[    5.468538][   T23] audit: type=1400 audit(1739033655.629:10): avc:  denied  { getattr } for  pid=146 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10847 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[    5.660779][  T163] udevd[163]: starting version 3.2.11
[    5.709381][  T164] udevd[164]: starting eudev-3.2.11
[    6.832264][  T196] ip (196) used greatest stack depth: 22968 bytes left
[   15.047000][   T23] kauditd_printk_skb: 50 callbacks suppressed
[   15.047008][   T23] audit: type=1400 audit(1739033665.219:61): avc:  denied  { transition } for  pid=288 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   15.051471][   T23] audit: type=1400 audit(1739033665.219:62): avc:  denied  { noatsecure } for  pid=288 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   15.054366][   T23] audit: type=1400 audit(1739033665.219:63): avc:  denied  { write } for  pid=288 comm="sh" path="pipe:[10173]" dev="pipefs" ino=10173 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   15.057784][   T23] audit: type=1400 audit(1739033665.219:64): avc:  denied  { rlimitinh } for  pid=288 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   15.060459][   T23] audit: type=1400 audit(1739033665.219:65): avc:  denied  { siginh } for  pid=288 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.1.66' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
[   45.838471][   T23] audit: type=1400 audit(1739033696.009:66): avc:  denied  { execmem } for  pid=373 comm="syz-executor356" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   45.886742][   T23] audit: type=1400 audit(1739033696.019:67): avc:  denied  { read } for  pid=380 comm="syz-executor356" name="msr" dev="devtmpfs" ino=9391 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   46.080122][   T23] audit: type=1400 audit(1739033696.019:68): avc:  denied  { open } for  pid=380 comm="syz-executor356" path="/dev/cpu/0/msr" dev="devtmpfs" ino=9391 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   47.041603][  T426] ==================================================================
[   47.049482][  T426] BUG: KASAN: out-of-bounds in unwind_next_frame+0x1cd/0x1ea0
[   47.056769][  T426] Read of size 8 at addr ffff8881ee5078b0 by task syz-executor356/426
[   47.064745][  T426] 
[   47.066941][  T426] CPU: 0 PID: 426 Comm: syz-executor356 Not tainted 5.4.289-syzkaller-00030-gcb850525fc3e #0
[   47.076917][  T426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   47.086819][  T426] Call Trace:
[   47.089933][  T426]  dump_stack+0x1d8/0x241
[   47.094091][  T426]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   47.099735][  T426]  ? printk+0xd1/0x111
[   47.103639][  T426]  ? check_memory_region+0x6b/0x280
[   47.108673][  T426]  ? unwind_next_frame+0x1cd/0x1ea0
[   47.113714][  T426]  print_address_description+0x8c/0x600
[   47.119109][  T426]  ? get_reg+0x105/0x220
[   47.123171][  T426]  ? check_memory_region+0x6b/0x280
[   47.128202][  T426]  ? unwind_next_frame+0x1cd/0x1ea0
[   47.133236][  T426]  __kasan_report+0xf3/0x120
[   47.137664][  T426]  ? unwind_next_frame+0x1cd/0x1ea0
[   47.142700][  T426]  kasan_report+0x30/0x60
[   47.146864][  T426]  ? preempt_count_add+0x8f/0x180
[   47.151729][  T426]  unwind_next_frame+0x1cd/0x1ea0
[   47.156585][  T426]  ? check_memory_region+0x6b/0x280
[   47.161620][  T426]  ? unwind_get_return_address_ptr+0xa0/0xa0
[   47.167431][  T426]  ? arch_stack_walk+0xf5/0x140
[   47.172122][  T426]  ? check_memory_region+0x6b/0x280
[   47.177153][  T426]  ? retint_kernel+0x1b/0x1b
[   47.181578][  T426]  ? stack_trace_save+0x118/0x1c0
[   47.186531][  T426]  ? stack_trace_snprint+0x170/0x170
[   47.191644][  T426]  ? get_stack_info+0x35/0x200
[   47.196249][  T426]  ? call_function_single_interrupt+0xa/0x20
[   47.202060][  T426]  ? stack_trace_save_tsk+0x4b0/0x4b0
[   47.207276][  T426]  ? preempt_schedule_irq+0xc7/0x140
[   47.212389][  T426]  ? stack_trace_consume_entry_nosched+0x19/0x270
[   47.218654][  T426]  ? preempt_schedule_irq+0xc7/0x140
[   47.223760][  T426]  ? preempt_schedule_irq+0xc7/0x140
[   47.229007][  T426]  ? sched_cpu_dying+0x6d0/0x6d0
[   47.233788][  T426]  ? in_sched_functions+0x9/0x40
[   47.238551][  T426]  ? stack_trace_save_tsk+0x4b0/0x4b0
