Warning: Permanently added '10.128.1.55' (ED25519) to the list of known hosts.
2026/01/23 14:00:19 parsed 1 programs
[   31.850281][   T30] audit: type=1400 audit(1769176819.345:64): avc:  denied  { node_bind } for  pid=281 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   31.853650][   T30] audit: type=1400 audit(1769176819.345:65): avc:  denied  { module_request } for  pid=281 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   32.450804][   T30] audit: type=1400 audit(1769176819.945:66): avc:  denied  { mounton } for  pid=288 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   32.451860][  T288] cgroup: Unknown subsys name 'net'
[   32.473455][   T30] audit: type=1400 audit(1769176819.945:67): avc:  denied  { mount } for  pid=288 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   32.500807][   T30] audit: type=1400 audit(1769176819.975:68): avc:  denied  { unmount } for  pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   32.501116][  T288] cgroup: Unknown subsys name 'devices'
[   32.644303][  T288] cgroup: Unknown subsys name 'hugetlb'
[   32.649919][  T288] cgroup: Unknown subsys name 'rlimit'
[   32.823070][   T30] audit: type=1400 audit(1769176820.325:69): avc:  denied  { setattr } for  pid=288 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   32.846239][   T30] audit: type=1400 audit(1769176820.325:70): avc:  denied  { create } for  pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   32.866586][   T30] audit: type=1400 audit(1769176820.325:71): avc:  denied  { write } for  pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   32.872268][  T291] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   32.886843][   T30] audit: type=1400 audit(1769176820.325:72): avc:  denied  { read } for  pid=288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   32.915569][   T30] audit: type=1400 audit(1769176820.325:73): avc:  denied  { mounton } for  pid=288 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   32.934015][  T288] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   33.344852][  T294] request_module fs-gadgetfs succeeded, but still no fs?
[   33.445428][  T299] syz-executor (299) used greatest stack depth: 21056 bytes left
[   33.454582][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.461606][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.469043][  T304] device bridge_slave_0 entered promiscuous mode
[   33.475943][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.482976][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.490229][  T304] device bridge_slave_1 entered promiscuous mode
[   33.527119][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.534191][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.541425][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.548447][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.564062][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   33.571593][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.578770][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.588805][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   33.597078][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.604100][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.613374][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   33.621556][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.628605][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.639659][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   33.649440][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   33.661543][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   33.672932][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   33.680862][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   33.688381][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   33.697112][  T304] device veth0_vlan entered promiscuous mode
[   33.706357][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   33.715191][  T304] device veth1_macvtap entered promiscuous mode
[   33.725216][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   33.734627][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   34.332056][    T8] device bridge_slave_1 left promiscuous mode
[   34.338353][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.346204][    T8] device bridge_slave_0 left promiscuous mode
[   34.352369][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.369850][    T8] device veth1_macvtap left promiscuous mode
[   34.375925][    T8] device veth0_vlan left promiscuous mode
2026/01/23 14:00:21 executed programs: 0
[   34.460698][  T362] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.467767][  T362] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.475198][  T362] device bridge_slave_0 entered promiscuous mode
[   34.482100][  T362] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.489228][  T362] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.496546][  T362] device bridge_slave_1 entered promiscuous mode
[   34.532671][  T362] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.539696][  T362] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.546948][  T362] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.553975][  T362] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.570409][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   34.577931][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.585225][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.594349][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   34.602734][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.609748][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.618235][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   34.626535][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.633576][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.645094][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   34.654567][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   34.669532][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   34.681689][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   34.689861][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   34.697618][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   34.705747][  T362] device veth0_vlan entered promiscuous mode
[   34.716337][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   34.725541][  T362] device veth1_macvtap entered promiscuous mode
[   34.734248][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   34.744326][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   34.768890][  T373] loop2: detected capacity change from 0 to 1024
[   34.793608][  T373] =======================================================
[   34.793608][  T373] WARNING: The mand mount option has been deprecated and
[   34.793608][  T373]          and is ignored by this kernel. Remove the mand
[   34.793608][  T373]          option from the mount to silence this warning.
