Warning: Permanently added '10.128.1.224' (ED25519) to the list of known hosts.
2025/10/13 17:00:49 parsed 1 programs
[   48.450458][   T28] audit: type=1400 audit(1760374850.317:106): avc:  denied  { unlink } for  pid=398 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   48.537938][  T398] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   49.248524][   T28] audit: type=1401 audit(1760374851.107:107): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   49.317101][   T28] audit: type=1400 audit(1760374851.177:108): avc:  denied  { create } for  pid=412 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   49.636591][  T426] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.643685][  T426] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.651199][  T426] device bridge_slave_0 entered promiscuous mode
[   49.658066][  T426] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.665143][  T426] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.672551][  T426] device bridge_slave_1 entered promiscuous mode
[   49.723360][  T426] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.730448][  T426] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.737902][  T426] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.744982][  T426] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.766636][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.773974][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.781713][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   49.789277][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   49.798836][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   49.807288][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.814347][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.823115][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   49.831396][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.838416][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   49.852382][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   49.861760][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   49.876200][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   49.887773][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   49.896096][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   49.903879][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   49.912433][  T426] device veth0_vlan entered promiscuous mode
[   49.923944][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   49.933175][  T426] device veth1_macvtap entered promiscuous mode
[   49.942841][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   49.953172][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2025/10/13 17:00:52 executed programs: 0
[   50.496543][  T464] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.503996][  T464] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.511568][  T464] device bridge_slave_0 entered promiscuous mode
[   50.521768][  T464] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.529254][  T464] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.536888][  T464] device bridge_slave_1 entered promiscuous mode
[   50.593557][  T464] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.600626][  T464] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.607987][  T464] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.615133][  T464] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.635368][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   50.643597][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.651224][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.661987][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   50.670783][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   50.679252][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.686326][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.701235][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   50.709917][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.718377][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.725446][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.733830][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   50.742087][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   50.751528][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   50.759668][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   50.773809][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   50.782351][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.794374][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   50.802567][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.810969][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   50.818459][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   50.827034][  T464] device veth0_vlan entered promiscuous mode
