./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3598293351 <...> Warning: Permanently added '10.128.1.142' (ED25519) to the list of known hosts. execve("./syz-executor3598293351", ["./syz-executor3598293351"], 0x7ffcb34969b0 /* 10 vars */) = 0 brk(NULL) = 0x555571200000 brk(0x555571200e00) = 0x555571200e00 arch_prctl(ARCH_SET_FS, 0x555571200480) = 0 set_tid_address(0x555571200750) = 282 set_robust_list(0x555571200760, 24) = 0 rseq(0x555571200da0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3598293351", 4096) = 28 getrandom("\x0c\xe0\xba\xc6\x87\x3f\x4f\x8a", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x555571200e00 brk(0x555571221e00) = 0x555571221e00 brk(0x555571222000) = 0x555571222000 mprotect(0x7f4083eae000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 283 attached [pid 283] set_robust_list(0x555571200760, 24) = 0 [pid 282] <... clone resumed>, child_tidptr=0x555571200750) = 283 [pid 282] openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "10000000000", 11) = 11 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "20", 2) = 2 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "1", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "0", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "0", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "1", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "100", 3) = 3 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "0", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "0", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "7 4 1 3", 7) = 7 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "1", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "1", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "0", 1) = 1 [pid 282] close(3) = 0 [pid 282] openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 [pid 282] write(3, "283", 3) = 3 [pid 282] close(3) = 0 [pid 282] kill(283, SIGKILL) = 0 [pid 283] +++ killed by SIGKILL +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=283, si_uid=0, si_status=SIGKILL, si_utime=0, si_stime=0} --- mount(NULL, "/proc/sys/fs/binfmt_misc", "binfmt_misc", 0, NULL) = -1 EBUSY (Device or resource busy) openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3 write(3, "\x3a\x73\x79\x7a\x30\x3a\x4d\x3a\x30\x3a\x01\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a", 21) = 21 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/binfmt_misc/register", O_WRONLY|O_CLOEXEC) = 3 write(3, "\x3a\x73\x79\x7a\x31\x3a\x4d\x3a\x31\x3a\x02\x3a\x3a\x2e\x2f\x66\x69\x6c\x65\x30\x3a\x50\x4f\x43", 24) = 24 close(3) = 0 chmod("/dev/raw-gadget", 0666) = 0 swapoff("./swap-file") = -1 ENOENT (No such file or directory) unlink("./swap-file") = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "./swap-file", O_WRONLY|O_CREAT|O_CLOEXEC, 0600) = 3 fallocate(3, FALLOC_FL_ZERO_RANGE, 0, 128000000) = 0 close(3) = 0 rt_sigaction(SIGINT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, 8) = 0 rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0 mmap(NULL, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f4083de3000 rt_sigprocmask(SIG_BLOCK, ~[], [CHLD], 8) = 0 clone3({flags=CLONE_VM|CLONE_VFORK, exit_signal=SIGCHLD, stack=0x7f4083de3000, stack_size=0x9000}, 88./strace-static-x86_64: Process 284 attached [pid 284] rt_sigprocmask(SIG_BLOCK, NULL, ~[KILL STOP], 8) = 0 [pid 284] rt_sigaction(SIGHUP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGHUP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, 8) = 0 [pid 284] rt_sigaction(SIGILL, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGILL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGTRAP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGTRAP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGABRT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGABRT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGBUS, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGBUS, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGFPE, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGFPE, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGUSR1, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGUSR1, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGSEGV, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGSEGV, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGUSR2, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGUSR2, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGPIPE, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGPIPE, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGALRM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGTERM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGSTKFLT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGSTKFLT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGCHLD, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGCHLD, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGCONT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGCONT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGTSTP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGTSTP, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGTTIN, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGTTIN, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGTTOU, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGTTOU, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGURG, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGURG, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGXCPU, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGXCPU, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGXFSZ, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGXFSZ, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGVTALRM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGVTALRM, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGPROF, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGPROF, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGWINCH, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGWINCH, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGIO, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGIO, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGPWR, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGPWR, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGSYS, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGSYS, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_2, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_2, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_3, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_3, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