Warning: Permanently added '10.128.1.170' (ED25519) to the list of known hosts. 2025/07/13 00:26:08 ignoring optional flag "sandboxArg"="0" 2025/07/13 00:26:09 parsed 1 programs [ 50.475760][ T24] kauditd_printk_skb: 27 callbacks suppressed [ 50.475768][ T24] audit: type=1400 audit(1752366370.180:101): avc: denied { create } for pid=414 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.502984][ T24] audit: type=1400 audit(1752366370.180:102): avc: denied { write } for pid=414 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.523526][ T24] audit: type=1400 audit(1752366370.180:103): avc: denied { read } for pid=414 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 50.544318][ T24] audit: type=1400 audit(1752366370.220:104): avc: denied { unlink } for pid=414 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 50.573459][ T414] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 51.067570][ T427] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.074696][ T427] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.082292][ T427] device bridge_slave_0 entered promiscuous mode [ 51.090020][ T427] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.097515][ T427] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.104758][ T427] device bridge_slave_1 entered promiscuous mode [ 51.131839][ T427] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.138879][ T427] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.146119][ T427] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.153161][ T427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.167661][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.175034][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.182356][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 51.189847][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.199413][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.207675][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.214680][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.223285][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 51.231514][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.238561][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.249978][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 51.258849][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 51.271918][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 51.282273][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 51.290354][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 51.297946][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 51.305909][ T427] device veth0_vlan entered promiscuous mode [ 51.314938][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 51.324761][ T427] device veth1_macvtap entered promiscuous mode [ 51.333366][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 51.342874][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 51.491456][ T24] audit: type=1401 audit(1752366371.200:105): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768" [ 51.707555][ T24] audit: type=1400 audit(1752366371.420:106): avc: denied { create } for pid=466 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 2025/07/13 00:26:11 executed programs: 0 [ 51.991503][ T475] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.998663][ T475] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.005918][ T475] device bridge_slave_0 entered promiscuous mode [ 52.012802][ T475] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.020008][ T475] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.027494][ T475] device bridge_slave_1 entered promiscuous mode [ 52.058429][ T475] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.065645][ T475] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.072918][ T475] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.080051][ T475] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.089831][ T319] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.097206][ T319] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.105456][ T49] device bridge_slave_1 left promiscuous mode [ 52.111605][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.119357][ T49] device bridge_slave_0 left promiscuous mode [ 52.125534][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.133185][ T49] device veth1_macvtap left promiscuous mode [ 52.139200][ T49] device veth0_vlan left promiscuous mode [ 52.203974][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 52.211541][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.221255][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 52.229515][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.237675][ T319] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.244696][ T319] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.252766][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 52.261039][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.269348][ T319] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.276385][ T319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.286145][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 52.294338][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.303278][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 52.311559][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.323222][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 52.331771][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 52.342185][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 52.350439][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 52.359116][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 52.366553][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 52.374036][ T475] device veth0_vlan entered promiscuous mode [ 52.385153][ T475] device veth1_macvtap entered promiscuous mode [ 52.398604][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 52.406707][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 52.414829][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 52.422618][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 52.431000][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 52.439592][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 52.447916][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 52.521561][ T480] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 52.534789][ T480] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 52.546207][ T480] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2815: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 52.559485][ T480] EXT4-fs (loop2): 1 truncate cleaned up [ 52.565105][ T480] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue [ 52.583609][ T24] audit: type=1400 audit(1752366372.290:107): avc: denied { mount } for pid=479 comm="syz.2.16" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 52.587147][ T480] ================================================================== [ 52.610435][ T24] audit: type=1400 audit(1752366372.290:108): avc: denied { write } for pid=479 comm="syz.2.16" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 52.613593][ T480] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x1339/0x36c0 [ 52.635662][ T24] audit: type=1400 audit(1752366372.290:109): avc: denied { open } for pid=479 comm="syz.2.16" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 52.643180][ T480] Read of size 18446744073709551540 at addr ffff888117b24870 by task