./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3547525628 <...> Warning: Permanently added '10.128.1.182' (ED25519) to the list of known hosts. execve("./syz-executor3547525628", ["./syz-executor3547525628"], 0x7ffe2b193df0 /* 10 vars */) = 0 brk(NULL) = 0x5555562fb000 brk(0x5555562fbd00) = 0x5555562fbd00 arch_prctl(ARCH_SET_FS, 0x5555562fb380) = 0 set_tid_address(0x5555562fb650) = 357 set_robust_list(0x5555562fb660, 24) = 0 rseq(0x5555562fbca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3547525628", 4096) = 28 getrandom("\x53\xf6\xab\x21\x9f\x1a\xed\x3e", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555562fbd00 brk(0x55555631cd00) = 0x55555631cd00 brk(0x55555631d000) = 0x55555631d000 mprotect(0x7f663fd3c000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f663788c000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 munmap(0x7f663788c000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 [ 25.266383][ T23] audit: type=1400 audit(1705145130.340:66): avc: denied { execmem } for pid=357 comm="syz-executor354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 25.290563][ T23] audit: type=1400 audit(1705145130.370:67): avc: denied { read write } for pid=357 comm="syz-executor354" name="loop0" dev="devtmpfs" ino=9324 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 close(4) = 0 mkdir("./file0", 0777) = 0 [ 25.314936][ T23] audit: type=1400 audit(1705145130.380:68): avc: denied { open } for pid=357 comm="syz-executor354" path="/dev/loop0" dev="devtmpfs" ino=9324 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 25.339110][ T23] audit: type=1400 audit(1705145130.380:69): avc: denied { ioctl } for pid=357 comm="syz-executor354" path="/dev/loop0" dev="devtmpfs" ino=9324 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 25.391080][ T23] audit: type=1400 audit(1705145130.470:70): avc: denied { mounton } for pid=357 comm="syz-executor354" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 25.460181][ T357] EXT4-fs error (device loop0): ext4_fill_super:4612: inode #2: comm syz-executor354: casefold flag without casefold feature [ 25.473158][ T357] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 25.484451][ T357] ------------[ cut here ]------------ [ 25.489707][ T357] kernel BUG at fs/ext4/extents_status.c:202! [ 25.495655][ T357] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 25.501515][ T357] CPU: 1 PID: 357 Comm: syz-executor354 Not tainted 5.4.259-syzkaller-00012-g57a39998c138 #0 [ 25.511491][ T357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 25.521396][ T357] RIP: 0010:ext4_es_cache_extent+0x4c0/0x640 [ 25.527206][ T357] Code: d0 ff e9 fe fe ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 78 fe ff ff 4c 89 f7 e8 3a d6 d0 ff e9 6b fe ff ff e8 70 05 a1 ff <0f> 0b 4c 89 7c 24 18 65 8b 1d fa f1 3e 7e 89 d8 c1 e8 06 48 8d 3c [ 25.546647][ T357] RSP: 0018:ffff8881dc90ee00 EFLAGS: 00010293 [ 25.552547][ T357] RAX: ffffffff81c33f30 RBX: 0000000000000000 RCX: ffff8881dc8fcec0 [ 25.560355][ T357] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 25.568168][ T357] RBP: ffff8881dc90ef08 R08: ffffffff81c33c9e R09: 0000000000000003 [ 25.575981][ T357] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffff1103d198c81 [ 25.583790][ T357] R13: dffffc0000000000 R14: ffff8881e8cc640c R15: 0000000000000001 [ 25.591605][ T357] FS: 00005555562fb380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 25.600367][ T357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.606791][ T357] CR2: 000055ff6c4020a0 CR3: 00000001dce9f000 CR4: 00000000003406a0 [ 25.614602][ T357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 25.622412][ T357] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 25.630235][ T357] Call Trace: [ 25.633355][ T357] ? __die+0xb4/0x100 [ 25.637169][ T357] ? die+0x26/0x50 [ 25.640732][ T357] ? do_trap+0x1e7/0x340 [ 25.644819][ T357] ? ext4_es_cache_extent+0x4c0/0x640 [ 25.650015][ T357] ? ext4_es_cache_extent+0x4c0/0x640 [ 25.655220][ T357] ? do_invalid_op+0xfb/0x110 [ 25.659734][ T357] ? ext4_es_cache_extent+0x4c0/0x640 [ 25.664944][ T357] ? invalid_op+0x1e/0x30 [ 25.669111][ T357] ? ext4_es_cache_extent+0x22e/0x640 [ 25.674490][ T357] ? ext4_es_cache_extent+0x4c0/0x640 [ 25.679720][ T357] ? ext4_es_cache_extent+0x4c0/0x640 [ 25.684906][ T357] ? __es_shrink+0x860/0x860 [ 25.689336][ T357] ext4_find_extent+0x4e1/0xda0 [ 25.694020][ T357] ext4_ext_map_blocks+0x289/0x7450 [ 25.699052][ T357] ? __x64_sys_mount+0xb1/0xc0 [ 25.703656][ T357] ? __unwind_start+0x708/0x890 [ 25.708352][ T357] ? deref_stack_reg+0x1f0/0x1f0 [ 25.713132][ T357] ? deref_stack_reg+0x1f0/0x1f0 [ 25.717914][ T357] ? ext4_ext_release+0x10/0x10 [ 25.722573][ T357] ? stack_trace_save+0x1c0/0x1c0 [ 25.727434][ T357] ? arch_stack_walk+0x111/0x140 [ 25.732211][ T357] ? check_preemption_disabled+0x9f/0x320 [ 25.737764][ T357] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 25.743055][ T357] ? debug_smp_processor_id+0x20/0x20 [ 25.748273][ T357] ? __down_read+0xf0/0x210 [ 25.752607][ T357] ? _raw_read_unlock+0x21/0x40 [ 25.757291][ T357] ? ext4_es_lookup_extent+0x559/0x9d0 [ 25.762584][ T357] ext4_map_blocks+0x3a4/0x1ba0 [ 25.767275][ T357] ? do_mount+0x688/0xe10 [ 25.771434][ T357] ? ksys_mount+0xc2/0xf0 [ 25.775603][ T357] ? __x64_sys_mount+0xb1/0xc0 [ 25.780202][ T357] ? ext4_issue_zeroout+0x150/0x150 [ 25.785242][ T357] ? __getblk_gfp+0x3a/0x720 [ 25.789664][ T357] ext4_getblk+0x112/0x540 [ 25.793943][ T357] ? ext4_data_block_valid+0xdd/0x2f0 [ 25.799123][ T357] ? __ext4_ext_check+0xb72/0x1480 [ 25.804068][ T357] ? ext4_get_block_trans+0x5b0/0x5b0 [ 25.809285][ T357] ext4_bread+0x89/0x390 [ 25.813363][ T357] ? lock_buffer+0x70/0x70 [ 25.817633][ T357] ? from_kgid_munged+0x7a0/0x7a0 [ 25.822480][ T357] ? _raw_spin_unlock+0x49/0x60 [ 25.827158][ T357] ext4_quota_read+0x180/0x280 [ 25.831769][ T357] v2_check_quota_file+0xf7/0x490 [ 25.836615][ T357] ? _raw_spin_lock+0xa4/0x1b0 [ 25.841218][ T357] ? asan.module_dtor+0x20/0x20 [ 25.845904][ T357] ? _raw_spin_lock+0xa4/0x1b0 [ 25.850613][ T357] ? _raw_spin_trylock_bh+0x190/0x190 [ 25.855821][ T357] dquot_load_quota_sb+0x6af/0xc00 [ 25.860757][ T357] vfs_load_quota_inode+0x3cf/0x660 [ 25.865796][ T357] ext4_enable_quotas+0x5a8/0x940 [ 25.870665][ T357] ? ext4_fill_flex_info+0x5e0/0x5e0 [ 25.875780][ T357] ? proc_create+0x230/0x230 [ 25.880200][ T357] ? __mutex_init+0x9e/0xf0 [ 25.884540][ T357] ? ext4_register_sysfs+0x1d9/0x210 [ 25.889667][ T357] ext4_fill_super+0x84f0/0x8d90 [ 25.894441][ T357] ? ext4_mount+0x40/0x40 [ 25.898602][ T357] ? vscnprintf+0x80/0x80 [ 25.902775][ T357] mount_bdev+0x267/0x370 [ 25.906933][ T357] ? ext4_mount+0x40/0x40 [ 25.911101][ T357] legacy_get_tree+0xdf/0x170 [ 25.915615][ T357] ? ext4_lazyinit_thread+0xc60/0xc60 [ 25.920826][ T357] vfs_get_tree+0x85/0x260 [ 25.925189][ T357] do_new_mount+0x292/0x570 [ 25.929523][ T357] ? do_move_mount_old+0x160/0x160 [ 25.934473][ T357] ? security_capable+0x86/0xb0 [ 25.939150][ T357] do_mount+0x688/0xe10 [ 25.943144][ T357] ? copy_mount_string+0x30/0x30 [ 25.948003][ T357] ? copy_mount_options+0x29a/0x300 [ 25.953041][ T357] ksys_mount+0xc2/0xf0 [ 25.957033][ T357] __x64_sys_mount+0xb1/0xc0 [ 25.961458][ T357] do_syscall_64+0xca/0x1c0 [ 25.965795][ T357] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 25.971535][ T357] Modules linked in: [ 25.975376][ T357] ---[ end trace 07428ef18b89f72d ]--- [ 25.980578][ T357] RIP: 0010:ext4_es_cache_extent+0x4c0/0x640 [ 25.986372][ T357] Code: d0 ff e9 fe fe ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 78 fe ff ff 4c 89 f7 e8 3a d6 d0 ff e9 6b fe ff ff e8 70 05 a1 ff <0f> 0b 4c 89 7c 24 18 65 8b 1d fa f1 3e 7e 89 d8 c1 e8 06 48 8d 3c [ 26.005863][ T357] RSP: 0018:ffff8881dc90ee00 EFLAGS: 00010293 [ 26.011815][ T357] RAX: ffffffff81c33f30 RBX: 0000000000000000 RCX: ffff8881dc8fcec0 [ 26.019639][ T357] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 26.027416][ T357] RBP: ffff8881dc90ef08 R08: ffffffff81c33c9e R09: 0000000000000003 [ 26.035260][ T357] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffff1103d198c81 [ 26.043059][ T357] R13: dffffc0000000000 R14: ffff8881e8cc640c R15: 0000000000000001 [ 26.050937][ T357] FS: 00005555562fb380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 26.059671][ T357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.066037][ T357] CR2: 000055ff6c4020a0 CR3: 00000001dce9f000 CR4: 00000000003406a0 [ 26.073881][ T357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.081778][ T357] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.089602][ T357] Kernel panic - not syncing: Fatal exception [ 26.095755][ T357] Kernel Offset: disabled [ 26.099877][ T357] Rebooting in 86400 seconds..