Warning: Permanently added '10.128.1.170' (ED25519) to the list of known hosts.
2026/02/16 11:09:03 parsed 1 programs
[   24.515314][   T28] audit: type=1400 audit(1771240143.259:64): avc:  denied  { node_bind } for  pid=283 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   24.536336][   T28] audit: type=1400 audit(1771240143.259:65): avc:  denied  { module_request } for  pid=283 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   25.648872][   T28] audit: type=1400 audit(1771240144.389:66): avc:  denied  { mounton } for  pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   25.652355][  T289] cgroup: Unknown subsys name 'net'
[   25.671534][   T28] audit: type=1400 audit(1771240144.399:67): avc:  denied  { mount } for  pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   25.698864][   T28] audit: type=1400 audit(1771240144.429:68): avc:  denied  { unmount } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   25.699221][  T289] cgroup: Unknown subsys name 'devices'
[   25.841767][  T289] cgroup: Unknown subsys name 'hugetlb'
[   25.847382][  T289] cgroup: Unknown subsys name 'rlimit'
[   25.960581][   T28] audit: type=1400 audit(1771240144.709:69): avc:  denied  { setattr } for  pid=289 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   25.983797][   T28] audit: type=1400 audit(1771240144.709:70): avc:  denied  { create } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   26.004217][   T28] audit: type=1400 audit(1771240144.709:71): avc:  denied  { write } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   26.024583][   T28] audit: type=1400 audit(1771240144.709:72): avc:  denied  { read } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   26.044952][   T28] audit: type=1400 audit(1771240144.709:73): avc:  denied  { mounton } for  pid=289 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   26.053845][  T294] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   26.121080][  T289] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   26.829133][  T297] request_module fs-gadgetfs succeeded, but still no fs?
[   27.343814][  T334] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.351079][  T334] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.358538][  T334] device bridge_slave_0 entered promiscuous mode
[   27.365577][  T334] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.373047][  T334] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.380643][  T334] device bridge_slave_1 entered promiscuous mode
[   27.430447][  T334] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.437495][  T334] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.444823][  T334] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.451919][  T334] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.472740][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   27.480560][  T322] bridge0: port 1(bridge_slave_0) entered disabled state
[   27.487807][  T322] bridge0: port 2(bridge_slave_1) entered disabled state
[   27.497333][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   27.505699][  T322] bridge0: port 1(bridge_slave_0) entered blocking state
[   27.512785][  T322] bridge0: port 1(bridge_slave_0) entered forwarding state
[   27.521364][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   27.529898][  T322] bridge0: port 2(bridge_slave_1) entered blocking state
[   27.536948][  T322] bridge0: port 2(bridge_slave_1) entered forwarding state
[   27.549895][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   27.559204][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   27.573414][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   27.585089][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   27.593316][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   27.600928][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   27.609009][  T334] device veth0_vlan entered promiscuous mode
[   27.619942][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   27.629001][  T334] device veth1_macvtap entered promiscuous mode
[   27.638624][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   27.648958][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   27.679303][  T334] syz-executor (334) used greatest stack depth: 21824 bytes left
2026/02/16 11:09:06 executed programs: 0
[   28.212947][  T365] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.220199][  T365] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.227663][  T365] device bridge_slave_0 entered promiscuous mode
[   28.234833][  T365] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.241927][  T365] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.249380][  T365] device bridge_slave_1 entered promiscuous mode
[   28.304406][  T365] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.311465][  T365] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.318757][  T365] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.325821][  T365] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.346874][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   28.354933][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   28.362289][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   28.374540][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   28.382728][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   28.389785][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   28.397178][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   28.405554][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   28.412648][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   28.424760][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   28.434963][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   28.448943][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   28.460689][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   28.468761][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   28.476440][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   28.485112][  T365] device veth0_vlan entered promiscuous mode
[   28.495538][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   28.504687][  T365] device veth1_macvtap entered promiscuous mode
[   28.514283][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   28.524527][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   28.549989][  T376] loop2: detected capacity change from 0 to 1024
[   28.557781][  T376] =======================================================
[   28.557781][  T376] WARNING: The mand mount option has been deprecated and
[   28.557781][  T376]          and is ignored by this kernel. Remove the mand
[   28.557781][  T376]          option from the mount to silence this warning.
