./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2040433816 <...> Warning: Permanently added '10.128.0.97' (ED25519) to the list of known hosts. execve("./syz-executor2040433816", ["./syz-executor2040433816"], 0x7ffe1e8ecc00 /* 10 vars */) = 0 brk(NULL) = 0x55555840e000 brk(0x55555840ed00) = 0x55555840ed00 arch_prctl(ARCH_SET_FS, 0x55555840e380) = 0 set_tid_address(0x55555840e650) = 357 set_robust_list(0x55555840e660, 24) = 0 rseq(0x55555840eca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2040433816", 4096) = 28 getrandom("\x33\xc6\xfa\xc1\xfd\x1c\x89\x10", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555840ed00 brk(0x55555842fd00) = 0x55555842fd00 brk(0x555558430000) = 0x555558430000 mprotect(0x7fe5a455b000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 write(1, "executing program\n", 18executing program ) = 18 openat(AT_FDCWD, "/proc/crypto", O_RDONLY) = 3 read(3, "name : pkcs1pad(rsa,sha256)\ndriver : pkcs1pad(rsa-generic,sha256)\nmodule : kerne"..., 8224) = 3962 memfd_create("syzkaller", 0) = 4 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe59c0ab000 write(4, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 munmap(0x7fe59c0ab000, 138412032) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 ioctl(5, LOOP_SET_FD, 4) = 0 close(4) = 0 [ 23.563448][ T23] audit: type=1400 audit(1738060843.090:66): avc: denied { execmem } for pid=357 comm="syz-executor204" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 23.589197][ T23] audit: type=1400 audit(1738060843.120:67): avc: denied { read write } for pid=357 comm="syz-executor204" name="loop0" dev="devtmpfs" ino=9405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 close(5) = 0 mkdir("./file0", 0777) = 0 [ 23.613612][ T23] audit: type=1400 audit(1738060843.120:68): avc: denied { open } for pid=357 comm="syz-executor204" path="/dev/loop0" dev="devtmpfs" ino=9405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 23.637565][ T23] audit: type=1400 audit(1738060843.140:69): avc: denied { ioctl } for pid=357 comm="syz-executor204" path="/dev/loop0" dev="devtmpfs" ino=9405 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 23.664055][ T23] audit: type=1400 audit(1738060843.190:70): avc: denied { mounton } for pid=357 comm="syz-executor204" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 mount("/dev/loop0", "./file0", "ext4", MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_NODIRATIME|MS_POSIXACL|MS_RELATIME, ",errors=continue") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 4 chdir("./file0") = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 5 ioctl(5, LOOP_CLR_FD) = 0 close(5) = 0 [ 23.738329][ T357] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 23.747176][ T23] audit: type=1400 audit(1738060843.280:71): avc: denied { mount } for pid=357 comm="syz-executor204" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 23.747190][ T357] ext4 filesystem being mounted at /root/file0 supports timestamps until (%ptR?) (0x7fffffff) creat("./bus", 000) = 5 mount("/dev/loop0", "./bus", NULL, MS_BIND, NULL) = 0 creat("./bus", 000) = 6 io_setup(514, [0x7fe5a44a2000]) = 0 io_submit(0x7fe5a44a2000, 