_4, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_4, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_5, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_5, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_6, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_6, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_7, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_7, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_8, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_8, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_9, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_9, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_10, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_10, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_11, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_11, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_12, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_12, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_13, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_13, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_14, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_14, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_15, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_15, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_16, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_16, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_17, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_17, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_18, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_18, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_19, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_19, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_20, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_20, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_21, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_21, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_22, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_22, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_23, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_23, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_24, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_24, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_25, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_25, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_26, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_26, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_27, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_27, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_28, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_28, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_29, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_29, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_30, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_30, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_31, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_31, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGRT_32, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGRT_32, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 [pid 284] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 284] execve("/bin/sh", ["sh", "-c", "mkswap ./swap-file"], 0x7ffdab074a68 /* 10 vars */ [pid 282] <... clone3 resumed>) = 284 [pid 282] munmap(0x7f4083de3000, 36864) = 0 [pid 284] <... execve resumed>) = 0 [pid 282] rt_sigprocmask(SIG_SETMASK, [CHLD], NULL, 8) = 0 [pid 284] brk(NULL) = 0x55a4057d1000 [pid 284] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9bbf7a5000 [pid 284] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/libbusybox.so.1.37.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/", 0x7ffecb51e760, 0) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/libbusybox.so.1.37.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/", 0x7ffecb51e760, 0) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/lib64/libbusybox.so.1.37.0", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x38\x13\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x09\x00\x40\x00\x19\x00\x18\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8\xf4\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0644, st_size=792952, ...}) = 0 [pid 284] mmap(NULL, 792856, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9bbf6e3000 [pid 284] mmap(0x7f9bbf6f3000, 548864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x7f9bbf6f3000 [ 25.627029][ T24] audit: type=1400 audit(1748322578.130:64): avc: denied { execmem } for pid=282 comm="syz-executor359" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 284] mmap(0x7f9bbf779000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x96000) = 0x7f9bbf779000 [pid 284] mmap(0x7f9bbf7a1000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xbe000) = 0x7f9bbf7a1000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\xf0\xab\x02\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x38\x22\x1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0e\x00\x40\x00\x3b\x00\x3a\x00\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00"..., 832) = 832 [pid 284] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=1913080, ...}) = 0 [pid 284] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 284] mmap(NULL, 1965720, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9bbf503000 [pid 284] mmap(0x7f9bbf52b000, 1368064, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7f9bbf52b000 [pid 284] mmap(0x7f9bbf679000, 356352, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x176000) = 0x7f9bbf679000 [pid 284] mmap(0x7f9bbf6d0000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1cc000) = 0x7f9bbf6d0000 [pid 284] mmap(0x7f9bbf6d6000, 52888, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f9bbf6d6000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libpam.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\xf8\xf0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1b\x00\x1a\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x29\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=63416, ...}) = 0 [pid 284] mmap(NULL, 65552, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9bbf4f2000 [pid 284] mmap(0x7f9bbf4f5000, 32768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f9bbf4f5000 [pid 284] mmap(0x7f9bbf4fd000, 16384, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f9bbf4fd000 [pid 284] mmap(0x7f9bbf501000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f9bbf501000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libpam_misc.