./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor940544992
<...>
[ 3.423259][ T99] udevd[99]: starting version 3.2.11
[ 3.498668][ T100] udevd[100]: starting eudev-3.2.11
[ 4.177576][ T125] iptables-restor (125) used greatest stack depth: 22096 bytes left
[ 7.075890][ T104] udevd (104) used greatest stack depth: 20880 bytes left
[ 12.283471][ T30] kauditd_printk_skb: 50 callbacks suppressed
[ 12.283484][ T30] audit: type=1400 audit(1700069715.775:61): avc: denied { transition } for pid=224 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 12.287278][ T30] audit: type=1400 audit(1700069715.775:62): avc: denied { noatsecure } for pid=224 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 12.289991][ T30] audit: type=1400 audit(1700069715.775:63): avc: denied { write } for pid=224 comm="sh" path="pipe:[13362]" dev="pipefs" ino=13362 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 12.293816][ T30] audit: type=1400 audit(1700069715.775:64): avc: denied { rlimitinh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 12.296840][ T30] audit: type=1400 audit(1700069715.775:65): avc: denied { siginh } for pid=224 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
Warning: Permanently added '10.128.1.145' (ED25519) to the list of known hosts.
execve("./syz-executor940544992", ["./syz-executor940544992"], 0x7ffcdc84f6f0 /* 10 vars */) = 0
brk(NULL) = 0x555555bdb000
brk(0x555555bdbd00) = 0x555555bdbd00
arch_prctl(ARCH_SET_FS, 0x555555bdb380) = 0
set_tid_address(0x555555bdb650) = 292
set_robust_list(0x555555bdb660, 24) = 0
rseq(0x555555bdbca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor940544992", 4096) = 27
getrandom("\xc2\xbd\xeb\xab\xbe\x12\x06\x25", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555555bdbd00
brk(0x555555bfcd00) = 0x555555bfcd00
brk(0x555555bfd000) = 0x555555bfd000
mprotect(0x7fedf1fc3000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bdb650) = 293
./strace-static-x86_64: Process 293 attached
[pid 293] set_robust_list(0x555555bdb660, 24) = 0
[pid 293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 293] setpgid(0, 0) = 0
[pid 293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 293] write(3, "1000", 4) = 4
[pid 293] close(3) = 0
[ 20.631945][ T30] audit: type=1400 audit(1700069724.125:66): avc: denied { execmem } for pid=292 comm="syz-executor940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 20.634696][ T30] audit: type=1400 audit(1700069724.125:67): avc: denied { prog_load } for pid=293 comm="syz-executor940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 20.637263][ T30] audit: type=1400 audit(1700069724.125:68): avc: denied { bpf } for pid=293 comm="syz-executor940" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 20.640084][ T30] audit: type=1400 audit(1700069724.125:69): avc: denied { perfmon } for pid=293 comm="syz-executor940" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[pid 293] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000180, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 293] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kfree", prog_fd=3}}, 16) = 4
[pid 293] exit_group(0) = ?
