./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor780791706 <...> Warning: Permanently added '10.128.1.92' (ED25519) to the list of known hosts. execve("./syz-executor780791706", ["./syz-executor780791706"], 0x7fff32526800 /* 10 vars */) = 0 brk(NULL) = 0x55558659c000 brk(0x55558659ce00) = 0x55558659ce00 arch_prctl(ARCH_SET_FS, 0x55558659c480) = 0 set_tid_address(0x55558659c750) = 358 set_robust_list(0x55558659c760, 24) = 0 rseq(0x55558659cda0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor780791706", 4096) = 27 getrandom("\xb3\x83\x1d\xe9\xd1\x19\x6b\x37", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558659ce00 brk(0x5555865bde00) = 0x5555865bde00 brk(0x5555865be000) = 0x5555865be000 mprotect(0x7fd1ac79c000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558659c750) = 359 ./strace-static-x86_64: Process 359 attached [pid 359] set_robust_list(0x55558659c760, 24) = 0 [pid 358] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "10000000000", 11) = 11 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 358] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "1", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "0", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "0", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "1", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "100", 3) = 3 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "0", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "0", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "7 4 1 3", 7) = 7 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "1", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "1", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "0", 1) = 1 [pid 358] close(3) = 0 [pid 358] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 358] write(3, "359", 3) = 3 [pid 358] close(3) = 0 [pid 358] kill(359, SIGKILL) = 0 [pid 359] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=359, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- [ 23.853790][ T23] audit: type=1400 audit(1745854160.280:66): avc: denied { execmem } for pid=358 comm="syz-executor780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 mkdir("/syzcgroup", 0777) = 0 mkdir("/syzcgroup/unified", 0777) = 0 mount("none", "/syzcgroup/unified", "cgroup2", 0, NULL) = 0 chmod("/syzcgroup/unified", 0777) = 0 openat(AT_FDCWD, "/syzcgroup/unified/cgroup.subtree_control", O_WRONLY) = 3 write(3, "+cpu", 4) = 4 write(3, "+io", 3) = 3 write(3, "+pids", 5) = 5 close(3) = 0 mkdir("/syzcgroup/net", 0777) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "net") = -1 EINVAL (Invalid argument) [ 23.895737][ T23] audit: type=1400 audit(1745854160.320:67): avc: denied { mounton } for pid=358 comm="syz-executor780" path="/syzcgroup/unified" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 23.899505][ T358] cgroup1: Unknown subsys name 'net' mount("none", "/syzcgroup/net", "cgroup", 0, "net_prio") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/net", "cgroup", 0, "devices") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/net", "cgroup", 0, "blkio") = 0 umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "freezer") = 0 umount2("/syzcgroup/net", 0) = 0 mount("none", "/syzcgroup/net", "cgroup", 0, "blkio,freezer") = ? ERESTARTNOINTR (To be restarted) [ 23.918715][ T23] audit: type=1400 audit(1745854160.320:68): avc: denied { mount } for pid=358 comm="syz-executor780" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.924857][ T358] cgroup1: Unknown subsys name 'net_prio' [ 23.952941][ T358] cgroup1: Unknown subsys name 'devices' [ 23.961138][ T23] audit: type=1400 audit(1745854160.380:69): avc: denied { unmount } for pid=358 comm="syz-executor780" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 mount("none", "/syzcgroup/net", "cgroup", 0, "blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "blkio,freezer") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/net", "cgroup", 0, "blkio,freezer") = 0 chmod("/syzcgroup/net", 0777) = 0 mkdir("/syzcgroup/cpu", 0777) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuacct") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "hugetlb") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/cpu", "cgroup", 0, "rlimit") = -1 EINVAL (Invalid argument) mount("none", "/syzcgroup/cpu", "cgroup", 0, "memory") = 0 umount2("/syzcgroup/cpu", 0) = 0 mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,memory") = ? ERESTARTNOINTR (To be restarted) [ 24.107617][ T358] cgroup1: Unknown subsys name 'hugetlb' [ 24.113746][ T358] cgroup1: Unknown subsys name 'rlimit' mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,memory") = ? ERESTARTNOINTR (To be restarted) mount("none", "/syzcgroup/cpu", "cgroup", 0, "cpuset,cpuacct,memory") = 0 chmod("/syzcgroup/cpu", 0777) = 0 openat(AT_FDCWD, "/syzcgroup/cpu/cgroup.clone_children", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/syzcgroup/cpu/cpuset.memory_pressure_enabled", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 mount(NULL, "/proc/sys/fs/binfmt_misc", "binfmt_misc", 0, NULL) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3 write(3, "\x3a\x73\x79\x7a\x30\x3a\x4d\x3a\x30\x3a\x01\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a", 21) = 21 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3 write(3, "\x3a\x73\x79\x7a\x31\x3a\x4d\x3a\x31\x3a\x02\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a\x50\x4f\x43", 24) = 24 close(3) = 0 chmod("/dev/raw-gadget", 0666) = 0 swapoff("./swap-file") = -1 ENOENT (No such file or directory) unlink("./swap-file") = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "./swap-file", O_WRONLY|O_CREAT|O_CLOEXEC, 0600) = 3 fallocate(3, FALLOC_FL_ZERO_RANGE, 0, 128000000) = 0 close(3) = 0 rt_sigaction(SIGINT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 mmap(NULL, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fd1ac6c6000 rt_sigprocmask(SIG_BLOCK, ~[], [CHLD], 8) = 0 clone3({flags=CLONE_VM|CLONE_VFORK, exit_signal=SIGCHLD, stack=0x7fd1ac6c6000, stack_size=0x9000}, 88./strace-static-x86_64: Process 361 attached [pid 361] rt_sigprocmask(SIG_BLOCK, NULL, ~[KILL STOP], 8) = 0 [pid 361] rt_sigaction(SIGHUP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGHUP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, 