Warning: Permanently added '10.128.10.26' (ED25519) to the list of known hosts.
2025/10/13 16:57:36 parsed 1 programs
[ 50.754611][ T28] audit: type=1400 audit(1760374657.331:106): avc: denied { unlink } for pid=402 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 50.816466][ T402] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 51.537657][ T28] audit: type=1401 audit(1760374658.111:107): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 52.138604][ T28] audit: type=1400 audit(1760374658.711:108): avc: denied { create } for pid=451 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 52.204703][ T453] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.212026][ T453] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.219918][ T453] device bridge_slave_0 entered promiscuous mode
[ 52.227053][ T453] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.234230][ T453] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.241692][ T453] device bridge_slave_1 entered promiscuous mode
[ 52.294765][ T453] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.301818][ T453] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.309300][ T453] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.316564][ T453] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.337211][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 52.345059][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.352480][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.361892][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 52.370164][ T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.377240][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 52.386281][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 52.394669][ T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.402055][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 52.415295][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 52.425194][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 52.440926][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 52.452933][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 52.461295][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 52.468951][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 52.477913][ T453] device veth0_vlan entered promiscuous mode
[ 52.488933][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 52.498404][ T453] device veth1_macvtap entered promiscuous mode
[ 52.509004][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 52.520945][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2025/10/13 16:57:39 executed programs: 0
[ 52.929427][ T473] bridge0: port 1(bridge_slave_0) entered blocking state
[ 52.936550][ T473] bridge0: port 1(bridge_slave_0) entered disabled state
[ 52.943994][ T473] device bridge_slave_0 entered promiscuous mode
[ 52.951082][ T473] bridge0: port 2(bridge_slave_1) entered blocking state
[ 52.958198][ T473] bridge0: port 2(bridge_slave_1) entered disabled state
[ 52.965836][ T473] device bridge_slave_1 entered promiscuous mode
[ 53.029877][ T473] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.037130][ T473] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.044434][ T473] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.051648][ T473] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.072135][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 53.079875][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 53.087433][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 53.097169][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 53.105735][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 53.112775][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 53.127360][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 53.135729][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 53.142852][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 53.155577][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 53.172856][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 53.187540][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 53.199223][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 53.208107][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 53.215648][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 53.224748][ T473] device veth0_vlan entered promiscuous mode
[ 53.237064][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 53.247259][ T473] device veth1_macvtap entered promiscuous mode
