Warning: Permanently added '10.128.10.9' (ED25519) to the list of known hosts.
2025/02/23 08:02:59 ignoring optional flag "sandboxArg"="0"
2025/02/23 08:03:00 parsed 1 programs
[   59.569405][   T23] kauditd_printk_skb: 29 callbacks suppressed
[   59.569418][   T23] audit: type=1400 audit(1740297781.720:105): avc:  denied  { unlink } for  pid=498 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   59.699671][  T498] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   60.197905][   T23] audit: type=1400 audit(1740297782.350:106): avc:  denied  { mounton } for  pid=504 comm="syz-executor" path="/root/syzkaller.WNrV3z/syz-tmp/newroot/dev" dev="tmpfs" ino=13365 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   61.032228][   T23] audit: type=1401 audit(1740297783.180:107): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   61.157695][  T552] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.164638][  T552] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.172134][  T552] device bridge_slave_0 entered promiscuous mode
[   61.179335][  T552] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.186589][  T552] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.194845][  T552] device bridge_slave_1 entered promiscuous mode
[   61.256818][  T552] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.264013][  T552] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.271150][  T552] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.278243][  T552] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.305802][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   61.313766][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.321962][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.335588][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   61.344199][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.351499][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.362093][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   61.370493][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.377569][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.396811][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   61.406958][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   61.426572][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   61.444618][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   61.465344][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   61.480333][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   61.491626][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2025/02/23 08:03:03 executed programs: 0
[   61.895812][  T563] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.902675][  T563] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.911909][  T563] device bridge_slave_0 entered promiscuous mode
[   61.919725][  T563] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.927008][  T563] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.935164][  T563] device bridge_slave_1 entered promiscuous mode
[   61.998513][  T563] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.005486][  T563] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.012837][  T563] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.020162][  T563] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.048160][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   62.055839][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.063145][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.073195][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   62.081658][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.088626][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.099043][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   62.107777][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.114749][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.130642][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   62.139023][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   62.149741][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   62.158247][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   62.178339][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   62.187433][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   62.200226][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   62.208510][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   62.223255][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.232327][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.251737][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   62.260633][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   62.276501][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   62.285296][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.322902][   T23] audit: type=1400 audit(1740297784.470:108): avc:  denied  { read } for  pid=568 comm="syz.2.16" name="msr" dev="devtmpfs" ino=9406 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   62.348350][   T23] audit: type=1400 audit(1740297784.470:109): avc:  denied  { open } for  pid=568 comm="syz.2.16" path="/dev/cpu/0/msr" dev="devtmpfs" ino=9406 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[   62.735206][  T180] device bridge_slave_1 left promiscuous mode
[   62.742683][  T180] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.751394][  T180] device bridge_slave_0 left promiscuous mode
[   62.758518][  T180] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.484281][   T13] cfg80211: failed to load regulatory.db
2025/02/23 08:03:08 executed programs: 22
2025/02/23 08:03:14 executed programs: 50
2025/02/23 08:03:19 executed programs: 84
2025/02/23 08:03:24 executed programs: 117
2025/02/23 08:03:29 executed programs: 146
2025/02/23 08:03:35 executed programs: 177
[   97.807688][ T1113] ==================================================================
[   97.815995][ T1113] BUG: KASAN: out-of-bounds in unwind_next_frame+0x1cd/0x1ea0
[   97.823358][ T1113] Read of size 8 at addr ffff8881def1f890 by task syz.2.222/1113
[   97.831294][ T1113] 