8) = 0 [pid 361] rt_sigaction(SIGILL, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGILL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGTRAP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGTRAP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGABRT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGABRT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGBUS, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGBUS, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGFPE, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGFPE, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGUSR1, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGUSR1, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGSEGV, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGSEGV, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGUSR2, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGUSR2, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGPIPE, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGPIPE, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGALRM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGTERM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGSTKFLT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGSTKFLT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGCHLD, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGCONT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGCONT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGTSTP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGTTIN, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGTTIN, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGTTOU, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGTTOU, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGURG, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGURG, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGXCPU, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGXCPU, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGXFSZ, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGXFSZ, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGVTALRM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGVTALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGPROF, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGPROF, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGWINCH, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGWINCH, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGIO, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGIO, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGPWR, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGPWR, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGSYS, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGSYS, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_2, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_2, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_3, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_3, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_4, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_4, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_5, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_5, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_6, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_6, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_7, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [ 24.188604][ T23] audit: type=1400 audit(1745854160.610:70): avc: denied { mounton } for pid=358 comm="syz-executor780" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 24.213573][ T23] audit: type=1400 audit(1745854160.610:71): avc: denied { mount } for pid=358 comm="syz-executor780" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [pid 361] rt_sigaction(SIGRT_7, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_8, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_8, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_9, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_9, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_10, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_10, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_11, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_11, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_12, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_12, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_13, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_13, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_14, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_14, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_15, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_15, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_16, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_16, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_17, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_17, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_18, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_18, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_19, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_19, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_20, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_20, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_21, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_21, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_22, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_22, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_23, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_23, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_24, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_24, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_25, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_25, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_26, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_26, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_27, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_27, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_28, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_28, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_29, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_29, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_30, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_30, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_31, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_31, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGRT_32, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGRT_32, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 [pid 361] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 361] execve("/bin/sh", ["sh", "-c", "mkswap ./swap-file"], 0x7ffddbbc6168 /* 10 vars */ [pid 358] <... clone3 resumed>) = 361 [pid 358] munmap(0x7fd1ac6c6000, 36864) = 0 [pid 361] <... execve resumed>) = 0 [pid 358] rt_sigprocmask(SIG_SETMASK, [CHLD], NULL, 8) = 0 [pid 361] brk(NULL) = 0x55b510fbf000 [pid 361] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb810604000 [pid 361] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/tls/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/tls/haswell/x86_64", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/tls/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/tls/haswell", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/tls/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/tls/x86_64", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/tls/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/tls", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/haswell/x86_64", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/haswell", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/x86_64", 0x7ffe4b7eefe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x70\x08\x01\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x13\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x09\x00\x40\x00\x19\x00\x18\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\xed\x00\x00"..., 832) = 832 [pid 361] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 778504) = 48 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=792936, ...}, AT_EMPTY_PATH) = 0 [pid 361] mmap(NULL, 796968, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb810541000 [pid 361] mmap(0x7fb810550000, 557056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7fb810550000 [pid 361] mmap(0x7fb8105d8000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x97000) = 0x7fb8105d8000 [pid 361] mmap(0x7fb810600000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xbe000) = 0x7fb810600000 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x8c\x87\x02\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x32\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0e\x00\x40\x00\x3c\x00\x3b\x00\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00"..., 832) = 832 [pid 361] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 361] pread64(3, "\x04\x00\x00\x00\x30\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x02\x80\x00\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x3b\x08\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00", 64, 848) = 64 [pid 361] pread64(3, "\x04\x00\x00\x00\x10\x00\x00\x00\x01\x00\x00\x00\x47\x4e\x55\x00\x00\x00\x00\x00\x04\x00\x00\x00\x13\x00\x00\x00\x00\x00\x00\x00", 32, 912) = 32 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1720616, ...}, AT_EMPTY_PATH) = 0 [pid 361] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 361] mmap(NULL, 1773008, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb810390000 [pid 361] mmap(0x7fb8103b8000, 1191936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7fb8103b8000 [pid 361] mmap(0x7fb8104db000, 339968, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14b000) = 0x7fb8104db000 [pid 361] mmap(0x7fb81052e000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19d000) = 0x7fb81052e000 [pid 361] mmap(0x7fb810534000, 52688, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb810534000 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x58\x33\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x90\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1c\x00\x1b\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x2e\x00\x00"..., 832) = 832 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=51344, ...}, AT_EMPTY_PATH) = 0 [pid 361] mmap(NULL, 63624, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb810380000 [pid 361] mmap(0x7fb810383000, 24576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fb810383000 [pid 361] mmap(0x7fb810389000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0x7fb810389000 [pid 361] mmap(0x7fb81038c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7fb81038c000 [pid 361] mmap(0x7fb81038e000, 6280, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb81038e000 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/tls/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/tls/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/tls/x86_64", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/tls/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/tls", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/haswell/x86_64", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/haswell", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/x86_64", 0x7ffe4b7eef80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x88\x7f\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x70\x31\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1f\x00\x1e\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x68\x6f\x00\x00"..., 832) = 832 [pid 361] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 138152) = 48 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=145712, ...}, AT_EMPTY_PATH) = 0 [pid 361] mmap(NULL, 157200, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb810359000 [pid 361] mprotect(0x7fb810360000, 114688, PROT_NONE) = 0 [pid 361] mmap(0x7fb810360000, 81920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7fb810360000 [pid 361] mmap(0x7fb810374000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7fb810374000 [pid 361] mmap(0x7fb81037c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7fb81037c000 [pid 361] mmap(0x7fb81037e000, 5648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb81037e000 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\xf8\x21\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x50\x32\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x1f\x00\x00"..., 832) = 832 [pid 361] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 336112) = 48 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=342224, ...