Warning: Permanently added '10.128.1.139' (ED25519) to the list of known hosts.
2023/12/24 11:25:03 ignoring optional flag "sandboxArg"="0"
2023/12/24 11:25:03 parsed 1 programs
2023/12/24 11:25:03 executed programs: 0
[ 42.744617][ T29] kauditd_printk_skb: 74 callbacks suppressed
[ 42.744626][ T29] audit: type=1400 audit(1703417103.678:150): avc: denied { mounton } for pid=337 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[ 42.776228][ T29] audit: type=1400 audit(1703417103.678:151): avc: denied { mount } for pid=337 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 42.800610][ T29] audit: type=1400 audit(1703417103.678:152): avc: denied { setattr } for pid=337 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 42.824280][ T29] audit: type=1400 audit(1703417103.678:153): avc: denied { mounton } for pid=341 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 42.859791][ T341] bridge0: port 1(bridge_slave_0) entered blocking state
[ 42.866780][ T341] bridge0: port 1(bridge_slave_0) entered disabled state
[ 42.874615][ T341] device bridge_slave_0 entered promiscuous mode
[ 42.881481][ T341] bridge0: port 2(bridge_slave_1) entered blocking state
[ 42.888611][ T341] bridge0: port 2(bridge_slave_1) entered disabled state
[ 42.896188][ T341] device bridge_slave_1 entered promiscuous mode
[ 42.940792][ T341] bridge0: port 2(bridge_slave_1) entered blocking state
[ 42.947872][ T341] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 42.955136][ T341] bridge0: port 1(bridge_slave_0) entered blocking state
[ 42.962136][ T341] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 42.979040][ T38] bridge0: port 1(bridge_slave_0) entered disabled state
[ 42.986143][ T38] bridge0: port 2(bridge_slave_1) entered disabled state
[ 42.993166][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 43.001184][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 43.009744][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 43.017902][ T37] bridge0: port 1(bridge_slave_0) entered blocking state
[ 43.024753][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 43.043912][ T341] device veth0_vlan entered promiscuous mode
[ 43.050741][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 43.059788][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 43.068239][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 43.075936][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 43.083352][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 43.092083][ T38] bridge0: port 2(bridge_slave_1) entered blocking state
[ 43.099313][ T38] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 43.106837][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 43.115119][ T38] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 43.127024][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 43.136304][ T341] device veth1_macvtap entered promiscuous mode
