./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1509716945 <...> Warning: Permanently added '10.128.1.59' (ED25519) to the list of known hosts. execve("./syz-executor1509716945", ["./syz-executor1509716945"], 0x7ffd4c8fee10 /* 10 vars */) = 0 brk(NULL) = 0x55556b64f000 brk(0x55556b64fd00) = 0x55556b64fd00 arch_prctl(ARCH_SET_FS, 0x55556b64f380) = 0 set_tid_address(0x55556b64f650) = 5225 set_robust_list(0x55556b64f660, 24) = 0 rseq(0x55556b64fca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1509716945", 4096) = 28 getrandom("\x29\x3c\x14\xaa\x9d\xf3\x09\xd7", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55556b64fd00 brk(0x55556b670d00) = 0x55556b670d00 brk(0x55556b671000) = 0x55556b671000 mprotect(0x7fbe71cd4000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3 close(3) = 0 openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3 write(3, "N", 1) = 1 close(3) = 0 openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3 write(3, "0", 1) = 1 close(3) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5226 attached [pid 5226] set_robust_list(0x55556b64f660, 24 [pid 5225] <... clone resumed>, child_tidptr=0x55556b64f650) = 5226 [pid 5226] <... set_robust_list resumed>) = 0 [pid 5226] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5226] setpgid(0, 0) = 0 [pid 5226] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5226] write(3, "1000", 4) = 4 [pid 5226] close(3) = 0 executing program [pid 5226] write(1, "executing program\n", 18) = 18 [pid 5226] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5226] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5226] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5226] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5226] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5226] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5226] write(6, "8", 1) = 1 [ 63.735867][ T5226] FAULT_INJECTION: forcing a failure. [ 63.735867][ T5226] name failslab, interval 1, probability 0, space 0, times 1 [ 63.748807][ T5226] CPU: 0 UID: 0 PID: 5226 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 63.759203][ T5226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 63.769284][ T5226] Call Trace: [ 63.772668][ T5226] [ 63.775605][ T5226] dump_stack_lvl+0x241/0x360 [ 63.780321][ T5226] ? __pfx_dump_stack_lvl+0x10/0x10 [ 63.785525][ T5226] ? __pfx__printk+0x10/0x10 [ 63.790123][ T5226] ? kmem_cache_alloc_noprof+0x44/0x2a0 [ 63.795677][ T5226] ? __pfx___might_resched+0x10/0x10 [ 63.800979][ T5226] should_fail_ex+0x3b0/0x4e0 [ 63.805681][ T5226] ? security_file_alloc+0x32/0x310 [ 63.810893][ T5226] should_failslab+0xac/0x100 [ 63.815584][ T5226] ? security_file_alloc+0x32/0x310 [ 63.820835][ T5226] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 63.826221][ T5226] security_file_alloc+0x32/0x310 [ 63.831264][ T5226] init_file+0x93/0x1e0 [ 63.835434][ T5226] alloc_empty_file+0xb8/0x1d0 [ 63.840210][ T5226] alloc_file_pseudo+0x1da/0x290 [ 63.845155][ T5226] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 63.850618][ T5226] ? _raw_spin_unlock_irq+0x23/0x50 [ 63.855823][ T5226] anon_inode_getfile+0xc8/0x180 [ 63.860862][ T5226] __se_sys_perf_event_open+0x25df/0x38d0 [ 63.866609][ T5226] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 63.872694][ T5226] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 63.879039][ T5226] ? do_syscall_64+0x100/0x230 [ 63.883845][ T5226] ? __x64_sys_perf_event_open+0x20/0xc0 [ 63.889491][ T5226] do_syscall_64+0xf3/0x230 [ 63.894004][ T5226] ? clear_bhb_loop+0x35/0x90 [ 63.898692][ T5226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.904599][ T5226] RIP: 0033:0x7fbe71c68c69 [ 63.909031][ T5226] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5226] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5226] exit_group(0) = ? [pid 5226] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5226, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5227 attached , child_tidptr=0x55556b64f650) = 5227 [pid 5227] set_robust_list(0x55556b64f660, 24) = 0 [ 63.928665][ T5226] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 63.937112][ T5226] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 63.945096][ T5226] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 63.953071][ T5226] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 63.961053][ T5226] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 63.969032][ T5226] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 63.977020][ T5226] [pid 5227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5227] setpgid(0, 0) = 0 [pid 5227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5227] write(3, "1000", 4) = 4 [pid 5227] close(3) = 0 executing program [pid 5227] write(1, "executing program\n", 18) = 18 [pid 5227] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5227] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5227] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5227] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5227] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5227] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [ 64.057319][ T5227] FAULT_INJECTION: forcing a failure. [ 64.057319][ T5227] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 64.057523][ T5227] [ 64.057528][ T5227] ====================================================== [ 64.057534][ T5227] WARNING: possible circular locking dependency detected [ 64.057540][ T5227] 6.11.0-syzkaller-g88264981f208 #0 Not tainted [ 64.057548][ T5227] ------------------------------------------------------ [ 64.057553][ T5227] syz-executor150/5227 is trying to acquire lock: [ 64.057561][ T5227] ffffffff8e813460 (console_owner){....}-{0:0}, at: console_flush_all+0x1a3/0xeb0 [ 64.057600][ T5227] [ 64.057600][ T5227] but task is already holding lock: [ 64.057605][ T5227] ffff8880b862c898 (hrtimer_bases.lock){-.-.}-{2:2}, at: hrtimer_start_range_ns+0x109/0xca0 [ 64.057644][ T5227] [ 64.057644][ T5227] which lock already depends on the new lock. [ 64.057644][ T5227] [ 64.057649][ T5227] [ 64.057649][ T5227] the existing dependency chain (in reverse order) is: [ 64.057653][ T5227] [ 64.057653][ T5227] -> #3 (hrtimer_bases.lock){-.-.}-{2:2}: [ 64.057672][ T5227] lock_acquire+0x1ed/0x550 [ 64.057693][ T5227] _raw_spin_lock_irqsave+0xd5/0x120 [ 64.057707][ T5227] hrtimer_start_range_ns+0x109/0xca0 [ 64.057728][ T5227] rpm_suspend+0x12a2/0x1730 [ 64.057741][ T5227] __pm_runtime_idle+0x131/0x1a0 [ 64.057754][ T5227] __device_attach+0x3e5/0x520 [ 64.057769][ T5227] bus_probe_device+0x189/0x260 [ 64.057790][ T5227] device_add+0x856/0xbf0 [ 64.057803][ T5227] serdev_controller_add+0x83/0x660 [ 64.057819][ T5227] serdev_tty_port_register+0x163/0x260 [ 64.057838][ T5227] tty_port_register_device_attr_serdev+0xe1/0x160 [ 64.057853][ T5227] serial_core_register_port+0x1135/0x2870 [ 64.057871][ T5227] serial8250_register_8250_port+0x1545/0x1ec0 [ 64.057888][ T5227] serial_pnp_probe+0x4f9/0x9d0 [ 64.057905][ T5227] pnp_device_probe+0x2ba/0x460 [ 64.057925][ T5227] really_probe+0x2b8/0xad0 [ 64.057941][ T5227] __driver_probe_device+0x1a2/0x390 [ 64.057957][ T5227] driver_probe_device+0x50/0x430 [ 64.057973][ T5227] __driver_attach+0x45f/0x710 [ 64.057988][ T5227] bus_for_each_dev+0x239/0x2b0 [ 64.058008][ T5227] bus_add_driver+0x346/0x670 [ 64.058028][ T5227] driver_register+0x23a/0x320 [ 64.058045][ T5227] serial8250_init+0xc1/0x1c0 [ 64.058058][ T5227] do_one_initcall+0x248/0x880 [ 64.058082][ T5227] do_initcall_level+0x157/0x210 [ 64.058102][ T5227] do_initcalls+0x3f/0x80 [ 64.058120][ T5227] kernel_init_freeable+0x435/0x5d0 [ 64.058139][ T5227] kernel_init+0x1d/0x2b0 [ 64.058158][ T5227] ret_from_fork+0x4b/0x80 [ 64.058177][ T5227] ret_from_fork_asm+0x1a/0x30 [ 64.058196][ T5227] [ 64.058196][ T5227] -> #2 (&dev->power.lock){-.-.}-{2:2}: [ 64.058214][ T5227] lock_acquire+0x1ed/0x550 [ 64.058233][ T5227] _raw_spin_lock_irqsave+0xd5/0x120 [ 64.058247][ T5227] __pm_runtime_resume+0x112/0x180 [ 64.058260][ T5227] __uart_start+0x17c/0x450 [ 64.058277][ T5227] uart_write+0x280/0xa40 [ 64.058294][ T5227] n_tty_write+0xd62/0x1230 [ 64.058307][ T5227] file_tty_write+0x546/0x9b0 [ 64.058325][ T5227] vfs_write+0xa6d/0xc90 [ 64.058343][ T5227] ksys_write+0x1a0/0x2c0 [ 64.058361][ T5227] do_syscall_64+0xf3/0x230 [ 64.058378][ T5227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.058395][ T5227] [ 64.058395][ T5227] -> #1 (&port_lock_key){-.-.}-{2:2}: [ 64.058413][ T5227] lock_acquire+0x1ed/0x550 [ 64.058432][ T5227] _raw_spin_lock_irqsave+0xd5/0x120 [ 64.058445][ T5227] serial8250_console_write+0x1a7/0x1ed0 [ 64.058477][ T5227] console_flush_all+0x86b/0xeb0 [ 64.058492][ T5227] console_unlock+0x14f/0x3b0 [ 64.058505][ T5227] vprintk_emit+0x730/0xa10 [ 64.058518][ T5227] _printk+0xd5/0x120 [ 64.058531][ T5227] register_console+0xbf5/0xfd0 [ 64.058546][ T5227] univ8250_console_init+0x52/0x90 [ 64.058558][ T5227] console_init+0x1b8/0x6f0 [ 64.058575][ T5227] start_kernel+0x2d8/0x500 [ 64.058591][ T5227] x86_64_start_reservations+0x2a/0x30 [ 64.058604][ T5227] x86_64_start_kernel+0x9f/0xa0 [ 64.058616][ T5227] common_startup_64+0x13e/0x147 [ 64.058635][ T5227] [ 64.058635][ T5227] -> #0 (console_owner){....}-{0:0}: [ 64.058652][ T5227] validate_chain+0x18ef/0x5920 [ 64.058665][ T5227] __lock_acquire+0x1384/0x2050 [ 64.058683][ T5227] lock_acquire+0x1ed/0x550 [ 64.058700][ T5227] console_flush_all+0x7f8/0xeb0 [ 64.058715][ T5227] console_unlock+0x14f/0x3b0 [ 64.058729][ T5227] vprintk_emit+0x730/0xa10 [ 64.058742][ T5227] _printk+0xd5/0x120 [ 64.058754][ T5227] should_fail_ex+0x391/0x4e0 [ 64.058772][ T5227] strncpy_from_user+0x36/0x2e0 [ 64.058789][ T5227] strncpy_from_user_nofault+0x71/0x140 [ 64.058801][ T5227] bpf_probe_read_user_str+0x2a/0x70 [ 64.058818][ T5227] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 64.058828][ T5227] bpf_trace_run2+0x2ec/0x540 [ 64.058840][ T5227] enqueue_hrtimer+0x35a/0x3c0 [ 64.058853][ T5227] hrtimer_start_range_ns+0xac8/0xca0 [ 64.058872][ T5227] cpu_clock_event_add+0x180/0x1a0 [ 64.058887][ T5227] event_sched_in+0x832/0xe90 [ 64.058904][ T5227] visit_groups_merge+0x1521/0x2fd0 [ 64.058921][ T5227] __pmu_ctx_sched_in+0x1aa/0x230 [ 64.058938][ T5227] ctx_sched_in+0x4c2/0x600 [ 64.058954][ T5227] ctx_resched+0x560/0x900 [ 64.058971][ T5227] __perf_install_in_context+0x647/0x850 [ 64.058984][ T5227] remote_function+0xef/0x170 [ 64.059000][ T5227] generic_exec_single+0x336/0x9b0 [ 64.059020][ T5227] smp_call_function_single+0x3fa/0x1990 [ 64.059039][ T5227] perf_install_in_context+0x71a/0xb20 [ 64.059054][ T5227] __se_sys_perf_event_open+0x31c5/0x38d0 [ 64.059073][ T5227] do_syscall_64+0xf3/0x230 [ 64.059088][ T5227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.059102][ T5227] [ 64.059102][ T5227] other info that might help us debug this: [ 64.059102][ T5227] [ 64.059106][ T5227] Chain exists of: [ 64.059106][ T5227] console_owner --> &dev->power.lock --> hrtimer_bases.lock [ 64.059106][ T5227] [ 64.059126][ T5227] Possible unsafe locking scenario: [ 64.059126][ T5227] [ 64.059130][ T5227] CPU0 CPU1 [ 64.059134][ T5227] ---- ---- [ 64.059137][ T5227] lock(hrtimer_bases.lock); [ 64.059146][ T5227] lock(&dev->power.lock); [ 64.059155][ T5227] lock(hrtimer_bases.lock); [ 64.059164][ T5227] lock(console_owner); [ 64.059173][ T5227] [ 64.059173][ T5227] *** DEADLOCK *** [ 64.059173][ T5227] [ 64.059176][ T5227] 8 locks held by syz-executor150/5227: [ 64.059184][ T5227] #0: ffff8880501d2cd8 (&sig->exec_update_lock){++++}-{3:3}, at: __se_sys_perf_event_open+0xe64/0x38d0 [ 64.059218][ T5227] #1: ffff88802e6418a8 (&ctx->mutex){+.+.}-{3:3}, at: __se_sys_perf_event_open+0x13f9/0x38d0 [ 64.059251][ T5227] #2: ffff8880b86376c8 (&cpuctx_lock){....}-{2:2}, at: __perf_install_in_context+0xdc/0x850 [ 64.059283][ T5227] #3: ffff88802e641818 (&ctx->lock){....}-{2:2}, at: __perf_install_in_context+0x110/0x850 [ 64.059314][ T5227] #4: ffff8880b862c898 (hrtimer_bases.lock){-.-.}-{2:2}, at: hrtimer_start_range_ns+0x109/0xca0 [ 64.059351][ T5227] #5: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1fc/0x540 [ 64.059381][ T5227] #6: ffffffff8e8134c0 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120 [ 64.059412][ T5227] #7: ffffffff8e8130d0 (console_srcu){....