Warning: Permanently added '10.128.0.94' (ED25519) to the list of known hosts.
1970/01/01 00:01:02 parsed 1 programs
[   63.434475][ T4395] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SSFS
[   65.306140][ T1609] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.307489][ T1609] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.308833][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   65.316690][ T1609] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.317992][ T1609] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.319542][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   65.395852][ T4535] chnl_net:caif_netlink_parms(): no params data found
[   65.414134][ T4535] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.415388][ T4535] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.416954][ T4535] device bridge_slave_0 entered promiscuous mode
[   65.418962][ T4535] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.420052][ T4535] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.421523][ T4535] device bridge_slave_1 entered promiscuous mode
[   65.430585][ T4535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.433360][ T4535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.440994][ T4535] team0: Port device team_slave_0 added
[   65.442921][ T4535] team0: Port device team_slave_1 added
[   65.452155][ T4535] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.453557][ T4535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.458050][ T4535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.460450][ T4535] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.461460][ T4535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.465830][ T4535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.524200][ T4535] device hsr_slave_0 entered promiscuous mode
[   65.563350][ T4535] device hsr_slave_1 entered promiscuous mode
[   66.166468][ T4535] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   66.194524][ T4535] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   66.225161][ T4535] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   66.265049][ T4535] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   66.311801][ T4535] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.313005][ T4535] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.314376][ T4535] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.315714][ T4535] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.336633][ T4535] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.341337][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   66.344176][  T322] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.345794][  T322] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.350567][ T4535] 8021q: adding VLAN 0 to HW filter on device team0
[   66.355297][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   66.356930][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   66.358393][  T502] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.359511][  T502] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.371706][ T4535] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   66.374374][ T4535] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   66.379273][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   66.381081][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   66.382552][  T502] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.383797][  T502] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.387318][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   66.394046][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   66.400845][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   66.403966][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   66.405671][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   66.407293][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   66.408886][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   66.412012][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   66.415266][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   66.416921][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   66.418450][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   66.419964][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   66.460819][ T4535] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.465206][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   66.466535][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   66.476040][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   66.477627][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   66.480910][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   66.482589][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   66.484870][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   66.486295][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   66.489312][ T4535] device veth0_vlan entered promiscuous mode
[   66.495783][ T4535] device veth1_vlan entered promiscuous mode
[   66.502645][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   66.504849][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   66.506325][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   66.507891][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   66.510387][ T4535] device veth0_macvtap entered promiscuous mode
[   66.513060][ T4535] device veth1_macvtap entered promiscuous mode
[   66.521370][ T4535] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.522615][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   66.524494][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   66.525962][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   66.527470][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   66.530509][ T4535] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.533794][ T4535] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.535246][ T4535] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.536604][ T4535] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.537987][ T4535] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.540823][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   66.542348][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
