./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1957807964
<...>
Warning: Permanently added '10.128.1.7' (ED25519) to the list of known hosts.
execve("./syz-executor1957807964", ["./syz-executor1957807964"], 0x7ffeec7090a0 /* 10 vars */) = 0
brk(NULL) = 0x55558d981000
brk(0x55558d981d00) = 0x55558d981d00
arch_prctl(ARCH_SET_FS, 0x55558d981380) = 0
set_tid_address(0x55558d981650) = 296
set_robust_list(0x55558d981660, 24) = 0
rseq(0x55558d981ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1957807964", 4096) = 28
getrandom("\x65\x2f\xc5\x43\xd9\x5b\x11\x62", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55558d981d00
brk(0x55558d9a2d00) = 0x55558d9a2d00
brk(0x55558d9a3000) = 0x55558d9a3000
mprotect(0x7f4aef972000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3) = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558d981650) = 297
./strace-static-x86_64: Process 297 attached
[pid 297] set_robust_list(0x55558d981660, 24) = 0
[pid 297] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 297] setpgid(0, 0) = 0
[pid 297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
executing program
[pid 297] write(3, "1000", 4) = 4
[pid 297] close(3) = 0
[pid 297] write(1, "executing program\n", 18) = 18
[pid 297] creat("./file0", 000) = 3
[pid 297] pipe2([4, 5], 0) = 0
[pid 297] write(5, "\x15\x00\x00\x00\x65\xff\xff\x04\x80\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x00\x00", 21) = 21
[pid 297] dup(5) = 6
[pid 297] write(6, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00", 24) = 24
[pid 297] write(6, "\x4c\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 311) = 311
[pid 297] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000004,wfdno=0x0000000000000006,cache=mmap,k") = -1 EIO (Input/output error)
[pid 297] chmod("./file0", 0720) = 0
[pid 297] creat("./file0", 000) = 7
[pid 297] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 8
[pid 297] write(8, "4", 1) = 1
[ 23.577341][ T36] audit: type=1400 audit(1751647010.300:64): avc: denied { execmem } for pid=296 comm="syz-executor195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 23.596820][ T36] audit: type=1400 audit(1751647010.320:65): avc: denied { mounton } for pid=297 comm="syz-executor195" path="/root/file0" dev="sda1" ino=2024 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=file permissive=1
[ 23.602208][ T297] FAULT_INJECTION: forcing a failure.
[ 23.602208][ T297] name failslab, interval 1, probability 0, space 0, times 1
[ 23.632351][ T297] CPU: 0 UID: 0 PID: 297 Comm: syz-executor195 Not tainted 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[ 23.632382][ T297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 23.632402][ T297] Call Trace:
[ 23.632408][ T297]
[ 23.632416][ T297] __dump_stack+0x21/0x30
[ 23.632452][ T297] dump_stack_lvl+0x10c/0x190
[ 23.632476][ T297] ? __cfi_dump_stack_lvl+0x10/0x10
[ 23.632497][ T297] ? stack_depot_save_flags+0x399/0x800
[ 23.632522][ T297] ? _raw_spin_unlock_irqrestore+0x4a/0x70
[ 23.632542][ T297] dump_stack+0x19/0x20
[ 23.632564][ T297] should_fail_ex+0x3d9/0x530
[ 23.632588][ T297] should_failslab+0xac/0x100
[ 23.632617][ T297] kmem_cache_alloc_noprof+0x42/0x3a0
[ 23.632640][ T297] ? __es_insert_extent+0x73a/0x1810
[ 23.632666][ T297] __es_insert_extent+0x73a/0x1810
[ 23.632689][ T297] ? _raw_write_lock+0x8c/0xe0
[ 23.632707][ T297] ? __cfi__raw_write_lock+0x10/0x10
[ 23.632726][ T297] ext4_es_insert_extent+0x580/0x2660
[ 23.632753][ T297] ? __cfi_ext4_es_insert_extent+0x10/0x10
[ 23.632790][ T297] ? __kasan_check_write+0x18/0x20
[ 23.632812][ T297] ? _raw_read_unlock+0x16/0x40
[ 23.632830][ T297] ? ext4_es_find_extent_range+0xeb/0x310
[ 23.632853][ T297] ? __cfi_ext4_es_is_delayed+0x10/0x10
