./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1776553548

<...>
Warning: Permanently added '10.128.1.20' (ED25519) to the list of known hosts.
execve("./syz-executor1776553548", ["./syz-executor1776553548"], 0x7ffc711ffc90 /* 10 vars */) = 0
brk(NULL)                               = 0x55557a7be000
brk(0x55557a7bed00)                     = 0x55557a7bed00
arch_prctl(ARCH_SET_FS, 0x55557a7be380) = 0
set_tid_address(0x55557a7be650)         = 295
set_robust_list(0x55557a7be660, 24)     = 0
rseq(0x55557a7beca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1776553548", 4096) = 28
getrandom("\x16\x75\x79\x83\x4e\x1e\x9e\x4d", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55557a7bed00
brk(0x55557a7dfd00)                     = 0x55557a7dfd00
brk(0x55557a7e0000)                     = 0x55557a7e0000
mprotect(0x7fee551f4000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3executing program
)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557a7be650) = 296
./strace-static-x86_64: Process 296 attached
[pid   296] set_robust_list(0x55557a7be660, 24) = 0
[pid   296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   296] setpgid(0, 0)               = 0
[pid   296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   296] write(3, "1000", 4)         = 4
[pid   296] close(3)                    = 0
[pid   296] write(1, "executing program\n", 18) = 18
[pid   296] creat("./file0", 000)       = 3
[pid   296] pipe2([4, 5], 0)            = 0
[pid   296] write(5, "\x15\x00\x00\x00\x65\xff\xff\x04\x80\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x00\x00", 21) = 21
[pid   296] dup(5)                      = 6
[pid   296] write(6, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00", 24) = 24
[pid   296] write(6, "\x4c\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 311) = 311
[pid   296] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000004,wfdno=0x0000000000000006,cache=mmap,k") = 0
[pid   296] chmod("./file0", 0720)      = 0
[pid   296] creat("./file0", 000)       = -1 EIO (Input/output error)
[pid   296] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7
[pid   296] write(7, "4", 1)            = 1
[pid   296] pwritev2(-1, [{iov_base="\xa6\xaa", iov_len=2}], 1, 8, RWF_SYNC) = -1 EBADF (Bad file descriptor)
[pid   296] exit_group(0)               = ?
[pid   296] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=296, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[   27.680669][   T36] audit: type=1400 audit(1751644865.840:64): avc:  denied  { execmem } for  pid=295 comm="syz-executor177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   27.701496][   T36] audit: type=1400 audit(1751644865.850:65): avc:  denied  { mounton } for  pid=296 comm="syz-executor177" path="/root/file0" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=file permissive=1
executing program
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 298 attached
, child_tidptr=0x55557a7be650) = 298
[pid   298] set_robust_list(0x55557a7be660, 24) = 0
[pid   298] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   298] setpgid(0, 0)               = 0
[pid   298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   298] write(3, "1000", 4)         = 4
[pid   298] close(3)                    = 0
[pid   298] write(1, "executing program\n", 18) = 18
[pid   298] creat("./file0", 000)       = -1 EIO (Input/output error)
[pid   298] pipe2([3, 4], 0)            = 0
[pid   298] write(4, "\x15\x00\x00\x00\x65\xff\xff\x04\x80\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x00\x00", 21) = 21
[pid   298] dup(4)                      = 5
[pid   298] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00", 24) = 24
[pid   298] write(5, "\x4c\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 311) = 311
[pid   298] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,cache=mmap,k") = 0
[pid   298] chmod("./file0", 0720)      = 0
[pid   298] creat("./file0", 000)       = 6
[pid   298] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7
[pid   298] write(7, "4", 1)            = 1
[   27.724727][   T36] audit: type=1400 audit(1751644865.860:66): avc:  denied  { mount } for  pid=296 comm="syz-executor177" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[   27.747125][   T36] audit: type=1400 audit(1751644865.860:67): avc:  denied  { setattr } for  pid=296 comm="syz-executor177" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   27.755696][  T298] FAULT_INJECTION: forcing a failure.
