Warning: Permanently added '10.128.0.8' (ED25519) to the list of known hosts.
2024/01/30 19:35:20 ignoring optional flag "sandboxArg"="0"
2024/01/30 19:35:20 parsed 1 programs
[   43.659471][   T23] kauditd_printk_skb: 72 callbacks suppressed
[   43.659484][   T23] audit: type=1400 audit(1706643320.830:148): avc:  denied  { mounton } for  pid=404 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   43.693757][   T23] audit: type=1400 audit(1706643320.830:149): avc:  denied  { mount } for  pid=404 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   43.720361][   T23] audit: type=1400 audit(1706643320.870:150): avc:  denied  { unlink } for  pid=404 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
2024/01/30 19:35:20 executed programs: 0
[   43.781588][  T404] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   43.862939][  T411] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.870474][  T411] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.879708][  T411] device bridge_slave_0 entered promiscuous mode
[   43.887139][  T411] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.894679][  T411] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.903351][  T411] device bridge_slave_1 entered promiscuous mode
[   43.956481][   T23] audit: type=1400 audit(1706643321.120:151): avc:  denied  { create } for  pid=411 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   43.977772][  T411] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.978318][   T23] audit: type=1400 audit(1706643321.140:152): avc:  denied  { write } for  pid=411 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   43.984985][  T411] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.005904][   T23] audit: type=1400 audit(1706643321.140:153): avc:  denied  { read } for  pid=411 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   44.013742][  T411] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.043181][  T411] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.068762][  T363] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.077128][  T363] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.085327][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   44.093870][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   44.118270][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   44.126648][  T363] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.133661][  T363] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.141243][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   44.149822][  T363] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.156928][  T363] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.165088][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   44.173307][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   44.186831][  T105] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   44.207788][  T105] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   44.216115][  T105] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   44.231527][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   44.245524][  T105] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   44.261511][   T23] audit: type=1400 audit(1706643321.430:154): avc:  denied  { mounton } for  pid=411 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=857 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
2024/01/30 19:35:25 executed programs: 424
2024/01/30 19:35:30 executed programs: 915
2024/01/30 19:35:35 executed programs: 1397
2024/01/30 19:35:40 executed programs: 1924
[   66.787526][   T13] cfg80211: failed to load regulatory.db
2024/01/30 19:35:46 executed programs: 2441
2024/01/30 19:35:51 executed programs: 2947
2024/01/30 19:35:56 executed programs: 3509
2024/01/30 19:36:01 executed programs: 4039
2024/01/30 19:36:06 executed programs: 4554
2024/01/30 19:36:11 executed programs: 5054
2024/01/30 19:36:16 executed programs: 5551
2024/01/30 19:36:21 executed programs: 6085
2024/01/30 19:36:26 executed programs: 6601
2024/01/30 19:36:31 executed programs: 7085
2024/01/30 19:36:36 executed programs: 7549
2024/01/30 19:36:41 executed programs: 8104
2024/01/30 19:36:46 executed programs: 8630
2024/01/30 19:36:51 executed programs: 9367
2024/01/30 19:36:56 executed programs: 10085
2024/01/30 19:37:01 executed programs: 10789
2024/01/30 19:37:06 executed programs: 11541
2024/01/30 19:37:11 executed programs: 12270
2024/01/30 19:37:16 executed programs: 13021
2024/01/30 19:37:21 executed programs: 13754
2024/01/30 19:37:26 executed programs: 14502
2024/01/30 19:37:31 executed programs: 15244
2024/01/30 19:37:36 executed programs: 15976
2024/01/30 19:37:41 executed programs: 16724
2024/01/30 19:37:46 executed programs: 17474
2024/01/30 19:37:51 executed programs: 18209
2024/01/30 19:37:56 executed programs: 18956
2024/01/30 19:38:01 executed programs: 19691
2024/01/30 19:38:06 executed programs: 20414
2024/01/30 19:38:11 executed programs: 21145
2024/01/30 19:38:16 executed programs: 21888
[  223.830026][T13365] kernel profiling enabled (shift: 0)
2024/01/30 19:38:21 executed programs: 22609
[  226.537107][    C1] ==================================================================
[  226.546193][    C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0