[ 23.632876][ T297] ext4_ext_map_blocks+0x1f1e/0x6270
[ 23.632900][ T297] ? post_alloc_hook+0x3b9/0x3f0
[ 23.632918][ T297] ? kasan_save_track+0x4f/0x80
[ 23.632942][ T297] ? kasan_save_track+0x3e/0x80
[ 23.632966][ T297] ? kasan_save_alloc_info+0x40/0x50
[ 23.632984][ T297] ? __kasan_slab_alloc+0x73/0x90
[ 23.633008][ T297] ? kmem_cache_alloc_noprof+0x131/0x3a0
[ 23.633030][ T297] ? alloc_buffer_head+0x37/0x330
[ 23.633056][ T297] ? folio_alloc_buffers+0x21d/0x4d0
[ 23.633081][ T297] ? create_empty_buffers+0x33/0x3b0
[ 23.633108][ T297] ? ext4_block_write_begin+0x23a/0x1160
[ 23.633130][ T297] ? ext4_da_write_begin+0x53a/0x8a0
[ 23.633174][ T297] ? generic_perform_write+0x330/0x960
[ 23.633198][ T297] ? vfs_writev+0x485/0xcf0
[ 23.633214][ T297] ? __se_sys_pwritev2+0x1ad/0x2b0
[ 23.633241][ T297] ? __x64_sys_pwritev2+0xc3/0xf0
[ 23.633289][ T297] ? __cfi_ext4_ext_map_blocks+0x10/0x10
[ 23.633311][ T297] ? __kasan_check_write+0x18/0x20
[ 23.633334][ T297] ? rwsem_read_trylock+0x2b1/0x660
[ 23.633358][ T297] ? down_read+0x79/0xe0
[ 23.633384][ T297] ext4_map_query_blocks+0x9c/0x2d0
[ 23.633407][ T297] ext4_da_get_block_prep+0x40e/0x12c0
[ 23.633432][ T297] ? kmem_cache_alloc_noprof+0x154/0x3a0
[ 23.633456][ T297] ? alloc_buffer_head+0x37/0x330
[ 23.633483][ T297] ? __cfi_ext4_da_get_block_prep+0x10/0x10
[ 23.633508][ T297] ? __cfi__raw_spin_lock+0x10/0x10
[ 23.633527][ T297] ? _raw_spin_unlock+0x45/0x60
[ 23.633546][ T297] ext4_block_write_begin+0x4e5/0x1160
[ 23.633569][ T297] ? __cfi_workingset_update_node+0x10/0x10
[ 23.633602][ T297] ? __cfi_ext4_da_get_block_prep+0x10/0x10
[ 23.633626][ T297] ? __cfi_ext4_block_write_begin+0x10/0x10
[ 23.633649][ T297] ? __filemap_get_folio+0x721/0x7c0
[ 23.633671][ T297] ext4_da_write_begin+0x53a/0x8a0
[ 23.633702][ T297] ? __cfi_ext4_da_write_begin+0x10/0x10
[ 23.633733][ T297] generic_perform_write+0x330/0x960
[ 23.633757][ T297] ? inode_needs_update_time+0x3ea/0x510
[ 23.633781][ T297] ? __cfi_generic_perform_write+0x10/0x10
[ 23.633803][ T297] ? down_write+0xe9/0x2a0
[ 23.633829][ T297] ? file_modified_flags+0x14d/0x2e0
[ 23.633851][ T297] ext4_buffered_write_iter+0x358/0x630
[ 23.633880][ T297] ext4_file_write_iter+0x195/0x1570
[ 23.633907][ T297] ? __cfi___update_load_avg_cfs_rq+0x10/0x10
[ 23.633930][ T297] ? kvm_sched_clock_read+0x15/0x30
[ 23.633957][ T297] ? save_fpregs_to_fpstate+0x196/0x230
[ 23.633989][ T297] ? __kasan_check_write+0x18/0x20
[ 23.634012][ T297] ? __switch_to+0xc7b/0x1310
[ 23.634035][ T297] ? psi_group_change+0xb44/0x1130
[ 23.634056][ T297] ? __cfi_ext4_file_write_iter+0x10/0x10
[ 23.634083][ T297] ? avc_policy_seqno+0xd/0x30
[ 23.634104][ T297] ? selinux_file_permission+0x309/0xb30
[ 23.634134][ T297] do_iter_readv_writev+0x4f5/0x6a0
[ 23.634162][ T297] ? vfs_iter_read+0x5f0/0x5f0
[ 23.634187][ T297] ? __switch_to_asm+0x3d/0x70
[ 23.634214][ T297] ? bpf_lsm_file_permission+0xd/0x20
[ 23.634237][ T297] vfs_writev+0x485/0xcf0
[ 23.634267][ T297] ? do_writev+0x2d0/0x2d0
[ 23.634289][ T297] ? __kasan_check_read+0x15/0x20
[ 23.634312][ T297] __se_sys_pwritev2+0x1ad/0x2b0
[ 23.634341][ T297] ? __x64_sys_pwritev2+0xf0/0xf0
[ 23.634368][ T297] ? __kasan_check_write+0x18/0x20
[ 23.634393][ T297] __x64_sys_pwritev2+0xc3/0xf0
[ 23.634420][ T297] x64_sys_call+0x2938/0x2ee0
[ 23.634446][ T297] do_syscall_64+0x58/0xf0
[ 23.634464][ T297] ? clear_bhb_loop+0x50/0xa0
[ 23.634488][ T297] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 23.634511][ T297] RIP: 0033:0x7f4aef906969
[ 23.634533][ T297] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[pid 297] pwritev2(7, [{iov_base="\xa6\xaa", iov_len=2}], 1, 8, RWF_SYNC) = 2
[pid 297] exit_group(0) = ?
