./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2335989863
<...>
Warning: Permanently added '10.128.1.28' (ED25519) to the list of known hosts.
execve("./syz-executor2335989863", ["./syz-executor2335989863"], 0x7ffda12cd430 /* 10 vars */) = 0
brk(NULL) = 0x555559dbb000
brk(0x555559dbbd00) = 0x555559dbbd00
arch_prctl(ARCH_SET_FS, 0x555559dbb380) = 0
set_tid_address(0x555559dbb650) = 297
set_robust_list(0x555559dbb660, 24) = 0
rseq(0x555559dbbca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2335989863", 4096) = 28
getrandom("\x23\x8e\xf8\x9a\x76\x0b\xaf\x6c", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555559dbbd00
brk(0x555559ddcd00) = 0x555559ddcd00
brk(0x555559ddd000) = 0x555559ddd000
mprotect(0x7f7bdc627000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0executing program
) = 0x200001000000
write(1, "executing program\n", 18) = 18
clone(child_stack=NULL, flags=0) = 298
openat(AT_FDCWD, "/proc/self/task", O_RDWR) = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/proc/self/task", O_RDONLY) = 3
fchdir(3) = 0
mount(NULL, ".", "proc", 0, NULL) = 0
close(-1) = -1 EBADF (Bad file descriptor)
./strace-static-x86_64: Process 298 attached
[ 27.138823][ T36] audit: type=1400 audit(1754297191.120:64): avc: denied { execmem } for pid=297 comm="syz-executor233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 27.158701][ T36] audit: type=1400 audit(1754297191.120:65): avc: denied { mounton } for pid=297 comm="syz-executor233" path="/proc/297/task" dev="proc" ino=451 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 27.181416][ T36] audit: type=1400 audit(1754297191.120:66): avc: denied { mount } for pid=297 comm="syz-executor233" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[pid 298] exit(0) = ?
[pid 298] +++ exited with 0 +++
openat(AT_FDCWD, "/proc/self/task/298/pagemap", O_RDWR) = 4
[ 27.345088][ T297] ==================================================================
[ 27.353215][ T297] BUG: KASAN: null-ptr-deref in rwsem_read_trylock+0x7e/0x660
[ 27.360726][ T297] Write of size 8 at addr 0000000000000098 by task syz-executor233/297
[ 27.368974][ T297]
[ 27.371313][ T297] CPU: 1 UID: 0 PID: 297 Comm: syz-executor233 Not tainted 6.12.38-syzkaller-gbf0fb8bb181b #0 d02c7cfa86e34ad1734bbfdc1f5f1c3ce9be47fc
[ 27.371336][ T297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 27.371354][ T297] Call Trace:
[ 27.371360][ T297]
[ 27.371373][ T297] __dump_stack+0x21/0x30
[ 27.371397][ T297] dump_stack_lvl+0x10c/0x190
[ 27.371419][ T297] ? __cfi_dump_stack_lvl+0x10/0x10
[ 27.371438][ T297] ? do_vfs_ioctl+0x1713/0x1e30
[ 27.371455][ T297] print_report+0x3d/0x70
[ 27.371469][ T297] kasan_report+0x163/0x1a0
[ 27.371485][ T297] ? rwsem_read_trylock+0x7e/0x660
[ 27.371505][ T297] ? rwsem_read_trylock+0x7e/0x660
[ 27.371523][ T297] kasan_check_range+0x299/0x2a0
[ 27.371539][ T297] __kasan_check_write+0x18/0x20
[ 27.371559][ T297] rwsem_read_trylock+0x7e/0x660
[ 27.371577][ T297] ? downgrade_write+0x440/0x440
[ 27.371595][ T297] ? has_cap_mac_admin+0xd0/0xd0
[ 27.371611][ T297] ? __schedule+0x132a/0x1df0