[   50.837775][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   50.846130][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   50.855730][  T464] device veth1_macvtap entered promiscuous mode
[   50.865922][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   50.873913][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   50.882449][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   50.892026][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   50.900421][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.927047][  T475] loop2: detected capacity change from 0 to 512
[   50.934630][  T475] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   50.949068][  T475] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   50.962160][  T475] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   50.975545][  T475] EXT4-fs (loop2): 1 truncate cleaned up
[   50.981362][  T475] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   50.990550][   T28] audit: type=1400 audit(1760374852.857:109): avc:  denied  { mount } for  pid=474 comm="syz.2.16" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   51.004679][  T475] ==================================================================
[   51.012012][   T28] audit: type=1400 audit(1760374852.857:110): avc:  denied  { setattr } for  pid=474 comm="syz.2.16" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   51.020087][  T475] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x979/0x21d0
[   51.042511][   T28] audit: type=1400 audit(1760374852.867:111): avc:  denied  { write } for  pid=474 comm="syz.2.16" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   51.049914][  T475] Read of size 18446744073709551572 at addr ffff88811c39b050 by task syz.2.16/475
[   51.071591][   T28] audit: type=1400 audit(1760374852.867:112): avc:  denied  { add_name } for  pid=474 comm="syz.2.16" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   51.080548][  T475] 
[   51.080556][  T475] CPU: 0 PID: 475 Comm: syz.2.16 Not tainted syzkaller #0
[   51.080575][  T475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   51.080603][  T475] Call Trace:
[   51.123675][  T475]  <TASK>
[   51.126615][  T475]  __dump_stack+0x21/0x24
[   51.131071][  T475]  dump_stack_lvl+0xee/0x150
[   51.135840][  T475]  ? __cfi_dump_stack_lvl+0x8/0x8
[   51.140962][  T475]  ? ext4_xattr_block_set+0x9dc/0x3270
[   51.146559][  T475]  ? __ext4_unlink+0x673/0xb00
[   51.151348][  T475]  ? ext4_xattr_set_entry+0x979/0x21d0
[   51.156837][  T475]  print_address_description+0x71/0x200
[   51.162416][  T475]  print_report+0x4a/0x60
[   51.166903][  T475]  kasan_report+0x122/0x150
[   51.171951][  T475]  ? ext4_xattr_set_entry+0x979/0x21d0
[   51.177473][  T475]  ? ext4_xattr_set_entry+0x979/0x21d0
[   51.183119][  T475]  kasan_check_range+0x280/0x290
[   51.188070][  T475]  memmove+0x2d/0x70
[   51.191974][  T475]  ext4_xattr_set_entry+0x979/0x21d0
[   51.197651][  T475]  ext4_xattr_block_set+0xada/0x3270
[   51.202963][  T475]  ? __getblk_gfp+0x3b/0x7d0
[   51.207760][  T475]  ? xattr_find_entry+0x24c/0x300
[   51.212801][  T475]  ? ext4_xattr_block_find+0x310/0x310
[   51.218286][  T475]  ? ext4_xattr_block_find+0x295/0x310
[   51.223771][  T475]  ext4_expand_extra_isize_ea+0xf30/0x1990
[   51.229598][  T475]  __ext4_expand_extra_isize+0x2fe/0x3e0
[   51.235270][  T475]  __ext4_mark_inode_dirty+0x3cf/0x600
[   51.240742][  T475]  __ext4_unlink+0x673/0xb00
[   51.245341][  T475]  ? memcpy+0x56/0x70
[   51.249327][  T475]  ? __cfi___ext4_unlink+0x10/0x10
[   51.254449][  T475]  ? dquot_initialize+0x20/0x20
[   51.259308][  T475]  ? clear_nonspinnable+0x60/0x60
[   51.264351][  T475]  ext4_unlink+0x13a/0x3a0
[   51.268779][  T475]  vfs_unlink+0x39f/0x630
[   51.273129][  T475]  do_unlinkat+0x31f/0x6b0
[   51.277559][  T475]  ? __cfi_do_unlinkat+0x10/0x10
[   51.282505][  T475]  ? getname_flags+0x206/0x500
[   51.287286][  T475]  __x64_sys_unlink+0x49/0x50
[   51.292059][  T475]  x64_sys_call+0x958/0x9a0
[   51.296572][  T475]  do_syscall_64+0x4c/0xa0
[   51.301027][  T475]  ? clear_bhb_loop+0x30/0x80
[   51.305711][  T475]  ? clear_bhb_loop+0x30/0x80
[   51.310458][  T475]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   51.316804][  T475] RIP: 0033:0x7f291ff8e9a9
[   51.321229][  T475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.340926][  T475] RSP: 002b:00007f2920d47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   51.349372][  T475] RAX: ffffffffffffffda RBX: 00007f29201b5fa0 RCX: 00007f291ff8e9a9
