./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1572417885
<...>
Warning: Permanently added '10.128.1.162' (ED25519) to the list of known hosts.
execve("./syz-executor1572417885", ["./syz-executor1572417885"], 0x7ffd723b8160 /* 10 vars */) = 0
brk(NULL) = 0x55558a310000
brk(0x55558a310d00) = 0x55558a310d00
arch_prctl(ARCH_SET_FS, 0x55558a310380) = 0
set_tid_address(0x55558a310650) = 5227
set_robust_list(0x55558a310660, 24) = 0
rseq(0x55558a310ca0, 0x20, 0, 0x53053053) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1572417885", 4096) = 28
getrandom("\xe4\xc4\x0c\x33\x56\x1b\x35\x69", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55558a310d00
brk(0x55558a331d00) = 0x55558a331d00
brk(0x55558a332000) = 0x55558a332000
mprotect(0x7f4ad72cf000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3) = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5228 attached
, child_tidptr=0x55558a310650) = 5228
[pid 5228] set_robust_list(0x55558a310660, 24) = 0
[pid 5228] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5228] setpgid(0, 0) = 0
[pid 5228] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5228] write(3, "1000", 4) = 4
[pid 5228] close(3) = 0
[pid 5228] write(1, "executing program\n", 18executing program
) = 18
[pid 5228] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5228] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5228] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5228] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5228] write(6, "7", 1) = 1
[ 75.756690][ T5228] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 75.765626][ T5228] FAULT_INJECTION: forcing a failure.
[ 75.765626][ T5228] name failslab, interval 1, probability 0, space 0, times 1
[ 75.778652][ T5228] CPU: 1 UID: 0 PID: 5228 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 75.789575][ T5228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 75.799837][ T5228] Call Trace:
[ 75.803154][ T5228]
[ 75.806680][ T5228] dump_stack_lvl+0x241/0x360
[ 75.811448][ T5228] ? __pfx_dump_stack_lvl+0x10/0x10
[ 75.816768][ T5228] ? __pfx__printk+0x10/0x10
[ 75.821398][ T5228] ? __kmalloc_noprof+0xb0/0x400
[ 75.826377][ T5228] ? __pfx___might_resched+0x10/0x10
[ 75.831709][ T5228] should_fail_ex+0x3b0/0x4e0
[ 75.836659][ T5228] ? fib_trie_table+0x33/0x1e0
[ 75.841627][ T5228] should_failslab+0xac/0x100
[ 75.846327][ T5228] ? fib_trie_table+0x33/0x1e0
[ 75.851147][ T5228] __kmalloc_noprof+0xd8/0x400
[ 75.855988][ T5228] fib_trie_table+0x33/0x1e0
[ 75.860694][ T5228] fib_new_table+0x14c/0x2d0
[ 75.865396][ T5228] inet_rtm_newroute+0x131/0x290
[ 75.870383][ T5228] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 75.875931][ T5228] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 75.881499][ T5228] rtnetlink_rcv_msg+0x73f/0xcf0
[ 75.886448][ T5228] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 75.891589][ T5228] ? __lock_acquire+0x1384/0x2050
[ 75.896721][ T5228] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 75.902288][ T5228] netlink_rcv_skb+0x1e3/0x430
[ 75.907068][ T5228] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 75.912721][ T5228] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 75.918057][ T5228] ? netlink_deliver_tap+0x2e/0x1b0
[ 75.923273][ T5228] netlink_unicast+0x7f6/0x990
[ 75.928057][ T5228] ? __pfx_netlink_unicast+0x10/0x10
[ 75.933348][ T5228] ? __virt_addr_valid+0x183/0x530
[ 75.938475][ T5228] ? __check_object_size+0x48e/0x900
[ 75.943778][ T5228] netlink_sendmsg+0x8e4/0xcb0
[ 75.948566][ T5228] ? __pfx_netlink_sendmsg+0x10/0x10
[ 75.953901][ T5228] ? aa_sock_msg_perm+0x91/0x160
[ 75.958900][ T5228] ? __pfx_netlink_sendmsg+0x10/0x10
[ 75.964341][ T5228] __sock_sendmsg+0x221/0x270
[ 75.969073][ T5228] ____sys_sendmsg+0x52a/0x7e0
[ 75.973917][ T5228] ? __pfx_____sys_sendmsg+0x10/0x10
[ 75.979338][ T5228] ? do_raw_spin_lock+0x14f/0x370
[ 75.984445][ T5228] __sys_sendmsg+0x2aa/0x390
[ 75.989071][ T5228] ? __pfx___sys_sendmsg+0x10/0x10
[ 75.994244][ T5228] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 76.000695][ T5228] ? _raw_spin_unlock_irq+0x2e/0x50
[ 76.005941][ T5228] ? ptrace_notify+0x279/0x380
[ 76.010751][ T5228] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 76.017116][ T5228] ? do_syscall_64+0x100/0x230
[ 76.022002][ T5228] do_syscall_64+0xf3/0x230
[ 76.026530][ T5228] ? clear_bhb_loop+0x35/0x90
[ 76.031245][ T5228] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.037174][ T5228] RIP: 0033:0x7f4ad72638e9
[ 76.041607][ T5228] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 76.061234][ T5228] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 76.069823][ T5228] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 76.077932][ T5228] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 76.086067][ T5228] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 76.094269][ T5228] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[pid 5228] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5228] exit_group(0) = ?
[pid 5228] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5228, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5229 attached
, child_tidptr=0x55558a310650) = 5229
[pid 5229] set_robust_list(0x55558a310660, 24) = 0
[pid 5229] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[ 76.102289][ T5228] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 76.110847][ T5228]
[pid 5229] setpgid(0, 0) = 0
[pid 5229] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5229] write(3, "1000", 4) = 4
[pid 5229] close(3) = 0
executing program
[pid 5229] write(1, "executing program\n", 18) = 18
[pid 5229] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5229] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5229] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5229] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5229] write(6, "7", 1) = 1
[ 76.179685][ T5229] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 76.188075][ T5229] FAULT_INJECTION: forcing a failure.
[ 76.188075][ T5229] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 76.188594][ T5229]
[ 76.188600][ T5229] ======================================================
[ 76.188606][ T5229] WARNING: possible circular locking dependency detected
[ 76.188612][ T5229] 6.11.0-syzkaller-08833-gde5cb0dcb74c #0 Not tainted
[ 76.188621][ T5229] ------------------------------------------------------
[ 76.188626][ T5229] syz-executor157/5229 is trying to acquire lock:
[ 76.188634][ T5229] ffffffff8e813460 (console_owner){-...}-{0:0}, at: console_flush_all+0x1a3/0xeb0
[ 76.188676][ T5229]
[ 76.188676][ T5229] but task is already holding lock:
[ 76.188681][ T5229] ffff8880b863ea98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 76.188738][ T5229]
[ 76.188738][ T5229] which lock already depends on the new lock.
[ 76.188738][ T5229]
[ 76.188743][ T5229]
[ 76.188743][ T5229] the existing dependency chain (in reverse order) is:
[ 76.188748][ T5229]
[ 76.188748][ T5229] -> #5 (&rq->__lock){-.-.}-{2:2}:
[ 76.188767][ T5229] lock_acquire+0x1ed/0x550
[ 76.188788][ T5229] _raw_spin_lock_nested+0x31/0x40
[ 76.188806][ T5229] raw_spin_rq_lock_nested+0x2a/0x140
[ 76.188823][ T5229] task_rq_lock+0xc6/0x360
[ 76.188839][ T5229] cgroup_move_task+0x92/0x2d0
[ 76.188856][ T5229] css_set_move_task+0x72e/0x950
[ 76.188871][ T5229] cgroup_post_fork+0x256/0x880
[ 76.188886][ T5229] copy_process+0x39e9/0x3d50
[ 76.188904][ T5229] kernel_clone+0x226/0x8f0
[ 76.188924][ T5229] user_mode_thread+0x132/0x1a0
[ 76.188949][ T5229] rest_init+0x23/0x300
[ 76.188969][ T5229] start_kernel+0x47f/0x500
[ 76.188990][ T5229] x86_64_start_reservations+0x2a/0x30
[ 76.189007][ T5229] x86_64_start_kernel+0x9f/0xa0
[ 76.189023][ T5229] common_startup_64+0x13e/0x147
[ 76.189039][ T5229]
[ 76.189039][ T5229] -> #4 (&p->pi_lock){-.-.}-{2:2}:
[ 76.189058][ T5229] lock_acquire+0x1ed/0x550
[ 76.189077][ T5229] _raw_spin_lock_irqsave+0xd5/0x120
[ 76.189093][ T5229] try_to_wake_up+0xb0/0x1480
[ 76.189118][ T5229] create_worker+0x507/0x720
[ 76.189133][ T5229] workqueue_init+0x520/0x8a0
[ 76.189147][ T5229] kernel_init_freeable+0x3fe/0x5d0
[ 76.189160][ T5229] kernel_init+0x1d/0x2b0
[ 76.189180][ T5229] ret_from_fork+0x4b/0x80
[ 76.189202][ T5229] ret_from_fork_asm+0x1a/0x30
[ 76.189223][ T5229]
[ 76.189223][ T5229] -> #3 (&pool->lock){-.-.}-{2:2}:
[ 76.189241][ T5229] lock_acquire+0x1ed/0x550
[ 76.189261][ T5229] _raw_spin_lock+0x2e/0x40
[ 76.189275][ T5229] __queue_work+0x759/0xf50
[ 76.189294][ T5229] queue_work_on+0x1c2/0x380
[ 76.189312][ T5229] rpm_suspend+0xe70/0x1730
[ 76.189327][ T5229] __pm_runtime_idle+0x131/0x1a0
[ 76.189341][ T5229] __device_attach+0x3e5/0x520
[ 76.189358][ T5229] bus_probe_device+0x189/0x260
[ 76.189371][ T5229] device_add+0x856/0xbf0
[ 76.189385][ T5229] serial_base_port_add+0x2b6/0x3f0
[ 76.189401][ T5229] serial_core_register_port+0x377/0x2870
[ 76.189420][ T5229] serial8250_register_8250_port+0x1545/0x1ec0
[ 76.189438][ T5229] serial_pnp_probe+0x4f9/0x9d0
[ 76.189456][ T5229] pnp_device_probe+0x2ba/0x460
[ 76.189470][ T5229] really_probe+0x2b8/0xad0
[ 76.189487][ T5229] __driver_probe_device+0x1a2/0x390
[ 76.189505][ T5229] driver_probe_device+0x50/0x430
[ 76.189523][ T5229] __driver_attach+0x45f/0x710
[ 76.189539][ T5229] bus_for_each_dev+0x239/0x2b0
[ 76.189552][ T5229] bus_add_driver+0x346/0x670
[ 76.189564][ T5229] driver_register+0x23a/0x320
[ 76.189583][ T5229] serial8250_init+0xc1/0x1c0
[ 76.189599][ T5229] do_one_initcall+0x248/0x880
[ 76.189617][ T5229] do_initcall_level+0x157/0x210
[ 76.189630][ T5229] do_initcalls+0x3f/0x80
[ 76.189642][ T5229] kernel_init_freeable+0x435/0x5d0
[ 76.189655][ T5229] kernel_init+0x1d/0x2b0
[ 76.189675][ T5229] ret_from_fork+0x4b/0x80
[ 76.189694][ T5229] ret_from_fork_asm+0x1a/0x30
[ 76.189714][ T5229]
[ 76.189714][ T5229] -> #2 (&dev->power.lock){-.-.}-{2:2}:
[ 76.189733][ T5229] lock_acquire+0x1ed/0x550
[ 76.189752][ T5229] _raw_spin_lock_irqsave+0xd5/0x120
[ 76.189767][ T5229] __pm_runtime_resume+0x112/0x180
[ 76.189782][ T5229] __uart_start+0x17c/0x450
[ 76.189800][ T5229] uart_write+0x280/0xa40
[ 76.189819][ T5229] n_tty_write+0xd62/0x1230
[ 76.189834][ T5229] file_tty_write+0x546/0x9b0
[ 76.189852][ T5229] vfs_write+0xa6d/0xc90
[ 76.189872][ T5229] ksys_write+0x1a0/0x2c0
[ 76.189892][ T5229] do_syscall_64+0xf3/0x230
[ 76.189910][ T5229] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.189928][ T5229]
[ 76.189928][ T5229] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 76.189951][ T5229] lock_acquire+0x1ed/0x550
[ 76.189970][ T5229] _raw_spin_lock_irqsave+0xd5/0x120
[ 76.189985][ T5229] serial8250_console_write+0x1a7/0x1ed0
[ 76.190007][ T5229] console_flush_all+0x86b/0xeb0
[ 76.190024][ T5229] console_unlock+0x14f/0x3b0
[ 76.190039][ T5229] vprintk_emit+0x730/0xa10
[ 76.190053][ T5229] _printk+0xd5/0x120
[ 76.190068][ T5229] register_console+0xbf5/0xfd0
[ 76.190085][ T5229] univ8250_console_init+0x52/0x90
[ 76.190101][ T5229] console_init+0x1b8/0x6f0
[ 76.190121][ T5229] start_kernel+0x2d8/0x500
[ 76.190142][ T5229] x86_64_start_reservations+0x2a/0x30
[ 76.190158][ T5229] x86_64_start_kernel+0x9f/0xa0
[ 76.190174][ T5229] common_startup_64+0x13e/0x147
[ 76.190190][ T5229]
[ 76.190190][ T5229] -> #0 (console_owner){-...}-{0:0}:
[ 76.190209][ T5229] validate_chain+0x18ef/0x5920
[ 76.190223][ T5229] __lock_acquire+0x1384/0x2050
[ 76.190243][ T5229] lock_acquire+0x1ed/0x550
[ 76.190262][ T5229] console_flush_all+0x7f8/0xeb0
[ 76.190279][ T5229] console_unlock+0x14f/0x3b0
[ 76.190293][ T5229] vprintk_emit+0x730/0xa10
[ 76.190308][ T5229] _printk+0xd5/0x120
[ 76.190323][ T5229] should_fail_ex+0x391/0x4e0
[ 76.190343][ T5229] strncpy_from_user+0x36/0x250
[ 76.190362][ T5229] strncpy_from_user_nofault+0x71/0x140
[ 76.190378][ T5229] bpf_probe_read_compat_str+0xe9/0x180
[ 76.190398][ T5229] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 76.190409][ T5229] bpf_trace_run4+0x334/0x590
[ 76.190424][ T5229] __schedule+0x234a/0x4b30
[ 76.190439][ T5229] preempt_schedule_common+0x84/0xd0
[ 76.190455][ T5229] preempt_schedule+0xe1/0xf0
[ 76.190470][ T5229] preempt_schedule_thunk+0x1a/0x30
[ 76.190484][ T5229] vprintk_emit+0x84c/0xa10
[ 76.190499][ T5229] _printk+0xd5/0x120
[ 76.190514][ T5229] __nla_validate_parse+0x1af9/0x3090
[ 76.190529][ T5229] __nla_validate+0x3e/0x60
[ 76.190542][ T5229] rtm_to_fib_config+0xac/0x13d0
[ 76.190559][ T5229] inet_rtm_newroute+0xf5/0x290
[ 76.190574][ T5229] rtnetlink_rcv_msg+0x73f/0xcf0
[ 76.190589][ T5229] netlink_rcv_skb+0x1e3/0x430
[ 76.190606][ T5229] netlink_unicast+0x7f6/0x990
[ 76.190620][ T5229] netlink_sendmsg+0x8e4/0xcb0
[ 76.190637][ T5229] __sock_sendmsg+0x221/0x270
[ 76.190651][ T5229] ____sys_sendmsg+0x52a/0x7e0
[ 76.190671][ T5229] __sys_sendmsg+0x2aa/0x390
[ 76.190690][ T5229] do_syscall_64+0xf3/0x230
[ 76.190707][ T5229] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.190724][ T5229]
[ 76.190724][ T5229] other info that might help us debug this:
[ 76.190724][ T5229]
[ 76.190729][ T5229] Chain exists of:
[ 76.190729][ T5229] console_owner --> &p->pi_lock --> &rq->__lock
[ 76.190729][ T5229]