1970/01/01 00:01:06 executed programs: 0
[   66.814847][ T4671] chnl_net:caif_netlink_parms(): no params data found
[   66.839626][ T4671] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.840812][ T4671] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.842339][ T4671] device bridge_slave_0 entered promiscuous mode
[   66.845614][ T4671] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.846714][ T4671] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.848240][ T4671] device bridge_slave_1 entered promiscuous mode
[   66.858159][ T4671] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.860661][ T4671] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.869860][ T4671] team0: Port device team_slave_0 added
[   66.871766][ T4671] team0: Port device team_slave_1 added
[   66.879901][ T4671] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.881158][ T4671] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.886031][ T4671] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.888292][ T4671] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.889329][ T4671] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.895468][ T4671] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.944613][ T4671] device hsr_slave_0 entered promiscuous mode
[   66.983461][ T4671] device hsr_slave_1 entered promiscuous mode
[   67.053244][ T4671] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   67.054555][ T4671] Cannot create hsr debugfs directory
[   67.085725][ T4671] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   68.823159][ T3624] Bluetooth: hci0: command 0x0409 tx timeout
[   69.516822][ T4671] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.624551][   T21] cfg80211: failed to load regulatory.db
[   69.624710][ T2065] ieee802154 phy0 wpan0: encryption failed: -22
[   69.626767][ T2065] ieee802154 phy1 wpan1: encryption failed: -22
[   70.903209][   T21] Bluetooth: hci0: command 0x041b tx timeout
[   72.026896][ T4671] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.078833][ T4671] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.247898][ T4671] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   72.294954][ T4671] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.334487][ T4671] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.374571][ T4671] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.436615][ T4671] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.440421][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   72.442035][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   72.445360][ T4671] 8021q: adding VLAN 0 to HW filter on device team0
[   72.447821][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   72.449354][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   72.450900][  T322] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.452038][  T322] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.455509][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   72.458175][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   72.459856][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   72.461309][  T322] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.462390][  T322] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.465789][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   72.468711][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   72.474870][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   72.477095][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   72.478811][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   72.485715][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   72.487297][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   72.488832][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   72.490395][  T502] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   72.495699][ T4671] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.497680][ T4671] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   72.500817][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   72.502339][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   72.806123][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   72.807491][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   72.810728][ T4671] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.818124][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   72.819848][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   72.827574][ T4671] device veth0_vlan entered promiscuous mode
[   72.829298][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   72.830827][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   72.832539][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   72.834628][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   72.837859][ T4671] device veth1_vlan entered promiscuous mode
[   72.847607][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   72.849171][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   72.850551][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   72.852022][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   72.855755][ T4671] device veth0_macvtap entered promiscuous mode
[   72.858179][ T4671] device veth1_macvtap entered promiscuous mode
[   72.862840][ T4671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.864871][ T4671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.866978][ T4671] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.868225][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   72.869682][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   72.871172][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   72.872665][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   72.876457][ T4671] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.878162][ T4671] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.880571][ T4671] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.881860][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   72.883516][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   72.886459][ T4671] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.887907][ T4671] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.889317][ T4671] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.890763][ T4671] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.914410][  T322] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.915676][  T322] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.917016][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   72.926095][ T1609] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.927400][ T1609] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.929030][ T1609] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