[   51.357364][  T475] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[   51.365353][  T475] RBP: 00007f2920010d69 R08: 0000000000000000 R09: 0000000000000000
[   51.373336][  T475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   51.381322][  T475] R13: 0000000000000000 R14: 00007f29201b5fa0 R15: 00007ffd16b6e5a8
[   51.389328][  T475]  </TASK>
[   51.392916][  T475] 
[   51.395252][  T475] Allocated by task 475:
[   51.399496][  T475]  kasan_set_track+0x4b/0x70
[   51.404100][  T475]  kasan_save_alloc_info+0x25/0x30
[   51.409226][  T475]  __kasan_kmalloc+0x95/0xb0
[   51.413844][  T475]  __kmalloc_node_track_caller+0xb1/0x1e0
[   51.419576][  T475]  kmemdup+0x2b/0x60
[   51.423498][  T475]  ext4_xattr_block_set+0x9dc/0x3270
[   51.428815][  T475]  ext4_expand_extra_isize_ea+0xf30/0x1990
[   51.434644][  T475]  __ext4_expand_extra_isize+0x2fe/0x3e0
[   51.440296][  T475]  __ext4_mark_inode_dirty+0x3cf/0x600
[   51.445780][  T475]  __ext4_unlink+0x673/0xb00
[   51.450406][  T475]  ext4_unlink+0x13a/0x3a0
[   51.454833][  T475]  vfs_unlink+0x39f/0x630
[   51.459460][  T475]  do_unlinkat+0x31f/0x6b0
[   51.463892][  T475]  __x64_sys_unlink+0x49/0x50
[   51.468683][  T475]  x64_sys_call+0x958/0x9a0
[   51.473210][  T475]  do_syscall_64+0x4c/0xa0
[   51.477729][  T475]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   51.483637][  T475] 
[   51.485966][  T475] The buggy address belongs to the object at ffff88811c39b000
[   51.485966][  T475]  which belongs to the cache kmalloc-1k of size 1024
[   51.500069][  T475] The buggy address is located 80 bytes inside of
[   51.500069][  T475]  1024-byte region [ffff88811c39b000, ffff88811c39b400)
[   51.513375][  T475] 
[   51.515822][  T475] The buggy address belongs to the physical page:
[   51.522262][  T475] page:ffffea000470e600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11c398
[   51.532701][  T475] head:ffffea000470e600 order:3 compound_mapcount:0 compound_pincount:0
[   51.541133][  T475] flags: 0x4000000000010200(slab|head|zone=1)
[   51.547318][  T475] raw: 4000000000010200 ffffea0004707a00 dead000000000003 ffff888100043080
[   51.556094][  T475] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   51.564771][  T475] page dumped because: kasan: bad access detected
[   51.571185][  T475] page_owner tracks the page as allocated
[   51.577006][  T475] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 103, tgid 103 (udevd), ts 6575138682, free_ts 0
[   51.596812][  T475]  post_alloc_hook+0x1f5/0x210
[   51.601682][  T475]  prep_new_page+0x1c/0x110
[   51.606231][  T475]  get_page_from_freelist+0x2c7b/0x2cf0
[   51.611795][  T475]  __alloc_pages+0x1c3/0x450
[   51.616392][  T475]  alloc_slab_page+0x6e/0xf0
[   51.620994][  T475]  new_slab+0x98/0x3d0
[   51.625071][  T475]  ___slab_alloc+0x6bd/0xb20
[   51.629667][  T475]  __slab_alloc+0x5e/0xa0
[   51.634013][  T475]  __kmem_cache_alloc_node+0x203/0x2c0
[   51.639478][  T475]  __kmalloc_node_track_caller+0xa0/0x1e0
[   51.645208][  T475]  __alloc_skb+0x236/0x4b0
[   51.649631][  T475]  netlink_sendmsg+0x626/0xbc0
[   51.654598][  T475]  ____sys_sendmsg+0x5a9/0x990
[   51.659369][  T475]  ___sys_sendmsg+0x21c/0x290
[   51.664056][  T475]  __x64_sys_sendmsg+0x1f0/0x2c0
[   51.669000][  T475]  x64_sys_call+0x171/0x9a0
[   51.673505][  T475] page_owner free stack trace missing
[   51.678869][  T475] 
[   51.681284][  T475] Memory state around the buggy address:
[   51.686909][  T475]  ffff88811c39af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.694972][  T475]  ffff88811c39af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   51.703033][  T475] >ffff88811c39b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.711101][  T475]                                                  ^
[   51.717777][  T475]  ffff88811c39b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.725847][  T475]  ffff88811c39b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.733996][  T475] ==================================================================
[   51.756564][   T28] audit: type=1400 audit(1760374852.867:113): avc:  denied  { create } for  pid=474 comm="syz.2.16" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   51.776826][   T28] audit: type=1400 audit(1760374852.867:114): avc:  denied  { write } for  pid=474 comm="syz.2.16" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   51.777067][  T475] Disabling lock debugging due to kernel taint
[   51.802156][   T28] audit: type=1400 audit(1760374852.867:115): avc:  denied  { open } for  pid=474 comm="syz.2.16" path="/0/file2/file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   51.831767][  T464] EXT4-fs (loop2): unmounting filesystem.