[ 27.371626][ T297] down_read_killable+0x79/0xf0
[ 27.371645][ T297] ? __cfi_down_read_killable+0x10/0x10
[ 27.371666][ T297] do_pagemap_cmd+0x598/0xc20
[ 27.371690][ T297] ? _raw_spin_lock_irq+0x8d/0x120
[ 27.371712][ T297] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 27.371732][ T297] ? irqentry_exit+0x4a/0x60
[ 27.371751][ T297] ? common_interrupt+0x5c/0xb0
[ 27.371766][ T297] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 27.371784][ T297] ? __se_sys_ioctl+0x114/0x1b0
[ 27.371799][ T297] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 27.371817][ T297] __se_sys_ioctl+0x135/0x1b0
[ 27.371832][ T297] __x64_sys_ioctl+0x7f/0xa0
[ 27.371846][ T297] x64_sys_call+0x1878/0x2ee0
[ 27.371867][ T297] do_syscall_64+0x58/0xf0
[ 27.371890][ T297] ? clear_bhb_loop+0x50/0xa0
[ 27.371908][ T297] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 27.371925][ T297] RIP: 0033:0x7f7bdc5b4819
[ 27.371946][ T297] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 27.371959][ T297] RSP: 002b:00007fff4884c618 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 27.371981][ T297] RAX: ffffffffffffffda RBX: 00007fff4884c7e8 RCX: 00007f7bdc5b4819
[ 27.371994][ T297] RDX: 0000200000000100 RSI: 00000000c0606610 RDI: 0000000000000004
[ 27.372005][ T297] RBP: 00007f7bdc627610 R08: 00007fff4884c2c5 R09: 00007fff4884c7e8
[ 27.372016][ T297] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[ 27.372027][ T297] R13: 00007fff4884c7d8 R14: 0000000000000001 R15: 0000000000000001
[ 27.372039][ T297]
[ 27.372045][ T297] ==================================================================
[ 27.632045][ T297] Disabling lock debugging due to kernel taint
[ 27.638466][ T297] BUG: kernel NULL pointer dereference, address: 0000000000000098
[ 27.646301][ T297] #PF: supervisor write access in kernel mode
[ 27.652369][ T297] #PF: error_code(0x0002) - not-present page
[ 27.658347][ T297] PGD 0 P4D 0
[ 27.661728][ T297] Oops: Oops: 0002 [#1] PREEMPT SMP KASAN PTI
[ 27.667804][ T297] CPU: 1 UID: 0 PID: 297 Comm: syz-executor233 Tainted: G B 6.12.38-syzkaller-gbf0fb8bb181b #0 d02c7cfa86e34ad1734bbfdc1f5f1c3ce9be47fc
[ 27.683273][ T297] Tainted: [B]=BAD_PAGE
[ 27.687436][ T297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 27.697653][ T297] RIP: 0010:rwsem_read_trylock+0x89/0x660
[ 27.703415][ T297] Code: b8 f1 f1 f1 f1 04 f3 f3 f3 49 89 04 1c c7 44 24 40 00 00 00 00 be 08 00 00 00 e8 e2 bf 76 00 41 bd 00 01 00 00 4c 89 7c 24 18 4d 0f c1 2f 49 81 c5 00 01 00 00 4d 89 f7 49 c1 ef 03 41 80 3c
[ 27.723143][ T297] RSP: 0018:ffffc9000114fb20 EFLAGS: 00010246
[ 27.729311][ T297] RAX: ffff888121ecdf00 RBX: dffffc0000000000 RCX: ffff888121ecdf00
[ 27.737349][ T297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 27.745359][ T297] RBP: ffffc9000114fbd0 R08: ffffffff8895d947 R09: 1ffffffff112bb28
[ 27.753341][ T297] R10: dffffc0000000000 R11: fffffbfff112bb29 R12: 1ffff92000229f68
[ 27.761314][ T297] R13: 0000000000000100 R14: ffffc9000114fc00 R15: 0000000000000098
[ 27.769310][ T297] FS: 0000555559dbb380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 27.778252][ T297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 27.784848][ T297] CR2: 0000000000000098 CR3: 000000012fc64000 CR4: 00000000003526b0