1970/01/01 00:01:12 executed programs: 2
[   72.952810][ T4909] loop0: detected capacity change from 0 to 512
[   72.983190][ T4068] Bluetooth: hci0: command 0x040f tx timeout
[   72.999864][ T4909] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   73.001841][ T4909] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   73.007185][ T4909] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   73.009518][ T4909] EXT4-fs (loop0): 1 truncate cleaned up
[   73.010478][ T4909] EXT4-fs (loop0): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback.
[   73.020964][ T4909] ==================================================================
[   73.022236][ T4909] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x1edc/0x2e50
[   73.023447][ T4909] Read of size 18446744073709551540 at addr ffff0000c7fb0870 by task syz.0.16/4909
[   73.024872][ T4909] 
[   73.025231][ T4909] CPU: 0 PID: 4909 Comm: syz.0.16 Not tainted syzkaller #0
[   73.026301][ T4909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[   73.027754][ T4909] Call trace:
[   73.028402][ T4909]  dump_backtrace+0x0/0x458
[   73.029109][ T4909]  show_stack+0x2c/0x3c
[   73.029762][ T4909]  __dump_stack+0x30/0x40
[   73.030441][ T4909]  dump_stack_lvl+0xf4/0x15c
[   73.031236][ T4909]  print_address_description+0x78/0x30c
[   73.032173][ T4909]  kasan_report+0xec/0x158
[   73.032924][ T4909]  kasan_check_range+0x268/0x2a0
[   73.033806][ T4909]  memmove+0x90/0xe8
[   73.034500][ T4909]  ext4_xattr_set_entry+0x1edc/0x2e50
[   73.035433][ T4909]  ext4_xattr_block_set+0x524/0x267c
[   73.036353][ T4909]  ext4_xattr_set_handle+0xa44/0x10fc
[   73.037179][ T4909]  ext4_xattr_set+0x1f4/0x2c0
[   73.037881][ T4909]  ext4_xattr_trusted_set+0x4c/0x64
[   73.038639][ T4909]  __vfs_setxattr+0x384/0x3a0
[   73.039339][ T4909]  __vfs_setxattr_noperm+0x120/0x564
[   73.040198][ T4909]  __vfs_setxattr_locked+0x1ec/0x218
[   73.040996][ T4909]  vfs_setxattr+0x158/0x2ac
[   73.041733][ T4909]  setxattr+0x278/0x2f8
[   73.042325][ T4909]  path_setxattr+0x130/0x260
[   73.042994][ T4909]  __arm64_sys_lsetxattr+0xbc/0xd8
[   73.043738][ T4909]  invoke_syscall+0x98/0x2b0
[   73.044496][ T4909]  el0_svc_common+0x138/0x258
[   73.045188][ T4909]  do_el0_svc+0x58/0x13c
[   73.045844][ T4909]  el0_svc+0x78/0x1d0
[   73.046459][ T4909]  el0t_64_sync_handler+0xcc/0xe4
[   73.047361][ T4909]  el0t_64_sync+0x1a0/0x1a4
[   73.048168][ T4909] 
[   73.048558][ T4909] Allocated by task 4909:
[   73.049223][ T4909]  __kasan_kmalloc+0xb0/0xf0
[   73.050029][ T4909]  __kmalloc_track_caller+0x20c/0x358
[   73.050890][ T4909]  kmemdup+0xcc/0x144
[   73.051528][ T4909]  ext4_xattr_block_set+0x470/0x267c
[   73.052397][ T4909]  ext4_xattr_set_handle+0xa44/0x10fc
[   73.053279][ T4909]  ext4_xattr_set+0x1f4/0x2c0
[   73.054051][ T4909]  ext4_xattr_trusted_set+0x4c/0x64
[   73.054917][ T4909]  __vfs_setxattr+0x384/0x3a0
[   73.055653][ T4909]  __vfs_setxattr_noperm+0x120/0x564
[   73.056510][ T4909]  __vfs_setxattr_locked+0x1ec/0x218
[   73.057444][ T4909]  vfs_setxattr+0x158/0x2ac
[   73.058169][ T4909]  setxattr+0x278/0x2f8
[   73.058892][ T4909]  path_setxattr+0x130/0x260
[   73.059675][ T4909]  __arm64_sys_lsetxattr+0xbc/0xd8
[   73.060488][ T4909]  invoke_syscall+0x98/0x2b0
[   73.061216][ T4909]  el0_svc_common+0x138/0x258
[   73.061963][ T4909]  do_el0_svc+0x58/0x13c
[   73.062626][ T4909]  el0_svc+0x78/0x1d0
[   73.063253][ T4909]  el0t_64_sync_handler+0xcc/0xe4
[   73.064057][ T4909]  el0t_64_sync+0x1a0/0x1a4
[   73.064727][ T4909] 
[   73.065102][ T4909] The buggy address belongs to the object at ffff0000c7fb0800
[   73.065102][ T4909]  which belongs to the cache kmalloc-1k of size 1024
[   73.067306][ T4909] The buggy address is located 112 bytes inside of
[   73.067306][ T4909]  1024-byte region [ffff0000c7fb0800, ffff0000c7fb0c00)
[   73.069363][ T4909] The buggy address belongs to the page:
[   73.070272][ T4909] page:00000000fdeed106 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x107fb0
[   73.072102][ T4909] head:00000000fdeed106 order:3 compound_mapcount:0 compound_pincount:0
[   73.073428][ T4909] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   73.074667][ T4909] raw: 05ffc00000010200 0000000000000000 0000000b00000001 ffff0000c0002780
[   73.076042][ T4909] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[   73.077470][ T4909] page dumped because: kasan: bad access detected
[   73.078476][ T4909] 
[   73.078827][ T4909] Memory state around the buggy address:
[   73.079674][ T4909]  ffff0000c7fb0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.081078][ T4909]  ffff0000c7fb0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   73.082391][ T4909] >ffff0000c7fb0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.083784][ T4909]                                                              ^
[   73.084992][ T4909]  ffff0000c7fb0880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.086231][ T4909]  ffff0000c7fb0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   73.087472][ T4909] ==================================================================
[   73.088762][ T4909] Disabling lock debugging due to kernel taint
[   73.131612][ T4913] loop0: detected capacity change from 0 to 512
[   73.184173][ T4913] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   73.191419][ T4913] EXT4-fs (loop0): 1 truncate cleaned up
[   73.192390][ T4913] EXT4-fs (loop0): mounted filesystem without journal. Opts: nogrpid,min_batch_time=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,quota,,errors=continue. Quota mode: writeback.
