./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2010621873 <...> Warning: Permanently added '10.128.1.154' (ED25519) to the list of known hosts. execve("./syz-executor2010621873", ["./syz-executor2010621873"], 0x7ffe260fd4f0 /* 10 vars */) = 0 brk(NULL) = 0x55557f333000 brk(0x55557f333d00) = 0x55557f333d00 arch_prctl(ARCH_SET_FS, 0x55557f333380) = 0 set_tid_address(0x55557f333650) = 297 set_robust_list(0x55557f333660, 24) = 0 rseq(0x55557f333ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2010621873", 4096) = 28 getrandom("\x82\xec\x0b\xf9\x30\x06\x3b\xc3", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55557f333d00 brk(0x55557f354d00) = 0x55557f354d00 brk(0x55557f355000) = 0x55557f355000 mprotect(0x7f56f606f000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0executing program ) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 write(1, "executing program\n", 18) = 18 mkdirat(AT_FDCWD, "./file0", 016) = 0 mount("./file0", "./file0", "incremental-fs", 0, NULL) = 0 openat(AT_FDCWD, "/dev/zero", O_RDWR|O_CLOEXEC) = 3 mmap(0x200000000000, 2097152, PROT_WRITE|PROT_EXEC|PROT_SEM|PROT_GROWSDOWN, MAP_PRIVATE|MAP_FIXED, 3, 0x343e2000) = 0x200000000000 seccomp(SECCOMP_SET_MODE_FILTER, SECCOMP_FILTER_FLAG_TSYNC|SECCOMP_FILTER_FLAG_LOG|SECCOMP_FILTER_FLAG_SPEC_ALLOW, 0x200000000240) = -1 EINVAL (Invalid argument) [ 24.805264][ T36] audit: type=1400 audit(1753814413.769:64): avc: denied { execmem } for pid=297 comm="syz-executor201" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 24.825363][ T36] audit: type=1400 audit(1753814413.769:65): avc: denied { mounton } for pid=297 comm="syz-executor201" path="/root/file0" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 24.826265][ T297] BUG: unable to handle page fault for address: fffffffffffffff1 [ 24.849328][ T36] audit: type=1400 audit(1753814413.779:66): avc: denied { mount } for pid=297 comm="syz-executor201" name="/" dev="incremental-fs" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 24.856609][ T297] #PF: supervisor read access in kernel mode [ 24.856621][ T297] #PF: error_code(0x0000) - not-present page [ 24.856630][ T297] PGD 72ac067 P4D 72ac067 PUD 72ae067 [ 24.880846][ T36] audit: type=1400 audit(1753814413.779:67): avc: denied { map } for pid=297 comm="syz-executor201" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 24.886752][ T297] PMD 0 [ 24.886779][ T297] Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI [ 24.886802][ T297] CPU: 1 UID: 0 PID: 297 Comm: syz-executor201 Not tainted 6.12.38-syzkaller-g616c12b4d684 #0 00545ee46979a994717fa408b9c555c5aa5888cf [ 24.893136][ T36] audit: type=1400 audit(1753814413.779:68): avc: denied { execute } for pid=297 comm="syz-executor201" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 24.898632][ T297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 24.898648][ T297] RIP: 0010:read_pages+0x47e/0x670 [ 24.898698][ T297] Code: 48 b8 00 00 00 00 00 fc ff df 41 80 7c 05 00 00 74 08 4c 89 e7 e8 d2 a8 1c 00 49 8b 3c 24 48 89 