Warning: Permanently added '10.128.1.55' (ED25519) to the list of known hosts.
2025/09/21 19:13:07 parsed 1 programs
syzkaller login: [ 60.445716][ T4189] cgroup: Unknown subsys name 'net'
[ 60.594278][ T4189] cgroup: Unknown subsys name 'rlimit'
[ 62.086270][ T4189] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS
[ 63.705246][ T4205] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 63.713428][ T4205] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 63.726471][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 63.741192][ T4205] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 63.749977][ T4205] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 63.758597][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 64.189373][ T4214] chnl_net:caif_netlink_parms(): no params data found
[ 64.266070][ T4214] bridge0: port 1(bridge_slave_0) entered blocking state
[ 64.274314][ T4214] bridge0: port 1(bridge_slave_0) entered disabled state
[ 64.282932][ T4214] device bridge_slave_0 entered promiscuous mode
[ 64.293117][ T4214] bridge0: port 2(bridge_slave_1) entered blocking state
[ 64.300461][ T4214] bridge0: port 2(bridge_slave_1) entered disabled state
[ 64.308941][ T4214] device bridge_slave_1 entered promiscuous mode
[ 64.336610][ T4214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 64.348230][ T4214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 64.387868][ T4214] team0: Port device team_slave_0 added
[ 64.395781][ T4214] team0: Port device team_slave_1 added
[ 64.422028][ T4214] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 64.429228][ T4214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 64.457035][ T4214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 64.471751][ T4214] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 64.479251][ T4214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 64.510419][ T4214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 64.553938][ T4214] device hsr_slave_0 entered promiscuous mode
[ 64.562236][ T4214] device hsr_slave_1 entered promiscuous mode
[ 64.725355][ T4214] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 64.737482][ T4214] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 64.750007][ T4214] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 64.762230][ T4214] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 64.853048][ T4214] 8021q: adding VLAN 0 to HW filter on device bond0
[ 64.869579][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 64.881648][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 64.893324][ T4214] 8021q: adding VLAN 0 to HW filter on device team0
[ 64.908057][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 64.920439][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 64.930368][ T4205] bridge0: port 1(bridge_slave_0) entered blocking state
[ 64.937602][ T4205] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 64.959741][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 64.968747][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 64.977648][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 64.987068][ T4205] bridge0: port 2(bridge_slave_1) entered blocking state
[ 64.994458][ T4205] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 65.004993][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 65.014506][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 65.033179][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 65.043118][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 65.054999][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 65.064532][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 65.080895][ T4214] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 65.091710][ T4214] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 65.103928][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 65.112177][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 65.121134][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 65.130137][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 65.138854][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 65.147896][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 65.273844][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 65.282681][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 65.309115][ T4214] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 65.333587][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 65.343641][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 65.362967][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 65.372222][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 65.381866][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 65.390251][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 65.420517][ T4214] device veth0_vlan entered promiscuous mode
[ 65.442355][ T4214] device veth1_vlan entered promiscuous mode
[ 65.474319][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 65.483152][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 65.491685][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 65.501945][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 65.512449][ T4214] device veth0_macvtap entered promiscuous mode
[ 65.522258][ T4214] device veth1_macvtap entered promiscuous mode
[ 65.545397][ T4214] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 65.554076][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 65.562129][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 65.570767][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 65.579691][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 65.591932][ T4214] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 65.600313][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 65.610051][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 65.621922][ T4214] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.630886][ T4214] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.640116][ T4214] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.649040][ T4214] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 65.758645][ T4214] syz-executor (4214) used greatest stack depth: 20448 bytes left
[ 67.986611][ T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
2025/09/21 19:13:16 executed programs: 0
[ 68.173129][ T4287] chnl_net:caif_netlink_parms(): no params data found
[ 68.210673][ T4287] bridge0: port 1(bridge_slave_0) entered blocking state
[ 68.217781][ T4287] bridge0: port 1(bridge_slave_0) entered disabled state
[ 68.225809][ T4287] device bridge_slave_0 entered promiscuous mode
[ 68.235305][ T4287] bridge0: port 2(bridge_slave_1) entered blocking state
[ 68.242457][ T4287] bridge0: port 2(bridge_slave_1) entered disabled state
[ 68.250846][ T4287] device bridge_slave_1 entered promiscuous mode
[ 68.271339][ T4287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 68.282285][ T4287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 68.305341][ T4287] team0: Port device team_slave_0 added
[ 68.312812][ T4287] team0: Port device team_slave_1 added
