Warning: Permanently added '10.128.0.200' (ED25519) to the list of known hosts.
2025/11/07 17:12:01 parsed 1 programs
[ 49.067595][ T28] audit: type=1400 audit(1762535522.766:106): avc: denied { unlink } for pid=401 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 49.130204][ T401] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 50.279286][ T434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 50.286570][ T434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 50.294446][ T434] device bridge_slave_0 entered promiscuous mode
[ 50.301756][ T434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 50.309017][ T434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 50.316620][ T434] device bridge_slave_1 entered promiscuous mode
[ 50.368524][ T434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 50.376032][ T434] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 50.383553][ T434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 50.390987][ T434] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 50.411184][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 50.419028][ T304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 50.426516][ T304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 50.435933][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 50.444343][ T304] bridge0: port 1(bridge_slave_0) entered blocking state
[ 50.451503][ T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 50.460684][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 50.469018][ T304] bridge0: port 2(bridge_slave_1) entered blocking state
[ 50.476225][ T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 50.489021][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 50.498631][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 50.513651][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 50.526213][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 50.534974][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 50.543189][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 50.552648][ T434] device veth0_vlan entered promiscuous mode
[ 50.563525][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 50.577633][ T434] device veth1_macvtap entered promiscuous mode
[ 50.587930][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 50.598416][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 50.696131][ T28] audit: type=1401 audit(1762535524.386:107): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 51.018299][ T28] audit: type=1400 audit(1762535524.716:108): avc: denied { create } for pid=466 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
2025/11/07 17:12:04 executed programs: 0
[ 51.280908][ T471] bridge0: port 1(bridge_slave_0) entered blocking state
[ 51.288308][ T471] bridge0: port 1(bridge_slave_0) entered disabled state
[ 51.295726][ T471] device bridge_slave_0 entered promiscuous mode
[ 51.303237][ T471] bridge0: port 2(bridge_slave_1) entered blocking state
[ 51.311214][ T471] bridge0: port 2(bridge_slave_1) entered disabled state
[ 51.319498][ T471] device bridge_slave_1 entered promiscuous mode
[ 51.382771][ T471] bridge0: port 2(bridge_slave_1) entered blocking state
[ 51.390043][ T471] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 51.397450][ T471] bridge0: port 1(bridge_slave_0) entered blocking state
[ 51.404847][ T471] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 51.425624][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 51.433378][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 51.441689][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 51.452411][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 51.460870][ T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 51.468143][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 51.482878][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 51.491871][ T43] bridge0: port 2(bridge_slave_1) entered blocking state
[ 51.499220][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 51.512231][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 51.527395][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 51.542240][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 51.555623][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 51.564759][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 51.572631][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 51.586303][ T471] device veth0_vlan entered promiscuous mode
[ 51.597414][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 51.607217][ T471] device veth1_macvtap entered promiscuous mode
[ 51.617659][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 51.634649][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 51.663497][ T482] loop2: detected capacity change from 0 to 1024
[ 51.672547][ T482] =======================================================
[ 51.672547][ T482] WARNING: The mand mount option has been deprecated and
[ 51.672547][ T482] and is ignored by this kernel. Remove the mand
[ 51.672547][ T482] option from the mount to silence this warning.
