Warning: Permanently added '10.128.0.13' (ED25519) to the list of known hosts.
2026/02/14 18:44:45 parsed 1 programs
[ 24.069858][ T28] audit: type=1400 audit(1771094685.718:64): avc: denied { node_bind } for pid=283 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[ 24.090827][ T28] audit: type=1400 audit(1771094685.718:65): avc: denied { module_request } for pid=283 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[ 24.790534][ T28] audit: type=1400 audit(1771094686.438:66): avc: denied { mounton } for pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[ 24.791530][ T289] cgroup: Unknown subsys name 'net'
[ 24.813184][ T28] audit: type=1400 audit(1771094686.438:67): avc: denied { mount } for pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 24.840473][ T28] audit: type=1400 audit(1771094686.468:68): avc: denied { unmount } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 24.840642][ T289] cgroup: Unknown subsys name 'devices'
[ 24.953387][ T289] cgroup: Unknown subsys name 'hugetlb'
[ 24.958987][ T289] cgroup: Unknown subsys name 'rlimit'
[ 25.068251][ T28] audit: type=1400 audit(1771094686.718:69): avc: denied { setattr } for pid=289 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 25.091389][ T28] audit: type=1400 audit(1771094686.718:70): avc: denied { create } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 25.111766][ T28] audit: type=1400 audit(1771094686.718:71): avc: denied { write } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 25.120451][ T293] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped).
[ 25.132108][ T28] audit: type=1400 audit(1771094686.718:72): avc: denied { read } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[ 25.160714][ T28] audit: type=1400 audit(1771094686.718:73): avc: denied { mounton } for pid=289 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 25.215895][ T289] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 25.836008][ T296] request_module fs-gadgetfs succeeded, but still no fs?
[ 26.136957][ T311] bridge0: port 1(bridge_slave_0) entered blocking state
[ 26.144061][ T311] bridge0: port 1(bridge_slave_0) entered disabled state
[ 26.151429][ T311] device bridge_slave_0 entered promiscuous mode
[ 26.158366][ T311] bridge0: port 2(bridge_slave_1) entered blocking state
[ 26.165414][ T311] bridge0: port 2(bridge_slave_1) entered disabled state
[ 26.172870][ T311] device bridge_slave_1 entered promiscuous mode
[ 26.210476][ T311] bridge0: port 2(bridge_slave_1) entered blocking state
[ 26.217531][ T311] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 26.224808][ T311] bridge0: port 1(bridge_slave_0) entered blocking state
[ 26.231842][ T311] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 26.249610][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 26.256900][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 26.264828][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 26.272497][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 26.281992][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 26.290186][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 26.297227][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 26.305743][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 26.313971][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 26.320993][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 26.332219][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 26.341292][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 26.355108][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 26.366108][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 26.374259][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 26.381621][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 26.389979][ T311] device veth0_vlan entered promiscuous mode
[ 26.401574][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 26.410681][ T311] device veth1_macvtap entered promiscuous mode
[ 26.420211][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 26.430495][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 26.459456][ T311] syz-executor (311) used greatest stack depth: 21568 bytes left
2026/02/14 18:44:48 executed programs: 0
[ 26.979236][ T365] bridge0: port 1(bridge_slave_0) entered blocking state
[ 26.986407][ T365] bridge0: port 1(bridge_slave_0) entered disabled state
[ 26.994084][ T365] device bridge_slave_0 entered promiscuous mode
[ 27.001235][ T365] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.008334][ T365] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.015838][ T365] device bridge_slave_1 entered promiscuous mode
[ 27.055891][ T365] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.062956][ T365] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 27.070202][ T365] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.077239][ T365] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 27.094313][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 27.102425][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 27.109648][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 27.118707][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 27.127327][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 27.135751][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 27.142817][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 27.151275][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 27.159769][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 27.168008][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 27.175053][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 27.189350][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 27.197518][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 27.206425][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 27.214856][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 27.228044][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 27.236586][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 27.247314][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 27.255401][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 27.263798][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 27.271288][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 27.279278][ T365] device veth0_vlan entered promiscuous mode
[ 27.288522][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 27.297036][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 27.306389][ T365] device veth1_macvtap entered promiscuous mode
[ 27.315216][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 27.322911][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 27.331061][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 27.340447][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 27.348799][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 27.374707][ T375] loop2: detected capacity change from 0 to 1024
[ 27.381349][ T375] =======================================================
[ 27.381349][ T375] WARNING: The mand mount option has been deprecated and
[ 27.381349][ T375] and is ignored by this kernel. Remove the mand
[ 27.381349][ T375] option from the mount to silence this warning.
[ 27.381349][ T375] =======================================================
[ 27.423060][ T375] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.440762][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.455553][ T380] loop2: detected capacity change from 0 to 1024
[ 27.472613][ T380] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.485292][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.498839][ T383] loop2: detected capacity change from 0 to 1024
[ 27.512964][ T383] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.526713][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.542632][ T386] loop2: detected capacity change from 0 to 1024
[ 27.552974][ T386] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.565534][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.578758][ T389] loop2: detected capacity change from 0 to 1024
[ 27.596991][ T389] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.609213][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.626162][ T392] loop2: detected capacity change from 0 to 1024
[ 27.642767][ T392] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.659239][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.673274][ T395] loop2: detected capacity change from 0 to 1024
[ 27.683017][ T395] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.699210][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.715954][ T398] loop2: detected capacity change from 0 to 1024
[ 27.733937][ T398] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.747983][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.762120][ T401] loop2: detected capacity change from 0 to 1024
