Warning: Permanently added '10.128.0.75' (ED25519) to the list of known hosts.
2024/11/07 17:11:04 ignoring optional flag "sandboxArg"="0"
2024/11/07 17:11:04 ignoring optional flag "type"="gce"
2024/11/07 17:11:05 parsed 1 programs
2024/11/07 17:11:05 executed programs: 0
[   46.362090][  T412] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.368975][  T412] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.376596][  T412] device bridge_slave_0 entered promiscuous mode
[   46.383387][  T412] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.390266][  T412] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.397806][  T412] device bridge_slave_1 entered promiscuous mode
[   46.455989][  T412] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.462853][  T412] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.470133][  T412] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.477406][  T412] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.502001][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.509257][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.516662][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   46.524243][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   46.533961][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   46.542032][    T7] bridge0: port 1(bridge_slave_0) entered blocking state
[   46.548890][    T7] bridge0: port 1(bridge_slave_0) entered forwarding state
[   46.558710][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   46.567520][    T7] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.575022][    T7] bridge0: port 2(bridge_slave_1) entered forwarding state
[   46.590104][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   46.599743][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   46.618280][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   46.630858][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   46.645519][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   46.659675][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.670771][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.687868][   T23] kauditd_printk_skb: 15 callbacks suppressed
[   46.687880][   T23] audit: type=1400 audit(1730999465.500:91): avc:  denied  { mounton } for  pid=412 comm="syz-executor.0" path="/dev/binderfs" dev="devtmpfs" ino=10727 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   46.728288][   T23] audit: type=1400 audit(1730999465.540:92): avc:  denied  { create } for  pid=417 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   46.749392][   T23] audit: type=1400 audit(1730999465.540:93): avc:  denied  { write } for  pid=417 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   46.769868][   T23] audit: type=1400 audit(1730999465.540:94): avc:  denied  { nlmsg_write } for  pid=417 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   46.864668][    C0] ==================================================================
[   46.872590][    C0] BUG: KASAN: stack-out-of-bounds in __xfrm_dst_hash+0x355/0x430
[   46.880112][    C0] Read of size 4 at addr ffff8881f6e09a78 by task syz-executor.0/412
[   46.888004][    C0] 
[   46.890183][    C0] CPU: 0 PID: 412 Comm: syz-executor.0 Not tainted 5.4.284-syzkaller-04988-g137306201ec6 #0
[   46.900069][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   46.909966][    C0] Call Trace:
[   46.913239][    C0]  <IRQ>
[   46.915930][    C0]  dump_stack+0x1d8/0x241
[   46.920105][    C0]  ? nf_ct_l4proto_log_invalid+0x258/0x258
[   46.925762][    C0]  ? printk+0xd1/0x111
[   46.929653][    C0]  ? __xfrm_dst_hash+0x355/0x430
[   46.934416][    C0]  print_address_description+0x8c/0x600