[pid   298] pwritev2(6, [{iov_base="\xa6\xaa", iov_len=2}], 1, 8, RWF_SYNCexecuting program
) = -1 ENOMEM (Cannot allocate memory)
[pid   298] exit_group(0)               = ?
[pid   298] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=298, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 299 attached
, child_tidptr=0x55557a7be650) = 299
[pid   299] set_robust_list(0x55557a7be660, 24) = 0
[pid   299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   299] setpgid(0, 0)               = 0
[pid   299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "1000", 4)         = 4
[pid   299] close(3)                    = 0
[pid   299] write(1, "executing program\n", 18) = 18
[pid   299] creat("./file0", 000)       = -1 ENOENT (No such file or directory)
[pid   299] pipe2([3, 4], 0)            = 0
[pid   299] write(4, "\x15\x00\x00\x00\x65\xff\xff\x04\x80\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x00\x00", 21) = 21
[pid   299] dup(4)                      = 5
[pid   299] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00", 24) = 24
[pid   299] write(5, "\x4c\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 311) = 311
[pid   299] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,cache=mmap,k") = 0
[pid   299] chmod("./file0", 0720)      = 0
[pid   299] creat("./file0", 000)       = 6
[pid   299] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7
[pid   299] write(7, "4", 1)            = 1
[pid   299] pwritev2(6, [{iov_base="\xa6\xaa", iov_len=2}], 1, 8, RWF_SYNC) = -1 EFAULT (Bad address)
[pid   299] exit_group(0)               = ?
[pid   299] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=299, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[   27.755696][  T298] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   27.769338][   T36] audit: type=1400 audit(1751644865.860:68): avc:  denied  { write } for  pid=296 comm="syz-executor177" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   27.782333][  T298] CPU: 1 UID: 0 PID: 298 Comm: syz-executor177 Not tainted 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[   27.782374][  T298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   27.782399][  T298] Call Trace:
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55557a7be650) = 300
./strace-static-x86_64: Process 300 attached
[pid   300] set_robust_list(0x55557a7be660, 24) = 0
[pid   300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   300] setpgid(0, 0)               = 0
[pid   300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   300] write(3, "1000", 4)         = 4
[pid   300] close(3)                    = 0
[pid   300] write(1, "executing program\n", 18executing program
) = 18
[pid   300] creat("./file0", 000)       = -1 ENOENT (No such file or directory)
[pid   300] pipe2([3, 4], 0)            = 0
[pid   300] write(4, "\x15\x00\x00\x00\x65\xff\xff\x04\x80\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x00\x00", 21) = 21
[pid   300] dup(4)                      = 5
[pid   300] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00", 24) = 24
[pid   300] write(5, "\x4c\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 311) = 311