[ 27.784206][ T401] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.796919][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.811212][ T404] loop2: detected capacity change from 0 to 1024
[ 27.833204][ T404] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.846216][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.894733][ T407] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.910676][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.942713][ T411] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.961831][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 27.983062][ T414] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 27.994374][ T8] device bridge_slave_1 left promiscuous mode
[ 28.000563][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 28.008280][ T8] device bridge_slave_0 left promiscuous mode
[ 28.008671][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.014861][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 28.028386][ T8] device veth1_macvtap left promiscuous mode
[ 28.034439][ T8] device veth0_vlan left promiscuous mode
[ 28.068202][ T417] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.089313][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.113004][ T420] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.125713][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.152623][ T423] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.164639][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.195366][ T426] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.207165][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.233635][ T429] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.246052][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.263699][ T432] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.276031][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.308676][ T435] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.321370][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.343564][ T438] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.359075][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.383367][ T441] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.395288][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.414291][ T444] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.426257][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.443154][ T447] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.454857][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.492776][ T450] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.507649][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.533501][ T453] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.546101][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.563650][ T456] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.577592][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.603358][ T459] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.615420][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.642903][ T462] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.655820][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.682810][ T465] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.697847][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.722789][ T468] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 28.736226][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 28.772981][ T471] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 29.544399][ T565] ==================================================================
[ 29.552490][ T565] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x979/0x21d0
[ 29.560209][ T565] Read of size 18446744073709551588 at addr ffff88810d68f040 by task syz.2.80/565
[ 29.569371][ T565]
[ 29.571688][ T565] CPU: 1 PID: 565 Comm: syz.2.80 Not tainted syzkaller #0
[ 29.578775][ T565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 29.588837][ T565] Call Trace:
[ 29.592102][ T565]
[ 29.595019][ T565] __dump_stack+0x21/0x24
[ 29.599340][ T565] dump_stack_lvl+0x110/0x170
[ 29.604003][ T565] ? __cfi_dump_stack_lvl+0x8/0x8
[ 29.609013][ T565] ? kasan_save_alloc_info+0x25/0x30
[ 29.614285][ T565] ? ext4_xattr_block_set+0x9d5/0x3260
[ 29.619732][ T565] ? ext4_xattr_set+0x242/0x320
[ 29.624571][ T565] ? ext4_xattr_trusted_set+0x3c/0x50
[ 29.629933][ T565] ? ext4_xattr_set_entry+0x979/0x21d0
[ 29.635381][ T565] print_address_description+0x71/0x200
[ 29.640908][ T565] print_report+0x4a/0x60
[ 29.645222][ T565] kasan_report+0x122/0x150
[ 29.649711][ T565] ? ext4_xattr_set_entry+0x979/0x21d0
[ 29.655155][ T565] ? ext4_xattr_set_entry+0x979/0x21d0
[ 29.660599][ T565] kasan_check_range+0x249/0x2a0
[ 29.665520][ T565] ? ext4_xattr_set_entry+0x979/0x21d0
[ 29.670963][ T565] memmove+0x2d/0x70
[ 29.674845][ T565] ext4_xattr_set_entry+0x979/0x21d0
[ 29.680119][ T565] ext4_xattr_block_set+0xad3/0x3260
[ 29.685390][ T565] ? __kasan_check_write+0x14/0x20
[ 29.690573][ T565] ? iput+0x620/0x670
[ 29.694542][ T565] ? ext4_xattr_block_find+0x310/0x310
[ 29.699989][ T565] ext4_xattr_set_handle+0xbc4/0x12c0
[ 29.705348][ T565] ? __cfi_ext4_xattr_set_handle+0x10/0x10
[ 29.711141][ T565] ? __kasan_check_read+0x11/0x20
[ 29.716149][ T565] ? __ext4_journal_start_sb+0x2ed/0x4a0
[ 29.721766][ T565] ext4_xattr_set+0x242/0x320
[ 29.726429][ T565] ? __kasan_kmalloc+0x95/0xb0
[ 29.731172][ T565] ? __kmalloc_node+0xb2/0x1e0
[ 29.735925][ T565] ? __cfi_ext4_xattr_set+0x10/0x10
[ 29.741112][ T565] ? selinux_inode_setxattr+0x5cf/0xbf0
[ 29.746655][ T565] ext4_xattr_trusted_set+0x3c/0x50
[ 29.751840][ T565] ? __cfi_ext4_xattr_trusted_set+0x10/0x10
[ 29.757719][ T565] __vfs_setxattr+0x3f2/0x440
[ 29.762381][ T565] __vfs_setxattr_noperm+0x12a/0x5e0
[ 29.767711][ T565] __vfs_setxattr_locked+0x212/0x230
[ 29.773008][ T565] vfs_setxattr+0x167/0x2e0
[ 29.777504][ T565] ? __cfi_vfs_setxattr+0x10/0x10
[ 29.782512][ T565] ? __kasan_check_write+0x14/0x20
[ 29.787606][ T565] setxattr+0x346/0x360
[ 29.791749][ T565] ? path_setxattr+0x290/0x290
[ 29.796591][ T565] ? _raw_spin_unlock+0x4c/0x70
[ 29.801433][ T565] ? __mnt_want_write+0x1e6/0x260
[ 29.806442][ T565] ? mnt_want_write+0x220/0x300
[ 29.811277][ T565] path_setxattr+0x147/0x290
[ 29.815854][ T565] ? simple_xattr_list_add+0x120/0x120
[ 29.821302][ T565] __x64_sys_setxattr+0xc5/0xe0
[ 29.826141][ T565] x64_sys_call+0x633/0x9a0
[ 29.830638][ T565] do_syscall_64+0x4c/0xa0
[ 29.835040][ T565] ? clear_bhb_loop+0x30/0x80
[ 29.839695][ T565] ? clear_bhb_loop+0x30/0x80
[ 29.844350][ T565] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 29.850228][ T565] RIP: 0033:0x7fd731b9bf79
[ 29.854635][ T565] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 29.874222][ T565] RSP: 002b:00007ffd260179b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 29.882643][ T565] RAX: ffffffffffffffda RBX: 00007fd731e15fa0 RCX: 00007fd731b9bf79
[ 29.890597][ T565] RDX: 0000200000000140 RSI: 00002000000001c0 RDI: 0000200000000000
[ 29.898550][ T565] RBP: 00007fd731c327e0 R08: 0000000000000001 R09: 0000000000000000
[ 29.906510][ T565] R10: 0000000000000841 R11: 0000000000000246 R12: 0000000000000000
[ 29.914479][ T565] R13: 00007fd731e15fac R14: 00007fd731e15fa0 R15: 00007fd731e15fa0
[ 29.922584][ T565]
[ 29.925598][ T565]
[ 29.927909][ T565] Allocated by task 565:
[ 29.932129][ T565] kasan_set_track+0x4b/0x70
[ 29.936716][ T565] kasan_save_alloc_info+0x25/0x30
[ 29.941837][ T565] __kasan_kmalloc+0x95/0xb0
[ 29.946426][ T565] __kmalloc_node_track_caller+0xb1/0x1e0
[ 29.952130][ T565] kmemdup+0x2b/0x60
[ 29.956012][ T565] ext4_xattr_block_set+0x9d5/0x3260
[ 29.961285][ T565] ext4_xattr_set_handle+0xbc4/0x12c0
[ 29.966653][ T565] ext4_xattr_set+0x242/0x320
[ 29.971340][ T565] ext4_xattr_trusted_set+0x3c/0x50
[ 29.976537][ T565] __vfs_setxattr+0x3f2/0x440
[ 29.981203][ T565] __vfs_setxattr_noperm+0x12a/0x5e0
[ 29.986470][ T565] __vfs_setxattr_locked+0x212/0x230
[ 29.991742][ T565] vfs_setxattr+0x167/0x2e0
[ 29.996228][ T565] setxattr+0x346/0x360
[ 30.000370][ T565] path_setxattr+0x147/0x290
[ 30.004943][ T565] __x64_sys_setxattr+0xc5/0xe0
[ 30.009780][ T565] x64_sys_call+0x633/0x9a0
[ 30.014265][ T565] do_syscall_64+0x4c/0xa0
[ 30.018665][ T565] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 30.024542][ T565]
[ 30.026845][ T565] The buggy address belongs to the object at ffff88810d68f000
[ 30.026845][ T565] which belongs to the cache kmalloc-1k of size 1024
[ 30.040883][ T565] The buggy address is located 64 bytes inside of
[ 30.040883][ T565] 1024-byte region [ffff88810d68f000, ffff88810d68f400)
[ 30.054138][ T565]
[ 30.056444][ T565] The buggy address belongs to the physical page:
[ 30.062846][ T565] page:ffffea000435a200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10d688
[ 30.073072][ T565] head:ffffea000435a200 order:3 compound_mapcount:0 compound_pincount:0
[ 30.081378][ T565] flags: 0x4000000000010200(slab|head|zone=1)
