./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor882317522
<...>
Warning: Permanently added '10.128.10.2' (ED25519) to the list of known hosts.
execve("./syz-executor882317522", ["./syz-executor882317522"], 0x7ffcb9cb35d0 /* 10 vars */) = 0
brk(NULL) = 0x555591753000
brk(0x555591753d00) = 0x555591753d00
arch_prctl(ARCH_SET_FS, 0x555591753380) = 0
set_tid_address(0x555591753650) = 301
set_robust_list(0x555591753660, 24) = 0
rseq(0x555591753ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor882317522", 4096) = 27
getrandom("\x69\x76\x7e\xc7\xbe\x15\x38\xdb", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x555591753d00
brk(0x555591774d00) = 0x555591774d00
brk(0x555591775000) = 0x555591775000
mprotect(0x7f1e79575000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0executing program
) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3) = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555591753650) = 302
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555591753650) = 303
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555591753650) = 304
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555591753650) = 305
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555591753650) = 306
./strace-static-x86_64: Process 306 attached
[pid 306] set_robust_list(0x555591753660, 24) = 0
[pid 306] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555591753650) = 307
./strace-static-x86_64: Process 305 attached
[pid 305] set_robust_list(0x555591753660, 24) = 0
[pid 305] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555591753650) = 308
./strace-static-x86_64: Process 308 attached
[pid 308] set_robust_list(0x555591753660, 24) = 0
[pid 308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 308] setpgid(0, 0) = 0
[pid 308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 308] write(3, "1000", 4) = 4
[pid 308] close(3) = 0
[pid 308] write(1, "executing program\n", 18) = 18
[pid 308] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid 308] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=-1, fd_array=NULL}, 148) = -1 EFAULT (Bad address)
[pid 308] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET6_BIND, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = 3
[pid 308] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="timer_start", prog_fd=3}}, 16) = 4
[pid 308] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 5
[pid 308] write(5, "1", 1) = 1
[pid 308] close(4) = 0
[ 28.397746][ T28] audit: type=1400 audit(1745676608.513:66): avc: denied { execmem } for pid=301 comm="syz-executor882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 28.417907][ T308] FAULT_INJECTION: forcing a failure.
[ 28.417907][ T308] name fail_page_alloc, interval 1, probability 0, space 0, times 1
./strace-static-x86_64: Process 307 attached
./strace-static-x86_64: Process 304 attached
./strace-static-x86_64: Process 303 attached
./strace-static-x86_64: Process 302 attached
[ 28.418579][ T28] audit: type=1400 audit(1745676608.513:67): avc: denied { bpf } for pid=308 comm="syz-executor882" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 28.431671][ T308] CPU: 1 PID: 308 Comm: syz-executor882 Not tainted 6.1.129-syzkaller-00022-g25fc41bbde8e #0
[ 28.452240][ T28] audit: type=1400 audit(1745676608.513:68): avc: denied { prog_load } for pid=308 comm="syz-executor882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 28.461392][ T308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 28.461421][ T308] Call Trace:
[ 28.461428][ T308]
[pid 307] set_robust_list(0x555591753660, 24
[pid 304] set_robust_list(0x555591753660, 24
[pid 303] set_robust_list(0x555591753660, 24
[pid 302] set_robust_list(0x555591753660, 24
[pid 307] <... set_robust_list resumed>) = 0
[pid 304] <... set_robust_list resumed>) = 0
[pid 303] <... set_robust_list resumed>) = 0
[pid 302] <... set_robust_list resumed>) = 0
[pid 307] prctl(PR_SET_PDEATHSIG, SIGKILL
[pid 304] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD
[pid 303] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD
[pid 302] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD
[pid 307] <... prctl resumed>) = 0
[pid 307] setpgid(0, 0) = 0
[pid 307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC
[pid 302] <... clone resumed>, child_tidptr=0x555591753650) = 310
[pid 307] <... openat resumed>) = 3
[pid 304] <... clone resumed>, child_tidptr=0x555591753650) = 309
[pid 303] <... clone resumed>, child_tidptr=0x555591753650) = 311
[pid 307] write(3, "1000", 4) = 4
[pid 307] close(3) = 0
executing program
[pid 307] write(1, "executing program\n", 18) = 18
[pid 307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid 307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=-1, fd_array=NULL}, 148) = -1 EFAULT (Bad address)
[pid 307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET6_BIND, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = 3
