Warning: Permanently added '10.128.0.116' (ED25519) to the list of known hosts.
2024/07/18 01:56:51 ignoring optional flag "sandboxArg"="0"
2024/07/18 01:56:51 parsed 1 programs
[   46.093356][   T23] kauditd_printk_skb: 19 callbacks suppressed
[   46.093367][   T23] audit: type=1400 audit(1721267811.430:95): avc:  denied  { unlink } for  pid=409 comm="syz-executor" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
2024/07/18 01:56:51 executed programs: 0
[   46.152623][  T409] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   46.209032][  T415] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.216136][  T415] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.223555][  T415] device bridge_slave_0 entered promiscuous mode
[   46.230481][  T415] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.237450][  T415] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.244724][  T415] device bridge_slave_1 entered promiscuous mode
[   46.284736][  T415] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.291868][  T415] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.299044][  T415] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.306312][  T415] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.326294][  T372] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.333528][  T372] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.340686][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   46.349094][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   46.358403][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   46.366530][  T107] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.373413][  T107] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.381896][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   46.390286][  T372] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.397246][  T372] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.409316][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   46.419270][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   46.434500][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   46.453579][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   46.461328][  T372] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   46.470622][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.482836][  T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.504447][  T422] kernel profiling enabled (shift: 25)
[   50.302764][    C1] ==================================================================
[   50.311967][    C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0
[   50.319162][    C1] Read of size 8 at addr ffff8881f06e7500 by task syz-executor.0/1575
[   50.328357][    C1] 
[   50.330593][    C1] CPU: 1 PID: 1575 Comm: syz-executor.0 Not tainted 5.4.276-syzkaller-04920-g3ffe89ed1bf9 #0
[   50.340790][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[   50.350841][    C1] Call Trace:
[   50.353953][    C1]  <IRQ>
[   50.356652][    C1]  dump_stack+0x1d8/0x241
[   50.360923][    C1]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   50.366687][    C1]  ? printk+0xd1/0x111
[   50.370575][    C1]  ? profile_pc+0xa4/0xe0
[   50.374738][    C1]  ? wake_up_klogd+0xb2/0xf0
[   50.379278][    C1]  ? profile_pc+0xa4/0xe0
[   50.383572][    C1]  print_address_description+0x8c/0x600
[   50.389000][    C1]  ? panic+0x89d/0x89d
[   50.393011][    C1]  ? profile_pc+0xa4/0xe0
[   50.397152][    C1]  __kasan_report+0xf3/0x120
[   50.401582][    C1]  ? profile_pc+0xa4/0xe0
[   50.405750][    C1]  ? _raw_spin_lock+0xc0/0x1b0
[   50.410343][    C1]  kasan_report+0x30/0x60
[   50.414532][    C1]  profile_pc+0xa4/0xe0
[   50.418505][    C1]  profile_tick+0xb9/0x100
[   50.422762][    C1]  tick_sched_timer+0x237/0x3c0
[   50.427444][    C1]  ? tick_setup_sched_timer+0x460/0x460
[   50.432825][    C1]  __hrtimer_run_queues+0x3e9/0xb90
[   50.437931][    C1]  ? _raw_spin_unlock_irqrestore+0x57/0x80
[   50.443706][    C1]  ? swake_up_one+0x7e/0x140
[   50.448298][    C1]  ? hrtimer_interrupt+0x890/0x890
[   50.453327][    C1]  ? kvm_sched_clock_read+0x14/0x40
[   50.458722][    C1]  ? sched_clock+0x36/0x40
[   50.463425][    C1]  ? ktime_get+0xf9/0x130
[   50.467747][    C1]  ? ktime_get_update_offsets_now+0x26c/0x280
[   50.474450][    C1]  hrtimer_interrupt+0x38a/0x890
[   50.479326][    C1]  smp_apic_timer_interrupt+0x110/0x460
[   50.484853][    C1]  apic_timer_interrupt+0xf/0x20
[   50.489672][    C1]  </IRQ>
[   50.492471][    C1] RIP: 0010:_raw_spin_lock+0xc0/0x1b0
[   50.497765][    C1] Code: fd 4c 89 ff be 04 00 00 00 e8 1c dc 42 fd 43 0f b6 04 26 84 c0 0f 85 aa 00 00 00 8b 44 24 20 b9 01 00 00 00 f0 41 0f b1 4d 00 <75> 33 48 c7 04 24 0e 36 e0 45 49 c7 04 1c 00 00 00 00 65 48 8b 04
[   50.518541][    C1] RSP: 0018:ffff8881f06e7500 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[   50.526947][    C1] RAX: 0000000000000000 RBX: 1ffff1103e0dcea0 RCX: 0000000000000001
[   50.534885][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8881f06e7520
[   50.542681][    C1] RBP: ffff8881f06e7590 R08: dffffc0000000000 R09: 0000000000000003
[   50.550686][    C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000
[   50.558666][    C1] R13: ffffea000765b9e8 R14: 1ffff1103e0dcea4 R15: ffff8881f06e7520
