./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2544136878

<...>
Warning: Permanently added '10.128.0.41' (ED25519) to the list of known hosts.
execve("./syz-executor2544136878", ["./syz-executor2544136878"], 0x7fff6475a2e0 /* 10 vars */) = 0
brk(NULL)                               = 0x555562793000
brk(0x555562793d00)                     = 0x555562793d00
arch_prctl(ARCH_SET_FS, 0x555562793380) = 0
set_tid_address(0x555562793650)         = 289
set_robust_list(0x555562793660, 24)     = 0
rseq(0x555562793ca0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor2544136878", 4096) = 28
getrandom("\x09\xbd\xf3\x2f\xea\xc4\xae\xf9", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555562793d00
brk(0x5555627b4d00)                     = 0x5555627b4d00
brk(0x5555627b5000)                     = 0x5555627b5000
mprotect(0x7f82d2de5000, 16384, PROT_READ) = 0
mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000
mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000
mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000
openat(AT_FDCWD, "/proc/self/make-it-fail", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_WRONLY) = 3
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/failslab/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_futex/ignore-private", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
executing program
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/ignore-gfp-wait", O_WRONLY|O_CLOEXEC) = 3
write(3, "N", 1)                        = 1
close(3)                                = 0
openat(AT_FDCWD, "/sys/kernel/debug/fail_page_alloc/min-order", O_WRONLY|O_CLOEXEC) = 3
write(3, "0", 1)                        = 1
close(3)                                = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555562793650) = 290
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555562793650) = 291
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555562793650) = 292
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555562793650) = 293
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555562793650) = 294
./strace-static-x86_64: Process 294 attached
[pid   294] set_robust_list(0x555562793660, 24) = 0
[pid   294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555562793650) = 295
./strace-static-x86_64: Process 293 attached
[pid   293] set_robust_list(0x555562793660, 24) = 0
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555562793650) = 296
./strace-static-x86_64: Process 296 attached
[pid   296] set_robust_list(0x555562793660, 24) = 0
[pid   296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   296] setpgid(0, 0)               = 0
[pid   296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   296] write(3, "1000", 4)         = 4
[pid   296] close(3)                    = 0
[pid   296] write(1, "executing program\n", 18) = 18
[pid   296] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid   296] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid   296] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_lru_insertion", prog_fd=3}}, 16./strace-static-x86_64: Process 290 attached
./strace-static-x86_64: Process 295 attached
./strace-static-x86_64: Process 292 attached
./strace-static-x86_64: Process 291 attached
 <unfinished ...>
[pid   290] set_robust_list(0x555562793660, 24 <unfinished ...>
[pid   295] set_robust_list(0x555562793660, 24 <unfinished ...>
[pid   292] set_robust_list(0x555562793660, 24 <unfinished ...>
[pid   291] set_robust_list(0x555562793660, 24 <unfinished ...>
[pid   290] <... set_robust_list resumed>) = 0
[pid   295] <... set_robust_list resumed>) = 0
[pid   290] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   295] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   292] <... set_robust_list resumed>) = 0
[pid   291] <... set_robust_list resumed>) = 0
[pid   296] <... bpf resumed>)          = 4
[pid   296] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   295] <... prctl resumed>)        = 0
[pid   292] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   295] setpgid(0, 0 <unfinished ...>
[pid   291] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   296] <... openat resumed>)       = 5
[pid   296] write(5, "1", 1 <unfinished ...>
[pid   295] <... setpgid resumed>)      = 0
[pid   296] <... write resumed>)        = 1
[pid   296] close(4)                    = 0
[pid   295] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   292] <... clone resumed>, child_tidptr=0x555562793650) = 298
[pid   291] <... clone resumed>, child_tidptr=0x555562793650) = 299
[pid   290] <... clone resumed>, child_tidptr=0x555562793650) = 297
[   27.825171][   T28] audit: type=1400 audit(1754604368.941:64): avc:  denied  { execmem } for  pid=289 comm="syz-executor254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   27.848048][   T28] audit: type=1400 audit(1754604368.961:65): avc:  denied  { bpf } for  pid=296 comm="syz-executor254" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
./strace-static-x86_64: Process 298 attached
[pid   295] <... openat resumed>)       = 3
./strace-static-x86_64: Process 297 attached
[pid   297] set_robust_list(0x555562793660, 24) = 0
[pid   297] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 299 attached
 <unfinished ...>
[pid   299] set_robust_list(0x555562793660, 24 <unfinished ...>
[pid   297] <... prctl resumed>)        = 0
[pid   297] setpgid(0, 0 <unfinished ...>
[pid   299] <... set_robust_list resumed>) = 0
[pid   299] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   297] <... setpgid resumed>)      = 0
[pid   297] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   299] <... prctl resumed>)        = 0
[pid   299] setpgid(0, 0)               = 0
[pid   299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   297] write(3, "1000", 4executing program
)         = 4
[pid   297] close(3)                    = 0
[pid   297] write(1, "executing program\n", 18 <unfinished ...>
[pid   299] write(3, "1000", 4 <unfinished ...>
[pid   297] <... write resumed>)        = 18
[pid   299] <... write resumed>)        = 4
[pid   297] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   299] close(3)                    = 0
[pid   299] write(1, "executing program\n", 18executing program
) = 18
[pid   297] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   299] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   297] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[pid   299] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   299] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[   27.872187][   T28] audit: type=1400 audit(1754604368.961:66): avc:  denied  { prog_load } for  pid=296 comm="syz-executor254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   27.874705][  T296] FAULT_INJECTION: forcing a failure.