[pid 307] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="timer_start", prog_fd=3}}, 16./strace-static-x86_64: Process 311 attached
[pid 311] set_robust_list(0x555591753660, 24) = 0
[pid 311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 311] setpgid(0, 0) = 0
[pid 311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 311] write(3, "1000", 4) = 4
[pid 311] close(3) = 0
[pid 311] write(1, "executing program\n", 18executing program
) = 18
[pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=-1, fd_array=NULL}, 148) = -1 EFAULT (Bad address)
[pid 311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET6_BIND, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = 3
[pid 311] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="timer_start", prog_fd=3}}, 16./strace-static-x86_64: Process 309 attached
[pid 309] set_robust_list(0x555591753660, 24) = 0
[pid 309] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 309] setpgid(0, 0) = 0
[pid 309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 309] write(3, "1000", 4) = 4
[pid 309] close(3) = 0
[pid 309] write(1, "executing program\n", 18executing program
) = 18
[pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=-1, fd_array=NULL}, 148) = -1 EFAULT (Bad address)
[pid 309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET6_BIND, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = 3
[pid 309] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="timer_start", prog_fd=3}}, 16./strace-static-x86_64: Process 310 attached
[pid 310] set_robust_list(0x555591753660, 24) = 0
[pid 310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 310] setpgid(0, 0) = 0
[pid 310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 310] write(3, "1000", 4) = 4
[pid 310] close(3) = 0
[pid 310] write(1, "executing program\n", 18executing program
) = 18
[pid 310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid 310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=-1, fd_array=NULL}, 148) = -1 EFAULT (Bad address)
[pid 310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET6_BIND, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = 3
[ 28.461436][ T308] __dump_stack+0x21/0x24
[ 28.480445][ T28] audit: type=1400 audit(1745676608.513:69): avc: denied { perfmon } for pid=308 comm="syz-executor882" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 28.490295][ T308] dump_stack_lvl+0xee/0x150
[ 28.493425][ T28] audit: type=1400 audit(1745676608.513:70): avc: denied { prog_run } for pid=308 comm="syz-executor882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 28.496196][ T308] ? __cfi_dump_stack_lvl+0x8/0x8
[ 28.549419][ T308] ? resched_curr+0x10e/0x380
[ 28.553913][ T308] ? __cfi_resched_curr+0x10/0x10
[ 28.558777][ T308] dump_stack+0x15/0x24
[ 28.562789][ T308] should_fail_ex+0x3d4/0x520
[ 28.567291][ T308] should_fail_alloc_page+0x61/0x90
[ 28.572314][ T308] prepare_alloc_pages+0x148/0x5f0
[ 28.577274][ T308] ? __alloc_pages_bulk+0x9c0/0x9c0
[ 28.582301][ T308] ? __cfi_sched_clock_cpu+0x10/0x10
[ 28.587423][ T308] __alloc_pages+0x115/0x3a0
[ 28.591843][ T308] ? __cfi___alloc_pages+0x10/0x10
[ 28.596790][ T308] ? kvm_sched_clock_read+0x18/0x40
[ 28.601837][ T308] ? __this_cpu_preempt_check+0x13/0x20
[ 28.607214][ T308] ? xfd_validate_state+0x70/0x150
[ 28.612156][ T308] __folio_alloc+0x12/0x40
[ 28.616404][ T308] wp_page_copy+0x280/0x15b0
[ 28.620833][ T308] ? __switch_to+0x51f/0xe30
[ 28.625258][ T308] ? fault_dirty_shared_page+0x310/0x310
[ 28.630723][ T308] ? _raw_spin_unlock+0x4c/0x70
[ 28.635412][ T308] ? finish_task_switch+0x16b/0x7b0
[ 28.640444][ T308] ? vm_normal_page+0x99/0x200
[ 28.645046][ T308] do_wp_page+0x9f2/0xfc0
[ 28.649213][ T308] handle_mm_fault+0x10e4/0x2640
[ 28.653989][ T308] ? __cfi_handle_mm_fault+0x10/0x10
[ 28.659105][ T308] ? lock_vma_under_rcu+0x3eb/0x4d0
[ 28.664143][ T308] ? __this_cpu_preempt_check+0x13/0x20
[ 28.669534][ T308] ? xfd_validate_state+0x70/0x150
[ 28.674466][ T308] do_user_addr_fault+0x905/0x1050
[ 28.679450][ T308] exc_page_fault+0x51/0xb0
[ 28.683757][ T308] asm_exc_page_fault+0x27/0x30
[ 28.688440][ T308] RIP: 0033:0x7f1e794d8290
[ 28.692694][ T308] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 5d 0d 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 0f b1 15 10 3b 0a 00 0f 85 0f 02 00 00 4c 8d 25 03 3b 0a 00 4c
[ 28.712140][ T308] RSP: 002b:00007ffeaebb1020 EFLAGS: 00010246
[ 28.718036][ T308] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[ 28.725847][ T308] RDX: 0000000000000001 RSI: 00007f1e79579110 RDI: 0000000000000000
[ 28.733664][ T308] RBP: 00007f1e79579110 R08: 00007ffeaebb0e17 R09: 0000000000000140
[ 28.741474][ T308] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[pid 310] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="timer_start", prog_fd=3}}, 16
[pid 308] exit_group(0) = ?
