./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor258914720 <...> Warning: Permanently added '10.128.1.14' (ED25519) to the list of known hosts. execve("./syz-executor258914720", ["./syz-executor258914720"], 0x7ffcc8fc2740 /* 10 vars */) = 0 brk(NULL) = 0x555556577000 brk(0x555556577d00) = 0x555556577d00 arch_prctl(ARCH_SET_FS, 0x555556577380) = 0 set_tid_address(0x555556577650) = 293 set_robust_list(0x555556577660, 24) = 0 rseq(0x555556577ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor258914720", 4096) = 27 getrandom("\x0f\xa5\x6b\xc3\xcc\x9e\xd5\xa3", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555556577d00 brk(0x555556598d00) = 0x555556598d00 brk(0x555556599000) = 0x555556599000 mprotect(0x7f0639298000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 293 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 write(3, "293", 3) = 3 close(3) = 0 mount(NULL, "/proc/sys/fs/binfmt_misc", "binfmt_misc", 0, NULL) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3 write(3, "\x3a\x73\x79\x7a\x30\x3a\x4d\x3a\x30\x3a\x01\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a", 21) = 21 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3 write(3, "\x3a\x73\x79\x7a\x31\x3a\x4d\x3a\x31\x3a\x02\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a\x50\x4f\x43", 24) = 24 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 chmod("/dev/raw-gadget", 0666) = 0 swapoff("./swap-file") = -1 ENOENT (No such file or directory) unlink("./swap-file") = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "./swap-file", O_WRONLY|O_CREAT|O_CLOEXEC, 0600) = 3 fallocate(3, FALLOC_FL_ZERO_RANGE, 0, 128000000) = 0 close(3) = 0 rt_sigaction(SIGINT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 mmap(NULL, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f06391de000 rt_sigprocmask(SIG_BLOCK, ~[], [CHLD], 8) = 0 clone3({flags=CLONE_VM|CLONE_VFORK, exit_signal=SIGCHLD, stack=0x7f06391de000, stack_size=0x9000}, 88./strace-static-x86_64: Process 294 attached [pid 294] rt_sigprocmask(SIG_BLOCK, NULL, ~[KILL STOP], 8) = 0 [pid 294] rt_sigaction(SIGHUP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGHUP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, 8) = 0 [pid 294] rt_sigaction(SIGILL, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGILL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGTRAP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGTRAP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGABRT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGABRT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGBUS, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGBUS, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGFPE, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGFPE, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGUSR1, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGUSR1, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGSEGV, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGSEGV, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGUSR2, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGUSR2, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGPIPE, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGPIPE, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGALRM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGTERM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGSTKFLT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGSTKFLT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGCHLD, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGCONT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGCONT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGTSTP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGTTIN, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGTTIN, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGTTOU, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGTTOU, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGURG, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGURG, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGXCPU, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGXCPU, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGXFSZ, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGXFSZ, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGVTALRM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGVTALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGPROF, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGPROF, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGWINCH, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGWINCH, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGIO, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGIO, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGPWR, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGPWR, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGSYS, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGSYS, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_2, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_2, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_3, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_3, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_4, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_4, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_5, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_5, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_6, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_6, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_7, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_7, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_8, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_8, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_9, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_9, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_10, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_10, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_11, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_11, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_12, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_12, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_13, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_13, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_14, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_14, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_15, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_15, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_16, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_16, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_17, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_17, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_18, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_18, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_19, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_19, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_20, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_20, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_21, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_21, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_22, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_22, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_23, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_23, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_24, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_24, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_25, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_25, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_26, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_26, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_27, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_27, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_28, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_28, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_29, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_29, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_30, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_30, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_31, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_31, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGRT_32, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGRT_32, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 [pid 294] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 294] execve("/bin/sh", ["sh", "-c", "mkswap ./swap-file"], 0x7ffd1b089328 /* 10 vars */ [pid 293] <... clone3 resumed>) = 294 [pid 293] munmap(0x7f06391de000, 36864) = 0 [pid 293] rt_sigprocmask(SIG_SETMASK, [CHLD], NULL, 8) = 0 [pid 294] <... execve resumed>) = 0 [pid 294] brk(NULL) = 0x5617e4f66000 [pid 294] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb6f501c000 [pid 294] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/tls/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/tls/haswell/x86_64", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/tls/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/tls/haswell", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/tls/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/tls/x86_64", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/tls/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/tls", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/haswell/x86_64", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/haswell", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/x86_64", 0x7ffeaca19ec0, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x70\x08\x01\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x13\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x09\x00\x40\x00\x19\x00\x18\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\xed\x00\x00"..., 832) = 832 [pid 294] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 778504) = 48 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=792936, ...}, AT_EMPTY_PATH) = 0 [pid 294] mmap(NULL, 796968, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb6f4f59000 [pid 294] mmap(0x7fb6f4f68000, 557056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7fb6f4f68000 [pid 294] mmap(0x7fb6f4ff0000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x97000) = 0x7fb6f4ff0000 [pid 294] mmap(0x7fb6f5018000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xbe000) = 0x7fb6f5018000 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x8c\x87\x02\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x32\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0e\x00\x40\x00\x3c\x00\x3b\x00\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00"..., 832) = 832 [pid 294] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 294] pread64(3, "\x04\x00\x00\x00\x30\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x02\x80\x00\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x3b\x08\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00", 64, 848) = 64 [pid 294] pread64(3, "\x04\x00\x00\x00\x10\x00\x00\x00\x01\x00\x00\x00\x47\x4e\x55\x00\x00\x00\x00\x00\x04\x00\x00\x00\x13\x00\x00\x00\x00\x00\x00\x00", 32, 912) = 32 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1720616, ...}, AT_EMPTY_PATH) = 0 [pid 294] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 294] mmap(NULL, 1773008, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb6f4da8000 [pid 294] mmap(0x7fb6f4dd0000, 1191936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7fb6f4dd0000 [pid 294] mmap(0x7fb6f4ef3000, 339968, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14b000) = 0x7fb6f4ef3000 [pid 294] mmap(0x7fb6f4f46000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19d000) = 0x7fb6f4f46000 [pid 294] mmap(0x7fb6f4f4c000, 52688, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb6f4f4c000 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x58\x33\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x90\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1c\x00\x1b\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x2e\x00\x00"..., 832) = 832 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=51344, ...