./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor174726256
<...>
pid=5663 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 42.697767][ T30] audit: type=1400 audit(1745271534.266:83): avc: denied { read } for pid=5178 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 43.283731][ T30] audit: type=1400 audit(1745271534.846:84): avc: denied { write } for pid=5672 comm="sftp-server" path="pipe:[3765]" dev="pipefs" ino=3765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 43.711137][ T30] audit: type=1400 audit(1745271535.276:85): avc: denied { append } for pid=5178 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 43.733355][ T30] audit: type=1400 audit(1745271535.276:86): avc: denied { open } for pid=5178 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 43.756436][ T30] audit: type=1400 audit(1745271535.276:87): avc: denied { getattr } for pid=5178 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
Warning: Permanently added '10.128.0.229' (ED25519) to the list of known hosts.
execve("./syz-executor174726256", ["./syz-executor174726256"], 0x7ffe51249a90 /* 10 vars */) = 0
brk(NULL) = 0x555584017000
brk(0x555584017d00) = 0x555584017d00
arch_prctl(ARCH_SET_FS, 0x555584017380) = 0
set_tid_address(0x555584017650) = 5820
set_robust_list(0x555584017660, 24) = 0
rseq(0x555584017ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor174726256", 4096) = 27
getrandom("\x24\x42\x10\x81\xca\xa7\x63\x43", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555584017d00
brk(0x555584038d00) = 0x555584038d00
brk(0x555584039000) = 0x555584039000
mprotect(0x7fda2e9a2000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555584017650) = 5821
./strace-static-x86_64: Process 5821 attached
[pid 5821] set_robust_list(0x555584017660, 24) = 0
[ 56.274801][ T30] audit: type=1400 audit(1745271547.836:88): avc: denied { execmem } for pid=5820 comm="syz-executor174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[pid 5821] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5821] setpgid(0, 0) = 0
[pid 5821] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5821] write(3, "1000", 4) = 4
[pid 5821] close(3) = 0
executing program
[pid 5821] write(1, "executing program\n", 18) = 18
[pid 5821] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SOCKET_FILTER, insn_cnt=8, insns=0x200000001000, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS}, 72) = 3
[ 56.390336][ T30] audit: type=1400 audit(1745271547.956:89): avc: denied { prog_load } for pid=5821 comm="syz-executor174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 56.409773][ T30] audit: type=1400 audit(1745271547.956:90): avc: denied { bpf } for pid=5821 comm="syz-executor174" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 56.431533][ T5821] ------------[ cut here ]------------
[ 56.437006][ T5821] Please remove unsupported %� in format string
[ 56.443937][ T30] audit: type=1400 audit(1745271547.956:91): avc: denied { perfmon } for pid=5821 comm="syz-executor174" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 56.443958][ T5821] WARNING: CPU: 0 PID: 5821 at lib/vsprintf.c:2702 format_decode+0xac6/0xd40
[ 56.466085][ T30] audit: type=1400 audit(1745271547.956:92): avc: denied { prog_run } for pid=5821 comm="syz-executor174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 56.473832][ T5821] Modules linked in:
[ 56.496949][ T5821] CPU: 0 UID: 0 PID: 5821 Comm: syz-executor174 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full)
[ 56.509368][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 56.519433][ T5821] RIP: 0010:format_decode+0xac6/0xd40
[ 56.524802][ T5821] Code: ea 03 0f b6 04 02 4c 89 ea 83 e2 07 38 d0 7f 08 84 c0 0f 85 c2 01 00 00 41 0f b6 75 00 48 c7 c7 80 2b f2 8c e8 ab a0 0b f6 90 <0f> 0b 90 90 e9 d8 fa ff ff 49 bc 00 00 00 00 00 fc ff df 31 db e8
[ 56.544424][ T5821] RSP: 0018:ffffc90003fff6b8 EFLAGS: 00010282