[ 51.672547][ T482] =======================================================
[ 51.710278][ T482] EXT4-fs: Ignoring removed bh option
[ 51.716049][ T482] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 51.739277][ T482] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 51.748868][ T8] device bridge_slave_1 left promiscuous mode
[ 51.755255][ T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 51.762688][ T28] audit: type=1400 audit(1762535525.456:109): avc: denied { mount } for pid=481 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 51.779241][ T482] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3836: comm syz.2.17: Allocating blocks 497-513 which overlap fs metadata
[ 51.785225][ T28] audit: type=1400 audit(1762535525.456:110): avc: denied { write } for pid=481 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 51.800823][ T482] EXT4-fs (loop2): pa ffff8881237132a0: logic 64, phys. 193, len 20
[ 51.821480][ T8] device bridge_slave_0 left promiscuous mode
[ 51.829504][ T482] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1
[ 51.836934][ T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 51.850318][ T28] audit: type=1400 audit(1762535525.466:111): avc: denied { add_name } for pid=481 comm="syz.2.17" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 51.879401][ T28] audit: type=1400 audit(1762535525.466:112): avc: denied { create } for pid=481 comm="syz.2.17" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 51.903032][ T28] audit: type=1400 audit(1762535525.466:113): avc: denied { read write } for pid=481 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 51.926387][ T8] device veth1_macvtap left promiscuous mode
[ 51.926551][ T28] audit: type=1400 audit(1762535525.466:114): avc: denied { open } for pid=481 comm="syz.2.17" path="/0/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 51.934745][ T8] device veth0_vlan left promiscuous mode
[ 51.958206][ T10] ==================================================================
[ 51.964630][ T28] audit: type=1400 audit(1762535525.506:115): avc: denied { setattr } for pid=481 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 51.973082][ T10] BUG: KASAN: use-after-free in ext4_find_extent+0xbeb/0xe20
[ 51.973134][ T10] Read of size 4 at addr ffff88811d67bc94 by task kworker/u4:1/10
[ 51.973151][ T10]
[ 51.973156][ T10] CPU: 0 PID: 10 Comm: kworker/u4:1 Not tainted syzkaller #0
[ 51.973175][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 51.973187][ T10] Workqueue: writeback wb_workfn (flush-7:2)
[ 52.039759][ T10] Call Trace:
[ 52.043046][ T10]
[ 52.046245][ T10] __dump_stack+0x21/0x24
[ 52.050736][ T10] dump_stack_lvl+0xee/0x150
[ 52.055373][ T10] ? __cfi_dump_stack_lvl+0x8/0x8
[ 52.060628][ T10] ? ext4_find_extent+0xbeb/0xe20
[ 52.065751][ T10] print_address_description+0x71/0x200
[ 52.071486][ T10] print_report+0x4a/0x60
[ 52.076280][ T10] kasan_report+0x122/0x150
[ 52.081010][ T10] ? ext4_find_extent+0xbeb/0xe20
[ 52.086086][ T10] __asan_report_load4_noabort+0x14/0x20
[ 52.091842][ T10] ext4_find_extent+0xbeb/0xe20
[ 52.097069][ T10] ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[ 52.103168][ T10] ext4_ext_map_blocks+0x1da/0x6080
[ 52.108666][ T10] ? kasan_set_track+0x60/0x70
[ 52.113519][ T10] ? kasan_set_track+0x4b/0x70
[ 52.118381][ T10] ? kasan_save_alloc_info+0x25/0x30
[ 52.123970][ T10] ? __kasan_slab_alloc+0x72/0x80
[ 52.129363][ T10] ? slab_post_alloc_hook+0x4f/0x2d0
[ 52.135472][ T10] ? kmem_cache_alloc+0x16e/0x330
[ 52.141116][ T10] ? ext4_alloc_io_end_vec+0x2a/0x160
[ 52.146552][ T10] ? ext4_writepages+0xf42/0x3020