}, AT_EMPTY_PATH) = 0 [pid 294] mmap(NULL, 63624, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb6f4d98000 [pid 294] mmap(0x7fb6f4d9b000, 24576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fb6f4d9b000 [pid 294] mmap(0x7fb6f4da1000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0x7fb6f4da1000 [pid 294] mmap(0x7fb6f4da4000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7fb6f4da4000 [pid 294] mmap(0x7fb6f4da6000, 6280, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb6f4da6000 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/tls/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/tls/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/tls/x86_64", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/tls/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/tls", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/haswell/x86_64", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/haswell", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/x86_64", 0x7ffeaca19e60, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x88\x7f\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x70\x31\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1f\x00\x1e\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x68\x6f\x00\x00"..., 832) = 832 [pid 294] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 138152) = 48 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=145712, ...}, AT_EMPTY_PATH) = 0 [pid 294] mmap(NULL, 157200, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb6f4d71000 [pid 294] mprotect(0x7fb6f4d78000, 114688, PROT_NONE) = 0 [pid 294] mmap(0x7fb6f4d78000, 81920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7fb6f4d78000 [pid 294] mmap(0x7fb6f4d8c000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7fb6f4d8c000 [pid 294] mmap(0x7fb6f4d94000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7fb6f4d94000 [pid 294] mmap(0x7fb6f4d96000, 5648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb6f4d96000 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\xf8\x21\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x50\x32\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x1f\x00\x00"..., 832) = 832 [pid 294] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 336112) = 48 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=342224, ...}, AT_EMPTY_PATH) = 0 [pid 294] mmap(NULL, 344456, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb6f4d1c000 [pid 294] mmap(0x7fb6f4d1e000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fb6f4d1e000 [pid 294] mmap(0x7fb6f4d4a000, 151552, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7fb6f4d4a000 [pid 294] mmap(0x7fb6f4d6f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x52000) = 0x7fb6f4d6f000 [pid 294] close(3) = 0 [pid 294] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb6f4d1a000 [pid 294] arch_prctl(ARCH_SET_FS, 0x7fb6f4d1b380) = 0 [pid 294] set_tid_address(0x7fb6f4d1b650) = 294 [pid 294] set_robust_list(0x7fb6f4d1b660, 24) = 0 [pid 294] rseq(0x7fb6f4d1bd20, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) [pid 294] mprotect(0x7fb6f4f46000, 16384, PROT_READ) = 0 [pid 294] mprotect(0x7fb6f4d6f000, 4096, PROT_READ) = 0 [pid 294] mprotect(0x7fb6f4d94000, 4096, PROT_READ) = 0 [pid 294] mprotect(0x7fb6f4da4000, 4096, PROT_READ) = 0 [pid 294] mprotect(0x7fb6f5018000, 12288, PROT_READ) = 0 [pid 294] mprotect(0x5617e39c6000, 4096, PROT_READ) = 0 [pid 294] mprotect(0x7fb6f504b000, 8192, PROT_READ) = 0 [pid 294] prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 [pid 294] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 294] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 294] getrandom("\xe0\x28\xc7\x45\x9d\x4e\xc6\x36", 8, GRND_NONBLOCK) = 8 [pid 294] brk(NULL) = 0x5617e4f66000 [pid 294] brk(0x5617e4f87000) = 0x5617e4f87000 [pid 294] access("/etc/selinux/config", F_OK) = 0 [pid 294] getpid() = 294 [pid 294] rt_sigaction(SIGCHLD, {sa_handler=0x7fb6f4f9bc61, sa_mask=~[RTMIN RT_1], sa_flags=SA_RESTORER, sa_restorer=0x7fb6f4ddfad0}, NULL, 8) = 0 [pid 294] getppid() = 293 [pid 294] uname({sysname="Linux", nodename="syzkaller", ...}) = 0 [pid 294] newfstatat(AT_FDCWD, "/root", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0 [pid 294] newfstatat(AT_FDCWD, ".", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0 [pid 294] rt_sigaction(SIGINT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGINT, {sa_handler=0x7fb6f4f9bc61, sa_mask=~[RTMIN RT_1], sa_flags=SA_RESTORER, sa_restorer=0x7fb6f4ddfad0}, NULL, 8) = 0 [pid 294] rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 294] newfstatat(AT_FDCWD, "/bin/mkswap", 0x7ffeaca1a748, 0) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/sbin/mkswap", {st_mode=S_IFREG|0755, st_size=14248, ...}, 0) = 0 [ 22.343670][ T30] audit: type=1400 audit(1695662680.612:66): avc: denied { execmem } for pid=293 comm="syz-executor258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 294] execve("/sbin/mkswap", ["mkswap", "./swap-file"], 0x5617e4f666f0 /* 10 vars */) = 0 [pid 294] brk(NULL) = 0x55ddccd45000 [pid 294] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fbf50da6000 [pid 294] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/tls/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/tls/haswell/x86_64", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/tls/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/tls/haswell", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/tls/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/tls/x86_64", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/tls/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/tls", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/haswell/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/haswell/x86_64", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/haswell/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/haswell", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/x86_64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/lib64/x86_64", 0x7ffc18d6b790, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/lib64/libbusybox.so.1.35.0", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x70\x08\x01\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x13\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x09\x00\x40\x00\x19\x00\x18\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\xed\x00\x00"..., 832) = 832 [pid 294] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 778504) = 48 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=792936, ...