[ 53.258633][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 53.271146][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 53.300024][ T485] loop2: detected capacity change from 0 to 512
[ 53.309654][ T485] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 53.323378][ T485] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 53.337086][ T485] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 53.350694][ T485] EXT4-fs (loop2): 1 truncate cleaned up
[ 53.356647][ T485] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 53.365789][ T28] audit: type=1400 audit(1760374659.941:109): avc: denied { mount } for pid=484 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 53.373224][ T485] ==================================================================
[ 53.395335][ T485] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x979/0x21d0
[ 53.397685][ T28] audit: type=1400 audit(1760374659.941:110): avc: denied { setattr } for pid=484 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 53.403099][ T485] Read of size 18446744073709551572 at addr ffff88811cf7d050 by task syz.2.17/485
[ 53.425588][ T28] audit: type=1400 audit(1760374659.941:111): avc: denied { write } for pid=484 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 53.434470][ T485]
[ 53.434479][ T485] CPU: 1 PID: 485 Comm: syz.2.17 Not tainted syzkaller #0
[ 53.434498][ T485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 53.434525][ T485] Call Trace:
[ 53.457494][ T28] audit: type=1400 audit(1760374659.941:112): avc: denied { add_name } for pid=484 comm="syz.2.17" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 53.458628][ T485]
[ 53.458637][ T485] __dump_stack+0x21/0x24
[ 53.466437][ T28] audit: type=1400 audit(1760374659.941:113): avc: denied { create } for pid=484 comm="syz.2.17" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 53.476229][ T485] dump_stack_lvl+0xee/0x150
[ 53.476258][ T485] ? __cfi_dump_stack_lvl+0x8/0x8
[ 53.479850][ T28] audit: type=1400 audit(1760374659.941:114): avc: denied { write } for pid=484 comm="syz.2.17" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 53.499951][ T485] ? ext4_xattr_block_set+0x9dc/0x3270
[ 53.499992][ T485] ? __ext4_unlink+0x673/0xb00
[ 53.503227][ T28] audit: type=1400 audit(1760374659.941:115): avc: denied { open } for pid=484 comm="syz.2.17" path="/0/file2/file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 53.507255][ T485] ? ext4_xattr_set_entry+0x979/0x21d0
[ 53.507285][ T485] print_address_description+0x71/0x200
[ 53.603634][ T485] print_report+0x4a/0x60
[ 53.607994][ T485] kasan_report+0x122/0x150
[ 53.612513][ T485] ? ext4_xattr_set_entry+0x979/0x21d0
[ 53.618105][ T485] ? ext4_xattr_set_entry+0x979/0x21d0
[ 53.623580][ T485] kasan_check_range+0x280/0x290
[ 53.628716][ T485] memmove+0x2d/0x70
[ 53.632629][ T485] ext4_xattr_set_entry+0x979/0x21d0
[ 53.638055][ T485] ext4_xattr_block_set+0xada/0x3270
[ 53.643445][ T485] ? __getblk_gfp+0x3b/0x7d0
[ 53.648088][ T485] ? xattr_find_entry+0x24c/0x300
[ 53.653226][ T485] ? ext4_xattr_block_find+0x310/0x310
[ 53.658795][ T485] ? ext4_xattr_block_find+0x295/0x310
[ 53.664281][ T485] ext4_expand_extra_isize_ea+0xf30/0x1990
[ 53.670116][ T485] __ext4_expand_extra_isize+0x2fe/0x3e0
[ 53.675765][ T485] __ext4_mark_inode_dirty+0x3cf/0x600
[ 53.681241][ T485] __ext4_unlink+0x673/0xb00
[ 53.685846][ T485] ? memcpy+0x56/0x70
[ 53.689850][ T485] ? __cfi___ext4_unlink+0x10/0x10
[ 53.694988][ T485] ? dquot_initialize+0x20/0x20
[ 53.699865][ T485] ? clear_nonspinnable+0x60/0x60
[ 53.705091][ T485] ext4_unlink+0x13a/0x3a0
[ 53.709540][ T485] vfs_unlink+0x39f/0x630
[ 53.713919][ T485] do_unlinkat+0x31f/0x6b0
[ 53.718355][ T485] ? __cfi_do_unlinkat+0x10/0x10
[ 53.723305][ T485] ? getname_flags+0x206/0x500
[ 53.728083][ T485] __x64_sys_unlink+0x49/0x50
[ 53.732771][ T485] x64_sys_call+0x958/0x9a0
[ 53.737298][ T485] do_syscall_64+0x4c/0xa0
[ 53.741804][ T485] ? clear_bhb_loop+0x30/0x80
[ 53.746497][ T485] ? clear_bhb_loop+0x30/0x80
[ 53.751212][ T485] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 53.757113][ T485] RIP: 0033:0x7f07c438eec9
[ 53.761557][ T485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 53.781252][ T485] RSP: 002b:00007f07c51b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 53.789678][ T485] RAX: ffffffffffffffda RBX: 00007f07c45e5fa0 RCX: 00007f07c438eec9
[ 53.797656][ T485] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[ 53.806033][ T485] RBP: 00007f07c4411f91 R08: 0000000000000000 R09: 0000000000000000