[   50.566945][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[   50.572236][    C1]  ? __tlb_remove_page_size+0x112/0x2f0
[   50.578072][    C1]  unmap_page_range+0xaf4/0x2620
[   50.582869][    C1]  ? copy_page_range+0x26f0/0x26f0
[   50.587822][    C1]  ? lru_add_page_tail+0x770/0x770
[   50.592943][    C1]  unmap_vmas+0x355/0x4b0
[   50.597083][    C1]  ? cputime_adjust+0x34/0x270
[   50.601804][    C1]  ? unmap_page_range+0x2620/0x2620
[   50.606835][    C1]  ? tlb_gather_mmu+0x273/0x340
[   50.611764][    C1]  exit_mmap+0x2bc/0x520
[   50.616115][    C1]  ? vm_brk+0x20/0x20
[   50.620112][    C1]  ? mutex_unlock+0x18/0x40
[   50.624478][    C1]  ? uprobe_clear_state+0x297/0x300
[   50.629673][    C1]  ? mm_update_next_owner+0x4f7/0x5d0
[   50.634991][    C1]  __mmput+0x8e/0x2c0
[   50.638860][    C1]  do_exit+0xc08/0x2bc0
[   50.642854][    C1]  ? put_task_struct+0x80/0x80
[   50.647883][    C1]  ? _raw_spin_lock_irqsave+0x210/0x210
[   50.653271][    C1]  do_group_exit+0x138/0x300
[   50.657699][    C1]  get_signal+0xdb1/0x1440
[   50.662062][    C1]  do_signal+0xb0/0x11f0
[   50.666297][    C1]  ? debug_smp_processor_id+0x20/0x20
[   50.671563][    C1]  ? selinux_file_permission+0x2be/0x530
[   50.677518][    C1]  ? signal_fault+0x1e0/0x1e0
[   50.682370][    C1]  ? __se_sys_futex+0x355/0x470
[   50.687152][    C1]  ? __x64_sys_futex+0xf0/0xf0
[   50.691753][    C1]  ? __ia32_sys_read+0x80/0x80
[   50.696678][    C1]  exit_to_usermode_loop+0xc0/0x1a0
[   50.701791][    C1]  prepare_exit_to_usermode+0x199/0x200
[   50.707298][    C1]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   50.713282][    C1] RIP: 0033:0x7f656dd02d29
[   50.717647][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[   50.737545][    C1] RSP: 002b:00007f656d884178 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[   50.745937][    C1] RAX: 0000000000000001 RBX: 00007f656de30f88 RCX: 00007f656dd02d29
[   50.753924][    C1] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f656de30f8c
[   50.761732][    C1] RBP: 00007f656de30f80 R08: 00007ffc0b9800b0 R09: 00007f656d8846c0
[   50.769670][    C1] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f656de30f8c
[   50.777882][    C1] R13: 000000000000000b R14: 00007ffc0b8df120 R15: 00007ffc0b8df208
[   50.785916][    C1] 
[   50.788082][    C1] The buggy address belongs to the page:
[   50.793651][    C1] page:ffffea0007c1b9c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[   50.802580][    C1] flags: 0x8000000000000000()
[   50.807303][    C1] raw: 8000000000000000 0000000000000000 ffffea0007c1b9c8 0000000000000000
[   50.815701][    C1] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   50.824289][    C1] page dumped because: kasan: bad access detected
[   50.830545][    C1] page_owner tracks the page as allocated
[   50.836096][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT)
[   50.847732][    C1]  prep_new_page+0x18f/0x370
[   50.852239][    C1]  get_page_from_freelist+0x2d13/0x2d90
[   50.857736][    C1]  __alloc_pages_nodemask+0x393/0x840
[   50.863408][    C1]  dup_task_struct+0x85/0x600
[   50.868157][    C1]  copy_process+0x56d/0x3230
[   50.872615][    C1]  _do_fork+0x197/0x900
[   50.876592][    C1]  __x64_sys_clone3+0x2da/0x300
[   50.881340][    C1]  do_syscall_64+0xca/0x1c0
[   50.885822][    C1]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   50.891538][    C1] page last free stack trace:
[   50.896142][    C1]  __free_pages_ok+0x847/0x950
[   50.901430][    C1]  __free_pages+0x91/0x140
[   50.905684][    C1]  __free_slab+0x221/0x2e0
[   50.909951][    C1]  unfreeze_partials+0x14e/0x180
[   50.914820][    C1]  put_cpu_partial+0x44/0x180
[   50.919496][    C1]  __slab_free+0x297/0x360
[   50.923929][    C1]  qlist_free_all+0x43/0xb0
[   50.928282][    C1]  quarantine_reduce+0x1d9/0x210
[   50.933467][    C1]  __kasan_kmalloc+0x41/0x210
[   50.937972][    C1]  kmem_cache_alloc+0xd9/0x250
[   50.942705][    C1]  getname_flags+0xb8/0x4e0
[   50.947120][    C1]  user_path_at_empty+0x28/0x50
[   50.951974][    C1]  vfs_statx+0x115/0x210
[   50.956081][    C1]  __se_sys_newfstatat+0xce/0x770
[   50.960929][    C1]  do_syscall_64+0xca/0x1c0
[   50.965264][    C1]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   50.971259][    C1] 
[   50.973503][    C1] addr ffff8881f06e7500 is located in stack of task syz-executor.0/1575 at offset 0 in frame:
[   50.983792][    C1]  _raw_spin_lock+0x0/0x1b0
[   50.988106][    C1] 
[   50.990294][    C1] this frame has 1 object:
[   50.994532][    C1]  [32, 36) 'val.i.i.i'
[   50.994533][    C1] 
[   51.001040][    C1] Memory state around the buggy address:
[   51.006598][    C1]  ffff8881f06e7400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.014492][    C1]  ffff8881f06e7480: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.022412][    C1] >ffff8881f06e7500: f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 00 00 00 00
[   51.030572][    C1]                    ^
[   51.034490][    C1]  ffff8881f06e7580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.042470][    C1]  ffff8881f06e7600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   51.050542][    C1] ==================================================================
[   51.058437][    C1] Disabling lock debugging due to kernel taint
2024/07/18 01:56:56 executed programs: 590
2024/07/18 01:57:01 executed programs: 1352