[   28.557781][  T376] =======================================================
[   28.593018][  T376] EXT4-fs: Ignoring removed bh option
[   28.598827][  T376] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   28.621546][  T376] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   28.640818][   T10] ==================================================================
[   28.648933][   T10] BUG: KASAN: use-after-free in ext4_find_extent+0xbeb/0xe20
[   28.656347][   T10] Read of size 4 at addr ffff88812ef99018 by task kworker/u4:1/10
[   28.664172][   T10] 
[   28.666531][   T10] CPU: 0 PID: 10 Comm: kworker/u4:1 Not tainted syzkaller #0
[   28.674006][   T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   28.684103][   T10] Workqueue: writeback wb_workfn (flush-7:2)
[   28.690140][   T10] Call Trace:
[   28.693430][   T10]  <TASK>
[   28.696377][   T10]  __dump_stack+0x21/0x24
[   28.700740][   T10]  dump_stack_lvl+0x110/0x170
[   28.705457][   T10]  ? __cfi_dump_stack_lvl+0x8/0x8
[   28.710516][   T10]  ? ext4_find_extent+0xbeb/0xe20
[   28.715582][   T10]  print_address_description+0x71/0x200
[   28.721177][   T10]  print_report+0x4a/0x60
[   28.725545][   T10]  kasan_report+0x122/0x150
[   28.730074][   T10]  ? ext4_find_extent+0xbeb/0xe20
[   28.735120][   T10]  __asan_report_load4_noabort+0x14/0x20
[   28.740773][   T10]  ext4_find_extent+0xbeb/0xe20
[   28.745648][   T10]  ? __cfi__raw_spin_lock_irqsave+0x10/0x10
[   28.751573][   T10]  ext4_ext_map_blocks+0x207/0x61d0
[   28.756793][   T10]  ? kasan_set_track+0x60/0x70
[   28.761581][   T10]  ? kasan_set_track+0x4b/0x70
[   28.766364][   T10]  ? kasan_save_alloc_info+0x25/0x30
[   28.771675][   T10]  ? __kasan_slab_alloc+0x72/0x80
[   28.776815][   T10]  ? slab_post_alloc_hook+0x4f/0x2d0
[   28.782122][   T10]  ? kmem_cache_alloc+0x16e/0x330
[   28.787167][   T10]  ? ext4_alloc_io_end_vec+0x2a/0x160
[   28.792565][   T10]  ? ext4_writepages+0x10e9/0x30e0
[   28.797704][   T10]  ? do_writepages+0x3a4/0x5f0
[   28.802496][   T10]  ? __writeback_single_inode+0xc6/0xad0
[   28.808162][   T10]  ? writeback_sb_inodes+0xa10/0x15d0
[   28.813557][   T10]  ? wb_writeback+0x40b/0x9d0
[   28.818254][   T10]  ? wb_workfn+0x378/0xeb0
[   28.822695][   T10]  ? process_one_work+0x71f/0xc40
[   28.827733][   T10]  ? worker_thread+0xa29/0x11e0
[   28.832598][   T10]  ? kthread+0x281/0x320
[   28.836856][   T10]  ? ret_from_fork+0x1f/0x30
[   28.841470][   T10]  ? __cfi_ext4_ext_map_blocks+0x10/0x10
[   28.847140][   T10]  ? ext4_es_lookup_extent+0x54c/0x900
[   28.852621][   T10]  ext4_map_blocks+0x9d8/0x1b70
[   28.857502][   T10]  ? __cfi_ext4_map_blocks+0x10/0x10
