./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1941148008

<...>
Warning: Permanently added '10.128.1.64' (ED25519) to the list of known hosts.
execve("./syz-executor1941148008", ["./syz-executor1941148008"], 0x7fff086c5f60 /* 10 vars */) = 0
brk(NULL)                               = 0x555566656000
brk(0x555566656e00)                     = 0x555566656e00
arch_prctl(ARCH_SET_FS, 0x555566656480) = 0
set_tid_address(0x555566656750)         = 288
set_robust_list(0x555566656760, 24)     = 0
rseq(0x555566656da0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1941148008", 4096) = 28
getrandom("\x55\x31\x60\x83\x08\x5e\x81\xb9", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555566656e00
brk(0x555566677e00)                     = 0x555566677e00
brk(0x555566678000)                     = 0x555566678000
mprotect(0x7f8cbf138000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7f8cbf093930, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f8cbf09bb10}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7f8cbf093930, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f8cbf09bb10}, NULL, 8) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555566656750) = 289
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555566656750) = 290
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 290 attached
./strace-static-x86_64: Process 291 attached
, child_tidptr=0x555566656750) = 291
[pid   288] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   290] set_robust_list(0x555566656760, 24 <unfinished ...>
[pid   291] set_robust_list(0x555566656760, 24 <unfinished ...>
[pid   290] <... set_robust_list resumed>) = 0
./strace-static-x86_64: Process 292 attached
[pid   288] <... clone resumed>, child_tidptr=0x555566656750) = 292
[pid   288] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   292] set_robust_list(0x555566656760, 24 <unfinished ...>
[pid   291] <... set_robust_list resumed>) = 0
[pid   290] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   288] <... clone resumed>, child_tidptr=0x555566656750) = 293
./strace-static-x86_64: Process 289 attached
[pid   289] set_robust_list(0x555566656760, 24) = 0
[pid   289] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   290] <... clone resumed>, child_tidptr=0x555566656750) = 294
[pid   291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   292] <... set_robust_list resumed>) = 0
./strace-static-x86_64: Process 293 attached
[pid   289] <... clone resumed>, child_tidptr=0x555566656750) = 295
./strace-static-x86_64: Process 294 attached
[pid   294] set_robust_list(0x555566656760, 24) = 0
[pid   294] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   294] setpgid(0, 0)               = 0
[pid   292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   291] <... clone resumed>, child_tidptr=0x555566656750) = 296
[pid   293] set_robust_list(0x555566656760, 24 <unfinished ...>
[pid   294] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   293] <... set_robust_list resumed>) = 0
./strace-static-x86_64: Process 296 attached
[pid   292] <... clone resumed>, child_tidptr=0x555566656750) = 297
[pid   294] <... openat resumed>)       = 3
[pid   294] write(3, "1000", 4)         = 4
[pid   294] close(3)                    = 0
[pid   294] write(1, "executing program\n", 18executing program
) = 18
[pid   294] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LRU_HASH, key_size=4, value_size=8, max_entries=12, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   296] set_robust_list(0x555566656760, 24 <unfinished ...>
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program
executing program
 <unfinished ...>
[pid   294] <... bpf resumed>)          = 3
[pid   294] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=13, insns=0x200000000280, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148./strace-static-x86_64: Process 295 attached
 <unfinished ...>
[pid   295] set_robust_list(0x555566656760, 24) = 0
[pid   295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   295] setpgid(0, 0)               = 0
[pid   295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   295] write(3, "1000", 4)         = 4
[pid   295] close(3)                    = 0
[pid   295] write(1, "executing program\n", 18) = 18
[pid   295] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LRU_HASH, key_size=4, value_size=8, max_entries=12, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   295] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=13, insns=0x200000000280, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148./strace-static-x86_64: Process 297 attached
 <unfinished ...>
[pid   297] set_robust_list(0x555566656760, 24) = 0
[pid   297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   297] setpgid(0, 0)               = 0
[pid   297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   297] write(3, "1000", 4)         = 4
[pid   297] close(3)                    = 0
[pid   297] write(1, "executing program\n", 18) = 18
[pid   297] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LRU_HASH, key_size=4, value_size=8, max_entries=12, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   297] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=13, insns=0x200000000280, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148 <unfinished ...>
[pid   296] <... set_robust_list resumed>) = 0
[pid   293] <... clone resumed>, child_tidptr=0x555566656750) = 298
[   22.627515][   T24] audit: type=1400 audit(1744898320.160:66): avc:  denied  { execmem } for  pid=288 comm="syz-executor194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   22.654452][   T24] audit: type=1400 audit(1744898320.190:67): avc:  denied  { map_create } for  pid=294 comm="syz-executor194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