}, AT_EMPTY_PATH) = 0 [pid 361] mmap(NULL, 344456, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb810304000 [pid 361] mmap(0x7fb810306000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fb810306000 [pid 361] mmap(0x7fb810332000, 151552, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7fb810332000 [pid 361] mmap(0x7fb810357000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x52000) = 0x7fb810357000 [pid 361] close(3) = 0 [pid 361] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb810302000 [pid 361] arch_prctl(ARCH_SET_FS, 0x7fb810303380) = 0 [pid 361] set_tid_address(0x7fb810303650) = 361 [pid 361] set_robust_list(0x7fb810303660, 24) = 0 [pid 361] rseq(0x7fb810303d20, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) [pid 361] mprotect(0x7fb81052e000, 16384, PROT_READ) = 0 [pid 361] mprotect(0x7fb810357000, 4096, PROT_READ) = 0 [pid 361] mprotect(0x7fb81037c000, 4096, PROT_READ) = 0 [pid 361] mprotect(0x7fb81038c000, 4096, PROT_READ) = 0 [pid 361] mprotect(0x7fb810600000, 12288, PROT_READ) = 0 [pid 361] mprotect(0x55b4e5ea6000, 4096, PROT_READ) = 0 [pid 361] mprotect(0x7fb810633000, 8192, PROT_READ) = 0 [pid 361] prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 [pid 361] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 361] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 361] getrandom("\xe6\x20\xff\x16\x36\x36\x15\xa4", 8, GRND_NONBLOCK) = 8 [pid 361] brk(NULL) = 0x55b510fbf000 [pid 361] brk(0x55b510fe0000) = 0x55b510fe0000 [pid 361] access("/etc/selinux/config", F_OK) = 0 [pid 361] getpid() = 361 [pid 361] rt_sigaction(SIGCHLD, {sa_handler=0x7fb810583c61, sa_mask=~[RTMIN RT_1], sa_flags=SA_RESTORER, sa_restorer=0x7fb8103c7ad0}, NULL, 8) = 0 [pid 361] getppid() = 358 [pid 361] uname({sysname="Linux", nodename="syzkaller", ...}) = 0 [pid 361] newfstatat(AT_FDCWD, "/root", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0 [pid 361] newfstatat(AT_FDCWD, ".", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0 [pid 361] rt_sigaction(SIGINT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGINT, {sa_handler=0x7fb810583c61, sa_mask=~[RTMIN RT_1], sa_flags=SA_RESTORER, sa_restorer=0x7fb8103c7ad0}, NULL, 8) = 0 [pid 361] rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 361] newfstatat(AT_FDCWD, "/bin/mkswap", 0x7ffe4b7ef868, 0) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/sbin/mkswap", {st_mode=S_IFREG|0755, st_size=14248, ...}, 0) = 0 [ 24.237154][ T23] audit: type=1400 audit(1745854160.640:72): avc: denied { setattr } for pid=358 comm="syz-executor780" name="raw-gadget" dev="devtmpfs" ino=9553 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [pid 361] execve("/sbin/mkswap", ["mkswap", "./swap-file"], 0x55b510fbf6f0 /* 10 vars */) = 0 [pid 361] brk(NULL) = 0x5644ac146000 [pid 361] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda5d470000 [pid 361] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/tls/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/tls/haswell/x86_64", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/tls/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/tls/haswell", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/tls/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/tls/x86_64", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/tls/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/tls", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/haswell/x86_64", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/haswell", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/lib64/x86_64", 0x7ffcc867afe0, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/lib64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x70\x08\x01\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x13\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x09\x00\x40\x00\x19\x00\x18\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\xed\x00\x00"..., 832) = 832 [pid 361] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 778504) = 48 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=792936, ...}, AT_EMPTY_PATH) = 0 [pid 361] mmap(NULL, 796968, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fda5d3ad000 [pid 361] mmap(0x7fda5d3bc000, 557056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7fda5d3bc000 [pid 361] mmap(0x7fda5d444000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x97000) = 0x7fda5d444000 [pid 361] mmap(0x7fda5d46c000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xbe000) = 0x7fda5d46c000 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x8c\x87\x02\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x32\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0e\x00\x40\x00\x3c\x00\x3b\x00\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00"..., 832) = 832 [pid 361] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 361] pread64(3, "\x04\x00\x00\x00\x30\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x02\x80\x00\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x3b\x08\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00", 64, 848) = 64 [pid 361] pread64(3, "\x04\x00\x00\x00\x10\x00\x00\x00\x01\x00\x00\x00\x47\x4e\x55\x00\x00\x00\x00\x00\x04\x00\x00\x00\x13\x00\x00\x00\x00\x00\x00\x00", 32, 912) = 32 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1720616, ...}, AT_EMPTY_PATH) = 0 [pid 361] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 361] mmap(NULL, 1773008, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fda5d1fc000 [pid 361] mmap(0x7fda5d224000, 1191936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7fda5d224000 [pid 361] mmap(0x7fda5d347000, 339968, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14b000) = 0x7fda5d347000 [pid 361] mmap(0x7fda5d39a000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19d000) = 0x7fda5d39a000 [pid 361] mmap(0x7fda5d3a0000, 52688, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fda5d3a0000 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x58\x33\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x90\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1c\x00\x1b\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x2e\x00\x00"..., 832) = 832 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=51344, ...