[   28.862814][   T10]  ? ext4_inode_journal_mode+0x19a/0x480
[   28.868477][   T10]  ext4_writepages+0x1409/0x30e0
[   28.873446][   T10]  ? kasan_set_track+0x60/0x70
[   28.878231][   T10]  ? __cfi_ext4_writepages+0x10/0x10
[   28.883541][   T10]  ? __kasan_slab_free+0x11/0x20
[   28.888503][   T10]  ? slab_free_freelist_hook+0xc2/0x190
[   28.894079][   T10]  ? kmem_cache_free+0x12d/0x300
[   28.899041][   T10]  ? ext4_es_free_extent+0x3de/0x4c0
[   28.904352][   T10]  ? __es_remove_extent+0x8fe/0x1770
[   28.909669][   T10]  ? ext4_es_insert_extent+0x495/0x2d60
[   28.915237][   T10]  ? ext4_map_blocks+0xd5e/0x1b70
[   28.920295][   T10]  ? ext4_convert_unwritten_extents+0x2b7/0x5f0
[   28.926561][   T10]  ? ext4_convert_unwritten_io_end_vec+0x103/0x180
[   28.933088][   T10]  ? ext4_end_io_rsv_work+0x2c1/0x610
[   28.938506][   T10]  ? process_one_work+0x71f/0xc40
[   28.943554][   T10]  ? worker_thread+0xa29/0x11e0
[   28.948427][   T10]  ? kthread+0x281/0x320
[   28.952692][   T10]  ? ret_from_fork+0x1f/0x30
[   28.957311][   T10]  ? xas_start+0x317/0x3e0
[   28.961757][   T10]  ? update_load_avg+0x4bf/0x13f0
[   28.966813][   T10]  ? __cfi_ext4_writepages+0x10/0x10
[   28.972139][   T10]  do_writepages+0x3a4/0x5f0
[   28.976757][   T10]  ? __cfi____update_load_sum+0x10/0x10
[   28.982336][   T10]  ? enqueue_task_fair+0xbee/0x1d40
[   28.987554][   T10]  ? __cfi_do_writepages+0x10/0x10
[   28.992695][   T10]  ? __kasan_check_write+0x14/0x20
[   28.997831][   T10]  ? _raw_spin_lock+0x94/0xf0
[   29.002559][   T10]  __writeback_single_inode+0xc6/0xad0
[   29.008050][   T10]  ? inode_io_list_move_locked+0x366/0x3d0
[   29.013880][   T10]  writeback_sb_inodes+0xa10/0x15d0
[   29.019108][   T10]  ? queue_io+0x4c0/0x4c0
[   29.023468][   T10]  ? __kasan_check_read+0x11/0x20
[   29.028516][   T10]  ? queue_io+0x382/0x4c0
[   29.032862][   T10]  wb_writeback+0x40b/0x9d0
[   29.037397][   T10]  ? inode_cgwb_move_to_attached+0x3e0/0x3e0
[   29.043413][   T10]  ? set_worker_desc+0x1ba/0x1f0
[   29.048390][   T10]  ? __kasan_check_write+0x14/0x20
[   29.053524][   T10]  wb_workfn+0x378/0xeb0
[   29.057795][   T10]  ? sched_clock_cpu+0x6e/0x260
[   29.062666][   T10]  ? __cfi_wb_workfn+0x10/0x10
[   29.067447][   T10]  ? __cfi_sched_clock_cpu+0x10/0x10
[   29.072825][   T10]  ? __kasan_check_read+0x11/0x20
[   29.077866][   T10]  ? ttwu_do_wakeup+0xfb/0x490
[   29.082656][   T10]  ? ttwu_do_activate+0x174/0x280
[   29.087701][   T10]  ? _raw_spin_unlock_irqrestore+0x5a/0x80
[   29.093530][   T10]  ? try_to_wake_up+0x613/0x1220
[   29.098541][   T10]  process_one_work+0x71f/0xc40
[   29.103412][   T10]  worker_thread+0xa29/0x11e0
[   29.108117][   T10]  ? __