[ 56.550512][ T5821] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817adff8
[ 56.558474][ T5821] RDX: ffff888026c62440 RSI: ffffffff817ae005 RDI: 0000000000000001
[ 56.566455][ T5821] RBP: ffffc90003fff758 R08: 0000000000000001 R09: 0000000000000000
[ 56.574437][ T5821] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000004
[ 56.582415][ T5821] R13: ffffc90003fff95c R14: ffffc90003fff7e8 R15: 0000000000000000
[ 56.590395][ T5821] FS: 0000555584017380(0000) GS:ffff8881249b2000(0000) knlGS:0000000000000000
[ 56.599335][ T5821] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 56.605900][ T5821] CR2: 00007fda2e9a60d0 CR3: 00000000250fc000 CR4: 00000000003526f0
[ 56.613889][ T5821] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 56.621869][ T5821] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 56.629861][ T5821] Call Trace:
[ 56.633127][ T5821] <TASK>
[ 56.636038][ T5821] ? __pfx_format_decode+0x10/0x10
[ 56.641156][ T5821] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 56.647053][ T5821] bstr_printf+0x168/0x10a0
[ 56.651568][ T5821] ? __pfx_bstr_printf+0x10/0x10
[ 56.656498][ T5821] ? __lock_acquire+0x5ca/0x1ba0
[ 56.661436][ T5821] ? bpf_test_run+0x43d/0xa70
[ 56.666112][ T5821] bpf_trace_printk+0x10a/0x190
[ 56.670978][ T5821] ? __pfx_bpf_trace_printk+0x10/0x10
[ 56.676349][ T5821] ? bpf_test_run+0x43d/0xa70
[ 56.681037][ T5821] ? ktime_get+0x200/0x310
[ 56.685447][ T5821] ? lockdep_hardirqs_on+0x7c/0x110
[ 56.690664][ T5821] ? read_tsc+0x9/0x20
[ 56.694744][ T5821] bpf_prog_12183cdb1cd51dab+0x37/0x3b
[ 56.700213][ T5821] bpf_test_run+0x489/0xa70
[ 56.704722][ T5821] ? __pfx_bpf_test_run+0x10/0x10
[ 56.709766][ T5821] ? __asan_memset+0x23/0x50
[ 56.714356][ T5821] bpf_prog_test_run_skb+0xb92/0x2280
[ 56.719740][ T5821] ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 56.725537][ T5821] ? __might_fault+0x13b/0x190
[ 56.730314][ T5821] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 56.736197][ T5821] ? fdget+0x176/0x210
[ 56.740282][ T5821] ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 56.746081][ T5821] __sys_bpf+0x1485/0x4d80
[ 56.750502][ T5821] ? __pfx___sys_bpf+0x10/0x10
[ 56.755257][ T5821] ? do_raw_spin_lock+0x12c/0x2b0
[ 56.760282][ T5821] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 56.765646][ T5821] ? ptrace_stop.part.0+0x732/0x950
[ 56.770860][ T5821] ? rcu_is_watching+0x12/0xc0
[ 56.775619][ T5821] ? _raw_spin_unlock_irq+0x23/0x50
[ 56.780817][ T5821] ? lockdep_hardirqs_on+0x7c/0x110
[ 56.786011][ T5821] __x64_sys_bpf+0x78/0xc0
[ 56.790439][ T5821] do_syscall_64+0xcd/0x260
[ 56.794946][ T5821] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 56.800848][ T5821] RIP: 0033:0x7fda2e92fbb9
[ 56.805252][ T5821] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 56.824868][ T5821] RSP: 002b:00007ffc27310578 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 56.833291][ T5821] RAX: ffffffffffffffda RBX: 64006ad576d86aa0 RCX: 00007fda2e92fbb9
[ 56.841285][ T5821] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[ 56.849269][ T5821] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000006
[ 56.857231][ T5821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 56.865219][ T5821] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 56.873200][ T5821] </TASK>
[ 56.876199][ T5821] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 56.883453][ T5821] CPU: 0 UID: 0 PID: 5821 Comm: syz-executor174 Not tainted 6.15.0-rc3-syzkaller-00001-g9d7a0577c9db #0 PREEMPT(full)
[ 56.895836][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 56.905865][ T5821] Call Trace:
[ 56.909121][ T5821] <TASK>
[ 56.912027][ T5821] dump_stack_lvl+0x3d/0x1f0
[ 56.916597][ T5821] panic+0x71c/0x800
[ 56.920471][ T5821] ? __pfx_panic+0x10/0x10
[ 56.924859][ T5821] ? show_trace_log_lvl+0x29b/0x3e0
