./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1164777624

<...>
Warning: Permanently added '10.128.1.226' (ED25519) to the list of known hosts.
execve("./syz-executor1164777624", ["./syz-executor1164777624"], 0x7fff2b765db0 /* 10 vars */) = 0
brk(NULL)                               = 0x55558ec87000
brk(0x55558ec87d00)                     = 0x55558ec87d00
arch_prctl(ARCH_SET_FS, 0x55558ec87380) = 0
set_tid_address(0x55558ec87650)         = 5873
set_robust_list(0x55558ec87660, 24)     = 0
rseq(0x55558ec87ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1164777624", 4096) = 28
getrandom("\x38\xe7\x27\x4d\x3a\x62\x62\x2d", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x55558ec87d00
brk(0x55558eca8d00)                     = 0x55558eca8d00
brk(0x55558eca9000)                     = 0x55558eca9000
mprotect(0x7f392794e000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558ec87650) = 5874
./strace-static-x86_64: Process 5874 attached
[pid  5874] set_robust_list(0x55558ec87660, 24) = 0
[pid  5874] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5874] setpgid(0, 0)               = 0
[pid  5874] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5874] write(3, "1000", 4)         = 4
[pid  5874] close(3)                    = 0
executing program
[pid  5874] write(1, "executing program\n", 18) = 18
[pid  5874] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5874] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5874] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5874] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5874] write(6, "4", 1)            = 1
[pid  5874] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  152.516256][ T5874] FAULT_INJECTION: forcing a failure.
[  152.516256][ T5874] name failslab, interval 1, probability 0, space 0, times 1
[  152.529538][ T5874] CPU: 0 UID: 0 PID: 5874 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  152.529560][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  152.529572][ T5874] Call Trace:
[  152.529581][ T5874]  <TASK>
[  152.529588][ T5874]  dump_stack_lvl+0x189/0x250
[  152.529623][ T5874]  ? __pfx____ratelimit+0x10/0x10
[  152.529649][ T5874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.529666][ T5874]  ? __pfx__printk+0x10/0x10
[  152.529690][ T5874]  ? __pfx___might_resched+0x10/0x10
[  152.529712][ T5874]  ? fs_reclaim_acquire+0x7d/0x100
[  152.529741][ T5874]  should_fail_ex+0x414/0x560
[  152.529763][ T5874]  should_failslab+0xa8/0x100
[  152.529785][ T5874]  __kmalloc_noprof+0xcb/0x4f0
[  152.529803][ T5874]  ? tomoyo_init_log+0x1a6e/0x1f70
[  152.529835][ T5874]  tomoyo_init_log+0x1a6e/0x1f70
[  152.529874][ T5874]  ? __pfx_tomoyo_init_log+0x10/0x10
[  152.529896][ T5874]  ? tomoyo_profile+0x11/0x50
[  152.529917][ T5874]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  152.529940][ T5874]  tomoyo_supervisor+0x340/0x1480
[  152.529964][ T5874]  ? format_decode+0x5a3/0xe30
[  152.529987][ T5874]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  152.530017][ T5874]  ? snprintf+0xda/0x120
[  152.530039][ T5874]  ? __pfx_snprintf+0x10/0x10
[  152.530058][ T5874]  ? tomoyo_check_acl+0x386/0x400
[  152.530080][ T5874]  tomoyo_path_number_perm+0x438/0x5a0
[  152.530097][ T5874]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  152.530116][ T5874]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  152.530140][ T5874]  ? _raw_spin_lock_irq+0xae/0xf0
[  152.530184][ T5874]  ? __pfx_ptrace_notify+0x10/0x10
[  152.530215][ T5874]  security_file_ioctl+0xcb/0x2d0
[  152.530234][ T5874]  __se_sys_ioctl+0x47/0x170
[  152.530253][ T5874]  do_syscall_64+0xfa/0x3b0
[  152.530274][ T5874]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.530295][ T5874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.530310][ T5874]  ? clear_bhb_loop+0x60/0xb0
[  152.530329][ T5874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.530343][ T5874] RIP: 0033:0x7f39278e2869
[  152.530361][ T5874] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  152.530377][ T5874] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid  5874] exit_group(0)               = ?
[pid  5874] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5874, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5875 attached
, child_tidptr=0x55558ec87650) = 5875
[pid  5875] set_robust_list(0x55558ec87660, 24) = 0
[pid  5875] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5875] setpgid(0, 0)               = 0
[pid  5875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5875] write(3, "1000", 4)         = 4
[pid  5875] close(3)                    = 0
executing program
[pid  5875] write(1, "executing program\n", 18) = 18
[pid  5875] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5875] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5875] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5875] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5875] write(6, "4", 1)            = 1
[  152.530397][ T5874] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  152.530408][ T5874] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  152.530417][ T5874] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  152.530427][ T5874] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  152.530435][ T5874] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  152.530457][ T5874]  </TASK>
[pid  5875] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5875] exit_group(0)               = ?
[pid  5875] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5875, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[  152.838836][ T5875] FAULT_INJECTION: forcing a failure.
[  152.838836][ T5875] name failslab, interval 1, probability 0, space 0, times 0
[  152.851964][ T5875] CPU: 0 UID: 0 PID: 5875 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  152.851993][ T5875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  152.852006][ T5875] Call Trace:
[  152.852031][ T5875]  <TASK>
[  152.852040][ T5875]  dump_stack_lvl+0x189/0x250
[  152.852070][ T5875]  ? __pfx____ratelimit+0x10/0x10
[  152.852100][ T5875]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.852124][ T5875]  ? __pfx__printk+0x10/0x10
[  152.852159][ T5875]  ? __pfx___might_resched+0x10/0x10
[  152.852190][ T5875]  ? fs_reclaim_acquire+0x7d/0x100
[  152.852227][ T5875]  should_fail_ex+0x414/0x560
[  152.852257][ T5875]  should_failslab+0xa8/0x100
[  152.852288][ T5875]  __kmalloc_noprof+0xcb/0x4f0
[  152.852313][ T5875]  ? tomoyo_init_log+0x1a6e/0x1f70
[  152.852349][ T5875]  tomoyo_init_log+0x1a6e/0x1f70
[  152.852389][ T5875]  ? __pfx_tomoyo_init_log+0x10/0x10
[  152.852411][ T5875]  ? tomoyo_profile+0x11/0x50
[  152.852432][ T5875]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  152.852454][ T5875]  tomoyo_supervisor+0x340/0x1480
[  152.852478][ T5875]  ? format_decode+0x5a3/0xe30
[  152.852501][ T5875]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  152.852532][ T5875]  ? snprintf+0xda/0x120
[  152.852553][ T5875]  ? __pfx_snprintf+0x10/0x10
[  152.852572][ T5875]  ? tomoyo_check_acl+0x386/0x400
[  152.852595][ T5875]  tomoyo_path_number_perm+0x438/0x5a0
[  152.852612][ T5875]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  152.852631][ T5875]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  152.852655][ T5875]  ? _raw_spin_lock_irq+0xae/0xf0
[  152.852699][ T5875]  ? __pfx_ptrace_notify+0x10/0x10
[  152.852730][ T5875]  security_file_ioctl+0xcb/0x2d0
[  152.852748][ T5875]  __se_sys_ioctl+0x47/0x170
[  152.852768][ T5875]  do_syscall_64+0xfa/0x3b0
[  152.852789][ T5875]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.852810][ T5875]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.852825][ T5875]  ? clear_bhb_loop+0x60/0xb0
[  152.852844][ T5875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.852858][ T5875] RIP: 0033:0x7f39278e2869
[  152.852872][ T5875] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  152.852885][ T5875] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  152.852901][ T5875] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5876 attached
, child_tidptr=0x55558ec87650) = 5876
[pid  5876] set_robust_list(0x55558ec87660, 24) = 0
[pid  5876] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5876] setpgid(0, 0)               = 0
[pid  5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5876] write(3, "1000", 4)         = 4
[pid  5876] close(3)                    = 0
executing program
[pid  5876] write(1, "executing program\n", 18) = 18
[pid  5876] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5876] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5876] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5876] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[  152.852912][ T5875] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  152.852921][ T5875] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  152.852930][ T5875] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  152.852939][ T5875] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  152.852961][ T5875]  </TASK>
[pid  5876] write(6, "4", 1)            = 1
[pid  5876] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5876] exit_group(0)               = ?
[  153.141940][ T5876] FAULT_INJECTION: forcing a failure.
[  153.141940][ T5876] name failslab, interval 1, probability 0, space 0, times 0
[  153.154741][ T5876] CPU: 1 UID: 0 PID: 5876 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  153.154763][ T5876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  153.154772][ T5876] Call Trace:
[  153.154780][ T5876]  <TASK>
[  153.154794][ T5876]  dump_stack_lvl+0x189/0x250
[  153.154816][ T5876]  ? __pfx____ratelimit+0x10/0x10
[  153.154838][ T5876]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.154855][ T5876]  ? __pfx__printk+0x10/0x10
[  153.154880][ T5876]  ? __pfx___might_resched+0x10/0x10
[  153.154902][ T5876]  ? fs_reclaim_acquire+0x7d/0x100
[  153.154929][ T5876]  should_fail_ex+0x414/0x560
[  153.154950][ T5876]  should_failslab+0xa8/0x100
[  153.154972][ T5876]  __kmalloc_noprof+0xcb/0x4f0
[  153.154991][ T5876]  ? tomoyo_init_log+0x1a6e/0x1f70
[  153.155017][ T5876]  tomoyo_init_log+0x1a6e/0x1f70
[  153.155056][ T5876]  ? __pfx_tomoyo_init_log+0x10/0x10
[  153.155078][ T5876]  ? tomoyo_profile+0x11/0x50
[  153.155100][ T5876]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  153.155122][ T5876]  tomoyo_supervisor+0x340/0x1480
[  153.155146][ T5876]  ? format_decode+0x5a3/0xe30
[  153.155169][ T5876]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  153.155200][ T5876]  ? snprintf+0xda/0x120
[  153.155221][ T5876]  ? __pfx_snprintf+0x10/0x10
[  153.155240][ T5876]  ? tomoyo_check_acl+0x386/0x400
[  153.155263][ T5876]  tomoyo_path_number_perm+0x438/0x5a0
[  153.155280][ T5876]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  153.155299][ T5876]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  153.155323][ T5876]  ? _raw_spin_lock_irq+0xae/0xf0
[  153.155367][ T5876]  ? __pfx_ptrace_notify+0x10/0x10
[  153.155398][ T5876]  security_file_ioctl+0xcb/0x2d0
[  153.155417][ T5876]  __se_sys_ioctl+0x47/0x170
[  153.155436][ T5876]  do_syscall_64+0xfa/0x3b0
[  153.155458][ T5876]  ? lockdep_hardirqs_on+0x9c/0x150
[  153.155480][ T5876]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.155495][ T5876]  ? clear_bhb_loop+0x60/0xb0
[  153.155513][ T5876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.155528][ T5876] RIP: 0033:0x7f39278e2869
[  153.155541][ T5876] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  153.155554][ T5876] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  153.155570][ T5876] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5876] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5876, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5877 attached
, child_tidptr=0x55558ec87650) = 5877
[pid  5877] set_robust_list(0x55558ec87660, 24) = 0
[pid  5877] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5877] setpgid(0, 0)               = 0
[pid  5877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5877] write(3, "1000", 4)         = 4
[pid  5877] close(3)                    = 0
[  153.155581][ T5876] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  153.155590][ T5876] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  153.155599][ T5876] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  153.155608][ T5876] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  153.155630][ T5876]  </TASK>
[pid  5877] write(1, "executing program\n", 18executing program
) = 18
[pid  5877] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5877] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5877] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5877] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5877] write(6, "4", 1)            = 1
[  153.493787][ T5877] FAULT_INJECTION: forcing a failure.
[  153.493787][ T5877] name failslab, interval 1, probability 0, space 0, times 0
[  153.506811][ T5877] CPU: 0 UID: 0 PID: 5877 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  153.506833][ T5877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  153.506842][ T5877] Call Trace:
[  153.506848][ T5877]  <TASK>
[  153.506855][ T5877]  dump_stack_lvl+0x189/0x250
[  153.506876][ T5877]  ? __pfx____ratelimit+0x10/0x10
[  153.506899][ T5877]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.506916][ T5877]  ? __pfx__printk+0x10/0x10
[  153.506941][ T5877]  ? __pfx___might_resched+0x10/0x10
[  153.506964][ T5877]  ? fs_reclaim_acquire+0x7d/0x100
[  153.506997][ T5877]  should_fail_ex+0x414/0x560
[  153.507018][ T5877]  should_failslab+0xa8/0x100
[  153.507040][ T5877]  __kmalloc_cache_noprof+0x70/0x3d0
[  153.507059][ T5877]  ? tomoyo_init_log+0x183/0x1f70
[  153.507085][ T5877]  tomoyo_init_log+0x183/0x1f70
[  153.507111][ T5877]  ? kasan_save_track+0x4f/0x80
[  153.507127][ T5877]  ? kasan_save_track+0x3e/0x80
[  153.507143][ T5877]  ? __kasan_slab_free+0x5b/0x80
[  153.507162][ T5877]  ? format_decode+0xd9/0xe30
[  153.507180][ T5877]  ? string+0x279/0x2b0
[  153.507199][ T5877]  ? __pfx_tomoyo_init_log+0x10/0x10
[  153.507233][ T5877]  ? tomoyo_profile+0x11/0x50
[  153.507252][ T5877]  ? tomoyo_profile+0x11/0x50
[  153.507273][ T5877]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  153.507313][ T5877]  tomoyo_supervisor+0x340/0x1480
[  153.507337][ T5877]  ? format_decode+0x5a3/0xe30
[  153.507360][ T5877]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  153.507391][ T5877]  ? snprintf+0xda/0x120
[  153.507412][ T5877]  ? __pfx_snprintf+0x10/0x10
[  153.507431][ T5877]  ? tomoyo_check_acl+0x386/0x400
[  153.507454][ T5877]  tomoyo_path_number_perm+0x438/0x5a0
[  153.507472][ T5877]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  153.507490][ T5877]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  153.507514][ T5877]  ? _raw_spin_lock_irq+0xae/0xf0
[  153.507558][ T5877]  ? __pfx_ptrace_notify+0x10/0x10
[  153.507589][ T5877]  security_file_ioctl+0xcb/0x2d0
[  153.507607][ T5877]  __se_sys_ioctl+0x47/0x170
[  153.507626][ T5877]  do_syscall_64+0xfa/0x3b0
[  153.507648][ T5877]  ? lockdep_hardirqs_on+0x9c/0x150
[  153.507677][ T5877]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.507692][ T5877]  ? clear_bhb_loop+0x60/0xb0
[  153.507711][ T5877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.507725][ T5877] RIP: 0033:0x7f39278e2869
[  153.507739][ T5877] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  153.507752][ T5877] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  153.507768][ T5877] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  153.507779][ T5877] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  153.507788][ T5877] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  153.507797][ T5877] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[pid  5877] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5877] exit_group(0)               = ?
[pid  5877] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5877, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5878 attached
, child_tidptr=0x55558ec87650) = 5878
[pid  5878] set_robust_list(0x55558ec87660, 24) = 0
[pid  5878] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5878] setpgid(0, 0)               = 0
[pid  5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5878] write(3, "1000", 4)         = 4
[  153.507806][ T5877] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  153.507834][ T5877]  </TASK>
[pid  5878] close(3)                    = 0
executing program
[pid  5878] write(1, "executing program\n", 18) = 18
[pid  5878] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5878] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5878] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5878] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5878] write(6, "4", 1)            = 1
[pid  5878] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  153.907016][ T5878] FAULT_INJECTION: forcing a failure.
[  153.907016][ T5878] name failslab, interval 1, probability 0, space 0, times 0
[  153.919877][ T5878] CPU: 1 UID: 0 PID: 5878 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  153.919914][ T5878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  153.919926][ T5878] Call Trace:
[  153.919934][ T5878]  <TASK>
[  153.919942][ T5878]  dump_stack_lvl+0x189/0x250
[  153.919972][ T5878]  ? __pfx____ratelimit+0x10/0x10
[  153.920002][ T5878]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.920026][ T5878]  ? __pfx__printk+0x10/0x10
[  153.920062][ T5878]  ? __pfx___might_resched+0x10/0x10
[  153.920094][ T5878]  ? fs_reclaim_acquire+0x7d/0x100
[  153.920131][ T5878]  should_fail_ex+0x414/0x560
[  153.920162][ T5878]  should_failslab+0xa8/0x100
[  153.920194][ T5878]  __kmalloc_noprof+0xcb/0x4f0
[  153.920220][ T5878]  ? tomoyo_init_log+0x1a6e/0x1f70
[  153.920255][ T5878]  tomoyo_init_log+0x1a6e/0x1f70
[  153.920305][ T5878]  ? __pfx_tomoyo_init_log+0x10/0x10
[  153.920328][ T5878]  ? tomoyo_profile+0x11/0x50
[  153.920349][ T5878]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  153.920371][ T5878]  tomoyo_supervisor+0x340/0x1480
[  153.920395][ T5878]  ? format_decode+0x5a3/0xe30
[  153.920418][ T5878]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  153.920449][ T5878]  ? snprintf+0xda/0x120
[  153.920471][ T5878]  ? __pfx_snprintf+0x10/0x10
[  153.920490][ T5878]  ? tomoyo_check_acl+0x386/0x400
[  153.920512][ T5878]  tomoyo_path_number_perm+0x438/0x5a0
[  153.920530][ T5878]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  153.920549][ T5878]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  153.920573][ T5878]  ? _raw_spin_lock_irq+0xae/0xf0
[  153.920616][ T5878]  ? __pfx_ptrace_notify+0x10/0x10
[  153.920650][ T5878]  security_file_ioctl+0xcb/0x2d0
[  153.920669][ T5878]  __se_sys_ioctl+0x47/0x170
[  153.920688][ T5878]  do_syscall_64+0xfa/0x3b0
[  153.920710][ T5878]  ? lockdep_hardirqs_on+0x9c/0x150
[  153.920732][ T5878]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.920747][ T5878]  ? clear_bhb_loop+0x60/0xb0
[  153.920766][ T5878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.920781][ T5878] RIP: 0033:0x7f39278e2869
[  153.920795][ T5878] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  153.920807][ T5878] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  153.920823][ T5878] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5878] exit_group(0)               = ?
[pid  5878] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5879 attached
, child_tidptr=0x55558ec87650) = 5879
[pid  5879] set_robust_list(0x55558ec87660, 24) = 0
[pid  5879] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5879] setpgid(0, 0)               = 0
[pid  5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5879] write(3, "1000", 4)         = 4
[pid  5879] close(3)                    = 0
executing program
[pid  5879] write(1, "executing program\n", 18) = 18
[pid  5879] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5879] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5879] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5879] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5879] write(6, "4", 1)            = 1
[  153.920835][ T5878] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  153.920844][ T5878] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  153.920853][ T5878] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  153.920862][ T5878] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  153.920890][ T5878]  </TASK>
[  154.222040][ T5879] FAULT_INJECTION: forcing a failure.
[  154.222040][ T5879] name failslab, interval 1, probability 0, space 0, times 0
[  154.235427][ T5879] CPU: 0 UID: 0 PID: 5879 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  154.235459][ T5879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  154.235472][ T5879] Call Trace:
[  154.235481][ T5879]  <TASK>
[  154.235490][ T5879]  dump_stack_lvl+0x189/0x250
[  154.235520][ T5879]  ? __pfx____ratelimit+0x10/0x10
[  154.235551][ T5879]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.235575][ T5879]  ? __pfx__printk+0x10/0x10
[  154.235611][ T5879]  ? __pfx___might_resched+0x10/0x10
[  154.235642][ T5879]  ? fs_reclaim_acquire+0x7d/0x100
[  154.235679][ T5879]  should_fail_ex+0x414/0x560
[  154.235709][ T5879]  should_failslab+0xa8/0x100
[  154.235739][ T5879]  __kmalloc_noprof+0xcb/0x4f0
[  154.235765][ T5879]  ? tomoyo_init_log+0x1a6e/0x1f70
[  154.235791][ T5879]  tomoyo_init_log+0x1a6e/0x1f70
[  154.235831][ T5879]  ? __pfx_tomoyo_init_log+0x10/0x10
[  154.235853][ T5879]  ? tomoyo_profile+0x11/0x50
[  154.235880][ T5879]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  154.235903][ T5879]  tomoyo_supervisor+0x340/0x1480
[  154.235927][ T5879]  ? format_decode+0x5a3/0xe30
[  154.235950][ T5879]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  154.235981][ T5879]  ? snprintf+0xda/0x120
[  154.236003][ T5879]  ? __pfx_snprintf+0x10/0x10
[  154.236022][ T5879]  ? tomoyo_check_acl+0x386/0x400
[  154.236045][ T5879]  tomoyo_path_number_perm+0x438/0x5a0
[  154.236062][ T5879]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  154.236081][ T5879]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  154.236106][ T5879]  ? _raw_spin_lock_irq+0xae/0xf0
[  154.236150][ T5879]  ? __pfx_ptrace_notify+0x10/0x10
[  154.236182][ T5879]  security_file_ioctl+0xcb/0x2d0
[  154.236200][ T5879]  __se_sys_ioctl+0x47/0x170
[  154.236220][ T5879]  do_syscall_64+0xfa/0x3b0
[  154.236242][ T5879]  ? lockdep_hardirqs_on+0x9c/0x150
[  154.236263][ T5879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.236278][ T5879]  ? clear_bhb_loop+0x60/0xb0
[  154.236297][ T5879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.236312][ T5879] RIP: 0033:0x7f39278e2869
[  154.236325][ T5879] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  154.236338][ T5879] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.236354][ T5879] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5879] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5879] exit_group(0)               = ?
[pid  5879] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5879, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5880 attached
, child_tidptr=0x55558ec87650) = 5880
[pid  5880] set_robust_list(0x55558ec87660, 24) = 0
[pid  5880] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5880] setpgid(0, 0)               = 0
[pid  5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5880] write(3, "1000", 4)         = 4
[pid  5880] close(3)                    = 0
executing program
[pid  5880] write(1, "executing program\n", 18) = 18
[  154.236366][ T5879] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  154.236375][ T5879] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  154.236384][ T5879] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  154.236393][ T5879] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  154.236415][ T5879]  </TASK>
[pid  5880] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5880] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5880] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5880] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5880] write(6, "4", 1)            = 1
[pid  5880] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5880] exit_group(0)               = ?
[  154.590941][ T5880] FAULT_INJECTION: forcing a failure.
[  154.590941][ T5880] name failslab, interval 1, probability 0, space 0, times 0
[  154.604003][ T5880] CPU: 1 UID: 0 PID: 5880 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  154.604034][ T5880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  154.604047][ T5880] Call Trace:
[  154.604056][ T5880]  <TASK>
[  154.604065][ T5880]  dump_stack_lvl+0x189/0x250
[  154.604095][ T5880]  ? __pfx____ratelimit+0x10/0x10
[  154.604127][ T5880]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.604151][ T5880]  ? __pfx__printk+0x10/0x10
[  154.604187][ T5880]  ? __pfx___might_resched+0x10/0x10
[  154.604221][ T5880]  ? fs_reclaim_acquire+0x7d/0x100
[  154.604255][ T5880]  should_fail_ex+0x414/0x560
[  154.604283][ T5880]  should_failslab+0xa8/0x100
[  154.604306][ T5880]  __kmalloc_noprof+0xcb/0x4f0
[  154.604325][ T5880]  ? tomoyo_init_log+0x1a6e/0x1f70
[  154.604351][ T5880]  tomoyo_init_log+0x1a6e/0x1f70
[  154.604390][ T5880]  ? __pfx_tomoyo_init_log+0x10/0x10
[  154.604413][ T5880]  ? tomoyo_profile+0x11/0x50
[  154.604434][ T5880]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  154.604457][ T5880]  tomoyo_supervisor+0x340/0x1480
[  154.604481][ T5880]  ? format_decode+0x5a3/0xe30
[  154.604503][ T5880]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  154.604534][ T5880]  ? snprintf+0xda/0x120
[  154.604556][ T5880]  ? __pfx_snprintf+0x10/0x10
[  154.604575][ T5880]  ? tomoyo_check_acl+0x386/0x400
[  154.604597][ T5880]  tomoyo_path_number_perm+0x438/0x5a0
[  154.604615][ T5880]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  154.604634][ T5880]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  154.604664][ T5880]  ? _raw_spin_lock_irq+0xae/0xf0
[  154.604709][ T5880]  ? __pfx_ptrace_notify+0x10/0x10
[  154.604740][ T5880]  security_file_ioctl+0xcb/0x2d0
[  154.604759][ T5880]  __se_sys_ioctl+0x47/0x170
[  154.604778][ T5880]  do_syscall_64+0xfa/0x3b0
[  154.604800][ T5880]  ? lockdep_hardirqs_on+0x9c/0x150
[  154.604821][ T5880]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.604836][ T5880]  ? clear_bhb_loop+0x60/0xb0
[  154.604854][ T5880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.604869][ T5880] RIP: 0033:0x7f39278e2869
[  154.604883][ T5880] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  154.604897][ T5880] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.604935][ T5880] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5880] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5880, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5881 attached
, child_tidptr=0x55558ec87650) = 5881
[pid  5881] set_robust_list(0x55558ec87660, 24) = 0
[pid  5881] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5881] setpgid(0, 0)               = 0
[pid  5881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5881] write(3, "1000", 4executing program
)         = 4
[pid  5881] close(3)                    = 0
[pid  5881] write(1, "executing program\n", 18) = 18
[pid  5881] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5881] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5881] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5881] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5881] write(6, "4", 1)            = 1
[  154.604946][ T5880] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  154.604955][ T5880] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  154.604965][ T5880] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  154.604973][ T5880] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  154.604995][ T5880]  </TASK>
[  154.908706][ T5881] FAULT_INJECTION: forcing a failure.
[  154.908706][ T5881] name failslab, interval 1, probability 0, space 0, times 0
[  154.921816][ T5881] CPU: 0 UID: 0 PID: 5881 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  154.921846][ T5881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  154.921859][ T5881] Call Trace:
[  154.921867][ T5881]  <TASK>
[  154.921877][ T5881]  dump_stack_lvl+0x189/0x250
[  154.921906][ T5881]  ? __pfx____ratelimit+0x10/0x10
[  154.921937][ T5881]  ? __pfx_dump_stack_lvl+0x10/0x10
[  154.921961][ T5881]  ? __pfx__printk+0x10/0x10
[  154.921996][ T5881]  ? __pfx___might_resched+0x10/0x10
[  154.922027][ T5881]  ? fs_reclaim_acquire+0x7d/0x100
[  154.922063][ T5881]  should_fail_ex+0x414/0x560
[  154.922093][ T5881]  should_failslab+0xa8/0x100
[  154.922121][ T5881]  __kmalloc_noprof+0xcb/0x4f0
[  154.922140][ T5881]  ? tomoyo_init_log+0x1a6e/0x1f70
[  154.922166][ T5881]  tomoyo_init_log+0x1a6e/0x1f70
[  154.922204][ T5881]  ? __pfx_tomoyo_init_log+0x10/0x10
[  154.922226][ T5881]  ? tomoyo_profile+0x11/0x50
[  154.922248][ T5881]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  154.922270][ T5881]  tomoyo_supervisor+0x340/0x1480
[  154.922295][ T5881]  ? format_decode+0x5a3/0xe30
[  154.922318][ T5881]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  154.922348][ T5881]  ? snprintf+0xda/0x120
[  154.922370][ T5881]  ? __pfx_snprintf+0x10/0x10
[  154.922389][ T5881]  ? tomoyo_check_acl+0x386/0x400
[  154.922411][ T5881]  tomoyo_path_number_perm+0x438/0x5a0
[  154.922429][ T5881]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  154.922448][ T5881]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  154.922472][ T5881]  ? _raw_spin_lock_irq+0xae/0xf0
[  154.922515][ T5881]  ? __pfx_ptrace_notify+0x10/0x10
[  154.922547][ T5881]  security_file_ioctl+0xcb/0x2d0
[  154.922566][ T5881]  __se_sys_ioctl+0x47/0x170
[  154.922585][ T5881]  do_syscall_64+0xfa/0x3b0
[  154.922607][ T5881]  ? lockdep_hardirqs_on+0x9c/0x150
[  154.922628][ T5881]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.922650][ T5881]  ? clear_bhb_loop+0x60/0xb0
[  154.922669][ T5881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.922684][ T5881] RIP: 0033:0x7f39278e2869
[  154.922699][ T5881] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  154.922711][ T5881] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  154.922727][ T5881] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5881] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5881] exit_group(0)               = ?
[pid  5881] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5881, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5882 attached
[  154.922738][ T5881] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  154.922747][ T5881] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  154.922757][ T5881] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  154.922766][ T5881] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  154.922787][ T5881]  </TASK>
, child_tidptr=0x55558ec87650) = 5882
[pid  5882] set_robust_list(0x55558ec87660, 24) = 0
[pid  5882] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5882] setpgid(0, 0)               = 0
[pid  5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5882] write(3, "1000", 4)         = 4
[pid  5882] close(3)                    = 0
executing program
[pid  5882] write(1, "executing program\n", 18) = 18
[pid  5882] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5882] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5882] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5882] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5882] write(6, "4", 1)            = 1
[pid  5882] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5882] exit_group(0)               = ?
[pid  5882] +++ exited with 0 +++
[  155.346946][ T5882] FAULT_INJECTION: forcing a failure.
[  155.346946][ T5882] name failslab, interval 1, probability 0, space 0, times 0
[  155.359753][ T5882] CPU: 1 UID: 0 PID: 5882 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  155.359775][ T5882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  155.359784][ T5882] Call Trace:
[  155.359790][ T5882]  <TASK>
[  155.359796][ T5882]  dump_stack_lvl+0x189/0x250
[  155.359818][ T5882]  ? __pfx____ratelimit+0x10/0x10
[  155.359840][ T5882]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.359857][ T5882]  ? __pfx__printk+0x10/0x10
[  155.359882][ T5882]  ? __pfx___might_resched+0x10/0x10
[  155.359905][ T5882]  ? fs_reclaim_acquire+0x7d/0x100
[  155.359932][ T5882]  should_fail_ex+0x414/0x560
[  155.359953][ T5882]  should_failslab+0xa8/0x100
[  155.359975][ T5882]  __kmalloc_noprof+0xcb/0x4f0
[  155.359994][ T5882]  ? tomoyo_init_log+0x1a6e/0x1f70
[  155.360020][ T5882]  tomoyo_init_log+0x1a6e/0x1f70
[  155.360058][ T5882]  ? __pfx_tomoyo_init_log+0x10/0x10
[  155.360080][ T5882]  ? tomoyo_profile+0x11/0x50
[  155.360102][ T5882]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  155.360124][ T5882]  tomoyo_supervisor+0x340/0x1480
[  155.360148][ T5882]  ? format_decode+0x5a3/0xe30
[  155.360171][ T5882]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  155.360202][ T5882]  ? snprintf+0xda/0x120
[  155.360223][ T5882]  ? __pfx_snprintf+0x10/0x10
[  155.360242][ T5882]  ? tomoyo_check_acl+0x386/0x400
[  155.360265][ T5882]  tomoyo_path_number_perm+0x438/0x5a0
[  155.360282][ T5882]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  155.360301][ T5882]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  155.360325][ T5882]  ? _raw_spin_lock_irq+0xae/0xf0
[  155.360369][ T5882]  ? __pfx_ptrace_notify+0x10/0x10
[  155.360400][ T5882]  security_file_ioctl+0xcb/0x2d0
[  155.360419][ T5882]  __se_sys_ioctl+0x47/0x170
[  155.360438][ T5882]  do_syscall_64+0xfa/0x3b0
[  155.360460][ T5882]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.360481][ T5882]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.360503][ T5882]  ? clear_bhb_loop+0x60/0xb0
[  155.360522][ T5882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.360536][ T5882] RIP: 0033:0x7f39278e2869
[  155.360551][ T5882] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  155.360564][ T5882] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5882, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5883 attached
, child_tidptr=0x55558ec87650) = 5883
[pid  5883] set_robust_list(0x55558ec87660, 24) = 0
[pid  5883] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  155.360580][ T5882] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  155.360591][ T5882] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  155.360600][ T5882] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  155.360609][ T5882] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  155.360618][ T5882] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  155.360640][ T5882]  </TASK>
[pid  5883] setpgid(0, 0)               = 0
[pid  5883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5883] write(3, "1000", 4)         = 4
[pid  5883] close(3)                    = 0
executing program
[pid  5883] write(1, "executing program\n", 18) = 18
[pid  5883] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5883] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5883] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5883] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5883] write(6, "4", 1)            = 1
[  155.744890][ T5883] FAULT_INJECTION: forcing a failure.
[  155.744890][ T5883] name failslab, interval 1, probability 0, space 0, times 0
[  155.759421][ T5883] CPU: 1 UID: 0 PID: 5883 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  155.759454][ T5883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  155.759467][ T5883] Call Trace:
[  155.759477][ T5883]  <TASK>
[  155.759487][ T5883]  dump_stack_lvl+0x189/0x250
[  155.759541][ T5883]  ? __pfx____ratelimit+0x10/0x10
[  155.759574][ T5883]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.759601][ T5883]  ? __pfx__printk+0x10/0x10
[  155.759641][ T5883]  ? __pfx___might_resched+0x10/0x10
[  155.759676][ T5883]  ? fs_reclaim_acquire+0x7d/0x100
[  155.759714][ T5883]  should_fail_ex+0x414/0x560
[  155.759747][ T5883]  should_failslab+0xa8/0x100
[  155.759781][ T5883]  __kmalloc_noprof+0xcb/0x4f0
[  155.759808][ T5883]  ? tomoyo_init_log+0x1a6e/0x1f70
[  155.759848][ T5883]  tomoyo_init_log+0x1a6e/0x1f70
[  155.759911][ T5883]  ? __pfx_tomoyo_init_log+0x10/0x10
[  155.759946][ T5883]  ? tomoyo_profile+0x11/0x50
[  155.759980][ T5883]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  155.760015][ T5883]  tomoyo_supervisor+0x340/0x1480
[  155.760053][ T5883]  ? format_decode+0x5a3/0xe30
[  155.760090][ T5883]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  155.760137][ T5883]  ? snprintf+0xda/0x120
[  155.760172][ T5883]  ? __pfx_snprintf+0x10/0x10
[  155.760202][ T5883]  ? tomoyo_check_acl+0x386/0x400
[  155.760237][ T5883]  tomoyo_path_number_perm+0x438/0x5a0
[  155.760264][ T5883]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  155.760294][ T5883]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  155.760322][ T5883]  ? _raw_spin_lock_irq+0xae/0xf0
[  155.760372][ T5883]  ? __pfx_ptrace_notify+0x10/0x10
[  155.760408][ T5883]  security_file_ioctl+0xcb/0x2d0
[  155.760430][ T5883]  __se_sys_ioctl+0x47/0x170
[  155.760452][ T5883]  do_syscall_64+0xfa/0x3b0
[  155.760477][ T5883]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.760501][ T5883]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.760525][ T5883]  ? clear_bhb_loop+0x60/0xb0
[  155.760546][ T5883]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.760563][ T5883] RIP: 0033:0x7f39278e2869
[  155.760580][ T5883] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  155.760594][ T5883] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  155.760613][ T5883] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  155.760625][ T5883] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  155.760635][ T5883] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  155.760646][ T5883] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[pid  5883] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5883] exit_group(0)               = ?
[pid  5883] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5883, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5884 attached
, child_tidptr=0x55558ec87650) = 5884
[pid  5884] set_robust_list(0x55558ec87660, 24) = 0
[pid  5884] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5884] setpgid(0, 0)               = 0
[pid  5884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5884] write(3, "1000", 4)         = 4
[pid  5884] close(3)                    = 0
executing program
[pid  5884] write(1, "executing program\n", 18) = 18
[pid  5884] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5884] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5884] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5884] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5884] write(6, "4", 1)            = 1
[  155.760656][ T5883] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  155.760680][ T5883]  </TASK>
[pid  5884] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5884] exit_group(0)               = ?
