Warning: Permanently added '10.128.0.128' (ED25519) to the list of known hosts. 2025/06/18 04:40:40 ignoring optional flag "sandboxArg"="0" 2025/06/18 04:40:41 parsed 1 programs [ 96.592615][ T3506] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 100.100920][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.109359][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.144990][ T1317] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.153053][ T1317] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.340229][ T3568] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 103.351910][ T3568] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 103.369453][ T3568] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 103.379306][ T3568] netdevsim netdevsim3 netdevsim3: renamed from eth3 2025/06/18 04:40:56 executed programs: 0 [ 122.695079][ T4009] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 122.707749][ T4009] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 122.721147][ T4009] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 122.770947][ T4016] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 122.782193][ T4009] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 122.797149][ T4016] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 122.810306][ T4016] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 122.823628][ T4016] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 123.234527][ T4003] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 123.247407][ T4003] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 123.269205][ T4003] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 123.363267][ T4003] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 123.374183][ T4004] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 123.397331][ T4004] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 123.420165][ T4004] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 123.439734][ T4010] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 123.475080][ T4004] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 123.488236][ T4010] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 123.522583][ T4010] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 123.550464][ T4010] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 157.213943][ T793] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.222220][ T793] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.268486][ T1274] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.276464][ T1274] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.748077][ T793] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.756167][ T793] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.825703][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.833709][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.971063][ T1317] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.979374][ T1317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.048379][ T1317] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.056959][ T1317] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 2025/06/18 04:41:44 executed programs: 10 [ 158.334542][ T1317] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.342416][ T1317] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.376776][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.384992][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.788744][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.797102][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.885841][ T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.893829][ T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.340126][ T6454] [ 161.342521][ T6454] ===================================== [ 161.348346][ T6454] WARNING: bad unlock balance detected! [ 161.353920][ T6454] 6.16.0-rc2-syzkaller #0 Not tainted [ 161.359396][ T6454] ------------------------------------- [ 161.365202][ T6454] syz.5.25/6454 is trying to release lock (&mapping->i_mmap_rwsem) at: [ 161.373949][ T6454] [] move_pgt_entry+0xbf7/0xd30 [ 161.380610][ T6454] but there are no more locks to release! [ 161.386462][ T6454] [ 161.386462][ T6454] other info that might help us debug this: [ 161.394725][ T6454] 1 lock held by syz.5.25/6454: [ 161.399853][ T6454] #0: ffff888113cab660 (&mm->mmap_lock){++++}-{4:4}, at: __se_sys_mremap+0x3e0/0xc40 [ 161.409749][ T6454] [ 161.409749][ T6454] stack backtrace: [ 161.415887][ T6454] CPU: 0 UID: 0 PID: 6454 Comm: syz.5.25 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(undef) [ 161.415904][ T6454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 161.415916][ T6454] Call Trace: [ 161.415926][ T6454] [ 161.415933][ T6454] dump_stack_lvl+0x189/0x250 [ 161.415955][ T6454] ? __pfx_dump_stack_lvl+0x10/0x10 [ 161.415972][ T6454] ? __pfx__printk+0x10/0x10 [ 161.415986][ T6454] ? print_lock_name+0xde/0x100 [ 161.416001][ T6454] ? move_pgt_entry+0xbf7/0xd30 [ 161.416018][ T6454] print_unlock_imbalance_bug+0xdc/0xf0 [ 161.416037][ T6454] lock_release+0x269/0x3e0 [ 161.416051][ T6454] ? move_pgt_entry+0xbf7/0xd30 [ 161.416067][ T6454] up_write+0x2d/0x420 [ 161.416078][ T6454] ? do_raw_spin_unlock+0x122/0x240 [ 161.416091][ T6454] move_pgt_entry+0xbf7/0xd30 [ 161.416109][ T6454] move_page_tables+0xb18/0x1a90 [ 161.416128][ T6454] ? move_page_tables+0x5e8/0x1a90 [ 161.416144][ T6454] ? __pfx_copy_vma+0x10/0x10 [ 161.416161][ T6454] ? __pfx_move_page_tables+0x10/0x10 [ 161.416181][ T6454] move_vma+0xd13/0x1f90 [ 161.416201][ T6454] ? __pfx_move_vma+0x10/0x10 [ 161.416217][ T6454] ? __lock_acquire+0xab9/0xd20 [ 161.416240][ T6454] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 161.416255][ T6454] ? mtree_load+0x100/0x700 [ 161.416268][ T6454] ? cap_mmap_addr+0xb0/0x100 [ 161.416282][ T6454] ? security_mmap_addr+0x50/0x1b0 [ 161.416294][ T6454] ? __get_unmapped_area+0x3a3/0x410 [ 161.416308][ T6454] ? vrm_set_new_addr+0x1a7/0x1f0 [ 161.416324][ T6454] mremap_to+0x7e7/0x8b0 [ 161.416342][ T6454] ? __pfx_mremap_to+0x10/0x10 [ 161.416359][ T6454] ? __pfx_down_write_killable+0x10/0x10 [ 161.416373][ T6454] ? do_futex+0x333/0x420 [ 161.416390][ T6454] __se_sys_mremap+0x901/0xc40 [ 161.416409][ T6454] ? __pfx___se_sys_mremap+0x10/0x10 [ 161.416426][ T6454] ? rcu_is_watching+0x15/0xb0 [ 161.416443][ T6454] ? do_syscall_64+0xbe/0x3b0 [ 161.416455][ T6454] ? __x64_sys_mremap+0x20/0xc0 [ 161.416471][ T6454] do_syscall_64+0xfa/0x3b0 [ 161.416483][ T6454] ? lockdep_hardirqs_on+0x9c/0x150 [ 161.416495][ T6454] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.416507][ T6454] ? clear_bhb_loop+0x60/0xb0 [ 161.416520][ T6454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.416533][ T6454] RIP: 0033:0x7f2a10dae929 [ 161.416549][ T6454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.416560][ T6454] RSP: 002b:00007f2a107fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 161.416574][ T6454] RAX: ffffffffffffffda RBX: 00007f2a10fd6080 RCX: 00007f2a10dae929 [ 161.416584][ T6454] RDX: 0000000000200000 RSI: 0000000000600600 RDI: 0000200000000000 [ 161.416593][ T6454] RBP: 00007f2a10e30b39 R08: 0000200000a00000 R09: 0000000000000000 [ 161.416601][ T6454] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 161.416609][ T6454] R13: 0000000000000000 R14: 00007f2a10fd6080 R15: 00007fff68c67ce8 [ 161.416620][ T6454] [ 161.715278][ T6454] ------------[ cut here ]------------ [ 161.720864][ T6454] DEBUG_RWSEMS_WARN_ON((rwsem_owner(sem) != current) && !rwsem_test_oflags(sem, RWSEM_NONSPINNABLE)): count = 0x0, magic = 0xffff88812331ab18, owner = 0x0, curr 0xffff88810abc1d00, list empty [ 161.740380][ T6454] WARNING: CPU: 0 PID: 6454 at kernel/locking/rwsem.c:1368 up_write+0x3a2/0x420 [ 161.749579][ T6454] Modules linked in: [ 161.753587][ T6454] CPU: 0 UID: 0 PID: 6454 Comm: syz.5.25 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(undef) [ 161.764760][ T6454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 161.775212][ T6454] RIP: 0010:up_write+0x3a2/0x420 [ 161.780802][ T6454] Code: d0 48 c7 c7 80 24 89 85 48 c7 c6 a0 26 89 85 48 8b 14 24 4c 89 f1 4d 89 e0 4c 8b 4c 24 08 41 52 e8 63 db e9 ff 48 83 c4 08 90 <0f> 0b 90 90 e9 6d fd ff ff 48 c7 c1 f4 3d 4e 87 80 e1 07 80 c1 03 [ 161.801192][ T6454] RSP: 0018:ffffc900020a7500 EFLAGS: 00010296 [ 161.807351][ T6454] RAX: 1e79ad0dbfc03a00 RBX: ffff88812331ab18 RCX: ffff88810abc1d00 [ 161.815374][ T6454] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 161.823366][ T6454] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004 [ 161.831455][ T6454] R10: dffffc0000000000 R11: fffffbfff0d2d48c R12: 0000000000000000 [ 161.839629][ T6454] R13: ffff88812331ab70 R14: ffff88812331ab18 R15: 1ffff11024663564 [ 161.848021][ T6454] FS: 00007f2a107fe6c0(0000) GS:ffff88826d29d000(0000) knlGS:0000000000000000 [ 161.857028][ T6454] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 161.863738][ T6454] CR2: 0000001b2de5ffff CR3: 0000000134468000 CR4: 00000000003506f0 [ 161.871805][ T6454] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 161.880366][ T6454] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 161.889053][ T6454] Call Trace: [ 161.892352][ T6454] [ 161.895350][ T6454] move_pgt_entry+0xbf7/0xd30 [ 161.900073][ T6454] move_page_tables+0xb18/0x1a90 [ 161.905083][ T6454] ? move_page_tables+0x5e8/0x1a90 [ 161.910237][ T6454] ? __pfx_copy_vma+0x10/0x10 [ 161.915103][ T6454] ? __pfx_move_page_tables+0x10/0x10 [ 161.920593][ T6454] move_vma+0xd13/0x1f90 [ 161.924927][ T6454] ? __pfx_move_vma+0x10/0x10 [ 161.929730][ T6454] ? __lock_acquire+0xab9/0xd20 [ 161.934739][ T6454] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 161.941350][ T6454] ? mtree_load+0x100/0x700 [ 161.945945][ T6454] ? cap_mmap_addr+0xb0/0x100 [ 161.950664][ T6454] ? security_mmap_addr+0x50/0x1b0 [ 161.955995][ T6454] ? __get_unmapped_area+0x3a3/0x410 [ 161.961508][ T6454] ? vrm_set_new_addr+0x1a7/0x1f0 [ 161.966872][ T6454] mremap_to+0x7e7/0x8b0 [ 161.971231][ T6454] ? __pfx_mremap_to+0x10/0x10 [ 161.976144][ T6454] ? __pfx_down_write_killable+0x10/0x10 [ 161.981905][ T6454] ? do_futex+0x333/0x420 [ 161.987022][ T6454] __se_sys_mremap+0x901/0xc40 [ 161.991924][ T6454] ? __pfx___se_sys_mremap+0x10/0x10 [ 161.997770][ T6454] ? rcu_is_watching+0x15/0xb0 [ 162.002577][ T6454] ? do_syscall_64+0xbe/0x3b0 [ 162.007447][ T6454] ? __x64_sys_mremap+0x20/0xc0 [ 162.012426][ T6454] do_syscall_64+0xfa/0x3b0 [ 162.017082][ T6454] ? lockdep_hardirqs_on+0x9c/0x150 [ 162.022510][ T6454] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.028751][ T6454] ? clear_bhb_loop+0x60/0xb0 [ 162.033470][ T6454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.039430][ T6454] RIP: 0033:0x7f2a10dae929 [ 162.043960][ T6454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.064343][ T6454] RSP: 002b:00007f2a107fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 162.072787][ T6454] RAX: ffffffffffffffda RBX: 00007f2a10fd6080 RCX: 00007f2a10dae929 [ 162.080918][ T6454] RDX: 0000000000200000 RSI: 0000000000600600 RDI: 0000200000000000 [ 162.089541][ T6454] RBP: 00007f2a10e30b39 R08: 0000200000a00000 R09: 0000000000000000 [ 162.098749][ T6454] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 162.107178][ T6454] R13: 0000000000000000 R14: 00007f2a10fd6080 R15: 00007fff68c67ce8 [ 162.115483][ T6454] [ 162.118561][ T6454] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 162.125863][ T6454] CPU: 0 UID: 0 PID: 6454 Comm: syz.5.25 Not tainted 6.16.0-rc2-syzkaller #0 PREEMPT(undef) [ 162.136468][ T6454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 