[ 53.814013][ T485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 53.822160][ T485] R13: 00007f07c45e6038 R14: 00007f07c45e5fa0 R15: 00007fffbbdac478
[ 53.830143][ T485]
[ 53.833167][ T485]
[ 53.835501][ T485] Allocated by task 485:
[ 53.839839][ T485] kasan_set_track+0x4b/0x70
[ 53.844452][ T485] kasan_save_alloc_info+0x25/0x30
[ 53.849667][ T485] __kasan_kmalloc+0x95/0xb0
[ 53.854363][ T485] __kmalloc_node_track_caller+0xb1/0x1e0
[ 53.860224][ T485] kmemdup+0x2b/0x60
[ 53.864140][ T485] ext4_xattr_block_set+0x9dc/0x3270
[ 53.869613][ T485] ext4_expand_extra_isize_ea+0xf30/0x1990
[ 53.875438][ T485] __ext4_expand_extra_isize+0x2fe/0x3e0
[ 53.881166][ T485] __ext4_mark_inode_dirty+0x3cf/0x600
[ 53.886629][ T485] __ext4_unlink+0x673/0xb00
[ 53.891236][ T485] ext4_unlink+0x13a/0x3a0
[ 53.895675][ T485] vfs_unlink+0x39f/0x630
[ 53.900106][ T485] do_unlinkat+0x31f/0x6b0
[ 53.904536][ T485] __x64_sys_unlink+0x49/0x50
[ 53.909306][ T485] x64_sys_call+0x958/0x9a0
[ 53.913809][ T485] do_syscall_64+0x4c/0xa0
[ 53.918228][ T485] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 53.924137][ T485]
[ 53.926458][ T485] The buggy address belongs to the object at ffff88811cf7d000
[ 53.926458][ T485] which belongs to the cache kmalloc-1k of size 1024
[ 53.940517][ T485] The buggy address is located 80 bytes inside of
[ 53.940517][ T485] 1024-byte region [ffff88811cf7d000, ffff88811cf7d400)
[ 53.953845][ T485]
[ 53.956170][ T485] The buggy address belongs to the physical page:
[ 53.962581][ T485] page:ffffea000473de00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11cf78
[ 53.972848][ T485] head:ffffea000473de00 order:3 compound_mapcount:0 compound_pincount:0
[ 53.981184][ T485] flags: 0x4000000000010200(slab|head|zone=1)
[ 53.987286][ T485] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043080
[ 53.995970][ T485] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 54.004771][ T485] page dumped because: kasan: bad access detected
[ 54.011362][ T485] page_owner tracks the page as allocated
[ 54.017158][ T485] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 485, tgid 484 (syz.2.17), ts 53336932442, free_ts 53334419266
[ 54.039145][ T485] post_alloc_hook+0x1f5/0x210
[ 54.043940][ T485] prep_new_page+0x1c/0x110
[ 54.048464][ T485] get_page_from_freelist+0x2c7b/0x2cf0
[ 54.054017][ T485] __alloc_pages+0x1c3/0x450
[ 54.058790][ T485] alloc_slab_page+0x6e/0xf0
[ 54.063388][ T485] new_slab+0x98/0x3d0
[ 54.067463][ T485] ___slab_alloc+0x6bd/0xb20
[ 54.072060][ T485] __slab_alloc+0x5e/0xa0
[ 54.076569][ T485] __kmem_cache_alloc_node+0x203/0x2c0
[ 54.082032][ T485] __kmalloc+0xa1/0x1e0
[ 54.086197][ T485] ext4_xattr_block_set+0x391/0x3270
[ 54.091665][ T485] ext4_expand_extra_isize_ea+0xf30/0x1990
[ 54.097491][ T485] __ext4_expand_extra_isize+0x2fe/0x3e0
[ 54.103234][ T485] __ext4_mark_inode_dirty+0x3cf/0x600
[ 54.108791][ T485] ext4_inline_data_truncate+0x4f4/0xbb0
[ 54.114538][ T485] ext4_truncate+0x334/0xf90
[ 54.119311][ T485] page last free stack trace:
[ 54.123990][ T485] free_unref_page_prepare+0x742/0x750
[ 54.129485][ T485] free_unref_page+0x8f/0x530
[ 54.134171][ T485] __free_pages+0x67/0x100
[ 54.138601][ T485] __free_slab+0xca/0x1a0
[ 54.142939][ T485] __unfreeze_partials+0x160/0x190
[ 54.148149][ T485] put_cpu_partial+0xa9/0x100
[ 54.152879][ T485] __slab_free+0x1c4/0x280
[ 54.157392][ T485] ___cache_free+0xbf/0xd0
[ 54.162031][ T485] qlist_free_all+0xc6/0x140
[ 54.166644][ T485] kasan_quarantine_reduce+0x14a/0x170
[ 54.172119][ T485] __kasan_slab_alloc+0x24/0x80
[ 54.176996][ T485] slab_post_alloc_hook+0x4f/0x2d0
[ 54.182124][ T485] kmem_cache_alloc_node+0x181/0x340
[ 54.187466][ T485] __alloc_skb+0xea/0x4b0
[ 54.191800][ T485] alloc_skb_with_frags+0xa8/0x620
[ 54.197002][ T485] sock_alloc_send_pskb+0x853/0x980
[ 54.202224][ T485]
[ 54.204559][ T485] Memory state around the buggy address:
[ 54.210200][ T485] ffff88811cf7cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 54.218262][ T485] ffff88811cf7cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 54.226332][ T485] >ffff88811cf7d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 54.234481][ T485] ^
[ 54.241331][ T485] ffff88811cf7d080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 54.249510][ T485] ffff88811cf7d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 54.257741][ T485] ==================================================================
[ 54.278338][ T485] Disabling lock debugging due to kernel taint
[ 54.289417][ T473] EXT4-fs (loop2): unmounting filesystem.