}, AT_EMPTY_PATH) = 0 [pid 294] mmap(NULL, 796968, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fbf50ce3000 [pid 294] mmap(0x7fbf50cf2000, 557056, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x7fbf50cf2000 [pid 294] mmap(0x7fbf50d7a000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x97000) = 0x7fbf50d7a000 [pid 294] mmap(0x7fbf50da2000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xbe000) = 0x7fbf50da2000 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x8c\x87\x02\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x28\x32\x1a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0e\x00\x40\x00\x3c\x00\x3b\x00\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00"..., 832) = 832 [pid 294] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 294] pread64(3, "\x04\x00\x00\x00\x30\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x02\x80\x00\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x3b\x08\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00", 64, 848) = 64 [pid 294] pread64(3, "\x04\x00\x00\x00\x10\x00\x00\x00\x01\x00\x00\x00\x47\x4e\x55\x00\x00\x00\x00\x00\x04\x00\x00\x00\x13\x00\x00\x00\x00\x00\x00\x00", 32, 912) = 32 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1720616, ...}, AT_EMPTY_PATH) = 0 [pid 294] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\xa0\xf3\x16\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 294] mmap(NULL, 1773008, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fbf50b32000 [pid 294] mmap(0x7fbf50b5a000, 1191936, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7fbf50b5a000 [pid 294] mmap(0x7fbf50c7d000, 339968, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x14b000) = 0x7fbf50c7d000 [pid 294] mmap(0x7fbf50cd0000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19d000) = 0x7fbf50cd0000 [pid 294] mmap(0x7fbf50cd6000, 52688, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fbf50cd6000 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x58\x33\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x90\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1c\x00\x1b\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x2e\x00\x00"..., 832) = 832 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=51344, ...}, AT_EMPTY_PATH) = 0 [pid 294] mmap(NULL, 63624, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fbf50b22000 [pid 294] mmap(0x7fbf50b25000, 24576, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fbf50b25000 [pid 294] mmap(0x7fbf50b2b000, 12288, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9000) = 0x7fbf50b2b000 [pid 294] mmap(0x7fbf50b2e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7fbf50b2e000 [pid 294] mmap(0x7fbf50b30000, 6280, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fbf50b30000 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell/x86_64", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/tls/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/tls/haswell", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/tls/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/tls/x86_64", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/tls/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/tls", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/haswell/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/haswell/x86_64", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/haswell/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/haswell", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/x86_64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] newfstatat(AT_FDCWD, "/usr/lib64/x86_64", 0x7ffc18d6b730, 0) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x88\x7f\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x70\x31\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1f\x00\x1e\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x68\x6f\x00\x00"..., 832) = 832 [pid 294] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 138152) = 48 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=145712, ...}, AT_EMPTY_PATH) = 0 [pid 294] mmap(NULL, 157200, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fbf50afb000 [pid 294] mprotect(0x7fbf50b02000, 114688, PROT_NONE) = 0 [pid 294] mmap(0x7fbf50b02000, 81920, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7fbf50b02000 [pid 294] mmap(0x7fbf50b16000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7fbf50b16000 [pid 294] mmap(0x7fbf50b1e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7fbf50b1e000 [pid 294] mmap(0x7fbf50b20000, 5648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fbf50b20000 [pid 294] close(3) = 0 [pid 294] openat(AT_FDCWD, "/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 294] openat(AT_FDCWD, "/usr/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 294] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\xf8\x21\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x50\x32\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x1f\x00\x00"..., 832) = 832 [pid 294] pread64(3, "\x04\x00\x00\x00\x20\x00\x00\x00\x05\x00\x00\x00\x47\x4e\x55\x00\x01\x00\x01\xc0\x04\x00\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x02\x00\x01\xc0\x04\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00", 48, 336112) = 48 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=342224, ...