Warning: Permanently added '10.128.1.150' (ED25519) to the list of known hosts.
2026/02/05 01:28:56 parsed 1 programs
[   22.990022][   T28] audit: type=1400 audit(1770254936.417:64): avc:  denied  { node_bind } for  pid=282 comm="syz-execprog" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   23.011556][   T28] audit: type=1400 audit(1770254936.417:65): avc:  denied  { module_request } for  pid=282 comm="syz-execprog" kmod="net-pf-2-proto-262-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   23.816729][   T28] audit: type=1400 audit(1770254937.237:66): avc:  denied  { mounton } for  pid=291 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2023 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   23.817780][  T291] cgroup: Unknown subsys name 'net'
[   23.839909][   T28] audit: type=1400 audit(1770254937.237:67): avc:  denied  { mount } for  pid=291 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   23.867887][   T28] audit: type=1400 audit(1770254937.267:68): avc:  denied  { unmount } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   23.868035][  T291] cgroup: Unknown subsys name 'devices'
[   24.009278][  T291] cgroup: Unknown subsys name 'hugetlb'
[   24.015022][  T291] cgroup: Unknown subsys name 'rlimit'
[   24.152871][   T28] audit: type=1400 audit(1770254937.577:69): avc:  denied  { setattr } for  pid=291 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   24.176605][   T28] audit: type=1400 audit(1770254937.577:70): avc:  denied  { create } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   24.196461][  T293] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   24.197591][   T28] audit: type=1400 audit(1770254937.577:71): avc:  denied  { write } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   24.227476][   T28] audit: type=1400 audit(1770254937.577:72): avc:  denied  { read } for  pid=291 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   24.243642][  T291] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   24.248812][   T28] audit: type=1400 audit(1770254937.577:73): avc:  denied  { mounton } for  pid=291 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   24.998053][  T295] request_module fs-gadgetfs succeeded, but still no fs?
[   25.678990][  T343] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.686944][  T343] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.694761][  T343] device bridge_slave_0 entered promiscuous mode
[   25.701843][  T343] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.710677][  T343] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.719303][  T343] device bridge_slave_1 entered promiscuous mode
[   25.759496][  T343] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.766900][  T343] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.774263][  T343] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.781770][  T343] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.802213][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   25.810873][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[   25.818335][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[   25.828873][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   25.837292][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   25.844760][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   25.853470][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   25.862078][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   25.869847][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   25.882754][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   25.892547][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   25.906963][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   25.919449][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   25.928449][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   25.936311][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   25.945290][  T343] device veth0_vlan entered promiscuous mode
[   25.956502][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   25.966191][  T343] device veth1_macvtap entered promiscuous mode
[   25.976133][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   25.986657][  T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
2026/02/05 01:28:59 executed programs: 0
[   26.274971][  T364] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.282261][  T364] bridge0: port 1(bridge_slave_0) entered disabled state
[   26.290250][  T364] device bridge_slave_0 entered promiscuous mode
[   26.305614][  T364] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.313142][  T364] bridge0: port 2(bridge_slave_1) entered disabled state