[   51.847871][  T479] loop2: detected capacity change from 0 to 512
[   51.855032][  T479] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   51.866668][  T479] EXT4-fs (loop2): 1 truncate cleaned up
[   51.874349][  T479] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   51.898015][   T60] general protection fault, probably for non-canonical address 0x762664436b932f2d: 0000 [#1] PREEMPT SMP KASAN
[   51.909878][   T60] CPU: 0 PID: 60 Comm: kworker/0:2 Tainted: G    B              syzkaller #0
[   51.918681][   T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   51.928849][   T60] Workqueue: ipv6_addrconf addrconf_dad_work
[   51.934999][   T60] RIP: 0010:__kmem_cache_alloc_node+0x123/0x2c0
[   51.941345][   T60] Code: 08 48 8b 38 48 85 ff 0f 84 e8 00 00 00 48 83 78 10 00 0f 84 dd 00 00 00 41 8b 47 28 48 8d 0c 07 49 8b 9f d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 07 48 89 f8 65 49 0f c7 08
[   51.961087][   T60] RSP: 0018:ffffc900009073b8 EFLAGS: 00010286
[   51.967182][   T60] RAX: 0000000000000200 RBX: 7664175fea1bd2d2 RCX: 2d2f936b43642676
[   51.975238][   T60] RDX: 000000000000ed88 RSI: 0000000000000400 RDI: 762664436b932d2d
[   51.983217][   T60] RBP: ffffc90000907408 R08: ffffffff84543d01 R09: ffffffff84543d01
[   51.991186][   T60] R10: 0000000040f38ec0 R11: 00000000ffffffff R12: 0000000000082a20
[   51.999154][   T60] R13: 0000000000000000 R14: ffffffff84543d01 R15: ffff888100043080
[   52.007132][   T60] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   52.016143][   T60] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   52.022742][   T60] CR2: 00007efe8b070000 CR3: 000000012b077000 CR4: 00000000003506b0
[   52.030975][   T60] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   52.038946][   T60] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   52.046933][   T60] Call Trace:
[   52.050209][   T60]  <TASK>
[   52.053145][   T60]  ? inet6_rt_notify+0x341/0x520
[   52.058089][   T60]  ? inet6_rt_notify+0x341/0x520
[   52.063027][   T60]  __kmalloc_node_track_caller+0xa0/0x1e0
[   52.068951][   T60]  ? inet6_rt_notify+0x341/0x520
[   52.073903][   T60]  __alloc_skb+0x236/0x4b0
[   52.078320][   T60]  inet6_rt_notify+0x341/0x520
[   52.083101][   T60]  ? kasan_save_alloc_info+0x25/0x30
[   52.088389][   T60]  ? atomic_notifier_call_chain+0x108/0x120
[   52.094375][   T60]  ? __cfi_inet6_rt_notify+0x10/0x10
[   52.099669][   T60]  ? call_fib_notifiers+0xa0/0xc0
[   52.104790][   T60]  fib6_add+0x22c9/0x3dc0
[   52.109334][   T60]  ? ____kasan_slab_free+0x13d/0x180
[   52.114766][   T60]  ? __cfi_fib6_add+0x10/0x10
[   52.119457][   T60]  ? consume_skb+0xc1/0x1f0
[   52.123967][   T60]  ? __kasan_check_write+0x14/0x20
[   52.129085][   T60]  ? _raw_spin_lock_bh+0x8e/0xe0
[   52.134043][   T60]  ip6_ins_rt+0xc5/0x110
[   52.138295][   T60]  ? __cfi_ip6_ins_rt+0x10/0x10
[   52.143146][   T60]  ? rtnl_notify+0x9a/0xc0
[   52.147717][   T60]  __ipv6_ifa_notify+0x4c4/0xdc0
[   52.152669][   T60]  ? __cfi__raw_write_lock_bh+0x10/0x10
[   52.158225][   T60]  ? snmp6_fill_stats+0x6c0/0x6c0
[   52.163272][   T60]  ? __local_bh_enable_ip+0x58/0x80