}, AT_EMPTY_PATH) = 0 [pid 361] mmap(NULL, 63624, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fda5d1ec000 [pid 361] mmap(0x7fda5d1ef000, 24576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fda5d1ef000 [pid 361] mmap(0x7fda5d1f5000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0x7fda5d1f5000 [pid 361] mmap(0x7fda5d1f8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7fda5d1f8000 [pid 361] mmap(0x7fda5d1fa000, 6280, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fda5d1fa000 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/tls/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/tls/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/tls/x86_64", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/tls/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/tls", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/haswell/x86_64", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/haswell", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] newfstatat(AT_FDCWD, "/usr/lib64/x86_64", 0x7ffcc867af80, 0) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x88\x7f\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x70\x31\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1f\x00\x1e\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x68\x6f\x00\x00"..., 832) = 832 [pid 361] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 138152) = 48 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=145712, ...}, AT_EMPTY_PATH) = 0 [pid 361] mmap(NULL, 157200, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fda5d1c5000 [pid 361] mprotect(0x7fda5d1cc000, 114688, PROT_NONE) = 0 [pid 361] mmap(0x7fda5d1cc000, 81920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7fda5d1cc000 [pid 361] mmap(0x7fda5d1e0000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7fda5d1e0000 [pid 361] mmap(0x7fda5d1e8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7fda5d1e8000 [pid 361] mmap(0x7fda5d1ea000, 5648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fda5d1ea000 [pid 361] close(3) = 0 [pid 361] openat(AT_FDCWD, "/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 361] openat(AT_FDCWD, "/usr/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 361] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\xf8\x21\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x50\x32\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x1f\x00\x00"..., 832) = 832 [pid 361] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 336112) = 48 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=342224, ...}, AT_EMPTY_PATH) = 0 [pid 361] mmap(NULL, 344456, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fda5d170000 [pid 361] mmap(0x7fda5d172000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fda5d172000 [pid 361] mmap(0x7fda5d19e000, 151552, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7fda5d19e000 [pid 361] mmap(0x7fda5d1c3000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x52000) = 0x7fda5d1c3000 [pid 361] close(3) = 0 [pid 361] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fda5d16e000 [pid 361] arch_prctl(ARCH_SET_FS, 0x7fda5d16f380) = 0 [pid 361] set_tid_address(0x7fda5d16f650) = 361 [pid 361] set_robust_list(0x7fda5d16f660, 24) = 0 [pid 361] rseq(0x7fda5d16fd20, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) [pid 361] mprotect(0x7fda5d39a000, 16384, PROT_READ) = 0 [pid 361] mprotect(0x7fda5d1c3000, 4096, PROT_READ) = 0 [pid 361] mprotect(0x7fda5d1e8000, 4096, PROT_READ) = 0 [pid 361] mprotect(0x7fda5d1f8000, 4096, PROT_READ) = 0 [pid 361] mprotect(0x7fda5d46c000, 12288, PROT_READ) = 0 [pid 361] mprotect(0x56449f940000, 4096, PROT_READ) = 0 [pid 361] mprotect(0x7fda5d49f000, 8192, PROT_READ) = 0 [pid 361] prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 [pid 361] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 361] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 361] getrandom("\xf9\xa3\x1b\x77\xf3\x9f\xda\x77", 8, GRND_NONBLOCK) = 8 [pid 361] brk(NULL) = 0x5644ac146000 [pid 361] brk(0x5644ac167000) = 0x5644ac167000 [pid 361] access("/etc/selinux/config", F_OK) = 0 [pid 361] openat(AT_FDCWD, "./swap-file", O_WRONLY) = 3 [pid 361] lseek(3, 0, SEEK_END) = 128000000 [pid 361] lseek(3, 0, SEEK_SET) = 0 [pid 361] newfstatat(1, "", {st_mode=S_IFIFO|0600, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 361] newfstatat(3, "", {st_mode=S_IFREG|0600, st_size=128000000, ...}, AT_EMPTY_PATH) = 0 [pid 361] fgetxattr(3, "security.selinux", "\x72\x6f\x6f\x74\x3a\x6f\x62\x6a\x65\x63\x74\x5f\x72\x3a\x75\x73\x65\x72\x5f\x68\x6f\x6d\x65\x5f\x74\x00", 255) = 26 [pid 361] access("/var/run/setrans/.setrans-unix", F_OK) = -1 ENOENT (No such file or directory) [pid 361] futex(0x7fda5d1eb5f8, FUTEX_WAKE_PRIVATE, 2147483647) = 0 [pid 361] fsetxattr(3, "security.selinux", "\x72\x6f\x6f\x74\x3a\x6f\x62\x6a\x65\x63\x74\x5f\x72\x3a\x73\x77\x61\x70\x66\x69\x6c\x65\x5f\x74\x00", 25, 0) = 0 [pid 361] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1024) = 1024 [pid 361] write(3, "\x01\x00\x00\x00\x11\x7a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 516) = 516 [pid 361] lseek(3, 4086, SEEK_SET) = 4086 [pid 361] write(3, "SWAPSPACE2", 10) = 10 [ 24.344146][ T361] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 24.353768][ T23] audit: type=1400 audit(1745854160.780:73): avc: denied { relabelto } for pid=361 comm="mkswap" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [pid 361] fsync(3) = 0 Setting up swapspace version 1, size = 127995904 bytes [pid 361] write(1, "Setting up swapspace version 1, size = 127995904 bytes\n", 55) = 55 [pid 361] exit_group(0) = ? [pid 361] +++ exited with 0 +++ rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=361, si_uid=0, si_status=0, si_utime=0, si_stime=1} --- [ 24.379086][ T23] audit: type=1400 audit(1745854160.800:74): avc: denied { write } for pid=361 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.411591][ T23] audit: type=1400 audit(1745854160.830:75): avc: denied { read } for pid=358 comm="syz-executor780" name="swap-file" dev="sda1" ino=1930 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" swapon("./swap-file", SWAP_FLAG_PREFER|0) = 0 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7fd1ac6d9830, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7fd1ac6d9830, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7fd1ac6e5bb0}, NULL, 8) = 0 mkdir("./syzkaller.rfpYsi", 0700) = 0 chmod("./syzkaller.rfpYsi", 0777) = 0 chdir("./syzkaller.rfpYsi") = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558659c750) = 364 ./strace-static-x86_64: Process 364 attached [pid 364] set_robust_list(0x55558659c760, 24) = 0 [pid 364] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 364] getppid() = 0 [pid 364] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 364] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 364] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 364] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 364] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 364] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 364] unshare(CLONE_NEWNS) = 0 [pid 364] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 364] unshare(CLONE_NEWIPC) = -1 EINVAL (Invalid argument) [pid 364] unshare(CLONE_NEWCGROUP) = 0 [pid 364] unshare(CLONE_NEWUTS) = 0 [pid 364] unshare(CLONE_SYSVSEM) = 0 [pid 364] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 364] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 364] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 364] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 364] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 364] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 364] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 364] getpid() = 1 [pid 364] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1<) = 0 [pid 364] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 364] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 364] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=140, ...}, AT_EMPTY_PATH) = 0 [pid 364] getdents64(3, 0x55558659d7f0 /* 7 entries */, 32768) = 208 [pid 364] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) [pid 364] newfstatat(AT_FDCWD, "./0/file0", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 364] umount2("./0/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EBUSY (Device or resource busy) [pid 364] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 364] newfstatat(4, "", {st_mode=S_IFDIR|0755, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 364] getdents64(4, 0x5555865a5830 /* 7 entries */, 32768) = 448 [pid 364] umount2("./0/file0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 364] newfstatat(AT_FDCWD, "./0/file0/file1", {st_mode=S_IFREG|0755, st_size=10, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 25.714008][ T368] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 25.721158][ T368] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 25.740582][ T368] fscrypt (loop0, inode 8): Error -61 getting encryption context [pid 364] unlink("./0/file0/file1") = 0 [pid 364] umount2("./0/file0/file2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 364] newfstatat(AT_FDCWD, "./0/file0/file2", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 364] unlink("./0/file0/file2") = 0 [pid 364] umount2("./0/file0/file3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 364] newfstatat(AT_FDCWD, "./0/file0/file3", {st_mode=S_IFREG|0755, st_size=9000, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 25.777914][ T364] F2FS-fs (loop0): dec_valid_node_count: inconsistent i_blocks, ino:7, iblocks:0 [ 25.790735][ T364] ------------[ cut here ]------------ [ 25.796145][ T364] WARNING: CPU: 0 PID: 364 at fs/f2fs/inode.c:839 f2fs_evict_inode+0xf29/0x1240 [ 25.804993][ T364] Modules linked in: [ 25.808706][ T364] CPU: 0 PID: 364 Comm: syz-executor780 Not tainted 5.4.292-syzkaller-00021-gcd8e74fa0fa3 #0 [ 25.818855][ T364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 25.828875][ T364] RIP: 0010:f2fs_evict_inode+0xf29/0x1240 [ 25.834420][ T364] Code: e9 49 f4 ff ff e8 e7 ee 7c ff 4d 89 ec eb 05 e8 dd ee 7c ff 4c 8b 75 c8 48 89 df e8 31 73 02 00 e9 00 fd ff ff e8 c7 ee 7c ff <0f> 0b 4c 89 f7 be 08 00 00 00 e8 08 c3 aa ff f0 41 80 0e 04 e9 de [ 25.853868][ T364] RSP: 0018:ffff8881dfd57b80 EFLAGS: 00010293 [ 25.859873][ T364] RAX: ffffffff81e29019 RBX: ffff8881d887ab80 RCX: ffff8881ee495e80 [ 25.867678][ T364] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000 [ 25.875621][ T364] RBP: ffff8881dfd57c30 R08: dffffc0000000000 R09: ffffed103b10f5c8 [ 25.883431][ T364] R10: ffffed103b10f5c8 R11: 1ffff1103b10f5c7 R12: dffffc0000000000 [ 25.891324][ T364] R13: dffffc0000000000 R14: ffff8881eb87c050 R15: 0000000000000002 [ 25.899133][ T364] FS: 000055558659c480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 25.907900][ T364] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.914412][ T364] CR2: 00005555865ad838 CR3: 00000001ee45b000 CR4: 00000000003406b0 [ 25.922224][ T364] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 25.930036][ T364] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 25.937851][ T364] Call Trace: [ 25.941152][ T364] ? f2fs_write_inode+0x8c0/0x8c0 [ 25.946050][ T364] evict+0x465/0x880 [ 25.949759][ T364] ? asan.module_dtor+0x20/0x20 [ 25.954701][ T364] ? mode_strip_sgid+0x150/0x150 [ 25.959804][ T364] ? _atomic_dec_and_lock+0x16f/0x200 [ 25.965031][ T364] ? __kasan_check_read+0x11/0x20 [ 25.970449][ T364] iput+0x67d/0x810 [ 25.974186][ T364] do_unlinkat+0x33f/0x670 [ 25.978439][ T364] ? fsnotify_link_count+0x90/0x90 [ 25.983367][ T364] ? getname_flags+0x206/0x500 [ 25.988090][ T364] __x64_sys_unlink+0x49/0x50 [ 25.992829][ T364] do_syscall_64+0xcf/0x170 [ 25.997169][ T364] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 26.002897][ T364] RIP: 0033:0x7fd1ac71c0a7 [ 26.007147][ T364] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 26.026736][ T364] RSP: 002b:00007ffddbbc3a18 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 26.035030][ T364] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd1ac71c0a7 [ 26.042851][ T364] RDX: 00007ffddbbc3a40 