[   47.243908][  T426]  arch_stack_walk+0x111/0x140
[   47.248501][  T426]  ? check_memory_region+0x6b/0x280
[   47.253723][  T426]  stack_trace_save_tsk+0x309/0x4b0
[   47.258750][  T426]  ? stack_trace_consume_entry+0x240/0x240
[   47.264398][  T426]  ? _raw_spin_lock+0xa4/0x1b0
[   47.268996][  T426]  ? down_read_interruptible+0x220/0x220
[   47.274457][  T426]  proc_pid_stack+0x125/0x1e0
[   47.278969][  T426]  proc_single_show+0xda/0x160
[   47.283570][  T426]  seq_read+0x4df/0xe60
[   47.287572][  T426]  do_iter_read+0x3e8/0x580
[   47.291901][  T426]  do_preadv+0x20e/0x350
[   47.295979][  T426]  ? vfs_writev+0x350/0x350
[   47.300323][  T426]  ? __do_page_fault+0x725/0xbb0
[   47.305095][  T426]  do_syscall_64+0xca/0x1c0
[   47.309433][  T426]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   47.315180][  T426] RIP: 0033:0x7f9aea93a619
[   47.319415][  T426] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   47.339006][  T426] RSP: 002b:00007f9aea8f8198 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   47.347245][  T426] RAX: ffffffffffffffda RBX: 00007f9aea9c1328 RCX: 00007f9aea93a619
[   47.355056][  T426] RDX: 0000000000000332 RSI: 00004000000017c0 RDI: 0000000000000004
[   47.362867][  T426] RBP: 00007f9aea9c1320 R08: 0000000000000000 R09: 65732f636f72702f
[   47.370766][  T426] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9aea98e2b0
[   47.378575][  T426] R13: 00007f9aea8f81a0 R14: 00004000000017c0 R15: 00004000000000c0
[   47.386388][  T426] 
[   47.388554][  T426] The buggy address belongs to the page:
[   47.394042][  T426] page:ffffea0007b941c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[   47.402974][  T426] flags: 0x8000000000000000()
[   47.407490][  T426] raw: 8000000000000000 0000000000000000 ffffea0007b941c8 0000000000000000
[   47.415901][  T426] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   47.424315][  T426] page dumped because: kasan: bad access detected
[   47.430575][  T426] page_owner tracks the page as allocated
[   47.436123][  T426] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO)
[   47.447330][  T426]  prep_new_page+0x18f/0x370
[   47.451747][  T426]  get_page_from_freelist+0x2d13/0x2d90
[   47.457128][  T426]  __alloc_pages_nodemask+0x393/0x840
[   47.462339][  T426]  dup_task_struct+0x85/0x600
[   47.466848][  T426]  copy_process+0x56d/0x3230
[   47.471273][  T426]  _do_fork+0x197/0x900
[   47.475266][  T426]  __x64_sys_clone+0x26b/0x2c0
[   47.479867][  T426]  do_syscall_64+0xca/0x1c0
[   47.484208][  T426]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   47.489933][  T426] page last free stack trace:
[   47.494451][  T426]  __free_pages_ok+0x847/0x950
[   47.499047][  T426]  __free_pages+0x91/0x140
[   47.503301][  T426]  __free_slab+0x221/0x2e0
[   47.507557][  T426]  unfreeze_partials+0x14e/0x180
[   47.512416][  T426]  put_cpu_partial+0x44/0x180
[   47.516928][  T426]  __slab_free+0x297/0x360
[   47.521181][  T426]  qlist_free_all+0x43/0xb0
[   47.525522][  T426]  quarantine_reduce+0x1d9/0x210
[   47.530293][  T426]  __kasan_kmalloc+0x41/0x210
[   47.534808][  T426]  kmem_cache_alloc_trace+0xdc/0x260
[   47.539935][  T426]  proc_pid_stack+0x8d/0x1e0
[   47.544355][  T426]  proc_single_show+0xda/0x160
[   47.548955][  T426]  seq_read+0x4df/0xe60
[   47.552949][  T426]  do_iter_read+0x3e8/0x580
[   47.557287][  T426]  do_preadv+0x20e/0x350
[   47.561366][  T426]  do_syscall_64+0xca/0x1c0
[   47.565701][  T426] 
[   47.567874][  T426] Memory state around the buggy address:
[   47.573344][  T426]  ffff8881ee507780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.581332][  T426]  ffff8881ee507800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.589227][  T426] >ffff8881ee507880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.597126][  T426]                                      ^
[   47.602594][  T426]  ffff8881ee507900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.610496][  T426]  ffff8881ee507980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.618387][  T426] ==================================================================
[   47.626286][  T426] Disabling lock debugging due to kernel taint
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program