[ 27.792843][ T297] Call Trace:
[ 27.796131][ T297]
[ 27.799062][ T297] ? downgrade_write+0x440/0x440
[ 27.804016][ T297] ? has_cap_mac_admin+0xd0/0xd0
[ 27.808958][ T297] ? __schedule+0x132a/0x1df0
[ 27.813634][ T297] down_read_killable+0x79/0xf0
[ 27.818498][ T297] ? __cfi_down_read_killable+0x10/0x10
[ 27.824046][ T297] do_pagemap_cmd+0x598/0xc20
[ 27.828750][ T297] ? _raw_spin_lock_irq+0x8d/0x120
[ 27.833888][ T297] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 27.839120][ T297] ? irqentry_exit+0x4a/0x60
[ 27.843933][ T297] ? common_interrupt+0x5c/0xb0
[ 27.848798][ T297] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 27.854112][ T297] ? __se_sys_ioctl+0x114/0x1b0
[ 27.858983][ T297] ? __cfi_do_pagemap_cmd+0x10/0x10
[ 27.864190][ T297] __se_sys_ioctl+0x135/0x1b0
[ 27.868973][ T297] __x64_sys_ioctl+0x7f/0xa0
[ 27.873617][ T297] x64_sys_call+0x1878/0x2ee0
[ 27.878404][ T297] do_syscall_64+0x58/0xf0
[ 27.882835][ T297] ? clear_bhb_loop+0x50/0xa0
[ 27.887525][ T297] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 27.893440][ T297] RIP: 0033:0x7f7bdc5b4819
[ 27.897867][ T297] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 27.917492][ T297] RSP: 002b:00007fff4884c618 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 27.925998][ T297] RAX: ffffffffffffffda RBX: 00007fff4884c7e8 RCX: 00007f7bdc5b4819
[ 27.933972][ T297] RDX: 0000200000000100 RSI: 00000000c0606610 RDI: 0000000000000004
[ 27.942113][ T297] RBP: 00007f7bdc627610 R08: 00007fff4884c2c5 R09: 00007fff4884c7e8
[ 27.950082][ T297] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001
[ 27.958059][ T297] R13: 00007fff4884c7d8 R14: 0000000000000001 R15: 0000000000000001
[ 27.966052][ T297]
[ 27.969082][ T297] Modules linked in:
[ 27.973006][ T297] CR2: 0000000000000098
[ 27.977207][ T297] ---[ end trace 0000000000000000 ]---
[ 27.982674][ T297] RIP: 0010:rwsem_read_trylock+0x89/0x660
[ 27.988423][ T297] Code: b8 f1 f1 f1 f1 04 f3 f3 f3 49 89 04 1c c7 44 24 40 00 00 00 00 be 08 00 00 00 e8 e2 bf 76 00 41 bd 00 01 00 00 4c 89 7c 24 18 4d 0f c1 2f 49 81 c5 00 01 00 00 4d 89 f7 49 c1 ef 03 41 80 3c
[ 28.008142][ T297] RSP: 0018:ffffc9000114fb20 EFLAGS: 00010246
[ 28.014226][ T297] RAX: ffff888121ecdf00 RBX: dffffc0000000000 RCX: ffff888121ecdf00
[ 28.022197][ T297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 28.030178][ T297] RBP: ffffc9000114fbd0 R08: ffffffff8895d947 R09: 1ffffffff112bb28
[ 28.038152][ T297] R10: dffffc0000000000 R11: fffffbfff112bb29 R12: 1ffff92000229f68
[ 28.046126][ T297] R13: 0000000000000100 R14: ffffc9000114fc00 R15: 0000000000000098
[ 28.054273][ T297] FS: 0000555559dbb380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 28.063237][ T297] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 28.070007][ T297] CR2: 0000000000000098 CR3: 000000012fc64000 CR4: 00000000003526b0
[ 28.078033][ T297] Kernel panic - not syncing: Fatal exception
[ 28.084497][ T297] Kernel Offset: disabled
[ 28.088859][ T297] Rebooting in 86400 seconds..