./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3575261912
<...>
Warning: Permanently added '10.128.1.191' (ED25519) to the list of known hosts.
execve("./syz-executor3575261912", ["./syz-executor3575261912"], 0x7ffe89a96200 /* 10 vars */) = 0
brk(NULL) = 0x55558d4c8000
brk(0x55558d4c8d00) = 0x55558d4c8d00
arch_prctl(ARCH_SET_FS, 0x55558d4c8380) = 0
set_tid_address(0x55558d4c8650) = 296
set_robust_list(0x55558d4c8660, 24) = 0
rseq(0x55558d4c8ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3575261912", 4096) = 28
getrandom("\xa6\xd6\x18\xfc\x72\xf3\xc4\x55", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55558d4c8d00
brk(0x55558d4e9d00) = 0x55558d4e9d00
brk(0x55558d4ea000) = 0x55558d4ea000
mprotect(0x7fcf9dc1f000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
executing program
write(1, "executing program\n", 18) = 18
clone(child_stack=NULL, flags=0./strace-static-x86_64: Process 297 attached
) = 297
[pid 296] openat(AT_FDCWD, "/proc/self/task", O_RDWR) = -1 EISDIR (Is a directory)
[pid 296] openat(AT_FDCWD, "/proc/self/task", O_RDONLY) = 3
[pid 296] fchdir(3) = 0
[pid 296] mount(NULL, ".", "proc", 0, NULL) = 0
[pid 296] close(-1) = -1 EBADF (Bad file descriptor)
[ 28.464543][ T36] audit: type=1400 audit(1754294869.540:64): avc: denied { execmem } for pid=296 comm="syz-executor357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 28.484350][ T36] audit: type=1400 audit(1754294869.540:65): avc: denied { mounton } for pid=296 comm="syz-executor357" path="/proc/296/task" dev="proc" ino=3185 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 28.507267][ T36] audit: type=1400 audit(1754294869.540:66): avc: denied { mount } for pid=296 comm="syz-executor357" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[pid 297] exit(0) = ?
[pid 297] +++ exited with 0 +++
openat(AT_FDCWD, "/proc/self/task/297/pagemap", O_RDWR) = 4
[ 28.667941][ T296] ==================================================================
[ 28.676325][ T296] BUG: KASAN: null-ptr-deref in rwsem_read_trylock+0x7e/0x660
[ 28.683797][ T296] Write of size 8 at addr 0000000000000098 by task syz-executor357/296
[ 28.692029][ T296]
[ 28.694352][ T296] CPU: 0 UID: 0 PID: 296 Comm: syz-executor357 Not tainted 6.12.38-syzkaller-gbf0fb8bb181b #0 d02c7cfa86e34ad1734bbfdc1f5f1c3ce9be47fc
[ 28.694373][ T296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 28.694388][ T296] Call Trace:
[ 28.694395][ T296]
[ 28.694401][ T296] __dump_stack+0x21/0x30
[ 28.694422][ T296] dump_stack_lvl+0x10c/0x190
[ 28.694441][ T296] ? __cfi_dump_stack_lvl+0x10/0x10
[ 28.694459][ T296] ? do_vfs_ioctl+0x1713/0x1e30
[ 28.694476][ T296] print_report+0x3d/0x70
[ 28.694491][ T296] kasan_report+0x163/0x1a0
[ 28.694506][ T296] ? rwsem_read_trylock+0x7e/0x660
[ 28.694524][ T296] ? rwsem_read_trylock+0x7e/0x660
[ 28.694542][ T296] kasan_check_range+0x299/0x2a0
[ 28.694557][ T296] __kasan_check_write+0x18/0x20
[ 28.694576][ T296] rwsem_read_trylock+0x7e/0x660
[ 28.694594][ T296] ? downgrade_write+0x440/0x440
[ 28.694631][ T296] ? has_cap_mac_admin+0xd0/0xd0