[  156.095585][ T5884] FAULT_INJECTION: forcing a failure.
[  156.095585][ T5884] name failslab, interval 1, probability 0, space 0, times 0
[  156.111570][ T5884] CPU: 1 UID: 0 PID: 5884 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  156.111602][ T5884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  156.111615][ T5884] Call Trace:
[  156.111623][ T5884]  <TASK>
[  156.111633][ T5884]  dump_stack_lvl+0x189/0x250
[  156.111662][ T5884]  ? __pfx____ratelimit+0x10/0x10
[  156.111701][ T5884]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.111725][ T5884]  ? __pfx__printk+0x10/0x10
[  156.111760][ T5884]  ? __pfx___might_resched+0x10/0x10
[  156.111788][ T5884]  ? fs_reclaim_acquire+0x7d/0x100
[  156.111825][ T5884]  should_fail_ex+0x414/0x560
[  156.111855][ T5884]  should_failslab+0xa8/0x100
[  156.111885][ T5884]  __kmalloc_cache_noprof+0x70/0x3d0
[  156.111910][ T5884]  ? tomoyo_init_log+0x183/0x1f70
[  156.111945][ T5884]  tomoyo_init_log+0x183/0x1f70
[  156.111982][ T5884]  ? kasan_save_track+0x4f/0x80
[  156.112005][ T5884]  ? kasan_save_track+0x3e/0x80
[  156.112028][ T5884]  ? __kasan_slab_free+0x5b/0x80
[  156.112055][ T5884]  ? format_decode+0xd9/0xe30
[  156.112080][ T5884]  ? string+0x279/0x2b0
[  156.112106][ T5884]  ? __pfx_tomoyo_init_log+0x10/0x10
[  156.112135][ T5884]  ? tomoyo_profile+0x11/0x50
[  156.112157][ T5884]  ? tomoyo_profile+0x11/0x50
[  156.112178][ T5884]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  156.112201][ T5884]  tomoyo_supervisor+0x340/0x1480
[  156.112226][ T5884]  ? format_decode+0x5a3/0xe30
[  156.112249][ T5884]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  156.112279][ T5884]  ? snprintf+0xda/0x120
[  156.112300][ T5884]  ? __pfx_snprintf+0x10/0x10
[  156.112319][ T5884]  ? tomoyo_check_acl+0x386/0x400
[  156.112342][ T5884]  tomoyo_path_number_perm+0x438/0x5a0
[  156.112360][ T5884]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  156.112379][ T5884]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  156.112403][ T5884]  ? _raw_spin_lock_irq+0xae/0xf0
[  156.112449][ T5884]  ? __pfx_ptrace_notify+0x10/0x10
[  156.112481][ T5884]  security_file_ioctl+0xcb/0x2d0
[  156.112500][ T5884]  __se_sys_ioctl+0x47/0x170
[  156.112520][ T5884]  do_syscall_64+0xfa/0x3b0
[  156.112542][ T5884]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.112563][ T5884]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.112578][ T5884]  ? clear_bhb_loop+0x60/0xb0
[  156.112596][ T5884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.112611][ T5884] RIP: 0033:0x7f39278e2869
[  156.112626][ T5884] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  156.112639][ T5884] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.112655][ T5884] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5884] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5884, si_uid=0, si_status=0, si_utime=0, si_stime=31 /* 0.31 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5885 attached
, child_tidptr=0x55558ec87650) = 5885
[pid  5885] set_robust_list(0x55558ec87660, 24) = 0
[pid  5885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  156.112666][ T5884] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  156.112675][ T5884] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  156.112685][ T5884] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  156.112700][ T5884] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  156.112722][ T5884]  </TASK>
[pid  5885] setpgid(0, 0)               = 0
[pid  5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5885] write(3, "1000", 4)         = 4
[pid  5885] close(3)                    = 0
[pid  5885] write(1, "executing program\n", 18executing program
) = 18
[pid  5885] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5885] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5885] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5885] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5885] write(6, "4", 1)            = 1
[pid  5885] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5885] exit_group(0)               = ?
[  156.519078][ T5885] FAULT_INJECTION: forcing a failure.
[  156.519078][ T5885] name failslab, interval 1, probability 0, space 0, times 0
[  156.532053][ T5885] CPU: 0 UID: 0 PID: 5885 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  156.532076][ T5885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  156.532085][ T5885] Call Trace:
[  156.532091][ T5885]  <TASK>
[  156.532098][ T5885]  dump_stack_lvl+0x189/0x250
[  156.532120][ T5885]  ? __pfx____ratelimit+0x10/0x10
[  156.532142][ T5885]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.532159][ T5885]  ? __pfx__printk+0x10/0x10
[  156.532184][ T5885]  ? __pfx___might_resched+0x10/0x10
[  156.532207][ T5885]  ? fs_reclaim_acquire+0x7d/0x100
[  156.532234][ T5885]  should_fail_ex+0x414/0x560
[  156.532255][ T5885]  should_failslab+0xa8/0x100
[  156.532277][ T5885]  __kmalloc_noprof+0xcb/0x4f0
[  156.532295][ T5885]  ? tomoyo_init_log+0x1a6e/0x1f70
[  156.532321][ T5885]  tomoyo_init_log+0x1a6e/0x1f70
[  156.532359][ T5885]  ? __pfx_tomoyo_init_log+0x10/0x10
[  156.532381][ T5885]  ? tomoyo_profile+0x11/0x50
[  156.532403][ T5885]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  156.532425][ T5885]  tomoyo_supervisor+0x340/0x1480
[  156.532449][ T5885]  ? format_decode+0x5a3/0xe30
[  156.532472][ T5885]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  156.532503][ T5885]  ? snprintf+0xda/0x120
[  156.532524][ T5885]  ? __pfx_snprintf+0x10/0x10
[  156.532543][ T5885]  ? tomoyo_check_acl+0x386/0x400
[  156.532565][ T5885]  tomoyo_path_number_perm+0x438/0x5a0
[  156.532583][ T5885]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  156.532602][ T5885]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  156.532626][ T5885]  ? _raw_spin_lock_irq+0xae/0xf0
[  156.532669][ T5885]  ? __pfx_ptrace_notify+0x10/0x10
[  156.532709][ T5885]  security_file_ioctl+0xcb/0x2d0
[  156.532728][ T5885]  __se_sys_ioctl+0x47/0x170
[  156.532747][ T5885]  do_syscall_64+0xfa/0x3b0
[  156.532769][ T5885]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.532790][ T5885]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.532805][ T5885]  ? clear_bhb_loop+0x60/0xb0
[  156.532823][ T5885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.532838][ T5885] RIP: 0033:0x7f39278e2869
[  156.532852][ T5885] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  156.532864][ T5885] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid  5885] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5885, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5886 attached
, child_tidptr=0x55558ec87650) = 5886
[pid  5886] set_robust_list(0x55558ec87660, 24) = 0
[pid  5886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  156.532880][ T5885] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  156.532892][ T5885] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  156.532901][ T5885] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  156.532910][ T5885] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  156.532919][ T5885] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  156.532940][ T5885]  </TASK>
[pid  5886] setpgid(0, 0)               = 0
[pid  5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5886] write(3, "1000", 4)         = 4
[pid  5886] close(3)                    = 0
executing program
[pid  5886] write(1, "executing program\n", 18) = 18
[pid  5886] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5886] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5886] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5886] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5886] write(6, "4", 1)            = 1
[  156.904664][ T5886] FAULT_INJECTION: forcing a failure.
[  156.904664][ T5886] name failslab, interval 1, probability 0, space 0, times 0
[  156.917683][ T5886] CPU: 1 UID: 0 PID: 5886 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  156.917716][ T5886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  156.917729][ T5886] Call Trace:
[  156.917738][ T5886]  <TASK>
[  156.917747][ T5886]  dump_stack_lvl+0x189/0x250
[  156.917779][ T5886]  ? __pfx____ratelimit+0x10/0x10
[  156.917812][ T5886]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.917842][ T5886]  ? __pfx__printk+0x10/0x10
[  156.917877][ T5886]  ? __pfx___might_resched+0x10/0x10
[  156.917909][ T5886]  ? fs_reclaim_acquire+0x7d/0x100
[  156.917945][ T5886]  should_fail_ex+0x414/0x560
[  156.917976][ T5886]  should_failslab+0xa8/0x100
[  156.918005][ T5886]  __kmalloc_noprof+0xcb/0x4f0
[  156.918031][ T5886]  ? tomoyo_init_log+0x1a6e/0x1f70
[  156.918068][ T5886]  tomoyo_init_log+0x1a6e/0x1f70
[  156.918127][ T5886]  ? __pfx_tomoyo_init_log+0x10/0x10
[  156.918160][ T5886]  ? tomoyo_profile+0x11/0x50
[  156.918191][ T5886]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  156.918224][ T5886]  tomoyo_supervisor+0x340/0x1480
[  156.918261][ T5886]  ? format_decode+0x5a3/0xe30
[  156.918293][ T5886]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  156.918338][ T5886]  ? snprintf+0xda/0x120
[  156.918389][ T5886]  ? __pfx_snprintf+0x10/0x10
[  156.918411][ T5886]  ? tomoyo_check_acl+0x386/0x400
[  156.918437][ T5886]  tomoyo_path_number_perm+0x438/0x5a0
[  156.918458][ T5886]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  156.918480][ T5886]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  156.918508][ T5886]  ? _raw_spin_lock_irq+0xae/0xf0
[  156.918558][ T5886]  ? __pfx_ptrace_notify+0x10/0x10
[  156.918595][ T5886]  security_file_ioctl+0xcb/0x2d0
[  156.918619][ T5886]  __se_sys_ioctl+0x47/0x170
[  156.918641][ T5886]  do_syscall_64+0xfa/0x3b0
[  156.918667][ T5886]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.918691][ T5886]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.918708][ T5886]  ? clear_bhb_loop+0x60/0xb0
[  156.918730][ T5886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.918747][ T5886] RIP: 0033:0x7f39278e2869
[  156.918763][ T5886] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  156.918778][ T5886] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.918797][ T5886] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5886] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5886] exit_group(0)               = ?
[pid  5886] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5886, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558ec87650) = 5887
./strace-static-x86_64: Process 5887 attached
[pid  5887] set_robust_list(0x55558ec87660, 24) = 0
[pid  5887] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  156.918810][ T5886] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  156.918820][ T5886] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  156.918831][ T5886] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  156.918841][ T5886] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  156.918867][ T5886]  </TASK>
[pid  5887] setpgid(0, 0)               = 0
[pid  5887] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5887] write(3, "1000", 4)         = 4
[pid  5887] close(3)                    = 0
[pid  5887] write(1, "executing program\n", 18executing program
) = 18
[pid  5887] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5887] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5887] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5887] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5887] write(6, "4", 1)            = 1
[  157.272693][ T5887] FAULT_INJECTION: forcing a failure.
[  157.272693][ T5887] name failslab, interval 1, probability 0, space 0, times 0
[  157.285695][ T5887] CPU: 1 UID: 0 PID: 5887 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  157.285726][ T5887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  157.285740][ T5887] Call Trace:
[  157.285748][ T5887]  <TASK>
[  157.285758][ T5887]  dump_stack_lvl+0x189/0x250
[  157.285789][ T5887]  ? __pfx____ratelimit+0x10/0x10
[  157.285821][ T5887]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.285846][ T5887]  ? __pfx__printk+0x10/0x10
[  157.285872][ T5887]  ? __pfx___might_resched+0x10/0x10
[  157.285896][ T5887]  ? fs_reclaim_acquire+0x7d/0x100
[  157.285923][ T5887]  should_fail_ex+0x414/0x560
[  157.285946][ T5887]  should_failslab+0xa8/0x100
[  157.285969][ T5887]  __kmalloc_noprof+0xcb/0x4f0
[  157.285988][ T5887]  ? tomoyo_init_log+0x1a6e/0x1f70
[  157.286015][ T5887]  tomoyo_init_log+0x1a6e/0x1f70
[  157.286061][ T5887]  ? __pfx_tomoyo_init_log+0x10/0x10
[  157.286084][ T5887]  ? tomoyo_profile+0x11/0x50
[  157.286107][ T5887]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  157.286130][ T5887]  tomoyo_supervisor+0x340/0x1480
[  157.286155][ T5887]  ? format_decode+0x5a3/0xe30
[  157.286179][ T5887]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  157.286211][ T5887]  ? snprintf+0xda/0x120
[  157.286234][ T5887]  ? __pfx_snprintf+0x10/0x10
[  157.286254][ T5887]  ? tomoyo_check_acl+0x386/0x400
[  157.286277][ T5887]  tomoyo_path_number_perm+0x438/0x5a0
[  157.286295][ T5887]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  157.286315][ T5887]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  157.286340][ T5887]  ? _raw_spin_lock_irq+0xae/0xf0
[  157.286392][ T5887]  ? __pfx_ptrace_notify+0x10/0x10
[  157.286425][ T5887]  security_file_ioctl+0xcb/0x2d0
[  157.286444][ T5887]  __se_sys_ioctl+0x47/0x170
[  157.286464][ T5887]  do_syscall_64+0xfa/0x3b0
[  157.286488][ T5887]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.286510][ T5887]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.286525][ T5887]  ? clear_bhb_loop+0x60/0xb0
[  157.286545][ T5887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.286560][ T5887] RIP: 0033:0x7f39278e2869
[  157.286575][ T5887] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  157.286588][ T5887] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.286606][ T5887] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5887] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5887] exit_group(0)               = ?
[pid  5887] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5887, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5888 attached
, child_tidptr=0x55558ec87650) = 5888
[pid  5888] set_robust_list(0x55558ec87660, 24) = 0
[pid  5888] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  157.286618][ T5887] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  157.286627][ T5887] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  157.286637][ T5887] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  157.286646][ T5887] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  157.286669][ T5887]  </TASK>
[pid  5888] setpgid(0, 0)               = 0
[pid  5888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
executing program
[pid  5888] write(3, "1000", 4)         = 4
[pid  5888] close(3)                    = 0
[pid  5888] write(1, "executing program\n", 18) = 18
[pid  5888] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5888] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5888] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5888] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5888] write(6, "4", 1)            = 1
[pid  5888] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5888] exit_group(0)               = ?
[pid  5888] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5888, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[  157.627680][ T5888] FAULT_INJECTION: forcing a failure.
[  157.627680][ T5888] name failslab, interval 1, probability 0, space 0, times 0
[  157.641623][ T5888] CPU: 0 UID: 0 PID: 5888 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  157.641645][ T5888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  157.641654][ T5888] Call Trace:
[  157.641660][ T5888]  <TASK>
[  157.641667][ T5888]  dump_stack_lvl+0x189/0x250
[  157.641689][ T5888]  ? __pfx____ratelimit+0x10/0x10
[  157.641711][ T5888]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.641728][ T5888]  ? __pfx__printk+0x10/0x10
[  157.641753][ T5888]  ? __pfx___might_resched+0x10/0x10
[  157.641776][ T5888]  ? fs_reclaim_acquire+0x7d/0x100
[  157.641802][ T5888]  should_fail_ex+0x414/0x560
[  157.641823][ T5888]  should_failslab+0xa8/0x100
[  157.641845][ T5888]  __kmalloc_noprof+0xcb/0x4f0
[  157.641864][ T5888]  ? tomoyo_init_log+0x1a6e/0x1f70
[  157.641889][ T5888]  tomoyo_init_log+0x1a6e/0x1f70
[  157.641928][ T5888]  ? __pfx_tomoyo_init_log+0x10/0x10
[  157.641950][ T5888]  ? tomoyo_profile+0x11/0x50
[  157.641971][ T5888]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  157.641994][ T5888]  tomoyo_supervisor+0x340/0x1480
[  157.642018][ T5888]  ? format_decode+0x5a3/0xe30
[  157.642041][ T5888]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  157.642071][ T5888]  ? snprintf+0xda/0x120
[  157.642093][ T5888]  ? __pfx_snprintf+0x10/0x10
[  157.642112][ T5888]  ? tomoyo_check_acl+0x386/0x400
[  157.642134][ T5888]  tomoyo_path_number_perm+0x438/0x5a0
[  157.642152][ T5888]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  157.642171][ T5888]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  157.642195][ T5888]  ? _raw_spin_lock_irq+0xae/0xf0
[  157.642239][ T5888]  ? __pfx_ptrace_notify+0x10/0x10
[  157.642270][ T5888]  security_file_ioctl+0xcb/0x2d0
[  157.642288][ T5888]  __se_sys_ioctl+0x47/0x170
[  157.642308][ T5888]  do_syscall_64+0xfa/0x3b0
[  157.642337][ T5888]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.642358][ T5888]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.642373][ T5888]  ? clear_bhb_loop+0x60/0xb0
[  157.642392][ T5888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.642406][ T5888] RIP: 0033:0x7f39278e2869
[  157.642420][ T5888] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  157.642433][ T5888] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558ec87650) = 5889
./strace-static-x86_64: Process 5889 attached
[pid  5889] set_robust_list(0x55558ec87660, 24) = 0
[pid  5889] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5889] setpgid(0, 0)               = 0
[  157.642449][ T5888] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  157.642460][ T5888] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  157.642469][ T5888] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  157.642479][ T5888] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  157.642488][ T5888] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  157.642509][ T5888]  </TASK>
[pid  5889] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5889] write(3, "1000", 4)         = 4
[pid  5889] close(3)                    = 0
executing program
[pid  5889] write(1, "executing program\n", 18) = 18
[pid  5889] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5889] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5889] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5889] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5889] write(6, "4", 1)            = 1
[pid  5889] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  158.002878][ T5889] FAULT_INJECTION: forcing a failure.
[  158.002878][ T5889] name failslab, interval 1, probability 0, space 0, times 0
[  158.016232][ T5889] CPU: 1 UID: 0 PID: 5889 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  158.016289][ T5889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  158.016303][ T5889] Call Trace:
[  158.016312][ T5889]  <TASK>
[  158.016321][ T5889]  dump_stack_lvl+0x189/0x250
[  158.016352][ T5889]  ? __pfx____ratelimit+0x10/0x10
[  158.016384][ T5889]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.016409][ T5889]  ? __pfx__printk+0x10/0x10
[  158.016443][ T5889]  ? __pfx___might_resched+0x10/0x10
[  158.016473][ T5889]  ? fs_reclaim_acquire+0x7d/0x100
[  158.016507][ T5889]  should_fail_ex+0x414/0x560
[  158.016529][ T5889]  should_failslab+0xa8/0x100
[  158.016551][ T5889]  __kmalloc_noprof+0xcb/0x4f0
[  158.016569][ T5889]  ? tomoyo_init_log+0x1a6e/0x1f70
[  158.016595][ T5889]  tomoyo_init_log+0x1a6e/0x1f70
[  158.016634][ T5889]  ? __pfx_tomoyo_init_log+0x10/0x10
[  158.016656][ T5889]  ? tomoyo_profile+0x11/0x50
[  158.016678][ T5889]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  158.016700][ T5889]  tomoyo_supervisor+0x340/0x1480
[  158.016724][ T5889]  ? format_decode+0x5a3/0xe30
[  158.016747][ T5889]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  158.016778][ T5889]  ? snprintf+0xda/0x120
[  158.016799][ T5889]  ? __pfx_snprintf+0x10/0x10
[  158.016818][ T5889]  ? tomoyo_check_acl+0x386/0x400
[  158.016841][ T5889]  tomoyo_path_number_perm+0x438/0x5a0
[  158.016858][ T5889]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  158.016877][ T5889]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  158.016901][ T5889]  ? _raw_spin_lock_irq+0xae/0xf0
[  158.016944][ T5889]  ? __pfx_ptrace_notify+0x10/0x10
[  158.016975][ T5889]  security_file_ioctl+0xcb/0x2d0
[  158.016994][ T5889]  __se_sys_ioctl+0x47/0x170
[  158.017013][ T5889]  do_syscall_64+0xfa/0x3b0
[  158.017035][ T5889]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.017056][ T5889]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.017071][ T5889]  ? clear_bhb_loop+0x60/0xb0
[  158.017089][ T5889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.017104][ T5889] RIP: 0033:0x7f39278e2869
[  158.017118][ T5889] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  158.017130][ T5889] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.017147][ T5889] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5889] exit_group(0)               = ?
[pid  5889] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5889, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5890 attached
, child_tidptr=0x55558ec87650) = 5890
[pid  5890] set_robust_list(0x55558ec87660, 24) = 0
[pid  5890] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5890] setpgid(0, 0)               = 0
[pid  5890] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5890] write(3, "1000", 4)         = 4
[pid  5890] close(3)                    = 0
[  158.017158][ T5889] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  158.017167][ T5889] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  158.017177][ T5889] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  158.017186][ T5889] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  158.017207][ T5889]  </TASK>
executing program
[pid  5890] write(1, "executing program\n", 18) = 18
[pid  5890] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5890] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5890] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5890] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5890] write(6, "4", 1)            = 1
[  158.376150][ T5890] FAULT_INJECTION: forcing a failure.
[  158.376150][ T5890] name failslab, interval 1, probability 0, space 0, times 0
[  158.389366][ T5890] CPU: 1 UID: 0 PID: 5890 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  158.389397][ T5890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  158.389410][ T5890] Call Trace:
[  158.389419][ T5890]  <TASK>
[  158.389428][ T5890]  dump_stack_lvl+0x189/0x250
[  158.389459][ T5890]  ? __pfx____ratelimit+0x10/0x10
[  158.389491][ T5890]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.389515][ T5890]  ? __pfx__printk+0x10/0x10
[  158.389549][ T5890]  ? __pfx___might_resched+0x10/0x10
[  158.389580][ T5890]  ? fs_reclaim_acquire+0x7d/0x100
[  158.389612][ T5890]  should_fail_ex+0x414/0x560
[  158.389635][ T5890]  should_failslab+0xa8/0x100
[  158.389660][ T5890]  __kmalloc_noprof+0xcb/0x4f0
[  158.389681][ T5890]  ? tomoyo_init_log+0x1a6e/0x1f70
[  158.389710][ T5890]  tomoyo_init_log+0x1a6e/0x1f70
[  158.389753][ T5890]  ? __pfx_tomoyo_init_log+0x10/0x10
[  158.389777][ T5890]  ? tomoyo_profile+0x11/0x50
[  158.389801][ T5890]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  158.389825][ T5890]  tomoyo_supervisor+0x340/0x1480
[  158.389852][ T5890]  ? format_decode+0x5a3/0xe30
[  158.389878][ T5890]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  158.389912][ T5890]  ? snprintf+0xda/0x120
[  158.389936][ T5890]  ? __pfx_snprintf+0x10/0x10
[  158.389957][ T5890]  ? tomoyo_check_acl+0x386/0x400
[  158.389982][ T5890]  tomoyo_path_number_perm+0x438/0x5a0
[  158.390002][ T5890]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  158.390023][ T5890]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  158.390050][ T5890]  ? _raw_spin_lock_irq+0xae/0xf0
[  158.390098][ T5890]  ? __pfx_ptrace_notify+0x10/0x10
[  158.390133][ T5890]  security_file_ioctl+0xcb/0x2d0
[  158.390154][ T5890]  __se_sys_ioctl+0x47/0x170
[  158.390175][ T5890]  do_syscall_64+0xfa/0x3b0
[  158.390199][ T5890]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.390222][ T5890]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.390239][ T5890]  ? clear_bhb_loop+0x60/0xb0
[  158.390269][ T5890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.390285][ T5890] RIP: 0033:0x7f39278e2869
[  158.390300][ T5890] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  158.390314][ T5890] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.390332][ T5890] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5890] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5890] exit_group(0)               = ?
[pid  5890] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5890, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558ec87650) = 5891
./strace-static-x86_64: Process 5891 attached
[pid  5891] set_robust_list(0x55558ec87660, 24) = 0
[pid  5891] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5891] setpgid(0, 0)               = 0
[pid  5891] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5891] write(3, "1000", 4)         = 4
[pid  5891] close(3)                    = 0
executing program
[pid  5891] write(1, "executing program\n", 18) = 18
[pid  5891] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5891] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5891] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[  158.390345][ T5890] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  158.390355][ T5890] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  158.390365][ T5890] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  158.390375][ T5890] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  158.390399][ T5890]  </TASK>
[pid  5891] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5891] write(6, "4", 1)            = 1
[pid  5891] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  158.713358][ T5891] FAULT_INJECTION: forcing a failure.
[  158.713358][ T5891] name failslab, interval 1, probability 0, space 0, times 0
[  158.726539][ T5891] CPU: 1 UID: 0 PID: 5891 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  158.726568][ T5891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  158.726580][ T5891] Call Trace:
[  158.726588][ T5891]  <TASK>
[  158.726597][ T5891]  dump_stack_lvl+0x189/0x250
[  158.726626][ T5891]  ? __pfx____ratelimit+0x10/0x10
[  158.726658][ T5891]  ? __pfx_dump_stack_lvl+0x10/0x10
[  158.726682][ T5891]  ? __pfx__printk+0x10/0x10
[  158.726718][ T5891]  ? __pfx___might_resched+0x10/0x10
[  158.726744][ T5891]  ? fs_reclaim_acquire+0x7d/0x100
[  158.726770][ T5891]  should_fail_ex+0x414/0x560
[  158.726791][ T5891]  should_failslab+0xa8/0x100
[  158.726814][ T5891]  __kmalloc_noprof+0xcb/0x4f0
[  158.726832][ T5891]  ? tomoyo_init_log+0x1a6e/0x1f70
[  158.726858][ T5891]  tomoyo_init_log+0x1a6e/0x1f70
[  158.726897][ T5891]  ? __pfx_tomoyo_init_log+0x10/0x10
[  158.726919][ T5891]  ? tomoyo_profile+0x11/0x50
[  158.726940][ T5891]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  158.726962][ T5891]  tomoyo_supervisor+0x340/0x1480
[  158.726986][ T5891]  ? format_decode+0x5a3/0xe30
[  158.727009][ T5891]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  158.727040][ T5891]  ? snprintf+0xda/0x120
[  158.727062][ T5891]  ? __pfx_snprintf+0x10/0x10
[  158.727081][ T5891]  ? tomoyo_check_acl+0x386/0x400
[  158.727103][ T5891]  tomoyo_path_number_perm+0x438/0x5a0
[  158.727121][ T5891]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  158.727140][ T5891]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  158.727164][ T5891]  ? _raw_spin_lock_irq+0xae/0xf0
[  158.727208][ T5891]  ? __pfx_ptrace_notify+0x10/0x10
[  158.727239][ T5891]  security_file_ioctl+0xcb/0x2d0
[  158.727258][ T5891]  __se_sys_ioctl+0x47/0x170
[  158.727277][ T5891]  do_syscall_64+0xfa/0x3b0
[  158.727321][ T5891]  ? lockdep_hardirqs_on+0x9c/0x150
[  158.727342][ T5891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.727357][ T5891]  ? clear_bhb_loop+0x60/0xb0
[  158.727376][ T5891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.727391][ T5891] RIP: 0033:0x7f39278e2869
[  158.727405][ T5891] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  158.727417][ T5891] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.727434][ T5891] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5891] exit_group(0)               = ?
[pid  5891] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5891, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5892 attached
, child_tidptr=0x55558ec87650) = 5892
[pid  5892] set_robust_list(0x55558ec87660, 24) = 0
[pid  5892] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5892] setpgid(0, 0)               = 0
[pid  5892] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5892] write(3, "1000", 4)         = 4
[pid  5892] close(3)                    = 0
executing program
[pid  5892] write(1, "executing program\n", 18) = 18
[pid  5892] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[  158.727445][ T5891] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  158.727454][ T5891] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  158.727463][ T5891] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  158.727472][ T5891] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  158.727494][ T5891]  </TASK>
[pid  5892] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5892] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5892] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5892] write(6, "4", 1)            = 1
[pid  5892] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5892] exit_group(0)               = ?
[  159.049598][ T5892] FAULT_INJECTION: forcing a failure.
[  159.049598][ T5892] name failslab, interval 1, probability 0, space 0, times 0
[  159.063638][ T5892] CPU: 0 UID: 0 PID: 5892 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  159.063667][ T5892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  159.063679][ T5892] Call Trace:
[  159.063691][ T5892]  <TASK>
[  159.063703][ T5892]  dump_stack_lvl+0x189/0x250
[  159.063726][ T5892]  ? __pfx____ratelimit+0x10/0x10
[  159.063748][ T5892]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.063765][ T5892]  ? __pfx__printk+0x10/0x10
[  159.063790][ T5892]  ? __pfx___might_resched+0x10/0x10
[  159.063812][ T5892]  ? fs_reclaim_acquire+0x7d/0x100
[  159.063839][ T5892]  should_fail_ex+0x414/0x560
[  159.063861][ T5892]  should_failslab+0xa8/0x100
[  159.063884][ T5892]  __kmalloc_noprof+0xcb/0x4f0
[  159.063902][ T5892]  ? tomoyo_init_log+0x1a6e/0x1f70
[  159.063928][ T5892]  tomoyo_init_log+0x1a6e/0x1f70
[  159.063970][ T5892]  ? __pfx_tomoyo_init_log+0x10/0x10
[  159.064010][ T5892]  ? tomoyo_profile+0x11/0x50
[  159.064031][ T5892]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  159.064054][ T5892]  tomoyo_supervisor+0x340/0x1480
[  159.064078][ T5892]  ? format_decode+0x5a3/0xe30
[  159.064101][ T5892]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  159.064132][ T5892]  ? snprintf+0xda/0x120
[  159.064154][ T5892]  ? __pfx_snprintf+0x10/0x10
[  159.064174][ T5892]  ? tomoyo_check_acl+0x386/0x400
[  159.064197][ T5892]  tomoyo_path_number_perm+0x438/0x5a0
[  159.064215][ T5892]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  159.064234][ T5892]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  159.064259][ T5892]  ? _raw_spin_lock_irq+0xae/0xf0
[  159.064303][ T5892]  ? __pfx_ptrace_notify+0x10/0x10
[  159.064334][ T5892]  security_file_ioctl+0xcb/0x2d0
[  159.064353][ T5892]  __se_sys_ioctl+0x47/0x170
[  159.064373][ T5892]  do_syscall_64+0xfa/0x3b0
[  159.064396][ T5892]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.064417][ T5892]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.064442][ T5892]  ? clear_bhb_loop+0x60/0xb0
[  159.064461][ T5892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.064476][ T5892] RIP: 0033:0x7f39278e2869
[  159.064491][ T5892] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  159.064503][ T5892] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid  5892] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5892, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5893 attached
, child_tidptr=0x55558ec87650) = 5893
[  159.064520][ T5892] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  159.064532][ T5892] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  159.064541][ T5892] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  159.064550][ T5892] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  159.064559][ T5892] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  159.064580][ T5892]  </TASK>
[pid  5893] set_robust_list(0x55558ec87660, 24) = 0
[pid  5893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5893] setpgid(0, 0)               = 0
[pid  5893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5893] write(3, "1000", 4)         = 4
[pid  5893] close(3)                    = 0
executing program
[pid  5893] write(1, "executing program\n", 18) = 18
[pid  5893] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5893] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5893] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5893] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5893] write(6, "4", 1)            = 1
[pid  5893] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5893] exit_group(0)               = ?
[pid  5893] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5893, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  159.409667][ T5893] FAULT_INJECTION: forcing a failure.
[  159.409667][ T5893] name failslab, interval 1, probability 0, space 0, times 0
[  159.422561][ T5893] CPU: 1 UID: 0 PID: 5893 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  159.422590][ T5893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  159.422602][ T5893] Call Trace:
[  159.422610][ T5893]  <TASK>
[  159.422620][ T5893]  dump_stack_lvl+0x189/0x250
[  159.422649][ T5893]  ? __pfx____ratelimit+0x10/0x10
[  159.422679][ T5893]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.422702][ T5893]  ? __pfx__printk+0x10/0x10
[  159.422737][ T5893]  ? __pfx___might_resched+0x10/0x10
[  159.422769][ T5893]  ? fs_reclaim_acquire+0x7d/0x100
[  159.422805][ T5893]  should_fail_ex+0x414/0x560
[  159.422837][ T5893]  should_failslab+0xa8/0x100
[  159.422877][ T5893]  __kmalloc_noprof+0xcb/0x4f0
[  159.422904][ T5893]  ? tomoyo_init_log+0x1a6e/0x1f70
[  159.422941][ T5893]  tomoyo_init_log+0x1a6e/0x1f70
[  159.422999][ T5893]  ? __pfx_tomoyo_init_log+0x10/0x10
[  159.423031][ T5893]  ? tomoyo_profile+0x11/0x50
[  159.423060][ T5893]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  159.423088][ T5893]  tomoyo_supervisor+0x340/0x1480
[  159.423114][ T5893]  ? format_decode+0x5a3/0xe30
[  159.423147][ T5893]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  159.423178][ T5893]  ? snprintf+0xda/0x120
[  159.423199][ T5893]  ? __pfx_snprintf+0x10/0x10
[  159.423219][ T5893]  ? tomoyo_check_acl+0x386/0x400
[  159.423241][ T5893]  tomoyo_path_number_perm+0x438/0x5a0
[  159.423259][ T5893]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  159.423278][ T5893]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  159.423302][ T5893]  ? _raw_spin_lock_irq+0xae/0xf0
[  159.423346][ T5893]  ? __pfx_ptrace_notify+0x10/0x10
[  159.423379][ T5893]  security_file_ioctl+0xcb/0x2d0
[  159.423399][ T5893]  __se_sys_ioctl+0x47/0x170
[  159.423418][ T5893]  do_syscall_64+0xfa/0x3b0
[  159.423440][ T5893]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.423462][ T5893]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.423476][ T5893]  ? clear_bhb_loop+0x60/0xb0
[  159.423495][ T5893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.423510][ T5893] RIP: 0033:0x7f39278e2869
[  159.423524][ T5893] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  159.423537][ T5893] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5894 attached
, child_tidptr=0x55558ec87650) = 5894
[pid  5894] set_robust_list(0x55558ec87660, 24) = 0
[pid  5894] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5894] setpgid(0, 0)               = 0
[pid  5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5894] write(3, "1000", 4)         = 4
executing program
[pid  5894] close(3)                    = 0
[pid  5894] write(1, "executing program\n", 18) = 18
[pid  5894] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5894] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5894] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[  159.423553][ T5893] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  159.423564][ T5893] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  159.423573][ T5893] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  159.423582][ T5893] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  159.423591][ T5893] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  159.423613][ T5893]  </TASK>
[pid  5894] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5894] write(6, "4", 1)            = 1
[  159.773847][ T5894] FAULT_INJECTION: forcing a failure.
[  159.773847][ T5894] name failslab, interval 1, probability 0, space 0, times 0
[  159.786779][ T5894] CPU: 0 UID: 0 PID: 5894 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  159.786801][ T5894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  159.786810][ T5894] Call Trace:
[  159.786816][ T5894]  <TASK>
[  159.786822][ T5894]  dump_stack_lvl+0x189/0x250
[  159.786844][ T5894]  ? __pfx____ratelimit+0x10/0x10
[  159.786867][ T5894]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.786884][ T5894]  ? __pfx__printk+0x10/0x10
[  159.786909][ T5894]  ? __pfx___might_resched+0x10/0x10
[  159.786931][ T5894]  ? fs_reclaim_acquire+0x7d/0x100
[  159.786958][ T5894]  should_fail_ex+0x414/0x560
[  159.786979][ T5894]  should_failslab+0xa8/0x100
[  159.787001][ T5894]  __kmalloc_noprof+0xcb/0x4f0
[  159.787020][ T5894]  ? tomoyo_init_log+0x1a6e/0x1f70
[  159.787046][ T5894]  tomoyo_init_log+0x1a6e/0x1f70
[  159.787085][ T5894]  ? __pfx_tomoyo_init_log+0x10/0x10
[  159.787107][ T5894]  ? tomoyo_profile+0x11/0x50
[  159.787128][ T5894]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  159.787150][ T5894]  tomoyo_supervisor+0x340/0x1480
[  159.787175][ T5894]  ? format_decode+0x5a3/0xe30
[  159.787200][ T5894]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  159.787231][ T5894]  ? snprintf+0xda/0x120
[  159.787253][ T5894]  ? __pfx_snprintf+0x10/0x10
[  159.787272][ T5894]  ? tomoyo_check_acl+0x386/0x400
[  159.787294][ T5894]  tomoyo_path_number_perm+0x438/0x5a0
[  159.787312][ T5894]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  159.787331][ T5894]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  159.787355][ T5894]  ? _raw_spin_lock_irq+0xae/0xf0
[  159.787398][ T5894]  ? __pfx_ptrace_notify+0x10/0x10
[  159.787436][ T5894]  security_file_ioctl+0xcb/0x2d0
[  159.787455][ T5894]  __se_sys_ioctl+0x47/0x170
[  159.787474][ T5894]  do_syscall_64+0xfa/0x3b0
[  159.787496][ T5894]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.787517][ T5894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.787532][ T5894]  ? clear_bhb_loop+0x60/0xb0
[  159.787550][ T5894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.787565][ T5894] RIP: 0033:0x7f39278e2869
[  159.787579][ T5894] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  159.787592][ T5894] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  159.787608][ T5894] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5894] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5894] exit_group(0)               = ?