[ 68.331108][ T4287] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 68.338074][ T4287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 68.364350][ T4287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 68.376302][ T4287] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 68.383293][ T4287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 68.409215][ T4287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 68.437851][ T4287] device hsr_slave_0 entered promiscuous mode
[ 68.444953][ T4287] device hsr_slave_1 entered promiscuous mode
[ 68.451863][ T4287] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 68.460087][ T4287] Cannot create hsr debugfs directory
[ 70.178968][ T4240] Bluetooth: hci0: command 0x0409 tx timeout
[ 70.365345][ T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 70.433611][ T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 70.504868][ T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 71.372681][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[ 71.379243][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[ 71.414615][ T4287] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 71.423573][ T4287] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 71.432490][ T4287] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 71.441401][ T4287] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 71.541055][ T4287] 8021q: adding VLAN 0 to HW filter on device bond0
[ 71.553242][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 71.562746][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 71.593353][ T4287] 8021q: adding VLAN 0 to HW filter on device team0
[ 71.603771][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 71.612593][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 71.623939][ T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 71.631034][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 71.639636][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 71.660720][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 71.669719][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 71.678718][ T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 71.685882][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 71.694988][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 71.704707][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 71.723275][ T4287] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 71.734195][ T4287] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 71.761271][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 71.772957][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 71.781651][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 71.790874][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 71.800043][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 71.808613][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 71.816933][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 71.825815][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 71.834521][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 71.842742][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 71.962500][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 71.970670][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 72.003030][ T4287] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 72.018246][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 72.027891][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 72.064011][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 72.072756][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 72.082256][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 72.090522][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 72.102881][ T4287] device veth0_vlan entered promiscuous mode
[ 72.113380][ T144] device hsr_slave_0 left promiscuous mode
[ 72.120194][ T144] device hsr_slave_1 left promiscuous mode
[ 72.126725][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 72.134669][ T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 72.145661][ T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 72.153210][ T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 72.161433][ T144] device bridge_slave_1 left promiscuous mode
[ 72.168349][ T144] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.182379][ T144] device bridge_slave_0 left promiscuous mode
[ 72.189756][ T144] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.205990][ T144] device veth1_macvtap left promiscuous mode
[ 72.212272][ T144] device veth0_macvtap left promiscuous mode
[ 72.218977][ T144] device veth1_vlan left promiscuous mode
[ 72.224871][ T144] device veth0_vlan left promiscuous mode
[ 72.258941][ T4315] Bluetooth: hci0: command 0x041b tx timeout
[ 72.374284][ T144] team0 (unregistering): Port device team_slave_1 removed
[ 72.385630][ T144] team0 (unregistering): Port device team_slave_0 removed
[ 72.397770][ T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 72.414009][ T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 72.466994][ T144] bond0 (unregistering): Released all slaves
[ 72.527544][ T4287] device veth1_vlan entered promiscuous mode
[ 72.547035][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 72.555447][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 72.563734][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 72.572442][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 72.586385][ T4287] device veth0_macvtap entered promiscuous mode
[ 72.602216][ T4287] device veth1_macvtap entered promiscuous mode
[ 72.629683][ T4287] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 72.637108][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 72.646485][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 72.660571][ T4287] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 72.668016][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 72.676933][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 72.688215][ T4287] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.697264][ T4287] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.706269][ T4287] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.715391][ T4287] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 72.775996][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 72.798601][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 72.819335][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 72.832784][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 72.841346][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 72.850642][ T4205] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 72.909413][ T4350] loop0: detected capacity change from 0 to 1024
[ 72.941667][ T4350] =======================================================
[ 72.941667][ T4350] WARNING: The mand mount option has been deprecated and
[ 72.941667][ T4350] and is ignored by this kernel. Remove the mand
[ 72.941667][ T4350] option from the mount to silence this warning.