}-{0:0}, at: console_flush_all+0x1a3/0xeb0 [ 64.059445][ T5227] [ 64.059445][ T5227] stack backtrace: [ 64.059450][ T5227] CPU: 0 UID: 0 PID: 5227 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 64.059465][ T5227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 64.059473][ T5227] Call Trace: [ 64.059477][ T5227] [ 64.059482][ T5227] dump_stack_lvl+0x241/0x360 [ 64.059500][ T5227] ? __pfx_dump_stack_lvl+0x10/0x10 [ 64.059517][ T5227] ? __pfx__printk+0x10/0x10 [ 64.059535][ T5227] print_circular_bug+0x13a/0x1b0 [ 64.059551][ T5227] check_noncircular+0x36a/0x4a0 [ 64.059566][ T5227] ? __pfx_check_noncircular+0x10/0x10 [ 64.059581][ T5227] ? lockdep_lock+0x123/0x2b0 [ 64.059600][ T5227] ? add_lock_to_list+0x1e8/0x2f0 [ 64.059616][ T5227] validate_chain+0x18ef/0x5920 [ 64.059637][ T5227] ? __pfx_validate_chain+0x10/0x10 [ 64.059652][ T5227] ? sprintf+0xda/0x120 [ 64.059672][ T5227] ? vsnprintf+0x1cc3/0x1da0 [ 64.059695][ T5227] ? info_print_prefix+0x204/0x310 [ 64.059716][ T5227] ? mark_lock+0x9a/0x360 [ 64.059728][ T5227] __lock_acquire+0x1384/0x2050 [ 64.059752][ T5227] lock_acquire+0x1ed/0x550 [ 64.059771][ T5227] ? console_flush_all+0x1a3/0xeb0 [ 64.059789][ T5227] ? __pfx_lock_acquire+0x10/0x10 [ 64.059808][ T5227] ? __pfx_lock_release+0x10/0x10 [ 64.059827][ T5227] ? do_raw_spin_lock+0x14f/0x370 [ 64.059845][ T5227] ? do_raw_spin_unlock+0x13c/0x8b0 [ 64.059862][ T5227] ? console_flush_all+0x511/0xeb0 [ 64.059878][ T5227] ? console_flush_all+0x1a3/0xeb0 [ 64.059895][ T5227] console_flush_all+0x7f8/0xeb0 [ 64.059911][ T5227] ? console_flush_all+0x1a3/0xeb0 [ 64.059928][ T5227] ? console_flush_all+0x1a3/0xeb0 [ 64.059947][ T5227] ? __pfx_console_flush_all+0x10/0x10 [ 64.059964][ T5227] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 64.059978][ T5227] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 64.059995][ T5227] ? this_cpu_in_panic+0x4f/0x80 [ 64.060008][ T5227] ? is_printk_legacy_deferred+0x43/0x50 [ 64.060027][ T5227] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 64.060044][ T5227] console_unlock+0x14f/0x3b0 [ 64.060059][ T5227] ? __pfx_console_unlock+0x10/0x10 [ 64.060080][ T5227] ? this_cpu_in_panic+0x4f/0x80 [ 64.060092][ T5227] ? is_printk_legacy_deferred+0x43/0x50 [ 64.060111][ T5227] ? printk_get_console_flush_type+0x1fe/0x4f0 [ 64.060128][ T5227] vprintk_emit+0x730/0xa10 [ 64.060143][ T5227] ? __pfx_vprintk_emit+0x10/0x10 [ 64.060163][ T5227] _printk+0xd5/0x120 [ 64.060179][ T5227] ? __pfx__printk+0x10/0x10 [ 64.060198][ T5227] should_fail_ex+0x391/0x4e0 [ 64.060217][ T5227] strncpy_from_user+0x36/0x2e0 [ 64.060236][ T5227] strncpy_from_user_nofault+0x71/0x140 [ 64.060250][ T5227] bpf_probe_read_user_str+0x2a/0x70 [ 64.060268][ T5227] ? bpf_trace_run2+0x1fc/0x540 [ 64.060281][ T5227] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 64.060291][ T5227] bpf_trace_run2+0x2ec/0x540 [ 64.060306][ T5227] ? __pfx_bpf_trace_run2+0x10/0x10 [ 64.060320][ T5227] ? read_tsc+0x9/0x20 [ 64.060336][ T5227] ? timekeeping_get_ns+0x2c0/0x420 [ 64.060352][ T5227] enqueue_hrtimer+0x35a/0x3c0 [ 64.060367][ T5227] hrtimer_start_range_ns+0xac8/0xca0 [ 64.060390][ T5227] cpu_clock_event_add+0x180/0x1a0 [ 64.060407][ T5227] event_sched_in+0x832/0xe90 [ 64.060429][ T5227] ? __pfx_event_sched_in+0x10/0x10 [ 64.060458][ T5227] ? mark_lock+0x9a/0x360 [ 64.060475][ T5227] visit_groups_merge+0x1521/0x2fd0 [ 64.060493][ T5227] ? mark_lock+0x9a/0x360 [ 64.060512][ T5227] ? __pfx_visit_groups_merge+0x10/0x10 [ 64.060533][ T5227] __pmu_ctx_sched_in+0x1aa/0x230 [ 64.060553][ T5227] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 64.060574][ T5227] ctx_sched_in+0x4c2/0x600 [ 64.060593][ T5227] ctx_resched+0x560/0x900 [ 64.060613][ T5227] __perf_install_in_context+0x647/0x850 [ 64.060629][ T5227] ? __pfx___perf_install_in_context+0x10/0x10 [ 64.060644][ T5227] remote_function+0xef/0x170 [ 64.060661][ T5227] ? __pfx_remote_function+0x10/0x10 [ 64.060678][ T5227] generic_exec_single+0x336/0x9b0 [ 64.060719][ T5227] ? __pfx_remote_function+0x10/0x10 [ 64.060738][ T5227] ? __pfx_generic_exec_single+0x10/0x10 [ 64.060762][ T5227] ? smp_call_function_single+0xb4/0x1990 [ 64.060804][ T5227] smp_call_function_single+0x3fa/0x1990 [ 64.060827][ T5227] ? __asan_memset+0x23/0x50 [ 64.060847][ T5227] ? __pfx_remote_function+0x10/0x10 [ 64.060868][ T5227] ? __asan_memset+0x23/0x50 [ 64.060887][ T5227] ? lockdep_init_map_type+0xa1/0x910 [ 64.060909][ T5227] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 64.060930][ T5227] ? __pfx_smp_call_function_single+0x10/0x10 [ 64.060953][ T5227] ? __pfx_remote_function+0x10/0x10 [ 64.060973][ T5227] ? __raw_spin_lock_init+0x45/0x100 [ 64.060995][ T5227] perf_install_in_context+0x71a/0xb20 [ 64.061016][ T5227] ? __pfx_perf_install_in_context+0x10/0x10 [ 64.061034][ T5227] ? __pfx___perf_install_in_context+0x10/0x10 [ 64.061055][ T5227] ? anon_inode_getfile+0xff/0x180 [ 64.061081][ T5227] __se_sys_perf_event_open+0x31c5/0x38d0 [ 64.061106][ T5227] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 64.061129][ T5227] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 64.061152][ T5227] ? do_syscall_64+0x100/0x230 [ 64.061171][ T5227] ? __x64_sys_perf_event_open+0x20/0xc0 [ 64.061189][ T5227] do_syscall_64+0xf3/0x230 [ 64.061207][ T5227] ? clear_bhb_loop+0x35/0x90 [ 64.061226][ T5227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.061243][ T5227] RIP: 0033:0x7fbe71c68c69 [ 64.061254][ T5227] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 64.061266][ T5227] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 64.061281][ T5227] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 64.061292][ T5227] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 64.061302][ T5227] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 64.061310][ T5227] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 64.061320][ T5227] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 64.061334][ T5227] [ 65.385439][ T5227] CPU: 0 UID: 0 PID: 5227 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 65.395681][ T5227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 65.405778][ T5227] Call Trace: [ 65.409052][ T5227] [ 65.411980][ T5227] dump_stack_lvl+0x241/0x360 [ 65.416746][ T5227] ? __pfx_dump_stack_lvl+0x10/0x10 [ 65.421976][ T5227] ? __pfx__printk+0x10/0x10 [ 65.426563][ T5227] should_fail_ex+0x3b0/0x4e0 [ 65.431239][ T5227] strncpy_from_user+0x36/0x2e0 [ 65.436108][ T5227] strncpy_from_user_nofault+0x71/0x140 [ 65.441663][ T5227] bpf_probe_read_user_str+0x2a/0x70 [ 65.446947][ T5227] ? bpf_trace_run2+0x1fc/0x540 [ 65.451800][ T5227] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 65.457274][ T5227] bpf_trace_run2+0x2ec/0x540 [ 65.461962][ T5227] ? __pfx_bpf_trace_run2+0x10/0x10 [ 65.467153][ T5227] ? read_tsc+0x9/0x20 [ 65.471224][ T5227] ? timekeeping_get_ns+0x2c0/0x420 [ 65.476419][ T5227] enqueue_hrtimer+0x35a/0x3c0 [ 65.481181][ T5227] hrtimer_start_range_ns+0xac8/0xca0 [ 65.486559][ T5227] cpu_clock_event_add+0x180/0x1a0 [ 65.491666][ T5227] event_sched_in+0x832/0xe90 [ 65.496357][ T5227] ? __pfx_event_sched_in+0x10/0x10 [ 65.501582][ T5227] ? mark_lock+0x9a/0x360 [ 65.506023][ T5227] visit_groups_merge+0x1521/0x2fd0 [ 65.511223][ T5227] ? mark_lock+0x9a/0x360 [ 65.515554][ T5227] ? __pfx_visit_groups_merge+0x10/0x10 [ 65.521121][ T5227] __pmu_ctx_sched_in+0x1aa/0x230 [ 65.526162][ T5227] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 65.531714][ T5227] ctx_sched_in+0x4c2/0x600 [ 65.536229][ T5227] ctx_resched+0x560/0x900 [ 65.540652][ T5227] __perf_install_in_context+0x647/0x850 [ 65.546296][ T5227] ? __pfx___perf_install_in_context+0x10/0x10 [ 65.552482][ T5227] remote_function+0xef/0x170 [ 65.557172][ T5227] ? __pfx_remote_function+0x10/0x10 [ 65.562533][ T5227] generic_exec_single+0x336/0x9b0 [ 65.567662][ T5227] ? __pfx_remote_function+0x10/0x10 [ 65.572962][ T5227] ? __pfx_generic_exec_single+0x10/0x10 [ 65.578623][ T5227] ? smp_call_function_single+0xb4/0x1990 [ 65.584360][ T5227] smp_call_function_single+0x3fa/0x1990 [ 65.590002][ T5227] ? __asan_memset+0x23/0x50 [ 65.594625][ T5227] ? __pfx_remote_function+0x10/0x10 [ 65.599905][ T5227] ? __asan_memset+0x23/0x50 [ 65.604499][ T5227] ? lockdep_init_map_type+0xa1/0x910 [ 65.609874][ T5227] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 65.615680][ T5227] ? __pfx_smp_call_function_single+0x10/0x10 [ 65.621932][ T5227] ? __pfx_remote_function+0x10/0x10 [ 65.627222][ T5227] ? __raw_spin_lock_init+0x45/0x100 [ 65.632508][ T5227] perf_install_in_context+0x71a/0xb20 [ 65.637973][ T5227] ? __pfx_perf_install_in_context+0x10/0x10 [ 65.643958][ T5227] ? __pfx___perf_install_in_context+0x10/0x10 [ 65.650114][ T5227] ? anon_inode_getfile+0xff/0x180 [ 65.655254][ T5227] __se_sys_perf_event_open+0x31c5/0x38d0 [ 65.660993][ T5227] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 65.667086][ T5227] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 65.673518][ T5227] ? do_syscall_64+0x100/0x230 [ 65.678291][ T5227] ? __x64_sys_perf_event_open+0x20/0xc0 [ 65.683958][ T5227] do_syscall_64+0xf3/0x230 [ 65.688465][ T5227] ? clear_bhb_loop+0x35/0x90 [ 65.693138][ T5227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.699025][ T5227] RIP: 0033:0x7fbe71c68c69 [ 65.703517][ T5227] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 65.723109][ T5227] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 65.731704][ T5227] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 65.739666][ T5227] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 65.747628][ T5227] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 65.755595][ T5227] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [pid 5227] write(6, "8", 1) = 1 [pid 5227] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = 7 [pid 5227] exit_group(0) = ? [pid 5227] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5227, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5228 attached , child_tidptr=0x55556b64f650) = 5228 [pid 5228] set_robust_list(0x55556b64f660, 24) = 0 [pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5228] setpgid(0, 0) = 0 [pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5228] write(3, "1000", 4) = 4 [pid 5228] close(3) = 0 [pid 5228] write(1, "executing program\n", 18executing program ) = 18 [pid 5228] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5228] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5228] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5228] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5228] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5228] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5228] write(6, "8", 1) = 1 [ 65.763640][ T5227] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 65.771619][ T5227] [ 65.775016][ C0] hrtimer: interrupt took 37972 ns [ 65.809319][ T5228] FAULT_INJECTION: forcing a failure. [ 65.809319][ T5228] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 65.822549][ T5228] CPU: 0 UID: 0 PID: 5228 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 65.832797][ T5228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 65.842958][ T5228] Call Trace: [ 65.846232][ T5228] [ 65.849176][ T5228] dump_stack_lvl+0x241/0x360 [ 65.854058][ T5228] ? __pfx_dump_stack_lvl+0x10/0x10 [ 65.859269][ T5228] ? __pfx__printk+0x10/0x10 [ 65.863855][ T5228] ? bpf_trace_run2+0x1fc/0x540 [ 65.868703][ T5228] ? rcu_is_watching+0x15/0xb0 [ 65.873476][ T5228] ? bpf_trace_run2+0x1fc/0x540 [ 65.878318][ T5228] ? lock_acquire+0xe3/0x550 [ 65.882928][ T5228] should_fail_ex+0x3b0/0x4e0 [ 65.887639][ T5228] strncpy_from_user+0x36/0x2e0 [ 65.892508][ T5228] strncpy_from_user_nofault+0x71/0x140 [ 65.898158][ T5228] bpf_probe_read_user_str+0x2a/0x70 [ 65.903452][ T5228] ? bpf_trace_run2+0x1fc/0x540 [ 65.908307][ T5228] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 65.913771][ T5228] bpf_trace_run2+0x2ec/0x540 [ 65.918536][ T5228] ? __pfx_bpf_trace_run2+0x10/0x10 [ 65.923828][ T5228] ? read_tsc+0x9/0x20 [ 65.927904][ T5228] ? timekeeping_get_ns+0x2c0/0x420 [ 65.933103][ T5228] enqueue_hrtimer+0x35a/0x3c0 [ 65.937894][ T5228] hrtimer_start_range_ns+0xac8/0xca0 [ 65.943277][ T5228] cpu_clock_event_add+0x180/0x1a0 [ 65.948392][ T5228] event_sched_in+0x832/0xe90 [ 65.953100][ T5228] ? __pfx_event_sched_in+0x10/0x10 [ 65.958326][ T5228] ? lock_release+0xbf/0xa30 [ 65.962924][ T5228] ? rcu_is_watching+0x15/0xb0 [ 65.967702][ T5228] ? lock_release+0xbf/0xa30 [ 65.972301][ T5228] visit_groups_merge+0x1521/0x2fd0 [ 65.977520][ T5228] ? deref_stack_reg+0x17c/0x210 [ 65.982495][ T5228] ? __pfx_visit_groups_merge+0x10/0x10 [ 65.988045][ T5228] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 65.994208][ T5228] __pmu_ctx_sched_in+0x1aa/0x230 [ 65.999276][ T5228] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 66.004826][ T5228] ? kvm_sched_clock_read+0x11/0x20 [ 66.010023][ T5228] ? perf_cgroup_set_timestamp+0x1e9/0x230 [ 66.015844][ T5228] ctx_sched_in+0x4c2/0x600 [ 66.020348][ T5228] ctx_resched+0x560/0x900 [ 66.024770][ T5228] __perf_install_in_context+0x647/0x850 [ 66.030431][ T5228] ? __pfx___perf_install_in_context+0x10/0x10 [ 66.036586][ T5228] remote_function+0xef/0x170 [ 66.041267][ T5228] ? __pfx_remote_function+0x10/0x10 [ 66.046581][ T5228] generic_exec_single+0x336/0x9b0 [ 66.051704][ T5228] ? __pfx_remote_function+0x10/0x10 [ 66.056996][ T5228] ? __pfx_generic_exec_single+0x10/0x10 [ 66.062640][ T5228] ? smp_call_function_single+0xb4/0x1990 [ 66.068392][ T5228] smp_call_function_single+0x3fa/0x1990 [ 66.074037][ T5228] ? __asan_memset+0x23/0x50 [ 66.078633][ T5228] ? __pfx_remote_function+0x10/0x10 [ 66.083925][ T5228] ? __asan_memset+0x23/0x50 [ 66.088528][ T5228] ? lockdep_init_map_type+0xa1/0x910 [ 66.093957][ T5228] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 66.099784][ T5228] ? __pfx_smp_call_function_single+0x10/0x10 [ 66.105866][ T5228] ? __pfx_remote_function+0x10/0x10 [ 66.111181][ T5228] ? __raw_spin_lock_init+0x45/0x100 [ 66.116474][ T5228] ? file_init_path+0x3b/0x570 [ 66.121239][ T5228] ? __asan_memcpy+0x40/0x70 [ 66.125931][ T5228] perf_install_in_context+0x71a/0xb20 [ 66.131398][ T5228] ? __pfx_perf_install_in_context+0x10/0x10 [ 66.137389][ T5228] ? __pfx___perf_install_in_context+0x10/0x10 [ 66.143604][ T5228] ? anon_inode_getfile+0xff/0x180 [ 66.148751][ T5228] __se_sys_perf_event_open+0x31c5/0x38d0 [ 66.154475][ T5228] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 66.160040][ T5228] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 66.166130][ T5228] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 66.172547][ T5228] ? rcu_is_watching+0x15/0xb0 [ 66.177311][ T5228] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 66.183638][ T5228] ? rcu_is_watching+0x15/0xb0 [ 66.188398][ T5228] ? __x64_sys_perf_event_open+0x20/0xc0 [ 66.194026][ T5228] do_syscall_64+0xf3/0x230 [ 66.198522][ T5228] ? clear_bhb_loop+0x35/0x90 [ 66.203193][ T5228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.209073][ T5228] RIP: 0033:0x7fbe71c68c69 [ 66.213471][ T5228] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 66.233152][ T5228] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 66.241575][ T5228] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 66.249537][ T5228] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [pid 5228] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = 7 [pid 5228] exit_group(0) = ? [ 66.257498][ T5228] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 66.265459][ T5228] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 66.273419][ T5228] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 66.281393][ T5228] [pid 5228] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5228, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5229 attached , child_tidptr=0x55556b64f650) = 5229 [pid 5229] set_robust_list(0x55556b64f660, 24) = 0 [pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5229] setpgid(0, 0) = 0 [pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5229] write(3, "1000", 4) = 4 [pid 5229] close(3) = 0 executing program [pid 5229] write(1, "executing program\n", 18) = 18 [pid 5229] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5229] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5229] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5229] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5229] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5229] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5229] write(6, "8", 1) = 1 [ 66.480138][ T5229] FAULT_INJECTION: forcing a failure. [ 66.480138][ T5229] name failslab, interval 1, probability 0, space 0, times 0 [ 66.492976][ T5229] CPU: 1 UID: 0 PID: 5229 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 66.503240][ T5229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 66.513384][ T5229] Call Trace: [ 66.516659][ T5229] [ 66.519601][ T5229] dump_stack_lvl+0x241/0x360 [ 66.524291][ T5229] ? __pfx_dump_stack_lvl+0x10/0x10 [ 66.529493][ T5229] ? __pfx__printk+0x10/0x10 [ 66.534089][ T5229] ? __pfx___might_resched+0x10/0x10 [ 66.539381][ T5229] should_fail_ex+0x3b0/0x4e0 [ 66.544070][ T5229] should_failslab+0xac/0x100 [ 66.548748][ T5229] ? alloc_perf_context+0x50/0x230 [ 66.553859][ T5229] __kmalloc_cache_noprof+0x6c/0x2c0 [ 66.559198][ T5229] alloc_perf_context+0x50/0x230 [ 66.564142][ T5229] find_get_context+0x104/0x5f0 [ 66.568993][ T5229] ? perf_event_alloc+0x1f17/0x2310 [ 66.574195][ T5229] ? __pfx_find_get_context+0x10/0x10 [ 66.579570][ T5229] ? bpf_lsm_capable+0x9/0x10 [ 66.584251][ T5229] __se_sys_perf_event_open+0x13cc/0x38d0 [ 66.589976][ T5229] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 66.595529][ T5229] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 66.601860][ T5229] ? rcu_is_watching+0x15/0xb0 [ 66.606630][ T5229] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 66.612699][ T5229] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 66.619025][ T5229] ? rcu_is_watching+0x15/0xb0 [ 66.623787][ T5229] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 66.630119][ T5229] ? rcu_is_watching+0x15/0xb0 [ 66.634878][ T5229] ? __x64_sys_perf_event_open+0x20/0xc0 [ 66.640523][ T5229] do_syscall_64+0xf3/0x230 [ 66.645029][ T5229] ? clear_bhb_loop+0x35/0x90 [ 66.649718][ T5229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.655619][ T5229] RIP: 0033:0x7fbe71c68c69 [ 66.660024][ T5229] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5229] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5229] exit_group(0) = ? [pid 5229] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5230 attached , child_tidptr=0x55556b64f650) = 5230 [ 66.679626][ T5229] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 66.688038][ T5229] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 66.696003][ T5229] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 66.703963][ T5229] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 66.711964][ T5229] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 66.719935][ T5229] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 66.727905][ T5229] [pid 5230] set_robust_list(0x55556b64f660, 24) = 0 [pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5230] setpgid(0, 0) = 0 [pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5230] write(3, "1000", 4) = 4 [pid 5230] close(3) = 0 [pid 5230] write(1, "executing program\n", 18executing program ) = 18 [pid 5230] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5230] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5230] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5230] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5230] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5230] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5230] write(6, "8", 1) = 1 [ 66.888854][ T5230] FAULT_INJECTION: forcing a failure. [ 66.888854][ T5230] name failslab, interval 1, probability 0, space 0, times 0 [ 66.901693][ T5230] CPU: 0 UID: 0 PID: 5230 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 66.911963][ T5230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 66.922032][ T5230] Call Trace: [ 66.925304][ T5230] [ 66.928230][ T5230] dump_stack_lvl+0x241/0x360 [ 66.932926][ T5230] ? __pfx_dump_stack_lvl+0x10/0x10 [ 66.938127][ T5230] ? __pfx__printk+0x10/0x10 [ 66.942720][ T5230] ? __pfx___might_resched+0x10/0x10 [ 66.948003][ T5230] ? rcu_is_watching+0x15/0xb0 [ 66.952773][ T5230] should_fail_ex+0x3b0/0x4e0 [ 66.957538][ T5230] ? __d_alloc+0x31/0x700 [ 66.961877][ T5230] should_failslab+0xac/0x100 [ 66.966550][ T5230] ? __d_alloc+0x31/0x700 [ 66.970901][ T5230] kmem_cache_alloc_lru_noprof+0x71/0x2b0 [ 66.976621][ T5230] __d_alloc+0x31/0x700 [ 66.980859][ T5230] d_alloc_pseudo+0x1f/0xb0 [ 66.985360][ T5230] alloc_file_pseudo+0x123/0x290 [ 66.990295][ T5230] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 66.995762][ T5230] ? rcu_is_watching+0x15/0xb0 [ 67.000519][ T5230] anon_inode_getfile+0xc8/0x180 [ 67.005456][ T5230] __se_sys_perf_event_open+0x25df/0x38d0 [ 67.011176][ T5230] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 67.016727][ T5230] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 67.022810][ T5230] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.029168][ T5230] ? rcu_is_watching+0x15/0xb0 [ 67.033921][ T5230] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.040244][ T5230] ? rcu_is_watching+0x15/0xb0 [ 67.044996][ T5230] ? __x64_sys_perf_event_open+0x20/0xc0 [ 67.050621][ T5230] do_syscall_64+0xf3/0x230 [ 67.055126][ T5230] ? clear_bhb_loop+0x35/0x90 [ 67.059807][ T5230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.065801][ T5230] RIP: 0033:0x7fbe71c68c69 [ 67.070332][ T5230] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 67.089937][ T5230] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 67.098435][ T5230] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 67.106567][ T5230] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 67.114531][ T5230] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 67.122498][ T5230] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 67.130468][ T5230] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [pid 5230] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5230] exit_group(0) = ? [pid 5230] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5231 attached , child_tidptr=0x55556b64f650) = 5231 [pid 5231] set_robust_list(0x55556b64f660, 24) = 0 [pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 67.138449][ T5230] [pid 5231] setpgid(0, 0) = 0 [pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5231] write(3, "1000", 4) = 4 [pid 5231] close(3executing program ) = 0 [pid 5231] write(1, "executing program\n", 18) = 18 [pid 5231] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5231] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5231] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5231] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5231] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5231] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5231] write(6, "8", 1) = 1 [ 67.297666][ T5231] FAULT_INJECTION: forcing a failure. [ 67.297666][ T5231] name failslab, interval 1, probability 0, space 0, times 0 [ 67.310385][ T5231] CPU: 0 UID: 0 PID: 5231 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 67.320712][ T5231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 67.330811][ T5231] Call Trace: [ 67.334097][ T5231] [ 67.337018][ T5231] dump_stack_lvl+0x241/0x360 [ 67.341725][ T5231] ? __pfx_dump_stack_lvl+0x10/0x10 [ 67.346930][ T5231] ? __pfx__printk+0x10/0x10 [ 67.351521][ T5231] ? __pfx___might_resched+0x10/0x10 [ 67.356814][ T5231] should_fail_ex+0x3b0/0x4e0 [ 67.361506][ T5231] ? security_file_alloc+0x32/0x310 [ 67.366717][ T5231] should_failslab+0xac/0x100 [ 67.371413][ T5231] ? security_file_alloc+0x32/0x310 [ 67.376633][ T5231] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 67.382099][ T5231] security_file_alloc+0x32/0x310 [ 67.387157][ T5231] init_file+0x93/0x1e0 [ 67.391324][ T5231] alloc_empty_file+0xb8/0x1d0 [ 67.396108][ T5231] alloc_file_pseudo+0x1da/0x290 [ 67.401077][ T5231] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 67.406543][ T5231] ? rcu_is_watching+0x15/0xb0 [ 67.411314][ T5231] anon_inode_getfile+0xc8/0x180 [ 67.416265][ T5231] __se_sys_perf_event_open+0x25df/0x38d0 [ 67.421996][ T5231] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 67.427633][ T5231] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 67.433702][ T5231] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.440030][ T5231] ? rcu_is_watching+0x15/0xb0 [ 67.444788][ T5231] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.451122][ T5231] ? rcu_is_watching+0x15/0xb0 [ 67.455993][ T5231] ? __x64_sys_perf_event_open+0x20/0xc0 [ 67.461631][ T5231] do_syscall_64+0xf3/0x230 [ 67.466143][ T5231] ? clear_bhb_loop+0x35/0x90 [ 67.470822][ T5231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.476816][ T5231] RIP: 0033:0x7fbe71c68c69 [ 67.481325][ T5231] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 67.501018][ T5231] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 67.509525][ T5231] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 67.517499][ T5231] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 67.525547][ T5231] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 67.533519][ T5231] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [pid 5231] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5231] exit_group(0) = ? [pid 5231] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5231, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5232 attached , child_tidptr=0x55556b64f650) = 5232 [ 67.541505][ T5231] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 67.549482][ T5231] [pid 5232] set_robust_list(0x55556b64f660, 24) = 0 [pid 5232] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5232] setpgid(0, 0) = 0 [pid 5232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5232] write(3, "1000", 4) = 4 [pid 5232] close(3) = 0 executing program [pid 5232] write(1, "executing program\n", 18) = 18 [pid 5232] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5232] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5232] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5232] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5232] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5232] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5232] write(6, "8", 1) = 1 [ 67.667813][ T5232] FAULT_INJECTION: forcing a failure. [ 67.667813][ T5232] name failslab, interval 1, probability 0, space 0, times 0 [ 67.680800][ T5232] CPU: 0 UID: 0 PID: 5232 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 67.691074][ T5232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 67.701128][ T5232] Call Trace: [ 67.704406][ T5232] [ 67.707333][ T5232] dump_stack_lvl+0x241/0x360 [ 67.712020][ T5232] ? __pfx_dump_stack_lvl+0x10/0x10 [ 67.717221][ T5232] ? __pfx__printk+0x10/0x10 [ 67.722002][ T5232] ? __pfx___might_resched+0x10/0x10 [ 67.727292][ T5232] should_fail_ex+0x3b0/0x4e0 [ 67.731973][ T5232] ? security_file_alloc+0x32/0x310 [ 67.737176][ T5232] should_failslab+0xac/0x100 [ 67.741865][ T5232] ? security_file_alloc+0x32/0x310 [ 67.747079][ T5232] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 67.752461][ T5232] security_file_alloc+0x32/0x310 [ 67.757504][ T5232] init_file+0x93/0x1e0 [ 67.761662][ T5232] alloc_empty_file+0xb8/0x1d0 [ 67.766516][ T5232] alloc_file_pseudo+0x1da/0x290 [ 67.771452][ T5232] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 67.776939][ T5232] ? rcu_is_watching+0x15/0xb0 [ 67.781734][ T5232] anon_inode_getfile+0xc8/0x180 [ 67.786683][ T5232] __se_sys_perf_event_open+0x25df/0x38d0 [ 67.792413][ T5232] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 67.797979][ T5232] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 67.804062][ T5232] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.810405][ T5232] ? rcu_is_watching+0x15/0xb0 [ 67.815179][ T5232] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 67.821522][ T5232] ? rcu_is_watching+0x15/0xb0 [ 67.826291][ T5232] ? __x64_sys_perf_event_open+0x20/0xc0 [ 67.831929][ T5232] do_syscall_64+0xf3/0x230 [ 67.836451][ T5232] ? clear_bhb_loop+0x35/0x90 [ 67.841140][ T5232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.847037][ T5232] RIP: 0033:0x7fbe71c68c69 [ 67.851453][ T5232] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 67.871063][ T5232] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 67.879488][ T5232] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 67.887592][ T5232] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 67.895562][ T5232] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 67.903532][ T5232] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [pid 5232] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5232] exit_group(0) = ? [pid 5232] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5232, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556b64f650) = 5233 ./strace-static-x86_64: Process 5233 attached [pid 5233] set_robust_list(0x55556b64f660, 24) = 0 [ 67.911506][ T5232] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 67.919487][ T5232] [pid 5233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5233] setpgid(0, 0) = 0 [pid 5233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5233] write(3, "1000", 4) = 4 [pid 5233] close(3) = 0 executing program [pid 5233] write(1, "executing program\n", 18) = 18 [pid 5233] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5233] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5233] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5233] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5233] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5233] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5233] write(6, "8", 1) = 1 [ 68.069107][ T5233] FAULT_INJECTION: forcing a failure. [ 68.069107][ T5233] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.082200][ T5233] CPU: 0 UID: 0 PID: 5233 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 68.092440][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 68.102495][ T5233] Call Trace: [ 68.105789][ T5233] [ 68.108733][ T5233] dump_stack_lvl+0x241/0x360 [ 68.113447][ T5233] ? __pfx_dump_stack_lvl+0x10/0x10 [ 68.118652][ T5233] ? __pfx__printk+0x10/0x10 [ 68.123247][ T5233] ? bpf_trace_run2+0x1fc/0x540 [ 68.128093][ T5233] ? rcu_is_watching+0x15/0xb0 [ 68.132868][ T5233] ? bpf_trace_run2+0x1fc/0x540 [ 68.137820][ T5233] ? lock_acquire+0xe3/0x550 [ 68.142409][ T5233] should_fail_ex+0x3b0/0x4e0 [ 68.147174][ T5233] strncpy_from_user+0x36/0x2e0 [ 68.152026][ T5233] strncpy_from_user_nofault+0x71/0x140 [ 68.157567][ T5233] bpf_probe_read_user_str+0x2a/0x70 [ 68.162851][ T5233] ? bpf_trace_run2+0x1fc/0x540 [ 68.167749][ T5233] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 68.173219][ T5233] bpf_trace_run2+0x2ec/0x540 [ 68.177902][ T5233] ? __pfx_bpf_trace_run2+0x10/0x10 [ 68.183109][ T5233] ? read_tsc+0x9/0x20 [ 68.187186][ T5233] ? timekeeping_get_ns+0x2c0/0x420 [ 68.192394][ T5233] enqueue_hrtimer+0x35a/0x3c0 [ 68.197168][ T5233] hrtimer_start_range_ns+0xac8/0xca0 [ 68.202650][ T5233] cpu_clock_event_add+0x180/0x1a0 [ 68.207776][ T5233] event_sched_in+0x832/0xe90 [ 68.212552][ T5233] ? __pfx_event_sched_in+0x10/0x10 [ 68.217770][ T5233] ? rcu_is_watching+0x15/0xb0 [ 68.222534][ T5233] ? lock_release+0xbf/0xa30 [ 68.227137][ T5233] visit_groups_merge+0x1521/0x2fd0 [ 68.232365][ T5233] ? deref_stack_reg+0x17c/0x210 [ 68.237314][ T5233] ? __pfx_visit_groups_merge+0x10/0x10 [ 68.243317][ T5233] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 68.249487][ T5233] __pmu_ctx_sched_in+0x1aa/0x230 [ 68.254514][ T5233] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 68.260060][ T5233] ? kvm_sched_clock_read+0x11/0x20 [ 68.265370][ T5233] ? perf_cgroup_set_timestamp+0x1e9/0x230 [ 68.271227][ T5233] ctx_sched_in+0x4c2/0x600 [ 68.275746][ T5233] ctx_resched+0x560/0x900 [ 68.280174][ T5233] __perf_install_in_context+0x647/0x850 [ 68.285829][ T5233] ? __pfx___perf_install_in_context+0x10/0x10 [ 68.291981][ T5233] remote_function+0xef/0x170 [ 68.296662][ T5233] ? __pfx_remote_function+0x10/0x10 [ 68.301947][ T5233] generic_exec_single+0x336/0x9b0 [ 68.307059][ T5233] ? __pfx_remote_function+0x10/0x10 [ 68.312442][ T5233] ? __pfx_generic_exec_single+0x10/0x10 [ 68.318090][ T5233] ? smp_call_function_single+0xb4/0x1990 [ 68.323810][ T5233] smp_call_function_single+0x3fa/0x1990 [ 68.329446][ T5233] ? __asan_memset+0x23/0x50 [ 68.334131][ T5233] ? __pfx_remote_function+0x10/0x10 [ 68.339414][ T5233] ? __asan_memset+0x23/0x50 [ 68.344002][ T5233] ? lockdep_init_map_type+0xa1/0x910 [ 68.349383][ T5233] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 68.355317][ T5233] ? __pfx_smp_call_function_single+0x10/0x10 [ 68.361394][ T5233] ? __pfx_remote_function+0x10/0x10 [ 68.366689][ T5233] ? __raw_spin_lock_init+0x45/0x100 [ 68.371977][ T5233] ? file_init_path+0x3b/0x570 [ 68.376740][ T5233] ? __asan_memcpy+0x40/0x70 [ 68.381336][ T5233] perf_install_in_context+0x71a/0xb20 [ 68.386807][ T5233] ? __pfx_perf_install_in_context+0x10/0x10 [ 68.392789][ T5233] ? __pfx___perf_install_in_context+0x10/0x10 [ 68.398977][ T5233] ? anon_inode_getfile+0xff/0x180 [ 68.404101][ T5233] __se_sys_perf_event_open+0x31c5/0x38d0 [ 68.409826][ T5233] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 68.415392][ T5233] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 68.421474][ T5233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 68.427849][ T5233] ? rcu_is_watching+0x15/0xb0 [ 68.432633][ T5233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 68.438975][ T5233] ? rcu_is_watching+0x15/0xb0 [ 68.443748][ T5233] ? __x64_sys_perf_event_open+0x20/0xc0 [ 68.449398][ T5233] do_syscall_64+0xf3/0x230 [ 68.453911][ T5233] ? clear_bhb_loop+0x35/0x90 [ 68.458599][ T5233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.464494][ T5233] RIP: 0033:0x7fbe71c68c69 [ 68.468930][ T5233] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 68.488553][ T5233] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 68.496974][ T5233] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 68.504971][ T5233] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 68.512973][ T5233] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [pid 5233] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = 7 [pid 5233] exit_group(0) = ? [pid 5233] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5233, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [ 68.521038][ T5233] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 68.529014][ T5233] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 68.537018][ T5233] restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556b64f650) = 5234 ./strace-static-x86_64: Process 5234 attached [pid 5234] set_robust_list(0x55556b64f660, 24) = 0 [pid 5234] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5234] setpgid(0, 0) = 0 [pid 5234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5234] write(3, "1000", 4) = 4 [pid 5234] close(3) = 0 executing program [pid 5234] write(1, "executing program\n", 18) = 18 [pid 5234] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5234] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5234] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5234] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5234] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5234] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5234] write(6, "8", 1) = 1 [ 68.679773][ T5234] FAULT_INJECTION: forcing a failure. [ 68.679773][ T5234] name failslab, interval 1, probability 0, space 0, times 0 [ 68.692563][ T5234] CPU: 1 UID: 0 PID: 5234 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 68.702831][ T5234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 68.712905][ T5234] Call Trace: [ 68.716177][ T5234] [ 68.719102][ T5234] dump_stack_lvl+0x241/0x360 [ 68.723781][ T5234] ? __pfx_dump_stack_lvl+0x10/0x10 [ 68.728994][ T5234] ? __pfx__printk+0x10/0x10 [ 68.733615][ T5234] ? __pfx___might_resched+0x10/0x10 [ 68.738898][ T5234] should_fail_ex+0x3b0/0x4e0 [ 68.743576][ T5234] ? alloc_empty_file+0x9e/0x1d0 [ 68.748510][ T5234] should_failslab+0xac/0x100 [ 68.753205][ T5234] ? alloc_empty_file+0x9e/0x1d0 [ 68.758228][ T5234] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 68.763604][ T5234] alloc_empty_file+0x9e/0x1d0 [ 68.768361][ T5234] alloc_file_pseudo+0x1da/0x290 [ 