./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2172967895 <...> Warning: Permanently added '10.128.0.86' (ED25519) to the list of known hosts. execve("./syz-executor2172967895", ["./syz-executor2172967895"], 0x7ffc9aca1b10 /* 10 vars */) = 0 brk(NULL) = 0x55555e74d000 brk(0x55555e74dd00) = 0x55555e74dd00 arch_prctl(ARCH_SET_FS, 0x55555e74d380) = 0 set_tid_address(0x55555e74d650) = 5819 set_robust_list(0x55555e74d660, 24) = 0 rseq(0x55555e74dca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor2172967895", 4096) = 28 getrandom("\xea\x91\x38\x03\xc5\x06\x72\xdb", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555e74dd00 brk(0x55555e76ed00) = 0x55555e76ed00 brk(0x55555e76f000) = 0x55555e76f000 mprotect(0x7f03d3c77000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55555e74d650) = 5820 ./strace-static-x86_64: Process 5820 attached [pid 5820] set_robust_list(0x55555e74d660, 24) = 0 [ 56.163182][ T30] audit: type=1400 audit(1745704859.060:88): avc: denied { execmem } for pid=5819 comm="syz-executor217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [pid 5820] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5820] setpgid(0, 0) = 0 [pid 5820] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5820] write(3, "1000", 4) = 4 [pid 5820] close(3) = 0 [pid 5820] write(1, "executing program\n", 18executing program ) = 18 [pid 5820] openat(AT_FDCWD, "/proc/self/task", O_RDWR) = -1 EISDIR (Is a directory) [pid 5820] openat(AT_FDCWD, "/proc/self/task", O_RDONLY) = 3 [pid 5820] fchdir(3) = 0 [pid 5820] mount(NULL, ".", "proc", MS_RDONLY|MS_NODIRATIME, NULL) = 0 [pid 5820] clone(child_stack=0x30, flags=0./strace-static-x86_64: Process 5821 attached ) = 5821 [pid 5821] --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x30} --- [pid 5820] openat(AT_FDCWD, "/proc/self/task/5821/pagemap", O_RDWR) = -1 EROFS (Read-only file system) [pid 5820] openat(AT_FDCWD, "/proc/self/task/5821/pagemap", O_RDONLY [pid 5821] +++ killed by SIGSEGV +++ [pid 5820] <... openat resumed>) = 4 [ 56.288988][ T30] audit: type=1400 audit(1745704859.180:89): avc: denied { mounton } for pid=5820 comm="syz-executor217" path="/proc/5820/task" dev="proc" ino=3855 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 56.312129][ T30] audit: type=1400 audit(1745704859.180:90): avc: denied { mount } for pid=5820 comm="syz-executor217" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 56.366801][ T5820] Oops: general protection fault, probably for non-canonical address 0xdffffc000000003c: 0000 [#1] SMP KASAN NOPTI [ 56.378867][ T5820] KASAN: null-ptr-deref in range [0x00000000000001e0-0x00000000000001e7] [ 56.387276][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: syz-executor217 Not tainted 6.15.0-rc3-syzkaller-00283-gf1a3944c860b #0 PREEMPT(full) [ 56.399663][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 56.409700][ T5820] RIP: 0010:kasan_byte_accessible+0x15/0x30 [ 56.415608][ T5820] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 [ 56.435196][ T5820] RSP: 0018:ffffc90002f87b90 EFLAGS: 00010286 [ 56.441237][ T5820] RAX: dffffc0000000000 RBX: 00000000000001e0 RCX: 0000000000000001 [ 56.449185][ T5820] RDX: 0000000000000000 RSI: ffffffff8b6e10ae RDI: dffffc000000003c [ 56.457150][ T5820] RBP: 00000000000001e0 R08: 0000000000000001 R09: 0000000000000000 [ 56.465107][ T5820] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8b6e10ae [ 56.473063][ T5820] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 