[ 52.151961][ T10] ? do_writepages+0x3a9/0x5e0
[ 52.156997][ T10] ? __writeback_single_inode+0xc6/0xad0
[ 52.162994][ T10] ? writeback_sb_inodes+0x9b8/0x1550
[ 52.168375][ T10] ? wb_writeback+0x3f1/0x980
[ 52.173301][ T10] ? wb_workfn+0x350/0xda0
[ 52.177814][ T10] ? process_one_work+0x71f/0xc40
[ 52.182970][ T10] ? worker_thread+0xa29/0x11f0
[ 52.187914][ T10] ? kthread+0x281/0x320
[ 52.192365][ T10] ? __cfi_ext4_ext_map_blocks+0x10/0x10
[ 52.198188][ T10] ? ext4_es_lookup_extent+0x54c/0x900
[ 52.203924][ T10] ext4_map_blocks+0x9cb/0x1b60
[ 52.208794][ T10] ? __cfi_ext4_map_blocks+0x10/0x10
[ 52.214110][ T10] ? ext4_inode_journal_mode+0x19a/0x480
[ 52.220132][ T10] ext4_writepages+0x1260/0x3020
[ 52.225224][ T10] ? xas_load+0x39e/0x3b0
[ 52.229566][ T10] ? __cfi_ext4_writepages+0x10/0x10
[ 52.235140][ T10] ? __kasan_check_write+0x14/0x20
[ 52.240258][ T10] ? __filemap_get_folio+0x81c/0x980
[ 52.245775][ T10] ? __kasan_check_read+0x11/0x20
[ 52.251149][ T10] ? folio_mark_accessed+0x1b8/0x4d0
[ 52.256833][ T10] ? __kasan_check_write+0x14/0x20
[ 52.262037][ T10] ? copy_page_from_iter_atomic+0x456/0x1210
[ 52.268312][ T10] ? __cfi_ext4_writepages+0x10/0x10
[ 52.273607][ T10] do_writepages+0x3a9/0x5e0
[ 52.278227][ T10] ? __kasan_check_read+0x11/0x20
[ 52.283257][ T10] ? inode_to_bdi+0x69/0xf0
[ 52.287944][ T10] ? __cfi_do_writepages+0x10/0x10
[ 52.293154][ T10] ? shmem_write_end+0x33d/0x380
[ 52.298184][ T10] ? balance_dirty_pages_ratelimited+0x17/0x20
[ 52.304430][ T10] ? __kasan_check_write+0x14/0x20
[ 52.309741][ T10] ? _raw_spin_lock+0x8e/0xe0
[ 52.314613][ T10] __writeback_single_inode+0xc6/0xad0
[ 52.320306][ T10] ? inode_io_list_move_locked+0x366/0x3d0
[ 52.326133][ T10] writeback_sb_inodes+0x9b8/0x1550
[ 52.331440][ T10] ? file_has_perm+0x4a1/0x640
[ 52.336695][ T10] ? queue_io+0x4c0/0x4c0
[ 52.341062][ T10] ? __kasan_check_read+0x11/0x20
[ 52.346274][ T10] ? queue_io+0x382/0x4c0
[ 52.350777][ T10] wb_writeback+0x3f1/0x980
[ 52.355333][ T10] ? inode_cgwb_move_to_attached+0x3e0/0x3e0
[ 52.361515][ T10] ? set_worker_desc+0x155/0x1c0
[ 52.366720][ T10] ? update_load_avg+0x4c2/0x13f0
[ 52.371775][ T10] ? __kasan_check_write+0x14/0x20
[ 52.376910][ T10] ? sched_clock_cpu+0x6e/0x250
[ 52.382057][ T10] wb_workfn+0x350/0xda0
[ 52.386406][ T10] ? __cfi_wb_workfn+0x10/0x10
[ 52.391264][ T10] ? kthread_data+0x50/0xc0
[ 52.395873][ T10] ? _raw_spin_unlock+0x4c/0x70
[ 52.401005][ T10] ? finish_task_switch+0x16b/0x7b0
[ 52.406486][ T10] ? __switch_to_asm+0x3a/0x60
[ 52.411662][ T10] ? __schedule+0xb8f/0x14e0
[ 52.416275][ T10] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 52.422262][ T10] process_one_work+0x71f/0xc40
[ 52.427296][ T10] worker_thread+0xa29/0x11f0
[ 52.432119][ T10] kthread+0x281/0x320
[ 52.436913][ T10] ? __cfi_worker_thread+0x10/0x10
[ 52.442367][ T10] ? __cfi_kthread+0x10/0x10
[ 52.447390][ T10] ret_from_fork+0x1f/0x30
[ 52.452072][ T10]
[ 52.455265][ T10]
[ 52.457584][ T10] Allocated by task 132:
[ 52.462007][ T10] kasan_set_track+0x4b/0x70
[ 52.466625][ T10] kasan_save_alloc_info+0x25/0x30
[ 52.471763][ T10] __kasan_slab_alloc+0x72/0x80
[ 52.476900][ T10] slab_post_alloc_hook+0x4f/0x2d0
[ 52.482113][ T10] kmem_cache_alloc+0x16e/0x330
[ 52.487157][ T10] vm_area_alloc+0x24/0x1a0
[ 52.491926][ T10] mmap_region+0xf9f/0x2290
[ 52.496703][ T10] do_mmap+0x843/0xdc0
[ 52.500872][ T10] vm_mmap_pgoff+0x1f5/0x3f0
[ 52.505720][ T10] ksys_mmap_pgoff+0x161/0x1d0
[ 52.510867][ T10] __x64_sys_mmap+0xfa/0x110
[ 52.515862][ T10] x64_sys_call+0x8fd/0x9a0
[ 52.520474][ T10] do_syscall_64+0x4c/0xa0