[   73.201122][ T4542] Unable to handle kernel paging request at virtual address dead4ead00000008
[   73.202677][ T4542] Mem abort info:
[   73.203116][    C1] Unable to handle kernel paging request at virtual address ffff7000319b8202
[   73.203257][    C0] Unable to handle kernel paging request at virtual address dfff800000000f94
[   73.204641][    C1] Mem abort info:
[   73.206001][    C0] Mem abort info:
[   73.206005][    C0]   ESR = 0x0000000096000006
[   73.206508][    C1]   ESR = 0x0000000096000006
[   73.207078][    C0]   EC = 0x25: DABT (current EL), IL = 32 bits
[   73.207722][    C1]   EC = 0x25: DABT (current EL), IL = 32 bits
[   73.208464][    C0]   SET = 0, FnV = 0
[   73.209330][    C1]   SET = 0, FnV = 0
[   73.210289][    C0]   EA = 0, S1PTW = 0
[   73.210858][    C1]   EA = 0, S1PTW = 0
[   73.211538][    C0]   FSC = 0x06: level 2 translation fault
[   73.212193][    C1]   FSC = 0x06: level 2 translation fault
[   73.212869][    C0] Data abort info:
[   73.213734][    C1] Data abort info:
[   73.214792][    C0]   ISV = 0, ISS = 0x00000006
[   73.215427][    C1]   ISV = 0, ISS = 0x00000006
[   73.216061][    C0]   CM = 0, WnR = 0
[   73.216882][    C1]   CM = 0, WnR = 0
[   73.217697][    C0] [dfff800000000f94] address between user and kernel address ranges
[   73.218299][    C1] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000002110d2000
[   73.218873][    C0] Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
[   73.220305][    C1] [ffff7000319b8202] pgd=000000023ec46003
[   73.221443][    C0] Modules linked in:
[   73.222596][    C1] , p4d=000000023ec46003
[   73.223428][    C0] 
[   73.223998][    C1] , pud=000000023ec45003
[   73.224639][    C0] CPU: 0 PID: 4542 Comm: udevd Tainted: G    B             syzkaller #0
[   73.224986][    C1] , pmd=0000000000000000
[   73.225626][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/26/2026
[   73.226887][    C1] 
[   73.229384][    C0] pstate: 224000c5 (nzCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[   73.230587][    C0] pc : rb_next+0x94/0xf0
[   73.231202][    C0] lr : timerqueue_del+0x94/0x110
[   73.232004][    C0] sp : ffff800008007c50
[   73.232690][    C0] x29: ffff800008007c50 x28: ffff0001a0f866d0 x27: ffff0001a0f86708
[   73.234023][    C0] x26: dfff800000000000 x25: ffff0001a0f866c0 x24: 1fffe000341f0e04
[   73.235338][    C0] x23: dfff800000000000 x22: 1fffe000341f0ce3 x21: dfff800000000000
[   73.236834][    C0] x20: 0000000000007c96 x19: 0000000000007ca6 x18: 0000000000000002
[   73.238109][    C0] x17: ffff80018cda0000 x16: ffff800011255484 x15: 0000000000000012
[   73.239386][    C0] x14: ffff700001000fa8 x13: 1ffff00001000fa8 x12: 0000000000ff0100
[   73.240715][    C0] x11: 0000000000010003 x10: 0000000000010003 x9 : ffff80000a955f84
[   73.241966][    C0] x8 : 0000000000000f94 x7 : 0000000000000000 x6 : ffff800008393000
