./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1311888478
<...>
Warning: Permanently added '10.128.0.227' (ED25519) to the list of known hosts.
execve("./syz-executor1311888478", ["./syz-executor1311888478"], 0x7ffec0243000 /* 10 vars */) = 0
brk(NULL) = 0x55556885f000
brk(0x55556885fd00) = 0x55556885fd00
arch_prctl(ARCH_SET_FS, 0x55556885f380) = 0
set_tid_address(0x55556885f650) = 296
set_robust_list(0x55556885f660, 24) = 0
rseq(0x55556885fca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1311888478", 4096) = 28
getrandom("\xbf\x4c\xa8\x83\xf7\x3d\xce\xf7", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55556885fd00
brk(0x555568880d00) = 0x555568880d00
brk(0x555568881000) = 0x555568881000
mprotect(0x7f4f6fe7d000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
executing program
write(1, "executing program\n", 18) = 18
clone(child_stack=NULL, flags=0./strace-static-x86_64: Process 297 attached
) = 297
[pid 296] openat(AT_FDCWD, "/proc/self/task", O_RDWR) = -1 EISDIR (Is a directory)
[pid 296] openat(AT_FDCWD, "/proc/self/task", O_RDONLY) = 3
[pid 296] fchdir(3) = 0
[pid 296] mount(NULL, ".", "proc", 0, NULL) = 0
[pid 296] close(-1) = -1 EBADF (Bad file descriptor)
[ 24.011194][ T36] audit: type=1400 audit(1754299883.290:64): avc: denied { execmem } for pid=296 comm="syz-executor131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 24.033913][ T36] audit: type=1400 audit(1754299883.310:65): avc: denied { mounton } for pid=296 comm="syz-executor131" path="/proc/296/task" dev="proc" ino=643 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 24.056812][ T36] audit: type=1400 audit(1754299883.310:66): avc: denied { mount } for pid=296 comm="syz-executor131" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[pid 297] exit(0) = ?
[pid 297] +++ exited with 0 +++
openat(AT_FDCWD, "/proc/self/task/297/pagemap", O_RDWR) = 4
[ 24.236171][ T296] ==================================================================
[ 24.244281][ T296] BUG: KASAN: null-ptr-deref in rwsem_read_trylock+0x7e/0x660
[ 24.251764][ T296] Write of size 8 at addr 0000000000000098 by task syz-executor131/296
[ 24.259991][ T296]
[ 24.262312][ T296] CPU: 1 UID: 0 PID: 296 Comm: syz-executor131 Not tainted 6.12.38-syzkaller-gbf0fb8bb181b #0 d02c7cfa86e34ad1734bbfdc1f5f1c3ce9be47fc
[ 24.262333][ T296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 24.262349][ T296] Call Trace:
[ 24.262355][ T296]
[ 24.262363][ T296] __dump_stack+0x21/0x30
[ 24.262385][ T296] dump_stack_lvl+0x10c/0x190
[ 24.262404][ T296] ? __cfi_dump_stack_lvl+0x10/0x10
[ 24.262423][ T296] ? do_vfs_ioctl+0x1713/0x1e30
[ 24.262440][ T296] print_report+0x3d/0x70
[ 24.262456][ T296] kasan_report+0x163/0x1a0
[ 24.262471][ T296] ? rwsem_read_trylock+0x7e/0x660
[ 24.262490][ T296] ? rwsem_read_trylock+0x7e/0x660
[ 24.262509][ T296] kasan_check_range+0x299/0x2a0
[ 24.262525][ T296] __kasan_check_write+0x18/0x20
[ 24.262545][ T296] rwsem_read_trylock+0x7e/0x660
[ 24.262563][ T296] ? downgrade_write+0x440/0x440
[ 24.262582][ T296] ? has_cap_mac_admin+0xd0/0xd0