[pid  5894] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5895 attached
[  159.787620][ T5894] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  159.787629][ T5894] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  159.787638][ T5894] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  159.787647][ T5894] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  159.787668][ T5894]  </TASK>
, child_tidptr=0x55558ec87650) = 5895
[pid  5895] set_robust_list(0x55558ec87660, 24) = 0
[pid  5895] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5895] setpgid(0, 0)               = 0
[pid  5895] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5895] write(3, "1000", 4)         = 4
[pid  5895] close(3)                    = 0
executing program
[pid  5895] write(1, "executing program\n", 18) = 18
[pid  5895] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5895] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5895] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5895] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5895] write(6, "4", 1)            = 1
[pid  5895] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5895] exit_group(0)               = ?
[  160.191737][ T5895] FAULT_INJECTION: forcing a failure.
[  160.191737][ T5895] name failslab, interval 1, probability 0, space 0, times 0
[  160.204880][ T5895] CPU: 1 UID: 0 PID: 5895 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  160.204901][ T5895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  160.204911][ T5895] Call Trace:
[  160.204918][ T5895]  <TASK>
[  160.204925][ T5895]  dump_stack_lvl+0x189/0x250
[  160.204947][ T5895]  ? __pfx____ratelimit+0x10/0x10
[  160.204969][ T5895]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.204986][ T5895]  ? __pfx__printk+0x10/0x10
[  160.205010][ T5895]  ? __pfx___might_resched+0x10/0x10
[  160.205033][ T5895]  ? fs_reclaim_acquire+0x7d/0x100
[  160.205059][ T5895]  should_fail_ex+0x414/0x560
[  160.205080][ T5895]  should_failslab+0xa8/0x100
[  160.205103][ T5895]  __kmalloc_noprof+0xcb/0x4f0
[  160.205123][ T5895]  ? tomoyo_init_log+0x1a6e/0x1f70
[  160.205149][ T5895]  tomoyo_init_log+0x1a6e/0x1f70
[  160.205188][ T5895]  ? __pfx_tomoyo_init_log+0x10/0x10
[  160.205210][ T5895]  ? tomoyo_profile+0x11/0x50
[  160.205231][ T5895]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  160.205253][ T5895]  tomoyo_supervisor+0x340/0x1480
[  160.205277][ T5895]  ? format_decode+0x5a3/0xe30
[  160.205300][ T5895]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  160.205331][ T5895]  ? snprintf+0xda/0x120
[  160.205352][ T5895]  ? __pfx_snprintf+0x10/0x10
[  160.205382][ T5895]  ? tomoyo_check_acl+0x386/0x400
[  160.205405][ T5895]  tomoyo_path_number_perm+0x438/0x5a0
[  160.205423][ T5895]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  160.205442][ T5895]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  160.205467][ T5895]  ? _raw_spin_lock_irq+0xae/0xf0
[  160.205510][ T5895]  ? __pfx_ptrace_notify+0x10/0x10
[  160.205541][ T5895]  security_file_ioctl+0xcb/0x2d0
[  160.205560][ T5895]  __se_sys_ioctl+0x47/0x170
[  160.205579][ T5895]  do_syscall_64+0xfa/0x3b0
[  160.205601][ T5895]  ? lockdep_hardirqs_on+0x9c/0x150
[  160.205622][ T5895]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.205637][ T5895]  ? clear_bhb_loop+0x60/0xb0
[  160.205656][ T5895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.205670][ T5895] RIP: 0033:0x7f39278e2869
[  160.205684][ T5895] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  160.205697][ T5895] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.205713][ T5895] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5895] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5895, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5896 attached
, child_tidptr=0x55558ec87650) = 5896
[pid  5896] set_robust_list(0x55558ec87660, 24) = 0
[pid  5896] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5896] setpgid(0, 0)               = 0
[pid  5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5896] write(3, "1000", 4)         = 4
[pid  5896] close(3executing program
)                    = 0
[pid  5896] write(1, "executing program\n", 18) = 18
[pid  5896] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5896] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5896] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5896] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5896] write(6, "4", 1)            = 1
[  160.205725][ T5895] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  160.205734][ T5895] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  160.205743][ T5895] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  160.205752][ T5895] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  160.205773][ T5895]  </TASK>
[  160.509765][ T5896] FAULT_INJECTION: forcing a failure.
[  160.509765][ T5896] name failslab, interval 1, probability 0, space 0, times 0
[  160.522724][ T5896] CPU: 0 UID: 0 PID: 5896 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  160.522755][ T5896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  160.522768][ T5896] Call Trace:
[  160.522776][ T5896]  <TASK>
[  160.522786][ T5896]  dump_stack_lvl+0x189/0x250
[  160.522814][ T5896]  ? __pfx____ratelimit+0x10/0x10
[  160.522843][ T5896]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.522865][ T5896]  ? __pfx__printk+0x10/0x10
[  160.522890][ T5896]  ? __pfx___might_resched+0x10/0x10
[  160.522913][ T5896]  ? fs_reclaim_acquire+0x7d/0x100
[  160.522939][ T5896]  should_fail_ex+0x414/0x560
[  160.522960][ T5896]  should_failslab+0xa8/0x100
[  160.522982][ T5896]  __kmalloc_noprof+0xcb/0x4f0
[  160.523000][ T5896]  ? tomoyo_init_log+0x1a6e/0x1f70
[  160.523026][ T5896]  tomoyo_init_log+0x1a6e/0x1f70
[  160.523064][ T5896]  ? __pfx_tomoyo_init_log+0x10/0x10
[  160.523086][ T5896]  ? tomoyo_profile+0x11/0x50
[  160.523109][ T5896]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  160.523134][ T5896]  tomoyo_supervisor+0x340/0x1480
[  160.523158][ T5896]  ? format_decode+0x5a3/0xe30
[  160.523181][ T5896]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  160.523212][ T5896]  ? snprintf+0xda/0x120
[  160.523233][ T5896]  ? __pfx_snprintf+0x10/0x10
[  160.523252][ T5896]  ? tomoyo_check_acl+0x386/0x400
[  160.523274][ T5896]  tomoyo_path_number_perm+0x438/0x5a0
[  160.523292][ T5896]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  160.523311][ T5896]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  160.523335][ T5896]  ? _raw_spin_lock_irq+0xae/0xf0
[  160.523385][ T5896]  ? __pfx_ptrace_notify+0x10/0x10
[  160.523417][ T5896]  security_file_ioctl+0xcb/0x2d0
[  160.523436][ T5896]  __se_sys_ioctl+0x47/0x170
[  160.523455][ T5896]  do_syscall_64+0xfa/0x3b0
[  160.523476][ T5896]  ? lockdep_hardirqs_on+0x9c/0x150
[  160.523498][ T5896]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.523512][ T5896]  ? clear_bhb_loop+0x60/0xb0
[  160.523531][ T5896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.523546][ T5896] RIP: 0033:0x7f39278e2869
[  160.523560][ T5896] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  160.523572][ T5896] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.523589][ T5896] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5896] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5896] exit_group(0)               = ?
[pid  5896] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5896, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5897 attached
, child_tidptr=0x55558ec87650) = 5897
[pid  5897] set_robust_list(0x55558ec87660, 24) = 0
[pid  5897] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5897] setpgid(0, 0)               = 0
[pid  5897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5897] write(3, "1000", 4)         = 4
[pid  5897] close(3)                    = 0
executing program
[pid  5897] write(1, "executing program\n", 18) = 18
[pid  5897] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5897] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5897] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5897] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[  160.523600][ T5896] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  160.523609][ T5896] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  160.523618][ T5896] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  160.523627][ T5896] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  160.523648][ T5896]  </TASK>
[pid  5897] write(6, "4", 1)            = 1
[pid  5897] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5897] exit_group(0)               = ?
[  160.842254][ T5897] FAULT_INJECTION: forcing a failure.
[  160.842254][ T5897] name failslab, interval 1, probability 0, space 0, times 0
[  160.855112][ T5897] CPU: 1 UID: 0 PID: 5897 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  160.855135][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  160.855144][ T5897] Call Trace:
[  160.855150][ T5897]  <TASK>
[  160.855156][ T5897]  dump_stack_lvl+0x189/0x250
[  160.855178][ T5897]  ? __pfx____ratelimit+0x10/0x10
[  160.855200][ T5897]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.855217][ T5897]  ? __pfx__printk+0x10/0x10
[  160.855242][ T5897]  ? __pfx___might_resched+0x10/0x10
[  160.855271][ T5897]  ? fs_reclaim_acquire+0x7d/0x100
[  160.855298][ T5897]  should_fail_ex+0x414/0x560
[  160.855319][ T5897]  should_failslab+0xa8/0x100
[  160.855341][ T5897]  __kmalloc_noprof+0xcb/0x4f0
[  160.855359][ T5897]  ? tomoyo_init_log+0x1a6e/0x1f70
[  160.855384][ T5897]  tomoyo_init_log+0x1a6e/0x1f70
[  160.855423][ T5897]  ? __pfx_tomoyo_init_log+0x10/0x10
[  160.855445][ T5897]  ? tomoyo_profile+0x11/0x50
[  160.855466][ T5897]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  160.855489][ T5897]  tomoyo_supervisor+0x340/0x1480
[  160.855513][ T5897]  ? format_decode+0x5a3/0xe30
[  160.855536][ T5897]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  160.855567][ T5897]  ? snprintf+0xda/0x120
[  160.855588][ T5897]  ? __pfx_snprintf+0x10/0x10
[  160.855607][ T5897]  ? tomoyo_check_acl+0x386/0x400
[  160.855630][ T5897]  tomoyo_path_number_perm+0x438/0x5a0
[  160.855647][ T5897]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  160.855666][ T5897]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  160.855690][ T5897]  ? _raw_spin_lock_irq+0xae/0xf0
[  160.855734][ T5897]  ? __pfx_ptrace_notify+0x10/0x10
[  160.855765][ T5897]  security_file_ioctl+0xcb/0x2d0
[  160.855784][ T5897]  __se_sys_ioctl+0x47/0x170
[  160.855803][ T5897]  do_syscall_64+0xfa/0x3b0
[  160.855824][ T5897]  ? lockdep_hardirqs_on+0x9c/0x150
[  160.855845][ T5897]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.855860][ T5897]  ? clear_bhb_loop+0x60/0xb0
[  160.855879][ T5897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.855894][ T5897] RIP: 0033:0x7f39278e2869
[  160.855907][ T5897] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  160.855920][ T5897] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  160.855936][ T5897] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5897] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5897, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5898 attached
, child_tidptr=0x55558ec87650) = 5898
[pid  5898] set_robust_list(0x55558ec87660, 24) = 0
[pid  5898] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5898] setpgid(0, 0)               = 0
[pid  5898] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5898] write(3, "1000", 4)         = 4
[  160.855947][ T5897] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  160.855956][ T5897] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  160.855966][ T5897] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  160.855974][ T5897] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  160.855996][ T5897]  </TASK>
[pid  5898] close(3)                    = 0
executing program
[pid  5898] write(1, "executing program\n", 18) = 18
[pid  5898] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5898] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5898] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5898] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5898] write(6, "4", 1)            = 1
[pid  5898] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5898] exit_group(0)               = ?
[  161.201750][ T5898] FAULT_INJECTION: forcing a failure.
[  161.201750][ T5898] name failslab, interval 1, probability 0, space 0, times 0
[  161.214659][ T5898] CPU: 0 UID: 0 PID: 5898 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  161.214689][ T5898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  161.214702][ T5898] Call Trace:
[  161.214710][ T5898]  <TASK>
[  161.214720][ T5898]  dump_stack_lvl+0x189/0x250
[  161.214750][ T5898]  ? __pfx____ratelimit+0x10/0x10
[  161.214782][ T5898]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.214806][ T5898]  ? __pfx__printk+0x10/0x10
[  161.214842][ T5898]  ? __pfx___might_resched+0x10/0x10
[  161.214875][ T5898]  ? fs_reclaim_acquire+0x7d/0x100
[  161.214912][ T5898]  should_fail_ex+0x414/0x560
[  161.214944][ T5898]  should_failslab+0xa8/0x100
[  161.214974][ T5898]  __kmalloc_noprof+0xcb/0x4f0
[  161.215000][ T5898]  ? tomoyo_init_log+0x1a6e/0x1f70
[  161.215033][ T5898]  tomoyo_init_log+0x1a6e/0x1f70
[  161.215073][ T5898]  ? __pfx_tomoyo_init_log+0x10/0x10
[  161.215095][ T5898]  ? tomoyo_profile+0x11/0x50
[  161.215116][ T5898]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  161.215139][ T5898]  tomoyo_supervisor+0x340/0x1480
[  161.215163][ T5898]  ? format_decode+0x5a3/0xe30
[  161.215186][ T5898]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  161.215223][ T5898]  ? snprintf+0xda/0x120
[  161.215245][ T5898]  ? __pfx_snprintf+0x10/0x10
[  161.215264][ T5898]  ? tomoyo_check_acl+0x386/0x400
[  161.215287][ T5898]  tomoyo_path_number_perm+0x438/0x5a0
[  161.215304][ T5898]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  161.215323][ T5898]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  161.215347][ T5898]  ? _raw_spin_lock_irq+0xae/0xf0
[  161.215391][ T5898]  ? __pfx_ptrace_notify+0x10/0x10
[  161.215422][ T5898]  security_file_ioctl+0xcb/0x2d0
[  161.215441][ T5898]  __se_sys_ioctl+0x47/0x170
[  161.215460][ T5898]  do_syscall_64+0xfa/0x3b0
[  161.215482][ T5898]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.215503][ T5898]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.215518][ T5898]  ? clear_bhb_loop+0x60/0xb0
[  161.215536][ T5898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.215551][ T5898] RIP: 0033:0x7f39278e2869
[  161.215565][ T5898] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  161.215578][ T5898] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.215594][ T5898] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5898] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5898, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5899 attached
, child_tidptr=0x55558ec87650) = 5899
[pid  5899] set_robust_list(0x55558ec87660, 24) = 0
[pid  5899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5899] setpgid(0, 0)               = 0
[pid  5899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5899] write(3, "1000", 4)         = 4
[pid  5899] close(3executing program
)                    = 0
[pid  5899] write(1, "executing program\n", 18) = 18
[pid  5899] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5899] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5899] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5899] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5899] write(6, "4", 1)            = 1
[  161.215605][ T5898] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  161.215614][ T5898] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  161.215624][ T5898] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  161.215633][ T5898] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  161.215654][ T5898]  </TASK>
[pid  5899] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5899] exit_group(0)               = ?
[pid  5899] +++ exited with 0 +++
[  161.515602][ T5899] FAULT_INJECTION: forcing a failure.
[  161.515602][ T5899] name failslab, interval 1, probability 0, space 0, times 0
[  161.528864][ T5899] CPU: 1 UID: 0 PID: 5899 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  161.528896][ T5899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  161.528909][ T5899] Call Trace:
[  161.528917][ T5899]  <TASK>
[  161.528924][ T5899]  dump_stack_lvl+0x189/0x250
[  161.528945][ T5899]  ? __pfx____ratelimit+0x10/0x10
[  161.528968][ T5899]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.528985][ T5899]  ? __pfx__printk+0x10/0x10
[  161.529010][ T5899]  ? __pfx___might_resched+0x10/0x10
[  161.529041][ T5899]  ? fs_reclaim_acquire+0x7d/0x100
[  161.529068][ T5899]  should_fail_ex+0x414/0x560
[  161.529090][ T5899]  should_failslab+0xa8/0x100
[  161.529112][ T5899]  __kmalloc_noprof+0xcb/0x4f0
[  161.529131][ T5899]  ? tomoyo_init_log+0x1a6e/0x1f70
[  161.529157][ T5899]  tomoyo_init_log+0x1a6e/0x1f70
[  161.529196][ T5899]  ? __pfx_tomoyo_init_log+0x10/0x10
[  161.529218][ T5899]  ? tomoyo_profile+0x11/0x50
[  161.529240][ T5899]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  161.529262][ T5899]  tomoyo_supervisor+0x340/0x1480
[  161.529287][ T5899]  ? format_decode+0x5a3/0xe30
[  161.529310][ T5899]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  161.529341][ T5899]  ? snprintf+0xda/0x120
[  161.529363][ T5899]  ? __pfx_snprintf+0x10/0x10
[  161.529382][ T5899]  ? tomoyo_check_acl+0x386/0x400
[  161.529405][ T5899]  tomoyo_path_number_perm+0x438/0x5a0
[  161.529424][ T5899]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  161.529443][ T5899]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  161.529467][ T5899]  ? _raw_spin_lock_irq+0xae/0xf0
[  161.529511][ T5899]  ? __pfx_ptrace_notify+0x10/0x10
[  161.529543][ T5899]  security_file_ioctl+0xcb/0x2d0
[  161.529562][ T5899]  __se_sys_ioctl+0x47/0x170
[  161.529581][ T5899]  do_syscall_64+0xfa/0x3b0
[  161.529604][ T5899]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.529625][ T5899]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.529640][ T5899]  ? clear_bhb_loop+0x60/0xb0
[  161.529659][ T5899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.529674][ T5899] RIP: 0033:0x7f39278e2869
[  161.529688][ T5899] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5899, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5900 attached
, child_tidptr=0x55558ec87650) = 5900
[pid  5900] set_robust_list(0x55558ec87660, 24) = 0
[pid  5900] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5900] setpgid(0, 0)               = 0
[pid  5900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5900] write(3, "1000", 4)         = 4
[pid  5900] close(3)                    = 0
executing program
[pid  5900] write(1, "executing program\n", 18) = 18
[pid  5900] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5900] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5900] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5900] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5900] write(6, "4", 1)            = 1
[  161.529701][ T5899] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.529717][ T5899] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  161.529728][ T5899] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  161.529737][ T5899] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  161.529747][ T5899] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  161.529755][ T5899] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  161.529778][ T5899]  </TASK>
[  161.843374][ T5900] FAULT_INJECTION: forcing a failure.
[  161.843374][ T5900] name failslab, interval 1, probability 0, space 0, times 0
[  161.856386][ T5900] CPU: 0 UID: 0 PID: 5900 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  161.856407][ T5900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  161.856416][ T5900] Call Trace:
[  161.856422][ T5900]  <TASK>
[  161.856429][ T5900]  dump_stack_lvl+0x189/0x250
[  161.856454][ T5900]  ? __pfx____ratelimit+0x10/0x10
[  161.856478][ T5900]  ? __pfx_dump_stack_lvl+0x10/0x10
[  161.856494][ T5900]  ? __pfx__printk+0x10/0x10
[  161.856519][ T5900]  ? __pfx___might_resched+0x10/0x10
[  161.856541][ T5900]  ? fs_reclaim_acquire+0x7d/0x100
[  161.856568][ T5900]  should_fail_ex+0x414/0x560
[  161.856590][ T5900]  should_failslab+0xa8/0x100
[  161.856611][ T5900]  __kmalloc_noprof+0xcb/0x4f0
[  161.856630][ T5900]  ? tomoyo_init_log+0x1a6e/0x1f70
[  161.856656][ T5900]  tomoyo_init_log+0x1a6e/0x1f70
[  161.856694][ T5900]  ? __pfx_tomoyo_init_log+0x10/0x10
[  161.856716][ T5900]  ? tomoyo_profile+0x11/0x50
[  161.856738][ T5900]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  161.856760][ T5900]  tomoyo_supervisor+0x340/0x1480
[  161.856784][ T5900]  ? format_decode+0x5a3/0xe30
[  161.856808][ T5900]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  161.856839][ T5900]  ? snprintf+0xda/0x120
[  161.856860][ T5900]  ? __pfx_snprintf+0x10/0x10
[  161.856879][ T5900]  ? tomoyo_check_acl+0x386/0x400
[  161.856901][ T5900]  tomoyo_path_number_perm+0x438/0x5a0
[  161.856919][ T5900]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  161.856938][ T5900]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  161.856962][ T5900]  ? _raw_spin_lock_irq+0xae/0xf0
[  161.857006][ T5900]  ? __pfx_ptrace_notify+0x10/0x10
[  161.857037][ T5900]  security_file_ioctl+0xcb/0x2d0
[  161.857056][ T5900]  __se_sys_ioctl+0x47/0x170
[  161.857079][ T5900]  do_syscall_64+0xfa/0x3b0
[  161.857101][ T5900]  ? lockdep_hardirqs_on+0x9c/0x150
[  161.857122][ T5900]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.857137][ T5900]  ? clear_bhb_loop+0x60/0xb0
[  161.857156][ T5900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.857171][ T5900] RIP: 0033:0x7f39278e2869
[  161.857184][ T5900] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  161.857197][ T5900] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.857219][ T5900] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5900] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5900] exit_group(0)               = ?
[pid  5900] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5900, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5901 attached
, child_tidptr=0x55558ec87650) = 5901
[pid  5901] set_robust_list(0x55558ec87660, 24) = 0
[  161.857230][ T5900] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  161.857239][ T5900] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  161.857249][ T5900] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  161.857257][ T5900] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  161.857279][ T5900]  </TASK>
[pid  5901] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5901] setpgid(0, 0)               = 0
[pid  5901] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5901] write(3, "1000", 4)         = 4
[pid  5901] close(3)                    = 0
executing program
[pid  5901] write(1, "executing program\n", 18) = 18
[pid  5901] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5901] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5901] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5901] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5901] write(6, "4", 1)            = 1
[pid  5901] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5901] exit_group(0)               = ?
[pid  5901] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5901, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[  162.238720][ T5901] FAULT_INJECTION: forcing a failure.
[  162.238720][ T5901] name failslab, interval 1, probability 0, space 0, times 0
[  162.251494][ T5901] CPU: 1 UID: 0 PID: 5901 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  162.251515][ T5901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  162.251524][ T5901] Call Trace:
[  162.251531][ T5901]  <TASK>
[  162.251537][ T5901]  dump_stack_lvl+0x189/0x250
[  162.251558][ T5901]  ? __pfx____ratelimit+0x10/0x10
[  162.251581][ T5901]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.251598][ T5901]  ? __pfx__printk+0x10/0x10
[  162.251622][ T5901]  ? __pfx___might_resched+0x10/0x10
[  162.251645][ T5901]  ? fs_reclaim_acquire+0x7d/0x100
[  162.251671][ T5901]  should_fail_ex+0x414/0x560
[  162.251693][ T5901]  should_failslab+0xa8/0x100
[  162.251715][ T5901]  __kmalloc_noprof+0xcb/0x4f0
[  162.251733][ T5901]  ? tomoyo_init_log+0x1a6e/0x1f70
[  162.251759][ T5901]  tomoyo_init_log+0x1a6e/0x1f70
[  162.251798][ T5901]  ? __pfx_tomoyo_init_log+0x10/0x10
[  162.251819][ T5901]  ? tomoyo_profile+0x11/0x50
[  162.251841][ T5901]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  162.251863][ T5901]  tomoyo_supervisor+0x340/0x1480
[  162.251897][ T5901]  ? format_decode+0x5a3/0xe30
[  162.251921][ T5901]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  162.251952][ T5901]  ? snprintf+0xda/0x120
[  162.251973][ T5901]  ? __pfx_snprintf+0x10/0x10
[  162.251992][ T5901]  ? tomoyo_check_acl+0x386/0x400
[  162.252015][ T5901]  tomoyo_path_number_perm+0x438/0x5a0
[  162.252032][ T5901]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  162.252051][ T5901]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  162.252075][ T5901]  ? _raw_spin_lock_irq+0xae/0xf0
[  162.252119][ T5901]  ? __pfx_ptrace_notify+0x10/0x10
[  162.252150][ T5901]  security_file_ioctl+0xcb/0x2d0
[  162.252169][ T5901]  __se_sys_ioctl+0x47/0x170
[  162.252188][ T5901]  do_syscall_64+0xfa/0x3b0
[  162.252210][ T5901]  ? lockdep_hardirqs_on+0x9c/0x150
[  162.252231][ T5901]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.252246][ T5901]  ? clear_bhb_loop+0x60/0xb0
[  162.252264][ T5901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.252279][ T5901] RIP: 0033:0x7f39278e2869
[  162.252293][ T5901] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  162.252305][ T5901] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.252321][ T5901] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5902 attached
, child_tidptr=0x55558ec87650) = 5902
[pid  5902] set_robust_list(0x55558ec87660, 24) = 0
[pid  5902] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5902] setpgid(0, 0)               = 0
[pid  5902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5902] write(3, "1000", 4)         = 4
[pid  5902] close(3)                    = 0
executing program
[pid  5902] write(1, "executing program\n", 18) = 18
[pid  5902] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5902] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5902] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5902] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5902] write(6, "4", 1)            = 1
[  162.252333][ T5901] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  162.252342][ T5901] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  162.252351][ T5901] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  162.252360][ T5901] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  162.252382][ T5901]  </TASK>
[pid  5902] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5902] exit_group(0)               = ?
[pid  5902] +++ exited with 0 +++
[  162.578571][ T5902] FAULT_INJECTION: forcing a failure.
[  162.578571][ T5902] name failslab, interval 1, probability 0, space 0, times 0
[  162.591953][ T5902] CPU: 0 UID: 0 PID: 5902 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  162.591978][ T5902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  162.591987][ T5902] Call Trace:
[  162.591994][ T5902]  <TASK>
[  162.592000][ T5902]  dump_stack_lvl+0x189/0x250
[  162.592024][ T5902]  ? __pfx____ratelimit+0x10/0x10
[  162.592047][ T5902]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.592064][ T5902]  ? __pfx__printk+0x10/0x10
[  162.592088][ T5902]  ? __pfx___might_resched+0x10/0x10
[  162.592121][ T5902]  ? fs_reclaim_acquire+0x7d/0x100
[  162.592148][ T5902]  should_fail_ex+0x414/0x560
[  162.592172][ T5902]  should_failslab+0xa8/0x100
[  162.592195][ T5902]  __kmalloc_noprof+0xcb/0x4f0
[  162.592213][ T5902]  ? tomoyo_init_log+0x1a6e/0x1f70
[  162.592239][ T5902]  tomoyo_init_log+0x1a6e/0x1f70
[  162.592289][ T5902]  ? __pfx_tomoyo_init_log+0x10/0x10
[  162.592315][ T5902]  ? tomoyo_profile+0x11/0x50
[  162.592337][ T5902]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  162.592359][ T5902]  tomoyo_supervisor+0x340/0x1480
[  162.592383][ T5902]  ? format_decode+0x5a3/0xe30
[  162.592418][ T5902]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  162.592452][ T5902]  ? snprintf+0xda/0x120
[  162.592473][ T5902]  ? __pfx_snprintf+0x10/0x10
[  162.592492][ T5902]  ? tomoyo_check_acl+0x386/0x400
[  162.592515][ T5902]  tomoyo_path_number_perm+0x438/0x5a0
[  162.592536][ T5902]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  162.592555][ T5902]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  162.592579][ T5902]  ? _raw_spin_lock_irq+0xae/0xf0
[  162.592626][ T5902]  ? __pfx_ptrace_notify+0x10/0x10
[  162.592658][ T5902]  security_file_ioctl+0xcb/0x2d0
[  162.592680][ T5902]  __se_sys_ioctl+0x47/0x170
[  162.592699][ T5902]  do_syscall_64+0xfa/0x3b0
[  162.592722][ T5902]  ? lockdep_hardirqs_on+0x9c/0x150
[  162.592743][ T5902]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.592758][ T5902]  ? clear_bhb_loop+0x60/0xb0
[  162.592780][ T5902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.592794][ T5902] RIP: 0033:0x7f39278e2869
[  162.592808][ T5902] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  162.592821][ T5902] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.592839][ T5902] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5902, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5903 attached
, child_tidptr=0x55558ec87650) = 5903
[pid  5903] set_robust_list(0x55558ec87660, 24) = 0
[pid  5903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5903] setpgid(0, 0)               = 0
[  162.592863][ T5902] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  162.592874][ T5902] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  162.592885][ T5902] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  162.592893][ T5902] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  162.592915][ T5902]  </TASK>
[pid  5903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5903] write(3, "1000", 4)         = 4
[pid  5903] close(3)                    = 0
[pid  5903] write(1, "executing program\n", 18executing program
) = 18
[pid  5903] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5903] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5903] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5903] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5903] write(6, "4", 1)            = 1
[pid  5903] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5903] exit_group(0)               = ?
[  162.970386][ T5903] FAULT_INJECTION: forcing a failure.
[  162.970386][ T5903] name failslab, interval 1, probability 0, space 0, times 0
[  162.983307][ T5903] CPU: 0 UID: 0 PID: 5903 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  162.983336][ T5903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  162.983348][ T5903] Call Trace:
[  162.983357][ T5903]  <TASK>
[  162.983366][ T5903]  dump_stack_lvl+0x189/0x250
[  162.983395][ T5903]  ? __pfx____ratelimit+0x10/0x10
[  162.983426][ T5903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.983451][ T5903]  ? __pfx__printk+0x10/0x10
[  162.983485][ T5903]  ? __pfx___might_resched+0x10/0x10
[  162.983516][ T5903]  ? fs_reclaim_acquire+0x7d/0x100
[  162.983552][ T5903]  should_fail_ex+0x414/0x560
[  162.983580][ T5903]  should_failslab+0xa8/0x100
[  162.983603][ T5903]  __kmalloc_noprof+0xcb/0x4f0
[  162.983621][ T5903]  ? tomoyo_init_log+0x1a6e/0x1f70
[  162.983647][ T5903]  tomoyo_init_log+0x1a6e/0x1f70
[  162.983687][ T5903]  ? __pfx_tomoyo_init_log+0x10/0x10
[  162.983709][ T5903]  ? tomoyo_profile+0x11/0x50
[  162.983730][ T5903]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  162.983752][ T5903]  tomoyo_supervisor+0x340/0x1480
[  162.983777][ T5903]  ? format_decode+0x5a3/0xe30
[  162.983799][ T5903]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  162.983830][ T5903]  ? snprintf+0xda/0x120
[  162.983851][ T5903]  ? __pfx_snprintf+0x10/0x10
[  162.983870][ T5903]  ? tomoyo_check_acl+0x386/0x400
[  162.983893][ T5903]  tomoyo_path_number_perm+0x438/0x5a0
[  162.983912][ T5903]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  162.983931][ T5903]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  162.983955][ T5903]  ? _raw_spin_lock_irq+0xae/0xf0
[  162.983998][ T5903]  ? __pfx_ptrace_notify+0x10/0x10
[  162.984030][ T5903]  security_file_ioctl+0xcb/0x2d0
[  162.984048][ T5903]  __se_sys_ioctl+0x47/0x170
[  162.984068][ T5903]  do_syscall_64+0xfa/0x3b0
[  162.984095][ T5903]  ? lockdep_hardirqs_on+0x9c/0x150
[  162.984117][ T5903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.984132][ T5903]  ? clear_bhb_loop+0x60/0xb0
[  162.984155][ T5903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.984170][ T5903] RIP: 0033:0x7f39278e2869
[  162.984184][ T5903] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  162.984197][ T5903] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.984213][ T5903] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5903] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5903, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5904 attached
, child_tidptr=0x55558ec87650) = 5904
[pid  5904] set_robust_list(0x55558ec87660, 24) = 0
[pid  5904] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5904] setpgid(0, 0)               = 0
[pid  5904] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5904] write(3, "1000", 4)         = 4
[pid  5904] close(3)                    = 0
executing program
[pid  5904] write(1, "executing program\n", 18) = 18
[  162.984224][ T5903] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  162.984233][ T5903] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  162.984243][ T5903] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  162.984251][ T5903] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  162.984273][ T5903]  </TASK>
[pid  5904] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5904] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5904] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5904] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5904] write(6, "4", 1)            = 1
[  163.323855][ T5904] FAULT_INJECTION: forcing a failure.
[  163.323855][ T5904] name failslab, interval 1, probability 0, space 0, times 0
[  163.336741][ T5904] CPU: 1 UID: 0 PID: 5904 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  163.336770][ T5904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.336782][ T5904] Call Trace:
[  163.336790][ T5904]  <TASK>
[  163.336800][ T5904]  dump_stack_lvl+0x189/0x250
[  163.336827][ T5904]  ? __pfx____ratelimit+0x10/0x10
[  163.336857][ T5904]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.336880][ T5904]  ? __pfx__printk+0x10/0x10
[  163.336914][ T5904]  ? __pfx___might_resched+0x10/0x10
[  163.336945][ T5904]  ? fs_reclaim_acquire+0x7d/0x100
[  163.336981][ T5904]  should_fail_ex+0x414/0x560
[  163.337010][ T5904]  should_failslab+0xa8/0x100
[  163.337040][ T5904]  __kmalloc_noprof+0xcb/0x4f0
[  163.337059][ T5904]  ? tomoyo_init_log+0x1a6e/0x1f70
[  163.337091][ T5904]  tomoyo_init_log+0x1a6e/0x1f70
[  163.337131][ T5904]  ? __pfx_tomoyo_init_log+0x10/0x10
[  163.337153][ T5904]  ? tomoyo_profile+0x11/0x50
[  163.337174][ T5904]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  163.337196][ T5904]  tomoyo_supervisor+0x340/0x1480
[  163.337221][ T5904]  ? format_decode+0x5a3/0xe30
[  163.337244][ T5904]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  163.337275][ T5904]  ? snprintf+0xda/0x120
[  163.337297][ T5904]  ? __pfx_snprintf+0x10/0x10
[  163.337316][ T5904]  ? tomoyo_check_acl+0x386/0x400
[  163.337338][ T5904]  tomoyo_path_number_perm+0x438/0x5a0
[  163.337356][ T5904]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  163.337375][ T5904]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  163.337399][ T5904]  ? _raw_spin_lock_irq+0xae/0xf0
[  163.337443][ T5904]  ? __pfx_ptrace_notify+0x10/0x10
[  163.337474][ T5904]  security_file_ioctl+0xcb/0x2d0
[  163.337493][ T5904]  __se_sys_ioctl+0x47/0x170
[  163.337513][ T5904]  do_syscall_64+0xfa/0x3b0
[  163.337535][ T5904]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.337556][ T5904]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.337572][ T5904]  ? clear_bhb_loop+0x60/0xb0
[  163.337590][ T5904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.337605][ T5904] RIP: 0033:0x7f39278e2869
[  163.337620][ T5904] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  163.337632][ T5904] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.337649][ T5904] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5904] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5904] exit_group(0)               = ?
[pid  5904] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5904, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5905 attached
, child_tidptr=0x55558ec87650) = 5905
[pid  5905] set_robust_list(0x55558ec87660, 24) = 0
[pid  5905] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5905] setpgid(0, 0)               = 0
[pid  5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5905] write(3, "1000", 4)         = 4
[pid  5905] close(3executing program
)                    = 0
[pid  5905] write(1, "executing program\n", 18) = 18
[pid  5905] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5905] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5905] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5905] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5905] write(6, "4", 1)            = 1
[  163.337660][ T5904] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  163.337669][ T5904] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  163.337679][ T5904] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  163.337688][ T5904] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  163.337709][ T5904]  </TASK>
[  163.648289][ T5905] FAULT_INJECTION: forcing a failure.
