Warning: Permanently added '10.128.1.115' (ED25519) to the list of known hosts.
2025/12/17 00:33:47 ignoring optional flag "type"="gce"
2025/12/17 00:33:47 parsed 1 programs
2025/12/17 00:33:47 executed programs: 0
[ 39.859234][ T332] bridge0: port 1(bridge_slave_0) entered blocking state
[ 39.866441][ T332] bridge0: port 1(bridge_slave_0) entered disabled state
[ 39.873871][ T332] device bridge_slave_0 entered promiscuous mode
[ 39.880987][ T332] bridge0: port 2(bridge_slave_1) entered blocking state
[ 39.888068][ T332] bridge0: port 2(bridge_slave_1) entered disabled state
[ 39.895587][ T332] device bridge_slave_1 entered promiscuous mode
[ 39.933816][ T332] bridge0: port 2(bridge_slave_1) entered blocking state
[ 39.940858][ T332] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 39.948179][ T332] bridge0: port 1(bridge_slave_0) entered blocking state
[ 39.955208][ T332] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 39.971194][ T45] bridge0: port 1(bridge_slave_0) entered disabled state
[ 39.978465][ T45] bridge0: port 2(bridge_slave_1) entered disabled state
[ 39.985947][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 39.993391][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 40.002245][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 40.010504][ T45] bridge0: port 1(bridge_slave_0) entered blocking state
[ 40.017551][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 40.026367][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 40.034561][ T45] bridge0: port 2(bridge_slave_1) entered blocking state
[ 40.041569][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 40.053282][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 40.062248][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 40.075281][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 40.085839][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 40.094027][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 40.101408][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 40.109580][ T332] device veth0_vlan entered promiscuous mode
[ 40.119077][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 40.128413][ T332] device veth1_macvtap entered promiscuous mode
[ 40.137219][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 40.147027][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 40.167655][ T30] kauditd_printk_skb: 14 callbacks suppressed
[ 40.167671][ T30] audit: type=1400 audit(1765931628.113:88): avc: denied { create } for pid=342 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 40.194546][ T30] audit: type=1400 audit(1765931628.113:89): avc: denied { write } for pid=342 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 40.214934][ T30] audit: type=1400 audit(1765931628.113:90): avc: denied { nlmsg_write } for pid=342 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 40.236253][ T30] audit: type=1400 audit(1765931628.113:91): avc: denied { prog_load } for pid=342 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 40.812683][ C1] ==================================================================
[ 40.820792][ C1] BUG: KASAN: stack-out-of-bounds in __xfrm_dst_hash+0x399/0x480
