Warning: Permanently added '10.128.0.73' (ED25519) to the list of known hosts.
2026/04/10 03:26:40 parsed 1 programs
[   20.443500][   T24] audit: type=1400 audit(1775791600.549:64): avc:  denied  { node_bind } for  pid=275 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   20.446593][   T24] audit: type=1400 audit(1775791600.549:65): avc:  denied  { create } for  pid=275 comm="syz-execprog" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   20.449836][   T24] audit: type=1400 audit(1775791600.549:66): avc:  denied  { module_request } for  pid=275 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   21.012381][   T24] audit: type=1400 audit(1775791601.119:67): avc:  denied  { mounton } for  pid=281 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   21.013388][  T281] cgroup: Unknown subsys name 'net'
[   21.035030][   T24] audit: type=1400 audit(1775791601.119:68): avc:  denied  { mount } for  pid=281 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.062241][   T24] audit: type=1400 audit(1775791601.159:69): avc:  denied  { unmount } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   21.062413][  T281] cgroup: Unknown subsys name 'devices'
[   21.200700][  T281] cgroup: Unknown subsys name 'hugetlb'
[   21.206288][  T281] cgroup: Unknown subsys name 'rlimit'
[   21.378922][   T24] audit: type=1400 audit(1775791601.479:70): avc:  denied  { setattr } for  pid=281 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   21.402101][   T24] audit: type=1400 audit(1775791601.489:71): avc:  denied  { create } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   21.422739][   T24] audit: type=1400 audit(1775791601.489:72): avc:  denied  { write } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.425685][  T286] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   21.443246][   T24] audit: type=1400 audit(1775791601.489:73): avc:  denied  { read } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   21.473024][  T281] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   21.862509][  T288] request_module fs-gadgetfs succeeded, but still no fs?
[   21.873006][  T288] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[   22.193604][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.200765][  T315] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.208027][  T315] device bridge_slave_0 entered promiscuous mode
[   22.215116][  T315] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.222158][  T315] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.229503][  T315] device bridge_slave_1 entered promiscuous mode
[   22.260773][  T315] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.267792][  T315] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.275065][  T315] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.282087][  T315] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.296686][  T316] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.303915][  T316] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.311236][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   22.318565][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   22.328544][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   22.336797][  T316] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.343810][  T316] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.352260][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   22.360392][  T316] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.367390][  T316] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.378908][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   22.387712][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   22.402251][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   22.413199][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   22.421175][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   22.428461][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   22.436693][  T315] device veth0_vlan entered promiscuous mode
[   22.445805][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   22.454941][  T315] device veth1_macvtap entered promiscuous mode
[   22.463793][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   22.473640][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2026/04/10 03:26:42 executed programs: 0
[   22.885895][  T354] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.893022][  T354] bridge0: port 1(bridge_slave_0) entered disabled state
[   22.900396][  T354] device bridge_slave_0 entered promiscuous mode
[   22.907042][  T354] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.914250][  T354] bridge0: port 2(bridge_slave_1) entered disabled state
[   22.921713][  T354] device bridge_slave_1 entered promiscuous mode
[   22.958048][  T354] bridge0: port 2(bridge_slave_1) entered blocking state
[   22.965096][  T354] bridge0: port 2(bridge_slave_1) entered forwarding state
[   22.972344][  T354] bridge0: port 1(bridge_slave_0) entered blocking state
[   22.979361][  T354] bridge0: port 1(bridge_slave_0) entered forwarding state
[   22.997100][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   23.004893][  T316] bridge0: port 1(bridge_slave_0) entered disabled state
[   23.012742][  T316] bridge0: port 2(bridge_slave_1) entered disabled state
[   23.024629][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   23.032829][  T316] bridge0: port 1(bridge_slave_0) entered blocking state
[   23.039849][  T316] bridge0: port 1(bridge_slave_0) entered forwarding state
[   23.048212][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   23.056542][  T316] bridge0: port 2(bridge_slave_1) entered blocking state
[   23.063570][  T316] bridge0: port 2(bridge_slave_1) entered forwarding state
[   23.078171][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   23.087258][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   23.103083][  T354] device veth0_vlan entered promiscuous mode
[   23.109961][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   23.118325][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   23.126660][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   23.134325][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   23.146764][  T354] device veth1_macvtap entered promiscuous mode
[   23.153705][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   23.165503][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   23.175766][  T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   23.209989][  T381] ======================================================
[   23.209989][  T381] WARNING: the mand mount option is being deprecated and
[   23.209989][  T381]          will be removed in v5.15!
