Warning: Permanently added '10.128.1.109' (ED25519) to the list of known hosts.
2024/06/18 20:12:07 ignoring optional flag "sandboxArg"="0"
2024/06/18 20:12:07 parsed 1 programs
2024/06/18 20:12:08 executed programs: 0
[   40.719204][  T407] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.726476][  T407] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.733741][  T407] device bridge_slave_0 entered promiscuous mode
[   40.740730][  T407] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.747992][  T407] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.755483][  T407] device bridge_slave_1 entered promiscuous mode
[   40.797839][  T407] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.804701][  T407] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.812033][  T407] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.818829][  T407] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.839429][  T107] bridge0: port 1(bridge_slave_0) entered disabled state
[   40.846782][  T107] bridge0: port 2(bridge_slave_1) entered disabled state
[   40.854864][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   40.862137][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   40.871585][  T361] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   40.879791][  T361] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.886733][  T361] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.895595][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   40.904097][  T107] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.910934][  T107] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.923796][  T361] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   40.943946][  T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   40.952505][  T361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   40.961482][  T361] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   40.980510][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   40.988804][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   40.997728][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   41.020898][   T23] kauditd_printk_skb: 15 callbacks suppressed
[   41.020907][   T23] audit: type=1400 audit(1718741528.339:91): avc:  denied  { create } for  pid=412 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   41.047807][   T23] audit: type=1400 audit(1718741528.349:92): avc:  denied  { write } for  pid=412 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   41.069212][   T23] audit: type=1400 audit(1718741528.349:93): avc:  denied  { nlmsg_write } for  pid=412 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   41.233798][    C1] ==================================================================
[   41.241814][    C1] BUG: KASAN: stack-out-of-bounds in __xfrm_dst_hash+0x355/0x430
[   41.249355][    C1] Read of size 4 at addr ffff8881f6f09a78 by task syz-executor.0/407
[   41.257255][    C1] 
[   41.259427][    C1] CPU: 1 PID: 407 Comm: syz-executor.0 Not tainted 5.4.274-syzkaller-04911-g6f97bd951d82 #0
[   41.269854][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   41.279732][    C1] Call Trace:
[   41.282858][    C1]  <IRQ>
[   41.285556][    C1]  dump_stack+0x1d8/0x241
[   41.289727][    C1]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   41.295393][    C1]  ? printk+0xd1/0x111
[   41.299259][    C1]  ? __xfrm_dst_hash+0x355/0x430
[   41.304034][    C1]  print_address_description+0x8c/0x600
[   41.309435][    C1]  ? __xfrm_dst_hash+0x355/0x430
[   41.314208][    C1]  __kasan_report+0xf3/0x120
[   41.318975][    C1]  ? __xfrm_dst_hash+0x355/0x430