[ 30.087440][ T565] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043080
[ 30.096006][ T565] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 30.104571][ T565] page dumped because: kasan: bad access detected
[ 30.110986][ T565] page_owner tracks the page as allocated
[ 30.116681][ T565] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 311, tgid 311 (syz-executor), ts 26243350548, free_ts 26119604104
[ 30.139237][ T565] post_alloc_hook+0x1f5/0x210
[ 30.143992][ T565] prep_new_page+0x1c/0x110
[ 30.148482][ T565] get_page_from_freelist+0x2d12/0x2d80
[ 30.154011][ T565] __alloc_pages+0x1d9/0x480
[ 30.158590][ T565] alloc_slab_page+0x6e/0xf0
[ 30.163164][ T565] new_slab+0x98/0x3d0
[ 30.167219][ T565] ___slab_alloc+0x6bd/0xb20
[ 30.171794][ T565] __slab_alloc+0x5e/0xa0
[ 30.176106][ T565] __kmem_cache_alloc_node+0x203/0x2c0
[ 30.181552][ T565] __kmalloc_node_track_caller+0xa0/0x1e0
[ 30.187250][ T565] __alloc_skb+0x236/0x4b0
[ 30.191651][ T565] rtmsg_fib+0x60a/0xe20
[ 30.195882][ T565] fib_table_insert+0xf53/0x1df0
[ 30.200806][ T565] fib_add_ifaddr+0x937/0xf10
[ 30.205468][ T565] fib_netdev_event+0x231/0x5b0
[ 30.210306][ T565] raw_notifier_call_chain+0xa1/0x110
[ 30.215674][ T565] page last free stack trace:
[ 30.220323][ T565] free_unref_page_prepare+0x742/0x750
[ 30.225763][ T565] free_unref_page+0x95/0x540
[ 30.230421][ T565] __free_pages+0x67/0x100
[ 30.234824][ T565] free_pages+0x82/0x90
[ 30.238962][ T565] kasan_depopulate_vmalloc_pte+0x6b/0x90
[ 30.244663][ T565] __apply_to_page_range+0x8de/0xc80
[ 30.249942][ T565] apply_to_existing_page_range+0x38/0x50
[ 30.255668][ T565] kasan_release_vmalloc+0x97/0xb0
[ 30.260772][ T565] __purge_vmap_area_lazy+0xf15/0x1870
[ 30.266217][ T565] drain_vmap_area_work+0x3e/0xd0
[ 30.271225][ T565] process_one_work+0x71f/0xc40
[ 30.276055][ T565] worker_thread+0xa29/0x11e0
[ 30.280725][ T565] kthread+0x281/0x320
[ 30.284790][ T565] ret_from_fork+0x1f/0x30
[ 30.289196][ T565]
[ 30.291499][ T565] Memory state around the buggy address:
[ 30.297104][ T565] ffff88810d68ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 30.305146][ T565] ffff88810d68ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 30.313188][ T565] >ffff88810d68f000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 30.321249][ T565] ^
[ 30.327396][ T565] ffff88810d68f080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 30.335454][ T565] ffff88810d68f100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 30.343507][ T565] ==================================================================
[ 30.352876][ T565] Disabling lock debugging due to kernel taint
[ 30.359056][ T28] kauditd_printk_skb: 34 callbacks suppressed
[ 30.359070][ T28] audit: type=1400 audit(1771094692.008:108): avc: denied { read } for pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 30.387530][ T28] audit: type=1400 audit(1771094692.008:109): avc: denied { search } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 30.408965][ T28] audit: type=1400 audit(1771094692.008:110): avc: denied { write } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 30.430345][ T28] audit: type=1400 audit(1771094692.008:111): avc: denied { add_name } for pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 30.451119][ T28] audit: type=1400 audit(1771094692.008:112): avc: denied { create } for pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 30.471681][ T28] audit: type=1400 audit(1771094692.008:113): avc: denied { append open } for pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 30.494647][ T28] audit: type=1400 audit(1771094692.008:114): avc: denied { getattr } for pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
2026/02/14 18:44:53 executed programs: 129
[ 31.982381][ T28] audit: type=1400 audit(1771094693.638:115): avc: denied { write } for pid=283 comm="syz-execprog" path="pipe:[14088]" dev="pipefs" ino=14088 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 32.384209][ T813] set_capacity_and_notify: 134 callbacks suppressed
[ 32.384223][ T813] loop2: detected capacity change from 0 to 1024
[ 32.418095][ T816] loop2: detected capacity change from 0 to 1024
[ 32.447545][ T819] loop2: detected capacity change from 0 to 1024
[ 32.474933][ T822] loop2: detected capacity change from 0 to 1024
[ 32.505536][ T825] loop2: detected capacity change from 0 to 1024
[ 32.544735][ T828] loop2: detected capacity change from 0 to 1024
[ 32.573784][ T831] loop2: detected capacity change from 0 to 1024
[ 32.595100][ T834] loop2: detected capacity change from 0 to 1024
[ 32.627575][ T837] loop2: detected capacity change from 0 to 1024
[ 32.653879][ T840] loop2: detected capacity change from 0 to 1024
[ 32.952815][ T882] EXT4-fs mount: 271 callbacks suppressed
[ 32.952831][ T882] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 32.971225][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 32.992707][ T885] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.004805][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.032831][ T888] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.045787][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.063703][ T891] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.076469][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.093974][ T894] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.106128][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.132683][ T897] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.145221][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.174219][ T900] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.186787][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.204226][ T903] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.216586][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.234324][ T906] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.246434][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.266215][ T909] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.279054][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.302773][ T912] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.314922][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.332671][ T915] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.345500][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.363869][ T918] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.376324][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.394472][ T921] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.406342][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.423871][ T924] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.435819][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.462586][ T927] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.475364][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.492812][ T930] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.505144][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.523464][ T933] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.535477][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.562689][ T936] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.574894][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.612707][ T939] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.624840][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.652667][ T942] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.664771][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.692672][ T945] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.704982][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.722652][ T948] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.737776][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.762652][ T951] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.776683][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.802602][ T954] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.814758][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.833327][ T957] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.845916][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.863091][ T960] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.875020][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.904270][ T963] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.917814][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.942704][ T966] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 33.958212][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 33.992779][ T969] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 34.005129][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 34.027177][ T972] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 34.039165][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 34.062640][ T975] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 34.075378][ T365] EXT4-fs (loop2): unmounting filesystem.