[ 28.694647][ T296] ? __schedule+0x132a/0x1df0
[ 28.694661][ T296] down_read_killable+0x79/0xf0
[ 28.694681][ T296] ? __cfi_down_read_killable+0x10/0x10
[ 28.694701][ T296] do_pagemap_cmd+0x598/0xc20
[ 28.694720][ T296] ? _raw_spin_lock_irq+0x8d/0x120
[ 28.694743][ T296] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 28.694765][ T296] ? bpf_lsm_file_ioctl+0xd/0x20
[ 28.694790][ T296] ? security_file_ioctl+0x34/0xd0
[ 28.694805][ T296] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 28.694823][ T296] __se_sys_ioctl+0x135/0x1b0
[ 28.694838][ T296] __x64_sys_ioctl+0x7f/0xa0
[ 28.694852][ T296] x64_sys_call+0x1878/0x2ee0
[ 28.694874][ T296] do_syscall_64+0x58/0xf0
[ 28.694897][ T296] ? clear_bhb_loop+0x50/0xa0
[ 28.694915][ T296] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 28.694932][ T296] RIP: 0033:0x7fcf9dbac819
[ 28.694952][ T296] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 28.694966][ T296] RSP: 002b:00007ffd87087df8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 28.694988][ T296] RAX: ffffffffffffffda RBX: 00007ffd87087fc8 RCX: 00007fcf9dbac819
[ 28.695000][ T296] RDX: 0000200000000100 RSI: 00000000c0606610 RDI: 0000000000000004
[ 28.695011][ T296] RBP: 00007fcf9dc1f610 R08: 00007ffd87087aa5 R09: 00007ffd87087fc8
[ 28.695023][ T296] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[ 28.695033][ T296] R13: 00007ffd87087fb8 R14: 0000000000000001 R15: 0000000000000001
[ 28.695046][ T296]
[ 28.695052][ T296] ==================================================================
[ 28.945078][ T296] Disabling lock debugging due to kernel taint
[ 28.951377][ T296] BUG: kernel NULL pointer dereference, address: 0000000000000098
[ 28.959177][ T296] #PF: supervisor write access in kernel mode
[ 28.965237][ T296] #PF: error_code(0x0002) - not-present page
[ 28.971292][ T296] PGD 0 P4D 0
[ 28.974666][ T296] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[ 28.980728][ T296] CPU: 0 UID: 0 PID: 296 Comm: syz-executor357 Tainted: G B 6.12.38-syzkaller-gbf0fb8bb181b #0 d02c7cfa86e34ad1734bbfdc1f5f1c3ce9be47fc
[ 28.996015][ T296] Tainted: [B]=BAD_PAGE
[ 29.000166][ T296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 29.010234][ T296] RIP: 0010:rwsem_read_trylock+0x89/0x660
[ 29.015978][ T296] Code: b8 f1 f1 f1 f1 04 f3 f3 f3 49 89 04 1c c7 44 24 40 00 00 00 00 be 08 00 00 00 e8 e2 bf 76 00 41 bd 00 01 00 00 4c 89 7c 24 18 4d 0f c1 2f 49 81 c5 00 01 00 00 4d 89 f7 49 c1 ef 03 41 80 3c
[ 29.035600][ T296] RSP: 0018:ffffc900011dfb20 EFLAGS: 00010246
[ 29.041672][ T296] RAX: ffff8881200ccc00 RBX: dffffc0000000000 RCX: ffff8881200ccc00
[ 29.049657][ T296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 29.057641][ T296] RBP: ffffc900011dfbd0 R08: ffffffff8895d947 R09: 1ffffffff112bb28
[ 29.065626][ T296] R10: dffffc0000000000 R11: fffffbfff112bb29 R12: 1ffff9200023bf68
[ 29.073749][ T296] R13: 0000000000000100 R14: ffffc900011dfc00 R15: 0000000000000098
