Warning: Permanently added '10.128.1.41' (ED25519) to the list of known hosts.
2025/05/08 02:23:46 ignoring optional flag "sandboxArg"="0"
2025/05/08 02:23:47 parsed 1 programs
[   52.390295][   T24] kauditd_printk_skb: 27 callbacks suppressed
[   52.390306][   T24] audit: type=1400 audit(1746671028.750:101): avc:  denied  { create } for  pid=405 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   52.416920][   T24] audit: type=1400 audit(1746671028.750:102): avc:  denied  { write } for  pid=405 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   52.437319][   T24] audit: type=1400 audit(1746671028.750:103): avc:  denied  { read } for  pid=405 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   52.457894][   T24] audit: type=1400 audit(1746671028.780:104): avc:  denied  { unlink } for  pid=405 comm="syz-executor" name="swap-file" dev="sda1" ino=2026 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   52.488496][  T405] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   53.029236][  T414] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.036487][  T414] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.043865][  T414] device bridge_slave_0 entered promiscuous mode
[   53.050795][  T414] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.057905][  T414] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.065540][  T414] device bridge_slave_1 entered promiscuous mode
[   53.101074][  T414] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.108516][  T414] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.115965][  T414] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.123002][  T414] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.140246][  T213] bridge0: port 1(bridge_slave_0) entered disabled state
[   53.147608][  T213] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.155337][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   53.163531][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   53.173750][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   53.182087][  T213] bridge0: port 1(bridge_slave_0) entered blocking state
[   53.189139][  T213] bridge0: port 1(bridge_slave_0) entered forwarding state
[   53.197668][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   53.206031][  T213] bridge0: port 2(bridge_slave_1) entered blocking state
[   53.213157][  T213] bridge0: port 2(bridge_slave_1) entered forwarding state
[   53.224745][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   53.235252][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   53.248897][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   53.260423][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   53.268591][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   53.276364][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   53.284704][  T414] device veth0_vlan entered promiscuous mode
[   53.294709][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   53.304757][  T414] device veth1_macvtap entered promiscuous mode
[   53.314116][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   53.325746][  T213] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   53.468571][   T24] audit: type=1401 audit(1746671029.830:105): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768"
[   53.749191][   T24] audit: type=1400 audit(1746671030.110:106): avc:  denied  { create } for  pid=446 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
2025/05/08 02:23:50 executed programs: 0
[   54.092685][  T465] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.099753][  T465] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.107488][  T465] device bridge_slave_0 entered promiscuous mode
[   54.114567][  T465] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.121868][  T465] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.129466][  T465] device bridge_slave_1 entered promiscuous mode
[   54.168025][  T465] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.175179][  T465] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.182412][  T465] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.189448][  T465] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.197900][    T7] device bridge_slave_1 left promiscuous mode
[   54.204010][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.211474][    T7] device bridge_slave_0 left promiscuous mode
[   54.217652][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.225804][    T7] device veth1_macvtap left promiscuous mode
[   54.231803][    T7] device veth0_vlan left promiscuous mode
