Warning: Permanently added '10.128.1.139' (ED25519) to the list of known hosts.
2023/12/24 11:25:03 ignoring optional flag "sandboxArg"="0"
2023/12/24 11:25:03 parsed 1 programs
2023/12/24 11:25:03 executed programs: 0
[   42.744617][   T29] kauditd_printk_skb: 74 callbacks suppressed
[   42.744626][   T29] audit: type=1400 audit(1703417103.678:150): avc:  denied  { mounton } for  pid=337 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   42.776228][   T29] audit: type=1400 audit(1703417103.678:151): avc:  denied  { mount } for  pid=337 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   42.800610][   T29] audit: type=1400 audit(1703417103.678:152): avc:  denied  { setattr } for  pid=337 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   42.824280][   T29] audit: type=1400 audit(1703417103.678:153): avc:  denied  { mounton } for  pid=341 comm="syz-executor.0" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[   42.859791][  T341] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.866780][  T341] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.874615][  T341] device bridge_slave_0 entered promiscuous mode
[   42.881481][  T341] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.888611][  T341] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.896188][  T341] device bridge_slave_1 entered promiscuous mode
[   42.940792][  T341] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.947872][  T341] bridge0: port 2(bridge_slave_1) entered forwarding state
[   42.955136][  T341] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.962136][  T341] bridge0: port 1(bridge_slave_0) entered forwarding state
[   42.979040][   T38] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.986143][   T38] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.993166][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.001184][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.009744][   T37] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.017902][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.024753][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.043912][  T341] device veth0_vlan entered promiscuous mode
[   43.050741][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   43.059788][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.068239][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   43.075936][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   43.083352][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.092083][   T38] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.099313][   T38] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.106837][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.115119][   T38] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   43.127024][   T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.136304][  T341] device veth1_macvtap entered promiscuous mode
[   43.146137][   T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.158200][   T37] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.175888][   T29] audit: type=1400 audit(1703417104.108:154): avc:  denied  { write } for  pid=346 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   43.197163][   T29] audit: type=1400 audit(1703417104.108:155): avc:  denied  { nlmsg_write } for  pid=346 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   43.219027][   T29] audit: type=1400 audit(1703417104.108:156): avc:  denied  { prog_load } for  pid=346 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   43.793760][    C0] ==================================================================
[   43.801929][    C0] BUG: KASAN: stack-out-of-bounds in xfrm_state_find+0x4f95/0x5b20
[   43.810267][    C0] Read of size 4 at addr ffffc90000007b88 by task swapper/0/0
[   43.817639][    C0] 
[   43.819821][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.15.141-syzkaller #0
[   43.827977][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[   43.838072][    C0] Call Trace:
[   43.841282][    C0]  <IRQ>
[   43.843971][    C0]  dump_stack_lvl+0x38/0x49
[   43.848401][    C0]  print_address_description.constprop.0+0x24/0x160
[   43.854927][    C0]  ? xfrm_state_find+0x4f95/0x5b20
[   43.860178][    C0]  kasan_report.cold+0x82/0xdb
[   43.864777][    C0]  ? netlink_has_listeners+0x90/0x170
[   43.870087][    C0]  ? xfrm_state_find+0x4f95/0x5b20
[   43.875021][    C0]  __asan_report_load4_noabort+0x14/0x20
[   43.880489][    C0]  xfrm_state_find+0x4f95/0x5b20
[   43.885431][    C0]  ? rcu_gp_init+0x702/0xe00
[   43.889951][    C0]  ? xfrm_state_migrate+0x2180/0x2180
[   43.895156][    C0]  ? dst_release+0x44/0x60
[   43.899418][    C0]  ? xfrm4_get_saddr+0x12b/0x1a0
[   43.904187][    C0]  ? xfrm4_fill_dst+0x690/0x690
[   43.908955][    C0]  ? update_stack_state+0x12c/0x4d0
[   43.913991][    C0]  xfrm_tmpl_resolve+0x271/0xb40
[   43.918760][    C0]  ? xfrm_tmpl_resolve+0x271/0xb40
[   43.923715][    C0]  ? __xfrm_dst_lookup+0xe0/0xe0
[   43.928481][    C0]  ? __stack_depot_save+0x36/0x440
[   43.933437][    C0]  xfrm_resolve_and_create_bundle+0x125/0x20c0
