Warning: Permanently added '10.128.0.90' (ED25519) to the list of known hosts.
2025/07/20 14:46:29 ignoring optional flag "sandboxArg"="0"
2025/07/20 14:46:30 parsed 1 programs
[   49.882146][   T24] kauditd_printk_skb: 30 callbacks suppressed
[   49.882160][   T24] audit: type=1400 audit(1753022791.510:104): avc:  denied  { unlink } for  pid=407 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   49.933759][  T407] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   50.746833][   T24] audit: type=1401 audit(1753022792.370:105): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   50.789038][  T437] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.796232][  T437] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.803764][  T437] device bridge_slave_0 entered promiscuous mode
[   50.810800][  T437] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.818006][  T437] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.825791][  T437] device bridge_slave_1 entered promiscuous mode
[   50.861339][  T437] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.868399][  T437] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.875697][  T437] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.882865][  T437] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.904523][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   50.913038][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   50.922200][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   50.930147][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   50.942284][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   50.957161][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   50.970464][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   50.981844][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   50.990334][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   50.997783][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.006127][  T437] device veth0_vlan entered promiscuous mode
[   51.016514][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.026070][  T437] device veth1_macvtap entered promiscuous mode
[   51.035519][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.045356][  T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.205964][   T24] audit: type=1400 audit(1753022792.830:106): avc:  denied  { create } for  pid=452 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
2025/07/20 14:46:33 executed programs: 0
[   51.425608][   T24] audit: type=1400 audit(1753022793.050:107): avc:  denied  { write } for  pid=398 comm="syz-execprog" path="pipe:[15674]" dev="pipefs" ino=15674 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   51.468850][  T467] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.475979][  T467] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.483496][  T467] device bridge_slave_0 entered promiscuous mode
[   51.490673][  T467] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.497706][  T467] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.505175][  T467] device bridge_slave_1 entered promiscuous mode
[   51.544876][  T467] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.551944][  T467] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.559367][  T467] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.566555][  T467] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.588470][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   51.596429][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.603934][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.616290][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   51.624589][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.631639][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.640440][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   51.648702][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.655791][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.672450][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   51.681821][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   51.697395][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   51.710748][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   51.719103][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   51.726866][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   51.735346][  T467] device veth0_vlan entered promiscuous mode
[   51.746751][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   51.756373][  T467] device veth1_macvtap entered promiscuous mode
[   51.766431][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   51.776558][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   51.799095][   T24] audit: type=1400 audit(1753022793.420:108): avc:  denied  { create } for  pid=471 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   51.801005][  T472] ==================================================================