[ 43.146137][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 43.158200][ T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 43.175888][ T29] audit: type=1400 audit(1703417104.108:154): avc: denied { write } for pid=346 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 43.197163][ T29] audit: type=1400 audit(1703417104.108:155): avc: denied { nlmsg_write } for pid=346 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 43.219027][ T29] audit: type=1400 audit(1703417104.108:156): avc: denied { prog_load } for pid=346 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 43.793760][ C0] ==================================================================
[ 43.801929][ C0] BUG: KASAN: stack-out-of-bounds in xfrm_state_find+0x4f95/0x5b20
[ 43.810267][ C0] Read of size 4 at addr ffffc90000007b88 by task swapper/0/0
[ 43.817639][ C0]
[ 43.819821][ C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.15.141-syzkaller #0
[ 43.827977][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[ 43.838072][ C0] Call Trace:
[ 43.841282][ C0]
[ 43.843971][ C0] dump_stack_lvl+0x38/0x49
[ 43.848401][ C0] print_address_description.constprop.0+0x24/0x160
[ 43.854927][ C0] ? xfrm_state_find+0x4f95/0x5b20
[ 43.860178][ C0] kasan_report.cold+0x82/0xdb
[ 43.864777][ C0] ? netlink_has_listeners+0x90/0x170
[ 43.870087][ C0] ? xfrm_state_find+0x4f95/0x5b20
[ 43.875021][ C0] __asan_report_load4_noabort+0x14/0x20
[ 43.880489][ C0] xfrm_state_find+0x4f95/0x5b20
[ 43.885431][ C0] ? rcu_gp_init+0x702/0xe00
[ 43.889951][ C0] ? xfrm_state_migrate+0x2180/0x2180
[ 43.895156][ C0] ? dst_release+0x44/0x60
[ 43.899418][ C0] ? xfrm4_get_saddr+0x12b/0x1a0
[ 43.904187][ C0] ? xfrm4_fill_dst+0x690/0x690
[ 43.908955][ C0] ? update_stack_state+0x12c/0x4d0
[ 43.913991][ C0] xfrm_tmpl_resolve+0x271/0xb40
[ 43.918760][ C0] ? xfrm_tmpl_resolve+0x271/0xb40
[ 43.923715][ C0] ? __xfrm_dst_lookup+0xe0/0xe0
[ 43.928481][ C0] ? __stack_depot_save+0x36/0x440
[ 43.933437][ C0] xfrm_resolve_and_create_bundle+0x125/0x20c0
[ 43.939415][ C0] ? policy_hash_bysel+0xdf0/0xdf0
[ 43.944379][ C0] ? xfrm_policy_find_inexact_candidates.part.0+0x11f/0x1c0
[ 43.951491][ C0] ? xdst_queue_output+0x5e0/0x5e0
[ 43.956431][ C0] ? xfrm_sk_policy_lookup+0x380/0x380
[ 43.961725][ C0] ? __kmalloc_track_caller+0x2d4/0x4f0
[ 43.967112][ C0] ? __alloc_skb+0x8b/0x250
[ 43.971439][ C0] ? igmpv3_newpack+0x1b1/0xde0
[ 43.976134][ C0] ? add_grec+0xbef/0xec0
[ 43.980308][ C0] ? __kasan_check_write+0x14/0x20
[ 43.985254][ C0] xfrm_lookup_with_ifid+0x408/0x1c50
[ 43.990455][ C0] ? xfrm_policy_lookup_bytype.constprop.0+0xab0/0xab0
[ 43.997137][ C0] ? __kasan_check_read+0x11/0x20
[ 44.002088][ C0] ? ip_route_output_key_hash_rcu+0x776/0x2b40
[ 44.008075][ C0] xfrm_lookup_route+0x1f/0x150
[ 44.012777][ C0] ip_route_output_flow+0x259/0x2d0
[ 44.017801][ C0] ? kasan_poison+0x55/0x60
[ 44.022310][ C0] ? inet_rtm_getroute+0x20e0/0x20e0
[ 44.027430][ C0] igmpv3_newpack+0x2a8/0xde0
[ 44.032202][ C0] ? ip_mc_find_dev+0x290/0x290
[ 44.036890][ C0] ? ttwu_do_activate.isra.0+0x11c/0x250
[ 44.042358][ C0] add_grhead+0x235/0x320
[ 44.046521][ C0] add_grec+0xbef/0xec0
[ 44.050778][ C0] ? sched_setscheduler_nocheck+0x190/0x190
[ 44.056767][ C0] ? __kasan_check_write+0x14/0x20
[ 44.062337][ C0] ? igmpv3_sendpack.isra.0+0x200/0x200
[ 44.067699][ C0] ? insert_work+0x251/0x320
[ 44.072129][ C0] igmp_ifc_timer_expire+0x46e/0xb10
[ 44.077264][ C0] ? __kasan_check_write+0x14/0x20