[pid   300] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,cache=mmap,k") = 0
[pid   300] chmod("./file0", 0720)      = 0
[pid   300] creat("./file0", 000)       = 6
[pid   300] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7
[pid   300] write(7, "4", 1)            = 1
[   27.782407][  T298]  <TASK>
[   27.782417][  T298]  __dump_stack+0x21/0x30
[   27.782462][  T298]  dump_stack_lvl+0x10c/0x190
[   27.782495][  T298]  ? __cfi_dump_stack_lvl+0x10/0x10
[   27.782525][  T298]  ? kasan_save_alloc_info+0x40/0x50
[   27.782554][  T298]  dump_stack+0x19/0x20
[   27.782581][  T298]  should_fail_ex+0x3d9/0x530
[   27.782611][  T298]  should_fail_alloc_page+0xeb/0x110
[   27.782651][  T298]  __alloc_pages_noprof+0x19d/0x6c0
[   27.782678][  T298]  ? __cfi___alloc_pages_noprof+0x10/0x10
[   27.782706][  T298]  ? filemap_get_entry+0x3fb/0x460
[   27.782730][  T298]  ? _raw_spin_unlock+0x45/0x60
[   27.782752][  T298]  __folio_alloc_noprof+0x14/0x80
[   27.782778][  T298]  __filemap_get_folio+0x461/0x7c0
[   27.782804][  T298]  netfs_perform_write+0x4a0/0x1e00
[   27.782835][  T298]  ? update_load_avg+0x506/0x19a0
[   27.782867][  T298]  ? __cfi_netfs_perform_write+0x10/0x10
[   27.782905][  T298]  ? __cfi_downgrade_write+0x10/0x10
[   27.782931][  T298]  ? down_write_killable+0xe9/0x2d0
[   27.782966][  T298]  ? file_update_time+0xa3/0x220
[   27.782993][  T298]  netfs_buffered_write_iter_locked+0xa3/0x1c0
[   27.783023][  T298]  ? netfs_file_write_iter+0x173/0x440
[   27.783053][  T298]  netfs_file_write_iter+0x189/0x440
[   27.783084][  T298]  v9fs_file_write_iter+0xac/0xe0
[   27.783109][  T298]  do_iter_readv_writev+0x4f5/0x6a0
[   27.783144][  T298]  ? vfs_iter_read+0x5f0/0x5f0
[   27.783176][  T298]  ? __switch_to_asm+0x3d/0x70
[   27.783209][  T298]  ? bpf_lsm_file_permission+0xd/0x20
[   27.783239][  T298]  vfs_writev+0x485/0xcf0
[   27.783261][  T298]  ? do_writev+0x2d0/0x2d0
[   27.783288][  T298]  ? __kasan_check_read+0x15/0x20
[   27.783319][  T298]  __se_sys_pwritev2+0x1ad/0x2b0
[   27.783352][  T298]  ? __x64_sys_pwritev2+0xf0/0xf0
[   27.783387][  T298]  ? __kasan_check_write+0x18/0x20
[   27.783417][  T298]  __x64_sys_pwritev2+0xc3/0xf0
[   27.783450][  T298]  x64_sys_call+0x2938/0x2ee0
[   27.783623][  T298]  do_syscall_64+0x58/0xf0
[   27.783667][  T298]  ? clear_bhb_loop+0x50/0xa0
[   27.783700][  T298]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   27.783730][  T298] RIP: 0033:0x7fee55188969
[   27.783782][  T298] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   27.783803][  T298] RSP: 002b:00007ffe33d1d7f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   27.783839][  T298] RAX: ffffffffffffffda RBX: 00007ffe33d1d820 RCX: 00007fee55188969
[   27.783858][  T298] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000006
[   27.783874][  T298] RBP: 0000000000000001 R08: 0000000000008000 R09: 0000000000000004
[   27.783891][  T298] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000100
[   27.783909][  T298] R13: 00007fee551ca081 R14: 0000000000000001 R15: 0000000000000001
[   27.783928][  T298]  </TASK>
[   27.797599][  T299] FAULT_INJECTION: forcing a failure.