syz.2.16/480 [ 52.643183][ T480] [ 52.643204][ T480] CPU: 1 PID: 480 Comm: syz.2.16 Not tainted 5.10.238-syzkaller-1007487-g59e9a7228857 #0 [ 52.643209][ T480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 52.643220][ T480] Call Trace: [ 52.665396][ T24] audit: type=1400 audit(1752366372.290:110): avc: denied { setattr } for pid=479 comm="syz.2.16" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 52.674400][ T480] __dump_stack+0x21/0x24 [ 52.674410][ T480] dump_stack_lvl+0x169/0x1d8 [ 52.674419][ T480] ? show_regs_print_info+0x18/0x18 [ 52.674435][ T480] ? thaw_kernel_threads+0x220/0x220 [ 52.741334][ T480] print_address_description+0x7f/0x2c0 [ 52.746860][ T480] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 52.752385][ T480] kasan_report+0xe2/0x130 [ 52.756775][ T480] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 52.762553][ T480] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 52.768068][ T480] kasan_check_range+0x280/0x290 [ 52.772976][ T480] memmove+0x2d/0x70 [ 52.776844][ T480] ext4_xattr_set_entry+0x1339/0x36c0 [ 52.782273][ T480] ? fscrypt_drop_inode+0xad/0x110 [ 52.787353][ T480] ? ext4_xattr_ibody_set+0x360/0x360 [ 52.792740][ T480] ? slab_post_alloc_hook+0x7d/0x2f0 [ 52.798002][ T480] ? ext4_xattr_block_set+0x847/0x2a50 [ 52.803459][ T480] ? ext4_xattr_block_set+0x847/0x2a50 [ 52.808889][ T480] ? __kmalloc_track_caller+0x181/0x320 [ 52.814416][ T480] ? memcpy+0x56/0x70 [ 52.818367][ T480] ext4_xattr_block_set+0x92f/0x2a50 [ 52.823631][ T480] ? __kasan_check_read+0x11/0x20 [ 52.828708][ T480] ? __ext4_xattr_check_block+0x265/0x8e0 [ 52.834398][ T480] ? ext4_xattr_block_find+0x4f0/0x4f0 [ 52.839827][ T480] ? __kasan_check_write+0x14/0x20 [ 52.844905][ T480] ext4_xattr_set_handle+0xba5/0x12a0 [ 52.850421][ T480] ? ext4_xattr_set_entry+0x36c0/0x36c0 [ 52.856018][ T480] ? __kasan_check_read+0x11/0x20 [ 52.861008][ T480] ? __ext4_journal_start_sb+0x2e2/0x490 [ 52.866693][ T480] ext4_xattr_set+0x1ec/0x320 [ 52.871351][ T480] ? ext4_xattr_set_credits+0x290/0x290 [ 52.876878][ T480] ext4_xattr_trusted_set+0x3b/0x50 [ 52.882042][ T480] ? ext4_xattr_trusted_get+0x40/0x40 [ 52.887382][ T480] __vfs_setxattr+0x42a/0x480 [ 52.892030][ T480] __vfs_setxattr_noperm+0x11e/0x4e0 [ 52.897287][ T480] __vfs_setxattr_locked+0x203/0x220 [ 52.902542][ T480] vfs_setxattr+0x8d/0x1c0 [ 52.906989][ T480] setxattr+0x1a9/0x370 [ 52.911123][ T480] ? path_setxattr+0x210/0x210 [ 52.915865][ T480] ? __mnt_want_write+0x1e6/0x260 [ 52.920860][ T480] ? mnt_want_write+0x19d/0x270 [ 52.925701][ T480] path_setxattr+0x110/0x210 [ 52.930372][ T480] ? simple_xattr_list_add+0x120/0x120 [ 52.935844][ T480] ? fpu__clear_all+0x20/0x20 [ 52.940500][ T480] __x64_sys_lsetxattr+0xc2/0xe0 [ 52.945412][ T480] do_syscall_64+0x31/0x40 [ 52.949800][ T480] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 52.955674][ T480] RIP: 0033:0x7efd4b48d169 [ 52.960063][ T480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.980085][ T480] RSP: 002b:00007efd4aeff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 52.988468][ T480] RAX: ffffffffffffffda RBX: 00007efd4b6a5fa0 RCX: 00007efd4b48d169 [ 52.996424][ T480] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000100 [ 53.004379][ T480] RBP: 00007efd4b50e990 R08: 0000000000000000 R09: 0000000000000000 [ 53.012459][ T480] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000 [ 53.020408][ T480] R13: 0000000000000000 R14: 00007efd4b6a5fa0 R15: 00007ffea12a7fc8 [ 53.028362][ T480] [ 53.030671][ T480] Allocated by task 0: [ 53.034712][ T480] (stack is not available) [ 53.039181][ T480] [ 53.041513][ T480] The buggy address belongs to the object at ffff888117b24800 [ 53.041513][ T480] which belongs to the cache kmalloc-1k of size 