de 4d 89 f3 41 ba 6c be c1 0e <45> 03 53 f1 74 02 0f 0b 2e e8 60 20 41 1e 4c 89 e7 e8 2c 36 00 00 [ 24.923572][ T36] audit: type=1400 audit(1753814413.889:69): avc: denied { read } for pid=91 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 24.925138][ T297] RSP: 0018:ffffc900011af160 EFLAGS: 00010246 [ 24.931552][ T36] audit: type=1400 audit(1753814413.889:70): avc: denied { search } for pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 24.945516][ T297] [ 24.945529][ T297] RAX: dffffc0000000000 RBX: ffffea00048a3b00 RCX: 1ffffffff0c2c571 [ 24.945545][ T297] RDX: 0000000000000000 RSI: ffffea00048a3b00 RDI: ffff88812a6b4c80 [ 24.945555][ T297] RBP: ffffc900011af290 R08: ffffea00048a3b37 R09: 1ffffd4000914766 [ 24.945566][ T297] R10: 000000000ec1be6c R11: 0000000000000000 R12: ffffc900011af5f0 [ 24.945577][ T297] R13: 1ffff92000235ebe R14: 0000000000000000 R15: ffffffff86162b88 [ 24.945589][ T297] FS: 000055557f333380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 24.970380][ T36] audit: type=1400 audit(1753814413.889:71): avc: denied { write } for pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 24.980021][ T297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.980043][ T297] CR2: fffffffffffffff1 CR3: 0000000103354000 CR4: 00000000003526b0 [ 24.980059][ T297] Call Trace: [ 24.980066][ T297] [ 24.980076][ T297] ? page_cache_ra_unbounded+0x960/0x960 [ 24.980106][ T297] ? folio_add_lru+0xc8/0x170 [ 24.980121][ T297] ? filemap_add_folio+0x14d/0x2d0 [ 24.980135][ T297] page_cache_ra_order+0x8cd/0xdf0 [ 24.985757][ T36] audit: type=1400 audit(1753814413.889:72): avc: denied { add_name } for pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 25.005042][ T297] ? __cfi_page_cache_ra_order+0x10/0x10 [ 25.005080][ T297] page_cache_sync_ra+0x713/0x920 [ 25.005104][ T297] hpage_collapse_scan_file+0xbab/0x3510 [ 25.005125][ T297] ? hugepage_vma_revalidate+0x480/0x480 [ 25.027358][ T36] audit: type=1400 audit(1753814413.889:73): avc: denied { create } for pid=91 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 25.033214][ T297] ? __virt_addr_valid+0xc5/0x380 [ 25.241849][ T297] ? radix_tree_lookup+0x250/0x2a0 [ 25.247009][ T297] ? __kasan_check_write+0x18/0x20 [ 25.252152][ T297] ? mutex_unlock+0x8b/0x240 [ 25.256836][ T297] ? __kasan_check_write+0x18/0x20 [ 25.262503][ T297] madvise_collapse+0x4c6/0xaf0 [ 25.267372][ T297] madvise_vma_behavior+0x69d/0x2d40 [ 25.272657][ T297] ? __cfi_madvise_vma_behavior+0x10/0x10 [ 25.278442][ T297] ? kvm_sched_clock_read+0x15/0x30 [ 25.284020][ T297] ? sched_clock_noinstr+0xd/0x30 [ 25.290437][ T297] ? sched_clock+0x44/0x60 [ 25.294965][ T297] ? sched_clock_cpu+0x75/0x400 [ 25.299843][ T297] ? __cfi___update_load_avg_cfs_rq+0x10/0x10 [ 25.306443][ T297] ? xfd_validate_state+0x68/0x150 [ 25.311649][ T297] ? save_fpregs_to_fpstate+0x196/0x230 [ 25.317298][ T297] ? __kasan_check_write+0x18/0x20 [ 25.322502][ T297] ? __switch_to+0xc7b/0x1310 [ 25.327334][ T297] ? psi_group_change+0xb44/0x1130 [ 25.332433][ T297] ? mtree_range_walk+0x573/0x730 [ 25.337456][ T297] ? mas_prev_slot+0xab4/0xb60 [ 25.342492][ T297] ? mas_prev+0x5f/0xa0 [ 25.346757][ T297] ? find_vma_prev+0xfd/0x170 [ 25.351429][ T297] ? __cfi_find_vma_prev+0x10/0x10 [ 25.356526][ T297] ? __kasan_check_write+0x18/0x20 [ 25.361648][ T297] ? rwsem_read_trylock+0x2b1/0x660 [ 25.366845][ T297] ? downgrade_write+0x440/0x440 [ 25.372056][ T297] madvise_walk_vmas+0x1b1/0x2e0 [ 25.376982][ T297] ? __cfi_madvise_vma_behavior+0x10/0x10 [ 25.382772][ T297] ? madvise_set_anon_name+0x610/0x610 [ 25.388223][ T297] ? __asan_memset+0x39/0x50 [ 25.392894][ T297] ? blk_start_plug+0x72/0x1c0 [ 25.397726][ T297] do_madvise+0x508/0x8b0 [ 25.402079][ T297] ? __cfi_do_madvise+0x10/0x10 [ 25.406912][ T297] ? __kasan_check_write+0x18/0x20 [ 25.412174][ T297] __x64_sys_madvise+0xae/0xc0 [ 25.416917][ T297] x64_sys_call+0x20c3/0x2ee0 [ 25.421829][ T297] do_syscall_64+0x58/0xf0 [ 25.426246][ T297] ? clear_bhb_loop+0x50/0xa0 [ 25.431106][ T297] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 25.437020][ T297] RIP: 0033:0x7f56f5ffc3e9 [ 25.441450][ T297] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 25.461617][ T297] RSP: 002b:00007fff8e876fe8 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 25.470213][ T297] RAX: ffffffffffffffda RBX: 0000200000000000 RCX: 00007f56f5ffc3e9 [ 25.478474][ T297] RDX: 0000000000000019 RSI: 0000000000c00000 RDI: 0000200000000000 [ 25.487067][ T297] RBP: 0030656c69662f2e R08: 00000000343e2000 R09: 00000000343e2000 [ 25.495095][ T297] R10: 00000000343e2000 R11: 0000000000000246 R12: 0000000000000001 [ 25.503450][ T297] R13: 00007fff8e8771c8 R14: 0000000000000001 R15: 0000000000000001 [ 25.512556][ T297] [ 25.515666][ T297] Modules linked in: [ 25.519662][ T297] CR2: fffffffffffffff1 [ 25.523934][ T297] ---[ end trace 0000000000000000 ]--- [ 25.530366][ T297] RIP: 0010:read_pages+0x47e/0x670 [ 25.535485][ T297] Code: 48 b8 00 00 00 00 00 fc ff df 41 80 7c 05 00 00 74 08 4c 89 e7 e8 d2 a8 1c 00 49 8b 3c 24 48 89 de 4d 89 f3 41 ba 6c be c1 0e <45> 03 53 f1 74 02 0f 0b 2e e8 60 20 41 1e 4c 89 e7 e8 2c 36 00 00 [ 25.555783][ T297] RSP: 0018:ffffc900011af160 EFLAGS: 00010246 [ 25.561892][ T297] RAX: dffffc0000000000 RBX: ffffea00048a3b00 RCX: 1ffffffff0c2c571 [ 25.569856][ T297] RDX: 0000000000000000 RSI: ffffea00048a3b00 RDI: ffff88812a6b4c80 [ 25.578025][ T297] RBP: ffffc900011af290 R08: ffffea00048a3b37 R09: 1ffffd4000914766 [ 25.586055][ T297] R10: 000000000ec1be6c R11: 0000000000000000 R12: ffffc900011af5f0 [ 25.594119][ T297] R13: 1ffff92000235ebe R14: 0000000000000000 R15: ffffffff86162b88 [ 25.602530][ T297] FS: 000055557f333380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 25.612509][ T297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.620836][ T297] CR2: fffffffffffffff1 CR3: 0000000103354000 CR4: 00000000003526b0 [ 25.629314][ T297] Kernel panic - not syncing: Fatal exception [ 25.635728][ T297] Kernel Offset: disabled [ 25.640132][ T297] Rebooting in 86400 seconds..