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x51\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x12\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=22400, ...}) = 0 [pid 284] mmap(NULL, 24656, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9bbf4eb000 [pid 284] mmap(0x7f9bbf4ed000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f9bbf4ed000 [pid 284] mmap(0x7f9bbf4ef000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f9bbf4ef000 [pid 284] mmap(0x7f9bbf4f0000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f9bbf4f0000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\xa8\xe1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1d\x00\x1c\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x27\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=59624, ...}) = 0 [pid 284] mmap(NULL, 67720, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9bbf4da000 [pid 284] mmap(0x7f9bbf4dd000, 32768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f9bbf4dd000 [pid 284] mmap(0x7f9bbf4e5000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f9bbf4e5000 [pid 284] mmap(0x7f9bbf4e7000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd000) = 0x7f9bbf4e7000 [pid 284] mmap(0x7f9bbf4e9000, 6280, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f9bbf4e9000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/", 0x7ffecb51e6c0, 0) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/", 0x7ffecb51e6c0, 0) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/usr/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x60\xd1\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1d\x00\x1c\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x28\x74\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=186528, ...}) = 0 [pid 284] mmap(NULL, 194256, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9bbf4aa000 [pid 284] mmap(0x7f9bbf4b2000, 114688, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x7f9bbf4b2000 [pid 284] mmap(0x7f9bbf4ce000, 32768, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x24000) = 0x7f9bbf4ce000 [pid 284] mmap(0x7f9bbf4d6000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2c000) = 0x7f9bbf4d6000 [pid 284] mmap(0x7f9bbf4d8000, 5840, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f9bbf4d8000 [pid 284] close(3) = 0 [pid 284] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9bbf4a8000 [pid 284] openat(AT_FDCWD, "/lib64/libatomic.so.1", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x30\x71\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1b\x00\x1a\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x78\x1f\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=30704, ...}) = 0 [pid 284] mmap(NULL, 37000, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9bbf49e000 [pid 284] mmap(0x7f9bbf4a0000, 12288, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f9bbf4a0000 [pid 284] mmap(0x7f9bbf4a3000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7f9bbf4a3000 [pid 284] mmap(0x7f9bbf4a5000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f9bbf4a5000 [pid 284] mmap(0x7f9bbf4a7000, 136, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f9bbf4a7000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/usr/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\xf0\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8\x20\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=395120, ...}) = 0 [pid 284] mmap(NULL, 397336, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9bbf43c000 [pid 284] mmap(0x7f9bbf43f000, 225280, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f9bbf43f000 [pid 284] mmap(0x7f9bbf476000, 155648, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3a000) = 0x7f9bbf476000 [pid 284] mmap(0x7f9bbf49c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5f000) = 0x7f9bbf49c000 [pid 284] close(3) = 0 [pid 284] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9bbf43a000 [pid 284] arch_prctl(ARCH_SET_FS, 0x7f9bbf43ac80) = 0 [pid 284] set_tid_address(0x7f9bbf43af50) = 284 [pid 284] set_robust_list(0x7f9bbf43af60, 24) = 0 [pid 284] rseq(0x7f9bbf43aae0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) [pid 284] mprotect(0x7f9bbf6d0000, 16384, PROT_READ) = 0 [pid 284] mprotect(0x7f9bbf49c000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f9bbf4a5000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f9bbf4d6000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f9bbf4e7000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f9bbf501000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f9bbf4f0000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f9bbf7a1000, 12288, PROT_READ) = 0 [pid 284] mprotect(0x55a3cb029000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f9bbf7da000, 8192, PROT_READ) = 0 [pid 284] prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 [pid 284] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 284] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 284] getrandom("\xff\x3d\x78\xf1\xf0\x0d\x6f\x08", 8, GRND_NONBLOCK) = 8 [pid 284] brk(NULL) = 0x55a4057d1000 [pid 284] brk(0x55a4057f2000) = 0x55a4057f2000 [pid 284] access("/etc/selinux/config", F_OK) = 0 [pid 284] getpid() = 284 [pid 284] rt_sigaction(SIGCHLD, {sa_handler=0x7f9bbf726287, sa_mask=~[RTMIN RT_1], sa_flags=SA_RESTORER, sa_restorer=0x7f9bbf542180}, NULL, 8) = 0 [pid 284] getppid() = 282 [pid 284] uname({sysname="Linux", nodename="syzkaller", ...}) = 0 [pid 284] newfstatat(AT_FDCWD, "/root", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0 [pid 284] newfstatat(AT_FDCWD, ".", {st_mode=S_IFDIR|0700, st_size=4096, ...}, 0) = 0 [pid 284] rt_sigaction(SIGINT, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGINT, {sa_handler=0x7f9bbf726287, sa_mask=~[RTMIN RT_1], sa_flags=SA_RESTORER, sa_restorer=0x7f9bbf542180}, NULL, 8) = 0 [pid 284] rt_sigaction(SIGQUIT, NULL, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] rt_sigaction(SIGTERM, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0 [pid 284] newfstatat(AT_FDCWD, "/bin/mkswap", 0x7ffecb51f058, 0) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/sbin/mkswap", {st_mode=S_IFREG|0755, st_size=14256, ...}, 0) = 0 [pid 284] execve("/sbin/mkswap", ["mkswap", "./swap-file"], 0x55a4057d16f0 /* 10 vars */) = 0 [pid 284] brk(NULL) = 0x5583570bb000 [ 25.662836][ T24] audit: type=1400 audit(1748322578.170:65): avc: denied { mounton } for pid=282 comm="syz-executor359" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 25.688407][ T24] audit: type=1400 audit(1748322578.170:66): avc: denied { mount } for pid=282 comm="syz-executor359" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [pid 284] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f41ee81b000 [pid 284] access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/libbusybox.so.1.37.