[ 40.828612][ C1] Read of size 4 at addr ffffc900001d0ad8 by task syz-executor.0/332
[ 40.836661][ C1]
[ 40.838988][ C1] CPU: 1 PID: 332 Comm: syz-executor.0 Not tainted syzkaller #0
[ 40.846618][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 40.857210][ C1] Call Trace:
[ 40.860488][ C1]
[ 40.863325][ C1] __dump_stack+0x21/0x30
[ 40.867853][ C1] dump_stack_lvl+0xee/0x150
[ 40.872441][ C1] ? show_regs_print_info+0x20/0x20
[ 40.877616][ C1] ? load_image+0x3a0/0x3a0
[ 40.882093][ C1] print_address_description+0x7f/0x2c0
[ 40.887613][ C1] ? __xfrm_dst_hash+0x399/0x480
[ 40.892528][ C1] kasan_report+0xf1/0x140
[ 40.897034][ C1] ? __xfrm_dst_hash+0x399/0x480
[ 40.901966][ C1] __asan_report_load4_noabort+0x14/0x20
[ 40.907676][ C1] __xfrm_dst_hash+0x399/0x480
[ 40.912522][ C1] xfrm_state_find+0x27e/0x2a70
[ 40.917373][ C1] ? xfrm_sad_getinfo+0x170/0x170
[ 40.922392][ C1] ? xfrm_pol_bin_cmp+0x19e/0x310
[ 40.927477][ C1] xfrm_resolve_and_create_bundle+0x626/0x28d0
[ 40.933784][ C1] ? xfrm_sk_policy_lookup+0x470/0x470
[ 40.939219][ C1] ? xfrm_policy_lookup+0xc68/0xcc0
[ 40.944415][ C1] ? __xfrm_policy_check+0x28e0/0x28e0
[ 40.949846][ C1] ? __kasan_check_write+0x14/0x20
[ 40.954941][ C1] xfrm_lookup_with_ifid+0x6fd/0x2120
[ 40.960370][ C1] ? rt_set_nexthop+0x5ce/0x790
[ 40.965189][ C1] ? __xfrm_sk_clone_policy+0x680/0x680
[ 40.970965][ C1] ? ip_route_output_key_hash_rcu+0x15af/0x20e0
[ 40.977280][ C1] xfrm_lookup_route+0x3c/0x170
[ 40.982128][ C1] ip_route_output_flow+0x1d2/0x2d0
[ 40.987322][ C1] ? ipv4_sk_update_pmtu+0x1320/0x1320
[ 40.992771][ C1] ? make_kuid+0x1ad/0x640
[ 40.997170][ C1] ? __put_user_ns+0x60/0x60
[ 41.001733][ C1] ? __kasan_check_write+0x14/0x20
[ 41.006818][ C1] ? __alloc_skb+0x463/0x740
[ 41.011392][ C1] igmpv3_newpack+0x263/0xca0
[ 41.016068][ C1] ? ext4_mark_iloc_dirty+0x403/0x3f50
[ 41.021504][ C1] ? __ext4_mark_inode_dirty+0x428/0x610
[ 41.027387][ C1] ? ext4_unlink+0x13a/0x3a0
[ 41.031971][ C1] ? vfs_unlink+0x38e/0x620
[ 41.036451][ C1] ? do_unlinkat+0x31f/0x6b0
[ 41.041024][ C1] ? x64_sys_call+0x878/0x9a0
[ 41.045675][ C1] ? igmpv3_sendpack+0x190/0x190
[ 41.050688][ C1] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 41.056126][ C1] ? _raw_spin_lock+0xe0/0xe0
[ 41.060790][ C1] add_grhead+0x75/0x2e0
[ 41.065011][ C1] add_grec+0x116c/0x1410
[ 41.069312][ C1] ? __kasan_check_write+0x14/0x20
[ 41.074395][ C1] igmp_ifc_timer_expire+0x89e/0xf80
[ 41.079651][ C1] ? __kasan_check_write+0x14/0x20
[ 41.084734][ C1] ? _raw_spin_lock+0x8e/0xe0
[ 41.089469][ C1] ? _raw_spin_trylock_bh+0x130/0x130
[ 41.094812][ C1] ? igmp_gq_timer_expire+0xe0/0xe0
[ 41.099998][ C1] call_timer_fn+0x38/0x290
[ 41.104494][ C1] ? igmp_gq_timer_expire+0xe0/0xe0
[ 41.109758][ C1] __run_timers+0x639/0x9a0
[ 41.114242][ C1] ? calc_index+0x200/0x200
[ 41.118721][ C1] ? sched_clock_cpu+0x18/0x3c0
[ 41.123591][ C1] run_timer_softirq+0x6a/0xf0
[ 41.128356][ C1] handle_softirqs+0x250/0x560
[ 41.133123][ C1] __irq_exit_rcu+0x52/0xf0
[ 41.137630][ C1] irq_exit_rcu+0x9/0x10
[ 41.141857][ C1] sysvec_apic_timer_interrupt+0xa9/0xc0
[ 41.147479][ C1]
[ 41.150482][ C1]
