./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1980513605

<...>
Warning: Permanently added '10.128.1.144' (ED25519) to the list of known hosts.
execve("./syz-executor1980513605", ["./syz-executor1980513605"], 0x7ffc612c7a70 /* 10 vars */) = 0
brk(NULL)                               = 0x55558783f000
brk(0x55558783fd00)                     = 0x55558783fd00
arch_prctl(ARCH_SET_FS, 0x55558783f380) = 0
set_tid_address(0x55558783f650)         = 361
set_robust_list(0x55558783f660, 24)     = 0
rseq(0x55558783fca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1980513605", 4096) = 28
getrandom("\xcf\xec\x84\x10\xf4\x4c\x0f\x63", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55558783fd00
brk(0x555587860d00)                     = 0x555587860d00
brk(0x555587861000)                     = 0x555587861000
mprotect(0x7fefd7ae0000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
write(1, "executing program\n", 18executing program
)     = 18
memfd_create("syzkaller", 0)            = 3
mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fefcf630000
write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288
munmap(0x7fefcf630000, 138412032)       = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
[   27.826221][   T23] audit: type=1400 audit(1737945695.199:66): avc:  denied  { execmem } for  pid=361 comm="syz-executor198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   27.852255][   T23] audit: type=1400 audit(1737945695.229:67): avc:  denied  { read write } for  pid=361 comm="syz-executor198" name="loop0" dev="devtmpfs" ino=9425 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
ioctl(4, LOOP_SET_FD, 3)                = 0
close(3)                                = 0
close(4)                                = 0
mkdir("./file1", 0777)                  = 0
[   27.876473][   T23] audit: type=1400 audit(1737945695.229:68): avc:  denied  { open } for  pid=361 comm="syz-executor198" path="/dev/loop0" dev="devtmpfs" ino=9425 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   27.900678][   T23] audit: type=1400 audit(1737945695.259:69): avc:  denied  { ioctl } for  pid=361 comm="syz-executor198" path="/dev/loop0" dev="devtmpfs" ino=9425 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   27.941788][   T23] audit: type=1400 audit(1737945695.319:70): avc:  denied  { mounton } for  pid=361 comm="syz-executor198" path="/root/file1" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   27.959264][  T361] EXT4-fs (loop0): Ignoring removed orlov option
[   27.970559][  T361] EXT4-fs (loop0): Ignoring removed orlov option
mount("/dev/loop0", "./file1", "ext4", MS_POSIXACL|MS_RELATIME, "jqfmt=vfsv1,resgid=0x0000000000000000,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0"...) = 0
openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3
chdir("./file1")                        = 0
openat(AT_FDCWD, "/dev/loop0", O_RDWR)  = 4
ioctl(4, LOOP_CLR_FD)                   = 0
close(4)                                = 0
openat(AT_FDCWD, "./bus", O_RDWR|O_CREAT, 000) = 4
pwrite64(4, "2f", 2, 134745185)         = 2
mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0
open("./bus", O_RDWR|O_NOCTTY|O_SYNC|O_NOATIME|0x3c) = 5
[   27.981488][  T361] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,orlov,orlov,
[   28.002660][   T23] audit: type=1400 audit(1737945695.379:71): avc:  denied  { mount } for  pid=361 comm="syz-executor198" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
write(5, "\x23\x21\x20\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x32\x66\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 34136651) = 524288
exit_group(0)                           = ?
[   28.024731][   T23] audit: type=1400 audit(1737945695.389:72): avc:  denied  { write } for  pid=361 comm="syz-executor198" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   28.046861][   T23] audit: type=1400 audit(1737945695.389:73): avc:  denied  { add_name } for  pid=361 comm="syz-executor198" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   28.067593][   T23] audit: type=1400 audit(1737945695.389:74): avc:  denied  { create } for  pid=361 comm="syz-executor198" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   28.068957][  T361] ------------[ cut here ]------------
[   28.088072][   T23] audit: type=1400 audit(1737945695.399:75): avc:  denied  { read write open } for  pid=361 comm="syz-executor198" path="/root/file1/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   28.092891][  T361] kernel BUG at fs/ext4/ext4.h:2984!