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v3/", 0x7ffd1fe8ba20, 0) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/libbusybox.so.1.37.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/lib64/glibc-hwcaps/x86-64-v2/", 0x7ffd1fe8ba20, 0) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/lib64/libbusybox.so.1.37.0", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x38\x13\x0c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x09\x00\x40\x00\x19\x00\x18\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8\xf4\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0644, st_size=792952, ...}) = 0 [pid 284] mmap(NULL, 792856, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f41ee759000 [pid 284] mmap(0x7f41ee769000, 548864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x10000) = 0x7f41ee769000 [pid 284] mmap(0x7f41ee7ef000, 163840, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x96000) = 0x7f41ee7ef000 [pid 284] mmap(0x7f41ee817000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xbe000) = 0x7f41ee817000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\xf0\xab\x02\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x38\x22\x1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0e\x00\x40\x00\x3b\x00\x3a\x00\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00"..., 832) = 832 [pid 284] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=1913080, ...}) = 0 [pid 284] pread64(3, "\x06\x00\x00\x00\x04\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x10\x03\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x60\xc1\x19\x00\x00\x00\x00\x00\x1c\x00\x00\x00\x00\x00\x00\x00\x1c\x00\x00\x00"..., 784, 64) = 784 [pid 284] mmap(NULL, 1965720, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f41ee579000 [pid 284] mmap(0x7f41ee5a1000, 1368064, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x28000) = 0x7f41ee5a1000 [pid 284] mmap(0x7f41ee6ef000, 356352, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x176000) = 0x7f41ee6ef000 [pid 284] mmap(0x7f41ee746000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1cc000) = 0x7f41ee746000 [pid 284] mmap(0x7f41ee74c000, 52888, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f41ee74c000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libpam.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\xf8\xf0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1b\x00\x1a\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe0\x29\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=63416, ...}) = 0 [pid 284] mmap(NULL, 65552, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f41ee568000 [pid 284] mmap(0x7f41ee56b000, 32768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f41ee56b000 [pid 284] mmap(0x7f41ee573000, 16384, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f41ee573000 [pid 284] mmap(0x7f41ee577000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xe000) = 0x7f41ee577000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libpam_misc.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x00\x51\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd8\x12\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=22400, ...}) = 0 [pid 284] mmap(NULL, 24656, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f41ee561000 [pid 284] mmap(0x7f41ee563000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f41ee563000 [pid 284] mmap(0x7f41ee565000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f41ee565000 [pid 284] mmap(0x7f41ee566000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f41ee566000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libresolv.so.2", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\xa8\xe1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1d\x00\x1c\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x27\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=59624, ...}) = 0 [pid 284] mmap(NULL, 67720, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f41ee550000 [pid 284] mmap(0x7f41ee553000, 32768, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f41ee553000 [pid 284] mmap(0x7f41ee55b000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f41ee55b000 [pid 284] mmap(0x7f41ee55d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd000) = 0x7f41ee55d000 [pid 284] mmap(0x7f41ee55f000, 6280, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f41ee55f000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v3/", 0x7ffd1fe8b980, 0) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/libselinux.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] newfstatat(AT_FDCWD, "/usr/lib64/glibc-hwcaps/x86-64-v2/", 0x7ffd1fe8b980, 0) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/usr/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x60\xd1\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0b\x00\x40\x00\x1d\x00\x1c\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x28\x74\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=186528, ...}) = 0 [pid 284] mmap(NULL, 194256, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f41ee520000 [pid 284] mmap(0x7f41ee528000, 114688, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x7f41ee528000 [pid 284] mmap(0x7f41ee544000, 32768, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x24000) = 0x7f41ee544000 [pid 284] mmap(0x7f41ee54c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2c000) = 0x7f41ee54c000 [pid 284] mmap(0x7f41ee54e000, 5840, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f41ee54e000 [pid 284] close(3) = 0 [pid 284] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f41ee51e000 [pid 284] openat(AT_FDCWD, "/lib64/libatomic.so.1", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x03\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\x30\x71\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1b\x00\x1a\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x78\x1f\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=30704, ...