./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor993719251
<...>
Warning: Permanently added '10.128.0.34' (ECDSA) to the list of known hosts.
execve("./syz-executor993719251", ["./syz-executor993719251"], 0x7ffff06c5e90 /* 10 vars */) = 0
brk(NULL) = 0x555555793000
brk(0x555555793c40) = 0x555555793c40
arch_prctl(ARCH_SET_FS, 0x555555793300) = 0
uname({sysname="Linux", nodename="syzkaller", ...}) = 0
readlink("/proc/self/exe", "/root/syz-executor993719251", 4096) = 27
brk(0x5555557b4c40) = 0x5555557b4c40
brk(0x5555557b5000) = 0x5555557b5000
mprotect(0x7fe619c14000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3
ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address)
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557935d0) = 4996
./strace-static-x86_64: Process 4996 attached
[ 81.369503][ T26] audit: type=1400 audit(1686886249.316:83): avc: denied { write } for pid=4992 comm="strace-static-x" path="pipe:[30231]" dev="pipefs" ino=30231 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 81.399047][ T26] audit: type=1400 audit(1686886249.346:84): avc: denied { execmem } for pid=4995 comm="syz-executor993" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[pid 4996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 4996] setpgid(0, 0) = 0
[pid 4996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 4996] write(3, "1000", 4) = 4
[pid 4996] close(3) = 0
[ 81.419475][ T26] audit: type=1400 audit(1686886249.346:85): avc: denied { read write } for pid=4995 comm="syz-executor993" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 81.444355][ T26] audit: type=1400 audit(1686886249.346:86): avc: denied { open } for pid=4995 comm="syz-executor993" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 4996] memfd_create("syzkaller", 0) = 3
[pid 4996] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe611755000
[ 81.470111][ T4996] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=4996 'syz-executor993'
[ 81.479821][ T26] audit: type=1400 audit(1686886249.346:87): avc: denied { ioctl } for pid=4995 comm="syz-executor993" path="/dev/loop0" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[pid 4996] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 16777216) = 16777216
[pid 4996] munmap(0x7fe611755000, 16777216) = 0
[pid 4996] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4
[pid 4996] ioctl(4, LOOP_SET_FD, 3) = 0
[pid 4996] close(3) = 0
[pid 4996] mkdir("./file0", 0777) = 0
[ 81.694682][ T4996] loop0: detected capacity change from 0 to 32768
[ 81.706991][ T26] audit: type=1400 audit(1686886249.656:88): avc: denied { mounton } for pid=4996 comm="syz-executor993" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 81.713662][ T4996] BTRFS: device fsid 5ac8a51e-da3a-4998-8e66-e1df06b87bc8 devid 1 transid 8 /dev/loop0 scanned by syz-executor993 (4996)
[ 81.752382][ T4996] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[ 81.761846][ T4996] BTRFS info (device loop0): using free space tree
[ 81.787372][ T4996] BTRFS info (device loop0): enabling ssd optimizations
[ 81.794660][ T4996] BTRFS info (device loop0): auto enabling async discard
[pid 4996] mount("/dev/loop0", "./file0", "btrfs", 0, "noflushoncommit,rescan_uuid_tree,noacl,noautodefrag,datacow,") = 0
[pid 4996] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
[pid 4996] ioctl(4, LOOP_CLR_FD) = 0