[ 36.267529][ T297] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[ 36.272049][ C0] ------------[ cut here ]------------
[ 36.279363][ T297] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 36.284873][ C0] WARNING: CPU: 0 PID: 6 at mm/page_alloc.c:5841 __alloc_pages+0x298/0x480
[ 36.293218][ T297] CPU: 1 PID: 297 Comm: udevd Tainted: G B syzkaller #0
[ 36.293241][ T297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 36.293249][ T297] RIP: 0010:selinux_inode_permission+0x249/0x5f0
[ 36.293274][ T297] Code: 00 00 fc ff df 42 80 3c 20 00 74 08 48 89 df e8 9d 5f 7c ff 48 8b 03 48 63 0d 63 c5 32 04 48 8d 5c 08 04 48 89 d8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 1d 03 00 00 8b 03 89 44 24 20 49 8d 5d
[ 36.301872][ C0] Modules linked in:
[ 36.310153][ T297] RSP: 0018:ffffc900015f7660 EFLAGS: 00010247
[ 36.320334][ C0]
[ 36.326604][ T297] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000000000
[ 36.326618][ T297] RDX: 0000000000000014 RSI: 0000000000000000 RDI: ffffc900015f76d4
[ 36.326627][ T297] RBP: ffffc900015f7750 R08: 0000000000000003 R09: ffffc900015f76c0
[ 36.326638][ T297] R10: dffffc0000000000 R11: fffff520002beeda R12: dffffc0000000000
[ 36.346245][ C0] CPU: 0 PID: 6 Comm: kworker/0:0 Tainted: G B syzkaller #0
[ 36.350102][ T297] R13: ffff88810049e858 R14: 1ffff920002beed4 R15: 0000000010000000
[ 36.356169][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 36.358450][ T297] FS: 00007f9eaab41880(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 36.366413][ C0] Workqueue: rcu_gp srcu_invoke_callbacks
[ 36.374429][ T297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 36.374442][ T297] CR2: 00007f9eaa20a000 CR3: 000000010b7df000 CR4: 00000000003506a0
[ 36.374457][ T297] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 36.382411][ C0]
[ 36.390354][ T297] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 36.399054][ C0] RIP: 0010:__alloc_pages+0x298/0x480
[ 36.406966][ T297] Call Trace:
[ 36.406974][ T297]
[ 36.406982][ T297] ? __cfi_selinux_inode_permission+0x10/0x10
[ 36.417049][ C0] Code: 0c 25 28 00 00 00 48 3b 8c 24 c0 00 00 00 0f 85 a3 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 0d ac dd 05 01 <0f> 0b eb 95 a9 00 00 08 00 48 8b 54 24 08 75 17 44 89 f6 81 e6 7f
[ 36.425939][ T297] ? is_bpf_text_address+0x177/0x190
[ 36.425967][ T297] security_inode_permission+0xb5/0x110
[ 36.431706][ C0] RSP: 0018:ffffc90000006f60 EFLAGS: 00010246
[ 36.438251][ T297] inode_permission+0xef/0x4b0
[ 36.446229][ C0]
[ 36.454157][ T297] link_path_walk+0x280/0xe80
[ 36.456490][ C0] RAX: ffffc90000006f00 RBX: 000000000000000f RCX: 0000000000000000
[ 36.464437][ T297] ? handle_lookup_down+0x130/0x130
[ 36.464465][ T297] path_lookupat+0x95/0x490
[ 36.469803][ C0] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffffc90000006fe8
[ 36.473070][ T297] filename_lookup+0x224/0x560
[ 36.473089][ T297] ? __cfi_filename_lookup+0x10/0x10
[ 36.476004][ C0] RBP: ffffc90000007070 R08: ffffc90000006fe7 R09: ffffc90000006fd0
[ 36.482051][ T297] vfs_statx+0x109/0x670
[ 36.482070][ T297] ? __check_object_size+0x45a/0x600
[ 36.501677][ C0] R10: dffffc0000000000 R11: fffff52000000dfd R12: dffffc0000000000
[ 36.506923][ T297] ? vfs_fstatat+0x80/0x80
[ 36.512461][ C0] R13: 0000000000000000 R14: 0000000000040a20 R15: 1ffff92000000df0
[ 36.518481][ T297] __se_sys_newfstatat+0x142/0x440
[ 36.523236][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 36.525526][ T297] ? __x64_sys_newfstatat+0xb0/0xb0
[ 36.530175][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 36.538122][ T297] ? percpu_counter_add_batch+0x13c/0x160
[ 36.538148][ T297] ? __fput+0x66a/0x8f0
[ 36.543329][ C0] CR2: 00007f9eaa20a000 CR3: 0000000125773000 CR4: 00000000003506b0
[ 36.547795][ T297] ? __cfi_mem_cgroup_handle_over_high+0x10/0x10
[ 36.555847][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 36.560565][ T297] ? fput+0x15b/0x1a0
[ 36.565843][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 36.573775][ T297] __x64_sys_newfstatat+0x9b/0xb0
[ 36.573797][ T297] x64_sys_call+0x77c/0x9a0
[ 36.578006][ C0] Call Trace:
[ 36.578014][ C0]
[ 36.583260][ T297] do_syscall_64+0x4c/0xa0
[ 36.583283][ T297] ? clear_bhb_loop+0x30/0x80
[ 36.591225][ C0] ? update_stack_state+0x16b/0x480
[ 36.595616][ T297] ? clear_bhb_loop+0x30/0x80
[ 36.595631][ T297] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 36.603599][ C0] ? __cfi___alloc_pages+0x10/0x10
[ 36.608671][ T297] RIP: 0033:0x7f9eaa511b0a
[ 36.617622][ C0] skb_copy_ubufs+0x7c9/0x1600
[ 36.622773][ T297] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7
[ 36.622788][ T297] RSP: 002b:00007ffd90f5c368 EFLAGS: 00000246
[ 36.629348][ C0] ? __kernel_text_address+0xd/0x30
[ 36.635044][ T297] ORIG_RAX: 0000000000000106