[  163.648289][ T5905] name failslab, interval 1, probability 0, space 0, times 0
[  163.661709][ T5905] CPU: 0 UID: 0 PID: 5905 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  163.661739][ T5905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.661752][ T5905] Call Trace:
[  163.661761][ T5905]  <TASK>
[  163.661770][ T5905]  dump_stack_lvl+0x189/0x250
[  163.661800][ T5905]  ? __pfx____ratelimit+0x10/0x10
[  163.661831][ T5905]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.661855][ T5905]  ? __pfx__printk+0x10/0x10
[  163.661890][ T5905]  ? __pfx___might_resched+0x10/0x10
[  163.661922][ T5905]  ? fs_reclaim_acquire+0x7d/0x100
[  163.661957][ T5905]  should_fail_ex+0x414/0x560
[  163.661987][ T5905]  should_failslab+0xa8/0x100
[  163.662018][ T5905]  __kmalloc_noprof+0xcb/0x4f0
[  163.662044][ T5905]  ? tomoyo_init_log+0x1a6e/0x1f70
[  163.662078][ T5905]  tomoyo_init_log+0x1a6e/0x1f70
[  163.662128][ T5905]  ? __pfx_tomoyo_init_log+0x10/0x10
[  163.662149][ T5905]  ? tomoyo_profile+0x11/0x50
[  163.662171][ T5905]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  163.662193][ T5905]  tomoyo_supervisor+0x340/0x1480
[  163.662218][ T5905]  ? format_decode+0x5a3/0xe30
[  163.662241][ T5905]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  163.662271][ T5905]  ? snprintf+0xda/0x120
[  163.662293][ T5905]  ? __pfx_snprintf+0x10/0x10
[  163.662312][ T5905]  ? tomoyo_check_acl+0x386/0x400
[  163.662335][ T5905]  tomoyo_path_number_perm+0x438/0x5a0
[  163.662352][ T5905]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  163.662371][ T5905]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  163.662395][ T5905]  ? _raw_spin_lock_irq+0xae/0xf0
[  163.662439][ T5905]  ? __pfx_ptrace_notify+0x10/0x10
[  163.662470][ T5905]  security_file_ioctl+0xcb/0x2d0
[  163.662489][ T5905]  __se_sys_ioctl+0x47/0x170
[  163.662508][ T5905]  do_syscall_64+0xfa/0x3b0
[  163.662530][ T5905]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.662551][ T5905]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.662567][ T5905]  ? clear_bhb_loop+0x60/0xb0
[  163.662585][ T5905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.662600][ T5905] RIP: 0033:0x7f39278e2869
[  163.662614][ T5905] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  163.662627][ T5905] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.662643][ T5905] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5905] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5905] exit_group(0)               = ?
[pid  5905] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5905, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5906 attached
, child_tidptr=0x55558ec87650) = 5906
[  163.662654][ T5905] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  163.662663][ T5905] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  163.662673][ T5905] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  163.662681][ T5905] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  163.662703][ T5905]  </TASK>
[pid  5906] set_robust_list(0x55558ec87660, 24) = 0
[pid  5906] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5906] setpgid(0, 0)               = 0
[pid  5906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5906] write(3, "1000", 4)         = 4
[pid  5906] close(3)                    = 0
executing program
[pid  5906] write(1, "executing program\n", 18) = 18
[pid  5906] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5906] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5906] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5906] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5906] write(6, "4", 1)            = 1
[pid  5906] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5906] exit_group(0)               = ?
[pid  5906] +++ exited with 0 +++
[  164.016938][ T5906] FAULT_INJECTION: forcing a failure.
[  164.016938][ T5906] name failslab, interval 1, probability 0, space 0, times 0
[  164.029880][ T5906] CPU: 0 UID: 0 PID: 5906 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  164.029912][ T5906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  164.029922][ T5906] Call Trace:
[  164.029928][ T5906]  <TASK>
[  164.029935][ T5906]  dump_stack_lvl+0x189/0x250
[  164.029957][ T5906]  ? __pfx____ratelimit+0x10/0x10
[  164.029980][ T5906]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.029997][ T5906]  ? __pfx__printk+0x10/0x10
[  164.030021][ T5906]  ? __pfx___might_resched+0x10/0x10
[  164.030044][ T5906]  ? fs_reclaim_acquire+0x7d/0x100
[  164.030070][ T5906]  should_fail_ex+0x414/0x560
[  164.030092][ T5906]  should_failslab+0xa8/0x100
[  164.030114][ T5906]  __kmalloc_noprof+0xcb/0x4f0
[  164.030133][ T5906]  ? tomoyo_init_log+0x1a6e/0x1f70
[  164.030158][ T5906]  tomoyo_init_log+0x1a6e/0x1f70
[  164.030197][ T5906]  ? __pfx_tomoyo_init_log+0x10/0x10
[  164.030219][ T5906]  ? tomoyo_profile+0x11/0x50
[  164.030240][ T5906]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  164.030262][ T5906]  tomoyo_supervisor+0x340/0x1480
[  164.030287][ T5906]  ? format_decode+0x5a3/0xe30
[  164.030309][ T5906]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  164.030340][ T5906]  ? snprintf+0xda/0x120
[  164.030361][ T5906]  ? __pfx_snprintf+0x10/0x10
[  164.030380][ T5906]  ? tomoyo_check_acl+0x386/0x400
[  164.030402][ T5906]  tomoyo_path_number_perm+0x438/0x5a0
[  164.030420][ T5906]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  164.030439][ T5906]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  164.030463][ T5906]  ? _raw_spin_lock_irq+0xae/0xf0
[  164.030506][ T5906]  ? __pfx_ptrace_notify+0x10/0x10
[  164.030537][ T5906]  security_file_ioctl+0xcb/0x2d0
[  164.030556][ T5906]  __se_sys_ioctl+0x47/0x170
[  164.030576][ T5906]  do_syscall_64+0xfa/0x3b0
[  164.030598][ T5906]  ? lockdep_hardirqs_on+0x9c/0x150
[  164.030619][ T5906]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.030634][ T5906]  ? clear_bhb_loop+0x60/0xb0
[  164.030652][ T5906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.030667][ T5906] RIP: 0033:0x7f39278e2869
[  164.030681][ T5906] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  164.030701][ T5906] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.030717][ T5906] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5906, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5907 attached
, child_tidptr=0x55558ec87650) = 5907
[pid  5907] set_robust_list(0x55558ec87660, 24) = 0
[pid  5907] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5907] setpgid(0, 0)               = 0
[pid  5907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5907] write(3, "1000", 4)         = 4
[pid  5907] close(3)                    = 0
executing program
[pid  5907] write(1, "executing program\n", 18) = 18
[pid  5907] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5907] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[  164.030732][ T5906] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  164.030741][ T5906] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  164.030750][ T5906] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  164.030759][ T5906] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  164.030781][ T5906]  </TASK>
[pid  5907] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5907] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5907] write(6, "4", 1)            = 1
[pid  5907] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5907] exit_group(0)               = ?
[  164.354101][ T5907] FAULT_INJECTION: forcing a failure.
[  164.354101][ T5907] name failslab, interval 1, probability 0, space 0, times 0
[  164.367976][ T5907] CPU: 1 UID: 0 PID: 5907 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  164.368005][ T5907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  164.368017][ T5907] Call Trace:
[  164.368026][ T5907]  <TASK>
[  164.368035][ T5907]  dump_stack_lvl+0x189/0x250
[  164.368065][ T5907]  ? __pfx____ratelimit+0x10/0x10
[  164.368095][ T5907]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.368119][ T5907]  ? __pfx__printk+0x10/0x10
[  164.368152][ T5907]  ? __pfx___might_resched+0x10/0x10
[  164.368184][ T5907]  ? fs_reclaim_acquire+0x7d/0x100
[  164.368219][ T5907]  should_fail_ex+0x414/0x560
[  164.368249][ T5907]  should_failslab+0xa8/0x100
[  164.368280][ T5907]  __kmalloc_noprof+0xcb/0x4f0
[  164.368305][ T5907]  ? tomoyo_init_log+0x1a6e/0x1f70
[  164.368334][ T5907]  tomoyo_init_log+0x1a6e/0x1f70
[  164.368373][ T5907]  ? __pfx_tomoyo_init_log+0x10/0x10
[  164.368396][ T5907]  ? tomoyo_profile+0x11/0x50
[  164.368418][ T5907]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  164.368440][ T5907]  tomoyo_supervisor+0x340/0x1480
[  164.368464][ T5907]  ? format_decode+0x5a3/0xe30
[  164.368488][ T5907]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  164.368518][ T5907]  ? snprintf+0xda/0x120
[  164.368540][ T5907]  ? __pfx_snprintf+0x10/0x10
[  164.368559][ T5907]  ? tomoyo_check_acl+0x386/0x400
[  164.368581][ T5907]  tomoyo_path_number_perm+0x438/0x5a0
[  164.368599][ T5907]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  164.368618][ T5907]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  164.368642][ T5907]  ? _raw_spin_lock_irq+0xae/0xf0
[  164.368686][ T5907]  ? __pfx_ptrace_notify+0x10/0x10
[  164.368719][ T5907]  security_file_ioctl+0xcb/0x2d0
[  164.368738][ T5907]  __se_sys_ioctl+0x47/0x170
[  164.368758][ T5907]  do_syscall_64+0xfa/0x3b0
[  164.368780][ T5907]  ? lockdep_hardirqs_on+0x9c/0x150
[  164.368801][ T5907]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.368816][ T5907]  ? clear_bhb_loop+0x60/0xb0
[  164.368835][ T5907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.368850][ T5907] RIP: 0033:0x7f39278e2869
[  164.368864][ T5907] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  164.368877][ T5907] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid  5907] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5907, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5908 attached
, child_tidptr=0x55558ec87650) = 5908
[pid  5908] set_robust_list(0x55558ec87660, 24) = 0
[pid  5908] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5908] setpgid(0, 0)               = 0
[pid  5908] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5908] write(3, "1000", 4)         = 4
[pid  5908] close(3)                    = 0
executing program
[pid  5908] write(1, "executing program\n", 18) = 18
[pid  5908] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5908] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5908] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5908] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5908] write(6, "4", 1)            = 1
[  164.368893][ T5907] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  164.368904][ T5907] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  164.368913][ T5907] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  164.368923][ T5907] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  164.368932][ T5907] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  164.368960][ T5907]  </TASK>
[pid  5908] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  164.662766][ T5908] FAULT_INJECTION: forcing a failure.
[  164.662766][ T5908] name failslab, interval 1, probability 0, space 0, times 0
[  164.675504][ T5908] CPU: 1 UID: 0 PID: 5908 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  164.675533][ T5908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  164.675546][ T5908] Call Trace:
[  164.675558][ T5908]  <TASK>
[  164.675565][ T5908]  dump_stack_lvl+0x189/0x250
[  164.675587][ T5908]  ? __pfx____ratelimit+0x10/0x10
[  164.675609][ T5908]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.675626][ T5908]  ? __pfx__printk+0x10/0x10
[  164.675651][ T5908]  ? __pfx___might_resched+0x10/0x10
[  164.675674][ T5908]  ? fs_reclaim_acquire+0x7d/0x100
[  164.675699][ T5908]  should_fail_ex+0x414/0x560
[  164.675721][ T5908]  should_failslab+0xa8/0x100
[  164.675743][ T5908]  __kmalloc_noprof+0xcb/0x4f0
[  164.675761][ T5908]  ? tomoyo_init_log+0x1a6e/0x1f70
[  164.675787][ T5908]  tomoyo_init_log+0x1a6e/0x1f70
[  164.675826][ T5908]  ? __pfx_tomoyo_init_log+0x10/0x10
[  164.675848][ T5908]  ? tomoyo_profile+0x11/0x50
[  164.675869][ T5908]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  164.675892][ T5908]  tomoyo_supervisor+0x340/0x1480
[  164.675916][ T5908]  ? format_decode+0x5a3/0xe30
[  164.675939][ T5908]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  164.675970][ T5908]  ? snprintf+0xda/0x120
[  164.675997][ T5908]  ? __pfx_snprintf+0x10/0x10
[  164.676016][ T5908]  ? tomoyo_check_acl+0x386/0x400
[  164.676042][ T5908]  tomoyo_path_number_perm+0x438/0x5a0
[  164.676060][ T5908]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  164.676079][ T5908]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  164.676104][ T5908]  ? _raw_spin_lock_irq+0xae/0xf0
[  164.676148][ T5908]  ? __pfx_ptrace_notify+0x10/0x10
[  164.676179][ T5908]  security_file_ioctl+0xcb/0x2d0
[  164.676198][ T5908]  __se_sys_ioctl+0x47/0x170
[  164.676218][ T5908]  do_syscall_64+0xfa/0x3b0
[  164.676240][ T5908]  ? lockdep_hardirqs_on+0x9c/0x150
[  164.676261][ T5908]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.676276][ T5908]  ? clear_bhb_loop+0x60/0xb0
[  164.676295][ T5908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.676310][ T5908] RIP: 0033:0x7f39278e2869
[  164.676323][ T5908] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  164.676336][ T5908] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.676352][ T5908] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5908] exit_group(0)               = ?
[pid  5908] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5908, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5909 attached
, child_tidptr=0x55558ec87650) = 5909
[pid  5909] set_robust_list(0x55558ec87660, 24) = 0
[  164.676363][ T5908] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  164.676372][ T5908] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  164.676382][ T5908] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  164.676390][ T5908] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  164.676412][ T5908]  </TASK>
[pid  5909] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5909] setpgid(0, 0)               = 0
[pid  5909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5909] write(3, "1000", 4)         = 4
[pid  5909] close(3executing program
)                    = 0
[pid  5909] write(1, "executing program\n", 18) = 18
[pid  5909] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5909] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5909] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5909] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5909] write(6, "4", 1)            = 1
[pid  5909] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5909] exit_group(0)               = ?
[pid  5909] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5909, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  165.037361][ T5909] FAULT_INJECTION: forcing a failure.
[  165.037361][ T5909] name failslab, interval 1, probability 0, space 0, times 0
[  165.050585][ T5909] CPU: 1 UID: 0 PID: 5909 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  165.050615][ T5909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  165.050627][ T5909] Call Trace:
[  165.050637][ T5909]  <TASK>
[  165.050646][ T5909]  dump_stack_lvl+0x189/0x250
[  165.050674][ T5909]  ? __pfx____ratelimit+0x10/0x10
[  165.050705][ T5909]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.050728][ T5909]  ? __pfx__printk+0x10/0x10
[  165.050758][ T5909]  ? __pfx___might_resched+0x10/0x10
[  165.050780][ T5909]  ? fs_reclaim_acquire+0x7d/0x100
[  165.050807][ T5909]  should_fail_ex+0x414/0x560
[  165.050828][ T5909]  should_failslab+0xa8/0x100
[  165.050852][ T5909]  __kmalloc_noprof+0xcb/0x4f0
[  165.050877][ T5909]  ? tomoyo_init_log+0x1a6e/0x1f70
[  165.050903][ T5909]  tomoyo_init_log+0x1a6e/0x1f70
[  165.050942][ T5909]  ? __pfx_tomoyo_init_log+0x10/0x10
[  165.050964][ T5909]  ? tomoyo_profile+0x11/0x50
[  165.050985][ T5909]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  165.051007][ T5909]  tomoyo_supervisor+0x340/0x1480
[  165.051032][ T5909]  ? format_decode+0x5a3/0xe30
[  165.051055][ T5909]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  165.051086][ T5909]  ? snprintf+0xda/0x120
[  165.051107][ T5909]  ? __pfx_snprintf+0x10/0x10
[  165.051126][ T5909]  ? tomoyo_check_acl+0x386/0x400
[  165.051148][ T5909]  tomoyo_path_number_perm+0x438/0x5a0
[  165.051166][ T5909]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  165.051185][ T5909]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.051209][ T5909]  ? _raw_spin_lock_irq+0xae/0xf0
[  165.051253][ T5909]  ? __pfx_ptrace_notify+0x10/0x10
[  165.051284][ T5909]  security_file_ioctl+0xcb/0x2d0
[  165.051303][ T5909]  __se_sys_ioctl+0x47/0x170
[  165.051322][ T5909]  do_syscall_64+0xfa/0x3b0
[  165.051345][ T5909]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.051366][ T5909]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.051381][ T5909]  ? clear_bhb_loop+0x60/0xb0
[  165.051400][ T5909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.051415][ T5909] RIP: 0033:0x7f39278e2869
[  165.051430][ T5909] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  165.051442][ T5909] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.051458][ T5909] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5910 attached
, child_tidptr=0x55558ec87650) = 5910
[pid  5910] set_robust_list(0x55558ec87660, 24) = 0
[pid  5910] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5910] setpgid(0, 0)               = 0
[pid  5910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5910] write(3, "1000", 4)         = 4
[pid  5910] close(3)                    = 0
executing program
[pid  5910] write(1, "executing program\n", 18) = 18
[pid  5910] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5910] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5910] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5910] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5910] write(6, "4", 1)            = 1
[  165.051469][ T5909] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  165.051478][ T5909] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  165.051487][ T5909] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  165.051496][ T5909] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  165.051518][ T5909]  </TASK>
[pid  5910] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  165.359373][ T5910] FAULT_INJECTION: forcing a failure.
[  165.359373][ T5910] name failslab, interval 1, probability 0, space 0, times 0
[  165.372275][ T5910] CPU: 1 UID: 0 PID: 5910 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  165.372305][ T5910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  165.372317][ T5910] Call Trace:
[  165.372327][ T5910]  <TASK>
[  165.372337][ T5910]  dump_stack_lvl+0x189/0x250
[  165.372365][ T5910]  ? __pfx____ratelimit+0x10/0x10
[  165.372397][ T5910]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.372422][ T5910]  ? __pfx__printk+0x10/0x10
[  165.372457][ T5910]  ? __pfx___might_resched+0x10/0x10
[  165.372489][ T5910]  ? fs_reclaim_acquire+0x7d/0x100
[  165.372522][ T5910]  should_fail_ex+0x414/0x560
[  165.372544][ T5910]  should_failslab+0xa8/0x100
[  165.372567][ T5910]  __kmalloc_noprof+0xcb/0x4f0
[  165.372586][ T5910]  ? tomoyo_init_log+0x1a6e/0x1f70
[  165.372612][ T5910]  tomoyo_init_log+0x1a6e/0x1f70
[  165.372658][ T5910]  ? __pfx_tomoyo_init_log+0x10/0x10
[  165.372680][ T5910]  ? tomoyo_profile+0x11/0x50
[  165.372701][ T5910]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  165.372723][ T5910]  tomoyo_supervisor+0x340/0x1480
[  165.372748][ T5910]  ? format_decode+0x5a3/0xe30
[  165.372771][ T5910]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  165.372801][ T5910]  ? snprintf+0xda/0x120
[  165.372823][ T5910]  ? __pfx_snprintf+0x10/0x10
[  165.372842][ T5910]  ? tomoyo_check_acl+0x386/0x400
[  165.372864][ T5910]  tomoyo_path_number_perm+0x438/0x5a0
[  165.372883][ T5910]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  165.372903][ T5910]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.372927][ T5910]  ? _raw_spin_lock_irq+0xae/0xf0
[  165.372971][ T5910]  ? __pfx_ptrace_notify+0x10/0x10
[  165.373002][ T5910]  security_file_ioctl+0xcb/0x2d0
[  165.373021][ T5910]  __se_sys_ioctl+0x47/0x170
[  165.373041][ T5910]  do_syscall_64+0xfa/0x3b0
[  165.373066][ T5910]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.373088][ T5910]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.373103][ T5910]  ? clear_bhb_loop+0x60/0xb0
[  165.373121][ T5910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.373136][ T5910] RIP: 0033:0x7f39278e2869
[  165.373150][ T5910] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  165.373163][ T5910] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.373179][ T5910] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5910] exit_group(0)               = ?
[pid  5910] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5910, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5911 attached
, child_tidptr=0x55558ec87650) = 5911
[pid  5911] set_robust_list(0x55558ec87660, 24) = 0
[pid  5911] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5911] setpgid(0, 0)               = 0
[pid  5911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5911] write(3, "1000", 4)         = 4
[pid  5911] close(3)                    = 0
executing program
[pid  5911] write(1, "executing program\n", 18) = 18
[pid  5911] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5911] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5911] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5911] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5911] write(6, "4", 1)            = 1
[  165.373190][ T5910] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  165.373199][ T5910] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  165.373209][ T5910] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  165.373218][ T5910] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  165.373239][ T5910]  </TASK>
[pid  5911] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5911] exit_group(0)               = ?
[  165.688953][ T5911] FAULT_INJECTION: forcing a failure.
[  165.688953][ T5911] name failslab, interval 1, probability 0, space 0, times 0
[  165.702027][ T5911] CPU: 0 UID: 0 PID: 5911 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  165.702058][ T5911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  165.702071][ T5911] Call Trace:
[  165.702082][ T5911]  <TASK>
[  165.702090][ T5911]  dump_stack_lvl+0x189/0x250
[  165.702112][ T5911]  ? __pfx____ratelimit+0x10/0x10
[  165.702135][ T5911]  ? __pfx_dump_stack_lvl+0x10/0x10
[  165.702152][ T5911]  ? __pfx__printk+0x10/0x10
[  165.702176][ T5911]  ? __pfx___might_resched+0x10/0x10
[  165.702199][ T5911]  ? fs_reclaim_acquire+0x7d/0x100
[  165.702226][ T5911]  should_fail_ex+0x414/0x560
[  165.702248][ T5911]  should_failslab+0xa8/0x100
[  165.702270][ T5911]  __kmalloc_noprof+0xcb/0x4f0
[  165.702289][ T5911]  ? tomoyo_init_log+0x1a6e/0x1f70
[  165.702314][ T5911]  tomoyo_init_log+0x1a6e/0x1f70
[  165.702353][ T5911]  ? __pfx_tomoyo_init_log+0x10/0x10
[  165.702375][ T5911]  ? tomoyo_profile+0x11/0x50
[  165.702397][ T5911]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  165.702419][ T5911]  tomoyo_supervisor+0x340/0x1480
[  165.702444][ T5911]  ? format_decode+0x5a3/0xe30
[  165.702467][ T5911]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  165.702497][ T5911]  ? snprintf+0xda/0x120
[  165.702519][ T5911]  ? __pfx_snprintf+0x10/0x10
[  165.702538][ T5911]  ? tomoyo_check_acl+0x386/0x400
[  165.702560][ T5911]  tomoyo_path_number_perm+0x438/0x5a0
[  165.702578][ T5911]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  165.702597][ T5911]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  165.702621][ T5911]  ? _raw_spin_lock_irq+0xae/0xf0
[  165.702664][ T5911]  ? __pfx_ptrace_notify+0x10/0x10
[  165.702696][ T5911]  security_file_ioctl+0xcb/0x2d0
[  165.702714][ T5911]  __se_sys_ioctl+0x47/0x170
[  165.702734][ T5911]  do_syscall_64+0xfa/0x3b0
[  165.702755][ T5911]  ? lockdep_hardirqs_on+0x9c/0x150
[  165.702776][ T5911]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.702792][ T5911]  ? clear_bhb_loop+0x60/0xb0
[  165.702810][ T5911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.702825][ T5911] RIP: 0033:0x7f39278e2869
[  165.702839][ T5911] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  165.702861][ T5911] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  165.702878][ T5911] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5911] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5911, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5912 attached
, child_tidptr=0x55558ec87650) = 5912
[  165.702889][ T5911] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  165.702898][ T5911] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  165.702907][ T5911] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  165.702921][ T5911] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  165.702942][ T5911]  </TASK>
[pid  5912] set_robust_list(0x55558ec87660, 24) = 0
[pid  5912] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5912] setpgid(0, 0)               = 0
[pid  5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5912] write(3, "1000", 4)         = 4
[pid  5912] close(3)                    = 0
executing program
[pid  5912] write(1, "executing program\n", 18) = 18
[pid  5912] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5912] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5912] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5912] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5912] write(6, "4", 1)            = 1
[  166.072431][ T5912] FAULT_INJECTION: forcing a failure.
[  166.072431][ T5912] name failslab, interval 1, probability 0, space 0, times 0
[  166.085591][ T5912] CPU: 1 UID: 0 PID: 5912 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  166.085620][ T5912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  166.085632][ T5912] Call Trace:
[  166.085641][ T5912]  <TASK>
[  166.085651][ T5912]  dump_stack_lvl+0x189/0x250
[  166.085681][ T5912]  ? __pfx____ratelimit+0x10/0x10
[  166.085712][ T5912]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.085735][ T5912]  ? __pfx__printk+0x10/0x10
[  166.085771][ T5912]  ? __pfx___might_resched+0x10/0x10
[  166.085802][ T5912]  ? fs_reclaim_acquire+0x7d/0x100
[  166.085839][ T5912]  should_fail_ex+0x414/0x560
[  166.085866][ T5912]  should_failslab+0xa8/0x100
[  166.085902][ T5912]  __kmalloc_noprof+0xcb/0x4f0
[  166.085927][ T5912]  ? tomoyo_init_log+0x1a6e/0x1f70
[  166.085962][ T5912]  tomoyo_init_log+0x1a6e/0x1f70
[  166.086016][ T5912]  ? __pfx_tomoyo_init_log+0x10/0x10
[  166.086052][ T5912]  ? tomoyo_profile+0x11/0x50
[  166.086075][ T5912]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  166.086097][ T5912]  tomoyo_supervisor+0x340/0x1480
[  166.086121][ T5912]  ? format_decode+0x5a3/0xe30
[  166.086145][ T5912]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  166.086175][ T5912]  ? snprintf+0xda/0x120
[  166.086196][ T5912]  ? __pfx_snprintf+0x10/0x10
[  166.086216][ T5912]  ? tomoyo_check_acl+0x386/0x400
[  166.086238][ T5912]  tomoyo_path_number_perm+0x438/0x5a0
[  166.086256][ T5912]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  166.086275][ T5912]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  166.086299][ T5912]  ? _raw_spin_lock_irq+0xae/0xf0
[  166.086343][ T5912]  ? __pfx_ptrace_notify+0x10/0x10
[  166.086374][ T5912]  security_file_ioctl+0xcb/0x2d0
[  166.086393][ T5912]  __se_sys_ioctl+0x47/0x170
[  166.086413][ T5912]  do_syscall_64+0xfa/0x3b0
[  166.086435][ T5912]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.086456][ T5912]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.086471][ T5912]  ? clear_bhb_loop+0x60/0xb0
[  166.086489][ T5912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.086504][ T5912] RIP: 0033:0x7f39278e2869
[  166.086518][ T5912] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  166.086530][ T5912] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.086546][ T5912] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5912] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5912] exit_group(0)               = ?
[pid  5912] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5913 attached
, child_tidptr=0x55558ec87650) = 5913
[pid  5913] set_robust_list(0x55558ec87660, 24) = 0
[pid  5913] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5913] setpgid(0, 0)               = 0
[pid  5913] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5913] write(3, "1000", 4)         = 4
[pid  5913] close(3)                    = 0
executing program
[pid  5913] write(1, "executing program\n", 18) = 18
[pid  5913] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[  166.086558][ T5912] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  166.086567][ T5912] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  166.086576][ T5912] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  166.086585][ T5912] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  166.086606][ T5912]  </TASK>
[pid  5913] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5913] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5913] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5913] write(6, "4", 1)            = 1
[  166.410714][ T5913] FAULT_INJECTION: forcing a failure.
[  166.410714][ T5913] name failslab, interval 1, probability 0, space 0, times 0
[  166.425460][ T5913] CPU: 1 UID: 0 PID: 5913 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  166.425491][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  166.425504][ T5913] Call Trace:
[  166.425512][ T5913]  <TASK>
[  166.425522][ T5913]  dump_stack_lvl+0x189/0x250
[  166.425550][ T5913]  ? __pfx____ratelimit+0x10/0x10
[  166.425581][ T5913]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.425614][ T5913]  ? __pfx__printk+0x10/0x10
[  166.425649][ T5913]  ? __pfx___might_resched+0x10/0x10
[  166.425681][ T5913]  ? fs_reclaim_acquire+0x7d/0x100
[  166.425718][ T5913]  should_fail_ex+0x414/0x560
[  166.425748][ T5913]  should_failslab+0xa8/0x100
[  166.425780][ T5913]  __kmalloc_noprof+0xcb/0x4f0
[  166.425805][ T5913]  ? tomoyo_init_log+0x1a6e/0x1f70
[  166.425842][ T5913]  tomoyo_init_log+0x1a6e/0x1f70
[  166.425899][ T5913]  ? __pfx_tomoyo_init_log+0x10/0x10
[  166.425930][ T5913]  ? tomoyo_profile+0x11/0x50
[  166.425960][ T5913]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  166.425992][ T5913]  tomoyo_supervisor+0x340/0x1480
[  166.426027][ T5913]  ? format_decode+0x5a3/0xe30
[  166.426060][ T5913]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  166.426104][ T5913]  ? snprintf+0xda/0x120
[  166.426135][ T5913]  ? __pfx_snprintf+0x10/0x10
[  166.426163][ T5913]  ? tomoyo_check_acl+0x386/0x400
[  166.426195][ T5913]  tomoyo_path_number_perm+0x438/0x5a0
[  166.426220][ T5913]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  166.426248][ T5913]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  166.426283][ T5913]  ? _raw_spin_lock_irq+0xae/0xf0
[  166.426346][ T5913]  ? __pfx_ptrace_notify+0x10/0x10
[  166.426391][ T5913]  security_file_ioctl+0xcb/0x2d0
[  166.426418][ T5913]  __se_sys_ioctl+0x47/0x170
[  166.426445][ T5913]  do_syscall_64+0xfa/0x3b0
[  166.426476][ T5913]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.426505][ T5913]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.426527][ T5913]  ? clear_bhb_loop+0x60/0xb0
[  166.426554][ T5913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.426575][ T5913] RIP: 0033:0x7f39278e2869
[  166.426600][ T5913] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  166.426618][ T5913] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.426640][ T5913] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5913] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5913] exit_group(0)               = ?
[pid  5913] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5913, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5914 attached
, child_tidptr=0x55558ec87650) = 5914
[pid  5914] set_robust_list(0x55558ec87660, 24) = 0
[  166.426656][ T5913] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  166.426669][ T5913] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  166.426682][ T5913] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  166.426695][ T5913] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  166.426727][ T5913]  </TASK>
[pid  5914] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5914] setpgid(0, 0)               = 0
[pid  5914] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5914] write(3, "1000", 4)         = 4
[pid  5914] close(3)                    = 0
[pid  5914] write(1, "executing program\n", 18) = 18
executing program
[pid  5914] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5914] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5914] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5914] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5914] write(6, "4", 1)            = 1
[pid  5914] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  166.795080][ T5914] FAULT_INJECTION: forcing a failure.
[  166.795080][ T5914] name failslab, interval 1, probability 0, space 0, times 0
[  166.808124][ T5914] CPU: 0 UID: 0 PID: 5914 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  166.808156][ T5914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  166.808169][ T5914] Call Trace:
[  166.808178][ T5914]  <TASK>
[  166.808188][ T5914]  dump_stack_lvl+0x189/0x250
[  166.808217][ T5914]  ? __pfx____ratelimit+0x10/0x10
[  166.808249][ T5914]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.808273][ T5914]  ? __pfx__printk+0x10/0x10
[  166.808308][ T5914]  ? __pfx___might_resched+0x10/0x10
[  166.808340][ T5914]  ? fs_reclaim_acquire+0x7d/0x100
[  166.808377][ T5914]  should_fail_ex+0x414/0x560
[  166.808409][ T5914]  should_failslab+0xa8/0x100
[  166.808440][ T5914]  __kmalloc_noprof+0xcb/0x4f0
[  166.808467][ T5914]  ? tomoyo_init_log+0x1a6e/0x1f70
[  166.808504][ T5914]  tomoyo_init_log+0x1a6e/0x1f70
[  166.808572][ T5914]  ? __pfx_tomoyo_init_log+0x10/0x10
[  166.808599][ T5914]  ? tomoyo_profile+0x11/0x50
[  166.808622][ T5914]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  166.808647][ T5914]  tomoyo_supervisor+0x340/0x1480
[  166.808674][ T5914]  ? format_decode+0x5a3/0xe30
[  166.808700][ T5914]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  166.808734][ T5914]  ? snprintf+0xda/0x120
[  166.808758][ T5914]  ? __pfx_snprintf+0x10/0x10
[  166.808780][ T5914]  ? tomoyo_check_acl+0x386/0x400
[  166.808805][ T5914]  tomoyo_path_number_perm+0x438/0x5a0
[  166.808826][ T5914]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  166.808848][ T5914]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  166.808874][ T5914]  ? _raw_spin_lock_irq+0xae/0xf0
[  166.808923][ T5914]  ? __pfx_ptrace_notify+0x10/0x10
[  166.808958][ T5914]  security_file_ioctl+0xcb/0x2d0
[  166.808979][ T5914]  __se_sys_ioctl+0x47/0x170
[  166.809001][ T5914]  do_syscall_64+0xfa/0x3b0
[  166.809025][ T5914]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.809049][ T5914]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.809066][ T5914]  ? clear_bhb_loop+0x60/0xb0
[  166.809087][ T5914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.809104][ T5914] RIP: 0033:0x7f39278e2869
[  166.809119][ T5914] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  166.809133][ T5914] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid  5914] exit_group(0)               = ?
[pid  5914] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5914, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5915 attached
, child_tidptr=0x55558ec87650) = 5915
[pid  5915] set_robust_list(0x55558ec87660, 24) = 0
[pid  5915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5915] setpgid(0, 0)               = 0
[pid  5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5915] write(3, "1000", 4)         = 4
[pid  5915] close(3)                    = 0
[pid  5915] write(1, "executing program\n", 18executing program
) = 18
[  166.809151][ T5914] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  166.809164][ T5914] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  166.809174][ T5914] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  166.809184][ T5914] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  166.809194][ T5914] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  166.809218][ T5914]  </TASK>
[pid  5915] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5915] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5915] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5915] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5915] write(6, "4", 1)            = 1
[  167.132994][ T5915] FAULT_INJECTION: forcing a failure.
[  167.132994][ T5915] name failslab, interval 1, probability 0, space 0, times 0
[  167.145997][ T5915] CPU: 1 UID: 0 PID: 5915 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  167.146026][ T5915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  167.146043][ T5915] Call Trace:
[  167.146051][ T5915]  <TASK>
[  167.146060][ T5915]  dump_stack_lvl+0x189/0x250
[  167.146088][ T5915]  ? __pfx____ratelimit+0x10/0x10
[  167.146116][ T5915]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.146138][ T5915]  ? __pfx__printk+0x10/0x10
[  167.146172][ T5915]  ? __pfx___might_resched+0x10/0x10
[  167.146203][ T5915]  ? fs_reclaim_acquire+0x7d/0x100
[  167.146239][ T5915]  should_fail_ex+0x414/0x560
[  167.146269][ T5915]  should_failslab+0xa8/0x100
[  167.146298][ T5915]  __kmalloc_noprof+0xcb/0x4f0
[  167.146316][ T5915]  ? tomoyo_init_log+0x1a6e/0x1f70
[  167.146342][ T5915]  tomoyo_init_log+0x1a6e/0x1f70
[  167.146381][ T5915]  ? __pfx_tomoyo_init_log+0x10/0x10
[  167.146403][ T5915]  ? tomoyo_profile+0x11/0x50
[  167.146424][ T5915]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  167.146446][ T5915]  tomoyo_supervisor+0x340/0x1480
[  167.146470][ T5915]  ? format_decode+0x5a3/0xe30
[  167.146493][ T5915]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  167.146525][ T5915]  ? snprintf+0xda/0x120
[  167.146548][ T5915]  ? __pfx_snprintf+0x10/0x10
[  167.146567][ T5915]  ? tomoyo_check_acl+0x386/0x400
[  167.146589][ T5915]  tomoyo_path_number_perm+0x438/0x5a0
[  167.146607][ T5915]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  167.146626][ T5915]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  167.146650][ T5915]  ? _raw_spin_lock_irq+0xae/0xf0
[  167.146694][ T5915]  ? __pfx_ptrace_notify+0x10/0x10
[  167.146725][ T5915]  security_file_ioctl+0xcb/0x2d0
[  167.146744][ T5915]  __se_sys_ioctl+0x47/0x170
[  167.146763][ T5915]  do_syscall_64+0xfa/0x3b0
[  167.146791][ T5915]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.146813][ T5915]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.146828][ T5915]  ? clear_bhb_loop+0x60/0xb0
[  167.146847][ T5915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.146862][ T5915] RIP: 0033:0x7f39278e2869
[  167.146876][ T5915] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  167.146888][ T5915] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.146904][ T5915] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5915] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5915] exit_group(0)               = ?