[   27.797599][  T299] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   27.803424][   T36] audit: type=1400 audit(1751644865.860:69): avc:  denied  { open } for  pid=296 comm="syz-executor177" path="/root/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   27.816931][  T299] CPU: 1 UID: 0 PID: 299 Comm: syz-executor177 Not tainted 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[   27.816963][  T299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   27.816977][  T299] Call Trace:
[   27.816984][  T299]  <TASK>
[   27.816995][  T299]  __dump_stack+0x21/0x30
[   27.817031][  T299]  dump_stack_lvl+0x10c/0x190
[   27.817062][  T299]  ? __cfi_dump_stack_lvl+0x10/0x10
[   27.817090][  T299]  ? xas_nomem+0x71/0x2d0
[   27.817118][  T299]  dump_stack+0x19/0x20
[   27.817147][  T299]  should_fail_ex+0x3d9/0x530
[   27.817177][  T299]  should_fail+0xf/0x20
[   27.817204][  T299]  should_fail_usercopy+0x1e/0x30
[   27.817235][  T299]  copy_page_from_iter_atomic+0x346/0x1730
[   27.817277][  T299]  ? __cfi_copy_page_from_iter_atomic+0x10/0x10
[   27.817315][  T299]  ? zero_user_segment+0x267/0x2e0
[   27.817346][  T299]  netfs_perform_write+0x952/0x1e00
[   27.817382][  T299]  ? __cfi_netfs_perform_write+0x10/0x10
[   27.817421][  T299]  ? __cfi_downgrade_write+0x10/0x10
[   27.817465][  T299]  ? down_write_killable+0xe9/0x2d0
[   27.817508][  T299]  ? file_update_time+0xa3/0x220
[   27.817536][  T299]  netfs_buffered_write_iter_locked+0xa3/0x1c0
[   27.817568][  T299]  ? netfs_file_write_iter+0x173/0x440
[   27.817598][  T299]  netfs_file_write_iter+0x189/0x440
[   27.817628][  T299]  v9fs_file_write_iter+0xac/0xe0
[   27.817654][  T299]  do_iter_readv_writev+0x4f5/0x6a0
[   27.817689][  T299]  ? vfs_iter_read+0x5f0/0x5f0
[   27.817720][  T299]  ? __switch_to_asm+0x3d/0x70
[   27.817752][  T299]  ? bpf_lsm_file_permission+0xd/0x20
[   27.817783][  T299]  vfs_writev+0x485/0xcf0
[   27.817805][  T299]  ? do_writev+0x2d0/0x2d0
[   27.817832][  T299]  ? __kasan_check_read+0x15/0x20
[   27.817862][  T299]  __se_sys_pwritev2+0x1ad/0x2b0
[   27.817898][  T299]  ? __x64_sys_pwritev2+0xf0/0xf0
[   27.817933][  T299]  ? __kasan_check_write+0x18/0x20
[   27.817965][  T299]  __x64_sys_pwritev2+0xc3/0xf0
[   27.817998][  T299]  x64_sys_call+0x2938/0x2ee0
[   27.818031][  T299]  do_syscall_64+0x58/0xf0
[   27.818055][  T299]  ? clear_bhb_loop+0x50/0xa0
[   27.818084][  T299]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   27.818112][  T299] RIP: 0033:0x7fee55188969
[   27.818132][  T299] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   27.818152][  T299] RSP: 002b:00007ffe33d1d7f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   27.818179][  T299] RAX: ffffffffffffffda RBX: 00007ffe33d1d820 RCX: 00007fee55188969
[   27.818198][  T299] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000006
[   27.818214][  T299] RBP: 0000000000000001 R08: 0000000000008000 R09: 0000000000000004
[   27.818228][  T299] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000100
[   27.818245][  T299] R13: 00007fee551ca081 R14: 0000000000000001 R15: 0000000000000001
[   27.818265][  T299]  </TASK>
[   27.846780][  T300] FAULT_INJECTION: forcing a failure.