[pid 308] +++ exited with 0 +++
[pid 305] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=308, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid 305] restart_syscall(<... resuming interrupted clone ...>
[pid 307] <... bpf resumed>) = 4
[pid 307] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR
[pid 311] <... bpf resumed>) = 4
[pid 307] <... openat resumed>) = 5
[pid 307] write(5, "1", 1) = 1
[pid 307] close(4
[pid 311] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR
[pid 305] <... restart_syscall resumed>) = 0
[pid 305] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555591753650) = 312
[pid 311] <... openat resumed>) = 5
[pid 311] write(5, "1", 1) = 1
[pid 311] close(4./strace-static-x86_64: Process 312 attached
[pid 312] set_robust_list(0x555591753660, 24) = 0
[pid 312] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid 312] setpgid(0, 0) = 0
[pid 312] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid 312] write(3, "1000", 4) = 4
[pid 312] close(3) = 0
[ 28.749287][ T308] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 28.757103][ T308]
[ 28.760867][ T308] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 28.770027][ T307] FAULT_INJECTION: forcing a failure.
[ 28.770027][ T307] name failslab, interval 1, probability 0, space 0, times 1
[ 28.782517][ T307] CPU: 0 PID: 307 Comm: syz-executor882 Not tainted 6.1.129-syzkaller-00022-g25fc41bbde8e #0
[pid 312] write(1, "executing program\n", 18executing program
) = 18
[pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=-1, fd_array=NULL}, 148) = -1 EFAULT (Bad address)
[ 28.792417][ T307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 28.802317][ T307] Call Trace:
[ 28.805432][ T307]
[ 28.808218][ T307] __dump_stack+0x21/0x24
[ 28.812592][ T307] dump_stack_lvl+0xee/0x150
[ 28.817017][ T307] ? __cfi_dump_stack_lvl+0x8/0x8
[ 28.821897][ T307] ? 0xffffffffa000202c
[ 28.825867][ T307] ? is_bpf_text_address+0x177/0x190
[ 28.830986][ T307] dump_stack+0x15/0x24
[ 28.834973][ T307] should_fail_ex+0x3d4/0x520
[ 28.839490][ T307] __should_failslab+0xac/0xf0
[ 28.844086][ T307] ? tracepoint_probe_unregister+0x1e6/0x8b0
[ 28.849898][ T307] should_failslab+0x9/0x20
[ 28.854244][ T307] __kmem_cache_alloc_node+0x3d/0x2c0
[ 28.859456][ T307] ? __cfi_mutex_lock+0x10/0x10
[ 28.864133][ T307] ? delete_node+0x3dc/0xa60
[ 28.868558][ T307] ? tracepoint_probe_unregister+0x1e6/0x8b0
[ 28.874392][ T307] __kmalloc+0xa1/0x1e0
[ 28.878369][ T307] ? __cfi___bpf_trace_timer_start+0x10/0x10
[ 28.884182][ T307] tracepoint_probe_unregister+0x1e6/0x8b0
[ 28.889833][ T307] bpf_probe_unregister+0x61/0x70
[ 28.894683][ T307] bpf_raw_tp_link_release+0x63/0x90
[ 28.899804][ T307] bpf_link_free+0x13a/0x390
[ 28.904232][ T307] ? bpf_link_put_deferred+0x20/0x20
[ 28.909351][ T307] bpf_link_release+0x15f/0x170
