./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3811869117

<...>
Warning: Permanently added '10.128.0.175' (ED25519) to the list of known hosts.
execve("./syz-executor3811869117", ["./syz-executor3811869117"], 0x7ffe33e70820 /* 10 vars */) = 0
brk(NULL)                               = 0x555588eee000
brk(0x555588eeee00)                     = 0x555588eeee00
arch_prctl(ARCH_SET_FS, 0x555588eee480) = 0
set_tid_address(0x555588eee750)         = 288
set_robust_list(0x555588eee760, 24)     = 0
rseq(0x555588eeeda0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3811869117", 4096) = 28
getrandom("\xe5\x42\xb4\x7b\x81\x71\xe6\xa0", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555588eeee00
brk(0x555588f0fe00)                     = 0x555588f0fe00
brk(0x555588f10000)                     = 0x555588f10000
mprotect(0x7f2b66104000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7f2b6605ebf0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f2b66065fe0}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7f2b6605ebf0, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f2b66065fe0}, NULL, 8) = 0
write(1, "executing program\n", 18executing program
)     = 18
mkdirat(AT_FDCWD, "./file0", 000)       = 0
mount("./file0", "./file0", "incremental-fs", 0, NULL) = 0
openat(-1, ".pending_reads", O_RDONLY)  = -1 EBADF (Bad file descriptor)
mkdir("./file0", 0777)                  = -1 EEXIST (File exists)
mount(NULL, "./file0", 0x200000000000, MS_REMOUNT, "") = 0
openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3
chdir("./file0")                        = 0
mprotect(0x200000000000, 16384, PROT_READ) = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000000040} ---
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_ACCERR, si_addr=0x200000000000} ---
[   21.086507][   T30] audit: type=1400 audit(1753891942.695:64): avc:  denied  { execmem } for  pid=288 comm="syz-executor381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   21.093590][   T30] audit: type=1400 audit(1753891942.705:65): avc:  denied  { mounton } for  pid=288 comm="syz-executor381" path="/root/file0" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   21.097027][   T30] audit: type=1400 audit(1753891942.705:66): avc:  denied  { mount } for  pid=288 comm="syz-executor381" name="/" dev="incremental-fs" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   21.101784][   T30] audit: type=1400 audit(1753891942.725:67): avc:  denied  { remount } for  pid=288 comm="syz-executor381" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   21.106659][   T30] audit: type=1400 audit(1753891942.725:68): avc:  denied  { write } for  pid=288 comm="syz-executor381" name="/" dev="incremental-fs" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   21.106900][  T288] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
[   21.129832][   T30] audit: type=1400 audit(1753891942.725:69): avc:  denied  { remove_name } for  pid=288 comm="syz-executor381" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   21.141174][  T288] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[   21.141187][  T288] CPU: 0 PID: 288 Comm: syz-executor381 Not tainted 5.15.189-syzkaller-00091-gf32b52534f1d #0
[   21.141203][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   21.141211][  T288] RIP: 0010:dir_rename_wrap+0x167/0x6a0
[   21.166710][   T30] audit: type=1400 audit(1753891942.725:70): avc:  denied  { rename } for  pid=288 comm="syz-executor381" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   21.173783][  T288] Code: 89 e7 e8 fc 44 a5 ff 4d 8b 34 24 eb 08 e8 11 ca 66 ff 45 31 f6 49 83 c6 08 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 f7 e8 cb 44 a5 ff 4d 8b 36 4d 85 f6 0f 84
[   21.173798][  T288] RSP: 0018:ffffc90000977a40 EFLAGS: 00010202
[   21.173812][  T288] RAX: 0000000000000001 RBX: ffff888105dda060 RCX: dffffc0000000000
[   21.184314][   T30] audit: type=1400 audit(1753891942.725:71): avc:  denied  { add_name } for  pid=288 comm="syz-executor381" name="fuse" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   21.194084][  T288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   21.194096][  T288] RBP: ffffc90000977b70 R08: dffffc0000000000 R09: fffff5200012ef39
