./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1908574664 <...> Warning: Permanently added '10.128.10.42' (ED25519) to the list of known hosts. execve("./syz-executor1908574664", ["./syz-executor1908574664"], 0x7fff7d5f8ca0 /* 10 vars */) = 0 brk(NULL) = 0x55555631a000 brk(0x55555631ad00) = 0x55555631ad00 arch_prctl(ARCH_SET_FS, 0x55555631a380) = 0 set_tid_address(0x55555631a650) = 5015 set_robust_list(0x55555631a660, 24) = 0 rseq(0x55555631aca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1908574664", 4096) = 28 getrandom("\x43\x10\xbe\x88\xe9\xcf\x68\x4c", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555631ad00 brk(0x55555633bd00) = 0x55555633bd00 brk(0x55555633c000) = 0x55555633c000 mprotect(0x7f4c5c147000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 [ 82.612587][ T26] audit: type=1400 audit(1689865353.532:83): avc: denied { write } for pid=5012 comm="strace-static-x" path="pipe:[30829]" dev="pipefs" ino=30829 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4c53c78000 write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x08\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x03\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf5\x00\x00\x00\x01\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 munmap(0x7f4c53c78000, 2097152) = 0 [ 82.660466][ T26] audit: type=1400 audit(1689865353.582:84): avc: denied { execmem } for pid=5015 comm="syz-executor190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 82.664050][ T5015] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5015 'syz-executor190' openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 82.722366][ T26] audit: type=1400 audit(1689865353.642:85): avc: denied { read write } for pid=5015 comm="syz-executor190" name="loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 82.729015][ T5015] loop0: detected capacity change from 0 to 4096 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 [ 82.746882][ T26] audit: type=1400 audit(1689865353.642:86): avc: denied { open } for pid=5015 comm="syz-executor190" path="/dev/loop0" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 82.778310][ T26] audit: type=1400 audit(1689865353.652:87): avc: denied { ioctl } for pid=5015 comm="syz-executor190" path="/dev/loop0" dev="devtmpfs" ino=648 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 82.804446][ T26] audit: type=1400 audit(1689865353.702:88): avc: denied { mounton } for pid=5015 comm="syz-executor190" path="/root/file0" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 82.837316][ T5015] ntfs: volume version 3.1. [ 82.844043][ T5015] ------------[ cut here ]------------ [ 82.849612][ T5015] kernel BUG at fs/ntfs/dir.c:86! [ 82.855156][ T5015] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 82.861618][ T5015] CPU: 0 PID: 5015 Comm: syz-executor190 Not tainted 6.5.0-rc2-syzkaller-00052-gbfa3037d8280 #0 [ 82.872219][ T5015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/03/2023 [ 82.882296][ T5015] RIP: 0010:ntfs_lookup_inode_by_name+0xdd7/0x2f50 [ 82.888840][ T5015] Code: d3 fe eb 6f e8 da 7f d3 fe 48 8b 7c 24 38 49 8d 5f 07 e8 2c 09 0d ff 48 c7 44 24 38 00 00 00 00 e9 c4 fa ff ff e8 b9 7f d3 fe <0f> 0b e8 b2 7f d3 fe 0f 0b e8 ab 7f d3 fe 48 8b 74 24 58 48 89 e9 [ 82.908472][ T5015] RSP: 0018:ffffc9000342fa48 EFLAGS: 00010293 [ 82.914546][ T5015] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 82.922539][ T5015] RDX: ffff88807b1521c0 RSI: ffffffff82b20917 RDI: 0000000000000003 [ 82.930544][ T5015] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000004000 [ 82.938543][ T5015] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88807ad8c800 [ 82.946555][ T5015] R13: ffff88807ad8ca30 R14: 0000000000000000 R15: ffff8880704cc9c4 [ 82.954574][ T5015] FS: 000055555631a380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 82.963553][ T5015] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 82.970159][ T5015] CR2: 00007ffcf5f7f000 CR3: 000000007d812000 CR4: 00000000003506f0 [ 82.978165][ T5015] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 82.986156][ T5015] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 82.994169][ T5015] Call Trace: [ 82.997464][ T5015] [ 83.000409][ T5015] ? die+0x31/0x80 [ 83.004160][ T5015] ? do_trap+0x1ab/0x3b0 [ 83.008435][ T5015] ? ntfs_lookup_inode_by_name+0xdd7/0x2f50 [ 83.014351][ T5015] ? do_error_trap+0x9e/0x160 [ 83.019059][ T5015] ? ntfs_lookup_inode_by_name+0xdd7/0x2f50 [ 83.024976][ T5015] ? handle_invalid_op+0x2c/0x30 [ 83.029944][ T5015] ? ntfs_lookup_inode_by_name+0xdd7/0x2f50 [ 83.035882][ T5015] ? exc_invalid_op+0x2d/0x40 [ 83.040679][ T5015] ? asm_exc_invalid_op+0x1a/0x20 [ 83.045722][ T5015] ? ntfs_lookup_inode_by_name+0xdd7/0x2f50 [ 83.051640][ T5015] ? ntfs_lookup_inode_by_name+0xdd7/0x2f50 [ 83.057553][ T5015] ? ntfs_lookup_inode_by_name+0xdd7/0x2f50 [ 83.063467][ T5015] ? preempt_count_sub+0x150/0x150 [ 83.068626][ T5015] ? do_raw_spin_unlock+0x173/0x230 [ 83.073856][ T5015] ? down_write+0x14f/0x200 [ 83.078392][ T5015] ? down_write_killable_nested+0x250/0x250 [ 83.084317][ T5015] ? rcu_is_watching+0x12/0xb0 [ 83.089334][ T5015] ntfs_fill_super+0x4621/0x9100 [ 83.094394][ T5015] ? parse_options+0x1db0/0x1db0 [ 83.099358][ T5015] ? vsprintf+0x30/0x30 [ 83.103540][ T5015] ? set_blocksize+0x2bd/0x360 [ 83.108323][ T5015] ? parse_options+0x1db0/0x1db0 [ 83.113377][ T5015] mount_bdev+0x30d/0x3d0 [ 83.117735][ T5015] ? ntfs_rl_punch_nolock+0x15d0/0x15d0 [ 83.123306][ T5015] legacy_get_tree+0x109/0x220 [ 83.128206][ T5015] vfs_get_tree+0x88/0x350 [ 83.132644][ T5015] path_mount+0x1492/0x1ed0 [ 83.137172][ T5015] ? finish_automount+0xa50/0xa50 [ 83.142482][ T5015] ? putname+0x101/0x140 [ 83.146744][ T5015] __x64_sys_mount+0x293/0x310 [ 83.151531][ T5015] ? copy_mnt_ns+0xb60/0xb60 [ 83.156144][ T5015] ? lockdep_hardirqs_on+0x7d/0x100 [ 83.161368][ T5015] ? _raw_spin_unlock_irq+0x2e/0x50 [ 83.166768][ T5015] ? ptrace_notify+0xf4/0x130 [ 83.171466][ T5015] do_syscall_64+0x38/0xb0 [ 83.175898][ T5015] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 83.181831][ T5015] RIP: 0033:0x7f4c5c0b6d7a [ 83.186263][ T5015] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 83.205888][ T5015] RSP: 002b:00007ffcf5f7e378 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 83.214320][ T5015] RAX: ffffffffffffffda RBX: 00007ffcf5f7e390 RCX: 00007f4c5c0b6d7a [ 83.222305][ T5015] RDX: 000000002001ee40 RSI: 0000000020000040 RDI: 00007ffcf5f7e390 [ 83.230291][ T5015] RBP: 0000000000000004 R08: 00007ffcf5f7e3d0 R09: 000000000001ee3b [ 83.238279][ T5015] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 83.246266][ T5015] R13: 00007ffcf5f7e3d0 R14: 0000000000000003 R15: 0000000000200000 [ 83.254439][ T5015] [ 83.257466][ T5015] Modules linked in: [ 83.261674][ T5015] ---[ end trace 0000000000000000 ]--- [ 83.264890][ T26] audit: type=1400 audit(1689865354.192:89): avc: denied { append } for pid=4448 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 83.267556][ T5015] RIP: 0010:ntfs_lookup_inode_by_name+0xdd7/0x2f50 [ 83.293963][ T26] audit: type=1400 audit(1689865354.192:90): avc: denied { open } for pid=4448 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 83.296028][ T5015] Code: d3 fe eb 6f e8 da 7f d3 fe 48 8b 7c 24 38 49 8d 5f 07 e8 2c 09 0d ff 48 c7 44 24 38 00 00 00 00 e9 c4 fa ff ff e8 b9 7f d3 fe <0f> 0b e8 b2 7f d3 fe 0f 0b e8 ab 7f d3 fe 48 8b 74 24 58 48 89 e9 [ 83.318919][ T26] audit: type=1400 audit(1689865354.192:91): avc: denied { getattr } for pid=4448 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 83.338282][ T5015] RSP: 0018:ffffc9000342fa48 EFLAGS: 00010293 [ 83.367504][ T5015] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 83.375585][ T5015] RDX: ffff88807b1521c0 RSI: ffffffff82b20917 RDI: 0000000000000003 [ 83.384917][ T5015] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000004000 [ 83.392957][ T5015] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88807ad8c800 [ 83.401025][ T5015] R13: ffff88807ad8ca30 R14: 0000000000000000 R15: ffff8880704cc9c4 [ 83.409063][ T5015] FS: 000055555631a380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 83.418100][ T5015] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 83.424720][ T5015] CR2: 00007f4c5c0ee130 CR3: 000000007d812000 CR4: 00000000003506e0 [ 83.432769][ T5015] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 83.440832][ T5015] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 83.448857][ T5015] Kernel panic - not syncing: Fatal exception [ 83.455261][ T5015] Kernel Offset: disabled [ 83.459593][ T5015] Rebooting in 86400 seconds..