[ 52.525346][ T10] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 52.531893][ T10]
[ 52.534636][ T10] The buggy address belongs to the object at ffff88811d67bc60
[ 52.534636][ T10] which belongs to the cache vm_area_struct of size 200
[ 52.549563][ T10] The buggy address is located 52 bytes inside of
[ 52.549563][ T10] 200-byte region [ffff88811d67bc60, ffff88811d67bd28)
[ 52.562847][ T10]
[ 52.565311][ T10] The buggy address belongs to the physical page:
[ 52.571988][ T10] page:ffffea0004759ec0 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88811d67be70 pfn:0x11d67b
[ 52.584346][ T10] flags: 0x4000000000000200(slab|zone=1)
[ 52.590445][ T10] raw: 4000000000000200 ffffea0004759f48 ffffea0004759e48 ffff8881001eaa80
[ 52.599300][ T10] raw: ffff88811d67be70 00000000000f0006 00000001ffffffff 0000000000000000
[ 52.608407][ T10] page dumped because: kasan: bad access detected
[ 52.615440][ T10] page_owner tracks the page as allocated
[ 52.621255][ T10] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 132, tgid 132 (sh), ts 7738171582, free_ts 0
[ 52.637930][ T10] post_alloc_hook+0x1f5/0x210
[ 52.642727][ T10] prep_new_page+0x1c/0x110
[ 52.647237][ T10] get_page_from_freelist+0x2c7b/0x2cf0
[ 52.652799][ T10] __alloc_pages+0x1c3/0x450
[ 52.657393][ T10] alloc_slab_page+0x6e/0xf0
[ 52.662094][ T10] new_slab+0x98/0x3d0
[ 52.666340][ T10] ___slab_alloc+0x6bd/0xb20
[ 52.670934][ T10] __slab_alloc+0x5e/0xa0
[ 52.675569][ T10] kmem_cache_alloc+0x1b0/0x330
[ 52.680568][ T10] vm_area_dup+0x27/0x280
[ 52.685006][ T10] __split_vma+0x1d2/0x930
[ 52.689531][ T10] do_mas_align_munmap+0x2e1/0x1230
[ 52.694751][ T10] do_mas_munmap+0x241/0x2b0
[ 52.699452][ T10] mmap_region+0x6b4/0x2290
[ 52.703973][ T10] do_mmap+0x843/0xdc0
[ 52.708059][ T10] vm_mmap_pgoff+0x1f5/0x3f0
[ 52.712832][ T10] page_owner free stack trace missing
[ 52.718208][ T10]
[ 52.720707][ T10] Memory state around the buggy address:
[ 52.726602][ T10] ffff88811d67bb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 52.734872][ T10] ffff88811d67bc00: fb fb fb fb fc fc fc fc fc fc fc fc fb fb fb fb
[ 52.742946][ T10] >ffff88811d67bc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 52.751188][ T10] ^
[ 52.755962][ T10] ffff88811d67bd00: fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb
[ 52.764248][ T10] ffff88811d67bd80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 52.772659][ T10] ==================================================================
[ 52.788431][ T10] Disabling lock debugging due to kernel taint
[ 52.795041][ T10] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4872: inode #15: block 36: len 1: ext4_ext_map_blocks returned -28
[ 52.813221][ T471] EXT4-fs (loop2): unmounting filesystem.
[ 52.823588][ T471] general protection fault, probably for non-canonical address 0x4879ba01d75a0532: 0000 [#1] PREEMPT SMP KASAN
[ 52.836224][ T471] CPU: 0 PID: 471 Comm: syz-executor Tainted: G B syzkaller #0
[ 52.846666][ T471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 52.858664][ T471] RIP: 0010:kmem_cache_alloc+0xf7/0x330
[ 52.864529][ T471] Code: 08 48 8b 38 48 85 ff 0f 84 bd 00 00 00 48 83 78 10 00 0f 84 b2 00 00 00 41 8b 47 28 48 8d 0c 07 49 8b 9f d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 07 48 89 f8 65 49 0f c7 08
[ 52.885375][ T471] RSP: 0018:ffffc90000bd7c60 EFLAGS: 00010282
[ 52.892121][ T471] RAX: 0000000000000080 RBX: c819d21c56d2fb4d RCX: 32055ad701ba7948
[ 52.900195][ T471] RDX: 0000000000011818 RSI: 0000000000000108 RDI: 4879ba01d75a04b2
[ 52.908362][ T471] RBP: ffffc90000bd7ca8 R08: dffffc0000000000 R09: ffffed1022f19c94