[ 23.634550][ T297] RSP: 002b:00007fff69b18a98 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[ 23.634575][ T297] RAX: ffffffffffffffda RBX: 00007fff69b18ac0 RCX: 00007f4aef906969
[ 23.634591][ T297] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000007
[ 23.634604][ T297] RBP: 0000000000000001 R08: 0000000000008000 R09: 0000000000000004
[ 23.634616][ T297] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000100
[ 23.634629][ T297] R13: 00007f4aef948081 R14: 0000000000000001 R15: 0000000000000001
[ 23.634644][ T297]
[pid 297] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=297, si_uid=0, si_status=0, si_utime=0, si_stime=2} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 299 attached
, child_tidptr=0x55558d981650) = 299
[pid 299] set_robust_list(0x55558d981660, 24) = 0
[pid 299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 299] setpgid(0, 0) = 0
[pid 299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 299] write(3, "1000", 4) = 4
[pid 299] close(3) = 0
[pid 299] write(1, "executing program\n", 18executing program
) = 18
[pid 299] creat("./file0", 000) = 3
[pid 299] pipe2([4, 5], 0) = 0
[pid 299] write(5, "\x15\x00\x00\x00\x65\xff\xff\x04\x80\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x00\x00", 21) = 21
[pid 299] dup(5) = 6
[pid 299] write(6, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00", 24) = 24
[pid 299] write(6, "\x4c\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 311) = 311
[pid 299] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000004,wfdno=0x0000000000000006,cache=mmap,k") = 0
[pid 299] chmod("./file0", 0720) = 0
[pid 299] creat("./file0", 000) = 7
[pid 299] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 8
[pid 299] write(8, "4", 1) = 1
[ 24.229313][ T36] audit: type=1400 audit(1751647010.950:66): avc: denied { mount } for pid=299 comm="syz-executor195" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 24.252126][ T36] audit: type=1400 audit(1751647010.990:67): avc: denied { setattr } for pid=299 comm="syz-executor195" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 24.254441][ T299] FAULT_INJECTION: forcing a failure.
[pid 299] pwritev2(7, [{iov_base="\xa6\xaa", iov_len=2}], 1, 8, RWF_SYNC) = -1 EFAULT (Bad address)
[pid 299] exit_group(0) = ?