[   27.874705][  T296] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[pid   299] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_lru_insertion", prog_fd=3}}, 16 <unfinished ...>
[   27.896145][   T28] audit: type=1400 audit(1754604368.961:67): avc:  denied  { perfmon } for  pid=296 comm="syz-executor254" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   27.918132][  T296] CPU: 0 PID: 296 Comm: syz-executor254 Not tainted 6.1.145-syzkaller-00002-gc750dc582629 #0
[   27.933030][   T28] audit: type=1400 audit(1754604368.961:68): avc:  denied  { prog_run } for  pid=296 comm="syz-executor254" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[pid   297] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_lru_insertion", prog_fd=3}}, 16executing program
executing program
 <unfinished ...>
[pid   298] set_robust_list(0x555562793660, 24 <unfinished ...>
[pid   295] write(3, "1000", 4 <unfinished ...>
[pid   298] <... set_robust_list resumed>) = 0
[pid   295] <... write resumed>)        = 4
[pid   298] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   295] close(3 <unfinished ...>
[pid   298] <... prctl resumed>)        = 0
[pid   295] <... close resumed>)        = 0
[pid   298] setpgid(0, 0 <unfinished ...>
[pid   295] write(1, "executing program\n", 18 <unfinished ...>
[pid   298] <... setpgid resumed>)      = 0
[pid   295] <... write resumed>)        = 18
[pid   298] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   295] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   298] <... openat resumed>)       = 3
[pid   295] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   298] write(3, "1000", 4 <unfinished ...>
[pid   295] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   298] <... write resumed>)        = 4
[pid   295] <... bpf resumed>)          = 3
[pid   298] close(3 <unfinished ...>
[pid   295] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_lru_insertion", prog_fd=3}}, 16 <unfinished ...>
[pid   298] <... close resumed>)        = 0
[pid   298] write(1, "executing program\n", 18) = 18
[pid   298] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid   298] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[   27.943983][  T296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   27.944003][  T296] Call Trace:
[   27.944010][  T296]  <TASK>
[   27.944018][  T296]  __dump_stack+0x21/0x24
[   27.944061][  T296]  dump_stack_lvl+0xee/0x150
[   27.944076][  T296]  ? __cfi_dump_stack_lvl+0x8/0x8
[   27.944091][  T296]  ? __kasan_check_write+0x14/0x20
[   28.005992][  T296]  ? resched_curr+0x10e/0x380
[   28.011311][  T296]  dump_stack+0x15/0x24
[   28.016483][  T296]  should_fail_ex+0x3d4/0x520
[   28.022101][  T296]  should_fail_alloc_page+0x61/0x90
[   28.027940][  T296]  prepare_alloc_pages+0x148/0x5f0
[   28.034050][  T296]  ? __alloc_pages_bulk+0x9c0/0x9c0
[   28.040408][  T296]  ? __cfi____update_load_sum+0x10/0x10
[   28.046897][  T296]  __alloc_pages+0x124/0x450
[   28.051616][  T296]  ? __cfi___alloc_pages+0x10/0x10
[   28.056857][  T296]  ? update_load_avg+0x4c2/0x13f0
[   28.062261][  T296]  ? kvm_sched_clock_read+0x18/0x40
[   28.068310][  T296]  ? __this_cpu_preempt_check+0x13/0x20
[   28.074255][  T296]  ? xfd_validate_state+0x70/0x150
[   28.079464][  T296]  __folio_alloc+0x12/0x40
[   28.084418][  T296]  wp_page_copy+0x280/0x15b0
[   28.089620][  T296]  ? __switch_to+0x51f/0xe30
[   28.094515][  T296]  ? fault_dirty_shared_page+0x310/0x310
[   28.101489][  T296]  ? _raw_spin_unlock+0x4c/0x70
[   28.106940][  T296]  ? finish_task_switch+0x16b/0x7b0
[   28.113630][  T296]  ? vm_normal_page+0x99/0x200
[   28.119839][  T296]  do_wp_page+0x9f2/0xfc0
[   28.125381][  T296]  handle_mm_fault+0x10e4/0x2640
[   28.132182][  T296]  ? __cfi_handle_mm_fault+0x10/0x10
[   28.138431][  T296]  ? lock_vma_under_rcu+0x3eb/0x4d0
[   28.145251][  T296]  ? __this_cpu_preempt_check+0x13/0x20
[   28.151470][  T296]  ? xfd_validate_state+0x70/0x150
[   28.157336][  T296]  do_user_addr_fault+0x905/0x1050
[   28.164240][  T296]  exc_page_fault+0x51/0xb0
[   28.169074][  T296]  asm_exc_page_fault+0x27/0x30
[   28.174573][  T296] RIP: 0033:0x7f82d2d481a0
[   28.179705][  T296] Code: 41 54 55 48 89 f5 53 89 fb 48 83 ec 18 48 83 3d 4d 0e 0a 00 00 89 54 24 0c 74 08 84 c9 0f 85 09 02 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 15 20 3c 0a 00 0f 85 0f 02 00 00 4c 8d 25 13 3c 0a 00 4c
[   28.200647][  T296] RSP: 002b:00007ffdab10eff0 EFLAGS: 00010246
