Warning: Permanently added '10.128.0.101' (ED25519) to the list of known hosts.
2024/02/14 08:37:45 ignoring optional flag "sandboxArg"="0"
2024/02/14 08:37:45 parsed 1 programs
2024/02/14 08:37:45 executed programs: 0
[   42.986804][   T23] kauditd_printk_skb: 68 callbacks suppressed
[   42.986816][   T23] audit: type=1400 audit(1707899865.190:144): avc:  denied  { mounton } for  pid=403 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   43.018165][   T23] audit: type=1400 audit(1707899865.190:145): avc:  denied  { mount } for  pid=403 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   43.087334][  T408] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.094231][  T408] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.101488][  T408] device bridge_slave_0 entered promiscuous mode
[   43.108386][  T408] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.115353][  T408] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.122791][  T408] device bridge_slave_1 entered promiscuous mode
[   43.168602][   T23] audit: type=1400 audit(1707899865.370:146): avc:  denied  { create } for  pid=408 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   43.180061][  T408] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.189537][   T23] audit: type=1400 audit(1707899865.380:147): avc:  denied  { write } for  pid=408 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   43.196394][  T408] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.196506][  T408] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.196515][  T408] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.238295][  T364] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.238359][   T23] audit: type=1400 audit(1707899865.380:148): avc:  denied  { read } for  pid=408 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   43.265482][  T364] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.272725][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   43.279970][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   43.302435][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   43.310422][  T364] bridge0: port 1(bridge_slave_0) entered blocking state
[   43.317267][  T364] bridge0: port 1(bridge_slave_0) entered forwarding state
[   43.324674][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   43.333043][  T364] bridge0: port 2(bridge_slave_1) entered blocking state
[   43.339867][  T364] bridge0: port 2(bridge_slave_1) entered forwarding state
[   43.347258][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   43.355066][  T364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   43.367723][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   43.381903][  T363] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   43.402527][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   43.410766][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   43.420176][   T74] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   43.436541][   T23] audit: type=1400 audit(1707899865.640:149): avc:  denied  { mounton } for  pid=408 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=10052 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   43.472343][  T415] kernel profiling enabled (shift: 0)
[   43.991562][    C0] ==================================================================
[   43.999660][    C0] BUG: KASAN: stack-out-of-bounds in profile_pc+0xa4/0xe0
[   44.006893][    C0] Read of size 8 at addr ffff8881ed797a80 by task syz-executor.0/444
[   44.014942][    C0] 
[   44.017199][    C0] CPU: 0 PID: 444 Comm: syz-executor.0 Not tainted 5.4.265-syzkaller-04843-g1b3143b9b166 #0
[   44.027170][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[   44.037527][    C0] Call Trace:
[   44.040641][    C0]  <IRQ>
[   44.043517][    C0]  dump_stack+0x1d8/0x241
[   44.047804][    C0]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   44.053402][    C0]  ? printk+0xd1/0x111
[   44.057318][    C0]  ? profile_pc+0xa4/0xe0
[   44.061472][    C0]  ? wake_up_klogd+0xb2/0xf0
[   44.065985][    C0]  ? profile_pc+0xa4/0xe0
[   44.070418][    C0]  print_address_description+0x8c/0x600
[   44.075964][    C0]  ? panic+0x896/0x896
[   44.079960][    C0]  ? profile_pc+0xa4/0xe0
[   44.084125][    C0]  __kasan_report+0xf3/0x120
[   44.088563][    C0]  ? profile_pc+0xa4/0xe0
[   44.092918][    C0]  ? _raw_spin_lock+0xc0/0x1b0
[   44.097517][    C0]  kasan_report+0x30/0x60
[   44.101684][    C0]  profile_pc+0xa4/0xe0
[   44.105674][    C0]  profile_tick+0xb9/0x100
[   44.110201][    C0]  tick_sched_timer+0x237/0x3c0