[pid 4996] close(4) = 0
[pid 4996] ioctl(3, BTRFS_IOC_SUBVOL_SETFLAGS, BTRFS_SUBVOL_RDONLY) = 0
[ 81.806762][ T4996] BTRFS info (device loop0): checking UUID tree
[ 81.818707][ T26] audit: type=1400 audit(1686886249.766:89): avc: denied { mount } for pid=4996 comm="syz-executor993" name="/" dev="loop0" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 81.875943][ T4996] ------------[ cut here ]------------
[ 81.881498][ T4996] WARNING: CPU: 1 PID: 4996 at fs/read_write.c:504 __kernel_write_iter+0x5f9/0x7a0
[ 81.890941][ T4996] Modules linked in:
[ 81.894883][ T4996] CPU: 1 PID: 4996 Comm: syz-executor993 Not tainted 6.4.0-rc6-syzkaller-00037-gb6dad5178cea #0
[ 81.905529][ T4996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[ 81.915776][ T4996] RIP: 0010:__kernel_write_iter+0x5f9/0x7a0
[ 81.921802][ T4996] Code: 05 00 00 4c 89 e2 48 c7 c6 40 96 5b 8a 48 c7 c7 e0 95 5b 8a e8 98 38 83 ff 49 c7 c6 ea ff ff ff e9 c0 fe ff ff e8 d7 54 9f ff <0f> 0b 49 c7 c6 f7 ff ff ff e9 ad fe ff ff e8 c4 54 9f ff 4c 89 ea
[ 81.941534][ T4996] RSP: 0018:ffffc900034ef6c0 EFLAGS: 00010293
[ 81.947684][ T4996] RAX: 0000000000000000 RBX: 00000000000a801d RCX: 0000000000000000
[ 81.955785][ T4996] RDX: ffff888079c58000 RSI: ffffffff81e412d9 RDI: 0000000000000005
[ 81.963892][ T4996] RBP: 1ffff9200069deda R08: 0000000000000005 R09: 0000000000000000
[ 81.972004][ T4996] R10: 0000000000000000 R11: 0000000000000005 R12: ffff88801f9ea040
[ 81.980070][ T4996] R13: ffff88801f9ea0bc R14: 0000000000000000 R15: ffff88802d00d008
[ 81.988252][ T4996] FS: 0000555555793300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
[ 81.997381][ T4996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 82.004014][ T4996] CR2: 0000000020001540 CR3: 0000000028570000 CR4: 00000000003506e0
[ 82.012219][ T4996] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 82.020308][ T4996] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 82.028421][ T4996] Call Trace:
[ 82.031829][ T4996]
[ 82.034801][ T4996] ? __warn+0xe6/0x390
[ 82.039011][ T4996] ? __kernel_write_iter+0x5f9/0x7a0
[ 82.044458][ T4996] ? report_bug+0x2da/0x500
[ 82.049115][ T4996] ? handle_bug+0x3c/0x70
[ 82.053583][ T4996] ? exc_invalid_op+0x18/0x50
[ 82.058380][ T4996] ? asm_exc_invalid_op+0x1a/0x20
[ 82.060238][ T26] audit: type=1400 audit(1686886250.006:90): avc: denied { append } for pid=4428 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 82.063451][ T4996] ? __kernel_write_iter+0x5f9/0x7a0
[ 82.091376][ T4996] ? __kernel_write_iter+0x5f9/0x7a0
[ 82.096780][ T4996] ? vfs_read+0x8a0/0x8a0
[ 82.101170][ T4996] ? avc_policy_seqno+0x9/0x10
[ 82.105900][ T26] audit: type=1400 audit(1686886250.006:91): avc: denied { open } for pid=4428 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 82.106004][ T4996] ? selinux_file_permission+0x96/0x520
[ 82.133965][ T4996] ? security_file_permission+0xaf/0xd0
[ 82.139629][ T4996] kernel_write+0x1c1/0x670
[ 82.144193][ T4996] ? btrfs_destroy_cachep+0x30/0x30
[ 82.149567][ T4996] ? __kernel_write+0x110/0x110
[ 82.154483][ T4996] btrfs_ioctl_send+0x2317/0x67b0
[ 82.159844][ T4996] ? changed_cb+0x3530/0x3530
[ 82.164588][ T4996] ? __might_fault+0xe2/0x190
[ 82.169411][ T4996] ? lock_downgrade+0x690/0x690
[ 82.169835][ T26] audit: type=1400 audit(1686886250.006:92): avc: denied { getattr } for pid=4428 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 82.174307][ T4996] ? _copy_from_user+0x5c/0xf0
