Warning: Permanently added '10.128.10.35' (ED25519) to the list of known hosts.
2025/05/08 02:27:28 ignoring optional flag "sandboxArg"="0"
2025/05/08 02:27:29 parsed 1 programs
[   52.924942][   T24] kauditd_printk_skb: 27 callbacks suppressed
[   52.924954][   T24] audit: type=1400 audit(1746671250.340:101): avc:  denied  { create } for  pid=412 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   52.953417][   T24] audit: type=1400 audit(1746671250.340:102): avc:  denied  { write } for  pid=412 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   52.975797][   T24] audit: type=1400 audit(1746671250.340:103): avc:  denied  { read } for  pid=412 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   52.996589][   T24] audit: type=1400 audit(1746671250.370:104): avc:  denied  { unlink } for  pid=412 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   53.025460][  T412] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   54.001069][   T24] audit: type=1400 audit(1746671251.420:105): avc:  denied  { create } for  pid=441 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   54.244388][   T24] audit: type=1401 audit(1746671251.660:106): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   54.345715][  T463] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.354262][  T463] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.362701][  T463] device bridge_slave_0 entered promiscuous mode
[   54.371955][  T463] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.380348][  T463] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.389928][  T463] device bridge_slave_1 entered promiscuous mode
[   54.425677][  T463] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.433262][  T463] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.440939][  T463] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.448565][  T463] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.468530][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.476560][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.484225][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.493278][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.501646][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.508996][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.518116][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.526561][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.533784][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.546778][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.557910][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.572024][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   54.583764][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   54.592264][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   54.600272][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   54.609229][  T463] device veth0_vlan entered promiscuous mode
[   54.619599][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   54.636706][  T463] device veth1_macvtap entered promiscuous mode
[   54.647524][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   54.659757][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2025/05/08 02:27:32 executed programs: 0
[   54.875867][  T473] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.883165][  T473] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.891403][  T473] device bridge_slave_0 entered promiscuous mode
[   54.898967][  T473] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.906256][  T473] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.914143][  T473] device bridge_slave_1 entered promiscuous mode
[   54.956744][  T473] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.964244][  T473] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.971751][  T473] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.979181][  T473] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.003580][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   55.012602][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.021283][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.031554][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   55.039874][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   55.048188][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   55.058071][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   55.067759][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.075484][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   55.095020][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   55.104805][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   55.127716][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   55.139083][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   55.148238][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   55.156169][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   55.165201][  T473] device veth0_vlan entered promiscuous mode