RSI: 00007ffddbbc3ad0 RDI: 00007ffddbbc3ad0 [ 26.050780][ T364] RBP: 00007ffddbbc3ad0 R08: 0000000000000000 R09: 0000000000000000 [ 26.058589][ T364] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffddbbc4bc0 [ 26.066396][ T364] R13: 00005555865a5800 R14: 00000000000062aa R15: 0000000000000001 [pid 364] unlink("./0/file0/file3") = 0 [pid 377] exit(0) = ? [pid 377] +++ exited with 0 +++ [pid 364] umount2("./0/file0/file.cold", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 364] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 364] newfstatat(AT_FDCWD, "./0/file0/file.cold", {st_mode=S_IFREG|0755, st_size=100, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 26.074208][ T364] ---[ end trace 96f4db906fc84c5d ]--- [ 26.085064][ T364] ------------[ cut here ]------------ [ 26.090343][ T364] WARNING: CPU: 0 PID: 364 at fs/inode.c:302 drop_nlink+0xc5/0x110 [ 26.098050][ T364] Modules linked in: [ 26.101787][ T364] CPU: 0 PID: 364 Comm: syz-executor780 Tainted: G W 5.4.292-syzkaller-00021-gcd8e74fa0fa3 #0 [ 26.113241][ T364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 26.123225][ T364] RIP: 0010:drop_nlink+0xc5/0x110 [ 26.128083][ T364] Code: 1b 48 8d bb d0 04 00 00 be 08 00 00 00 e8 b3 a4 f3 ff f0 48 ff 83 d0 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 4b d0 c5 ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c [ 26.147889][ T364] RSP: 0018:ffff8881dfd57b98 EFLAGS: 00010293 [ 26.153961][ T364] RAX: ffffffff8199ae95 RBX: ffff8881d88746b0 RCX: ffff8881ee495e80 [ 26.161766][ T364] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 26.169579][ T364] RBP: ffff8881dfd57bc0 R08: dffffc0000000000 R09: ffff8881dfd57b40 [ 26.177387][ T364] R10: ffffed103bfaaf6a R11: 1ffff1103bfaaf68 R12: dffffc0000000000 [ 26.185213][ T364] R13: 1ffff1103b10e8df R14: ffff8881d88746f8 R15: 0000000000000000 [ 26.193095][ T364] FS: 000055558659c480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 26.201918][ T364] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.208366][ T364] CR2: 00005555865ad838 CR3: 00000001ee45b000 CR4: 00000000003406b0 [ 26.216198][ T364] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.223994][ T364] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.231933][ T364] Call Trace: [ 26.235064][ T364] f2fs_drop_nlink+0x148/0x3a0 [ 26.239794][ T364] ? f2fs_mark_inode_dirty_sync+0x110/0x140 [ 26.245538][ T364] f2fs_delete_entry+0x9d5/0xaf0 [ 26.250295][ T364] f2fs_unlink+0x347/0x840 [ 26.254543][ T364] ? f2fs_link+0x730/0x730 [ 26.258792][ T364] ? down_write+0xac/0x110 [ 26.263054][ T364] ? selinux_inode_unlink+0x22/0x30 [ 26.268082][ T364] ? security_inode_unlink+0xd0/0x120 [ 26.273376][ T364] vfs_unlink+0x321/0x540 [ 26.277816][ T364] do_unlinkat+0x2e9/0x670 [ 26.282081][ T364] ? fsnotify_link_count+0x90/0x90 [ 26.287099][ T364] ? getname_flags+0x206/0x500 [ 26.291739][ T364] __x64_sys_unlink+0x49/0x50 [ 26.296367][ T364] do_syscall_64+0xcf/0x170 [ 26.300788][ T364] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 26.306517][ T364] RIP: 0033:0x7fd1ac71c0a7 [ 26.310873][ T364] Code: 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 26.330393][ T364] RSP: 002b:00007ffddbbc3a18 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 26.338727][ T364] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd1ac71c0a7 [ 26.346543][ T364] RDX: 00007ffddbbc3a40 RSI: 00007ffddbbc3ad0 RDI: 00007ffddbbc3ad0 [ 26.354467][ T364] RBP: 00007ffddbbc3ad0 R08: 0000000000000000 R09: 0000000000000000 [ 26.362273][ T364] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffddbbc4bc0 [ 26.370084][ T364] R13: 00005555865a5800 R14: 00000000000062aa R15: 0000000000000001 [pid 364] unlink("./0/file0/file.cold") = 0 [pid 364] umount2("./0/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 364] newfstatat(AT_FDCWD, "./0/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", {st_mode=S_IFDIR|0755, st_size=3488, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 364] umount2("./0/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 364] openat(AT_FDCWD, "./0/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 5 [pid 364] newfstatat(5, "", {st_mode=S_IFDIR|0755, st_size=3488, ...}, AT_EMPTY_PATH) = 0 [pid 364] getdents64(5, 0x5555865ad870 /* 4 entries */, 32768) = 112 [pid 364] umount2("./0/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 ENOENT (No such file or directory) [pid 364] newfstatat(AT_FDCWD, "./0/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0", 0x7ffddbbc2950, AT_SYMLINK_NOFOLLOW) = -1 ENOENT (No such file or directory) [pid 364] exit_group(1) = ? [ 26.377917][ T364] ---[ end trace 96f4db906fc84c5e ]--- [ 26.393526][ T364] ================================================================== [ 26.401560][ T364] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x120 [ 26.409174][ T364] Read of size 8 at addr ffff8881d887aee0 by task syz-executor780/364 [ 26.417421][ T364] [ 26.419601][ T364] CPU: 0 PID: 364 Comm: syz-executor780 Tainted: G W 5.4.292-syzkaller-00021-gcd8e74fa0fa3 #0 [ 26.431132][ T364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 26.441141][ T364] Call Trace: [ 26.444270][ T364] __dump_stack+0x1e/0x20 [ 26.448444][ T364] dump_stack+0x15b/0x1b8 [ 26.453041][ T364] ? show_regs_print_info+0x18/0x18 [ 26.458446][ T364] ? vprintk_func+0x19a/0x1e0 [ 26.462949][ T364] ? printk+0xcc/0x110 [ 26.467105][ T364] ? __list_del_entry_valid+0xa6/0x120 [ 26.472616][ T364] print_address_description+0x8d/0x4c0 [ 26.478102][ T364] ? thaw_kernel_threads+0x220/0x220 [ 26.483206][ T364] ? __list_del_entry_valid+0xa6/0x120 [ 26.488746][ T364] ? __list_del_entry_valid+0xa6/0x120 [ 26.494028][ T364] __kasan_report+0xef/0x120 [ 26.498454][ T364] ? __list_del_entry_valid+0xa6/0x120 [ 26.503758][ T364] kasan_report+0x30/0x60 [ 26.508013][ T364] __asan_report_load8_noabort+0x14/0x20 [ 26.513555][ T364] __list_del_entry_valid+0xa6/0x120 [ 26.518868][ T364] f2fs_inode_synced+0xf4/0x2d0 [ 26.523540][ T364] ? set_page_dirty+0x19f/0x310 [ 26.528258][ T364] f2fs_update_inode+0x77/0x1aa0 [ 26.533012][ T364] ? __get_node_page+0x459/0x7b0 [ 26.537771][ T364] f2fs_write_inode+0x5a1/0x8c0 [ 26.542467][ T364] __writeback_single_inode+0x4e2/0xc30 [ 26.547836][ T364] ? wbc_attach_and_unlock_inode+0x175/0x5b0 [ 26.553665][ T364] writeback_single_inode+0x216/0x630 [ 26.558918][ T364] ? write_inode_now+0x240/0x240 [ 26.563649][ T364] ? __kasan_check_write+0x14/0x20 [ 26.568598][ T364] ? _atomic_dec_and_lock+0x17b/0x200 [ 26.573792][ T364] sync_inode_metadata+0xa8/0xf0 [ 26.578656][ T364] ? sync_inode+0x30/0x30 [ 26.582919][ T364] ? iput+0x305/0x810 [ 26.586729][ T364] ? _raw_spin_unlock+0x4d/0x70 [ 26.591410][ T364] f2fs_sync_inode_meta+0x167/0x280 [ 26.596444][ T364] f2fs_write_checkpoint+0x9f0/0x1c50 [ 26.601649][ T364] ? _raw_spin_unlock_irq+0x4e/0x70 [ 26.606816][ T364] ? f2fs_get_sectors_written+0x520/0x520 [ 26.612371][ T364] ? __kasan_check_write+0x14/0x20 [ 26.617307][ T364] ? kthread_stop+0x17d/0x480 [ 26.621854][ T364] kill_f2fs_super+0x231/0x390 [ 26.626526][ T364] ? slab_free_freelist_hook+0xb7/0x180 [ 26.631902][ T364] ? f2fs_mount+0x40/0x40 [ 26.636068][ T364] ? unregister_shrinker+0x1fd/0x270 [ 26.641185][ T364] deactivate_locked_super+0xa0/0x100 [ 26.646391][ T364] deactivate_super+0x14f/0x1d0 [ 26.651082][ T364] ? __kasan_check_write+0x14/0x20 [ 26.656028][ T364] ? deactivate_locked_super+0x100/0x100 [ 26.661493][ T364] ? fast_dput+0x83/0x290 [ 26.665668][ T364] cleanup_mnt+0x446/0x500 [ 26.669912][ T364] __cleanup_mnt+0x19/0x20 [ 26.674165][ T364] task_work_run+0x146/0x170 [ 26.678693][ T364] do_exit+0xa43/0x2660 [ 26.682671][ T364] ? put_task_struct+0x90/0x90 [ 26.687281][ T364] ? __kasan_check_read+0x11/0x20 [ 26.692425][ T364] ? syscall_trace_enter+0x56f/0x7d0 [ 26.697634][ T364] ? do_syscall_64+0x170/0x170 [ 26.702346][ T364] do_group_exit+0x13e/0x300 [ 26.706878][ T364] __x64_sys_exit_group+0x3f/0x40 [ 26.711777][ T364] do_syscall_64+0xcf/0x170 [ 26.716123][ T364] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 26.722026][ T364] RIP: 0033:0x7fd1ac719c29 [ 26.726279][ T364] Code: Bad RIP value. [ 26.730447][ T364] RSP: 002b:00007ffddbbc28c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 26.738690][ T364] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fd1ac719c29 [ 26.746493][ T364] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 [ 26.754306][ T364] RBP: 00007fd1ac7a8130 R08: ffffffffffffffb8 R09: 0000000000000000 [ 26.762121][ T364] R10: 0000000000000100 R11: 0000000000000246 R12: 00007fd1ac7a8130 [ 26.769923][ T364] R13: 0000000000000000 R14: 00007fd1ac7aaf60 R15: 00007fd1ac6decb0 [ 26.777992][ T364] [ 26.780143][ T364] Allocated by task 368: [ 26.784235][ T364] __kasan_kmalloc+0x162/0x200 [ 26.788931][ T364] kasan_slab_alloc+0x12/0x20 [ 26.793428][ T364] kmem_cache_alloc+0xe2/0x270 [ 26.798126][ T364] f2fs_alloc_inode+0x26/0x3b0 [ 26.802726][ T364] iget_locked+0x144/0x810 [ 26.807165][ T364] f2fs_iget+0x55/0x4ac0 [ 26.811323][ T364] f2fs_lookup+0x3ce/0xe00 [ 26.815579][ T364] path_openat+0x133f/0x35c0 [ 26.820005][ T364] do_filp_open+0x1ae/0x3f0 [ 26.824374][ T364] do_sys_open+0x2bb/0x5d0 [ 26.828702][ T364] __x64_sys_openat+0xa2/0xb0 [ 26.833206][ T364] do_syscall_64+0xcf/0x170 [ 26.837568][ T364] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 26.843279][ T364] [ 26.845481][ T364] Freed by task 10: [ 26.849099][ T364] __kasan_slab_free+0x1c3/0x280 [ 26.853955][ T364] kasan_slab_free+0xe/0x10 [ 26.858299][ T364] slab_free_freelist_hook+0xb7/0x180 [ 26.863579][ T364] kmem_cache_free+0x10c/0x2c0 [ 26.868181][ T364] f2fs_free_inode+0x24/0x30 [ 26.872705][ T364] i_callback+0x4c/0x70 [ 26.876686][ T364] rcu_do_batch+0x446/0x980 [ 26.881113][ T364] rcu_core+0x4bd/0xbd0 [ 26.885113][ T364] rcu_core_si+0x9/0x10 [ 26.889152][ T364] __do_softirq+0x236/0x660 [ 26.893431][ T364] [ 26.895606][ T364] The buggy address belongs to the object at ffff8881d887ab80 [ 26.895606][ T364] which belongs to the cache f2fs_inode_cache of size 1264 [ 26.910225][ T364] The buggy address is located 864 bytes inside of [ 26.910225][ T364] 1264-byte region [ffff8881d887ab80, ffff8881d887b070) [ 26.923538][ T364] The buggy address belongs to the page: [ 26.928988][ T364] page:ffffea0007621e00 refcount:1 mapcount:0 mapping:ffff8881f0fc6780 index:0x0 compound_mapcount: 0 [ 26.940370][ T364] flags: 0x8000000000010200(slab|head) [ 26.945658][ T364] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881f0fc6780 [ 26.954071][ T364] raw: 0000000000000000 0000000080170017 00000001ffffffff 0000000000000000 [ 26.962644][ T364] page dumped because: kasan: bad access detected [ 26.969780][ T364] page_owner tracks the page as allocated [ 26.975553][ T364] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE) [ 26.992988][ T364] prep_new_page+0x35e/0x370 [ 26.997582][ T364] get_page_from_freelist+0x1296/0x1310 [ 27.002958][ T364] __alloc_pages_nodemask+0x202/0x4b0 [ 27.008164][ T364] alloc_slab_page+0x3c/0x3b0 [ 27.012685][ T364] new_slab+0x93/0x420 [ 27.016671][ T364] ___slab_alloc+0x29e/0x420 [ 27.021098][ T364] __slab_alloc+0x63/0xa0 [ 27.025710][ T364] kmem_cache_alloc+0x12c/0x270 [ 27.030388][ T364] f2fs_alloc_inode+0x26/0x3b0 [ 27.035088][ T364] iget_locked+0x144/0x810 [ 27.039409][ T364] f2fs_iget+0x55/0x4ac0 [ 27.043502][ T364] f2fs_fill_super+0x5343/0x7760 [ 27.048264][ T364] mount_bdev+0x279/0x390 [ 27.052430][ T364] f2fs_mount+0x34/0x40 [ 27.056420][ T364] legacy_get_tree+0xea/0x190 [ 27.060935][ T364] vfs_get_tree+0x89/0x260 [ 27.065183][ T364] page_owner free stack trace missing [ 27.070490][ T364] [ 27.072669][ T364] Memory state around the buggy address: [ 27.078311][ T364] ffff8881d887ad80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.086220][ T364] ffff8881d887ae00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.094211][ T364] >ffff8881d887ae80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.102171][ T364] ^ [ 27.109203][ T364] ffff8881d887af00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.117113][ T364] ffff8881d887af80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.125005][ T364] ================================================================== [ 27.132981][ T364] Disabling lock debugging due to kernel taint [ 27.911791][ T128] device bridge_slave_1 left promiscuous mode [ 27.917748][ T128] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.925402][ T128] device bridge_slave_0 left promiscuous mode [ 27.931359][ T128] bridge0: port 1(bridge_slave_0) entered disabled state