Warning: Permanently added '10.128.0.37' (ED25519) to the list of known hosts.
2026/02/08 17:16:52 parsed 1 programs
[   27.489622][   T24] audit: type=1400 audit(1770571012.040:64): avc:  denied  { node_bind } for  pid=275 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   27.511670][   T24] audit: type=1400 audit(1770571012.040:65): avc:  denied  { create } for  pid=275 comm="syz-execprog" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   27.532519][   T24] audit: type=1400 audit(1770571012.040:66): avc:  denied  { module_request } for  pid=275 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   28.439887][   T24] audit: type=1400 audit(1770571012.990:67): avc:  denied  { mounton } for  pid=281 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   28.443429][  T281] cgroup: Unknown subsys name 'net'
[   28.462979][   T24] audit: type=1400 audit(1770571012.990:68): avc:  denied  { mount } for  pid=281 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   28.490273][   T24] audit: type=1400 audit(1770571013.020:69): avc:  denied  { unmount } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   28.490881][  T281] cgroup: Unknown subsys name 'devices'
[   28.638286][  T281] cgroup: Unknown subsys name 'hugetlb'
[   28.644033][  T281] cgroup: Unknown subsys name 'rlimit'
[   28.853299][   T24] audit: type=1400 audit(1770571013.400:70): avc:  denied  { setattr } for  pid=281 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   28.877809][   T24] audit: type=1400 audit(1770571013.400:71): avc:  denied  { create } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   28.895897][  T286] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   28.899334][   T24] audit: type=1400 audit(1770571013.400:72): avc:  denied  { write } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   28.928364][   T24] audit: type=1400 audit(1770571013.400:73): avc:  denied  { read } for  pid=281 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   29.057111][  T281] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   29.511149][  T292] request_module fs-gadgetfs succeeded, but still no fs?
[   29.521635][  T292] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation
[   29.810085][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.817473][  T313] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.824858][  T313] device bridge_slave_0 entered promiscuous mode
[   29.832641][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.839713][  T313] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.847210][  T313] device bridge_slave_1 entered promiscuous mode
[   29.886008][  T313] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.893093][  T313] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.900593][  T313] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.907679][  T313] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.926562][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.933935][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.941259][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   29.949113][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   29.958733][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.967060][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.974427][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.983630][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   29.992007][  T314] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.999236][  T314] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.011967][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   30.021412][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   30.037428][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   30.050620][  T313] device veth0_vlan entered promiscuous mode
[   30.057672][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   30.066132][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   30.074256][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   30.085874][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   30.095355][  T313] device veth1_macvtap entered promiscuous mode
[   30.105477][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   30.116439][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2026/02/08 17:16:55 executed programs: 0
[   30.770149][  T353] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.777290][  T353] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.784629][  T353] device bridge_slave_0 entered promiscuous mode
[   30.792040][  T353] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.799097][  T353] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.807869][  T353] device bridge_slave_1 entered promiscuous mode
[   30.870831][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   30.878907][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.891120][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.899750][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.908096][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.915498][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.922916][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.932039][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.940438][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.947542][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.955847][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   30.967952][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   30.977766][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   30.991479][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   31.003686][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   31.011943][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   31.020004][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   31.028512][  T353] device veth0_vlan entered promiscuous mode
[   31.038859][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   31.048286][  T353] device veth1_macvtap entered promiscuous mode
[   31.058387][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   31.068583][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   31.127813][  T379] ======================================================
[   31.127813][  T379] WARNING: the mand mount option is being deprecated and
[   31.127813][  T379]          will be removed in v5.15!