[   55.178679][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   55.188953][  T473] device veth1_macvtap entered promiscuous mode
[   55.201576][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   55.210746][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   55.240162][   T24] audit: type=1400 audit(1746671252.660:107): avc:  denied  { create } for  pid=483 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   55.253865][  T484] ==================================================================
[   55.260754][   T24] audit: type=1400 audit(1746671252.660:108): avc:  denied  { setopt } for  pid=483 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   55.269319][  T484] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   55.269338][  T484] Read of size 1 at addr ffff8881172f5bd8 by task syz.2.16/484
[   55.269340][  T484] 
[   55.269360][  T484] CPU: 1 PID: 484 Comm: syz.2.16 Not tainted 5.10.237-syzkaller-1007464-g7e2543346ff7 #0
[   55.269377][  T484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   55.292472][   T24] audit: type=1400 audit(1746671252.660:109): avc:  denied  { write } for  pid=483 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   55.301324][  T484] Call Trace:
[   55.301349][  T484]  __dump_stack+0x21/0x24
[   55.301361][  T484]  dump_stack_lvl+0x169/0x1d8
[   55.301373][  T484]  ? show_regs_print_info+0x18/0x18
[   55.301396][  T484]  ? thaw_kernel_threads+0x220/0x220
[   55.310434][   T24] audit: type=1400 audit(1746671252.660:110): avc:  denied  { create } for  pid=483 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   55.312199][  T484]  ? unwind_get_return_address+0x4d/0x90
[   55.410786][  T484]  print_address_description+0x7f/0x2c0
[   55.416517][  T484]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   55.423402][  T484]  kasan_report+0xe2/0x130
[   55.428103][  T484]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   55.435351][  T484]  __asan_report_load1_noabort+0x14/0x20
[   55.440998][  T484]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   55.447628][  T484]  xfrm_policy_inexact_insert_node+0x938/0xb50
[   55.453975][  T484]  ? netlink_unicast+0x87c/0xa40
[   55.459275][  T484]  ? netlink_sendmsg+0x88d/0xb30
[   55.464751][  T484]  ? ____sys_sendmsg+0x5a2/0x8c0
[   55.469910][  T484]  ? ___sys_sendmsg+0x1f0/0x260
[   55.475038][  T484]  ? __x64_sys_sendmsg+0x1e2/0x2a0
[   55.480173][  T484]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.487472][  T484]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[   55.493855][  T484]  xfrm_policy_inexact_insert+0x70/0x1130
[   55.499887][  T484]  ? __get_hash_thresh+0x10c/0x420
[   55.505842][  T484]  ? policy_hash_bysel+0x110/0x4f0
[   55.511095][  T484]  xfrm_policy_insert+0xe0/0x930
[   55.516328][  T484]  xfrm_add_policy+0x4d1/0x830
[   55.521288][  T484]  ? xfrm_dump_sa_done+0xc0/0xc0
[   55.526636][  T484]  xfrm_user_rcv_msg+0x450/0x6d0
[   55.531689][  T484]  ? xfrm_netlink_rcv+0x90/0x90
[   55.536902][  T484]  ? selinux_nlmsg_lookup+0x219/0x4a0
[   55.543668][  T484]  netlink_rcv_skb+0x1e0/0x430
[   55.548840][  T484]  ? xfrm_netlink_rcv+0x90/0x90
[   55.554118][  T484]  ? netlink_ack+0xb80/0xb80
[   55.558699][  T484]  ? mutex_trylock+0xa0/0xa0
[   55.563627][  T484]  ? __netlink_lookup+0x387/0x3b0
[   55.568738][  T484]  xfrm_netlink_rcv+0x72/0x90
[   55.573597][  T484]  netlink_unicast+0x87c/0xa40
[   55.578452][  T484]  netlink_sendmsg+0x88d/0xb30
[   55.583318][  T484]  ? schedule_preempt_disabled+0x20/0x20
[   55.589056][  T484]  ? netlink_getsockopt+0x530/0x530
[   55.594268][  T484]  ? security_socket_sendmsg+0x82/0xa0
[   55.599908][  T484]  ? netlink_getsockopt+0x530/0x530
[   55.605095][  T484]  ____sys_sendmsg+0x5a2/0x8c0
[   55.610165][  T484]  ? __sys_sendmsg_sock+0x40/0x40
[   55.615634][  T484]  ? import_iovec+0x7c/0xb0
[   55.620425][  T484]  ___sys_sendmsg+0x1f0/0x260
[   55.625641][  T484]  ? __sys_sendmsg+0x250/0x250
[   55.630745][  T484]  ? __fdget+0x1a1/0x230
[   55.635682][  T484]  __x64_sys_sendmsg+0x1e2/0x2a0
[   55.641313][  T484]  ? ___sys_sendmsg+0x260/0x260
[   55.646500][  T484]  ? switch_fpu_return+0x197/0x340
[   55.651937][  T484]  do_syscall_64+0x31/0x40