[   54.325418][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   54.333008][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.340284][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.349056][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   54.357406][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.364601][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   54.374074][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   54.382378][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   54.389732][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   54.401572][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   54.410659][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   54.424086][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   54.436103][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   54.444347][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   54.451948][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   54.460797][  T465] device veth0_vlan entered promiscuous mode
[   54.470597][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   54.479549][  T465] device veth1_macvtap entered promiscuous mode
[   54.489076][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   54.499460][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   54.537847][   T24] audit: type=1400 audit(1746671030.900:107): avc:  denied  { create } for  pid=479 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   54.547735][  T481] ==================================================================
[   54.557235][   T24] audit: type=1400 audit(1746671030.900:108): avc:  denied  { setopt } for  pid=479 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   54.565242][  T481] BUG: KASAN: slab-out-of-bounds in xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   54.565252][  T481] Read of size 1 at addr ffff888116c273d8 by task syz.2.16/481
[   54.565255][  T481] 
[   54.565272][  T481] CPU: 1 PID: 481 Comm: syz.2.16 Not tainted 5.10.237-syzkaller-1007464-g7e2543346ff7 #0
[   54.565278][  T481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.565291][  T481] Call Trace:
[   54.565306][  T481]  __dump_stack+0x21/0x24
[   54.565326][  T481]  dump_stack_lvl+0x169/0x1d8
[   54.586034][   T24] audit: type=1400 audit(1746671030.900:109): avc:  denied  { write } for  pid=479 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   54.593842][  T481]  ? show_regs_print_info+0x18/0x18
[   54.601584][   T24] audit: type=1400 audit(1746671030.900:110): avc:  denied  { create } for  pid=479 comm="syz.2.16" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   54.603678][  T481]  ? thaw_kernel_threads+0x220/0x220
[   54.685355][  T481]  ? unwind_get_return_address+0x4d/0x90
[   54.690992][  T481]  print_address_description+0x7f/0x2c0
[   54.696636][  T481]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   54.703148][  T481]  kasan_report+0xe2/0x130
[   54.707909][  T481]  ? xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   54.714500][  T481]  __asan_report_load1_noabort+0x14/0x20
[   54.720211][  T481]  xfrm_policy_inexact_list_reinsert+0x620/0x6d0
[   54.726526][  T481]  xfrm_policy_inexact_insert_node+0x938/0xb50
[   54.732673][  T481]  ? netlink_unicast+0x87c/0xa40
[   54.737588][  T481]  ? netlink_sendmsg+0x88d/0xb30
[   54.742939][  T481]  ? ____sys_sendmsg+0x5a2/0x8c0
[   54.747860][  T481]  ? ___sys_sendmsg+0x1f0/0x260
[   54.752692][  T481]  ? __x64_sys_sendmsg+0x1e2/0x2a0
[   54.757783][  T481]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.763836][  T481]  xfrm_policy_inexact_alloc_chain+0x53a/0xb30
[   54.770145][  T481]  xfrm_policy_inexact_insert+0x70/0x1130
[   54.775975][  T481]  ? __get_hash_thresh+0x10c/0x420
[   54.781098][  T481]  ? policy_hash_bysel+0x110/0x4f0
[   54.786203][  T481]  xfrm_policy_insert+0xe0/0x930
[   54.791245][  T481]  xfrm_add_policy+0x4d1/0x830
[   54.796073][  T481]  ? xfrm_dump_sa_done+0xc0/0xc0
[   54.801100][  T481]  xfrm_user_rcv_msg+0x450/0x6d0
[   54.806149][  T481]  ? xfrm_netlink_rcv+0x90/0x90
[   54.811086][  T481]  ? selinux_nlmsg_lookup+0x219/0x4a0
[   54.816572][  T481]  netlink_rcv_skb+0x1e0/0x430
[   54.821356][  T481]  ? xfrm_netlink_rcv+0x90/0x90
[   54.826193][  T481]  ? netlink_ack+0xb80/0xb80
[   54.830789][  T481]  ? mutex_trylock+0xa0/0xa0
[   54.835357][  T481]  ? __netlink_lookup+0x387/0x3b0
[   54.840383][  T481]  xfrm_netlink_rcv+0x72/0x90
[   54.845045][  T481]  netlink_unicast+0x87c/0xa40
[   54.849815][  T481]  netlink_sendmsg+0x88d/0xb30
[   54.854557][  T481]  ? netlink_getsockopt+0x530/0x530
[   54.859882][  T481]  ? security_socket_sendmsg+0x82/0xa0
[   54.865450][  T481]  ? netlink_getsockopt+0x530/0x530
[   54.870641][  T481]  ____sys_sendmsg+0x5a2/0x8c0
[   54.875397][  T481]  ? __sys_sendmsg_sock+0x40/0x40