[   44.115141][    C0]  ? tick_setup_sched_timer+0x460/0x460
[   44.120533][    C0]  __hrtimer_run_queues+0x3e9/0xb90
[   44.126093][    C0]  ? hrtimer_interrupt+0x890/0x890
[   44.131037][    C0]  ? check_preemption_disabled+0x9f/0x320
[   44.136580][    C0]  ? ktime_get_update_offsets_now+0x26c/0x280
[   44.142750][    C0]  hrtimer_interrupt+0x38a/0x890
[   44.147522][    C0]  smp_apic_timer_interrupt+0x110/0x460
[   44.152895][    C0]  apic_timer_interrupt+0xf/0x20
[   44.157745][    C0]  </IRQ>
[   44.160533][    C0]  ? _raw_spin_lock+0xc0/0x1b0
[   44.165314][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[   44.170509][    C0]  ? copy_files+0x143/0x1f0
[   44.174848][    C0]  ? perf_event_attrs+0x20/0x20
[   44.179623][    C0]  ? dup_task_struct+0x600/0x600
[   44.184421][    C0]  ? sched_fork+0x5e4/0xd70
[   44.188737][    C0]  ? copy_fs+0xab/0x140
[   44.192728][    C0]  ? copy_process+0x120d/0x3230
[   44.197436][    C0]  ? fork_idle+0x290/0x290
[   44.201665][    C0]  ? _raw_spin_lock_irq+0xa5/0x1b0
[   44.206618][    C0]  ? _copy_from_user+0xa6/0xe0
[   44.211224][    C0]  ? _do_fork+0x197/0x900
[   44.215497][    C0]  ? __delayed_free_task+0x20/0x20
[   44.220517][    C0]  ? copy_process+0x3230/0x3230
[   44.225208][    C0]  ? __x64_sys_clone3+0x2da/0x300
[   44.230063][    C0]  ? __ia32_sys_clone+0x2b0/0x2b0
[   44.234927][    C0]  ? __do_page_fault+0x725/0xbb0
[   44.239699][    C0]  ? do_syscall_64+0xca/0x1c0
[   44.244390][    C0]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   44.250284][    C0] 
[   44.252451][    C0] The buggy address belongs to the page:
[   44.258107][    C0] page:ffffea0007b5e5c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0
[   44.267036][    C0] flags: 0x8000000000000000()
[   44.271560][    C0] raw: 8000000000000000 0000000000000000 ffffea0007b5e5c8 0000000000000000
[   44.280059][    C0] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[   44.288470][    C0] page dumped because: kasan: bad access detected
[   44.294914][    C0] page_owner tracks the page as allocated
[   44.300479][    C0] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT)
[   44.312116][    C0]  prep_new_page+0x18f/0x370
[   44.316616][    C0]  get_page_from_freelist+0x2d13/0x2d90
[   44.322040][    C0]  __alloc_pages_nodemask+0x393/0x840
[   44.327207][    C0]  dup_task_struct+0x85/0x600
[   44.331717][    C0]  copy_process+0x56d/0x3230
[   44.336143][    C0]  _do_fork+0x197/0x900
[   44.340342][    C0]  __x64_sys_clone+0x26b/0x2c0
[   44.344938][    C0]  do_syscall_64+0xca/0x1c0
[   44.349282][    C0]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   44.355002][    C0] page last free stack trace:
[   44.359530][    C0]  __free_pages_ok+0x847/0x950
[   44.364119][    C0]  __free_pages+0x91/0x140
[   44.368375][    C0]  __free_slab+0x221/0x2e0
[   44.372629][    C0]  unfreeze_partials+0x14e/0x180
[   44.377407][    C0]  put_cpu_partial+0x44/0x180
[   44.381913][    C0]  __slab_free+0x297/0x360
[   44.386338][    C0]  qlist_free_all+0x43/0xb0
[   44.390680][    C0]  quarantine_reduce+0x1d9/0x210
[   44.395718][    C0]  __kasan_kmalloc+0x41/0x210
[   44.400235][    C0]  kmem_cache_alloc+0xd9/0x250
[   44.405029][    C0]  __se_sys_inotify_add_watch+0x5e5/0xa70
[   44.410738][    C0]  do_syscall_64+0xca/0x1c0
[   44.415340][    C0]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   44.421617][    C0] 
[   44.423789][    C0] addr ffff8881ed797a80 is located in stack of task syz-executor.0/444 at offset 0 in frame:
[   44.434032][    C0]  _raw_spin_lock+0x0/0x1b0
[   44.438366][    C0] 
[   44.440548][    C0] this frame has 1 object:
[   44.446100][    C0]  [32, 36) 'val.i.i.i'
[   44.446101][    C0] 
[   44.452278][    C0] Memory state around the buggy address:
[   44.457811][    C0]  ffff8881ed797980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   44.465884][    C0]  ffff8881ed797a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   44.473786][    C0] >ffff8881ed797a80: f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 00 00 00 00
[   44.481682][    C0]                    ^
[   44.485593][    C0]  ffff8881ed797b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   44.493746][    C0]  ffff8881ed797b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   44.501825][    C0] ==================================================================
[   44.509897][    C0] Disabling lock debugging due to kernel taint
2024/02/14 08:37:50 executed programs: 442
2024/02/14 08:37:55 executed programs: 1037