Warning: Permanently added '10.128.1.249' (ED25519) to the list of known hosts. 2025/09/27 14:00:37 parsed 1 programs [ 44.260561][ T24] kauditd_printk_skb: 31 callbacks suppressed [ 44.260569][ T24] audit: type=1400 audit(1758981638.370:105): avc: denied { unlink } for pid=418 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 44.315911][ T418] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.695407][ T422] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.702528][ T422] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.709872][ T422] device bridge_slave_0 entered promiscuous mode [ 44.716881][ T422] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.724031][ T422] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.731534][ T422] device bridge_slave_1 entered promiscuous mode [ 44.757427][ T422] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.764463][ T422] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.771804][ T422] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.779174][ T422] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.793625][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.800951][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.808114][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 44.815731][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 44.824819][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 44.833227][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.840257][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.848590][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 44.856849][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.863878][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.874237][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 44.883305][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 44.895056][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 44.905219][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 44.913515][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 44.921128][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 44.928866][ T422] device veth0_vlan entered promiscuous mode [ 44.937646][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 44.946227][ T422] device veth1_macvtap entered promiscuous mode [ 44.954526][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.963966][ T49] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 45.014947][ T24] audit: type=1400 audit(1758981639.120:106): avc: denied { create } for pid=434 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 45.481207][ T24] audit: type=1401 audit(1758981639.590:107): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768" 2025/09/27 14:00:39 executed programs: 0 [ 45.661938][ T24] audit: type=1400 audit(1758981639.770:108): avc: denied { write } for pid=409 comm="syz-execprog" path="pipe:[15364]" dev="pipefs" ino=15364 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 45.700510][ T482] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.707523][ T482] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.714799][ T482] device bridge_slave_0 entered promiscuous mode [ 45.721895][ T482] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.728902][ T482] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.736474][ T482] device bridge_slave_1 entered promiscuous mode [ 45.775370][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 45.782747][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 45.791481][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 45.799736][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 45.808291][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.815317][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.822889][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 45.831868][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 45.840096][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 