[ 24.262598][ T296] ? __schedule+0x132a/0x1df0
[ 24.262612][ T296] down_read_killable+0x79/0xf0
[ 24.262632][ T296] ? __cfi_down_read_killable+0x10/0x10
[ 24.262653][ T296] do_pagemap_cmd+0x598/0xc20
[ 24.262673][ T296] ? _raw_spin_lock_irq+0x8d/0x120
[ 24.262695][ T296] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 24.262718][ T296] ? bpf_lsm_file_ioctl+0xd/0x20
[ 24.262738][ T296] ? security_file_ioctl+0x34/0xd0
[ 24.262753][ T296] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 24.262771][ T296] __se_sys_ioctl+0x135/0x1b0
[ 24.262786][ T296] __x64_sys_ioctl+0x7f/0xa0
[ 24.262800][ T296] x64_sys_call+0x1878/0x2ee0
[ 24.262822][ T296] do_syscall_64+0x58/0xf0
[ 24.262845][ T296] ? clear_bhb_loop+0x50/0xa0
[ 24.262864][ T296] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 24.262881][ T296] RIP: 0033:0x7f4f6fe0a819
[ 24.262901][ T296] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 24.262915][ T296] RSP: 002b:00007ffeb70d6dd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 24.262937][ T296] RAX: ffffffffffffffda RBX: 00007ffeb70d6fa8 RCX: 00007f4f6fe0a819
[ 24.262949][ T296] RDX: 0000200000000100 RSI: 00000000c0606610 RDI: 0000000000000004
[ 24.262960][ T296] RBP: 00007f4f6fe7d610 R08: 00007ffeb70d6a85 R09: 00007ffeb70d6fa8
[ 24.262972][ T296] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[ 24.262982][ T296] R13: 00007ffeb70d6f98 R14: 0000000000000001 R15: 0000000000000001
[ 24.262995][ T296]
[ 24.263001][ T296] ==================================================================
[ 24.513577][ T296] Disabling lock debugging due to kernel taint
[ 24.519940][ T296] BUG: kernel NULL pointer dereference, address: 0000000000000098
[ 24.527738][ T296] #PF: supervisor write access in kernel mode
[ 24.533788][ T296] #PF: error_code(0x0002) - not-present page
[ 24.539770][ T296] PGD 0 P4D 0
[ 24.543141][ T296] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[ 24.549304][ T296] CPU: 1 UID: 0 PID: 296 Comm: syz-executor131 Tainted: G B 6.12.38-syzkaller-gbf0fb8bb181b #0 d02c7cfa86e34ad1734bbfdc1f5f1c3ce9be47fc
[ 24.564662][ T296] Tainted: [B]=BAD_PAGE
[ 24.568797][ T296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 24.578930][ T296] RIP: 0010:rwsem_read_trylock+0x89/0x660
[ 24.584702][ T296] Code: b8 f1 f1 f1 f1 04 f3 f3 f3 49 89 04 1c c7 44 24 40 00 00 00 00 be 08 00 00 00 e8 e2 bf 76 00 41 bd 00 01 00 00 4c 89 7c 24 18 4d 0f c1 2f 49 81 c5 00 01 00 00 4d 89 f7 49 c1 ef 03 41 80 3c
[ 24.604307][ T296] RSP: 0018:ffffc9000126fb20 EFLAGS: 00010246
[ 24.610386][ T296] RAX: ffff8881037ba600 RBX: dffffc0000000000 RCX: ffff8881037ba600
[ 24.618367][ T296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 24.626435][ T296] RBP: ffffc9000126fbd0 R08: ffffffff8895d947 R09: 1ffffffff112bb28
[ 24.634425][ T296] R10: dffffc0000000000 R11: fffffbfff112bb29 R12: 1ffff9200024df68
[ 24.642411][ T296] R13: 0000000000000100 R14: ffffc9000126fc00 R15: 0000000000000098