[ 76.190750][ T5229] Possible unsafe locking scenario:
[ 76.190750][ T5229]
[ 76.190754][ T5229] CPU0 CPU1
[ 76.190759][ T5229] ---- ----
[ 76.190763][ T5229] lock(&rq->__lock);
[ 76.190772][ T5229] lock(&p->pi_lock);
[ 76.190782][ T5229] lock(&rq->__lock);
[ 76.190792][ T5229] lock(console_owner);
[ 76.190801][ T5229]
[ 76.190801][ T5229] *** DEADLOCK ***
[ 76.190801][ T5229]
[ 76.190805][ T5229] 5 locks held by syz-executor157/5229:
[ 76.190814][ T5229] #0: ffffffff8fccbcc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[ 76.190849][ T5229] #1: ffff8880b863ea98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 76.190886][ T5229] #2: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x590
[ 76.190921][ T5229] #3: ffffffff8e8134c0 (console_lock){+.+.}-{0:0}, at: _printk+0xd5/0x120
[ 76.190960][ T5229] #4: ffffffff8e8130d0 (console_srcu){....}-{0:0}, at: console_flush_all+0x1a3/0xeb0
[ 76.190997][ T5229]
[ 76.190997][ T5229] stack backtrace:
[ 76.191003][ T5229] CPU: 0 UID: 0 PID: 5229 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 76.191020][ T5229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 76.191029][ T5229] Call Trace:
[ 76.191034][ T5229]
[ 76.191040][ T5229] dump_stack_lvl+0x241/0x360
[ 76.191061][ T5229] ? __pfx_dump_stack_lvl+0x10/0x10
[ 76.191080][ T5229] ? __pfx__printk+0x10/0x10
[ 76.191102][ T5229] print_circular_bug+0x13a/0x1b0
[ 76.191120][ T5229] check_noncircular+0x36a/0x4a0
[ 76.191137][ T5229] ? __pfx_check_noncircular+0x10/0x10
[ 76.191154][ T5229] ? lockdep_lock+0x123/0x2b0
[ 76.191174][ T5229] ? add_lock_to_list+0x1e8/0x2f0
[ 76.191194][ T5229] validate_chain+0x18ef/0x5920
[ 76.191218][ T5229] ? __pfx_validate_chain+0x10/0x10
[ 76.191235][ T5229] ? sprintf+0xda/0x120
[ 76.191258][ T5229] ? vsnprintf+0x1cc3/0x1da0
[ 76.191284][ T5229] ? info_print_prefix+0x204/0x310
[ 76.191307][ T5229] ? mark_lock+0x9a/0x360
[ 76.191321][ T5229] __lock_acquire+0x1384/0x2050
[ 76.191348][ T5229] lock_acquire+0x1ed/0x550
[ 76.191368][ T5229] ? console_flush_all+0x1a3/0xeb0
[ 76.191389][ T5229] ? __pfx_lock_acquire+0x10/0x10
[ 76.191410][ T5229] ? __pfx_lock_release+0x10/0x10
[ 76.191430][ T5229] ? do_raw_spin_lock+0x14f/0x370
[ 76.191451][ T5229] ? do_raw_spin_unlock+0x13c/0x8b0
[ 76.191470][ T5229] ? console_flush_all+0x511/0xeb0
[ 76.191488][ T5229] ? console_flush_all+0x1a3/0xeb0
[ 76.191507][ T5229] console_flush_all+0x7f8/0xeb0
[ 76.191524][ T5229] ? console_flush_all+0x1a3/0xeb0
[ 76.191544][ T5229] ? console_flush_all+0x1a3/0xeb0
[ 76.191564][ T5229] ? __pfx_console_flush_all+0x10/0x10
[ 76.191583][ T5229] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 76.191600][ T5229] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 76.191620][ T5229] ? this_cpu_in_panic+0x4f/0x80
[ 76.191634][ T5229] ? is_printk_legacy_deferred+0x43/0x50
[ 76.191655][ T5229] ? printk_get_console_flush_type+0x1fe/0x4f0
[ 76.191674][ T5229] console_unlock+0x14f/0x3b0
[ 76.191691][ T5229] ? __pfx_console_unlock+0x10/0x10
[ 76.191709][ T5229] ? this_cpu_in_panic+0x4f/0x80
[ 76.191723][ T5229] ? is_printk_legacy_deferred+0x43/0x50
[ 76.191744][ T5229] ? printk_get_console_flush_type+0x1fe/0x4f0
[ 76.191763][ T5229] vprintk_emit+0x730/0xa10
[ 76.191780][ T5229] ? __pfx_vprintk_emit+0x10/0x10
[ 76.191803][ T5229] _printk+0xd5/0x120
[ 76.191821][ T5229] ? __pfx__printk+0x10/0x10
[ 76.191842][ T5229] should_fail_ex+0x391/0x4e0
[ 76.191865][ T5229] strncpy_from_user+0x36/0x250
[ 76.191887][ T5229] strncpy_from_user_nofault+0x71/0x140
[ 76.191904][ T5229] bpf_probe_read_compat_str+0xe9/0x180
[ 76.191926][ T5229] ? bpf_trace_run4+0x244/0x590
[ 76.191946][ T5229] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 76.191957][ T5229] bpf_trace_run4+0x334/0x590
[ 76.191975][ T5229] ? __pfx_bpf_trace_run4+0x10/0x10
[ 76.191991][ T5229] ? task_psi_group+0x50/0x1a0
[ 76.192008][ T5229] ? psi_task_switch+0x36d/0x770
[ 76.192028][ T5229] __schedule+0x234a/0x4b30
[ 76.192050][ T5229] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 76.192072][ T5229] ? __pfx___schedule+0x10/0x10
[ 76.192090][ T5229] ? __console_unlock+0x12d/0x1f0
[ 76.192109][ T5229] ? __pfx___console_unlock+0x10/0x10
[ 76.192128][ T5229] ? __pfx_prb_read_valid+0x10/0x10
[ 76.192143][ T5229] ? preempt_schedule+0xe1/0xf0
[ 76.192160][ T5229] preempt_schedule_common+0x84/0xd0
[ 76.192177][ T5229] preempt_schedule+0xe1/0xf0
[ 76.192195][ T5229] ? __pfx_preempt_schedule+0x10/0x10
[ 76.192212][ T5229] ? console_unlock+0x2fc/0x3b0
[ 76.192229][ T5229] ? __pfx_console_unlock+0x10/0x10
[ 76.192247][ T5229] preempt_schedule_thunk+0x1a/0x30
[ 76.192262][ T5229] ? vprintk_emit+0x7ae/0xa10
[ 76.192277][ T5229] ? vprintk_emit+0x847/0xa10
[ 76.192293][ T5229] vprintk_emit+0x84c/0xa10
[ 76.192310][ T5229] ? __pfx_vprintk_emit+0x10/0x10
[ 76.192326][ T5229] ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 76.192343][ T5229] ? lockdep_hardirqs_on+0x99/0x150
[ 76.192361][ T5229] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 76.192378][ T5229] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 76.192399][ T5229] _printk+0xd5/0x120
[ 76.192416][ T5229] ? __nla_validate_parse+0x4f4/0x3090
[ 76.192433][ T5229] ? __pfx__printk+0x10/0x10
[ 76.192454][ T5229] __nla_validate_parse+0x1af9/0x3090
[ 76.192470][ T5229] ? __lock_acquire+0x1384/0x2050
[ 76.192497][ T5229] ? __pfx___nla_validate_parse+0x10/0x10
[ 76.192513][ T5229] ? __lock_acquire+0x1384/0x2050
[ 76.192544][ T5229] __nla_validate+0x3e/0x60
[ 76.192561][ T5229] rtm_to_fib_config+0xac/0x13d0
[ 76.192581][ T5229] ? rcu_is_watching+0x15/0xb0
[ 76.192599][ T5229] inet_rtm_newroute+0xf5/0x290
[ 76.192617][ T5229] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 76.192639][ T5229] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 76.192656][ T5229] rtnetlink_rcv_msg+0x73f/0xcf0
[ 76.192671][ T5229] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 76.192687][ T5229] ? __lock_acquire+0x1384/0x2050
[ 76.192709][ T5229] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 76.192730][ T5229] netlink_rcv_skb+0x1e3/0x430
[ 76.192748][ T5229] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 76.192764][ T5229] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 76.192790][ T5229] ? netlink_deliver_tap+0x2e/0x1b0
[ 76.192809][ T5229] netlink_unicast+0x7f6/0x990
[ 76.192828][ T5229] ? __pfx_netlink_unicast+0x10/0x10
[ 76.192843][ T5229] ? __virt_addr_valid+0x183/0x530
[ 76.192859][ T5229] ? __check_object_size+0x48e/0x900
[ 76.192878][ T5229] netlink_sendmsg+0x8e4/0xcb0
[ 76.192901][ T5229] ? __pfx_netlink_sendmsg+0x10/0x10
[ 76.192921][ T5229] ? aa_sock_msg_perm+0x91/0x160
[ 76.192945][ T5229] ? __pfx_netlink_sendmsg+0x10/0x10
[ 76.192963][ T5229] __sock_sendmsg+0x221/0x270
[ 76.192979][ T5229] ____sys_sendmsg+0x52a/0x7e0
[ 76.193003][ T5229] ? __pfx_____sys_sendmsg+0x10/0x10
[ 76.193025][ T5229] ? do_raw_spin_lock+0x14f/0x370
[ 76.193046][ T5229] __sys_sendmsg+0x2aa/0x390
[ 76.193068][ T5229] ? __pfx___sys_sendmsg+0x10/0x10
[ 76.193093][ T5229] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 76.193118][ T5229] ? _raw_spin_unlock_irq+0x2e/0x50
[ 76.193134][ T5229] ? ptrace_notify+0x279/0x380
[ 76.193156][ T5229] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 76.193178][ T5229] ? do_syscall_64+0x100/0x230
[ 76.193201][ T5229] do_syscall_64+0xf3/0x230
[ 76.193220][ T5229] ? clear_bhb_loop+0x35/0x90
[ 76.193317][ T5229] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 76.193342][ T5229] RIP: 0033:0x7f4ad72638e9
[ 76.193357][ T5229] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 76.193369][ T5229] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 76.193385][ T5229] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 76.193396][ T5229] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 76.193406][ T5229] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 76.193415][ T5229] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 76.193424][ T5229] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 76.193438][ T5229]
[ 77.735577][ T5229] CPU: 0 UID: 0 PID: 5229 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 77.746526][ T5229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 77.756603][ T5229] Call Trace:
[ 77.759888][ T5229]
[ 77.762833][ T5229] dump_stack_lvl+0x241/0x360
[ 77.767544][ T5229] ? __pfx_dump_stack_lvl+0x10/0x10
[ 77.772750][ T5229] ? __pfx__printk+0x10/0x10
[ 77.777431][ T5229] should_fail_ex+0x3b0/0x4e0
[ 77.782150][ T5229] strncpy_from_user+0x36/0x250
[ 77.787017][ T5229] strncpy_from_user_nofault+0x71/0x140
[ 77.792565][ T5229] bpf_probe_read_compat_str+0xe9/0x180
[ 77.798163][ T5229] ? bpf_trace_run4+0x244/0x590
[ 77.803036][ T5229] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 77.808499][ T5229] bpf_trace_run4+0x334/0x590
[ 77.813206][ T5229] ? __pfx_bpf_trace_run4+0x10/0x10
[ 77.818412][ T5229] ? task_psi_group+0x50/0x1a0
[ 77.823198][ T5229] ? psi_task_switch+0x36d/0x770
[ 77.828138][ T5229] __schedule+0x234a/0x4b30
[ 77.832652][ T5229] ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 77.838693][ T5229] ? __pfx___schedule+0x10/0x10
[ 77.843591][ T5229] ? __console_unlock+0x12d/0x1f0
[ 77.848639][ T5229] ? __pfx___console_unlock+0x10/0x10
[ 77.854038][ T5229] ? __pfx_prb_read_valid+0x10/0x10
[ 77.859273][ T5229] ? preempt_schedule+0xe1/0xf0
[ 77.864136][ T5229] preempt_schedule_common+0x84/0xd0
[ 77.869427][ T5229] preempt_schedule+0xe1/0xf0
[ 77.874102][ T5229] ? __pfx_preempt_schedule+0x10/0x10
[ 77.879501][ T5229] ? console_unlock+0x2fc/0x3b0
[ 77.884398][ T5229] ? __pfx_console_unlock+0x10/0x10
[ 77.889600][ T5229] preempt_schedule_thunk+0x1a/0x30
[ 77.894852][ T5229] ? vprintk_emit+0x7ae/0xa10
[ 77.899680][ T5229] ? vprintk_emit+0x847/0xa10
[ 77.904388][ T5229] vprintk_emit+0x84c/0xa10
[ 77.908927][ T5229] ? __pfx_vprintk_emit+0x10/0x10
[ 77.913953][ T5229] ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 77.919847][ T5229] ? lockdep_hardirqs_on+0x99/0x150
[ 77.925071][ T5229] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 77.931090][ T5229] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 77.937510][ T5229] _printk+0xd5/0x120
[ 77.941520][ T5229] ? __nla_validate_parse+0x4f4/0x3090
[ 77.946992][ T5229] ? __pfx__printk+0x10/0x10
[ 77.951587][ T5229] __nla_validate_parse+0x1af9/0x3090
[ 77.957071][ T5229] ? __lock_acquire+0x1384/0x2050
[ 77.962137][ T5229] ? __pfx___nla_validate_parse+0x10/0x10
[ 77.967888][ T5229] ? __lock_acquire+0x1384/0x2050
[ 77.972965][ T5229] __nla_validate+0x3e/0x60
[ 77.977485][ T5229] rtm_to_fib_config+0xac/0x13d0
[ 77.982518][ T5229] ? rcu_is_watching+0x15/0xb0
[ 77.987290][ T5229] inet_rtm_newroute+0xf5/0x290
[ 77.992194][ T5229] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 77.997673][ T5229] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 78.003138][ T5229] rtnetlink_rcv_msg+0x73f/0xcf0
[ 78.008076][ T5229] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 78.013189][ T5229] ? __lock_acquire+0x1384/0x2050
[ 78.018219][ T5229] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 78.023706][ T5229] netlink_rcv_skb+0x1e3/0x430
[ 78.028489][ T5229] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 78.033946][ T5229] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 78.039500][ T5229] ? netlink_deliver_tap+0x2e/0x1b0
[ 78.044721][ T5229] netlink_unicast+0x7f6/0x990
[ 78.049699][ T5229] ? __pfx_netlink_unicast+0x10/0x10
[ 78.055098][ T5229] ? __virt_addr_valid+0x183/0x530
[ 78.060239][ T5229] ? __check_object_size+0x48e/0x900
[ 78.065550][ T5229] netlink_sendmsg+0x8e4/0xcb0
[ 78.070325][ T5229] ? __pfx_netlink_sendmsg+0x10/0x10
[ 78.075612][ T5229] ? aa_sock_msg_perm+0x91/0x160
[ 78.080553][ T5229] ? __pfx_netlink_sendmsg+0x10/0x10
[ 78.085836][ T5229] __sock_sendmsg+0x221/0x270
[ 78.090538][ T5229] ____sys_sendmsg+0x52a/0x7e0
[ 78.095309][ T5229] ? __pfx_____sys_sendmsg+0x10/0x10
[ 78.100598][ T5229] ? do_raw_spin_lock+0x14f/0x370
[ 78.105655][ T5229] __sys_sendmsg+0x2aa/0x390
[ 78.110278][ T5229] ? __pfx___sys_sendmsg+0x10/0x10
[ 78.115435][ T5229] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 78.121815][ T5229] ? _raw_spin_unlock_irq+0x2e/0x50
[ 78.127051][ T5229] ? ptrace_notify+0x279/0x380
[ 78.131872][ T5229] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 78.138246][ T5229] ? do_syscall_64+0x100/0x230
[ 78.143058][ T5229] do_syscall_64+0xf3/0x230
[ 78.147587][ T5229] ? clear_bhb_loop+0x35/0x90
[ 78.152322][ T5229] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 78.158238][ T5229] RIP: 0033:0x7f4ad72638e9
[ 78.162746][ T5229] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 78.182369][ T5229] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 78.190791][ T5229] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 78.198786][ T5229] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 78.206860][ T5229] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 78.214834][ T5229] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 78.222896][ T5229] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 78.230881][ T5229]
[pid 5229] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5229] exit_group(0) = ?