[pid 299] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=299, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 300 attached
, child_tidptr=0x55558d981650) = 300
[pid 300] set_robust_list(0x55558d981660, 24) = 0
[pid 300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 300] setpgid(0, 0) = 0
[pid 300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program
) = 3
[pid 300] write(3, "1000", 4) = 4
[pid 300] close(3) = 0
[pid 300] write(1, "executing program\n", 18) = 18
[pid 300] creat("./file0", 000) = -1 ENOENT (No such file or directory)
[pid 300] pipe2([3, 4], 0) = 0
[pid 300] write(4, "\x15\x00\x00\x00\x65\xff\xff\x04\x80\x00\x00\x08\x00\x39\x50\x32\x30\x30\x30\x00\x00", 21) = 21
[pid 300] dup(4) = 5
[pid 300] write(5, "\x18\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00", 24) = 24
[pid 300] write(5, "\x4c\x01\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 311) = 311
[pid 300] mount(NULL, "./file0", "9p", 0, "trans=fd,rfdno=0x0000000000000003,wfdno=0x0000000000000005,cache=mmap,k") = 0
[pid 300] chmod("./file0", 0720) = 0
[pid 300] creat("./file0", 000) = 6
[pid 300] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7
[pid 300] write(7, "4", 1) = 1
[ 24.254441][ T299] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 24.274290][ T36] audit: type=1400 audit(1751647010.990:68): avc: denied { write } for pid=299 comm="syz-executor195" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 24.287144][ T299] CPU: 1 UID: 0 PID: 299 Comm: syz-executor195 Not tainted 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[ 24.287175][ T299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 24.287188][ T299] Call Trace:
[ 24.287194][ T299]
[ 24.287203][ T299] __dump_stack+0x21/0x30
[ 24.287233][ T299] dump_stack_lvl+0x10c/0x190
[ 24.287263][ T299] ? __cfi_dump_stack_lvl+0x10/0x10
[ 24.287292][ T299] ? __cfi_lru_add+0x10/0x10
[ 24.287322][ T299] ? lru_add_drain_cpu+0x430/0x430
[ 24.287348][ T299] dump_stack+0x19/0x20
[ 24.287393][ T299] should_fail_ex+0x3d9/0x530
[ 24.287425][ T299] should_fail+0xf/0x20
[ 24.287451][ T299] should_fail_usercopy+0x1e/0x30
[ 24.287483][ T299] copy_page_from_iter_atomic+0x346/0x1730
[ 24.287532][ T299] ? __cfi_copy_page_from_iter_atomic+0x10/0x10
[ 24.287571][ T299] ? zero_user_segment+0x267/0x2e0
[ 24.287603][ T299] netfs_perform_write+0x952/0x1e00
[ 24.287639][ T299] ? __cfi_netfs_perform_write+0x10/0x10
[ 24.287676][ T299] ? __cfi_downgrade_write+0x10/0x10
[ 24.287703][ T299] ? down_write_killable+0xe9/0x2d0
[ 24.287739][ T299] ? file_update_time+0xa3/0x220
[ 24.287766][ T299] netfs_buffered_write_iter_locked+0xa3/0x1c0
[ 24.287799][ T299] ? netfs_file_write_iter+0x173/0x440
[ 24.287828][ T299] netfs_file_write_iter+0x189/0x440
[ 24.287859][ T299] v9fs_file_write_iter+0xac/0xe0
[ 24.287885][ T299] do_iter_readv_writev+0x4f5/0x6a0
[ 24.287919][ T299] ? vfs_iter_read+0x5f0/0x5f0
[ 24.287952][ T299] ? __switch_to_asm+0x3d/0x70
[ 24.287986][ T299] ? bpf_lsm_file_permission+0xd/0x20
[ 24.288015][ T299] vfs_writev+0x485/0xcf0
[ 24.288038][ T299] ? do_writev+0x2d0/0x2d0
[ 24.288065][ T299] ? __kasan_check_read+0x15/0x20
[ 24.288096][ T299] __se_sys_pwritev2+0x1ad/0x2b0
[ 24.288131][ T299] ? __x64_sys_pwritev2+0xf0/0xf0
[ 24.288166][ T299] ? __kasan_check_write+0x18/0x20
[ 24.288196][ T299] __x64_sys_pwritev2+0xc3/0xf0
[ 24.288231][ T299] x64_sys_call+0x2938/0x2ee0
[ 24.288263][ T299] do_syscall_64+0x58/0xf0
[ 24.288285][ T299] ? clear_bhb_loop+0x50/0xa0
[ 24.288315][ T299] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 24.288344][ T299] RIP: 0033:0x7f4aef906969
[ 24.288364][ T299] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 24.288386][ T299] RSP: 002b:00007fff69b18a98 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[ 24.288413][ T299] RAX: ffffffffffffffda RBX: 00007fff69b18ac0 RCX: 00007f4aef906969
[ 24.288432][ T299] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000007
[ 24.288448][ T299] RBP: 0000000000000001 R08: 0000000000008000 R09: 0000000000000004
[ 24.288463][ T299] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000100
[ 24.288479][ T299] R13: 00007f4aef948081 R14: 0000000000000001 R15: 0000000000000001
[ 24.288506][ T299]
[ 24.310548][ T300] FAULT_INJECTION: forcing a failure.