45.848168][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.855183][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.870603][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 45.879310][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 45.891693][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 45.903456][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 45.911512][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 45.918801][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 45.927122][ T482] device veth0_vlan entered promiscuous mode [ 45.936105][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 45.949142][ T482] device veth1_macvtap entered promiscuous mode [ 45.957677][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 45.967586][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 46.012507][ T487] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 46.025909][ T487] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 46.037636][ T487] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2815: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 46.050870][ T487] EXT4-fs (loop2): 1 truncate cleaned up [ 46.056502][ T487] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota, [ 46.074754][ T24] audit: type=1400 audit(1758981640.180:109): avc: denied { mount } for pid=486 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 46.081515][ T487] ================================================================== [ 46.099374][ T24] audit: type=1400 audit(1758981640.180:110): avc: denied { setattr } for pid=486 comm="syz.2.17" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 46.104060][ T487] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x1339/0x36c0 [ 46.104069][ T487] Read of size 18446744073709551540 at addr ffff88811456d070 by task syz.2.17/487 [ 46.104072][ T487] [ 46.104085][ T487] CPU: 0 PID: 487 Comm: syz.2.17 Not tainted syzkaller #0 [ 46.104097][ T487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 46.126338][ T24] audit: type=1400 audit(1758981640.180:111): avc: denied { write } for pid=486 comm="syz.2.17" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 46.133782][ T487] Call Trace: [ 46.133797][ T487] __dump_stack+0x21/0x24 [ 46.133811][ T487] dump_stack_lvl+0x169/0x1d8 [ 46.143136][ T24] audit: type=1400 audit(1758981640.180:112): avc: denied { add_name } for pid=486 comm="syz.2.17" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 46.145269][ T487] ? show_regs_print_info+0x18/0x18 [ 46.153452][ T24] audit: type=1400 audit(1758981640.180:113): avc: denied { create } for pid=486 comm="syz.2.17" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 46.162371][ T487] ? thaw_kernel_threads+0x220/0x220 [ 46.162381][ T487] print_address_description+0x7f/0x2c0 [ 46.162398][ T487] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 46.184091][ T24] audit: type=1400 audit(1758981640.180:114): avc: denied { write } for pid=486 comm="syz.2.17" name="file2" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 46.187146][ T487] kasan_report+0xe2/0x130 [ 46.283813][ T487] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 46.289321][ T487] ? ext4_xattr_set_entry+0x1339/0x36c0 [ 46.294850][ T487] kasan_check_range+0x280/0x290 [ 46.299751][ T487] memmove+0x2d/0x70 [ 46.303613][ T487] ext4_xattr_set_entry+0x1339/0x36c0 [ 46.308949][ T487] ? fscrypt_drop_inode+0xad/0x110 [ 46.314026][ T487] ? ext4_xattr_ibody_set+0x360/0x360 [ 46.319363][ T487] ? slab_post_alloc_hook+0x7d/0x2f0 [ 46.324620][ T487] ? ext4_xattr_block_set+0x847/0x2a50 [ 46.330045][ T487] ? ext4_xattr_block_set+0x847/0x2a50 [ 46.335469][ T487] ? __kmalloc_track_caller+0x181/0x320 [ 46.340982][ T487] ? memcpy+0x56/0x70 [ 46.344930][ T487] ext4_xattr_block_set+0x92f/0x2a50 [ 46.350183][ T487] ? __kasan_check_read+0x11/0x20 [ 46.355182][ T487] ? __ext4_xattr_check_block+0x265/0x8e0 [ 46.360866][ T487] ? ext4_xattr_block_find+0x4f0/0x4f0 [ 46.366288][ T487] ? __kasan_check_write+0x14/0x20 [ 46.371362][ T487] ext4_xattr_set_handle+0xba5/0x12a0 [ 46.376700][ T487] ? ext4_xattr_set_entry+0x36c0/0x36c0 [ 46.382211][ T487] ? __kasan_check_read+0x11/0x20 [ 46.387200][ T487] ? __ext4_journal_start_sb+0x2e2/0x490 [ 46.392802][ T487] ext4_xattr_set+0x1ec/0x320 [ 46.397447][ T487] ? ext4_xattr_set_credits+0x290/0x290 [ 46.402956][ T487] ext4_xattr_trusted_set+0x3b/0x50 [ 46.408119][ T487] ? ext4_xattr_trusted_get+0x40/0x40 [ 46.413472][ T487] __vfs_setxattr+0x42a/0x480 [ 46.418135][ T487] __vfs_setxattr_noperm+0x11e/0x4e0 [ 46.423386][ T487] __vfs_setxattr_locked+0x203/0x220 [ 46.428636][ T487] vfs_setxattr+0x8d/0x1c0 [ 46.433016][ T487] setxattr+0x1a9/0x370 [ 46.437151][ T487] ? path_setxattr+0x210/0x210 [ 46.441887][ T487] ? __mnt_want_write+0x1e6/0x260 [ 46.446874][ T487] ? mnt_want_write+0x19d/0x270 [ 46.451704][ T487] path_setxattr+0x110/0x210 [ 46.456261][ T487] ? simple_xattr_list_add+0x120/0x120 [ 46.461690][ T487] ? ____fput+0x15/0x20 [ 46.465816][ T487] __x64_sys_lsetxattr+0xc2/0xe0 [ 46.470717][ T487] do_syscall_64+0x31/0x40 [ 46.475099][ T487] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 46.480966][ T487] RIP: 0033:0x7f408ea3dbe9 [ 46.485451][ T487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.505042][ T487] RSP: 002b:00007f408e8ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 46.513435][ T487] RAX: ffffffffffffffda RBX: 00007f408ec64fa0 RCX: 00007f408ea3dbe9 [ 46.521376][ T487] RDX: 0000200000000040 RSI: 0000200000000300 RDI: 0000200000000100 [ 46.529332][ T487] RBP: 00007f408eac0e19 R08: 0000000000000000 R09: 0000000000000000 [ 46.537273][ T487] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000 [ 46.545215][ T487] R13: 00007f408ec65038 R14: 00007f408ec64fa0 R15: 00007ffea67d4188 [ 46.553156][ T487] [ 46.555461][ T487] Allocated by task 0: [ 46.559494][ T487] (stack is not available) [ 46.563870][ T487] [ 46.566167][ T487] The buggy address belongs to the object at ffff88811456d000 [ 46.566167][ T487] which belongs to the cache kmalloc-1k of size 1024 [ 46.580190][ T487] The buggy address is located 112 bytes inside of [ 46.580190][ T487] 1024-byte region [ffff88811456d000, ffff88811456d400) [ 46.593518][ T487] The buggy address belongs to the page: [ 46.599118][ T487] page:ffffea0004515a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x114568 [ 46.609318][ T487] head:ffffea0004515a00 order:3 compound_mapcount:0 compound_pincount:0 [ 46.617608][ T487] flags: 0x4000000000010200(slab|head) [ 46.623050][ T487] raw: 4000000000010200 0000000000000000 0000000100000001 ffff888100042f00 [ 46.631609][ T487] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 46.640156][ T487] page dumped because: kasan: bad access detected [ 46.646531][ T487] page_owner tracks the page as allocated [ 46.652221][ T487] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 108, ts 3729435470, free_ts 0 [ 46.670238][ T487] prep_new_page+0x179/0x180 [ 46.674793][ T487] get_page_from_freelist+0x2235/0x23d0 [ 46.680303][ T487] __alloc_pages_nodemask+0x268/0x5f0 [ 46.685638][ T487] new_slab+0x84/0x3f0 [ 46.689671][ T487] ___slab_alloc+0x2a6/0x450 [ 46.694225][ T487] __slab_alloc+0x63/0xa0 [ 46.698519][ T487] __kmalloc_track_caller+0x1ef/0x320 [ 46.703858][ T487] __alloc_skb+0xdc/0x520 [ 46.708153][ T487] alloc_uevent_skb+0x85/0x240 [ 46.712895][ T487] kobject_uevent_net_broadcast+0x335/0x5a0 [ 46.718767][ T487] kobject_uevent_env+0x52e/0x700 [ 46.723764][ T487] kobject_synth_uevent+0x520/0xaf0 [ 46.728928][ T487] uevent_store+0x25/0x60 [ 46.733220][ T487] dev_attr_store+0x5e/0x80 [ 46.737686][ T487] sysfs_kf_write+0x129/0x150 [ 46.742327][ T487] kernfs_fop_write_iter+0x2c5/0x400 [ 46.747587][ T487] page_owner free stack trace missing [ 46.752918][ T487] [ 46.755209][ T487] Memory state around the buggy address: [ 46.760807][ T487] ffff88811456cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.768834][ T487] ffff88811456cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 