}, AT_EMPTY_PATH) = 0 [pid 294] mmap(NULL, 344456, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fbf50aa6000 [pid 294] mmap(0x7fbf50aa8000, 180224, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7fbf50aa8000 [pid 294] mmap(0x7fbf50ad4000, 151552, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7fbf50ad4000 [pid 294] mmap(0x7fbf50af9000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x52000) = 0x7fbf50af9000 [pid 294] close(3) = 0 [pid 294] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fbf50aa4000 [pid 294] arch_prctl(ARCH_SET_FS, 0x7fbf50aa5380) = 0 [pid 294] set_tid_address(0x7fbf50aa5650) = 294 [pid 294] set_robust_list(0x7fbf50aa5660, 24) = 0 [pid 294] rseq(0x7fbf50aa5d20, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) [pid 294] mprotect(0x7fbf50cd0000, 16384, PROT_READ) = 0 [pid 294] mprotect(0x7fbf50af9000, 4096, PROT_READ) = 0 [pid 294] mprotect(0x7fbf50b1e000, 4096, PROT_READ) = 0 [pid 294] mprotect(0x7fbf50b2e000, 4096, PROT_READ) = 0 [pid 294] mprotect(0x7fbf50da2000, 12288, PROT_READ) = 0 [pid 294] mprotect(0x55ddcb32d000, 4096, PROT_READ) = 0 [pid 294] mprotect(0x7fbf50dd5000, 8192, PROT_READ) = 0 [pid 294] prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 [pid 294] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 294] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 294] getrandom("\x0f\x55\x94\xff\xaa\x6b\x11\x79", 8, GRND_NONBLOCK) = 8 [pid 294] brk(NULL) = 0x55ddccd45000 [pid 294] brk(0x55ddccd66000) = 0x55ddccd66000 [pid 294] access("/etc/selinux/config", F_OK) = 0 [pid 294] openat(AT_FDCWD, "./swap-file", O_WRONLY) = 3 [pid 294] lseek(3, 0, SEEK_END) = 128000000 [pid 294] lseek(3, 0, SEEK_SET) = 0 [pid 294] newfstatat(1, "", {st_mode=S_IFIFO|0600, st_size=0, ...}, AT_EMPTY_PATH) = 0 [pid 294] newfstatat(3, "", {st_mode=S_IFREG|0600, st_size=128000000, ...}, AT_EMPTY_PATH) = 0 [pid 294] fgetxattr(3, "security.selinux", "\x72\x6f\x6f\x74\x3a\x6f\x62\x6a\x65\x63\x74\x5f\x72\x3a\x75\x73\x65\x72\x5f\x68\x6f\x6d\x65\x5f\x74\x00", 255) = 26 [pid 294] access("/var/run/setrans/.setrans-unix", F_OK) = -1 ENOENT (No such file or directory) [pid 294] futex(0x7fbf50b215f8, FUTEX_WAKE_PRIVATE, 2147483647) = 0 [pid 294] fsetxattr(3, "security.selinux", "\x72\x6f\x6f\x74\x3a\x6f\x62\x6a\x65\x63\x74\x5f\x72\x3a\x73\x77\x61\x70\x66\x69\x6c\x65\x5f\x74\x00", 25, 0) = 0 [pid 294] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1024) = 1024 [pid 294] write(3, "\x01\x00\x00\x00\x11\x7a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 516) = 516 [pid 294] lseek(3, 4086, SEEK_SET) = 4086 [pid 294] write(3, "SWAPSPACE2", 10) = 10 [pid 294] fsync(3) = 0 [pid 294] write(1, "Setting up swapspace version 1, size = 127995904 bytes\n", 55Setting up swapspace version 1, size = 127995904 bytes ) = 55 [pid 294] exit_group(0) = ? [ 22.372398][ T30] audit: type=1400 audit(1695662680.622:67): avc: denied { integrity } for pid=293 comm="syz-executor258" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 22.395125][ T30] audit: type=1400 audit(1695662680.622:68): avc: denied { mounton } for pid=293 comm="syz-executor258" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 22.415086][ T294] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [pid 294] +++ exited with 0 +++ rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f063923d210}, NULL, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=294, si_uid=0, si_status=0, si_utime=0, si_stime=2} --- swapon("./swap-file", SWAP_FLAG_PREFER|0) = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555556577650) = 295 ./strace-static-x86_64: Process 295 attached [pid 295] set_robust_list(0x555556577660, 24) = 0 [pid 295] mount(NULL, "/sys/fs/fuse/connections", "fusectl", 0, NULL) = -1 EBUSY (Device or resource busy) [pid 295] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 295] setsid() = 1 [pid 295] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 295] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 295] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 295] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 295] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 295] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 295] unshare(CLONE_NEWNS) = 0 [pid 295] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 295] unshare(CLONE_NEWIPC) = -1 EINVAL (Invalid argument) [pid 295] unshare(CLONE_NEWCGROUP) = 0 [pid 295] unshare(CLONE_NEWUTS) = 0 [pid 295] unshare(CLONE_SYSVSEM) = 0 [ 22.421675][ T30] audit: type=1400 audit(1695662680.622:69): avc: denied { mount } for pid=293 comm="syz-executor258" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 22.446722][ T293] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 22.451791][ T30] audit: type=1400 audit(1695662680.632:70): avc: denied { setattr } for pid=293 comm="syz-executor258" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [pid 295] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 295] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 295] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 295] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 295] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 295] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 295] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 295] getpid() = 1 [pid 295] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< [ 22.811156][ T295] dump_stack_lvl+0x151/0x1b7 [ 22.815679][ T295] ? io_uring_drop_tctx_refs+0x190/0x190 [ 22.821238][ T295] dump_stack+0x15/0x17 [ 22.825247][ T295] should_fail+0x3c6/0x510 [ 22.829480][ T295] __should_failslab+0xa4/0xe0 [ 22.834101][ T295] should_failslab+0x9/0x20 [ 22.838508][ T295] slab_pre_alloc_hook+0x37/0xd0 [ 22.843294][ T295] kmem_cache_alloc_trace+0x48/0x210 [ 22.848404][ T295] ? sk_psock_skb_ingress_self+0x60/0x330 [ 22.854138][ T295] ? migrate_disable+0x190/0x190 [ 22.859152][ T295] sk_psock_skb_ingress_self+0x60/0x330 [ 22.864478][ T295] sk_psock_verdict_recv+0x66d/0x840 [ 22.869731][ T295] unix_read_sock+0x132/0x370 [ 22.874218][ T295] ? sk_psock_skb_redirect+0x440/0x440 [ 22.879592][ T295] ? unix_stream_splice_actor+0x120/0x120 [ 22.885154][ T295] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 22.890568][ T295] ? unix_stream_splice_actor+0x120/0x120 [ 22.896097][ T295] sk_psock_verdict_data_ready+0x147/0x1a0 [ 22.902160][ T295] ? sk_psock_start_verdict+0xc0/0xc0 [ 22.907374][ T295] ? _raw_spin_lock+0xa4/0x1b0 [ 22.912047][ T295] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 22.917687][ T295] ? skb_queue_tail+0xfb/0x120 [ 22.922295][ T295] unix_dgram_sendmsg+0x15fa/0x2090 [ 22.927316][ T295] ? unix_dgram_poll+0x710/0x710 [ 22.932090][ T295] ? __kasan_check_read+0x11/0x20 [ 22.937036][ T295] ? security_socket_sendmsg+0x82/0xb0 [ 22.942328][ T295] ? unix_dgram_poll+0x710/0x710 [ 22.947102][ T295] ____sys_sendmsg+0x59e/0x8f0 [ 22.951713][ T295] ? __sys_sendmsg_sock+0x40/0x40 [ 22.956574][ T295] ? kasan_set_track+0x5d/0x70 [ 22.961257][ T295] ? import_iovec+0xe5/0x120 [ 22.965689][ T295] ___sys_sendmsg+0x252/0x2e0 [ 22.970200][ T295] ? __sys_sendmsg+0x260/0x260 [ 22.974802][ T295] ? compat_start_thread+0x20/0x20 [ 22.979746][ T295] ? __kasan_check_read+0x11/0x20 [ 22.988734][ T295] ? __fdget+0x179/0x240 [ 22.992831][ T295] __sys_sendmmsg+0x2bf/0x530 [ 22.997513][ T295] ? __ia32_sys_sendmsg+0x90/0x90 [ 23.004143][ T295] ? __kasan_check_read+0x11/0x20 [ 23.009112][ T295] __x64_sys_sendmmsg+0xa0/0xb0 [ 23.013779][ T295] do_syscall_64+0x3d/0xb0 [ 23.018030][ T295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.023762][ T295] RIP: 0033:0x7f063922ac49 [ 23.028016][ T295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 23.047461][ T295] RSP: 002b:00007ffd1b088f58 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 23.055792][ T295] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f063922ac49 [ 23.063775][ T295] RDX: 0000000000000001 RSI: 00000000200063c0 RDI: 0000000000000003 [pid 295] sendmmsg(3, [{msg_hdr={msg_name={sa_family=AF_UNIX, sun_path="./file0"}, msg_namelen=110, msg_iov=NULL, msg_iovlen=0, msg_controllen=0, msg_flags=0}, msg_len=0}], 1, 0) = 1 [ 23.071667][ T295] RBP: 0000000000000001 R08: 00007ffd1b088cf7 R09: 00007f063926d335 [ 23.079574][ T295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 23.090140][ T295] R13: 0000000000000000 R14: 0000000000000000 R15: 00007f06392708c1 [ 23.098118][ T295] [ 23.101496][ T295] ================================================================== [ 23.109821][ T295] BUG: KASAN: use-after-free in consume_skb+0x3c/0x250 [ 23.116499][ T295] Read of size 4 at addr ffff88811d2815ec by task syz-executor258/295 [ 23.124488][ T295] [ 23.126666][ T295] CPU: 0 PID: 295 Comm: syz-executor258 Not tainted 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 23.136730][ T295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 23.146624][ T295] Call Trace: [ 23.149740][ T295] [ 23.152520][ T295] dump_stack_lvl+0x151/0x1b7 [ 23.157040][ T295] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.162503][ T295] ? panic+0x751/0x751 [ 23.166406][ T295] print_address_description+0x87/0x3b0 [ 23.171788][ T295] kasan_report+0x179/0x1c0 [ 23.176127][ T295] ? consume_skb+0x3c/0x250 [ 23.180573][ T295] ? consume_skb+0x3c/0x250 [ 23.184905][ T295] kasan_check_range+0x293/0x2a0 [ 23.189767][ T295] __kasan_check_read+0x11/0x20 [ 23.194796][ T295] consume_skb+0x3c/0x250 [ 23.198957][ T295] __sk_msg_free+0x2dd/0x370 [ 23.203382][ T295] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 23.209034][ T295] sk_psock_stop+0x44c/0x4d0 [ 23.213460][ T295] ? unix_peer_get+0xe0/0xe0 [ 23.217883][ T295] sock_map_close+0x2b9/0x4c0 [ 23.222491][ T295] ? sock_map_remove_links+0x570/0x570 [ 23.228993][ T295] ? rwsem_mark_wake+0x6b0/0x6b0 [ 23.233755][ T295] unix_release+0x82/0xc0 [ 23.237925][ T295] sock_close+0xdf/0x270 [ 23.242002][ T295] ? sock_mmap+0xa0/0xa0 [ 23.246081][ T295] __fput+0x3fe/0x910 [ 23.249899][ T295] ____fput+0x15/0x20 [ 23.253717][ T295] task_work_run+0x129/0x190 [ 23.258147][ T295] ptrace_notify+0x29e/0x350 [ 23.262571][ T295] ? do_notify_parent+0xa30/0xa30 [ 23.267431][ T295] ? fput_many+0x167/0x1b0 [ 23.271807][ T295] ? fput+0x1a/0x20 [ 23.275453][ T295] syscall_exit_to_user_mode+0xac/0x160 [ 23.281095][ T295] do_syscall_64+0x49/0xb0 [ 23.285378][ T295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.293159][ T295] RIP: 0033:0x7f0639229d70 [ 23.297804][ T295] Code: 00 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d4 e8 40 2c 00 00 80 3d 11 33 07 00 00 74 17 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c [ 23.317253][ T295] RSP: 002b:00007ffd1b088f58 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 [ 23.325486][ T295] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f0639229d70 [ 23.333298][ T295] RDX: 0000000000000001 RSI: 00000000200063c0 RDI: 0000000000000003 [ 23.341117][ T295] RBP: 0000000000000001 R08: 00007ffd1b088cf7 R09: 00007f063926d335 [ 23.348922][ T295] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 23.356733][ T295] R13: 0000000000000000 R14: 0000000000000000 R15: 00007f06392708c1 [ 23.364557][ T295] [ 23.367406][ T295] [ 23.369578][ T295] Allocated by task 295: [ 23.373658][ T295] __kasan_slab_alloc+0xb1/0xe0 [ 23.378354][ T295] slab_post_alloc_hook+0x53/0x2c0 [ 23.383355][ T295] kmem_cache_alloc+0xf5/0x200 [ 23.387893][ T295] skb_clone+0x1d1/0x360 [ 23.392056][ T295] sk_psock_verdict_recv+0x53/0x840 [ 23.397166][ T295] unix_read_sock+0x132/0x370 [ 23.401731][ T295] sk_psock_verdict_data_ready+0x147/0x1a0 [ 23.407378][ T295] unix_dgram_sendmsg+0x15fa/0x2090 [ 23.412396][ T295] ____sys_sendmsg+0x59e/0x8f0 [ 23.417019][ T295] ___sys_sendmsg+0x252/0x2e0 [ 23.421610][ T295] __sys_sendmmsg+0x2bf/0x530 [ 23.426316][ T295] __x64_sys_sendmmsg+0xa0/0xb0 [ 23.430995][ T295] do_syscall_64+0x3d/0xb0 [ 23.435343][ T295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.441073][ T295] [ 23.443249][ T295] Freed by task 20: [ 23.446878][ T295] kasan_set_track+0x4b/0x70 [ 23.451302][ T295] kasan_set_free_info+0x23/0x40 [ 23.456079][ T295] ____kasan_slab_free+0x126/0x160 [ 23.461024][ T295] __kasan_slab_free+0x11/0x20 [ 23.465626][ T295] slab_free_freelist_hook+0xbd/0x190 [ 23.470830][ T295] kmem_cache_free+0x116/0x2e0 [ 23.475432][ T295] kfree_skbmem+0x104/0x170 [ 23.479770][ T295] kfree_skb+0xc2/0x360 [ 23.483780][ T295] sk_psock_backlog+0xc21/0xd90 [ 23.488457][ T295] process_one_work+0x6bb/0xc10 [ 23.493142][ T295] worker_thread+0xad5/0x12a0 [ 23.497652][ T295] kthread+0x421/0x510 [ 23.501557][ T295] ret_from_fork+0x1f/0x30 [ 23.505812][ T295] [ 23.507985][ T295] The buggy address belongs to the object at ffff88811d281500 [ 23.507985][ T295] which belongs to the cache skbuff_head_cache of size 248 [ 23.522388][ T295] The buggy address is located 236 bytes inside of [ 23.522388][ T295] 248-byte region [ffff88811d281500, ffff88811d2815f8) [ 23.535501][ T295] The buggy address belongs to the page: [ 23.540964][ T295] page:ffffea000474a040 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11d281 [ 23.551117][ T295] flags: 0x4000000000000200(slab|zone=1) [ 23.556589][ T295] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888100351080 [ 23.565021][ T295] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000 [ 23.573421][ T295] page dumped because: kasan: bad access detected [ 23.579669][ T295] page_owner tracks the page as allocated [ 23.585257][ T295] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY), pid 295, ts 22768934490, free_ts 15532055566 [ 23.603959][ T295] post_alloc_hook+0x1a3/0x1b0 [ 23.608531][ T295] prep_new_page+0x1b/0x110 [ 23.612868][ T295] get_page_from_freelist+0x3550/0x35d0 [ 23.618344][ T295] __alloc_pages+0x206/0x5e0 [ 23.622771][ T295] new_slab+0x9a/0x4e0 [ 23.626672][ T295] ___slab_alloc+0x39e/0x830 [ 23.631112][ T295] __slab_alloc+0x4a/0x90 [ 23.635263][ T295] kmem_cache_alloc+0x134/0x200 [ 23.640058][ T295] __alloc_skb+0xbe/0x550 [ 23.644226][ T295] audit_log_start+0x456/0xa80 [ 23.648819][ T295] common_lsm_audit+0xd8/0x18b0 [ 23.653507][ T295] slow_avc_audit+0x26c/0x3c0 [ 23.658019][ T295] selinux_capable+0x279/0x430 [ 23.662614][ T295] security_capable+0x77/0xb0 [ 23.667129][ T295] capable+0x6d/0xe0 [ 23.670861][ T295] bpf_check+0x1916/0x12bf0 [ 23.675208][ T295] page last free stack trace: [ 23.679716][ T295] free_unref_page_prepare+0x7c8/0x7d0 [ 23.685442][ T295] free_unref_page+0xe6/0x730 [ 23.690396][ T295] __put_page+0xb0/0xe0 [ 23.696387][ T295] anon_pipe_buf_release+0x187/0x200 [ 23.701503][ T295] pipe_read+0x5a6/0x1040 [ 23.705673][ T295] vfs_read+0xa7e/0xd40 [ 23.709664][ T295] ksys_read+0x199/0x2c0 [ 23.713744][ T295] __x64_sys_read+0x7b/0x90 [ 23.718079][ T295] do_syscall_64+0x3d/0xb0 [ 23.722340][ T295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 23.728065][ T295] [ 23.730231][ T295] Memory state around the buggy address: [ 23.735795][ T295] ffff88811d281480: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [ 23.743706][ T295] ffff88811d281500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.751590][ T295] >ffff88811d281580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc [ 23.759482][ T295] ^ [ 23.766783][ T295] ffff88811d281600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.774910][ T295] ffff88811d281680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.782893][ T295] ================================================================== [ 23.791002][ T295] Disabling lock debugging due to kernel taint [ 23.797110][ T295] ================================================================== [ 23.805198][ T295] BUG: KASAN: double-free or invalid-free in kmem_cache_free+0x116/0x2e0 [ 23.813531][ T295] [ 23.815683][ T295] CPU: 0 PID: 295 Comm: syz-executor258 Tainted: G B 5.15.131-syzkaller-00653-gea586874d2f9 #0 [ 23.827541][ T295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 23.837539][ T295] Call Trace: [ 23.840656][ T295] [ 23.843595][ T295] dump_stack_lvl+0x151/0x1b7 [ 23.848110][ T295] ? io_uring_drop_tctx_refs+0x190/0x190 [ 23.853569][ T295] ? __wake_up_klogd+0xd5/0x110 [ 23.858254][ T295] ? panic+0x751/0x751 [ 23.862158][ T295] ? kmem_cache_free+0x116/0x2e0 [ 23.866930][ T295] print_address_description+0x87/0x3b0 [ 23.872315][ T295] ? asm_sysvec_call_function_single+0x1b/0x20 [ 23.878306][ T295] ? kmem_cache_free+0x116/0x2e0 [ 23.883074][ T295] ? kmem_cache_free+0x116/0x2e0 [ 23.887860][ T295] kasan_report_invalid_free+0x6b/0xa0 [ 23.893145][ T295] ____kasan_slab_free+0x13e/0x160 [ 23.898093][ T295] __kasan_slab_free+0x11/0x20 [ 23.902720][ T295] slab_free_freelist_hook+0xbd/0x190 [ 23.907919][ T295] ? kfree_skbmem+0x104/0x170 [ 23.912414][ T295] kmem_cache_free+0x116/0x2e0 [ 23.917018][ T295] kfree_skbmem+0x104/0x170 [ 23.921351][ T295] consume_skb+0xb4/0x250 [ 23.925519][ T295] __sk_msg_free+0x2dd/0x370 [ 23.929944][ T295] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 23.935673][ T295] sk_psock_stop+0x44c/0x4d0 [ 23.940186][ T295] ? unix_peer_get+0xe0/0xe0 [ 23.944620][ T295] sock_map_close+0x2b9/0x4c0 [ 23.949129][ T295] ? sock_map_remove_links+0x570/0x570 [ 23.954419][ T295] ? rwsem_mark_wake+0x6b0/0x6b0 [ 23.959195][ T295] unix_release+0x82/0xc0 [ 23.963358][ T295] sock_close+0xdf/0x270 [ 23.967436][ T295] ? sock_mmap+0xa0/0xa0 [ 23.971517][ T295] __fput+0x3fe/0x910 [ 23.975343][ T295] ____fput+0x15/0x20 [ 23.979156][ T295] task_work_run+0x129/0x190 [ 23.983587][ T295] ptrace_notify+0x29e/0x350 [ 23.988047][ T295] ? do_notify_parent+0xa30/0xa30 [ 23.996151][ T295] ? fput_many+0x167/0x1b0 [ 24.000396][ T295] ? fput+0x1a/0x20 [ 24.004055][ T295] syscall_exit_to_user_mode+0xac/0x160 [ 24.009421][ T295] do_syscall_64+0x49/0xb0 [ 24.013695][ T295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.019404][ T295] RIP: 0033:0x7f0639229d70 [ 24.023659][ T295] Code: 00 00 48 c7 c2 b8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d4 e8 40 2c 00 00 80 3d 11 33 07 00 00 74 17 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c [ 24.043096][ T295] RSP: 002b:00007ffd1b088f58 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 [ 24.051339][ T295] RAX: 0000000000000000 RBX: 0000000000000004 RCX: 00007f0639229d70 [ 24.059151][ T295] RDX: 0000000000000001 RSI: 00000000200063c0 RDI: 0000000000000003 [ 24.066972][ T295] RBP: 0000000000000001 R08: 00007ffd1b088cf7 R09: 00007f063926d335 [ 24.074804][ T295] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 24.082966][ T295] R13: 0000000000000000 R14: 0000000000000000 R15: 00007f06392708c1 [ 24.090782][ T295] [ 24.093609][ T295] [ 24.095781][ T295] Allocated by task 295: [ 24.099856][ T295] __kasan_slab_alloc+0xb1/0xe0 [ 24.104543][ T295] slab_post_alloc_hook+0x53/0x2c0 [ 24.109489][ T295] kmem_cache_alloc+0xf5/0x200 [ 24.114092][ T295] skb_clone+0x1d1/0x360 [ 24.118169][ T295] sk_psock_verdict_recv+0x53/0x840 [ 24.123204][ T295] unix_read_sock+0x132/0x370 [ 24.127715][ T295] sk_psock_verdict_data_ready+0x147/0x1a0 [ 24.133364][ T295] unix_dgram_sendmsg+0x15fa/0x2090 [ 24.138478][ T295] ____sys_sendmsg+0x59e/0x8f0 [ 24.143080][ T295] ___sys_sendmsg+0x252/0x2e0 [ 24.147589][ T295] __sys_sendmmsg+0x2bf/0x530 [ 24.152107][ T295] __x64_sys_sendmmsg+0xa0/0xb0 [ 24.156790][ T295] do_syscall_64+0x3d/0xb0 [ 24.161043][ T295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.166927][ T295] [ 24.169083][ T295] Freed by task 20: [ 24.172728][ T295] kasan_set_track+0x4b/0x70 [ 24.177156][ T295] kasan_set_free_info+0x23/0x40 [ 24.182297][ T295] ____kasan_slab_free+0x126/0x160 [ 24.188184][ T295] __kasan_slab_free+0x11/0x20 [ 24.192777][ T295] slab_free_freelist_hook+0xbd/0x190 [ 24.197990][ T295] kmem_cache_free+0x116/0x2e0 [ 24.203236][ T295] kfree_skbmem+0x104/0x170 [ 24.207665][ T295] kfree_skb+0xc2/0x360 [ 24.211779][ T295] sk_psock_backlog+0xc21/0xd90 [ 24.216631][ T295] process_one_work+0x6bb/0xc10 [ 24.221318][ T295] worker_thread+0xad5/0x12a0 [ 24.225928][ T295] kthread+0x421/0x510 [ 24.229829][ T295] ret_from_fork+0x1f/0x30 [ 24.234083][ T295] [ 24.236254][ T295] The buggy address belongs to the object at ffff88811d281500 [ 24.236254][ T295] which belongs to the cache skbuff_head_cache of size 248 [ 24.250667][ T295] The buggy address is located 0 bytes inside of [ 24.250667][ T295] 248-byte region [ffff88811d281500, ffff88811d2815f8) [ 24.263610][ T295] The buggy address belongs to the page: [ 24.269157][ T295] page:ffffea000474a040 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11d281 [ 24.279346][ T295] flags: 0x4000000000000200(slab|zone=1) [ 24.284931][ T295] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888100351080 [ 24.293486][ T295] raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000 [ 24.301971][ T295] page dumped because: kasan: bad access detected [ 24.308219][ T295] page_owner tracks the page as allocated [ 24.313782][ T295] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY), pid 295, ts 22768934490, free_ts 15532055566 [ 24.329576][ T295] post_alloc_hook+0x1a3/0x1b0 [ 24.334331][ T295] prep_new_page+0x1b/0x110 [ 24.338671][ T295] get_page_from_freelist+0x3550/0x35d0 [ 24.344049][ T295] __alloc_pages+0x206/0x5e0 [ 24.348475][ T295] new_slab+0x9a/0x4e0 [ 24.352390][ T295] ___slab_alloc+0x39e/0x830 [ 24.356807][ T295] __slab_alloc+0x4a/0x90 [ 24.360974][ T295] kmem_cache_alloc+0x134/0x200 [ 24.365664][ T295] __alloc_skb+0xbe/0x550 [ 24.369825][ T295] audit_log_start+0x456/0xa80 [ 24.374424][ T295] common_lsm_audit+0xd8/0x18b0 [ 24.379147][ T295] slow_avc_audit+0x26c/0x3c0 [ 24.383628][ T295] selinux_capable+0x279/0x430 [ 24.388230][ T295] security_capable+0x77/0xb0 [ 24.392740][ T295] capable+0x6d/0xe0 [ 24.396940][ T295] bpf_check+0x1916/0x12bf0 [ 24.401248][ T295] page last free stack trace: [ 24.405887][ T295] free_unref_page_prepare+0x7c8/0x7d0 [ 24.411139][ T295] free_unref_page+0xe6/0x730 [ 24.415654][ T295] __put_page+0xb0/0xe0 [ 24.419642][ T295] anon_pipe_buf_release+0x187/0x200 [ 24.424761][ T295] pipe_read+0x5a6/0x1040 [ 24.428950][ T295] vfs_read+0xa7e/0xd40 [ 24.434696][ T295] ksys_read+0x199/0x2c0 [ 24.438772][ T295] __x64_sys_read+0x7b/0x90 [ 24.443106][ T295] do_syscall_64+0x3d/0xb0 [ 24.447362][ T295] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.453095][ T295] [ 24.455257][ T295] Memory state around the buggy address: [ 24.460730][ T295] ffff88811d281400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.468627][ T295] ffff88811d281480: fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc [pid 295] close(3) = 0 [pid 295] close(4) = 0 [pid 295] close(5) = 0 [pid 295] close(6) = 0 [pid 295] close(7) = -1 EBADF (Bad file descriptor) [pid 295] close(8) = -1 EBADF (Bad file descriptor) [pid 295] close(9) = -1 EBADF (Bad file descriptor) [pid 295] close(10) = -1 EBADF (Bad file descriptor) [pid 295] close(11) = -1 EBADF (Bad file descriptor) [pid 295] close(12) = -1 EBADF (Bad file descriptor) [pid 295] close(13) = -1 EBADF (Bad file descriptor) [pid 295] close(14) = -1 EBADF (Bad file descriptor) [pid 295] close(15) = -1 EBADF (Bad file descriptor) [pid 295] close(16) = -1 EBADF (Bad file descriptor) [pid 295] close(17) = -1 EBADF (Bad file descriptor) [pid 295] close(18) = -1 EBADF (Bad file descriptor) [pid 295] close(19) = -1 EBADF (Bad file descriptor) [pid 295] close(20) = -1 EBADF (Bad file descriptor) [pid 295] close(21) = -1 EBADF (Bad file descriptor) [pid 295] close(22) = -1 EBADF (Bad file descriptor) [pid 295] close(23) = -1 EBADF (Bad file descriptor) [pid 295] close(24) = -1 EBADF (Bad file descriptor) [pid 295] close(25) = -1 EBADF (Bad file descriptor) [pid 295] close(26) = -1 EBADF (Bad file descriptor) [pid 295] close(27) = -1 EBADF (Bad file descriptor) [pid 295] close(28) = -1 EBADF (Bad file descriptor) [pid 295] close(29) = -1 EBADF (Bad file descriptor) [pid 295] exit_group(1) = ? [pid 295] +++ exited with 1 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=295, si_uid=0, si_status=1, si_utime=0, si_stime=29} --- exit_group(0) = ? +++ exited with 0 +++ [ 24.476539][ T295] >ffff88811d281500: