./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1664658556
<...>
Warning: Permanently added '10.128.1.120' (ED25519) to the list of known hosts.
execve("./syz-executor1664658556", ["./syz-executor1664658556"], 0x7ffe3b82ad30 /* 10 vars */) = 0
brk(NULL) = 0x55556dc1b000
brk(0x55556dc1bd00) = 0x55556dc1bd00
arch_prctl(ARCH_SET_FS, 0x55556dc1b380) = 0
set_tid_address(0x55556dc1b650) = 288
set_robust_list(0x55556dc1b660, 24) = 0
rseq(0x55556dc1bca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor1664658556", 4096) = 28
getrandom("\xcc\xd8\x87\x45\x08\xc4\xde\xb8", 8, GRND_NONBLOCK) = 8
brk(NULL) = 0x55556dc1bd00
brk(0x55556dc3cd00) = 0x55556dc3cd00
brk(0x55556dc3d000) = 0x55556dc3d000
mprotect(0x7f4034124000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3) = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1) = 1
close(3) = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1) = 1
close(3) = 0
executing program
write(1, "executing program\n", 18) = 18
[ 22.154638][ T30] audit: type=1400 audit(1753302650.912:64): avc: denied { execmem } for pid=288 comm="syz-executor166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 22.170247][ T30] audit: type=1400 audit(1753302650.922:65): avc: denied { prog_load } for pid=288 comm="syz-executor166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 22.182469][ T30] audit: type=1400 audit(1753302650.922:66): avc: denied { bpf } for pid=288 comm="syz-executor166" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_MSG, insn_cnt=4, insns=0x200000000040, license="GPL", log_level=2, log_size=64912, log_buf="", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS}, 72) = 3
close(3) = 0
socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0
bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SK_SKB, insn_cnt=4, insns=0x200000000540, license="GPL", log_level=4, log_size=64912, log_buf="func#0 @0\n0: R1=ctx(id=0,off=0,imm=0) R10=fp0\n0: (b4) w0 = 0\n1: R0_w=inv0 R1=ctx(id=0,off=0,imm=0) R"..., kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS}, 72) = 5
bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_SOCKMAP, key_size=4, value_size=4, max_entries=18, map_flags=0, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 6
[ 22.361985][ T30] audit: type=1400 audit(1753302651.112:67): avc: denied { perfmon } for pid=288 comm="syz-executor166" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 22.383302][ T30] audit: type=1400 audit(1753302651.132:68): avc: denied { prog_run } for pid=288 comm="syz-executor166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
bpf(BPF_PROG_ATTACH, {target_fd=6, attach_bpf_fd=5, attach_type=BPF_SK_SKB_VERDICT, attach_flags=0}, 16) = 0
bpf(BPF_MAP_UPDATE_ELEM, {map_fd=6, key=0x200000000000, value=0x200000000080, flags=BPF_ANY}, 32) = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR) = 7
write(7, "9", 1) = 1
[ 22.403233][ T30] audit: type=1400 audit(1753302651.152:69): avc: denied { map_create } for pid=288 comm="syz-executor166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 22.415376][ T288] FAULT_INJECTION: forcing a failure.
[ 22.415376][ T288] name failslab, interval 1, probability 0, space 0, times 1
[ 22.423310][ T30] audit: type=1400 audit(1753302651.152:70): avc: denied { map_read map_write } for pid=288 comm="syz-executor166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 22.435341][ T288] CPU: 1 PID: 288 Comm: syz-executor166 Not tainted 5.15.189-syzkaller-00079-ga71626bd56a5 #0
[ 22.465400][ T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 22.475460][ T288] Call Trace:
[ 22.478729][ T288]
[ 22.481647][ T288] __dump_stack+0x21/0x30
[ 22.485976][ T288] dump_stack_lvl+0xee/0x150
[ 22.490550][ T288] ? show_regs_print_info+0x20/0x20
[ 22.495737][ T288] dump_stack+0x15/0x20
[ 22.499877][ T288] should_fail+0x3c1/0x510
[ 22.504275][ T288] __should_failslab+0xa4/0xe0
[ 22.509025][ T288] should_failslab+0x9/0x20
[ 22.513511][ T288] slab_pre_alloc_hook+0x3b/0xe0
[ 22.518439][ T288] kmem_cache_alloc_trace+0x48/0x270
[ 22.523709][ T288] ? sk_psock_skb_ingress_self+0x5f/0x330
[ 22.529409][ T288] ? migrate_disable+0x180/0x180
[ 22.534334][ T288] sk_psock_skb_ingress_self+0x5f/0x330
[ 22.539864][ T288] ? migrate_disable+0xd6/0x180
[ 22.544697][ T288] sk_psock_verdict_recv+0x636/0x800
[ 22.549965][ T288] unix_read_sock+0x10a/0x2c0
[ 22.554627][ T288] ? sk_psock_skb_redirect+0x440/0x440
[ 22.560078][ T288] ? unix_stream_splice_actor+0x120/0x120
[ 22.565783][ T288] ? copy_page_from_iter+0x261/0x680
[ 22.571058][ T288] ? copy_user_enhanced_fast_string+0xe/0x40
[ 22.577036][ T288] ? sk_psock_skb_redirect+0x440/0x440
[ 22.582482][ T288] ? unix_set_peek_off+0xa0/0xa0
[ 22.587403][ T288] unix_stream_read_sock+0x61/0x90
[ 22.592504][ T288] sk_psock_verdict_data_ready+0x115/0x170
[ 22.598298][ T288] ? sk_psock_start_verdict+0xc0/0xc0
[ 22.603671][ T288] ? _raw_spin_lock+0x8e/0xe0
[ 22.608349][ T288] ? _raw_spin_unlock_irqrestore+0x5b/0x80
[ 22.614141][ T288] ? skb_queue_tail+0xcb/0xf0
[ 22.618808][ T288] unix_stream_sendmsg+0x7c4/0xc80
[ 22.623913][ T288] ? unix_show_fdinfo+0xa0/0xa0
[ 22.628751][ T288] ? __update_load_avg_cfs_rq+0xaf/0x2f0
[ 22.634368][ T288] ? security_socket_sendmsg+0x82/0xa0
[ 22.639806][ T288] ? unix_show_fdinfo+0xa0/0xa0
[ 22.644647][ T288] ____sys_sendmsg+0x5a2/0x8c0
[ 22.649408][ T288] ? __sys_sendmsg_sock+0x40/0x40
[ 22.654425][ T288] ? import_iovec+0x7c/0xb0
[ 22.658923][ T288] ___sys_sendmsg+0x1f0/0x260
[ 22.663590][ T288] ? _raw_spin_unlock+0x4d/0x70
[ 22.668429][ T288] ? __sys_sendmsg+0x250/0x250
[ 22.673177][ T288] ? __schedule+0xb76/0x14c0
[ 22.677751][ T288] ? _raw_spin_lock_irqsave+0x110/0x110
[ 22.683296][ T288] ? cgroup_update_frozen+0x15c/0x970
[ 22.688655][ T288] ? ptrace_stop+0x6f4/0xa80
[ 22.693236][ T288] ? __kasan_check_read+0x11/0x20
[ 22.698246][ T288] ? __fdget+0x15b/0x230
[ 22.702476][ T288] __x64_sys_sendmsg+0x1e2/0x2a0
[ 22.707395][ T288] ? ___sys_sendmsg+0x260/0x260
[ 22.712231][ T288] ? __kasan_check_write+0x14/0x20
[ 22.717326][ T288] ? switch_fpu_return+0x15d/0x2c0
[ 22.722422][ T288] x64_sys_call+0x4b/0x9a0
[ 22.726822][ T288] do_syscall_64+0x4c/0xa0
[ 22.731223][ T288] ? clear_bhb_loop+0x50/0xa0
[ 22.735886][ T288] ? clear_bhb_loop+0x50/0xa0
[ 22.740550][ T288] entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 22.746425][ T288] RIP: 0033:0x7f40340b87e9
[ 22.750827][ T288] Code: 48 83 c4 28 c3 e8 17 1a 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 22.770636][ T288] RSP: 002b:00007ffed3f65238 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 22.779056][ T288] RAX: ffffffffffffffda RBX: 00007ffed3f65240 RCX: 00007f40340b87e9
[ 22.787033][ T288] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000004
[ 22.794996][ T288] RBP: 0000000000000001 R08: 00007ffed3f64fd7 R09: 00007f4034120039
[ 22.802956][ T288] R10: 0000000000000001 R11: 0000000000000246 R12: 00007f4034124618
[ 22.810911][ T288] R13: 00007ffed3f65418 R14: 0000000000000001 R15: 0000000000000001
[ 22.818871][ T288]
[ 22.822195][ T39] ------------[ cut here ]------------
[ 22.827677][ T39] kernel BUG at net/core/skbuff.c:1727!
[ 22.833249][ T39] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 22.839341][ T39] CPU: 1 PID: 39 Comm: kworker/1:1 Not tainted 5.15.189-syzkaller-00079-ga71626bd56a5 #0
[ 22.849178][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 22.859247][ T39] Workqueue: events sk_psock_backlog
[ 22.864580][ T39] RIP: 0010:pskb_expand_head+0x11a5/0x11d0
[ 22.870439][ T39] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c de f3 ff ff 4c 89 e7 e8 8c 9a f6 fd e9 d1 f3 ff ff e8 42 22 b8 fd 0f 0b e8 3b 22 b8 fd <0f> 0b 48 8b 4d d0 80 e1 07 80 c1 03 38 c1 0f 8c b2 fa ff ff 48 8b
[ 22.890063][ T39] RSP: 0018:ffffc9000028fa08 EFLAGS: 00010293
[ 22.896132][ T39] RAX: ffffffff83b08d95 RBX: dffffc0000000000 RCX: ffff8881087813c0
[ 22.904111][ T39] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[ 22.912084][ T39] RBP: ffffc9000028faa8 R08: dffffc0000000000 R09: ffffed102484a936
[ 22.920051][ T39] R10: ffffed102484a936 R11: 1ffff1102484a935 R12: 0000000000000e80
[ 22.928022][ T39] R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000008080
[ 22.935996][ T39] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 22.944916][ T39] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 22.951498][ T39] CR2: 0000200000009000 CR3: 0000000124255000 CR4: 00000000003506a0
[ 22.959465][ T39] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 22.967428][ T39] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 22.975393][ T39] Call Trace:
[ 22.978664][ T39]
[ 22.981593][ T39] __pskb_pull_tail+0xb1/0x1480
[ 22.986454][ T39] sk_psock_skb_ingress_enqueue+0x67/0x410
[ 22.992256][ T39] ? kmem_cache_alloc_trace+0x119/0x270
[ 22.997800][ T39] ? sk_psock_backlog+0x876/0x1230
[ 23.002903][ T39] sk_psock_backlog+0xa72/0x1230
[ 23.007856][ T39] ? sk_psock_init+0x6f0/0x6f0
sendmsg(4, {msg_name=NULL, msg_namelen=67124864, msg_iov=[{iov_base="\x3e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., iov_len=536871553}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 16744320
exit_group(0) = ?
[ 23.012653][ T39] ? __schedule+0xb76/0x14c0
[ 23.017242][ T39] process_one_work+0x6be/0xba0
[ 23.022096][ T39] worker_thread+0xa59/0x1200
[ 23.026774][ T39] ? _raw_spin_lock_irqsave+0xb0/0x110
[ 23.032229][ T39] ? __kthread_parkme+0xac/0x200
[ 23.037166][ T39] kthread+0x411/0x500
[ 23.041231][ T39] ? worker_clr_flags+0x190/0x190
[ 23.046254][ T39] ? kthread_blkcg+0xd0/0xd0
[ 23.050845][ T39] ret_from_fork+0x1f/0x30
[ 23.055256][ T39]
[ 23.058276][ T39] Modules linked in:
[ 23.063037][ T39] ---[ end trace d96cb1e586f4c800 ]---
[ 23.068617][ T39] RIP: 0010:pskb_expand_head+0x11a5/0x11d0
[ 23.074487][ T39] Code: 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c de f3 ff ff 4c 89 e7 e8 8c 9a f6 fd e9 d1 f3 ff ff e8 42 22 b8 fd 0f 0b e8 3b 22 b8 fd <0f> 0b 48 8b 4d d0 80 e1 07 80 c1 03 38 c1 0f 8c b2 fa ff ff 48 8b
[ 23.094140][ T39] RSP: 0018:ffffc9000028fa08 EFLAGS: 00010293
[ 23.100217][ T39] RAX: ffffffff83b08d95 RBX: dffffc0000000000 RCX: ffff8881087813c0
[ 23.108202][ T39] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[ 23.116209][ T39] RBP: ffffc9000028faa8 R08: dffffc0000000000 R09: ffffed102484a936
[ 23.124191][ T39] R10: ffffed102484a936 R11: 1ffff1102484a935 R12: 0000000000000e80
[ 23.132165][ T39] R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000008080
[ 23.140152][ T39] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 23.149093][ T39] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 23.155681][ T39] CR2: 0000200000009000 CR3: 000000010d253000 CR4: 00000000003506a0
[ 23.163672][ T39] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 23.171629][ T39] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 23.179632][ T39] Kernel panic - not syncing: Fatal exception
[ 23.180108][ T30] audit: type=1400 audit(1753302651.932:71): avc: denied { read } for pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 23.185968][ T39] Kernel Offset: disabled
[ 23.211857][ T39] Rebooting in 86400 seconds..