[pid  5915] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5915, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5916 attached
, child_tidptr=0x55558ec87650) = 5916
[pid  5916] set_robust_list(0x55558ec87660, 24) = 0
[pid  5916] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5916] setpgid(0, 0)               = 0
[pid  5916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5916] write(3, "1000", 4)         = 4
[pid  5916] close(3)                    = 0
executing program
[pid  5916] write(1, "executing program\n", 18) = 18
[pid  5916] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5916] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5916] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5916] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5916] write(6, "4", 1)            = 1
[  167.146916][ T5915] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  167.146925][ T5915] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  167.146934][ T5915] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  167.146943][ T5915] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  167.146964][ T5915]  </TASK>
[pid  5916] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5916] exit_group(0)               = ?
[pid  5916] +++ exited with 0 +++
[  167.438949][ T5916] FAULT_INJECTION: forcing a failure.
[  167.438949][ T5916] name failslab, interval 1, probability 0, space 0, times 0
[  167.452282][ T5916] CPU: 0 UID: 0 PID: 5916 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  167.452312][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  167.452325][ T5916] Call Trace:
[  167.452334][ T5916]  <TASK>
[  167.452343][ T5916]  dump_stack_lvl+0x189/0x250
[  167.452372][ T5916]  ? __pfx____ratelimit+0x10/0x10
[  167.452404][ T5916]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.452428][ T5916]  ? __pfx__printk+0x10/0x10
[  167.452464][ T5916]  ? __pfx___might_resched+0x10/0x10
[  167.452495][ T5916]  ? fs_reclaim_acquire+0x7d/0x100
[  167.452550][ T5916]  should_fail_ex+0x414/0x560
[  167.452579][ T5916]  should_failslab+0xa8/0x100
[  167.452609][ T5916]  __kmalloc_noprof+0xcb/0x4f0
[  167.452635][ T5916]  ? tomoyo_init_log+0x1a6e/0x1f70
[  167.452670][ T5916]  tomoyo_init_log+0x1a6e/0x1f70
[  167.452726][ T5916]  ? __pfx_tomoyo_init_log+0x10/0x10
[  167.452757][ T5916]  ? tomoyo_profile+0x11/0x50
[  167.452787][ T5916]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  167.452818][ T5916]  tomoyo_supervisor+0x340/0x1480
[  167.452851][ T5916]  ? format_decode+0x5a3/0xe30
[  167.452879][ T5916]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  167.452910][ T5916]  ? snprintf+0xda/0x120
[  167.452932][ T5916]  ? __pfx_snprintf+0x10/0x10
[  167.452951][ T5916]  ? tomoyo_check_acl+0x386/0x400
[  167.452973][ T5916]  tomoyo_path_number_perm+0x438/0x5a0
[  167.452991][ T5916]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  167.453009][ T5916]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  167.453034][ T5916]  ? _raw_spin_lock_irq+0xae/0xf0
[  167.453077][ T5916]  ? __pfx_ptrace_notify+0x10/0x10
[  167.453109][ T5916]  security_file_ioctl+0xcb/0x2d0
[  167.453127][ T5916]  __se_sys_ioctl+0x47/0x170
[  167.453147][ T5916]  do_syscall_64+0xfa/0x3b0
[  167.453169][ T5916]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.453190][ T5916]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.453205][ T5916]  ? clear_bhb_loop+0x60/0xb0
[  167.453224][ T5916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.453238][ T5916] RIP: 0033:0x7f39278e2869
[  167.453252][ T5916] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  167.453264][ T5916] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.453280][ T5916] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5916, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5917 attached
, child_tidptr=0x55558ec87650) = 5917
[pid  5917] set_robust_list(0x55558ec87660, 24) = 0
[pid  5917] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5917] setpgid(0, 0)               = 0
[  167.453292][ T5916] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  167.453301][ T5916] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  167.453310][ T5916] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  167.453319][ T5916] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  167.453340][ T5916]  </TASK>
[pid  5917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5917] write(3, "1000", 4)         = 4
[pid  5917] close(3)                    = 0
executing program
[pid  5917] write(1, "executing program\n", 18) = 18
[pid  5917] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5917] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5917] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5917] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5917] write(6, "4", 1)            = 1
[pid  5917] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5917] exit_group(0)               = ?
[pid  5917] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5917, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
[  167.818410][ T5917] FAULT_INJECTION: forcing a failure.
[  167.818410][ T5917] name failslab, interval 1, probability 0, space 0, times 0
[  167.831179][ T5917] CPU: 1 UID: 0 PID: 5917 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  167.831201][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  167.831210][ T5917] Call Trace:
[  167.831216][ T5917]  <TASK>
[  167.831222][ T5917]  dump_stack_lvl+0x189/0x250
[  167.831243][ T5917]  ? __pfx____ratelimit+0x10/0x10
[  167.831266][ T5917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.831283][ T5917]  ? __pfx__printk+0x10/0x10
[  167.831308][ T5917]  ? __pfx___might_resched+0x10/0x10
[  167.831330][ T5917]  ? fs_reclaim_acquire+0x7d/0x100
[  167.831356][ T5917]  should_fail_ex+0x414/0x560
[  167.831378][ T5917]  should_failslab+0xa8/0x100
[  167.831400][ T5917]  __kmalloc_noprof+0xcb/0x4f0
[  167.831418][ T5917]  ? tomoyo_init_log+0x1a6e/0x1f70
[  167.831445][ T5917]  tomoyo_init_log+0x1a6e/0x1f70
[  167.831489][ T5917]  ? __pfx_tomoyo_init_log+0x10/0x10
[  167.831511][ T5917]  ? tomoyo_profile+0x11/0x50
[  167.831533][ T5917]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  167.831555][ T5917]  tomoyo_supervisor+0x340/0x1480
[  167.831579][ T5917]  ? format_decode+0x5a3/0xe30
[  167.831602][ T5917]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  167.831633][ T5917]  ? snprintf+0xda/0x120
[  167.831654][ T5917]  ? __pfx_snprintf+0x10/0x10
[  167.831673][ T5917]  ? tomoyo_check_acl+0x386/0x400
[  167.831696][ T5917]  tomoyo_path_number_perm+0x438/0x5a0
[  167.831713][ T5917]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  167.831732][ T5917]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  167.831756][ T5917]  ? _raw_spin_lock_irq+0xae/0xf0
[  167.831800][ T5917]  ? __pfx_ptrace_notify+0x10/0x10
[  167.831831][ T5917]  security_file_ioctl+0xcb/0x2d0
[  167.831850][ T5917]  __se_sys_ioctl+0x47/0x170
[  167.831869][ T5917]  do_syscall_64+0xfa/0x3b0
[  167.831891][ T5917]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.831912][ T5917]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.831927][ T5917]  ? clear_bhb_loop+0x60/0xb0
[  167.831946][ T5917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.831961][ T5917] RIP: 0033:0x7f39278e2869
[  167.831974][ T5917] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  167.831987][ T5917] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  167.832003][ T5917] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558ec87650) = 5918
./strace-static-x86_64: Process 5918 attached
[pid  5918] set_robust_list(0x55558ec87660, 24) = 0
[pid  5918] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5918] setpgid(0, 0)               = 0
[pid  5918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5918] write(3, "1000", 4)         = 4
[pid  5918] close(3)                    = 0
[pid  5918] write(1, "executing program\n", 18executing program
) = 18
[pid  5918] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5918] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5918] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5918] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[  167.832015][ T5917] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  167.832024][ T5917] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  167.832033][ T5917] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  167.832042][ T5917] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  167.832064][ T5917]  </TASK>
[pid  5918] write(6, "4", 1)            = 1
[pid  5918] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  168.151274][ T5918] FAULT_INJECTION: forcing a failure.
[  168.151274][ T5918] name failslab, interval 1, probability 0, space 0, times 0
[  168.164081][ T5918] CPU: 1 UID: 0 PID: 5918 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  168.164109][ T5918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  168.164120][ T5918] Call Trace:
[  168.164129][ T5918]  <TASK>
[  168.164138][ T5918]  dump_stack_lvl+0x189/0x250
[  168.164165][ T5918]  ? __pfx____ratelimit+0x10/0x10
[  168.164194][ T5918]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.164217][ T5918]  ? __pfx__printk+0x10/0x10
[  168.164250][ T5918]  ? __pfx___might_resched+0x10/0x10
[  168.164281][ T5918]  ? fs_reclaim_acquire+0x7d/0x100
[  168.164309][ T5918]  should_fail_ex+0x414/0x560
[  168.164331][ T5918]  should_failslab+0xa8/0x100
[  168.164355][ T5918]  __kmalloc_noprof+0xcb/0x4f0
[  168.164373][ T5918]  ? tomoyo_init_log+0x1a6e/0x1f70
[  168.164398][ T5918]  tomoyo_init_log+0x1a6e/0x1f70
[  168.164436][ T5918]  ? __pfx_tomoyo_init_log+0x10/0x10
[  168.164458][ T5918]  ? tomoyo_profile+0x11/0x50
[  168.164479][ T5918]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  168.164500][ T5918]  tomoyo_supervisor+0x340/0x1480
[  168.164524][ T5918]  ? format_decode+0x5a3/0xe30
[  168.164547][ T5918]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  168.164580][ T5918]  ? snprintf+0xda/0x120
[  168.164608][ T5918]  ? __pfx_snprintf+0x10/0x10
[  168.164626][ T5918]  ? tomoyo_check_acl+0x386/0x400
[  168.164649][ T5918]  tomoyo_path_number_perm+0x438/0x5a0
[  168.164666][ T5918]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  168.164684][ T5918]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  168.164708][ T5918]  ? _raw_spin_lock_irq+0xae/0xf0
[  168.164750][ T5918]  ? __pfx_ptrace_notify+0x10/0x10
[  168.164781][ T5918]  security_file_ioctl+0xcb/0x2d0
[  168.164800][ T5918]  __se_sys_ioctl+0x47/0x170
[  168.164819][ T5918]  do_syscall_64+0xfa/0x3b0
[  168.164841][ T5918]  ? lockdep_hardirqs_on+0x9c/0x150
[  168.164862][ T5918]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.164877][ T5918]  ? clear_bhb_loop+0x60/0xb0
[  168.164895][ T5918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.164910][ T5918] RIP: 0033:0x7f39278e2869
[  168.164925][ T5918] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  168.164938][ T5918] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  168.164955][ T5918] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5918] exit_group(0)               = ?
[pid  5918] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5918, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5919 attached
, child_tidptr=0x55558ec87650) = 5919
[pid  5919] set_robust_list(0x55558ec87660, 24) = 0
[pid  5919] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5919] setpgid(0, 0)               = 0
[pid  5919] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5919] write(3, "1000", 4)         = 4
[pid  5919] close(3executing program
)                    = 0
[pid  5919] write(1, "executing program\n", 18) = 18
[pid  5919] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5919] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5919] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5919] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5919] write(6, "4", 1)            = 1
[  168.164965][ T5918] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  168.164975][ T5918] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  168.164984][ T5918] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  168.164993][ T5918] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  168.165014][ T5918]  </TASK>
[pid  5919] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5919] exit_group(0)               = ?
[  168.462733][ T5919] FAULT_INJECTION: forcing a failure.
[  168.462733][ T5919] name failslab, interval 1, probability 0, space 0, times 0
[  168.475680][ T5919] CPU: 1 UID: 0 PID: 5919 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  168.475709][ T5919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  168.475723][ T5919] Call Trace:
[  168.475734][ T5919]  <TASK>
[  168.475749][ T5919]  dump_stack_lvl+0x189/0x250
[  168.475778][ T5919]  ? __pfx____ratelimit+0x10/0x10
[  168.475807][ T5919]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.475832][ T5919]  ? __pfx__printk+0x10/0x10
[  168.475867][ T5919]  ? __pfx___might_resched+0x10/0x10
[  168.475900][ T5919]  ? fs_reclaim_acquire+0x7d/0x100
[  168.475935][ T5919]  should_fail_ex+0x414/0x560
[  168.475966][ T5919]  should_failslab+0xa8/0x100
[  168.475993][ T5919]  __kmalloc_noprof+0xcb/0x4f0
[  168.476013][ T5919]  ? tomoyo_init_log+0x1a6e/0x1f70
[  168.476040][ T5919]  tomoyo_init_log+0x1a6e/0x1f70
[  168.476081][ T5919]  ? __pfx_tomoyo_init_log+0x10/0x10
[  168.476104][ T5919]  ? tomoyo_profile+0x11/0x50
[  168.476125][ T5919]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  168.476148][ T5919]  tomoyo_supervisor+0x340/0x1480
[  168.476173][ T5919]  ? format_decode+0x5a3/0xe30
[  168.476197][ T5919]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  168.476228][ T5919]  ? snprintf+0xda/0x120
[  168.476250][ T5919]  ? __pfx_snprintf+0x10/0x10
[  168.476269][ T5919]  ? tomoyo_check_acl+0x386/0x400
[  168.476292][ T5919]  tomoyo_path_number_perm+0x438/0x5a0
[  168.476310][ T5919]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  168.476330][ T5919]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  168.476355][ T5919]  ? _raw_spin_lock_irq+0xae/0xf0
[  168.476402][ T5919]  ? __pfx_ptrace_notify+0x10/0x10
[  168.476434][ T5919]  security_file_ioctl+0xcb/0x2d0
[  168.476453][ T5919]  __se_sys_ioctl+0x47/0x170
[  168.476473][ T5919]  do_syscall_64+0xfa/0x3b0
[  168.476496][ T5919]  ? lockdep_hardirqs_on+0x9c/0x150
[  168.476518][ T5919]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.476534][ T5919]  ? clear_bhb_loop+0x60/0xb0
[  168.476552][ T5919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.476568][ T5919] RIP: 0033:0x7f39278e2869
[  168.476582][ T5919] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  168.476596][ T5919] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  168.476618][ T5919] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5919] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5919, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5920 attached
, child_tidptr=0x55558ec87650) = 5920
[pid  5920] set_robust_list(0x55558ec87660, 24) = 0
[pid  5920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5920] setpgid(0, 0)               = 0
[pid  5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5920] write(3, "1000", 4)         = 4
[pid  5920] close(3)                    = 0
executing program
[pid  5920] write(1, "executing program\n", 18) = 18
[pid  5920] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5920] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5920] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5920] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[  168.476630][ T5919] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  168.476639][ T5919] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  168.476649][ T5919] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  168.476658][ T5919] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  168.476682][ T5919]  </TASK>
[pid  5920] write(6, "4", 1)            = 1
[pid  5920] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5920] exit_group(0)               = ?
[pid  5920] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[  168.805079][ T5920] FAULT_INJECTION: forcing a failure.
[  168.805079][ T5920] name failslab, interval 1, probability 0, space 0, times 0
[  168.818301][ T5920] CPU: 1 UID: 0 PID: 5920 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  168.818340][ T5920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  168.818353][ T5920] Call Trace:
[  168.818361][ T5920]  <TASK>
[  168.818370][ T5920]  dump_stack_lvl+0x189/0x250
[  168.818398][ T5920]  ? __pfx____ratelimit+0x10/0x10
[  168.818431][ T5920]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.818453][ T5920]  ? __pfx__printk+0x10/0x10
[  168.818485][ T5920]  ? __pfx___might_resched+0x10/0x10
[  168.818526][ T5920]  ? fs_reclaim_acquire+0x7d/0x100
[  168.818571][ T5920]  should_fail_ex+0x414/0x560
[  168.818600][ T5920]  should_failslab+0xa8/0x100
[  168.818623][ T5920]  __kmalloc_noprof+0xcb/0x4f0
[  168.818642][ T5920]  ? tomoyo_init_log+0x1a6e/0x1f70
[  168.818668][ T5920]  tomoyo_init_log+0x1a6e/0x1f70
[  168.818707][ T5920]  ? __pfx_tomoyo_init_log+0x10/0x10
[  168.818730][ T5920]  ? tomoyo_profile+0x11/0x50
[  168.818752][ T5920]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  168.818774][ T5920]  tomoyo_supervisor+0x340/0x1480
[  168.818799][ T5920]  ? format_decode+0x5a3/0xe30
[  168.818822][ T5920]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  168.818853][ T5920]  ? snprintf+0xda/0x120
[  168.818875][ T5920]  ? __pfx_snprintf+0x10/0x10
[  168.818894][ T5920]  ? tomoyo_check_acl+0x386/0x400
[  168.818916][ T5920]  tomoyo_path_number_perm+0x438/0x5a0
[  168.818935][ T5920]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  168.818954][ T5920]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  168.818978][ T5920]  ? _raw_spin_lock_irq+0xae/0xf0
[  168.819022][ T5920]  ? __pfx_ptrace_notify+0x10/0x10
[  168.819054][ T5920]  security_file_ioctl+0xcb/0x2d0
[  168.819073][ T5920]  __se_sys_ioctl+0x47/0x170
[  168.819093][ T5920]  do_syscall_64+0xfa/0x3b0
[  168.819115][ T5920]  ? lockdep_hardirqs_on+0x9c/0x150
[  168.819136][ T5920]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.819152][ T5920]  ? clear_bhb_loop+0x60/0xb0
[  168.819171][ T5920]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.819186][ T5920] RIP: 0033:0x7f39278e2869
[  168.819200][ T5920] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  168.819214][ T5920] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5921 attached
, child_tidptr=0x55558ec87650) = 5921
[pid  5921] set_robust_list(0x55558ec87660, 24) = 0
[pid  5921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5921] setpgid(0, 0)               = 0
[pid  5921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5921] write(3, "1000", 4)         = 4
[pid  5921] close(3)                    = 0
[pid  5921] write(1, "executing program\n", 18executing program
) = 18
[pid  5921] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5921] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5921] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5921] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5921] write(6, "4", 1)            = 1
[  168.819230][ T5920] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  168.819242][ T5920] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  168.819251][ T5920] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  168.819261][ T5920] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  168.819270][ T5920] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  168.819292][ T5920]  </TASK>
[  169.108643][ T5921] FAULT_INJECTION: forcing a failure.
[  169.108643][ T5921] name failslab, interval 1, probability 0, space 0, times 0
[  169.121661][ T5921] CPU: 0 UID: 0 PID: 5921 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  169.121684][ T5921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  169.121694][ T5921] Call Trace:
[  169.121700][ T5921]  <TASK>
[  169.121707][ T5921]  dump_stack_lvl+0x189/0x250
[  169.121728][ T5921]  ? __pfx____ratelimit+0x10/0x10
[  169.121751][ T5921]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.121768][ T5921]  ? __pfx__printk+0x10/0x10
[  169.121793][ T5921]  ? __pfx___might_resched+0x10/0x10
[  169.121816][ T5921]  ? fs_reclaim_acquire+0x7d/0x100
[  169.121843][ T5921]  should_fail_ex+0x414/0x560
[  169.121864][ T5921]  should_failslab+0xa8/0x100
[  169.121886][ T5921]  __kmalloc_noprof+0xcb/0x4f0
[  169.121905][ T5921]  ? tomoyo_init_log+0x1a6e/0x1f70
[  169.121931][ T5921]  tomoyo_init_log+0x1a6e/0x1f70
[  169.121970][ T5921]  ? __pfx_tomoyo_init_log+0x10/0x10
[  169.121992][ T5921]  ? tomoyo_profile+0x11/0x50
[  169.122013][ T5921]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  169.122036][ T5921]  tomoyo_supervisor+0x340/0x1480
[  169.122060][ T5921]  ? format_decode+0x5a3/0xe30
[  169.122083][ T5921]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  169.122114][ T5921]  ? snprintf+0xda/0x120
[  169.122136][ T5921]  ? __pfx_snprintf+0x10/0x10
[  169.122155][ T5921]  ? tomoyo_check_acl+0x386/0x400
[  169.122177][ T5921]  tomoyo_path_number_perm+0x438/0x5a0
[  169.122195][ T5921]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  169.122214][ T5921]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  169.122238][ T5921]  ? _raw_spin_lock_irq+0xae/0xf0
[  169.122285][ T5921]  ? __pfx_ptrace_notify+0x10/0x10
[  169.122318][ T5921]  security_file_ioctl+0xcb/0x2d0
[  169.122338][ T5921]  __se_sys_ioctl+0x47/0x170
[  169.122357][ T5921]  do_syscall_64+0xfa/0x3b0
[  169.122388][ T5921]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.122410][ T5921]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.122426][ T5921]  ? clear_bhb_loop+0x60/0xb0
[  169.122445][ T5921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.122460][ T5921] RIP: 0033:0x7f39278e2869
[  169.122474][ T5921] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  169.122487][ T5921] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  169.122504][ T5921] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5921] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5921] exit_group(0)               = ?
[pid  5921] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5921, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5922 attached
, child_tidptr=0x55558ec87650) = 5922
[pid  5922] set_robust_list(0x55558ec87660, 24) = 0
[pid  5922] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5922] setpgid(0, 0)               = 0
[  169.122515][ T5921] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  169.122525][ T5921] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  169.122534][ T5921] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  169.122544][ T5921] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  169.122566][ T5921]  </TASK>
[pid  5922] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5922] write(3, "1000", 4)         = 4
[pid  5922] close(3)                    = 0
executing program
[pid  5922] write(1, "executing program\n", 18) = 18
[pid  5922] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5922] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5922] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5922] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5922] write(6, "4", 1)            = 1
[pid  5922] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5922] exit_group(0)               = ?
[  169.483080][ T5922] FAULT_INJECTION: forcing a failure.
[  169.483080][ T5922] name failslab, interval 1, probability 0, space 0, times 0
[  169.496028][ T5922] CPU: 0 UID: 0 PID: 5922 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  169.496064][ T5922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  169.496078][ T5922] Call Trace:
[  169.496087][ T5922]  <TASK>
[  169.496096][ T5922]  dump_stack_lvl+0x189/0x250
[  169.496123][ T5922]  ? __pfx____ratelimit+0x10/0x10
[  169.496154][ T5922]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.496176][ T5922]  ? __pfx__printk+0x10/0x10
[  169.496201][ T5922]  ? __pfx___might_resched+0x10/0x10
[  169.496224][ T5922]  ? fs_reclaim_acquire+0x7d/0x100
[  169.496250][ T5922]  should_fail_ex+0x414/0x560
[  169.496272][ T5922]  should_failslab+0xa8/0x100
[  169.496294][ T5922]  __kmalloc_noprof+0xcb/0x4f0
[  169.496314][ T5922]  ? tomoyo_init_log+0x1a6e/0x1f70
[  169.496340][ T5922]  tomoyo_init_log+0x1a6e/0x1f70
[  169.496379][ T5922]  ? __pfx_tomoyo_init_log+0x10/0x10
[  169.496401][ T5922]  ? tomoyo_profile+0x11/0x50
[  169.496423][ T5922]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  169.496445][ T5922]  tomoyo_supervisor+0x340/0x1480
[  169.496469][ T5922]  ? format_decode+0x5a3/0xe30
[  169.496492][ T5922]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  169.496523][ T5922]  ? snprintf+0xda/0x120
[  169.496544][ T5922]  ? __pfx_snprintf+0x10/0x10
[  169.496569][ T5922]  ? tomoyo_check_acl+0x386/0x400
[  169.496592][ T5922]  tomoyo_path_number_perm+0x438/0x5a0
[  169.496610][ T5922]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  169.496629][ T5922]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  169.496654][ T5922]  ? _raw_spin_lock_irq+0xae/0xf0
[  169.496698][ T5922]  ? __pfx_ptrace_notify+0x10/0x10
[  169.496729][ T5922]  security_file_ioctl+0xcb/0x2d0
[  169.496748][ T5922]  __se_sys_ioctl+0x47/0x170
[  169.496768][ T5922]  do_syscall_64+0xfa/0x3b0
[  169.496790][ T5922]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.496812][ T5922]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.496827][ T5922]  ? clear_bhb_loop+0x60/0xb0
[  169.496846][ T5922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.496861][ T5922] RIP: 0033:0x7f39278e2869
[  169.496875][ T5922] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  169.496888][ T5922] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  169.496904][ T5922] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5922] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5922, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5923 attached
, child_tidptr=0x55558ec87650) = 5923
[pid  5923] set_robust_list(0x55558ec87660, 24) = 0
[pid  5923] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5923] setpgid(0, 0)               = 0
[pid  5923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5923] write(3, "1000", 4)         = 4
[pid  5923] close(3)                    = 0
executing program
[pid  5923] write(1, "executing program\n", 18) = 18
[pid  5923] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5923] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[  169.496916][ T5922] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  169.496926][ T5922] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  169.496935][ T5922] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  169.496945][ T5922] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  169.496967][ T5922]  </TASK>
[pid  5923] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5923] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5923] write(6, "4", 1)            = 1
[  169.823036][ T5923] FAULT_INJECTION: forcing a failure.
[  169.823036][ T5923] name failslab, interval 1, probability 0, space 0, times 0
[  169.835796][ T5923] CPU: 1 UID: 0 PID: 5923 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  169.835826][ T5923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  169.835840][ T5923] Call Trace:
[  169.835849][ T5923]  <TASK>
[  169.835860][ T5923]  dump_stack_lvl+0x189/0x250
[  169.835888][ T5923]  ? __pfx____ratelimit+0x10/0x10
[  169.835917][ T5923]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.835940][ T5923]  ? __pfx__printk+0x10/0x10
[  169.835974][ T5923]  ? __pfx___might_resched+0x10/0x10
[  169.836006][ T5923]  ? fs_reclaim_acquire+0x7d/0x100
[  169.836048][ T5923]  should_fail_ex+0x414/0x560
[  169.836079][ T5923]  should_failslab+0xa8/0x100
[  169.836111][ T5923]  __kmalloc_noprof+0xcb/0x4f0
[  169.836137][ T5923]  ? tomoyo_init_log+0x1a6e/0x1f70
[  169.836171][ T5923]  tomoyo_init_log+0x1a6e/0x1f70
[  169.836223][ T5923]  ? __pfx_tomoyo_init_log+0x10/0x10
[  169.836246][ T5923]  ? tomoyo_profile+0x11/0x50
[  169.836268][ T5923]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  169.836293][ T5923]  tomoyo_supervisor+0x340/0x1480
[  169.836318][ T5923]  ? format_decode+0x5a3/0xe30
[  169.836341][ T5923]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  169.836373][ T5923]  ? snprintf+0xda/0x120
[  169.836394][ T5923]  ? __pfx_snprintf+0x10/0x10
[  169.836414][ T5923]  ? tomoyo_check_acl+0x386/0x400
[  169.836437][ T5923]  tomoyo_path_number_perm+0x438/0x5a0
[  169.836455][ T5923]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  169.836474][ T5923]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  169.836499][ T5923]  ? _raw_spin_lock_irq+0xae/0xf0
[  169.836551][ T5923]  ? __pfx_ptrace_notify+0x10/0x10
[  169.836582][ T5923]  security_file_ioctl+0xcb/0x2d0
[  169.836601][ T5923]  __se_sys_ioctl+0x47/0x170
[  169.836621][ T5923]  do_syscall_64+0xfa/0x3b0
[  169.836644][ T5923]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.836665][ T5923]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.836681][ T5923]  ? clear_bhb_loop+0x60/0xb0
[  169.836700][ T5923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.836715][ T5923] RIP: 0033:0x7f39278e2869
[  169.836729][ T5923] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  169.836743][ T5923] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  169.836761][ T5923] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5923] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5923] exit_group(0)               = ?
[pid  5923] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5923, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5924 attached
, child_tidptr=0x55558ec87650) = 5924
[pid  5924] set_robust_list(0x55558ec87660, 24) = 0
[pid  5924] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5924] setpgid(0, 0)               = 0
[pid  5924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5924] write(3, "1000", 4)         = 4
[pid  5924] close(3)                    = 0
[  169.836772][ T5923] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  169.836781][ T5923] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  169.836791][ T5923] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  169.836800][ T5923] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  169.836821][ T5923]  </TASK>
[pid  5924] write(1, "executing program\n", 18executing program
) = 18
[pid  5924] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5924] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5924] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5924] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5924] write(6, "4", 1)            = 1
[pid  5924] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  170.192378][ T5924] FAULT_INJECTION: forcing a failure.
[  170.192378][ T5924] name failslab, interval 1, probability 0, space 0, times 0
[  170.205949][ T5924] CPU: 0 UID: 0 PID: 5924 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  170.205972][ T5924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  170.205982][ T5924] Call Trace:
[  170.205988][ T5924]  <TASK>
[  170.205995][ T5924]  dump_stack_lvl+0x189/0x250
[  170.206016][ T5924]  ? __pfx____ratelimit+0x10/0x10
[  170.206039][ T5924]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.206056][ T5924]  ? __pfx__printk+0x10/0x10
[  170.206082][ T5924]  ? __pfx___might_resched+0x10/0x10
[  170.206105][ T5924]  ? fs_reclaim_acquire+0x7d/0x100
[  170.206132][ T5924]  should_fail_ex+0x414/0x560
[  170.206154][ T5924]  should_failslab+0xa8/0x100
[  170.206184][ T5924]  __kmalloc_noprof+0xcb/0x4f0
[  170.206203][ T5924]  ? tomoyo_init_log+0x1a6e/0x1f70
[  170.206229][ T5924]  tomoyo_init_log+0x1a6e/0x1f70
[  170.206268][ T5924]  ? __pfx_tomoyo_init_log+0x10/0x10
[  170.206290][ T5924]  ? tomoyo_profile+0x11/0x50
[  170.206312][ T5924]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  170.206334][ T5924]  tomoyo_supervisor+0x340/0x1480
[  170.206358][ T5924]  ? format_decode+0x5a3/0xe30
[  170.206381][ T5924]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  170.206412][ T5924]  ? snprintf+0xda/0x120
[  170.206436][ T5924]  ? __pfx_snprintf+0x10/0x10
[  170.206455][ T5924]  ? tomoyo_check_acl+0x386/0x400
[  170.206478][ T5924]  tomoyo_path_number_perm+0x438/0x5a0
[  170.206496][ T5924]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  170.206515][ T5924]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  170.206539][ T5924]  ? _raw_spin_lock_irq+0xae/0xf0
[  170.206583][ T5924]  ? __pfx_ptrace_notify+0x10/0x10
[  170.206614][ T5924]  security_file_ioctl+0xcb/0x2d0
[  170.206633][ T5924]  __se_sys_ioctl+0x47/0x170
[  170.206652][ T5924]  do_syscall_64+0xfa/0x3b0
[  170.206674][ T5924]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.206695][ T5924]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.206711][ T5924]  ? clear_bhb_loop+0x60/0xb0
[  170.206730][ T5924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.206745][ T5924] RIP: 0033:0x7f39278e2869
[  170.206760][ T5924] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  170.206773][ T5924] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  170.206789][ T5924] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5924] exit_group(0)               = ?
[pid  5924] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5924, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5925 attached
, child_tidptr=0x55558ec87650) = 5925
[pid  5925] set_robust_list(0x55558ec87660, 24) = 0
[pid  5925] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5925] setpgid(0, 0)               = 0
[pid  5925] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5925] write(3, "1000", 4)         = 4
[pid  5925] close(3)                    = 0
[pid  5925] write(1, "executing program\n", 18executing program
) = 18
[pid  5925] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5925] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5925] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5925] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[  170.206800][ T5924] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  170.206810][ T5924] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  170.206819][ T5924] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  170.206828][ T5924] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  170.206850][ T5924]  </TASK>
[pid  5925] write(6, "4", 1)            = 1
[pid  5925] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5925] exit_group(0)               = ?
[pid  5925] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5925, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[  170.505608][ T5925] FAULT_INJECTION: forcing a failure.
[  170.505608][ T5925] name failslab, interval 1, probability 0, space 0, times 0
[  170.518551][ T5925] CPU: 1 UID: 0 PID: 5925 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  170.518574][ T5925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  170.518584][ T5925] Call Trace:
[  170.518592][ T5925]  <TASK>
[  170.518598][ T5925]  dump_stack_lvl+0x189/0x250
[  170.518620][ T5925]  ? __pfx____ratelimit+0x10/0x10
[  170.518644][ T5925]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.518660][ T5925]  ? __pfx__printk+0x10/0x10
[  170.518685][ T5925]  ? __pfx___might_resched+0x10/0x10
[  170.518708][ T5925]  ? fs_reclaim_acquire+0x7d/0x100
[  170.518735][ T5925]  should_fail_ex+0x414/0x560
[  170.518757][ T5925]  should_failslab+0xa8/0x100
[  170.518779][ T5925]  __kmalloc_noprof+0xcb/0x4f0
[  170.518798][ T5925]  ? tomoyo_init_log+0x1a6e/0x1f70
[  170.518825][ T5925]  tomoyo_init_log+0x1a6e/0x1f70
[  170.518864][ T5925]  ? __pfx_tomoyo_init_log+0x10/0x10
[  170.518886][ T5925]  ? tomoyo_profile+0x11/0x50
[  170.518907][ T5925]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  170.518930][ T5925]  tomoyo_supervisor+0x340/0x1480
[  170.518955][ T5925]  ? format_decode+0x5a3/0xe30
[  170.518978][ T5925]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  170.519009][ T5925]  ? snprintf+0xda/0x120
[  170.519031][ T5925]  ? __pfx_snprintf+0x10/0x10
[  170.519050][ T5925]  ? tomoyo_check_acl+0x386/0x400
[  170.519073][ T5925]  tomoyo_path_number_perm+0x438/0x5a0
[  170.519091][ T5925]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  170.519110][ T5925]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  170.519134][ T5925]  ? _raw_spin_lock_irq+0xae/0xf0
[  170.519178][ T5925]  ? __pfx_ptrace_notify+0x10/0x10
[  170.519209][ T5925]  security_file_ioctl+0xcb/0x2d0
[  170.519230][ T5925]  __se_sys_ioctl+0x47/0x170
[  170.519250][ T5925]  do_syscall_64+0xfa/0x3b0
[  170.519273][ T5925]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.519294][ T5925]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.519310][ T5925]  ? clear_bhb_loop+0x60/0xb0
[  170.519328][ T5925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.519343][ T5925] RIP: 0033:0x7f39278e2869
[  170.519357][ T5925] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  170.519371][ T5925] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5926 attached
, child_tidptr=0x55558ec87650) = 5926
[pid  5926] set_robust_list(0x55558ec87660, 24) = 0
[pid  5926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5926] setpgid(0, 0)               = 0
[pid  5926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5926] write(3, "1000", 4)         = 4
[pid  5926] close(3)                    = 0
[pid  5926] write(1, "executing program\n", 18executing program
) = 18
[pid  5926] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5926] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5926] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5926] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5926] write(6, "4", 1)            = 1
[  170.519388][ T5925] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  170.519400][ T5925] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  170.519409][ T5925] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  170.519419][ T5925] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  170.519428][ T5925] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  170.519450][ T5925]  </TASK>
[pid  5926] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5926] exit_group(0)               = ?
[  170.820942][ T5926] FAULT_INJECTION: forcing a failure.