[   31.127813][  T379] ======================================================
[   31.187743][  T379] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,journal_dev=0x00000000000000ff,nombcache,nobarrier,init_itable,errors=remount-ro,
[   31.213143][  T379] ==================================================================
[   31.221560][  T379] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x1d79/0x3860
[   31.229361][  T379] Read of size 18446744073709551460 at addr ffff8881271ce49c by task syz.2.17/379
[   31.238628][  T379] 
[   31.240975][  T379] CPU: 0 PID: 379 Comm: syz.2.17 Not tainted syzkaller #0
[   31.248196][  T379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   31.258640][  T379] Call Trace:
[   31.262249][  T379]  __dump_stack+0x21/0x24
[   31.266719][  T379]  dump_stack_lvl+0x1a7/0x208
[   31.271589][  T379]  ? show_regs_print_info+0x18/0x18
[   31.276878][  T379]  ? thaw_kernel_threads+0x220/0x220
[   31.282164][  T379]  print_address_description+0x7f/0x2c0
[   31.287740][  T379]  ? ext4_xattr_set_entry+0x1d79/0x3860
[   31.293308][  T379]  kasan_report+0xe2/0x130
[   31.297727][  T379]  ? ext4_xattr_set_entry+0x1d79/0x3860
[   31.303287][  T379]  ? ext4_xattr_set_entry+0x1d79/0x3860
[   31.308836][  T379]  kasan_check_range+0x249/0x2a0
[   31.314099][  T379]  ? ext4_xattr_set_entry+0x1d79/0x3860
[   31.319675][  T379]  memmove+0x2d/0x70
[   31.323566][  T379]  ext4_xattr_set_entry+0x1d79/0x3860
[   31.328933][  T379]  ? ext4_xattr_ibody_set+0x360/0x360
[   31.334464][  T379]  ? __ext4_journal_get_write_access+0x21b/0x4a0
[   31.340793][  T379]  ext4_xattr_block_set+0x4e0/0x2a80
[   31.346076][  T379]  ? __kasan_check_read+0x11/0x20
[   31.351107][  T379]  ? __ext4_xattr_check_block+0x265/0x8e0
[   31.356825][  T379]  ? ext4_xattr_block_find+0x4f0/0x4f0
[   31.362288][  T379]  ext4_xattr_set_handle+0xbc4/0x12b0
[   31.367686][  T379]  ? ext4_xattr_set_entry+0x3860/0x3860
[   31.373230][  T379]  ? __kasan_check_read+0x11/0x20
[   31.378249][  T379]  ? __ext4_journal_start_sb+0x2e2/0x490
[   31.384030][  T379]  ext4_xattr_set+0x1f4/0x310
[   31.388712][  T379]  ? ext4_xattr_set_credits+0x290/0x290
[   31.394394][  T379]  ext4_xattr_trusted_set+0x3b/0x50
[   31.399814][  T379]  ? ext4_xattr_trusted_get+0x40/0x40
[   31.405196][  T379]  __vfs_setxattr+0x42a/0x480
[   31.410075][  T379]  __vfs_setxattr_noperm+0x11e/0x4e0
[   31.415376][  T379]  __vfs_setxattr_locked+0x203/0x220
[   31.420667][  T379]  vfs_setxattr+0x8d/0x1c0
[   31.425090][  T379]  setxattr+0x1df/0x3f0
[   31.429337][  T379]  ? path_setxattr+0x230/0x230
[   31.434202][  T379]  ? __mnt_want_write+0x1e6/0x260
[   31.439296][  T379]  ? mnt_want_write+0x19d/0x270
[   31.444470][  T379]  path_setxattr+0x11f/0x230
[   31.449171][  T379]  ? __kasan_check_write+0x14/0x20
[   31.454290][  T379]  ? simple_xattr_list_add+0x120/0x120
[   31.459759][  T379]  ? ____fput+0x15/0x20
[   31.463916][  T379]  __x64_sys_lsetxattr+0xc2/0xe0
[   31.468856][  T379]  do_syscall_64+0x31/0x40
[   31.473277][  T379]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.479182][  T379] RIP: 0033:0x7fa175961eb9
[   31.483599][  T379] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   31.503324][  T379] RSP: 002b:00007ffc2ceef9f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   31.511749][  T379] RAX: ffffffffffffffda RBX: 00007fa175bdcfa0 RCX: 00007fa175961eb9
[   31.519898][  T379] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000200000000280
[   31.527994][  T379] RBP: 00007fa1759cfc1f R08: 0000000000000000 R09: 0000000000000000