[  226.553256][    C1] Read of size 8 at addr ffff8881e1b179a0 by task syz-executor.0/14059
[  226.562843][    C1] 
[  226.565195][    C1] CPU: 1 PID: 14059 Comm: syz-executor.0 Not tainted 5.4.265-syzkaller-04838-gc84a70203fff #0
[  226.575425][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
[  226.586021][    C1] Call Trace:
[  226.589413][    C1]  <IRQ>
[  226.592104][    C1]  dump_stack+0x1d8/0x241
[  226.596377][    C1]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[  226.601992][    C1]  ? printk+0xd1/0x111
[  226.606258][    C1]  ? profile_pc+0xa4/0xe0
[  226.611587][    C1]  ? wake_up_klogd+0xb2/0xf0
[  226.616282][    C1]  ? profile_pc+0xa4/0xe0
[  226.620766][    C1]  print_address_description+0x8c/0x600
[  226.626589][    C1]  ? panic+0x896/0x896
[  226.630759][    C1]  ? profile_pc+0xa4/0xe0
[  226.635322][    C1]  __kasan_report+0xf3/0x120
[  226.639989][    C1]  ? profile_pc+0xa4/0xe0
[  226.644166][    C1]  ? _raw_spin_lock+0x15b/0x1b0
[  226.649255][    C1]  kasan_report+0x30/0x60
[  226.653769][    C1]  profile_pc+0xa4/0xe0
[  226.658163][    C1]  profile_tick+0xb9/0x100
[  226.662470][    C1]  tick_sched_timer+0x237/0x3c0
[  226.667704][    C1]  ? tick_setup_sched_timer+0x460/0x460
[  226.673325][    C1]  __hrtimer_run_queues+0x3e9/0xb90
[  226.678701][    C1]  ? hrtimer_interrupt+0x890/0x890
[  226.684043][    C1]  ? kvm_sched_clock_read+0x14/0x40
[  226.689459][    C1]  ? sched_clock+0x36/0x40
[  226.694471][    C1]  ? ktime_get+0xf9/0x130
[  226.698826][    C1]  ? ktime_get_update_offsets_now+0x26c/0x280
[  226.704939][    C1]  hrtimer_interrupt+0x38a/0x890
[  226.709669][    C1]  smp_apic_timer_interrupt+0x110/0x460
[  226.715064][    C1]  apic_timer_interrupt+0xf/0x20
[  226.719898][    C1]  </IRQ>
[  226.722771][    C1]  ? _raw_spin_lock+0xa4/0x1b0
[  226.727732][    C1]  ? _raw_spin_lock+0x15b/0x1b0
[  226.732758][    C1]  ? _raw_spin_trylock_bh+0x190/0x190
[  226.738553][    C1]  ? xas_load+0x4f8/0x560
[  226.742720][    C1]  ? alloc_set_pte+0x836/0x1170
[  226.747790][    C1]  ? filemap_map_pages+0x9d8/0xdd0
[  226.752794][    C1]  ? maybe_unlock_mmap_for_io+0x120/0x120
[  226.759272][    C1]  ? handle_mm_fault+0x24c8/0x4840
[  226.764804][    C1]  ? finish_fault+0x230/0x230
[  226.769618][    C1]  ? down_write_trylock+0x130/0x130
[  226.775031][    C1]  ? down_read_trylock+0x179/0x1d0
[  226.780362][    C1]  ? __do_page_fault+0x509/0xbb0
[  226.785128][    C1]  ? page_fault+0x2f/0x40
[  226.789278][    C1] 
[  226.791460][    C1] The buggy address belongs to the page:
[  226.797003][    C1] page:ffffea000786c5c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[  226.806152][    C1] flags: 0x8000000000000000()
[  226.810635][    C1] raw: 8000000000000000 0000000000000000 ffffea000786c5c8 0000000000000000
[  226.819333][    C1] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[  226.828024][    C1] page dumped because: kasan: bad access detected
[  226.834388][    C1] page_owner tracks the page as allocated
[  226.840042][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT)
[  226.852151][    C1]  prep_new_page+0x18f/0x370
[  226.856764][    C1]  get_page_from_freelist+0x2d13/0x2d90
[  226.863117][    C1]  __alloc_pages_nodemask+0x393/0x840
[  226.869112][    C1]  dup_task_struct+0x85/0x600
[  226.875055][    C1]  copy_process+0x56d/0x3230
[  226.879628][    C1]  _do_fork+0x197/0x900
[  226.883825][    C1]  __x64_sys_clone+0x26b/0x2c0
[  226.888657][    C1]  do_syscall_64+0xca/0x1c0
[  226.893203][    C1]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[  226.899268][    C1] page last free stack trace:
[  226.903891][    C1]  __free_pages_ok+0x847/0x950
[  226.908653][    C1]  __free_pages+0x91/0x140
[  226.913011][    C1]  put_task_stack+0x212/0x260
[  226.917510][    C1]  finish_task_switch+0x24a/0x590
[  226.922459][    C1]  __schedule+0xb0d/0x1320
[  226.926931][    C1]  schedule_idle+0x50/0x80
[  226.931212][    C1]  do_idle+0x609/0x660
[  226.935303][    C1]  cpu_startup_entry+0x14/0x20
[  226.940171][    C1]  start_secondary+0x3a5/0x460
[  226.944740][    C1]  secondary_startup_64+0xa4/0xb0
[  226.949832][    C1] 
[  226.952090][    C1] addr ffff8881e1b179a0 is located in stack of task syz-executor.0/14059 at offset 0 in frame:
[  226.962432][    C1]  _raw_spin_lock+0x0/0x1b0
[  226.966767][    C1] 
[  226.968924][    C1] this frame has 1 object:
[  226.973192][    C1]  [32, 36) 'val.i.i.i'
[  226.973194][    C1] 
[  226.979423][    C1] Memory state around the buggy address:
[  226.985360][    C1]  ffff8881e1b17880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  226.993966][    C1]  ffff8881e1b17900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  227.001966][    C1] >ffff8881e1b17980: 00 00 00 00 f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00
[  227.010682][    C1]                                ^
[  227.015662][    C1]  ffff8881e1b17a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  227.023697][    C1]  ffff8881e1b17a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  227.032035][    C1] ==================================================================
[  227.040234][    C1] Disabling lock debugging due to kernel taint
2024/01/30 19:38:26 executed programs: 23270
2024/01/30 19:38:31 executed programs: 24002