[ 82.201830][ T4996] _btrfs_ioctl_send+0x100/0x2d0
[ 82.206884][ T4996] ? exclop_start_or_cancel_reloc+0x230/0x230
[ 82.213022][ T4996] ? avc_ss_reset+0x140/0x140
[ 82.217805][ T4996] ? tomoyo_path_number_perm+0x245/0x570
[ 82.224627][ T4996] ? lock_downgrade+0x690/0x690
[ 82.229634][ T4996] ? __kmem_cache_free+0x182/0x2c0
[ 82.234810][ T4996] ? tomoyo_path_number_perm+0x43b/0x570
[ 82.240625][ T4996] btrfs_ioctl+0x3c0f/0x5b30
[ 82.245263][ T4996] ? tomoyo_path_number_perm+0x166/0x570
[ 82.250993][ T4996] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 82.256943][ T4996] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 82.263426][ T4996] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 82.269405][ T4996] ? do_vfs_ioctl+0x132/0x1670
[ 82.274222][ T4996] ? vfs_fileattr_set+0xc40/0xc40
[ 82.279454][ T4996] ? ioctl_has_perm.constprop.0.isra.0+0x28c/0x420
[ 82.286055][ T4996] ? ioctl_has_perm.constprop.0.isra.0+0x295/0x420
[ 82.292600][ T4996] ? selinux_bprm_creds_for_exec+0xb20/0xb20
[ 82.298658][ T4996] ? find_held_lock+0x2d/0x110
[ 82.303469][ T4996] ? name_to_dev_t+0x62/0x9e0
[ 82.308291][ T4996] ? lock_downgrade+0x690/0x690
[ 82.313190][ T4996] ? selinux_file_ioctl+0xba/0x280
[ 82.318399][ T4996] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 82.324863][ T4996] __x64_sys_ioctl+0x197/0x210
[ 82.329714][ T4996] do_syscall_64+0x39/0xb0
[ 82.334173][ T4996] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.340169][ T4996] RIP: 0033:0x7fe619ba2589
[ 82.344609][ T4996] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 82.364297][ T4996] RSP: 002b:00007ffe6b795168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 82.372789][ T4996] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe619ba2589
[ 82.380847][ T4996] RDX: 00000000200003c0 RSI: 0000000040489426 RDI: 0000000000000003
[ 82.388903][ T4996] RBP: 0000000000000000 R08: 00007fe619c14ec0 R09: 00007fe619c14ec0
[ 82.396952][ T4996] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe6b795190
[ 82.404963][ T4996] R13: 0000000000000000 R14: 431bde82d7b634db R15: 0000000000000000
[ 82.413022][ T4996]
[ 82.416120][ T4996] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 82.423422][ T4996] CPU: 1 PID: 4996 Comm: syz-executor993 Not tainted 6.4.0-rc6-syzkaller-00037-gb6dad5178cea #0
[ 82.433861][ T4996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
[ 82.444028][ T4996] Call Trace:
[ 82.447314][ T4996]
[ 82.450684][ T4996] dump_stack_lvl+0xd9/0x150
[ 82.455318][ T4996] panic+0x686/0x730
[ 82.459262][ T4996] ? panic_smp_self_stop+0xa0/0xa0
[ 82.464418][ T4996] ? show_trace_log_lvl+0x284/0x390
[ 82.469648][ T4996] ? __kernel_write_iter+0x5f9/0x7a0
[ 82.474962][ T4996] check_panic_on_warn+0xb1/0xc0
[ 82.479946][ T4996] __warn+0xf2/0x390
[ 82.483873][ T4996] ? __kernel_write_iter+0x5f9/0x7a0
[ 82.489178][ T4996] report_bug+0x2da/0x500
[ 82.493591][ T4996] handle_bug+0x3c/0x70
[ 82.497784][ T4996] exc_invalid_op+0x18/0x50
[ 82.502335][ T4996] asm_exc_invalid_op+0x1a/0x20
[ 82.507244][ T4996] RIP: 0010:__kernel_write_iter+0x5f9/0x7a0
[ 82.513159][ T4996] Code: 05 00 00 4c 89 e2 48 c7 c6 40 96 5b 8a 48 c7 c7 e0 95 5b 8a e8 98 38 83 ff 49 c7 c6 ea ff ff ff e9 c0 fe ff ff e8 d7 54 9f ff <0f> 0b 49 c7 c6 f7 ff ff ff e9 ad fe ff ff e8 c4 54 9f ff 4c 89 ea