./strace-static-x86_64: Process 298 attached
[pid   298] set_robust_list(0x555566656760, 24) = 0
[pid   298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   298] setpgid(0, 0)               = 0
[pid   298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   298] write(3, "1000", 4)         = 4
[pid   298] close(3)                    = 0
[pid   298] write(1, "executing program\n", 18executing program
) = 18
[pid   298] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LRU_HASH, key_size=4, value_size=8, max_entries=12, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   298] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=13, insns=0x200000000280, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148 <unfinished ...>
[pid   296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   296] setpgid(0, 0)               = 0
[   22.674503][   T24] audit: type=1400 audit(1744898320.190:68): avc:  denied  { bpf } for  pid=294 comm="syz-executor194" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   22.695811][   T24] audit: type=1400 audit(1744898320.190:69): avc:  denied  { map_read map_write } for  pid=294 comm="syz-executor194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[pid   296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   296] write(3, "1000", 4)         = 4
[pid   296] close(3)                    = 0
[pid   296] write(1, "executing program\n", 18executing program
) = 18
[pid   296] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_LRU_HASH, key_size=4, value_size=8, max_entries=12, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[   22.716630][   T24] audit: type=1400 audit(1744898320.190:70): avc:  denied  { prog_load } for  pid=294 comm="syz-executor194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   22.736795][   T24] audit: type=1400 audit(1744898320.190:71): avc:  denied  { perfmon } for  pid=294 comm="syz-executor194" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[pid   296] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=13, insns=0x200000000280, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148 <unfinished ...>
[pid   295] <... bpf resumed>)          = 4
[pid   294] <... bpf resumed>)          = 4
[pid   295] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=4}}, 13 <unfinished ...>
[pid   294] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=4}}, 13 <unfinished ...>
[pid   298] <... bpf resumed>)          = 4
[pid   297] <... bpf resumed>)          = 4
[pid   296] <... bpf resumed>)          = 4
[pid   295] <... bpf resumed>)          = 5
[pid   294] <... bpf resumed>)          = 5
executing program
executing program
executing program
executing program
executing program
[   22.801872][   T24] audit: type=1400 audit(1744898320.330:73): avc:  denied  { prog_run } for  pid=294 comm="syz-executor194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   22.821074][   T24] audit: type=1400 audit(1744898320.330:72): avc:  denied  { prog_run } for  pid=295 comm="syz-executor194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   25.135384][    T1] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000007
[   25.143717][    T1] CPU: 1 PID: 1 Comm: init Not tainted 5.10.236-syzkaller #0
[   25.151010][    T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   25.160905][    T1] Call Trace:
[   25.164052][    T1]  dump_stack_lvl+0x1e2/0x24b
[   25.168542][    T1]  ? panic+0x22b/0x812
[   25.172434][    T1]  ? bfq_pos_tree_add_move+0x43b/0x43b
[   25.177841][    T1]  dump_stack+0x15/0x17
[   25.181895][    T1]  panic+0x2cf/0x812
[   25.185633][    T1]  ? do_exit+0x239a/0x2a50
[   25.189879][    T1]  ? fb_is_primary_device+0xd4/0xd4
[   25.194909][    T1]  ? __kasan_check_write+0x14/0x20
[   25.199864][    T1]  ? sync_mm_rss+0x28a/0x2e0
[   25.204287][    T1]  do_exit+0x23b4/0x2a50
[   25.208369][    T1]  ? sched_group_set_shares+0x490/0x490
[   25.213744][    T1]  ? put_task_struct+0x80/0x80
[   25.218440][    T1]  ? schedule+0x154/0x1d0
[   25.222604][    T1]  ? schedule_timeout+0xa9/0x360
[   25.227387][    T1]  ? __kasan_check_write+0x14/0x20
[   25.232320][    T1]  ? _raw_spin_lock_irq+0xa5/0x1b0
[   25.237299][    T1]  do_group_exit+0x141/0x310
[   25.241785][    T1]  get_signal+0x10a0/0x1410
[   25.246128][    T1]  arch_do_signal_or_restart+0xc4/0x1270
[   25.251606][    T1]  ? kernel_clone+0x6ca/0x9e0
[   25.256162][    T1]  ? create_io_thread+0x1e0/0x1e0
[   25.260979][    T1]  ? get_timespec64+0x13d/0x200
[   25.265742][    T1]  ? timespec64_add_safe+0x220/0x220
[   25.270954][    T1]  ? __do_sys_rt_sigreturn+0x9e0/0x9e0
[   25.276257][    T1]  ? __do_sys_vfork+0xcd/0x130
[   25.280939][    T1]  exit_to_user_mode_loop+0x9b/0xd0
[   25.285974][    T1]  syscall_exit_to_user_mode+0xa2/0x1a0
[   25.291370][    T1]  do_syscall_64+0x3d/0x40
[   25.295607][    T1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   25.301337][    T1] RIP: 0033:0x7fa8ee88ba68
[   25.305590][    T1] Code: 00 48 8d b8 e0 02 00 00 48 89 b8 d8 02 00 00 48 89 b8 e0 02 00 00 b8 11 01 00 00 0f 05 44 89 c0 c3 90 5f b8 3a 00 00 00 0f 05 <57> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 90 43 0f 00 f7 d8 64 89 01 48
[   25.325313][    T1] RSP: 002b:00007fffcf6a2c60 EFLAGS: 00000246 ORIG_RAX: 000000000000003a
[   25.333550][    T1] RAX: 0000000000000212 RBX: 0000560e67140ab0 RCX: 00007fa8ee88ba68
[   25.341702][    T1] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00007fa8eea16bed
[   25.349637][    T1] RBP: 00007fa8eea51528 R08: 0000000000000007 R09: 7b4872a1791d8f3e
[   25.357451][    T1] R10: 00007fffcf6a2ca0 R11: 0000000000000246 R12: 0000000000000000
[   25.365393][    T1] R13: 0000000000000018 R14: 0000560e3e1c7169 R15: 00007fa8eea82a80
[   25.373491][    T1] Kernel Offset: disabled
[   25.377620][    T1] Rebooting in 86400 seconds..