1024 [ 53.055573][ T480] The buggy address is located 112 bytes inside of [ 53.055573][ T480] 1024-byte region [ffff888117b24800, ffff888117b24c00) [ 53.068937][ T480] The buggy address belongs to the page: [ 53.074897][ T480] page:ffffea00045ec800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117b20 [ 53.085187][ T480] head:ffffea00045ec800 order:3 compound_mapcount:0 compound_pincount:0 [ 53.093501][ T480] flags: 0x4000000000010200(slab|head) [ 53.099130][ T480] raw: 4000000000010200 ffffea00045e4000 0000000200000002 ffff888100042f00 [ 53.107690][ T480] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 53.116242][ T480] page dumped because: kasan: bad access detected [ 53.122653][ T480] page_owner tracks the page as allocated [ 53.128464][ T480] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 108, ts 4730179056, free_ts 0 [ 53.146574][ T480] prep_new_page+0x179/0x180 [ 53.151154][ T480] get_page_from_freelist+0x2235/0x23d0 [ 53.157123][ T480] __alloc_pages_nodemask+0x268/0x5f0 [ 53.162475][ T480] new_slab+0x84/0x3f0 [ 53.166748][ T480] ___slab_alloc+0x2a6/0x450 [ 53.171317][ T480] __slab_alloc+0x63/0xa0 [ 53.175618][ T480] __kmalloc_track_caller+0x1ef/0x320 [ 53.180967][ T480] __alloc_skb+0xdc/0x520 [ 53.185287][ T480] netlink_sendmsg+0x5f6/0xb30 [ 53.190071][ T480] ____sys_sendmsg+0x5a2/0x8c0 [ 53.194820][ T480] ___sys_sendmsg+0x1f0/0x260 [ 53.199748][ T480] __x64_sys_sendmsg+0x1e2/0x2a0 [ 53.204659][ T480] do_syscall_64+0x31/0x40 [ 53.209079][ T480] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.215030][ T480] page_owner free stack trace missing [ 53.220367][ T480] [ 53.222667][ T480] Memory state around the buggy address: [ 53.228354][ T480] ffff888117b24700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 53.236669][ T480] ffff888117b24780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 53.244701][ T480] >ffff888117b24800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 53.252905][ T480] ^ [ 53.260764][ T480] ffff888117b24880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 53.269147][ T480] ffff888117b24900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 53.277273][ T480] ================================================================== [ 53.285326][ T480] Disabling lock debugging due to kernel taint [ 53.393298][ T484] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 53.405016][ T484] EXT4-fs (loop2): 1 truncate cleaned up [ 53.410704][ T484] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue [ 53.433609][ T419] general protection fault, probably for non-canonical address 0xdffffc000d0e5faa: 0000 [#1] PREEMPT SMP KASAN [ 53.445350][ T419] KASAN: probably user-memory-access in range [0x000000006872fd50-0x000000006872fd57] [ 53.454900][ T419] CPU: 1 PID: 419 Comm: udevd Tainted: G B 5.10.238-syzkaller-1007487-g59e9a7228857 #0 [ 53.466070][ T419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 53.476252][ T419] RIP: 0010:selinux_inode_getattr+0x168/0x3c0 [ 53.482303][ T419] Code: 48 63 05 43 63 85 03 48 01 c3 0f b6 05 e3 2c b7 04 84 c0 74 3c 48 83 c3 22 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 29 02 00 00 0f b6 1b bf 01 00 00 00 89 de [ 53.502101][ T419] RSP: 0018:ffffc90000c17aa0 EFLAGS: 00010207 [ 53.508457][ T419] RAX: 000000000d0e5faa RBX: 000000006872fd57 RCX: dffffc0000000000 [ 53.516717][ T419] RDX: 0000000000000000 RSI: ffffc90000c17c50 RDI: ffffc90000c17af8 [ 53.524926][ T419] RBP: ffffc90000c17b78 R08: dffffc0000000000 R09: fffff52000182f5f [ 53.533221][ T419] R10: fffff52000182f5f R11: 1ffff92000182f5d R12: ffff888118154400 [ 53.541399][ T419] R13: ffff888118154438 R14: ffff8881167d4600 R15: 1ffff1102302a887 [ 53.549613][ T419] FS: 00007f8c38f50880(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 