Warning: Permanently added '10.128.0.132' (ED25519) to the list of known hosts.
2026/04/18 14:35:36 parsed 1 programs
[   26.456156][   T28] audit: type=1400 audit(1776522936.207:64): avc:  denied  { node_bind } for  pid=283 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   26.477176][   T28] audit: type=1400 audit(1776522936.207:65): avc:  denied  { module_request } for  pid=283 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   27.594603][   T28] audit: type=1400 audit(1776522937.347:66): avc:  denied  { mounton } for  pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   27.598173][  T289] cgroup: Unknown subsys name 'net'
[   27.617396][   T28] audit: type=1400 audit(1776522937.347:67): avc:  denied  { mount } for  pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   27.645035][   T28] audit: type=1400 audit(1776522937.377:68): avc:  denied  { unmount } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   27.645541][  T289] cgroup: Unknown subsys name 'devices'
[   27.784917][  T289] cgroup: Unknown subsys name 'hugetlb'
[   27.790645][  T289] cgroup: Unknown subsys name 'rlimit'
[   27.913342][   T28] audit: type=1400 audit(1776522937.667:69): avc:  denied  { setattr } for  pid=289 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   27.936624][   T28] audit: type=1400 audit(1776522937.667:70): avc:  denied  { create } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.957239][   T28] audit: type=1400 audit(1776522937.667:71): avc:  denied  { write } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.977711][   T28] audit: type=1400 audit(1776522937.667:72): avc:  denied  { read } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   27.998599][   T28] audit: type=1400 audit(1776522937.667:73): avc:  denied  { mounton } for  pid=289 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   28.009688][  T293] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
Setting up swapspace version 1, size = 127995904 bytes
[   28.127113][  T289] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   28.877205][  T299] request_module fs-gadgetfs succeeded, but still no fs?
[   29.459289][  T341] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.466592][  T341] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.474264][  T341] device bridge_slave_0 entered promiscuous mode
[   29.481267][  T341] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.488374][  T341] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.495941][  T341] device bridge_slave_1 entered promiscuous mode
[   29.541934][  T341] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.549059][  T341] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.556444][  T341] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.563620][  T341] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.585331][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   29.593213][  T310] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.600556][  T310] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.610170][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   29.618614][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.625716][  T310] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.634826][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   29.643170][  T310] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.650227][  T310] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.663276][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   29.673345][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   29.688153][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   29.700071][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   29.708419][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   29.716066][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   29.730502][  T341] device veth0_vlan entered promiscuous mode
[   29.741328][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   29.750733][  T341] device veth1_macvtap entered promiscuous mode
[   29.760837][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   29.776004][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   29.808451][  T341] syz-executor (341) used greatest stack depth: 21568 bytes left
2026/04/18 14:35:39 executed programs: 0
[   30.169750][  T355] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.177502][  T355] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.185093][  T355] device bridge_slave_0 entered promiscuous mode
[   30.193110][  T355] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.200188][  T355] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.207809][  T355] device bridge_slave_1 entered promiscuous mode
[   30.276697][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   30.284210][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   30.291612][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   30.300126][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   30.308333][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.315586][  T310] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.324143][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   30.334879][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   30.343304][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   30.351513][  T310] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.358614][  T310] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.370666][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   30.380432][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   30.394781][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   30.406473][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   30.415199][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   30.422910][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   30.431304][  T355] device veth0_vlan entered promiscuous mode
[   30.441761][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   30.451733][  T355] device veth1_macvtap entered promiscuous mode
[   30.461693][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   30.471821][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   30.502769][  T360] loop2: detected capacity change from 0 to 1024
[   30.509550][  T360] =======================================================
[   30.509550][  T360] WARNING: The mand mount option has been deprecated and
[   30.509550][  T360]          and is ignored by this kernel. Remove the mand
[   30.509550][  T360]          option from the mount to silence this warning.
[   30.509550][  T360] =======================================================
[   30.554189][  T360] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.567568][  T355] EXT4-fs (loop2): unmounting filesystem.
[   30.588608][  T366] loop2: detected capacity change from 0 to 1024
[   30.604099][  T366] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.616850][  T355] EXT4-fs (loop2): unmounting filesystem.
