Warning: Permanently added '10.128.0.235' (ED25519) to the list of known hosts.
2025/09/24 13:33:23 parsed 1 programs
[ 44.505025][ T28] audit: type=1400 audit(1758720804.543:106): avc: denied { unlink } for pid=401 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[ 44.552107][ T401] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 45.162346][ T28] audit: type=1401 audit(1758720805.193:107): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[ 45.288769][ T28] audit: type=1400 audit(1758720805.323:108): avc: denied { create } for pid=416 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 45.464271][ T430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 45.471393][ T430] bridge0: port 1(bridge_slave_0) entered disabled state
[ 45.478881][ T430] device bridge_slave_0 entered promiscuous mode
[ 45.486632][ T430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 45.493654][ T430] bridge0: port 2(bridge_slave_1) entered disabled state
[ 45.501040][ T430] device bridge_slave_1 entered promiscuous mode
[ 45.538493][ T430] bridge0: port 2(bridge_slave_1) entered blocking state
[ 45.545547][ T430] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 45.552769][ T430] bridge0: port 1(bridge_slave_0) entered blocking state
[ 45.559819][ T430] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 45.577936][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 45.585578][ T10] bridge0: port 1(bridge_slave_0) entered disabled state
[ 45.592750][ T10] bridge0: port 2(bridge_slave_1) entered disabled state
[ 45.601664][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 45.610102][ T10] bridge0: port 1(bridge_slave_0) entered blocking state
[ 45.617160][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 45.626885][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 45.635069][ T10] bridge0: port 2(bridge_slave_1) entered blocking state
[ 45.642159][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 45.653594][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 45.662726][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 45.675783][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 45.687692][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 45.695618][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 45.703139][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 45.711568][ T430] device veth0_vlan entered promiscuous mode
[ 45.721207][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 45.731131][ T430] device veth1_macvtap entered promiscuous mode
[ 45.740384][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 45.750702][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2025/09/24 13:33:26 executed programs: 0
[ 46.273500][ T473] bridge0: port 1(bridge_slave_0) entered blocking state
[ 46.280669][ T473] bridge0: port 1(bridge_slave_0) entered disabled state
[ 46.288500][ T473] device bridge_slave_0 entered promiscuous mode
[ 46.299412][ T473] bridge0: port 2(bridge_slave_1) entered blocking state
[ 46.306543][ T473] bridge0: port 2(bridge_slave_1) entered disabled state
[ 46.313914][ T473] device bridge_slave_1 entered promiscuous mode
[ 46.366541][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 46.374034][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 46.383705][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 46.392307][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 46.401073][ T471] bridge0: port 1(bridge_slave_0) entered blocking state
[ 46.408121][ T471] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 46.419198][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 46.427555][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 46.436005][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 46.444200][ T471] bridge0: port 2(bridge_slave_1) entered blocking state
[ 46.451270][ T471] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 46.462851][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 46.472119][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 46.488909][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 46.500449][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 46.508562][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 46.516286][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 46.524708][ T43] device bridge_slave_1 left promiscuous mode