[   21.194108][  T288] R10: fffff5200012ef39 R11: 1ffff9200012ef38 R12: ffff88812065df58
[   21.199929][   T30] audit: type=1400 audit(1753891942.785:72): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   21.223452][  T288] R13: 1ffff9200012ef54 R14: 0000000000000008 R15: ffff888105dda000
[   21.223467][  T288] FS:  0000555588eee480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   21.223480][  T288] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.223491][  T288] CR2: 0000200000000000 CR3: 0000000124748000 CR4: 00000000003506b0
[   21.243356][   T30] audit: type=1400 audit(1753891942.785:73): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   21.249113][  T288] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   21.383557][  T288] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   21.391503][  T288] Call Trace:
[   21.394756][  T288]  <TASK>
[   21.397669][  T288]  ? rwsem_write_trylock+0x130/0x300
[   21.402940][  T288]  ? dir_rmdir+0x310/0x310
[   21.407330][  T288]  ? down_write+0x15/0x30
[   21.411631][  T288]  ? try_break_deleg+0x7c/0x130
[   21.416453][  T288]  ? dir_rmdir+0x310/0x310
[   21.420841][  T288]  vfs_rename+0xbb6/0x10d0
[   21.425231][  T288]  ? __ia32_sys_link+0x90/0x90
[   21.429963][  T288]  ? d_alloc+0x199/0x1d0
[   21.434180][  T288]  ? lookup_one_qstr_excl+0x122/0x250
[   21.439522][  T288]  do_renameat2+0x7ed/0xf60
[   21.444000][  T288]  ? fsnotify_move+0x450/0x450
[   21.448737][  T288]  ? getname_flags+0x206/0x500
[   21.453488][  T288]  __x64_sys_rename+0x86/0x90
[   21.458150][  T288]  x64_sys_call+0x680/0x9a0
[   21.462628][  T288]  do_syscall_64+0x4c/0xa0
[   21.467032][  T288]  ? clear_bhb_loop+0x50/0xa0
[   21.471684][  T288]  ? clear_bhb_loop+0x50/0xa0
[   21.476356][  T288]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   21.482255][  T288] RIP: 0033:0x7f2b66091c49
[   21.486643][  T288] Code: 48 83 c4 28 c3 e8 67 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   21.506220][  T288] RSP: 002b:00007ffe2f67cb48 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[   21.514604][  T288] RAX: ffffffffffffffda RBX: 0073646165725f67 RCX: 00007f2b66091c49
[   21.522546][  T288] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000200000000040
[   21.530491][  T288] RBP: 00007ffe2f67cb58 R08: 00007ffe2f67cb58 R09: 00007f2b6605ebf0
[   21.538458][  T288] R10: 00007ffe2f67cb50 R11: 0000000000000246 R12: 0000000000000000
[   21.546401][  T288] R13: 00007ffe2f67cdb8 R14: 0000000000000001 R15: 0000000000000001
[   21.554348][  T288]  </TASK>
[   21.557341][  T288] Modules linked in:
[   21.561748][  T288] ---[ end trace c66700199dca0eee ]---
[   21.567244][  T288] RIP: 0010:dir_rename_wrap+0x167/0x6a0
[   21.572821][  T288] Code: 89 e7 e8 fc 44 a5 ff 4d 8b 34 24 eb 08 e8 11 ca 66 ff 45 31 f6 49 83 c6 08 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 4c 89 f7 e8 cb 44 a5 ff 4d 8b 36 4d 85 f6 0f 84
[   21.592474][  T288] RSP: 0018:ffffc90000977a40 EFLAGS: 00010202
[   21.598537][  T288] RAX: 0000000000000001 RBX: ffff888105dda060 RCX: dffffc0000000000
[   21.606511][  T288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   21.614513][  T288] RBP: ffffc90000977b70 R08: dffffc0000000000 R09: fffff5200012ef39
[   21.622488][  T288] R10: fffff5200012ef39 R11: 1ffff9200012ef38 R12: ffff88812065df58
[   21.630476][  T288] R13: 1ffff9200012ef54 R14: 0000000000000008 R15: ffff888105dda000
[   21.638425][  T288] FS:  0000555588eee480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   21.647365][  T288] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.653951][  T288] CR2: 0000200000000000 CR3: 0000000124748000 CR4: 00000000003506b0
[   21.662056][  T288] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   21.670054][  T288] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   21.678013][  T288] Kernel panic - not syncing: Fatal exception
[   21.684242][  T288] Kernel Offset: disabled
[   21.688550][  T288] Rebooting in 86400 seconds..