./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1595326623 <...> Warning: Permanently added '10.128.0.135' (ED25519) to the list of known hosts. execve("./syz-executor1595326623", ["./syz-executor1595326623"], 0x7ffcf2af40b0 /* 10 vars */) = 0 brk(NULL) = 0x555566c33000 brk(0x555566c33d00) = 0x555566c33d00 arch_prctl(ARCH_SET_FS, 0x555566c33380) = 0 set_tid_address(0x555566c33650) = 295 set_robust_list(0x555566c33660, 24) = 0 rseq(0x555566c33ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1595326623", 4096) = 28 getrandom("\xed\x38\x15\x32\x71\x10\x30\x3b", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555566c33d00 brk(0x555566c54d00) = 0x555566c54d00 brk(0x555566c55000) = 0x555566c55000 mprotect(0x7f61356f8000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 write(1, "executing program\n", 18executing program ) = 18 mkdir("./file0", 000) = 0 mkdirat(AT_FDCWD, "./file1", 000) = 0 mkdir("./bus", 000) = 0 mount(NULL, "./bus", "overlay", 0, "workdir=./bus,lowerdir=./file0,upperdir=./file1,metacopy=on,") = 0 mount("./bus", "./bus", "incremental-fs", 0, NULL) = 0 open("./file0", O_RDONLY) = 3 mknodat(3, "./file1", 000) = 0 chdir("./bus") = 0 link("./file1", "./bus") = 0 [ 23.668051][ T30] audit: type=1400 audit(1743126311.770:66): avc: denied { execmem } for pid=295 comm="syz-executor159" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 23.688244][ T295] general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] PREEMPT SMP KASAN [ 23.689134][ T30] audit: type=1400 audit(1743126311.770:67): avc: denied { mounton } for pid=295 comm="syz-executor159" path="/root/bus" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 23.700543][ T295] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 23.700561][ T295] CPU: 0 PID: 295 Comm: syz-executor159 Not tainted 5.15.178-syzkaller-00033-g9cecf52dacae #0 [ 23.700582][ T295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 23.700602][ T295] RIP: 0010:security_inode_getattr+0x47/0x130 [ 23.723478][ T30] audit: type=1400 audit(1743126311.770:68): avc: denied { unlink } for pid=295 comm="syz-executor159" name="#1" dev="sda1" ino=1932 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1 [ 23.731109][ T295] Code: 37 ff 49 8d 5f 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 77 57 7a ff 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 5a 57 7a ff 48 8b 1b 48 83 c3 0c [ 23.731134][ T295] RSP: 0018:ffffc90000986ed0 EFLAGS: 00010206 [ 23.731152][ T295] RAX: 0000000000000006 RBX: 0000000000000030 RCX: ffff88810cf83b40 [ 23.741525][ T30] audit: type=1400 audit(1743126311.770:69): avc: denied { mount } for pid=295 comm="syz-executor159" name="/" dev="overlay" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 23.751064][ T295] RDX: 0000000000000000 RSI: ffffc90000987400 RDI: ffffc900009873f0 [ 23.751081][ T295] RBP: ffffc90000986ef8 R08: dffffc0000000000 R09: ffffc900009873f0 [ 23.751095][ T295] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000987400 [ 23.751109][ T295] R13: dffffc0000000000 R14: ffffc900009873f0 R15: ffffc900009873f0 [ 23.757329][ T30] audit: type=1400 audit(1743126311.770:70): avc: denied { mount } for pid=295 comm="syz-executor159" name="/" dev="incremental-fs" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 23.779003][ T295] FS: 0000555566c33380(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 23.779024][ T295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.779038][ T295] CR2: 0000200000001600 CR3: 000000010c42d000 CR4: 00000000003506b0 [ 23.799025][ T30] audit: type=1400 audit(1743126311.770:71): avc: denied { write } for pid=295 comm="syz-executor159" name="/" dev="incremental-fs" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 23.804347][ T295] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 23.812403][ T30] audit: type=1400 audit(1743126311.770:72): avc: denied { add_name } for pid=295 comm="syz-executor159" name="file1" dev="incremental-fs" ino=1933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 23.834297][ T295] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 23.834315][ T295] Call Trace: [ 23.834326][ T295] [ 23.834334][ T295] ? __die_body+0x62/0xb0 [ 23.834360][ T295] ? die_addr+0x9f/0xd0 [ 23.842594][ T30] audit: type=1400 audit(1743126311.770:73): avc: denied { link } for pid=295 comm="syz-executor159" name="file1" dev="incremental-fs" ino=1933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 23.849911][ T295] ? exc_general_protection+0x311/0x4b0 [ 23.849944][ T295] ? asm_exc_general_protection+0x27/0x30 [ 23.857903][ T30] audit: type=1400 audit(1743126311.770:74): avc: denied { write } for pid=295 