[ 28.914038][ T307] ? __cfi_bpf_link_release+0x10/0x10
[ 28.919247][ T307] __fput+0x1fc/0x8f0
[ 28.923069][ T307] ____fput+0x15/0x20
[ 28.926970][ T307] task_work_run+0x1db/0x240
[ 28.931401][ T307] ? __cfi_task_work_run+0x10/0x10
[ 28.936347][ T307] ? task_work_add+0x2b1/0x330
[ 28.940943][ T307] ptrace_notify+0x221/0x250
[ 28.945372][ T307] ? __cfi_ptrace_notify+0x10/0x10
[ 28.950332][ T307] ? fput+0x15b/0x1a0
[ 28.954137][ T307] ? filp_close+0x111/0x160
[ 28.958486][ T307] ? close_fd+0x28b/0x300
[ 28.962647][ T307] syscall_exit_work+0x84/0x140
[ 28.967330][ T307] syscall_exit_to_user_mode_prepare+0x1c/0x20
[ 28.973330][ T307] syscall_exit_to_user_mode+0xd/0x30
[ 28.978535][ T307] do_syscall_64+0x58/0xa0
[ 28.982775][ T307] ? clear_bhb_loop+0x15/0x70
[ 28.987292][ T307] ? clear_bhb_loop+0x15/0x70
[ 28.991802][ T307] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 28.997531][ T307] RIP: 0033:0x7f1e79509b59
[ 29.001784][ T307] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 29.021227][ T307] RSP: 002b:00007ffeaebb1078 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 29.029471][ T307] RAX: 0000000000000000 RBX: 00007ffeaebb1090 RCX: 00007f1e79509b59
[ 29.037284][ T307] RDX: 00007f1e79508d90 RSI: 00007ffeaebb1090 RDI: 0000000000000004
[pid 312] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET6_BIND, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 148) = 3
[ 29.045092][ T307] RBP: 0000000000000001 R08: 00007ffeaebb0e17 R09: 0000000000000140
[ 29.052991][ T307] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 29.060804][ T307] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 29.068626][ T307]
[ 29.072272][ C0] CFI failure at __traceiter_timer_start+0x87/0xe0 (target: tp_stub_func+0x0/0x10; expected type: 0x82fbfa63)
[ 29.083769][ C0] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 29.089637][ C0] CPU: 0 PID: 205 Comm: kworker/0:2 Not tainted 6.1.129-syzkaller-00022-g25fc41bbde8e #0
[ 29.099271][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 29.109168][ C0] Workqueue: rcu_gp srcu_invoke_callbacks
[ 29.114725][ C0] RIP: 0010:__traceiter_timer_start+0x87/0xe0
[ 29.120622][ C0] Code: f8 48 c1 e8 03 80 3c 18 00 74 05 e8 43 3d 53 00 49 8b 7d 08 4c 89 fe 48 8b 55 c8 8b 4d d4 41 ba 9d 05 04 7d 45 03 56 fc 74 02 <0f> 0b 41 ff d6 49 83 c4 18 4c 89 e0 48 c1 e8 03 80 3c 18 00 74 08
[ 29.140068][ C0] RSP: 0018:ffffc90000006970 EFLAGS: 00010017
[ 29.145969][ C0] RAX: 1ffff11021a9aa63 RBX: dffffc0000000000 RCX: 0000000008c00000
[ 29.153778][ C0] RDX: 00000000ffff95e2 RSI: ffff88810e9df2b0 RDI: ffffc900000d9000
[ 29.161591][ C0] RBP: ffffc900000069a8 R08: dffffc0000000000 R09: fffffbfff0ee41b6
[ 29.169399][ C0] R10: 0000000022446ca9 R11: 1ffffffff0ee41b5 R12: ffff88810d4d5310
[ 29.177216][ C0] R13: ffff88810d4d5310 R14: ffffffff8170fe20 R15: ffff88810e9df2b0