[   28.093392][  T361] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   28.127441][  T361] CPU: 0 PID: 361 Comm: syz-executor198 Not tainted 5.4.289-syzkaller-00025-g49530c73f82d #0
[   28.137415][  T361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   28.147332][  T361] RIP: 0010:ext4_mb_load_buddy_gfp+0xf29/0xf40
[   28.153302][  T361] Code: ff e8 cb a1 c9 ff e9 0a f3 ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 52 f3 ff ff e8 d1 a1 c9 ff e9 48 f3 ff ff e8 37 b7 99 ff <0f> 0b e8 30 b7 99 ff 0f 0b e8 29 b7 99 ff 0f 0b e8 22 b7 99 ff 0f
[   28.172740][  T361] RSP: 0018:ffff8881ee527a48 EFLAGS: 00010293
[   28.178655][  T361] RAX: ffffffff81ca9339 RBX: 0000000000000001 RCX: ffff8881f0d0af40
[   28.186452][  T361] RDX: 0000000000000000 RSI: 00000000ffffcd50 RDI: 0000000000000001
[   28.194265][  T361] RBP: ffff8881ef796000 R08: ffffffff81ca84e2 R09: ffffed103b9e0fab
[   28.202076][  T361] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1103def287e
[   28.209886][  T361] R13: dffffc0000000000 R14: 00000000ffffcd50 R15: ffff8881ef7943f0
[   28.217697][  T361] FS:  000055558783f380(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   28.226462][  T361] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   28.232886][  T361] CR2: 00007f7991c9eed8 CR3: 00000001eccd8000 CR4: 00000000003406b0
[   28.240699][  T361] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   28.248508][  T361] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   28.256318][  T361] Call Trace:
[   28.259452][  T361]  ? __die+0xb4/0x100
[   28.263265][  T361]  ? die+0x26/0x50
[   28.266822][  T361]  ? do_trap+0x1e7/0x340
[   28.270904][  T361]  ? ext4_mb_load_buddy_gfp+0xf29/0xf40
[   28.276281][  T361]  ? ext4_mb_load_buddy_gfp+0xf29/0xf40
[   28.281666][  T361]  ? do_invalid_op+0xfb/0x110
[   28.286176][  T361]  ? ext4_mb_load_buddy_gfp+0xf29/0xf40
[   28.291562][  T361]  ? invalid_op+0x1e/0x30
[   28.295724][  T361]  ? ext4_mb_load_buddy_gfp+0xd2/0xf40
[   28.301019][  T361]  ? ext4_mb_load_buddy_gfp+0xf29/0xf40
[   28.306399][  T361]  ? ext4_mb_load_buddy_gfp+0xf29/0xf40
[   28.311784][  T361]  ? ext4_mb_load_buddy_gfp+0xf29/0xf40
[   28.317162][  T361]  ? locks_remove_posix+0x660/0x660
[   28.322195][  T361]  ? ext4_get_group_number+0xdd/0x190
[   28.327404][  T361]  ext4_discard_preallocations+0x603/0xb90
[   28.333048][  T361]  ? debug_smp_processor_id+0x20/0x20
[   28.338255][  T361]  ? ext4_exit_mballoc+0xf0/0xf0
[   28.343025][  T361]  ? __fsnotify_parent+0x310/0x310
[   28.347973][  T361]  ext4_release_file+0x165/0x300
[   28.352749][  T361]  ? ext4_file_open+0x5e0/0x5e0
[   28.357432][  T361]  __fput+0x262/0x680
[   28.361253][  T361]  task_work_run+0x140/0x170
[   28.365679][  T361]  do_exit+0xcaf/0x2bc0
[   28.369673][  T361]  ? put_task_struct+0x80/0x80
[   28.374273][  T361]  ? syscall_trace_enter+0x650/0x940
[   28.379393][  T361]  do_group_exit+0x138/0x300
[   28.383820][  T361]  __x64_sys_exit_group+0x3b/0x40
[   28.388680][  T361]  do_syscall_64+0xca/0x1c0
[   28.393019][  T361]  entry_SYSCALL_64_after_hwframe+0x5c/0xc1
[   28.398759][  T361] RIP: 0033:0x7fefd7a6c2f9
[   28.403001][  T361] Code: Bad RIP value.
[   28.406902][  T361] RSP: 002b:00007ffc7f4e0ec8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[   28.415148][  T361] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fefd7a6c2f9
[   28.422958][  T361] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[   28.430771][  T361] RBP: 00007fefd7ae6370 R08: ffffffffffffffb8 R09: 00007ffc7f4e10e8
[   28.438585][  T361] R10: 00007ffc7f4e10e8 R11: 0000000000000246 R12: 00007fefd7ae6370
[   28.446392][  T361] R13: 0000000000000000 R14: 00007fefd7ae70e0 R15: 00007fefd7a3abc0
[   28.454218][  T361] Modules linked in:
[   28.458135][  T361] ---[ end trace 20b885efd4a40b8d ]---
[   28.463467][  T361] RIP: 0010:ext4_mb_load_buddy_gfp+0xf29/0xf40
[   28.469414][  T361] Code: ff e8 cb a1 c9 ff e9 0a f3 ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 52 f3 ff ff e8 d1 a1 c9 ff e9 48 f3 ff ff e8 37 b7 99 ff <0f> 0b e8 30 b7 99 ff 0f 0b e8 29 b7 99 ff 0f 0b e8 22 b7 99 ff 0f
[   28.488854][  T361] RSP: 0018:ffff8881ee527a48 EFLAGS: 00010293
[   28.494714][  T361] RAX: ffffffff81ca9339 RBX: 0000000000000001 RCX: ffff8881f0d0af40
[   28.502555][  T361] RDX: 0000000000000000 RSI: 00000000ffffcd50 RDI: 0000000000000001
[   28.510351][  T361] RBP: ffff8881ef796000 R08: ffffffff81ca84e2 R09: ffffed103b9e0fab
[   28.518319][  T361] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1103def287e
[   28.526154][  T361] R13: dffffc0000000000 R14: 00000000ffffcd50 R15: ffff8881ef7943f0
[   28.533958][  T361] FS:  000055558783f380(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   28.542758][  T361] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   28.549158][  T361] CR2: 00007fefd7a6c2cf CR3: 0000000005e0e000 CR4: 00000000003406b0
[   28.556949][  T361] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   28.564786][  T361] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   28.572588][  T361] Kernel panic - not syncing: Fatal exception
[   28.578687][  T361] Kernel Offset: disabled
[   28.582801][  T361] Rebooting in 86400 seconds..