[ 24.310548][ T300] name failslab, interval 1, probability 0, space 0, times 0
[ 24.322559][ T36] audit: type=1400 audit(1751647010.990:69): avc: denied { open } for pid=299 comm="syz-executor195" path="/root/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 24.332617][ T300] CPU: 1 UID: 0 PID: 300 Comm: syz-executor195 Not tainted 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[ 24.332663][ T300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 24.332678][ T300] Call Trace:
[ 24.332685][ T300]
[ 24.332694][ T300] __dump_stack+0x21/0x30
[ 24.332725][ T300] dump_stack_lvl+0x10c/0x190
[ 24.332751][ T300] ? __cfi_dump_stack_lvl+0x10/0x10
[ 24.332778][ T300] ? cgroup_rstat_updated+0x132/0x7f0
[ 24.332807][ T300] dump_stack+0x19/0x20
[ 24.332831][ T300] should_fail_ex+0x3d9/0x530
[ 24.332858][ T300] should_failslab+0xac/0x100
[ 24.332891][ T300] __kmalloc_cache_noprof+0x41/0x3c0
[ 24.332920][ T300] ? netfs_buffer_make_space+0x139/0x580
[ 24.332950][ T300] netfs_buffer_make_space+0x139/0x580
[ 24.332977][ T300] netfs_buffer_append_folio+0x69/0x330
[ 24.333005][ T300] netfs_write_folio+0x949/0x19b0
[ 24.333035][ T300] ? irqentry_exit+0x4a/0x60
[ 24.333066][ T300] ? sysvec_apic_timer_interrupt+0x50/0x90
[ 24.333098][ T300] netfs_end_writethrough+0x62/0x2f0
[ 24.333130][ T300] netfs_perform_write+0x1b2d/0x1e00
[ 24.333162][ T300] ? __cfi_netfs_perform_write+0x10/0x10
[ 24.333196][ T300] ? __cfi_downgrade_write+0x10/0x10
[ 24.333220][ T300] ? down_write_killable+0xe9/0x2d0
[ 24.333252][ T300] ? file_update_time+0xa3/0x220
[ 24.333276][ T300] netfs_buffered_write_iter_locked+0xa3/0x1c0
[ 24.333304][ T300] ? netfs_file_write_iter+0x173/0x440
[ 24.333332][ T300] netfs_file_write_iter+0x189/0x440
[ 24.333377][ T300] v9fs_file_write_iter+0xac/0xe0
[ 24.333402][ T300] do_iter_readv_writev+0x4f5/0x6a0
[ 24.333436][ T300] ? vfs_iter_read+0x5f0/0x5f0
[ 24.333466][ T300] ? __switch_to_asm+0x3d/0x70
[ 24.333506][ T300] ? bpf_lsm_file_permission+0xd/0x20
[ 24.333534][ T300] vfs_writev+0x485/0xcf0
[ 24.333557][ T300] ? do_writev+0x2d0/0x2d0
[ 24.333593][ T300] ? __kasan_check_read+0x15/0x20
[ 24.333619][ T300] __se_sys_pwritev2+0x1ad/0x2b0
[ 24.333651][ T300] ? __x64_sys_pwritev2+0xf0/0xf0
[ 24.333683][ T300] ? __kasan_check_write+0x18/0x20
[ 24.333710][ T300] __x64_sys_pwritev2+0xc3/0xf0
[ 24.333741][ T300] x64_sys_call+0x2938/0x2ee0
[ 24.333771][ T300] do_syscall_64+0x58/0xf0
[ 24.333790][ T300] ? clear_bhb_loop+0x50/0xa0
[ 24.333817][ T300] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 24.333843][ T300] RIP: 0033:0x7f4aef906969
[ 24.333861][ T300] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 24.333881][ T300] RSP: 002b:00007fff69b18a98 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[ 24.333907][ T300] RAX: ffffffffffffffda RBX: 00007fff69b18ac0 RCX: 00007f4aef906969
[ 24.333925][ T300] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000006
[ 24.333942][ T300] RBP: 0000000000000001 R08: 0000000000008000 R09: 0000000000000004
[ 24.333954][ T300] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000100
[ 24.333969][ T300] R13: 00007f4aef948081 R14: 0000000000000001 R15: 0000000000000001
[ 24.333988][ T300]
[ 24.334235][ T300] ------------[ cut here ]------------