[ 24.650394][ T296] FS: 000055556885f380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 24.659325][ T296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 24.665915][ T296] CR2: 0000000000000098 CR3: 0000000102398000 CR4: 00000000003526b0
[ 24.673895][ T296] Call Trace:
[ 24.677175][ T296]
[ 24.680123][ T296] ? downgrade_write+0x440/0x440
[ 24.685078][ T296] ? has_cap_mac_admin+0xd0/0xd0
[ 24.690036][ T296] ? __schedule+0x132a/0x1df0
[ 24.694713][ T296] down_read_killable+0x79/0xf0
[ 24.699571][ T296] ? __cfi_down_read_killable+0x10/0x10
[ 24.705124][ T296] do_pagemap_cmd+0x598/0xc20
[ 24.709807][ T296] ? _raw_spin_lock_irq+0x8d/0x120
[ 24.714924][ T296] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 24.720144][ T296] ? bpf_lsm_file_ioctl+0xd/0x20
[ 24.725095][ T296] ? security_file_ioctl+0x34/0xd0
[ 24.730293][ T296] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 24.735523][ T296] __se_sys_ioctl+0x135/0x1b0
[ 24.740196][ T296] __x64_sys_ioctl+0x7f/0xa0
[ 24.744801][ T296] x64_sys_call+0x1878/0x2ee0
[ 24.749494][ T296] do_syscall_64+0x58/0xf0
[ 24.753917][ T296] ? clear_bhb_loop+0x50/0xa0
[ 24.758609][ T296] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 24.764499][ T296] RIP: 0033:0x7f4f6fe0a819
[ 24.768914][ T296] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 24.788612][ T296] RSP: 002b:00007ffeb70d6dd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 24.797032][ T296] RAX: ffffffffffffffda RBX: 00007ffeb70d6fa8 RCX: 00007f4f6fe0a819
[ 24.805008][ T296] RDX: 0000200000000100 RSI: 00000000c0606610 RDI: 0000000000000004
[ 24.812980][ T296] RBP: 00007f4f6fe7d610 R08: 00007ffeb70d6a85 R09: 00007ffeb70d6fa8
[ 24.820949][ T296] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[ 24.828919][ T296] R13: 00007ffeb70d6f98 R14: 0000000000000001 R15: 0000000000000001
[ 24.836888][ T296]
[ 24.839901][ T296] Modules linked in:
[ 24.843795][ T296] CR2: 0000000000000098
[ 24.847942][ T296] ---[ end trace 0000000000000000 ]---
[ 24.853397][ T296] RIP: 0010:rwsem_read_trylock+0x89/0x660
[ 24.859128][ T296] Code: b8 f1 f1 f1 f1 04 f3 f3 f3 49 89 04 1c c7 44 24 40 00 00 00 00 be 08 00 00 00 e8 e2 bf 76 00 41 bd 00 01 00 00 4c 89 7c 24 18 4d 0f c1 2f 49 81 c5 00 01 00 00 4d 89 f7 49 c1 ef 03 41 80 3c
[ 24.878736][ T296] RSP: 0018:ffffc9000126fb20 EFLAGS: 00010246
[ 24.885259][ T296] RAX: ffff8881037ba600 RBX: dffffc0000000000 RCX: ffff8881037ba600
[ 24.893229][ T296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 24.901194][ T296] RBP: ffffc9000126fbd0 R08: ffffffff8895d947 R09: 1ffffffff112bb28
[ 24.909160][ T296] R10: dffffc0000000000 R11: fffffbfff112bb29 R12: 1ffff9200024df68
[ 24.917140][ T296] R13: 0000000000000100 R14: ffffc9000126fc00 R15: 0000000000000098
[ 24.925106][ T296] FS: 000055556885f380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 24.934150][ T296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 24.940747][ T296] CR2: 0000000000000098 CR3: 0000000102398000 CR4: 00000000003526b0
[ 24.948740][ T296] Kernel panic - not syncing: Fatal exception
[ 24.955168][ T296] Kernel Offset: disabled
[ 24.959495][ T296] Rebooting in 86400 seconds..