[   54.880466][  T481]  ? import_iovec+0x7c/0xb0
[   54.884955][  T481]  ___sys_sendmsg+0x1f0/0x260
[   54.889620][  T481]  ? __sys_sendmsg+0x250/0x250
[   54.894381][  T481]  ? __fdget+0x1a1/0x230
[   54.898672][  T481]  __x64_sys_sendmsg+0x1e2/0x2a0
[   54.903628][  T481]  ? ___sys_sendmsg+0x260/0x260
[   54.908470][  T481]  ? switch_fpu_return+0x197/0x340
[   54.913568][  T481]  do_syscall_64+0x31/0x40
[   54.918128][  T481]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   54.924031][  T481] RIP: 0033:0x7f415edc7169
[   54.928753][  T481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.948577][  T481] RSP: 002b:00007f415e838038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.957262][  T481] RAX: ffffffffffffffda RBX: 00007f415efeefa0 RCX: 00007f415edc7169
[   54.965237][  T481] RDX: 0000000000004000 RSI: 0000200000000580 RDI: 0000000000000005
[   54.973312][  T481] RBP: 00007f415ee49a68 R08: 0000000000000000 R09: 0000000000000000
[   54.981296][  T481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   54.989717][  T481] R13: 0000000000000000 R14: 00007f415efeefa0 R15: 00007ffd48762398
[   54.997687][  T481] 
[   55.000002][  T481] Allocated by task 481:
[   55.004333][  T481]  __kasan_kmalloc+0xda/0x110
[   55.009017][  T481]  __kmalloc+0x1a7/0x330
[   55.013252][  T481]  sk_prot_alloc+0xb2/0x340
[   55.017757][  T481]  sk_alloc+0x38/0x4e0
[   55.021817][  T481]  pfkey_create+0x12a/0x660
[   55.026400][  T481]  __sock_create+0x38d/0x770
[   55.030984][  T481]  __sys_socket+0xec/0x190
[   55.035512][  T481]  __x64_sys_socket+0x7a/0x90
[   55.040429][  T481]  do_syscall_64+0x31/0x40
[   55.044955][  T481]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.050833][  T481] 
[   55.053145][  T481] The buggy address belongs to the object at ffff888116c27000
[   55.053145][  T481]  which belongs to the cache kmalloc-1k of size 1024
[   55.067306][  T481] The buggy address is located 984 bytes inside of
[   55.067306][  T481]  1024-byte region [ffff888116c27000, ffff888116c27400)
[   55.080919][  T481] The buggy address belongs to the page:
[   55.086673][  T481] page:ffffea00045b0800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x116c20
[   55.097031][  T481] head:ffffea00045b0800 order:3 compound_mapcount:0 compound_pincount:0
[   55.105429][  T481] flags: 0x4000000000010200(slab|head)
[   55.110962][  T481] raw: 4000000000010200 ffffea00045aba00 0000000200000002 ffff888100042f00
[   55.119675][  T481] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[   55.128244][  T481] page dumped because: kasan: bad access detected
[   55.134760][  T481] page_owner tracks the page as allocated
[   55.140468][  T481] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 94, ts 5441397428, free_ts 0
[   55.158444][  T481]  prep_new_page+0x179/0x180
[   55.163025][  T481]  get_page_from_freelist+0x2235/0x23d0
[   55.168567][  T481]  __alloc_pages_nodemask+0x268/0x5f0
[   55.174054][  T481]  new_slab+0x84/0x3f0
[   55.178468][  T481]  ___slab_alloc+0x2a6/0x450
[   55.183064][  T481]  __slab_alloc+0x63/0xa0
[   55.187401][  T481]  __kmalloc_track_caller+0x1ef/0x320
[   55.192797][  T481]  __alloc_skb+0xdc/0x520
[   55.197127][  T481]  netlink_sendmsg+0x5f6/0xb30
[   55.201966][  T481]  ____sys_sendmsg+0x5a2/0x8c0
[   55.206752][  T481]  ___sys_sendmsg+0x1f0/0x260
[   55.211568][  T481]  __x64_sys_sendmsg+0x1e2/0x2a0
[   55.216493][  T481]  do_syscall_64+0x31/0x40
[   55.220999][  T481]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   55.226973][  T481] page_owner free stack trace missing
[   55.232336][  T481] 
[   55.234650][  T481] Memory state around the buggy address:
[   55.240346][  T481]  ffff888116c27280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   55.248521][  T481]  ffff888116c27300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   55.256779][  T481] >ffff888116c27380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[   55.265751][  T481]                                                     ^
[   55.272989][  T481]  ffff888116c27400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   55.281398][  T481]  ffff888116c27480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   55.289568][  T481] ==================================================================
[   55.297742][  T481] Disabling lock debugging due to kernel taint
2025/05/08 02:23:55 executed programs: 225
[   59.055581][   T24] kauditd_printk_skb: 9 callbacks suppressed
[   59.055593][   T24] audit: type=1400 audit(1746671035.420:120): avc:  denied  { write } for  pid=396 comm="syz-execprog" path="pipe:[15046]" dev="pipefs" ino=15046 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
2025/05/08 02:24:00 executed programs: 522