[ 82.532791][ T4996] RSP: 0018:ffffc900034ef6c0 EFLAGS: 00010293
[ 82.538975][ T4996] RAX: 0000000000000000 RBX: 00000000000a801d RCX: 0000000000000000
[ 82.546963][ T4996] RDX: ffff888079c58000 RSI: ffffffff81e412d9 RDI: 0000000000000005
[ 82.554953][ T4996] RBP: 1ffff9200069deda R08: 0000000000000005 R09: 0000000000000000
[ 82.562945][ T4996] R10: 0000000000000000 R11: 0000000000000005 R12: ffff88801f9ea040
[ 82.570932][ T4996] R13: ffff88801f9ea0bc R14: 0000000000000000 R15: ffff88802d00d008
[ 82.579011][ T4996] ? __kernel_write_iter+0x5f9/0x7a0
[ 82.584334][ T4996] ? vfs_read+0x8a0/0x8a0
[ 82.588687][ T4996] ? avc_policy_seqno+0x9/0x10
[ 82.593476][ T4996] ? selinux_file_permission+0x96/0x520
[ 82.599042][ T4996] ? security_file_permission+0xaf/0xd0
[ 82.604620][ T4996] kernel_write+0x1c1/0x670
[ 82.609147][ T4996] ? btrfs_destroy_cachep+0x30/0x30
[ 82.614375][ T4996] ? __kernel_write+0x110/0x110
[ 82.619253][ T4996] btrfs_ioctl_send+0x2317/0x67b0
[ 82.624315][ T4996] ? changed_cb+0x3530/0x3530
[ 82.629021][ T4996] ? __might_fault+0xe2/0x190
[ 82.633722][ T4996] ? lock_downgrade+0x690/0x690
[ 82.638612][ T4996] ? _copy_from_user+0x5c/0xf0
[ 82.643414][ T4996] _btrfs_ioctl_send+0x100/0x2d0
[ 82.648378][ T4996] ? exclop_start_or_cancel_reloc+0x230/0x230
[ 82.654476][ T4996] ? avc_ss_reset+0x140/0x140
[ 82.659175][ T4996] ? tomoyo_path_number_perm+0x245/0x570
[ 82.664848][ T4996] ? lock_downgrade+0x690/0x690
[ 82.669726][ T4996] ? __kmem_cache_free+0x182/0x2c0
[ 82.674858][ T4996] ? tomoyo_path_number_perm+0x43b/0x570
[ 82.680529][ T4996] btrfs_ioctl+0x3c0f/0x5b30
[ 82.685148][ T4996] ? tomoyo_path_number_perm+0x166/0x570
[ 82.690826][ T4996] ? tomoyo_execute_permission+0x4a0/0x4a0
[ 82.696672][ T4996] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 82.703113][ T4996] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 82.709035][ T4996] ? do_vfs_ioctl+0x132/0x1670
[ 82.713823][ T4996] ? vfs_fileattr_set+0xc40/0xc40
[ 82.718866][ T4996] ? ioctl_has_perm.constprop.0.isra.0+0x28c/0x420
[ 82.725387][ T4996] ? ioctl_has_perm.constprop.0.isra.0+0x295/0x420
[ 82.731908][ T4996] ? selinux_bprm_creds_for_exec+0xb20/0xb20
[ 82.737909][ T4996] ? find_held_lock+0x2d/0x110
[ 82.742693][ T4996] ? name_to_dev_t+0x62/0x9e0
[ 82.747403][ T4996] ? lock_downgrade+0x690/0x690
[ 82.752281][ T4996] ? selinux_file_ioctl+0xba/0x280
[ 82.757425][ T4996] ? btrfs_ioctl_get_supported_features+0x50/0x50
[ 82.763866][ T4996] __x64_sys_ioctl+0x197/0x210
[ 82.768652][ T4996] do_syscall_64+0x39/0xb0
[ 82.773092][ T4996] entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 82.779038][ T4996] RIP: 0033:0x7fe619ba2589
[ 82.783471][ T4996] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 82.803103][ T4996] RSP: 002b:00007ffe6b795168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 82.811537][ T4996] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe619ba2589
[ 82.819526][ T4996] RDX: 00000000200003c0 RSI: 0000000040489426 RDI: 0000000000000003
[ 82.827518][ T4996] RBP: 0000000000000000 R08: 00007fe619c14ec0 R09: 00007fe619c14ec0
[ 82.835523][ T4996] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe6b795190
[ 82.843518][ T4996] R13: 0000000000000000 R14: 431bde82d7b634db R15: 0000000000000000
[ 82.851513][ T4996]
[ 82.854757][ T4996] Kernel Offset: disabled
[ 82.859179][ T4996] Rebooting in 86400 seconds..