[ 54.306096][ T489] loop2: detected capacity change from 0 to 512
[ 54.313363][ T489] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 54.326925][ T489] EXT4-fs (loop2): 1 truncate cleaned up
[ 54.332693][ T489] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 54.354651][ T408] general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN
[ 54.366421][ T408] KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]
[ 54.374875][ T408] CPU: 1 PID: 408 Comm: udevd Tainted: G B syzkaller #0
[ 54.383235][ T408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 54.393314][ T408] RIP: 0010:flock_lock_inode+0x454/0x1360
[ 54.399083][ T408] Code: 1b 48 3b 1c 24 74 4d 48 8b 4c 24 30 42 80 3c 39 00 74 08 4c 89 ef e8 2b 59 e0 ff 4d 8b 75 00 4c 8d 63 70 4c 89 e0 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 e7 e8 0d 59 e0 ff 4d 3b 34 24 0f 84 9b
[ 54.418823][ T408] RSP: 0018:ffffc90000bb79c0 EFLAGS: 00010202
[ 54.424987][ T408] RAX: 000000000000000e RBX: 0000000000000000 RCX: 1ffff92000176f87
[ 54.433140][ T408] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 54.441221][ T408] RBP: ffffc90000bb7ad0 R08: 0000000000000004 R09: 0000000000000003
[ 54.449222][ T408] R10: fffff52000176f28 R11: 1ffff92000176f28 R12: 0000000000000070
[ 54.457299][ T408] R13: ffffc90000bb7c38 R14: ffff88811cf4b980 R15: dffffc0000000000
[ 54.465380][ T408] FS: 00007f9c82804880(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 54.474308][ T408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 54.480995][ T408] CR2: 00007f9c827f6000 CR3: 0000000121dec000 CR4: 00000000003506a0
[ 54.489074][ T408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 54.497067][ T408] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 54.505130][ T408] Call Trace:
[ 54.508492][ T408]
[ 54.511515][ T408] ? check_conflicting_open+0x260/0x260
[ 54.517237][ T408] ? __stack_depot_save+0x36/0x480
[ 54.522435][ T408] locks_remove_file+0x33e/0xf90
[ 54.527372][ T408] ? kasan_save_stack+0x4c/0x60
[ 54.532237][ T408] ? kasan_save_stack+0x3a/0x60
[ 54.537208][ T408] ? __kasan_record_aux_stack+0xb6/0xc0
[ 54.542967][ T408] ? kasan_record_aux_stack+0xe/0x10
[ 54.548364][ T408] ? filp_close+0x111/0x160
[ 54.553001][ T408] ? do_syscall_64+0x4c/0xa0
[ 54.557681][ T408] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 54.563840][ T408] ? __cfi_locks_remove_file+0x10/0x10
[ 54.569325][ T408] __fput+0x159/0x8f0
[ 54.573309][ T408] ____fput+0x15/0x20
[ 54.577287][ T408] task_work_run+0x1db/0x240
[ 54.581888][ T408] ? __cfi_task_work_run+0x10/0x10
[ 54.587097][ T408] ? filp_close+0x111/0x160
[ 54.591610][ T408] exit_to_user_mode_loop+0x9b/0xb0
[ 54.596803][ T408] exit_to_user_mode_prepare+0x5a/0xa0
[ 54.602259][ T408] syscall_exit_to_user_mode+0x1a/0x30
[ 54.607718][ T408] do_syscall_64+0x58/0xa0
[ 54.612137][ T408] ? clear_bhb_loop+0x30/0x80
[ 54.616821][ T408] ? clear_bhb_loop+0x30/0x80
[ 54.621503][ T408] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 54.627395][ T408] RIP: 0033:0x7f9c820a7407
[ 54.631806][ T408] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 54.651415][ T408] RSP: 002b:00007ffd67910230 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 54.659980][ T408] RAX: 0000000000000000 RBX: 00007f9c82804880 RCX: 00007f9c820a7407
[ 54.668044][ T408] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[ 54.676104][ T408] RBP: 00007f9c828046e8 R08: 0000000000000000 R09: 0000000000000000