}) = 0 [pid 284] mmap(NULL, 37000, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f41ee514000 [pid 284] mmap(0x7f41ee516000, 12288, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f41ee516000 [pid 284] mmap(0x7f41ee519000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5000) = 0x7f41ee519000 [pid 284] mmap(0x7f41ee51b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f41ee51b000 [pid 284] mmap(0x7f41ee51d000, 136, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f41ee51d000 [pid 284] close(3) = 0 [pid 284] openat(AT_FDCWD, "/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 284] openat(AT_FDCWD, "/usr/lib64/libpcre2-8.so.0", O_RDONLY|O_CLOEXEC) = 3 [pid 284] read(3, "\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x3e\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x00\x00\x00\x00\x00\x00\xf0\x00\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\x40\x00\x38\x00\x0a\x00\x40\x00\x1a\x00\x19\x00\x01\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8\x20\x00\x00"..., 832) = 832 [pid 284] fstat(3, {st_mode=S_IFREG|0755, st_size=395120, ...}) = 0 [pid 284] mmap(NULL, 397336, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f41ee4b2000 [pid 284] mmap(0x7f41ee4b5000, 225280, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f41ee4b5000 [pid 284] mmap(0x7f41ee4ec000, 155648, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3a000) = 0x7f41ee4ec000 [pid 284] mmap(0x7f41ee512000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5f000) = 0x7f41ee512000 [pid 284] close(3) = 0 [pid 284] mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f41ee4b0000 [pid 284] arch_prctl(ARCH_SET_FS, 0x7f41ee4b0c80) = 0 [pid 284] set_tid_address(0x7f41ee4b0f50) = 284 [pid 284] set_robust_list(0x7f41ee4b0f60, 24) = 0 [pid 284] rseq(0x7f41ee4b0ae0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) [pid 284] mprotect(0x7f41ee746000, 16384, PROT_READ) = 0 [pid 284] mprotect(0x7f41ee512000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f41ee51b000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f41ee54c000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f41ee55d000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f41ee577000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f41ee566000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f41ee817000, 12288, PROT_READ) = 0 [pid 284] mprotect(0x55834c167000, 4096, PROT_READ) = 0 [pid 284] mprotect(0x7f41ee850000, 8192, PROT_READ) = 0 [pid 284] prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 [pid 284] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 284] statfs("/sys/fs/selinux", {f_type=SELINUX_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NOEXEC|ST_RELATIME}) = 0 [pid 284] getrandom("\x69\x2d\xc2\xd7\xe5\xe9\x80\x21", 8, GRND_NONBLOCK) = 8 [pid 284] brk(NULL) = 0x5583570bb000 [pid 284] brk(0x5583570dc000) = 0x5583570dc000 [pid 284] access("/etc/selinux/config", F_OK) = 0 [pid 284] openat(AT_FDCWD, "./swap-file", O_WRONLY) = 3 [pid 284] lseek(3, 0, SEEK_END) = 128000000 [pid 284] lseek(3, 0, SEEK_SET) = 0 [pid 284] fstat(1, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0 [pid 284] fstat(3, {st_mode=S_IFREG|0600, st_size=128000000, ...}) = 0 [pid 284] fgetxattr(3, "security.selinux", "\x72\x6f\x6f\x74\x3a\x6f\x62\x6a\x65\x63\x74\x5f\x72\x3a\x75\x73\x65\x72\x5f\x68\x6f\x6d\x65\x5f\x74\x00", 255) = 26 [pid 284] access("/var/run/setrans/.setrans-unix", F_OK) = -1 ENOENT (No such file or directory) [pid 284] futex(0x7f41ee54f6b8, FUTEX_WAKE_PRIVATE, 2147483647) = 0 [pid 284] fsetxattr(3, "security.selinux", "\x72\x6f\x6f\x74\x3a\x6f\x62\x6a\x65\x63\x74\x5f\x72\x3a\x73\x77\x61\x70\x66\x69\x6c\x65\x5f\x74\x00", 25, 0) = 0 [pid 284] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1024) = 1024 [pid 284] write(3, "\x01\x00\x00\x00\x11\x7a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 516) = 516 [pid 284] lseek(3, 4086, SEEK_SET) = 4086 [pid 284] write(3, "SWAPSPACE2", 10) = 10 [ 25.712118][ T24] audit: type=1400 audit(1748322578.180:67): avc: denied { setattr } for pid=282 comm="syz-executor359" name="raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [pid 284] fsync(3) = 0 Setting up swapspace version 1, size = 127995904 bytes [pid 284] write(1, "Setting up swapspace version 1, size = 127995904 bytes\n", 55) = 55 [pid 284] exit_group(0) = ? [pid 284] +++ exited with 0 +++ rt_sigaction(SIGINT, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 rt_sigaction(SIGQUIT, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=284, si_uid=0, si_status=0, si_utime=0, si_stime=3} --- [ 25.779642][ T284] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 25.788922][ T24] audit: type=1400 audit(1748322578.300:68): avc: denied { relabelto } for pid=284 comm="mkswap" name="swap-file" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" swapon("./swap-file", SWAP_FLAG_PREFER|0) = 0 rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {sa_handler=0x7f4083df6540, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 rt_sigaction(SIGBUS, {sa_handler=0x7f4083df6540, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f4083e02350}, NULL, 8) = 0 mkdir("./syzkaller.VZqDLi", 0700) = 0 chmod("./syzkaller.VZqDLi", 0777) = 0 chdir("./syzkaller.VZqDLi") = 0 unshare(CLONE_NEWPID) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555571200750) = 285 ./strace-static-x86_64: Process 285 attached [ 25.815858][ T24] audit: type=1400 audit(1748322578.300:69): avc: denied { write } for pid=284 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.846689][ T24] audit: type=1400 audit(1748322578.350:70): avc: denied { read } for pid=282 comm="syz-executor359" name="swap-file" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [pid 285] set_robust_list(0x555571200760, 24) = 0 [pid 285] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 285] getppid() = 0 [pid 285] prlimit64(0, RLIMIT_AS, {rlim_cur=204800*1024, rlim_max=204800*1024}, NULL) = 0 [pid 285] prlimit64(0, RLIMIT_MEMLOCK, {rlim_cur=32768*1024, rlim_max=32768*1024}, NULL) = 0 [pid 285] prlimit64(0, RLIMIT_FSIZE, {rlim_cur=139264*1024, rlim_max=139264*1024}, NULL) = 0 [pid 285] prlimit64(0, RLIMIT_STACK, {rlim_cur=1024*1024, rlim_max=1024*1024}, NULL) = 0 [pid 285] prlimit64(0, RLIMIT_CORE, {rlim_cur=131072*1024, rlim_max=131072*1024}, NULL) = 0 [pid 285] prlimit64(0, RLIMIT_NOFILE, {rlim_cur=256, rlim_max=256}, NULL) = 0 [pid 285] unshare(CLONE_NEWNS) = 0 [pid 285] mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) = 0 [pid 285] unshare(CLONE_NEWIPC) = -1 EINVAL (Invalid argument) [pid 285] unshare(CLONE_NEWCGROUP) = 0 [pid 285] unshare(CLONE_NEWUTS) = 0 [pid 285] unshare(CLONE_SYSVSEM) = 0 [pid 285] openat(AT_FDCWD, "/proc/sys/kernel/shmmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 285] openat(AT_FDCWD, "/proc/sys/kernel/shmall", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 285] openat(AT_FDCWD, "/proc/sys/kernel/shmmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 285] openat(AT_FDCWD, "/proc/sys/kernel/msgmax", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 285] openat(AT_FDCWD, "/proc/sys/kernel/msgmni", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 