[ 46.530813][ T43] bridge0: port 2(bridge_slave_1) entered disabled state
[ 46.538364][ T43] device bridge_slave_0 left promiscuous mode
[ 46.544853][ T43] bridge0: port 1(bridge_slave_0) entered disabled state
[ 46.552701][ T43] device veth1_macvtap left promiscuous mode
[ 46.559024][ T43] device veth0_vlan left promiscuous mode
[ 46.628924][ T473] device veth0_vlan entered promiscuous mode
[ 46.638534][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 46.647761][ T473] device veth1_macvtap entered promiscuous mode
[ 46.656831][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 46.667449][ T471] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 46.692038][ T484] loop2: detected capacity change from 0 to 512
[ 46.699344][ T484] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 46.712614][ T484] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 46.724173][ T484] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 46.737595][ T484] EXT4-fs (loop2): 1 truncate cleaned up
[ 46.743271][ T484] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 46.752506][ T28] audit: type=1400 audit(1758720806.793:109): avc: denied { mount } for pid=483 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 46.765521][ T484] ==================================================================
[ 46.774285][ T28] audit: type=1400 audit(1758720806.793:110): avc: denied { setattr } for pid=483 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 46.782332][ T484] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x979/0x21d0
[ 46.782372][ T484] Read of size 18446744073709551572 at addr ffff88811e1f9850 by task syz.2.17/484
[ 46.782388][ T484]
[ 46.782393][ T484] CPU: 1 PID: 484 Comm: syz.2.17 Not tainted syzkaller #0
[ 46.804977][ T28] audit: type=1400 audit(1758720806.793:111): avc: denied { write } for pid=483 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 46.812360][ T484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 46.821946][ T28] audit: type=1400 audit(1758720806.793:112): avc: denied { add_name } for pid=483 comm="syz.2.17" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 46.823945][ T484] Call Trace:
[ 46.831207][ T28] audit: type=1400 audit(1758720806.793:113): avc: denied { create } for pid=483 comm="syz.2.17" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[ 46.852373][ T484]
[ 46.852384][ T484] __dump_stack+0x21/0x24
[ 46.852403][ T484] dump_stack_lvl+0xee/0x150
[ 46.852417][ T484] ? __cfi_dump_stack_lvl+0x8/0x8
[ 46.852432][ T484] ? ext4_xattr_block_set+0x9dc/0x3270
[ 46.863201][ T28] audit: type=1400 audit(1758720806.793:114): avc: denied { write } for pid=483 comm="syz.2.17" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 46.882859][ T484] ? __ext4_unlink+0x673/0xb00
[ 46.882890][ T484] ? ext4_xattr_set_entry+0x979/0x21d0
[ 46.882909][ T484] print_address_description+0x71/0x200
[ 46.886502][ T28] audit: type=1400 audit(1758720806.793:115): avc: denied { open } for pid=483 comm="syz.2.17" path="/0/file2/file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 46.906045][ T484] print_report+0x4a/0x60
[ 46.906077][ T484] kasan_report+0x122/0x150
[ 46.906102][ T484] ? ext4_xattr_set_entry+0x979/0x21d0
[ 46.906122][ T484] ? ext4_xattr_set_entry+0x979/0x21d0
[ 47.008691][ T484] kasan_check_range+0x280/0x290
[ 47.013705][ T484] memmove+0x2d/0x70
[ 47.017581][ T484] ext4_xattr_set_entry+0x979/0x21d0
[ 47.022863][ T484] ext4_xattr_block_set+0xada/0x3270
[ 47.028150][ T484] ? __getblk_gfp+0x3b/0x7d0
[ 47.032743][ T484] ? xattr_find_entry+0x24c/0x300
[ 47.037777][ T484] ? ext4_xattr_block_find+0x310/0x310
[ 47.043233][ T484] ? ext4_xattr_block_find+0x295/0x310
[ 47.048682][ T484] ext4_expand_extra_isize_ea+0xf30/0x1990
[ 47.054522][ T484] __ext4_expand_extra_isize+0x2fe/0x3e0
[ 47.060249][ T484] __ext4_mark_inode_dirty+0x3cf/0x600
[ 47.065711][ T484] __ext4_unlink+0x673/0xb00
[ 47.070388][ T484] ? memcpy+0x56/0x70
[ 47.074368][ T484] ? __cfi___ext4_unlink+0x10/0x10
[ 47.079738][ T484] ? dquot_initialize+0x20/0x20
[ 47.084692][ T484] ? clear_nonspinnable+0x60/0x60
[ 47.089741][ T484] ext4_unlink+0x13a/0x3a0
[ 47.094152][ T484] vfs_unlink+0x39f/0x630
[ 47.098492][ T484] do_unlinkat+0x31f/0x6b0
[ 47.103005][ T484] ? __cfi_do_unlinkat+0x10/0x10
[ 47.107967][ T484] ? getname_flags+0x206/0x500
[ 47.112726][ T484] __x64_sys_unlink+0x49/0x50
[ 47.117394][ T484] x64_sys_call+0x958/0x9a0