[   30.639073][  T369] loop2: detected capacity change from 0 to 1024
[   30.654644][  T369] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.673702][  T355] EXT4-fs (loop2): unmounting filesystem.
[   30.703407][  T372] loop2: detected capacity change from 0 to 1024
[   30.723821][  T372] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.737787][  T355] EXT4-fs (loop2): unmounting filesystem.
[   30.755125][  T375] loop2: detected capacity change from 0 to 1024
[   30.773746][  T375] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.786780][  T355] EXT4-fs (loop2): unmounting filesystem.
[   30.801796][  T378] loop2: detected capacity change from 0 to 1024
[   30.815869][  T378] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.828501][  T355] EXT4-fs (loop2): unmounting filesystem.
[   30.845652][  T381] loop2: detected capacity change from 0 to 1024
[   30.864120][  T381] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.877806][  T355] EXT4-fs (loop2): unmounting filesystem.
[   30.901431][  T384] loop2: detected capacity change from 0 to 1024
[   30.924366][  T384] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.937686][  T355] EXT4-fs (loop2): unmounting filesystem.
[   30.945119][   T43] device bridge_slave_1 left promiscuous mode
[   30.951321][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[   30.959422][   T43] device bridge_slave_0 left promiscuous mode
[   30.972558][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[   30.980449][  T387] loop2: detected capacity change from 0 to 1024
[   30.990067][   T43] device veth1_macvtap left promiscuous mode
[   30.996326][   T43] device veth0_vlan left promiscuous mode
[   31.006099][  T387] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.031766][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.048416][  T390] loop2: detected capacity change from 0 to 1024
[   31.073241][  T390] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.093712][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.125070][  T393] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.139527][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.164270][  T396] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.177805][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.203857][  T399] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.218633][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.253787][  T402] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.267557][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.303810][  T405] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.318152][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.343947][  T408] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.356603][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.383770][  T411] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.396793][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.425125][  T414] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.437973][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.463762][  T417] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.476648][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.503687][  T420] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.516671][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.543863][  T423] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.556736][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.583722][  T426] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.597160][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.624314][  T429] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.636761][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.665015][  T432] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.677910][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.703741][  T435] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.716781][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.744901][  T438] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.757631][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.784246][  T441] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.797862][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.833948][  T444] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.847623][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.873806][  T447] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.893232][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.913749][  T450] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.926621][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.953738][  T453] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   31.971958][  T355] EXT4-fs (loop2): unmounting filesystem.
[   31.993915][  T456] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.453700][  T787] EXT4-fs mount: 217 callbacks suppressed
[   34.453718][  T787] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.474365][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.494208][  T790] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.506718][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.534198][  T793] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.546947][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.575000][  T796] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.587634][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.613823][  T799] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.627846][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.654909][  T802] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.668104][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.693653][  T805] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.707330][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.745004][  T808] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.758037][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.793864][  T811] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.810896][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.833676][  T814] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.847432][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.883697][  T817] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.898417][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.923580][  T820] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.936423][  T355] EXT4-fs (loop2): unmounting filesystem.
[   34.964147][  T823] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   34.976605][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.003740][  T826] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.016913][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.043664][  T829] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.056768][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.083908][  T832] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.096747][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.124117][  T835] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.136652][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.164198][  T838] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
2026/04/18 14:35:44 executed programs: 161
[   35.176509][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.193513][   T28] kauditd_printk_skb: 33 callbacks suppressed
[   35.193527][   T28] audit: type=1400 audit(1776522944.947:107): avc:  denied  { write } for  pid=283 comm="syz-execprog" path="pipe:[11171]" dev="pipefs" ino=11171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   35.234073][  T841] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.246855][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.273726][  T844] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.287495][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.313763][  T847] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.327096][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.353911][  T850] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.366855][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.393734][  T853] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.407250][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.433862][  T856] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.447229][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.483369][  T859] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.504603][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.522999][  T862] set_capacity_and_notify: 155 callbacks suppressed
[   35.523017][  T862] loop2: detected capacity change from 0 to 1024
[   35.560958][  T862] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.589656][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.615355][  T865] loop2: detected capacity change from 0 to 1024
[   35.637664][  T865] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.654767][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.670705][  T868] loop2: detected capacity change from 0 to 1024
[   35.693959][  T868] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.709121][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.728114][  T871] loop2: detected capacity change from 0 to 1024
[   35.743730][  T871] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.756320][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.776220][  T874] loop2: detected capacity change from 0 to 1024
[   35.803771][  T874] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.816857][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.831702][  T877] loop2: detected capacity change from 0 to 1024
[   35.843986][  T877] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.858401][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.875415][  T880] loop2: detected capacity change from 0 to 1024
[   35.893942][  T880] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   35.906959][  T355] EXT4-fs (loop2): unmounting filesystem.