[ 29.185029][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 29.193798][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 29.200211][ C0] CR2: 0000000000000000 CR3: 0000000122e97000 CR4: 00000000003506b0
[ 29.208027][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 29.215834][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 29.223672][ C0] Call Trace:
[ 29.226771][ C0]
[ 29.229462][ C0] ? __die_body+0xa3/0xb0
[ 29.233626][ C0] ? __die+0x25/0x30
[ 29.237359][ C0] ? die+0x2a/0x50
[ 29.240943][ C0] ? do_trap+0xf0/0x2f0
[ 29.244915][ C0] ? __traceiter_timer_start+0x87/0xe0
[ 29.250204][ C0] ? handle_invalid_op+0x95/0xc0
[ 29.254981][ C0] ? __traceiter_timer_start+0x87/0xe0
[ 29.260273][ C0] ? exc_invalid_op+0x32/0x50
[ 29.264788][ C0] ? asm_exc_invalid_op+0x1b/0x20
[ 29.269654][ C0] ? __cfi_tp_stub_func+0x10/0x10
[ 29.274511][ C0] ? __traceiter_timer_start+0x87/0xe0
[ 29.279804][ C0] enqueue_timer+0x337/0x480
[ 29.284231][ C0] __mod_timer+0x79f/0xb30
[ 29.288496][ C0] mod_timer+0x1f/0x30
[ 29.292386][ C0] sk_reset_timer+0x22/0xb0
[ 29.296725][ C0] tcp_schedule_loss_probe+0x441/0x860
[ 29.302030][ C0] ? tcp_rack_update_reo_wnd+0x215/0x390
[ 29.307487][ C0] tcp_ack+0x3a40/0x5ee0
[ 29.311575][ C0] ? tcp_rcv_established+0x1ad0/0x1ad0
[ 29.316864][ C0] ? inet_ehashfn+0x8b/0x1d0
[ 29.321380][ C0] ? ktime_get+0x141/0x170
[ 29.325638][ C0] tcp_rcv_established+0xd86/0x1ad0
[ 29.330669][ C0] ? __cfi_tcp_rcv_established+0x10/0x10
[ 29.336130][ C0] ? ipv4_dst_check+0xf2/0x160
[ 29.340732][ C0] tcp_v4_do_rcv+0x446/0xa10
[ 29.345162][ C0] tcp_v4_rcv+0x233c/0x2a80
[ 29.349497][ C0] ? arch_stack_walk+0x118/0x150
[ 29.354278][ C0] ? __cfi_tcp_v4_rcv+0x10/0x10
[ 29.358956][ C0] ? __kasan_check_write+0x14/0x20
[ 29.363904][ C0] ? __inet_lookup_established+0x6d8/0x710
[ 29.369545][ C0] ip_protocol_deliver_rcu+0x325/0x6e0
[ 29.374844][ C0] ip_local_deliver_finish+0x24e/0x410
[ 29.380134][ C0] ip_local_deliver+0x1d8/0x320
[ 29.384823][ C0] ? __cfi_ip_local_deliver+0x10/0x10
[ 29.390026][ C0] ? ip_rcv_finish_core+0xb0b/0x1490
[ 29.395151][ C0] ip_sublist_rcv+0x773/0x880
[ 29.399661][ C0] ? ip_list_rcv+0x420/0x420
[ 29.404088][ C0] ? memset+0x35/0x40
[ 29.407904][ C0] ? ip_rcv_core+0x75f/0xbd0
[ 29.412337][ C0] ip_list_rcv+0x3da/0x420
[ 29.416585][ C0] ? __cfi_ip_list_rcv+0x10/0x10
[ 29.421360][ C0] ? __cfi_ip_list_rcv+0x10/0x10
[ 29.426137][ C0] __netif_receive_skb_list_core+0x59e/0x770
[ 29.431954][ C0] ? set_rps_cpu+0x5e0/0x5e0
[ 29.436374][ C0] netif_receive_skb_list_internal+0x7d2/0xa60
[ 29.442360][ C0] ? __kasan_check_read+0x11/0x20
[ 29.447223][ C0] ? __cfi_netif_receive_skb_list_internal+0x10/0x10
[ 29.453741][ C0] napi_gro_receive+0x444/0x880
[ 29.458419][ C0] receive_buf+0x22b1/0x43a0
[ 29.462848][ C0] ? virtnet_poll_tx+0x540/0x540
[ 29.467626][ C0] ? __cfi____update_load_sum+0x10/0x10