[   52.168479][   T60]  ? __kasan_check_write+0x14/0x20
[   52.173591][   T60]  ? try_to_grab_pending+0x1a2/0x580
[   52.178902][   T60]  ? __kasan_check_write+0x14/0x20
[   52.184012][   T60]  ? mod_delayed_work_on+0xe0/0xe0
[   52.189132][   T60]  ? __cfi_fib6_clean_node+0x10/0x10
[   52.194494][   T60]  ? __kasan_check_write+0x14/0x20
[   52.199827][   T60]  ? __cancel_work+0x198/0x200
[   52.204733][   T60]  addrconf_dad_completed+0x175/0xe80
[   52.210116][   T60]  ? __kasan_check_write+0x14/0x20
[   52.215438][   T60]  ? addrconf_dad_stop+0x450/0x450
[   52.220607][   T60]  addrconf_dad_work+0xc25/0x14b0
[   52.225754][   T60]  ? __cfi_addrconf_dad_work+0x10/0x10
[   52.231215][   T60]  ? __kasan_check_write+0x14/0x20
[   52.236328][   T60]  ? pwq_activate_inactive_work+0x2dd/0x3f0
[   52.242224][   T60]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[   52.247727][   T60]  process_one_work+0x71f/0xc40
[   52.252591][   T60]  worker_thread+0xa29/0x11f0
[   52.257278][   T60]  ? _raw_spin_lock_irqsave+0xb0/0x110
[   52.262761][   T60]  ? __kthread_parkme+0x142/0x180
[   52.267811][   T60]  kthread+0x281/0x320
[   52.272003][   T60]  ? __cfi_worker_thread+0x10/0x10
[   52.277217][   T60]  ? __cfi_kthread+0x10/0x10
[   52.281821][   T60]  ret_from_fork+0x1f/0x30
[   52.286265][   T60]  </TASK>
[   52.289309][   T60] Modules linked in:
[   52.293796][    C1] BUG: unable to handle page fault for address: ffffc90000c77d18
[   52.293941][   T60] ---[ end trace 0000000000000000 ]---
[   52.301789][    C1] #PF: supervisor read access in kernel mode
[   52.301805][    C1] #PF: error_code(0x0000) - not-present page
[   52.301827][    C1] PGD 100000067 P4D 100000067 PUD 100160067 PMD 11e081067 
[   52.307316][   T60] RIP: 0010:__kmem_cache_alloc_node+0x123/0x2c0
[   52.313295][    C1] PTE 0
[   52.313314][    C1] Oops: 0000 [#2] PREEMPT SMP KASAN
[   52.313331][    C1] CPU: 1 PID: 479 Comm: syz.2.17 Tainted: G    B D            syzkaller #0
[   52.319321][   T60] Code: 08 48 8b 38 48 85 ff 0f 84 e8 00 00 00 48 83 78 10 00 0f 84 dd 00 00 00 41 8b 47 28 48 8d 0c 07 49 8b 9f d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 07 48 89 f8 65 49 0f c7 08
[   52.326589][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   52.326603][    C1] RIP: 0010:timerqueue_add+0xd8/0x230
[   52.326628][    C1] Code: e8 6d 20 cf fc 4d 8b 3f b3 01 49 8d 7e 18 48 89 f8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80 3c 08 00 74 05 e8 48 20 cf fc <4d> 8b 66 18 4c 89 ff 4c 89 e6 e8 99 b4 8a fc 45 31 ed 4d 39 e7 41
[   52.332890][   T60] RSP: 0018:ffffc900009073b8 EFLAGS: 00010286
[   52.335633][    C1] RSP: 0018:ffffc900001b0cb8 EFLAGS: 00010046
[   52.340849][   T60] 
[   52.349411][    C1] 
[   52.349420][    C1] RAX: 1ffff9200018efa3 RBX: 1ffff1103ee25301 RCX: dffffc0000000000
[   52.369058][   T60] RAX: 0000000000000200 RBX: 7664175fea1bd2d2 RCX: 2d2f936b43642676
[   52.379251][    C1] RDX: 0000000000010000 RSI: ffff8881f712a310 RDI: ffffc90000c77d18
[   52.379269][    C1] RBP: ffffc900001b0cf8 R08: 0000000000000004 R09: 0000000000000003
[   52.379281][    C1] R10: fffff52000036198 R11: 1ffff92000036198 R12: ffff8881f7129da0