[   35.921835][  T883] loop2: detected capacity change from 0 to 1024
[   35.947709][  T886] loop2: detected capacity change from 0 to 1024
[   35.977622][  T889] loop2: detected capacity change from 0 to 1024
[   37.456450][ T1079] ==================================================================
[   37.464665][ T1079] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x979/0x21d0
[   37.472935][ T1079] Read of size 18446744073709551588 at addr ffff888114107040 by task syz.2.258/1079
[   37.482493][ T1079] 
[   37.484873][ T1079] CPU: 1 PID: 1079 Comm: syz.2.258 Not tainted syzkaller #0
[   37.492208][ T1079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   37.503082][ T1079] Call Trace:
[   37.506404][ T1079]  <TASK>
[   37.509373][ T1079]  __dump_stack+0x21/0x24
[   37.513750][ T1079]  dump_stack_lvl+0x110/0x170
[   37.518475][ T1079]  ? __cfi_dump_stack_lvl+0x8/0x8
[   37.523552][ T1079]  ? kasan_save_alloc_info+0x25/0x30
[   37.528905][ T1079]  ? ext4_xattr_block_set+0x9d5/0x3260
[   37.534433][ T1079]  ? ext4_xattr_set+0x242/0x320
[   37.539339][ T1079]  ? ext4_xattr_security_set+0x3c/0x50
[   37.544843][ T1079]  ? ext4_xattr_set_entry+0x979/0x21d0
[   37.550457][ T1079]  print_address_description+0x71/0x200
[   37.556142][ T1079]  print_report+0x4a/0x60
[   37.560783][ T1079]  kasan_report+0x122/0x150
[   37.565337][ T1079]  ? ext4_xattr_set_entry+0x979/0x21d0
[   37.570854][ T1079]  ? ext4_xattr_set_entry+0x979/0x21d0
[   37.576455][ T1079]  kasan_check_range+0x249/0x2a0
[   37.581453][ T1079]  ? ext4_xattr_set_entry+0x979/0x21d0
[   37.587099][ T1079]  memmove+0x2d/0x70
[   37.591060][ T1079]  ext4_xattr_set_entry+0x979/0x21d0
[   37.596420][ T1079]  ext4_xattr_block_set+0xad3/0x3260
[   37.601877][ T1079]  ? __kasan_check_write+0x14/0x20
[   37.607124][ T1079]  ? iput+0x620/0x670
[   37.611155][ T1079]  ? ext4_xattr_block_find+0x310/0x310
[   37.616667][ T1079]  ext4_xattr_set_handle+0xe3b/0x1570
[   37.622187][ T1079]  ? __cfi_ext4_xattr_set_handle+0x10/0x10
[   37.628041][ T1079]  ? __kasan_check_read+0x11/0x20
[   37.633100][ T1079]  ? __ext4_journal_start_sb+0x2ed/0x4a0
[   37.638845][ T1079]  ext4_xattr_set+0x242/0x320
[   37.643552][ T1079]  ? ns_capable+0x8c/0xf0
[   37.647927][ T1079]  ? __cfi_ext4_xattr_set+0x10/0x10
[   37.653157][ T1079]  ? selinux_inode_setxattr+0x5cf/0xbf0
[   37.658759][ T1079]  ext4_xattr_security_set+0x3c/0x50
[   37.664088][ T1079]  ? __cfi_ext4_xattr_security_set+0x10/0x10
[   37.670306][ T1079]  __vfs_setxattr+0x3f2/0x440
[   37.675015][ T1079]  __vfs_setxattr_noperm+0x12a/0x5e0
[   37.680405][ T1079]  __vfs_setxattr_locked+0x212/0x230
[   37.685713][ T1079]  vfs_setxattr+0x167/0x2e0
[   37.690336][ T1079]  ? __cfi_vfs_setxattr+0x10/0x10
[   37.695374][ T1079]  ? copy_user_enhanced_fast_string+0xa/0x40
[   37.701382][ T1079]  setxattr+0x346/0x360
[   37.705827][ T1079]  ? path_setxattr+0x290/0x290
[   37.710627][ T1079]  ? __mnt_want_write+0x1e6/0x260
[   37.715742][ T1079]  ? mnt_want_write+0x220/0x300
[   37.720599][ T1079]  path_setxattr+0x147/0x290
[   37.725195][ T1079]  ? simple_xattr_list_add+0x120/0x120
[   37.730761][ T1079]  __x64_sys_setxattr+0xc5/0xe0
[   37.735626][ T1079]  x64_sys_call+0x633/0x9a0
[   37.740137][ T1079]  do_syscall_64+0x4c/0xa0
[   37.744653][ T1079]  ? clear_bhb_loop+0x30/0x80
[   37.749347][ T1079]  ? clear_bhb_loop+0x30/0x80
[   37.754154][ T1079]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   37.760153][ T1079] RIP: 0033:0x7f1f03f9c819