[ 36.635052][ T297] RAX: ffffffffffffffda RBX: 0000000000006180 RCX: 00007f9eaa511b0a
[ 36.635063][ T297] RDX: 00007ffd90f5c390 RSI: 000055bb17cd26e0 RDI: 00000000ffffff9c
[ 36.639195][ C0] skb_clone+0x265/0x380
[ 36.647142][ T297] RBP: 0000000000000000 R08: 0000000000000000 R09: 000055bb17ccf960
[ 36.647160][ T297] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000000
[ 36.647170][ T297] R13: 0000000000000000 R14: 000055bb17cd26e0 R15: 000055bb17cdf2d0
[ 36.653486][ C0] __tcp_transmit_skb+0x342/0x3480
[ 36.661421][ T297]
[ 36.665392][ C0] ? kasan_set_track+0x60/0x70
[ 36.673319][ T297] Modules linked in:
[ 36.682981][ T92] general protection fault, probably for non-canonical address 0xe48b8bc08a7fb85: 0000 [#2] PREEMPT SMP KASAN
[ 36.686121][ C0] ? kasan_set_track+0x4b/0x70
[ 36.688979][ T92] CPU: 1 PID: 92 Comm: klogd Tainted: G B D syzkaller #0
[ 36.693395][ C0] ? kasan_save_free_info+0x31/0x50
[ 36.698031][ T92] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 36.698041][ T92] RIP: 0010:kmem_cache_alloc_node+0x106/0x340
[ 36.703228][ C0] ? ____kasan_slab_free+0x132/0x180
[ 36.707857][ T92] Code: 8b 38 48 85 ff 0f 84 c3 00 00 00 48 83 78 10 00 0f 84 b8 00 00 00 41 8b 44 24 28 48 8d 0c 07 49 8b 9c 24 d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 04 24 48 89 f8 65 49 0f c7
[ 36.713749][ C0] ? __kasan_slab_free+0x11/0x20
[ 36.718816][ T92] RSP: 0018:ffffc900009b7810 EFLAGS: 00010286
[ 36.723225][ C0] ? kmem_cache_free+0x12d/0x300
[ 36.727941][ T92]
[ 36.727947][ T92] RAX: 0000000000000080 RBX: adadd385fb4a778f RCX: 85fba708bcb8480e
[ 36.747568][ C0] ? kfree_skbmem+0x10c/0x180
[ 36.753627][ T92] RDX: 000000000001aa01 RSI: 0000000000000100 RDI: 0e48b8bc08a7fb05
[ 36.753641][ T92] RBP: ffffc900009b7860 R08: 0000000000400cc0 R09: 1ffff11021e3902a
[ 36.753652][ T92] R10: 0000000000000000 R11: ffffed1021e3902b R12: ffff8881001f0780
[ 36.758824][ C0] ? __kfree_skb+0x58/0x70
[ 36.763475][ T92] R13: 0000000000000100 R14: 00000000ffffffff R15: 0000000000400cc0
[ 36.763487][ T92] FS: 00007f54deba1c80(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 36.763502][ T92] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 36.771446][ C0] ? tcp_v4_do_rcv+0x446/0xa10
[ 36.779654][ T92] CR2: 00007f9eaa20a000 CR3: 000000010fd85000 CR4: 00000000003506a0
[ 36.779669][ T92] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 36.779678][ T92] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 36.783914][ C0] ? tcp_v4_rcv+0x23aa/0x2af0
[ 36.791844][ T92] Call Trace:
[ 36.791851][ T92]
[ 36.791856][ T92] ? __kasan_check_write+0x14/0x20
[ 36.799810][ C0] ? ip_local_deliver_finish+0x24e/0x410
[ 36.807759][ T92] ? __alloc_skb+0xea/0x4b0
[ 36.807780][ T92] __alloc_skb+0xea/0x4b0
[ 36.807796][ T92] alloc_skb_with_frags+0xa8/0x620
[ 36.812893][ C0] ? __netif_receive_skb+0xd7/0x2a0
[ 36.815908][ T92] ? memcpy+0x56/0x70
[ 36.820641][ C0] ? process_backlog+0x351/0x600
[ 36.824509][ T92] sock_alloc_send_pskb+0x87f/0x9a0
[ 36.824534][ T92] ? __cfi_sock_alloc_send_pskb+0x10/0x10
[ 36.836142][ C0] ? __napi_poll+0xd0/0x5e0
[ 36.840868][ T92] ? __kasan_check_write+0x14/0x20
[ 36.849094][ C0] ? net_rx_action+0x4b6/0xac0
[ 36.854248][ T92] ? _raw_spin_lock+0x94/0xf0
[ 36.854269][ T92] ? __cfi__raw_spin_lock+0x10/0x10
[ 36.864311][ C0] ? handle_softirqs+0x1d7/0x600
[ 36.870426][ T92] unix_dgram_sendmsg+0x539/0x16f0
[ 36.875700][ C0] ? __do_softirq+0xb/0xd
[ 36.895263][ T92] ? __cfi_selinux_socket_sendmsg+0x10/0x10
[ 36.900193][ C0] ? do_softirq+0xdc/0x130
[ 36.906233][ T92] ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 36.906252][ T92] ? security_socket_sendmsg+0x93/0xb0
[ 36.911162][ C0] ? __local_bh_enable_ip+0x75/0x80
[ 36.913467][ T92] __sys_sendto+0x4ac/0x660
[ 36.913488][ T92] ? __cfi___sys_sendto+0x10/0x10
[ 36.921431][ C0] ? srcu_invoke_callbacks+0x1d8/0x420
[ 36.926086][ T92] ? __cfi_do_syslog+0x10/0x10
[ 36.926106][ T92] ? __this_cpu_preempt_check+0x13/0x20
[ 36.934076][ C0] ? __tcp_send_ack+0x690/0x690
[ 36.942014][ T92] ? xfd_validate_state+0x70/0x150
[ 36.949975][ C0] ? tcp_small_queue_check+0x219/0x430
[ 36.954364][ T92] __x64_sys_sendto+0xe5/0x100
[ 36.954386][ T92] x64_sys_call+0x83/0x9a0
[ 36.962342][ C0] tcp_write_xmit+0x173d/0x6000
[ 36.971228][ T92] do_syscall_64+0x4c/0xa0
[ 36.977819][ C0] __tcp_push_pending_frames+0x9c/0x2f0
[ 36.982523][ T92] ? clear_bhb_loop+0x30/0x80
[ 36.982542][ T92] ? clear_bhb_loop+0x30/0x80
[ 36.990486][ C0] tcp_rcv_established+0xef2/0x1a50
[ 36.998435][ T92] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 36.998459][ T92] RIP: 0033:0x7f54decf1407
[ 37.006426][ C0] ? __cfi_tcp_rcv_established+0x10/0x10
[ 37.011062][ T92] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 37.014342][ C0] ? ipv4_dst_check+0xf2/0x160
[ 37.017233][ T92] RSP: 002b:00007fff83f7a8e0 EFLAGS: 00000202