[ 54.684075][ T408] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 54.692047][ T408] R13: 0000000000000005 R14: 00007ffd679102e0 R15: 0000000000000009
[ 54.700199][ T408]
[ 54.703217][ T408] Modules linked in:
[ 54.707199][ T60] general protection fault, probably for non-canonical address 0xd68b1edb07af8bf4: 0000 [#2] PREEMPT SMP KASAN
[ 54.718956][ T60] CPU: 0 PID: 60 Comm: kworker/0:2 Tainted: G B D syzkaller #0
[ 54.727716][ T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 54.737876][ T60] Workqueue: ipv6_addrconf addrconf_dad_work
[ 54.743873][ T60] RIP: 0010:kmem_cache_alloc_node+0x106/0x340
[ 54.749944][ T60] Code: 8b 38 48 85 ff 0f 84 c3 00 00 00 48 83 78 10 00 0f 84 b8 00 00 00 41 8b 44 24 28 48 8d 0c 07 49 8b 9c 24 d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 04 24 48 89 f8 65 49 0f c7
[ 54.769894][ T60] RSP: 0018:ffffc90000907808 EFLAGS: 00010282
[ 54.775959][ T60] RAX: 0000000000000080 RBX: 16edafc78627748b RCX: f48baf07db1e8bd6
[ 54.783947][ T60] RDX: 000000000001c7b8 RSI: 0000000000000100 RDI: d68b1edb07af8b74
[ 54.791975][ T60] RBP: ffffc90000907858 R08: dffffc0000000000 R09: fffffbfff0eafa59
[ 54.799956][ T60] R10: 0000000000000000 R11: 1ffffffff0eafa58 R12: ffff888108c5b200
[ 54.807932][ T60] R13: 0000000000000100 R14: 00000000ffffffff R15: 0000000000000a20
[ 54.815904][ T60] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 54.824829][ T60] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 54.831668][ T60] CR2: 000020000000f000 CR3: 000000010fa70000 CR4: 00000000003506b0
[ 54.839728][ T60] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 54.847781][ T60] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 54.855761][ T60] Call Trace:
[ 54.859049][ T60]
[ 54.861991][ T60] ? __alloc_skb+0xea/0x4b0
[ 54.866492][ T60] __alloc_skb+0xea/0x4b0
[ 54.870812][ T60] ? __kasan_check_read+0x11/0x20
[ 54.875835][ T60] __ipv6_ifa_notify+0x1e8/0xdc0
[ 54.880853][ T60] ? snmp6_fill_stats+0x6c0/0x6c0
[ 54.885874][ T60] ? __kasan_check_write+0x14/0x20
[ 54.891065][ T60] ? try_to_grab_pending+0x1a2/0x580
[ 54.896354][ T60] ? mod_delayed_work_on+0xe0/0xe0
[ 54.901549][ T60] ? kvm_sched_clock_read+0x18/0x40
[ 54.906756][ T60] ? sched_clock+0x9/0x10
[ 54.911100][ T60] ? sched_clock_cpu+0x6e/0x250
[ 54.916172][ T60] ? __kasan_check_write+0x14/0x20
[ 54.921285][ T60] ? __cancel_work+0x198/0x200
[ 54.926054][ T60] addrconf_dad_completed+0x175/0xe80
[ 54.931430][ T60] ? __kasan_check_write+0x14/0x20
[ 54.936543][ T60] ? addrconf_dad_stop+0x450/0x450
[ 54.941660][ T60] addrconf_dad_work+0xc25/0x14b0
[ 54.946689][ T60] ? __cfi_addrconf_dad_work+0x10/0x10
[ 54.952152][ T60] ? __schedule+0xb8f/0x14e0
[ 54.956744][ T60] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 54.962293][ T60] process_one_work+0x71f/0xc40
[ 54.967155][ T60] worker_thread+0xa29/0x11f0
[ 54.971830][ T60] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 54.977287][ T60] ? __kthread_parkme+0x142/0x180
[ 54.982314][ T60] kthread+0x281/0x320
[ 54.986400][ T60] ? __cfi_worker_thread+0x10/0x10
[ 54.991602][ T60] ? __cfi_kthread+0x10/0x10
[ 54.996303][ T60] ret_from_fork+0x1f/0x30
[ 55.000756][ T60]
[ 55.004001][ T60] Modules linked in:
[ 55.008083][ C1] BUG: unable to handle page fault for address: fffffffffffffffc
[ 55.015831][ C1] #PF: supervisor read access in kernel mode
[ 55.021995][ C1] #PF: error_code(0x0000) - not-present page
[ 55.028083][ C1] PGD 6e12067 P4D 6e12067 PUD 6e14067 PMD 0
[ 55.034265][ C1] Oops: 0000 [#3] PREEMPT SMP KASAN