[   37.764684][ T1079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   37.784475][ T1079] RSP: 002b:00007ffe9f1af368 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   37.793015][ T1079] RAX: ffffffffffffffda RBX: 00007f1f04215fa0 RCX: 00007f1f03f9c819
[   37.801269][ T1079] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100
[   37.809338][ T1079] RBP: 00007f1f04032c91 R08: 0000000000000000 R09: 0000000000000000
[   37.817405][ T1079] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000
[   37.825384][ T1079] R13: 00007f1f04215fac R14: 00007f1f04215fa0 R15: 00007f1f04215fa0
[   37.833363][ T1079]  </TASK>
[   37.836381][ T1079] 
[   37.838785][ T1079] Allocated by task 1079:
[   37.843279][ T1079]  kasan_set_track+0x4b/0x70
[   37.847909][ T1079]  kasan_save_alloc_info+0x25/0x30
[   37.853047][ T1079]  __kasan_kmalloc+0x95/0xb0
[   37.857696][ T1079]  __kmalloc_node_track_caller+0xb1/0x1e0
[   37.863430][ T1079]  kmemdup+0x2b/0x60
[   37.867350][ T1079]  ext4_xattr_block_set+0x9d5/0x3260
[   37.872645][ T1079]  ext4_xattr_set_handle+0xe3b/0x1570
[   37.878045][ T1079]  ext4_xattr_set+0x242/0x320
[   37.882728][ T1079]  ext4_xattr_security_set+0x3c/0x50
[   37.888100][ T1079]  __vfs_setxattr+0x3f2/0x440
[   37.892777][ T1079]  __vfs_setxattr_noperm+0x12a/0x5e0
[   37.898083][ T1079]  __vfs_setxattr_locked+0x212/0x230
[   37.903372][ T1079]  vfs_setxattr+0x167/0x2e0
[   37.907875][ T1079]  setxattr+0x346/0x360
[   37.912060][ T1079]  path_setxattr+0x147/0x290
[   37.916655][ T1079]  __x64_sys_setxattr+0xc5/0xe0
[   37.921512][ T1079]  x64_sys_call+0x633/0x9a0
[   37.926034][ T1079]  do_syscall_64+0x4c/0xa0
[   37.930449][ T1079]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   37.936393][ T1079] 
[   37.938719][ T1079] The buggy address belongs to the object at ffff888114107000
[   37.938719][ T1079]  which belongs to the cache kmalloc-1k of size 1024
[   37.952771][ T1079] The buggy address is located 64 bytes inside of
[   37.952771][ T1079]  1024-byte region [ffff888114107000, ffff888114107400)
[   37.966145][ T1079] 
[   37.968564][ T1079] The buggy address belongs to the physical page:
[   37.974984][ T1079] page:ffffea0004504000 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888114107800 pfn:0x114100
[   37.986654][ T1079] head:ffffea0004504000 order:3 compound_mapcount:0 compound_pincount:0
[   37.995077][ T1079] flags: 0x4000000000010200(slab|head|zone=1)
[   38.001171][ T1079] raw: 4000000000010200 ffffea00045d8a00 dead000000000002 ffff888100043080
[   38.009837][ T1079] raw: ffff888114107800 0000000080100009 00000001ffffffff 0000000000000000
[   38.018487][ T1079] page dumped because: kasan: bad access detected
[   38.024930][ T1079] page_owner tracks the page as allocated
[   38.030664][ T1079] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 355, tgid 355 (syz-executor), ts 30247367200, free_ts 30217271079
[   38.053535][ T1079]  post_alloc_hook+0x1f5/0x210
[   38.058312][ T1079]  prep_new_page+0x1c/0x110
[   38.062818][ T1079]  get_page_from_freelist+0x2d12/0x2d80
[   38.068405][ T1079]  __alloc_pages+0x1fa/0x610
[   38.072997][ T1079]  alloc_slab_page+0x6e/0xf0
[   38.077595][ T1079]  new_slab+0x98/0x3d0
[   38.081700][ T1079]  ___slab_alloc+0x6bd/0xb20
[   38.086322][ T1079]  __slab_alloc+0x5e/0xa0
[   38.090684][ T1079]  __kmem_cache_alloc_node+0x203/0x2c0
[   38.096254][ T1079]  __kmalloc_node_track_caller+0xa0/0x1e0
[   38.102115][ T1079]  __alloc_skb+0x236/0x4b0
[   38.106667][ T1079]  alloc_uevent_skb+0x85/0x240
[   38.111453][ T1079]  kobject_uevent_net_broadcast+0x1b4/0x5b0
[   38.117358][ T1079]  kobject_uevent_env+0x54f/0x730