[   46.939800][    C0]  ? irqtime_account_irq+0xb9/0x1b0
[   46.944827][    C0]  ? __xfrm_dst_hash+0x355/0x430
[   46.949620][    C0]  __kasan_report+0xf3/0x120
[   46.954062][    C0]  ? __xfrm_dst_hash+0x355/0x430
[   46.958812][    C0]  kasan_report+0x30/0x60
[   46.962966][    C0]  __xfrm_dst_hash+0x355/0x430
[   46.967580][    C0]  xfrm_state_find+0x2cc/0x2dc0
[   46.972274][    C0]  ? check_preemption_disabled+0x9f/0x320
[   46.977819][    C0]  ? call_rcu+0x10/0x10
[   46.981800][    C0]  ? debug_smp_processor_id+0x20/0x20
[   46.987043][    C0]  ? xfrm_sad_getinfo+0x170/0x170
[   46.991870][    C0]  ? xfrm4_get_saddr+0x18c/0x2a0
[   46.996650][    C0]  ? rcu_irq_exit+0x104/0x250
[   47.001155][    C0]  ? xfrm_resolve_and_create_bundle+0x472/0x31d0
[   47.007341][    C0]  xfrm_resolve_and_create_bundle+0x6aa/0x31d0
[   47.013760][    C0]  ? xfrm_sk_policy_lookup+0x5c0/0x5c0
[   47.019080][    C0]  ? debug_smp_processor_id+0x20/0x20
[   47.024251][    C0]  ? check_preemption_disabled+0x9f/0x320
[   47.029801][    C0]  ? kvm_sched_clock_read+0x14/0x40
[   47.034833][    C0]  ? debug_smp_processor_id+0x20/0x20
[   47.040041][    C0]  ? rcu_irq_exit+0x104/0x250
[   47.044569][    C0]  ? call_function_single_interrupt+0xf/0x20
[   47.050449][    C0]  ? call_function_single_interrupt+0xa/0x20
[   47.056334][    C0]  xfrm_lookup_with_ifid+0x549/0x1c90
[   47.061477][    C0]  ? rt_set_nexthop+0x21b/0x700
[   47.066167][    C0]  ? __xfrm_sk_clone_policy+0x8a0/0x8a0
[   47.072067][    C0]  ? ip_route_output_key_hash+0x230/0x230
[   47.077553][    C0]  xfrm_lookup_route+0x37/0x170
[   47.082237][    C0]  ip_route_output_flow+0x1fe/0x330
[   47.087395][    C0]  ? ipv4_sk_update_pmtu+0x1ed0/0x1ed0
[   47.092674][    C0]  ? make_kuid+0x200/0x700
[   47.096908][    C0]  ? __put_user_ns+0x50/0x50
[   47.101511][    C0]  ? __alloc_skb+0x29e/0x4d0
[   47.105934][    C0]  igmpv3_newpack+0x437/0x1070
[   47.110543][    C0]  ? igmpv3_sendpack+0x190/0x190
[   47.115433][    C0]  add_grhead+0x75/0x2c0
[   47.119504][    C0]  add_grec+0x12c9/0x15d0
[   47.123682][    C0]  ? cpus_share_cache+0x110/0x110
[   47.128719][    C0]  ? _raw_spin_lock_bh+0xa4/0x1b0
[   47.133587][    C0]  ? igmpv3_send_report+0x410/0x410
[   47.138742][    C0]  ? insert_work+0x279/0x330
[   47.143263][    C0]  igmp_ifc_timer_expire+0x7bc/0xea0
[   47.148471][    C0]  ? _raw_spin_lock+0xa4/0x1b0
[   47.153058][    C0]  ? _raw_spin_trylock_bh+0x190/0x190
[   47.158409][    C0]  ? igmp_gq_timer_expire+0xd0/0xd0
[   47.163428][    C0]  call_timer_fn+0x36/0x390
[   47.167775][    C0]  ? igmp_gq_timer_expire+0xd0/0xd0
[   47.172915][    C0]  __run_timers+0x879/0xbe0
[   47.177232][    C0]  ? enqueue_timer+0x300/0x300
[   47.181824][    C0]  ? check_preemption_disabled+0x9f/0x320
[   47.187580][    C0]  ? debug_smp_processor_id+0x20/0x20
[   47.192763][    C0]  ? lapic_next_event+0x5b/0x70
[   47.197565][    C0]  run_timer_softirq+0x63/0xf0
[   47.202130][    C0]  __do_softirq+0x23b/0x6b7
[   47.206466][    C0]  ? sched_clock_cpu+0x18/0x3a0
[   47.211329][    C0]  irq_exit+0x195/0x1c0
[   47.215436][    C0]  smp_apic_timer_interrupt+0x11a/0x460
[   47.220824][    C0]  apic_timer_interrupt+0xf/0x20
[   47.225700][    C0]  </IRQ>
[   47.228502][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x4d/0x80
[   47.234723][    C0] Code: 74 0c 48 c7 c7 d0 3b eb 85 e8 9f 81 42 fd 48 83 3d e7 9d 99 01 00 74 36 48 89 df e8 3d 56 fa fc 66 90 4c 89 34 24 ff 34 24 9d <bf> 01 00 00 00 e8 b9 42 f3 fc 65 8b 05 7e ef b0 7b 85 c0 74 08 48
[   47.254248][    C0] RSP: 0018:ffff8881dd3e7858 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