[   26.321004][  T364] device bridge_slave_1 entered promiscuous mode
[   26.382675][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   26.390576][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   26.401123][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   26.409674][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   26.418318][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[   26.425446][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[   26.449019][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   26.457703][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   26.465597][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   26.474491][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   26.483936][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[   26.491297][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[   26.498751][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   26.507421][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   26.525225][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   26.534074][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   26.542196][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   26.550970][  T364] device veth0_vlan entered promiscuous mode
[   26.562496][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   26.578109][  T364] device veth1_macvtap entered promiscuous mode
[   26.588331][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   26.605607][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   26.636386][  T375] ==================================================================
[   26.645207][  T375] BUG: KASAN: slab-out-of-bounds in __bpf_get_stackid+0x6fa/0x960
[   26.653274][  T375] Write of size 72 at addr ffff8881124d1610 by task syz.2.17/375
[   26.661451][  T375] 
[   26.663892][  T375] CPU: 1 PID: 375 Comm: syz.2.17 Not tainted syzkaller #0
[   26.671190][  T375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   26.682167][  T375] Call Trace:
[   26.685543][  T375]  <TASK>
[   26.688653][  T375]  __dump_stack+0x21/0x24
[   26.693183][  T375]  dump_stack_lvl+0x110/0x170
[   26.698658][  T375]  ? __cfi_dump_stack_lvl+0x8/0x8
[   26.703801][  T375]  ? __bpf_get_stackid+0x6fa/0x960
[   26.709293][  T375]  print_address_description+0x71/0x200
[   26.715220][  T375]  print_report+0x4a/0x60
[   26.719758][  T375]  kasan_report+0x122/0x150
[   26.724281][  T375]  ? __bpf_get_stackid+0x6fa/0x960
[   26.729418][  T375]  kasan_check_range+0x249/0x2a0
[   26.734562][  T375]  ? __bpf_get_stackid+0x6fa/0x960
[   26.739866][  T375]  memcpy+0x44/0x70
[   26.743688][  T375]  __bpf_get_stackid+0x6fa/0x960
[   26.748947][  T375]  bpf_get_stackid_pe+0x2ee/0x400
[   26.754418][  T375]  bpf_prog_47e2b75ffb32ae9a+0x21/0x39
[   26.760059][  T375]  bpf_overflow_handler+0x3d0/0x5e0
[   26.765382][  T375]  ? __cfi_bpf_overflow_handler+0x10/0x10
[   26.771302][  T375]  ? __this_cpu_preempt_check+0x13/0x20
[   26.777694][  T375]  ? __perf_event_account_interrupt+0x1a4/0x2c0
[   26.784547][  T375]  __perf_event_overflow+0x437/0x620
[   26.790125][  T375]  perf_swevent_event+0x2f7/0x530
[   26.795354][  T375]  ___perf_sw_event+0x3bf/0x4f0
[   26.800225][  T375]  ? arch_stack_walk+0xfc/0x150
[   26.805090][  T375]  ? __cfi____perf_sw_event+0x10/0x10
[   26.810667][  T375]  ? getname+0x19/0x20
[   26.815368][  T375]  ? do_sys_openat2+0xeb/0x810
[   26.820261][  T375]  ? __x64_sys_openat+0x136/0x160
[   26.825483][  T375]  ? x64_sys_call+0x783/0x9a0
[   26.830440][  T375]  ? do_syscall_64+0x4c/0xa0
[   26.835134][  T375]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   26.841956][  T375]  __perf_sw_event+0x134/0x270
[   26.847198][  T375]  do_user_addr_fault+0xffb/0x1050
[   26.853146][  T375]  exc_page_fault+0x51/0xb0
[   26.857957][  T375]  asm_exc_page_fault+0x27/0x30
[   26.863177][  T375] RIP: 0010:strncpy_from_user+0xdf/0x2d0
[   26.869518][  T375] Code: 00 00 4c 89 ee e8 e1 78 e2 fe 49 83 fd 07 0f 86 a2 00 00 00 4c 89 75 c0 49 c7 c7 f8 ff ff ff 45 31 e4 4c 89 65 c8 48 8b 45 c0 <4a> 8b 1c 20 48 b8 ff fe fe fe fe fe fe fe 4c 8d 34 03 49 89 dc 49
[   26.891968][  T375] RSP: 0018:ffffc90000aa7cb8 EFLAGS: 00050246
[   26.898214][  T375] RAX: 0000000000000000 RBX: 0000000000000fe0 RCX: ffff888113959440
[   26.906623][  T375] RDX: 0000000000000000 RSI: 0000000000000fe0 RDI: 0000000000000007
[   26.914962][  T375] RBP: ffffc90000aa7d00 R08: ffffea0004530407 R09: 1ffffd40008a6080
[   26.923396][  T375] R10: dffffc0000000000 R11: fffff940008a6081 R12: 0000000000000000
[   26.931735][  T375] R13: 0000000000000fe0 R14: 0000000000000000 R15: fffffffffffffff8
[   26.940077][  T375]  ? strncpy_from_user+0xbf/0x2d0