[ 56.930035][ T5821] ? check_panic_on_warn+0x1f/0xb0
[ 56.935126][ T5821] ? format_decode+0xac6/0xd40
[ 56.939863][ T5821] check_panic_on_warn+0xab/0xb0
[ 56.944772][ T5821] __warn+0xf6/0x3c0
[ 56.948655][ T5821] ? format_decode+0xac6/0xd40
[ 56.953394][ T5821] report_bug+0x3c3/0x580
[ 56.957701][ T5821] ? format_decode+0xac6/0xd40
[ 56.962439][ T5821] handle_bug+0x184/0x210
[ 56.966750][ T5821] exc_invalid_op+0x17/0x50
[ 56.971234][ T5821] asm_exc_invalid_op+0x1a/0x20
[ 56.976066][ T5821] RIP: 0010:format_decode+0xac6/0xd40
[ 56.981421][ T5821] Code: ea 03 0f b6 04 02 4c 89 ea 83 e2 07 38 d0 7f 08 84 c0 0f 85 c2 01 00 00 41 0f b6 75 00 48 c7 c7 80 2b f2 8c e8 ab a0 0b f6 90 <0f> 0b 90 90 e9 d8 fa ff ff 49 bc 00 00 00 00 00 fc ff df 31 db e8
[ 57.001013][ T5821] RSP: 0018:ffffc90003fff6b8 EFLAGS: 00010282
[ 57.007061][ T5821] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817adff8
[ 57.015016][ T5821] RDX: ffff888026c62440 RSI: ffffffff817ae005 RDI: 0000000000000001
[ 57.022968][ T5821] RBP: ffffc90003fff758 R08: 0000000000000001 R09: 0000000000000000
[ 57.030920][ T5821] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000004
[ 57.038870][ T5821] R13: ffffc90003fff95c R14: ffffc90003fff7e8 R15: 0000000000000000
[ 57.046828][ T5821] ? __warn_printk+0x198/0x350
[ 57.051572][ T5821] ? __warn_printk+0x1a5/0x350
[ 57.056319][ T5821] ? format_decode+0xac5/0xd40
[ 57.061067][ T5821] ? __pfx_format_decode+0x10/0x10
[ 57.066159][ T5821] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 57.072035][ T5821] bstr_printf+0x168/0x10a0
[ 57.076530][ T5821] ? __pfx_bstr_printf+0x10/0x10
[ 57.081470][ T5821] ? __lock_acquire+0x5ca/0x1ba0
[ 57.086388][ T5821] ? bpf_test_run+0x43d/0xa70
[ 57.091049][ T5821] bpf_trace_printk+0x10a/0x190
[ 57.095888][ T5821] ? __pfx_bpf_trace_printk+0x10/0x10
[ 57.101253][ T5821] ? bpf_test_run+0x43d/0xa70
[ 57.105910][ T5821] ? ktime_get+0x200/0x310
[ 57.110313][ T5821] ? lockdep_hardirqs_on+0x7c/0x110
[ 57.115497][ T5821] ? read_tsc+0x9/0x20
[ 57.119558][ T5821] bpf_prog_12183cdb1cd51dab+0x37/0x3b
[ 57.124994][ T5821] bpf_test_run+0x489/0xa70
[ 57.129488][ T5821] ? __pfx_bpf_test_run+0x10/0x10
[ 57.134509][ T5821] ? __asan_memset+0x23/0x50
[ 57.139091][ T5821] bpf_prog_test_run_skb+0xb92/0x2280
[ 57.144470][ T5821] ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 57.150277][ T5821] ? __might_fault+0x13b/0x190
[ 57.155040][ T5821] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 57.160923][ T5821] ? fdget+0x176/0x210
[ 57.164980][ T5821] ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 57.170774][ T5821] __sys_bpf+0x1485/0x4d80
[ 57.175181][ T5821] ? __pfx___sys_bpf+0x10/0x10
[ 57.179943][ T5821] ? do_raw_spin_lock+0x12c/0x2b0
[ 57.184972][ T5821] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 57.190346][ T5821] ? ptrace_stop.part.0+0x732/0x950
[ 57.195549][ T5821] ? rcu_is_watching+0x12/0xc0
[ 57.200298][ T5821] ? _raw_spin_unlock_irq+0x23/0x50
[ 57.205479][ T5821] ? lockdep_hardirqs_on+0x7c/0x110
[ 57.210667][ T5821] __x64_sys_bpf+0x78/0xc0
[ 57.215072][ T5821] do_syscall_64+0xcd/0x260
[ 57.219565][ T5821] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 57.225454][ T5821] RIP: 0033:0x7fda2e92fbb9
[ 57.229857][ T5821] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 57.249454][ T5821] RSP: 002b:00007ffc27310578 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 57.257852][ T5821] RAX: ffffffffffffffda RBX: 64006ad576d86aa0 RCX: 00007fda2e92fbb9
[ 57.265804][ T5821] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[ 57.273755][ T5821] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000006
[ 57.281704][ T5821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 57.289656][ T5821] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 57.297621][ T5821] </TASK>
[ 57.300822][ T5821] Kernel Offset: disabled
[ 57.305137][ T5821] Rebooting in 86400 seconds..