Warning: Permanently added '10.128.0.49' (ED25519) to the list of known hosts. 2025/12/07 00:11:39 parsed 1 programs [ 43.618564][ T24] kauditd_printk_skb: 30 callbacks suppressed [ 43.618575][ T24] audit: type=1400 audit(1765066300.460:104): avc: denied { unlink } for pid=405 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 43.673111][ T405] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.251667][ T24] audit: type=1401 audit(1765066301.090:105): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768" [ 44.399512][ T432] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.406692][ T432] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.414214][ T432] device bridge_slave_0 entered promiscuous mode [ 44.421170][ T432] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.428808][ T432] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.436389][ T432] device bridge_slave_1 entered promiscuous mode [ 44.466534][ T432] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.473583][ T432] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.481049][ T432] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.488211][ T432] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.503901][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.511493][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.518803][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.528526][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.536886][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.544029][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.552466][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.560689][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.567958][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.580164][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.589597][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.602907][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.614202][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.622565][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.631209][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.639607][ T432] device veth0_vlan entered promiscuous mode [ 44.650238][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.659393][ T432] device veth1_macvtap entered promiscuous mode [ 44.668066][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.677864][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.815492][ T24] audit: type=1400 audit(1765066301.660:106): avc: denied { create } for pid=447 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 2025/12/07 00:11:42 executed programs: 0 [ 45.226436][ T24] audit: type=1400 audit(1765066302.070:107): avc: denied { write } for pid=397 comm="syz-execprog" path="pipe:[15389]" dev="pipefs" ino=15389 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.267889][ T466] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.275293][ T466] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.282723][ T466] device bridge_slave_0 entered promiscuous mode [ 45.290412][ T466] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.297914][ T466] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.305492][ T466] device bridge_slave_1 entered promiscuous mode [ 45.350351][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.357782][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.370122][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.379028][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.387690][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.395145][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.402858][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 