[   73.243177][    C0] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 000000000000000f
[   73.244437][    C0] x2 : 00000000000000c0 x1 : ffff0001a0f87020 x0 : ffff0001a0f87020
[   73.245668][    C0] Call trace:
[   73.246189][    C0]  rb_next+0x94/0xf0
[   73.246904][    C0]  timerqueue_del+0x94/0x110
[   73.247648][    C0]  __hrtimer_run_queues+0x28c/0xb38
[   73.248522][    C0]  hrtimer_interrupt+0x2bc/0xb5c
[   73.249293][    C0]  arch_timer_handler_virt+0x74/0x88
[   73.250079][    C0]  handle_percpu_devid_irq+0x29c/0x764
[   73.250941][    C0]  handle_domain_irq+0x144/0x1fc
[   73.251662][    C0]  gic_handle_irq+0x78/0x1b8
[   73.252393][    C0]  call_on_irq_stack+0x30/0x48
[   73.253130][    C0]  do_interrupt_handler+0x6c/0x88
[   73.253934][    C0]  el1_interrupt+0x30/0x58
[   73.254635][    C0]  el1h_64_irq_handler+0x18/0x24
[   73.255379][    C0]  el1h_64_irq+0x78/0x7c
[   73.256038][    C0]  console_unlock+0xb60/0x1208
[   73.256768][    C0]  vprintk_emit+0x150/0x22c
[   73.257404][    C0]  vprintk_default+0x54/0x80
[   73.258067][    C0]  vprintk+0x200/0x2a0
[   73.258648][    C0]  _printk+0xe0/0x130
[   73.259208][    C0]  mem_abort_decode+0x28/0x12c
[   73.259897][    C0]  die_kernel_fault+0x48/0x78
[   73.260608][    C0]  __do_kernel_fault+0x39c/0x400
[   73.261326][    C0]  do_bad_area+0x84/0x29c
[   73.261945][    C0]  do_translation_fault+0xf8/0x130
[   73.262719][    C0]  do_mem_abort+0x6c/0x1ac
[   73.263438][    C0]  el1_abort+0x3c/0x5c
[   73.264103][    C0]  el1h_64_sync_handler+0x50/0xac
[   73.264910][    C0]  el1h_64_sync+0x78/0x7c
[   73.265645][    C0]  down_read+0xe0/0x38c
[   73.266298][    C0]  validate_mm+0x94/0x86c
[   73.266953][    C0]  vma_link+0x19c/0x1f8
[   73.267612][    C0]  mmap_region+0x1060/0x1428
[   73.268299][    C0]  do_mmap+0x6ec/0xe40
[   73.268961][    C0]  vm_mmap_pgoff+0x190/0x294
[   73.269707][    C0]  ksys_mmap_pgoff+0x11c/0x634
[   73.270549][    C0]  __arm64_sys_mmap+0xf8/0x110
[   73.271341][    C0]  invoke_syscall+0x98/0x2b0
[   73.272148][    C0]  el0_svc_common+0x138/0x258
[   73.272938][    C0]  do_el0_svc+0x58/0x13c
[   73.273617][    C0]  el0_svc+0x78/0x1d0
[   73.274255][    C0]  el0t_64_sync_handler+0xcc/0xe4
[   73.275092][    C0]  el0t_64_sync+0x1a0/0x1a4
[   73.275815][    C0] Code: b4fffe08 91004113 aa0803f4 d343fe68 (38756908) 
[   73.276859][    C0] ---[ end trace 06a42b8df8f5f0ea ]---
[   73.462754][    C0] Kernel panic - not syncing: Oops: Fatal exception in interrupt
[   73.463935][    C0] SMP: stopping secondary CPUs
[   74.533597][    C0] SMP: failed to stop secondary CPUs 0-1
[   74.534643][    C0] Kernel Offset: disabled
[   74.535334][    C0] CPU features: 0x8,000003c1,7d33ffd9
[   74.536166][    C0] Memory Limit: none
[   74.711816][    C0] Rebooting in 86400 seconds..