46.776859][ T487] >ffff88811456d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.784972][ T487] ^ [ 46.792651][ T487] ffff88811456d080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.800678][ T487] ffff88811456d100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.808708][ T487] ================================================================== [ 46.816735][ T487] Disabling lock debugging due to kernel taint [ 46.871342][ T49] device bridge_slave_1 left promiscuous mode [ 46.877700][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.885463][ T49] device bridge_slave_0 left promiscuous mode [ 46.886487][ T491] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 46.893381][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.908818][ T491] EXT4-fs (loop2): 1 truncate cleaned up [ 46.914539][ T491] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota, [ 46.932685][ T49] device veth1_macvtap left promiscuous mode [ 46.938708][ T49] device veth0_vlan left promiscuous mode [ 46.948046][ T49] general protection fault, probably for non-canonical address 0xdffffc001ffff3c7: 0000 [#1] PREEMPT SMP KASAN [ 46.959765][ T49] KASAN: probably user-memory-access in range [0x00000000ffff9e38-0x00000000ffff9e3f] [ 46.969288][ T49] CPU: 1 PID: 49 Comm: kworker/u4:2 Tainted: G B syzkaller #0 [ 46.978011][ T49] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 46.988038][ T49] Workqueue: netns cleanup_net [ 46.992772][ T49] RIP: 0010:neigh_flush_dev+0x114/0x820 [ 46.998285][ T49] Code: 94 06 00 00 4c 89 f0 48 c1 e8 03 48 89 45 98 49 89 dc 4c 89 75 b0 4d 85 ff 74 6c 49 8d 9c 24 68 01 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 8d 1f 03 fe 4c 39 3b 0f 85 17 06 [ 47.017857][ T49] RSP: 0018:ffffc900009e7488 EFLAGS: 00010202 [ 47.023892][ T49] RAX: 000000001ffff3c7 RBX: 00000000ffff9e38 RCX: ffff888101ff4f00 [ 47.031849][ T49] RDX: 0000000000000000 RSI: 0000000000000015 RDI: 00000000ffffffff [ 47.039809][ T49] RBP: ffffc900009e7528 R08: 0000000000000015 R09: ffffffff8100435f [ 47.047747][ T49] R10: 0000000000000003 R11: 00000000bc2271e0 R12: 00000000ffff9cd0 [ 47.055686][ T49] R13: dffffc0000000000 R14: ffff8881182ab000 R15: ffff888113b14000 [ 47.063625][ T49] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 47.072546][ T49] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.079095][ T49] CR2: 000000c006622000 CR3: 000000010d0cb000 CR4: 00000000003506a0 [ 47.087033][ T49] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.094985][ T49] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.102919][ T49] Call Trace: [ 47.106176][ T49] ? __kasan_check_write+0x14/0x20 [ 47.111257][ T49] __neigh_ifdown+0x3f/0x380 [ 47.115809][ T49] ? find_next_bit+0xc9/0x100 [ 47.120448][ T49] neigh_ifdown+0x1f/0x30 [ 47.124743][ T49] rt6_disable_ip+0x616/0x6a0 [ 47.129384][ T49] ? __kasan_check_write+0x14/0x20 [ 47.134459][ T49] ? _raw_spin_lock+0xe0/0xe0 [ 47.139101][ T49] ? fib6_ifdown+0x4e0/0x4e0 [ 47.143653][ T49] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 47.149077][ T49] ? _raw_spin_lock+0xe0/0xe0 [ 47.153724][ T49] ? __kasan_check_read+0x11/0x20 [ 47.158713][ T49] addrconf_ifdown+0x144/0x1800 [ 47.163527][ T49] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 47.169302][ T49] ? addrconf_cleanup+0x1c0/0x1c0 [ 47.174289][ T49] ? __kasan_check_write+0x14/0x20 [ 47.179364][ T49] ? mutex_lock+0x8c/0xe0 [ 47.183661][ T49] ? mutex_trylock+0xa0/0xa0 [ 47.188214][ T49] ? nf_nat_masq_schedule+0x490/0x490 [ 47.193552][ T49] ? __kasan_check_write+0x14/0x20 [ 47.198644][ T49] addrconf_notify+0x3bd/0xe90 [ 47.203374][ T49] raw_notifier_call_chain+0x90/0x100 [ 47.208709][ T49] dev_close_many+0x330/0x4d0 [ 47.213350][ T49] ? __dev_open+0x4c0/0x4c0 [ 47.217817][ T49] ? slab_free_freelist_hook+0xc5/0x190 [ 47.223327][ T49] ? __kasan_check_read+0x11/0x20 [ 47.228315][ T49] unregister_netdevice_many+0x44c/0x1980 [ 47.233995][ T49] ? alloc_netdev_mqs+0xc80/0xc80 [ 47.238984][ T49] ? unregister_netdevice_queue+0x1aa/0x360 [ 47.244840][ T49] ? list_netdevice+0x4c0/0x4c0 [ 47.249656][ T49] ? br_dev_delete+0xfc/0x110 [ 47.254304][ T49] default_device_exit_batch+0x330/0x390 [ 47.259899][ T49] ? default_device_exit+0x390/0x390 [ 47.265170][ T49] ? wait_woken+0x180/0x180 [ 47.269641][ T49] ? rtnl_unlock+0xe/0x10 [ 47.273933][ T49] ? default_device_exit+0x390/0x390 [ 47.279208][ T49] cleanup_net+0x5fb/0xb70 [ 47.283588][ T49] ? __kasan_check_write+0x14/0x20 [ 47.288670][ T49] ? ops_init+0x4a0/0x4a0 [ 47.292964][ T49] ? read_word_at_a_time+0x12/0x20 [ 47.298039][ T49] ? strscpy+0x9b/0x290 [ 47.302159][ T49] process_one_work+0x6e1/0xba0 [ 47.306977][ T49] worker_thread+0xa6a/0x13b0 [ 47.311621][ T49] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 47.317066][ T49] kthread+0x346/0x3d0 [ 47.321100][ T49] ? worker_clr_flags+0x190/0x190 [ 47.326088][ T49] ? kthread_blkcg+0xd0/0xd0 [ 47.330650][ T49] ret_from_fork+0x1f/0x30 [ 47.335029][ T49] Modules linked in: [ 47.338951][ T491] BUG: unable to handle page fault for address: ffff888119b9f000 [ 47.338967][ T49] ---[ end trace 68a496f5e7ae4b65 ]--- [ 47.346664][ T491] #PF: supervisor write access in kernel mode [ 47.346669][ T491] #PF: error_code(0x0003) - permissions violation [ 47.346673][ T491] PGD 6e01067 P4D 6e01067 PUD 1087e3063 [ 47.352130][ T49] RIP: 0010:neigh_flush_dev+0x114/0x820 [ 47.358314][ T491] PMD 11aec5063 [ 47.364703][ T49] Code: 94 06 00 00 4c 89 f0 48 c1 e8 03 48 89 45 98 49 89 dc 4c 89 75 b0 4d 85 ff 74 6c 49 8d 9c 24 68 01 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 8d 1f 03 fe 4c 39 3b 0f 85 17 06 [ 47.370282][ T491] PTE ffff88811bdf2d00 [ 47.370292][ T491] Oops: 0003 [#2] PREEMPT SMP KASAN [ 47.370306][ T491] CPU: 0 PID: 491 Comm: syz.2.18 Tainted: G B D syzkaller #0 [ 47.375815][ T49] RSP: 0018:ffffc900009e7488 EFLAGS: 00010202 [ 47.379330][ T491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 47.398911][ T49] [ 47.402938][ T491] RIP: 0010:__memmove+0x19c/0x1a0 [ 47.402952][ T491] Code: fa 02 72 16 66 44 8b 1e 66 44 8b 54 16 fe 66 44 89 1f 66 44 89 54 17 fe eb 0c 48 83 fa 01 72 06 44 8a 1e 44 88 1f c3 48 89 d1 a4 c3 00 eb 2e 0f 1f 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 [ 47.408113][ T49] RAX: 000000001ffff3c7 RBX: 00000000ffff9e38 RCX: ffff888101ff4f00 [ 47.416570][ T491] RSP: 0018:ffffc90000c77380 EFLAGS: 00010282 [ 47.416579][ T491] RAX: ffff888118299050 RBX: ffffffffffffffb4 RCX: fffffffffe6fa004 [ 47.416590][ T491] RDX: ffffffffffffffb4 RSI: ffff888119b9f020 RDI: ffff888119b9f000 [ 47.422625][ T49] RDX: 0000000000000000 RSI: 0000000000000015 RDI: 00000000ffffffff [ 47.432670][ T491] RBP: ffffc90000c773b0 R08: ffff888118299004 R09: ffffed1023053280 [ 47.432675][ T491] R10: 0000000000000000 R11: 0000000000000080 R12: 0000000000000000 [ 47.432687][ T491] R13: ffffffff81ddd5a9 R14: ffff888118299070 R15: ffff888118299050 [ 47.434989][ T49] RBP: ffffc900009e7528 R08: 0000000000000015 R09: ffffffff8100435f [ 47.439980][ T491] FS: 00007f408e8ae6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 47.459567][ T49] R10: 0000000000000003 R11: 00000000bc2271e0 R12: 00000000ffff9cd0 [ 47.467491][ T491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.467497][ T491] CR2: ffff888119b9f000 CR3: 0000000117bc7000 CR4: 00000000003506b0 [ 47.467508][ T491] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.473544][ T49] R13: dffffc0000000000 R14: ffff8881182ab000 R15: ffff888113b14000 [ 47.481485][ T491] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.481489][ T491] Call Trace: [ 47.481506][ T491] ? memmove+0x56/0x70 [ 47.489447][ T49] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 47.497390][ T491] ext4_xattr_set_entry+0x1339/0x36c0 [ 47.497407][ T491] ? fscrypt_drop_inode+0xad/0x110 [ 47.505354][ T49] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.513289][ T491] ? ext4_xattr_ibody_set+0x360/0x360 [ 47.513304][ T491] ? slab_post_alloc_hook+0x7d/0x2f0 [ 