Warning: Permanently added '10.128.0.174' (ED25519) to the list of known hosts.
2023/09/14 09:44:47 ignoring optional flag "sandboxArg"="0"
2023/09/14 09:44:47 parsed 1 programs
2023/09/14 09:44:47 executed programs: 0
[ 40.058182][ T30] audit: type=1400 audit(1694684687.283:152): avc: denied { mounton } for pid=341 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 40.082917][ T30] audit: type=1400 audit(1694684687.293:153): avc: denied { mount } for pid=341 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 40.143771][ T345] bridge0: port 1(bridge_slave_0) entered blocking state
[ 40.150753][ T345] bridge0: port 1(bridge_slave_0) entered disabled state
[ 40.157884][ T345] device bridge_slave_0 entered promiscuous mode
[ 40.164748][ T345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 40.171669][ T345] bridge0: port 2(bridge_slave_1) entered disabled state
[ 40.179678][ T345] device bridge_slave_1 entered promiscuous mode
[ 40.222672][ T30] audit: type=1400 audit(1694684687.453:154): avc: denied { write } for pid=345 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 40.228746][ T345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 40.243600][ T30] audit: type=1400 audit(1694684687.453:155): avc: denied { read } for pid=345 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 40.250355][ T345] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 40.277758][ T345] bridge0: port 1(bridge_slave_0) entered blocking state
[ 40.285013][ T345] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 40.304185][ T20] bridge0: port 1(bridge_slave_0) entered disabled state
[ 40.311289][ T20] bridge0: port 2(bridge_slave_1) entered disabled state
[ 40.318391][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 40.326051][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 40.335971][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 40.344224][ T294] bridge0: port 1(bridge_slave_0) entered blocking state
[ 40.351180][ T294] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 40.371604][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 40.380187][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 40.391332][ T20] bridge0: port 2(bridge_slave_1) entered blocking state
[ 40.398173][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 40.406489][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 40.414443][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 40.424041][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 40.432054][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 40.439284][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 40.447546][ T345] device veth0_vlan entered promiscuous mode
[ 40.458192][ T345] device veth1_macvtap entered promiscuous mode
[ 40.465216][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 40.475840][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 40.487173][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 40.500104][ T30] audit: type=1400 audit(1694684687.723:156): avc: denied { mounton } for pid=345 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=362 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 40.530834][ T30] audit: type=1400 audit(1694684687.753:157): avc: denied { write } for pid=350 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 40.554354][ T30] audit: type=1400 audit(1694684687.753:158): avc: denied { nlmsg_write } for pid=350 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 40.579452][ T30] audit: type=1400 audit(1694684687.753:159): avc: denied { prog_load } for pid=350 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 41.280651][ C0] ==================================================================
[ 41.288552][ C0] BUG: KASAN: stack-out-of-bounds in __xfrm_dst_hash+0x38d/0x460
[ 41.296277][ C0] Read of size 4 at addr ffffc90000007ab8 by task swapper/0/0
[ 41.303649][ C0]
[ 41.306090][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.15.131-syzkaller-1068696-gea586874d2f9 #0
[ 41.315900][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
[ 41.325995][ C0] Call Trace:
[ 41.329087][ C0]
[ 41.331775][ C0] dump_stack_lvl+0x151/0x1b7
[ 41.336460][ C0] ? io_uring_drop_tctx_refs+0x190/0x190
[ 41.342132][ C0] ? panic+0x751/0x751
[ 41.346003][ C0] print_address_description+0x87/0x3b0
[ 41.351387][ C0] kasan_report+0x179/0x1c0
[ 41.355733][ C0] ? __xfrm_dst_hash+0x38d/0x460
[ 41.360500][ C0] ? __xfrm_dst_hash+0x38d/0x460
[ 41.365544][ C0] __asan_report_load4_noabort+0x14/0x20
[ 41.371208][ C0] __xfrm_dst_hash+0x38d/0x460
[ 41.375874][ C0] xfrm_state_find+0x2f1/0x2f70