285] openat(AT_FDCWD, "/proc/sys/kernel/msgmnb", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 285] openat(AT_FDCWD, "/proc/sys/kernel/sem", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [pid 285] getpid() = 1 [pid 285] capget({version=_LINUX_CAPABILITY_VERSION_3, pid=1}, {effective=1< 0b 4c 8b a5 30 ff ff ff 4c 89 e7 be 08 00 00 00 e8 5d d5 93 ff [ 26.989510][ T285] RSP: 0018:ffffc90000bc7738 EFLAGS: 00010293 [ 26.995623][ T285] RAX: ffffffff8209af4d RBX: ffff88810d0ed9d8 RCX: ffff888106b92780 [ 27.003640][ T285] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000000018 [ 27.011615][ T285] RBP: ffffc90000bc7828 R08: 0000000000000004 R09: 0000000000000003 [ 27.019702][ T285] R10: fffff52000178ed8 R11: 1ffff92000178ed8 R12: 0000000000000018 [ 27.027742][ T285] R13: 1ffff11021a1db3b R14: 0000000000000018 R15: 0000000000000007 [ 27.035752][ T285] FS: 0000555571200480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 27.044724][ T285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.051302][ T285] CR2: 00007f9376548000 CR3: 0000000106bcf000 CR4: 00000000003506b0 [ 27.059294][ T285] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 27.067292][ T285] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 27.075296][ T285] Call Trace: [ 27.078586][ T285] __allocate_new_segment+0x13d/0x810 [ 27.083998][ T285] f2fs_allocate_new_section+0x1d5/0x280 [ 27.089630][ T285] ? new_curseg+0x18a0/0x18a0 [ 27.094332][ T285] ? __kasan_check_write+0x14/0x20 [ 27.099457][ T285] ? down_read_trylock+0x100/0x150 [ 27.104833][ T285] ? __init_rwsem+0x1c0/0x1c0 [ 27.109542][ T285] ? has_not_enough_free_secs+0x3d7/0x8a0 [ 27.115296][ T285] expand_inode_data+0x5a8/0x930 [ 27.120228][ T285] ? f2fs_insert_range+0x5b0/0x5b0 [ 27.125352][ T285] ? inode_dio_wait+0x226/0x290 [ 27.130203][ T285] ? file_update_time+0x3a2/0x400 [ 27.135261][ T285] ? inode_owner_or_capable+0x140/0x140 [ 27.140818][ T285] f2fs_fallocate+0x42b/0x7e0 [ 27.145667][ T285] vfs_fallocate+0x4b4/0x590 [ 27.150290][ T285] do_vfs_ioctl+0x12e3/0x1510 [ 27.154996][ T285] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 27.160624][ T285] ? has_cap_mac_admin+0x330/0x330 [ 27.165810][ T285] ? _raw_spin_lock_irq+0x8f/0xe0 [ 27.170834][ T285] ? __kasan_check_write+0x14/0x20 [ 27.175966][ T285] ? _raw_spin_lock_irq+0x8f/0xe0 [ 27.181004][ T285] ? selinux_file_ioctl+0x377/0x480 [ 27.186328][ T285] ? selinux_file_alloc_security+0x120/0x120 [ 27.192336][ T285] ? _raw_spin_unlock_irq+0x4e/0x70 [ 27.197523][ T285] ? ptrace_notify+0x1c4/0x250 [ 27.202294][ T285] ? do_notify_parent+0x7e0/0x7e0 [ 27.207424][ T285] ? security_file_ioctl+0x84/0xa0 [ 27.212555][ T285] __se_sys_ioctl+0x9f/0x1a0 [ 27.217141][ T285] __x64_sys_ioctl+0x7b/0x90 [ 27.221852][ T285] do_syscall_64+0x31/0x40 [ 27.226283][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.232271][ T285] RIP: 0033:0x7f4083e37d69 [ 27.236690][ T285] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 27.256429][ T285] RSP: 002b:00007ffdab074718 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.264892][ T285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4083e37d69 [ 27.272894][ T285] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005 [ 27.280857][ T285] RBP: 00007f4083e7c5f3 R08: 00007f4083e7c623 R09: 00007f4083e7c623 [ 27.288967][ T285] R10: 00007f4083e7c623 R11: 0000000000000246 R12: 00007f4083e7c47a [ 27.296988][ T285] R13: 00007f4083e7c574 R14: 0000000000000001 R15: 0000000000000003 [ 27.305058][ T285] ---[ end trace 874606f54682fd6c ]--- [ 27.310580][ T285] ------------[ cut here ]------------ [ 27.316209][ T285] WARNING: CPU: 0 PID: 285 at fs/f2fs/segment.c:2636 new_curseg+0x14c0/0x18a0 [ 27.325115][ T285] Modules linked in: [ 27.329013][ T285] CPU: 0 PID: 285 Comm: syz-executor359 Tainted: G W 5.10.237-syzkaller #0 [ 27.338926][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 27.349041][ T285] RIP: 0010:new_curseg+0x14c0/0x18a0 [ 27.354365][ T285] Code: ff e8 74 dd 59 ff 0f 0b 4c 8b 75 d0 49 8d 7e 78 be 08 00 00 00 e8 20 cf 93 ff f0 41 80 4e 78 04 e9 ba ed ff ff e8 50 dd 59 ff <0f> 0b 48 8b 5d d0 48 8d 7b 78 be 08 00 00 00 e8 fc ce 93 ff f0 80 [ 27.374127][ T285] RSP: 0018:ffffc90000bc7738 EFLAGS: 00010293 [ 27.380219][ T285] RAX: ffffffff8209b5b0 RBX: ffff88810b4c0d01 RCX: ffff888106b92780 [ 27.388319][ T285] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 27.396442][ T285] RBP: ffffc90000bc7828 R08: dffffc0000000000 R09: ffffed10216981aa [ 27.404713][ T285] R10: ffffed10216981aa R11: 1ffff110216981a9 R12: 0000000000000000 [ 27.412740][ T285] R13: 0000000000000018 R14: 0000000000000001 R15: 0000000000000018 [ 27.420705][ T285] FS: 0000555571200480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 27.429688][ T285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 27.436319][ T285] CR2: 00007f9376548000 CR3: 0000000106bcf000 CR4: 00000000003506b0 [ 27.444340][ T285] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 27.452348][ T285] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 27.460354][ T285] Call Trace: [ 27.463748][ T285] __allocate_new_segment+0x13d/0x810 [ 27.469123][ T285] f2fs_allocate_new_section+0x1d5/0x280 [ 27.474793][ T285] ? new_curseg+0x18a0/0x18a0 [ 27.479471][ T285] ? __kasan_check_write+0x14/0x20 [ 27.484634][ T285] ? down_read_trylock+0x100/0x150 [ 27.489747][ T285] ? __init_rwsem+0x1c0/0x1c0 [ 27.494476][ T285] ? has_not_enough_free_secs+0x3d7/0x8a0 [ 27.500211][ T285] expand_inode_data+0x5a8/0x930 [ 27.505170][ T285] ? f2fs_insert_range+0x5b0/0x5b0 [ 27.510281][ T285] ? inode_dio_wait+0x226/0x290 [ 27.515151][ T285] ? file_update_time+0x3a2/0x400 [ 27.520181][ T285] ? inode_owner_or_capable+0x140/0x140 [ 27.526027][ T285] f2fs_fallocate+0x42b/0x7e0 [ 27.530719][ T285] vfs_fallocate+0x4b4/0x590 [ 27.535350][ T285] do_vfs_ioctl+0x12e3/0x1510 [ 27.540016][ T285] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 27.545658][ T285] ? has_cap_mac_admin+0x330/0x330 [ 27.550765][ T285] ? _raw_spin_lock_irq+0x8f/0xe0 [ 27.555806][ T285] ? __kasan_check_write+0x14/0x20 [ 27.560934][ T285] ? _raw_spin_lock_irq+0x8f/0xe0 [ 27.566151][ T285] ? selinux_file_ioctl+0x377/0x480 [ 27.571371][ T285] ? selinux_file_alloc_security+0x120/0x120 [ 27.577397][ T285] ? _raw_spin_unlock_irq+0x4e/0x70 [ 27.582631][ T285] ? ptrace_notify+0x1c4/0x250 [ 27.587384][ T285] ? do_notify_parent+0x7e0/0x7e0 [ 27.592441][ T285] ? security_file_ioctl+0x84/0xa0 [ 27.597554][ T285] __se_sys_ioctl+0x9f/0x1a0 [ 27.602162][ T285] __x64_sys_ioctl+0x7b/0x90 [ 27.606750][ T285] do_syscall_64+0x31/0x40 [ 27.611144][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.617047][ T285] RIP: 0033:0x7f4083e37d69 [ 27.621457][ T285] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 27.641140][ T285] RSP: 002b:00007ffdab074718 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.649586][ T285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4083e37d69 [ 27.657610][ T285] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005 [ 27.665624][ T285] RBP: 00007f4083e7c5f3 R08: 00007f4083e7c623 R09: 00007f4083e7c623 [ 27.673634][ T285] R10: 00007f4083e7c623 R11: 0000000000000246 R12: 00007f4083e7c47a [ 27.681619][ T285] R13: 00007f4083e7c574 R14: 0000000000000001 R15: 0000000000000003 [ 27.689635][ T285] ---[ end trace 874606f54682fd6d ]--- [ 27.695253][ T285] ================================================================== [ 27.703410][ T285] BUG: KASAN: slab-out-of-bounds in reset_curseg+0x4dd/0x560 [ 27.711285][ T285] Read of size 4 at addr ffff88810bc5a3c0 by task syz-executor359/285 [ 27.719414][ T285] [ 27.721747][ T285] CPU: 1 PID: 285 Comm: syz-executor359 Tainted: G W 5.10.237-syzkaller #0 [ 27.731621][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 27.741670][ T285] Call Trace: [ 27.744951][ T285] __dump_stack+0x21/0x24 [ 27.749261][ T285] dump_stack_lvl+0x169/0x1d8 [ 27.753938][ T285] ? show_regs_print_info+0x18/0x18 [ 27.759112][ T285] ? thaw_kernel_threads+0x220/0x220 [ 27.764390][ T285] print_address_description+0x7f/0x2c0 [ 27.769915][ T285] ? reset_curseg+0x4dd/0x560 [ 27.774572][ T285] kasan_report+0xe2/0x130 [ 27.778967][ T285] ? reset_curseg+0x4dd/0x560 [ 27.783626][ T285] __asan_report_load4_noabort+0x14/0x20 [ 27.789235][ T285] reset_curseg+0x4dd/0x560 [ 27.793714][ T285] new_curseg+0x12f6/0x18a0 [ 27.798251][ T285] __allocate_new_segment+0x13d/0x810 [ 27.803639][ T285] f2fs_allocate_new_section+0x1d5/0x280 [ 27.809254][ T285] ? new_curseg+0x18a0/0x18a0 [ 27.813908][ T285] ? __kasan_check_write+0x14/0x20 [ 27.819011][ T285] ? down_read_trylock+0x100/0x150 [ 27.824154][ T285] ? __init_rwsem+0x1c0/0x1c0 [ 27.828821][ T285] ? has_not_enough_free_secs+0x3d7/0x8a0 [ 27.834532][ T285] expand_inode_data+0x5a8/0x930 [ 27.839455][ T285] ? f2fs_insert_range+0x5b0/0x5b0 [ 27.844570][ T285] ? inode_dio_wait+0x226/0x290 [ 27.849405][ T285] ? file_update_time+0x3a2/0x400 [ 27.854414][ T285] ? inode_owner_or_capable+0x140/0x140 [ 27.859956][ T285] f2fs_fallocate+0x42b/0x7e0 [ 27.864680][ T285] vfs_fallocate+0x4b4/0x590 [ 27.869285][ T285] do_vfs_ioctl+0x12e3/0x1510 [ 27.873945][ T285] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 27.879559][ T285] ? has_cap_mac_admin+0x330/0x330 [ 27.884673][ T285] ? _raw_spin_lock_irq+0x8f/0xe0 [ 27.889678][ T285] ? __kasan_check_write+0x14/0x20 [ 27.894767][ T285] ? _raw_spin_lock_irq+0x8f/0xe0 [ 27.899771][ T285] ? selinux_file_ioctl+0x377/0x480 [ 27.904951][ T285] ? selinux_file_alloc_security+0x120/0x120 [ 27.910927][ T285] ? _raw_spin_unlock_irq+0x4e/0x70 [ 27.916111][ T285] ? ptrace_notify+0x1c4/0x250 [ 27.920856][ T285] ? do_notify_parent+0x7e0/0x7e0 [ 27.925869][ T285] ? security_file_ioctl+0x84/0xa0 [ 27.930980][ T285] __se_sys_ioctl+0x9f/0x1a0 [ 27.935552][ T285] __x64_sys_ioctl+0x7b/0x90 [ 27.940131][ T285] do_syscall_64+0x31/0x40 [ 27.944533][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 27.950405][ T285] RIP: 0033:0x7f4083e37d69 [ 27.954806][ T285] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 27.974404][ T285] RSP: 002b:00007ffdab074718 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.982801][ T285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4083e37d69 [ 27.990754][ T285] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005 [ 27.998706][ T285] RBP: 00007f4083e7c5f3 R08: 00007f4083e7c623 R09: 00007f4083e7c623 [ 28.006668][ T285] R10: 00007f4083e7c623 R11: 0000000000000246 R12: 00007f4083e7c47a [ 28.015435][ T285] R13: 00007f4083e7c574 R14: 0000000000000001 R15: 0000000000000003 [ 28.025973][ T285] [ 28.028427][ T285] Allocated by task 285: [ 28.032658][ T285] __kasan_kmalloc+0xda/0x110 [ 28.037318][ T285] __kmalloc+0x1a7/0x330 [ 28.041556][ T285] kvmalloc_node+0x88/0x130 [ 28.046061][ T285] f2fs_build_segment_manager+0xdba/0x48f0 [ 28.051996][ T285] f2fs_fill_super+0x42d1/0x6c70 [ 28.056920][ T285] mount_bdev+0x28b/0x3a0 [ 28.062382][ T285] f2fs_mount+0x34/0x40 [ 28.066550][ T285] legacy_get_tree+0xed/0x190 [ 28.071206][ T285] vfs_get_tree+0x89/0x260 [ 28.075600][ T285] do_new_mount+0x25a/0xa20 [ 28.080082][ T285] path_mount+0x572/0xc80 [ 28.084610][ T285] __se_sys_mount+0x318/0x380 [ 28.089272][ T285] __x64_sys_mount+0xbf/0xd0 [ 28.094386][ T285] do_syscall_64+0x31/0x40 [ 28.099384][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.105254][ T285] [ 28.107585][ T285] The buggy address belongs to the object at ffff88810bc5a000 [ 28.107585][ T285] which belongs to the cache kmalloc-1k of size 1024 [ 28.121640][ T285] The buggy address is located 960 bytes inside of [ 28.121640][ T285] 1024-byte region [ffff88810bc5a000, ffff88810bc5a400) [ 28.137180][ T285] The buggy address belongs to the page: [ 28.143176][ T285] page:ffffea00042f1600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10bc58 [ 28.153840][ T285] head:ffffea00042f1600 order:3 compound_mapcount:0 compound_pincount:0 [ 28.162154][ T285] flags: 0x4000000000010200(slab|head) [ 28.167601][ T285] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100042f00 [ 28.176177][ T285] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 28.185942][ T285] page dumped because: kasan: bad access detected [ 28.193139][ T285] page_owner tracks the page as allocated [ 28.199026][ T285] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 285, ts 26777718207, free_ts 26465327226 [ 28.218275][ T285] prep_new_page+0x179/0x180 [ 28.223040][ T285] get_page_from_freelist+0x2235/0x23d0 [ 28.230095][ T285] __alloc_pages_nodemask+0x268/0x5f0 [ 28.235521][ T285] new_slab+0x84/0x3f0 [ 28.239602][ T285] ___slab_alloc+0x2a6/0x450 [ 28.245589][ T285] __slab_alloc+0x63/0xa0 [ 28.249918][ T285] __kmalloc_track_caller+0x1ef/0x320 [ 28.255281][ T285] __alloc_skb+0xdc/0x520 [ 28.260022][ T285] alloc_uevent_skb+0x85/0x240 [ 28.265245][ T285] kobject_uevent_net_broadcast+0x335/0x5a0 [ 28.272384][ T285] kobject_uevent_env+0x52e/0x700 [ 28.277407][ T285] kobject_uevent+0x1d/0x30 [ 28.281906][ T285] loop_set_size+0xb4/0xc0 [ 28.286311][ T285] loop_configure+0xd6d/0x1260 [ 28.291058][ T285] lo_ioctl+0x76d/0x1a80 [ 28.295289][ T285] blkdev_ioctl+0x2d2/0x5b0 [ 28.300936][ T285] page last free stack trace: [ 28.306106][ T285] __free_pages_ok+0x7fc/0x820 [ 28.310854][ T285] __free_pages+0xdd/0x380 [ 28.315254][ T285] __free_slab+0xcf/0x190 [ 28.319583][ T285] unfreeze_partials+0x15f/0x190 [ 28.324501][ T285] put_cpu_partial+0xc1/0x180 [ 28.329171][ T285] __slab_free+0x2c9/0x3a0 [ 28.333657][ T285] ___cache_free+0x111/0x130 [ 28.338421][ T285] qlink_free+0x50/0x90 [ 28.343000][ T285] qlist_free_all+0x5f/0xb0 [ 28.347778][ T285] kasan_quarantine_reduce+0x14a/0x160 [ 28.353227][ T285] __kasan_slab_alloc+0x2f/0xf0 [ 28.358064][ T285] slab_post_alloc_hook+0x5d/0x2f0 [ 28.363180][ T285] kmem_cache_alloc+0x165/0x2e0 [ 28.368030][ T285] __alloc_skb+0x9e/0x520 [ 28.372373][ T285] netlink_sendmsg+0x5f6/0xb30 [ 28.377913][ T285] __sys_sendto+0x41d/0x580 [ 28.383293][ T285] [ 28.385624][ T285] Memory state around the buggy address: [ 28.392302][ T285] ffff88810bc5a280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.400536][ T285] ffff88810bc5a300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 28.410699][ T285] >ffff88810bc5a380: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 28.424792][ T285] ^ [ 28.432143][ T285] ffff88810bc5a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.440195][ T285] ffff88810bc5a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.448419][ T285] ================================================================== [ 28.460873][ T285] Disabling lock debugging due to kernel taint [ 28.470652][ T285] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 28.482380][ T285] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 28.492435][ T285] CPU: 1 PID: 285 Comm: syz-executor359 Tainted: G B W 5.10.237-syzkaller #0 [ 28.502301][ T285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 28.512527][ T285] RIP: 0010:update_sit_entry+0x3eb/0xf50 [ 28.519264][ T285] Code: 89 45 a8 49 01 c5 41 f6 d7 41 80 e7 07 44 89 f9 41 bf 01 00 00 00 41 d3 e7 4d 89 ee 49 c1 ee 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 04 06 84 c0 0f 85 a5 08 00 00 41 0f b6 5d 00 44 89 f8 41 [ 28.539076][ T285] RSP: 0018:ffffc90000bc7350 EFLAGS: 00010246 [ 28.545323][ T285] RAX: dffffc0000000000 RBX: ffff88810bc5a3c8 RCX: 0000000000000007 [ 28.553590][ T285] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88810bc5a3c8 [ 28.561813][ T285] RBP: ffffc90000bc73d0 R08: ffff888106b92780 R09: 0000000000000003 [ 28.569782][ T285] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000004000 [ 28.577735][ T285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000080 [ 28.585691][ T285] FS: 0000555571200480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 28.594761][ T285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.601330][ T285] CR2: 00007f4083eb2100 CR3: 0000000106bcf000 CR4: 00000000003506a0 [ 28.609308][ T285] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 28.617271][ T285] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 28.625443][ T285] Call Trace: [ 28.628726][ T285] ? __asan_report_store8_noabort+0x17/0x20 [ 28.634622][ T285] f2fs_allocate_data_block+0x156b/0x3a10 [ 28.640337][ T285] ? _raw_spin_unlock+0x4d/0x70 [ 28.645195][ T285] ? f2fs_inode_dirtied+0x26b/0x2a0 [ 28.650373][ T285] ? f2fs_io_type_to_rw_hint+0x1e0/0x1e0 [ 28.655985][ T285] ? f2fs_mark_inode_dirty_sync+0x110/0x140 [ 28.661881][ T285] ? inc_valid_block_count+0x562/0xa90 [ 28.667342][ T285] __allocate_data_block+0x52a/0x980 [ 28.672620][ T285] ? f2fs_map_blocks+0x35c0/0x35c0 [ 28.677720][ T285] f2fs_map_blocks+0xdc8/0x35c0 [ 28.682594][ T285] ? __kasan_check_write+0x14/0x20 [ 28.687700][ T285] ? f2fs_do_map_lock+0x290/0x290 [ 28.692843][ T285] ? __kasan_check_write+0x14/0x20 [ 28.697960][ T285] ? down_read_trylock+0x100/0x150 [ 28.703063][ T285] expand_inode_data+0x5d7/0x930 [ 28.708006][ T285] ? f2fs_insert_range+0x5b0/0x5b0 [ 28.713109][ T285] ? inode_dio_wait+0x226/0x290 [ 28.717946][ T285] ? file_update_time+0x3a2/0x400 [ 28.722978][ T285] ? inode_owner_or_capable+0x140/0x140 [ 28.728508][ T285] f2fs_fallocate+0x42b/0x7e0 [ 28.733184][ T285] vfs_fallocate+0x4b4/0x590 [ 28.737753][ T285] do_vfs_ioctl+0x12e3/0x1510 [ 28.742423][ T285] ? __ia32_compat_sys_ioctl+0x7b0/0x7b0 [ 28.748051][ T285] ? has_cap_mac_admin+0x330/0x330 [ 28.753144][ T285] ? _raw_spin_lock_irq+0x8f/0xe0 [ 28.758167][ T285] ? __kasan_check_write+0x14/0x20 [ 28.763267][ T285] ? _raw_spin_lock_irq+0x8f/0xe0 [ 28.768296][ T285] ? selinux_file_ioctl+0x377/0x480 [ 28.773480][ T285] ? selinux_file_alloc_security+0x120/0x120 [ 28.779440][ T285] ? _raw_spin_unlock_irq+0x4e/0x70 [ 28.784623][ T285] ? ptrace_notify+0x1c4/0x250 [ 28.789365][ T285] ? do_notify_parent+0x7e0/0x7e0 [ 28.794366][ T285] ? security_file_ioctl+0x84/0xa0 [ 28.799456][ T285] __se_sys_ioctl+0x9f/0x1a0 [ 28.804035][ T285] __x64_sys_ioctl+0x7b/0x90 [ 28.808608][ T285] do_syscall_64+0x31/0x40 [ 28.813004][ T285] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 28.818879][ T285] RIP: 0033:0x7f4083e37d69 [ 28.823289][ T285] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 28.842892][ T285] RSP: 002b:00007ffdab074718 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 28.851283][ T285] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f4083e37d69 [ 28.859234][ T285] RDX: 00002000000000c0 RSI: 0000000040305828 RDI: 0000000000000005 [ 28.867205][ T285] RBP: 00007f4083e7c5f3 R08: 00007f4083e7c623 R09: 00007f4083e7c623 [ 28.875266][ T285] R10: 00007f4083e7c623 R11: 0000000000000246 R12: 00007f4083e7c47a [ 28.883244][ T285] R13: 00007f4083e7c574 R14: 0000000000000001 R15: 0000000000000003 [ 28.891305][ T285] Modules linked in: [ 28.896304][ T285] ---[ end trace 874606f54682fd6e ]--- [ 28.902216][ T285] RIP: 0010:update_sit_entry+0x3eb/0xf50 [ 28.907842][ T285] Code: 89 45 a8 49 01 c5 41 f6 d7 41 80 e7 07 44 89 f9 41 bf 01 00 00 00 41 d3 e7 4d 89 ee 49 c1 ee 03 48 b8 00 00 00 00 00 fc ff df <41> 0f b6 04 06 84 c0 0f 85 a5 08 00 00 41 0f b6 5d 00 44 89 f8 41 [ 28.927484][ T285] RSP: 0018:ffffc90000bc7350 EFLAGS: 00010246 [ 28.933569][ T285] RAX: dffffc0000000000 RBX: ffff88810bc5a3c8 RCX: 0000000000000007 [ 28.941525][ T285] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88810bc5a3c8 [ 28.949800][ T285] RBP: ffffc90000bc73d0 R08: ffff888106b92780 R09: 0000000000000003 [ 28.957806][ T285] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000004000 [ 28.965808][ T285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000080 [ 28.973867][ T285] FS: 0000555571200480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 28.983036][ T285] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.989718][ T285] CR2: 00007f4083eb2100 CR3: 0000000106bcf000 CR4: 00000000003506a0 [ 28.998020][ T285] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.006229][ T285] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.014318][ T285] Kernel panic - not syncing: Fatal exception [ 29.020612][ T285] Kernel Offset: disabled [ 29.024937][ T285] Rebooting in 86400 seconds..