53.558966][ T419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.565523][ T419] CR2: 00007f8c38d9f000 CR3: 000000012592b000 CR4: 00000000003506a0 [ 53.573475][ T419] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.581795][ T419] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.589764][ T419] Call Trace: [ 53.593050][ T419] ? selinux_inode_setattr+0x7d0/0x7d0 [ 53.598474][ T419] ? getname_flags+0x206/0x500 [ 53.603204][ T419] security_inode_getattr+0xd6/0x130 [ 53.608452][ T419] vfs_statx+0x12f/0x520 [ 53.612698][ T419] ? mnt_drop_write+0x10f/0x190 [ 53.617622][ T419] ? vfs_fstatat+0x40/0x40 [ 53.622028][ T419] ? mntput_no_expire+0xfb/0x6b0 [ 53.626938][ T419] __se_sys_newfstatat+0xc6/0x340 [ 53.631955][ T419] ? __kasan_check_write+0x14/0x20 [ 53.637118][ T419] ? __x64_sys_newfstatat+0xb0/0xb0 [ 53.642368][ T419] ? mntput+0x5f/0xc0 [ 53.646322][ T419] ? path_put+0x57/0x60 [ 53.650446][ T419] ? do_utimes+0x230/0x2a0 [ 53.654839][ T419] ? do_utimes+0x2a0/0x2a0 [ 53.659221][ T419] __x64_sys_newfstatat+0x9b/0xb0 [ 53.664210][ T419] do_syscall_64+0x31/0x40 [ 53.668603][ T419] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 53.674562][ T419] RIP: 0033:0x7f8c390a8b0a [ 53.678960][ T419] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7 [ 53.698635][ T419] RSP: 002b:00007ffffeee6338 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 53.707331][ T419] RAX: ffffffffffffffda RBX: 0000000000000031 RCX: 00007f8c390a8b0a [ 53.715278][ T419] RDX: 00007ffffeee6340 RSI: 00007ffffeee6410 RDI: 00000000ffffff9c [ 53.723489][ T419] RBP: 00007ffffeee7450 R08: 00007ffffeee8080 R09: 000055b2ed16b450 [ 53.731724][ T419] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffffeee8080 [ 53.739845][ T419] R13: 0000000000000000 R14: 00007ffffeee7c80 R15: 00007ffffeee7880 [ 53.747955][ T419] Modules linked in: [ 53.751916][ T484] BUG: unable to handle page fault for address: ffff888119e7f000 [ 53.759632][ T484] #PF: supervisor write access in kernel mode [ 53.765673][ T484] #PF: error_code(0x0003) - permissions violation [ 53.772142][ T484] PGD 6e01067 P4D 6e01067 PUD 1087e3063 PMD 10c2c3063 PTE 8000000119e7f161 [ 53.780730][ T484] Oops: 0003 [#2] PREEMPT SMP KASAN [ 53.785907][ T484] CPU: 0 PID: 484 Comm: syz.2.17 Tainted: G B D 5.10.238-syzkaller-1007487-g59e9a7228857 #0 [ 53.797206][ T484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 53.807534][ T484] RIP: 0010:__memmove+0x19c/0x1a0 [ 53.812528][ T484] Code: fa 02 72 16 66 44 8b 1e 66 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01 72 06 44 8a 1e 44 88 1f c3 48 89 d1 a4 c3 00 eb 2e 0f 1f 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 [ 53.832188][ T484] RSP: 0018:ffffc90000c97380 EFLAGS: 00010282 [ 53.838246][ T484] RAX: ffff888118097050 RBX: ffffffffffffffb4 RCX: fffffffffe218004 [ 53.846199][ T484] RDX: ffffffffffffffb4 RSI: ffff888119e7f020 RDI: ffff888119e7f000 [ 53.854136][ T484] RBP: ffffc90000c973b0 R08: ffff888118097004 R09: ffffed1023012e80 [ 53.862070][ T484] R10: 0000000000000000 R11: 0000000000000080 R12: 0000000000000000 [ 53.870013][ T484] R13: ffffffff81ddb6b9 R14: ffff888118097070 R15: ffff888118097050 [ 53.878057][ T484] FS: 00007efd4aeff6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 53.887075][ T484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.893637][ T484] CR2: ffff888119e7f000 CR3: 0000000129d0e000 CR4: 00000000003506b0 [ 53.901594][ T484] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.909697][ T484] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.917688][ T484] Call Trace: [ 53.921237][ T484] ? memmove+0x56/0x70 [ 53.925388][ T484] ext4_xattr_set_entry+0x1339/0x36c0 [ 53.930775][ T484] ? fscrypt_drop_inode+0xad/0x110 [ 