[   27.846780][  T300] name failslab, interval 1, probability 0, space 0, times 0
[   27.847751][   T36] audit: type=1400 audit(1751644865.920:70): avc:  denied  { mounton } for  pid=298 comm="syz-executor177" path="/root/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   27.852891][  T300] CPU: 1 UID: 0 PID: 300 Comm: syz-executor177 Not tainted 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[   27.852929][  T300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   27.852945][  T300] Call Trace:
[   27.852953][  T300]  <TASK>
[   27.852962][  T300]  __dump_stack+0x21/0x30
[   27.852999][  T300]  dump_stack_lvl+0x10c/0x190
[   27.853028][  T300]  ? __cfi_dump_stack_lvl+0x10/0x10
[   27.853069][  T300]  ? cgroup_rstat_updated+0x132/0x7f0
[   27.853098][  T300]  dump_stack+0x19/0x20
[   27.853125][  T300]  should_fail_ex+0x3d9/0x530
[   27.853156][  T300]  should_failslab+0xac/0x100
[   27.853191][  T300]  __kmalloc_cache_noprof+0x41/0x3c0
[   27.853223][  T300]  ? netfs_buffer_make_space+0x139/0x580
[   27.853253][  T300]  netfs_buffer_make_space+0x139/0x580
[   27.853282][  T300]  netfs_buffer_append_folio+0x69/0x330
[   27.853312][  T300]  netfs_write_folio+0x949/0x19b0
[   27.853346][  T300]  ? asm_common_interrupt+0x2b/0x40
[   27.853376][  T300]  netfs_end_writethrough+0x62/0x2f0
[   27.853411][  T300]  netfs_perform_write+0x1b2d/0x1e00
[   27.853446][  T300]  ? __cfi_netfs_perform_write+0x10/0x10
[   27.853491][  T300]  ? __cfi_downgrade_write+0x10/0x10
[   27.853518][  T300]  ? down_write_killable+0xe9/0x2d0
[   27.853551][  T300]  ? file_update_time+0xa3/0x220
[   27.853594][  T300]  netfs_buffered_write_iter_locked+0xa3/0x1c0
[   27.853626][  T300]  ? netfs_file_write_iter+0x173/0x440
[   27.853656][  T300]  netfs_file_write_iter+0x189/0x440
[   27.853687][  T300]  v9fs_file_write_iter+0xac/0xe0
[   27.853713][  T300]  do_iter_readv_writev+0x4f5/0x6a0
[   27.853747][  T300]  ? vfs_iter_read+0x5f0/0x5f0
[   27.853776][  T300]  ? __switch_to_asm+0x3d/0x70
[   27.853811][  T300]  ? bpf_lsm_file_permission+0xd/0x20
[   27.853840][  T300]  vfs_writev+0x485/0xcf0
[   27.853864][  T300]  ? do_writev+0x2d0/0x2d0
[   27.853891][  T300]  ? __kasan_check_read+0x15/0x20
[   27.853920][  T300]  __se_sys_pwritev2+0x1ad/0x2b0
[   27.853955][  T300]  ? __x64_sys_pwritev2+0xf0/0xf0
[   27.853990][  T300]  ? __kasan_check_write+0x18/0x20
[   27.854020][  T300]  __x64_sys_pwritev2+0xc3/0xf0
[   27.854055][  T300]  x64_sys_call+0x2938/0x2ee0
[   27.854086][  T300]  do_syscall_64+0x58/0xf0
[   27.854109][  T300]  ? clear_bhb_loop+0x50/0xa0
[   27.854138][  T300]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   27.854166][  T300] RIP: 0033:0x7fee55188969
[   27.854185][  T300] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   27.854205][  T300] RSP: 002b:00007ffe33d1d7f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   27.854230][  T300] RAX: ffffffffffffffda RBX: 00007ffe33d1d820 RCX: 00007fee55188969
[   27.854249][  T300] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000006
[   27.854266][  T300] RBP: 0000000000000001 R08: 0000000000008000 R09: 0000000000000004
[   27.854282][  T300] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000100
[   27.854299][  T300] R13: 00007fee551ca081 R14: 0000000000000001 R15: 0000000000000001
[   27.854320][  T300]  </TASK>
[   27.854630][  T300] ------------[ cut here ]------------
[   28.755154][  T300] WARNING: CPU: 1 PID: 300 at lib/iov_iter.c:255 _copy_from_iter+0x2b0/0x14b0