[ 41.380572][ C0] ? xfrm_sad_getinfo+0x170/0x170
[ 41.385515][ C0] ? xfrm4_get_saddr+0x18c/0x2a0
[ 41.390276][ C0] ? secondary_startup_64_no_verify+0xb1/0xbb
[ 41.396279][ C0] ? rhashtable_lookup+0x499/0x520
[ 41.401319][ C0] ? stack_trace_snprint+0xf0/0xf0
[ 41.406342][ C0] xfrm_resolve_and_create_bundle+0x65a/0x2b70
[ 41.412339][ C0] ? xfrm_sk_policy_lookup+0x5b0/0x5b0
[ 41.417612][ C0] ? xfrm_policy_lookup+0xf95/0x1010
[ 41.422819][ C0] ? arch_call_rest_init+0xe/0x10
[ 41.427684][ C0] ? start_kernel+0x45d/0x4c9
[ 41.432288][ C0] xfrm_lookup_with_ifid+0x6fc/0x20d0
[ 41.437497][ C0] ? __xfrm_sk_clone_policy+0x930/0x930
[ 41.443004][ C0] ? ip_route_output_key_hash_rcu+0x159d/0x20b0
[ 41.449356][ C0] xfrm_lookup_route+0x3b/0x160
[ 41.454146][ C0] ip_route_output_flow+0x1ef/0x310
[ 41.459301][ C0] ? ipv4_sk_update_pmtu+0x1e00/0x1e00
[ 41.464565][ C0] ? make_kuid+0x200/0x700
[ 41.468830][ C0] ? __put_user_ns+0x60/0x60
[ 41.473355][ C0] ? __alloc_skb+0x355/0x550
[ 41.477747][ C0] igmpv3_newpack+0x425/0x1090
[ 41.482433][ C0] ? __queue_work+0x92a/0xcd0
[ 41.486948][ C0] ? delayed_work_timer_fn+0x61/0x80
[ 41.492072][ C0] ? igmpv3_sendpack+0x190/0x190
[ 41.496853][ C0] add_grhead+0x84/0x330
[ 41.500921][ C0] add_grec+0x12ca/0x15d0
[ 41.505090][ C0] ? __kasan_check_write+0x14/0x20
[ 41.510039][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0
[ 41.514899][ C0] ? igmpv3_send_report+0x460/0x460
[ 41.520110][ C0] igmp_ifc_timer_expire+0x83b/0xf50
[ 41.525312][ C0] ? __kasan_check_write+0x14/0x20
[ 41.530267][ C0] ? _raw_spin_lock+0xa4/0x1b0
[ 41.534858][ C0] ? _raw_spin_trylock_bh+0x190/0x190
[ 41.540067][ C0] ? igmp_gq_timer_expire+0xd0/0xd0
[ 41.545173][ C0] call_timer_fn+0x3b/0x2d0
[ 41.549786][ C0] ? igmp_gq_timer_expire+0xd0/0xd0
[ 41.554818][ C0] __run_timers+0x72a/0xa10
[ 41.559169][ C0] ? calc_index+0x280/0x280
[ 41.563596][ C0] ? hrtimer_interrupt+0x867/0xaa0
[ 41.568622][ C0] run_timer_softirq+0x69/0xf0
[ 41.573356][ C0] __do_softirq+0x26d/0x5bf
[ 41.577647][ C0] __irq_exit_rcu+0x50/0xf0
[ 41.581989][ C0] irq_exit_rcu+0x9/0x10
[ 41.586149][ C0] sysvec_apic_timer_interrupt+0x9a/0xc0
[ 41.591884][ C0]
[ 41.594656][ C0]
[ 41.597724][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 41.603780][ C0] RIP: 0010:acpi_idle_enter+0x416/0x760
[ 41.609165][ C0] Code: 89 de 48 83 e6 08 31 ff e8 27 8f a9 fc 48 83 e3 08 0f 85 b0 00 00 00 0f 1f 44 00 00 e8 d3 8a a9 fc 0f 00 2d fc bb c2 00 fb f4 e9 e1 00 00 00 49 83 c7 04 4c 89 f8 48 c1 e8 03 42 0f b6 04 30
[ 41.628777][ C0] RSP: 0018:ffffffff86207bf0 EFLAGS: 000002d3
[ 41.634680][ C0] RAX: ffffffff84c6687d RBX: 0000000000000000 RCX: ffffffff8621d280
[ 41.642498][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 41.650304][ C0] RBP: ffffffff86207c30 R08: ffffffff84c66869 R09: fffffbfff0c43a51
[ 41.658204][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001
[ 41.666192][ C0] R13: ffff8881047de004 R14: dffffc0000000000 R15: ffff88810638e864
[ 41.674094][ C0] ? acpi_idle_enter+0x3f9/0x760
[ 41.678865][ C0] ? acpi_idle_enter+0x40d/0x760
[ 41.683917][ C0] ? intel_idle_ibrs+0x130/0x130
[ 41.688792][ C0] cpuidle_enter_state+0x5e1/0x1550
[ 41.693830][ C0] ? cpuidle_enter_s2idle+0x600/0x600
[ 41.699111][ C0] ? menu_enable_device+0x380/0x380
[ 41.704145][ C0] ? sched_clock_cpu+0x18/0x3b0
[ 41.708832][ C0] cpuidle_enter+0x5f/0xa0
[ 41.713088][ C0] do_idle+0x36b/0x5d0
[ 41.716993][ C0] ? idle_inject_timer_fn+0x60/0x60
[ 41.722076][ C0] cpu_startup_entry+0x18/0x20
[ 41.726711][ C0] rest_init+0x10b/0x130
[ 41.730790][ C0] ? time_init+0x38/0x38
[ 41.734868][ C0] arch_call_rest_init+0xe/0x10
[ 41.739559][ C0] start_kernel+0x45d/0x4c9
[ 41.743895][ C0] x86_64_start_reservations+0x2a/0x2c
[ 41.749291][ C0] x86_64_start_kernel+0x5b/0x5e
[ 41.754090][ C0] secondary_startup_64_no_verify+0xb1/0xbb
[ 41.759782][ C0]
[ 41.762816][ C0]
[ 41.765080][ C0]
[ 41.767328][ C0] Memory state around the buggy address:
[ 41.772888][ C0] ffffc90000007980: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.780961][ C0] ffffc90000007a00: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[ 41.788856][ C0] >ffffc90000007a80: 00 00 00 00 00 00 00 f3 f3 f3 f3 f3 00 00 00 00
[ 41.796752][ C0] ^
[ 41.802484][ C0] ffffc90000007b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.810384][ C0] ffffc90000007b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 41.818281][ C0] ==================================================================
[ 41.826176][ C0] Disabling lock debugging due to kernel taint
2023/09/14 09:44:52 executed programs: 584
2023/09/14 09:44:57 executed programs: 1338