[   34.793608][  T373] =======================================================
[   34.873759][  T373] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,journal_dev=0x00000000000000ff,nombcache,nobarrier,init_itable,errors=remount-ro,. Quota mode: none.
[   34.894005][  T373] ==================================================================
[   34.902085][  T373] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x1e04/0x3940
[   34.909889][  T373] Read of size 18446744073709551460 at addr ffff88812d45f49c by task syz.2.17/373
[   34.919176][  T373] 
[   34.921492][  T373] CPU: 1 PID: 373 Comm: syz.2.17 Not tainted syzkaller #0
[   34.928684][  T373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   34.938730][  T373] Call Trace:
[   34.942083][  T373]  <TASK>
[   34.945090][  T373]  __dump_stack+0x21/0x30
[   34.949414][  T373]  dump_stack_lvl+0x110/0x170
[   34.954076][  T373]  ? show_regs_print_info+0x20/0x20
[   34.959342][  T373]  ? load_image+0x3e0/0x3e0
[   34.963823][  T373]  print_address_description+0x7f/0x2c0
[   34.969344][  T373]  ? ext4_xattr_set_entry+0x1e04/0x3940
[   34.974866][  T373]  kasan_report+0xf1/0x140
[   34.979258][  T373]  ? ext4_xattr_set_entry+0x1e04/0x3940
[   34.984777][  T373]  ? ext4_xattr_set_entry+0x1e04/0x3940
[   34.990299][  T373]  kasan_check_range+0x249/0x2a0
[   34.995223][  T373]  ? ext4_xattr_set_entry+0x1e04/0x3940
[   35.000741][  T373]  memmove+0x2d/0x70
[   35.004613][  T373]  ext4_xattr_set_entry+0x1e04/0x3940
[   35.009966][  T373]  ? ext4_xattr_ibody_set+0x360/0x360
[   35.015312][  T373]  ? errseq_check+0x41/0x80
[   35.019788][  T373]  ? __ext4_journal_get_write_access+0x2d7/0x6d0
[   35.026091][  T373]  ? __ext4_journal_ensure_credits+0x430/0x430
[   35.032222][  T373]  ext4_xattr_block_set+0x4f8/0x2d10
[   35.037483][  T373]  ? __kasan_check_read+0x11/0x20
[   35.042482][  T373]  ? __ext4_xattr_check_block+0x265/0x8e0
[   35.048175][  T373]  ? ext4_xattr_block_find+0x4f0/0x4f0
[   35.053609][  T373]  ext4_xattr_set_handle+0xbc4/0x12b0
[   35.058955][  T373]  ? ext4_xattr_set_entry+0x3940/0x3940
[   35.064473][  T373]  ? ext4_xattr_set+0x20c/0x320
[   35.069295][  T373]  ? __ext4_journal_start_sb+0x154/0x2b0
[   35.074902][  T373]  ext4_xattr_set+0x242/0x320
[   35.079552][  T373]  ? ext4_xattr_set_credits+0x290/0x290
[   35.085068][  T373]  ? selinux_inode_setxattr+0x5d9/0xc00
[   35.090587][  T373]  ext4_xattr_trusted_set+0x3c/0x50
[   35.095757][  T373]  ? ext4_xattr_trusted_get+0x40/0x40
[   35.101114][  T373]  __vfs_setxattr+0x3e1/0x430
[   35.105770][  T373]  __vfs_setxattr_noperm+0x12a/0x5e0
[   35.111039][  T373]  __vfs_setxattr_locked+0x212/0x230
[   35.116296][  T373]  vfs_setxattr+0x167/0x2e0
[   35.120778][  T373]  ? xattr_permission+0x550/0x550
[   35.125780][  T373]  ? _copy_from_user+0x95/0xd0
[   35.130516][  T373]  setxattr+0x36c/0x390
[   35.134643][  T373]  ? path_setxattr+0x290/0x290
[   35.139380][  T373]  ? debug_smp_processor_id+0x17/0x20
[   35.144731][  T373]  ? __mnt_want_write+0x1e6/0x260
[   35.149730][  T373]  ? mnt_want_write+0x20b/0x2e0
[   35.154548][  T373]  path_setxattr+0x147/0x290
[   35.159110][  T373]  ? simple_xattr_list_add+0x120/0x120
[   35.164544][  T373]  __x64_sys_lsetxattr+0xc2/0xe0
[   35.169457][  T373]  x64_sys_call+0x8cc/0x9a0
[   35.173939][  T373]  do_syscall_64+0x4c/0xa0