[ 44.082205][ C0] ? _raw_spin_lock_bh+0x110/0x110
[ 44.087153][ C0] ? igmp_start_timer+0x100/0x100
[ 44.092098][ C0] call_timer_fn+0x28/0x190
[ 44.096435][ C0] __run_timers.part.0+0x45c/0x840
[ 44.101431][ C0] ? igmp_start_timer+0x100/0x100
[ 44.106329][ C0] ? call_timer_fn+0x190/0x190
[ 44.110923][ C0] ? kvm_sched_clock_read+0x18/0x40
[ 44.116057][ C0] ? sched_clock+0x9/0x10
[ 44.120208][ C0] ? sched_clock_cpu+0x18/0x1b0
[ 44.124986][ C0] run_timer_softirq+0x9c/0x180
[ 44.129761][ C0] __do_softirq+0x1c1/0x5c8
[ 44.134101][ C0] ? irqtime_account_irq+0x2c4/0x430
[ 44.139219][ C0] irq_exit_rcu+0x64/0x110
[ 44.143478][ C0] sysvec_apic_timer_interrupt+0x9d/0xc0
[ 44.148937][ C0]
[ 44.151712][ C0]
[ 44.154491][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 44.160309][ C0] RIP: 0010:acpi_idle_do_entry+0x18e/0x200
[ 44.165958][ C0] Code: 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 5a 49 8b 04 24 a8 08 75 c5 66 90 0f 00 2d 64 53 af 00 fb f4 eb b7 4c 89 e7 e8 17 f6 ff ff 4c 8b 65 f8 c9 c3 e8 8c d5 bb fd
[ 44.185417][ C0] RSP: 0018:ffffffff85007c90 EFLAGS: 00000246
[ 44.191302][ C0] RAX: 0000000000004000 RBX: ffff8881061e9065 RCX: ffffffff83d8bbf4
[ 44.199196][ C0] RDX: 1ffffffff0a03848 RSI: 0000000000000008 RDI: ffffffff8501c240
[ 44.207177][ C0] RBP: ffffffff85007c98 R08: 0000000000000000 R09: ffffffff8501c247
[ 44.215250][ C0] R10: fffffbfff0a03848 R11: 0000000000000001 R12: ffffffff8501c240
[ 44.223151][ C0] R13: ffff888105182800 R14: ffff888105182804 R15: ffff8881061e9064
[ 44.230966][ C0] ? acpi_idle_do_entry+0x164/0x200
[ 44.235993][ C0] acpi_idle_enter+0x2aa/0x460
[ 44.240599][ C0] ? rcu_dynticks_eqs_enter+0xe/0x10
[ 44.245720][ C0] cpuidle_enter_state+0x189/0xe00
[ 44.250759][ C0] ? cpuidle_enter_s2idle+0x420/0x420
[ 44.256047][ C0] ? menu_reflect+0x110/0x110
[ 44.260606][ C0] ? sched_clock_cpu+0x18/0x1b0
[ 44.265249][ C0] ? debug_smp_processor_id+0x17/0x20
[ 44.270538][ C0] cpuidle_enter+0x4a/0xa0
[ 44.274797][ C0] do_idle+0x3f7/0x5a0
[ 44.278703][ C0] ? arch_cpu_idle_exit+0x30/0x30
[ 44.283556][ C0] cpu_startup_entry+0x1b/0x20
[ 44.288161][ C0] rest_init+0x10e/0x140
[ 44.292236][ C0] arch_call_rest_init+0x9/0xc
[ 44.296836][ C0] start_kernel+0x366/0x383
[ 44.301175][ C0] x86_64_start_reservations+0x29/0x2b
[ 44.306470][ C0] x86_64_start_kernel+0x8e/0x92
[ 44.311246][ C0] secondary_startup_64_no_verify+0xb0/0xbb
[ 44.316989][ C0]
[ 44.319926][ C0]
[ 44.322092][ C0]
[ 44.324316][ C0] Memory state around the buggy address:
[ 44.330080][ C0] ffffc90000007a80: 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
[ 44.338064][ C0] ffffc90000007b00: 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 00
[ 44.345966][ C0] >ffffc90000007b80: 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
[ 44.353858][ C0] ^
[ 44.358025][ C0] ffffc90000007c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 44.365925][ C0] ffffc90000007c80: 00 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 00 00 00
[ 44.373908][ C0] ==================================================================
[ 44.381812][ C0] Disabling lock debugging due to kernel taint
2023/12/24 11:25:08 executed programs: 794
2023/12/24 11:25:13 executed programs: 1962