[ 20.759386][ T30] audit: type=1400 audit(1700069724.245:70): avc: denied { confidentiality } for pid=293 comm="syz-executor940" lockdown_reason="use of bpf to read kernel RAM" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[ 20.783752][ T30] audit: type=1400 audit(1700069724.275:71): avc: denied { prog_run } for pid=293 comm="syz-executor940" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 20.803271][ C1] BUG: unable to handle page fault for address: ffffffffff600000
[ 20.810809][ C1] #PF: supervisor read access in kernel mode
[ 20.816702][ C1] #PF: error_code(0x0001) - permissions violation
[ 20.823038][ C1] PGD 6812067 P4D 6812067 PUD 6814067 PMD 6816067 PTE 8000000006809165
[ 20.831109][ C1] Oops: 0001 [#1] PREEMPT SMP KASAN
[ 20.836152][ C1] CPU: 1 PID: 82 Comm: syslogd Not tainted 5.15.137-syzkaller-01792-g61cfd264993d #0
[ 20.845431][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[ 20.855758][ C1] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[ 20.861835][ C1] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 3b ac d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[ 20.881282][ C1] RSP: 0018:ffffc900001cf9f0 EFLAGS: 00010292
[ 20.887176][ C1] RAX: 0000000080000103 RBX: 0000000000000008 RCX: ffff88810c31bb40
[ 20.894991][ C1] RDX: ffff88810c31c6d0 RSI: 0000000000000008 RDI: 0000000000000007
[ 20.902798][ C1] RBP: ffffc900001cfa28 R08: ffffffff81994f35 R09: fffff940008f4207
[ 20.910609][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[ 20.918420][ C1] R13: 0000000000000000 R14: ffffc900001cfa68 R15: ffffc900001cfa70
[ 20.926235][ C1] FS: 00007f7ed0e61380(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 20.934998][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 20.941422][ C1] CR2: ffffffffff600000 CR3: 000000010b950000 CR4: 00000000003506a0
[ 20.949236][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 20.957046][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 20.964854][ C1] Call Trace:
[ 20.967989][ C1]
[ 20.970676][ C1] ? __die_body+0x62/0xb0
[ 20.974839][ C1] ? __die+0x7e/0x90
[ 20.978570][ C1] ? page_fault_oops+0x7f9/0xa90
[ 20.983343][ C1] ? kernelmode_fixup_or_oops+0x270/0x270
[ 20.988898][ C1] ? unwind_get_return_address+0x4d/0x90
[ 20.994366][ C1] ? arch_stack_walk+0xf3/0x140
[ 20.999056][ C1] ? exc_page_fault+0x521/0x830
[ 21.003744][ C1] ? asm_exc_page_fault+0x27/0x30
[ 21.008600][ C1] ? copy_from_kernel_nofault+0x75/0x2e0
[ 21.014068][ C1] ? copy_from_kernel_nofault+0x86/0x2e0
[ 21.019543][ C1] ? skb_release_data+0x8a9/0xa80
[ 21.024396][ C1] bpf_probe_read_kernel+0x2a/0x70
[ 21.029343][ C1] bpf_prog_bd8b22826c103b08+0x3a/0x940
[ 21.034725][ C1] bpf_trace_run2+0xec/0x210
[ 21.039155][ C1] ? stack_trace_save+0x1c0/0x1c0
[ 21.044025][ C1] ? bpf_trace_run1+0x1c0/0x1c0
[ 21.048696][ C1] ? skb_release_data+0x8a9/0xa80
[ 21.053566][ C1] ? unwind_get_return_address+0x4d/0x90
[ 21.059026][ C1] ? arch_stack_walk+0xf3/0x140
[ 21.063715][ C1] ? skb_release_data+0x8a9/0xa80
[ 21.068573][ C1] __bpf_trace_kfree+0x6f/0x90
[ 21.073176][ C1] ? skb_release_data+0x8a9/0xa80
[ 21.078037][ C1] kfree+0x1f3/0x220
[ 21.081767][ C1] skb_release_data+0x8a9/0xa80
[ 21.086454][ C1] __kfree_skb+0x50/0x70
[ 21.090542][ C1] tcp_rtx_queue_unlink_and_free+0x203/0x720
[ 21.096350][ C1] tcp_ack+0x2351/0x6770
[ 21.100432][ C1] ? tcp_rcv_established+0x1ac0/0x1ac0
[ 21.105723][ C1] ? ktime_get+0x12f/0x160
[ 21.109974][ C1] tcp_rcv_established+0xcd6/0x1ac0
[ 21.115016][ C1] ? tcp_check_space+0x9d0/0x9d0
[ 21.119783][ C1] ? __kasan_check_read+0x11/0x20