[ 24.335668][ T36] audit: type=1400 audit(1751647011.030:70): avc: denied { mounton } for pid=300 comm="syz-executor195" path="/root/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 24.338621][ T300] WARNING: CPU: 1 PID: 300 at lib/iov_iter.c:255 _copy_from_iter+0x2b0/0x14b0
[ 24.971015][ T300] Modules linked in:
[ 24.974901][ T300] CPU: 1 UID: 0 PID: 300 Comm: syz-executor195 Not tainted 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[ 24.988800][ T300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 24.998876][ T300] RIP: 0010:_copy_from_iter+0x2b0/0x14b0
[ 25.004538][ T300] Code: 48 3b 84 24 00 01 00 00 0f 85 ef 04 00 00 4c 89 f8 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 c0 f0 e2 fe <0f> 0b 45 31 ff 48 bb 00 00 00 00 00 fc ff df eb 94 e8 aa f0 e2 fe
[ 25.024199][ T300] RSP: 0018:ffffc9000125ed00 EFLAGS: 00010293
[ 25.030281][ T300] RAX: ffffffff82a2b270 RBX: ffff88810a277b3a RCX: ffff88812e1c1300
[ 25.038284][ T300] RDX: 0000000000000000 RSI: 000000000000000a RDI: ffff888104aa2e17
[ 25.046272][ T300] RBP: ffffc9000125ee50 R08: ffff88812e1c1300 R09: 0000000000000002
[ 25.054372][ T300] R10: 0000000000000001 R11: 0000000000000000 R12: 1ffff11020663f49
[ 25.062382][ T300] R13: ffff88810a277b38 R14: 000000000000000a R15: dffffc0000000000
[ 25.070383][ T300] FS: 000055558d981380(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 25.079311][ T300] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 25.085934][ T300] CR2: 0000200000001000 CR3: 000000011fe60000 CR4: 00000000003526b0
[ 25.093967][ T300] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 25.101966][ T300] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 25.109972][ T300] Call Trace:
[ 25.113289][ T300]
[ 25.116212][ T300] ? p9pdu_writef+0xdb/0x130
[ 25.120818][ T300] ? __cfi__copy_from_iter+0x10/0x10
[ 25.126127][ T300] ? p9pdu_vwritef+0x2720/0x2720
[ 25.131107][ T300] ? radix_tree_node_alloc+0x1af/0x400
[ 25.136594][ T300] ? check_stack_object+0x82/0x140
[ 25.141740][ T300] ? __virt_addr_valid+0x2a6/0x380
[ 25.146880][ T300] ? __check_object_size+0x455/0x620
[ 25.152190][ T300] p9pdu_vwritef+0x1b2f/0x2720
[ 25.156969][ T300] ? p9pdu_writef+0xdb/0x130
[ 25.161583][ T300] ? __cfi_p9pdu_vwritef+0x10/0x10
[ 25.166694][ T300] ? p9pdu_vwritef+0x2720/0x2720
[ 25.171638][ T300] ? _raw_spin_lock_irq+0x8d/0x120
[ 25.176756][ T300] p9_client_prepare_req+0x6b6/0xa10
[ 25.182065][ T300] ? trace_raw_output_9p_fid_ref+0x190/0x190
[ 25.188060][ T300] ? kmem_cache_alloc_noprof+0x131/0x3a0
[ 25.193717][ T300] ? netfs_advance_write+0x36e/0xb10
[ 25.199012][ T300] ? netfs_write_folio+0xdb7/0x19b0
[ 25.204226][ T300] ? netfs_end_writethrough+0x62/0x2f0
[ 25.209703][ T300] ? netfs_perform_write+0x1b2d/0x1e00
[ 25.215177][ T300] ? netfs_buffered_write_iter_locked+0xa3/0x1c0
[ 25.221533][ T300] ? vfs_writev+0x485/0xcf0
[ 25.226041][ T300] ? __se_sys_pwritev2+0x1ad/0x2b0
[ 25.231190][ T300] ? __x64_sys_pwritev2+0xc3/0xf0
[ 25.236231][ T300] ? x64_sys_call+0x2938/0x2ee0
[ 25.241101][ T300] ? do_syscall_64+0x58/0xf0
[ 25.245709][ T300] p9_client_rpc+0x189/0xb40
[ 25.250324][ T300] ? p9_fid_create+0x3d0/0x3d0
[ 25.255120][ T300] ? kasan_save_alloc_info+0x40/0x50
[ 25.260427][ T300] ? __kasan_slab_alloc+0x73/0x90
[ 25.265466][ T300] p9_client_write+0x33b/0x790
[ 25.270251][ T300] ? mempool_alloc_slab+0x21/0x30
[ 25.275314][ T300] ? __cfi_mempool_alloc_slab+0x10/0x10