[   52.384707][   T60] RDX: 000000000000ed88 RSI: 0000000000000400 RDI: 762664436b932d2d
[   52.404634][    C1] R13: ffff8881f712a310 R14: ffffc90000c77d00 R15: 0000000c1613bd80
[   52.404656][    C1] FS:  00007f2920d476c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   52.404673][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   52.411228][   T60] RBP: ffffc90000907408 R08: ffffffff84543d01 R09: ffffffff84543d01
[   52.417263][    C1] CR2: ffffc90000c77d18 CR3: 000000012b077000 CR4: 00000000003506a0
[   52.419857][   T60] R10: 0000000040f38ec0 R11: 00000000ffffffff R12: 0000000000082a20
[   52.422190][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   52.422202][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   52.422213][    C1] Call Trace:
[   52.422220][    C1]  <IRQ>
[   52.422230][    C1]  enqueue_hrtimer+0xc9/0x240
[   52.430216][   T60] R13: 0000000000000000 R14: ffffffff84543d01 R15: ffff888100043080
[   52.438170][    C1]  __hrtimer_run_queues+0x43b/0x9f0
[   52.446174][   T60] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   52.454165][    C1]  ? hrtimer_interrupt+0x8c0/0x8c0
[   52.454347][    C1]  ? ktime_get_update_offsets_now+0x30c/0x320
[   52.462406][   T60] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   52.470360][    C1]  hrtimer_interrupt+0x3c7/0x8c0
[   52.478372][   T60] CR2: 00007efe8b070000 CR3: 000000012b077000 CR4: 00000000003506b0
[   52.487593][    C1]  __sysvec_apic_timer_interrupt+0x11e/0x440
[   52.487628][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[   52.494347][   T60] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   52.502295][    C1]  </IRQ>
[   52.502302][    C1]  <TASK>
[   52.502308][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   52.510557][   T60] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   52.518603][    C1] RIP: 0010:__memmove+0x19c/0x1a0
[   52.526693][   T60] Kernel panic - not syncing: Fatal exception in interrupt
[   52.534641][    C1] Code: fa 02 72 16 66 44 8b 1e 66 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01 72 06 44 8a 1e 44 88 1f c3 48 89 d1 <f3> a4 c3 00 eb 2e 0f 1f 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03
[   52.534659][    C1] RSP: 0018:ffffc90000b07640 EFLAGS: 00010286
[   52.534675][    C1] RAX: ffff88811c70c070 RBX: ffffffffffffffd4 RCX: fffffffffe5e8d8d
[   52.534688][    C1] RDX: ffffffffffffffd4 RSI: ffff88811e123297 RDI: ffff88811e1232b7
[   52.534700][    C1] RBP: ffffc90000b07670 R08: ffff88811c70c024 R09: 0000000000000001
[   52.534712][    C1] R10: 0000000000000000 R11: 0000000000000080 R12: 0000000000000000
[   52.534723][    C1] R13: ffffffff81f8ada9 R14: ffff88811c70c050 R15: ffff88811c70c070
[   52.534737][    C1]  ? ext4_xattr_set_entry+0x979/0x21d0
[   52.534766][    C1]  ? memmove+0x56/0x70
[   52.534781][    C1]  ext4_xattr_set_entry+0x979/0x21d0
[   52.534807][    C1]  ext4_xattr_block_set+0xada/0x3270
[   52.534831][    C1]  ? __getblk_gfp+0x3b/0x7d0
[   52.534852][    C1]  ? xattr_find_entry+0x24c/0x300
[   52.534889][    C1]  ? ext4_xattr_block_find+0x310/0x310
[   52.534917][    C1]  ? ext4_xattr_block_find+0x295/0x310