[   51.826245][  T472] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   51.829674][   T24] audit: type=1400 audit(1753022793.420:109): avc:  denied  { setopt } for  pid=471 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   51.835529][  T472] Read of size 1 at addr ffff8881176c03d8 by task syz.2.16/472
[   51.855153][   T24] audit: type=1400 audit(1753022793.420:110): avc:  denied  { write } for  pid=471 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   51.862330][  T472] 
[   51.862354][  T472] CPU: 1 PID: 472 Comm: syz.2.16 Not tainted 5.10.239-syzkaller-1007860-g6de38b5f6c2b #0
[   51.862368][  T472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   51.883689][   T24] audit: type=1400 audit(1753022793.430:111): avc:  denied  { create } for  pid=471 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   51.893407][  T472] Call Trace:
[   51.893425][  T472]  __dump_stack+0x21/0x24
[   51.893443][  T472]  dump_stack_lvl+0x169/0x1d8
[   51.903823][   T24] audit: type=1400 audit(1753022793.430:112): avc:  denied  { write } for  pid=471 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   51.923476][  T472]  ? show_regs_print_info+0x18/0x18
[   51.923490][  T472]  ? thaw_kernel_threads+0x220/0x220
[   51.923511][  T472]  ? unwind_get_return_address+0x4d/0x90
[   51.927117][   T24] audit: type=1400 audit(1753022793.430:113): avc:  denied  { nlmsg_write } for  pid=471 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   51.931147][  T472]  print_address_description+0x7f/0x2c0
[   51.931162][  T472]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   51.931179][  T472]  kasan_report+0xe2/0x130
[   52.009384][  T472]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   52.015881][  T472]  __asan_report_load1_noabort+0x14/0x20
[   52.021510][  T472]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   52.027835][  T472]  xfrm_policy_inexact_insert_node+0x938/0xb50
[   52.034016][  T472]  ? xfrm_netlink_rcv+0x72/0x90
[   52.038998][  T472]  ? netlink_unicast+0x87c/0xa40
[   52.043947][  T472]  ? netlink_sendmsg+0x88d/0xb30
[   52.048880][  T472]  ? ____sys_sendmsg+0x5a2/0x8c0
[   52.053910][  T472]  ? ___sys_sendmsg+0x1f0/0x260
[   52.058752][  T472]  ? do_syscall_64+0x31/0x40
[   52.063348][  T472]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[   52.069508][  T472]  xfrm_policy_inexact_insert+0x70/0x1130
[   52.075324][  T472]  ? __get_hash_thresh+0x10c/0x420
[   52.080430][  T472]  ? policy_hash_bysel+0x110/0x4f0
[   52.085635][  T472]  xfrm_policy_insert+0x126/0x9a0
[   52.090656][  T472]  ? xfrm_policy_construct+0x54f/0x1f00
[   52.096224][  T472]  xfrm_add_policy+0x4d1/0x830
[   52.101148][  T472]  ? xfrm_dump_sa_done+0xc0/0xc0
[   52.106101][  T472]  xfrm_user_rcv_msg+0x450/0x6d0
[   52.111126][  T472]  ? xfrm_netlink_rcv+0x90/0x90
[   52.115983][  T472]  ? selinux_nlmsg_lookup+0x219/0x4a0
[   52.121353][  T472]  netlink_rcv_skb+0x1e0/0x430
[   52.126145][  T472]  ? xfrm_netlink_rcv+0x90/0x90
[   52.130999][  T472]  ? netlink_ack+0xb80/0xb80
[   52.135583][  T472]  ? mutex_trylock+0xa0/0xa0
[   52.140170][  T472]  ? __netlink_lookup+0x387/0x3b0
[   52.145191][  T472]  xfrm_netlink_rcv+0x72/0x90
[   52.149863][  T472]  netlink_unicast+0x87c/0xa40
[   52.154632][  T472]  netlink_sendmsg+0x88d/0xb30
[   52.159401][  T472]  ? schedule_preempt_disabled+0x20/0x20
[   52.165492][  T472]  ? netlink_getsockopt+0x530/0x530
[   52.170706][  T472]  ? security_socket_sendmsg+0x82/0xa0
[   52.176340][  T472]  ? netlink_getsockopt+0x530/0x530
[   52.181625][  T472]  ____sys_sendmsg+0x5a2/0x8c0
[   52.186470][  T472]  ? __sys_sendmsg_sock+0x40/0x40
[   52.191489][  T472]  ? import_iovec+0x7c/0xb0
[   52.196001][  T472]  ___sys_sendmsg+0x1f0/0x260
[   52.200683][  T472]  ? __sys_sendmsg+0x250/0x250
[   52.205554][  T472]  ? __fdget+0x1a1/0x230
[   52.209806][  T472]  __x64_sys_sendmsg+0x1e2/0x2a0
[   52.214750][  T472]  ? ___sys_sendmsg+0x260/0x260
[   52.219599][  T472]  ? switch_fpu_return+0x197/0x340
[   52.224712][  T472]  do_syscall_64+0x31/0x40
[   52.229129][  T472]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.235206][  T472] RIP: 0033:0x7f0f77843169
[   52.239648][  T472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.259262][  T472] RSP: 002b:00007f0f772b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.267762][  T472] RAX: ffffffffffffffda RBX: 00007f0f77a6afa0 RCX: 00007f0f77843169
[   52.275726][  T472] RDX: 0000000000004000 RSI: 0000200000000580 RDI: 0000000000000005
[   52.283783][  T472] RBP: 00007f0f778c5a68 R08: 0000000000000000 R09: 0000000000000000