162.146888][ T6454] Call Trace: [ 162.150274][ T6454] [ 162.153399][ T6454] dump_stack_lvl+0x99/0x250 [ 162.158113][ T6454] ? __asan_memcpy+0x40/0x70 [ 162.162853][ T6454] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.168348][ T6454] ? __pfx__printk+0x10/0x10 [ 162.172974][ T6454] panic+0x2db/0x790 [ 162.176902][ T6454] ? __pfx_panic+0x10/0x10 [ 162.181368][ T6454] ? show_trace_log_lvl+0x4fb/0x550 [ 162.186680][ T6454] __warn+0x31b/0x4b0 [ 162.190691][ T6454] ? up_write+0x3a2/0x420 [ 162.195053][ T6454] ? up_write+0x3a2/0x420 [ 162.199410][ T6454] report_bug+0x2be/0x4f0 [ 162.203772][ T6454] ? up_write+0x3a2/0x420 [ 162.208216][ T6454] ? up_write+0x3a2/0x420 [ 162.212627][ T6454] ? up_write+0x3a4/0x420 [ 162.216992][ T6454] handle_bug+0x84/0x160 [ 162.221510][ T6454] exc_invalid_op+0x1a/0x50 [ 162.226112][ T6454] asm_exc_invalid_op+0x1a/0x20 [ 162.230972][ T6454] RIP: 0010:up_write+0x3a2/0x420 [ 162.236268][ T6454] Code: d0 48 c7 c7 80 24 89 85 48 c7 c6 a0 26 89 85 48 8b 14 24 4c 89 f1 4d 89 e0 4c 8b 4c 24 08 41 52 e8 63 db e9 ff 48 83 c4 08 90 <0f> 0b 90 90 e9 6d fd ff ff 48 c7 c1 f4 3d 4e 87 80 e1 07 80 c1 03 [ 162.256846][ T6454] RSP: 0018:ffffc900020a7500 EFLAGS: 00010296 [ 162.263196][ T6454] RAX: 1e79ad0dbfc03a00 RBX: ffff88812331ab18 RCX: ffff88810abc1d00 [ 162.271538][ T6454] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 162.279518][ T6454] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004 [ 162.287592][ T6454] R10: dffffc0000000000 R11: fffffbfff0d2d48c R12: 0000000000000000 [ 162.295853][ T6454] R13: ffff88812331ab70 R14: ffff88812331ab18 R15: 1ffff11024663564 [ 162.303920][ T6454] move_pgt_entry+0xbf7/0xd30 [ 162.308711][ T6454] move_page_tables+0xb18/0x1a90 [ 162.313670][ T6454] ? move_page_tables+0x5e8/0x1a90 [ 162.318945][ T6454] ? __pfx_copy_vma+0x10/0x10 [ 162.323632][ T6454] ? __pfx_move_page_tables+0x10/0x10 [ 162.329035][ T6454] move_vma+0xd13/0x1f90 [ 162.333288][ T6454] ? __pfx_move_vma+0x10/0x10 [ 162.338141][ T6454] ? __lock_acquire+0xab9/0xd20 [ 162.343070][ T6454] ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10 [ 162.349892][ T6454] ? mtree_load+0x100/0x700 [ 162.354394][ T6454] ? cap_mmap_addr+0xb0/0x100 [ 162.359066][ T6454] ? security_mmap_addr+0x50/0x1b0 [ 162.364213][ T6454] ? __get_unmapped_area+0x3a3/0x410 [ 162.369576][ T6454] ? vrm_set_new_addr+0x1a7/0x1f0 [ 162.374713][ T6454] mremap_to+0x7e7/0x8b0 [ 162.379341][ T6454] ? __pfx_mremap_to+0x10/0x10 [ 162.384228][ T6454] ? __pfx_down_write_killable+0x10/0x10 [ 162.390342][ T6454] ? do_futex+0x333/0x420 [ 162.394862][ T6454] __se_sys_mremap+0x901/0xc40 [ 162.399832][ T6454] ? __pfx___se_sys_mremap+0x10/0x10 [ 162.405130][ T6454] ? rcu_is_watching+0x15/0xb0 [ 162.410378][ T6454] ? do_syscall_64+0xbe/0x3b0 [ 162.415201][ T6454] ? __x64_sys_mremap+0x20/0xc0 [ 162.420045][ T6454] do_syscall_64+0xfa/0x3b0 [ 162.424732][ T6454] ? lockdep_hardirqs_on+0x9c/0x150 [ 162.430183][ T6454] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.436335][ T6454] ? clear_bhb_loop+0x60/0xb0 [ 162.441167][ T6454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.447101][ T6454] RIP: 0033:0x7f2a10dae929 [ 162.451519][ T6454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.471829][ T6454] RSP: 002b:00007f2a107fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 162.480437][ T6454] RAX: ffffffffffffffda RBX: 00007f2a10fd6080 RCX: 00007f2a10dae929 [ 162.488493][ T6454] RDX: 0000000000200000 RSI: 0000000000600600 RDI: 0000200000000000 [ 162.496655][ T6454] RBP: 00007f2a10e30b39 R08: 0000200000a00000 R09: 0000000000000000 [ 162.505355][ T6454] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 162.514088][ T6454] R13: 0000000000000000 R14: 00007f2a10fd6080 R15: 00007fff68c67ce8 [ 162.522341][ T6454] [ 162.525722][ T6454] Kernel Offset: disabled [ 162.530315][ T6454] Rebooting in 86400 seconds..