[   28.764134][  T300] Modules linked in:
[   28.768086][  T300] CPU: 1 UID: 0 PID: 300 Comm: syz-executor177 Not tainted 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[   28.781930][  T300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   28.792032][  T300] RIP: 0010:_copy_from_iter+0x2b0/0x14b0
[   28.797725][  T300] Code: 48 3b 84 24 00 01 00 00 0f 85 ef 04 00 00 4c 89 f8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 c0 f0 e2 fe <0f> 0b 45 31 ff 48 bb 00 00 00 00 00 fc ff df eb 94 e8 aa f0 e2 fe
[   28.817400][  T300] RSP: 0018:ffffc9000113ed00 EFLAGS: 00010293
[   28.823485][  T300] RAX: ffffffff82a2b270 RBX: ffff888108a8a53a RCX: ffff88811fb64c00
[   28.831503][  T300] RDX: 0000000000000000 RSI: 000000000000000a RDI: ffff888122126a17
[   28.839539][  T300] RBP: ffffc9000113ee50 R08: ffff88811fb64c00 R09: 0000000000000002
[   28.847589][  T300] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff11020776205
[   28.855608][  T300] R13: ffff888108a8a538 R14: 000000000000000a R15: dffffc0000000000
[   28.863611][  T300] FS:  000055557a7be380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[   28.872570][  T300] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   28.879197][  T300] CR2: 0000200000001000 CR3: 000000011f68c000 CR4: 00000000003526b0
[   28.887219][  T300] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   28.895203][  T300] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   28.903206][  T300] Call Trace:
[   28.906525][  T300]  <TASK>
[   28.909475][  T300]  ? p9pdu_writef+0xdb/0x130
[   28.914077][  T300]  ? __cfi__copy_from_iter+0x10/0x10
[   28.919410][  T300]  ? p9pdu_vwritef+0x2720/0x2720
[   28.924366][  T300]  ? radix_tree_node_alloc+0x1af/0x400
[   28.929860][  T300]  ? check_stack_object+0x82/0x140
[   28.935001][  T300]  ? __virt_addr_valid+0x2a6/0x380
[   28.940160][  T300]  ? __check_object_size+0x455/0x620
[   28.945542][  T300]  p9pdu_vwritef+0x1b2f/0x2720
[   28.950344][  T300]  ? p9pdu_writef+0xdb/0x130
[   28.954971][  T300]  ? __cfi_p9pdu_vwritef+0x10/0x10
[   28.960127][  T300]  ? p9pdu_vwritef+0x2720/0x2720
[   28.965090][  T300]  ? _raw_spin_lock_irq+0x8d/0x120
[   28.970235][  T300]  p9_client_prepare_req+0x6b6/0xa10
[   28.975581][  T300]  ? trace_raw_output_9p_fid_ref+0x190/0x190
[   28.981589][  T300]  ? kmem_cache_alloc_noprof+0x131/0x3a0
[   28.987280][  T300]  ? netfs_advance_write+0x36e/0xb10
[   28.992593][  T300]  ? netfs_write_folio+0xdb7/0x19b0
[   28.997837][  T300]  ? netfs_end_writethrough+0x62/0x2f0
[   29.003322][  T300]  ? netfs_perform_write+0x1b2d/0x1e00
[   29.008834][  T300]  ? netfs_buffered_write_iter_locked+0xa3/0x1c0
[   29.015188][  T300]  ? vfs_writev+0x485/0xcf0
[   29.019727][  T300]  ? __se_sys_pwritev2+0x1ad/0x2b0
[   29.024868][  T300]  ? __x64_sys_pwritev2+0xc3/0xf0
[   29.029943][  T300]  ? x64_sys_call+0x2938/0x2ee0
[   29.034819][  T300]  ? do_syscall_64+0x58/0xf0
[   29.039471][  T300]  p9_client_rpc+0x189/0xb40
[   29.044100][  T300]  ? p9_fid_create+0x3d0/0x3d0
[   29.048944][  T300]  ? kasan_save_alloc_info+0x40/0x50
[   29.054262][  T300]  ? __kasan_slab_alloc+0x73/0x90
[   29.059325][  T300]  p9_client_write+0x33b/0x790
[   29.064222][  T300]  ? mempool_alloc_slab+0x21/0x30
[   29.069353][  T300]  ? __cfi_mempool_alloc_slab+0x10/0x10
[   29.074970][  T300]  ? mempool_alloc_noprof+0x136/0x4a0
[   29.080398][  T300]  ? __cfi_p9_client_write+0x10/0x10