[   38.122454][ T1079]  kobject_uevent+0x1d/0x30
[   38.126981][ T1079]  netdev_queue_update_kobjects+0x22c/0x470
[   38.132965][ T1079] page last free stack trace:
[   38.137645][ T1079]  free_unref_page_prepare+0x742/0x750
[   38.143300][ T1079]  free_unref_page+0x95/0x540
[   38.147990][ T1079]  __free_pages+0x67/0x100
[   38.152446][ T1079]  __free_slab+0xca/0x1a0
[   38.156889][ T1079]  __unfreeze_partials+0x160/0x190
[   38.162011][ T1079]  put_cpu_partial+0xa9/0x100
[   38.166704][ T1079]  __slab_free+0x1c4/0x280
[   38.171153][ T1079]  ___cache_free+0xbf/0xd0
[   38.175708][ T1079]  qlist_free_all+0xc6/0x140
[   38.180318][ T1079]  kasan_quarantine_reduce+0x14a/0x170
[   38.185785][ T1079]  __kasan_slab_alloc+0x24/0x80
[   38.190680][ T1079]  slab_post_alloc_hook+0x4f/0x2d0
[   38.195927][ T1079]  kmem_cache_alloc+0x16e/0x330
[   38.201103][ T1079]  __kernfs_new_node+0xe3/0x6b0
[   38.206161][ T1079]  kernfs_new_node+0x150/0x260
[   38.210956][ T1079]  __kernfs_create_file+0x4e/0x270
[   38.216172][ T1079] 
[   38.218497][ T1079] Memory state around the buggy address:
[   38.224217][ T1079]  ffff888114106f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   38.232369][ T1079]  ffff888114106f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   38.240497][ T1079] >ffff888114107000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.248651][ T1079]                                            ^
[   38.254809][ T1079]  ffff888114107080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.262870][ T1079]  ffff888114107100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   38.270929][ T1079] ==================================================================
[   38.279779][ T1079] Disabling lock debugging due to kernel taint
[   38.289235][   T28] audit: type=1400 audit(1776522948.047:108): avc:  denied  { read } for  pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   38.311409][   T28] audit: type=1400 audit(1776522948.047:109): avc:  denied  { search } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   38.335608][   T28] audit: type=1400 audit(1776522948.047:110): avc:  denied  { write } for  pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   38.357219][   T28] audit: type=1400 audit(1776522948.047:111): avc:  denied  { add_name } for  pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   38.378866][   T28] audit: type=1400 audit(1776522948.047:112): avc:  denied  { create } for  pid=85 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   38.399578][   T28] audit: type=1400 audit(1776522948.047:113): avc:  denied  { append open } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   38.423065][   T28] audit: type=1400 audit(1776522948.047:114): avc:  denied  { getattr } for  pid=85 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
2026/04/18 14:35:49 executed programs: 323
[   40.539259][ T1349] set_capacity_and_notify: 147 callbacks suppressed
[   40.539277][ T1349] loop2: detected capacity change from 0 to 1024
[   40.577866][ T1352] loop2: detected capacity change from 0 to 1024
[   40.606882][ T1355] loop2: detected capacity change from 0 to 1024
[   40.638319][ T1358] loop2: detected capacity change from 0 to 1024
[   40.679853][ T1361] loop2: detected capacity change from 0 to 1024
[   40.711817][ T1364] loop2: detected capacity change from 0 to 1024
[   40.736434][ T1367] loop2: detected capacity change from 0 to 1024
[   40.768897][ T1370] loop2: detected capacity change from 0 to 1024
[   40.799202][ T1373] loop2: detected capacity change from 0 to 1024