[ 41.153397][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 41.159446][ C1] RIP: 0010:ext4_mark_iloc_dirty+0x403/0x3f50
[ 41.165490][ C1] Code: c0 4c 8b 7d b8 0f 85 7a 31 00 00 66 c7 03 00 00 48 8b 7d 90 be 08 00 00 00 e8 29 af ce ff 48 8b 5d c8 f0 80 a3 fa fe ff ff fb 45 c4 00 00 00 00 48 8b 55 d0 e9 db 01 00 00 43 80 3c 2c 00 4c
[ 41.185162][ C1] RSP: 0018:ffffc90000aa7a90 EFLAGS: 00000246
[ 41.191208][ C1] RAX: 0000000000000001 RBX: ffff8881203198b8 RCX: ffffffff81d894d7
[ 41.199155][ C1] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff8881203197b0
[ 41.207098][ C1] RBP: ffffc90000aa7b98 R08: dffffc0000000000 R09: ffffed10240632f7
[ 41.215155][ C1] R10: ffffed10240632f7 R11: 1ffff110240632f6 R12: 1ffff1102406331c
[ 41.223123][ C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881203198e0
[ 41.231089][ C1] ? ext4_mark_iloc_dirty+0x3f7/0x3f50
[ 41.236531][ C1] ? ext4_orphan_add+0xa20/0x1200
[ 41.241528][ C1] ? ext4_reserve_inode_write+0x281/0x320
[ 41.247216][ C1] __ext4_mark_inode_dirty+0x428/0x610
[ 41.252643][ C1] ? atime_needs_update+0x810/0x810
[ 41.257815][ C1] __ext4_unlink+0x60d/0xa90
[ 41.262391][ C1] ? __ext4_read_dirblock+0x8e0/0x8e0
[ 41.267732][ C1] ? clear_nonspinnable+0x60/0x60
[ 41.272728][ C1] ext4_unlink+0x13a/0x3a0
[ 41.277116][ C1] vfs_unlink+0x38e/0x620
[ 41.281420][ C1] do_unlinkat+0x31f/0x6b0
[ 41.285809][ C1] ? fsnotify_link_count+0x100/0x100
[ 41.291061][ C1] ? getname_flags+0x206/0x500
[ 41.295902][ C1] __x64_sys_unlink+0x49/0x50
[ 41.300548][ C1] x64_sys_call+0x878/0x9a0
[ 41.305024][ C1] do_syscall_64+0x4c/0xa0
[ 41.309410][ C1] ? clear_bhb_loop+0x50/0xa0
[ 41.314404][ C1] ? clear_bhb_loop+0x50/0xa0
[ 41.319048][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 41.325028][ C1] RIP: 0033:0x7f3fb9018117
[ 41.329415][ C1] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 41.349001][ C1] RSP: 002b:00007ffdb6793ce8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057
[ 41.357390][ C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f3fb9018117
[ 41.365339][ C1] RDX: 00007ffdb6793d10 RSI: 00007ffdb6793da0 RDI: 00007ffdb6793da0
[ 41.373292][ C1] RBP: 00007ffdb6793da0 R08: 0000000000000000 R09: 0000000000000000
[ 41.381238][ C1] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffdb6794e60
[ 41.389184][ C1] R13: 00007f3fb9073aa2 R14: 0000000000009f52 R15: 0000000000000005
[ 41.397135][ C1]
[ 41.400133][ C1]
[ 41.402430][ C1]
[ 41.404737][ C1] Memory state around the buggy address:
[ 41.410352][ C1] ffffc900001d0980: 00 00 f3 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00
[ 41.418496][ C1] ffffc900001d0a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.426544][ C1] >ffffc900001d0a80: f1 f1 f1 f1 00 00 00 00 00 00 00 f3 f3 f3 f3 f3
[ 41.434576][ C1] ^
[ 41.441479][ C1] ffffc900001d0b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.449512][ C1] ffffc900001d0b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.457542][ C1] ==================================================================
[ 41.465575][ C1] Disabling lock debugging due to kernel taint
2025/12/17 00:33:52 executed programs: 629
2025/12/17 00:33:57 executed programs: 1468