53.936027][ T484] ? ext4_xattr_ibody_set+0x360/0x360 [ 53.941536][ T484] ? slab_post_alloc_hook+0x7d/0x2f0 [ 53.947073][ T484] ? ext4_xattr_block_set+0x847/0x2a50 [ 53.952808][ T484] ? ext4_xattr_block_set+0x847/0x2a50 [ 53.958599][ T484] ? __kmalloc_track_caller+0x181/0x320 [ 53.964228][ T484] ? memcpy+0x56/0x70 [ 53.968188][ T484] ext4_xattr_block_set+0x92f/0x2a50 [ 53.973454][ T484] ? __kasan_check_read+0x11/0x20 [ 53.978491][ T484] ? __ext4_xattr_check_block+0x265/0x8e0 [ 53.984189][ T484] ? ext4_xattr_block_find+0x4f0/0x4f0 [ 53.989642][ T484] ? __kasan_check_write+0x14/0x20 [ 53.994822][ T484] ext4_xattr_set_handle+0xba5/0x12a0 [ 54.000683][ T484] ? ext4_xattr_set_entry+0x36c0/0x36c0 [ 54.006196][ T484] ? __kasan_check_read+0x11/0x20 [ 54.011201][ T484] ? __ext4_journal_start_sb+0x2e2/0x490 [ 54.016816][ T484] ext4_xattr_set+0x1ec/0x320 [ 54.021556][ T484] ? ext4_xattr_set_credits+0x290/0x290 [ 54.027071][ T484] ext4_xattr_trusted_set+0x3b/0x50 [ 54.032264][ T484] ? ext4_xattr_trusted_get+0x40/0x40 [ 54.037627][ T484] __vfs_setxattr+0x42a/0x480 [ 54.042268][ T484] __vfs_setxattr_noperm+0x11e/0x4e0 [ 54.047645][ T484] __vfs_setxattr_locked+0x203/0x220 [ 54.052907][ T484] vfs_setxattr+0x8d/0x1c0 [ 54.057396][ T484] setxattr+0x1a9/0x370 [ 54.061522][ T484] ? path_setxattr+0x210/0x210 [ 54.066283][ T484] ? __mnt_want_write+0x1e6/0x260 [ 54.071358][ T484] ? mnt_want_write+0x19d/0x270 [ 54.076173][ T484] path_setxattr+0x110/0x210 [ 54.081001][ T484] ? simple_xattr_list_add+0x120/0x120 [ 54.086533][ T484] ? fpu__clear_all+0x20/0x20 [ 54.091197][ T484] __x64_sys_lsetxattr+0xc2/0xe0 [ 54.096109][ T484] do_syscall_64+0x31/0x40 [ 54.100698][ T484] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 54.106742][ T484] RIP: 0033:0x7efd4b48d169 [ 54.111165][ T484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.131244][ T484] RSP: 002b:00007efd4aeff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 54.139629][ T484] RAX: ffffffffffffffda RBX: 00007efd4b6a5fa0 RCX: 00007efd4b48d169 [ 54.147568][ T484] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000100 [ 54.155655][ T484] RBP: 00007efd4b50e990 R08: 0000000000000000 R09: 0000000000000000 [ 54.163820][ T484] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000 [ 54.171774][ T484] R13: 0000000000000000 R14: 00007efd4b6a5fa0 R15: 00007ffea12a7fc8 [ 54.179717][ T484] Modules linked in: [ 54.183592][ T484] CR2: ffff888119e7f000 [ 54.187851][ T484] ---[ end trace 1f134e8de698ea1f ]--- [ 54.187895][ C1] general protection fault, probably for non-canonical address 0xb84803ebc148: 0000 [#3] PREEMPT SMP KASAN [ 54.193345][ T484] RIP: 0010:selinux_inode_getattr+0x168/0x3c0 [ 54.204694][ C1] CPU: 1 PID: 419 Comm: udevd Tainted: G B D 5.10.238-syzkaller-1007487-g59e9a7228857 #0 [ 54.210816][ T484] Code: 48 63 05 43 63 85 03 48 01 c3 0f b6 05 e3 2c b7 04 84 c0 74 3c 48 83 c3 22 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 29 02 00 00 0f b6 1b bf 01 00 00 00 89 de [ 54.221804][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 54.241382][ T484] RSP: 0018:ffffc90000c17aa0 EFLAGS: 00010207 [ 54.251411][ C1] RIP: 0010:__stack_depot_save+0x1c8/0x4c0 [ 54.251421][ T484] [ 54.257455][ C1] Code: 41 29 f5 4c 8b 3d 50 ab 79 04 45 89 ee 41 81 e6 ff 0f 00 00 4b 8b 1c f7 48 85 db 74 59 44 89 e6 eb 08 48 8b 1b 48 85 db 74 4c <44> 39 6b 08 75 f2 44 39 63 0c 75 ec 45 31 c0 4e 8b 0c c7 4e 3b 4c [ 54.263402][ T484] RAX: 000000000d0e5faa RBX: 000000006872fd57 RCX: dffffc0000000000 [ 54.265699][ C1] RSP: 0018:ffffc90000170828 EFLAGS: 00010206 [ 54.285721][ T484] RDX: 0000000000000000 RSI: ffffc90000c17c50 RDI: ffffc90000c17af8 [ 54.293675][ C1] [ 54.299784][ T484] RBP: ffffc90000c17b78 R08: dffffc0000000000 R09: fffff52000182f5f [ 54.307729][ C1] RAX: 0000000000000000 RBX: 0000b84803ebc148 RCX: 0000000000000001 [ 54.310029][ T484] R10: fffff52000182f5f R11: 1ffff92000182f5d R12: ffff888118154400 [ 54.317982][ C1] RDX: 0000000000000800 RSI: 000000000000000c RDI: ffffc90000170890 [ 54.325941][ T484] R13: ffff888118154438 R14: ffff8881167d4600 R15: 1ffff1102302a887 [ 54.334044][ C1] RBP: ffffc90000170880 R08: 0000000028d8092c R09: 00000000d47a1456 [ 54.342087][ T484] FS: 00007efd4aeff6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 54.350031][ C1] R10: 0000000000000003 R11: 00000000bc8d3e32 R12: 000000000000000c [ 54.358167][ T484] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 54.367081][ C1] R13: 00000000687df35f R14: 000000000000035f R15: ffff8881f7340000 [ 54.375042][ T484] CR2: ffff888119e7f000 CR3: 0000000129d0e000 CR4: 00000000003506b0 [ 54.381682][ C1] FS: 00007f8c38f50880(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 54.389714][ T484] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 54.397654][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 54.406568][ T484] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 54.414509][ C1] CR2: 00007f8c38d9f000 CR3: 000000012592b000 CR4: 00000000003506a0 [ 54.421155][ T484] Kernel panic - not syncing: Fatal exception [ 54.429286][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 54.451293][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 54.459423][ C1] Call Trace: [ 54.462688][ C1] [ 54.465529][ C1] ? update_load_avg+0x4dc/0x14f0 [ 54.470542][ C1] kasan_set_track+0x5b/0x70 [ 54.475110][ C1] ? kasan_set_track+0x4a/0x70 [ 54.480111][ C1] ? kasan_set_free_info+0x23/0x40 [ 54.485285][ C1] ? ____kasan_slab_free+0x125/0x160 [ 54.490568][ C1] ? __kasan_slab_free+0x11/0x20 [ 54.495492][ C1] ? slab_free_freelist_hook+0xc5/0x190 [ 54.501027][ C1] ? kfree+0xc0/0x270 [ 54.505010][ C1] ? security_cred_free+0xbd/0xf0 [ 54.510026][ C1] ? put_cred_rcu+0x6a/0x290 [ 54.514598][ C1] ? rcu_do_batch+0x4df/0xa80 [ 54.519251][ C1] ? rcu_core+0x55f/0xd60 [ 54.523651][ C1] ? rcu_core_si+0x9/0x10 [ 54.528323][ C1] ? __do_softirq+0x255/0x563 [ 54.533148][ C1] ? asm_call_irq_on_stack+0xf/0x20 [ 54.538448][ C1] ? do_softirq_own_stack+0x60/0x80 [ 54.543625][ C1] ? __irq_exit_rcu+0x128/0x150 [ 54.548456][ C1] ? irq_exit_rcu+0x9/0x10 [ 54.552848][ C1] ? sysvec_apic_timer_interrupt+0xbf/0xe0 [ 54.558734][ C1] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 54.564861][ C1] ? oops_end+0x5c/0xd0 [ 54.569024][ C1] ? die_addr+0x61/0x70 [ 54.573202][ C1] ? exc_general_protection+0x1b6/0x250 [ 54.578753][ C1] ? asm_exc_general_protection+0x1e/0x30 [ 54.584470][ C1] ? selinux_inode_getattr+0x168/0x3c0 [ 54.589911][ C1] ? security_inode_getattr+0xd6/0x130 [ 54.595346][ C1] ? vfs_statx+0x12f/0x520 [ 54.599737][ C1] ? __se_sys_newfstatat+0xc6/0x340 [ 54.604979][ C1] ? __x64_sys_newfstatat+0x9b/0xb0 [ 54.610167][ C1] ? do_syscall_64+0x31/0x40 [ 54.614758][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 54.620807][ C1] ? yield_to_task_fair+0xe0/0x150 [ 54.625894][ C1] ? kfree+0xc0/0x270 [ 54.629852][ C1] kasan_set_free_info+0x23/0x40 [ 54.634769][ C1] ____kasan_slab_free+0x125/0x160 [ 54.639960][ C1] __kasan_slab_free+0x11/0x20 [ 54.644814][ C1] slab_free_freelist_hook+0xc5/0x190 [ 54.650184][ C1] ? security_cred_free+0xbd/0xf0 [ 54.655384][ C1] kfree+0xc0/0x270 [ 54.659220][ C1] security_cred_free+0xbd/0xf0 [ 54.664074][ C1] put_cred_rcu+0x6a/0x290 [ 54.668470][ C1] rcu_do_batch+0x4df/0xa80 [ 54.672962][ C1] ? local_bh_enable+0x20/0x20 [ 54.677803][ C1] ? note_gp_changes+0x129/0x220 [ 54.682762][ C1] rcu_core+0x55f/0xd60 [ 54.687008][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 54.692192][ C1] ? run_rebalance_domains+0xf7/0x1c0 [ 54.697541][ C1] rcu_core_si+0x9/0x10 [ 54.701674][ C1] __do_softirq+0x255/0x563 [ 54.706154][ C1] asm_call_irq_on_stack+0xf/0x20 [ 54.711148][ C1] [ 54.714078][ C1] do_softirq_own_stack+0x60/0x80 [ 54.719167][ C1] __irq_exit_rcu+0x128/0x150 [ 54.723819][ C1] irq_exit_rcu+0x9/0x10 [ 54.728044][ C1] sysvec_apic_timer_interrupt+0xbf/0xe0 [ 54.733651][ C1] asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 54.739616][ C1] RIP: 0010:oops_end+0x5c/0xd0 [ 54.744358][ C1] Code: ee 01 9f 05 75 1c 48 83 3d 10 89 05 05 00 0f 84 83 00 00 00 48 c7 c7 c0 dd c5 86 e8 02 2a 24 00 66 90 4c 89 75 e8 ff 75 e8 9d 5f 1f 45 03 48 c7 c7 c8 dd c5 86 be 02 00 00 00 48 c7 c2 62 41 [ 54.763942][ C1] RSP: 0018:ffffc90000c178e0 EFLAGS: 00000293 [ 54.769990][ C1] RAX: 0000000000000000 RBX: 000000000000000b RCX: ffff8881131d13c0 [ 54.777940][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff86c5ddc0 [ 54.785893][ C1] RBP: ffffc90000c178f8 R08: dffffc0000000000 R09: fffffbfff0d8e4f9 [ 54.793889][ C1] R10: fffffbfff0d8e4f9 R11: 1ffffffff0d8e4f8 R12: ffffc90000c17950 [ 54.801839][ C1] R13: dffffc000d0e5faa R14: 0000000000000293 R15: 0000000000000000 [ 54.809797][ C1] die_addr+0x61/0x70 [ 54.813756][ C1] exc_general_protection+0x1b6/0x250 [ 54.819120][ C1] asm_exc_general_protection+0x1e/0x30 [ 54.824642][ C1] RIP: 0010:selinux_inode_getattr+0x168/0x3c0 [ 54.830864][ C1] Code: 48 63 05 43 63 85 03 48 01 c3 0f b6 05 e3 2c b7 04 84 c0 74 3c 48 83 c3 22 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <0f> b6 04 08 84 c0 0f 85 29 02 00 00 0f b6 1b bf 01 00 00 00 89 de [ 54.850560][ C1] RSP: 0018:ffffc90000c17aa0 EFLAGS: 00010207 [ 54.856612][ C1] RAX: 000000000d0e5faa RBX: 000000006872fd57 RCX: dffffc0000000000 [ 54.864563][ C1] RDX: 0000000000000000 RSI: ffffc90000c17c50 RDI: ffffc90000c17af8 [ 54.872599][ C1] RBP: ffffc90000c17b78 R08: dffffc0000000000 R09: fffff52000182f5f [ 54.880638][ C1] R10: fffff52000182f5f R11: 1ffff92000182f5d R12: ffff888118154400 [ 54.888586][ C1] R13: ffff888118154438 R14: ffff8881167d4600 R15: 1ffff1102302a887 [ 54.896554][ C1] ? selinux_inode_setattr+0x7d0/0x7d0 [ 54.901989][ C1] ? getname_flags+0x206/0x500 [ 54.906825][ C1] security_inode_getattr+0xd6/0x130 [ 54.912085][ C1] vfs_statx+0x12f/0x520 [ 54.916305][ C1] ? mnt_drop_write+0x10f/0x190 [ 54.921132][ C1] ? vfs_fstatat+0x40/0x40 [ 54.925697][ C1] ? mntput_no_expire+0xfb/0x6b0 [ 54.930611][ C1] __se_sys_newfstatat+0xc6/0x340 [ 54.935615][ C1] ? __kasan_check_write+0x14/0x20 [ 54.940696][ C1] ? __x64_sys_newfstatat+0xb0/0xb0 [ 54.945869][ C1] ? mntput+0x5f/0xc0 [ 54.949827][ C1] ? path_put+0x57/0x60 [ 54.953958][ C1] ? do_utimes+0x230/0x2a0 [ 54.958350][ C1] ? do_utimes+0x2a0/0x2a0 [ 54.962758][ C1] __x64_sys_newfstatat+0x9b/0xb0 [ 54.967781][ C1] do_syscall_64+0x31/0x40 [ 54.972184][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 54.978049][ C1] RIP: 0033:0x7f8c390a8b0a [ 54.982441][ C1] Code: 48 8b 15 f1 f2 0d 00 f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 ca b8 06 01 00 00 0f 05 <3d> 00 f0 ff ff 77 07 31 c0 c3 0f 1f 40 00 48 8b 15 b9 f2 0d 00 f7 [ 55.002023][ C1] RSP: 002b:00007ffffeee6338 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 55.010409][ C1] RAX: ffffffffffffffda RBX: 0000000000000031 RCX: 00007f8c390a8b0a [ 55.018361][ C1] RDX: 00007ffffeee6340 RSI: 00007ffffeee6410 RDI: 00000000ffffff9c [ 55.026309][ C1] RBP: 00007ffffeee7450 R08: 00007ffffeee8080 R09: 000055b2ed16b450 [ 55.034258][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffffeee8080 [ 55.042221][ C1] R13: 0000000000000000 R14: 00007ffffeee7c80 R15: 00007ffffeee7880 [ 55.050280][ C1] Modules linked in: [ 55.054430][ T484] Kernel Offset: disabled [ 55.058761][ T484] Rebooting in 86400 seconds..