./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3238749885 <...> Warning: Permanently added '10.128.1.32' (ED25519) to the list of known hosts. execve("./syz-executor3238749885", ["./syz-executor3238749885"], 0x7ffc7400ca50 /* 10 vars */) = 0 brk(NULL) = 0x5555570ea000 brk(0x5555570ead00) = 0x5555570ead00 arch_prctl(ARCH_SET_FS, 0x5555570ea380) = 0 set_tid_address(0x5555570ea650) = 5016 set_robust_list(0x5555570ea660, 24) = 0 rseq(0x5555570eaca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3238749885", 4096) = 28 getrandom("\x94\x7b\xd4\x5d\x80\xa9\x24\x38", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555570ead00 brk(0x55555710bd00) = 0x55555710bd00 brk(0x55555710c000) = 0x55555710c000 mprotect(0x7fa0ab961000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 getpid() = 5016 openat(AT_FDCWD, "/sys/kernel/debug/x86/nmi_longest_ns", O_WRONLY|O_CLOEXEC) = 3 write(3, "10000000000", 11) = 11 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/hung_task_check_interval_secs", O_WRONLY|O_CLOEXEC) = 3 write(3, "20", 2) = 2 close(3) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_kallsyms", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) newfstatat(1, "", {st_mode=S_IFIFO|0600, st_size=0, ...}, AT_EMPTY_PATH) = 0 openat(AT_FDCWD, "/proc/sys/net/core/bpf_jit_harden", O_WRONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) [ 83.990782][ T26] audit: type=1400 audit(1690037717.978:83): avc: denied { write } for pid=5013 comm="strace-static-x" path="pipe:[30427]" dev="pipefs" ino=30427 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 84.016798][ T26] audit: type=1400 audit(1690037718.008:84): avc: denied { append } for pid=4449 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 openat(AT_FDCWD, "/proc/sys/kernel/kptr_restrict", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/softlockup_all_cpu_backtrace", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/fs/mount-max", O_WRONLY|O_CLOEXEC) = 3 write(3, "100", 3) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_dump_tasks", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/debug/exception-trace", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/printk", O_WRONLY|O_CLOEXEC) = 3 write(3, "7 4 1 3", 7) = 7 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/keys/gc_delay", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/vm/oom_kill_allocating_task", O_WRONLY|O_CLOEXEC) = 3 write(3, "1", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/ctrl-alt-del", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/proc/sys/kernel/cad_pid", O_WRONLY|O_CLOEXEC) = 3 write(3, "5016", 4) = 4 close(3) = 0 mkdir("./syzkaller.BK1Y5S", 0700) = 0 chmod("./syzkaller.BK1Y5S", 0777) = 0 chdir("./syzkaller.BK1Y5S") = 0 getuid() = 0 [ 84.039197][ T26] audit: type=1400 audit(1690037718.008:85): avc: denied { open } for pid=4449 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 84.062083][ T26] audit: type=1400 audit(1690037718.008:86): avc: denied { getattr } for pid=4449 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa0a34ae000 [ 84.078041][ T5016] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5016 'syz-executor323' [ 84.085347][ T26] audit: type=1400 audit(1690037718.008:87): avc: denied { execmem } for pid=5016 comm="syz-executor323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 4194304) = 4194304 munmap(0x7fa0a34ae000, 4194304) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 [ 84.162825][ T26] audit: type=1400 audit(1690037718.148:88): avc: denied { read write } for pid=5016 comm="syz-executor323" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 84.173794][ T5016] loop0: detected capacity change from 0 to 8192 [ 84.187454][ T26] audit: type=1400 audit(1690037718.148:89): avc: denied { open } for pid=5016 comm="syz-executor323" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 84.204399][ T5016] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 