[  170.820942][ T5926] name failslab, interval 1, probability 0, space 0, times 0
[  170.833983][ T5926] CPU: 0 UID: 0 PID: 5926 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  170.834006][ T5926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  170.834016][ T5926] Call Trace:
[  170.834022][ T5926]  <TASK>
[  170.834028][ T5926]  dump_stack_lvl+0x189/0x250
[  170.834050][ T5926]  ? __pfx____ratelimit+0x10/0x10
[  170.834073][ T5926]  ? __pfx_dump_stack_lvl+0x10/0x10
[  170.834089][ T5926]  ? __pfx__printk+0x10/0x10
[  170.834114][ T5926]  ? __pfx___might_resched+0x10/0x10
[  170.834138][ T5926]  ? fs_reclaim_acquire+0x7d/0x100
[  170.834164][ T5926]  should_fail_ex+0x414/0x560
[  170.834186][ T5926]  should_failslab+0xa8/0x100
[  170.834215][ T5926]  __kmalloc_noprof+0xcb/0x4f0
[  170.834234][ T5926]  ? tomoyo_init_log+0x1a6e/0x1f70
[  170.834260][ T5926]  tomoyo_init_log+0x1a6e/0x1f70
[  170.834299][ T5926]  ? __pfx_tomoyo_init_log+0x10/0x10
[  170.834322][ T5926]  ? tomoyo_profile+0x11/0x50
[  170.834343][ T5926]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  170.834366][ T5926]  tomoyo_supervisor+0x340/0x1480
[  170.834390][ T5926]  ? format_decode+0x5a3/0xe30
[  170.834413][ T5926]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  170.834444][ T5926]  ? snprintf+0xda/0x120
[  170.834468][ T5926]  ? __pfx_snprintf+0x10/0x10
[  170.834487][ T5926]  ? tomoyo_check_acl+0x386/0x400
[  170.834510][ T5926]  tomoyo_path_number_perm+0x438/0x5a0
[  170.834529][ T5926]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  170.834548][ T5926]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  170.834572][ T5926]  ? _raw_spin_lock_irq+0xae/0xf0
[  170.834616][ T5926]  ? __pfx_ptrace_notify+0x10/0x10
[  170.834648][ T5926]  security_file_ioctl+0xcb/0x2d0
[  170.834667][ T5926]  __se_sys_ioctl+0x47/0x170
[  170.834686][ T5926]  do_syscall_64+0xfa/0x3b0
[  170.834708][ T5926]  ? lockdep_hardirqs_on+0x9c/0x150
[  170.834729][ T5926]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.834744][ T5926]  ? clear_bhb_loop+0x60/0xb0
[  170.834763][ T5926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.834777][ T5926] RIP: 0033:0x7f39278e2869
[  170.834791][ T5926] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  170.834805][ T5926] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  170.834822][ T5926] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5926] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5926, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5927 attached
, child_tidptr=0x55558ec87650) = 5927
[pid  5927] set_robust_list(0x55558ec87660, 24) = 0
[pid  5927] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5927] setpgid(0, 0)               = 0
[pid  5927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5927] write(3, "1000", 4)         = 4
[pid  5927] close(3)                    = 0
executing program
[pid  5927] write(1, "executing program\n", 18) = 18
[  170.834833][ T5926] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  170.834843][ T5926] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  170.834852][ T5926] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  170.834862][ T5926] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  170.834883][ T5926]  </TASK>
[pid  5927] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5927] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5927] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5927] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5927] write(6, "4", 1)            = 1
[pid  5927] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5927] exit_group(0)               = ?
[  171.190635][ T5927] FAULT_INJECTION: forcing a failure.
[  171.190635][ T5927] name failslab, interval 1, probability 0, space 0, times 0
[  171.204035][ T5927] CPU: 1 UID: 0 PID: 5927 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  171.204067][ T5927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  171.204081][ T5927] Call Trace:
[  171.204089][ T5927]  <TASK>
[  171.204100][ T5927]  dump_stack_lvl+0x189/0x250
[  171.204129][ T5927]  ? __pfx____ratelimit+0x10/0x10
[  171.204159][ T5927]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.204183][ T5927]  ? __pfx__printk+0x10/0x10
[  171.204215][ T5927]  ? __pfx___might_resched+0x10/0x10
[  171.204247][ T5927]  ? fs_reclaim_acquire+0x7d/0x100
[  171.204282][ T5927]  should_fail_ex+0x414/0x560
[  171.204313][ T5927]  should_failslab+0xa8/0x100
[  171.204354][ T5927]  __kmalloc_noprof+0xcb/0x4f0
[  171.204381][ T5927]  ? tomoyo_init_log+0x1a6e/0x1f70
[  171.204417][ T5927]  tomoyo_init_log+0x1a6e/0x1f70
[  171.204474][ T5927]  ? __pfx_tomoyo_init_log+0x10/0x10
[  171.204506][ T5927]  ? tomoyo_profile+0x11/0x50
[  171.204535][ T5927]  ? tomoyo_domain_quota_is_ok+0x42b/0x570
[  171.204567][ T5927]  tomoyo_supervisor+0x340/0x1480
[  171.204599][ T5927]  ? format_decode+0x5a3/0xe30
[  171.204633][ T5927]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  171.204677][ T5927]  ? snprintf+0xda/0x120
[  171.204708][ T5927]  ? __pfx_snprintf+0x10/0x10
[  171.204737][ T5927]  ? tomoyo_check_acl+0x386/0x400
[  171.204770][ T5927]  tomoyo_path_number_perm+0x438/0x5a0
[  171.204797][ T5927]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  171.204825][ T5927]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  171.204861][ T5927]  ? _raw_spin_lock_irq+0xae/0xf0
[  171.204925][ T5927]  ? __pfx_ptrace_notify+0x10/0x10
[  171.204968][ T5927]  security_file_ioctl+0xcb/0x2d0
[  171.204988][ T5927]  __se_sys_ioctl+0x47/0x170
[  171.205008][ T5927]  do_syscall_64+0xfa/0x3b0
[  171.205031][ T5927]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.205053][ T5927]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.205069][ T5927]  ? clear_bhb_loop+0x60/0xb0
[  171.205087][ T5927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.205104][ T5927] RIP: 0033:0x7f39278e2869
[  171.205119][ T5927] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  171.205132][ T5927] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.205149][ T5927] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[pid  5927] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5927, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5928 attached
, child_tidptr=0x55558ec87650) = 5928
[pid  5928] set_robust_list(0x55558ec87660, 24) = 0
[pid  5928] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  171.205161][ T5927] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  171.205171][ T5927] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  171.205181][ T5927] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  171.205190][ T5927] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  171.205212][ T5927]  </TASK>
[pid  5928] setpgid(0, 0)               = 0
[pid  5928] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5928] write(3, "1000", 4)         = 4
[pid  5928] close(3)                    = 0
executing program
[pid  5928] write(1, "executing program\n", 18) = 18
[pid  5928] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5928] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5928] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5928] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5928] write(6, "4", 1)            = 1
[  171.584627][ T5928] FAULT_INJECTION: forcing a failure.
[  171.584627][ T5928] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  171.585131][ T5928] 
[  171.585138][ T5928] ======================================================
[  171.585145][ T5928] WARNING: possible circular locking dependency detected
[  171.585155][ T5928] 6.16.0-next-20250731-syzkaller #0 Not tainted
[  171.585164][ T5928] ------------------------------------------------------
[  171.585169][ T5928] syz-executor116/5928 is trying to acquire lock:
[  171.585177][ T5928] ffffffff8e12e160 (console_owner){-.-.}-{0:0}, at: console_flush_all+0x13a/0xc40
[  171.585216][ T5928] 
[  171.585216][ T5928] but task is already holding lock:
[  171.585221][ T5928] ffff8880b8739f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  171.585260][ T5928] 
[  171.585260][ T5928] which lock already depends on the new lock.
[  171.585260][ T5928] 
[  171.585265][ T5928] 
[  171.585265][ T5928] the existing dependency chain (in reverse order) is:
[  171.585271][ T5928] 
[  171.585271][ T5928] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  171.585290][ T5928]        lock_acquire+0x120/0x360
[  171.585309][ T5928]        _raw_spin_lock_nested+0x32/0x50
[  171.585328][ T5928]        raw_spin_rq_lock_nested+0x2a/0x140
[  171.585348][ T5928]        task_rq_lock+0xbc/0x470
[  171.585367][ T5928]        cgroup_move_task+0x92/0x2a0
[  171.585379][ T5928]        css_set_move_task+0x658/0x9e0
[  171.585394][ T5928]        cgroup_post_fork+0x1ef/0x790
[  171.585408][ T5928]        copy_process+0x3862/0x3c00
[  171.585421][ T5928]        kernel_clone+0x21e/0x840
[  171.585434][ T5928]        user_mode_thread+0xdd/0x140
[  171.585448][ T5928]        rest_init+0x23/0x300
[  171.585462][ T5928]        start_kernel+0x3a9/0x410
[  171.585485][ T5928]        x86_64_start_reservations+0x24/0x30
[  171.585500][ T5928]        x86_64_start_kernel+0x143/0x1c0
[  171.585514][ T5928]        common_startup_64+0x13e/0x147
[  171.585531][ T5928] 
[  171.585531][ T5928] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  171.585550][ T5928]        lock_acquire+0x120/0x360
[  171.585569][ T5928]        _raw_spin_lock_irqsave+0xa7/0xf0
[  171.585586][ T5928]        try_to_wake_up+0x67/0x12b0
[  171.585601][ T5928]        __wake_up_common_lock+0x134/0x1f0
[  171.585617][ T5928]        tty_port_default_wakeup+0xa2/0xf0
[  171.585640][ T5928]        serial8250_tx_chars+0x72e/0x970
[  171.585659][ T5928]        serial8250_handle_irq+0x633/0xbb0
[  171.585679][ T5928]        serial8250_default_handle_irq+0xbf/0x1e0
[  171.585692][ T5928]        serial8250_interrupt+0x8d/0x160
[  171.585708][ T5928]        __handle_irq_event_percpu+0x28c/0x980
[  171.585724][ T5928]        handle_irq_event+0x8b/0x1e0
[  171.585739][ T5928]        handle_edge_irq+0x23b/0xa10
[  171.585751][ T5928]        __common_interrupt+0x143/0x250
[  171.585771][ T5928]        common_interrupt+0x5e/0xe0
[  171.585785][ T5928]        asm_common_interrupt+0x26/0x40
[  171.585807][ T5928]        lock_acquire+0x175/0x360
[  171.585825][ T5928]        unwind_next_frame+0xc2/0x2390
[  171.585840][ T5928]        arch_stack_walk+0x11c/0x150
[  171.585854][ T5928]        stack_trace_save+0x9c/0xe0
[  171.585869][ T5928]        kasan_save_track+0x3e/0x80
[  171.585884][ T5928]        kasan_save_free_info+0x46/0x50
[  171.585907][ T5928]        __kasan_slab_free+0x5b/0x80
[  171.585923][ T5928]        kfree+0x18e/0x440
[  171.585938][ T5928]        slab_free_after_rcu_debug+0x60/0x2a0
[  171.585952][ T5928]        rcu_core+0xca8/0x1770
[  171.585971][ T5928]        handle_softirqs+0x283/0x870
[  171.585992][ T5928]        __irq_exit_rcu+0xca/0x1f0
[  171.586014][ T5928]        irq_exit_rcu+0x9/0x30
[  171.586038][ T5928]        sysvec_apic_timer_interrupt+0xa6/0xc0
[  171.586062][ T5928]        asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  171.586077][ T5928]        pv_native_safe_halt+0x13/0x20
[  171.586096][ T5928]        default_idle+0x13/0x20
[  171.586107][ T5928]        default_idle_call+0x74/0xb0
[  171.586120][ T5928]        do_idle+0x1e8/0x510
[  171.586140][ T5928]        cpu_startup_entry+0x44/0x60
[  171.586161][ T5928]        rest_init+0x2de/0x300
[  171.586174][ T5928]        start_kernel+0x3a9/0x410
[  171.586201][ T5928]        x86_64_start_reservations+0x24/0x30
[  171.586216][ T5928]        x86_64_start_kernel+0x143/0x1c0
[  171.586230][ T5928]        common_startup_64+0x13e/0x147
[  171.586247][ T5928] 
[  171.586247][ T5928] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[  171.586267][ T5928]        lock_acquire+0x120/0x360
[  171.586285][ T5928]        _raw_spin_lock_irqsave+0xa7/0xf0
[  171.586302][ T5928]        __wake_up_common_lock+0x2f/0x1f0
[  171.586319][ T5928]        tty_port_default_wakeup+0xa2/0xf0
[  171.586340][ T5928]        serial8250_tx_chars+0x72e/0x970
[  171.586359][ T5928]        serial8250_handle_irq+0x633/0xbb0
[  171.586379][ T5928]        serial8250_default_handle_irq+0xbf/0x1e0
[  171.586393][ T5928]        serial8250_interrupt+0x8d/0x160
[  171.586409][ T5928]        __handle_irq_event_percpu+0x28c/0x980
[  171.586425][ T5928]        handle_irq_event+0x8b/0x1e0
[  171.586439][ T5928]        handle_edge_irq+0x23b/0xa10
[  171.586452][ T5928]        __common_interrupt+0x143/0x250
[  171.586472][ T5928]        common_interrupt+0xb6/0xe0
[  171.586486][ T5928]        asm_common_interrupt+0x26/0x40
[  171.586499][ T5928]        _raw_spin_unlock_irqrestore+0xa8/0x110
[  171.586517][ T5928]        uart_port_unlock_deref+0x111/0x2f0
[  171.586537][ T5928]        uart_write+0xe8/0x130
[  171.586555][ T5928]        n_tty_write+0xd2c/0x1200
[  171.586568][ T5928]        file_tty_write+0x554/0xa20
[  171.586585][ T5928]        vfs_write+0x54b/0xa90
[  171.586601][ T5928]        ksys_write+0x145/0x250
[  171.586616][ T5928]        do_syscall_64+0xfa/0x3b0
[  171.586637][ T5928]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.586651][ T5928] 
[  171.586651][ T5928] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  171.586670][ T5928]        lock_acquire+0x120/0x360
[  171.586688][ T5928]        _raw_spin_lock_irqsave+0xa7/0xf0
[  171.586706][ T5928]        serial8250_console_write+0x17e/0x1ba0
[  171.586727][ T5928]        console_flush_all+0x728/0xc40
[  171.586741][ T5928]        console_unlock+0xc4/0x270
[  171.586753][ T5928]        vprintk_emit+0x5b7/0x7a0
[  171.586765][ T5928]        _printk+0xcf/0x120
[  171.586782][ T5928]        register_console+0xa8b/0xf90
[  171.586796][ T5928]        univ8250_console_init+0x3a/0x70
[  171.586811][ T5928]        console_init+0x10e/0x430
[  171.586824][ T5928]        start_kernel+0x254/0x410
[  171.586843][ T5928]        x86_64_start_reservations+0x24/0x30
[  171.586857][ T5928]        x86_64_start_kernel+0x143/0x1c0
[  171.586871][ T5928]        common_startup_64+0x13e/0x147
[  171.586889][ T5928] 
[  171.586889][ T5928] -> #0 (console_owner){-.-.}-{0:0}:
[  171.586908][ T5928]        validate_chain+0xb9b/0x2140
[  171.586919][ T5928]        __lock_acquire+0xab9/0xd20
[  171.586938][ T5928]        lock_acquire+0x120/0x360
[  171.586956][ T5928]        console_flush_all+0x6d2/0xc40
[  171.586970][ T5928]        console_unlock+0xc4/0x270
[  171.586981][ T5928]        vprintk_emit+0x5b7/0x7a0
[  171.586993][ T5928]        _printk+0xcf/0x120
[  171.587010][ T5928]        should_fail_ex+0x3f5/0x560
[  171.587024][ T5928]        strncpy_from_user+0x36/0x290
[  171.587038][ T5928]        strncpy_from_user_nofault+0x72/0x150
[  171.587058][ T5928]        bpf_bprintf_prepare+0xbbc/0x13d0
[  171.587076][ T5928]        bpf_trace_printk+0xdb/0x190
[  171.587096][ T5928]        bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  171.587108][ T5928]        bpf_trace_run2+0x284/0x4b0
[  171.587124][ T5928]        __bpf_trace_contention_begin+0xdc/0x130
[  171.587147][ T5928]        trace_contention_begin+0x114/0x140
[  171.587161][ T5928]        __pv_queued_spin_lock_slowpath+0xf0/0xb60
[  171.587183][ T5928]        queued_spin_lock_slowpath+0x43/0x50
[  171.587199][ T5928]        do_raw_spin_lock+0x21f/0x290
[  171.587214][ T5928]        raw_spin_rq_lock_nested+0x2a/0x140
[  171.587234][ T5928]        __schedule+0x36b/0x4cc0
[  171.587250][ T5928]        preempt_schedule_irq+0xb5/0x150
[  171.587269][ T5928]        irqentry_exit+0x6f/0x90
[  171.587288][ T5928]        asm_sysvec_reschedule_ipi+0x1a/0x20
[  171.587302][ T5928]        stack_trace_consume_entry+0x5/0x280
[  171.587317][ T5928]        arch_stack_walk+0x110/0x150
[  171.587332][ T5928]        stack_trace_save+0x9c/0xe0
[  171.587346][ T5928]        kasan_save_track+0x3e/0x80
[  171.587361][ T5928]        kasan_save_free_info+0x46/0x50
[  171.587383][ T5928]        __kasan_slab_free+0x5b/0x80
[  171.587399][ T5928]        kfree+0x18e/0x440
[  171.587413][ T5928]        tomoyo_realpath_from_path+0x598/0x5d0
[  171.587434][ T5928]        tomoyo_path_number_perm+0x1e8/0x5a0
[  171.587450][ T5928]        security_file_ioctl+0xcb/0x2d0
[  171.587466][ T5928]        __se_sys_ioctl+0x47/0x170
[  171.587479][ T5928]        do_syscall_64+0xfa/0x3b0
[  171.587500][ T5928]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.587514][ T5928] 
[  171.587514][ T5928] other info that might help us debug this:
[  171.587514][ T5928] 
[  171.587519][ T5928] Chain exists of:
[  171.587519][ T5928]   console_owner --> &p->pi_lock --> &rq->__lock
[  171.587519][ T5928] 
[  171.587542][ T5928]  Possible unsafe locking scenario:
[  171.587542][ T5928] 
[  171.587546][ T5928]        CPU0                    CPU1
[  171.587551][ T5928]        ----                    ----
[  171.587555][ T5928]   lock(&rq->__lock);
[  171.587565][ T5928]                                lock(&p->pi_lock);
[  171.587575][ T5928]                                lock(&rq->__lock);
[  171.587585][ T5928]   lock(console_owner);
[  171.587594][ T5928] 
[  171.587594][ T5928]  *** DEADLOCK ***
[  171.587594][ T5928] 
[  171.587603][ T5928] 5 locks held by syz-executor116/5928:
[  171.587612][ T5928]  #0: ffffffff8e845390 (tomoyo_ss){.+.+}-{0:0}, at: tomoyo_path_number_perm+0x1bc/0x5a0
[  171.587649][ T5928]  #1: ffff8880b8739f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  171.587689][ T5928]  #2: ffffffff8e139f20 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x186/0x4b0
[  171.587725][ T5928]  #3: ffffffff8e12e1c0 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x120
[  171.587762][ T5928]  #4: ffffffff8e015a90 (console_srcu){....}-{0:0}, at: console_flush_all+0x13a/0xc40
[  171.587797][ T5928] 
[  171.587797][ T5928] stack backtrace:
[  171.587805][ T5928] CPU: 1 UID: 0 PID: 5928 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  171.587829][ T5928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  171.587843][ T5928] Call Trace:
[  171.587850][ T5928]  <TASK>
[  171.587860][ T5928]  dump_stack_lvl+0x189/0x250
[  171.587882][ T5928]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.587903][ T5928]  ? __pfx__printk+0x10/0x10
[  171.587929][ T5928]  ? print_lock_name+0xde/0x100
[  171.587954][ T5928]  print_circular_bug+0x2ee/0x310
[  171.587975][ T5928]  check_noncircular+0x134/0x160
[  171.587998][ T5928]  validate_chain+0xb9b/0x2140
[  171.588026][ T5928]  __lock_acquire+0xab9/0xd20
[  171.588122][ T5928]  ? console_flush_all+0x13a/0xc40
[  171.588138][ T5928]  lock_acquire+0x120/0x360
[  171.588158][ T5928]  ? console_flush_all+0x13a/0xc40
[  171.588176][ T5928]  ? do_raw_spin_unlock+0x122/0x240
[  171.588192][ T5928]  ? console_flush_all+0x13a/0xc40
[  171.588209][ T5928]  console_flush_all+0x6d2/0xc40
[  171.588224][ T5928]  ? console_flush_all+0x13a/0xc40
[  171.588241][ T5928]  ? console_flush_all+0x13a/0xc40
[  171.588259][ T5928]  ? __pfx_console_flush_all+0x10/0x10
[  171.588275][ T5928]  ? bsearch+0x95/0xc0
[  171.588289][ T5928]  ? strncpy_from_user+0x1bc/0x290
[  171.588306][ T5928]  ? is_printk_cpu_sync_owner+0x32/0x40
[  171.588326][ T5928]  console_unlock+0xc4/0x270
[  171.588341][ T5928]  ? __pfx_console_unlock+0x10/0x10
[  171.588356][ T5928]  ? is_printk_cpu_sync_owner+0x32/0x40
[  171.588375][ T5928]  vprintk_emit+0x5b7/0x7a0
[  171.588458][ T5928]  ? __pfx_vprintk_emit+0x10/0x10
[  171.588474][ T5928]  ? check_buffer+0x259/0x750
[  171.588496][ T5928]  _printk+0xcf/0x120
[  171.588514][ T5928]  ? __pfx____ratelimit+0x10/0x10
[  171.588536][ T5928]  ? __pfx__printk+0x10/0x10
[  171.588558][ T5928]  ? ring_buffer_lock_reserve+0xc3f/0x1010
[  171.588583][ T5928]  should_fail_ex+0x3f5/0x560
[  171.588601][ T5928]  strncpy_from_user+0x36/0x290
[  171.588618][ T5928]  strncpy_from_user_nofault+0x72/0x150
[  171.588635][ T5928]  bpf_bprintf_prepare+0xbbc/0x13d0
[  171.588656][ T5928]  ? trace_event_buffer_commit+0x264/0x7f0
[  171.588671][ T5928]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  171.588691][ T5928]  ? bpf_trace_printk+0xc1/0x190
[  171.588716][ T5928]  bpf_trace_printk+0xdb/0x190
[  171.588738][ T5928]  ? __lock_acquire+0xab9/0xd20
[  171.588758][ T5928]  ? __pfx_bpf_trace_printk+0x10/0x10
[  171.588782][ T5928]  ? bpf_trace_run2+0x186/0x4b0
[  171.588800][ T5928]  ? bpf_trace_printk+0x126/0x190
[  171.588822][ T5928]  ? __lock_acquire+0xab9/0xd20
[  171.588844][ T5928]  bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  171.588857][ T5928]  bpf_trace_run2+0x284/0x4b0
[  171.588875][ T5928]  ? bpf_trace_run2+0x186/0x4b0
[  171.588892][ T5928]  ? __pfx_bpf_trace_run2+0x10/0x10
[  171.588909][ T5928]  ? bpf_trace_run2+0x186/0x4b0
[  171.588927][ T5928]  ? __bpf_trace_contention_begin+0xcd/0x130
[  171.588953][ T5928]  __bpf_trace_contention_begin+0xdc/0x130
[  171.588977][ T5928]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  171.589003][ T5928]  ? rcu_read_lock_sched_held+0x89/0x100
[  171.589030][ T5928]  trace_contention_begin+0x114/0x140
[  171.589099][ T5928]  __pv_queued_spin_lock_slowpath+0xf0/0xb60
[  171.589123][ T5928]  ? rcu_qs+0xc4/0x170
[  171.589144][ T5928]  ? __pfx_rcu_qs+0x10/0x10
[  171.589166][ T5928]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  171.589194][ T5928]  queued_spin_lock_slowpath+0x43/0x50
[  171.589212][ T5928]  do_raw_spin_lock+0x21f/0x290
[  171.589230][ T5928]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  171.589250][ T5928]  raw_spin_rq_lock_nested+0x2a/0x140
[  171.589273][ T5928]  __schedule+0x36b/0x4cc0
[  171.589296][ T5928]  ? do_raw_spin_unlock+0x122/0x240
[  171.589315][ T5928]  ? __lock_acquire+0xab9/0xd20
[  171.589336][ T5928]  ? __pfx___schedule+0x10/0x10
[  171.589355][ T5928]  ? __lock_acquire+0xab9/0xd20
[  171.589377][ T5928]  ? __lock_acquire+0xab9/0xd20
[  171.589398][ T5928]  ? preempt_schedule_irq+0xaa/0x150
[  171.589420][ T5928]  preempt_schedule_irq+0xb5/0x150
[  171.589440][ T5928]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  171.589464][ T5928]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  171.589488][ T5928]  irqentry_exit+0x6f/0x90
[  171.589508][ T5928]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  171.589524][ T5928] RIP: 0010:stack_trace_consume_entry+0x5/0x280
[  171.589542][ T5928] Code: f0 5b 41 5e 5d e9 9b cc cd 09 cc e8 65 e7 ca 09 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 <41> 57 41 56 41 55 41 54 53 48 83 ec 18 48 ba 00 00 00 00 00 fc ff
[  171.589556][ T5928] RSP: 0018:ffffc900043ef758 EFLAGS: 00000282
[  171.589569][ T5928] RAX: ffffffff8479ed6b RBX: ffffc900043ef820 RCX: c7ac1e0880d10800
[  171.589581][ T5928] RDX: 0000000000000001 RSI: ffffffff8479ed6b RDI: ffffc900043ef820
[  171.589592][ T5928] RBP: ffffc900043ef7f0 R08: ffffc900043efe78 R09: 0000000000000000
[  171.589603][ T5928] R10: ffffc900043ef7b8 R11: ffffffff81ac4020 R12: ffff888078c2da00
[  171.589614][ T5928] R13: 0000000000000000 R14: ffffffff81ac4020 R15: ffffc900043ef768
[  171.589626][ T5928]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  171.589643][ T5928]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  171.589661][ T5928]  ? security_file_ioctl+0xcb/0x2d0
[  171.589677][ T5928]  ? security_file_ioctl+0xcb/0x2d0
[  171.589694][ T5928]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  171.589711][ T5928]  arch_stack_walk+0x110/0x150
[  171.589729][ T5928]  ? security_file_ioctl+0xcb/0x2d0
[  171.589746][ T5928]  stack_trace_save+0x9c/0xe0
[  171.589762][ T5928]  ? __pfx_stack_trace_save+0x10/0x10
[  171.589779][ T5928]  ? kasan_save_track+0x4f/0x80
[  171.589797][ T5928]  ? __lock_acquire+0xab9/0xd20
[  171.589817][ T5928]  kasan_save_track+0x3e/0x80
[  171.589833][ T5928]  ? kasan_save_track+0x3e/0x80
[  171.589848][ T5928]  ? kasan_save_free_info+0x46/0x50
[  171.589871][ T5928]  ? __kasan_slab_free+0x5b/0x80
[  171.589888][ T5928]  ? kfree+0x18e/0x440
[  171.589903][ T5928]  ? tomoyo_realpath_from_path+0x598/0x5d0
[  171.589925][ T5928]  ? tomoyo_path_number_perm+0x1e8/0x5a0
[  171.589959][ T5928]  kasan_save_free_info+0x46/0x50
[  171.589983][ T5928]  __kasan_slab_free+0x5b/0x80
[  171.590000][ T5928]  ? tomoyo_realpath_from_path+0x598/0x5d0
[  171.590022][ T5928]  kfree+0x18e/0x440
[  171.590040][ T5928]  tomoyo_realpath_from_path+0x598/0x5d0
[  171.590122][ T5928]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  171.590140][ T5928]  tomoyo_path_number_perm+0x1e8/0x5a0
[  171.590159][ T5928]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  171.590180][ T5928]  ? _raw_spin_lock_irq+0xae/0xf0
[  171.590210][ T5928]  ? __pfx_ptrace_notify+0x10/0x10
[  171.590235][ T5928]  security_file_ioctl+0xcb/0x2d0
[  171.590252][ T5928]  __se_sys_ioctl+0x47/0x170
[  171.590269][ T5928]  do_syscall_64+0xfa/0x3b0
[  171.590291][ T5928]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.590312][ T5928]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.590327][ T5928]  ? clear_bhb_loop+0x60/0xb0
[  171.590344][ T5928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.590358][ T5928] RIP: 0033:0x7f39278e2869
[  171.590371][ T5928] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  171.590384][ T5928] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  171.590399][ T5928] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  171.590410][ T5928] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  171.590420][ T5928] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  171.590429][ T5928] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[pid  5928] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  171.590438][ T5928] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  171.590453][ T5928]  </TASK>
[  173.305222][ T5928] CPU: 1 UID: 0 PID: 5928 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  173.305243][ T5928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  173.305253][ T5928] Call Trace:
[  173.305262][ T5928]  <TASK>
[  173.305269][ T5928]  dump_stack_lvl+0x189/0x250
[  173.305290][ T5928]  ? __pfx____ratelimit+0x10/0x10
[  173.305312][ T5928]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.305328][ T5928]  ? __pfx__printk+0x10/0x10
[  173.305350][ T5928]  ? ring_buffer_lock_reserve+0xc3f/0x1010
[  173.305377][ T5928]  should_fail_ex+0x414/0x560
[  173.305395][ T5928]  strncpy_from_user+0x36/0x290
[  173.305412][ T5928]  strncpy_from_user_nofault+0x72/0x150
[  173.305430][ T5928]  bpf_bprintf_prepare+0xbbc/0x13d0
[  173.305453][ T5928]  ? trace_event_buffer_commit+0x264/0x7f0
[  173.305468][ T5928]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  173.305488][ T5928]  ? bpf_trace_printk+0xc1/0x190
[  173.305512][ T5928]  bpf_trace_printk+0xdb/0x190
[  173.305534][ T5928]  ? __lock_acquire+0xab9/0xd20
[  173.305555][ T5928]  ? __pfx_bpf_trace_printk+0x10/0x10
[  173.305579][ T5928]  ? bpf_trace_run2+0x186/0x4b0
[  173.305598][ T5928]  ? bpf_trace_printk+0x126/0x190
[  173.305620][ T5928]  ? __lock_acquire+0xab9/0xd20
[  173.305642][ T5928]  bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  173.305655][ T5928]  bpf_trace_run2+0x284/0x4b0
[  173.305673][ T5928]  ? bpf_trace_run2+0x186/0x4b0
[  173.305690][ T5928]  ? __pfx_bpf_trace_run2+0x10/0x10
[  173.305707][ T5928]  ? bpf_trace_run2+0x186/0x4b0
[  173.305725][ T5928]  ? __bpf_trace_contention_begin+0xcd/0x130
[  173.305751][ T5928]  __bpf_trace_contention_begin+0xdc/0x130
[  173.305775][ T5928]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  173.305801][ T5928]  ? rcu_read_lock_sched_held+0x89/0x100
[  173.305829][ T5928]  trace_contention_begin+0x114/0x140
[  173.305845][ T5928]  __pv_queued_spin_lock_slowpath+0xf0/0xb60
[  173.305869][ T5928]  ? rcu_qs+0xc4/0x170
[  173.305890][ T5928]  ? __pfx_rcu_qs+0x10/0x10
[  173.305912][ T5928]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  173.305940][ T5928]  queued_spin_lock_slowpath+0x43/0x50
[  173.305962][ T5928]  do_raw_spin_lock+0x21f/0x290
[  173.305980][ T5928]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  173.306001][ T5928]  raw_spin_rq_lock_nested+0x2a/0x140
[  173.306025][ T5928]  __schedule+0x36b/0x4cc0
[  173.306049][ T5928]  ? do_raw_spin_unlock+0x122/0x240
[  173.306069][ T5928]  ? __lock_acquire+0xab9/0xd20
[  173.306090][ T5928]  ? __pfx___schedule+0x10/0x10
[  173.306109][ T5928]  ? __lock_acquire+0xab9/0xd20
[  173.306132][ T5928]  ? __lock_acquire+0xab9/0xd20
[  173.306152][ T5928]  ? preempt_schedule_irq+0xaa/0x150
[  173.306174][ T5928]  preempt_schedule_irq+0xb5/0x150
[  173.306194][ T5928]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  173.306218][ T5928]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  173.306242][ T5928]  irqentry_exit+0x6f/0x90
[  173.306263][ T5928]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  173.306279][ T5928] RIP: 0010:stack_trace_consume_entry+0x5/0x280
[  173.306299][ T5928] Code: f0 5b 41 5e 5d e9 9b cc cd 09 cc e8 65 e7 ca 09 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 <41> 57 41 56 41 55 41 54 53 48 83 ec 18 48 ba 00 00 00 00 00 fc ff
[  173.306313][ T5928] RSP: 0018:ffffc900043ef758 EFLAGS: 00000282
[  173.306327][ T5928] RAX: ffffffff8479ed6b RBX: ffffc900043ef820 RCX: c7ac1e0880d10800
[  173.306339][ T5928] RDX: 0000000000000001 RSI: ffffffff8479ed6b RDI: ffffc900043ef820
[  173.306350][ T5928] RBP: ffffc900043ef7f0 R08: ffffc900043efe78 R09: 0000000000000000
[  173.306361][ T5928] R10: ffffc900043ef7b8 R11: ffffffff81ac4020 R12: ffff888078c2da00
[  173.306373][ T5928] R13: 0000000000000000 R14: ffffffff81ac4020 R15: ffffc900043ef768
[  173.306384][ T5928]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  173.306402][ T5928]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  173.306419][ T5928]  ? security_file_ioctl+0xcb/0x2d0
[  173.306435][ T5928]  ? security_file_ioctl+0xcb/0x2d0
[  173.306453][ T5928]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  173.306469][ T5928]  arch_stack_walk+0x110/0x150
[  173.306488][ T5928]  ? security_file_ioctl+0xcb/0x2d0
[  173.306506][ T5928]  stack_trace_save+0x9c/0xe0
[  173.306522][ T5928]  ? __pfx_stack_trace_save+0x10/0x10
[  173.306539][ T5928]  ? kasan_save_track+0x4f/0x80
[  173.306557][ T5928]  ? __lock_acquire+0xab9/0xd20
[  173.306577][ T5928]  kasan_save_track+0x3e/0x80
[  173.306593][ T5928]  ? kasan_save_track+0x3e/0x80
[  173.306609][ T5928]  ? kasan_save_free_info+0x46/0x50
[  173.306632][ T5928]  ? __kasan_slab_free+0x5b/0x80
[  173.306649][ T5928]  ? kfree+0x18e/0x440
[  173.306664][ T5928]  ? tomoyo_realpath_from_path+0x598/0x5d0
[  173.306686][ T5928]  ? tomoyo_path_number_perm+0x1e8/0x5a0
[  173.306721][ T5928]  kasan_save_free_info+0x46/0x50
[  173.306744][ T5928]  __kasan_slab_free+0x5b/0x80
[  173.306762][ T5928]  ? tomoyo_realpath_from_path+0x598/0x5d0
[  173.306784][ T5928]  kfree+0x18e/0x440
[  173.306802][ T5928]  tomoyo_realpath_from_path+0x598/0x5d0
[  173.306828][ T5928]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  173.306846][ T5928]  tomoyo_path_number_perm+0x1e8/0x5a0
[  173.306865][ T5928]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  173.306885][ T5928]  ? _raw_spin_lock_irq+0xae/0xf0
[  173.306915][ T5928]  ? __pfx_ptrace_notify+0x10/0x10
[  173.306941][ T5928]  security_file_ioctl+0xcb/0x2d0
[  173.306957][ T5928]  __se_sys_ioctl+0x47/0x170
[  173.306979][ T5928]  do_syscall_64+0xfa/0x3b0
[  173.307001][ T5928]  ? lockdep_hardirqs_on+0x9c/0x150
[  173.307022][ T5928]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.307037][ T5928]  ? clear_bhb_loop+0x60/0xb0
[  173.307053][ T5928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.307068][ T5928] RIP: 0033:0x7f39278e2869
[  173.307080][ T5928] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  173.307093][ T5928] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  173.307108][ T5928] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  173.307119][ T5928] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  173.307128][ T5928] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[pid  5928] exit_group(0)               = ?