[   41.323793][    C1]  kasan_report+0x30/0x60
[   41.327986][    C1]  __xfrm_dst_hash+0x355/0x430
[   41.332570][    C1]  xfrm_state_find+0x2cc/0x2dc0
[   41.337440][    C1]  ? call_rcu+0x10/0x10
[   41.341508][    C1]  ? __kernel_text_address+0x94/0x100
[   41.346877][    C1]  ? xfrm_sad_getinfo+0x170/0x170
[   41.352528][    C1]  ? xfrm4_get_saddr+0x18c/0x2a0
[   41.357299][    C1]  ? stack_trace_save+0x118/0x1c0
[   41.362196][    C1]  ? xfrm_pol_bin_key+0x21/0x1c0
[   41.367013][    C1]  xfrm_resolve_and_create_bundle+0x6aa/0x31d0
[   41.373200][    C1]  ? xfrm_pol_bin_obj+0x1c0/0x1c0
[   41.378042][    C1]  ? xfrm_sk_policy_lookup+0x5c0/0x5c0
[   41.383328][    C1]  ? xfrm_policy_lookup+0xe4f/0xec0
[   41.388592][    C1]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   41.394459][    C1]  xfrm_lookup_with_ifid+0x549/0x1c90
[   41.399667][    C1]  ? rt_set_nexthop+0x21b/0x700
[   41.404441][    C1]  ? __xfrm_sk_clone_policy+0x8a0/0x8a0
[   41.409834][    C1]  ? ip_route_output_key_hash+0x230/0x230
[   41.415374][    C1]  xfrm_lookup_route+0x37/0x170
[   41.420065][    C1]  ip_route_output_flow+0x1fe/0x330
[   41.425203][    C1]  ? ipv4_sk_update_pmtu+0x1ed0/0x1ed0
[   41.430572][    C1]  ? make_kuid+0x200/0x700
[   41.434914][    C1]  ? __put_user_ns+0x50/0x50
[   41.439340][    C1]  ? __alloc_skb+0x29e/0x4d0
[   41.443855][    C1]  igmpv3_newpack+0x437/0x1070
[   41.448456][    C1]  ? igmpv3_sendpack+0x190/0x190
[   41.453226][    C1]  ? check_preemption_disabled+0x9f/0x320
[   41.458879][    C1]  ? debug_smp_processor_id+0x20/0x20
[   41.464085][    C1]  add_grhead+0x75/0x2c0
[   41.468251][    C1]  add_grec+0x12c9/0x15d0
[   41.472419][    C1]  ? __raise_softirq_irqoff+0x1d/0x110
[   41.477904][    C1]  ? _raw_spin_lock_bh+0xa4/0x1b0
[   41.482995][    C1]  ? igmpv3_send_report+0x410/0x410
[   41.487970][    C1]  ? nohz_balance_exit_idle+0xf/0x160
[   41.493175][    C1]  ? check_preemption_disabled+0x9f/0x320
[   41.498908][    C1]  igmp_ifc_timer_expire+0x7bc/0xea0
[   41.504027][    C1]  ? _raw_spin_lock_irq+0xa5/0x1b0
[   41.508971][    C1]  ? _raw_spin_lock_irqsave+0x210/0x210
[   41.514529][    C1]  ? igmp_gq_timer_expire+0xd0/0xd0
[   41.519648][    C1]  call_timer_fn+0x36/0x390
[   41.523988][    C1]  ? igmp_gq_timer_expire+0xd0/0xd0
[   41.529022][    C1]  __run_timers+0x879/0xbe0
[   41.533451][    C1]  ? enqueue_timer+0x300/0x300
[   41.538049][    C1]  ? check_preemption_disabled+0x9f/0x320
[   41.543605][    C1]  ? debug_smp_processor_id+0x20/0x20
[   41.548898][    C1]  ? lapic_next_event+0x5b/0x70
[   41.553774][    C1]  run_timer_softirq+0x63/0xf0
[   41.558449][    C1]  __do_softirq+0x23b/0x6b7
[   41.562798][    C1]  irq_exit+0x195/0x1c0
[   41.567006][    C1]  smp_apic_timer_interrupt+0x11a/0x460
[   41.572370][    C1]  apic_timer_interrupt+0xf/0x20
[   41.577127][    C1]  </IRQ>
[   41.579920][    C1] RIP: 0010:__crc32c_le_base+0x108/0xd20
[   41.585479][    C1] Code: 8d 14 85 00 89 fa 84 4c 89 d0 48 c1 e8 03 0f b6 04 10 84 c0 0f 85 98 01 00 00 89 d8 c1 e8 10 0f b6 c0 4c 8d 1c 85 00 85 fa 84 <4c> 89 d8 48 c1 e8 03 0f b6 04 10 84 c0 0f 85 b5 01 00 00 c1 eb 18
[   41.604995][    C1] RSP: 0018:ffff8881f0e477f8 EFLAGS: 00000a07 ORIG_RAX: ffffffffffffff13
[   41.613231][    C1] RAX: 000000000000006a RBX: 000000009c6a840d RCX: ffff8881f31e8fc0
[   41.621042][    C1] RDX: dffffc0000000000 RSI: 000000000000000f RDI: ffff8881eeaf0474
[   41.628908][    C1] RBP: 000000000000000e R08: ffff8881eeaf0478 R09: ffffffff84fa8d34
[   41.636847][    C1] R10: ffffffff84fa8b10 R11: ffffffff84fa86a8 R12: ffffffff84fa7354
[   41.644659][    C1] R13: ffffffff84fa7bc8 R14: 00000000e805eb7f R15: ffff8881eeaf0400