[ 21.124641][ C1] ? ipv4_dst_check+0xe3/0x150
[ 21.129242][ C1] tcp_v4_do_rcv+0x3d7/0xa00
[ 21.133669][ C1] tcp_v4_rcv+0x23dd/0x2a70
[ 21.138010][ C1] ? get_stack_info+0x3b/0x100
[ 21.142613][ C1] ? __kasan_check_write+0x14/0x20
[ 21.147555][ C1] ? tcp_filter+0x90/0x90
[ 21.151722][ C1] ip_protocol_deliver_rcu+0x32f/0x710
[ 21.157018][ C1] ip_local_deliver+0x2c6/0x590
[ 21.161703][ C1] ? ip_protocol_deliver_rcu+0x710/0x710
[ 21.167170][ C1] ? ip_rcv_finish_core+0xb0d/0x1490
[ 21.172292][ C1] ip_sublist_rcv+0x7e2/0x980
[ 21.176804][ C1] ? packet_rcv+0x160/0x1150
[ 21.181231][ C1] ? ip_list_rcv+0x470/0x470
[ 21.185657][ C1] ? memset+0x35/0x40
[ 21.189486][ C1] ? ip_rcv_core+0x736/0xb50
[ 21.193905][ C1] ip_list_rcv+0x422/0x470
[ 21.198157][ C1] ? ip_rcv_finish+0xd0/0xd0
[ 21.202582][ C1] ? ip_rcv_finish+0xd0/0xd0
[ 21.207009][ C1] __netif_receive_skb_list_core+0x6b1/0x890
[ 21.212825][ C1] ? __netif_receive_skb+0x530/0x530
[ 21.217948][ C1] ? receive_buf+0x37ce/0x5720
[ 21.222548][ C1] netif_receive_skb_list_internal+0x967/0xcc0
[ 21.228537][ C1] ? virtnet_poll_tx+0x500/0x500
[ 21.233311][ C1] ? netif_receive_skb_list+0x2d0/0x2d0
[ 21.238688][ C1] ? __kasan_check_write+0x14/0x20
[ 21.243638][ C1] ? virtqueue_get_buf_ctx+0x482/0xe30
[ 21.248932][ C1] ? detach_buf_split+0x71a/0xae0
[ 21.253790][ C1] ? __kasan_check_write+0x14/0x20
[ 21.258738][ C1] napi_complete_done+0x344/0x770
[ 21.263601][ C1] ? __napi_schedule_irqoff+0x280/0x280
[ 21.268982][ C1] ? virtqueue_enable_cb_prepare+0x2c6/0x5b0
[ 21.274797][ C1] virtnet_poll+0xbee/0x1260
[ 21.279223][ C1] ? refill_work+0x220/0x220
[ 21.283648][ C1] ? __kasan_check_write+0x14/0x20
[ 21.288594][ C1] ? virtqueue_disable_cb+0xff/0x3a0
[ 21.293732][ C1] ? trace_xdp_exception+0x140/0x140
[ 21.298838][ C1] ? vring_interrupt+0x20b/0x300
[ 21.303610][ C1] __napi_poll+0xc4/0x5a0
[ 21.307776][ C1] net_rx_action+0x47d/0xc50
[ 21.312202][ C1] ? net_tx_action+0x550/0x550
[ 21.316803][ C1] ? native_sched_clock_from_tsc+0xd0/0x130
[ 21.322533][ C1] ? irqtime_account_irq+0x79/0x3c0
[ 21.327566][ C1] __do_softirq+0x26d/0x5bf
[ 21.331906][ C1] __irq_exit_rcu+0x50/0xf0
[ 21.336244][ C1] irq_exit_rcu+0x9/0x10
[ 21.340323][ C1] common_interrupt+0xb4/0xd0
[ 21.344837][ C1]
[ 21.347613][ C1]
[ 21.350393][ C1] asm_common_interrupt+0x27/0x40
[ 21.355260][ C1] RIP: 0010:bpf_prog_bd8b22826c103b08+0x0/0x940
[ 21.361329][ C1] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <0f> 1f 44 00 00 66 90 55 48 89 e5 48 81 ec 08 00 00 00 31 c0 48 bf
[ 21.380888][ C1] RSP: 0018:ffffc900009b76f8 EFLAGS: 00010246
[ 21.386788][ C1] RAX: 1ffff9200000d206 RBX: dffffc0000000000 RCX: ffff88810c31bb40
[ 21.394596][ C1] RDX: 0000000000000000 RSI: ffffc90000069048 RDI: ffffc900009b7740
[ 21.402409][ C1] RBP: ffffc900009b77b8 R08: ffffffff83dd5475 R09: ffffed102175517b
[ 21.410217][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc900009b7740
[ 21.418030][ C1] R13: ffffffff83dd5489 R14: ffffc90000069048 R15: ffffc90000069030
[ 21.425841][ C1] ? skb_release_data+0x8a9/0xa80
[ 21.430699][ C1] ? skb_release_data+0x895/0xa80
[ 21.435560][ C1] ? bpf_trace_run2+0xec/0x210
[ 21.440159][ C1] ? bpf_trace_run1+0x1c0/0x1c0
[ 21.444872][ C1] ? skb_release_data+0x8a9/0xa80
[ 21.449709][ C1] ? __kasan_check_write+0x14/0x20
[ 21.454659][ C1] ? sock_wfree+0x19d/0x1f0
[ 21.458994][ C1] ? skb_release_data+0x8a9/0xa80