comm="syz-executor159" name="bus" dev="incremental-fs" ino=1933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 23.865711][ T295] ? security_inode_getattr+0x47/0x130 [ 23.865742][ T295] vfs_getattr+0x2a/0x320 [ 23.889957][ T30] audit: type=1400 audit(1743126311.770:75): avc: denied { open } for pid=295 comm="syz-executor159" path="/root/bus/bus" dev="incremental-fs" ino=1933 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 23.897968][ T295] ovl_copy_up_flags+0x629/0x2d30 [ 24.083371][ T295] ? kasan_set_free_info+0x23/0x40 [ 24.088310][ T295] ? ovl_maybe_copy_up+0x190/0x190 [ 24.093300][ T295] ? stack_trace_save+0x1c0/0x1c0 [ 24.098118][ T295] ? __kernel_text_address+0x9b/0x110 [ 24.103458][ T295] ? unwind_get_return_address+0x4d/0x90 [ 24.108964][ T295] ? __kasan_check_write+0x14/0x20 [ 24.113909][ T295] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 24.119206][ T295] ? _raw_spin_lock+0x1b0/0x1b0 [ 24.123888][ T295] ? stack_trace_save+0x113/0x1c0 [ 24.128760][ T295] ? avc_has_perm_noaudit+0x348/0x430 [ 24.134046][ T295] ? memcpy+0x56/0x70 [ 24.137860][ T295] ? avc_has_perm_noaudit+0x2dd/0x430 [ 24.143093][ T295] ? __stack_depot_save+0x40d/0x470 [ 24.148105][ T295] ? avc_denied+0x1b0/0x1b0 [ 24.152444][ T295] ? alloc_empty_file+0x95/0x180 [ 24.157220][ T295] ? mnt_want_write+0x1ff/0x2d0 [ 24.161906][ T295] ovl_maybe_copy_up+0x15a/0x190 [ 24.166683][ T295] ovl_open+0xad/0x210 [ 24.170582][ T295] ? ovl_mmap+0x450/0x450 [ 24.174833][ T295] do_dentry_open+0x81c/0xfd0 [ 24.179353][ T295] dentry_open+0xb8/0x100 [ 24.183512][ T295] file_open+0x2a7/0x650 [ 24.187592][ T295] ? incfs_file_mmap+0x120/0x120 [ 24.192366][ T295] ? fsnotify_perm+0x269/0x5b0 [ 24.196964][ T295] ? incfs_file_mmap+0x120/0x120 [ 24.201743][ T295] do_dentry_open+0x81c/0xfd0 [ 24.206256][ T295] vfs_open+0x73/0x80 [ 24.210071][ T295] path_openat+0x26f0/0x2f40 [ 24.214499][ T295] ? kmem_cache_alloc+0xf5/0x250 [ 24.219274][ T295] ? do_filp_open+0x460/0x460 [ 24.223787][ T295] do_filp_open+0x21c/0x460 [ 24.228128][ T295] ? vfs_tmpfile+0x2c0/0x2c0 [ 24.232559][ T295] do_sys_openat2+0x13f/0x820 [ 24.237065][ T295] ? ptrace_stop+0x6eb/0xa90 [ 24.241510][ T295] ? do_sys_open+0x220/0x220 [ 24.245916][ T295] ? _raw_spin_unlock_irq+0x4e/0x70 [ 24.250949][ T295] ? ptrace_notify+0x24c/0x350 [ 24.255551][ T295] __x64_sys_creat+0x11f/0x160 [ 24.260150][ T295] ? __x64_compat_sys_openat+0x290/0x290 [ 24.265630][ T295] x64_sys_call+0x27b/0x9a0 [ 24.270088][ T295] do_syscall_64+0x3b/0xb0 [ 24.274334][ T295] ? clear_bhb_loop+0x35/0x90 [ 24.278923][ T295] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 24.284576][ T295] RIP: 0033:0x7f6135685569 [ 24.288849][ T295] Code: 48 83 c4 28 c3 e8 37 17 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 24.308280][ T295] RSP: 002b:00007ffe0f32dc88 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 24.316513][ T295] RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007f6135685569 [ 24.324323][ T295] RDX: 00007f6135685569 RSI: 0000000000000000 RDI: 0000200000000100 [ 24.332138][ T295] RBP: 00002000000000c0 R08: 00007ffe0f32de68 R09: 00007ffe0f32de68 [ 24.339949][ T295] R10: 00007ffe0f32de68 R11: 0000000000000246 R12: 0030656c69662f2e [ 24.347756][ T295] R13: 00007ffe0f32de58 R14: 0000000000000001 R15: 0000000000000001 [ 24.355748][ T295] [ 24.358618][ T295] Modules linked in: [ 24.362533][ T295] ---[ end trace 32f9e53782fdbb4f ]--- [ 24.367804][ T295] RIP: 0010:security_inode_getattr+0x47/0x130 [ 24.373766][ T295] Code: 37 ff 49 8d 5f 08 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 77 57 7a ff 48 8b 1b 48 83 c3 30 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 5a 57 7a ff 48 8b 1b 48 83 c3 0c [ 24.393411][ T295] RSP: 0018:ffffc90000986ed0 EFLAGS: 00010206 [ 24.399241][ T295] RAX: 0000000000000006 RBX: 0000000000000030 RCX: ffff88810cf83b40 [ 24.407036][ T295] RDX: 0000000000000000 RSI: ffffc90000987400 RDI: ffffc900009873f0 [ 24.414926][ T295] RBP: ffffc90000986ef8 R08: dffffc0000000000 R09: ffffc900009873f0 [ 24.422853][ T295] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000987400 [ 24.430746][ T295] R13: dffffc0000000000 R14: ffffc900009873f0 R15: ffffc900009873f0 [ 24.438550][ T295] FS: 0000555566c33380(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 24.447296][ T295] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.453742][ T295] CR2: 0000200000001600 CR3: 000000010c42d000 CR4: 00000000003506b0 [ 24.461580][ T295] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.469376][ T295] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.477161][ T295] Kernel panic - not syncing: Fatal exception [ 24.483365][ T295] Kernel Offset: disabled [ 24.487492][ T295] Rebooting in 86400 seconds..