[   41.652579][    C1]  ? __crc32c_le_base+0x208/0xd20
[   41.657706][    C1]  ? arch_stack_walk+0xf5/0x140
[   41.662395][    C1]  chksum_update+0x42/0x90
[   41.666738][    C1]  crypto_shash_update+0x1db/0x2a0
[   41.671767][    C1]  ? crypto_shash_setkey+0x2b0/0x2b0
[   41.676891][    C1]  ? __getblk_gfp+0x3a/0x720
[   41.681316][    C1]  ? ext4_get_group_desc+0x253/0x2a0
[   41.686435][    C1]  ? __ext4_get_inode_loc+0x612/0xe40
[   41.691649][    C1]  ext4_superblock_csum_set+0x28e/0x3f0
[   41.697022][    C1]  ? wait_on_buffer+0x70/0x70
[   41.701542][    C1]  ? __ext4_journal_get_write_access+0x10a/0x310
[   41.707818][    C1]  __ext4_handle_dirty_super+0xbc/0x380
[   41.713197][    C1]  ? __ext4_handle_dirty_metadata+0x610/0x610
[   41.719078][    C1]  ? ext4_reserve_inode_write+0x19c/0x220
[   41.724623][    C1]  ext4_orphan_add+0x52e/0x8e0
[   41.729228][    C1]  ? __ext4_read_dirblock+0xd70/0xd70
[   41.734441][    C1]  ? kmem_cache_alloc+0xd9/0x250
[   41.739205][    C1]  ext4_rmdir+0x6a7/0x9e0
[   41.743460][    C1]  ? ext4_mkdir+0x1520/0x1520
[   41.747968][    C1]  ? may_delete+0x53b/0x760
[   41.752351][    C1]  ? security_inode_rmdir+0xca/0x110
[   41.757535][    C1]  vfs_rmdir+0x285/0x3c0
[   41.761608][    C1]  do_rmdir+0x2c1/0x580
[   41.765608][    C1]  ? d_delete_notify+0xc0/0xc0
[   41.770384][    C1]  ? _raw_spin_unlock_irq+0x4a/0x60
[   41.775414][    C1]  do_syscall_64+0xca/0x1c0
[   41.779770][    C1]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   41.785618][    C1] RIP: 0033:0x7ff3f06ee147
[   41.789914][    C1] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   41.809437][    C1] RSP: 002b:00007ffd13858bf8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[   41.817769][    C1] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007ff3f06ee147
[   41.825752][    C1] RDX: 0000000000000200 RSI: 00007ffd13859d70 RDI: 00000000ffffff9c
[   41.833581][    C1] RBP: 00007ff3f0749aa2 R08: 0000000000000000 R09: 0000000000000000
[   41.841421][    C1] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffd13859d70
[   41.849183][    C1] R13: 00007ff3f0749aa2 R14: 000000000000a0f5 R15: 0000000000000004
[   41.857085][    C1] 
[   41.859249][    C1] The buggy address belongs to the page:
[   41.864733][    C1] page:ffffea0007dbc240 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0
[   41.873835][    C1] flags: 0x8000000000001000(reserved)
[   41.879168][    C1] raw: 8000000000001000 ffffea0007dbc248 ffffea0007dbc248 0000000000000000
[   41.887905][    C1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   41.896490][    C1] page dumped because: kasan: bad access detected
[   41.902762][    C1] page_owner info is not present (never set?)
[   41.908648][    C1] 
[   41.910812][    C1] Memory state around the buggy address:
[   41.916291][    C1]  ffff8881f6f09900: 00 00 00 00 00 00 f3 f3 f3 f3 f3 f3 00 00 00 00
[   41.924190][    C1]  ffff8881f6f09980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   41.932172][    C1] >ffff8881f6f09a00: 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 00 00 f3
[   41.940068][    C1]                                                                 ^
[   41.947894][    C1]  ffff8881f6f09a80: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[   41.956045][    C1]  ffff8881f6f09b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   41.964118][    C1] ==================================================================
[   41.972222][    C1] Disabling lock debugging due to kernel taint
2024/06/18 20:12:13 executed programs: 521
2024/06/18 20:12:18 executed programs: 1246