[pid 5229] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5229, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558a310650) = 5230
./strace-static-x86_64: Process 5230 attached
[pid 5230] set_robust_list(0x55558a310660, 24) = 0
[pid 5230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5230] setpgid(0, 0) = 0
[pid 5230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5230] write(3, "1000", 4) = 4
[pid 5230] close(3) = 0
executing program
[pid 5230] write(1, "executing program\n", 18) = 18
[ 78.234212][ T5229] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
[pid 5230] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5230] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5230] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5230] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5230] write(6, "7", 1) = 1
[ 78.284189][ T5230] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 78.292775][ T5230] FAULT_INJECTION: forcing a failure.
[ 78.292775][ T5230] name failslab, interval 1, probability 0, space 0, times 0
[ 78.306353][ T5230] CPU: 0 UID: 0 PID: 5230 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 78.317244][ T5230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 78.327320][ T5230] Call Trace:
[ 78.330637][ T5230]
[ 78.333667][ T5230] dump_stack_lvl+0x241/0x360
[ 78.338369][ T5230] ? __pfx_dump_stack_lvl+0x10/0x10
[ 78.343613][ T5230] ? __pfx__printk+0x10/0x10
[ 78.348435][ T5230] ? __pfx___might_resched+0x10/0x10
[ 78.353747][ T5230] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 78.359910][ T5230] should_fail_ex+0x3b0/0x4e0
[ 78.364615][ T5230] ? fib_create_info+0xa49/0x24e0
[ 78.369666][ T5230] should_failslab+0xac/0x100
[ 78.374362][ T5230] ? fib_create_info+0xa49/0x24e0
[ 78.379397][ T5230] __kmalloc_noprof+0xd8/0x400
[ 78.384264][ T5230] fib_create_info+0xa49/0x24e0
[ 78.389156][ T5230] ? __pfx_lock_acquire+0x10/0x10
[ 78.394233][ T5230] ? __pfx_lock_acquire+0x10/0x10
[ 78.399292][ T5230] ? lock_release+0xbf/0xa30
[ 78.403905][ T5230] ? __pfx_lock_release+0x10/0x10
[ 78.409033][ T5230] fib_table_insert+0x1f6/0x1f30
[ 78.413990][ T5230] ? lock_acquire+0xe3/0x550
[ 78.418596][ T5230] ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 78.424328][ T5230] ? lwtunnel_valid_encap_type+0x265/0x5f0
[ 78.430139][ T5230] ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 78.435868][ T5230] ? __pfx_fib_table_insert+0x10/0x10
[ 78.441256][ T5230] ? fib_new_table+0x120/0x2d0
[ 78.446034][ T5230] inet_rtm_newroute+0x149/0x290
[ 78.451010][ T5230] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 78.456475][ T5230] ? stack_trace_save+0x118/0x1d0
[ 78.461625][ T5230] ? bpf_lsm_capable+0x9/0x10
[ 78.466354][ T5230] ? security_capable+0x7e/0x2d0
[ 78.471319][ T5230] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 78.476796][ T5230] rtnetlink_rcv_msg+0x73f/0xcf0
[ 78.481749][ T5230] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 78.486869][ T5230] ? lock_release+0xbf/0xa30
[ 78.491477][ T5230] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 78.496949][ T5230] ? __pfx_lock_acquire+0x10/0x10
[ 78.501984][ T5230] ? rcu_is_watching+0x15/0xb0
[ 78.506783][ T5230] ? lock_acquire+0xe3/0x550
[ 78.511409][ T5230] netlink_rcv_skb+0x1e3/0x430
[ 78.516232][ T5230] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 78.521722][ T5230] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 78.527124][ T5230] ? net_generic+0x1f/0x240
[ 78.531643][ T5230] ? netlink_deliver_tap+0x2e/0x1b0
[ 78.536853][ T5230] netlink_unicast+0x7f6/0x990
[ 78.541630][ T5230] ? __pfx_netlink_unicast+0x10/0x10
[ 78.546943][ T5230] ? __virt_addr_valid+0x183/0x530
[ 78.552085][ T5230] ? __check_object_size+0x48e/0x900
[ 78.557384][ T5230] netlink_sendmsg+0x8e4/0xcb0
[ 78.562167][ T5230] ? __pfx_netlink_sendmsg+0x10/0x10
[ 78.567486][ T5230] ? aa_sock_msg_perm+0x91/0x160
[ 78.572451][ T5230] ? __pfx_netlink_sendmsg+0x10/0x10
[ 78.577840][ T5230] __sock_sendmsg+0x221/0x270
[ 78.582528][ T5230] ____sys_sendmsg+0x52a/0x7e0
[ 78.587313][ T5230] ? __pfx_____sys_sendmsg+0x10/0x10
[ 78.592613][ T5230] ? do_raw_spin_lock+0x14f/0x370
[ 78.597648][ T5230] __sys_sendmsg+0x2aa/0x390
[ 78.602269][ T5230] ? __pfx___sys_sendmsg+0x10/0x10
[ 78.607396][ T5230] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 78.613850][ T5230] ? _raw_spin_unlock_irq+0x2e/0x50
[ 78.619055][ T5230] ? ptrace_notify+0x279/0x380
[ 78.623831][ T5230] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 78.630170][ T5230] ? rcu_is_watching+0x15/0xb0
[ 78.634942][ T5230] do_syscall_64+0xf3/0x230
[ 78.639460][ T5230] ? clear_bhb_loop+0x35/0x90
[ 78.644151][ T5230] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 78.650052][ T5230] RIP: 0033:0x7f4ad72638e9
[ 78.654470][ T5230] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 78.674102][ T5230] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5230] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5230] exit_group(0) = ?
[pid 5230] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5230, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5231 attached
, child_tidptr=0x55558a310650) = 5231
[ 78.682534][ T5230] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 78.690512][ T5230] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 78.698488][ T5230] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 78.706467][ T5230] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 78.714439][ T5230] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 78.722424][ T5230]
[pid 5231] set_robust_list(0x55558a310660, 24) = 0
[pid 5231] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5231] setpgid(0, 0) = 0
[pid 5231] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5231] write(3, "1000", 4) = 4
[pid 5231] close(3) = 0
[pid 5231] write(1, "executing program\n", 18executing program
) = 18
[pid 5231] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5231] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5231] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5231] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5231] write(6, "7", 1) = 1
[ 78.829340][ T5231] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 78.837786][ T5231] FAULT_INJECTION: forcing a failure.
[ 78.837786][ T5231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 78.850949][ T5231] CPU: 0 UID: 0 PID: 5231 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 78.861715][ T5231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 78.871780][ T5231] Call Trace:
[ 78.875078][ T5231]
[ 78.878055][ T5231] dump_stack_lvl+0x241/0x360
[ 78.882840][ T5231] ? __pfx_dump_stack_lvl+0x10/0x10
[ 78.888063][ T5231] ? __pfx__printk+0x10/0x10
[ 78.892662][ T5231] ? do_raw_spin_lock+0x14f/0x370
[ 78.898475][ T5231] ? bpf_trace_run4+0x244/0x590
[ 78.903352][ T5231] ? rcu_is_watching+0x15/0xb0
[ 78.908123][ T5231] ? bpf_trace_run4+0x244/0x590
[ 78.912977][ T5231] ? lock_acquire+0xe3/0x550
[ 78.917601][ T5231] should_fail_ex+0x3b0/0x4e0
[ 78.922290][ T5231] strncpy_from_user+0x36/0x250
[ 78.927154][ T5231] strncpy_from_user_nofault+0x71/0x140
[ 78.932723][ T5231] bpf_probe_read_compat_str+0xe9/0x180
[ 78.938368][ T5231] ? bpf_trace_run4+0x244/0x590
[ 78.943308][ T5231] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 78.948771][ T5231] bpf_trace_run4+0x334/0x590
[ 78.953451][ T5231] ? set_next_entity+0x10e/0x4c0
[ 78.958397][ T5231] ? __pfx_bpf_trace_run4+0x10/0x10
[ 78.963610][ T5231] ? task_psi_group+0x47/0x1a0
[ 78.968381][ T5231] ? psi_task_switch+0x36d/0x770
[ 78.973347][ T5231] __schedule+0x234a/0x4b30
[ 78.977926][ T5231] ? do_raw_spin_unlock+0x13c/0x8b0
[ 78.983156][ T5231] ? __pfx___schedule+0x10/0x10
[ 78.988034][ T5231] ? rcu_is_watching+0x15/0xb0
[ 78.992804][ T5231] ? __pfx___console_unlock+0x10/0x10
[ 78.998182][ T5231] ? __pfx_prb_read_valid+0x10/0x10
[ 79.003382][ T5231] ? preempt_schedule+0xe1/0xf0
[ 79.008632][ T5231] preempt_schedule_common+0x84/0xd0
[ 79.013943][ T5231] preempt_schedule+0xe1/0xf0
[ 79.018626][ T5231] ? __pfx_preempt_schedule+0x10/0x10
[ 79.024011][ T5231] ? console_unlock+0x2fc/0x3b0
[ 79.028867][ T5231] ? __pfx_console_unlock+0x10/0x10
[ 79.034087][ T5231] preempt_schedule_thunk+0x1a/0x30
[ 79.039320][ T5231] ? vprintk_emit+0x7ae/0xa10
[ 79.044017][ T5231] ? vprintk_emit+0x847/0xa10
[ 79.048796][ T5231] vprintk_emit+0x84c/0xa10
[ 79.053338][ T5231] ? __pfx_vprintk_emit+0x10/0x10
[ 79.058379][ T5231] ? rcu_is_watching+0x15/0xb0
[ 79.063150][ T5231] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 79.069073][ T5231] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 79.075429][ T5231] ? deref_stack_reg+0x17c/0x210
[ 79.080388][ T5231] _printk+0xd5/0x120
[ 79.084400][ T5231] ? __nla_validate_parse+0x4f4/0x3090
[ 79.089868][ T5231] ? __pfx__printk+0x10/0x10
[ 79.094562][ T5231] ? 0xffffffffa0001d70
[ 79.098718][ T5231] ? rcu_is_watching+0x15/0xb0
[ 79.103485][ T5231] ? lock_acquire+0xe3/0x550
[ 79.108089][ T5231] __nla_validate_parse+0x1af9/0x3090
[ 79.113500][ T5231] ? __pfx___nla_validate_parse+0x10/0x10
[ 79.119238][ T5231] ? rcu_is_watching+0x15/0xb0
[ 79.124010][ T5231] ? lock_release+0xbf/0xa30
[ 79.128638][ T5231] ? __pfx_lock_acquire+0x10/0x10
[ 79.133804][ T5231] ? lock_release+0xbf/0xa30
[ 79.138436][ T5231] ? deref_stack_reg+0x17c/0x210
[ 79.143414][ T5231] ? rcu_is_watching+0x15/0xb0
[ 79.148188][ T5231] ? lock_acquire+0xe3/0x550
[ 79.152833][ T5231] __nla_validate+0x3e/0x60
[ 79.157386][ T5231] rtm_to_fib_config+0xac/0x13d0
[ 79.162525][ T5231] ? __kernel_text_address+0xd/0x40
[ 79.167732][ T5231] ? rcu_is_watching+0x15/0xb0
[ 79.172578][ T5231] inet_rtm_newroute+0xf5/0x290
[ 79.177475][ T5231] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 79.182968][ T5231] ? stack_trace_save+0x118/0x1d0
[ 79.188016][ T5231] ? bpf_lsm_capable+0x9/0x10
[ 79.192719][ T5231] ? security_capable+0x7e/0x2d0
[ 79.197816][ T5231] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 79.203304][ T5231] rtnetlink_rcv_msg+0x73f/0xcf0
[ 79.208254][ T5231] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 79.213381][ T5231] ? lock_release+0xbf/0xa30
[ 79.217984][ T5231] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 79.223474][ T5231] ? __pfx_lock_acquire+0x10/0x10
[ 79.228510][ T5231] ? rcu_is_watching+0x15/0xb0
[ 79.233276][ T5231] ? lock_acquire+0xe3/0x550
[ 79.237910][ T5231] netlink_rcv_skb+0x1e3/0x430
[ 79.242772][ T5231] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 79.248325][ T5231] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 79.253628][ T5231] ? net_generic+0x1f/0x240
[ 79.258218][ T5231] ? netlink_deliver_tap+0x2e/0x1b0
[ 79.263425][ T5231] netlink_unicast+0x7f6/0x990
[ 79.268198][ T5231] ? __pfx_netlink_unicast+0x10/0x10
[ 79.273538][ T5231] ? __virt_addr_valid+0x183/0x530
[ 79.278660][ T5231] ? __check_object_size+0x48e/0x900
[ 79.283947][ T5231] netlink_sendmsg+0x8e4/0xcb0
[ 79.288725][ T5231] ? __pfx_netlink_sendmsg+0x10/0x10
[ 79.294011][ T5231] ? aa_sock_msg_perm+0x91/0x160
[ 79.298946][ T5231] ? __pfx_netlink_sendmsg+0x10/0x10
[ 79.304229][ T5231] __sock_sendmsg+0x221/0x270
[ 79.308904][ T5231] ____sys_sendmsg+0x52a/0x7e0
[ 79.313704][ T5231] ? __pfx_____sys_sendmsg+0x10/0x10
[ 79.319096][ T5231] ? do_raw_spin_lock+0x14f/0x370
[ 79.324297][ T5231] __sys_sendmsg+0x2aa/0x390
[ 79.328889][ T5231] ? __pfx___sys_sendmsg+0x10/0x10
[ 79.334095][ T5231] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 79.340426][ T5231] ? _raw_spin_unlock_irq+0x2e/0x50
[ 79.345625][ T5231] ? ptrace_notify+0x279/0x380
[ 79.350389][ T5231] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 79.357240][ T5231] ? rcu_is_watching+0x15/0xb0
[ 79.362107][ T5231] do_syscall_64+0xf3/0x230
[ 79.366628][ T5231] ? clear_bhb_loop+0x35/0x90
[ 79.371303][ T5231] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 79.377191][ T5231] RIP: 0033:0x7f4ad72638e9
[ 79.381599][ T5231] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 79.401319][ T5231] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 79.409927][ T5231] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 79.417924][ T5231] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[pid 5231] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5231] exit_group(0) = ?
[pid 5231] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5231, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5232 attached
, child_tidptr=0x55558a310650) = 5232
[pid 5232] set_robust_list(0x55558a310660, 24) = 0
[pid 5232] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[ 79.425901][ T5231] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 79.433868][ T5231] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 79.441832][ T5231] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 79.449893][ T5231]
[ 79.453393][ T5231] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
[pid 5232] setpgid(0, 0) = 0
[pid 5232] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5232] write(3, "1000", 4) = 4
[pid 5232] close(3) = 0
[pid 5232] write(1, "executing program\n", 18executing program
) = 18
[pid 5232] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5232] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5232] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5232] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5232] write(6, "7", 1) = 1
[ 79.573049][ T5232] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 79.581596][ T5232] FAULT_INJECTION: forcing a failure.