[   55.656886][  T484]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.663655][  T484] RIP: 0033:0x7f3040ab0169
[   55.668339][  T484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.689200][  T484] RSP: 002b:00007f3040521038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.697894][  T484] RAX: ffffffffffffffda RBX: 00007f3040cd7fa0 RCX: 00007f3040ab0169
[   55.706318][  T484] RDX: 0000000000004000 RSI: 0000200000000580 RDI: 0000000000000005
[   55.715001][  T484] RBP: 00007f3040b32a68 R08: 0000000000000000 R09: 0000000000000000
[   55.723115][  T484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   55.732051][  T484] R13: 0000000000000000 R14: 00007f3040cd7fa0 R15: 00007ffe242f8598
[   55.740913][  T484] 
[   55.743926][  T484] Allocated by task 484:
[   55.748184][  T484]  __kasan_kmalloc+0xda/0x110
[   55.752863][  T484]  __kmalloc+0x1a7/0x330
[   55.757501][  T484]  sk_prot_alloc+0xb2/0x340
[   55.762747][  T484]  sk_alloc+0x38/0x4e0
[   55.767328][  T484]  pfkey_create+0x12a/0x660
[   55.772200][  T484]  __sock_create+0x38d/0x770
[   55.777136][  T484]  __sys_socket+0xec/0x190
[   55.781693][  T484]  __x64_sys_socket+0x7a/0x90
[   55.786568][  T484]  do_syscall_64+0x31/0x40
[   55.791003][  T484]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.797061][  T484] 
[   55.799624][  T484] The buggy address belongs to the object at ffff8881172f5800
[   55.799624][  T484]  which belongs to the cache kmalloc-1k of size 1024
[   55.814067][  T484] The buggy address is located 984 bytes inside of
[   55.814067][  T484]  1024-byte region [ffff8881172f5800, ffff8881172f5c00)
[   55.827410][  T484] The buggy address belongs to the page:
[   55.833523][  T484] page:ffffea00045cbc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1172f0
[   55.844432][  T484] head:ffffea00045cbc00 order:3 compound_mapcount:0 compound_pincount:0
[   55.853416][  T484] flags: 0x4000000000010200(slab|head)
[   55.858882][  T484] raw: 4000000000010200 ffffea00045ca400 0000000200000002 ffff888100042f00
[   55.867888][  T484] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   55.876577][  T484] page dumped because: kasan: bad access detected
[   55.883091][  T484] page_owner tracks the page as allocated
[   55.889222][  T484] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 107, ts 6583148321, free_ts 0
[   55.907685][  T484]  prep_new_page+0x179/0x180
[   55.912366][  T484]  get_page_from_freelist+0x2235/0x23d0
[   55.917910][  T484]  __alloc_pages_nodemask+0x268/0x5f0
[   55.923361][  T484]  new_slab+0x84/0x3f0
[   55.927699][  T484]  ___slab_alloc+0x2a6/0x450
[   55.932467][  T484]  __slab_alloc+0x63/0xa0
[   55.937000][  T484]  __kmalloc_track_caller+0x1ef/0x320
[   55.942574][  T484]  __alloc_skb+0xdc/0x520
[   55.947073][  T484]  netlink_sendmsg+0x5f6/0xb30
[   55.951890][  T484]  ____sys_sendmsg+0x5a2/0x8c0
[   55.956681][  T484]  ___sys_sendmsg+0x1f0/0x260
[   55.961451][  T484]  __x64_sys_sendmsg+0x1e2/0x2a0
[   55.966503][  T484]  do_syscall_64+0x31/0x40
[   55.971155][  T484]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.977408][  T484] page_owner free stack trace missing
[   55.982923][  T484] 
[   55.985261][  T484] Memory state around the buggy address:
[   55.991161][  T484]  ffff8881172f5a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   55.999876][  T484]  ffff8881172f5b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   56.009575][  T484] >ffff8881172f5b80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   56.017880][  T484]                                                     ^
[   56.024886][  T484]  ffff8881172f5c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   56.033731][  T484]  ffff8881172f5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   56.042133][  T484] ==================================================================
[   56.051325][  T484] Disabling lock debugging due to kernel taint
[   56.607277][    T7] device bridge_slave_1 left promiscuous mode
[   56.613438][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.621543][    T7] device bridge_slave_0 left promiscuous mode
[   56.628416][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.641042][    T7] device veth1_macvtap left promiscuous mode
[   56.647813][    T7] device veth0_vlan left promiscuous mode
2025/05/08 02:27:37 executed programs: 228
[   59.878030][   T24] kauditd_printk_skb: 9 callbacks suppressed
[   59.878043][   T24] audit: type=1400 audit(1746671257.300:120): avc:  denied  { write } for  pid=403 comm="syz-execprog" path="pipe:[14962]" dev="pipefs" ino=14962 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
2025/05/08 02:27:42 executed programs: 525