[   52.534944][    C1]  ext4_expand_extra_isize_ea+0xf30/0x1990
[   52.534974][    C1]  __ext4_expand_extra_isize+0x2fe/0x3e0
[   52.534998][    C1]  __ext4_mark_inode_dirty+0x3cf/0x600
[   52.535018][    C1]  __ext4_unlink+0x673/0xb00
[   52.535038][    C1]  ? memcpy+0x56/0x70
[   52.535054][    C1]  ? __cfi___ext4_unlink+0x10/0x10
[   52.535084][    C1]  ? dquot_initialize+0x20/0x20
[   52.535109][    C1]  ? clear_nonspinnable+0x60/0x60
[   52.535136][    C1]  ext4_unlink+0x13a/0x3a0
[   52.535157][    C1]  vfs_unlink+0x39f/0x630
[   52.535182][    C1]  do_unlinkat+0x31f/0x6b0
[   52.535203][    C1]  ? __cfi_do_unlinkat+0x10/0x10
[   52.535227][    C1]  ? getname_flags+0x206/0x500
[   52.535252][    C1]  __x64_sys_unlink+0x49/0x50
[   52.535271][    C1]  x64_sys_call+0x958/0x9a0
[   52.535291][    C1]  do_syscall_64+0x4c/0xa0
[   52.535308][    C1]  ? clear_bhb_loop+0x30/0x80
[   52.535329][    C1]  ? clear_bhb_loop+0x30/0x80
[   52.535351][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   52.535371][    C1] RIP: 0033:0x7f291ff8e9a9
[   52.535385][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.535398][    C1] RSP: 002b:00007f2920d47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   52.535414][    C1] RAX: ffffffffffffffda RBX: 00007f29201b5fa0 RCX: 00007f291ff8e9a9
[   52.535426][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[   52.535436][    C1] RBP: 00007f2920010d69 R08: 0000000000000000 R09: 0000000000000000
[   52.535459][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   52.535469][    C1] R13: 0000000000000000 R14: 00007f29201b5fa0 R15: 00007ffd16b6e5a8
[   52.535483][    C1]  </TASK>
[   52.535488][    C1] Modules linked in:
[   52.535496][    C1] CR2: ffffc90000c77d18
[   52.538783][    C1] ---[ end trace 0000000000000000 ]---
[   52.538791][    C1] RIP: 0010:__kmem_cache_alloc_node+0x123/0x2c0
[   52.538815][    C1] Code: 08 48 8b 38 48 85 ff 0f 84 e8 00 00 00 48 83 78 10 00 0f 84 dd 00 00 00 41 8b 47 28 48 8d 0c 07 49 8b 9f d8 00 00 00 48 0f c9 <48> 33 1c 07 48 31 cb 48 8d 4a 08 4d 8b 07 48 89 f8 65 49 0f c7 08
[   52.538828][    C1] RSP: 0018:ffffc900009073b8 EFLAGS: 00010286
[   52.538841][    C1] RAX: 0000000000000200 RBX: 7664175fea1bd2d2 RCX: 2d2f936b43642676
[   52.538852][    C1] RDX: 000000000000ed88 RSI: 0000000000000400 RDI: 762664436b932d2d
[   52.538863][    C1] RBP: ffffc90000907408 R08: ffffffff84543d01 R09: ffffffff84543d01
[   52.538875][    C1] R10: 0000000040f38ec0 R11: 00000000ffffffff R12: 0000000000082a20
[   52.538886][    C1] R13: 0000000000000000 R14: ffffffff84543d01 R15: ffff888100043080
[   52.538898][    C1] FS:  00007f2920d476c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   52.538918][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   52.538929][    C1] CR2: ffffc90000c77d18 CR3: 000000012b077000 CR4: 00000000003506a0
[   52.538944][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   52.538953][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   53.728145][   T60] Shutting down cpus with NMI
[   54.245144][   T60] Kernel Offset: disabled
[   54.249472][   T60] Rebooting in 86400 seconds..