45.414940][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.423602][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.432208][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.439740][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.448418][ T293] device bridge_slave_1 left promiscuous mode [ 45.454693][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.462399][ T293] device bridge_slave_0 left promiscuous mode [ 45.468984][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.477404][ T293] device veth1_macvtap left promiscuous mode [ 45.483552][ T293] device veth0_vlan left promiscuous mode [ 45.572938][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.582236][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 45.596929][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 45.609251][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 45.617620][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 45.625174][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 45.633784][ T466] device veth0_vlan entered promiscuous mode [ 45.644156][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 45.654093][ T466] device veth1_macvtap entered promiscuous mode [ 45.662931][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 45.673215][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 45.744375][ T471] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 45.757829][ T471] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 45.769714][ T471] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 45.783178][ T471] EXT4-fs (loop2): 1 truncate cleaned up [ 45.789145][ T471] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue [ 45.808496][ T24] audit: type=1400 audit(1765066302.650:108): avc: denied { mount } for pid=470 comm="syz.2.16" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 45.828461][ T471] ================================================================== [ 45.831689][ T24] audit: type=1400 audit(1765066302.650:109): avc: denied { write } for pid=470 comm="syz.2.16" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 45.839687][ T471] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x1339/0x36c0 [ 45.839698][ T471] Read of size 18446744073709551540 at addr ffff888117490870 by task syz.2.16/471 [ 45.839700][ T471] [ 45.839711][ T471] CPU: 1 PID: 471 Comm: syz.2.16 Not tainted syzkaller #0 [ 45.839717][ T471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 45.839721][ T471] Call Trace: [ 45.839736][ T471] __dump_stack+0x21/0x24 [ 45.839754][ T471] dump_stack_lvl+0x169/0x1d8 [ 45.839774][ T471] ? show_regs_print_info+0x18/0x18 [ 45.862632][ T24] audit: type=1400 audit(1765066302.650:110): avc: denied { open } for pid=470 comm="syz.2.16" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 45.869826][ T471] ? thaw_kernel_threads+0x220/0x220 [ 45.869839][ T471] print_address_description+0x7f/0x2c0 [ 45.869850][ T471] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 45.869867][ T471] kasan_report+0xe2/0x130 [ 45.879153][ T24] audit: type=1400 audit(1765066302.650:111): avc: denied { setattr } for pid=470 comm="syz.2.16" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 45.881383][ T471] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 45.988104][ T471] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 45.993847][ T471] kasan_check_range+0x280/0x290 [ 45.998803][ T471] memmove+0x2d/0x70 [ 46.002701][ T471] ext4_xattr_set_entry+0x1339/0x36c0 [ 46.008265][ T471] ? fscrypt_drop_inode+0xad/0x110 [ 46.013379][ T471] ? ext4_xattr_ibody_set+0x360/0x360 [ 46.018783][ T471] ? slab_post_alloc_hook+0x7d/0x2f0 [ 46.024266][ T471] ? ext4_xattr_block_set+0x847/0x2a50 [ 46.030023][ T471] ? ext4_xattr_block_set+0x847/0x2a50 [ 46.035763][ T471] ? __kmalloc_track_caller+0x181/0x320 [ 46.041328][ T471] ? memcpy+0x56/0x70 [ 46.045413][ T471] ext4_xattr_block_set+0x92f/0x2a50 [ 46.050876][ T471] ? __kasan_check_read+0x11/0x20 [ 46.056048][ T471] ? __ext4_xattr_check_block+0x265/0x8e0 [ 46.061771][ T471] ? ext4_xattr_block_find+0x4f0/0x4f0 [ 46.067394][ T471] ? __kasan_check_write+0x14/0x20 [ 46.072568][ T471] ext4_xattr_set_handle+0xba5/0x12a0 [ 46.077956][ T471] ? ext4_xattr_set_entry+0x36c0/0x36c0 [ 46.083502][ T471] ? __kasan_check_read+0x11/0x20 [ 46.089089][ T471] ? __ext4_journal_start_sb+0x2e2/0x490 [ 46.094978][ T471] ext4_xattr_set+0x1ec/0x320 [ 46.099861][ T471] ? ext4_xattr_set_credits+0x290/0x290 [ 46.105410][ T471] ext4_xattr_trusted_set+0x3b/0x50 [ 46.110858][ T471] ? ext4_xattr_trusted_get+0x40/0x40 [ 46.116396][ T471] __vfs_setxattr+0x42a/0x480 [ 46.121182][ T471] __vfs_setxattr_noperm+0x11e/0x4e0 [ 46.127005][ T471] __vfs_setxattr_locked+0x203/0x220 [ 46.132772][ T471] vfs_setxattr+0x8d/0x1c0 [ 46.137476][ T471] setxattr+0x1a9/0x370 [ 46.141835][ T471] ? path_setxattr+0x210/0x210 [ 46.146890][ T471] ? __mnt_want_write+0x1e6/0x260 [ 46.152064][ T471] ? mnt_want_write+0x19d/0x270 [ 46.157449][ T471] path_setxattr+0x110/0x210 [ 46.162033][ T471] ? simple_xattr_list_add+0x120/0x120 [ 46.167598][ T471] ? do_sys_truncate+0x12f/0x190 [ 46.172874][ T471] __x64_sys_lsetxattr+0xc2/0xe0 [ 46.178118][ T471] do_syscall_64+0x31/0x40 [ 46.182542][ T471] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.188597][ T471] RIP: 0033:0x7ffa9506b169 [ 46.193576][ T471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.213357][ T471] RSP: 002b:00007ffa94add038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 46.221772][ T471] RAX: ffffffffffffffda RBX: 00007ffa95283fa0 RCX: 00007ffa9506b169 [ 46.229877][ T471] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000100 [ 46.238313][ T471] RBP: 00007ffa950ec990 R08: 0000000000000000 R09: 0000000000000000 [ 46.246633][ T471] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000 [ 46.254954][ T471] R13: 0000000000000000 R14: 00007ffa95283fa0 R15: 00007ffce60c9888 [ 46.263198][ T471] [ 46.265585][ T471] Allocated by task 0: [ 46.269670][ T471] (stack is not available) [ 46.274093][ T471] [ 46.276721][ T471] The buggy address belongs to the object at ffff888117490800 [ 46.276721][ T471] which belongs to the cache kmalloc-1k of size 1024 [ 46.291293][ T471] The buggy address is located 112 bytes inside of [ 46.291293][ T471] 1024-byte region [ffff888117490800, ffff888117490c00) [ 46.304818][ T471] The buggy address belongs to the page: [ 46.310447][ T471] page:ffffea00045d2400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117490 [ 46.321128][ T471] head:ffffea00045d2400 order:3 compound_mapcount:0 compound_pincount:0 [ 46.329642][ T471] flags: 0x4000000000010200(slab|head) [ 46.335105][ T471] raw: 4000000000010200 0000000000000000 0000000100000001 ffff888100042f00 [ 46.343948][ T471] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 46.352624][ T471] page dumped because: kasan: bad access detected [ 46.359161][ T471] page_owner tracks the page as allocated [ 46.364885][ T471] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 97, ts 5244356944, free_ts 0 [ 46.383260][ T471] prep_new_page+0x179/0x180 [ 46.387941][ T471] get_page_from_freelist+0x2235/0x23d0 [ 46.393515][ T471] __alloc_pages_nodemask+0x268/0x5f0 [ 46.398894][ T471] new_slab+0x84/0x3f0 [ 46.403043][ T471] ___slab_alloc+0x2a6/0x450 [ 46.407624][ T471] __slab_alloc+0x63/0xa0 [ 46.412068][ T471] __kmalloc_track_caller+0x1ef/0x320 [ 46.417558][ T471] __alloc_skb+0xdc/0x520 [ 46.422072][ T471] netlink_sendmsg+0x5f6/0xb30 [ 46.427605][ T471] ____sys_sendmsg+0x5a2/0x8c0 [ 46.432663][ T471] ___sys_sendmsg+0x1f0/0x260 [ 46.437570][ T471] __x64_sys_sendmsg+0x1e2/0x2a0 [ 46.442498][ T471] do_syscall_64+0x31/0x40 [ 46.446901][ T471] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.452855][ T471] page_owner free stack trace missing [ 46.458203][ T471] [ 46.460507][ T471] Memory state around the buggy address: [ 46.466218][ T471] ffff888117490700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.474257][ T471] ffff888117490780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.482298][ T471] >ffff888117490800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.490340][ T471] ^ [ 46.498050][ T471] ffff888117490880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.506291][ T471] ffff888117490900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.514455][ T471] ================================================================== [ 46.522839][ T471] Disabling lock debugging due to kernel taint [ 46.534299][ T24] audit: type=1400 audit(1765066303.370:112): avc: denied { read } for pid=77 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 46.556910][ T24] audit: type=1400 audit(1765066303.370:113): avc: denied { search } for pid=77 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 46.652559][ T476] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 46.666135][ T476] EXT4-fs (loop2): 1 truncate cleaned up [ 46.672175][ T476] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue [ 46.715463][ T476] BUG: unable to handle page fault for address: ffff888119e54000 [ 46.723298][ T476] #PF: supervisor write access in kernel mode [ 46.729438][ T476] #PF: error_code(0x0003) - permissions violation [ 46.736013][ T476] PGD 6e01067 P4D 6e01067 PUD 1087e3063 PMD 10c27e063 PTE 8000000119e54161 [ 46.744590][ T476] Oops: 0003 [#1] PREEMPT SMP KASAN [ 46.750043][ T476] CPU: 0 PID: 476 Comm: syz.2.17 Tainted: G B syzkaller #0 [ 46.758662][ T476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 46.768866][ T476] RIP: 0010:__memmove+0x19c/0x1a0 [ 46.773968][ T476] Code: fa 02 72 16 66 44 8b 1e 66 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01 72 06 44 8a 1e 44 88 1f c3 48 89 d1 a4 c3 00 eb 2e 0f 1f 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 [ 46.793981][ T476] RSP: 0018:ffffc90002717380 EFLAGS: 00010282 [ 46.800212][ T476] RAX: ffff888117afe850 RBX: ffffffffffffffb4 RCX: fffffffffdcaa804 [ 46.808276][ T476] RDX: ffffffffffffffb4 RSI: ffff888119e54020 RDI: ffff888119e54000 [ 46.816330][ T476] RBP: ffffc900027173b0 R08: ffff888117afe804 R09: ffffed1022f5fd80 [ 46.824313][ T476] R10: 0000000000000000 R11: 0000000000000080 R12: 0000000000000000 [ 46.832594][ T476] R13: ffffffff81ddfa99 R14: ffff888117afe870 R15: ffff888117afe850 [ 46.840574][ T476] FS: 00007ffa94add6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 46.849657][ T476] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.856462][ T476] CR2: ffff888119e54000 CR3: 000000010ffcf000 CR4: 00000000003506b0 [ 46.864437][ T476] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 46.872591][ T476] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 46.881002][ T476] Call Trace: [ 46.884296][ T476] ? memmove+0x56/0x70 [ 46.888532][ T476] ext4_xattr_set_entry+0x1339/0x36c0 [ 46.893899][ T476] ? fscrypt_drop_inode+0xad/0x110 [ 46.899372][ T476] ? ext4_xattr_ibody_set+0x360/0x360 [ 46.904757][ T476] ? slab_post_alloc_hook+0x7d/0x2f0 [ 46.910068][ T476] ? ext4_xattr_block_set+0x847/0x2a50 [ 46.915590][ T476] ? ext4_xattr_block_set+0x847/0x2a50 [ 46.921031][ T476] ? __kmalloc_track_caller+0x181/0x320 [ 46.926554][ T476] ? memcpy+0x56/0x70 [ 46.930531][ T476] ext4_xattr_block_set+0x92f/0x2a50 [ 46.935988][ T476] ? __kasan_check_read+0x11/0x20 [ 46.941169][ T476] ? __ext4_xattr_check_block+0x265/0x8e0 [ 46.947000][ T476] ? ext4_xattr_block_find+0x4f0/0x4f0 [ 46.952466][ T476] ? __kasan_check_write+0x14/0x20 [ 46.957612][ T476] ext4_xattr_set_handle+0xba5/0x12a0 [ 46.963166][ T476] ? ext4_xattr_set_entry+0x36c0/0x36c0 [ 46.968709][ T476] ? __kasan_check_read+0x11/0x20 [ 46.973737][ T476] ? __ext4_journal_start_sb+0x2e2/0x490 [ 46.979468][ T476] ext4_xattr_set+0x1ec/0x320 [ 46.984158][ T476] ? ext4_xattr_set_credits+0x290/0x290 [ 46.989855][ T476] ext4_xattr_trusted_set+0x3b/0x50 [ 46.995032][ T476] ? ext4_xattr_trusted_get+0x40/0x40 [ 47.000516][ T476] __vfs_setxattr+0x42a/0x480 [ 47.005229][ T476] __vfs_setxattr_noperm+0x11e/0x4e0 [ 47.010508][ T476] __vfs_setxattr_locked+0x203/0x220 [ 47.015787][ T476] vfs_setxattr+0x8d/0x1c0 [ 47.020192][ T476] setxattr+0x1a9/0x370 [ 47.024364][ T476] ? path_setxattr+0x210/0x210 [ 47.029251][ T476] ? __mnt_want_write+0x1e6/0x260 [ 47.034392][ T476] ? mnt_want_write+0x19d/0x270 [ 47.039447][ T476] path_setxattr+0x110/0x210 [ 47.044027][ T476] ? simple_xattr_list_add+0x120/0x120 [ 47.049727][ T476] ? do_sys_truncate+0x12f/0x190 [ 47.054775][ T476] __x64_sys_lsetxattr+0xc2/0xe0 [ 47.059718][ T476] do_syscall_64+0x31/0x40 [ 47.064198][ T476] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.070074][ T476] RIP: 0033:0x7ffa9506b169 [ 47.074491][ T476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.094277][ T476] RSP: 002b:00007ffa94add038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 47.102672][ T476] RAX: ffffffffffffffda RBX: 00007ffa95283fa0 RCX: 00007ffa9506b169 [ 47.110793][ T476] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000100 [ 47.118758][ T476] RBP: 00007ffa950ec990 R08: 0000000000000000 R09: 0000000000000000 [ 47.126711][ T476] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000 [ 47.134759][ T476] R13: 0000000000000000 R14: 00007ffa95283fa0 R15: 00007ffce60c9888 [ 47.142912][ T476] Modules linked in: [ 47.146974][ T476] CR2: ffff888119e54000 [ 47.151271][ T476] ---[ end trace 60d9fbcd663a8807 ]--- [ 47.151303][ C1] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#2] PREEMPT SMP KASAN [ 47.157222][ T476] RIP: 0010:__memmove+0x19c/0x1a0 [ 47.169098][ C1] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 47.174110][ T476] Code: fa 02 72 16 66 44 8b 1e 66 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01 72 06 44 8a 1e 44 88 1f c3 48 89 d1 a4 c3 00 eb 2e 0f 1f 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 [ 47.182591][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G B D syzkaller #0 [ 47.202263][ T476] RSP: 0018:ffffc90002717380 EFLAGS: 00010282 [ 47.210926][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 47.210937][ T476] [ 47.217173][ C1] RIP: 0010:ip6t_do_table+0x248/0x14e0 [ 47.227213][ T476] RAX: ffff888117afe850 RBX: ffffffffffffffb4 RCX: fffffffffdcaa804 [ 47.229560][ C1] Code: 83 c3 38 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 a9 93 9b fd 45 89 f6 49 c1 e6 03 4c 03 33 4c 89 f0 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 f7 e8 89 93 9b fd 49 8b 06 48 89 44 24 [ 47.235155][ T476] RDX: ffffffffffffffb4 RSI: ffff888119e54020 RDI: ffff888119e54000 [ 47.243404][ C1] RSP: 0018:ffffc90000170820 EFLAGS: 00010202 [ 47.263081][ T476] RBP: ffffc900027173b0 R08: ffff888117afe804 R09: ffffed1022f5fd80 [ 47.271125][ C1] [ 47.277183][ T476] R10: 0000000000000000 R11: 0000000000000080 R12: 0000000000000000 [ 47.285404][ C1] RAX: 0000000000000001 RBX: ffff888117b64038 RCX: 6832897386757300 [ 47.287730][ T476] R13: ffffffff81ddfa99 R14: ffff888117afe870 R15: ffff888117afe850 [ 47.295918][ C1] RDX: 0000000080000101 RSI: ffffffff85202f00 RDI: ffffffff85202ec0 [ 47.303877][ T476] FS: 00007ffa94add6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 