[ 47.121968][ T484] do_syscall_64+0x4c/0xa0
[ 47.126373][ T484] ? clear_bhb_loop+0x30/0x80
[ 47.131040][ T484] ? clear_bhb_loop+0x30/0x80
[ 47.135695][ T484] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 47.141677][ T484] RIP: 0033:0x7fce1238ebe9
[ 47.146083][ T484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 47.165754][ T484] RSP: 002b:00007fce131fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 47.174192][ T484] RAX: ffffffffffffffda RBX: 00007fce125b5fa0 RCX: 00007fce1238ebe9
[ 47.182157][ T484] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[ 47.190201][ T484] RBP: 00007fce12411e19 R08: 0000000000000000 R09: 0000000000000000
[ 47.198439][ T484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 47.206499][ T484] R13: 00007fce125b6038 R14: 00007fce125b5fa0 R15: 00007ffd2a989698
[ 47.214453][ T484]
[ 47.217451][ T484]
[ 47.219760][ T484] Allocated by task 484:
[ 47.223975][ T484] kasan_set_track+0x4b/0x70
[ 47.228544][ T484] kasan_save_alloc_info+0x25/0x30
[ 47.233637][ T484] __kasan_kmalloc+0x95/0xb0
[ 47.238208][ T484] __kmalloc_node_track_caller+0xb1/0x1e0
[ 47.243910][ T484] kmemdup+0x2b/0x60
[ 47.247818][ T484] ext4_xattr_block_set+0x9dc/0x3270
[ 47.253110][ T484] ext4_expand_extra_isize_ea+0xf30/0x1990
[ 47.258901][ T484] __ext4_expand_extra_isize+0x2fe/0x3e0
[ 47.264546][ T484] __ext4_mark_inode_dirty+0x3cf/0x600
[ 47.270155][ T484] __ext4_unlink+0x673/0xb00
[ 47.274736][ T484] ext4_unlink+0x13a/0x3a0
[ 47.279134][ T484] vfs_unlink+0x39f/0x630
[ 47.283445][ T484] do_unlinkat+0x31f/0x6b0
[ 47.287847][ T484] __x64_sys_unlink+0x49/0x50
[ 47.292851][ T484] x64_sys_call+0x958/0x9a0
[ 47.297333][ T484] do_syscall_64+0x4c/0xa0
[ 47.302168][ T484] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 47.308058][ T484]
[ 47.310374][ T484] The buggy address belongs to the object at ffff88811e1f9800
[ 47.310374][ T484] which belongs to the cache kmalloc-1k of size 1024
[ 47.324493][ T484] The buggy address is located 80 bytes inside of
[ 47.324493][ T484] 1024-byte region [ffff88811e1f9800, ffff88811e1f9c00)
[ 47.337850][ T484]
[ 47.340184][ T484] The buggy address belongs to the physical page:
[ 47.346594][ T484] page:ffffea0004787e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11e1f8
[ 47.356817][ T484] head:ffffea0004787e00 order:3 compound_mapcount:0 compound_pincount:0
[ 47.365211][ T484] flags: 0x4000000000010200(slab|head|zone=1)
[ 47.371275][ T484] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043080
[ 47.379855][ T484] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 47.388499][ T484] page dumped because: kasan: bad access detected
[ 47.394902][ T484] page_owner tracks the page as allocated
[ 47.400601][ T484] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 111, tgid 111 (udevd), ts 5294141387, free_ts 0
[ 47.420200][ T484] post_alloc_hook+0x1f5/0x210
[ 47.424960][ T484] prep_new_page+0x1c/0x110
[ 47.429450][ T484] get_page_from_freelist+0x2c7b/0x2cf0
[ 47.434978][ T484] __alloc_pages+0x1c3/0x450
[ 47.439549][ T484] alloc_slab_page+0x6e/0xf0
[ 47.444206][ T484] new_slab+0x98/0x3d0
[ 47.448550][ T484] ___slab_alloc+0x6bd/0xb20
[ 47.453139][ T484] __slab_alloc+0x5e/0xa0
[ 47.457459][ T484] __kmem_cache_alloc_node+0x203/0x2c0
[ 47.463012][ T484] __kmalloc_node_track_caller+0xa0/0x1e0
[ 47.468720][ T484] __alloc_skb+0x236/0x4b0
[ 47.473130][ T484] netlink_sendmsg+0x626/0xbc0
[ 47.477956][ T484] ____sys_sendmsg+0x5a9/0x990
[ 47.482714][ T484] ___sys_sendmsg+0x21c/0x290
[ 47.487377][ T484] __x64_sys_sendmsg+0x1f0/0x2c0
[ 47.492389][ T484] x64_sys_call+0x171/0x9a0
[ 47.496898][ T484] page_owner free stack trace missing
[ 47.502251][ T484]
[ 47.504571][ T484] Memory state around the buggy address:
[ 47.510263][ T484] ffff88811e1f9700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 47.518306][ T484] ffff88811e1f9780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 47.526360][ T484] >ffff88811e1f9800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 47.534393][ T484] ^
[ 47.541043][ T484] ffff88811e1f9880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 47.549082][ T484] ffff88811e1f9900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 47.557208][ T484] ==================================================================
[ 47.568193][ T484] Disabling lock debugging due to kernel taint
[ 47.577944][ T473] EXT4-fs (loop2): unmounting filesystem.