[   29.085755][  T300]  ? __kasan_check_write+0x18/0x20
[   29.090894][  T300]  ? _raw_spin_lock_bh+0x90/0x120
[   29.095953][  T300]  v9fs_issue_write+0xd8/0x150
[   29.100739][  T300]  ? __cfi_v9fs_issue_write+0x10/0x10
[   29.106175][  T300]  ? netfs_advance_write+0xdc/0xb10
[   29.111400][  T300]  netfs_issue_write+0x114/0x260
[   29.116380][  T300]  netfs_write_folio+0x10af/0x19b0
[   29.121525][  T300]  netfs_end_writethrough+0x62/0x2f0
[   29.126946][  T300]  netfs_perform_write+0x1b2d/0x1e00
[   29.132257][  T300]  ? __cfi_netfs_perform_write+0x10/0x10
[   29.137935][  T300]  ? __cfi_downgrade_write+0x10/0x10
[   29.143245][  T300]  ? down_write_killable+0xe9/0x2d0
[   29.148484][  T300]  ? file_update_time+0xa3/0x220
[   29.153441][  T300]  netfs_buffered_write_iter_locked+0xa3/0x1c0
[   29.159629][  T300]  ? netfs_file_write_iter+0x173/0x440
[   29.165123][  T300]  netfs_file_write_iter+0x189/0x440
[   29.170443][  T300]  v9fs_file_write_iter+0xac/0xe0
[   29.175504][  T300]  do_iter_readv_writev+0x4f5/0x6a0
[   29.180720][  T300]  ? vfs_iter_read+0x5f0/0x5f0
[   29.185522][  T300]  ? __switch_to_asm+0x3d/0x70
[   29.190315][  T300]  ? bpf_lsm_file_permission+0xd/0x20
[   29.195767][  T300]  vfs_writev+0x485/0xcf0
[   29.200112][  T300]  ? do_writev+0x2d0/0x2d0
[   29.204528][  T300]  ? __kasan_check_read+0x15/0x20
[   29.209584][  T300]  __se_sys_pwritev2+0x1ad/0x2b0
[   29.214548][  T300]  ? __x64_sys_pwritev2+0xf0/0xf0
[   29.219606][  T300]  ? __kasan_check_write+0x18/0x20
[   29.224745][  T300]  __x64_sys_pwritev2+0xc3/0xf0
[   29.229628][  T300]  x64_sys_call+0x2938/0x2ee0
[   29.234334][  T300]  do_syscall_64+0x58/0xf0
[   29.238785][  T300]  ? clear_bhb_loop+0x50/0xa0
[   29.243486][  T300]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   29.249418][  T300] RIP: 0033:0x7fee55188969
[   29.253849][  T300] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   29.273478][  T300] RSP: 002b:00007ffe33d1d7f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   29.281941][  T300] RAX: ffffffffffffffda RBX: 00007ffe33d1d820 RCX: 00007fee55188969
[   29.289947][  T300] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000006
[   29.297959][  T300] RBP: 0000000000000001 R08: 0000000000008000 R09: 0000000000000004
[   29.305988][  T300] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000100
[   29.313977][  T300] R13: 00007fee551ca081 R14: 0000000000000001 R15: 0000000000000001
[   29.321991][  T300]  </TASK>
[   29.325019][  T300] ---[ end trace 0000000000000000 ]---
[   29.330685][   T13] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI
[   29.343281][   T13] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[   29.351689][   T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Tainted: G        W          6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[   29.366616][   T13] Tainted: [W]=WARN
[   29.370410][   T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   29.380465][   T13] Workqueue: events_unbound netfs_write_collection_worker
[   29.387580][   T13] RIP: 0010:netfs_write_collection_worker+0x138b/0x49b0
[   29.394522][   T13] Code: 1e 0f 87 80 04 00 00 e8 f3 b6 75 ff 48 89 5c 24 48 4c 89 b4 24 b0 00 00 00 4b 8d 5c f7 08 48 89 d8 48 c1 e8 03 48 89 44 24 40 <42> 80 3c 28 00 74 08 48 89 df e8 e6 ae cb ff 48 89 9c 24 a8 00 00
[   29.414120][   T13] RSP: 0018:ffffc900000d79e0 EFLAGS: 00010202