[   35.178338][  T373]  ? clear_bhb_loop+0x50/0xa0
[   35.182987][  T373]  ? clear_bhb_loop+0x50/0xa0
[   35.187638][  T373]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   35.193519][  T373] RIP: 0033:0x7f855a84bcb9
[   35.197913][  T373] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   35.217494][  T373] RSP: 002b:00007ffd2ad8d1d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   35.225895][  T373] RAX: ffffffffffffffda RBX: 00007f855aac6fa0 RCX: 00007f855a84bcb9
[   35.233851][  T373] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000200000000280
[   35.241889][  T373] RBP: 00007f855a8b9bf7 R08: 0000000000000000 R09: 0000000000000000
[   35.249840][  T373] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000
[   35.257788][  T373] R13: 00007f855aac6fac R14: 00007f855aac6fa0 R15: 00007f855aac6fa0
[   35.265739][  T373]  </TASK>
[   35.268734][  T373] 
[   35.271032][  T373] The buggy address belongs to the page:
[   35.276639][  T373] page:ffffea0004b517c0 refcount:2 mapcount:0 mapping:ffff8881092c7a18 index:0x1c pfn:0x12d45f
[   35.286936][  T373] memcg:ffff888100255640
[   35.291154][  T373] aops:def_blk_aops ino:700002
[   35.295891][  T373] flags: 0x400000000000203a(referenced|dirty|lru|active|private|zone=1)
[   35.304281][  T373] raw: 400000000000203a ffffea0004909148 ffffea00045f1948 ffff8881092c7a18
[   35.312846][  T373] raw: 000000000000001c ffff888120ec3498 00000002ffffffff ffff888100255640
[   35.321404][  T373] page dumped because: kasan: bad access detected
[   35.327792][  T373] page_owner tracks the page as allocated
[   35.333481][  T373] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 373, ts 34891918630, free_ts 0
[   35.349713][  T373]  post_alloc_hook+0x192/0x1b0
[   35.354469][  T373]  prep_new_page+0x1c/0x110
[   35.359106][  T373]  get_page_from_freelist+0x2d3a/0x2dc0
[   35.364633][  T373]  __alloc_pages+0x1a2/0x460
[   35.369212][  T373]  pagecache_get_page+0xac6/0xde0
[   35.374268][  T373]  __getblk_gfp+0x238/0x7d0
[   35.378775][  T373]  ext4_xattr_block_set+0x1d7c/0x2d10
[   35.384132][  T373]  ext4_xattr_set_handle+0xbc4/0x12b0
[   35.389479][  T373]  ext4_xattr_set+0x242/0x320
[   35.394137][  T373]  ext4_xattr_trusted_set+0x3c/0x50
[   35.399319][  T373]  __vfs_setxattr+0x3e1/0x430
[   35.403983][  T373]  __vfs_setxattr_noperm+0x12a/0x5e0
[   35.409241][  T373]  __vfs_setxattr_locked+0x212/0x230
[   35.414507][  T373]  vfs_setxattr+0x167/0x2e0
[   35.418985][  T373]  setxattr+0x36c/0x390
[   35.423111][  T373]  path_setxattr+0x147/0x290
[   35.427676][  T373] page_owner free stack trace missing
[   35.433100][  T373] 
[   35.435399][  T373] Memory state around the buggy address:
[   35.441185][  T373]  ffff88812d45f380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.449237][  T373]  ffff88812d45f400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.457367][  T373] >ffff88812d45f480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.465401][  T373]                             ^
[   35.470226][  T373]  ffff88812d45f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.478264][  T373]  ffff88812d45f580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   35.486390][  T373] ==================================================================
[   35.494507][  T373] Disabling lock debugging due to kernel taint