[ 55.039478][ C1] CPU: 1 PID: 408 Comm: udevd Tainted: G B D syzkaller #0
[ 55.047807][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 55.057866][ C1] RIP: 0010:call_timer_fn+0x3b/0x2a0
[ 55.063253][ C1] Code: 89 f6 49 89 ff e8 35 45 0e 00 65 8b 1d f6 94 a0 7e 0f 1f 44 00 00 e8 24 45 0e 00 81 e3 ff ff ff 7f 4c 89 ff 41 ba c6 57 4b 6e <45> 03 56 fc 74 02 0f 0b 41 ff d6 0f 1f 44 00 00 e8 00 45 0e 00 65
[ 55.083042][ C1] RSP: 0018:ffffc900001b0d48 EFLAGS: 00010202
[ 55.089115][ C1] RAX: ffffffff8161d8dc RBX: 0000000000000101 RCX: ffff88811836a880
[ 55.097100][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffff88812031dc80
[ 55.105080][ C1] RBP: ffffc900001b0d70 R08: 0000000000000004 R09: 0000000000000003
[ 55.113672][ C1] R10: 000000006e4b57c6 R11: 1ffff920000361a0 R12: 00000000ffff9fb8
[ 55.122008][ C1] R13: ffff8881f7127c48 R14: 0000000000000000 R15: ffff88812031dc80
[ 55.130007][ C1] FS: 00007f9c82804880(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 55.139027][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 55.145801][ C1] CR2: fffffffffffffffc CR3: 0000000121dec000 CR4: 00000000003506a0
[ 55.153772][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 55.162297][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 55.170361][ C1] Call Trace:
[ 55.173663][ C1]
[ 55.176504][ C1] __run_timers+0x639/0x9a0
[ 55.181012][ C1] ? calc_index+0x200/0x200
[ 55.185602][ C1] ? kvm_sched_clock_read+0x18/0x40
[ 55.190800][ C1] run_timer_softirq+0x6a/0xf0
[ 55.195574][ C1] handle_softirqs+0x1d7/0x600
[ 55.200445][ C1] ? irqtime_account_irq+0xc4/0x240
[ 55.205662][ C1] __irq_exit_rcu+0x52/0xf0
[ 55.210176][ C1] irq_exit_rcu+0x9/0x10
[ 55.214425][ C1] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 55.220064][ C1]
[ 55.222998][ C1]
[ 55.225927][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 55.232120][ C1] RIP: 0010:oops_exit+0x0/0x30
[ 55.236925][ C1] Code: c1 0f 8c 0f ff ff ff 48 89 df e8 cb 80 cb fc e9 02 ff ff ff 66 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 b8 0c 67 40 a5 <55> 48 89 e5 e8 47 13 87 fc e8 d2 4d 58 fc 48 c7 c7 20 e4 48 85 31
[ 55.256834][ C1] RSP: 0018:ffffc90000bb7800 EFLAGS: 00000206
[ 55.262926][ C1] RAX: 0000000000000000 RBX: 000000000000000b RCX: ffff88811836a880
[ 55.270913][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff87957f60
[ 55.279000][ C1] RBP: ffffc90000bb7818 R08: dffffc0000000000 R09: fffffbfff0f2d8fd
[ 55.287586][ C1] R10: fffffbfff0f2d8fd R11: 1ffffffff0f2d8fc R12: ffffc90000bb7870
[ 55.295676][ C1] R13: dffffc000000000e R14: 0000000000000293 R15: 0000000000000000
[ 55.303753][ C1] ? oops_end+0x46/0xd0
[ 55.308032][ C1] die_addr+0x61/0x70
[ 55.312099][ C1] exc_general_protection+0x13a/0x1e0
[ 55.317557][ C1] asm_exc_general_protection+0x27/0x30
[ 55.323101][ C1] RIP: 0010:flock_lock_inode+0x454/0x1360
[ 55.328917][ C1] Code: 1b 48 3b 1c 24 74 4d 48 8b 4c 24 30 42 80 3c 39 00 74 08 4c 89 ef e8 2b 59 e0 ff 4d 8b 75 00 4c 8d 63 70 4c 89 e0 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 e7 e8 0d 59 e0 ff 4d 3b 34 24 0f 84 9b
[ 55.348614][ C1] RSP: 0018:ffffc90000bb79c0 EFLAGS: 00010202
[ 55.354777][ C1] RAX: 000000000000000e RBX: 0000000000000000 RCX: 1ffff92000176f87
[ 55.362767][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 55.370818][ C1] RBP: ffffc90000bb7ad0 R08: 0000000000000004 R09: 0000000000000003
[ 55.378914][ C1] R10: fffff52000176f28 R11: 1ffff92000176f28 R12: 0000000000000070