[ 37.022332][ C0] tcp_v4_do_rcv+0x446/0xa10
[ 37.027923][ T92] ORIG_RAX: 000000000000002c
[ 37.032422][ C0] tcp_v4_rcv+0x23aa/0x2af0
[ 37.036702][ T92] RAX: ffffffffffffffda RBX: 00007f54deba1c80 RCX: 00007f54decf1407
[ 37.041813][ C0] ? __cfi_tcp_v4_rcv+0x10/0x10
[ 37.046953][ T92] RDX: 000000000000005d RSI: 00007fff83f7aa20 RDI: 0000000000000003
[ 37.051023][ C0] ? load_balance+0x41d6/0x4790
[ 37.055930][ T92] RBP: 00007fff83f7ae50 R08: 0000000000000000 R09: 0000000000000000
[ 37.055941][ T92] R10: 0000000000004000 R11: 0000000000000202 R12: 00007fff83f7ae68
[ 37.055951][ T92] R13: 00007fff83f7aa20 R14: 0000000000000042 R15: 00007fff83f7aa20
[ 37.061121][ C0] ? __cfi_ip_finish_output+0x10/0x10
[ 37.066817][ T92]
[ 37.066823][ T92] Modules linked in:
[ 37.066910][ C1] general protection fault, probably for non-canonical address 0xe48b8bc08a7fb85: 0000 [#3] PREEMPT SMP KASAN
[ 37.071311][ C0] ip_protocol_deliver_rcu+0x325/0x6e0
[ 37.076396][ C1] CPU: 1 PID: 92 Comm: klogd Tainted: G B D syzkaller #0
[ 37.076413][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 37.076422][ C1] RIP: 0010:kmem_cache_alloc_node+0x106/0x340
[ 37.081158][ C0] ip_local_deliver_finish+0x24e/0x410
[ 37.085807][ C1] Code: 8b 38 48 85 ff 0f 84 c3 00 00 00 48 83 78 10 00 0f 84 b8 00 00 00 41 8b 44 24 28 48 8d 0c 07 49 8b 9c 24 d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 04 24 48 89 f8 65 49 0f c7
[ 37.085821][ C1] RSP: 0018:ffffc900001b0c30 EFLAGS: 00010286
[ 37.091010][ C0] ip_local_deliver+0x1bc/0x340
[ 37.095922][ C1] RAX: 0000000000000080 RBX: adadd385fb4a778f RCX: 85fba708bcb8480e
[ 37.095934][ C1] RDX: 000000000001aa01 RSI: 0000000000000100 RDI: 0e48b8bc08a7fb05
[ 37.095946][ C1] RBP: ffffc900001b0c80 R08: ffff8881f6f27c77 R09: 1ffff1103ede4f8e
[ 37.101029][ C0] ? __cfi_ip_local_deliver+0x10/0x10
[ 37.105330][ C1] R10: 0000000000000000 R11: ffffed103ede4f8f R12: ffff8881001f0780
[ 37.105342][ C1] R13: 0000000000000100 R14: 00000000ffffffff R15: 0000000000000a20
[ 37.105352][ C1] FS: 00007f54deba1c80(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 37.111216][ C0] ? memset+0x35/0x40
[ 37.115603][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 37.115616][ C1] CR2: 00007f9eaa20a000 CR3: 000000010fd85000 CR4: 00000000003506a0
[ 37.115631][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 37.121144][ C0] ? ip_rcv_finish_core+0xb0b/0x1490
[ 37.126660][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 37.126672][ C1] Call Trace:
[ 37.126678][ C1]
[ 37.126683][ C1] ? __alloc_skb+0xea/0x4b0
[ 37.131874][ C0] ip_rcv+0x167/0x290
[ 37.136339][ C1] __alloc_skb+0xea/0x4b0
[ 37.141335][ C0] ? __cfi_ip_rcv+0x10/0x10
[ 37.146763][ C1] wg_packet_send_keepalive+0x62/0x1d0
[ 37.146786][ C1] ? wg_expired_send_persistent_keepalive+0x44/0x80
[ 37.151520][ C0] ? enqueue_task_fair+0xbee/0x1d40
[ 37.157038][ C1] wg_expired_send_persistent_keepalive+0x53/0x80
[ 37.161898][ C0] ? __kasan_check_write+0x14/0x20
[ 37.166965][ C1] ? __cfi_wg_expired_send_persistent_keepalive+0x10/0x10
[ 37.172417][ C0] ? _raw_spin_lock_irq+0x95/0xf0
[ 37.177140][ C1] call_timer_fn+0x46/0x2a0
[ 37.181528][ C0] ? __cfi_ip_rcv+0x10/0x10
[ 37.186349][ C1] ? __cfi_wg_expired_send_persistent_keepalive+0x10/0x10
[ 37.186373][ C1] __run_timers+0x65b/0x9f0
[ 37.190774][ C0] __netif_receive_skb+0xd7/0x2a0
[ 37.196274][ C1] ? calc_index+0x200/0x200
[ 37.196298][ C1] ? kvm_sched_clock_read+0x18/0x40
[ 37.200944][ C0] process_backlog+0x351/0x600
[ 37.205590][ C1] run_timer_softirq+0x6a/0xf0
[ 37.210781][ C0] __napi_poll+0xd0/0x5e0
[ 37.216646][ C1] handle_softirqs+0x1d7/0x600
[ 37.216669][ C1] __irq_exit_rcu+0x52/0xf0
[ 37.221166][ C0] net_rx_action+0x4b6/0xac0
[ 37.226787][ C1] irq_exit_rcu+0x9/0x10
[ 37.226817][ C1] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 37.246441][ C0] ? __cfi_net_rx_action+0x10/0x10
[ 37.251163][ C1]
[ 37.251169][ C1]
[ 37.251173][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 37.251192][ C1] RIP: 0010:oops_exit+0x0/0x30
[ 37.257239][ C0] ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 37.261784][ C1] Code: 0f 8c 0f ff ff ff 48 89 df e8 7c 6c c1 fc e9 02 ff ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 <55> 48 89 e5 e8 07 3f 7c fc e8 62 d5 4c fc 48 c7 c7 a0 e6 68 85 31
[ 37.261799][ C1] RSP: 0018:ffffc900009b7650 EFLAGS: 00000206
[ 37.266449][ C0] ? irqtime_account_irq+0x75/0x240
[ 37.270924][ C1]
[ 37.270929][ C1] RAX: 0000000000000001 RBX: 000000000000000b RCX: ffff88810fe72880
[ 37.278901][ C0] handle_softirqs+0x1d7/0x600
[ 37.283696][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff87b5cf60
[ 37.283708][ C1] RBP: ffffc900009b7668 R08: ffffffff87b717e7 R09: 1ffffffff0f6e2fc
[ 37.291675][ C0] __do_softirq+0xb/0xd