[ 47.591112][ T488] loop2: detected capacity change from 0 to 512
[ 47.598045][ T488] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 47.612254][ T488] EXT4-fs (loop2): 1 truncate cleaned up
[ 47.619343][ T488] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 47.644564][ C0] slab filp start ffff88811e889b00 pointer offset 0
[ 47.651292][ C0] BUG: unable to handle page fault for address: fffffffffffffffc
[ 47.659007][ C0] #PF: supervisor read access in kernel mode
[ 47.664969][ C0] #PF: error_code(0x0000) - not-present page
[ 47.670919][ C0] PGD 6e12067 P4D 6e12067 PUD 6e14067 PMD 0
[ 47.676899][ C0] Oops: 0000 [#1] PREEMPT SMP KASAN
[ 47.682081][ C0] CPU: 0 PID: 488 Comm: syz.2.18 Tainted: G B syzkaller #0
[ 47.690646][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 47.700686][ C0] RIP: 0010:rcu_do_batch+0x509/0xb90
[ 47.705959][ C0] Code: 00 48 b8 00 00 00 00 00 fc ff df 80 3c 03 00 74 08 4c 89 ef e8 98 04 57 00 49 c7 47 08 00 00 00 00 4c 89 ff 41 ba c8 6a 43 52 <45> 03 54 24 fc 74 02 0f 0b 41 ff d4 65 8b 05 ec e9 a4 7e a9 00 01
[ 47.725548][ C0] RSP: 0018:ffffc90000007c20 EFLAGS: 00010246
[ 47.731598][ C0] RAX: dffffc0000000000 RBX: 1ffff11023d11361 RCX: a5a3c394c8b81000
[ 47.739653][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffff88811e889b00
[ 47.747618][ C0] RBP: ffffc90000007dd0 R08: dffffc0000000000 R09: ffffed103ee04eb4
[ 47.755656][ C0] R10: 0000000052436ac8 R11: 1ffff1103ee04eb3 R12: 0000000000000000
[ 47.763601][ C0] R13: ffff88811e889b08 R14: 0000000000000009 R15: ffff88811e889b00
[ 47.771583][ C0] FS: 00007fce131fd6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 47.780485][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 47.787039][ C0] CR2: fffffffffffffffc CR3: 0000000122885000 CR4: 00000000003506b0
[ 47.794987][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 47.803027][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 47.810971][ C0] Call Trace:
[ 47.814224][ C0]
[ 47.817046][ C0] ? rcu_core+0xe70/0xe70
[ 47.821350][ C0] ? __kasan_check_write+0x14/0x20
[ 47.826534][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 47.831967][ C0] ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[ 47.837832][ C0] ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 47.843612][ C0] ? rcu_report_qs_rnp+0x2bc/0x390
[ 47.848714][ C0] rcu_core+0x5a5/0xe70
[ 47.852842][ C0] ? rcu_cpu_kthread_park+0x90/0x90
[ 47.858012][ C0] ? kvm_sched_clock_read+0x18/0x40
[ 47.863193][ C0] ? run_rebalance_domains+0xf7/0x1c0
[ 47.868536][ C0] rcu_core_si+0x9/0x10
[ 47.872667][ C0] handle_softirqs+0x1d7/0x600
[ 47.877403][ C0] __irq_exit_rcu+0x52/0xf0
[ 47.881923][ C0] irq_exit_rcu+0x9/0x10
[ 47.886137][ C0] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 47.891838][ C0]
[ 47.894746][ C0]
[ 47.897739][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 47.903710][ C0] RIP: 0010:__memmove+0x19c/0x1a0
[ 47.908710][ C0] Code: fa 02 72 16 66 44 8b 1e 66 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01 72 06 44 8a 1e 44 88 1f c3 48 89 d1 a4 c3 00 eb 2e 0f 1f 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03
[ 47.928558][ C0] RSP: 0018:ffffc90000c17640 EFLAGS: 00010286
[ 47.934614][ C0] RAX: ffff88811e156870 RBX: ffffffffffffffd4 RCX: fffffffffef3216f
[ 47.942600][ C0] RDX: ffffffffffffffd4 RSI: ffff88811f2246b5 RDI: ffff88811f2246d5