[   29.420185][   T13] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888103651300
[   29.428146][   T13] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000001f
[   29.436107][   T13] RBP: ffffc900000d7c98 R08: ffff888103f6bb53 R09: 1ffff110207ed76a
[   29.444072][   T13] R10: dffffc0000000000 R11: ffffed10207ed76b R12: 0000000000000000
[   29.452036][   T13] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[   29.460003][   T13] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   29.468922][   T13] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   29.475496][   T13] CR2: 00005632f8e91848 CR3: 000000010b3b2000 CR4: 00000000003526b0
[   29.483463][   T13] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   29.491424][   T13] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   29.499385][   T13] Call Trace:
[   29.502667][   T13]  <TASK>
[   29.505599][   T13]  ? __cfi_netfs_write_collection_worker+0x10/0x10
[   29.512104][   T13]  ? __switch_to_asm+0x3d/0x70
[   29.516873][   T13]  ? __schedule+0x1463/0x1f10
[   29.521549][   T13]  ? kick_pool+0xb9/0x550
[   29.525871][   T13]  process_scheduled_works+0x7d5/0x1020
[   29.531426][   T13]  worker_thread+0xc58/0x1250
[   29.536105][   T13]  ? schedule+0xc6/0x240
[   29.540350][   T13]  kthread+0x2c7/0x370
[   29.544421][   T13]  ? __cfi_worker_thread+0x10/0x10
[   29.549535][   T13]  ? __cfi_kthread+0x10/0x10
[   29.554128][   T13]  ret_from_fork+0x64/0xa0
[   29.558538][   T13]  ? __cfi_kthread+0x10/0x10
[   29.563133][   T13]  ret_from_fork_asm+0x1a/0x30
[   29.568594][   T13]  </TASK>
[   29.571604][   T13] Modules linked in:
[   29.575601][   T13] ---[ end trace 0000000000000000 ]---
[   29.579033][   T36] audit: type=1400 audit(1751644867.740:71): avc:  denied  { read } for  pid=90 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   29.581138][   T13] RIP: 0010:netfs_write_collection_worker+0x138b/0x49b0
[   29.602938][   T36] audit: type=1400 audit(1751644867.740:72): avc:  denied  { search } for  pid=90 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   29.609702][   T13] Code: 1e 0f 87 80 04 00 00 e8 f3 b6 75 ff 48 89 5c 24 48 4c 89 b4 24 b0 00 00 00 4b 8d 5c f7 08 48 89 d8 48 c1 e8 03 48 89 44 24 40 <42> 80 3c 28 00 74 08 48 89 df e8 e6 ae cb ff 48 89 9c 24 a8 00 00
[   29.631064][   T36] audit: type=1400 audit(1751644867.740:73): avc:  denied  { write } for  pid=90 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   29.650635][   T13] RSP: 0018:ffffc900000d79e0 EFLAGS: 00010202
[   29.677792][   T13] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888103651300
[   29.685814][   T13] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000001f
[   29.693804][   T13] RBP: ffffc900000d7c98 R08: ffff888103f6bb53 R09: 1ffff110207ed76a
[   29.701814][   T13] R10: dffffc0000000000 R11: ffffed10207ed76b R12: 0000000000000000
[   29.709833][   T13] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[   29.717873][   T13] FS:  0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   29.726873][   T13] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   29.733463][   T13] CR2: 00005632f8e91848 CR3: 000000012143a000 CR4: 00000000003526b0
[   29.741568][   T13] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   29.749595][   T13] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   29.757608][   T13] Kernel panic - not syncing: Fatal exception
[   29.763943][   T13] Kernel Offset: disabled
[   29.768270][   T13] Rebooting in 86400 seconds..