47.311933][ C1] RBP: ffffc90000170a08 R08: dffffc0000000000 R09: ffffc90000170970 [ 47.319990][ T476] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.329027][ C1] R10: fffff5200002e133 R11: 1ffff9200002e12e R12: dffffc0000000000 [ 47.337086][ T476] CR2: ffff888119e54000 CR3: 000000010ffcf000 CR4: 00000000003506b0 [ 47.343660][ C1] R13: ffffc90000170be0 R14: 0000000000000008 R15: ffff8881174eb400 [ 47.343676][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 47.351648][ T476] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.359784][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.367857][ T476] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.376786][ C1] CR2: 00007f8503007000 CR3: 000000010cb30000 CR4: 00000000003506a0 [ 47.384742][ T476] Kernel panic - not syncing: Fatal exception [ 47.391588][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.422144][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.430216][ C1] Call Trace: [ 47.433601][ C1] [ 47.436492][ C1] ? __run_timers+0x639/0x9a0 [ 47.441341][ C1] ? run_timer_softirq+0x6a/0xf0 [ 47.446386][ C1] ? local_bh_enable+0x1f/0x30 [ 47.451158][ C1] ? ip6t_alloc_initial_table+0x660/0x660 [ 47.457051][ C1] ? ip6t_alloc_initial_table+0x660/0x660 [ 47.462874][ C1] ip6table_mangle_hook+0x249/0x730 [ 47.468065][ C1] ? ip6table_mangle_net_exit+0x80/0x80 [ 47.473991][ C1] nf_hook_slow+0xbc/0x200 [ 47.478520][ C1] mld_sendpack+0xa31/0xa80 [ 47.483031][ C1] ? add_grec+0x1100/0x1100 [ 47.487542][ C1] ? mld_send_report+0x1f0/0x1f0 [ 47.492559][ C1] ? add_grec+0x11a/0x1100 [ 47.496979][ C1] ? _raw_spin_lock_irq+0xe0/0xe0 [ 47.502092][ C1] mld_send_initial_cr+0x246/0x2b0 [ 47.507201][ C1] mld_dad_timer_expire+0x30/0x410 [ 47.512574][ C1] ? mld_ifc_timer_expire+0xc50/0xc50 [ 47.517938][ C1] call_timer_fn+0x38/0x290 [ 47.522481][ C1] ? mld_ifc_timer_expire+0xc50/0xc50 [ 47.528024][ C1] __run_timers+0x639/0x9a0 [ 47.532540][ C1] ? calc_index+0x200/0x200 [ 47.537033][ C1] ? sched_clock_cpu+0x1b/0x3d0 [ 47.541876][ C1] run_timer_softirq+0x6a/0xf0 [ 47.546717][ C1] __do_softirq+0x255/0x563 [ 47.551222][ C1] asm_call_irq_on_stack+0xf/0x20 [ 47.556244][ C1] [ 47.559181][ C1] do_softirq_own_stack+0x60/0x80 [ 47.564300][ C1] __irq_exit_rcu+0x128/0x150 [ 47.569488][ C1] irq_exit_rcu+0x9/0x10 [ 47.573750][ C1] sysvec_apic_timer_interrupt+0xbf/0xe0 [ 47.579487][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 47.585522][ C1] RIP: 0010:default_idle+0x12/0x20 [ 47.590780][ C1] Code: 48 8b 7c 24 10 e8 be 29 00 00 e9 71 ff ff ff e8 b4 fe fa ff 00 00 cc cc 55 48 89 e5 0f 1f 44 00 00 0f 00 2d 30 b6 4c 00 fb f4 <5d> c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 55 48 89 e5 41 57 41 56 [ 47.610413][ C1] RSP: 0018:ffffc90000107d98 EFLAGS: 00000242 [ 47.616503][ C1] RAX: ffff8881f7100000 RBX: ffff8881002913c0 RCX: 00000000000091a6 [ 47.624580][ C1] RDX: 0000000000000001 RSI: ffffffff85202f00 RDI: ffffffff85202ec0 [ 47.632870][ C1] RBP: ffffc90000107d98 R08: dffffc0000000000 R09: ffffed103ee2ae7b [ 47.641039][ C1] R10: ffffed103ee2ae7b R11: 1ffff1103ee2ae7a R12: 0000000000000001 [ 47.649134][ C1] R13: 1ffff11020052278 R14: 0000000000000000 R15: dffffc0000000000 [ 47.657892][ C1] arch_cpu_idle+0xa/0x10 [ 47.662235][ C1] default_idle_call+0x71/0x1d0 [ 47.667257][ C1] do_idle+0x1df/0x530 [ 47.671961][ C1] ? idle_inject_timer_fn+0x60/0x60 [ 47.677367][ C1] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 47.683291][ C1] cpu_startup_entry+0x18/0x20 [ 47.688048][ C1] start_secondary+0x2e9/0x3a0 [ 47.692906][ C1] secondary_startup_64_no_verify+0xad/0xbb [ 47.698790][ C1] Modules linked in: [ 47.703017][ T476] Kernel Offset: disabled [ 47.707452][ T476] Rebooting in 86400 seconds..