[ 72.941667][ T4350] =======================================================
[ 73.069409][ T4350] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[ 73.111266][ T4350] ==================================================================
[ 73.119560][ T4350] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.127413][ T4350] Read of size 18446744073709550672 at addr ffff8880608967b0 by task syz.0.17/4350
[ 73.136716][ T4350]
[ 73.139059][ T4350] CPU: 0 PID: 4350 Comm: syz.0.17 Not tainted syzkaller #0
[ 73.146377][ T4350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 73.156465][ T4350] Call Trace:
[ 73.159764][ T4350]
[ 73.162723][ T4350] dump_stack_lvl+0x168/0x230
[ 73.167429][ T4350] ? show_regs_print_info+0x20/0x20
[ 73.172646][ T4350] ? _printk+0xcc/0x110
[ 73.176834][ T4350] ? load_image+0x3b0/0x3b0
[ 73.181355][ T4350] ? _raw_spin_lock_irqsave+0xb0/0xf0
[ 73.186885][ T4350] print_address_description+0x60/0x2d0
[ 73.192454][ T4350] ? ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.198025][ T4350] kasan_report+0xdf/0x130
[ 73.202458][ T4350] ? ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.208027][ T4350] ? ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.213594][ T4350] kasan_check_range+0x27b/0x290
[ 73.218558][ T4350] memmove+0x25/0x60
[ 73.222475][ T4350] ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.227896][ T4350] ? ext4_xattr_ibody_set+0x330/0x330
[ 73.233295][ T4350] ? rcu_is_watching+0x11/0xa0
[ 73.238086][ T4350] ? kmem_cache_free+0x14c/0x210
[ 73.243051][ T4350] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0
[ 73.249234][ T4350] ext4_xattr_block_set+0x4f7/0x2d30
[ 73.254556][ T4350] ? __ext4_xattr_check_block+0x25a/0x8d0
[ 73.260560][ T4350] ? ext4_xattr_block_find+0x500/0x500
[ 73.266050][ T4350] ext4_xattr_set_handle+0xbd5/0x12b0
[ 73.271461][ T4350] ? ext4_xattr_set_entry+0x3d30/0x3d30
[ 73.277037][ T4350] ? __ext4_journal_start_sb+0x1bd/0x360
[ 73.282779][ T4350] ext4_xattr_set+0x22a/0x320
[ 73.287482][ T4350] ? ext4_xattr_set_credits+0x290/0x290
[ 73.293048][ T4350] ? posix_xattr_acl+0x8f/0xb0
[ 73.297837][ T4350] ? evm_protect_xattr+0x33c/0x970
[ 73.302977][ T4350] ? ext4_xattr_trusted_get+0x40/0x40
[ 73.308375][ T4350] __vfs_setxattr+0x3e0/0x420
[ 73.313086][ T4350] __vfs_setxattr_noperm+0x129/0x5e0
[ 73.318398][ T4350] vfs_setxattr+0x168/0x2f0
[ 73.322928][ T4350] ? xattr_permission+0x500/0x500
[ 73.328152][ T4350] ? _copy_from_user+0x111/0x170
[ 73.333193][ T4350] ? setxattr+0x243/0x300
[ 73.337536][ T4350] setxattr+0x2da/0x300
[ 73.341722][ T4350] ? path_setxattr+0x280/0x280
[ 73.346710][ T4350] ? __mnt_want_write+0x1e2/0x260
[ 73.351764][ T4350] path_setxattr+0x142/0x280
[ 73.356379][ T4350] ? simple_xattr_list_add+0xf0/0xf0
[ 73.361677][ T4350] ? lock_chain_count+0x20/0x20
[ 73.366552][ T4350] ? vtime_user_exit+0x2dc/0x400
[ 73.371662][ T4350] __x64_sys_lsetxattr+0xb4/0xd0
[ 73.376638][ T4350] do_syscall_64+0x4c/0xa0
[ 73.381172][ T4350] ? clear_bhb_loop+0x30/0x80
[ 73.385962][ T4350] ? clear_bhb_loop+0x30/0x80
[ 73.390676][ T4350] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 73.396589][ T4350] RIP: 0033:0x7f66305a3c29
[ 73.401036][ T4350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 73.420668][ T4350] RSP: 002b:00007ffef8f73f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[ 73.429107][ T4350] RAX: ffffffffffffffda RBX: 00007f66307eafa0 RCX: 00007f66305a3c29
[ 73.437094][ T4350] RDX: 0000200000000480 RSI: 00002000000000c0 RDI: 0000200000000100