[ 79.581596][ T5232] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 79.594664][ T5232] CPU: 0 UID: 0 PID: 5232 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 79.605430][ T5232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 79.615536][ T5232] Call Trace:
[ 79.618851][ T5232]
[ 79.621802][ T5232] dump_stack_lvl+0x241/0x360
[ 79.626495][ T5232] ? __pfx_dump_stack_lvl+0x10/0x10
[ 79.631697][ T5232] ? __pfx__printk+0x10/0x10
[ 79.636285][ T5232] ? do_raw_spin_lock+0x14f/0x370
[ 79.641310][ T5232] ? bpf_trace_run4+0x244/0x590
[ 79.646182][ T5232] ? rcu_is_watching+0x15/0xb0
[ 79.650957][ T5232] ? bpf_trace_run4+0x244/0x590
[ 79.655807][ T5232] ? lock_acquire+0xe3/0x550
[ 79.660423][ T5232] should_fail_ex+0x3b0/0x4e0
[ 79.665225][ T5232] strncpy_from_user+0x36/0x250
[ 79.670117][ T5232] strncpy_from_user_nofault+0x71/0x140
[ 79.675699][ T5232] bpf_probe_read_compat_str+0xe9/0x180
[ 79.681313][ T5232] ? bpf_trace_run4+0x244/0x590
[ 79.686178][ T5232] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 79.691655][ T5232] bpf_trace_run4+0x334/0x590
[ 79.696333][ T5232] ? set_next_entity+0x10e/0x4c0
[ 79.701361][ T5232] ? __pfx_bpf_trace_run4+0x10/0x10
[ 79.706588][ T5232] ? task_psi_group+0x47/0x1a0
[ 79.711407][ T5232] ? psi_task_switch+0x36d/0x770
[ 79.716380][ T5232] __schedule+0x234a/0x4b30
[ 79.720889][ T5232] ? do_raw_spin_unlock+0x13c/0x8b0
[ 79.726088][ T5232] ? __pfx___schedule+0x10/0x10
[ 79.731140][ T5232] ? rcu_is_watching+0x15/0xb0
[ 79.735933][ T5232] ? __pfx___console_unlock+0x10/0x10
[ 79.741313][ T5232] ? __pfx_prb_read_valid+0x10/0x10
[ 79.746508][ T5232] ? preempt_schedule+0xe1/0xf0
[ 79.751381][ T5232] preempt_schedule_common+0x84/0xd0
[ 79.756703][ T5232] preempt_schedule+0xe1/0xf0
[ 79.761400][ T5232] ? __pfx_preempt_schedule+0x10/0x10
[ 79.766770][ T5232] ? console_unlock+0x2fc/0x3b0
[ 79.771620][ T5232] ? __pfx_console_unlock+0x10/0x10
[ 79.776815][ T5232] preempt_schedule_thunk+0x1a/0x30
[ 79.782126][ T5232] ? vprintk_emit+0x7ae/0xa10
[ 79.786799][ T5232] ? vprintk_emit+0x847/0xa10
[ 79.791476][ T5232] vprintk_emit+0x84c/0xa10
[ 79.796010][ T5232] ? __pfx_vprintk_emit+0x10/0x10
[ 79.801073][ T5232] ? rcu_is_watching+0x15/0xb0
[ 79.805904][ T5232] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 79.811907][ T5232] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 79.818342][ T5232] ? deref_stack_reg+0x17c/0x210
[ 79.823298][ T5232] _printk+0xd5/0x120
[ 79.827308][ T5232] ? __nla_validate_parse+0x4f4/0x3090
[ 79.832781][ T5232] ? __pfx__printk+0x10/0x10
[ 79.837380][ T5232] ? 0xffffffffa0001d60
[ 79.841529][ T5232] ? rcu_is_watching+0x15/0xb0
[ 79.846316][ T5232] ? lock_acquire+0xe3/0x550
[ 79.850947][ T5232] __nla_validate_parse+0x1af9/0x3090
[ 79.856336][ T5232] ? __pfx___nla_validate_parse+0x10/0x10
[ 79.862054][ T5232] ? rcu_is_watching+0x15/0xb0
[ 79.866814][ T5232] ? lock_release+0xbf/0xa30
[ 79.871407][ T5232] ? __pfx_lock_acquire+0x10/0x10
[ 79.876538][ T5232] ? lock_release+0xbf/0xa30
[ 79.881129][ T5232] ? deref_stack_reg+0x17c/0x210
[ 79.886076][ T5232] ? rcu_is_watching+0x15/0xb0
[ 79.890835][ T5232] ? lock_acquire+0xe3/0x550
[ 79.895429][ T5232] __nla_validate+0x3e/0x60
[ 79.899928][ T5232] rtm_to_fib_config+0xac/0x13d0
[ 79.904865][ T5232] ? __kernel_text_address+0xd/0x40
[ 79.910059][ T5232] ? rcu_is_watching+0x15/0xb0
[ 79.914820][ T5232] inet_rtm_newroute+0xf5/0x290
[ 79.919680][ T5232] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 79.925134][ T5232] ? stack_trace_save+0x118/0x1d0
[ 79.930171][ T5232] ? bpf_lsm_capable+0x9/0x10
[ 79.934863][ T5232] ? security_capable+0x7e/0x2d0
[ 79.939813][ T5232] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 79.945270][ T5232] rtnetlink_rcv_msg+0x73f/0xcf0
[ 79.950218][ T5232] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 79.955341][ T5232] ? lock_release+0xbf/0xa30
[ 79.959933][ T5232] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 79.965389][ T5232] ? __pfx_lock_acquire+0x10/0x10
[ 79.970413][ T5232] ? rcu_is_watching+0x15/0xb0
[ 79.975211][ T5232] ? lock_acquire+0xe3/0x550
[ 79.979887][ T5232] netlink_rcv_skb+0x1e3/0x430
[ 79.984667][ T5232] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 79.990245][ T5232] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 79.995560][ T5232] ? net_generic+0x1f/0x240
[ 80.000086][ T5232] ? netlink_deliver_tap+0x2e/0x1b0
[ 80.005314][ T5232] netlink_unicast+0x7f6/0x990
[ 80.010124][ T5232] ? __pfx_netlink_unicast+0x10/0x10
[ 80.015542][ T5232] ? __virt_addr_valid+0x183/0x530
[ 80.020672][ T5232] ? __check_object_size+0x48e/0x900
[ 80.025994][ T5232] netlink_sendmsg+0x8e4/0xcb0
[ 80.030808][ T5232] ? __pfx_netlink_sendmsg+0x10/0x10
[ 80.036108][ T5232] ? aa_sock_msg_perm+0x91/0x160
[ 80.041050][ T5232] ? __pfx_netlink_sendmsg+0x10/0x10
[ 80.046799][ T5232] __sock_sendmsg+0x221/0x270
[ 80.051529][ T5232] ____sys_sendmsg+0x52a/0x7e0
[ 80.056334][ T5232] ? __pfx_____sys_sendmsg+0x10/0x10
[ 80.061656][ T5232] ? do_raw_spin_lock+0x14f/0x370
[ 80.066775][ T5232] __sys_sendmsg+0x2aa/0x390
[ 80.071411][ T5232] ? __pfx___sys_sendmsg+0x10/0x10
[ 80.076829][ T5232] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 80.083271][ T5232] ? _raw_spin_unlock_irq+0x2e/0x50
[ 80.088493][ T5232] ? ptrace_notify+0x279/0x380
[ 80.093293][ T5232] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 80.099653][ T5232] ? rcu_is_watching+0x15/0xb0
[ 80.104443][ T5232] do_syscall_64+0xf3/0x230
[ 80.109046][ T5232] ? clear_bhb_loop+0x35/0x90
[ 80.113866][ T5232] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 80.119850][ T5232] RIP: 0033:0x7f4ad72638e9
[ 80.124286][ T5232] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 80.143941][ T5232] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 80.152413][ T5232] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 80.160412][ T5232] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[pid 5232] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5232] exit_group(0) = ?
[pid 5232] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5232, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5233 attached
, child_tidptr=0x55558a310650) = 5233
[pid 5233] set_robust_list(0x55558a310660, 24) = 0
[pid 5233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5233] setpgid(0, 0) = 0
[pid 5233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5233] write(3, "1000", 4) = 4
[pid 5233] close(3) = 0
[pid 5233] write(1, "executing program\n", 18executing program
) = 18
[pid 5233] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[ 80.168420][ T5232] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 80.176395][ T5232] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 80.184386][ T5232] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 80.192369][ T5232]
[ 80.196019][ T5232] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
[pid 5233] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5233] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5233] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5233] write(6, "7", 1) = 1
[ 80.260341][ T5233] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 80.268733][ T5233] FAULT_INJECTION: forcing a failure.
[ 80.268733][ T5233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 80.281793][ T5233] CPU: 1 UID: 0 PID: 5233 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 80.292576][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 80.302817][ T5233] Call Trace:
[ 80.306106][ T5233]
[ 80.309034][ T5233] dump_stack_lvl+0x241/0x360
[ 80.313719][ T5233] ? __pfx_dump_stack_lvl+0x10/0x10
[ 80.318938][ T5233] ? __pfx__printk+0x10/0x10
[ 80.323524][ T5233] ? do_raw_spin_lock+0x14f/0x370
[ 80.328590][ T5233] ? bpf_trace_run4+0x244/0x590
[ 80.333463][ T5233] ? rcu_is_watching+0x15/0xb0
[ 80.338246][ T5233] ? bpf_trace_run4+0x244/0x590
[ 80.343138][ T5233] ? lock_acquire+0xe3/0x550
[ 80.347779][ T5233] should_fail_ex+0x3b0/0x4e0
[ 80.352512][ T5233] strncpy_from_user+0x36/0x250
[ 80.357380][ T5233] strncpy_from_user_nofault+0x71/0x140
[ 80.363164][ T5233] bpf_probe_read_compat_str+0xe9/0x180
[ 80.368756][ T5233] ? bpf_trace_run4+0x244/0x590
[ 80.373745][ T5233] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 80.379303][ T5233] bpf_trace_run4+0x334/0x590
[ 80.384020][ T5233] ? put_prev_entity+0x6f/0x200
[ 80.388922][ T5233] ? __pfx_bpf_trace_run4+0x10/0x10
[ 80.394132][ T5233] ? task_psi_group+0x47/0x1a0
[ 80.398897][ T5233] ? psi_task_switch+0x36d/0x770
[ 80.403864][ T5233] __schedule+0x234a/0x4b30
[ 80.408411][ T5233] ? do_raw_spin_unlock+0x13c/0x8b0
[ 80.413746][ T5233] ? __pfx___schedule+0x10/0x10
[ 80.418712][ T5233] ? rcu_is_watching+0x15/0xb0
[ 80.423515][ T5233] ? __pfx___console_unlock+0x10/0x10
[ 80.429121][ T5233] ? __pfx_prb_read_valid+0x10/0x10
[ 80.434442][ T5233] ? preempt_schedule+0xe1/0xf0
[ 80.439293][ T5233] preempt_schedule_common+0x84/0xd0
[ 80.444612][ T5233] preempt_schedule+0xe1/0xf0
[ 80.449602][ T5233] ? __pfx_preempt_schedule+0x10/0x10
[ 80.454993][ T5233] ? console_unlock+0x2fc/0x3b0
[ 80.459846][ T5233] ? __pfx_console_unlock+0x10/0x10
[ 80.465080][ T5233] preempt_schedule_thunk+0x1a/0x30
[ 80.470302][ T5233] ? vprintk_emit+0x7ae/0xa10
[ 80.475012][ T5233] ? vprintk_emit+0x847/0xa10
[ 80.479686][ T5233] vprintk_emit+0x84c/0xa10
[ 80.484191][ T5233] ? __pfx_vprintk_emit+0x10/0x10
[ 80.489210][ T5233] ? rcu_is_watching+0x15/0xb0
[ 80.493970][ T5233] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 80.499861][ T5233] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 80.506215][ T5233] ? deref_stack_reg+0x17c/0x210
[ 80.511158][ T5233] _printk+0xd5/0x120
[ 80.515137][ T5233] ? __nla_validate_parse+0x4f4/0x3090
[ 80.520597][ T5233] ? __pfx__printk+0x10/0x10
[ 80.525199][ T5233] ? 0xffffffffa0001df8
[ 80.529347][ T5233] ? is_bpf_text_address+0x26/0x2a0
[ 80.534549][ T5233] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 80.540702][ T5233] __nla_validate_parse+0x1af9/0x3090
[ 80.546076][ T5233] ? __pfx___nla_validate_parse+0x10/0x10
[ 80.551794][ T5233] ? rcu_is_watching+0x15/0xb0
[ 80.556558][ T5233] ? lock_release+0xbf/0xa30
[ 80.561153][ T5233] ? __pfx_lock_acquire+0x10/0x10
[ 80.566200][ T5233] ? lock_release+0xbf/0xa30
[ 80.570790][ T5233] ? deref_stack_reg+0x17c/0x210
[ 80.575732][ T5233] ? rcu_is_watching+0x15/0xb0
[ 80.580491][ T5233] ? lock_acquire+0xe3/0x550
[ 80.585087][ T5233] __nla_validate+0x3e/0x60
[ 80.589588][ T5233] rtm_to_fib_config+0xac/0x13d0
[ 80.594540][ T5233] ? __kernel_text_address+0xd/0x40
[ 80.599745][ T5233] ? rcu_is_watching+0x15/0xb0
[ 80.604512][ T5233] inet_rtm_newroute+0xf5/0x290
[ 80.609390][ T5233] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 80.614865][ T5233] ? stack_trace_save+0x118/0x1d0
[ 80.619887][ T5233] ? bpf_lsm_capable+0x9/0x10
[ 80.624560][ T5233] ? security_capable+0x7e/0x2d0
[ 80.629494][ T5233] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 80.634972][ T5233] rtnetlink_rcv_msg+0x73f/0xcf0
[ 80.639924][ T5233] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 80.645029][ T5233] ? lock_release+0xbf/0xa30
[ 80.649619][ T5233] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 80.655076][ T5233] ? __pfx_lock_acquire+0x10/0x10
[ 80.660099][ T5233] ? rcu_is_watching+0x15/0xb0
[ 80.664881][ T5233] ? lock_acquire+0xe3/0x550
[ 80.669476][ T5233] netlink_rcv_skb+0x1e3/0x430
[ 80.674237][ T5233] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 80.679693][ T5233] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 80.684983][ T5233] ? net_generic+0x1f/0x240
[ 80.689489][ T5233] ? netlink_deliver_tap+0x2e/0x1b0
[ 80.694691][ T5233] netlink_unicast+0x7f6/0x990
[ 80.699452][ T5233] ? __pfx_netlink_unicast+0x10/0x10
[ 80.704764][ T5233] ? __virt_addr_valid+0x183/0x530
[ 80.709871][ T5233] ? __check_object_size+0x48e/0x900
[ 80.715201][ T5233] netlink_sendmsg+0x8e4/0xcb0
[ 80.720090][ T5233] ? __pfx_netlink_sendmsg+0x10/0x10
[ 80.725493][ T5233] ? aa_sock_msg_perm+0x91/0x160
[ 80.730528][ T5233] ? __pfx_netlink_sendmsg+0x10/0x10
[ 80.735845][ T5233] __sock_sendmsg+0x221/0x270
[ 80.740537][ T5233] ____sys_sendmsg+0x52a/0x7e0
[ 80.745310][ T5233] ? __pfx_____sys_sendmsg+0x10/0x10
[ 80.750601][ T5233] ? do_raw_spin_lock+0x14f/0x370
[ 80.755632][ T5233] __sys_sendmsg+0x2aa/0x390
[ 80.760252][ T5233] ? __pfx___sys_sendmsg+0x10/0x10
[ 80.765372][ T5233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 80.771707][ T5233] ? _raw_spin_unlock_irq+0x2e/0x50
[ 80.776904][ T5233] ? ptrace_notify+0x279/0x380
[ 80.781693][ T5233] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 80.788049][ T5233] ? rcu_is_watching+0x15/0xb0
[ 80.793087][ T5233] do_syscall_64+0xf3/0x230
[ 80.797623][ T5233] ? clear_bhb_loop+0x35/0x90
[ 80.802338][ T5233] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 80.808318][ T5233] RIP: 0033:0x7f4ad72638e9
[ 80.812793][ T5233] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 80.832490][ T5233] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 80.840901][ T5233] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 80.848872][ T5233] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[pid 5233] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5233] exit_group(0) = ?
[pid 5233] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5233, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5234 attached
, child_tidptr=0x55558a310650) = 5234
[ 80.857188][ T5233] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 80.865192][ T5233] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 80.873165][ T5233] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 80.881139][ T5233]
[ 80.884522][ T5233] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
[pid 5234] set_robust_list(0x55558a310660, 24) = 0
[pid 5234] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5234] setpgid(0, 0) = 0
[pid 5234] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5234] write(3, "1000", 4) = 4
[pid 5234] close(3) = 0
[pid 5234] write(1, "executing program\n", 18executing program
) = 18
[pid 5234] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5234] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5234] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5234] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5234] write(6, "7", 1) = 1
[ 80.961791][ T5234] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 80.970233][ T5234] FAULT_INJECTION: forcing a failure.
