./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2582222786 <...> Warning: Permanently added '10.128.1.39' (ECDSA) to the list of known hosts. execve("./syz-executor2582222786", ["./syz-executor2582222786"], 0x7ffddbacf1c0 /* 10 vars */) = 0 brk(NULL) = 0x5555569f4000 brk(0x5555569f4c40) = 0x5555569f4c40 arch_prctl(ARCH_SET_FS, 0x5555569f4300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2582222786", 4096) = 28 brk(0x555556a15c40) = 0x555556a15c40 brk(0x555556a16000) = 0x555556a16000 mprotect(0x7f438b081000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 ftruncate(3, 262144) = 0 pwrite64(3, "\x20\x00\x00\x00\x40\x00\x00\x00\x03\x00\x00\x00\x30\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x02\x00\x00\x00\x00\x80\x00\x00\x00\x80\x00\x00\x20\x00\x00\x00\xdc\xf4\x65\x5f\xdc\xf4\x65\x5f\x01\x00\xff\xff\x53\xef\x01\x00\x01\x00\x00\x00\xdb\xf4\x65\x5f\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x0b\x00\x00\x00\x00\x02\x00\x00\x28\x02\x00\x00\x02\x84", 98, 1024) = 98 pwrite64(3, "\x02\x00\x00\x00\x03\x00\x00\x00\x04\x00\x00\x00\x30\x00\x0f", 15, 4096) = 15 pwrite64(3, "\xff\xff\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"..., 4098, 8192) = 4098 pwrite64(3, "\xed\x41\x00\x00\x00\x10\x00\x00\xdb\xf4\x65\x5f\xdc\xf4\x65\x5f\xdc\xf4\x65\x5f\x00\x00\x00\x00\x00\x00\x04\x00\x08", 29, 16896) = 29 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 mkdir("./file0", 0777) = 0 [ 24.383163][ T31] audit: type=1400 audit(1666101899.829:62): avc: denied { execmem } for pid=424 comm="syz-executor258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 24.389114][ T424] loop0: detected capacity change from 0 to 512 [ 24.403396][ T31] audit: type=1400 audit(1666101899.829:63): avc: denied { read write } for pid=424 comm="syz-executor258" name="loop0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 mount("/dev/loop0", "./file0", "ext4", 0, ",errors=continue") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 5 ioctl(4, LOOP_CLR_FD) = 0 close(4) = 0 close(3) = 0 chdir("./file0") = 0 open("./file0", O_WRONLY|O_CREAT|O_EXCL|O_DIRECT|0x4, 000) = 3 open("./file0", O_RDONLY) = 4 write(3, "\x3b\x27\xa4\xb4\x6e\xe9\x2b\x4a\x59\x07\x3c\x36\x9a\x5e\x19\xf9\xdb\x15\x3c\x4f\xdb\xc7\x6a\xa2\xa4\xbb\x9f\x3e\x5e\x1a\xa1\x97\xa9\xe9\x7d\x10\x16\xc0\x18\x13\x79\x2e\x50\xc2\x69\x2c\x17\x5a\xad\x71\x5d\x11\x0a\x89\x29\x49\xcc\xc6\xe2\xe5\x4c\x2d\x5c\x8f\x0b\x79\x32\xb6\x97\x97\xf2\x17\x16\x8b\x0c\x1f\xeb\x12\x8a\xe3\x4f\x0d\xaf\x48\x7a\x70\xb5\xc1\x17\xac\xd4\x37\x25\xfe\x17\x99\x36\x34\xf1\x69"..., 1536) = 1536 sendfile(3, 4, NULL, 57347) = 56832 open("./file0", O_RDWR|O_CREAT|O_SYNC|O_NOATIME, 000) = 6 [ 24.432704][ T31] audit: type=1400 audit(1666101899.829:64): avc: denied { open } for pid=424 comm="syz-executor258" path="/dev/loop0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 24.439016][ T424] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 24.456995][ T31] audit: type=1400 audit(1666101899.829:65): avc: denied { ioctl } for pid=424 comm="syz-executor258" path="/dev/loop0" dev="devtmpfs" ino=111 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 24.484276][ T424] ------------[ cut here ]------------ [ 24.492712][ T31] audit: type=1400 audit(1666101899.849:66): avc: denied { mounton } for pid=424 comm="syz-executor258" path="/root/file0" dev="sda1" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 