[ 55.386905][ C1] R13: ffffc90000bb7c38 R14: ffff88811cf4b980 R15: dffffc0000000000
[ 55.394891][ C1] ? check_conflicting_open+0x260/0x260
[ 55.400524][ C1] ? __stack_depot_save+0x36/0x480
[ 55.405654][ C1] locks_remove_file+0x33e/0xf90
[ 55.410680][ C1] ? kasan_save_stack+0x4c/0x60
[ 55.415613][ C1] ? kasan_save_stack+0x3a/0x60
[ 55.420894][ C1] ? __kasan_record_aux_stack+0xb6/0xc0
[ 55.426532][ C1] ? kasan_record_aux_stack+0xe/0x10
[ 55.431823][ C1] ? filp_close+0x111/0x160
[ 55.436347][ C1] ? do_syscall_64+0x4c/0xa0
[ 55.440939][ C1] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 55.447007][ C1] ? __cfi_locks_remove_file+0x10/0x10
[ 55.452463][ C1] __fput+0x159/0x8f0
[ 55.456616][ C1] ____fput+0x15/0x20
[ 55.460592][ C1] task_work_run+0x1db/0x240
[ 55.465462][ C1] ? __cfi_task_work_run+0x10/0x10
[ 55.470572][ C1] ? filp_close+0x111/0x160
[ 55.475174][ C1] exit_to_user_mode_loop+0x9b/0xb0
[ 55.480542][ C1] exit_to_user_mode_prepare+0x5a/0xa0
[ 55.485997][ C1] syscall_exit_to_user_mode+0x1a/0x30
[ 55.491461][ C1] do_syscall_64+0x58/0xa0
[ 55.495901][ C1] ? clear_bhb_loop+0x30/0x80
[ 55.500673][ C1] ? clear_bhb_loop+0x30/0x80
[ 55.505646][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 55.512008][ C1] RIP: 0033:0x7f9c820a7407
[ 55.516570][ C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 55.536179][ C1] RSP: 002b:00007ffd67910230 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 55.544910][ C1] RAX: 0000000000000000 RBX: 00007f9c82804880 RCX: 00007f9c820a7407
[ 55.552893][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[ 55.560893][ C1] RBP: 00007f9c828046e8 R08: 0000000000000000 R09: 0000000000000000
[ 55.568902][ C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[ 55.576875][ C1] R13: 0000000000000005 R14: 00007ffd679102e0 R15: 0000000000000009
[ 55.584902][ C1]
[ 55.587922][ C1] Modules linked in:
[ 55.591865][ C1] CR2: fffffffffffffffc
[ 55.596026][ C1] ---[ end trace 0000000000000000 ]---
[ 55.596090][ T92] general protection fault, probably for non-canonical address 0xd68b1edb07af8bf4: 0000 [#4] PREEMPT SMP KASAN
[ 55.601493][ C1] RIP: 0010:flock_lock_inode+0x454/0x1360
[ 55.613292][ T92] CPU: 0 PID: 92 Comm: klogd Tainted: G B D syzkaller #0
[ 55.619092][ C1] Code: 1b 48 3b 1c 24 74 4d 48 8b 4c 24 30 42 80 3c 39 00 74 08 4c 89 ef e8 2b 59 e0 ff 4d 8b 75 00 4c 8d 63 70 4c 89 e0 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 e7 e8 0d 59 e0 ff 4d 3b 34 24 0f 84 9b
[ 55.627497][ T92] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 55.647267][ C1] RSP: 0018:ffffc90000bb79c0 EFLAGS: 00010202
[ 55.657330][ T92] RIP: 0010:kmem_cache_alloc_node+0x106/0x340
[ 55.663565][ C1] RAX: 000000000000000e RBX: 0000000000000000 RCX: 1ffff92000176f87
[ 55.669621][ T92] Code: 8b 38 48 85 ff 0f 84 c3 00 00 00 48 83 78 10 00 0f 84 b8 00 00 00 41 8b 44 24 28 48 8d 0c 07 49 8b 9c 24 d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 04 24 48 89 f8 65 49 0f c7
[ 55.677676][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 55.697293][ T92] RSP: 0018:ffffc900007a77f0 EFLAGS: 00010282
[ 55.705263][ C1] RBP: ffffc90000bb7ad0 R08: 0000000000000004 R09: 0000000000000003
[ 55.705279][ C1] R10: fffff52000176f28 R11: 1ffff92000176f28 R12: 0000000000000070
[ 55.711325][ T92] RAX: 0000000000000080 RBX: 16edafc78627748b RCX: f48baf07db1e8bd6
[ 55.719292][ C1] R13: ffffc90000bb7c38 R14: ffff88811cf4b980 R15: dffffc0000000000
[ 55.727280][ T92] RDX: 000000000001c7b8 RSI: 0000000000000100 RDI: d68b1edb07af8b74