[ 52.916538][ T471] R10: 0000000000000000 R11: 1ffff11022f19c93 R12: 0000000000000108
[ 52.924642][ T471] R13: ffffffff81bd77c8 R14: 0000000000000dc0 R15: ffff8881001edb00
[ 52.933064][ T471] FS: 000055558b708500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 52.942225][ T471] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 52.949005][ T471] CR2: 000055558b72b4e8 CR3: 000000012bc10000 CR4: 00000000003506b0
[ 52.957443][ T471] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 52.965704][ T471] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 52.974082][ T471] Call Trace:
[ 52.977646][ T471]
[ 52.980585][ T471] ? __alloc_file+0x28/0x2a0
[ 52.985358][ T471] ? __cfi__raw_spin_lock+0x10/0x10
[ 52.990584][ T471] __alloc_file+0x28/0x2a0
[ 52.995189][ T471] alloc_empty_file+0x97/0x180
[ 53.000398][ T471] alloc_file+0x59/0x640
[ 53.004840][ T471] alloc_file_pseudo+0x17a/0x1f0
[ 53.009786][ T471] ? __cfi_alloc_file_pseudo+0x10/0x10
[ 53.015510][ T471] ? _raw_spin_unlock+0x4c/0x70
[ 53.020463][ T471] ? alloc_fd+0x4e6/0x590
[ 53.025061][ T471] sock_alloc_file+0xba/0x270
[ 53.029753][ T471] __sys_socket+0x135/0x1a0
[ 53.034352][ T471] __x64_sys_socket+0x7a/0x90
[ 53.039123][ T471] x64_sys_call+0x449/0x9a0
[ 53.043913][ T471] do_syscall_64+0x4c/0xa0
[ 53.048341][ T471] ? clear_bhb_loop+0x30/0x80
[ 53.053391][ T471] ? clear_bhb_loop+0x30/0x80
[ 53.058079][ T471] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 53.064195][ T471] RIP: 0033:0x7fdd05790ee7
[ 53.068639][ T471] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 53.088967][ T471] RSP: 002b:00007ffdf8f4af48 EFLAGS: 00000206 ORIG_RAX: 0000000000000029
[ 53.097662][ T471] RAX: ffffffffffffffda RBX: 00007fdd059b1300 RCX: 00007fdd05790ee7
[ 53.106263][ T471] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002
[ 53.114419][ T471] RBP: 00007ffdf8f4b66c R08: 000000000000000a R09: 00007ffdf8f4b377
[ 53.122747][ T471] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 53.130736][ T471] R13: 00000000000927c0 R14: 0000000000000000 R15: 00007ffdf8f4b6c0
[ 53.139592][ T471]
[ 53.142698][ T471] Modules linked in:
[ 53.147864][ T408] general protection fault, probably for non-canonical address 0x4879ba01d75a0532: 0000 [#2] PREEMPT SMP KASAN
[ 53.152556][ T471] ---[ end trace 0000000000000000 ]---
[ 53.160041][ T408] CPU: 0 PID: 408 Comm: udevd Tainted: G B D syzkaller #0
[ 53.160067][ T408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 53.160079][ T408] RIP: 0010:kmem_cache_alloc+0xf7/0x330
[ 53.160112][ T408] Code: 08 48 8b 38 48 85 ff 0f 84 bd 00 00 00 48 83 78 10 00 0f 84 b2 00 00 00 41 8b 47 28 48 8d 0c 07 49 8b 9f d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 07 48 89 f8 65 49 0f c7 08
[ 53.160130][ T408] RSP: 0018:ffffc90000ba78e0 EFLAGS: 00010282
[ 53.160150][ T408] RAX: 0000000000000080 RBX: c819d21c56d2fb4d RCX: 32055ad701ba7948
[ 53.160165][ T408] RDX: 0000000000011818 RSI: 0000000000000108 RDI: 4879ba01d75a04b2
[ 53.160180][ T408] RBP: ffffc90000ba7928 R08: dffffc0000000000 R09: ffffc90000ba7c00
[ 53.160196][ T408] R10: 0000000000000000 R11: 1ffff92000174f80 R12: 0000000000000108
[ 53.160210][ T408] R13: ffffffff81bd77c8 R14: 0000000000000dc0 R15: ffff8881001edb00
[ 53.160225][ T408] FS: 00007fa3b6084880(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 53.160252][ T408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 53.160268][ T408] CR2: 000055558b72b4e8 CR3: 000000012c6b4000 CR4: 00000000003506b0
[ 53.160285][ T408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 53.168912][ T471] RIP: 0010:kmem_cache_alloc+0xf7/0x330
