./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3646909177 <...> Warning: Permanently added '10.128.0.176' (ED25519) to the list of known hosts. execve("./syz-executor3646909177", ["./syz-executor3646909177"], 0x7ffebe51a3c0 /* 10 vars */) = 0 brk(NULL) = 0x5555569b2000 brk(0x5555569b2d00) = 0x5555569b2d00 arch_prctl(ARCH_SET_FS, 0x5555569b2380) = 0 set_tid_address(0x5555569b2650) = 354 set_robust_list(0x5555569b2660, 24) = 0 rseq(0x5555569b2ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented) prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor3646909177", 4096) = 28 getrandom("\x0a\xb0\x48\x37\xff\x1e\xf9\x35", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x5555569b2d00 brk(0x5555569d3d00) = 0x5555569d3d00 brk(0x5555569d4000) = 0x5555569d4000 mprotect(0x7f7785273000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f777cdc3000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 262144) = 262144 munmap(0x7f777cdc3000, 262144) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 [ 21.803633][ T23] audit: type=1400 audit(1695893357.499:66): avc: denied { execmem } for pid=354 comm="syz-executor364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 21.823253][ T23] audit: type=1400 audit(1695893357.519:67): avc: denied { read write } for pid=354 comm="syz-executor364" name="loop0" dev="devtmpfs" ino=9282 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 21.847508][ T23] audit: type=1400 audit(1695893357.519:68): avc: denied { open } for pid=354 comm="syz-executor364" path="/dev/loop0" dev="devtmpfs" ino=9282 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 21.871946][ T23] audit: type=1400 audit(1695893357.519:69): avc: denied { ioctl } for pid=354 comm="syz-executor364" path="/dev/loop0" dev="devtmpfs" ino=9282 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 21.897740][ T23] audit: type=1400 audit(1695893357.539:70): avc: denied { mounton } for pid=354 comm="syz-executor364" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 21.899928][ T354] ------------[ cut here ]------------ [ 21.925572][ T354] kernel BUG at fs/ext4/extents_status.c:202! [ 21.931513][ T354] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 21.937371][ T354] CPU: 0 PID: 354 Comm: syz-executor364 Not tainted 5.4.249-syzkaller-00008-ga1b9dbe5628a #0 [ 21.947361][ T354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 [ 21.957252][ T354] RIP: 0010:ext4_es_cache_extent+0x4c0/0x640 [ 21.963060][ T354] Code: d0 ff e9 fe fe ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 78 fe ff ff 4c 89 f7 e8 8a de d0 ff e9 6b fe ff ff e8 50 1e a1 ff <0f> 0b 4c 89 7c 24 18 65 8b 1d 5a 19 3f 7e 89 d8 c1 e8 06 48 8d 3c [ 21.982587][ T354] RSP: 0018:ffff8881dc50ee00 EFLAGS: 00010293 [ 21.988488][ T354] RAX: ffffffff81c317c0 RBX: 0000000000000000 RCX: ffff8881dc504ec0 [ 21.996301][ T354] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 22.004111][ T354] RBP: ffff8881dc50ef08 R08: ffffffff81c3152e R09: 0000000000000003 [ 22.011921][ T354] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffff1103d323ef8 [ 22.019735][ T354] R13: dffffc0000000000 R14: ffff8881e991f7c4 R15: 0000000000000001 [ 22.027545][ T354] FS: 00005555569b2380(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 22.036309][ T354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 22.042733][ T354] CR2: 0000557447dc9e50 CR3: 00000001dc46c000 CR4: 00000000003406b0 [ 22.050545][ T354] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 22.058357][ T354] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 22.066173][ T354] Call Trace: [ 22.069303][ T354] ? __die+0xb4/0x100 [ 22.073116][ T354] ? die+0x26/0x50 [ 22.076671][ T354] ? do_trap+0x1e7/0x340 [ 22.080752][ T354] ? ext4_es_cache_extent+0x4c0/0x640 [ 22.085968][ T354] ? ext4_es_cache_extent+0x4c0/0x640 [ 22.091171][ T354] ? do_invalid_op+0xfb/0x110 [ 22.095767][ T354] ? ext4_es_cache_extent+0x4c0/0x640 [ 22.100973][ T354] ? invalid_op+0x1e/0x30 [ 22.105137][ T354] ? ext4_es_cache_extent+0x22e/0x640 [ 22.110347][ T354] ? ext4_es_cache_extent+0x4c0/0x640 [ 22.115555][ T354] ? ext4_es_cache_extent+0x4c0/0x640 [ 22.120762][ T354] ? __es_shrink+0x860/0x860 [ 22.125188][ T354] ext4_find_extent+0x4e1/0xda0 [ 22.129881][ T354] ext4_ext_map_blocks+0x289/0x7450 [ 22.134911][ T354] ? __unwind_start+0x708/0x890 [ 22.139596][ T354] ? deref_stack_reg+0x1f0/0x1f0 [ 22.144372][ T354] ? deref_stack_reg+0x1f0/0x1f0 [ 22.149145][ T354] ? ext4_ext_release+0x10/0x10 [ 22.153831][ T354] ? stack_trace_save+0x1c0/0x1c0 [ 22.158689][ T354] ? arch_stack_walk+0x111/0x140 [ 22.163467][ T354] ? check_preemption_disabled+0x9f/0x320 [ 22.169024][ T354] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 22.174315][ T354] ? debug_smp_processor_id+0x20/0x20 [ 22.179523][ T354] ? __down_read+0xf0/0x210 [ 22.183862][ T354] ? _raw_read_unlock+0x21/0x40 [ 22.188549][ T354] ? ext4_es_lookup_extent+0x559/0x9d0 [ 22.193846][ T354] ext4_map_blocks+0x3b1/0x1c40 [ 22.198531][ T354] ? do_mount+0x688/0xe10 [ 22.202714][ T354] ? ksys_mount+0xc2/0xf0 [ 22.206861][ T354] ? __x64_sys_mount+0xb1/0xc0 [ 22.211471][ T354] ? ext4_issue_zeroout+0x150/0x150 [ 22.216497][ T354] ? __getblk_gfp+0x3a/0x720 [ 22.220921][ T354] ext4_getblk+0x112/0x540 [ 22.225176][ T354] ? ext4_data_block_valid+0xdd/0x2f0 [ 22.230383][ T354] ? __ext4_ext_check+0xb72/0x1480 [ 22.235329][ T354] ? ext4_get_block_trans+0x5b0/0x5b0 [ 22.240537][ T354] ext4_bread+0x89/0x390 [ 22.244616][ T354] ? lock_buffer+0x70/0x70 [ 22.248873][ T354] ? from_kgid_munged+0x7a0/0x7a0 [ 22.253734][ T354] ? _raw_spin_unlock+0x49/0x60 [ 22.258419][ T354] ext4_quota_read+0x180/0x280 [ 22.263018][ T354] v2_check_quota_file+0xf7/0x490 [ 22.267880][ T354] ? _raw_spin_lock+0xa4/0x1b0 [ 22.272485][ T354] ? asan.module_dtor+0x20/0x20 [ 22.277164][ T354] ? _raw_spin_lock+0xa4/0x1b0 [ 22.281766][ T354] ? _raw_spin_trylock_bh+0x190/0x190 [ 22.286993][ T354] dquot_load_quota_sb+0x6af/0xc00 [ 22.291922][ T354] vfs_load_quota_inode+0x3cf/0x660 [ 22.296956][ T354] ext4_enable_quotas+0x5a8/0x940 [ 22.301816][ T354] ? ext4_fill_flex_info+0x5e0/0x5e0 [ 22.306936][ T354] ? proc_create+0x230/0x230 [ 22.311364][ T354] ? ext4_fill_flex_info+0x53b/0x5e0 [ 22.316484][ T354] ? ext4_register_sysfs+0x1d9/0x210 [ 22.321606][ T354] ext4_fill_super+0x84d4/0x8d70 [ 22.326383][ T354] ? ext4_mount+0x40/0x40 [ 22.330546][ T354] ? vscnprintf+0x80/0x80 [ 22.334711][ T354] mount_bdev+0x267/0x370 [ 22.338874][ T354] ? ext4_mount+0x40/0x40 [ 22.343046][ T354] legacy_get_tree+0xdf/0x170 [ 22.347656][ T354] ? ext4_lazyinit_thread+0xc60/0xc60 [ 22.352853][ T354] vfs_get_tree+0x85/0x260 [ 22.357105][ T354] do_new_mount+0x292/0x570 [ 22.361444][ T354] ? do_move_mount_old+0x160/0x160 [ 22.366390][ T354] ? security_capable+0x86/0xb0 [ 22.371078][ T354] do_mount+0x688/0xe10 [ 22.375069][ T354] ? copy_mount_string+0x30/0x30 [ 22.379843][ T354] ? copy_mount_options+0x1ed/0x300 [ 22.384877][ T354] ? copy_mount_options+0x29a/0x300 [ 22.389911][ T354] ksys_mount+0xc2/0xf0 [ 22.393903][ T354] __x64_sys_mount+0xb1/0xc0 [ 22.398333][ T354] do_syscall_64+0xca/0x1c0 [ 22.402671][ T354] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 22.408395][ T354] Modules linked in: [ 22.412226][ T354] ---[ end trace 0b9e713078b593c8 ]--- [ 22.417437][ T354] RIP: 0010:ext4_es_cache_extent+0x4c0/0x640 [ 22.423370][ T354] Code: d0 ff e9 fe fe ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 78 fe ff ff 4c 89 f7 e8 8a de d0 ff e9 6b fe ff ff e8 50 1e a1 ff <0f> 0b 4c 89 7c 24 18 65 8b 1d 5a 19 3f 7e 89 d8 c1 e8 06 48 8d 3c [ 22.442831][ T354] RSP: 0018:ffff8881dc50ee00 EFLAGS: 00010293 [ 22.448692][ T354] RAX: ffffffff81c317c0 RBX: 0000000000000000 RCX: ffff8881dc504ec0 [ 22.456487][ T354] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 22.464330][ T354] RBP: ffff8881dc50ef08 R08: ffffffff81c3152e R09: 0000000000000003 [ 22.472126][ T354] R10: ffffffffffffffff R11: dffffc0000000001 R12: 1ffff1103d323ef8 [ 22.479942][ T354] R13: dffffc0000000000 R14: ffff8881e991f7c4 R15: 0000000000000001 [ 22.487750][ T354] FS: 00005555569b2380(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 22.496493][ T354] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 22.502946][ T354] CR2: 0000557447dc9e50 CR3: 00000001dc46c000 CR4: 00000000003406b0 [ 22.510788][ T354] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 22.518559][ T354] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 22.526351][ T354] Kernel panic - not syncing: Fatal exception [ 22.532419][ T354] Kernel Offset: disabled [ 22.536535][ T354] Rebooting in 86400 seconds..