[   43.939415][    C0]  ? policy_hash_bysel+0xdf0/0xdf0
[   43.944379][    C0]  ? xfrm_policy_find_inexact_candidates.part.0+0x11f/0x1c0
[   43.951491][    C0]  ? xdst_queue_output+0x5e0/0x5e0
[   43.956431][    C0]  ? xfrm_sk_policy_lookup+0x380/0x380
[   43.961725][    C0]  ? __kmalloc_track_caller+0x2d4/0x4f0
[   43.967112][    C0]  ? __alloc_skb+0x8b/0x250
[   43.971439][    C0]  ? igmpv3_newpack+0x1b1/0xde0
[   43.976134][    C0]  ? add_grec+0xbef/0xec0
[   43.980308][    C0]  ? __kasan_check_write+0x14/0x20
[   43.985254][    C0]  xfrm_lookup_with_ifid+0x408/0x1c50
[   43.990455][    C0]  ? xfrm_policy_lookup_bytype.constprop.0+0xab0/0xab0
[   43.997137][    C0]  ? __kasan_check_read+0x11/0x20
[   44.002088][    C0]  ? ip_route_output_key_hash_rcu+0x776/0x2b40
[   44.008075][    C0]  xfrm_lookup_route+0x1f/0x150
[   44.012777][    C0]  ip_route_output_flow+0x259/0x2d0
[   44.017801][    C0]  ? kasan_poison+0x55/0x60
[   44.022310][    C0]  ? inet_rtm_getroute+0x20e0/0x20e0
[   44.027430][    C0]  igmpv3_newpack+0x2a8/0xde0
[   44.032202][    C0]  ? ip_mc_find_dev+0x290/0x290
[   44.036890][    C0]  ? ttwu_do_activate.isra.0+0x11c/0x250
[   44.042358][    C0]  add_grhead+0x235/0x320
[   44.046521][    C0]  add_grec+0xbef/0xec0
[   44.050778][    C0]  ? sched_setscheduler_nocheck+0x190/0x190
[   44.056767][    C0]  ? __kasan_check_write+0x14/0x20
[   44.062337][    C0]  ? igmpv3_sendpack.isra.0+0x200/0x200
[   44.067699][    C0]  ? insert_work+0x251/0x320
[   44.072129][    C0]  igmp_ifc_timer_expire+0x46e/0xb10
[   44.077264][    C0]  ? __kasan_check_write+0x14/0x20
[   44.082205][    C0]  ? _raw_spin_lock_bh+0x110/0x110
[   44.087153][    C0]  ? igmp_start_timer+0x100/0x100
[   44.092098][    C0]  call_timer_fn+0x28/0x190
[   44.096435][    C0]  __run_timers.part.0+0x45c/0x840
[   44.101431][    C0]  ? igmp_start_timer+0x100/0x100
[   44.106329][    C0]  ? call_timer_fn+0x190/0x190
[   44.110923][    C0]  ? kvm_sched_clock_read+0x18/0x40
[   44.116057][    C0]  ? sched_clock+0x9/0x10
[   44.120208][    C0]  ? sched_clock_cpu+0x18/0x1b0
[   44.124986][    C0]  run_timer_softirq+0x9c/0x180
[   44.129761][    C0]  __do_softirq+0x1c1/0x5c8
[   44.134101][    C0]  ? irqtime_account_irq+0x2c4/0x430
[   44.139219][    C0]  irq_exit_rcu+0x64/0x110
[   44.143478][    C0]  sysvec_apic_timer_interrupt+0x9d/0xc0
[   44.148937][    C0]  </IRQ>
[   44.151712][    C0]  <TASK>
[   44.154491][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[   44.160309][    C0] RIP: 0010:acpi_idle_do_entry+0x18e/0x200
[   44.165958][    C0] Code: 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 75 5a 49 8b 04 24 a8 08 75 c5 66 90 0f 00 2d 64 53 af 00 fb f4 <fa> eb b7 4c 89 e7 e8 17 f6 ff ff 4c 8b 65 f8 c9 c3 e8 8c d5 bb fd
[   44.185417][    C0] RSP: 0018:ffffffff85007c90 EFLAGS: 00000246
[   44.191302][    C0] RAX: 0000000000004000 RBX: ffff8881061e9065 RCX: ffffffff83d8bbf4
[   44.199196][    C0] RDX: 1ffffffff0a03848 RSI: 0000000000000008 RDI: ffffffff8501c240
[   44.207177][    C0] RBP: ffffffff85007c98 R08: 0000000000000000 R09: ffffffff8501c247
[   44.215250][    C0] R10: fffffbfff0a03848 R11: 0000000000000001 R12: ffffffff8501c240
[   44.223151][    C0] R13: ffff888105182800 R14: ffff888105182804 R15: ffff8881061e9064
[   44.230966][    C0]  ? acpi_idle_do_entry+0x164/0x200
[   44.235993][    C0]  acpi_idle_enter+0x2aa/0x460
[   44.240599][    C0]  ? rcu_dynticks_eqs_enter+0xe/0x10
[   44.245720][    C0]  cpuidle_enter_state+0x189/0xe00
[   44.250759][    C0]  ? cpuidle_enter_s2idle+0x420/0x420
[   44.256047][    C0]  ? menu_reflect+0x110/0x110
[   44.260606][    C0]  ? sched_clock_cpu+0x18/0x1b0
[   44.265249][    C0]  ? debug_smp_processor_id+0x17/0x20
[   44.270538][    C0]  cpuidle_enter+0x4a/0xa0
[   44.274797][    C0]  do_idle+0x3f7/0x5a0
[   44.278703][    C0]  ? arch_cpu_idle_exit+0x30/0x30
[   44.283556][    C0]  cpu_startup_entry+0x1b/0x20
[   44.288161][    C0]  rest_init+0x10e/0x140
[   44.292236][    C0]  arch_call_rest_init+0x9/0xc
[   44.296836][    C0]  start_kernel+0x366/0x383
[   44.301175][    C0]  x86_64_start_reservations+0x29/0x2b
[   44.306470][    C0]  x86_64_start_kernel+0x8e/0x92
[   44.311246][    C0]  secondary_startup_64_no_verify+0xb0/0xbb
[   44.316989][    C0]  </TASK>
[   44.319926][    C0] 
[   44.322092][    C0] 
[   44.324316][    C0] Memory state around the buggy address:
[   44.330080][    C0]  ffffc90000007a80: 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
[   44.338064][    C0]  ffffc90000007b00: 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 00
[   44.345966][    C0] >ffffc90000007b80: 00 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00
[   44.353858][    C0]                       ^
[   44.358025][    C0]  ffffc90000007c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   44.365925][    C0]  ffffc90000007c80: 00 00 00 00 00 f1 f1 f1 f1 00 f3 f3 f3 00 00 00
[   44.373908][    C0] ==================================================================
[   44.381812][    C0] Disabling lock debugging due to kernel taint
2023/12/24 11:25:08 executed programs: 794
2023/12/24 11:25:13 executed programs: 1962