[ 80.970233][ T5234] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 80.983405][ T5234] CPU: 1 UID: 0 PID: 5234 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 80.994185][ T5234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 81.004261][ T5234] Call Trace:
[ 81.007574][ T5234]
[ 81.010528][ T5234] dump_stack_lvl+0x241/0x360
[ 81.015315][ T5234] ? __pfx_dump_stack_lvl+0x10/0x10
[ 81.020565][ T5234] ? __pfx__printk+0x10/0x10
[ 81.025274][ T5234] ? do_raw_spin_lock+0x14f/0x370
[ 81.030345][ T5234] ? bpf_trace_run4+0x244/0x590
[ 81.035210][ T5234] ? rcu_is_watching+0x15/0xb0
[ 81.040007][ T5234] ? bpf_trace_run4+0x244/0x590
[ 81.044989][ T5234] ? lock_acquire+0xe3/0x550
[ 81.049715][ T5234] should_fail_ex+0x3b0/0x4e0
[ 81.054419][ T5234] strncpy_from_user+0x36/0x250
[ 81.059287][ T5234] strncpy_from_user_nofault+0x71/0x140
[ 81.064856][ T5234] bpf_probe_read_compat_str+0xe9/0x180
[ 81.070423][ T5234] ? bpf_trace_run4+0x244/0x590
[ 81.075282][ T5234] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 81.080751][ T5234] bpf_trace_run4+0x334/0x590
[ 81.085424][ T5234] ? set_next_entity+0x10e/0x4c0
[ 81.090366][ T5234] ? __pfx_bpf_trace_run4+0x10/0x10
[ 81.095708][ T5234] ? task_psi_group+0x47/0x1a0
[ 81.100545][ T5234] ? psi_task_switch+0x36d/0x770
[ 81.105496][ T5234] __schedule+0x234a/0x4b30
[ 81.110004][ T5234] ? do_raw_spin_unlock+0x13c/0x8b0
[ 81.115215][ T5234] ? __pfx___schedule+0x10/0x10
[ 81.120082][ T5234] ? rcu_is_watching+0x15/0xb0
[ 81.124842][ T5234] ? __pfx___console_unlock+0x10/0x10
[ 81.130299][ T5234] ? __pfx_prb_read_valid+0x10/0x10
[ 81.135494][ T5234] ? preempt_schedule+0xe1/0xf0
[ 81.140340][ T5234] preempt_schedule_common+0x84/0xd0
[ 81.145624][ T5234] preempt_schedule+0xe1/0xf0
[ 81.150311][ T5234] ? __pfx_preempt_schedule+0x10/0x10
[ 81.155696][ T5234] ? console_unlock+0x2fc/0x3b0
[ 81.160562][ T5234] ? __pfx_console_unlock+0x10/0x10
[ 81.165786][ T5234] preempt_schedule_thunk+0x1a/0x30
[ 81.171014][ T5234] ? vprintk_emit+0x7ae/0xa10
[ 81.175793][ T5234] ? vprintk_emit+0x847/0xa10
[ 81.180489][ T5234] vprintk_emit+0x84c/0xa10
[ 81.185091][ T5234] ? __pfx_vprintk_emit+0x10/0x10
[ 81.190115][ T5234] ? rcu_is_watching+0x15/0xb0
[ 81.194969][ T5234] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 81.200859][ T5234] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 81.207196][ T5234] ? deref_stack_reg+0x17c/0x210
[ 81.212158][ T5234] _printk+0xd5/0x120
[ 81.216137][ T5234] ? __nla_validate_parse+0x4f4/0x3090
[ 81.221591][ T5234] ? __pfx__printk+0x10/0x10
[ 81.226204][ T5234] ? 0xffffffffa0001d48
[ 81.230381][ T5234] ? is_bpf_text_address+0x26/0x2a0
[ 81.235582][ T5234] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 81.241838][ T5234] __nla_validate_parse+0x1af9/0x3090
[ 81.247299][ T5234] ? __pfx___nla_validate_parse+0x10/0x10
[ 81.253029][ T5234] ? rcu_is_watching+0x15/0xb0
[ 81.257875][ T5234] ? lock_release+0xbf/0xa30
[ 81.262467][ T5234] ? __pfx_lock_acquire+0x10/0x10
[ 81.267490][ T5234] ? lock_release+0xbf/0xa30
[ 81.272092][ T5234] ? deref_stack_reg+0x17c/0x210
[ 81.277046][ T5234] ? rcu_is_watching+0x15/0xb0
[ 81.281820][ T5234] ? lock_acquire+0xe3/0x550
[ 81.286423][ T5234] __nla_validate+0x3e/0x60
[ 81.290931][ T5234] rtm_to_fib_config+0xac/0x13d0
[ 81.296046][ T5234] ? __kernel_text_address+0xd/0x40
[ 81.301337][ T5234] ? rcu_is_watching+0x15/0xb0
[ 81.306188][ T5234] inet_rtm_newroute+0xf5/0x290
[ 81.311053][ T5234] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 81.316524][ T5234] ? stack_trace_save+0x118/0x1d0
[ 81.321569][ T5234] ? bpf_lsm_capable+0x9/0x10
[ 81.326242][ T5234] ? security_capable+0x7e/0x2d0
[ 81.331175][ T5234] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 81.336822][ T5234] rtnetlink_rcv_msg+0x73f/0xcf0
[ 81.341753][ T5234] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 81.346874][ T5234] ? lock_release+0xbf/0xa30
[ 81.351463][ T5234] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 81.356915][ T5234] ? __pfx_lock_acquire+0x10/0x10
[ 81.362023][ T5234] ? rcu_is_watching+0x15/0xb0
[ 81.366779][ T5234] ? lock_acquire+0xe3/0x550
[ 81.371457][ T5234] netlink_rcv_skb+0x1e3/0x430
[ 81.376321][ T5234] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 81.381789][ T5234] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 81.387163][ T5234] ? net_generic+0x1f/0x240
[ 81.391661][ T5234] ? netlink_deliver_tap+0x2e/0x1b0
[ 81.396974][ T5234] netlink_unicast+0x7f6/0x990
[ 81.401756][ T5234] ? __pfx_netlink_unicast+0x10/0x10
[ 81.407046][ T5234] ? __virt_addr_valid+0x183/0x530
[ 81.412442][ T5234] ? __check_object_size+0x48e/0x900
[ 81.417740][ T5234] netlink_sendmsg+0x8e4/0xcb0
[ 81.422521][ T5234] ? __pfx_netlink_sendmsg+0x10/0x10
[ 81.427806][ T5234] ? aa_sock_msg_perm+0x91/0x160
[ 81.432845][ T5234] ? __pfx_netlink_sendmsg+0x10/0x10
[ 81.438128][ T5234] __sock_sendmsg+0x221/0x270
[ 81.442817][ T5234] ____sys_sendmsg+0x52a/0x7e0
[ 81.447582][ T5234] ? __pfx_____sys_sendmsg+0x10/0x10
[ 81.452971][ T5234] ? do_raw_spin_lock+0x14f/0x370
[ 81.458040][ T5234] __sys_sendmsg+0x2aa/0x390
[ 81.462826][ T5234] ? __pfx___sys_sendmsg+0x10/0x10
[ 81.467960][ T5234] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 81.474292][ T5234] ? _raw_spin_unlock_irq+0x2e/0x50
[ 81.479514][ T5234] ? ptrace_notify+0x279/0x380
[ 81.484380][ T5234] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 81.490738][ T5234] ? rcu_is_watching+0x15/0xb0
[ 81.495620][ T5234] do_syscall_64+0xf3/0x230
[ 81.500137][ T5234] ? clear_bhb_loop+0x35/0x90
[ 81.504857][ T5234] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 81.510779][ T5234] RIP: 0033:0x7f4ad72638e9
[ 81.515384][ T5234] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 81.535898][ T5234] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 81.544532][ T5234] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 81.552523][ T5234] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[pid 5234] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5234] exit_group(0) = ?
[pid 5234] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5234, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5235 attached
, child_tidptr=0x55558a310650) = 5235
[pid 5235] set_robust_list(0x55558a310660, 24) = 0
[pid 5235] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5235] setpgid(0, 0) = 0
[pid 5235] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5235] write(3, "1000", 4) = 4
[pid 5235] close(3) = 0
executing program
[pid 5235] write(1, "executing program\n", 18) = 18
[pid 5235] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5235] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5235] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5235] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5235] write(6, "7", 1) = 1
[ 81.560493][ T5234] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 81.568483][ T5234] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 81.577145][ T5234] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 81.585141][ T5234]
[ 81.593283][ T5234] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
[ 81.623611][ T5235] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 81.632510][ T5235] FAULT_INJECTION: forcing a failure.
[ 81.632510][ T5235] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 81.645646][ T5235] CPU: 0 UID: 0 PID: 5235 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 81.656418][ T5235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 81.666466][ T5235] Call Trace:
[ 81.669843][ T5235]
[ 81.672765][ T5235] dump_stack_lvl+0x241/0x360
[ 81.677443][ T5235] ? __pfx_dump_stack_lvl+0x10/0x10
[ 81.682653][ T5235] ? __pfx__printk+0x10/0x10
[ 81.687274][ T5235] ? do_raw_spin_lock+0x14f/0x370
[ 81.692327][ T5235] ? bpf_trace_run4+0x244/0x590
[ 81.697180][ T5235] ? rcu_is_watching+0x15/0xb0
[ 81.701988][ T5235] ? bpf_trace_run4+0x244/0x590
[ 81.707033][ T5235] ? lock_acquire+0xe3/0x550
[ 81.711636][ T5235] should_fail_ex+0x3b0/0x4e0
[ 81.716520][ T5235] strncpy_from_user+0x36/0x250
[ 81.721390][ T5235] strncpy_from_user_nofault+0x71/0x140
[ 81.727024][ T5235] bpf_probe_read_compat_str+0xe9/0x180
[ 81.732776][ T5235] ? bpf_trace_run4+0x244/0x590
[ 81.737946][ T5235] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 81.743759][ T5235] bpf_trace_run4+0x334/0x590
[ 81.748442][ T5235] ? put_prev_entity+0x6f/0x200
[ 81.753310][ T5235] ? __pfx_bpf_trace_run4+0x10/0x10
[ 81.758519][ T5235] ? task_psi_group+0x47/0x1a0
[ 81.763390][ T5235] ? psi_task_switch+0x36d/0x770
[ 81.768337][ T5235] __schedule+0x234a/0x4b30
[ 81.772956][ T5235] ? do_raw_spin_unlock+0x13c/0x8b0
[ 81.778157][ T5235] ? __pfx___schedule+0x10/0x10
[ 81.783007][ T5235] ? rcu_is_watching+0x15/0xb0
[ 81.787786][ T5235] ? __pfx___console_unlock+0x10/0x10
[ 81.793151][ T5235] ? __pfx_prb_read_valid+0x10/0x10
[ 81.798360][ T5235] ? preempt_schedule+0xe1/0xf0
[ 81.803211][ T5235] preempt_schedule_common+0x84/0xd0
[ 81.808769][ T5235] preempt_schedule+0xe1/0xf0
[ 81.813652][ T5235] ? __pfx_preempt_schedule+0x10/0x10
[ 81.819044][ T5235] ? console_unlock+0x2fc/0x3b0
[ 81.823905][ T5235] ? __pfx_console_unlock+0x10/0x10
[ 81.829154][ T5235] preempt_schedule_thunk+0x1a/0x30
[ 81.834451][ T5235] ? vprintk_emit+0x7ae/0xa10
[ 81.839230][ T5235] ? vprintk_emit+0x847/0xa10
[ 81.843947][ T5235] vprintk_emit+0x84c/0xa10
[ 81.848601][ T5235] ? __pfx_vprintk_emit+0x10/0x10
[ 81.853913][ T5235] ? rcu_is_watching+0x15/0xb0
[ 81.858688][ T5235] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 81.864577][ T5235] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 81.870920][ T5235] ? deref_stack_reg+0x17c/0x210
[ 81.875857][ T5235] _printk+0xd5/0x120
[ 81.879837][ T5235] ? __nla_validate_parse+0x4f4/0x3090
[ 81.885308][ T5235] ? __pfx__printk+0x10/0x10
[ 81.889894][ T5235] ? 0xffffffffa0001de4
[ 81.894061][ T5235] ? is_bpf_text_address+0x26/0x2a0
[ 81.899278][ T5235] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 81.905461][ T5235] __nla_validate_parse+0x1af9/0x3090
[ 81.910842][ T5235] ? __pfx___nla_validate_parse+0x10/0x10
[ 81.916584][ T5235] ? rcu_is_watching+0x15/0xb0
[ 81.921356][ T5235] ? lock_release+0xbf/0xa30
[ 81.925966][ T5235] ? __pfx_lock_acquire+0x10/0x10
[ 81.930991][ T5235] ? lock_release+0xbf/0xa30
[ 81.935584][ T5235] ? deref_stack_reg+0x17c/0x210
[ 81.940540][ T5235] ? rcu_is_watching+0x15/0xb0
[ 81.945346][ T5235] ? lock_acquire+0xe3/0x550
[ 81.949978][ T5235] __nla_validate+0x3e/0x60
[ 81.954477][ T5235] rtm_to_fib_config+0xac/0x13d0
[ 81.959425][ T5235] ? __kernel_text_address+0xd/0x40
[ 81.964638][ T5235] ? rcu_is_watching+0x15/0xb0
[ 81.969412][ T5235] inet_rtm_newroute+0xf5/0x290
[ 81.974261][ T5235] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 81.979718][ T5235] ? stack_trace_save+0x118/0x1d0
[ 81.984762][ T5235] ? bpf_lsm_capable+0x9/0x10
[ 81.989522][ T5235] ? security_capable+0x7e/0x2d0
[ 81.994457][ T5235] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 81.999937][ T5235] rtnetlink_rcv_msg+0x73f/0xcf0
[ 82.004903][ T5235] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 82.010023][ T5235] ? lock_release+0xbf/0xa30
[ 82.016194][ T5235] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 82.021741][ T5235] ? __pfx_lock_acquire+0x10/0x10
[ 82.026780][ T5235] ? rcu_is_watching+0x15/0xb0
[ 82.031569][ T5235] ? lock_acquire+0xe3/0x550
[ 82.036375][ T5235] netlink_rcv_skb+0x1e3/0x430
[ 82.041139][ T5235] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 82.046603][ T5235] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 82.051905][ T5235] ? net_generic+0x1f/0x240
[ 82.056404][ T5235] ? netlink_deliver_tap+0x2e/0x1b0
[ 82.061602][ T5235] netlink_unicast+0x7f6/0x990
[ 82.066360][ T5235] ? __pfx_netlink_unicast+0x10/0x10
[ 82.071635][ T5235] ? __virt_addr_valid+0x183/0x530
[ 82.076857][ T5235] ? __check_object_size+0x48e/0x900
[ 82.082168][ T5235] netlink_sendmsg+0x8e4/0xcb0
[ 82.086944][ T5235] ? __pfx_netlink_sendmsg+0x10/0x10
[ 82.092242][ T5235] ? aa_sock_msg_perm+0x91/0x160
[ 82.097265][ T5235] ? __pfx_netlink_sendmsg+0x10/0x10
[ 82.102560][ T5235] __sock_sendmsg+0x221/0x270
[ 82.107321][ T5235] ____sys_sendmsg+0x52a/0x7e0
[ 82.112102][ T5235] ? __pfx_____sys_sendmsg+0x10/0x10
[ 82.117403][ T5235] ? do_raw_spin_lock+0x14f/0x370
[ 82.122444][ T5235] __sys_sendmsg+0x2aa/0x390
[ 82.127033][ T5235] ? __pfx___sys_sendmsg+0x10/0x10
[ 82.132147][ T5235] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 82.138521][ T5235] ? _raw_spin_unlock_irq+0x2e/0x50
[ 82.143738][ T5235] ? ptrace_notify+0x279/0x380
[ 82.148513][ T5235] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 82.154845][ T5235] ? rcu_is_watching+0x15/0xb0
[ 82.159617][ T5235] do_syscall_64+0xf3/0x230
[ 82.164131][ T5235] ? clear_bhb_loop+0x35/0x90
[ 82.168806][ T5235] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 82.174783][ T5235] RIP: 0033:0x7f4ad72638e9
[ 82.179193][ T5235] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 82.198897][ T5235] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 82.207319][ T5235] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 82.215311][ T5235] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[pid 5235] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5235] exit_group(0) = ?