[pid  5928] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5928, si_uid=0, si_status=0, si_utime=0, si_stime=61 /* 0.61 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558ec87650) = 5929
./strace-static-x86_64: Process 5929 attached
[pid  5929] set_robust_list(0x55558ec87660, 24) = 0
[pid  5929] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5929] setpgid(0, 0)               = 0
[pid  5929] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5929] write(3, "1000", 4)         = 4
executing program
[pid  5929] close(3)                    = 0
[pid  5929] write(1, "executing program\n", 18) = 18
[pid  5929] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5929] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5929] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5929] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5929] write(6, "4", 1)            = 1
[  173.307138][ T5928] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  173.307147][ T5928] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  173.307162][ T5928]  </TASK>
[pid  5929] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  173.946022][ T5929] FAULT_INJECTION: forcing a failure.
[  173.946022][ T5929] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  173.959652][ T5929] CPU: 1 UID: 0 PID: 5929 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  173.959681][ T5929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  173.959694][ T5929] Call Trace:
[  173.959702][ T5929]  <TASK>
[  173.959710][ T5929]  dump_stack_lvl+0x189/0x250
[  173.959737][ T5929]  ? __pfx____ratelimit+0x10/0x10
[  173.959766][ T5929]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.959787][ T5929]  ? __pfx__printk+0x10/0x10
[  173.959814][ T5929]  ? lock_acquire+0x5f/0x360
[  173.959847][ T5929]  should_fail_ex+0x414/0x560
[  173.959867][ T5929]  prepare_alloc_pages+0x213/0x610
[  173.959894][ T5929]  __alloc_frozen_pages_noprof+0x123/0x370
[  173.959926][ T5929]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  173.959962][ T5929]  ? policy_nodemask+0x27c/0x720
[  173.959990][ T5929]  alloc_pages_mpol+0x232/0x4a0
[  173.960017][ T5929]  vma_alloc_folio_noprof+0xe4/0x200
[  173.960046][ T5929]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  173.960075][ T5929]  ? rcu_is_watching+0x15/0xb0
[  173.960107][ T5929]  ? lock_release+0x4b/0x3e0
[  173.960135][ T5929]  folio_prealloc+0x30/0x180
[  173.960164][ T5929]  do_wp_page+0x1231/0x5800
[  173.960206][ T5929]  ? __pfx_do_wp_page+0x10/0x10
[  173.960222][ T5929]  ? do_raw_spin_lock+0x121/0x290
[  173.960239][ T5929]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  173.960255][ T5929]  ? ___pte_offset_map+0x45/0x250
[  173.960276][ T5929]  __handle_mm_fault+0x1033/0x5440
[  173.960301][ T5929]  ? __pfx___handle_mm_fault+0x10/0x10
[  173.960319][ T5929]  ? lock_release+0x4b/0x3e0
[  173.960343][ T5929]  ? lock_vma_under_rcu+0xdf/0x3d0
[  173.960363][ T5929]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  173.960382][ T5929]  ? rcu_is_watching+0x15/0xb0
[  173.960407][ T5929]  handle_mm_fault+0x40a/0x8e0
[  173.960429][ T5929]  do_user_addr_fault+0xa81/0x1390
[  173.960455][ T5929]  ? rcu_is_watching+0x15/0xb0
[  173.960478][ T5929]  ? trace_page_fault_user+0x84/0x1e0
[  173.960500][ T5929]  exc_page_fault+0x76/0xf0
[  173.960522][ T5929]  asm_exc_page_fault+0x26/0x30
[  173.960536][ T5929] RIP: 0033:0x7f39278b1050
[  173.960550][ T5929] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  173.960564][ T5929] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  173.960578][ T5929] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5929] exit_group(0)               = ?
[pid  5929] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5929, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5930 attached
, child_tidptr=0x55558ec87650) = 5930
[pid  5930] set_robust_list(0x55558ec87660, 24) = 0
[  173.960588][ T5929] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  173.960598][ T5929] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  173.960608][ T5929] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  173.960617][ T5929] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  173.960633][ T5929]  </TASK>
[  173.960658][ T5929] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5930] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5930] setpgid(0, 0)               = 0
[pid  5930] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5930] write(3, "1000", 4)         = 4
[pid  5930] close(3)                    = 0
[pid  5930] write(1, "executing program\n", 18executing program
) = 18
[pid  5930] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5930] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5930] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5930] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5930] write(6, "4", 1)            = 1
[pid  5930] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  174.317142][ T5930] FAULT_INJECTION: forcing a failure.
[  174.317142][ T5930] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  174.330677][ T5930] CPU: 0 UID: 0 PID: 5930 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  174.330700][ T5930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  174.330710][ T5930] Call Trace:
[  174.330716][ T5930]  <TASK>
[  174.330722][ T5930]  dump_stack_lvl+0x189/0x250
[  174.330742][ T5930]  ? __pfx____ratelimit+0x10/0x10
[  174.330764][ T5930]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.330780][ T5930]  ? __pfx__printk+0x10/0x10
[  174.330800][ T5930]  ? lock_acquire+0x5f/0x360
[  174.330823][ T5930]  should_fail_ex+0x414/0x560
[  174.330841][ T5930]  prepare_alloc_pages+0x213/0x610
[  174.330866][ T5930]  __alloc_frozen_pages_noprof+0x123/0x370
[  174.330891][ T5930]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  174.330917][ T5930]  ? policy_nodemask+0x27c/0x720
[  174.330939][ T5930]  alloc_pages_mpol+0x232/0x4a0
[  174.330960][ T5930]  vma_alloc_folio_noprof+0xe4/0x200
[  174.330981][ T5930]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  174.331003][ T5930]  ? rcu_is_watching+0x15/0xb0
[  174.331026][ T5930]  ? lock_release+0x4b/0x3e0
[  174.331068][ T5930]  folio_prealloc+0x30/0x180
[  174.331088][ T5930]  do_wp_page+0x1231/0x5800
[  174.331112][ T5930]  ? __pfx_do_wp_page+0x10/0x10
[  174.331128][ T5930]  ? do_raw_spin_lock+0x121/0x290
[  174.331152][ T5930]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  174.331168][ T5930]  ? ___pte_offset_map+0x45/0x250
[  174.331188][ T5930]  __handle_mm_fault+0x1033/0x5440
[  174.331212][ T5930]  ? __pfx___handle_mm_fault+0x10/0x10
[  174.331230][ T5930]  ? lock_release+0x4b/0x3e0
[  174.331254][ T5930]  ? lock_vma_under_rcu+0xdf/0x3d0
[  174.331275][ T5930]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  174.331294][ T5930]  ? rcu_is_watching+0x15/0xb0
[  174.331319][ T5930]  handle_mm_fault+0x40a/0x8e0
[  174.331340][ T5930]  do_user_addr_fault+0xa81/0x1390
[  174.331365][ T5930]  ? rcu_is_watching+0x15/0xb0
[  174.331388][ T5930]  ? trace_page_fault_user+0x84/0x1e0
[  174.331411][ T5930]  exc_page_fault+0x76/0xf0
[  174.331432][ T5930]  asm_exc_page_fault+0x26/0x30
[  174.331446][ T5930] RIP: 0033:0x7f39278b1050
[  174.331460][ T5930] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  174.331473][ T5930] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  174.331488][ T5930] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5930] exit_group(0)               = ?
[pid  5930] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5930, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5931 attached
, child_tidptr=0x55558ec87650) = 5931
[pid  5931] set_robust_list(0x55558ec87660, 24) = 0
[  174.331497][ T5930] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  174.331507][ T5930] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  174.331517][ T5930] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  174.331527][ T5930] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  174.331542][ T5930]  </TASK>
[  174.331554][ T5930] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5931] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5931] setpgid(0, 0)               = 0
[pid  5931] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5931] write(3, "1000", 4)         = 4
[pid  5931] close(3)                    = 0
executing program
[pid  5931] write(1, "executing program\n", 18) = 18
[pid  5931] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5931] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5931] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5931] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5931] write(6, "4", 1)            = 1
[pid  5931] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  174.707325][ T5931] FAULT_INJECTION: forcing a failure.
[  174.707325][ T5931] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  174.721133][ T5931] CPU: 0 UID: 0 PID: 5931 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  174.721165][ T5931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  174.721177][ T5931] Call Trace:
[  174.721183][ T5931]  <TASK>
[  174.721190][ T5931]  dump_stack_lvl+0x189/0x250
[  174.721213][ T5931]  ? __pfx____ratelimit+0x10/0x10
[  174.721237][ T5931]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.721255][ T5931]  ? __pfx__printk+0x10/0x10
[  174.721277][ T5931]  ? lock_acquire+0x5f/0x360
[  174.721303][ T5931]  should_fail_ex+0x414/0x560
[  174.721323][ T5931]  prepare_alloc_pages+0x213/0x610
[  174.721351][ T5931]  __alloc_frozen_pages_noprof+0x123/0x370
[  174.721378][ T5931]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  174.721408][ T5931]  ? policy_nodemask+0x27c/0x720
[  174.721431][ T5931]  alloc_pages_mpol+0x232/0x4a0
[  174.721454][ T5931]  vma_alloc_folio_noprof+0xe4/0x200
[  174.721477][ T5931]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  174.721501][ T5931]  ? rcu_is_watching+0x15/0xb0
[  174.721526][ T5931]  ? lock_release+0x4b/0x3e0
[  174.721549][ T5931]  folio_prealloc+0x30/0x180
[  174.721571][ T5931]  do_wp_page+0x1231/0x5800
[  174.721599][ T5931]  ? __pfx_do_wp_page+0x10/0x10
[  174.721616][ T5931]  ? do_raw_spin_lock+0x121/0x290
[  174.721635][ T5931]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  174.721652][ T5931]  ? ___pte_offset_map+0x45/0x250
[  174.721675][ T5931]  __handle_mm_fault+0x1033/0x5440
[  174.721701][ T5931]  ? __pfx___handle_mm_fault+0x10/0x10
[  174.721721][ T5931]  ? lock_release+0x4b/0x3e0
[  174.721747][ T5931]  ? lock_vma_under_rcu+0xdf/0x3d0
[  174.721769][ T5931]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  174.721790][ T5931]  ? rcu_is_watching+0x15/0xb0
[  174.721817][ T5931]  handle_mm_fault+0x40a/0x8e0
[  174.721840][ T5931]  do_user_addr_fault+0xa81/0x1390
[  174.721870][ T5931]  ? rcu_is_watching+0x15/0xb0
[  174.721895][ T5931]  ? trace_page_fault_user+0x84/0x1e0
[  174.721920][ T5931]  exc_page_fault+0x76/0xf0
[  174.721944][ T5931]  asm_exc_page_fault+0x26/0x30
[  174.721961][ T5931] RIP: 0033:0x7f39278b1050
[  174.721976][ T5931] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  174.721991][ T5931] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  174.722007][ T5931] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5931] exit_group(0)               = ?
[pid  5931] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5931, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5932 attached
, child_tidptr=0x55558ec87650) = 5932
[pid  5932] set_robust_list(0x55558ec87660, 24) = 0
[pid  5932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  174.722017][ T5931] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  174.722028][ T5931] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  174.722040][ T5931] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  174.722050][ T5931] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  174.722067][ T5931]  </TASK>
[  174.722085][ T5931] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5932] setpgid(0, 0)               = 0
[pid  5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5932] write(3, "1000", 4)         = 4
[pid  5932] close(3)                    = 0
executing program
[pid  5932] write(1, "executing program\n", 18) = 18
[pid  5932] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5932] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5932] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5932] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5932] write(6, "4", 1)            = 1
[pid  5932] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  175.114992][ T5932] FAULT_INJECTION: forcing a failure.
[  175.114992][ T5932] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  175.128426][ T5932] CPU: 0 UID: 0 PID: 5932 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  175.128455][ T5932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  175.128468][ T5932] Call Trace:
[  175.128476][ T5932]  <TASK>
[  175.128485][ T5932]  dump_stack_lvl+0x189/0x250
[  175.128512][ T5932]  ? __pfx____ratelimit+0x10/0x10
[  175.128541][ T5932]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.128565][ T5932]  ? __pfx__printk+0x10/0x10
[  175.128595][ T5932]  ? lock_acquire+0x5f/0x360
[  175.128628][ T5932]  should_fail_ex+0x414/0x560
[  175.128654][ T5932]  prepare_alloc_pages+0x213/0x610
[  175.128688][ T5932]  __alloc_frozen_pages_noprof+0x123/0x370
[  175.128719][ T5932]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  175.128746][ T5932]  ? policy_nodemask+0x27c/0x720
[  175.128765][ T5932]  ? update_load_avg+0x572/0x1880
[  175.128789][ T5932]  alloc_pages_mpol+0x232/0x4a0
[  175.128810][ T5932]  vma_alloc_folio_noprof+0xe4/0x200
[  175.128839][ T5932]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  175.128860][ T5932]  ? rcu_is_watching+0x15/0xb0
[  175.128884][ T5932]  ? lock_release+0x4b/0x3e0
[  175.128905][ T5932]  folio_prealloc+0x30/0x180
[  175.128925][ T5932]  do_wp_page+0x1231/0x5800
[  175.128950][ T5932]  ? __pfx_do_wp_page+0x10/0x10
[  175.128966][ T5932]  ? do_raw_spin_lock+0x121/0x290
[  175.128983][ T5932]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  175.128999][ T5932]  ? ___pte_offset_map+0x45/0x250
[  175.129020][ T5932]  __handle_mm_fault+0x1033/0x5440
[  175.129044][ T5932]  ? __pfx___handle_mm_fault+0x10/0x10
[  175.129062][ T5932]  ? lock_release+0x4b/0x3e0
[  175.129085][ T5932]  ? lock_vma_under_rcu+0xdf/0x3d0
[  175.129105][ T5932]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  175.129124][ T5932]  ? rcu_is_watching+0x15/0xb0
[  175.129149][ T5932]  handle_mm_fault+0x40a/0x8e0
[  175.129171][ T5932]  do_user_addr_fault+0xa81/0x1390
[  175.129196][ T5932]  ? rcu_is_watching+0x15/0xb0
[  175.129219][ T5932]  ? trace_page_fault_user+0x84/0x1e0
[  175.129241][ T5932]  exc_page_fault+0x76/0xf0
[  175.129264][ T5932]  asm_exc_page_fault+0x26/0x30
[  175.129279][ T5932] RIP: 0033:0x7f39278b1050
[  175.129292][ T5932] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  175.129305][ T5932] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[pid  5932] exit_group(0)               = ?
[pid  5932] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5932, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5933 attached
, child_tidptr=0x55558ec87650) = 5933
[pid  5933] set_robust_list(0x55558ec87660, 24) = 0
[pid  5933] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5933] setpgid(0, 0)               = 0
[  175.129320][ T5932] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  175.129329][ T5932] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  175.129338][ T5932] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  175.129349][ T5932] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  175.129358][ T5932] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  175.129374][ T5932]  </TASK>
[  175.129386][ T5932] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5933] write(3, "1000", 4)         = 4
[pid  5933] close(3)                    = 0
[pid  5933] write(1, "executing program\n", 18executing program
) = 18
[pid  5933] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5933] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5933] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5933] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5933] write(6, "4", 1)            = 1
[pid  5933] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  175.509351][ T5933] FAULT_INJECTION: forcing a failure.
[  175.509351][ T5933] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  175.522686][ T5933] CPU: 1 UID: 0 PID: 5933 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  175.522715][ T5933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  175.522728][ T5933] Call Trace:
[  175.522739][ T5933]  <TASK>
[  175.522749][ T5933]  dump_stack_lvl+0x189/0x250
[  175.522777][ T5933]  ? __pfx____ratelimit+0x10/0x10
[  175.522806][ T5933]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.522829][ T5933]  ? __pfx__printk+0x10/0x10
[  175.522858][ T5933]  ? lock_acquire+0x5f/0x360
[  175.522890][ T5933]  should_fail_ex+0x414/0x560
[  175.522917][ T5933]  prepare_alloc_pages+0x213/0x610
[  175.522954][ T5933]  __alloc_frozen_pages_noprof+0x123/0x370
[  175.522989][ T5933]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  175.523027][ T5933]  ? policy_nodemask+0x27c/0x720
[  175.523070][ T5933]  alloc_pages_mpol+0x232/0x4a0
[  175.523101][ T5933]  vma_alloc_folio_noprof+0xe4/0x200
[  175.523131][ T5933]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  175.523159][ T5933]  ? rcu_is_watching+0x15/0xb0
[  175.523188][ T5933]  ? lock_release+0x4b/0x3e0
[  175.523211][ T5933]  folio_prealloc+0x30/0x180
[  175.523234][ T5933]  do_wp_page+0x1231/0x5800
[  175.523262][ T5933]  ? __pfx_do_wp_page+0x10/0x10
[  175.523279][ T5933]  ? do_raw_spin_lock+0x121/0x290
[  175.523298][ T5933]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  175.523315][ T5933]  ? ___pte_offset_map+0x45/0x250
[  175.523338][ T5933]  __handle_mm_fault+0x1033/0x5440
[  175.523364][ T5933]  ? __pfx___handle_mm_fault+0x10/0x10
[  175.523384][ T5933]  ? lock_release+0x4b/0x3e0
[  175.523410][ T5933]  ? lock_vma_under_rcu+0xdf/0x3d0
[  175.523432][ T5933]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  175.523453][ T5933]  ? rcu_is_watching+0x15/0xb0
[  175.523481][ T5933]  handle_mm_fault+0x40a/0x8e0
[  175.523505][ T5933]  do_user_addr_fault+0xa81/0x1390
[  175.523533][ T5933]  ? rcu_is_watching+0x15/0xb0
[  175.523558][ T5933]  ? trace_page_fault_user+0x84/0x1e0
[  175.523583][ T5933]  exc_page_fault+0x76/0xf0
[  175.523607][ T5933]  asm_exc_page_fault+0x26/0x30
[  175.523624][ T5933] RIP: 0033:0x7f39278b1050
[  175.523639][ T5933] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  175.523654][ T5933] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  175.523671][ T5933] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5933] exit_group(0)               = ?
[pid  5933] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5934 attached
, child_tidptr=0x55558ec87650) = 5934
[pid  5934] set_robust_list(0x55558ec87660, 24) = 0
[  175.523682][ T5933] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  175.523693][ T5933] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  175.523704][ T5933] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  175.523714][ T5933] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  175.523731][ T5933]  </TASK>
[  175.523750][ T5933] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5934] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5934] setpgid(0, 0)               = 0
[pid  5934] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5934] write(3, "1000", 4)         = 4
[pid  5934] close(3)                    = 0
[pid  5934] write(1, "executing program\n", 18executing program
) = 18
[pid  5934] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5934] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5934] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5934] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5934] write(6, "4", 1)            = 1
[pid  5934] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  175.918674][ T5934] FAULT_INJECTION: forcing a failure.
[  175.918674][ T5934] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  175.932045][ T5934] CPU: 1 UID: 0 PID: 5934 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  175.932075][ T5934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  175.932088][ T5934] Call Trace:
[  175.932097][ T5934]  <TASK>
[  175.932106][ T5934]  dump_stack_lvl+0x189/0x250
[  175.932130][ T5934]  ? __pfx____ratelimit+0x10/0x10
[  175.932152][ T5934]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.932167][ T5934]  ? __pfx__printk+0x10/0x10
[  175.932188][ T5934]  ? lock_acquire+0x5f/0x360
[  175.932211][ T5934]  should_fail_ex+0x414/0x560
[  175.932229][ T5934]  prepare_alloc_pages+0x213/0x610
[  175.932255][ T5934]  __alloc_frozen_pages_noprof+0x123/0x370
[  175.932280][ T5934]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  175.932307][ T5934]  ? policy_nodemask+0x27c/0x720
[  175.932328][ T5934]  alloc_pages_mpol+0x232/0x4a0
[  175.932350][ T5934]  vma_alloc_folio_noprof+0xe4/0x200
[  175.932370][ T5934]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  175.932392][ T5934]  ? rcu_is_watching+0x15/0xb0
[  175.932415][ T5934]  ? lock_release+0x4b/0x3e0
[  175.932436][ T5934]  folio_prealloc+0x30/0x180
[  175.932463][ T5934]  do_wp_page+0x1231/0x5800
[  175.932488][ T5934]  ? __pfx_do_wp_page+0x10/0x10
[  175.932504][ T5934]  ? do_raw_spin_lock+0x121/0x290
[  175.932521][ T5934]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  175.932536][ T5934]  ? ___pte_offset_map+0x45/0x250
[  175.932557][ T5934]  __handle_mm_fault+0x1033/0x5440
[  175.932580][ T5934]  ? __pfx___handle_mm_fault+0x10/0x10
[  175.932598][ T5934]  ? lock_release+0x4b/0x3e0
[  175.932622][ T5934]  ? lock_vma_under_rcu+0xdf/0x3d0
[  175.932641][ T5934]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  175.932667][ T5934]  ? rcu_is_watching+0x15/0xb0
[  175.932692][ T5934]  handle_mm_fault+0x40a/0x8e0
[  175.932714][ T5934]  do_user_addr_fault+0xa81/0x1390
[  175.932739][ T5934]  ? rcu_is_watching+0x15/0xb0
[  175.932762][ T5934]  ? trace_page_fault_user+0x84/0x1e0
[  175.932785][ T5934]  exc_page_fault+0x76/0xf0
[  175.932806][ T5934]  asm_exc_page_fault+0x26/0x30
[  175.932821][ T5934] RIP: 0033:0x7f39278b1050
[  175.932834][ T5934] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  175.932848][ T5934] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  175.932863][ T5934] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5934] exit_group(0)               = ?
[pid  5934] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5934, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5935 attached
, child_tidptr=0x55558ec87650) = 5935
[pid  5935] set_robust_list(0x55558ec87660, 24) = 0
[  175.932873][ T5934] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  175.932882][ T5934] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  175.932893][ T5934] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  175.932902][ T5934] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  175.932920][ T5934]  </TASK>
[  175.932934][ T5934] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5935] setpgid(0, 0)               = 0
[pid  5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5935] write(3, "1000", 4)         = 4
[pid  5935] close(3)                    = 0
executing program
[pid  5935] write(1, "executing program\n", 18) = 18
[pid  5935] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5935] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5935] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5935] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5935] write(6, "4", 1)            = 1
[pid  5935] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  176.352811][ T5935] FAULT_INJECTION: forcing a failure.
[  176.352811][ T5935] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  176.366689][ T5935] CPU: 0 UID: 0 PID: 5935 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  176.366712][ T5935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  176.366722][ T5935] Call Trace:
[  176.366728][ T5935]  <TASK>
[  176.366734][ T5935]  dump_stack_lvl+0x189/0x250
[  176.366754][ T5935]  ? __pfx____ratelimit+0x10/0x10
[  176.366776][ T5935]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.366792][ T5935]  ? __pfx__printk+0x10/0x10
[  176.366812][ T5935]  ? lock_acquire+0x5f/0x360
[  176.366835][ T5935]  should_fail_ex+0x414/0x560
[  176.366853][ T5935]  prepare_alloc_pages+0x213/0x610
[  176.366888][ T5935]  __alloc_frozen_pages_noprof+0x123/0x370
[  176.366913][ T5935]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  176.366940][ T5935]  ? policy_nodemask+0x27c/0x720
[  176.366961][ T5935]  alloc_pages_mpol+0x232/0x4a0
[  176.366982][ T5935]  vma_alloc_folio_noprof+0xe4/0x200
[  176.367003][ T5935]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  176.367025][ T5935]  ? rcu_is_watching+0x15/0xb0
[  176.367048][ T5935]  ? lock_release+0x4b/0x3e0
[  176.367069][ T5935]  folio_prealloc+0x30/0x180
[  176.367089][ T5935]  do_wp_page+0x1231/0x5800
[  176.367114][ T5935]  ? __pfx_do_wp_page+0x10/0x10
[  176.367129][ T5935]  ? do_raw_spin_lock+0x121/0x290
[  176.367146][ T5935]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  176.367162][ T5935]  ? ___pte_offset_map+0x45/0x250
[  176.367183][ T5935]  __handle_mm_fault+0x1033/0x5440
[  176.367207][ T5935]  ? __pfx___handle_mm_fault+0x10/0x10
[  176.367225][ T5935]  ? lock_release+0x4b/0x3e0
[  176.367248][ T5935]  ? lock_vma_under_rcu+0xdf/0x3d0
[  176.367268][ T5935]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  176.367288][ T5935]  ? rcu_is_watching+0x15/0xb0
[  176.367313][ T5935]  handle_mm_fault+0x40a/0x8e0
[  176.367334][ T5935]  do_user_addr_fault+0xa81/0x1390
[  176.367359][ T5935]  ? rcu_is_watching+0x15/0xb0
[  176.367382][ T5935]  ? trace_page_fault_user+0x84/0x1e0
[  176.367405][ T5935]  exc_page_fault+0x76/0xf0
[  176.367426][ T5935]  asm_exc_page_fault+0x26/0x30
[  176.367440][ T5935] RIP: 0033:0x7f39278b1050
[  176.367454][ T5935] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  176.367467][ T5935] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[pid  5935] exit_group(0)               = ?
[pid  5935] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} ---
[  176.367481][ T5935] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  176.367491][ T5935] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  176.367501][ T5935] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  176.367511][ T5935] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  176.367520][ T5935] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  176.367535][ T5935]  </TASK>
[  176.367548][ T5935] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5936 attached
, child_tidptr=0x55558ec87650) = 5936
[pid  5936] set_robust_list(0x55558ec87660, 24) = 0
[pid  5936] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5936] setpgid(0, 0)               = 0
[pid  5936] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5936] write(3, "1000", 4)         = 4
[pid  5936] close(3)                    = 0
[pid  5936] write(1, "executing program\n", 18executing program
) = 18
[pid  5936] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5936] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5936] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5936] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5936] write(6, "4", 1)            = 1
[pid  5936] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  176.815103][ T5936] FAULT_INJECTION: forcing a failure.
[  176.815103][ T5936] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  176.828685][ T5936] CPU: 0 UID: 0 PID: 5936 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  176.828709][ T5936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  176.828719][ T5936] Call Trace:
[  176.828724][ T5936]  <TASK>
[  176.828730][ T5936]  dump_stack_lvl+0x189/0x250
[  176.828752][ T5936]  ? __pfx____ratelimit+0x10/0x10
[  176.828774][ T5936]  ? __pfx_dump_stack_lvl+0x10/0x10
[  176.828790][ T5936]  ? __pfx__printk+0x10/0x10
[  176.828810][ T5936]  ? lock_acquire+0x5f/0x360
[  176.828833][ T5936]  should_fail_ex+0x414/0x560
[  176.828851][ T5936]  prepare_alloc_pages+0x213/0x610
[  176.828877][ T5936]  __alloc_frozen_pages_noprof+0x123/0x370
[  176.828901][ T5936]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  176.828929][ T5936]  ? policy_nodemask+0x27c/0x720
[  176.828949][ T5936]  alloc_pages_mpol+0x232/0x4a0
[  176.828971][ T5936]  vma_alloc_folio_noprof+0xe4/0x200
[  176.828992][ T5936]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  176.829013][ T5936]  ? rcu_is_watching+0x15/0xb0
[  176.829036][ T5936]  ? lock_release+0x4b/0x3e0
[  176.829057][ T5936]  folio_prealloc+0x30/0x180
[  176.829077][ T5936]  do_wp_page+0x1231/0x5800
[  176.829102][ T5936]  ? __pfx_do_wp_page+0x10/0x10
[  176.829118][ T5936]  ? do_raw_spin_lock+0x121/0x290
[  176.829135][ T5936]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  176.829150][ T5936]  ? ___pte_offset_map+0x45/0x250
[  176.829171][ T5936]  __handle_mm_fault+0x1033/0x5440
[  176.829195][ T5936]  ? __pfx___handle_mm_fault+0x10/0x10
[  176.829213][ T5936]  ? lock_release+0x4b/0x3e0
[  176.829237][ T5936]  ? lock_vma_under_rcu+0xdf/0x3d0
[  176.829257][ T5936]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  176.829276][ T5936]  ? rcu_is_watching+0x15/0xb0
[  176.829301][ T5936]  handle_mm_fault+0x40a/0x8e0
[  176.829322][ T5936]  do_user_addr_fault+0xa81/0x1390
[  176.829348][ T5936]  ? rcu_is_watching+0x15/0xb0
[  176.829370][ T5936]  ? trace_page_fault_user+0x84/0x1e0
[  176.829393][ T5936]  exc_page_fault+0x76/0xf0
[  176.829415][ T5936]  asm_exc_page_fault+0x26/0x30
[  176.829429][ T5936] RIP: 0033:0x7f39278b1050
[  176.829443][ T5936] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  176.829456][ T5936] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[pid  5936] exit_group(0)               = ?
[pid  5936] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5936, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5937 attached
 <unfinished ...>
[pid  5937] set_robust_list(0x55558ec87660, 24 <unfinished ...>
[pid  5873] <... clone resumed>, child_tidptr=0x55558ec87650) = 5937
[pid  5937] <... set_robust_list resumed>) = 0
[  176.829470][ T5936] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  176.829480][ T5936] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  176.829490][ T5936] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  176.829500][ T5936] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  176.829509][ T5936] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  176.829524][ T5936]  </TASK>
[  176.829536][ T5936] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5937] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5937] setpgid(0, 0)               = 0
[pid  5937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5937] write(3, "1000", 4)         = 4
[pid  5937] close(3)                    = 0
[pid  5937] write(1, "executing program\n", 18executing program
) = 18
[pid  5937] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5937] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5937] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5937] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5937] write(6, "4", 1)            = 1
[pid  5937] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  177.208806][ T5937] FAULT_INJECTION: forcing a failure.
[  177.208806][ T5937] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  177.222419][ T5937] CPU: 0 UID: 0 PID: 5937 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  177.222448][ T5937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  177.222459][ T5937] Call Trace:
[  177.222465][ T5937]  <TASK>
[  177.222472][ T5937]  dump_stack_lvl+0x189/0x250
[  177.222496][ T5937]  ? __pfx____ratelimit+0x10/0x10
[  177.222520][ T5937]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.222538][ T5937]  ? __pfx__printk+0x10/0x10
[  177.222561][ T5937]  ? lock_acquire+0x5f/0x360
[  177.222604][ T5937]  should_fail_ex+0x414/0x560
[  177.222625][ T5937]  prepare_alloc_pages+0x213/0x610
[  177.222653][ T5937]  __alloc_frozen_pages_noprof+0x123/0x370
[  177.222680][ T5937]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  177.222710][ T5937]  ? policy_nodemask+0x27c/0x720
[  177.222734][ T5937]  alloc_pages_mpol+0x232/0x4a0
[  177.222757][ T5937]  vma_alloc_folio_noprof+0xe4/0x200
[  177.222781][ T5937]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  177.222804][ T5937]  ? rcu_is_watching+0x15/0xb0
[  177.222831][ T5937]  ? lock_release+0x4b/0x3e0
[  177.222855][ T5937]  folio_prealloc+0x30/0x180
[  177.222878][ T5937]  do_wp_page+0x1231/0x5800
[  177.222905][ T5937]  ? __pfx_do_wp_page+0x10/0x10
[  177.222923][ T5937]  ? do_raw_spin_lock+0x121/0x290
[  177.222942][ T5937]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  177.222959][ T5937]  ? ___pte_offset_map+0x45/0x250
[  177.222983][ T5937]  __handle_mm_fault+0x1033/0x5440
[  177.223009][ T5937]  ? __pfx___handle_mm_fault+0x10/0x10
[  177.223029][ T5937]  ? lock_release+0x4b/0x3e0
[  177.223055][ T5937]  ? lock_vma_under_rcu+0xdf/0x3d0
[  177.223077][ T5937]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  177.223099][ T5937]  ? rcu_is_watching+0x15/0xb0
[  177.223127][ T5937]  handle_mm_fault+0x40a/0x8e0
[  177.223150][ T5937]  do_user_addr_fault+0xa81/0x1390
[  177.223178][ T5937]  ? rcu_is_watching+0x15/0xb0
[  177.223203][ T5937]  ? trace_page_fault_user+0x84/0x1e0
[  177.223228][ T5937]  exc_page_fault+0x76/0xf0
[  177.223251][ T5937]  asm_exc_page_fault+0x26/0x30
[  177.223267][ T5937] RIP: 0033:0x7f39278b1050
[  177.223282][ T5937] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  177.223297][ T5937] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  177.223314][ T5937] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5937] exit_group(0)               = ?
[pid  5937] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5937, si_uid=0, si_status=0, si_utime=0, si_stime=29 /* 0.29 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5938 attached
, child_tidptr=0x55558ec87650) = 5938
[pid  5938] set_robust_list(0x55558ec87660, 24) = 0
[pid  5938] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5938] setpgid(0, 0)               = 0
[  177.223325][ T5937] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  177.223335][ T5937] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  177.223347][ T5937] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  177.223357][ T5937] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  177.223374][ T5937]  </TASK>
[  177.223392][ T5937] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5938] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5938] write(3, "1000", 4)         = 4
[pid  5938] close(3)                    = 0
[pid  5938] write(1, "executing program\n", 18executing program
) = 18
[pid  5938] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5938] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5938] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5938] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5938] write(6, "4", 1)            = 1
[pid  5938] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  177.601849][ T5938] FAULT_INJECTION: forcing a failure.
[  177.601849][ T5938] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  177.615595][ T5938] CPU: 0 UID: 0 PID: 5938 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  177.615628][ T5938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  177.615642][ T5938] Call Trace:
[  177.615650][ T5938]  <TASK>
[  177.615659][ T5938]  dump_stack_lvl+0x189/0x250
[  177.615688][ T5938]  ? __pfx____ratelimit+0x10/0x10
[  177.615718][ T5938]  ? __pfx_dump_stack_lvl+0x10/0x10
[  177.615741][ T5938]  ? __pfx__printk+0x10/0x10
[  177.615770][ T5938]  ? lock_acquire+0x5f/0x360
[  177.615802][ T5938]  should_fail_ex+0x414/0x560
[  177.615828][ T5938]  prepare_alloc_pages+0x213/0x610
[  177.615873][ T5938]  __alloc_frozen_pages_noprof+0x123/0x370
[  177.615907][ T5938]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  177.615945][ T5938]  ? policy_nodemask+0x27c/0x720
[  177.615975][ T5938]  alloc_pages_mpol+0x232/0x4a0
[  177.616006][ T5938]  vma_alloc_folio_noprof+0xe4/0x200
[  177.616040][ T5938]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  177.616070][ T5938]  ? rcu_is_watching+0x15/0xb0
[  177.616102][ T5938]  ? lock_release+0x4b/0x3e0
[  177.616131][ T5938]  folio_prealloc+0x30/0x180
[  177.616157][ T5938]  do_wp_page+0x1231/0x5800
[  177.616184][ T5938]  ? __pfx_do_wp_page+0x10/0x10
[  177.616201][ T5938]  ? do_raw_spin_lock+0x121/0x290
[  177.616221][ T5938]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  177.616238][ T5938]  ? ___pte_offset_map+0x45/0x250
[  177.616261][ T5938]  __handle_mm_fault+0x1033/0x5440
[  177.616287][ T5938]  ? __pfx___handle_mm_fault+0x10/0x10
[  177.616307][ T5938]  ? lock_release+0x4b/0x3e0
[  177.616333][ T5938]  ? lock_vma_under_rcu+0xdf/0x3d0
[  177.616355][ T5938]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  177.616377][ T5938]  ? rcu_is_watching+0x15/0xb0
[  177.616404][ T5938]  handle_mm_fault+0x40a/0x8e0
[  177.616428][ T5938]  do_user_addr_fault+0xa81/0x1390
[  177.616455][ T5938]  ? rcu_is_watching+0x15/0xb0
[  177.616480][ T5938]  ? trace_page_fault_user+0x84/0x1e0
[  177.616524][ T5938]  exc_page_fault+0x76/0xf0
[  177.616548][ T5938]  asm_exc_page_fault+0x26/0x30
[  177.616564][ T5938] RIP: 0033:0x7f39278b1050
[  177.616579][ T5938] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  177.616596][ T5938] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  177.616612][ T5938] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  177.616623][ T5938] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  177.616634][ T5938] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  177.616646][ T5938] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  177.616656][ T5938] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  177.616673][ T5938]  </TASK>
[pid  5938] exit_group(0)               = ?