47.521243][ T49] CR2: 000000c006622000 CR3: 000000010d0cb000 CR4: 00000000003506a0 [ 47.529185][ T491] ? ext4_xattr_block_set+0x847/0x2a50 [ 47.538093][ T49] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.546025][ T491] ? ext4_xattr_block_set+0x847/0x2a50 [ 47.546041][ T491] ? __kmalloc_track_caller+0x181/0x320 [ 47.552597][ T49] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.560532][ T491] ? memcpy+0x56/0x70 [ 47.560546][ T491] ext4_xattr_block_set+0x92f/0x2a50 [ 47.568491][ T49] Kernel panic - not syncing: Fatal exception in interrupt [ 47.576435][ T491] ? __kasan_check_read+0x11/0x20 [ 47.689636][ T491] ? __ext4_xattr_check_block+0x265/0x8e0 [ 47.695330][ T491] ? ext4_xattr_block_find+0x4f0/0x4f0 [ 47.700766][ T491] ? __kasan_check_write+0x14/0x20 [ 47.705853][ T491] ext4_xattr_set_handle+0xba5/0x12a0 [ 47.711202][ T491] ? ext4_xattr_set_entry+0x36c0/0x36c0 [ 47.716723][ T491] ? __kasan_check_read+0x11/0x20 [ 47.721723][ T491] ? __ext4_journal_start_sb+0x2e2/0x490 [ 47.727329][ T491] ext4_xattr_set+0x1ec/0x320 [ 47.731979][ T491] ? ext4_xattr_set_credits+0x290/0x290 [ 47.737503][ T491] ext4_xattr_trusted_set+0x3b/0x50 [ 47.742688][ T491] ? ext4_xattr_trusted_get+0x40/0x40 [ 47.748042][ T491] __vfs_setxattr+0x42a/0x480 [ 47.752704][ T491] __vfs_setxattr_noperm+0x11e/0x4e0 [ 47.757962][ T491] __vfs_setxattr_locked+0x203/0x220 [ 47.763240][ T491] vfs_setxattr+0x8d/0x1c0 [ 47.767632][ T491] setxattr+0x1a9/0x370 [ 47.771762][ T491] ? path_setxattr+0x210/0x210 [ 47.776512][ T491] ? __mnt_want_write+0x1e6/0x260 [ 47.781526][ T491] ? mnt_want_write+0x19d/0x270 [ 47.786368][ T491] path_setxattr+0x110/0x210 [ 47.790945][ T491] ? simple_xattr_list_add+0x120/0x120 [ 47.796384][ T491] ? ____fput+0x15/0x20 [ 47.800528][ T491] __x64_sys_lsetxattr+0xc2/0xe0 [ 47.805461][ T491] do_syscall_64+0x31/0x40 [ 47.809855][ T491] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 47.815722][ T491] RIP: 0033:0x7f408ea3dbe9 [ 47.820114][ T491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.839696][ T491] RSP: 002b:00007f408e8ae038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 47.848101][ T491] RAX: ffffffffffffffda RBX: 00007f408ec64fa0 RCX: 00007f408ea3dbe9 [ 47.856057][ T491] RDX: 0000200000000040 RSI: 0000200000000300 RDI: 0000200000000100 [ 47.864011][ T491] RBP: 00007f408eac0e19 R08: 0000000000000000 R09: 0000000000000000 [ 47.871972][ T491] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000 [ 47.879926][ T491] R13: 00007f408ec65038 R14: 00007f408ec64fa0 R15: 00007ffea67d4188 [ 47.887878][ T491] Modules linked in: [ 47.891753][ T491] CR2: ffff888119b9f000 [ 47.895897][ T491] ---[ end trace 68a496f5e7ae4b66 ]--- [ 47.901365][ T491] RIP: 0010:neigh_flush_dev+0x114/0x820 [ 47.906893][ T491] Code: 94 06 00 00 4c 89 f0 48 c1 e8 03 48 89 45 98 49 89 dc 4c 89 75 b0 4d 85 ff 74 6c 49 8d 9c 24 68 01 00 00 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 8d 1f 03 fe 4c 39 3b 0f 85 17 06 [ 47.926481][ T491] RSP: 0018:ffffc900009e7488 EFLAGS: 00010202 [ 47.932527][ T491] RAX: 000000001ffff3c7 RBX: 00000000ffff9e38 RCX: ffff888101ff4f00 [ 47.940486][ T491] RDX: 0000000000000000 RSI: 0000000000000015 RDI: 00000000ffffffff [ 47.948439][ T491] RBP: ffffc900009e7528 R08: 0000000000000015 R09: ffffffff8100435f [ 47.956390][ T491] R10: 0000000000000003 R11: 00000000bc2271e0 R12: 00000000ffff9cd0 [ 47.964431][ T491] R13: dffffc0000000000 R14: ffff8881182ab000 R15: ffff888113b14000 [ 47.972395][ T491] FS: 00007f408e8ae6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 47.981310][ T491] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.987875][ T491] CR2: ffff888119b9f000 CR3: 0000000117bc7000 CR4: 00000000003506b0 [ 47.995834][ T491] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 48.003782][ T491] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 48.682207][ T49] Shutting down cpus with NMI [ 48.687055][ T49] Kernel Offset: disabled [ 48.691355][ T49] Rebooting in 86400 seconds..