[ 29.081730][ T296] FS: 000055558d4c8380(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 29.090664][ T296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 29.097249][ T296] CR2: 0000000000000098 CR3: 0000000102fbc000 CR4: 00000000003526b0
[ 29.105216][ T296] Call Trace:
[ 29.108493][ T296]
[ 29.111438][ T296] ? downgrade_write+0x440/0x440
[ 29.116384][ T296] ? has_cap_mac_admin+0xd0/0xd0
[ 29.121319][ T296] ? __schedule+0x132a/0x1df0
[ 29.125997][ T296] down_read_killable+0x79/0xf0
[ 29.130855][ T296] ? __cfi_down_read_killable+0x10/0x10
[ 29.136415][ T296] do_pagemap_cmd+0x598/0xc20
[ 29.141092][ T296] ? _raw_spin_lock_irq+0x8d/0x120
[ 29.146217][ T296] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 29.151440][ T296] ? bpf_lsm_file_ioctl+0xd/0x20
[ 29.156406][ T296] ? security_file_ioctl+0x34/0xd0
[ 29.161524][ T296] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 29.166728][ T296] __se_sys_ioctl+0x135/0x1b0
[ 29.171405][ T296] __x64_sys_ioctl+0x7f/0xa0
[ 29.175993][ T296] x64_sys_call+0x1878/0x2ee0
[ 29.180672][ T296] do_syscall_64+0x58/0xf0
[ 29.185106][ T296] ? clear_bhb_loop+0x50/0xa0
[ 29.189797][ T296] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 29.195702][ T296] RIP: 0033:0x7fcf9dbac819
[ 29.200140][ T296] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 29.219870][ T296] RSP: 002b:00007ffd87087df8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 29.228284][ T296] RAX: ffffffffffffffda RBX: 00007ffd87087fc8 RCX: 00007fcf9dbac819
[ 29.236263][ T296] RDX: 0000200000000100 RSI: 00000000c0606610 RDI: 0000000000000004
[ 29.244264][ T296] RBP: 00007fcf9dc1f610 R08: 00007ffd87087aa5 R09: 00007ffd87087fc8
[ 29.252237][ T296] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[ 29.260211][ T296] R13: 00007ffd87087fb8 R14: 0000000000000001 R15: 0000000000000001
[ 29.268204][ T296]
[ 29.271239][ T296] Modules linked in:
[ 29.275146][ T296] CR2: 0000000000000098
[ 29.279301][ T296] ---[ end trace 0000000000000000 ]---
[ 29.284755][ T296] RIP: 0010:rwsem_read_trylock+0x89/0x660
[ 29.290501][ T296] Code: b8 f1 f1 f1 f1 04 f3 f3 f3 49 89 04 1c c7 44 24 40 00 00 00 00 be 08 00 00 00 e8 e2 bf 76 00 41 bd 00 01 00 00 4c 89 7c 24 18 4d 0f c1 2f 49 81 c5 00 01 00 00 4d 89 f7 49 c1 ef 03 41 80 3c
[ 29.310129][ T296] RSP: 0018:ffffc900011dfb20 EFLAGS: 00010246
[ 29.316243][ T296] RAX: ffff8881200ccc00 RBX: dffffc0000000000 RCX: ffff8881200ccc00
[ 29.324313][ T296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 29.332386][ T296] RBP: ffffc900011dfbd0 R08: ffffffff8895d947 R09: 1ffffffff112bb28
[ 29.340387][ T296] R10: dffffc0000000000 R11: fffffbfff112bb29 R12: 1ffff9200023bf68
[ 29.348366][ T296] R13: 0000000000000100 R14: ffffc900011dfc00 R15: 0000000000000098
[ 29.356341][ T296] FS: 000055558d4c8380(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 29.365269][ T296] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 29.371868][ T296] CR2: 0000000000000098 CR3: 0000000102fbc000 CR4: 00000000003526b0
[ 29.379928][ T296] Kernel panic - not syncing: Fatal exception
[ 29.386403][ T296] Kernel Offset: disabled
[ 29.390765][ T296] Rebooting in 86400 seconds..