56.481017][ T5820] FS: 000055555e74d380(0000) GS:ffff8881249e4000(0000) knlGS:0000000000000000 [ 56.489934][ T5820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.496503][ T5820] CR2: 00000000005fdeb8 CR3: 0000000075036000 CR4: 00000000003526f0 [ 56.504461][ T5820] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 56.512415][ T5820] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 56.520367][ T5820] Call Trace: [ 56.523631][ T5820] [ 56.526545][ T5820] __kasan_check_byte+0x13/0x50 [ 56.531381][ T5820] lock_acquire+0xfc/0x350 [ 56.535788][ T5820] ? __pfx___might_resched+0x10/0x10 [ 56.541062][ T5820] down_read_killable+0x9e/0x4b0 [ 56.545999][ T5820] ? do_pagemap_scan+0x691/0xd00 [ 56.550926][ T5820] ? __might_fault+0x13b/0x190 [ 56.555668][ T5820] ? __pfx_down_read_killable+0x10/0x10 [ 56.561199][ T5820] do_pagemap_scan+0x691/0xd00 [ 56.565951][ T5820] ? __pfx_do_pagemap_scan+0x10/0x10 [ 56.571231][ T5820] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 56.578092][ T5820] ? selinux_file_ioctl+0x180/0x270 [ 56.583276][ T5820] ? selinux_file_ioctl+0xb4/0x270 [ 56.588373][ T5820] do_pagemap_cmd+0x58/0x80 [ 56.592864][ T5820] ? __pfx_do_pagemap_cmd+0x10/0x10 [ 56.598052][ T5820] __x64_sys_ioctl+0x190/0x200 [ 56.602804][ T5820] do_syscall_64+0xcd/0x260 [ 56.607290][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.613164][ T5820] RIP: 0033:0x7f03d3c03c39 [ 56.617561][ T5820] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 56.637152][ T5820] RSP: 002b:00007ffd8c6807d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 56.645544][ T5820] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f03d3c03c39 [ 56.653511][ T5820] RDX: 0000200000000100 RSI: 00000000c0606610 RDI: 0000000000000004 [ 56.661463][ T5820] RBP: 00007f03d3c775f0 R08: 00007ffd8c680484 R09: 0000000000000006 [ 56.669429][ T5820] R10: 0000000000000014 R11: 0000000000000246 R12: 0000000000000001 [ 56.677379][ T5820] R13: 431bde82d7b634db R14: 0000000000000001 R15: 0000000000000001 [ 56.685333][ T5820] [ 56.688331][ T5820] Modules linked in: [ 56.692661][ T5820] ---[ end trace 0000000000000000 ]--- [ 56.698531][ T5820] RIP: 0010:kasan_byte_accessible+0x15/0x30 [ 56.704691][ T5820] Code: 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 48 b8 00 00 00 00 00 fc ff df 48 c1 ef 03 48 01 c7 <0f> b6 07 3c 07 0f 96 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 [ 56.724303][ T5820] RSP: 0018:ffffc90002f87b90 EFLAGS: 00010286 [ 56.730395][ T5820] RAX: dffffc0000000000 RBX: 00000000000001e0 RCX: 0000000000000001 [ 56.738345][ T5820] RDX: 0000000000000000 RSI: ffffffff8b6e10ae RDI: dffffc000000003c [ 56.746317][ T5820] RBP: 00000000000001e0 R08: 0000000000000001 R09: 0000000000000000 [ 56.754290][ T5820] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8b6e10ae [ 56.762269][ T5820] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 56.770253][ T5820] FS: 000055555e74d380(0000) GS:ffff8881249e4000(0000) knlGS:0000000000000000 [ 56.779189][ T5820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 56.785794][ T5820] CR2: 00000000005fdeb8 CR3: 0000000075036000 CR4: 00000000003526f0 [ 56.793784][ T5820] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 56.801766][ T5820] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 56.809736][ T5820] Kernel panic - not syncing: Fatal exception [ 56.815992][ T5820] Kernel Offset: disabled [ 56.820295][ T5820] Rebooting in 86400 seconds..