Warning: Permanently added '10.128.10.40' (ED25519) to the list of known hosts.
2025/05/23 10:58:12 ignoring optional flag "sandboxArg"="0"
2025/05/23 10:58:13 parsed 1 programs
[   50.586043][   T24] kauditd_printk_skb: 27 callbacks suppressed
[   50.586051][   T24] audit: type=1400 audit(1747997893.550:101): avc:  denied  { create } for  pid=410 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   50.612586][   T24] audit: type=1400 audit(1747997893.550:102): avc:  denied  { write } for  pid=410 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   50.633237][   T24] audit: type=1400 audit(1747997893.550:103): avc:  denied  { read } for  pid=410 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   50.653942][   T24] audit: type=1400 audit(1747997893.580:104): avc:  denied  { unlink } for  pid=410 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   50.653951][  T410] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   51.312022][   T24] audit: type=1401 audit(1747997894.280:105): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   51.346412][  T444] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.353553][  T444] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.361212][  T444] device bridge_slave_0 entered promiscuous mode
[   51.368534][  T444] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.375912][  T444] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.383491][  T444] device bridge_slave_1 entered promiscuous mode
[   51.409582][  T444] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.416631][  T444] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.423896][  T444] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.430929][  T444] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.446137][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.453876][  T312] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.461287][  T312] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.471157][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.479239][  T312] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.486263][  T312] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.494368][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.503071][  T312] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.510109][  T312] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.526313][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.534222][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.545235][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.555672][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.563627][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.571321][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.579437][  T444] device veth0_vlan entered promiscuous mode
[   51.589420][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.598168][  T444] device veth1_macvtap entered promiscuous mode
[   51.607434][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.617018][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.715442][   T24] audit: type=1400 audit(1747997894.680:106): avc:  denied  { create } for  pid=457 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
2025/05/23 10:58:14 executed programs: 0
[   51.990801][  T468] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.997941][  T468] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.005277][  T468] device bridge_slave_0 entered promiscuous mode
[   52.012357][  T468] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.019364][  T468] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.026893][  T468] device bridge_slave_1 entered promiscuous mode
[   52.055085][  T468] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.062129][  T468] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.069415][  T468] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.076466][  T468] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.093927][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.101873][  T312] bridge0: port 1(bridge_slave_0) entered disabled state
[   52.109052][  T312] bridge0: port 2(bridge_slave_1) entered disabled state
[   52.122876][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.131231][  T312] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.138256][  T312] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.151089][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.159339][  T312] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.166377][  T312] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.176898][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   52.186023][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   52.201985][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   52.212523][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   52.220818][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   52.228163][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   52.236665][  T468] device veth0_vlan entered promiscuous mode