[ 25.280882][ T300] ? mempool_alloc_noprof+0x136/0x4a0
[ 25.286274][ T300] ? __cfi_p9_client_write+0x10/0x10
[ 25.291585][ T300] ? __kasan_check_write+0x18/0x20
[ 25.296705][ T300] ? _raw_spin_lock_bh+0x90/0x120
[ 25.301740][ T300] v9fs_issue_write+0xd8/0x150
[ 25.306511][ T300] ? __cfi_v9fs_issue_write+0x10/0x10
[ 25.311914][ T300] ? netfs_advance_write+0xdc/0xb10
[ 25.317152][ T300] netfs_issue_write+0x114/0x260
[ 25.322124][ T300] netfs_write_folio+0x10af/0x19b0
[ 25.327261][ T300] netfs_end_writethrough+0x62/0x2f0
[ 25.332565][ T300] netfs_perform_write+0x1b2d/0x1e00
[ 25.337880][ T300] ? __cfi_netfs_perform_write+0x10/0x10
[ 25.343538][ T300] ? __cfi_downgrade_write+0x10/0x10
[ 25.348849][ T300] ? down_write_killable+0xe9/0x2d0
[ 25.354118][ T300] ? file_update_time+0xa3/0x220
[ 25.359086][ T300] netfs_buffered_write_iter_locked+0xa3/0x1c0
[ 25.365430][ T300] ? netfs_file_write_iter+0x173/0x440
[ 25.370949][ T300] netfs_file_write_iter+0x189/0x440
[ 25.376250][ T300] v9fs_file_write_iter+0xac/0xe0
[ 25.381291][ T300] do_iter_readv_writev+0x4f5/0x6a0
[ 25.386503][ T300] ? vfs_iter_read+0x5f0/0x5f0
[ 25.391285][ T300] ? __switch_to_asm+0x3d/0x70
[ 25.396061][ T300] ? bpf_lsm_file_permission+0xd/0x20
[ 25.401464][ T300] vfs_writev+0x485/0xcf0
[ 25.405797][ T300] ? do_writev+0x2d0/0x2d0
[ 25.410249][ T300] ? __kasan_check_read+0x15/0x20
[ 25.415310][ T300] __se_sys_pwritev2+0x1ad/0x2b0
[ 25.420290][ T300] ? __x64_sys_pwritev2+0xf0/0xf0
[ 25.425333][ T300] ? __kasan_check_write+0x18/0x20
[ 25.430499][ T300] __x64_sys_pwritev2+0xc3/0xf0
[ 25.435383][ T300] x64_sys_call+0x2938/0x2ee0
[ 25.440105][ T300] do_syscall_64+0x58/0xf0
[ 25.444534][ T300] ? clear_bhb_loop+0x50/0xa0
[ 25.449219][ T300] entry_SYSCALL_64_after_hwframe+0x76/0x7e
[ 25.455141][ T300] RIP: 0033:0x7f4aef906969
[ 25.459581][ T300] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 25.479234][ T300] RSP: 002b:00007fff69b18a98 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[ 25.487674][ T300] RAX: ffffffffffffffda RBX: 00007fff69b18ac0 RCX: 00007f4aef906969
[ 25.495677][ T300] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000006
[ 25.503676][ T300] RBP: 0000000000000001 R08: 0000000000008000 R09: 0000000000000004
[ 25.511673][ T300] R10: 0000000000000008 R11: 0000000000000246 R12: 0000200000000100
[ 25.519653][ T300] R13: 00007f4aef948081 R14: 0000000000000001 R15: 0000000000000001
[ 25.527644][ T300]
[ 25.530694][ T300] ---[ end trace 0000000000000000 ]---
[ 25.536319][ T46] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI
[ 25.548980][ T46] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 25.557422][ T46] CPU: 1 UID: 0 PID: 46 Comm: kworker/u8:2 Tainted: G W 6.12.30-syzkaller-ge2bf362ee23b #0 e1c904518e9113895a28c59b25a6002cdacb68bf
[ 25.572347][ T46] Tainted: [W]=WARN
[ 25.576158][ T46] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 25.586205][ T46] Workqueue: events_unbound netfs_write_collection_worker
[ 25.593324][ T46] RIP: 0010:netfs_write_collection_worker+0x138b/0x49b0
[ 25.600269][ T46] Code: 1e 0f 87 80 04 00 00 e8 f3 b6 75 ff 48 89 5c 24 48 4c 89 b4 24 b0 00 00 00 4b 8d 5c f7 08 48 89 d8 48 c1 e8 03 48 89 44 24 40 <42> 80 3c 28 00 74 08 48 89 df e8 e6 ae cb ff 48 89 9c 24 a8 00 00
[ 25.619863][ T46] RSP: 0018:ffffc900002ff9e0 EFLAGS: 00010202