[pid  5938] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5938, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5939 attached
, child_tidptr=0x55558ec87650) = 5939
[pid  5939] set_robust_list(0x55558ec87660, 24) = 0
[  177.616690][ T5938] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5939] setpgid(0, 0)               = 0
[pid  5939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5939] write(3, "1000", 4)         = 4
[pid  5939] close(3)                    = 0
executing program
[pid  5939] write(1, "executing program\n", 18) = 18
[pid  5939] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5939] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5939] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5939] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5939] write(6, "4", 1)            = 1
[pid  5939] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  178.008463][ T5939] FAULT_INJECTION: forcing a failure.
[  178.008463][ T5939] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  178.022196][ T5939] CPU: 1 UID: 0 PID: 5939 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  178.022226][ T5939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  178.022239][ T5939] Call Trace:
[  178.022247][ T5939]  <TASK>
[  178.022255][ T5939]  dump_stack_lvl+0x189/0x250
[  178.022282][ T5939]  ? __pfx____ratelimit+0x10/0x10
[  178.022312][ T5939]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.022333][ T5939]  ? __pfx__printk+0x10/0x10
[  178.022358][ T5939]  ? lock_acquire+0x5f/0x360
[  178.022391][ T5939]  should_fail_ex+0x414/0x560
[  178.022416][ T5939]  prepare_alloc_pages+0x213/0x610
[  178.022452][ T5939]  __alloc_frozen_pages_noprof+0x123/0x370
[  178.022484][ T5939]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  178.022523][ T5939]  ? policy_nodemask+0x27c/0x720
[  178.022553][ T5939]  alloc_pages_mpol+0x232/0x4a0
[  178.022584][ T5939]  vma_alloc_folio_noprof+0xe4/0x200
[  178.022613][ T5939]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  178.022644][ T5939]  ? rcu_is_watching+0x15/0xb0
[  178.022677][ T5939]  ? lock_release+0x4b/0x3e0
[  178.022707][ T5939]  folio_prealloc+0x30/0x180
[  178.022745][ T5939]  do_wp_page+0x1231/0x5800
[  178.022781][ T5939]  ? __pfx_do_wp_page+0x10/0x10
[  178.022803][ T5939]  ? do_raw_spin_lock+0x121/0x290
[  178.022828][ T5939]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  178.022851][ T5939]  ? ___pte_offset_map+0x45/0x250
[  178.022880][ T5939]  __handle_mm_fault+0x1033/0x5440
[  178.022914][ T5939]  ? __pfx___handle_mm_fault+0x10/0x10
[  178.022940][ T5939]  ? lock_release+0x4b/0x3e0
[  178.022974][ T5939]  ? lock_vma_under_rcu+0xdf/0x3d0
[  178.023002][ T5939]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  178.023030][ T5939]  ? rcu_is_watching+0x15/0xb0
[  178.023064][ T5939]  handle_mm_fault+0x40a/0x8e0
[  178.023092][ T5939]  do_user_addr_fault+0xa81/0x1390
[  178.023120][ T5939]  ? rcu_is_watching+0x15/0xb0
[  178.023144][ T5939]  ? trace_page_fault_user+0x84/0x1e0
[  178.023170][ T5939]  exc_page_fault+0x76/0xf0
[  178.023194][ T5939]  asm_exc_page_fault+0x26/0x30
[  178.023210][ T5939] RIP: 0033:0x7f39278b1050
[  178.023226][ T5939] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  178.023242][ T5939] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[pid  5939] exit_group(0)               = ?
[pid  5939] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5939, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5940 attached
, child_tidptr=0x55558ec87650) = 5940
[pid  5940] set_robust_list(0x55558ec87660, 24) = 0
[pid  5940] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5940] setpgid(0, 0)               = 0
[pid  5940] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5940] write(3, "1000", 4)         = 4
[  178.023258][ T5939] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  178.023269][ T5939] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  178.023280][ T5939] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  178.023292][ T5939] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  178.023302][ T5939] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  178.023319][ T5939]  </TASK>
[pid  5940] close(3)                    = 0
executing program
[pid  5940] write(1, "executing program\n", 18) = 18
[pid  5940] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5940] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5940] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5940] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5940] write(6, "4", 1)            = 1
[pid  5940] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5940] exit_group(0)               = ?
[pid  5940] +++ exited with 0 +++
[  178.385290][ T5940] FAULT_INJECTION: forcing a failure.
[  178.385290][ T5940] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  178.398924][ T5940] CPU: 0 UID: 0 PID: 5940 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  178.398953][ T5940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  178.398967][ T5940] Call Trace:
[  178.398974][ T5940]  <TASK>
[  178.398983][ T5940]  dump_stack_lvl+0x189/0x250
[  178.399012][ T5940]  ? __pfx____ratelimit+0x10/0x10
[  178.399043][ T5940]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.399067][ T5940]  ? __pfx__printk+0x10/0x10
[  178.399095][ T5940]  ? lock_acquire+0x5f/0x360
[  178.399128][ T5940]  should_fail_ex+0x414/0x560
[  178.399154][ T5940]  prepare_alloc_pages+0x213/0x610
[  178.399184][ T5940]  __alloc_frozen_pages_noprof+0x123/0x370
[  178.399209][ T5940]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  178.399236][ T5940]  ? policy_nodemask+0x27c/0x720
[  178.399257][ T5940]  alloc_pages_mpol+0x232/0x4a0
[  178.399278][ T5940]  vma_alloc_folio_noprof+0xe4/0x200
[  178.399299][ T5940]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  178.399321][ T5940]  ? rcu_is_watching+0x15/0xb0
[  178.399345][ T5940]  ? lock_release+0x4b/0x3e0
[  178.399366][ T5940]  folio_prealloc+0x30/0x180
[  178.399386][ T5940]  do_wp_page+0x1231/0x5800
[  178.399411][ T5940]  ? __pfx_do_wp_page+0x10/0x10
[  178.399426][ T5940]  ? do_raw_spin_lock+0x121/0x290
[  178.399444][ T5940]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  178.399459][ T5940]  ? ___pte_offset_map+0x45/0x250
[  178.399480][ T5940]  __handle_mm_fault+0x1033/0x5440
[  178.399505][ T5940]  ? __pfx___handle_mm_fault+0x10/0x10
[  178.399523][ T5940]  ? lock_release+0x4b/0x3e0
[  178.399547][ T5940]  ? lock_vma_under_rcu+0xdf/0x3d0
[  178.399567][ T5940]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  178.399586][ T5940]  ? rcu_is_watching+0x15/0xb0
[  178.399612][ T5940]  handle_mm_fault+0x40a/0x8e0
[  178.399633][ T5940]  do_user_addr_fault+0xa81/0x1390
[  178.399658][ T5940]  ? rcu_is_watching+0x15/0xb0
[  178.399681][ T5940]  ? trace_page_fault_user+0x84/0x1e0
[  178.399704][ T5940]  exc_page_fault+0x76/0xf0
[  178.399725][ T5940]  asm_exc_page_fault+0x26/0x30
[  178.399739][ T5940] RIP: 0033:0x7f39278b1050
[  178.399761][ T5940] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  178.399775][ T5940] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5940, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5941 attached
, child_tidptr=0x55558ec87650) = 5941
[pid  5941] set_robust_list(0x55558ec87660, 24) = 0
[pid  5941] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5941] setpgid(0, 0)               = 0
[pid  5941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5941] write(3, "1000", 4)         = 4
[pid  5941] close(3)                    = 0
executing program
[pid  5941] write(1, "executing program\n", 18) = 18
[pid  5941] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5941] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5941] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5941] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5941] write(6, "4", 1)            = 1
[  178.399789][ T5940] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[  178.399799][ T5940] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  178.399809][ T5940] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  178.399819][ T5940] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  178.399828][ T5940] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  178.399843][ T5940]  </TASK>
[pid  5941] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[pid  5941] exit_group(0)               = ?
[  178.711142][ T5941] FAULT_INJECTION: forcing a failure.
[  178.711142][ T5941] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  178.724551][ T5941] CPU: 1 UID: 0 PID: 5941 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  178.724581][ T5941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  178.724596][ T5941] Call Trace:
[  178.724605][ T5941]  <TASK>
[  178.724614][ T5941]  dump_stack_lvl+0x189/0x250
[  178.724643][ T5941]  ? __pfx____ratelimit+0x10/0x10
[  178.724674][ T5941]  ? __pfx_dump_stack_lvl+0x10/0x10
[  178.724697][ T5941]  ? __pfx__printk+0x10/0x10
[  178.724726][ T5941]  ? lock_acquire+0x5f/0x360
[  178.724756][ T5941]  should_fail_ex+0x414/0x560
[  178.724779][ T5941]  prepare_alloc_pages+0x213/0x610
[  178.724806][ T5941]  __alloc_frozen_pages_noprof+0x123/0x370
[  178.724831][ T5941]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  178.724857][ T5941]  ? policy_nodemask+0x27c/0x720
[  178.724879][ T5941]  alloc_pages_mpol+0x232/0x4a0
[  178.724900][ T5941]  vma_alloc_folio_noprof+0xe4/0x200
[  178.724921][ T5941]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  178.724942][ T5941]  ? rcu_is_watching+0x15/0xb0
[  178.724966][ T5941]  ? lock_release+0x4b/0x3e0
[  178.724986][ T5941]  folio_prealloc+0x30/0x180
[  178.725006][ T5941]  do_wp_page+0x1231/0x5800
[  178.725031][ T5941]  ? __pfx_do_wp_page+0x10/0x10
[  178.725046][ T5941]  ? do_raw_spin_lock+0x121/0x290
[  178.725063][ T5941]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  178.725079][ T5941]  ? ___pte_offset_map+0x45/0x250
[  178.725100][ T5941]  __handle_mm_fault+0x1033/0x5440
[  178.725123][ T5941]  ? __pfx___handle_mm_fault+0x10/0x10
[  178.725141][ T5941]  ? lock_release+0x4b/0x3e0
[  178.725165][ T5941]  ? lock_vma_under_rcu+0xdf/0x3d0
[  178.725184][ T5941]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  178.725203][ T5941]  ? rcu_is_watching+0x15/0xb0
[  178.725228][ T5941]  handle_mm_fault+0x40a/0x8e0
[  178.725250][ T5941]  do_user_addr_fault+0xa81/0x1390
[  178.725275][ T5941]  ? rcu_is_watching+0x15/0xb0
[  178.725297][ T5941]  ? trace_page_fault_user+0x84/0x1e0
[  178.725319][ T5941]  exc_page_fault+0x76/0xf0
[  178.725341][ T5941]  asm_exc_page_fault+0x26/0x30
[  178.725355][ T5941] RIP: 0033:0x7f39278b1050
[  178.725369][ T5941] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  178.725382][ T5941] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  178.725397][ T5941] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5941] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5941, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5942 attached
, child_tidptr=0x55558ec87650) = 5942
[pid  5942] set_robust_list(0x55558ec87660, 24) = 0
[pid  5942] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5942] setpgid(0, 0)               = 0
[pid  5942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5942] write(3, "1000", 4)         = 4
[pid  5942] close(3executing program
)                    = 0
[pid  5942] write(1, "executing program\n", 18) = 18
[pid  5942] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5942] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5942] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5942] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5942] write(6, "4", 1)            = 1
[pid  5942] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  178.725406][ T5941] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  178.725416][ T5941] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  178.725426][ T5941] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  178.725435][ T5941] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  178.725453][ T5941]  </TASK>
[  179.033433][ T5942] FAULT_INJECTION: forcing a failure.
[  179.033433][ T5942] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  179.046980][ T5942] CPU: 0 UID: 0 PID: 5942 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  179.047011][ T5942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.047025][ T5942] Call Trace:
[  179.047034][ T5942]  <TASK>
[  179.047042][ T5942]  dump_stack_lvl+0x189/0x250
[  179.047069][ T5942]  ? __pfx____ratelimit+0x10/0x10
[  179.047099][ T5942]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.047115][ T5942]  ? __pfx__printk+0x10/0x10
[  179.047136][ T5942]  ? lock_acquire+0x5f/0x360
[  179.047159][ T5942]  should_fail_ex+0x414/0x560
[  179.047178][ T5942]  prepare_alloc_pages+0x213/0x610
[  179.047204][ T5942]  __alloc_frozen_pages_noprof+0x123/0x370
[  179.047228][ T5942]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  179.047256][ T5942]  ? policy_nodemask+0x27c/0x720
[  179.047277][ T5942]  alloc_pages_mpol+0x232/0x4a0
[  179.047298][ T5942]  vma_alloc_folio_noprof+0xe4/0x200
[  179.047320][ T5942]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  179.047341][ T5942]  ? rcu_is_watching+0x15/0xb0
[  179.047365][ T5942]  ? lock_release+0x4b/0x3e0
[  179.047386][ T5942]  folio_prealloc+0x30/0x180
[  179.047407][ T5942]  do_wp_page+0x1231/0x5800
[  179.047525][ T5942]  ? __pfx_do_wp_page+0x10/0x10
[  179.047545][ T5942]  ? do_raw_spin_lock+0x121/0x290
[  179.047564][ T5942]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  179.047580][ T5942]  ? ___pte_offset_map+0x45/0x250
[  179.047602][ T5942]  __handle_mm_fault+0x1033/0x5440
[  179.047626][ T5942]  ? __pfx___handle_mm_fault+0x10/0x10
[  179.047644][ T5942]  ? lock_release+0x4b/0x3e0
[  179.047668][ T5942]  ? lock_vma_under_rcu+0xdf/0x3d0
[  179.047689][ T5942]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  179.047708][ T5942]  ? rcu_is_watching+0x15/0xb0
[  179.047747][ T5942]  handle_mm_fault+0x40a/0x8e0
[  179.047769][ T5942]  do_user_addr_fault+0xa81/0x1390
[  179.047794][ T5942]  ? rcu_is_watching+0x15/0xb0
[  179.047824][ T5942]  ? trace_page_fault_user+0x84/0x1e0
[  179.047860][ T5942]  exc_page_fault+0x76/0xf0
[  179.047890][ T5942]  asm_exc_page_fault+0x26/0x30
[  179.047910][ T5942] RIP: 0033:0x7f39278b1050
[  179.047930][ T5942] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  179.047944][ T5942] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  179.047959][ T5942] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5942] exit_group(0)               = ?
[pid  5942] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5942, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5943 attached
, child_tidptr=0x55558ec87650) = 5943
[pid  5943] set_robust_list(0x55558ec87660, 24) = 0
[pid  5943] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[  179.047969][ T5942] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  179.047979][ T5942] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  179.047990][ T5942] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  179.047999][ T5942] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  179.048015][ T5942]  </TASK>
[  179.315856][ T5942] pagefault_out_of_memory: 3 callbacks suppressed
[  179.315874][ T5942] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5943] setpgid(0, 0)               = 0
[pid  5943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5943] write(3, "1000", 4)         = 4
[pid  5943] close(3)                    = 0
executing program
[pid  5943] write(1, "executing program\n", 18) = 18
[pid  5943] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5943] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5943] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5943] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5943] write(6, "4", 1)            = 1
[pid  5943] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  179.432130][ T5943] FAULT_INJECTION: forcing a failure.
[  179.432130][ T5943] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  179.445389][ T5943] CPU: 1 UID: 0 PID: 5943 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  179.445421][ T5943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.445435][ T5943] Call Trace:
[  179.445441][ T5943]  <TASK>
[  179.445450][ T5943]  dump_stack_lvl+0x189/0x250
[  179.445477][ T5943]  ? __pfx____ratelimit+0x10/0x10
[  179.445507][ T5943]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.445530][ T5943]  ? __pfx__printk+0x10/0x10
[  179.445556][ T5943]  ? __might_fault+0xb0/0x130
[  179.445584][ T5943]  ? rcu_is_watching+0x15/0xb0
[  179.445619][ T5943]  ? rcu_is_watching+0x15/0xb0
[  179.445652][ T5943]  should_fail_ex+0x414/0x560
[  179.445685][ T5943]  _copy_from_user+0x2d/0xb0
[  179.445705][ T5943]  do_fb_ioctl+0x29e/0x750
[  179.445726][ T5943]  ? __pfx_do_fb_ioctl+0x10/0x10
[  179.445765][ T5943]  ? __pfx_ptrace_notify+0x10/0x10
[  179.445802][ T5943]  ? bpf_lsm_file_ioctl+0x9/0x20
[  179.445826][ T5943]  ? __pfx_fb_ioctl+0x10/0x10
[  179.445859][ T5943]  __se_sys_ioctl+0xf9/0x170
[  179.445899][ T5943]  do_syscall_64+0xfa/0x3b0
[  179.445932][ T5943]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.445953][ T5943]  ? clear_bhb_loop+0x60/0xb0
[  179.445977][ T5943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.445998][ T5943] RIP: 0033:0x7f39278e2869
[  179.446016][ T5943] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  179.446041][ T5943] RSP: 002b:00007ffc8670e328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  179.446065][ T5943] RAX: ffffffffffffffda RBX: 00007ffc8670e340 RCX: 00007f39278e2869
[  179.446082][ T5943] RDX: 0000000000000000 RSI: 0000000000004606 RDI: 0000000000000005
[  179.446095][ T5943] RBP: 0000000000000001 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[pid  5943] exit_group(0)               = ?
[pid  5943] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5943, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5944 attached
, child_tidptr=0x55558ec87650) = 5944
[pid  5944] set_robust_list(0x55558ec87660, 24) = 0
[pid  5944] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5944] setpgid(0, 0)               = 0
[pid  5944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[  179.446108][ T5943] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  179.446121][ T5943] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  179.446142][ T5943]  </TASK>
[pid  5944] write(3, "1000", 4)         = 4
[pid  5944] close(3)                    = 0
executing program
[pid  5944] write(1, "executing program\n", 18) = 18
[pid  5944] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5944] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5944] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5944] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5944] write(6, "4", 1)            = 1
[pid  5944] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  179.752679][ T5944] FAULT_INJECTION: forcing a failure.
[  179.752679][ T5944] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  179.767124][ T5944] CPU: 1 UID: 0 PID: 5944 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  179.767156][ T5944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.767169][ T5944] Call Trace:
[  179.767177][ T5944]  <TASK>
[  179.767185][ T5944]  dump_stack_lvl+0x189/0x250
[  179.767213][ T5944]  ? __pfx____ratelimit+0x10/0x10
[  179.767243][ T5944]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.767265][ T5944]  ? __pfx__printk+0x10/0x10
[  179.767293][ T5944]  ? lock_acquire+0x5f/0x360
[  179.767325][ T5944]  should_fail_ex+0x414/0x560
[  179.767350][ T5944]  prepare_alloc_pages+0x213/0x610
[  179.767392][ T5944]  __alloc_frozen_pages_noprof+0x123/0x370
[  179.767424][ T5944]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  179.767458][ T5944]  ? policy_nodemask+0x27c/0x720
[  179.767488][ T5944]  alloc_pages_mpol+0x232/0x4a0
[  179.767515][ T5944]  vma_alloc_folio_noprof+0xe4/0x200
[  179.767543][ T5944]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  179.767569][ T5944]  ? rcu_is_watching+0x15/0xb0
[  179.767600][ T5944]  ? lock_release+0x4b/0x3e0
[  179.767628][ T5944]  folio_prealloc+0x30/0x180
[  179.767656][ T5944]  do_wp_page+0x1231/0x5800
[  179.767692][ T5944]  ? __pfx_do_wp_page+0x10/0x10
[  179.767715][ T5944]  ? do_raw_spin_lock+0x121/0x290
[  179.767741][ T5944]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  179.767763][ T5944]  ? ___pte_offset_map+0x45/0x250
[  179.767791][ T5944]  __handle_mm_fault+0x1033/0x5440
[  179.767827][ T5944]  ? __pfx___handle_mm_fault+0x10/0x10
[  179.767853][ T5944]  ? lock_release+0x4b/0x3e0
[  179.767881][ T5944]  ? lock_vma_under_rcu+0xdf/0x3d0
[  179.767902][ T5944]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  179.767921][ T5944]  ? rcu_is_watching+0x15/0xb0
[  179.767946][ T5944]  handle_mm_fault+0x40a/0x8e0
[  179.767968][ T5944]  do_user_addr_fault+0xa81/0x1390
[  179.767993][ T5944]  ? rcu_is_watching+0x15/0xb0
[  179.768016][ T5944]  ? trace_page_fault_user+0x84/0x1e0
[  179.768038][ T5944]  exc_page_fault+0x76/0xf0
[  179.768060][ T5944]  asm_exc_page_fault+0x26/0x30
[  179.768075][ T5944] RIP: 0033:0x7f39278b1050
[  179.768089][ T5944] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  179.768103][ T5944] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  179.768117][ T5944] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5944] exit_group(0)               = ?
[pid  5944] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5944, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5945 attached
, child_tidptr=0x55558ec87650) = 5945
[pid  5945] set_robust_list(0x55558ec87660, 24) = 0
[pid  5945] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5945] setpgid(0, 0)               = 0
[pid  5945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5945] write(3, "1000", 4)         = 4
[pid  5945] close(3)                    = 0
executing program
[  179.768127][ T5944] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  179.768136][ T5944] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  179.768147][ T5944] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  179.768156][ T5944] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  179.768171][ T5944]  </TASK>
[  180.036095][ T5944] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5945] write(1, "executing program\n", 18) = 18
[pid  5945] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5945] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5945] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5945] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5945] write(6, "4", 1)            = 1
[pid  5945] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  180.129213][ T5945] FAULT_INJECTION: forcing a failure.
[  180.129213][ T5945] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  180.142993][ T5945] CPU: 0 UID: 0 PID: 5945 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  180.143016][ T5945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  180.143026][ T5945] Call Trace:
[  180.143032][ T5945]  <TASK>
[  180.143038][ T5945]  dump_stack_lvl+0x189/0x250
[  180.143059][ T5945]  ? __pfx____ratelimit+0x10/0x10
[  180.143081][ T5945]  ? __pfx_dump_stack_lvl+0x10/0x10
[  180.143097][ T5945]  ? __pfx__printk+0x10/0x10
[  180.143118][ T5945]  ? lock_acquire+0x5f/0x360
[  180.143141][ T5945]  should_fail_ex+0x414/0x560
[  180.143160][ T5945]  prepare_alloc_pages+0x213/0x610
[  180.143186][ T5945]  __alloc_frozen_pages_noprof+0x123/0x370
[  180.143210][ T5945]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  180.143237][ T5945]  ? policy_nodemask+0x27c/0x720
[  180.143258][ T5945]  alloc_pages_mpol+0x232/0x4a0
[  180.143279][ T5945]  vma_alloc_folio_noprof+0xe4/0x200
[  180.143300][ T5945]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  180.143344][ T5945]  ? rcu_is_watching+0x15/0xb0
[  180.143368][ T5945]  ? lock_release+0x4b/0x3e0
[  180.143389][ T5945]  folio_prealloc+0x30/0x180
[  180.143410][ T5945]  do_wp_page+0x1231/0x5800
[  180.143435][ T5945]  ? __pfx_do_wp_page+0x10/0x10
[  180.143450][ T5945]  ? do_raw_spin_lock+0x121/0x290
[  180.143468][ T5945]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  180.143483][ T5945]  ? ___pte_offset_map+0x45/0x250
[  180.143504][ T5945]  __handle_mm_fault+0x1033/0x5440
[  180.143528][ T5945]  ? __pfx___handle_mm_fault+0x10/0x10
[  180.143545][ T5945]  ? lock_release+0x4b/0x3e0
[  180.143570][ T5945]  ? lock_vma_under_rcu+0xdf/0x3d0
[  180.143590][ T5945]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  180.143610][ T5945]  ? rcu_is_watching+0x15/0xb0
[  180.143635][ T5945]  handle_mm_fault+0x40a/0x8e0
[  180.143656][ T5945]  do_user_addr_fault+0xa81/0x1390
[  180.143681][ T5945]  ? rcu_is_watching+0x15/0xb0
[  180.143704][ T5945]  ? trace_page_fault_user+0x84/0x1e0
[  180.143726][ T5945]  exc_page_fault+0x76/0xf0
[  180.143748][ T5945]  asm_exc_page_fault+0x26/0x30
[  180.143762][ T5945] RIP: 0033:0x7f39278b1050
[  180.143776][ T5945] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  180.143789][ T5945] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  180.143803][ T5945] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5945] exit_group(0)               = ?
[pid  5945] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5945, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[  180.143812][ T5945] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  180.143822][ T5945] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  180.143833][ T5945] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  180.143842][ T5945] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  180.143857][ T5945]  </TASK>
[  180.143869][ T5945] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5946 attached
, child_tidptr=0x55558ec87650) = 5946
[pid  5946] set_robust_list(0x55558ec87660, 24) = 0
[pid  5946] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5946] setpgid(0, 0)               = 0
[pid  5946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5946] write(3, "1000", 4)         = 4
[pid  5946] close(3)                    = 0
executing program
[pid  5946] write(1, "executing program\n", 18) = 18
[pid  5946] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5946] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5946] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5946] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5946] write(6, "4", 1)            = 1
[pid  5946] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  180.582848][ T5946] FAULT_INJECTION: forcing a failure.
[  180.582848][ T5946] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  180.596473][ T5946] CPU: 0 UID: 0 PID: 5946 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  180.596496][ T5946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  180.596506][ T5946] Call Trace:
[  180.596512][ T5946]  <TASK>
[  180.596523][ T5946]  dump_stack_lvl+0x189/0x250
[  180.596545][ T5946]  ? __pfx____ratelimit+0x10/0x10
[  180.596566][ T5946]  ? __pfx_dump_stack_lvl+0x10/0x10
[  180.596582][ T5946]  ? __pfx__printk+0x10/0x10
[  180.596609][ T5946]  ? lock_acquire+0x5f/0x360
[  180.596633][ T5946]  should_fail_ex+0x414/0x560
[  180.596651][ T5946]  prepare_alloc_pages+0x213/0x610
[  180.596677][ T5946]  __alloc_frozen_pages_noprof+0x123/0x370
[  180.596702][ T5946]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  180.596728][ T5946]  ? policy_nodemask+0x27c/0x720
[  180.596749][ T5946]  alloc_pages_mpol+0x232/0x4a0
[  180.596770][ T5946]  vma_alloc_folio_noprof+0xe4/0x200
[  180.596791][ T5946]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  180.596813][ T5946]  ? rcu_is_watching+0x15/0xb0
[  180.596836][ T5946]  ? lock_release+0x4b/0x3e0
[  180.596857][ T5946]  folio_prealloc+0x30/0x180
[  180.596877][ T5946]  do_wp_page+0x1231/0x5800
[  180.596901][ T5946]  ? __pfx_do_wp_page+0x10/0x10
[  180.596917][ T5946]  ? do_raw_spin_lock+0x121/0x290
[  180.596934][ T5946]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  180.596949][ T5946]  ? ___pte_offset_map+0x45/0x250
[  180.596970][ T5946]  __handle_mm_fault+0x1033/0x5440
[  180.596994][ T5946]  ? __pfx___handle_mm_fault+0x10/0x10
[  180.597012][ T5946]  ? lock_release+0x4b/0x3e0
[  180.597035][ T5946]  ? lock_vma_under_rcu+0xdf/0x3d0
[  180.597055][ T5946]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  180.597074][ T5946]  ? rcu_is_watching+0x15/0xb0
[  180.597099][ T5946]  handle_mm_fault+0x40a/0x8e0
[  180.597121][ T5946]  do_user_addr_fault+0xa81/0x1390
[  180.597146][ T5946]  ? rcu_is_watching+0x15/0xb0
[  180.597169][ T5946]  ? trace_page_fault_user+0x84/0x1e0
[  180.597192][ T5946]  exc_page_fault+0x76/0xf0
[  180.597214][ T5946]  asm_exc_page_fault+0x26/0x30
[  180.597228][ T5946] RIP: 0033:0x7f39278b1050
[  180.597241][ T5946] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  180.597255][ T5946] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  180.597271][ T5946] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5946] exit_group(0)               = ?
[pid  5946] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5946, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5947 attached
, child_tidptr=0x55558ec87650) = 5947
[  180.597281][ T5946] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  180.597291][ T5946] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  180.597301][ T5946] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  180.597310][ T5946] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  180.597325][ T5946]  </TASK>
[  180.597339][ T5946] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5947] set_robust_list(0x55558ec87660, 24) = 0
[pid  5947] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5947] setpgid(0, 0)               = 0
[pid  5947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5947] write(3, "1000", 4)         = 4
[pid  5947] close(3)                    = 0
[pid  5947] write(1, "executing program\n", 18executing program
) = 18
[pid  5947] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5947] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5947] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5947] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5947] write(6, "4", 1)            = 1
[pid  5947] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  180.982593][ T5947] FAULT_INJECTION: forcing a failure.
[  180.982593][ T5947] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  180.996008][ T5947] CPU: 0 UID: 0 PID: 5947 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  180.996038][ T5947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  180.996051][ T5947] Call Trace:
[  180.996060][ T5947]  <TASK>
[  180.996070][ T5947]  dump_stack_lvl+0x189/0x250
[  180.996097][ T5947]  ? __pfx____ratelimit+0x10/0x10
[  180.996118][ T5947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  180.996134][ T5947]  ? __pfx__printk+0x10/0x10
[  180.996154][ T5947]  ? lock_acquire+0x5f/0x360
[  180.996177][ T5947]  should_fail_ex+0x414/0x560
[  180.996196][ T5947]  prepare_alloc_pages+0x213/0x610
[  180.996639][ T5947]  __alloc_frozen_pages_noprof+0x123/0x370
[  180.996664][ T5947]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  180.996691][ T5947]  ? policy_nodemask+0x27c/0x720
[  180.996712][ T5947]  alloc_pages_mpol+0x232/0x4a0
[  180.996734][ T5947]  vma_alloc_folio_noprof+0xe4/0x200
[  180.996755][ T5947]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  180.996777][ T5947]  ? rcu_is_watching+0x15/0xb0
[  180.996800][ T5947]  ? lock_release+0x4b/0x3e0
[  180.996821][ T5947]  folio_prealloc+0x30/0x180
[  180.996842][ T5947]  do_wp_page+0x1231/0x5800
[  180.996866][ T5947]  ? __pfx_do_wp_page+0x10/0x10
[  180.996882][ T5947]  ? do_raw_spin_lock+0x121/0x290
[  180.996900][ T5947]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  180.996916][ T5947]  ? ___pte_offset_map+0x45/0x250
[  180.996936][ T5947]  __handle_mm_fault+0x1033/0x5440
[  180.996960][ T5947]  ? __pfx___handle_mm_fault+0x10/0x10
[  180.996979][ T5947]  ? lock_release+0x4b/0x3e0
[  180.997002][ T5947]  ? lock_vma_under_rcu+0xdf/0x3d0
[  180.997023][ T5947]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  180.997042][ T5947]  ? rcu_is_watching+0x15/0xb0
[  180.997067][ T5947]  handle_mm_fault+0x40a/0x8e0
[  180.997089][ T5947]  do_user_addr_fault+0xa81/0x1390
[  180.997114][ T5947]  ? rcu_is_watching+0x15/0xb0
[  180.997137][ T5947]  ? trace_page_fault_user+0x84/0x1e0
[  180.997160][ T5947]  exc_page_fault+0x76/0xf0
[  180.997182][ T5947]  asm_exc_page_fault+0x26/0x30
[  180.997197][ T5947] RIP: 0033:0x7f39278b1050
[  180.997224][ T5947] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  180.997244][ T5947] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  180.997262][ T5947] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[pid  5947] exit_group(0)               = ?
[pid  5947] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5947, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5948 attached
, child_tidptr=0x55558ec87650) = 5948
[  180.997274][ T5947] RDX: 0000000000000001 RSI: 00007f3927952118 RDI: 0000000000000000
[  180.997286][ T5947] RBP: 00007f3927952118 R08: 00007ffc8670e0c7 R09: 00000000000000a0
[  180.997300][ T5947] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  180.997312][ T5947] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[  180.997332][ T5947]  </TASK>
[  180.997351][ T5947] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[pid  5948] set_robust_list(0x55558ec87660, 24) = 0
[pid  5948] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid  5948] setpgid(0, 0)               = 0
[pid  5948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid  5948] write(3, "1000", 4)         = 4
[pid  5948] close(3)                    = 0
executing program
[pid  5948] write(1, "executing program\n", 18) = 18
[pid  5948] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, insn_cnt=11, insns=0x2000000005c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_SOCK_CREATE, prog_btf_fd=-1, func_info_rec_size=8, func_info=NULL, func_info_cnt=0, line_info_rec_size=16, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL, ...}, 148) = 3
[pid  5948] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="contention_begin", prog_fd=3}}, 24) = 4
[pid  5948] openat(AT_FDCWD, "/dev/fb0", O_RDONLY) = 5
[pid  5948] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid  5948] write(6, "4", 1)            = 1
[pid  5948] ioctl(5, FBIOPAN_DISPLAY, 0) = -1 EFAULT (Bad address)
[  181.389689][ T5948] FAULT_INJECTION: forcing a failure.
[  181.389689][ T5948] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  181.403187][ T5948] CPU: 0 UID: 0 PID: 5948 Comm: syz-executor116 Not tainted 6.16.0-next-20250731-syzkaller #0 PREEMPT(full) 
[  181.403210][ T5948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  181.403220][ T5948] Call Trace:
[  181.403226][ T5948]  <TASK>
[  181.403231][ T5948]  dump_stack_lvl+0x189/0x250
[  181.403253][ T5948]  ? __pfx____ratelimit+0x10/0x10
[  181.403275][ T5948]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.403290][ T5948]  ? __pfx__printk+0x10/0x10
[  181.403311][ T5948]  ? lock_acquire+0x5f/0x360
[  181.403334][ T5948]  should_fail_ex+0x414/0x560
[  181.403353][ T5948]  prepare_alloc_pages+0x213/0x610
[  181.403378][ T5948]  __alloc_frozen_pages_noprof+0x123/0x370
[  181.403403][ T5948]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  181.403429][ T5948]  ? policy_nodemask+0x27c/0x720
[  181.403450][ T5948]  alloc_pages_mpol+0x232/0x4a0
[  181.403472][ T5948]  vma_alloc_folio_noprof+0xe4/0x200
[  181.403492][ T5948]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  181.403520][ T5948]  ? rcu_is_watching+0x15/0xb0
[  181.403543][ T5948]  ? lock_release+0x4b/0x3e0
[  181.403564][ T5948]  folio_prealloc+0x30/0x180
[  181.403585][ T5948]  do_wp_page+0x1231/0x5800
[  181.403609][ T5948]  ? __pfx_do_wp_page+0x10/0x10
[  181.403625][ T5948]  ? do_raw_spin_lock+0x121/0x290
[  181.403642][ T5948]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  181.403658][ T5948]  ? ___pte_offset_map+0x45/0x250
[  181.403678][ T5948]  __handle_mm_fault+0x1033/0x5440
[  181.403702][ T5948]  ? __pfx___handle_mm_fault+0x10/0x10
[  181.403720][ T5948]  ? lock_release+0x4b/0x3e0
[  181.403744][ T5948]  ? lock_vma_under_rcu+0xdf/0x3d0
[  181.403764][ T5948]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  181.403784][ T5948]  ? rcu_is_watching+0x15/0xb0
[  181.403809][ T5948]  handle_mm_fault+0x40a/0x8e0
[  181.403830][ T5948]  do_user_addr_fault+0xa81/0x1390
[  181.403855][ T5948]  ? rcu_is_watching+0x15/0xb0
[  181.403877][ T5948]  ? trace_page_fault_user+0x84/0x1e0
[  181.403900][ T5948]  exc_page_fault+0x76/0xf0
[  181.403921][ T5948]  asm_exc_page_fault+0x26/0x30
[  181.403935][ T5948] RIP: 0033:0x7f39278b1050
[  181.403949][ T5948] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 9d 0f 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 50 3d 0a 00 0f 85 0f 02 00 00 4c 8d 25 43 3d 0a 00 4c
[  181.403962][ T5948] RSP: 002b:00007ffc8670e2d0 EFLAGS: 00010246
[  181.403976][ T5948] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001