[pid 5235] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5235, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5237 attached
, child_tidptr=0x55558a310650) = 5237
[pid 5237] set_robust_list(0x55558a310660, 24) = 0
[pid 5237] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5237] setpgid(0, 0) = 0
[pid 5237] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5237] write(3, "1000", 4) = 4
[pid 5237] close(3) = 0
[pid 5237] write(1, "executing program\n", 18executing program
) = 18
[pid 5237] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5237] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5237] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5237] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[ 82.223292][ T5235] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 82.231257][ T5235] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 82.239221][ T5235] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 82.247187][ T5235]
[ 82.261082][ T5235] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
[pid 5237] write(6, "7", 1) = 1
[ 82.308013][ T5237] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 82.316632][ T5237] FAULT_INJECTION: forcing a failure.
[ 82.316632][ T5237] name failslab, interval 1, probability 0, space 0, times 0
[ 82.330240][ T5237] CPU: 1 UID: 0 PID: 5237 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 82.341042][ T5237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 82.351120][ T5237] Call Trace:
[ 82.354420][ T5237]
[ 82.357370][ T5237] dump_stack_lvl+0x241/0x360
[ 82.362086][ T5237] ? __pfx_dump_stack_lvl+0x10/0x10
[ 82.367313][ T5237] ? __pfx__printk+0x10/0x10
[ 82.371930][ T5237] ? __pfx___might_resched+0x10/0x10
[ 82.377243][ T5237] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 82.383436][ T5237] should_fail_ex+0x3b0/0x4e0
[ 82.388164][ T5237] ? fib_create_info+0xa49/0x24e0
[ 82.393244][ T5237] should_failslab+0xac/0x100
[ 82.397958][ T5237] ? fib_create_info+0xa49/0x24e0
[ 82.403017][ T5237] __kmalloc_noprof+0xd8/0x400
[ 82.407816][ T5237] fib_create_info+0xa49/0x24e0
[ 82.412694][ T5237] ? __pfx_lock_acquire+0x10/0x10
[ 82.417727][ T5237] ? __pfx_lock_acquire+0x10/0x10
[ 82.422848][ T5237] ? lock_release+0xbf/0xa30
[ 82.427463][ T5237] ? __pfx_lock_release+0x10/0x10
[ 82.432514][ T5237] fib_table_insert+0x1f6/0x1f30
[ 82.437462][ T5237] ? lock_acquire+0xe3/0x550
[ 82.442061][ T5237] ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 82.447782][ T5237] ? lwtunnel_valid_encap_type+0x265/0x5f0
[ 82.453590][ T5237] ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 82.459401][ T5237] ? __pfx_fib_table_insert+0x10/0x10
[ 82.464785][ T5237] ? fib_new_table+0x120/0x2d0
[ 82.469583][ T5237] inet_rtm_newroute+0x149/0x290
[ 82.474528][ T5237] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 82.479988][ T5237] ? stack_trace_save+0x118/0x1d0
[ 82.485051][ T5237] ? bpf_lsm_capable+0x9/0x10
[ 82.489817][ T5237] ? security_capable+0x7e/0x2d0
[ 82.494762][ T5237] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 82.500251][ T5237] rtnetlink_rcv_msg+0x73f/0xcf0
[ 82.505208][ T5237] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 82.510343][ T5237] ? lock_release+0xbf/0xa30
[ 82.515037][ T5237] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 82.520506][ T5237] ? __pfx_lock_acquire+0x10/0x10
[ 82.525543][ T5237] ? rcu_is_watching+0x15/0xb0
[ 82.530323][ T5237] ? lock_acquire+0xe3/0x550
[ 82.534927][ T5237] netlink_rcv_skb+0x1e3/0x430
[ 82.539700][ T5237] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 82.545164][ T5237] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 82.550488][ T5237] ? net_generic+0x1f/0x240
[ 82.555008][ T5237] ? netlink_deliver_tap+0x2e/0x1b0
[ 82.560214][ T5237] netlink_unicast+0x7f6/0x990
[ 82.564992][ T5237] ? __pfx_netlink_unicast+0x10/0x10
[ 82.570301][ T5237] ? __virt_addr_valid+0x183/0x530
[ 82.575417][ T5237] ? __check_object_size+0x48e/0x900
[ 82.580706][ T5237] netlink_sendmsg+0x8e4/0xcb0
[ 82.585481][ T5237] ? __pfx_netlink_sendmsg+0x10/0x10
[ 82.590771][ T5237] ? aa_sock_msg_perm+0x91/0x160
[ 82.595717][ T5237] ? __pfx_netlink_sendmsg+0x10/0x10
[ 82.601006][ T5237] __sock_sendmsg+0x221/0x270
[ 82.605689][ T5237] ____sys_sendmsg+0x52a/0x7e0
[ 82.610487][ T5237] ? __pfx_____sys_sendmsg+0x10/0x10
[ 82.615784][ T5237] ? do_raw_spin_lock+0x14f/0x370
[ 82.620818][ T5237] __sys_sendmsg+0x2aa/0x390
[ 82.625419][ T5237] ? __pfx___sys_sendmsg+0x10/0x10
[ 82.630547][ T5237] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 82.636893][ T5237] ? _raw_spin_unlock_irq+0x2e/0x50
[ 82.642096][ T5237] ? ptrace_notify+0x279/0x380
[ 82.646868][ T5237] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 82.653203][ T5237] ? rcu_is_watching+0x15/0xb0
[ 82.657973][ T5237] do_syscall_64+0xf3/0x230
[ 82.662483][ T5237] ? clear_bhb_loop+0x35/0x90
[ 82.667174][ T5237] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 82.673073][ T5237] RIP: 0033:0x7f4ad72638e9
[ 82.677493][ T5237] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 82.697117][ T5237] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5237] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5237] exit_group(0) = ?
[pid 5237] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5237, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
[ 82.705562][ T5237] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 82.713636][ T5237] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 82.721624][ T5237] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 82.729606][ T5237] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 82.737585][ T5237] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 82.745564][ T5237]
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5238 attached
, child_tidptr=0x55558a310650) = 5238
[pid 5238] set_robust_list(0x55558a310660, 24) = 0
[pid 5238] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5238] setpgid(0, 0) = 0
[pid 5238] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5238] write(3, "1000", 4) = 4
[pid 5238] close(3) = 0
executing program
[pid 5238] write(1, "executing program\n", 18) = 18
[pid 5238] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5238] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5238] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5238] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5238] write(6, "7", 1) = 1
[ 82.840271][ T5238] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 82.848648][ T5238] FAULT_INJECTION: forcing a failure.
[ 82.848648][ T5238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 82.861695][ T5238] CPU: 0 UID: 0 PID: 5238 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 82.872449][ T5238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 82.882518][ T5238] Call Trace:
[ 82.885789][ T5238]
[ 82.888724][ T5238] dump_stack_lvl+0x241/0x360
[ 82.893406][ T5238] ? __pfx_dump_stack_lvl+0x10/0x10
[ 82.898604][ T5238] ? __pfx__printk+0x10/0x10
[ 82.903189][ T5238] ? do_raw_spin_lock+0x14f/0x370
[ 82.908213][ T5238] ? bpf_trace_run4+0x244/0x590
[ 82.913066][ T5238] ? rcu_is_watching+0x15/0xb0
[ 82.917827][ T5238] ? bpf_trace_run4+0x244/0x590
[ 82.922671][ T5238] ? lock_acquire+0xe3/0x550
[ 82.927284][ T5238] should_fail_ex+0x3b0/0x4e0
[ 82.931969][ T5238] strncpy_from_user+0x36/0x250
[ 82.936842][ T5238] strncpy_from_user_nofault+0x71/0x140
[ 82.942385][ T5238] bpf_probe_read_compat_str+0xe9/0x180
[ 82.947929][ T5238] ? bpf_trace_run4+0x244/0x590
[ 82.952772][ T5238] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 82.958220][ T5238] bpf_trace_run4+0x334/0x590
[ 82.962910][ T5238] ? set_next_entity+0x10e/0x4c0
[ 82.967844][ T5238] ? __pfx_bpf_trace_run4+0x10/0x10
[ 82.973035][ T5238] ? task_psi_group+0x47/0x1a0
[ 82.977814][ T5238] ? psi_task_switch+0x36d/0x770
[ 82.982749][ T5238] __schedule+0x234a/0x4b30
[ 82.987252][ T5238] ? do_raw_spin_unlock+0x13c/0x8b0
[ 82.992450][ T5238] ? __pfx___schedule+0x10/0x10
[ 82.997300][ T5238] ? rcu_is_watching+0x15/0xb0
[ 83.002082][ T5238] ? __pfx___console_unlock+0x10/0x10
[ 83.007454][ T5238] ? __pfx_prb_read_valid+0x10/0x10
[ 83.012644][ T5238] ? preempt_schedule+0xe1/0xf0
[ 83.017488][ T5238] preempt_schedule_common+0x84/0xd0
[ 83.022811][ T5238] preempt_schedule+0xe1/0xf0
[ 83.027510][ T5238] ? __pfx_preempt_schedule+0x10/0x10
[ 83.032895][ T5238] ? console_unlock+0x2fc/0x3b0
[ 83.037801][ T5238] ? __pfx_console_unlock+0x10/0x10
[ 83.043024][ T5238] preempt_schedule_thunk+0x1a/0x30
[ 83.048223][ T5238] ? vprintk_emit+0x7ae/0xa10
[ 83.052924][ T5238] ? vprintk_emit+0x847/0xa10
[ 83.057601][ T5238] vprintk_emit+0x84c/0xa10
[ 83.062100][ T5238] ? __pfx_vprintk_emit+0x10/0x10
[ 83.067206][ T5238] ? rcu_is_watching+0x15/0xb0
[ 83.071984][ T5238] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 83.077900][ T5238] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 83.084296][ T5238] ? deref_stack_reg+0x17c/0x210
[ 83.089314][ T5238] _printk+0xd5/0x120
[ 83.093300][ T5238] ? __nla_validate_parse+0x4f4/0x3090
[ 83.098759][ T5238] ? __pfx__printk+0x10/0x10
[ 83.103368][ T5238] ? 0xffffffffa0001d50
[ 83.107517][ T5238] ? is_bpf_text_address+0x26/0x2a0
[ 83.112802][ T5238] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 83.118955][ T5238] __nla_validate_parse+0x1af9/0x3090
[ 83.124331][ T5238] ? __pfx___nla_validate_parse+0x10/0x10
[ 83.130297][ T5238] ? rcu_is_watching+0x15/0xb0
[ 83.135516][ T5238] ? lock_release+0xbf/0xa30
[ 83.140119][ T5238] ? __pfx_lock_acquire+0x10/0x10
[ 83.145147][ T5238] ? lock_release+0xbf/0xa30
[ 83.149759][ T5238] ? deref_stack_reg+0x17c/0x210
[ 83.154701][ T5238] ? rcu_is_watching+0x15/0xb0
[ 83.159462][ T5238] ? lock_acquire+0xe3/0x550
[ 83.164119][ T5238] __nla_validate+0x3e/0x60
[ 83.168736][ T5238] rtm_to_fib_config+0xac/0x13d0
[ 83.173683][ T5238] ? __kernel_text_address+0xd/0x40
[ 83.179006][ T5238] ? rcu_is_watching+0x15/0xb0
[ 83.183802][ T5238] inet_rtm_newroute+0xf5/0x290
[ 83.188678][ T5238] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 83.194144][ T5238] ? stack_trace_save+0x118/0x1d0
[ 83.199171][ T5238] ? bpf_lsm_capable+0x9/0x10
[ 83.203856][ T5238] ? security_capable+0x7e/0x2d0
[ 83.208900][ T5238] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 83.214458][ T5238] rtnetlink_rcv_msg+0x73f/0xcf0
[ 83.219393][ T5238] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 83.224501][ T5238] ? lock_release+0xbf/0xa30
[ 83.229122][ T5238] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 83.234687][ T5238] ? __pfx_lock_acquire+0x10/0x10
[ 83.239728][ T5238] ? rcu_is_watching+0x15/0xb0
[ 83.244512][ T5238] ? lock_acquire+0xe3/0x550
[ 83.249200][ T5238] netlink_rcv_skb+0x1e3/0x430
[ 83.253987][ T5238] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 83.259457][ T5238] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 83.264771][ T5238] ? net_generic+0x1f/0x240
[ 83.269316][ T5238] ? netlink_deliver_tap+0x2e/0x1b0
[ 83.274513][ T5238] netlink_unicast+0x7f6/0x990
[ 83.279280][ T5238] ? __pfx_netlink_unicast+0x10/0x10
[ 83.284748][ T5238] ? __virt_addr_valid+0x183/0x530
[ 83.289857][ T5238] ? __check_object_size+0x48e/0x900
[ 83.295154][ T5238] netlink_sendmsg+0x8e4/0xcb0
[ 83.300005][ T5238] ? __pfx_netlink_sendmsg+0x10/0x10
[ 83.305313][ T5238] ? aa_sock_msg_perm+0x91/0x160
[ 83.310252][ T5238] ? __pfx_netlink_sendmsg+0x10/0x10
[ 83.315557][ T5238] __sock_sendmsg+0x221/0x270
[ 83.320249][ T5238] ____sys_sendmsg+0x52a/0x7e0
[ 83.325040][ T5238] ? __pfx_____sys_sendmsg+0x10/0x10
[ 83.330326][ T5238] ? do_raw_spin_lock+0x14f/0x370
[ 83.335348][ T5238] __sys_sendmsg+0x2aa/0x390
[ 83.339957][ T5238] ? __pfx___sys_sendmsg+0x10/0x10
[ 83.345099][ T5238] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 83.351436][ T5238] ? _raw_spin_unlock_irq+0x2e/0x50
[ 83.356753][ T5238] ? ptrace_notify+0x279/0x380
[ 83.361534][ T5238] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 83.367871][ T5238] ? rcu_is_watching+0x15/0xb0
[ 83.372634][ T5238] do_syscall_64+0xf3/0x230
[ 83.377137][ T5238] ? clear_bhb_loop+0x35/0x90
[ 83.381815][ T5238] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 83.387792][ T5238] RIP: 0033:0x7f4ad72638e9
[ 83.392202][ T5238] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 83.411976][ T5238] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 83.420407][ T5238] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 83.428462][ T5238] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[pid 5238] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5238] exit_group(0) = ?
[pid 5238] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5238, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558a310650) = 5239
./strace-static-x86_64: Process 5239 attached
[pid 5239] set_robust_list(0x55558a310660, 24) = 0
[pid 5239] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5239] setpgid(0, 0) = 0
[pid 5239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5239] write(3, "1000", 4) = 4
[pid 5239] close(3) = 0
executing program
[pid 5239] write(1, "executing program\n", 18) = 18
[pid 5239] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5239] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5239] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5239] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5239] write(6, "7", 1) = 1
[ 83.436427][ T5238] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 83.444501][ T5238] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 83.452489][ T5238] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 83.460467][ T5238]
[ 83.463890][ T5238] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
[ 83.500891][ T5239] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 83.509381][ T5239] FAULT_INJECTION: forcing a failure.