[ 55.735244][ C1] FS: 00007f9c82804880(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 55.743473][ T92] RBP: ffffc900007a7840 R08: 0000000000400cc0 R09: ffffed1021dd848b
[ 55.751608][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 55.760614][ T92] R10: 0000000000000000 R11: 1ffff11021dd848a R12: ffff888108c5b200
[ 55.768584][ C1] CR2: fffffffffffffffc CR3: 0000000121dec000 CR4: 00000000003506a0
[ 55.775423][ T92] R13: 0000000000000100 R14: 00000000ffffffff R15: 0000000000400cc0
[ 55.783395][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 55.791441][ T92] FS: 00007f8363ee2c80(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 55.799781][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 55.807748][ T92] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 55.816678][ C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 55.824664][ T92] CR2: 000020000000f000 CR3: 000000010f674000 CR4: 00000000003506b0
[ 55.824682][ T92] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 55.824693][ T92] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 55.824704][ T92] Call Trace:
[ 55.824710][ T92]
[ 55.824717][ T92] ? __alloc_skb+0xea/0x4b0
[ 55.824739][ T92] __alloc_skb+0xea/0x4b0
[ 55.824754][ T92] ? kfree+0x6f/0xf0
[ 55.824779][ T92] ? syslog_print+0x4eb/0x550
[ 55.824800][ T92] alloc_skb_with_frags+0xa8/0x620
[ 55.824827][ T92] ? memcpy+0x56/0x70
[ 55.824844][ T92] sock_alloc_send_pskb+0x853/0x980
[ 55.824869][ T92] ? __cfi_sock_alloc_send_pskb+0x10/0x10
[ 55.824890][ T92] ? __kasan_check_write+0x14/0x20
[ 55.824905][ T92] ? _raw_spin_lock+0x8e/0xe0
[ 55.824923][ T92] ? __cfi__raw_spin_lock+0x10/0x10
[ 55.824941][ T92] ? security_socket_getpeersec_dgram+0xbb/0xd0
[ 55.824962][ T92] unix_dgram_sendmsg+0x592/0x16d0
[ 55.824989][ T92] ? __cfi_selinux_socket_sendmsg+0x10/0x10
[ 55.825016][ T92] ? syslog_print+0x4eb/0x550
[ 55.825035][ T92] ? __cfi_unix_dgram_sendmsg+0x10/0x10
[ 55.825061][ T92] ? security_socket_sendmsg+0x93/0xb0
[ 55.825079][ T92] __sys_sendto+0x464/0x5e0
[ 55.825103][ T92] ? __cfi_autoremove_wake_function+0x10/0x10
[ 55.825129][ T92] ? __cfi___sys_sendto+0x10/0x10
[ 55.825148][ T92] ? __cfi_do_syslog+0x10/0x10
[ 55.825168][ T92] ? __this_cpu_preempt_check+0x13/0x20
[ 55.825194][ T92] ? xfd_validate_state+0x70/0x150
[ 55.825218][ T92] ? __kasan_check_write+0x14/0x20
[ 55.825234][ T92] __x64_sys_sendto+0xe5/0x100
[ 55.825253][ T92] x64_sys_call+0x83/0x9a0
[ 55.825273][ T92] do_syscall_64+0x4c/0xa0
[ 55.825289][ T92] ? clear_bhb_loop+0x30/0x80
[ 55.825312][ T92] ? clear_bhb_loop+0x30/0x80
[ 55.825335][ T92] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 55.825357][ T92] RIP: 0033:0x7f8364032407
[ 55.825371][ T92] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 55.825386][ T92] RSP: 002b:00007fffac179bb0 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
[ 55.825404][ T92] RAX: ffffffffffffffda RBX: 00007f8363ee2c80 RCX: 00007f8364032407
[ 55.825417][ T92] RDX: 000000000000009e RSI: 00007fffac179cf0 RDI: 0000000000000003
[ 55.825428][ T92] RBP: 00007fffac17a120 R08: 0000000000000000 R09: 0000000000000000
[ 55.825439][ T92] R10: 0000000000004000 R11: 0000000000000202 R12: 00007fffac17a138
[ 55.825450][ T92] R13: 00007fffac179cf0 R14: 0000000000000083 R15: 00007fffac179cf0
[ 55.825466][ T92]
[ 55.825471][ T92] Modules linked in:
[ 55.832249][ C1] Kernel Offset: disabled
[ 56.106941][ C1] Rebooting in 86400 seconds..