24.497912][ T424] kernel BUG at fs/ext4/inode.c:2731! [ 24.520143][ T31] audit: type=1400 audit(1666101899.909:67): avc: denied { mount } for pid=424 comm="syz-executor258" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 24.525606][ T424] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 24.546964][ T31] audit: type=1400 audit(1666101899.909:68): avc: denied { write } for pid=424 comm="syz-executor258" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 24.552802][ T424] CPU: 1 PID: 424 Comm: syz-executor258 Not tainted 5.15.73-syzkaller-04348-g44b8b2ac1d96 #0 [ 24.574459][ T31] audit: type=1400 audit(1666101899.909:69): avc: denied { add_name } for pid=424 comm="syz-executor258" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 24.584394][ T424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022 [ 24.584404][ T424] RIP: 0010:ext4_writepages+0x3b91/0x3bb0 [ 24.605318][ T31] audit: type=1400 audit(1666101899.909:70): avc: denied { create } for pid=424 comm="syz-executor258" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 24.614944][ T424] Code: c6 31 ff e8 41 95 81 ff 84 db 75 2c e8 28 92 81 ff 48 bb 00 00 00 00 00 fc ff df 4c 8b 7c 24 48 e9 d3 c9 ff ff e8 0f 92 81 ff <0f> 0b e8 08 92 81 ff e8 1f 82 10 ff eb a0 e8 fc 91 81 ff e8 13 82 [ 24.614958][ T424] RSP: 0018:ffffc9000030f260 EFLAGS: 00010293 [ 24.614973][ T424] RAX: ffffffff81efff81 RBX: 0000008000000000 RCX: ffff888107184f00 [ 24.620611][ T31] audit: type=1400 audit(1666101899.909:71): avc: denied { write open } for pid=424 comm="syz-executor258" path="/root/file0/file0" dev="loop0" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 24.640723][ T424] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 24.640736][ T424] RBP: ffffc9000030f650 R08: ffffffff81efcb8f R09: ffffed10212ef5e3 [ 24.640746][ T424] R10: ffffed10212ef5e3 R11: 1ffff110212ef5e2 R12: ffffc9000030f880 [ 24.640756][ T424] R13: 0000000000000001 R14: 000000c410000000 R15: ffffc9000030f520 [ 24.640765][ T424] FS: 00005555569f4300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 24.737409][ T424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.743830][ T424] CR2: 00000000004571f0 CR3: 000000011f6f5000 CR4: 00000000003506a0 [ 24.751643][ T424] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.759476][ T424] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.767264][ T424] Call Trace: [ 24.770387][ T424] [ 24.773167][ T424] ? errseq_check+0x40/0x70 [ 24.777503][ T424] ? mark_buffer_dirty+0x1ed/0x310 [ 24.782467][ T424] ? __ext4_handle_dirty_metadata+0x2f0/0x820 [ 24.788354][ T424] ? __kasan_check_write+0x14/0x20 [ 24.793301][ T424] ? ext4_readpage+0x220/0x220 [ 24.797900][ T424] ? domain_dirty_limits+0x2aa/0x3c0 [ 24.803021][ T424] ? __kasan_check_read+0x11/0x20 [ 24.807880][ T424] ? balance_dirty_pages+0x238d/0x2660 [ 24.813177][ T424] ? __kasan_check_write+0x14/0x20 [ 24.818126][ T424] ? ext4_readpage+0x220/0x220 [ 24.822723][ T424] do_writepages+0x442/0x6c0 [ 24.827151][ T424] ? __writepage+0x130/0x130 [ 24.831578][ T424] ? __kasan_check_write+0x14/0x20 [ 24.836528][ T424] ? _raw_spin_unlock+0x4d/0x70 [ 24.841213][ T424] filemap_fdatawrite_wbc+0x245/0x2a0 [ 24.846418][ T424] file_write_and_wait_range+0x1e5/0x2e0 [ 24.851887][ T424] ? __filemap_set_wb_err+0x100/0x100 [ 24.857093][ T424] ext4_sync_file+0x19e/0xa00 [ 24.861605][ T424] vfs_fsync_range+0x17b/0x190 [ 24.866207][ T424] ext4_buffered_write_iter+0x584/0x630 [ 24.871588][ T424] ext4_file_write_iter+0x456/0x1dc0 [ 24.876707][ T424] ? native_set_ldt+0x360/0x360 [ 24.881394][ T424] ? __kasan_check_read+0x11/0x20 [ 24.886256][ T424] ? compat_start_thread+0x20/0x20 [ 24.891203][ T424] ? switch_mm_irqs_off+0x57f/0x860 [ 24.896235][ T424] ? avc_policy_seqno+0x1b/0x70 [ 24.900923][ T424] ? selinux_file_permission+0x2ae/0x520 [ 24.906391][ T424] ? ext4_file_read_iter+0x4b0/0x4b0 [ 24.911518][ T424] ? iov_iter_init+0x53/0x180 [ 24.916031][ T424] vfs_write+0xc8d/0x1050 [ 24.920195][ T424] ? __kasan_check_write+0x14/0x20 [ 24.925142][ T424] ? file_end_write+0x1b0/0x1b0 [ 24.929824][ T424] ? _raw_spin_unlock_irq+0x4e/0x70 [ 24.934857][ T424] ? ptrace_stop+0x6eb/0xa30 [ 24.939284][ T424] ? __kasan_check_read+0x11/0x20 [ 24.944144][ T424] ? __fdget_pos+0x27e/0x310 [ 24.948577][ T424] ksys_write+0x198/0x2c0 [ 24.952737][ T424] ? do_notify_parent+0xa60/0xa60 [ 24.957599][ T424] ? __ia32_sys_read+0x90/0x90 [ 24.962198][ T424] ? do_sys_openat2+0x500/0x500 [ 24.966972][ T424] __x64_sys_write+0x7b/0x90 [ 24.971397][ T424] do_syscall_64+0x44/0xd0 [ 24.975651][ T424] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 24.981378][ T424] RIP: 0033:0x7f438b013ef9 [ 24.985634][ T424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 25.005077][ T424] RSP: 002b:00007ffd350d4f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 25.013319][ T424] RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00007f438b013ef9 [ 25.021130][ T424] RDX: 0000000000000088 RSI: 0000000020000440 RDI: 0000000000000006 [ 25.028941][ T424] RBP: 00007f438afd36f0 R08: 0000000000000000 R09: 0000000000000000 [ 25.036753][ T424] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f438afd3780 [ 25.044563][ T424] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 25.052377][ T424] [ 25.055238][ T424] Modules linked in: [ 25.059531][ T424] ---[ end trace 06d0076835369f22 ]--- [ 25.064824][ T424] RIP: 0010:ext4_writepages+0x3b91/0x3bb0 [ 25.070350][ T424] Code: c6 31 ff e8 41 95 81 ff 84 db 75 2c e8 28 92 81 ff 48 bb 00 00 00 00 00 fc ff df 4c 8b 7c 24 48 e9 d3 c9 ff ff e8 0f 92 81 ff <0f> 0b e8 08 92 81 ff e8 1f 82 10 ff eb a0 e8 fc 91 81 ff e8 13 82 [ 25.089905][ T424] RSP: 0018:ffffc9000030f260 EFLAGS: 00010293 [ 25.095798][ T424] RAX: ffffffff81efff81 RBX: 0000008000000000 RCX: ffff888107184f00 [ 25.103615][ T424] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 25.111403][ T424] RBP: ffffc9000030f650 R08: ffffffff81efcb8f R09: ffffed10212ef5e3 [ 25.119256][ T424] R10: ffffed10212ef5e3 R11: 1ffff110212ef5e2 R12: ffffc9000030f880 [ 25.127504][ T424] R13: 0000000000000001 R14: 000000c410000000 R15: ffffc9000030f520 [ 25.135299][ T424] FS: 00005555569f4300(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 25.144058][ T424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 25.150458][ T424] CR2: 00000000004571f0 CR3: 000000011f6f5000 CR4: 00000000003506a0 [ 25.158297][ T424] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 25.166204][ T424] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 25.174005][ T424] Kernel panic - not syncing: Fatal exception [ 25.180051][ T424] Kernel Offset: disabled [ 25.184173][ T424] Rebooting in 86400 seconds..