9 00 00 00 f7 c3 00 02 00 00 74 01 fb 4d 8d af 80 10 00 00 <4c> 89 ef be 04 00 00 00 e8 36 8f fb ff 4c 89 e8 48 c1 e8 03 48 b9
[ 211.307389][ C1] RSP: 0018:ffffc9000317f420 EFLAGS: 00000206
[ 211.307401][ C1] RAX: dffffc0000000000 RBX: 0000000000000286 RCX: 1ffff9200062fe88
[ 211.307411][ C1] RDX: dffffc0000000000 RSI: ffffffff8a2b2780 RDI: ffffffff8a79f980
[ 211.307421][ C1] RBP: ffffc9000317f4f8 R08: ffffffff901d40c7 R09: 1ffffffff203a818
[ 211.307431][ C1] R10: dffffc0000000000 R11: fffffbfff203a819 R12: ffff888140774670
[ 211.307441][ C1] R13: ffff888140775080 R14: ffffea0001cda978 R15: ffff888140774000
[ 211.307460][ C1] ? mem_cgroup_get_oom_group+0x350/0x350
[ 211.307474][ C1] ? rcu_lock_acquire+0x30/0x30
[ 211.307489][ C1] ? __lock_acquire+0x7d10/0x7d10
[ 211.307506][ C1] page_remove_rmap+0x2a/0x10f0
[ 211.307530][ C1] ? vm_normal_page+0x95/0x1e0
[ 211.307544][ C1] unmap_page_range+0xf96/0x2500
[ 211.307571][ C1] unmap_vmas+0x131/0x250
[ 211.307585][ C1] ? unmap_page_range+0x2500/0x2500
[ 211.307597][ C1] ? __mutex_lock_common+0x465/0x2400
[ 211.307614][ C1] ? exit_mm_release+0x16/0x30
[ 211.307632][ C1] exit_mmap+0x3b9/0x640
[ 211.307648][ C1] ? vm_brk+0x20/0x20
[ 211.307668][ C1] ? uprobe_clear_state+0x2f6/0x460
[ 211.307682][ C1] ? mm_update_next_owner+0x522/0x640
[ 211.307697][ C1] __mmput+0x115/0x3b0
[ 211.307711][ C1] exit_mm+0x588/0x6e0
[ 211.307724][ C1] ? xacct_add_tsk+0x4a0/0x4a0
[ 211.307740][ C1] ? do_exit+0x20c0/0x20c0
[ 211.307753][ C1] ? taskstats_exit+0x439/0xab0
[ 211.307770][ C1] ? tty_audit_exit+0x14e/0x1f0
[ 211.307788][ C1] do_exit+0x5a9/0x20c0
[ 211.307802][ C1] ? put_task_struct+0x80/0x80
[ 211.307816][ C1] ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 211.307833][ C1] ? lock_chain_count+0x20/0x20
[ 211.307849][ C1] ? _raw_spin_lock_irq+0xb7/0xf0
[ 211.307863][ C1] do_group_exit+0x12e/0x300
[ 211.307876][ C1] ? lockdep_hardirqs_on+0x94/0x140
[ 211.307892][ C1] get_signal+0x6ca/0x12c0
[ 211.307913][ C1] arch_do_signal_or_restart+0xe7/0x12c0
[ 211.307931][ C1] ? __might_fault+0xb3/0x110
[ 211.307949][ C1] ? futex_exit_release+0x1c0/0x1c0
[ 211.307964][ C1] ? get_sigframe_size+0x10/0x10
[ 211.307988][ C1] ? exit_to_user_mode_loop+0x3b/0x130
[ 211.308002][ C1] exit_to_user_mode_loop+0x9e/0x130
[ 211.308016][ C1] exit_to_user_mode_prepare+0xee/0x180
[ 211.308029][ C1] syscall_exit_to_user_mode+0x16/0x40
[ 211.308045][ C1] do_syscall_64+0x58/0xa0
[ 211.308058][ C1] ? clear_bhb_loop+0x30/0x80
[ 211.308071][ C1] ? clear_bhb_loop+0x30/0x80
[ 211.308085][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 211.308099][ C1] RIP: 0033:0x7f044125e379
[ 211.308110][ C1] Code: Unable to access opcode bytes at RIP 0x7f044125e34f.
[ 211.308117][ C1] RSP: 002b:00007f04408c20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 211.308131][ C1] RAX: 0000000000000001 RBX: 00007f04414b9fa8 RCX: 00007f044125e379
[ 211.308140][ C1] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f04414b9fac
[ 211.308150][ C1] RBP: 00007f04414b9fa0 R08: 000a96bd30aed4e6 R09: 0000000000000000
[ 211.308159][ C1] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[ 211.308168][ C1] R13: 00007f04414ba038 R14: 00007ffeaf30ef90 R15: 00007ffeaf30f078
[ 211.308184][ C1]
[ 211.308872][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10505 jiffies! g11057 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 211.900906][ C0] rcu: Possible timer handling issue on cpu=1 timer-softirq=3395
[ 211.908999][ C0] rcu: rcu_preempt kthread starved for 10506 jiffies! g11057 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[ 211.920820][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 211.931360][ C0] rcu: RCU grace-period kthread stack dump:
[ 211.937343][ C0] task:rcu_preempt state:I stack:26960 pid: 15 ppid: 2 flags:0x00004000
[ 211.946853][ C0] Call Trace:
[ 211.950145][ C0]
[ 211.953268][ C0] __schedule+0x11ef/0x43c0
[ 211.958005][ C0] ? lockdep_hardirqs_on+0x94/0x140
[ 211.963602][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 211.969778][ C0] ? _raw_spin_unlock+0x40/0x40
[ 211.974993][ C0] ? release_firmware_map_entry+0x190/0x190
[ 211.981184][ C0] ? __mod_timer+0x91e/0xd00
[ 211.986077][ C0] schedule+0x11b/0x1e0
[ 211.990342][ C0] schedule_timeout+0x184/0x2d0
[ 211.995319][ C0] ? console_conditional_schedule+0x40/0x40
[ 212.002037][ C0] ? update_process_times+0x200/0x200
[ 212.007812][ C0] ? prepare_to_swait_event+0x331/0x350
[ 212.013398][ C0] rcu_gp_fqs_loop+0x2be/0x11d0
[ 212.018274][ C0] ? lockdep_hardirqs_on+0x94/0x140
[ 212.023756][ C0] ? rcu_gp_init+0xd6c/0x10f0
[ 212.028590][ C0] ? rcu_gp_init+0x10f0/0x10f0
[ 212.033756][ C0] ? _raw_spin_unlock_irq+0x1f/0x40
[ 212.038991][ C0] ? lockdep_hardirqs_on+0x94/0x140
[ 212.044402][ C0] rcu_gp_kthread+0x9b/0x370
[ 212.049199][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 212.055394][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 212.061040][ C0] ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 212.067496][ C0] ? __kthread_parkme+0x157/0x1b0
[ 212.072727][ C0] kthread+0x436/0x520
[ 212.076910][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 212.082304][ C0] ? kthread_blkcg+0xd0/0xd0
[ 212.087262][ C0] ret_from_fork+0x1f/0x30
[ 212.091991][ C0]
[ 212.095024][ C0] rcu: Stack dump where RCU GP kthread last ran:
[ 212.101749][ C0] Sending NMI from CPU 0 to CPUs 1:
[ 212.107333][ C1] NMI backtrace for cpu 1
[ 212.107341][ C1] CPU: 1 PID: 5059 Comm: syz.0.17 Not tainted syzkaller #0
[ 212.107356][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 212.107363][ C1] RIP: 0010:lock_release+0x228/0x8a0
[ 212.107383][ C1] Code: 44 89 7c 24 3c 44 89 fa 85 c0 0f 84 d2 01 00 00 4d 85 e4 0f 84 0d 03 00 00 4d 8d 74 24 24 4c 89 f0 48 c1 e8 03 42 0f b6 04 28 <84> c0 0f 85 a7 04 00 00 41 83 3e 00 0f 85 dd 03 00 00 4d 8d 74 24
[ 212.107394][ C1] RSP: 0018:ffffc90000dd0b60 EFLAGS: 00000803
[ 212.107408][ C1] RAX: 0000000000000000 RBX: 000000000000000a RCX: 0000000000000001
[ 212.107418][ C1] RDX: 0000000000000002 RSI: ffff88807c48a300 RDI: ffff88807b166480
[ 212.107428][ C1] RBP: ffffc90000dd0c80 R08: ffffffff8d89e36f R09: 1ffffffff1b13c6d
[ 212.107439][ C1] R10: dffffc0000000000 R11: fffffbfff1b13c6e R12: ffff88807b166480
[ 212.107449][ C1] R13: dffffc0000000000 R14: ffff88807b1664a4 R15: 0000000000000002
[ 212.107458][ C1] FS: 0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[ 212.107471][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 212.107481][ C1] CR2: 00007f04411384c0 CR3: 000000000c08e000 CR4: 00000000003506e0