[ 29.473000][ C0] ? virtqueue_get_buf_ctx+0x472/0xcd0
[ 29.478293][ C0] ? detach_buf_split+0x882/0xa80
[ 29.483157][ C0] ? virtqueue_get_buf+0x1f/0x30
[ 29.487930][ C0] ? virtqueue_get_buf_ctx+0x6c1/0xcd0
[ 29.493223][ C0] ? virtqueue_napi_schedule+0x40/0x40
[ 29.498519][ C0] virtnet_poll+0x5af/0x1150
[ 29.502947][ C0] ? __cfi_virtnet_poll+0x10/0x10
[ 29.507807][ C0] __napi_poll+0xd0/0x5e0
[ 29.511969][ C0] net_rx_action+0x49b/0xaa0
[ 29.516400][ C0] ? __cfi_net_rx_action+0x10/0x10
[ 29.521352][ C0] ? _raw_spin_unlock_irqrestore+0x5a/0x80
[ 29.526989][ C0] ? irqtime_account_irq+0x75/0x240
[ 29.532020][ C0] handle_softirqs+0x1d7/0x600
[ 29.536622][ C0] __do_softirq+0xb/0xd
[ 29.540611][ C0] do_softirq+0xc6/0x120
[ 29.544691][ C0]
[ 29.547465][ C0]
[ 29.550244][ C0] ? __cfi_do_softirq+0x10/0x10
[ 29.554933][ C0] ? srcu_invoke_callbacks+0x210/0x410
[ 29.560227][ C0] __local_bh_enable_ip+0x75/0x80
[ 29.565091][ C0] srcu_invoke_callbacks+0x1cf/0x410
[ 29.570206][ C0] ? _raw_spin_unlock+0x4c/0x70
[ 29.574897][ C0] ? __cfi_srcu_invoke_callbacks+0x10/0x10
[ 29.580535][ C0] ? __schedule+0xb8f/0x14e0
[ 29.584970][ C0] process_one_work+0x71f/0xc40
[ 29.589653][ C0] worker_thread+0xa29/0x11f0
[ 29.594177][ C0] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 29.599549][ C0] ? __kthread_parkme+0x142/0x180
[ 29.604406][ C0] kthread+0x281/0x320
[ 29.608309][ C0] ? __cfi_worker_thread+0x10/0x10
[ 29.613254][ C0] ? __cfi_kthread+0x10/0x10
[ 29.617689][ C0] ret_from_fork+0x1f/0x30
[ 29.621966][ C0]
[ 29.624801][ C0] Modules linked in:
[ 29.628570][ C0] ---[ end trace 0000000000000000 ]---
[ 29.633827][ C0] RIP: 0010:__traceiter_timer_start+0x87/0xe0
[ 29.639727][ C0] Code: f8 48 c1 e8 03 80 3c 18 00 74 05 e8 43 3d 53 00 49 8b 7d 08 4c 89 fe 48 8b 55 c8 8b 4d d4 41 ba 9d 05 04 7d 45 03 56 fc 74 02 <0f> 0b 41 ff d6 49 83 c4 18 4c 89 e0 48 c1 e8 03 80 3c 18 00 74 08
[ 29.659173][ C0] RSP: 0018:ffffc90000006970 EFLAGS: 00010017
[ 29.665073][ C0] RAX: 1ffff11021a9aa63 RBX: dffffc0000000000 RCX: 0000000008c00000
[ 29.672882][ C0] RDX: 00000000ffff95e2 RSI: ffff88810e9df2b0 RDI: ffffc900000d9000
[ 29.680694][ C0] RBP: ffffc900000069a8 R08: dffffc0000000000 R09: fffffbfff0ee41b6
[ 29.688504][ C0] R10: 0000000022446ca9 R11: 1ffffffff0ee41b5 R12: ffff88810d4d5310
[ 29.696315][ C0] R13: ffff88810d4d5310 R14: ffffffff8170fe20 R15: ffff88810e9df2b0
[ 29.704138][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 29.712894][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 29.719316][ C0] CR2: 0000000000000000 CR3: 0000000122e97000 CR4: 00000000003506b0
[ 29.727140][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 29.734940][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 29.742753][ C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 29.750080][ C0] Kernel Offset: disabled
[ 29.754214][ C0] Rebooting in 86400 seconds..