[   97.834140][ T1113] CPU: 0 PID: 1113 Comm: syz.2.222 Not tainted 5.4.290-syzkaller-05051-g6b07fcd94a6a #0
[   97.843633][ T1113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   97.853619][ T1113] Call Trace:
[   97.856850][ T1113]  dump_stack+0x1d8/0x241
[   97.860998][ T1113]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   97.866681][ T1113]  ? printk+0xd1/0x111
[   97.870946][ T1113]  ? __sanitizer_cov_trace_const_cmp4+0x4/0x70
[   97.877176][ T1113]  ? unwind_next_frame+0x1cd/0x1ea0
[   97.882209][ T1113]  print_address_description+0x8c/0x600
[   97.887835][ T1113]  ? get_reg+0xf7/0x220
[   97.891801][ T1113]  ? get_reg+0x105/0x220
[   97.895988][ T1113]  ? __sanitizer_cov_trace_const_cmp4+0x4/0x70
[   97.901968][ T1113]  ? unwind_next_frame+0x1cd/0x1ea0
[   97.907006][ T1113]  __kasan_report+0xf3/0x120
[   97.911430][ T1113]  ? unwind_next_frame+0x1cd/0x1ea0
[   97.916631][ T1113]  kasan_report+0x30/0x60
[   97.920804][ T1113]  ? preempt_count_add+0x8f/0x180
[   97.925917][ T1113]  unwind_next_frame+0x1cd/0x1ea0
[   97.930868][ T1113]  ? __sanitizer_cov_trace_const_cmp4+0x4/0x70
[   97.937195][ T1113]  ? unwind_get_return_address_ptr+0xa0/0xa0
[   97.943631][ T1113]  ? arch_stack_walk+0xf5/0x140
[   97.948329][ T1113]  ? __sanitizer_cov_trace_const_cmp4+0x4/0x70
[   97.954548][ T1113]  ? retint_kernel+0x1b/0x1b
[   97.958993][ T1113]  ? stack_trace_save+0x118/0x1c0
[   97.964005][ T1113]  ? stack_trace_snprint+0x170/0x170
[   97.969163][ T1113]  ? get_stack_info+0x35/0x200
[   97.973919][ T1113]  ? __unwind_start+0x583/0x890
[   97.978840][ T1113]  ? deref_stack_reg+0x1f0/0x1f0
[   97.983877][ T1113]  ? proc_pid_stack+0x8d/0x1e0
[   97.988509][ T1113]  ? proc_single_show+0xda/0x160
[   97.993547][ T1113]  ? seq_read+0x4df/0xe60
[   97.997832][ T1113]  ? do_preadv+0x20e/0x350
[   98.002361][ T1113]  ? in_sched_functions+0x9/0x40
[   98.007497][ T1113]  ? stack_trace_save_tsk+0x4b0/0x4b0
[   98.012815][ T1113]  arch_stack_walk+0x111/0x140
[   98.017584][ T1113]  ? __sanitizer_cov_trace_const_cmp4+0x4/0x70
[   98.024002][ T1113]  stack_trace_save_tsk+0x309/0x4b0
[   98.029409][ T1113]  ? stack_trace_consume_entry+0x240/0x240
[   98.035274][ T1113]  ? _raw_spin_lock+0xa4/0x1b0
[   98.039881][ T1113]  ? down_read_interruptible+0x220/0x220
[   98.045342][ T1113]  proc_pid_stack+0x125/0x1e0
[   98.049945][ T1113]  proc_single_show+0xda/0x160
[   98.054551][ T1113]  seq_read+0x4df/0xe60
[   98.058540][ T1113]  do_iter_read+0x3e8/0x580
[   98.062870][ T1113]  do_preadv+0x20e/0x350
[   98.066947][ T1113]  ? vfs_writev+0x350/0x350
[   98.071292][ T1113]  ? schedule+0x143/0x1d0
[   98.075711][ T1113]  do_syscall_64+0xca/0x1c0
[   98.080213][ T1113]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   98.086027][ T1113] RIP: 0033:0x7f78bd6ecde9
[   98.090383][ T1113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.110061][ T1113] RSP: 002b:00007f78bd13e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   98.118417][ T1113] RAX: ffffffffffffffda RBX: 00007f78bd906080 RCX: 00007f78bd6ecde9
[   98.126555][ T1113] RDX: 0000000000000332 RSI: 00004000000017c0 RDI: 0000000000000004
[   98.134365][ T1113] RBP: 00007f78bd76e2a0 R08: 0000000000000000 R09: 0000000000000000
[   98.142348][ T1113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   98.150370][ T1113] R13: 0000000000000000 R14: 00007f78bd906080 R15: 00007fff3b6b4148
[   98.158180][ T1113] 
[   98.160423][ T1113] The buggy address belongs to the page:
[   98.166100][ T1113] page:ffffea00077bc7c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[   98.175027][ T1113] flags: 0x8000000000000000()
[   98.179614][ T1113] raw: 8000000000000000 0000000000000000 ffffea00077bc7c8 0000000000000000
[   98.188155][ T1113] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   98.196792][ T1113] page dumped because: kasan: bad access detected
[   98.203138][ T1113] page_owner tracks the page as allocated
[   98.208777][ T1113] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT)
[   98.220446][ T1113]  prep_new_page+0x18f/0x370
[   98.224954][ T1113]  get_page_from_freelist+0x2d13/0x2d90
[   98.230341][ T1113]  __alloc_pages_nodemask+0x393/0x840
[   98.235650][ T1113]  dup_task_struct+0x85/0x600
[   98.240356][ T1113]  copy_process+0x56d/0x3230
[   98.245003][ T1113]  _do_fork+0x197/0x900
[   98.249370][ T1113]  __x64_sys_clone+0x26b/0x2c0
[   98.254042][ T1113]  do_syscall_64+0xca/0x1c0
[   98.258380][ T1113]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   98.264096][ T1113] page last free stack trace:
[   98.268705][ T1113]  __free_pages_ok+0x847/0x950
[   98.273315][ T1113]  __free_pages+0x91/0x140
[   98.277734][ T1113]  __free_slab+0x221/0x2e0
[   98.282412][ T1113]  unfreeze_partials+0x14e/0x180
[   98.287326][ T1113]  put_cpu_partial+0x44/0x180
[   98.292208][ T1113]  __slab_free+0x297/0x360
[   98.296559][ T1113]  qlist_free_all+0x43/0xb0
[   98.300936][ T1113]  quarantine_reduce+0x1d9/0x210
[   98.305663][ T1113]  __kasan_kmalloc+0x41/0x210
[   98.310398][ T1113]  kmem_cache_alloc_trace+0xdc/0x260
[   98.315889][ T1113]  proc_pid_stack+0x8d/0x1e0
[   98.320405][ T1113]  proc_single_show+0xda/0x160
[   98.325086][ T1113]  seq_read+0x4df/0xe60
[   98.329204][ T1113]  do_iter_read+0x3e8/0x580
[   98.333501][ T1113]  do_preadv+0x20e/0x350
[   98.337668][ T1113]  do_syscall_64+0xca/0x1c0
[   98.342098][ T1113] 
[   98.344361][ T1113] Memory state around the buggy address:
[   98.349935][ T1113]  ffff8881def1f780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   98.358199][ T1113]  ffff8881def1f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   98.366620][ T1113] >ffff8881def1f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   98.374968][ T1113]                          ^
[   98.379391][ T1113]  ffff8881def1f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   98.387501][ T1113]  ffff8881def1f980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   98.395400][ T1113] ==================================================================
[   98.403393][ T1113] Disabling lock debugging due to kernel taint
2025/02/23 08:03:40 executed programs: 209
2025/02/23 08:03:46 executed programs: 240