[ 21.463855][ C1] __bpf_trace_kfree+0x6f/0x90
[ 21.468457][ C1] ? skb_release_data+0x8a9/0xa80
[ 21.473314][ C1] kfree+0x1f3/0x220
[ 21.477048][ C1] ? unix_detach_fds+0x190/0x190
[ 21.481821][ C1] skb_release_data+0x8a9/0xa80
[ 21.486515][ C1] consume_skb+0xac/0x250
[ 21.490673][ C1] skb_free_datagram+0x28/0xe0
[ 21.495272][ C1] __unix_dgram_recvmsg+0xcb1/0x1260
[ 21.500397][ C1] ? selinux_socket_recvmsg+0x243/0x340
[ 21.505862][ C1] ? unix_unhash+0x10/0x10
[ 21.510122][ C1] ? file_has_perm+0x508/0x6c0
[ 21.514716][ C1] unix_dgram_recvmsg+0xc4/0xe0
[ 21.519402][ C1] ? unix_dgram_sendmsg+0x2090/0x2090
[ 21.524609][ C1] sock_read_iter+0x353/0x480
[ 21.529123][ C1] ? kernel_sock_ip_overhead+0x280/0x280
[ 21.534593][ C1] ? iov_iter_init+0x53/0x190
[ 21.539106][ C1] vfs_read+0xa7e/0xd40
[ 21.543096][ C1] ? kernel_read+0x1f0/0x1f0
[ 21.547610][ C1] ? __kasan_check_read+0x11/0x20
[ 21.552470][ C1] ? __fdget_pos+0x209/0x3a0
[ 21.556896][ C1] ksys_read+0x199/0x2c0
[ 21.560976][ C1] ? vfs_write+0x1110/0x1110
[ 21.565402][ C1] ? debug_smp_processor_id+0x17/0x20
[ 21.570622][ C1] ? fpregs_assert_state_consistent+0xb6/0xe0
[ 21.576613][ C1] __x64_sys_read+0x7b/0x90
[ 21.580955][ C1] do_syscall_64+0x3d/0xb0
[ 21.585198][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 21.590927][ C1] RIP: 0033:0x7f7ed0fb5b6a
[ 21.595179][ C1] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83
[ 21.614631][ C1] RSP: 002b:00007ffd86b97c18 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 21.622864][ C1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f7ed0fb5b6a
[ 21.630674][ C1] RDX: 00000000000000ff RSI: 000055f8f7f25300 RDI: 0000000000000000
[ 21.638609][ C1] RBP: 000055f8f7f252c0 R08: 0000000000000001 R09: 0000000000000000
[ 21.646428][ C1] R10: 00007f7ed11543a3 R11: 0000000000000246 R12: 000055f8f7f2536c
[ 21.654227][ C1] R13: 000055f8f7f25300 R14: 0000000000000000 R15: 00007f7ed1192a80
[ 21.662041][ C1]
[ 21.664903][ C1] Modules linked in:
[ 21.668636][ C1] CR2: ffffffffff600000
[ 21.672628][ C1] ---[ end trace 500a2dc909eeee97 ]---
[ 21.677921][ C1] RIP: 0010:copy_from_kernel_nofault+0x86/0x2e0
[ 21.683996][ C1] Code: 48 89 55 d0 0f 85 ea 01 00 00 ff 02 bf 07 00 00 00 4c 89 ee e8 3b ac d6 ff 49 83 fd 07 76 5c 4d 89 fe 49 83 c5 f8 49 83 c7 08 <49> 8b 1c 24 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df 80
[ 21.703438][ C1] RSP: 0018:ffffc900001cf9f0 EFLAGS: 00010292
[ 21.709601][ C1] RAX: 0000000080000103 RBX: 0000000000000008 RCX: ffff88810c31bb40
[ 21.717514][ C1] RDX: ffff88810c31c6d0 RSI: 0000000000000008 RDI: 0000000000000007
[ 21.725324][ C1] RBP: ffffc900001cfa28 R08: ffffffff81994f35 R09: fffff940008f4207
[ 21.733137][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffffff600000
[ 21.740952][ C1] R13: 0000000000000000 R14: ffffc900001cfa68 R15: ffffc900001cfa70
[ 21.748765][ C1] FS: 00007f7ed0e61380(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 21.757517][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 21.763940][ C1] CR2: ffffffffff600000 CR3: 000000010b950000 CR4: 00000000003506a0
[ 21.772016][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 21.779824][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 21.787639][ C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 21.794864][ C1] Kernel Offset: disabled
[ 21.798983][ C1] Rebooting in 86400 seconds..