[   52.291763][  T472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   52.299734][  T472] R13: 0000000000000000 R14: 00007f0f77a6afa0 R15: 00007ffce9b4af88
[   52.307717][  T472] 
[   52.310051][  T472] Allocated by task 472:
[   52.314438][  T472]  __kasan_kmalloc+0xda/0x110
[   52.319113][  T472]  __kmalloc+0x1a7/0x330
[   52.323348][  T472]  sk_prot_alloc+0xb2/0x340
[   52.328227][  T472]  sk_alloc+0x38/0x4e0
[   52.332298][  T472]  pfkey_create+0x12a/0x660
[   52.336802][  T472]  __sock_create+0x38d/0x770
[   52.341447][  T472]  __sys_socket+0xec/0x190
[   52.345946][  T472]  __x64_sys_socket+0x7a/0x90
[   52.350618][  T472]  do_syscall_64+0x31/0x40
[   52.355037][  T472]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   52.360951][  T472] 
[   52.363280][  T472] The buggy address belongs to the object at ffff8881176c0000
[   52.363280][  T472]  which belongs to the cache kmalloc-1k of size 1024
[   52.377414][  T472] The buggy address is located 984 bytes inside of
[   52.377414][  T472]  1024-byte region [ffff8881176c0000, ffff8881176c0400)
[   52.390768][  T472] The buggy address belongs to the page:
[   52.396432][  T472] page:ffffea00045db000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1176c0
[   52.406697][  T472] head:ffffea00045db000 order:3 compound_mapcount:0 compound_pincount:0
[   52.415408][  T472] flags: 0x4000000000010200(slab|head)
[   52.420969][  T472] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100042f00
[   52.429549][  T472] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   52.438212][  T472] page dumped because: kasan: bad access detected
[   52.444620][  T472] page_owner tracks the page as allocated
[   52.450461][  T472] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 467, ts 51794139792, free_ts 51786666063
[   52.470853][  T472]  prep_new_page+0x179/0x180
[   52.475444][  T472]  get_page_from_freelist+0x2235/0x23d0
[   52.481169][  T472]  __alloc_pages_nodemask+0x268/0x5f0
[   52.486553][  T472]  new_slab+0x84/0x3f0
[   52.490617][  T472]  ___slab_alloc+0x2a6/0x450
[   52.495201][  T472]  __slab_alloc+0x63/0xa0
[   52.499540][  T472]  __kmalloc+0x201/0x330
[   52.503795][  T472]  kvmalloc_node+0x88/0x130
[   52.508290][  T472]  xt_alloc_table_info+0x3b/0xa0
[   52.513222][  T472]  ipt_register_table+0xbd/0x4b0
[   52.518154][  T472]  iptable_raw_table_init+0x8e/0xb0
[   52.523344][  T472]  xt_find_table_lock+0x251/0x3f0
[   52.528361][  T472]  xt_request_find_table_lock+0x27/0x100
[   52.534002][  T472]  do_ipt_get_ctl+0x6dc/0x1060
[   52.538764][  T472]  nf_getsockopt+0x26d/0x290
[   52.543365][  T472]  ip_getsockopt+0x1040/0x1480
[   52.548130][  T472] page last free stack trace:
[   52.552819][  T472]  __free_pages_ok+0x7fc/0x820
[   52.557574][  T472]  __free_pages+0xdd/0x380
[   52.561993][  T472]  __free_slab+0xcf/0x190
[   52.566336][  T472]  unfreeze_partials+0x15f/0x190
[   52.571355][  T472]  put_cpu_partial+0xc1/0x180
[   52.576027][  T472]  __slab_free+0x2c9/0x3a0
[   52.580453][  T472]  ___cache_free+0x111/0x130
[   52.585089][  T472]  qlink_free+0x50/0x90
[   52.589239][  T472]  qlist_free_all+0x5f/0xb0
[   52.593826][  T472]  kasan_quarantine_reduce+0x14a/0x160
[   52.599276][  T472]  __kasan_slab_alloc+0x2f/0xf0
[   52.604121][  T472]  slab_post_alloc_hook+0x5d/0x2f0
[   52.609250][  T472]  kmem_cache_alloc+0x165/0x2e0
[   52.614159][  T472]  __alloc_skb+0x9e/0x520
[   52.618484][  T472]  netlink_ack+0x3a6/0xb80
[   52.622920][  T472]  netlink_rcv_skb+0x265/0x430
[   52.627761][  T472] 
[   52.630094][  T472] Memory state around the buggy address:
[   52.635903][  T472]  ffff8881176c0280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.644081][  T472]  ffff8881176c0300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   52.652338][  T472] >ffff8881176c0380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   52.660437][  T472]                                                     ^
[   52.667479][  T472]  ffff8881176c0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   52.675646][  T472]  ffff8881176c0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   52.683714][  T472] ==================================================================
[   52.691769][  T472] Disabling lock debugging due to kernel taint
[   53.401456][   T49] device bridge_slave_1 left promiscuous mode
[   53.407681][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.416329][   T49] device bridge_slave_0 left promiscuous mode
[   53.422690][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.430972][   T49] device veth1_macvtap left promiscuous mode
[   53.437005][   T49] device veth0_vlan left promiscuous mode
2025/07/20 14:46:38 executed programs: 225
2025/07/20 14:46:43 executed programs: 525