[ 53.174438][ T408] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 53.185781][ T471] Code: 08 48 8b 38 48 85 ff 0f 84 bd 00 00 00 48 83 78 10 00 0f 84 b2 00 00 00 41 8b 47 28 48 8d 0c 07 49 8b 9f d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 07 48 89 f8 65 49 0f c7 08
[ 53.190455][ T408] Call Trace:
[ 53.190462][ T408]
[ 53.190469][ T408] ? __alloc_file+0x28/0x2a0
[ 53.190498][ T408] __alloc_file+0x28/0x2a0
[ 53.210996][ T471] RSP: 0018:ffffc90000bd7c60 EFLAGS: 00010282
[ 53.216948][ T408] alloc_empty_file+0x97/0x180
[ 53.216976][ T408] path_openat+0xf4/0x2f50
[ 53.216999][ T408] ? kasan_set_track+0x4b/0x70
[ 53.217018][ T408] ? kasan_save_alloc_info+0x25/0x30
[ 53.225826][ T471]
[ 53.233768][ T408] ? __kasan_slab_alloc+0x72/0x80
[ 53.233795][ T408] ? kmem_cache_alloc+0x16e/0x330
[ 53.242428][ T471] RAX: 0000000000000080 RBX: c819d21c56d2fb4d RCX: 32055ad701ba7948
[ 53.250192][ T408] ? getname_flags+0xb9/0x500
[ 53.250216][ T408] ? getname+0x19/0x20
[ 53.250231][ T408] ? do_sys_openat2+0xcb/0x7e0
[ 53.258623][ T471] RDX: 0000000000011818 RSI: 0000000000000108 RDI: 4879ba01d75a04b2
[ 53.267354][ T408] ? __x64_sys_openat+0x136/0x160
[ 53.267384][ T408] ? x64_sys_call+0x783/0x9a0
[ 53.267406][ T408] ? do_syscall_64+0x4c/0xa0
[ 53.274877][ T471] RBP: ffffc90000bd7ca8 R08: dffffc0000000000 R09: ffffed1022f19c94
[ 53.284057][ T408] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 53.284097][ T408] ? do_filp_open+0x3c0/0x3c0
[ 53.293030][ T471] R10: 0000000000000000 R11: 1ffff11022f19c93 R12: 0000000000000108
[ 53.298239][ T408] do_filp_open+0x1c1/0x3c0
[ 53.298266][ T408] ? __cfi_do_filp_open+0x10/0x10
[ 53.306362][ T471] R13: ffffffff81bd77c8 R14: 0000000000000dc0 R15: ffff8881001edb00
[ 53.326722][ T408] ? alloc_fd+0x4e6/0x590
[ 53.326753][ T408] do_sys_openat2+0x185/0x7e0
[ 53.330604][ T471] FS: 000055558b708500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 53.333476][ T408] ? kvm_sched_clock_read+0x18/0x40
[ 53.338863][ T471] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 53.343262][ T408] ? do_sys_open+0xe0/0xe0
[ 53.350191][ T471] CR2: 00005653bce8b2a0 CR3: 000000012bc10000 CR4: 00000000003506a0
[ 53.355326][ T408] ? sched_clock_cpu+0x6e/0x250
[ 53.360469][ T471] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 53.365044][ T408] __x64_sys_openat+0x136/0x160
[ 53.371198][ T471] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 53.373305][ T408] x64_sys_call+0x783/0x9a0
[ 53.379321][ T471] Kernel panic - not syncing: Fatal exception
[ 53.384137][ T408] do_syscall_64+0x4c/0xa0
[ 53.384162][ T408] ? clear_bhb_loop+0x30/0x80
[ 53.384187][ T408] ? clear_bhb_loop+0x30/0x80
[ 53.384211][ T408] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 53.384235][ T408] RIP: 0033:0x7fa3b58a7407
[ 53.384250][ T408] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[ 53.384264][ T408] RSP: 002b:00007ffe7b814b70 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 53.384283][ T408] RAX: ffffffffffffffda RBX: 00007fa3b6084880 RCX: 00007fa3b58a7407
[ 53.384296][ T408] RDX: 00000000000a0800 RSI: 00005653bcc12a00 RDI: ffffffffffffff9c
[ 53.384309][ T408] RBP: 00005653bcc0f2c0 R08: 0000000000000000 R09: 0000000000000000
[ 53.384320][ T408] R10: 0000000000000000 R11: 0000000000000202 R12: 00005653bce89d60
[ 53.384331][ T408] R13: 00005653bce54920 R14: 0000000000000000 R15: 00005653bce89d60
[ 53.384347][ T408]
[ 53.384352][ T408] Modules linked in:
[ 53.393012][ T471] Kernel Offset: disabled
[ 53.665119][ T471] Rebooting in 86400 seconds..