[ 212.107496][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 212.107505][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 212.107514][ C1] Call Trace:
[ 212.107520][ C1]
[ 212.107526][ C1] ? advance_sched+0x687/0x940
[ 212.107545][ C1] ? __lock_acquire+0x7d10/0x7d10
[ 212.107559][ C1] ? do_raw_spin_lock+0x128/0x2f0
[ 212.107574][ C1] ? __rwlock_init+0x140/0x140
[ 212.107589][ C1] _raw_spin_unlock+0x12/0x40
[ 212.107603][ C1] advance_sched+0x687/0x940
[ 212.107621][ C1] ? taprio_free_sched_cb+0x190/0x190
[ 212.107636][ C1] __hrtimer_run_queues+0x4f2/0xb70
[ 212.107658][ C1] ? hrtimer_interrupt+0x8d0/0x8d0
[ 212.107673][ C1] ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 212.107690][ C1] hrtimer_interrupt+0x3bb/0x8d0
[ 212.107712][ C1] __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 212.107727][ C1] sysvec_apic_timer_interrupt+0x9b/0xc0
[ 212.107745][ C1]
[ 212.107749][ C1]
[ 212.107754][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 212.107769][ C1] RIP: 0010:lock_page_memcg+0x23d/0x440
[ 212.107792][ C1] Code: 00 00 9c 8f 44 24 40 f7 44 24 40 00 02 00 00 c6 44 01 04 f8 0f 85 f9 00 00 00 f7 c3 00 02 00 00 74 01 fb 4d 8d af 80 10 00 00 <4c> 89 ef be 04 00 00 00 e8 36 8f fb ff 4c 89 e8 48 c1 e8 03 48 b9
[ 212.107802][ C1] RSP: 0018:ffffc9000317f420 EFLAGS: 00000206
[ 212.107813][ C1] RAX: dffffc0000000000 RBX: 0000000000000286 RCX: 1ffff9200062fe88
[ 212.107823][ C1] RDX: dffffc0000000000 RSI: ffffffff8a2b2780 RDI: ffffffff8a79f980
[ 212.107833][ C1] RBP: ffffc9000317f4f8 R08: ffffffff901d40c7 R09: 1ffffffff203a818
[ 212.107843][ C1] R10: dffffc0000000000 R11: fffffbfff203a819 R12: ffff888140774670
[ 212.107853][ C1] R13: ffff888140775080 R14: ffffea0001cda978 R15: ffff888140774000
[ 212.107869][ C1] ? mem_cgroup_get_oom_group+0x350/0x350
[ 212.107883][ C1] ? rcu_lock_acquire+0x30/0x30
[ 212.107898][ C1] ? __lock_acquire+0x7d10/0x7d10
[ 212.107915][ C1] page_remove_rmap+0x2a/0x10f0
[ 212.107930][ C1] ? vm_normal_page+0x95/0x1e0
[ 212.107945][ C1] unmap_page_range+0xf96/0x2500
[ 212.107967][ C1] unmap_vmas+0x131/0x250
[ 212.107980][ C1] ? unmap_page_range+0x2500/0x2500
[ 212.107993][ C1] ? __mutex_lock_common+0x465/0x2400
[ 212.108009][ C1] ? exit_mm_release+0x16/0x30
[ 212.108026][ C1] exit_mmap+0x3b9/0x640
[ 212.108041][ C1] ? vm_brk+0x20/0x20
[ 212.108059][ C1] ? uprobe_clear_state+0x2f6/0x460
[ 212.108073][ C1] ? mm_update_next_owner+0x522/0x640
[ 212.108088][ C1] __mmput+0x115/0x3b0
[ 212.108102][ C1] exit_mm+0x588/0x6e0
[ 212.108115][ C1] ? xacct_add_tsk+0x4a0/0x4a0
[ 212.108130][ C1] ? do_exit+0x20c0/0x20c0
[ 212.108143][ C1] ? taskstats_exit+0x439/0xab0
[ 212.108159][ C1] ? tty_audit_exit+0x14e/0x1f0
[ 212.108177][ C1] do_exit+0x5a9/0x20c0
[ 212.108191][ C1] ? put_task_struct+0x80/0x80
[ 212.108203][ C1] ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 212.108220][ C1] ? lock_chain_count+0x20/0x20
[ 212.108236][ C1] ? _raw_spin_lock_irq+0xb7/0xf0
[ 212.108249][ C1] do_group_exit+0x12e/0x300
[ 212.108262][ C1] ? lockdep_hardirqs_on+0x94/0x140
[ 212.108277][ C1] get_signal+0x6ca/0x12c0
[ 212.108296][ C1] arch_do_signal_or_restart+0xe7/0x12c0
[ 212.108314][ C1] ? __might_fault+0xb3/0x110
[ 212.108337][ C1] ? futex_exit_release+0x1c0/0x1c0
[ 212.108353][ C1] ? get_sigframe_size+0x10/0x10
[ 212.108373][ C1] ? exit_to_user_mode_loop+0x3b/0x130
[ 212.108387][ C1] exit_to_user_mode_loop+0x9e/0x130
[ 212.108400][ C1] exit_to_user_mode_prepare+0xee/0x180
[ 212.108414][ C1] syscall_exit_to_user_mode+0x16/0x40
[ 212.108429][ C1] do_syscall_64+0x58/0xa0
[ 212.108443][ C1] ? clear_bhb_loop+0x30/0x80
[ 212.108456][ C1] ? clear_bhb_loop+0x30/0x80
[ 212.108469][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 212.108484][ C1] RIP: 0033:0x7f044125e379
[ 212.108495][ C1] Code: Unable to access opcode bytes at RIP 0x7f044125e34f.