[   23.209989][  T381] ======================================================
[   23.240997][  T381] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[   23.250486][  T381] EXT4-fs (loop2): mounted filesystem without journal. Opts: auto_da_alloc,mblk_io_submit,,errors=continue
[   23.264457][  T381] ==================================================================
[   23.272561][  T381] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x1d79/0x3860
[   23.280339][  T381] Read of size 18446744073709550624 at addr ffff8881262cd7e0 by task syz.2.17/381
[   23.289493][  T381] 
[   23.291804][  T381] CPU: 0 PID: 381 Comm: syz.2.17 Not tainted syzkaller #0
[   23.298877][  T381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   23.308906][  T381] Call Trace:
[   23.312171][  T381]  __dump_stack+0x21/0x24
[   23.316472][  T381]  dump_stack_lvl+0x1a7/0x208
[   23.321123][  T381]  ? show_regs_print_info+0x18/0x18
[   23.326291][  T381]  ? thaw_kernel_threads+0x220/0x220
[   23.331546][  T381]  print_address_description+0x7f/0x2c0
[   23.337061][  T381]  ? ext4_xattr_set_entry+0x1d79/0x3860
[   23.342577][  T381]  kasan_report+0xe2/0x130
[   23.346967][  T381]  ? ext4_xattr_set_entry+0x1d79/0x3860
[   23.352480][  T381]  ? ext4_xattr_set_entry+0x1d79/0x3860
[   23.357993][  T381]  kasan_check_range+0x249/0x2a0
[   23.362898][  T381]  ? ext4_xattr_set_entry+0x1d79/0x3860
[   23.368408][  T381]  memmove+0x2d/0x70
[   23.372274][  T381]  ext4_xattr_set_entry+0x1d79/0x3860
[   23.377616][  T381]  ? ext4_xattr_ibody_set+0x360/0x360
[   23.382962][  T381]  ? kmem_cache_free+0x100/0x2d0
[   23.387880][  T381]  ? __mb_cache_entry_free+0x225/0x340
[   23.393309][  T381]  ? mb_cache_entry_delete_or_get+0x203/0x220
[   23.399345][  T381]  ext4_xattr_block_set+0x4e0/0x2a80
[   23.404599][  T381]  ? __kasan_check_read+0x11/0x20
[   23.409592][  T381]  ? __ext4_xattr_check_block+0x265/0x8e0
[   23.415282][  T381]  ? ext4_xattr_block_find+0x4f0/0x4f0
[   23.420706][  T381]  ext4_xattr_set_handle+0xbc4/0x12b0
[   23.426048][  T381]  ? ext4_xattr_set_entry+0x3860/0x3860
[   23.431563][  T381]  ? __kasan_check_read+0x11/0x20
[   23.436552][  T381]  ? __ext4_journal_start_sb+0x2e2/0x490
[   23.442158][  T381]  ext4_xattr_set+0x1f4/0x310
[   23.446807][  T381]  ? ext4_xattr_set_credits+0x290/0x290
[   23.452323][  T381]  ext4_xattr_trusted_set+0x3b/0x50
[   23.457489][  T381]  ? ext4_xattr_trusted_get+0x40/0x40
[   23.462834][  T381]  __vfs_setxattr+0x42a/0x480
[   23.467485][  T381]  __vfs_setxattr_noperm+0x11e/0x4e0
[   23.472742][  T381]  __vfs_setxattr_locked+0x203/0x220
[   23.477999][  T381]  vfs_setxattr+0x8d/0x1c0
[   23.482385][  T381]  setxattr+0x1df/0x3f0
[   23.486513][  T381]  ? path_setxattr+0x230/0x230
[   23.491252][  T381]  ? __mnt_want_write+0x1e6/0x260
[   23.496245][  T381]  ? mnt_want_write+0x19d/0x270
[   23.501178][  T381]  path_setxattr+0x11f/0x230
[   23.505741][  T381]  ? __kasan_check_write+0x14/0x20
[   23.510828][  T381]  ? simple_xattr_list_add+0x120/0x120
[   23.516257][  T381]  ? ____fput+0x15/0x20
[   23.520385][  T381]  __x64_sys_lsetxattr+0xc2/0xe0
[   23.525293][  T381]  do_syscall_64+0x31/0x40
[   23.529687][  T381]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.535548][  T381] RIP: 0033:0x7f4faa5c9819
[   23.539937][  T381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   23.559533][  T381] RSP: 002b:00007fff81def6b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   23.567918][  T381] RAX: ffffffffffffffda RBX: 00007f4faa842fa0 RCX: 00007f4faa5c9819
