Warning: Permanently added '10.128.10.11' (ED25519) to the list of known hosts.
executing program
[   31.388243][   T23] audit: type=1400 audit(1739070471.810:66): avc:  denied  { execmem } for  pid=356 comm="syz-executor368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   31.407683][   T23] audit: type=1400 audit(1739070471.830:67): avc:  denied  { read } for  pid=357 comm="syz-executor368" name="msr" dev="devtmpfs" ino=9391 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
executing program
[   31.430934][   T23] audit: type=1400 audit(1739070471.830:68): avc:  denied  { open } for  pid=357 comm="syz-executor368" path="/dev/cpu/0/msr" dev="devtmpfs" ino=9391 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   64.445325][  T958] ==================================================================
[   64.453774][  T958] BUG: KASAN: out-of-bounds in unwind_next_frame+0x1cd/0x1ea0
[   64.461321][  T958] Read of size 8 at addr ffff8881e5ca7a90 by task syz-executor368/958
[   64.469467][  T958] 
[   64.471712][  T958] CPU: 0 PID: 958 Comm: syz-executor368 Not tainted 5.4.289-syzkaller-00030-gcb850525fc3e #0
[   64.481708][  T958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   64.491716][  T958] Call Trace:
[   64.494997][  T958]  dump_stack+0x1d8/0x241
[   64.499161][  T958]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   64.504846][  T958]  ? printk+0xd1/0x111
[   64.508715][  T958]  ? check_memory_region+0x6f/0x280
[   64.514166][  T958]  ? unwind_next_frame+0x1cd/0x1ea0
[   64.519251][  T958]  print_address_description+0x8c/0x600
[   64.524756][  T958]  ? symbol_string+0x272/0x3d0
[   64.529360][  T958]  ? widen_string+0x3a/0x310
[   64.533772][  T958]  ? call_function_single_interrupt+0xa/0x20
[   64.539585][  T958]  ? get_reg+0x105/0x220
[   64.543955][  T958]  ? check_memory_region+0x6f/0x280
[   64.549088][  T958]  ? unwind_next_frame+0x1cd/0x1ea0
[   64.554237][  T958]  __kasan_report+0xf3/0x120
[   64.558840][  T958]  ? unwind_next_frame+0x1cd/0x1ea0
[   64.564132][  T958]  kasan_report+0x30/0x60
[   64.568647][  T958]  ? preempt_count_add+0x8f/0x180
[   64.573967][  T958]  unwind_next_frame+0x1cd/0x1ea0
[   64.578831][  T958]  ? check_memory_region+0x6f/0x280
[   64.583915][  T958]  ? unwind_get_return_address_ptr+0xa0/0xa0
[   64.589761][  T958]  ? arch_stack_walk+0xf5/0x140
[   64.594439][  T958]  ? check_memory_region+0x6f/0x280
[   64.599469][  T958]  ? retint_kernel+0x1b/0x1b
[   64.604009][  T958]  ? stack_trace_save+0x118/0x1c0
[   64.608896][  T958]  ? stack_trace_snprint+0x170/0x170
[   64.613999][  T958]  ? get_stack_info+0x35/0x200
[   64.618591][  T958]  ? __unwind_start+0x583/0x890
[   64.623278][  T958]  ? deref_stack_reg+0x1f0/0x1f0
[   64.628158][  T958]  ? proc_pid_stack+0x8d/0x1e0
[   64.632782][  T958]  ? proc_single_show+0xda/0x160
[   64.637520][  T958]  ? seq_read+0x4df/0xe60
[   64.641859][  T958]  ? do_preadv+0x20e/0x350
[   64.646316][  T958]  ? in_sched_functions+0x9/0x40
[   64.651077][  T958]  ? stack_trace_save_tsk+0x4b0/0x4b0
[   64.656379][  T958]  arch_stack_walk+0x111/0x140
[   64.660982][  T958]  ? check_memory_region+0x6f/0x280
[   64.666015][  T958]  stack_trace_save_tsk+0x309/0x4b0
[   64.671037][  T958]  ? stack_trace_consume_entry+0x240/0x240
[   64.676862][  T958]  ? _raw_spin_lock+0xa4/0x1b0
[   64.681458][  T958]  ? down_read_interruptible+0x220/0x220
[   64.686933][  T958]  proc_pid_stack+0x125/0x1e0
[   64.691440][  T958]  proc_single_show+0xda/0x160
[   64.696051][  T958]  seq_read+0x4df/0xe60