[ 37.296483][ C1] R10: dffffc0000000000 R11: fffffbfff0f6e2fd R12: ffffc900009b76c0
[ 37.304446][ C0] do_softirq+0xdc/0x130
[ 37.312378][ C1] R13: 0e48b8bc08a7fb85 R14: 0000000000000293 R15: 0000000000000000
[ 37.312395][ C1] ? oops_end+0x46/0xd0
[ 37.320341][ C0]
[ 37.325681][ C1] die_addr+0x61/0x70
[ 37.325708][ C1] exc_general_protection+0x13a/0x1e0
[ 37.328700][ C0]
[ 37.328707][ C0] ? __cfi_do_softirq+0x10/0x10
[ 37.332572][ C1] asm_exc_general_protection+0x27/0x30
[ 37.344191][ C0] ? complete+0x167/0x1c0
[ 37.349611][ C1] RIP: 0010:kmem_cache_alloc_node+0x106/0x340
[ 37.357883][ C0] ? srcu_invoke_callbacks+0x219/0x420
[ 37.367876][ C1] Code: 8b 38 48 85 ff 0f 84 c3 00 00 00 48 83 78 10 00 0f 84 b8 00 00 00 41 8b 44 24 28 48 8d 0c 07 49 8b 9c 24 d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 04 24 48 89 f8 65 49 0f c7
[ 37.367892][ C1] RSP: 0018:ffffc900009b7810 EFLAGS: 00010286
[ 37.367908][ C1] RAX: 0000000000000080 RBX: adadd385fb4a778f RCX: 85fba708bcb8480e
[ 37.373961][ C0] __local_bh_enable_ip+0x75/0x80
[ 37.379375][ C1] RDX: 000000000001aa01 RSI: 0000000000000100 RDI: 0e48b8bc08a7fb05
[ 37.398980][ C0] srcu_invoke_callbacks+0x1d8/0x420
[ 37.405004][ C1] RBP: ffffc900009b7860 R08: 0000000000400cc0 R09: 1ffff11021e3902a
[ 37.405018][ C1] R10: 0000000000000000 R11: ffffed1021e3902b R12: ffff8881001f0780
[ 37.409848][ C0] ? _raw_spin_unlock+0x4c/0x70
[ 37.417801][ C1] R13: 0000000000000100 R14: 00000000ffffffff R15: 0000000000400cc0
[ 37.417827][ C1] ? __kasan_check_write+0x14/0x20
[ 37.417849][ C1] ? __alloc_skb+0xea/0x4b0
[ 37.425824][ C0] ? __cfi_srcu_invoke_callbacks+0x10/0x10
[ 37.433753][ C1] __alloc_skb+0xea/0x4b0
[ 37.433775][ C1] alloc_skb_with_frags+0xa8/0x620
[ 37.439109][ C0] ? __schedule+0xbae/0x1500
[ 37.447061][ C1] ? memcpy+0x56/0x70
[ 37.447081][ C1] sock_alloc_send_pskb+0x87f/0x9a0
[ 37.455043][ C0] process_one_work+0x71f/0xc40
[ 37.463934][ C1] ? __cfi_sock_alloc_send_pskb+0x10/0x10
[ 37.463960][ C1] ? __kasan_check_write+0x14/0x20
[ 37.467918][ C0] worker_thread+0xa29/0x11e0
[ 37.474475][ C1] ? _raw_spin_lock+0x94/0xf0
[ 37.474497][ C1] ? __cfi__raw_spin_lock+0x10/0x10
[ 37.482455][ C0] kthread+0x281/0x320
[ 37.490392][ C1] unix_dgram_sendmsg+0x539/0x16f0
[ 37.495668][ C0] ? __cfi_worker_thread+0x10/0x10
[ 37.503599][ C1] ? __cfi_selinux_socket_sendmsg+0x10/0x10
[ 37.506870][ C0] ? __cfi_kthread+0x10/0x10
[ 37.509730][ C1] ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 37.514224][ C0] ret_from_fork+0x1f/0x30
[ 37.518160][ C1] ? security_socket_sendmsg+0x93/0xb0
[ 37.522476][ C0]
[ 37.526934][ C1] __sys_sendto+0x4ac/0x660
[ 37.532389][ C0] ---[ end trace 0000000000000000 ]---
[ 37.538938][ C1] ? __cfi___sys_sendto+0x10/0x10
[ 38.005195][ C1] ? __cfi_do_syslog+0x10/0x10
[ 38.009946][ C1] ? __this_cpu_preempt_check+0x13/0x20
[ 38.015466][ C1] ? xfd_validate_state+0x70/0x150
[ 38.020559][ C1] __x64_sys_sendto+0xe5/0x100
[ 38.025308][ C1] x64_sys_call+0x83/0x9a0
[ 38.029709][ C1] do_syscall_64+0x4c/0xa0
[ 38.034104][ C1] ? clear_bhb_loop+0x30/0x80
[ 38.038753][ C1] ? clear_bhb_loop+0x30/0x80
[ 38.043403][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 38.049274][ C1] RIP: 0033:0x7f54decf1407
[ 38.053666][ C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 38.073245][ C1] RSP: 002b:00007fff83f7a8e0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
[ 38.081634][ C1] RAX: ffffffffffffffda RBX: 00007f54deba1c80 RCX: 00007f54decf1407
[ 38.089579][ C1] RDX: 000000000000005d RSI: 00007fff83f7aa20 RDI: 0000000000000003
[ 38.097525][ C1] RBP: 00007fff83f7ae50 R08: 0000000000000000 R09: 0000000000000000
[ 38.105489][ C1] R10: 0000000000004000 R11: 0000000000000202 R12: 00007fff83f7ae68
[ 38.113436][ C1] R13: 00007fff83f7aa20 R14: 0000000000000042 R15: 00007fff83f7aa20
[ 38.121385][ C1]
[ 38.124379][ C1] Modules linked in:
[ 38.128300][ C0] general protection fault, probably for non-canonical address 0x636e692e7265737d: 0000 [#4] PREEMPT SMP KASAN
[ 38.128313][ C1] ---[ end trace 0000000000000000 ]---
[ 38.128321][ C1] RIP: 0010:selinux_inode_permission+0x249/0x5f0
[ 38.140013][ C0] CPU: 0 PID: 6 Comm: kworker/0:0 Tainted: G B D W syzkaller #0
[ 38.140031][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 38.145476][ C1] Code: 00 00 fc ff df 42 80 3c 20 00 74 08 48 89 df e8 9d 5f 7c ff 48 8b 03 48 63 0d 63 c5 32 04 48 8d 5c 08 04 48 89 d8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 1d 03 00 00 8b 03 89 44 24 20 49 8d 5d
[ 38.151766][ C0] Workqueue: rcu_gp srcu_invoke_callbacks
[ 38.160426][ C1] RSP: 0018:ffffc900015f7660 EFLAGS: 00010247
[ 38.170458][ C0]
[ 38.170465][ C0] RIP: 0010:__stack_depot_save+0x179/0x480
[ 38.190100][ C1]
[ 38.195768][ C0] Code: 41 29 cc 4c 8b 05 af f6 2e 05 44 8b 0d a4 f6 2e 05 45 21 e1 4b 8b 1c c8 48 85 db 74 63 44 89 f9 eb 08 48 8b 1b 48 85 db 74 56 <44> 39 63 08 75 f2 44 39 7b 0c 75 ec 31 d2 49 8b 34 d6 48 3b 74 d3