[ 212.108502][ C1] RSP: 002b:00007f04408c20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 212.108516][ C1] RAX: 0000000000000001 RBX: 00007f04414b9fa8 RCX: 00007f044125e379
[ 212.108525][ C1] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f04414b9fac
[ 212.108535][ C1] RBP: 00007f04414b9fa0 R08: 000a96bd30aed4e6 R09: 0000000000000000
[ 212.108544][ C1] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[ 212.108552][ C1] R13: 00007f04414ba038 R14: 00007ffeaf30ef90 R15: 00007ffeaf30f078
[ 212.108567][ C1]
[ 214.656716][ T7] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-... } 10733 jiffies s: 6153 root: 0x2/.
[ 214.673580][ T7] rcu: blocking rcu_node structures (internal RCU debug):
[ 214.681161][ T7] Task dump for CPU 1:
[ 214.685328][ T7] task:syz.0.17 state:R running task stack:25616 pid: 5059 ppid: 4774 flags:0x00004008
[ 214.696317][ T7] Call Trace:
[ 214.699902][ T7]
[ 214.703028][ T7] ? exit_mmap+0x3b9/0x640
[ 214.707941][ T7] ? vm_brk+0x20/0x20
[ 214.712061][ T7] ? uprobe_clear_state+0x2f6/0x460
[ 214.717387][ T7] ? mm_update_next_owner+0x522/0x640
[ 214.722896][ T7] ? __mmput+0x115/0x3b0
[ 214.727380][ T7] ? exit_mm+0x588/0x6e0
[ 214.731815][ T7] ? xacct_add_tsk+0x4a0/0x4a0
[ 214.736891][ T7] ? do_exit+0x20c0/0x20c0
[ 214.741437][ T7] ? taskstats_exit+0x439/0xab0
[ 214.746616][ T7] ? tty_audit_exit+0x14e/0x1f0
[ 214.751685][ T7] ? do_exit+0x5a9/0x20c0
[ 214.756134][ T7] ? put_task_struct+0x80/0x80
[ 214.761267][ T7] ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 214.767568][ T7] ? lock_chain_count+0x20/0x20
[ 214.772888][ T7] ? _raw_spin_lock_irq+0xb7/0xf0
[ 214.778437][ T7] ? do_group_exit+0x12e/0x300
[ 214.783425][ T7] ? lockdep_hardirqs_on+0x94/0x140
[ 214.789075][ T7] ? get_signal+0x6ca/0x12c0
[ 214.794114][ T7] ? arch_do_signal_or_restart+0xe7/0x12c0
[ 214.800597][ T7] ? __might_fault+0xb3/0x110
[ 214.805943][ T7] ? futex_exit_release+0x1c0/0x1c0
[ 214.812020][ T7] ? get_sigframe_size+0x10/0x10
[ 214.817077][ T7] ? exit_to_user_mode_loop+0x3b/0x130
[ 214.823096][ T7] ? exit_to_user_mode_loop+0x9e/0x130
[ 214.829057][ T7] ? exit_to_user_mode_prepare+0xee/0x180
[ 214.835163][ T7] ? syscall_exit_to_user_mode+0x16/0x40
[ 214.841349][ T7] ? do_syscall_64+0x58/0xa0
[ 214.846462][ T7] ? clear_bhb_loop+0x30/0x80
[ 214.851426][ T7] ? clear_bhb_loop+0x30/0x80
[ 214.856508][ T7] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 214.862820][ T7]