[   31.535976][  T379] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000
[   31.544047][  T379] R13: 00007fa175bdcfac R14: 00007fa175bdcfa0 R15: 00007fa175bdcfa0
[   31.552328][  T379] 
[   31.554782][  T379] The buggy address belongs to the page:
[   31.560452][  T379] page:ffffea00049c7380 refcount:2 mapcount:0 mapping:ffff88810919b9d0 index:0x1c pfn:0x1271ce
[   31.570798][  T379] aops:def_blk_aops ino:0
[   31.575138][  T379] flags: 0x400000000000203a(referenced|dirty|lru|active|private)
[   31.582873][  T379] raw: 400000000000203a ffffea00043da408 ffffea00049c7308 ffff88810919b9d0
[   31.591899][  T379] raw: 000000000000001c ffff88811c7845e8 00000002ffffffff ffff88812a83e000
[   31.600581][  T379] page dumped because: kasan: bad access detected
[   31.607234][  T379] page->mem_cgroup:ffff88812a83e000
[   31.612823][  T379] page_owner tracks the page as allocated
[   31.618576][  T379] page last allocated via order 0, migratetype Movable, gfp_mask 0x108c48(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), pid 379, ts 31211627116, free_ts 31186516782
[   31.636053][  T379]  prep_new_page+0x179/0x180
[   31.640839][  T379]  get_page_from_freelist+0x223b/0x23d0
[   31.646399][  T379]  __alloc_pages_nodemask+0x290/0x620
[   31.651882][  T379]  pagecache_get_page+0x63e/0x930
[   31.656912][  T379]  __getblk_gfp+0x212/0x780
[   31.661423][  T379]  ext4_xattr_block_set+0x1ccc/0x2a80
[   31.667154][  T379]  ext4_xattr_set_handle+0xbc4/0x12b0
[   31.672545][  T379]  ext4_xattr_set+0x1f4/0x310
[   31.677422][  T379]  ext4_xattr_trusted_set+0x3b/0x50
[   31.682650][  T379]  __vfs_setxattr+0x42a/0x480
[   31.687341][  T379]  __vfs_setxattr_noperm+0x11e/0x4e0
[   31.692649][  T379]  __vfs_setxattr_locked+0x203/0x220
[   31.697979][  T379]  vfs_setxattr+0x8d/0x1c0
[   31.702418][  T379]  setxattr+0x1df/0x3f0
[   31.706677][  T379]  path_setxattr+0x11f/0x230
[   31.711457][  T379]  __x64_sys_lsetxattr+0xc2/0xe0
[   31.716586][  T379] page last free stack trace:
[   31.721282][  T379]  free_unref_page_prepare+0x2b7/0x2d0
[   31.726751][  T379]  free_unref_page_list+0x129/0x9c0
[   31.731964][  T379]  release_pages+0xe52/0xea0
[   31.736603][  T379]  __pagevec_release+0x71/0xe0
[   31.741484][  T379]  shmem_undo_range+0x74a/0x1810
[   31.746623][  T379]  shmem_evict_inode+0x210/0xa00
[   31.752131][  T379]  evict+0x4ae/0x930
[   31.756148][  T379]  iput+0x638/0x7c0
[   31.759976][  T379]  dentry_unlink_inode+0x2cf/0x380
[   31.765102][  T379]  __dentry_kill+0x44f/0x650
[   31.769831][  T379]  dentry_kill+0xc0/0x2a0
[   31.774253][  T379]  dput+0x42/0x80
[   31.778020][  T379]  do_renameat2+0x7bd/0xe50
[   31.782643][  T379]  __x64_sys_rename+0x86/0x90
[   31.787326][  T379]  do_syscall_64+0x31/0x40
[   31.791758][  T379]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.797651][  T379] 
[   31.799994][  T379] Memory state around the buggy address:
[   31.805639][  T379]  ffff8881271ce380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.813818][  T379]  ffff8881271ce400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.821894][  T379] >ffff8881271ce480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.830347][  T379]                             ^
[   31.835362][  T379]  ffff8881271ce500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.843555][  T379]  ffff8881271ce580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   31.851847][  T379] ==================================================================
[   31.860017][  T379] Disabling lock debugging due to kernel taint