[   64.700045][  T958]  do_iter_read+0x3e8/0x580
[   64.704488][  T958]  do_preadv+0x20e/0x350
[   64.708577][  T958]  ? vfs_writev+0x350/0x350
[   64.713128][  T958]  ? do_syscall_64+0x7f/0x1c0
[   64.717631][  T958]  do_syscall_64+0xca/0x1c0
[   64.721947][  T958]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   64.727682][  T958] RIP: 0033:0x7f9d5bb0d369
[   64.731918][  T958] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   64.751609][  T958] RSP: 002b:00007f9d5baaa218 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   64.760076][  T958] RAX: ffffffffffffffda RBX: 00007f9d5bb94338 RCX: 00007f9d5bb0d369
[   64.768020][  T958] RDX: 0000000000000332 RSI: 00004000000017c0 RDI: 0000000000000004
[   64.775836][  T958] RBP: 00007f9d5bb94330 R08: 0000000000000000 R09: 0000000000000000
[   64.783659][  T958] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9d5bb610ac
[   64.791542][  T958] R13: 0000400000005580 R14: 00004000000000c0 R15: 00004000000017c0
[   64.799439][  T958] 
[   64.801634][  T958] The buggy address belongs to the page:
[   64.807099][  T958] page:ffffea00079729c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[   64.816299][  T958] flags: 0x8000000000000000()
[   64.820815][  T958] raw: 8000000000000000 0000000000000000 ffffea00079729c8 0000000000000000
[   64.829802][  T958] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   64.839159][  T958] page dumped because: kasan: bad access detected
[   64.845422][  T958] page_owner tracks the page as allocated
[   64.851227][  T958] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO)
[   64.863576][  T958]  prep_new_page+0x18f/0x370
[   64.868410][  T958]  get_page_from_freelist+0x2d13/0x2d90
[   64.873959][  T958]  __alloc_pages_nodemask+0x393/0x840
[   64.879185][  T958]  dup_task_struct+0x85/0x600
[   64.883788][  T958]  copy_process+0x56d/0x3230
[   64.888299][  T958]  _do_fork+0x197/0x900
[   64.892280][  T958]  __x64_sys_clone+0x26b/0x2c0
[   64.897012][  T958]  do_syscall_64+0xca/0x1c0
[   64.901964][  T958]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   64.907760][  T958] page last free stack trace:
[   64.912896][  T958]  __free_pages_ok+0x847/0x950
[   64.917493][  T958]  __free_pages+0x91/0x140
[   64.921845][  T958]  put_task_stack+0x212/0x260
[   64.926342][  T958]  finish_task_switch+0x24a/0x590
[   64.931285][  T958]  __schedule+0xb0d/0x1320
[   64.935539][  T958]  schedule_idle+0x50/0x80
[   64.939917][  T958]  do_idle+0x609/0x660
[   64.943793][  T958]  cpu_startup_entry+0x14/0x20
[   64.948660][  T958]  start_secondary+0x3a5/0x460
[   64.953284][  T958]  secondary_startup_64+0xa4/0xb0
[   64.958687][  T958] 
[   64.960826][  T958] Memory state around the buggy address:
[   64.966372][  T958]  ffff8881e5ca7980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   64.975042][  T958]  ffff8881e5ca7a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   64.983363][  T958] >ffff8881e5ca7a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   64.991704][  T958]                          ^
[   64.996131][  T958]  ffff8881e5ca7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   65.004018][  T958]  ffff8881e5ca7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   65.012576][  T958] ==================================================================
[   65.020488][  T958] Disabling lock debugging due to kernel taint
executing program
executing program
executing program
executing program
executing program
executing program