[ 83.509381][ T5239] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 83.522426][ T5239] CPU: 1 UID: 0 PID: 5239 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 83.533441][ T5239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 83.543488][ T5239] Call Trace:
[ 83.546760][ T5239]
[ 83.549686][ T5239] dump_stack_lvl+0x241/0x360
[ 83.554369][ T5239] ? __pfx_dump_stack_lvl+0x10/0x10
[ 83.559568][ T5239] ? __pfx__printk+0x10/0x10
[ 83.564178][ T5239] ? do_raw_spin_lock+0x14f/0x370
[ 83.569203][ T5239] ? bpf_trace_run4+0x244/0x590
[ 83.574048][ T5239] ? rcu_is_watching+0x15/0xb0
[ 83.578895][ T5239] ? bpf_trace_run4+0x244/0x590
[ 83.583741][ T5239] ? lock_acquire+0xe3/0x550
[ 83.588331][ T5239] should_fail_ex+0x3b0/0x4e0
[ 83.593013][ T5239] strncpy_from_user+0x36/0x250
[ 83.597867][ T5239] strncpy_from_user_nofault+0x71/0x140
[ 83.603408][ T5239] bpf_probe_read_compat_str+0xe9/0x180
[ 83.608955][ T5239] ? bpf_trace_run4+0x244/0x590
[ 83.613801][ T5239] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 83.619252][ T5239] bpf_trace_run4+0x334/0x590
[ 83.623925][ T5239] ? put_prev_entity+0x6f/0x200
[ 83.628776][ T5239] ? __pfx_bpf_trace_run4+0x10/0x10
[ 83.633968][ T5239] ? task_psi_group+0x47/0x1a0
[ 83.638736][ T5239] ? psi_task_switch+0x36d/0x770
[ 83.643670][ T5239] __schedule+0x234a/0x4b30
[ 83.648188][ T5239] ? do_raw_spin_unlock+0x13c/0x8b0
[ 83.653389][ T5239] ? __pfx___schedule+0x10/0x10
[ 83.658235][ T5239] ? rcu_is_watching+0x15/0xb0
[ 83.663015][ T5239] ? __pfx___console_unlock+0x10/0x10
[ 83.668397][ T5239] ? __pfx_prb_read_valid+0x10/0x10
[ 83.673604][ T5239] ? preempt_schedule+0xe1/0xf0
[ 83.678451][ T5239] preempt_schedule_common+0x84/0xd0
[ 83.683736][ T5239] preempt_schedule+0xe1/0xf0
[ 83.688411][ T5239] ? __pfx_preempt_schedule+0x10/0x10
[ 83.693775][ T5239] ? console_unlock+0x2fc/0x3b0
[ 83.698623][ T5239] ? __pfx_console_unlock+0x10/0x10
[ 83.703818][ T5239] preempt_schedule_thunk+0x1a/0x30
[ 83.709009][ T5239] ? vprintk_emit+0x7ae/0xa10
[ 83.713678][ T5239] ? vprintk_emit+0x847/0xa10
[ 83.718472][ T5239] vprintk_emit+0x84c/0xa10
[ 83.722983][ T5239] ? __pfx_vprintk_emit+0x10/0x10
[ 83.728009][ T5239] ? rcu_is_watching+0x15/0xb0
[ 83.732767][ T5239] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 83.738677][ T5239] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 83.745005][ T5239] ? deref_stack_reg+0x17c/0x210
[ 83.749947][ T5239] _printk+0xd5/0x120
[ 83.753930][ T5239] ? __nla_validate_parse+0x4f4/0x3090
[ 83.759384][ T5239] ? __pfx__printk+0x10/0x10
[ 83.763968][ T5239] ? 0xffffffffa0001dd8
[ 83.768123][ T5239] ? is_bpf_text_address+0x26/0x2a0
[ 83.773318][ T5239] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 83.779471][ T5239] __nla_validate_parse+0x1af9/0x3090
[ 83.784843][ T5239] ? __pfx___nla_validate_parse+0x10/0x10
[ 83.790558][ T5239] ? rcu_is_watching+0x15/0xb0
[ 83.795316][ T5239] ? lock_release+0xbf/0xa30
[ 83.799907][ T5239] ? __pfx_lock_acquire+0x10/0x10
[ 83.804931][ T5239] ? lock_release+0xbf/0xa30
[ 83.809518][ T5239] ? deref_stack_reg+0x17c/0x210
[ 83.814471][ T5239] ? rcu_is_watching+0x15/0xb0
[ 83.819315][ T5239] ? lock_acquire+0xe3/0x550
[ 83.823967][ T5239] __nla_validate+0x3e/0x60
[ 83.828481][ T5239] rtm_to_fib_config+0xac/0x13d0
[ 83.833419][ T5239] ? __kernel_text_address+0xd/0x40
[ 83.838614][ T5239] ? rcu_is_watching+0x15/0xb0
[ 83.843372][ T5239] inet_rtm_newroute+0xf5/0x290
[ 83.848219][ T5239] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 83.853692][ T5239] ? stack_trace_save+0x118/0x1d0
[ 83.858716][ T5239] ? bpf_lsm_capable+0x9/0x10
[ 83.863386][ T5239] ? security_capable+0x7e/0x2d0
[ 83.868320][ T5239] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 83.873774][ T5239] rtnetlink_rcv_msg+0x73f/0xcf0
[ 83.878795][ T5239] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 83.883930][ T5239] ? lock_release+0xbf/0xa30
[ 83.888530][ T5239] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 83.894013][ T5239] ? __pfx_lock_acquire+0x10/0x10
[ 83.899036][ T5239] ? rcu_is_watching+0x15/0xb0
[ 83.903798][ T5239] ? lock_acquire+0xe3/0x550
[ 83.908415][ T5239] netlink_rcv_skb+0x1e3/0x430
[ 83.913206][ T5239] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 83.918666][ T5239] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 83.923953][ T5239] ? net_generic+0x1f/0x240
[ 83.928469][ T5239] ? netlink_deliver_tap+0x2e/0x1b0
[ 83.933667][ T5239] netlink_unicast+0x7f6/0x990
[ 83.938431][ T5239] ? __pfx_netlink_unicast+0x10/0x10
[ 83.943708][ T5239] ? __virt_addr_valid+0x183/0x530
[ 83.948813][ T5239] ? __check_object_size+0x48e/0x900
[ 83.954096][ T5239] netlink_sendmsg+0x8e4/0xcb0
[ 83.958892][ T5239] ? __pfx_netlink_sendmsg+0x10/0x10
[ 83.964191][ T5239] ? aa_sock_msg_perm+0x91/0x160
[ 83.969142][ T5239] ? __pfx_netlink_sendmsg+0x10/0x10
[ 83.974433][ T5239] __sock_sendmsg+0x221/0x270
[ 83.979133][ T5239] ____sys_sendmsg+0x52a/0x7e0
[ 83.983901][ T5239] ? __pfx_____sys_sendmsg+0x10/0x10
[ 83.989215][ T5239] ? do_raw_spin_lock+0x14f/0x370
[ 83.994260][ T5239] __sys_sendmsg+0x2aa/0x390
[ 83.998854][ T5239] ? __pfx___sys_sendmsg+0x10/0x10
[ 84.003969][ T5239] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 84.010323][ T5239] ? _raw_spin_unlock_irq+0x2e/0x50
[ 84.015534][ T5239] ? ptrace_notify+0x279/0x380
[ 84.020308][ T5239] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 84.026646][ T5239] ? rcu_is_watching+0x15/0xb0
[ 84.031413][ T5239] do_syscall_64+0xf3/0x230
[ 84.035943][ T5239] ? clear_bhb_loop+0x35/0x90
[ 84.040623][ T5239] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.046518][ T5239] RIP: 0033:0x7f4ad72638e9
[ 84.050929][ T5239] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 84.070548][ T5239] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 84.079052][ T5239] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 84.087028][ T5239] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 84.095007][ T5239] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[pid 5239] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5239] exit_group(0) = ?
[pid 5239] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5239, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
[ 84.102987][ T5239] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 84.111127][ T5239] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 84.119119][ T5239]
[ 84.128183][ T5239] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5240 attached
, child_tidptr=0x55558a310650) = 5240
[pid 5240] set_robust_list(0x55558a310660, 24) = 0
[pid 5240] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5240] setpgid(0, 0) = 0
[pid 5240] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5240] write(3, "1000", 4) = 4
[pid 5240] close(3) = 0
[pid 5240] write(1, "executing program\n", 18executing program
) = 18
[pid 5240] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5240] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5240] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5240] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5240] write(6, "7", 1) = 1
[ 84.246111][ T5240] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 84.254651][ T5240] FAULT_INJECTION: forcing a failure.
[ 84.254651][ T5240] name failslab, interval 1, probability 0, space 0, times 0
[ 84.267342][ T5240] CPU: 0 UID: 0 PID: 5240 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 84.278144][ T5240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 84.288214][ T5240] Call Trace:
[ 84.291501][ T5240]
[ 84.294438][ T5240] dump_stack_lvl+0x241/0x360
[ 84.299147][ T5240] ? __pfx_dump_stack_lvl+0x10/0x10
[ 84.304446][ T5240] ? __pfx__printk+0x10/0x10
[ 84.309051][ T5240] ? __pfx___might_resched+0x10/0x10
[ 84.314347][ T5240] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 84.320511][ T5240] should_fail_ex+0x3b0/0x4e0
[ 84.325201][ T5240] ? fib_create_info+0xa49/0x24e0
[ 84.330772][ T5240] should_failslab+0xac/0x100
[ 84.335482][ T5240] ? fib_create_info+0xa49/0x24e0
[ 84.340515][ T5240] __kmalloc_noprof+0xd8/0x400
[ 84.345288][ T5240] fib_create_info+0xa49/0x24e0
[ 84.350153][ T5240] ? __pfx_lock_acquire+0x10/0x10
[ 84.355190][ T5240] ? __pfx_lock_acquire+0x10/0x10
[ 84.360240][ T5240] ? lock_release+0xbf/0xa30
[ 84.364839][ T5240] ? __pfx_lock_release+0x10/0x10
[ 84.369879][ T5240] fib_table_insert+0x1f6/0x1f30
[ 84.374827][ T5240] ? lock_acquire+0xe3/0x550
[ 84.379431][ T5240] ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 84.385158][ T5240] ? lwtunnel_valid_encap_type+0x265/0x5f0
[ 84.390971][ T5240] ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 84.396697][ T5240] ? __pfx_fib_table_insert+0x10/0x10
[ 84.402080][ T5240] ? fib_new_table+0x120/0x2d0
[ 84.406851][ T5240] inet_rtm_newroute+0x149/0x290
[ 84.411798][ T5240] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 84.417435][ T5240] ? stack_trace_save+0x118/0x1d0
[ 84.422476][ T5240] ? bpf_lsm_capable+0x9/0x10
[ 84.427161][ T5240] ? security_capable+0x7e/0x2d0
[ 84.432108][ T5240] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 84.437677][ T5240] rtnetlink_rcv_msg+0x73f/0xcf0
[ 84.442618][ T5240] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 84.447733][ T5240] ? lock_release+0xbf/0xa30
[ 84.452333][ T5240] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 84.457795][ T5240] ? __pfx_lock_acquire+0x10/0x10
[ 84.462831][ T5240] ? rcu_is_watching+0x15/0xb0
[ 84.467687][ T5240] ? lock_acquire+0xe3/0x550
[ 84.472289][ T5240] netlink_rcv_skb+0x1e3/0x430
[ 84.477061][ T5240] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 84.482559][ T5240] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 84.487861][ T5240] ? net_generic+0x1f/0x240
[ 84.492366][ T5240] ? netlink_deliver_tap+0x2e/0x1b0
[ 84.497662][ T5240] netlink_unicast+0x7f6/0x990
[ 84.502436][ T5240] ? __pfx_netlink_unicast+0x10/0x10
[ 84.507731][ T5240] ? __virt_addr_valid+0x183/0x530
[ 84.512847][ T5240] ? __check_object_size+0x48e/0x900
[ 84.518146][ T5240] netlink_sendmsg+0x8e4/0xcb0
[ 84.522927][ T5240] ? __pfx_netlink_sendmsg+0x10/0x10
[ 84.528230][ T5240] ? aa_sock_msg_perm+0x91/0x160
[ 84.533182][ T5240] ? __pfx_netlink_sendmsg+0x10/0x10
[ 84.538564][ T5240] __sock_sendmsg+0x221/0x270
[ 84.543244][ T5240] ____sys_sendmsg+0x52a/0x7e0
[ 84.548038][ T5240] ? __pfx_____sys_sendmsg+0x10/0x10
[ 84.553375][ T5240] ? do_raw_spin_lock+0x14f/0x370
[ 84.558452][ T5240] __sys_sendmsg+0x2aa/0x390
[ 84.563062][ T5240] ? __pfx___sys_sendmsg+0x10/0x10
[ 84.568192][ T5240] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 84.574536][ T5240] ? _raw_spin_unlock_irq+0x2e/0x50
[ 84.579765][ T5240] ? ptrace_notify+0x279/0x380
[ 84.584559][ T5240] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 84.590904][ T5240] ? rcu_is_watching+0x15/0xb0
[ 84.595678][ T5240] do_syscall_64+0xf3/0x230
[ 84.600194][ T5240] ? clear_bhb_loop+0x35/0x90
[ 84.604883][ T5240] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 84.610785][ T5240] RIP: 0033:0x7f4ad72638e9
[ 84.615204][ T5240] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 84.634814][ T5240] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5240] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5240] exit_group(0) = ?
[pid 5240] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5240, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558a310650) = 5241
./strace-static-x86_64: Process 5241 attached
[pid 5241] set_robust_list(0x55558a310660, 24) = 0
[pid 5241] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5241] setpgid(0, 0) = 0
[pid 5241] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5241] write(3, "1000", 4) = 4
[pid 5241] close(3) = 0
[pid 5241] write(1, "executing program\n", 18executing program
) = 18
[ 84.643235][ T5240] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 84.651209][ T5240] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 84.659184][ T5240] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 84.667618][ T5240] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 84.675588][ T5240] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 84.683569][ T5240]
[pid 5241] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5241] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5241] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5241] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[ 84.733610][ T5241] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 84.742105][ T5241] FAULT_INJECTION: forcing a failure.