[   52.250898][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   52.260045][  T468] device veth1_macvtap entered promiscuous mode
[   52.268716][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   52.286344][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   52.305586][  T312] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   52.315132][   T24] audit: type=1400 audit(1747997895.290:107): avc:  denied  { create } for  pid=475 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.316003][  T476] ==================================================================
[   52.342557][  T476] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   52.343685][   T24] audit: type=1400 audit(1747997895.290:108): avc:  denied  { setopt } for  pid=475 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.351729][  T476] Read of size 1 at addr ffff8881168e53d8 by task syz.2.16/476
[   52.351732][  T476] 
[   52.351750][  T476] CPU: 0 PID: 476 Comm: syz.2.16 Not tainted 5.10.237-syzkaller-1007464-g7e2543346ff7 #0
[   52.351754][  T476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   52.351766][  T476] Call Trace:
[   52.351781][  T476]  __dump_stack+0x21/0x24
[   52.351795][  T476]  dump_stack_lvl+0x169/0x1d8
[   52.371524][   T24] audit: type=1400 audit(1747997895.290:109): avc:  denied  { write } for  pid=475 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   52.378554][  T476]  ? show_regs_print_info+0x18/0x18
[   52.381260][   T24] audit: type=1400 audit(1747997895.290:110): avc:  denied  { create } for  pid=475 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   52.390631][  T476]  ? thaw_kernel_threads+0x220/0x220
[   52.390642][  T476]  ? unwind_get_return_address+0x4d/0x90
[   52.390656][  T476]  print_address_description+0x7f/0x2c0
[   52.390667][  T476]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   52.390683][  T476]  kasan_report+0xe2/0x130
[   52.484330][  T476]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   52.490909][  T476]  __asan_report_load1_noabort+0x14/0x20
[   52.496573][  T476]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   52.503320][  T476]  xfrm_policy_inexact_insert_node+0x938/0xb50
[   52.509448][  T476]  ? netlink_unicast+0x87c/0xa40
[   52.514455][  T476]  ? netlink_sendmsg+0x88d/0xb30
[   52.519368][  T476]  ? ____sys_sendmsg+0x5a2/0x8c0
[   52.524293][  T476]  ? ___sys_sendmsg+0x1f0/0x260
[   52.529118][  T476]  ? __x64_sys_sendmsg+0x1e2/0x2a0
[   52.534206][  T476]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.540332][  T476]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[   52.546460][  T476]  xfrm_policy_inexact_insert+0x70/0x1130
[   52.552179][  T476]  ? __get_hash_thresh+0x10c/0x420
[   52.557258][  T476]  ? policy_hash_bysel+0x110/0x4f0
[   52.562377][  T476]  xfrm_policy_insert+0xe0/0x930
[   52.567372][  T476]  xfrm_add_policy+0x4d1/0x830
[   52.572107][  T476]  ? xfrm_dump_sa_done+0xc0/0xc0
[   52.577038][  T476]  xfrm_user_rcv_msg+0x450/0x6d0
[   52.581955][  T476]  ? xfrm_netlink_rcv+0x90/0x90
[   52.586788][  T476]  ? selinux_nlmsg_lookup+0x219/0x4a0
[   52.592134][  T476]  netlink_rcv_skb+0x1e0/0x430
[   52.596881][  T476]  ? xfrm_netlink_rcv+0x90/0x90
[   52.601716][  T476]  ? netlink_ack+0xb80/0xb80
[   52.606289][  T476]  ? mutex_trylock+0xa0/0xa0
[   52.610855][  T476]  ? __netlink_lookup+0x387/0x3b0
[   52.615965][  T476]  xfrm_netlink_rcv+0x72/0x90
[   52.620612][  T476]  netlink_unicast+0x87c/0xa40
[   52.625359][  T476]  netlink_sendmsg+0x88d/0xb30
[   52.630118][  T476]  ? schedule_preempt_disabled+0x20/0x20
[   52.635730][  T476]  ? netlink_getsockopt+0x530/0x530
[   52.640905][  T476]  ? security_socket_sendmsg+0x82/0xa0
[   52.646335][  T476]  ? netlink_getsockopt+0x530/0x530
[   52.651508][  T476]  ____sys_sendmsg+0x5a2/0x8c0
[   52.656242][  T476]  ? __sys_sendmsg_sock+0x40/0x40
[   52.661240][  T476]  ? import_iovec+0x7c/0xb0
[   52.665736][  T476]  ___sys_sendmsg+0x1f0/0x260
[   52.670393][  T476]  ? __sys_sendmsg+0x250/0x250
[   52.675137][  T476]  ? __fdget+0x1a1/0x230
[   52.679350][  T476]  __x64_sys_sendmsg+0x1e2/0x2a0
[   52.684259][  T476]  ? ___sys_sendmsg+0x260/0x260
[   52.689080][  T476]  ? switch_fpu_return+0x197/0x340
[   52.694165][  T476]  do_syscall_64+0x31/0x40