[   47.262496][    C0] RAX: 0000000000000001 RBX: ffffffff86ec8d40 RCX: dffffc0000000000
[   47.270378][    C0] RDX: 0000000000000000 RSI: 0000000000000246 RDI: ffffffff86ec8d40
[   47.278191][    C0] RBP: dffffc0000000000 R08: ffffffff81873ca2 R09: fffff520000023f1
[   47.286039][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881f18e8200
[   47.293825][    C0] R13: 1ffff1103e31d040 R14: 0000000000000246 R15: 0000000000000400
[   47.301926][    C0]  ? pcpu_alloc+0x392/0x1050
[   47.306595][    C0]  pcpu_alloc+0x69a/0x1050
[   47.310851][    C0]  xt_percpu_counter_alloc+0x141/0x1e0
[   47.316145][    C0]  translate_table+0x137b/0x2320
[   47.320920][    C0]  ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   47.326923][    C0]  ? ip6t_register_table+0x4a0/0x4a0
[   47.332140][    C0]  do_ip6t_set_ctl+0x36f/0x600
[   47.336706][    C0]  ? selinux_socket_setsockopt+0x260/0x360
[   47.342350][    C0]  ? cleanup_entry+0x4d0/0x4d0
[   47.346948][    C0]  ? handle_mm_fault+0x1cbe/0x4920
[   47.351900][    C0]  nf_setsockopt+0x28f/0x2b0
[   47.356322][    C0]  ? sock_common_recvmsg+0x240/0x240
[   47.361529][    C0]  __sys_setsockopt+0x4b4/0x840
[   47.366216][    C0]  ? sockfs_listxattr+0xe0/0xe0
[   47.370914][    C0]  ? check_preemption_disabled+0x153/0x320
[   47.376564][    C0]  ? __do_page_fault+0x725/0xbb0
[   47.381336][    C0]  __x64_sys_setsockopt+0xb1/0xc0
[   47.386310][    C0]  do_syscall_64+0xca/0x1c0
[   47.390801][    C0]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   47.396755][    C0] RIP: 0033:0x7f0f7cb2f5aa
[   47.401091][    C0] Code: ff ff ff c3 0f 1f 40 00 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 b0 ff ff ff f7
[   47.420623][    C0] RSP: 002b:00007ffd43256e68 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[   47.428874][    C0] RAX: ffffffffffffffda RBX: 00007ffd43256ef0 RCX: 00007f0f7cb2f5aa
[   47.436789][    C0] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   47.444761][    C0] RBP: 0000000000000003 R08: 00000000000003b8 R09: 0079746972756365
[   47.452571][    C0] R10: 00007f0f7cc26ba0 R11: 0000000000000206 R12: 00007f0f7cc26b40
[   47.460389][    C0] R13: 00007ffd43256e8c R14: 0000000000000000 R15: 00007f0f7cc28d00
[   47.468276][    C0] 
[   47.470440][    C0] The buggy address belongs to the page:
[   47.476019][    C0] page:ffffea0007db8240 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0
[   47.485036][    C0] flags: 0x8000000000001000(reserved)
[   47.490323][    C0] raw: 8000000000001000 ffffea0007db8248 ffffea0007db8248 0000000000000000
[   47.498738][    C0] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   47.507153][    C0] page dumped because: kasan: bad access detected
[   47.513429][    C0] page_owner info is not present (never set?)
[   47.519317][    C0] 
[   47.521485][    C0] Memory state around the buggy address:
[   47.527327][    C0]  ffff8881f6e09900: 00 00 00 00 00 00 f3 f3 f3 f3 f3 f3 00 00 00 00
[   47.535234][    C0]  ffff8881f6e09980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.543192][    C0] >ffff8881f6e09a00: 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 00 00 f3
[   47.551171][    C0]                                                                 ^
[   47.559072][    C0]  ffff8881f6e09a80: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[   47.566970][    C0]  ffff8881f6e09b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   47.574864][    C0] ==================================================================
[   47.582767][    C0] Disabling lock debugging due to kernel taint
2024/11/07 17:11:10 executed programs: 425
2024/11/07 17:11:15 executed programs: 990