[   40.832470][ T1376] loop2: detected capacity change from 0 to 1024
[   41.343965][  T303] I/O error, dev loop2, sector 24 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   41.735048][  T303] I/O error, dev loop2, sector 24 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
2026/04/18 14:35:55 executed programs: 538
[   45.559461][ T1971] set_capacity_and_notify: 193 callbacks suppressed
[   45.559479][ T1971] loop2: detected capacity change from 0 to 1024
[   45.597838][ T1974] loop2: detected capacity change from 0 to 1024
[   45.631202][ T1977] loop2: detected capacity change from 0 to 1024
[   45.656431][ T1980] loop2: detected capacity change from 0 to 1024
[   45.697723][ T1983] loop2: detected capacity change from 0 to 1024
[   45.726930][ T1986] loop2: detected capacity change from 0 to 1024
[   45.759300][ T1989] loop2: detected capacity change from 0 to 1024
[   45.790010][ T1992] loop2: detected capacity change from 0 to 1024
[   45.816607][ T1995] loop2: detected capacity change from 0 to 1024
[   45.851301][ T1998] loop2: detected capacity change from 0 to 1024
[   46.773793][ T2111] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.780864][ T2111] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.788669][ T2111] device bridge_slave_0 entered promiscuous mode
[   46.798785][ T2111] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.805993][ T2111] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.813508][ T2111] device bridge_slave_1 entered promiscuous mode
[   46.861235][ T2111] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.868327][ T2111] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.875654][ T2111] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.882741][ T2111] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.903091][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   46.910913][  T310] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.918365][  T310] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.929572][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   46.938038][  T310] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.945094][  T310] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.954326][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   46.963143][  T310] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.970489][  T310] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.985721][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   46.995243][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   47.009670][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   47.022919][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   47.031073][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   47.038871][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   47.047490][ T2111] device veth0_vlan entered promiscuous mode
[   47.060170][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   47.069614][ T2111] device veth1_macvtap entered promiscuous mode
[   47.079685][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   47.091126][  T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   47.223968][  T362] device bridge_slave_1 left promiscuous mode
[   47.230131][  T362] bridge0: port 2(bridge_slave_1) entered disabled state
[   47.241804][  T362] device bridge_slave_0 left promiscuous mode
[   47.249306][  T362] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.260861][  T362] device veth1_macvtap left promiscuous mode
[   47.267574][  T362] device veth0_vlan left promiscuous mode