[   23.575883][  T381] RDX: 0000200000000500 RSI: 0000200000000300 RDI: 0000200000000040
[   23.583827][  T381] RBP: 00007f4faa65fc91 R08: 0000000000000000 R09: 0000000000000000
[   23.591770][  T381] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000
[   23.599713][  T381] R13: 00007f4faa842fac R14: 00007f4faa842fa0 R15: 00007f4faa842fa0
[   23.607658][  T381] 
[   23.609956][  T381] The buggy address belongs to the page:
[   23.615577][  T381] page:ffffea000498b340 refcount:2 mapcount:0 mapping:ffff88810919a8d0 index:0x1c pfn:0x1262cd
[   23.625870][  T381] aops:def_blk_aops ino:0
[   23.630171][  T381] flags: 0x400000000000203a(referenced|dirty|lru|active|private)
[   23.637895][  T381] raw: 400000000000203a ffffea0004408f08 ffffea000498b308 ffff88810919a8d0
[   23.646452][  T381] raw: 000000000000001c ffff88810d3a0738 00000002ffffffff ffff88810b20e000
[   23.655090][  T381] page dumped because: kasan: bad access detected
[   23.661470][  T381] page->mem_cgroup:ffff88810b20e000
[   23.666633][  T381] page_owner tracks the page as allocated
[   23.672326][  T381] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 381, ts 23262842727, free_ts 23214583105
[   23.689307][  T381]  prep_new_page+0x179/0x180
[   23.693872][  T381]  get_page_from_freelist+0x223b/0x23d0
[   23.699389][  T381]  __alloc_pages_nodemask+0x290/0x620
[   23.704737][  T381]  pagecache_get_page+0x63e/0x930
[   23.709731][  T381]  __getblk_gfp+0x212/0x780
[   23.714209][  T381]  ext4_xattr_block_set+0x1ccc/0x2a80
[   23.719550][  T381]  ext4_xattr_set_handle+0xbc4/0x12b0
[   23.724891][  T381]  ext4_xattr_set+0x1f4/0x310
[   23.729541][  T381]  ext4_xattr_user_set+0xc9/0xf0
[   23.734451][  T381]  __vfs_setxattr+0x42a/0x480
[   23.739100][  T381]  __vfs_setxattr_noperm+0x11e/0x4e0
[   23.744357][  T381]  __vfs_setxattr_locked+0x203/0x220
[   23.749612][  T381]  vfs_setxattr+0x8d/0x1c0
[   23.753996][  T381]  setxattr+0x1df/0x3f0
[   23.758120][  T381]  path_setxattr+0x11f/0x230
[   23.762689][  T381]  __x64_sys_setxattr+0xc5/0xe0
[   23.767511][  T381] page last free stack trace:
[   23.772160][  T381]  free_unref_page_prepare+0x2b7/0x2d0
[   23.777589][  T381]  free_unref_page_list+0x129/0x9c0
[   23.782755][  T381]  release_pages+0xe52/0xea0
[   23.787317][  T381]  free_pages_and_swap_cache+0x86/0xa0
[   23.792831][  T381]  tlb_finish_mmu+0x17e/0x310
[   23.797477][  T381]  unmap_region+0x355/0x3c0
[   23.801948][  T381]  __do_munmap+0x63c/0x850
[   23.806333][  T381]  __se_sys_munmap+0x130/0x1c0
[   23.811070][  T381]  __x64_sys_munmap+0x5b/0x70
[   23.815717][  T381]  do_syscall_64+0x31/0x40
[   23.820104][  T381]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.825964][  T381] 
[   23.828260][  T381] Memory state around the buggy address:
[   23.833861][  T381]  ffff8881262cd680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.841898][  T381]  ffff8881262cd700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.849947][  T381] >ffff8881262cd780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.857977][  T381]                                                        ^
[   23.865139][  T381]  ffff8881262cd800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.873257][  T381]  ffff8881262cd880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   23.881414][  T381] ==================================================================
[   23.889455][  T381] Disabling lock debugging due to kernel taint