Warning: Permanently added '10.128.0.35' (ED25519) to the list of known hosts.
2026/01/28 15:19:08 parsed 1 programs
Setting up swapspace version 1, size = 127995904 bytes
[   46.476415][   T30] audit: type=1400 audit(1769613549.344:105): avc:  denied  { unlink } for  pid=399 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   46.511240][  T399] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   46.919801][  T404] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.926907][  T404] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.934522][  T404] device bridge_slave_0 entered promiscuous mode
[   46.941894][  T404] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.949652][  T404] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.957229][  T404] device bridge_slave_1 entered promiscuous mode
[   47.011004][  T404] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.018340][  T404] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.025881][  T404] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.033046][  T404] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.049217][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.056555][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.063910][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   47.071434][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   47.080597][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   47.089521][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.097006][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.106279][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   47.114478][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.121700][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.132987][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   47.142731][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   47.155056][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   47.165923][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   47.174006][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   47.181975][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   47.190543][  T404] device veth0_vlan entered promiscuous mode
[   47.200143][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   47.209040][  T404] device veth1_macvtap entered promiscuous mode
[   47.218109][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   47.227645][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   47.684149][   T45] device bridge_slave_1 left promiscuous mode
[   47.690341][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.698418][   T45] device bridge_slave_0 left promiscuous mode
[   47.704622][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.712647][   T45] device veth1_macvtap left promiscuous mode
[   47.719118][   T45] device veth0_vlan left promiscuous mode
[   47.881836][   T30] audit: type=1401 audit(1769613550.744:106): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
2026/01/28 15:19:10 executed programs: 0
[   48.100796][  T470] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.108297][  T470] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.116269][  T470] device bridge_slave_0 entered promiscuous mode
[   48.123083][  T470] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.130298][  T470] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.137598][  T470] device bridge_slave_1 entered promiscuous mode
[   48.179586][  T470] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.186670][  T470] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.193905][  T470] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.201033][  T470] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.223436][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   48.231050][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.238414][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.257866][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   48.266123][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.273391][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   48.283104][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   48.292604][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.300091][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   48.319950][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   48.329141][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   48.341859][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   48.362150][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   48.370664][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   48.378348][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   48.387031][  T470] device veth0_vlan entered promiscuous mode
[   48.406287][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   48.415808][  T470] device veth1_macvtap entered promiscuous mode
[   48.424354][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   48.434767][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   48.467358][   T30] audit: type=1400 audit(1769613551.334:107): avc:  denied  { prog_load } for  pid=480 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   48.486845][   T30] audit: type=1400 audit(1769613551.354:108): avc:  denied  { bpf } for  pid=480 comm="syz.2.17" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   48.525738][   T30] audit: type=1400 audit(1769613551.394:109): avc:  denied  { setopt } for  pid=480 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   48.612523][   T30] audit: type=1400 audit(1769613551.474:110): avc:  denied  { perfmon } for  pid=480 comm="syz.2.17" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   48.633462][   T30] audit: type=1400 audit(1769613551.504:111): avc:  denied  { prog_run } for  pid=480 comm="syz.2.17" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   48.660023][  T484] ==================================================================
[   48.668214][  T484] BUG: KASAN: slab-out-of-bounds in l2cap_sock_setsockopt+0x1a1f/0x1df0