[ 25.625914][ T46] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888104a4a600
[ 25.633866][ T46] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000001f
[ 25.641823][ T46] RBP: ffffc900002ffc98 R08: ffff888100085a53 R09: 1ffff11020010b4a
[ 25.649781][ T46] R10: dffffc0000000000 R11: ffffed1020010b4b R12: 0000000000000000
[ 25.657737][ T46] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[ 25.665697][ T46] FS: 0000000000000000(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000
[ 25.674618][ T46] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 25.681191][ T46] CR2: 0000200000001000 CR3: 000000011fe60000 CR4: 00000000003526b0
[ 25.689153][ T46] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 25.697106][ T46] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 25.705239][ T46] Call Trace:
[ 25.708533][ T46]
[ 25.711460][ T46] ? __cfi_netfs_write_collection_worker+0x10/0x10
[ 25.717959][ T46] ? __switch_to_asm+0x3d/0x70
[ 25.722743][ T46] ? __schedule+0x1463/0x1f10
[ 25.727415][ T46] ? kick_pool+0xb9/0x550
[ 25.731823][ T46] process_scheduled_works+0x7d5/0x1020
[ 25.737382][ T46] worker_thread+0xc58/0x1250
[ 25.742074][ T46] ? try_to_wake_up+0xdd2/0x1aa0
[ 25.747011][ T46] ? schedule+0xc6/0x240
[ 25.751266][ T46] kthread+0x2c7/0x370
[ 25.755329][ T46] ? __cfi_worker_thread+0x10/0x10
[ 25.760434][ T46] ? __cfi_kthread+0x10/0x10
[ 25.765028][ T46] ret_from_fork+0x64/0xa0
[ 25.769442][ T46] ? __cfi_kthread+0x10/0x10
[ 25.774040][ T46] ret_from_fork_asm+0x1a/0x30
[ 25.778827][ T46]
[ 25.781841][ T46] Modules linked in:
[ 25.785885][ T46] ---[ end trace 0000000000000000 ]---
[ 25.788217][ T36] audit: type=1400 audit(1751647012.520:71): avc: denied { read } for pid=91 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 25.791376][ T46] RIP: 0010:netfs_write_collection_worker+0x138b/0x49b0
[ 25.815220][ T36] audit: type=1400 audit(1751647012.520:72): avc: denied { search } for pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 25.820126][ T46] Code: 1e 0f 87 80 04 00 00 e8 f3 b6 75 ff 48 89 5c 24 48 4c 89 b4 24 b0 00 00 00 4b 8d 5c f7 08 48 89 d8 48 c1 e8 03 48 89 44 24 40 <42> 80 3c 28 00 74 08 48 89 df e8 e6 ae cb ff 48 89 9c 24 a8 00 00
[ 25.841477][ T36] audit: type=1400 audit(1751647012.520:73): avc: denied { write } for pid=91 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 25.860950][ T46] RSP: 0018:ffffc900002ff9e0 EFLAGS: 00010202
[ 25.888134][ T46] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888104a4a600
[ 25.896135][ T46] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000001f
[ 25.904138][ T46] RBP: ffffc900002ffc98 R08: ffff888100085a53 R09: 1ffff11020010b4a
[ 25.912133][ T46] R10: dffffc0000000000 R11: ffffed1020010b4b R12: 0000000000000000
[ 25.920120][ T46] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[ 25.928085][ T46] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[ 25.937033][ T46] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 25.943638][ T46] CR2: 0000200000001000 CR3: 000000010b708000 CR4: 00000000003526b0
[ 25.951638][ T46] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 25.959612][ T46] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 25.967598][ T46] Kernel panic - not syncing: Fatal exception
[ 25.974002][ T46] Kernel Offset: disabled
[ 25.978322][ T46] Rebooting in 86400 seconds..