[ 84.742105][ T5241] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 84.755314][ T5241] CPU: 1 UID: 0 PID: 5241 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 84.766091][ T5241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 84.776151][ T5241] Call Trace:
[ 84.779457][ T5241]
[ 84.782395][ T5241] dump_stack_lvl+0x241/0x360
[ 84.787085][ T5241] ? __pfx_dump_stack_lvl+0x10/0x10
[ 84.792285][ T5241] ? __pfx__printk+0x10/0x10
[ 84.796875][ T5241] ? do_raw_spin_lock+0x14f/0x370
[ 84.801900][ T5241] ? bpf_trace_run4+0x244/0x590
[ 84.806752][ T5241] ? rcu_is_watching+0x15/0xb0
[ 84.811515][ T5241] ? bpf_trace_run4+0x244/0x590
[ 84.816375][ T5241] ? lock_acquire+0xe3/0x550
[ 84.821145][ T5241] should_fail_ex+0x3b0/0x4e0
[ 84.825827][ T5241] strncpy_from_user+0x36/0x250
[ 84.830683][ T5241] strncpy_from_user_nofault+0x71/0x140
[ 84.836230][ T5241] bpf_probe_read_compat_str+0xe9/0x180
[ 84.841775][ T5241] ? bpf_trace_run4+0x244/0x590
[ 84.846646][ T5241] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 84.852099][ T5241] bpf_trace_run4+0x334/0x590
[ 84.856776][ T5241] ? set_next_entity+0x10e/0x4c0
[ 84.861720][ T5241] ? __pfx_bpf_trace_run4+0x10/0x10
[ 84.866936][ T5241] ? task_psi_group+0x47/0x1a0
[ 84.871696][ T5241] ? psi_task_switch+0x36d/0x770
[ 84.876727][ T5241] __schedule+0x234a/0x4b30
[ 84.881236][ T5241] ? do_raw_spin_unlock+0x13c/0x8b0
[ 84.886436][ T5241] ? __pfx___schedule+0x10/0x10
[ 84.891291][ T5241] ? rcu_is_watching+0x15/0xb0
[ 84.896049][ T5241] ? __pfx___console_unlock+0x10/0x10
[ 84.901418][ T5241] ? __pfx_prb_read_valid+0x10/0x10
[ 84.906629][ T5241] ? preempt_schedule+0xe1/0xf0
[ 84.911476][ T5241] preempt_schedule_common+0x84/0xd0
[ 84.916781][ T5241] preempt_schedule+0xe1/0xf0
[ 84.921455][ T5241] ? __pfx_preempt_schedule+0x10/0x10
[ 84.926822][ T5241] ? console_unlock+0x2fc/0x3b0
[ 84.931810][ T5241] ? __pfx_console_unlock+0x10/0x10
[ 84.937006][ T5241] preempt_schedule_thunk+0x1a/0x30
[ 84.942203][ T5241] ? vprintk_emit+0x7ae/0xa10
[ 84.946884][ T5241] ? vprintk_emit+0x847/0xa10
[ 84.951569][ T5241] vprintk_emit+0x84c/0xa10
[ 84.956093][ T5241] ? __pfx_vprintk_emit+0x10/0x10
[ 84.961123][ T5241] ? rcu_is_watching+0x15/0xb0
[ 84.965907][ T5241] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 84.971797][ T5241] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 84.978126][ T5241] ? deref_stack_reg+0x17c/0x210
[ 84.983067][ T5241] _printk+0xd5/0x120
[ 84.987070][ T5241] ? __nla_validate_parse+0x4f4/0x3090
[ 84.992531][ T5241] ? __pfx__printk+0x10/0x10
[ 84.997121][ T5241] ? 0xffffffffa0001de8
[ 85.001267][ T5241] ? is_bpf_text_address+0x26/0x2a0
[ 85.006491][ T5241] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 85.012663][ T5241] __nla_validate_parse+0x1af9/0x3090
[ 85.018040][ T5241] ? __pfx___nla_validate_parse+0x10/0x10
[ 85.023764][ T5241] ? rcu_is_watching+0x15/0xb0
[ 85.029005][ T5241] ? lock_release+0xbf/0xa30
[ 85.033689][ T5241] ? __pfx_lock_acquire+0x10/0x10
[ 85.038713][ T5241] ? lock_release+0xbf/0xa30
[ 85.043323][ T5241] ? deref_stack_reg+0x17c/0x210
[ 85.048353][ T5241] ? rcu_is_watching+0x15/0xb0
[ 85.053201][ T5241] ? lock_acquire+0xe3/0x550
[ 85.057803][ T5241] __nla_validate+0x3e/0x60
[ 85.062392][ T5241] rtm_to_fib_config+0xac/0x13d0
[ 85.067333][ T5241] ? __kernel_text_address+0xd/0x40
[ 85.072532][ T5241] ? rcu_is_watching+0x15/0xb0
[ 85.077294][ T5241] inet_rtm_newroute+0xf5/0x290
[ 85.082171][ T5241] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 85.087645][ T5241] ? stack_trace_save+0x118/0x1d0
[ 85.092687][ T5241] ? bpf_lsm_capable+0x9/0x10
[ 85.097364][ T5241] ? security_capable+0x7e/0x2d0
[ 85.102300][ T5241] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 85.107760][ T5241] rtnetlink_rcv_msg+0x73f/0xcf0
[ 85.112696][ T5241] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 85.117804][ T5241] ? lock_release+0xbf/0xa30
[ 85.122414][ T5241] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 85.127893][ T5241] ? __pfx_lock_acquire+0x10/0x10
[ 85.132950][ T5241] ? rcu_is_watching+0x15/0xb0
[ 85.137713][ T5241] ? lock_acquire+0xe3/0x550
[ 85.142330][ T5241] netlink_rcv_skb+0x1e3/0x430
[ 85.147137][ T5241] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 85.152632][ T5241] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 85.157971][ T5241] ? net_generic+0x1f/0x240
[ 85.162497][ T5241] ? netlink_deliver_tap+0x2e/0x1b0
[ 85.167695][ T5241] netlink_unicast+0x7f6/0x990
[ 85.172459][ T5241] ? __pfx_netlink_unicast+0x10/0x10
[ 85.177747][ T5241] ? __virt_addr_valid+0x183/0x530
[ 85.182874][ T5241] ? __check_object_size+0x48e/0x900
[ 85.188177][ T5241] netlink_sendmsg+0x8e4/0xcb0
[ 85.192947][ T5241] ? __pfx_netlink_sendmsg+0x10/0x10
[ 85.198235][ T5241] ? aa_sock_msg_perm+0x91/0x160
[ 85.203262][ T5241] ? __pfx_netlink_sendmsg+0x10/0x10
[ 85.208724][ T5241] __sock_sendmsg+0x221/0x270
[ 85.213402][ T5241] ____sys_sendmsg+0x52a/0x7e0
[ 85.218201][ T5241] ? __pfx_____sys_sendmsg+0x10/0x10
[ 85.223536][ T5241] ? do_raw_spin_lock+0x14f/0x370
[ 85.228634][ T5241] __sys_sendmsg+0x2aa/0x390
[ 85.233257][ T5241] ? __pfx___sys_sendmsg+0x10/0x10
[ 85.238725][ T5241] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 85.245061][ T5241] ? _raw_spin_unlock_irq+0x2e/0x50
[ 85.250350][ T5241] ? ptrace_notify+0x279/0x380
[ 85.255230][ T5241] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 85.261583][ T5241] ? rcu_is_watching+0x15/0xb0
[ 85.266387][ T5241] do_syscall_64+0xf3/0x230
[ 85.270914][ T5241] ? clear_bhb_loop+0x35/0x90
[ 85.275599][ T5241] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.281510][ T5241] RIP: 0033:0x7f4ad72638e9
[ 85.286056][ T5241] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 85.305754][ T5241] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 85.314192][ T5241] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 85.322166][ T5241] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[pid 5241] write(6, "7", 1) = 1
[pid 5241] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5241] exit_group(0) = ?
[pid 5241] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5241, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} ---
restart_syscall(<... resuming interrupted clone ...>) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5242 attached
[ 85.330744][ T5241] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 85.338731][ T5241] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 85.346702][ T5241] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 85.354674][ T5241]
[ 85.358504][ T5241] netlink: 132 bytes leftover after parsing attributes in process `syz-executor157'.
, child_tidptr=0x55558a310650) = 5242
[pid 5242] set_robust_list(0x55558a310660, 24) = 0
[pid 5242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5242] setpgid(0, 0) = 0
[pid 5242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5242] write(3, "1000", 4) = 4
[pid 5242] close(3) = 0
[pid 5242] write(1, "executing program\n", 18executing program
) = 18
[pid 5242] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5242] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5242] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5242] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5242] write(6, "7", 1) = 1
[ 85.444473][ T5242] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 85.452970][ T5242] FAULT_INJECTION: forcing a failure.
[ 85.452970][ T5242] name failslab, interval 1, probability 0, space 0, times 0
[ 85.466485][ T5242] CPU: 1 UID: 0 PID: 5242 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 85.477478][ T5242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 85.487647][ T5242] Call Trace:
[ 85.491034][ T5242]
[ 85.493976][ T5242] dump_stack_lvl+0x241/0x360
[ 85.498662][ T5242] ? __pfx_dump_stack_lvl+0x10/0x10
[ 85.504230][ T5242] ? __pfx__printk+0x10/0x10
[ 85.508837][ T5242] ? __pfx___might_resched+0x10/0x10
[ 85.514229][ T5242] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 85.520395][ T5242] should_fail_ex+0x3b0/0x4e0
[ 85.525102][ T5242] ? fib_create_info+0xa49/0x24e0
[ 85.530317][ T5242] should_failslab+0xac/0x100
[ 85.535017][ T5242] ? fib_create_info+0xa49/0x24e0
[ 85.540058][ T5242] __kmalloc_noprof+0xd8/0x400
[ 85.544837][ T5242] fib_create_info+0xa49/0x24e0
[ 85.549704][ T5242] ? __pfx_lock_acquire+0x10/0x10
[ 85.554742][ T5242] ? __pfx_lock_acquire+0x10/0x10
[ 85.559780][ T5242] ? lock_release+0xbf/0xa30
[ 85.564387][ T5242] ? __pfx_lock_release+0x10/0x10
[ 85.569427][ T5242] fib_table_insert+0x1f6/0x1f30
[ 85.574505][ T5242] ? lock_acquire+0xe3/0x550
[ 85.579114][ T5242] ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 85.584843][ T5242] ? lwtunnel_valid_encap_type+0x265/0x5f0
[ 85.590656][ T5242] ? lwtunnel_valid_encap_type+0x8a/0x5f0
[ 85.596387][ T5242] ? __pfx_fib_table_insert+0x10/0x10
[ 85.601774][ T5242] ? fib_new_table+0x120/0x2d0
[ 85.606571][ T5242] inet_rtm_newroute+0x149/0x290
[ 85.611537][ T5242] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 85.617023][ T5242] ? stack_trace_save+0x118/0x1d0
[ 85.622066][ T5242] ? bpf_lsm_capable+0x9/0x10
[ 85.626749][ T5242] ? security_capable+0x7e/0x2d0
[ 85.631694][ T5242] ? __pfx_inet_rtm_newroute+0x10/0x10
[ 85.637248][ T5242] rtnetlink_rcv_msg+0x73f/0xcf0
[ 85.642196][ T5242] ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 85.647325][ T5242] ? lock_release+0xbf/0xa30
[ 85.651939][ T5242] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 85.657465][ T5242] ? __pfx_lock_acquire+0x10/0x10
[ 85.662543][ T5242] ? rcu_is_watching+0x15/0xb0
[ 85.667364][ T5242] ? lock_acquire+0xe3/0x550
[ 85.671987][ T5242] netlink_rcv_skb+0x1e3/0x430
[ 85.676772][ T5242] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 85.682239][ T5242] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 85.687543][ T5242] ? net_generic+0x1f/0x240
[ 85.692057][ T5242] ? netlink_deliver_tap+0x2e/0x1b0
[ 85.697703][ T5242] netlink_unicast+0x7f6/0x990
[ 85.702478][ T5242] ? __pfx_netlink_unicast+0x10/0x10
[ 85.707771][ T5242] ? __virt_addr_valid+0x183/0x530
[ 85.712893][ T5242] ? __check_object_size+0x48e/0x900
[ 85.718189][ T5242] netlink_sendmsg+0x8e4/0xcb0
[ 85.723021][ T5242] ? __pfx_netlink_sendmsg+0x10/0x10
[ 85.728351][ T5242] ? aa_sock_msg_perm+0x91/0x160
[ 85.733313][ T5242] ? __pfx_netlink_sendmsg+0x10/0x10
[ 85.738700][ T5242] __sock_sendmsg+0x221/0x270
[ 85.743387][ T5242] ____sys_sendmsg+0x52a/0x7e0
[ 85.748202][ T5242] ? __pfx_____sys_sendmsg+0x10/0x10
[ 85.753502][ T5242] ? do_raw_spin_lock+0x14f/0x370
[ 85.758628][ T5242] __sys_sendmsg+0x2aa/0x390
[ 85.763236][ T5242] ? __pfx___sys_sendmsg+0x10/0x10
[ 85.768377][ T5242] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 85.774726][ T5242] ? _raw_spin_unlock_irq+0x2e/0x50
[ 85.780025][ T5242] ? ptrace_notify+0x279/0x380
[ 85.784803][ T5242] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 85.791144][ T5242] ? rcu_is_watching+0x15/0xb0
[ 85.795918][ T5242] do_syscall_64+0xf3/0x230
[ 85.800441][ T5242] ? clear_bhb_loop+0x35/0x90
[ 85.805134][ T5242] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 85.811050][ T5242] RIP: 0033:0x7f4ad72638e9
[ 85.815564][ T5242] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 85.835313][ T5242] RSP: 002b:00007ffe6fea3678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[pid 5242] sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\xd8\x00\x00\x00\x18\x00\x81\x06\x4e\x81\xf7\x82\xdb\x4c\xb9\x04\x02\x1d\x08\x00\x06\x00\x7c\x09\xe8\xfe\x55\xa1\x0a\x00\x15\x00\x05\x00\x14\x26\x03\x60\x0e\x12\x08\x00\x0f\x00\x00\x00\x04\x01\xa8\x00\x16\x00\x20\x00\x01\x40\x00\x00\x00\x00\x00\xfb\x80\x00\xa0\xe4\x08\xe8\xd8\xef\x52\xa9\x85\x16\x27\x7c\xe0\x6b\xba\xce\x80\x17\xcb\xec\x4c\x2e\xe5\xa7\x00\x00\x09\x00\x00\x00\x1f\xb7\x91\x64\x3a\x5e"..., iov_len=216}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 216
[pid 5242] exit_group(0) = ?
[pid 5242] +++ exited with 0 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5242, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} ---
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5243 attached
, child_tidptr=0x55558a310650) = 5243
[ 85.843850][ T5242] RAX: ffffffffffffffda RBX: 00007ffe6fea3690 RCX: 00007f4ad72638e9
[ 85.851951][ T5242] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 85.859953][ T5242] RBP: 0000000000000001 R08: 00007ffe6fea3417 R09: 00000000000000a0
[ 85.867966][ T5242] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 85.876047][ T5242] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
[ 85.884067][ T5242]
[pid 5243] set_robust_list(0x55558a310660, 24) = 0
[pid 5243] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 5243] setpgid(0, 0) = 0
[pid 5243] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 5243] write(3, "1000", 4) = 4
[pid 5243] close(3) = 0
[pid 5243] write(1, "executing program\n", 18executing program
) = 18
[pid 5243] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=11, insns=0x20000500, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid 5243] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sched_switch", prog_fd=3}}, 16) = 4
[pid 5243] socket(AF_NETLINK, SOCK_DGRAM, NETLINK_ROUTE) = 5
[pid 5243] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 6
[pid 5243] write(6, "7", 1) = 1
[ 85.961187][ T5243] netlink: 'syz-executor157': attribute type 21 has an invalid length.
[ 85.969605][ T5243] FAULT_INJECTION: forcing a failure.
[ 85.969605][ T5243] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 85.982677][ T5243] CPU: 0 UID: 0 PID: 5243 Comm: syz-executor157 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0
[ 85.993587][ T5243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 86.003673][ T5243] Call Trace:
[ 86.006950][ T5243]
[ 86.009877][ T5243] dump_stack_lvl+0x241/0x360
[ 86.014590][ T5243] ? __pfx_dump_stack_lvl+0x10/0x10
[ 86.019789][ T5243] ? __pfx__printk+0x10/0x10
[ 86.024376][ T5243] ? do_raw_spin_lock+0x14f/0x370
[ 86.029402][ T5243] ? bpf_trace_run4+0x244/0x590
[ 86.034250][ T5243] ? rcu_is_watching+0x15/0xb0
[ 86.039015][ T5243] ? bpf_trace_run4+0x244/0x590
[ 86.043885][ T5243] ? lock_acquire+0xe3/0x550
[ 86.048516][ T5243] should_fail_ex+0x3b0/0x4e0
[ 86.053216][ T5243] strncpy_from_user+0x36/0x250
[ 86.058267][ T5243] strncpy_from_user_nofault+0x71/0x140
[ 86.063813][ T5243] bpf_probe_read_compat_str+0xe9/0x180
[ 86.069390][ T5243] ? bpf_trace_run4+0x244/0x590
[ 86.074235][ T5243] bpf_prog_c1796171ffc7efef+0x3e/0x40
[ 86.079686][ T5243] bpf_trace_run4+0x334/0x590
[ 86.084368][ T5243] ? put_prev_entity+0x6f/0x200
[ 86.089220][ T5243] ? __pfx_bpf_trace_run4+0x10/0x10
[ 86.094422][ T5243] ? task_psi_group+0x47/0x1a0
[ 86.099289][ T5243] ? psi_task_switch+0x36d/0x770
[ 86.104231][ T5243] __schedule+0x234a/0x4b30
[ 86.108758][ T5243] ? do_raw_spin_unlock+0x13c/0x8b0
[ 86.113980][ T5243] ? __pfx___schedule+0x10/0x10
[ 86.118855][ T5243] ? rcu_is_watching+0x15/0xb0
[ 86.123634][ T5243] ? __pfx___console_unlock+0x10/0x10
[ 86.129025][ T5243] ? __pfx_prb_read_valid+0x10/0x10
[ 86.134222][ T5243] ? preempt_schedule+0xe1/0xf0
[ 86.139076][ T5243] preempt_schedule_common+0x84/0xd0
[ 86.144448][ T5243] preempt_schedule+0xe1/0xf0
[ 86.149123][ T5243] ? __pfx_preempt_schedule+0x10/0x10
[ 86.154495][ T5243] ? console_unlock+0x2fc/0x3b0
[ 86.159341][ T5243] ? __pfx_console_unlock+0x10/0x10
[ 86.164539][ T5243] preempt_schedule_thunk+0x1a/0x30
[ 86.169785][ T5243] ? vprintk_emit+0x7ae/0xa10
[ 86.174476][ T5243] ? vprintk_emit+0x847/0xa10
[ 86.179166][ T5243] vprintk_emit+0x84c/0xa10
[ 86.183673][ T5243] ? __pfx_vprintk_emit+0x10/0x10
[ 86.188696][ T5243] ? rcu_is_watching+0x15/0xb0
[ 86.193476][ T5243] ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 86.199380][ T5243] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 86.205742][ T5243] ? deref_stack_reg+0x17c/0x210