[   26.945468][  T375]  getname_flags+0xf4/0x500
[   26.950603][  T375]  getname+0x19/0x20
[   26.954778][  T375]  do_sys_openat2+0xeb/0x810
[   26.959411][  T375]  ? __se_sys_futex+0x136/0x310
[   26.964453][  T375]  ? do_sys_open+0xe0/0xe0
[   26.969163][  T375]  ? __x64_sys_futex+0x100/0x100
[   26.974295][  T375]  __x64_sys_openat+0x136/0x160
[   26.979179][  T375]  x64_sys_call+0x783/0x9a0
[   26.983681][  T375]  do_syscall_64+0x4c/0xa0
[   26.988196][  T375]  ? clear_bhb_loop+0x30/0x80
[   26.992885][  T375]  ? clear_bhb_loop+0x30/0x80
[   26.997578][  T375]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   27.003649][  T375] RIP: 0033:0x7f3c2119aeb9
[   27.008162][  T375] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   27.028046][  T375] RSP: 002b:00007ffc2ac4c058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   27.036559][  T375] RAX: ffffffffffffffda RBX: 00007f3c21415fa0 RCX: 00007f3c2119aeb9
[   27.045779][  T375] RDX: 00000000000026e1 RSI: 0000000000000000 RDI: ffffffffffffff9c
[   27.054117][  T375] RBP: 00007f3c21208c1f R08: 0000000000000000 R09: 0000000000000000
[   27.062220][  T375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   27.070695][  T375] R13: 00007f3c21415fac R14: 00007f3c21415fa0 R15: 00007f3c21415fa0
[   27.079077][  T375]  </TASK>
[   27.082186][  T375] 
[   27.084496][  T375] Allocated by task 375:
[   27.088737][  T375]  kasan_set_track+0x4b/0x70
[   27.093424][  T375]  kasan_save_alloc_info+0x25/0x30
[   27.098734][  T375]  __kasan_kmalloc+0x95/0xb0
[   27.103527][  T375]  __kmalloc_node+0xb2/0x1e0
[   27.108131][  T375]  bpf_map_area_alloc+0x4b/0xe0
[   27.113329][  T375]  prealloc_elems_and_freelist+0x8a/0x1e0
[   27.119481][  T375]  stack_map_alloc+0x3a7/0x530
[   27.124517][  T375]  map_create+0x49c/0xd80
[   27.129823][  T375]  __sys_bpf+0x34e/0x850
[   27.134526][  T375]  __x64_sys_bpf+0x7c/0x90
[   27.139959][  T375]  x64_sys_call+0x488/0x9a0
[   27.145026][  T375]  do_syscall_64+0x4c/0xa0
[   27.149796][  T375]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   27.155887][  T375] 
[   27.158214][  T375] The buggy address belongs to the object at ffff8881124d1600
[   27.158214][  T375]  which belongs to the cache kmalloc-64 of size 64
[   27.172942][  T375] The buggy address is located 16 bytes inside of
[   27.172942][  T375]  64-byte region [ffff8881124d1600, ffff8881124d1640)
[   27.186578][  T375] 
[   27.188999][  T375] The buggy address belongs to the physical page:
[   27.195608][  T375] page:ffffea0004493440 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1124d1
[   27.206119][  T375] flags: 0x4000000000000200(slab|zone=1)
[   27.212016][  T375] raw: 4000000000000200 0000000000000000 dead000000000001 ffff888100042780
[   27.220935][  T375] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[   27.229955][  T375] page dumped because: kasan: bad access detected
[   27.236735][  T375] page_owner tracks the page as allocated
[   27.242545][  T375] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 100, tgid 100 (S10udev), ts 5068578988, free_ts 0
[   27.260097][  T375]  post_alloc_hook+0x1f5/0x210
[   27.264939][  T375]  prep_new_page+0x1c/0x110
[   27.269464][  T375]  get_page_from_freelist+0x2d12/0x2d80
[   27.285933][  T375]  __alloc_pages+0x1d9/0x480
[   27.290626][  T375]  alloc_slab_page+0x6e/0xf0
[   27.295244][  T375]  new_slab+0x98/0x3d0
[   27.299330][  T375]  ___slab_alloc+0x6bd/0xb20
[   27.304080][  T375]  __slab_alloc+0x5e/0xa0
[   27.308577][  T375]  __kmem_cache_alloc_node+0x203/0x2c0
[   27.314305][  T375]  kmalloc_trace+0x29/0xb0
[   27.318738][  T375]  copy_dmabuf_info+0x35d/0xf50
[   27.323622][  T375]  copy_process+0x1b32/0x3510
[   27.328532][  T375]  kernel_clone+0x22f/0x820
[   27.333261][  T375]  __x64_sys_clone+0x193/0x200
[   27.338307][  T375]  x64_sys_call+0x990/0x9a0
[   27.342947][  T375]  do_syscall_64+0x4c/0xa0
[   27.347482][  T375] page_owner free stack trace missing
[   27.352835][  T375] 
[   27.355145][  T375] Memory state around the buggy address:
[   27.361196][  T375]  ffff8881124d1500: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   27.370325][  T375]  ffff8881124d1580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   27.378557][  T375] >ffff8881124d1600: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc
[   27.387116][  T375]                                   ^
[   27.392588][  T375]  ffff8881124d1680: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   27.401077][  T375]  ffff8881124d1700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[   27.409748][  T375] ==================================================================
[   27.418877][  T375] Disabling lock debugging due to kernel taint