[ 47.950645][ C0] RBP: ffffc90000c17670 R08: ffff88811e156824 R09: 0000000000000001
[ 47.958591][ C0] R10: 0000000000000000 R11: 0000000000000080 R12: 0000000000000000
[ 47.966551][ C0] R13: ffffffff81f8a5b9 R14: ffff88811e156850 R15: ffff88811e156870
[ 47.974589][ C0] ? ext4_xattr_set_entry+0x979/0x21d0
[ 47.980029][ C0] ? memmove+0x56/0x70
[ 47.984067][ C0] ext4_xattr_set_entry+0x979/0x21d0
[ 47.989332][ C0] ext4_xattr_block_set+0xada/0x3270
[ 47.994591][ C0] ? __getblk_gfp+0x3b/0x7d0
[ 47.999240][ C0] ? xattr_find_entry+0x24c/0x300
[ 48.004240][ C0] ? ext4_xattr_block_find+0x310/0x310
[ 48.009701][ C0] ? ext4_xattr_block_find+0x295/0x310
[ 48.015147][ C0] ext4_expand_extra_isize_ea+0xf30/0x1990
[ 48.020942][ C0] __ext4_expand_extra_isize+0x2fe/0x3e0
[ 48.026558][ C0] __ext4_mark_inode_dirty+0x3cf/0x600
[ 48.032004][ C0] __ext4_unlink+0x673/0xb00
[ 48.036655][ C0] ? memcpy+0x56/0x70
[ 48.040706][ C0] ? __cfi___ext4_unlink+0x10/0x10
[ 48.045789][ C0] ? dquot_initialize+0x20/0x20
[ 48.050625][ C0] ? clear_nonspinnable+0x60/0x60
[ 48.055640][ C0] ext4_unlink+0x13a/0x3a0
[ 48.060049][ C0] vfs_unlink+0x39f/0x630
[ 48.064460][ C0] do_unlinkat+0x31f/0x6b0
[ 48.069005][ C0] ? __cfi_do_unlinkat+0x10/0x10
[ 48.073940][ C0] ? getname_flags+0x206/0x500
[ 48.078889][ C0] __x64_sys_unlink+0x49/0x50
[ 48.083548][ C0] x64_sys_call+0x958/0x9a0
[ 48.088029][ C0] do_syscall_64+0x4c/0xa0
[ 48.092427][ C0] ? clear_bhb_loop+0x30/0x80
[ 48.097081][ C0] ? clear_bhb_loop+0x30/0x80
[ 48.101732][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 48.107599][ C0] RIP: 0033:0x7fce1238ebe9
[ 48.112000][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 48.132139][ C0] RSP: 002b:00007fce131fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 48.140544][ C0] RAX: ffffffffffffffda RBX: 00007fce125b5fa0 RCX: 00007fce1238ebe9
[ 48.148597][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[ 48.156563][ C0] RBP: 00007fce12411e19 R08: 0000000000000000 R09: 0000000000000000
[ 48.164514][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 48.172460][ C0] R13: 00007fce125b6038 R14: 00007fce125b5fa0 R15: 00007ffd2a989698
[ 48.180420][ C0]
[ 48.183428][ C0] Modules linked in:
[ 48.187295][ C0] CR2: fffffffffffffffc
[ 48.191428][ C0] ---[ end trace 0000000000000000 ]---
[ 48.191468][ T60] general protection fault, probably for non-canonical address 0xf79679585a5e3989: 0000 [#2] PREEMPT SMP KASAN
[ 48.196945][ C0] RIP: 0010:rcu_do_batch+0x509/0xb90
[ 48.208660][ T60] KASAN: maybe wild-memory-access in range [0xbcb3eac2d2f1cc48-0xbcb3eac2d2f1cc4f]
[ 48.213944][ C0] Code: 00 48 b8 00 00 00 00 00 fc ff df 80 3c 03 00 74 08 4c 89 ef e8 98 04 57 00 49 c7 47 08 00 00 00 00 4c 89 ff 41 ba c8 6a 43 52 <45> 03 54 24 fc 74 02 0f 0b 41 ff d4 65 8b 05 ec e9 a4 7e a9 00 01
[ 48.223548][ T60] CPU: 1 PID: 60 Comm: kworker/1:2 Tainted: G B D syzkaller #0
[ 48.243228][ C0] RSP: 0018:ffffc90000007c20 EFLAGS: 00010246
[ 48.251961][ T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 48.251963][ C0]
[ 48.251971][ C0] RAX: dffffc0000000000 RBX: 1ffff11023d11361 RCX: a5a3c394c8b81000
[ 48.258010][ T60] Workqueue: ipv6_addrconf addrconf_dad_work
[ 48.268145][ C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffff88811e889b00
[ 48.270456][ T60]
[ 48.270461][ T60] RIP: 0010:kmem_cache_alloc_node+0x106/0x340