[ 73.445079][ T4350] RBP: 00007f6630626e41 R08: 0000000000000000 R09: 0000000000000000
[ 73.453070][ T4350] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000
[ 73.461062][ T4350] R13: 00007f66307eafa0 R14: 00007f66307eafa0 R15: 0000000000000005
[ 73.469069][ T4350]
[ 73.472103][ T4350]
[ 73.474433][ T4350] The buggy address belongs to the page:
[ 73.480066][ T4350] page:ffffea0001822580 refcount:2 mapcount:0 mapping:ffff88814088daf0 index:0x1c pfn:0x60896
[ 73.490325][ T4350] memcg:ffff88802ade8000
[ 73.494621][ T4350] aops:def_blk_aops ino:700000
[ 73.499394][ T4350] flags: 0xfff0000000203a(referenced|dirty|lru|active|private|node=0|zone=1|lastcpupid=0x7ff)
[ 73.509654][ T4350] raw: 00fff0000000203a ffffea000178dbc8 ffffea0001698f08 ffff88814088daf0
[ 73.518364][ T4350] raw: 000000000000001c ffff88805d12f570 00000002ffffffff ffff88802ade8000
[ 73.526967][ T4350] page dumped because: kasan: bad access detected
[ 73.533402][ T4350] page_owner tracks the page as allocated
[ 73.539136][ T4350] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 4350, ts 73101871690, free_ts 71957336055
[ 73.556449][ T4350] get_page_from_freelist+0x1b77/0x1c60
[ 73.562039][ T4350] __alloc_pages+0x1e1/0x470
[ 73.566670][ T4350] __page_cache_alloc+0xd2/0x3f0
[ 73.571628][ T4350] pagecache_get_page+0x986/0xef0
[ 73.576679][ T4350] __getblk_gfp+0x249/0xb70
[ 73.581195][ T4350] ext4_xattr_block_set+0x1d85/0x2d30
[ 73.586846][ T4350] ext4_xattr_set_handle+0xbd5/0x12b0
[ 73.592238][ T4350] ext4_xattr_set+0x22a/0x320
[ 73.597015][ T4350] __vfs_setxattr+0x3e0/0x420
[ 73.601712][ T4350] __vfs_setxattr_noperm+0x129/0x5e0
[ 73.607018][ T4350] vfs_setxattr+0x168/0x2f0
[ 73.611541][ T4350] setxattr+0x2da/0x300
[ 73.615720][ T4350] path_setxattr+0x142/0x280
[ 73.620325][ T4350] __x64_sys_setxattr+0xb7/0xd0
[ 73.625193][ T4350] do_syscall_64+0x4c/0xa0
[ 73.629626][ T4350] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 73.635549][ T4350] page last free stack trace:
[ 73.640225][ T4350] free_unref_page_prepare+0x637/0x6c0
[ 73.645709][ T4350] free_unref_page_list+0x122/0x7e0
[ 73.650921][ T4350] release_pages+0x184b/0x1bb0
[ 73.655722][ T4350] tlb_finish_mmu+0x164/0x2e0
[ 73.660411][ T4350] exit_mmap+0x3a6/0x5f0
[ 73.664677][ T4350] __mmput+0x115/0x3b0
[ 73.668757][ T4350] exit_mm+0x567/0x6c0
[ 73.672858][ T4350] do_exit+0x5a1/0x20a0
[ 73.677050][ T4350] do_group_exit+0x12e/0x300
[ 73.681661][ T4350] __x64_sys_exit_group+0x3b/0x40
[ 73.686702][ T4350] do_syscall_64+0x4c/0xa0
[ 73.691132][ T4350] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 73.697041][ T4350]
[ 73.699372][ T4350] Memory state around the buggy address:
[ 73.705012][ T4350] ffff888060896680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 73.713082][ T4350] ffff888060896700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 73.721245][ T4350] >ffff888060896780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 73.729310][ T4350] ^
[ 73.734948][ T4350] ffff888060896800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 73.743020][ T4350] ffff888060896880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 73.751088][ T4350] ==================================================================
[ 73.759154][ T4350] Disabling lock debugging due to kernel taint
[ 73.778006][ T4350] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 73.785246][ T4350] CPU: 0 PID: 4350 Comm: syz.0.17 Tainted: G B syzkaller #0
[ 73.793856][ T4350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 73.803925][ T4350] Call Trace:
[ 73.807210][ T4350]
[ 73.810138][ T4350] dump_stack_lvl+0x168/0x230
[ 73.814822][ T4350] ? show_regs_print_info+0x20/0x20
[ 73.820017][ T4350] ? load_image+0x3b0/0x3b0
[ 73.824526][ T4350] panic+0x2c9/0x7f0
[ 73.828423][ T4350] ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 73.834573][ T4350] ? bpf_jit_dump+0xd0/0xd0
[ 73.839072][ T4350] ? _raw_spin_unlock_irqrestore+0xf6/0x100
[ 73.844985][ T4350] ? _raw_spin_unlock+0x40/0x40
[ 73.849834][ T4350] ? ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.855381][ T4350] check_panic_on_warn+0x80/0xa0
[ 73.860319][ T4350] ? ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.865971][ T4350] end_report+0x6d/0xf0
[ 73.870131][ T4350] kasan_report+0x102/0x130
[ 73.874636][ T4350] ? ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.880278][ T4350] ? ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.885850][ T4350] kasan_check_range+0x27b/0x290
[ 73.890786][ T4350] memmove+0x25/0x60
[ 73.894689][ T4350] ext4_xattr_set_entry+0x1c28/0x3d30
[ 73.900087][ T4350] ? ext4_xattr_ibody_set+0x330/0x330
[ 73.905471][ T4350] ? rcu_is_watching+0x11/0xa0
[ 73.910234][ T4350] ? kmem_cache_free+0x14c/0x210
[ 73.915258][ T4350] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0
[ 73.921327][ T4350] ext4_xattr_block_set+0x4f7/0x2d30
[ 73.926624][ T4350] ? __ext4_xattr_check_block+0x25a/0x8d0
[ 73.932345][ T4350] ? ext4_xattr_block_find+0x500/0x500
[ 73.937837][ T4350] ext4_xattr_set_handle+0xbd5/0x12b0
[ 73.943211][ T4350] ? ext4_xattr_set_entry+0x3d30/0x3d30
[ 73.948758][ T4350] ? __ext4_journal_start_sb+0x1bd/0x360
[ 73.954821][ T4350] ext4_xattr_set+0x22a/0x320
[ 73.959495][ T4350] ? ext4_xattr_set_credits+0x290/0x290
[ 73.965054][ T4350] ? posix_xattr_acl+0x8f/0xb0
[ 73.969837][ T4350] ? evm_protect_xattr+0x33c/0x970
[ 73.975073][ T4350] ? ext4_xattr_trusted_get+0x40/0x40
[ 73.980480][ T4350] __vfs_setxattr+0x3e0/0x420
[ 73.985176][ T4350] __vfs_setxattr_noperm+0x129/0x5e0
[ 73.990468][ T4350] vfs_setxattr+0x168/0x2f0
[ 73.994978][ T4350] ? xattr_permission+0x500/0x500
[ 74.000008][ T4350] ? _copy_from_user+0x111/0x170
[ 74.005032][ T4350] ? setxattr+0x243/0x300
[ 74.009358][ T4350] setxattr+0x2da/0x300
[ 74.013509][ T4350] ? path_setxattr+0x280/0x280
[ 74.018271][ T4350] ? __mnt_want_write+0x1e2/0x260
[ 74.023388][ T4350] path_setxattr+0x142/0x280
[ 74.027990][ T4350] ? simple_xattr_list_add+0xf0/0xf0
[ 74.033277][ T4350] ? lock_chain_count+0x20/0x20
[ 74.038126][ T4350] ? vtime_user_exit+0x2dc/0x400
[ 74.043152][ T4350] __x64_sys_lsetxattr+0xb4/0xd0
[ 74.048093][ T4350] do_syscall_64+0x4c/0xa0
[ 74.052510][ T4350] ? clear_bhb_loop+0x30/0x80
[ 74.057181][ T4350] ? clear_bhb_loop+0x30/0x80
[ 74.061850][ T4350] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 74.067739][ T4350] RIP: 0033:0x7f66305a3c29
[ 74.072248][ T4350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 74.091866][ T4350] RSP: 002b:00007ffef8f73f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[ 74.100374][ T4350] RAX: ffffffffffffffda RBX: 00007f66307eafa0 RCX: 00007f66305a3c29
[ 74.108353][ T4350] RDX: 0000200000000480 RSI: 00002000000000c0 RDI: 0000200000000100
[ 74.116325][ T4350] RBP: 00007f6630626e41 R08: 0000000000000000 R09: 0000000000000000
[ 74.124291][ T4350] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000
[ 74.132258][ T4350] R13: 00007f66307eafa0 R14: 00007f66307eafa0 R15: 0000000000000005
[ 74.140347][ T4350]
[ 74.143439][ T4350] Kernel Offset: disabled
[ 74.147869][ T4350] Rebooting in 86400 seconds..