8, [{aio_data=0x25, aio_key=3875733507, aio_lio_opcode=IOCB_CMD_PWRITE, aio_fildes=6, aio_buf="\x2e\x2f\x62\x75\x73\x00\x30\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x65\x78\x74\x34\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., aio_nbytes=90112, aio_offset=0, aio_resfd=0xffffffff}, 0x3a20202020207974, 0x6665720a30303420, 0x2020202020746e63, 0x65730a31203a2020, 0x202074736574666c, 0x736170203a202020, 0x65746e690a646573]) = 1 openat(AT_FDCWD, ".", O_RDONLY) = 7 [ 23.785410][ T23] audit: type=1400 audit(1738060843.310:72): avc: denied { write } for pid=357 comm="syz-executor204" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 23.799690][ T357] ------------[ cut here ]------------ [ 23.807691][ T23] audit: type=1400 audit(1738060843.310:73): avc: denied { add_name } for pid=357 comm="syz-executor204" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 23.812283][ T357] kernel BUG at fs/ext4/ext4.h:2984! [ 23.832820][ T23] audit: type=1400 audit(1738060843.310:74): avc: denied { create } for pid=357 comm="syz-executor204" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 23.838579][ T357] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 23.858094][ T23] audit: type=1400 audit(1738060843.330:75): avc: denied { write open } for pid=357 comm="syz-executor204" path="/root/file0/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 23.863841][ T357] CPU: 1 PID: 357 Comm: syz-executor204 Not tainted 5.4.289-syzkaller-00025-g49530c73f82d #0 [ 23.896921][ T357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 23.906817][ T357] RIP: 0010:ext4_trim_fs+0x1ec8/0x1ee0 [ 23.912088][ T357] Code: 80 e1 07 80 c1 03 38 c1 0f 8c fd e6 ff ff 48 8d bc 24 10 02 00 00 e8 c7 a5 c8 ff e9 eb e6 ff ff e8 2d 5f 6f ff e8 98 bb 98 ff <0f> 0b e8 91 bb 98 ff 0f 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f [ 23.931528][ T357] RSP: 0018:ffff8881ee45f4e0 EFLAGS: 00010293 [ 23.937430][ T357] RAX: ffffffff81cb8ed8 RBX: 0000000000000001 RCX: ffff8881f5e11f80 [ 23.945238][ T357] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 23.953051][ T357] RBP: ffff8881ee45f770 R08: ffffffff81cb77f4 R09: 0000000000000003 [ 23.960872][ T357] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000 [ 23.968678][ T357] R13: 0000000000003fff R14: ffff8881ef1a3000 R15: 0000000000000001 [ 23.976496][ T357] FS: 000055555840e380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 23.985286][ T357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 23.991674][ T357] CR2: 0000000020015000 CR3: 00000001deb56000 CR4: 00000000003406a0 [ 23.999487][ T357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.007295][ T357] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.015104][ T357] Call Trace: [ 24.018243][ T357] ? __die+0xb4/0x100 [ 24.022054][ T357] ? die+0x26/0x50 [ 24.025615][ T357] ? do_trap+0x1e7/0x340 [ 24.029693][ T357] ? ext4_trim_fs+0x1ec8/0x1ee0 [ 24.034376][ T357] ? ext4_trim_fs+0x1ec8/0x1ee0 [ 24.039067][ T357] ? do_invalid_op+0xfb/0x110 [ 24.043576][ T357] ? ext4_trim_fs+0x1ec8/0x1ee0 [ 24.048263][ T357] ? invalid_op+0x1e/0x30 [ 24.052431][ T357] ? ext4_trim_fs+0x7e4/0x1ee0 [ 24.057030][ T357] ? ext4_trim_fs+0x1ec8/0x1ee0 [ 24.061716][ T357] ? ext4_trim_fs+0x1ec8/0x1ee0 [ 24.066408][ T357] ? ext4_group_add_blocks+0xde0/0xde0 [ 24.071703][ T357] ? update_load_avg+0x40f/0x1210 [ 24.076562][ T357] ? cap_capable+0x1b1/0x250 [ 24.080989][ T357] ? check_preemption_disabled+0x9f/0x320 [ 24.086540][ T357] ext4_ioctl+0x2168/0x3ff0 [ 24.090879][ T357] ? check_preempt_wakeup+0x4f6/0x9f0 [ 24.096087][ T357] ? asan.module_dtor+0x20/0x20 [ 24.100776][ T357] ? ttwu_do_wakeup+0x161/0x480 [ 24.105460][ T357] ? check_preemption_disabled+0x9f/0x320 [ 24.111013][ T357] ? try_to_wake_up+0x7c5/0x14f0 [ 24.115788][ T357] ? debug_smp_processor_id+0x20/0x20 [ 24.120997][ T357] ? check_preemption_disabled+0x9f/0x320 [ 24.126553][ T357] ? avc_has_extended_perms+0xb03/0x1120 [ 24.132019][ T357] ? avc_flush+0x1f0/0x1f0 [ 24.136272][ T357] ? finish_task_switch+0x130/0x590 [ 24.141308][ T357] ? _raw_spin_lock_irqsave+0x210/0x210 [ 24.146687][ T357] ? ptrace_stop+0x6ee/0xa30 [ 24.151112][ T357] ? asan.module_dtor+0x20/0x20 [ 24.155798][ T357] do_vfs_ioctl+0x742/0x1720 [ 24.160232][ T357] ? ioctl_preallocate+0x250/0x250 [ 24.165175][ T357] ? check_preemption_disabled+0x153/0x320 [ 24.170814][ T357] ? syscall_trace_enter+0x650/0x940 [ 24.175936][ T357] ? do_syscall_64+0x1c0/0x1c0 [ 24.180534][ T357] ? switch_fpu_return+0x1d4/0x410 [ 24.185483][ T357] ? security_file_ioctl+0x7d/0xa0 [ 24.190429][ T357] __x64_sys_ioctl+0xd4/0x110 [ 24.194942][ T357] do_syscall_64+0xca/0x1c0 [ 24.199283][ T357] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 24.205017][ T357] RIP: 0033:0x7fe5a44e88b9 [ 24.209263][ T357] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 24.228701][ T357] RSP: 002b:00007ffc65f11cb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 24.236948][ T357] RAX: ffffffffffffffda RBX: 00007ffc65f11e88 RCX: 00007fe5a44e88b9 [ 24.244757][ T357] RDX: 0000000020000b40 RSI: 00000000c0185879 RDI: 0000000000000007 [ 24.252569][ T357] RBP: 00007fe5a455b610 R08: 00007ffc65f11e88 R09: 00007ffc65f11e88 [ 24.260380][ T357] R10: 00007ffc65f11e88 R11: 0000000000000246 R12: 0000000000000001 [ 24.268190][ T357] R13: 00007ffc65f11e78 R14: 0000000000000001 R15: 0000000000000001 [ 24.276004][ T357] Modules linked in: [ 24.279940][ T357] ---[ end trace 8c38c499c4fef932 ]--- [ 24.285203][ T357] RIP: 0010:ext4_trim_fs+0x1ec8/0x1ee0 [ 24.290515][ T357] Code: 80 e1 07 80 c1 03 38 c1 0f 8c fd e6 ff ff 48 8d bc 24 10 02 00 00 e8 c7 a5 c8 ff e9 eb e6 ff ff e8 2d 5f 6f ff e8 98 bb 98 ff <0f> 0b e8 91 bb 98 ff 0f 0b 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f [ 24.309948][ T357] RSP: 0018:ffff8881ee45f4e0 EFLAGS: 00010293 [ 24.315846][ T357] RAX: ffffffff81cb8ed8 RBX: 0000000000000001 RCX: ffff8881f5e11f80 [ 24.323636][ T357] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 24.331474][ T357] RBP: ffff8881ee45f770 R08: ffffffff81cb77f4 R09: 0000000000000003 [ 24.339277][ T357] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000 [ 24.347091][ T357] R13: 0000000000003fff R14: ffff8881ef1a3000 R15: 0000000000000001 [ 24.354885][ T357] FS: 000055555840e380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 24.363673][ T357] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.370082][ T357] CR2: 0000000020015000 CR3: 00000001deb56000 CR4: 00000000003406a0 [ 24.377909][ T357] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.385696][ T357] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.393528][ T357] Kernel panic - not syncing: Fatal exception [ 24.399601][ T357] Kernel Offset: disabled [ 24.403718][ T357] Rebooting in 86400 seconds..