[ 48.278401][ C0] RBP: ffffc90000007dd0 R08: dffffc0000000000 R09: ffffed103ee04eb4
[ 48.284356][ T60] Code: 8b 38 48 85 ff 0f 84 c3 00 00 00 48 83 78 10 00 0f 84 b8 00 00 00 41 8b 44 24 28 48 8d 0c 07 49 8b 9c 24 d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 04 24 48 89 f8 65 49 0f c7
[ 48.292299][ C0] R10: 0000000052436ac8 R11: 1ffff1103ee04eb3 R12: 0000000000000000
[ 48.294602][ T60] RSP: 0018:ffffc90000907808 EFLAGS: 00010286
[ 48.300635][ C0] R13: ffff88811e889b08 R14: 0000000000000009 R15: ffff88811e889b00
[ 48.308597][ T60]
[ 48.308603][ T60] RAX: 0000000000000080 RBX: b7e24746dbd6c6f6 RCX: 89395e5a587996f7
[ 48.328183][ C0] FS: 00007fce131fd6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 48.336143][ T60] RDX: 0000000000018ac9 RSI: 0000000000000100 RDI: f79679585a5e3909
[ 48.342183][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 48.350137][ T60] RBP: ffffc90000907858 R08: dffffc0000000000 R09: fffffbfff0eafa59
[ 48.352453][ C0] CR2: fffffffffffffffc CR3: 0000000122885000 CR4: 00000000003506b0
[ 48.360501][ T60] R10: 0000000000000000 R11: 1ffffffff0eafa58 R12: ffff888100b9dc80
[ 48.369412][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 48.377357][ T60] R13: 0000000000000100 R14: 00000000ffffffff R15: 0000000000000a20
[ 48.384180][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 48.392128][ T60] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 48.400167][ C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 48.408117][ T60] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 48.408131][ T60] CR2: 000000c005906000 CR3: 0000000122885000 CR4: 00000000003506a0
[ 48.408145][ T60] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 48.408154][ T60] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 48.408164][ T60] Call Trace:
[ 48.408170][ T60]
[ 48.408179][ T60] ? __alloc_skb+0xea/0x4b0
[ 48.408206][ T60] __alloc_skb+0xea/0x4b0
[ 48.408225][ T60] ? __kasan_check_read+0x11/0x20
[ 48.408241][ T60] __ipv6_ifa_notify+0x1e8/0xdc0
[ 48.408257][ T60] ? snmp6_fill_stats+0x6c0/0x6c0
[ 48.408272][ T60] ? __kasan_check_write+0x14/0x20
[ 48.408286][ T60] ? try_to_grab_pending+0x1a2/0x580
[ 48.408305][ T60] ? mod_delayed_work_on+0xe0/0xe0
[ 48.408322][ T60] ? kvm_sched_clock_read+0x18/0x40
[ 48.408342][ T60] ? sched_clock+0x9/0x10
[ 48.408359][ T60] ? sched_clock_cpu+0x6e/0x250
[ 48.408375][ T60] ? __kasan_check_write+0x14/0x20
[ 48.408388][ T60] ? __cancel_work+0x198/0x200
[ 48.408406][ T60] addrconf_dad_completed+0x175/0xe80
[ 48.408427][ T60] ? __kasan_check_write+0x14/0x20
[ 48.408441][ T60] ? addrconf_dad_stop+0x450/0x450
[ 48.408461][ T60] addrconf_dad_work+0xc25/0x14b0
[ 48.408482][ T60] ? __cfi_addrconf_dad_work+0x10/0x10
[ 48.408502][ T60] ? __schedule+0xb8f/0x14e0
[ 48.408517][ T60] ? __cfi__raw_spin_lock_irq+0x10/0x10
[ 48.408534][ T60] process_one_work+0x71f/0xc40
[ 48.408550][ T60] worker_thread+0xa29/0x11f0
[ 48.408564][ T60] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 48.408582][ T60] ? __kthread_parkme+0x142/0x180
[ 48.408596][ T60] kthread+0x281/0x320
[ 48.408610][ T60] ? __cfi_worker_thread+0x10/0x10
[ 48.408624][ T60] ? __cfi_kthread+0x10/0x10
[ 48.408639][ T60] ret_from_fork+0x1f/0x30
[ 48.408657][ T60]
[ 48.408662][ T60] Modules linked in:
[ 48.417041][ C0] Kernel Offset: disabled
[ 48.635227][ C0] Rebooting in 86400 seconds..