68.773311][ T5234] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 68.778768][ T5234] ? rcu_is_watching+0x15/0xb0 [ 68.783530][ T5234] anon_inode_getfile+0xc8/0x180 [ 68.788473][ T5234] __se_sys_perf_event_open+0x25df/0x38d0 [ 68.794194][ T5234] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 68.799758][ T5234] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 68.805843][ T5234] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 68.812189][ T5234] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 68.818551][ T5234] ? rcu_is_watching+0x15/0xb0 [ 68.823307][ T5234] ? __x64_sys_perf_event_open+0x20/0xc0 [ 68.828936][ T5234] do_syscall_64+0xf3/0x230 [ 68.833454][ T5234] ? clear_bhb_loop+0x35/0x90 [ 68.838129][ T5234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.844022][ T5234] RIP: 0033:0x7fbe71c68c69 [ 68.848443][ T5234] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 68.868235][ T5234] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [pid 5234] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5234] exit_group(0) = ? [pid 5234] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5234, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5235 attached , child_tidptr=0x55556b64f650) = 5235 [pid 5235] set_robust_list(0x55556b64f660, 24) = 0 [ 68.876655][ T5234] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 68.884720][ T5234] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 68.892705][ T5234] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 68.900682][ T5234] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 68.908657][ T5234] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 68.916634][ T5234] [pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5235] setpgid(0, 0) = 0 [pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5235] write(3, "1000", 4) = 4 [pid 5235] close(3) = 0 [pid 5235] write(1, "executing program\n", 18executing program ) = 18 [pid 5235] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5235] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5235] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5235] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5235] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5235] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [ 69.035376][ T5235] FAULT_INJECTION: forcing a failure. [ 69.035376][ T5235] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 69.048436][ T5235] CPU: 0 UID: 0 PID: 5235 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 69.058673][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 69.068736][ T5235] Call Trace: [ 69.072009][ T5235] [ 69.074932][ T5235] dump_stack_lvl+0x241/0x360 [ 69.079619][ T5235] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.084816][ T5235] ? __pfx__printk+0x10/0x10 [ 69.089428][ T5235] ? bpf_trace_run2+0x1fc/0x540 [ 69.094323][ T5235] ? rcu_is_watching+0x15/0xb0 [ 69.099080][ T5235] ? bpf_trace_run2+0x1fc/0x540 [ 69.103919][ T5235] ? lock_acquire+0xe3/0x550 [ 69.108510][ T5235] should_fail_ex+0x3b0/0x4e0 [ 69.113195][ T5235] strncpy_from_user+0x36/0x2e0 [ 69.118080][ T5235] strncpy_from_user_nofault+0x71/0x140 [ 69.123621][ T5235] bpf_probe_read_user_str+0x2a/0x70 [ 69.128904][ T5235] ? bpf_trace_run2+0x1fc/0x540 [ 69.133744][ T5235] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 69.139193][ T5235] bpf_trace_run2+0x2ec/0x540 [ 69.143955][ T5235] ? __pfx_bpf_trace_run2+0x10/0x10 [ 69.149147][ T5235] ? read_tsc+0x9/0x20 [ 69.153211][ T5235] ? timekeeping_get_ns+0x2c0/0x420 [ 69.158422][ T5235] enqueue_hrtimer+0x35a/0x3c0 [ 69.163178][ T5235] hrtimer_start_range_ns+0xac8/0xca0 [ 69.168570][ T5235] cpu_clock_event_add+0x180/0x1a0 [ 69.173702][ T5235] event_sched_in+0x832/0xe90 [ 69.178380][ T5235] ? __pfx_event_sched_in+0x10/0x10 [ 69.183586][ T5235] ? rcu_is_watching+0x15/0xb0 [ 69.188345][ T5235] ? lock_release+0xbf/0xa30 [ 69.192948][ T5235] visit_groups_merge+0x1521/0x2fd0 [ 69.198143][ T5235] ? deref_stack_reg+0x17c/0x210 [ 69.203083][ T5235] ? __pfx_visit_groups_merge+0x10/0x10 [ 69.208644][ T5235] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 69.214792][ T5235] __pmu_ctx_sched_in+0x1aa/0x230 [ 69.219982][ T5235] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 69.225520][ T5235] ? kvm_sched_clock_read+0x11/0x20 [ 69.230719][ T5235] ? perf_cgroup_set_timestamp+0x1e9/0x230 [ 69.236539][ T5235] ctx_sched_in+0x4c2/0x600 [ 69.241039][ T5235] ctx_resched+0x560/0x900 [ 69.245468][ T5235] __perf_install_in_context+0x647/0x850 [ 69.251097][ T5235] ? __pfx___perf_install_in_context+0x10/0x10 [ 69.257242][ T5235] remote_function+0xef/0x170 [ 69.261927][ T5235] ? __pfx_remote_function+0x10/0x10 [ 69.267207][ T5235] generic_exec_single+0x336/0x9b0 [ 69.272318][ T5235] ? __pfx_remote_function+0x10/0x10 [ 69.277621][ T5235] ? __pfx_generic_exec_single+0x10/0x10 [ 69.283298][ T5235] ? smp_call_function_single+0xb4/0x1990 [ 69.289056][ T5235] smp_call_function_single+0x3fa/0x1990 [ 69.294725][ T5235] ? __asan_memset+0x23/0x50 [ 69.299328][ T5235] ? __pfx_remote_function+0x10/0x10 [ 69.304626][ T5235] ? __asan_memset+0x23/0x50 [ 69.309224][ T5235] ? lockdep_init_map_type+0xa1/0x910 [ 69.314608][ T5235] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 69.320419][ T5235] ? __pfx_smp_call_function_single+0x10/0x10 [ 69.326510][ T5235] ? __pfx_remote_function+0x10/0x10 [ 69.331810][ T5235] ? __raw_spin_lock_init+0x45/0x100 [ 69.337103][ T5235] ? file_init_path+0x3b/0x570 [ 69.341872][ T5235] ? __asan_memcpy+0x40/0x70 [ 69.346469][ T5235] perf_install_in_context+0x71a/0xb20 [ 69.351955][ T5235] ? __pfx_perf_install_in_context+0x10/0x10 [ 69.357943][ T5235] ? __pfx___perf_install_in_context+0x10/0x10 [ 69.364189][ T5235] ? anon_inode_getfile+0xff/0x180 [ 69.369306][ T5235] __se_sys_perf_event_open+0x31c5/0x38d0 [ 69.375029][ T5235] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 69.380608][ T5235] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 69.386700][ T5235] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 69.393032][ T5235] ? rcu_is_watching+0x15/0xb0 [ 69.397798][ T5235] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 69.404126][ T5235] ? rcu_is_watching+0x15/0xb0 [ 69.408892][ T5235] ? __x64_sys_perf_event_open+0x20/0xc0 [ 69.414531][ T5235] do_syscall_64+0xf3/0x230 [ 69.419058][ T5235] ? clear_bhb_loop+0x35/0x90 [ 69.423762][ T5235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.429662][ T5235] RIP: 0033:0x7fbe71c68c69 [ 69.434078][ T5235] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 69.453683][ T5235] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 69.462097][ T5235] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 69.470076][ T5235] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 69.478043][ T5235] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [pid 5235] write(6, "8", 1) = 1 [pid 5235] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = 7 [pid 5235] exit_group(0) = ? [ 69.486020][ T5235] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 69.493990][ T5235] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 69.501975][ T5235] [pid 5235] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5236 attached , child_tidptr=0x55556b64f650) = 5236 [pid 5236] set_robust_list(0x55556b64f660, 24) = 0 [pid 5236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5236] setpgid(0, 0) = 0 [pid 5236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5236] write(3, "1000", 4) = 4 [pid 5236] close(3) = 0 [pid 5236] write(1, "executing program\n", 18executing program ) = 18 [pid 5236] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5236] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5236] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5236] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5236] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5236] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5236] write(6, "8", 1) = 1 [ 69.641403][ T5236] FAULT_INJECTION: forcing a failure. [ 69.641403][ T5236] name failslab, interval 1, probability 0, space 0, times 0 [ 69.654233][ T5236] CPU: 0 UID: 0 PID: 5236 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 69.664499][ T5236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 69.674552][ T5236] Call Trace: [ 69.677862][ T5236] [ 69.680792][ T5236] dump_stack_lvl+0x241/0x360 [ 69.685471][ T5236] ? __pfx_dump_stack_lvl+0x10/0x10 [ 69.690668][ T5236] ? __pfx__printk+0x10/0x10 [ 69.695259][ T5236] ? __pfx___might_resched+0x10/0x10 [ 69.700548][ T5236] should_fail_ex+0x3b0/0x4e0 [ 69.705228][ T5236] ? security_file_alloc+0x32/0x310 [ 69.710691][ T5236] should_failslab+0xac/0x100 [ 69.715369][ T5236] ? security_file_alloc+0x32/0x310 [ 69.720732][ T5236] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 69.726112][ T5236] security_file_alloc+0x32/0x310 [ 69.731145][ T5236] init_file+0x93/0x1e0 [ 69.735308][ T5236] alloc_empty_file+0xb8/0x1d0 [ 69.740077][ T5236] alloc_file_pseudo+0x1da/0x290 [ 69.745027][ T5236] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 69.750489][ T5236] ? rcu_is_watching+0x15/0xb0 [ 69.755294][ T5236] anon_inode_getfile+0xc8/0x180 [ 69.760256][ T5236] __se_sys_perf_event_open+0x25df/0x38d0 [ 69.765997][ T5236] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 69.771556][ T5236] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 69.777637][ T5236] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 69.783972][ T5236] ? rcu_is_watching+0x15/0xb0 [ 69.788737][ T5236] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 69.795080][ T5236] ? rcu_is_watching+0x15/0xb0 [ 69.799847][ T5236] ? __x64_sys_perf_event_open+0x20/0xc0 [ 69.805487][ T5236] do_syscall_64+0xf3/0x230 [ 69.810001][ T5236] ? clear_bhb_loop+0x35/0x90 [ 69.814683][ T5236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.820577][ T5236] RIP: 0033:0x7fbe71c68c69 [ 69.824995][ T5236] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 69.844601][ T5236] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 69.853024][ T5236] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 69.860996][ T5236] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 69.868970][ T5236] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 69.876940][ T5236] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [pid 5236] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5236] exit_group(0) = ? [pid 5236] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5236, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [ 69.884991][ T5236] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 69.893009][ T5236] restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5237 attached , child_tidptr=0x55556b64f650) = 5237 [pid 5237] set_robust_list(0x55556b64f660, 24) = 0 [pid 5237] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5237] setpgid(0, 0) = 0 [pid 5237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5237] write(3, "1000", 4) = 4 [pid 5237] close(3) = 0 [pid 5237] write(1, "executing program\n", 18executing program ) = 18 [pid 5237] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5237] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5237] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5237] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5237] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5237] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5237] write(6, "8", 1) = 1 [ 69.984446][ T5237] FAULT_INJECTION: forcing a failure. [ 69.984446][ T5237] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 69.997529][ T5237] CPU: 0 UID: 0 PID: 5237 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 70.007766][ T5237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 70.017849][ T5237] Call Trace: [ 70.021137][ T5237] [ 70.024081][ T5237] dump_stack_lvl+0x241/0x360 [ 70.028849][ T5237] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.034063][ T5237] ? __pfx__printk+0x10/0x10 [ 70.038653][ T5237] ? bpf_trace_run2+0x1fc/0x540 [ 70.043519][ T5237] ? rcu_is_watching+0x15/0xb0 [ 70.048292][ T5237] ? bpf_trace_run2+0x1fc/0x540 [ 70.053138][ T5237] ? lock_acquire+0xe3/0x550 [ 70.057725][ T5237] should_fail_ex+0x3b0/0x4e0 [ 70.062402][ T5237] strncpy_from_user+0x36/0x2e0 [ 