[ 38.195785][ C0] RSP: 0018:ffffc90000007850 EFLAGS: 00010202
[ 38.201832][ C1] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 0000000000000000
[ 38.204124][ C0]
[ 38.204129][ C0] RAX: 0000000000000000 RBX: 636e692e72657375 RCX: 000000000000000c
[ 38.209913][ C1] RDX: 0000000000000014 RSI: 0000000000000000 RDI: ffffc900015f76d4
[ 38.212216][ C0] RDX: 00000000c3664d8f RSI: 000000009869ab7e RDI: 0000000000000800
[ 38.212228][ C0] RBP: ffffc900000078b0 R08: ffff8881f5a00000 R09: 00000000000a1ea2
[ 38.212241][ C0] R10: 000000000893023c R11: 0000000000000001 R12: 00000000898a1ea2
[ 38.231824][ C1] RBP: ffffc900015f7750 R08: 0000000000000003 R09: ffffc900015f76c0
[ 38.237850][ C0] R13: 0000000000000000 R14: ffffc900000078c0 R15: 000000000000000c
[ 38.245835][ C1] R10: dffffc0000000000 R11: fffff520002beeda R12: dffffc0000000000
[ 38.248121][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 38.256099][ C1] R13: ffff88810049e858 R14: 1ffff920002beed4 R15: 0000000010000000
[ 38.264034][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 38.264048][ C0] CR2: 00007f9eaa20a000 CR3: 0000000125773000 CR4: 00000000003506b0
[ 38.264063][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 38.272027][ C1] FS: 00007f54deba1c80(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 38.279965][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 38.287934][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 38.295868][ C0] Call Trace:
[ 38.295877][ C0]
[ 38.295884][ C0] ? __stack_depot_save+0x36/0x480
[ 38.303855][ C1] CR2: 00007f9eaa20a000 CR3: 000000010fd85000 CR4: 00000000003506a0
[ 38.311800][ C0] kasan_set_track+0x60/0x70
[ 38.320723][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 38.328669][ C0] ? kasan_set_track+0x4b/0x70
[ 38.328691][ C0] ? kasan_save_free_info+0x31/0x50
[ 38.335258][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 38.343194][ C0] ? ____kasan_slab_free+0x132/0x180
[ 38.343218][ C0] ? __kasan_slab_free+0x11/0x20
[ 38.351169][ C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 38.360075][ C0] ? slab_free_freelist_hook+0xc2/0x190
[ 38.360105][ C0] ? kmem_cache_free+0x12d/0x300
[ 38.360125][ C0] ? file_free_rcu+0x93/0xa0
[ 38.360144][ C0] ? rcu_do_batch+0x52a/0xbc0
[ 38.360159][ C0] ? rcu_core+0x5c3/0xe80
[ 38.360172][ C0] ? rcu_core_si+0x9/0x10
[ 38.360192][ C0] ? handle_softirqs+0x1d7/0x600
[ 38.360209][ C0] ? __do_softirq+0xb/0xd
[ 38.360225][ C0] ? do_softirq+0xdc/0x130
[ 38.360241][ C0] ? __local_bh_enable_ip+0x75/0x80
[ 38.360257][ C0] ? srcu_invoke_callbacks+0x1d8/0x420
[ 38.360275][ C0] ? process_one_work+0x71f/0xc40
[ 38.360290][ C0] ? worker_thread+0xa29/0x11e0
[ 38.360305][ C0] ? kthread+0x281/0x320
[ 38.360321][ C0] ? ret_from_fork+0x1f/0x30
[ 38.360347][ C0] ? debug_smp_processor_id+0x17/0x20
[ 38.360366][ C0] ? kmem_cache_free+0x12d/0x300
[ 38.360386][ C0] kasan_save_free_info+0x31/0x50
[ 38.360411][ C0] ____kasan_slab_free+0x132/0x180
[ 38.360430][ C0] __kasan_slab_free+0x11/0x20
[ 38.360449][ C0] slab_free_freelist_hook+0xc2/0x190
[ 38.360474][ C0] ? file_free_rcu+0x93/0xa0
[ 38.360492][ C0] kmem_cache_free+0x12d/0x300
[ 38.360513][ C0] ? __cfi_file_free_rcu+0x10/0x10
[ 38.360533][ C0] file_free_rcu+0x93/0xa0
[ 38.360552][ C0] rcu_do_batch+0x52a/0xbc0
[ 38.360570][ C0] ? rcu_core+0xe80/0xe80
[ 38.360583][ C0] ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 38.360605][ C0] ? note_gp_changes+0x140/0x230
[ 38.360629][ C0] ? _raw_spin_unlock+0x4c/0x70
[ 38.360650][ C0] rcu_core+0x5c3/0xe80
[ 38.360666][ C0] ? rcu_cpu_kthread_park+0x90/0x90
[ 38.360681][ C0] ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 38.360703][ C0] ? run_rebalance_domains+0xf7/0x1c0
[ 38.360721][ C0] rcu_core_si+0x9/0x10
[ 38.360740][ C0] handle_softirqs+0x1d7/0x600
[ 38.360758][ C0] __do_softirq+0xb/0xd
[ 38.360778][ C0] do_softirq+0xdc/0x130
[ 38.360799][ C0]
[ 38.360804][ C0]
[ 38.360809][ C0] ? __cfi_do_softirq+0x10/0x10
[ 38.360825][ C0] ? complete+0x167/0x1c0
[ 38.360844][ C0] ? srcu_invoke_callbacks+0x219/0x420
[ 38.360860][ C0] __local_bh_enable_ip+0x75/0x80
[ 38.360877][ C0] srcu_invoke_callbacks+0x1d8/0x420
[ 38.360894][ C0] ? _raw_spin_unlock+0x4c/0x70
[ 38.360916][ C0] ? __cfi_srcu_invoke_callbacks+0x10/0x10
[ 38.360934][ C0] ? _raw_spin_lock_irq+0x95/0xf0
[ 38.360956][ C0] process_one_work+0x71f/0xc40
[ 38.360973][ C0] worker_thread+0xa29/0x11e0
[ 38.360993][ C0] kthread+0x281/0x320
[ 38.361009][ C0] ? __cfi_worker_thread+0x10/0x10
[ 38.361024][ C0] ? __cfi_kthread+0x10/0x10
[ 38.361041][ C0] ret_from_fork+0x1f/0x30
[ 38.361061][ C0]
[ 38.361067][ C0] Modules linked in:
[ 38.369341][ C1] Kernel Offset: disabled
[ 38.709207][ C1] Rebooting in 86400 seconds..