[   52.698555][  T476]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.704425][  T476] RIP: 0033:0x7fb65e663169
[   52.708813][  T476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.728396][  T476] RSP: 002b:00007fb65e0d4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.736781][  T476] RAX: ffffffffffffffda RBX: 00007fb65e88afa0 RCX: 00007fb65e663169
[   52.744726][  T476] RDX: 0000000000004000 RSI: 0000200000000580 RDI: 0000000000000005
[   52.752846][  T476] RBP: 00007fb65e6e5a68 R08: 0000000000000000 R09: 0000000000000000
[   52.760789][  T476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   52.768837][  T476] R13: 0000000000000000 R14: 00007fb65e88afa0 R15: 00007ffe46d56f58
[   52.776897][  T476] 
[   52.779199][  T476] Allocated by task 476:
[   52.783416][  T476]  __kasan_kmalloc+0xda/0x110
[   52.788152][  T476]  __kmalloc+0x1a7/0x330
[   52.792609][  T476]  sk_prot_alloc+0xb2/0x340
[   52.797102][  T476]  sk_alloc+0x38/0x4e0
[   52.801147][  T476]  pfkey_create+0x12a/0x660
[   52.805637][  T476]  __sock_create+0x38d/0x770
[   52.810200][  T476]  __sys_socket+0xec/0x190
[   52.814589][  T476]  __x64_sys_socket+0x7a/0x90
[   52.819233][  T476]  do_syscall_64+0x31/0x40
[   52.823733][  T476]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.829637][  T476] 
[   52.832050][  T476] The buggy address belongs to the object at ffff8881168e5000
[   52.832050][  T476]  which belongs to the cache kmalloc-1k of size 1024
[   52.846425][  T476] The buggy address is located 984 bytes inside of
[   52.846425][  T476]  1024-byte region [ffff8881168e5000, ffff8881168e5400)
[   52.860008][  T476] The buggy address belongs to the page:
[   52.865713][  T476] page:ffffea00045a3800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1168e0
[   52.876106][  T476] head:ffffea00045a3800 order:3 compound_mapcount:0 compound_pincount:0
[   52.884761][  T476] flags: 0x4000000000010200(slab|head)
[   52.890855][  T476] raw: 4000000000010200 ffffea00045a0600 0000000500000005 ffff888100042f00
[   52.899422][  T476] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   52.908018][  T476] page dumped because: kasan: bad access detected
[   52.914410][  T476] page_owner tracks the page as allocated
[   52.920195][  T476] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 95, ts 4705596496, free_ts 0
[   52.938325][  T476]  prep_new_page+0x179/0x180
[   52.942912][  T476]  get_page_from_freelist+0x2235/0x23d0
[   52.948432][  T476]  __alloc_pages_nodemask+0x268/0x5f0
[   52.954008][  T476]  new_slab+0x84/0x3f0
[   52.958049][  T476]  ___slab_alloc+0x2a6/0x450
[   52.962639][  T476]  __slab_alloc+0x63/0xa0
[   52.967026][  T476]  __kmalloc_track_caller+0x1ef/0x320
[   52.972457][  T476]  __alloc_skb+0xdc/0x520
[   52.976756][  T476]  netlink_sendmsg+0x5f6/0xb30
[   52.981755][  T476]  ____sys_sendmsg+0x5a2/0x8c0
[   52.986498][  T476]  ___sys_sendmsg+0x1f0/0x260
[   52.991145][  T476]  __x64_sys_sendmsg+0x1e2/0x2a0
[   52.996083][  T476]  do_syscall_64+0x31/0x40
[   53.000566][  T476]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   53.006425][  T476] page_owner free stack trace missing
[   53.011764][  T476] 
[   53.014060][  T476] Memory state around the buggy address:
[   53.019672][  T476]  ffff8881168e5280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.027930][  T476]  ffff8881168e5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   53.035983][  T476] >ffff8881168e5380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   53.044038][  T476]                                                     ^
[   53.051038][  T476]  ffff8881168e5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   53.059084][  T476]  ffff8881168e5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   53.067112][  T476] ==================================================================
[   53.075236][  T476] Disabling lock debugging due to kernel taint
[   53.760354][    T9] device bridge_slave_1 left promiscuous mode
[   53.766621][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.774148][    T9] device bridge_slave_0 left promiscuous mode
[   53.780368][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.788352][    T9] device veth1_macvtap left promiscuous mode
[   53.794758][    T9] device veth0_vlan left promiscuous mode
2025/05/23 10:58:19 executed programs: 231
[   56.961142][   T24] kauditd_printk_skb: 9 callbacks suppressed
[   56.961150][   T24] audit: type=1400 audit(1747997899.930:120): avc:  denied  { write } for  pid=401 comm="syz-execprog" path="pipe:[15026]" dev="pipefs" ino=15026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
2025/05/23 10:58:24 executed programs: 531