70.067249][ T5237] strncpy_from_user_nofault+0x71/0x140 [ 70.072820][ T5237] bpf_probe_read_user_str+0x2a/0x70 [ 70.078113][ T5237] ? bpf_trace_run2+0x1fc/0x540 [ 70.082978][ T5237] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 70.088532][ T5237] bpf_trace_run2+0x2ec/0x540 [ 70.093205][ T5237] ? __pfx_bpf_trace_run2+0x10/0x10 [ 70.098418][ T5237] ? read_tsc+0x9/0x20 [ 70.102499][ T5237] ? timekeeping_get_ns+0x2c0/0x420 [ 70.107706][ T5237] enqueue_hrtimer+0x35a/0x3c0 [ 70.112474][ T5237] hrtimer_start_range_ns+0xac8/0xca0 [ 70.117855][ T5237] cpu_clock_event_add+0x180/0x1a0 [ 70.123013][ T5237] event_sched_in+0x832/0xe90 [ 70.127694][ T5237] ? bsearch+0x98/0xc0 [ 70.131759][ T5237] ? strncpy_from_user+0x214/0x2e0 [ 70.136871][ T5237] ? __pfx_event_sched_in+0x10/0x10 [ 70.142083][ T5237] ? __bad_area_nosemaphore+0x118/0x770 [ 70.147639][ T5237] ? strncpy_from_user+0x214/0x2e0 [ 70.152754][ T5237] ? lock_release+0xbf/0xa30 [ 70.157357][ T5237] ? __pfx_lock_release+0x10/0x10 [ 70.162385][ T5237] ? rcu_is_watching+0x15/0xb0 [ 70.167140][ T5237] ? lock_release+0xbf/0xa30 [ 70.171736][ T5237] visit_groups_merge+0x1521/0x2fd0 [ 70.176938][ T5237] ? deref_stack_reg+0x17c/0x210 [ 70.181885][ T5237] ? __pfx_visit_groups_merge+0x10/0x10 [ 70.187453][ T5237] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 70.193607][ T5237] __pmu_ctx_sched_in+0x1aa/0x230 [ 70.198637][ T5237] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 70.204180][ T5237] ? kvm_sched_clock_read+0x11/0x20 [ 70.209383][ T5237] ? perf_cgroup_set_timestamp+0x1e9/0x230 [ 70.215187][ T5237] ctx_sched_in+0x4c2/0x600 [ 70.219691][ T5237] ctx_resched+0x560/0x900 [ 70.224120][ T5237] __perf_install_in_context+0x647/0x850 [ 70.229756][ T5237] ? __pfx___perf_install_in_context+0x10/0x10 [ 70.235900][ T5237] remote_function+0xef/0x170 [ 70.240572][ T5237] ? __pfx_remote_function+0x10/0x10 [ 70.245858][ T5237] generic_exec_single+0x336/0x9b0 [ 70.250978][ T5237] ? __pfx_remote_function+0x10/0x10 [ 70.256270][ T5237] ? __pfx_generic_exec_single+0x10/0x10 [ 70.261934][ T5237] ? smp_call_function_single+0xb4/0x1990 [ 70.267678][ T5237] smp_call_function_single+0x3fa/0x1990 [ 70.273315][ T5237] ? __asan_memset+0x23/0x50 [ 70.277917][ T5237] ? __pfx_remote_function+0x10/0x10 [ 70.283215][ T5237] ? __asan_memset+0x23/0x50 [ 70.287841][ T5237] ? lockdep_init_map_type+0xa1/0x910 [ 70.293227][ T5237] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 70.299037][ T5237] ? __pfx_smp_call_function_single+0x10/0x10 [ 70.305120][ T5237] ? __pfx_remote_function+0x10/0x10 [ 70.310422][ T5237] ? __raw_spin_lock_init+0x45/0x100 [ 70.315788][ T5237] ? file_init_path+0x3b/0x570 [ 70.320565][ T5237] ? __asan_memcpy+0x40/0x70 [ 70.325148][ T5237] perf_install_in_context+0x71a/0xb20 [ 70.330600][ T5237] ? __pfx_perf_install_in_context+0x10/0x10 [ 70.336576][ T5237] ? __pfx___perf_install_in_context+0x10/0x10 [ 70.342730][ T5237] ? anon_inode_getfile+0xff/0x180 [ 70.347843][ T5237] __se_sys_perf_event_open+0x31c5/0x38d0 [ 70.353558][ T5237] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 70.359120][ T5237] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 70.365198][ T5237] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 70.371522][ T5237] ? rcu_is_watching+0x15/0xb0 [ 70.376284][ T5237] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 70.382625][ T5237] ? rcu_is_watching+0x15/0xb0 [ 70.387390][ T5237] ? __x64_sys_perf_event_open+0x20/0xc0 [ 70.393016][ T5237] do_syscall_64+0xf3/0x230 [ 70.397538][ T5237] ? clear_bhb_loop+0x35/0x90 [ 70.402233][ T5237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.408124][ T5237] RIP: 0033:0x7fbe71c68c69 [ 70.412534][ T5237] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5237] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = 7 [pid 5237] exit_group(0) = ? [ 70.432159][ T5237] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 70.440570][ T5237] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 70.448557][ T5237] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 70.456524][ T5237] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 70.464485][ T5237] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 70.472448][ T5237] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 70.480419][ T5237] [pid 5237] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5237, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556b64f650) = 5238 ./strace-static-x86_64: Process 5238 attached [pid 5238] set_robust_list(0x55556b64f660, 24) = 0 [pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5238] setpgid(0, 0) = 0 [pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5238] write(3, "1000", 4) = 4 [pid 5238] close(3) = 0 executing program [pid 5238] write(1, "executing program\n", 18) = 18 [pid 5238] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5238] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5238] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5238] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5238] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5238] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5238] write(6, "8", 1) = 1 [ 70.681568][ T5238] FAULT_INJECTION: forcing a failure. [ 70.681568][ T5238] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.694649][ T5238] CPU: 0 UID: 0 PID: 5238 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 70.704917][ T5238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 70.714977][ T5238] Call Trace: [ 70.718256][ T5238] [ 70.721291][ T5238] dump_stack_lvl+0x241/0x360 [ 70.725985][ T5238] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.731186][ T5238] ? __pfx__printk+0x10/0x10 [ 70.735777][ T5238] ? bpf_trace_run2+0x1fc/0x540 [ 70.740622][ T5238] ? rcu_is_watching+0x15/0xb0 [ 70.745379][ T5238] ? bpf_trace_run2+0x1fc/0x540 [ 70.750222][ T5238] ? lock_acquire+0xe3/0x550 [ 70.754824][ T5238] should_fail_ex+0x3b0/0x4e0 [ 70.759498][ T5238] strncpy_from_user+0x36/0x2e0 [ 70.764362][ T5238] strncpy_from_user_nofault+0x71/0x140 [ 70.769929][ T5238] bpf_probe_read_user_str+0x2a/0x70 [ 70.775216][ T5238] ? bpf_trace_run2+0x1fc/0x540 [ 70.780061][ T5238] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 70.785516][ T5238] bpf_trace_run2+0x2ec/0x540 [ 70.790227][ T5238] ? __pfx_bpf_trace_run2+0x10/0x10 [ 70.795428][ T5238] ? read_tsc+0x9/0x20 [ 70.799512][ T5238] ? timekeeping_get_ns+0x2c0/0x420 [ 70.804717][ T5238] enqueue_hrtimer+0x35a/0x3c0 [ 70.809478][ T5238] hrtimer_start_range_ns+0xac8/0xca0 [ 70.814854][ T5238] cpu_clock_event_add+0x180/0x1a0 [ 70.819965][ T5238] event_sched_in+0x832/0xe90 [ 70.824651][ T5238] ? __asan_memcpy+0x40/0x70 [ 70.829244][ T5238] ? __pfx_event_sched_in+0x10/0x10 [ 70.834473][ T5238] ? rcu_is_watching+0x15/0xb0 [ 70.839226][ T5238] ? lock_release+0xbf/0xa30 [ 70.843818][ T5238] visit_groups_merge+0x1521/0x2fd0 [ 70.849015][ T5238] ? deref_stack_reg+0x17c/0x210 [ 70.853961][ T5238] ? __pfx_visit_groups_merge+0x10/0x10 [ 70.859504][ T5238] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 70.865651][ T5238] __pmu_ctx_sched_in+0x1aa/0x230 [ 70.870670][ T5238] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 70.876212][ T5238] ? kvm_sched_clock_read+0x11/0x20 [ 70.881403][ T5238] ? perf_cgroup_set_timestamp+0x1e9/0x230 [ 70.887224][ T5238] ctx_sched_in+0x4c2/0x600 [ 70.891729][ T5238] ctx_resched+0x560/0x900 [ 70.896160][ T5238] __perf_install_in_context+0x647/0x850 [ 70.901802][ T5238] ? __pfx___perf_install_in_context+0x10/0x10 [ 70.907964][ T5238] remote_function+0xef/0x170 [ 70.912658][ T5238] ? __pfx_remote_function+0x10/0x10 [ 70.917946][ T5238] generic_exec_single+0x336/0x9b0 [ 70.923077][ T5238] ? __pfx_remote_function+0x10/0x10 [ 70.928450][ T5238] ? __pfx_generic_exec_single+0x10/0x10 [ 70.934111][ T5238] ? smp_call_function_single+0xb4/0x1990 [ 70.939833][ T5238] smp_call_function_single+0x3fa/0x1990 [ 70.945484][ T5238] ? __asan_memset+0x23/0x50 [ 70.950082][ T5238] ? __pfx_remote_function+0x10/0x10 [ 70.955398][ T5238] ? __asan_memset+0x23/0x50 [ 70.959995][ T5238] ? lockdep_init_map_type+0xa1/0x910 [ 70.965365][ T5238] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 70.971168][ T5238] ? __pfx_smp_call_function_single+0x10/0x10 [ 70.977235][ T5238] ? __pfx_remote_function+0x10/0x10 [ 70.982514][ T5238] ? __raw_spin_lock_init+0x45/0x100 [ 70.987793][ T5238] ? file_init_path+0x3b/0x570 [ 70.992641][ T5238] ? __asan_memcpy+0x40/0x70 [ 70.997244][ T5238] perf_install_in_context+0x71a/0xb20 [ 71.002810][ T5238] ? __pfx_perf_install_in_context+0x10/0x10 [ 71.008802][ T5238] ? __pfx___perf_install_in_context+0x10/0x10 [ 71.014989][ T5238] ? anon_inode_getfile+0xff/0x180 [ 71.020128][ T5238] __se_sys_perf_event_open+0x31c5/0x38d0 [ 71.025878][ T5238] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 71.031455][ T5238] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 71.037532][ T5238] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 71.043866][ T5238] ? rcu_is_watching+0x15/0xb0 [ 71.048736][ T5238] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 71.055176][ T5238] ? rcu_is_watching+0x15/0xb0 [ 71.059947][ T5238] ? __x64_sys_perf_event_open+0x20/0xc0 [ 71.065575][ T5238] do_syscall_64+0xf3/0x230 [ 71.070077][ T5238] ? clear_bhb_loop+0x35/0x90 [ 71.074754][ T5238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.080716][ T5238] RIP: 0033:0x7fbe71c68c69 [ 71.085141][ T5238] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 71.104756][ T5238] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 71.113176][ T5238] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 71.121143][ T5238] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [pid 5238] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = 7 [pid 5238] exit_group(0) = ? [ 71.129106][ T5238] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 71.137065][ T5238] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 71.145130][ T5238] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 71.153131][ T5238] [pid 5238] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5238, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55556b64f650) = 5239 ./strace-static-x86_64: Process 5239 attached [pid 5239] set_robust_list(0x55556b64f660, 24) = 0 [pid 5239] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5239] setpgid(0, 0) = 0 [pid 5239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5239] write(3, "1000", 4) = 4 [pid 5239] close(3) = 0 [pid 5239] write(1, "executing program\n", 18executing program ) = 18 [pid 5239] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5239] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5239] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5239] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5239] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5239] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5239] write(6, "8", 1) = 1 [ 71.350755][ T5239] FAULT_INJECTION: forcing a failure. [ 71.350755][ T5239] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.363858][ T5239] CPU: 0 UID: 0 PID: 5239 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 71.374106][ T5239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 71.384259][ T5239] Call Trace: [ 71.387533][ T5239] [ 71.390480][ T5239] dump_stack_lvl+0x241/0x360 [ 71.395169][ T5239] ? __pfx_dump_stack_lvl+0x10/0x10 [ 71.400365][ T5239] ? __pfx__printk+0x10/0x10 [ 71.404955][ T5239] ? bpf_trace_run2+0x1fc/0x540 [ 71.409809][ T5239] ? rcu_is_watching+0x15/0xb0 [ 71.414655][ T5239] ? bpf_trace_run2+0x1fc/0x540 [ 71.419520][ T5239] ? lock_acquire+0xe3/0x550 [ 71.424121][ T5239] should_fail_ex+0x3b0/0x4e0 [ 71.428805][ T5239] strncpy_from_user+0x36/0x2e0 [ 71.433658][ T5239] strncpy_from_user_nofault+0x71/0x140 [ 71.439213][ T5239] bpf_probe_read_user_str+0x2a/0x70 [ 71.444499][ T5239] ? bpf_trace_run2+0x1fc/0x540 [ 71.449519][ T5239] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 71.455103][ T5239] bpf_trace_run2+0x2ec/0x540 [ 71.459815][ T5239] ? __pfx_bpf_trace_run2+0x10/0x10 [ 71.465030][ T5239] ? read_tsc+0x9/0x20 [ 71.469126][ T5239] ? timekeeping_get_ns+0x2c0/0x420 [ 71.474341][ T5239] enqueue_hrtimer+0x35a/0x3c0 [ 71.479220][ T5239] hrtimer_start_range_ns+0xac8/0xca0 [ 71.484609][ T5239] cpu_clock_event_add+0x180/0x1a0 [ 71.489728][ T5239] event_sched_in+0x832/0xe90 [ 71.494847][ T5239] ? __asan_memcpy+0x40/0x70 [ 71.499438][ T5239] ? __pfx_event_sched_in+0x10/0x10 [ 71.504734][ T5239] ? rcu_is_watching+0x15/0xb0 [ 71.509492][ T5239] ? lock_release+0xbf/0xa30 [ 71.514097][ T5239] visit_groups_merge+0x1521/0x2fd0 [ 71.519317][ T5239] ? deref_stack_reg+0x17c/0x210 [ 71.524259][ T5239] ? __pfx_visit_groups_merge+0x10/0x10 [ 71.529818][ T5239] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 71.535970][ T5239] __pmu_ctx_sched_in+0x1aa/0x230 [ 71.540993][ T5239] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 71.546537][ T5239] ? kvm_sched_clock_read+0x11/0x20 [ 71.551762][ T5239] ? perf_cgroup_set_timestamp+0x1e9/0x230 [ 71.557573][ T5239] ctx_sched_in+0x4c2/0x600 [ 71.562079][ T5239] ctx_resched+0x560/0x900 [ 71.566601][ T5239] __perf_install_in_context+0x647/0x850 [ 71.572242][ T5239] ? __pfx___perf_install_in_context+0x10/0x10 [ 71.578387][ T5239] remote_function+0xef/0x170 [ 71.583058][ T5239] ? __pfx_remote_function+0x10/0x10 [ 71.588343][ T5239] generic_exec_single+0x336/0x9b0 [ 71.593456][ T5239] ? __pfx_remote_function+0x10/0x10 [ 71.598733][ T5239] ? __pfx_generic_exec_single+0x10/0x10 [ 71.604447][ T5239] ? smp_call_function_single+0xb4/0x1990 [ 71.610171][ T5239] smp_call_function_single+0x3fa/0x1990 [ 71.615890][ T5239] ? __asan_memset+0x23/0x50 [ 71.620477][ T5239] ? __pfx_remote_function+0x10/0x10 [ 71.625761][ T5239] ? __asan_memset+0x23/0x50 [ 71.630346][ T5239] ? lockdep_init_map_type+0xa1/0x910 [ 71.635744][ T5239] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 71.641548][ T5239] ? __pfx_smp_call_function_single+0x10/0x10 [ 71.647619][ T5239] ? __pfx_remote_function+0x10/0x10 [ 71.652936][ T5239] ? __raw_spin_lock_init+0x45/0x100 [ 71.658217][ T5239] ? file_init_path+0x3b/0x570 [ 71.662991][ T5239] ? __asan_memcpy+0x40/0x70 [ 71.667578][ T5239] perf_install_in_context+0x71a/0xb20 [ 71.673045][ T5239] ? __pfx_perf_install_in_context+0x10/0x10 [ 71.679028][ T5239] ? __pfx___perf_install_in_context+0x10/0x10 [ 71.685171][ T5239] ? anon_inode_getfile+0xff/0x180 [ 71.690288][ T5239] __se_sys_perf_event_open+0x31c5/0x38d0 [ 71.696012][ T5239] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 71.701571][ T5239] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 71.707636][ T5239] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 71.713958][ T5239] ? rcu_is_watching+0x15/0xb0 [ 71.718726][ T5239] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 71.725051][ T5239] ? rcu_is_watching+0x15/0xb0 [ 71.729914][ T5239] ? __x64_sys_perf_event_open+0x20/0xc0 [ 71.735549][ T5239] do_syscall_64+0xf3/0x230 [ 71.740065][ T5239] ? clear_bhb_loop+0x35/0x90 [ 71.744777][ T5239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.750926][ T5239] RIP: 0033:0x7fbe71c68c69 [ 71.755336][ T5239] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 71.774932][ T5239] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 71.783340][ T5239] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 71.791301][ T5239] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [pid 5239] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = 7 [pid 5239] exit_group(0) = ? [pid 5239] +++ exited with 0 +++ [ 71.799354][ T5239] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 71.807319][ T5239] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 71.815287][ T5239] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 71.823249][ T5239] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5239, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5240 attached , child_tidptr=0x55556b64f650) = 5240 [pid 5240] set_robust_list(0x55556b64f660, 24) = 0 [pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5240] setpgid(0, 0) = 0 [pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5240] write(3, "1000", 4) = 4 [pid 5240] close(3) = 0 executing program [pid 5240] write(1, "executing program\n", 18) = 18 [pid 5240] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5240] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5240] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5240] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5240] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5240] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5240] write(6, "8", 1) = 1 [ 71.994081][ T5240] FAULT_INJECTION: forcing a failure. [ 71.994081][ T5240] name failslab, interval 1, probability 0, space 0, times 0 [ 72.006928][ T5240] CPU: 0 UID: 0 PID: 5240 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 72.017198][ T5240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 72.027380][ T5240] Call Trace: [ 72.030748][ T5240] [ 72.033746][ T5240] dump_stack_lvl+0x241/0x360 [ 72.038478][ T5240] ? __pfx_dump_stack_lvl+0x10/0x10 [ 72.043726][ T5240] ? __pfx__printk+0x10/0x10 [ 72.048354][ T5240] ? __pfx___might_resched+0x10/0x10 [ 72.053668][ T5240] should_fail_ex+0x3b0/0x4e0 [ 72.058354][ T5240] ? alloc_empty_file+0x9e/0x1d0 [ 72.063295][ T5240] should_failslab+0xac/0x100 [ 72.067976][ T5240] ? alloc_empty_file+0x9e/0x1d0 [ 72.072938][ T5240] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 72.078317][ T5240] alloc_empty_file+0x9e/0x1d0 [ 72.083085][ T5240] alloc_file_pseudo+0x1da/0x290 [ 72.088026][ T5240] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 72.093493][ T5240] ? rcu_is_watching+0x15/0xb0 [ 72.098262][ T5240] anon_inode_getfile+0xc8/0x180 [ 72.103239][ T5240] __se_sys_perf_event_open+0x25df/0x38d0 [ 72.108958][ T5240] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 72.114525][ T5240] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 72.120619][ T5240] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.126959][ T5240] ? rcu_is_watching+0x15/0xb0 [ 72.131811][ T5240] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.138144][ T5240] ? rcu_is_watching+0x15/0xb0 [ 72.142920][ T5240] ? __x64_sys_perf_event_open+0x20/0xc0 [ 72.148556][ T5240] do_syscall_64+0xf3/0x230 [ 72.153078][ T5240] ? clear_bhb_loop+0x35/0x90 [ 72.157780][ T5240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.163679][ T5240] RIP: 0033:0x7fbe71c68c69 [ 72.168094][ T5240] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [pid 5240] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5240] exit_group(0) = ? [pid 5240] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5241 attached [pid 5241] set_robust_list(0x55556b64f660, 24 [pid 5225] <... clone resumed>, child_tidptr=0x55556b64f650) = 5241 [pid 5241] <... set_robust_list resumed>) = 0 [pid 5241] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 72.187882][ T5240] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 72.196309][ T5240] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 72.204291][ T5240] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 72.212395][ T5240] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 72.220372][ T5240] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 72.228342][ T5240] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 72.236333][ T5240] [pid 5241] setpgid(0, 0) = 0 [pid 5241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5241] write(3, "1000", 4) = 4 [pid 5241] close(3) = 0 executing program [pid 5241] write(1, "executing program\n", 18) = 18 [pid 5241] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5241] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5241] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5241] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5241] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5241] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5241] write(6, "8", 1) = 1 [ 72.367374][ T5241] FAULT_INJECTION: forcing a failure. [ 72.367374][ T5241] name failslab, interval 1, probability 0, space 0, times 0 [ 72.380190][ T5241] CPU: 0 UID: 0 PID: 5241 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 72.390467][ T5241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 72.400521][ T5241] Call Trace: [ 72.403798][ T5241] [ 72.406729][ T5241] dump_stack_lvl+0x241/0x360 [ 72.411419][ T5241] ? __pfx_dump_stack_lvl+0x10/0x10 [ 72.416651][ T5241] ? __pfx__printk+0x10/0x10 [ 72.421238][ T5241] ? __pfx___might_resched+0x10/0x10 [ 72.426546][ T5241] should_fail_ex+0x3b0/0x4e0 [ 72.431249][ T5241] ? security_file_alloc+0x32/0x310 [ 72.436460][ T5241] should_failslab+0xac/0x100 [ 72.441162][ T5241] ? security_file_alloc+0x32/0x310 [ 72.446374][ T5241] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 72.451766][ T5241] security_file_alloc+0x32/0x310 [ 72.456799][ T5241] init_file+0x93/0x1e0 [ 72.460955][ T5241] alloc_empty_file+0xb8/0x1d0 [ 72.465716][ T5241] alloc_file_pseudo+0x1da/0x290 [ 72.470738][ T5241] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 72.476245][ T5241] ? rcu_is_watching+0x15/0xb0 [ 72.481010][ T5241] anon_inode_getfile+0xc8/0x180 [ 72.485958][ T5241] __se_sys_perf_event_open+0x25df/0x38d0 [ 72.491682][ T5241] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 72.497228][ T5241] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 72.503293][ T5241] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.509650][ T5241] ? rcu_is_watching+0x15/0xb0 [ 72.514407][ T5241] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.520757][ T5241] ? rcu_is_watching+0x15/0xb0 [ 72.525518][ T5241] ? __x64_sys_perf_event_open+0x20/0xc0 [ 72.531165][ T5241] do_syscall_64+0xf3/0x230 [ 72.535667][ T5241] ? clear_bhb_loop+0x35/0x90 [ 72.540358][ T5241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.546244][ T5241] RIP: 0033:0x7fbe71c68c69 [ 72.550674][ T5241] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.570270][ T5241] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 72.578718][ T5241] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 72.586685][ T5241] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 72.594663][ T5241] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 72.602624][ T5241] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 72.610599][ T5241] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [pid 5241] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5241] exit_group(0) = ? [pid 5241] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5241, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5242 attached , child_tidptr=0x55556b64f650) = 5242 [pid 5242] set_robust_list(0x55556b64f660, 24) = 0 [pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 72.618564][ T5241] [pid 5242] setpgid(0, 0) = 0 [pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5242] write(3, "1000", 4) = 4 [pid 5242] close(3) = 0 [pid 5242] write(1, "executing program\n", 18executing program ) = 18 [pid 5242] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5242] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5242] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5242] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5242] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5242] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5242] write(6, "8", 1) = 1 [ 72.743497][ T5242] FAULT_INJECTION: forcing a failure. [ 72.743497][ T5242] name failslab, interval 1, probability 0, space 0, times 0 [ 72.756268][ T5242] CPU: 0 UID: 0 PID: 5242 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 72.766505][ T5242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 72.776559][ T5242] Call Trace: [ 72.779859][ T5242] [ 72.782808][ T5242] dump_stack_lvl+0x241/0x360 [ 72.787488][ T5242] ? __pfx_dump_stack_lvl+0x10/0x10 [ 72.792708][ T5242] ? __pfx__printk+0x10/0x10 [ 72.797311][ T5242] ? __pfx___might_resched+0x10/0x10 [ 72.802693][ T5242] should_fail_ex+0x3b0/0x4e0 [ 72.807393][ T5242] ? security_file_alloc+0x32/0x310 [ 72.812599][ T5242] should_failslab+0xac/0x100 [ 72.817292][ T5242] ? security_file_alloc+0x32/0x310 [ 72.822495][ T5242] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 72.827878][ T5242] security_file_alloc+0x32/0x310 [ 72.832922][ T5242] init_file+0x93/0x1e0 [ 72.837082][ T5242] alloc_empty_file+0xb8/0x1d0 [ 72.841848][ T5242] alloc_file_pseudo+0x1da/0x290 [ 72.846784][ T5242] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 