84.218197][ T26] audit: type=1400 audit(1690037718.158:90): avc: denied { ioctl } for pid=5016 comm="syz-executor323" path="/dev/loop0" dev="devtmpfs" ino=648 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 84.256605][ T5016] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 84.257117][ T5016] REISERFS (device loop0): using ordered data mode [ 84.272454][ T5016] reiserfs: using flush barriers [ 84.272479][ T26] audit: type=1400 audit(1690037718.188:91): avc: denied { mounton } for pid=5016 comm="syz-executor323" path="/root/syzkaller.BK1Y5S/file0" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 84.280054][ T5016] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 4294967295, max trans age 30 [ 84.319441][ T5016] REISERFS (device loop0): checking transaction log (loop0) [ 84.329440][ T5016] REISERFS (device loop0): Using r5 hash to sort names [ 84.336675][ T5016] REISERFS (device loop0): using 3.5.x disk format [ 84.367188][ T5016] BUG: unable to handle page fault for address: ffff88807408f000 [ 84.374936][ T5016] #PF: supervisor write access in kernel mode [ 84.381004][ T5016] #PF: error_code(0x0003) - permissions violation [ 84.387675][ T5016] PGD 12601067 P4D 12601067 PUD 79ae6063 PMD 20643063 PTE 800000007408f161 [ 84.396292][ T5016] Oops: 0003 [#1] PREEMPT SMP KASAN [ 84.401497][ T5016] CPU: 1 PID: 5016 Comm: syz-executor323 Not tainted 6.5.0-rc2-syzkaller-00307-gd192f5382581 #0 [ 84.411917][ T5016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 [ 84.422065][ T5016] RIP: 0010:memmove+0x28/0x1b0 [ 84.426879][ T5016] Code: c3 90 f3 0f 1e fa 48 89 f8 48 39 fe 7d 0f 49 89 f0 49 01 d0 49 39 f8 0f 8f b5 00 00 00 48 83 fa 20 0f 82 01 01 00 00 48 89 d1 a4 c3 48 81 fa a8 02 00 00 72 05 40 38 fe 74 47 48 83 ea 20 48 [ 84.446498][ T5016] RSP: 0018:ffffc9000322ef88 EFLAGS: 00010286 [ 84.452572][ T5016] RAX: ffff888070b6bfb4 RBX: 0000000000000002 RCX: fffffffffcadcf94 [ 84.460552][ T5016] RDX: ffffffffffffffe0 RSI: ffff88807408eff0 RDI: ffff88807408f000 [ 84.468610][ T5016] RBP: 0000000000000020 R08: ffff888070b6bf84 R09: 0000766972705f73 [ 84.476595][ T5016] R10: 667265736965722e R11: 0000766972705f73 R12: 0000000000000001 [ 84.484577][ T5016] R13: 0000000000000000 R14: ffff888070b6bfa4 R15: 0000000000000010 [ 84.492551][ T5016] FS: 00005555570ea380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 84.501502][ T5016] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 84.508099][ T5016] CR2: ffff88807408f000 CR3: 000000007e3a3000 CR4: 00000000003506e0 [ 84.516087][ T5016] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 84.524070][ T5016] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 84.532049][ T5016] Call Trace: [ 84.535335][ T5016] [ 84.538267][ T5016] ? __die+0x1e/0x60 [ 84.542195][ T5016] ? page_fault_oops+0x398/0xad0 [ 84.547144][ T5016] ? cmp_ex_sort+0xc0/0xc0 [ 84.551567][ T5016] ? dump_pagetable+0x530/0x530 [ 84.556434][ T5016] ? search_extable+0x83/0xb0 [ 84.561117][ T5016] ? is_prefetch.constprop.0+0xb6/0x550 [ 84.566674][ T5016] ? trim_init_extable+0x430/0x430 [ 84.571799][ T5016] ? __module_address+0x55/0x3b0 [ 84.576749][ T5016] ? pgtable_bad+0x80/0x80 [ 84.581173][ T5016] ? memmove+0x28/0x1b0 [ 84.585359][ T5016] ? fixup_exception+0x110/0xc70 [ 84.590327][ T5016] ? kernelmode_fixup_or_oops+0x23c/0x2b0 [ 84.596074][ T5016] ? __bad_area_nosemaphore+0x390/0x6a0 [ 84.601643][ T5016] ? spurious_kernel_fault+0x376/0x550 [ 84.607117][ T5016] ? do_kern_addr_fault+0x5b/0x70 [ 84.612169][ T5016] ? exc_page_fault+0xba/0xd0 [ 84.616873][ T5016] ? asm_exc_page_fault+0x26/0x30 [ 84.621933][ T5016] ? memmove+0x28/0x1b0 [ 84.626124][ T5016] leaf_paste_entries+0x43c/0x920 [ 84.631179][ T5016] balance_leaf+0x9476/0xcd90 [ 84.635873][ T5016] ? get_num_ver.constprop.0+0xfd0/0xfd0 [ 84.641535][ T5016] ? replace_key+0x150/0x150 [ 84.646149][ T5016] do_balance+0x337/0x840 [ 84.650503][ T5016] ? get_right_neighbor_position+0x170/0x170 [ 84.656501][ T5016] ? bit_wait_io_timeout+0x160/0x160 [ 84.661818][ T5016] reiserfs_paste_into_item+0x62a/0x7c0 [ 84.667386][ T5016] ? reiserfs_delete_object+0x200/0x200 [ 84.672982][ T5016] ? search_by_entry_key+0x940/0x940 [ 84.678296][ T5016] ? reiserfs_new_inode+0x124f/0x2100 [ 84.683690][ T5016] ? r5_hash+0xaf/0xd0 [ 84.687766][ T5016] ? make_cpu_key+0x26/0x2a0 [ 84.692379][ T5016] reiserfs_add_entry+0x936/0xd60 [ 84.697517][ T5016] ? reiserfs_lookup+0x690/0x690 [ 84.702479][ T5016] reiserfs_mkdir+0x68a/0x9a0 [ 84.707170][ T5016] ? reiserfs_mknod+0x740/0x740 [ 84.712054][ T5016] ? reiserfs_lookup_privroot+0x19b/0x200 [ 84.717807][ T5016] ? down_write_killable_nested+0x250/0x250 [ 84.723721][ T5016] reiserfs_xattr_init+0x57f/0xbb0 [ 84.728861][ T5016] reiserfs_fill_super+0x2139/0x3150 [ 84.734185][ T5016] ? reiserfs_remount+0x1640/0x1640 [ 84.739424][ T5016] ? reacquire_held_locks+0x4b0/0x4b0 [ 84.744812][ T5016] ? snprintf+0xc8/0x100 [ 84.749075][ T5016] ? reiserfs_remount+0x1640/0x1640 [ 84.754755][ T5016] mount_bdev+0x30d/0x3d0 [ 84.759102][ T5016] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 84.764146][ T5016] legacy_get_tree+0x109/0x220 [ 84.768929][ T5016] vfs_get_tree+0x88/0x350 [ 84.773449][ T5016] path_mount+0x1492/0x1ed0 [ 84.777967][ T5016] ? lockdep_hardirqs_on+0x7d/0x100 [ 84.783178][ T5016] ? finish_automount+0xa50/0xa50 [ 84.788214][ T5016] ? putname+0x101/0x140 [ 84.792486][ T5016] __x64_sys_mount+0x293/0x310 [ 84.797261][ T5016] ? copy_mnt_ns+0xb60/0xb60 [ 84.801862][ T5016] ? lockdep_hardirqs_on+0x7d/0x100 [ 84.807080][ T5016] ? _raw_spin_unlock_irq+0x2e/0x50 [ 84.812294][ T5016] ? ptrace_notify+0xf4/0x130 [ 84.816988][ T5016] do_syscall_64+0x38/0xb0 [ 84.821413][ T5016] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 84.827329][ T5016] RIP: 0033:0x7fa0ab8f4bca [ 84.831748][ T5016] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 3e 07 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 84.851457][ T5016] RSP: 002b:00007ffde9772678 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 84.859879][ T5016] RAX: ffffffffffffffda RBX: 00007ffde9772690 RCX: 00007fa0ab8f4bca [ 84.867860][ T5016] RDX: 0000000020001100 RSI: 0000000020000040 RDI: 00007ffde9772690 [ 84.875850][ T5016] RBP: 0000000000000004 R08: 00007ffde97726d0 R09: 00000000000010f3 [ 84.883834][ T5016] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 84.891905][ T5016] R13: 00007ffde97726d0 R14: 0000000000000003 R15: 0000000000400000 [ 84.899915][ T5016] [ 84.902947][ T5016] Modules linked in: [ 84.906845][ T5016] CR2: ffff88807408f000 [ 84.911000][ T5016] ---[ end trace 0000000000000000 ]--- [ 84.916462][ T5016] RIP: 0010:memmove+0x28/0x1b0 [ 84.921251][ T5016] Code: c3 90 f3 0f 1e fa 48 89 f8 48 39 fe 7d 0f 49 89 f0 49 01 d0 49 39 f8 0f 8f b5 00 00 00 48 83 fa 20 0f 82 01 01 00 00 48 89 d1 a4 c3 48 81 fa a8 02 00 00 72 05 40 38 fe 74 47 48 83 ea 20 48 [ 84.940886][ T5016] RSP: 0018:ffffc9000322ef88 EFLAGS: 00010286 [ 84.946963][ T5016] RAX: ffff888070b6bfb4 RBX: 0000000000000002 RCX: fffffffffcadcf94 [ 84.954939][ T5016] RDX: ffffffffffffffe0 RSI: ffff88807408eff0 RDI: ffff88807408f000 [ 84.962919][ T5016] RBP: 0000000000000020 R08: ffff888070b6bf84 R09: 0000766972705f73 [ 84.970904][ T5016] R10: 667265736965722e R11: 0000766972705f73 R12: 0000000000000001 [ 84.978984][ T5016] R13: 0000000000000000 R14: ffff888070b6bfa4 R15: 0000000000000010 [ 84.986962][ T5016] FS: 00005555570ea380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 84.995902][ T5016] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 85.002608][ T5016] CR2: ffff88807408f000 CR3: 000000007e3a3000 CR4: 00000000003506e0 [ 85.010638][ T5016] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 85.018614][ T5016] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 85.026596][ T5016] Kernel panic - not syncing: Fatal exception [ 85.032756][ T5016] Kernel Offset: disabled [ 85.037084][ T5016] Rebooting in 86400 seconds..