[   48.676550][  T484] Read of size 4 at addr ffff88810ca7993b by task syz.2.18/484
[   48.684080][  T484] 
[   48.686395][  T484] CPU: 0 PID: 484 Comm: syz.2.18 Not tainted syzkaller #0
[   48.693519][  T484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   48.703565][  T484] Call Trace:
[   48.706831][  T484]  <TASK>
[   48.709856][  T484]  __dump_stack+0x21/0x30
[   48.714260][  T484]  dump_stack_lvl+0x110/0x170
[   48.719091][  T484]  ? show_regs_print_info+0x20/0x20
[   48.724355][  T484]  ? load_image+0x3e0/0x3e0
[   48.729043][  T484]  ? lock_sock_nested+0x21c/0x2a0
[   48.734051][  T484]  print_address_description+0x7f/0x2c0
[   48.739579][  T484]  ? l2cap_sock_setsockopt+0x1a1f/0x1df0
[   48.745209][  T484]  kasan_report+0xf1/0x140
[   48.749882][  T484]  ? memcpy+0x56/0x70
[   48.754046][  T484]  ? l2cap_sock_setsockopt+0x1a1f/0x1df0
[   48.759850][  T484]  __asan_report_load_n_noabort+0xf/0x20
[   48.765493][  T484]  l2cap_sock_setsockopt+0x1a1f/0x1df0
[   48.771268][  T484]  ? selinux_socket_setsockopt+0x282/0x360
[   48.777107][  T484]  ? __cgroup_bpf_run_filter_sysctl+0x760/0x760
[   48.783519][  T484]  ? l2cap_sock_shutdown+0xba0/0xba0
[   48.788790][  T484]  ? __fget_files+0x2c4/0x320
[   48.793461][  T484]  ? security_socket_setsockopt+0x82/0xa0
[   48.799319][  T484]  ? l2cap_sock_shutdown+0xba0/0xba0
[   48.804795][  T484]  __sys_setsockopt+0x2e9/0x470
[   48.809739][  T484]  ? __ia32_sys_recv+0xb0/0xb0
[   48.814504][  T484]  ? __kasan_check_write+0x14/0x20
[   48.820116][  T484]  __x64_sys_setsockopt+0xbf/0xd0
[   48.825326][  T484]  x64_sys_call+0x982/0x9a0
[   48.829823][  T484]  do_syscall_64+0x4c/0xa0
[   48.834233][  T484]  ? clear_bhb_loop+0x50/0xa0
[   48.838901][  T484]  ? clear_bhb_loop+0x50/0xa0
[   48.843650][  T484]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   48.849524][  T484] RIP: 0033:0x7f4402195ef9
[   48.853922][  T484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   48.874817][  T484] RSP: 002b:00007f4401ffa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   48.883224][  T484] RAX: ffffffffffffffda RBX: 00007f4402400fa0 RCX: 00007f4402195ef9
[   48.891267][  T484] RDX: 0000000000000008 RSI: 0000000000000112 RDI: 0000000000000004
[   48.899228][  T484] RBP: 00007f440222aee0 R08: 0000000000000001 R09: 0000000000000000
[   48.907542][  T484] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000000
[   48.915506][  T484] R13: 00007f4402401038 R14: 00007f4402400fa0 R15: 00007ffc28b953f8
[   48.923577][  T484]  </TASK>
[   48.926727][  T484] 
[   48.929045][  T484] Allocated by task 484:
[   48.933368][  T484]  __kasan_kmalloc+0xda/0x110
[   48.938508][  T484]  __kmalloc+0x13d/0x2c0
[   48.943136][  T484]  __cgroup_bpf_run_filter_setsockopt+0x8e7/0xaa0
[   48.949597][  T484]  __sys_setsockopt+0x40e/0x470
[   48.954628][  T484]  __x64_sys_setsockopt+0xbf/0xd0
[   48.959660][  T484]  x64_sys_call+0x982/0x9a0
[   48.964152][  T484]  do_syscall_64+0x4c/0xa0
[   48.968564][  T484]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   48.974631][  T484] 
[   48.976938][  T484] The buggy address belongs to the object at ffff88810ca79938
[   48.976938][  T484]  which belongs to the cache kmalloc-8 of size 8
[   48.990812][  T484] The buggy address is located 3 bytes inside of
[   48.990812][  T484]  8-byte region [ffff88810ca79938, ffff88810ca79940)
[   49.004084][  T484] The buggy address belongs to the page:
[   49.009726][  T484] page:ffffea0004329e40 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10ca79
[   49.020199][  T484] flags: 0x4000000000000200(slab|zone=1)
[   49.026010][  T484] raw: 4000000000000200 ffffea0004329c00 0000000300000003 ffff888100042300
[   49.034662][  T484] raw: 0000000000000000 0000000080660066 00000001ffffffff 0000000000000000
[   49.043568][  T484] page dumped because: kasan: bad access detected
[   49.049957][  T484] page_owner tracks the page as allocated
[   49.055671][  T484] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY), pid 1, ts 3927090038, free_ts 0
[   49.070913][  T484]  post_alloc_hook+0x192/0x1b0
[   49.075692][  T484]  prep_new_page+0x1c/0x110
[   49.080370][  T484]  get_page_from_freelist+0x2d3a/0x2dc0
[   49.086060][  T484]  __alloc_pages+0x1a2/0x460
[   49.090645][  T484]  new_slab+0xa1/0x4d0
[   49.094785][  T484]  ___slab_alloc+0x381/0x810
[   49.099443][  T484]  __slab_alloc+0x49/0x90
[   49.104029][  T484]  __kmalloc_track_caller+0x169/0x2c0
[   49.109406][  T484]  kstrdup+0x36/0x70
[   49.113298][  T484]  get_permissions_callback+0x46/0xa0
[   49.118849][  T484]  hashtab_map+0xf4/0x1f0
[   49.123176][  T484]  security_get_permissions+0x105/0x330
[   49.128796][  T484]  sel_make_policy_nodes+0xd95/0x1360
[   49.134152][  T484]  sel_write_load+0x3dc/0x600
[   49.138806][  T484]  vfs_write+0x3f9/0xfd0
[   49.143026][  T484]  ksys_write+0x149/0x250
[   49.147332][  T484] page_owner free stack trace missing
[   49.152850][  T484] 
[   49.155436][  T484] Memory state around the buggy address:
[   49.161391][  T484]  ffff88810ca79800: fc fc fc fc fa fc fc fc fc fa fc fc fc fc 04 fc
[   49.169918][  T484]  ffff88810ca79880: fc fc fc 05 fc fc fc fc fa fc fc fc fc 05 fc fc
[   49.178077][  T484] >ffff88810ca79900: fc fc fa fc fc fc fc 01 fc fc fc fc 05 fc fc fc
[   49.186122][  T484]                                         ^
[   49.192001][  T484]  ffff88810ca79980: fc 00 fc fc fc fc fa fc fc fc fc 05 fc fc fc fc
[   49.200042][  T484]  ffff88810ca79a00: 05 fc fc fc fc 05 fc fc fc fc fa fc fc fc fc fa
[   49.208351][  T484] ==================================================================
[   49.217005][  T484] Disabling lock debugging due to kernel taint
[   49.232463][   T30] audit: type=1400 audit(1769613552.094:112): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   49.258910][   T30] audit: type=1400 audit(1769613552.094:113): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   49.282105][   T30] audit: type=1400 audit(1769613552.094:114): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
2026/01/28 15:19:15 executed programs: 230
2026/01/28 15:19:21 executed programs: 530