72.852239][ T5242] ? rcu_is_watching+0x15/0xb0 [ 72.857005][ T5242] anon_inode_getfile+0xc8/0x180 [ 72.861964][ T5242] __se_sys_perf_event_open+0x25df/0x38d0 [ 72.867690][ T5242] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 72.873261][ T5242] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 72.879516][ T5242] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.885858][ T5242] ? rcu_is_watching+0x15/0xb0 [ 72.890618][ T5242] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 72.896949][ T5242] ? rcu_is_watching+0x15/0xb0 [ 72.901713][ T5242] ? __x64_sys_perf_event_open+0x20/0xc0 [ 72.907373][ T5242] do_syscall_64+0xf3/0x230 [ 72.911886][ T5242] ? clear_bhb_loop+0x35/0x90 [ 72.916589][ T5242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.922483][ T5242] RIP: 0033:0x7fbe71c68c69 [ 72.926897][ T5242] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 72.946499][ T5242] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 72.954913][ T5242] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 72.962879][ T5242] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [ 72.970871][ T5242] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 72.978931][ T5242] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [pid 5242] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = -1 ENOMEM (Cannot allocate memory) [pid 5242] exit_group(0) = ? [pid 5242] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5243 attached , child_tidptr=0x55556b64f650) = 5243 [ 72.987020][ T5242] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 72.995108][ T5242] [pid 5243] set_robust_list(0x55556b64f660, 24) = 0 [pid 5243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5243] setpgid(0, 0) = 0 [pid 5243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5243] write(3, "1000", 4) = 4 [pid 5243] close(3) = 0 executing program [pid 5243] write(1, "executing program\n", 18) = 18 [pid 5243] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5243] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5243] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5243] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5243] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5243] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5243] write(6, "8", 1) = 1 [ 73.124580][ T5243] FAULT_INJECTION: forcing a failure. [ 73.124580][ T5243] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 73.137692][ T5243] CPU: 0 UID: 0 PID: 5243 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 73.147925][ T5243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 73.157971][ T5243] Call Trace: [ 73.161262][ T5243] [ 73.164190][ T5243] dump_stack_lvl+0x241/0x360 [ 73.168886][ T5243] ? __pfx_dump_stack_lvl+0x10/0x10 [ 73.174086][ T5243] ? __pfx__printk+0x10/0x10 [ 73.178675][ T5243] ? bpf_trace_run2+0x1fc/0x540 [ 73.183519][ T5243] ? rcu_is_watching+0x15/0xb0 [ 73.188340][ T5243] ? bpf_trace_run2+0x1fc/0x540 [ 73.193236][ T5243] ? lock_acquire+0xe3/0x550 [ 73.197955][ T5243] should_fail_ex+0x3b0/0x4e0 [ 73.202643][ T5243] strncpy_from_user+0x36/0x2e0 [ 73.207528][ T5243] strncpy_from_user_nofault+0x71/0x140 [ 73.213177][ T5243] bpf_probe_read_user_str+0x2a/0x70 [ 73.218464][ T5243] ? bpf_trace_run2+0x1fc/0x540 [ 73.223314][ T5243] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 73.228781][ T5243] bpf_trace_run2+0x2ec/0x540 [ 73.233471][ T5243] ? __pfx_bpf_trace_run2+0x10/0x10 [ 73.238762][ T5243] ? read_tsc+0x9/0x20 [ 73.242829][ T5243] ? timekeeping_get_ns+0x2c0/0x420 [ 73.248023][ T5243] enqueue_hrtimer+0x35a/0x3c0 [ 73.252781][ T5243] hrtimer_start_range_ns+0xac8/0xca0 [ 73.258157][ T5243] cpu_clock_event_add+0x180/0x1a0 [ 73.263265][ T5243] event_sched_in+0x832/0xe90 [ 73.267963][ T5243] ? __asan_memcpy+0x40/0x70 [ 73.272555][ T5243] ? __pfx_event_sched_in+0x10/0x10 [ 73.277774][ T5243] ? rcu_is_watching+0x15/0xb0 [ 73.282562][ T5243] ? lock_release+0xbf/0xa30 [ 73.287156][ T5243] visit_groups_merge+0x1521/0x2fd0 [ 73.292354][ T5243] ? deref_stack_reg+0x17c/0x210 [ 73.297308][ T5243] ? __pfx_visit_groups_merge+0x10/0x10 [ 73.302848][ T5243] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 73.308989][ T5243] __pmu_ctx_sched_in+0x1aa/0x230 [ 73.314008][ T5243] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 73.319552][ T5243] ? kvm_sched_clock_read+0x11/0x20 [ 73.324859][ T5243] ? perf_cgroup_set_timestamp+0x1e9/0x230 [ 73.330686][ T5243] ctx_sched_in+0x4c2/0x600 [ 73.335204][ T5243] ctx_resched+0x560/0x900 [ 73.339635][ T5243] __perf_install_in_context+0x647/0x850 [ 73.345265][ T5243] ? __pfx___perf_install_in_context+0x10/0x10 [ 73.351411][ T5243] remote_function+0xef/0x170 [ 73.356104][ T5243] ? __pfx_remote_function+0x10/0x10 [ 73.361384][ T5243] generic_exec_single+0x336/0x9b0 [ 73.366503][ T5243] ? __pfx_remote_function+0x10/0x10 [ 73.371795][ T5243] ? __pfx_generic_exec_single+0x10/0x10 [ 73.377440][ T5243] ? smp_call_function_single+0xb4/0x1990 [ 73.383164][ T5243] smp_call_function_single+0x3fa/0x1990 [ 73.388803][ T5243] ? __asan_memset+0x23/0x50 [ 73.393400][ T5243] ? __pfx_remote_function+0x10/0x10 [ 73.398685][ T5243] ? __asan_memset+0x23/0x50 [ 73.403281][ T5243] ? lockdep_init_map_type+0xa1/0x910 [ 73.408684][ T5243] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 73.414584][ T5243] ? __pfx_smp_call_function_single+0x10/0x10 [ 73.420662][ T5243] ? __pfx_remote_function+0x10/0x10 [ 73.426042][ T5243] ? __raw_spin_lock_init+0x45/0x100 [ 73.431334][ T5243] ? file_init_path+0x3b/0x570 [ 73.436124][ T5243] ? __asan_memcpy+0x40/0x70 [ 73.440722][ T5243] perf_install_in_context+0x71a/0xb20 [ 73.446231][ T5243] ? __pfx_perf_install_in_context+0x10/0x10 [ 73.452211][ T5243] ? __pfx___perf_install_in_context+0x10/0x10 [ 73.458468][ T5243] ? anon_inode_getfile+0xff/0x180 [ 73.463578][ T5243] __se_sys_perf_event_open+0x31c5/0x38d0 [ 73.469292][ T5243] ? __pfx__raw_spin_lock_irq+0x10/0x10 [ 73.474861][ T5243] ? __pfx___se_sys_perf_event_open+0x10/0x10 [ 73.480945][ T5243] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 73.487271][ T5243] ? rcu_is_watching+0x15/0xb0 [ 73.492049][ T5243] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 73.498398][ T5243] ? rcu_is_watching+0x15/0xb0 [ 73.503156][ T5243] ? __x64_sys_perf_event_open+0x20/0xc0 [ 73.508786][ T5243] do_syscall_64+0xf3/0x230 [ 73.513301][ T5243] ? clear_bhb_loop+0x35/0x90 [ 73.517984][ T5243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.523959][ T5243] RIP: 0033:0x7fbe71c68c69 [ 73.528398][ T5243] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 73.548001][ T5243] RSP: 002b:00007ffc9dae96c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 73.556444][ T5243] RAX: ffffffffffffffda RBX: 00007ffc9dae96e0 RCX: 00007fbe71c68c69 [ 73.564414][ T5243] RDX: bfffffffffffffff RSI: 0000000000000000 RDI: 0000000020000180 [pid 5243] perf_event_open({type=PERF_TYPE_SOFTWARE, size=PERF_ATTR_SIZE_VER7, config=PERF_COUNT_SW_CPU_CLOCK, sample_period=511, sample_type=0, read_format=0, precise_ip=0 /* arbitrary skid */, ...}, 0, -1, -1, 0) = 7 [pid 5243] exit_group(0) = ? [pid 5243] +++ exited with 0 +++ --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5243, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- restart_syscall(<... resuming interrupted clone ...>) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5244 attached , child_tidptr=0x55556b64f650) = 5244 [ 73.572384][ T5243] RBP: 0000000000000001 R08: 0000000000000000 R09: 00000000000000a0 [ 73.580382][ T5243] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 73.588443][ T5243] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001 [ 73.596441][ T5243] [pid 5244] set_robust_list(0x55556b64f660, 24) = 0 [pid 5244] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5244] setpgid(0, 0) = 0 [pid 5244] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5244] write(3, "1000", 4) = 4 [pid 5244] close(3) = 0 executing program [pid 5244] write(1, "executing program\n", 18) = 18 [pid 5244] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5244] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=6, max_entries=5, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 80) = 3 [pid 5244] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x20000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address) [pid 5244] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x20000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4 [pid 5244] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="hrtimer_start", prog_fd=4}}, 61) = 5 [pid 5244] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6 [pid 5244] write(6, "8", 1) = 1 [ 73.760095][ T5244] FAULT_INJECTION: forcing a failure. [ 73.760095][ T5244] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 73.773278][ T5244] CPU: 1 UID: 0 PID: 5244 Comm: syz-executor150 Not tainted 6.11.0-syzkaller-g88264981f208 #0 [ 73.783615][ T5244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 73.793667][ T5244] Call Trace: [ 73.796955][ T5244] [ 73.799880][ T5244] dump_stack_lvl+0x241/0x360 [ 73.804558][ T5244] ? __pfx_dump_stack_lvl+0x10/0x10 [ 73.809753][ T5244] ? __pfx__printk+0x10/0x10 [ 73.814340][ T5244] ? bpf_trace_run2+0x1fc/0x540 [ 73.819180][ T5244] ? rcu_is_watching+0x15/0xb0 [ 73.823944][ T5244] ? bpf_trace_run2+0x1fc/0x540 [ 73.828782][ T5244] ? lock_acquire+0xe3/0x550 [ 73.833365][ T5244] should_fail_ex+0x3b0/0x4e0 [ 73.838038][ T5244] strncpy_from_user+0x36/0x2e0 [ 73.842982][ T5244] strncpy_from_user_nofault+0x71/0x140 [ 73.848536][ T5244] bpf_probe_read_user_str+0x2a/0x70 [ 73.853834][ T5244] ? bpf_trace_run2+0x1fc/0x540 [ 73.858674][ T5244] bpf_prog_99b56f93a3ca5fea+0x4b/0x4d [ 73.864144][ T5244] bpf_trace_run2+0x2ec/0x540 [ 73.868818][ T5244] ? __pfx_bpf_trace_run2+0x10/0x10 [ 73.874012][ T5244] ? read_tsc+0x9/0x20 [ 73.878101][ T5244] ? timekeeping_get_ns+0x2c0/0x420 [ 73.883299][ T5244] enqueue_hrtimer+0x35a/0x3c0 [ 73.888054][ T5244] hrtimer_start_range_ns+0xac8/0xca0 [ 73.893445][ T5244] cpu_clock_event_add+0x180/0x1a0 [ 73.898549][ T5244] event_sched_in+0x832/0xe90 [ 73.903241][ T5244] ? _raw_spin_unlock+0x28/0x50 [ 73.908084][ T5244] ? __pfx_event_sched_in+0x10/0x10 [ 73.913306][ T5244] ? lock_release+0xbf/0xa30 [ 73.917887][ T5244] ? __pfx_lock_release+0x10/0x10 [ 73.922903][ T5244] ? rcu_is_watching+0x15/0xb0 [ 73.927651][ T5244] ? lock_release+0xbf/0xa30 [ 73.932262][ T5244] visit_groups_merge+0x1521/0x2fd0 [ 73.937483][ T5244] ? deref_stack_reg+0x17c/0x210 [ 73.942439][ T5244] ? __pfx_visit_groups_merge+0x10/0x10 [ 73.947981][ T5244] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 73.954127][ T5244] __pmu_ctx_sched_in+0x1aa/0x230 [ 73.959164][ T5244] ? __pfx___pmu_ctx_sched_in+0x10/0x10 [ 73.964703][ T5244] ? kvm_sched_clock_read+0x11/0x20 [ 73.969895][ T5244] ? perf_cgroup_set_timestamp+0x1e9/0x230 [ 73.975718][ T5244] ctx_sched_in+0x4c2/0x600 [ 73.980231][ T5244] ctx_resched+0x560/0x900 [ 73.984648][ T5244] __perf_install_in_context+0x647/0x850 [ 73.990275][ T5244] ? __pfx___perf_install_in_context+0x10/0x10 [ 73.996440][ T5244] remote_function+0xef/0x170 [ 74.001114][ T5244] ? __pfx_remote_function+0x10/0x10 [ 74.006397][ T5244] generic_exec_single+0x336/0x9b0 [ 74.011507][ T5244] ? __pfx_remote_function+0x10/0x10 [ 74.016812][ T5244] ? __pfx_generic_exec_single+0x10/0x10 [ 74.022458][ T5244] ? smp_call_function_single+0xb4/0x1990 [ 74.028178][ T5244] smp_call_function_single+0x3fa/0x1990 [ 74.033811][ T5244] ? __asan_memset+0x23/0x50 [ 74.038413][ T5244] ? __pfx_remote_function+0x10/0x10 [ 74.043695][ T5244] ? __asan_memset+0x23/0x50 [ 74.048284][ T5244] ? lockdep_init_map_type+0xa1/0x910 [ 74.053656][ T5244] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 74.059477][ T5244] ? __pfx_smp_call_function_single+0x10/0x10 [ 74.065557][ T5244] ? __pfx_remote_function+0x10/0x10 [ 74.070842][ T5244] ? __raw_spin_lock_init+0x45/0x100 [ 74.076122][ T5244] ? file_init_path+0x3b/0x570 [ 74.080882][ T5244] ? __asan_memcpy+0x40/0x70 [ 74.085485][ T5244] perf_install_in_context+0x71a/0xb20 [ 74.090942][ T5244] ? __pfx_perf_install_in_context+0x10/0x10 [ 74.096942][ T5244] ? __pfx___perf_install_in_context+0x10/0x10 [ 74.103107][ T5244] ? anon_inode_getfile+0xff/0x180