[   28.207115][  T296] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000001
[   28.216885][  T296] RDX: 0000000000000001 RSI: 00007f82d2de9118 RDI: 0000000000000000
[pid   298] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_lru_insertion", prog_fd=3}}, 16 <unfinished ...>
[pid   299] <... bpf resumed>)          = 4
[pid   298] <... bpf resumed>)          = 4
[pid   297] <... bpf resumed>)          = 4
[pid   295] <... bpf resumed>)          = 4
[pid   299] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   298] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   297] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   295] openat(AT_FDCWD, "/proc/thread-self/fail-nth", O_RDWR <unfinished ...>
[pid   299] <... openat resumed>)       = 5
[pid   298] <... openat resumed>)       = 5
[pid   297] <... openat resumed>)       = 5
[pid   295] <... openat resumed>)       = 5
[pid   299] write(5, "1", 1 <unfinished ...>
[pid   298] write(5, "1", 1 <unfinished ...>
[pid   297] write(5, "1", 1 <unfinished ...>
[pid   295] write(5, "1", 1 <unfinished ...>
[pid   299] <... write resumed>)        = 1
[pid   298] <... write resumed>)        = 1
[pid   297] <... write resumed>)        = 1
[pid   295] <... write resumed>)        = 1
[   28.225402][  T296] RBP: 00007f82d2de9118 R08: 00007ffdab10ede7 R09: 0000000000000140
[   28.237983][  T296] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[   28.246590][  T296] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   28.255012][  T296]  </TASK>
[   28.260520][  T299] FAULT_INJECTION: forcing a failure.
[   28.260520][  T299] name failslab, interval 1, probability 0, space 0, times 1
[pid   299] close(4 <unfinished ...>
[pid   298] close(4 <unfinished ...>
[pid   297] close(4 <unfinished ...>
[pid   295] close(4 <unfinished ...>
[pid   296] exit_group(0)               = ?
[pid   296] +++ exited with 0 +++
[pid   293] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=296, si_uid=0, si_status=0, si_utime=0, si_stime=6} ---
[pid   293] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   293] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555562793650) = 300
./strace-static-x86_64: Process 300 attached
[pid   300] set_robust_list(0x555562793660, 24) = 0
[pid   300] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   300] setpgid(0, 0)               = 0
[pid   300] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   300] write(3, "1000", 4)         = 4
[pid   300] close(3)                    = 0
[pid   300] write(1, "executing program\n", 18executing program
) = 18
[pid   300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_UNSPEC, insn_cnt=12, insns=0x200000000440, license=NULL, log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = -1 EFAULT (Bad address)
[pid   300] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=12, insns=0x200000000440, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=-1, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 3
[   28.261366][  T296] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   28.274370][  T299] CPU: 0 PID: 299 Comm: syz-executor254 Not tainted 6.1.145-syzkaller-00002-gc750dc582629 #0
[   28.292142][  T299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   28.302539][  T299] Call Trace:
[   28.305975][  T299]  <TASK>
[   28.309286][  T299]  __dump_stack+0x21/0x24
[   28.313633][  T299]  dump_stack_lvl+0xee/0x150
[   28.318710][  T299]  ? __cfi_dump_stack_lvl+0x8/0x8
[   28.324456][  T299]  ? is_bpf_text_address+0x177/0x190
[   28.330100][  T299]  dump_stack+0x15/0x24
[   28.334640][  T299]  should_fail_ex+0x3d4/0x520
[   28.339507][  T299]  __should_failslab+0xac/0xf0
[   28.344589][  T299]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[   28.351219][  T299]  should_failslab+0x9/0x20
[   28.356320][  T299]  __kmem_cache_alloc_node+0x3d/0x2c0
[   28.362871][  T299]  ? __cfi_mutex_lock+0x10/0x10
[   28.368003][  T299]  ? delete_node+0x3dc/0xa60
[   28.373223][  T299]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[   28.379486][  T299]  __kmalloc+0xa1/0x1e0
[   28.384014][  T299]  ? __cfi___bpf_trace_mm_lru_insertion+0x10/0x10
[   28.391194][  T299]  tracepoint_probe_unregister+0x1e6/0x8b0
[   28.397602][  T299]  bpf_probe_unregister+0x61/0x70
[   28.403772][  T299]  bpf_raw_tp_link_release+0x63/0x90
[   28.409423][  T299]  bpf_link_free+0x13a/0x390
[   28.414592][  T299]  ? bpf_link_put_deferred+0x20/0x20
[   28.420524][  T299]  bpf_link_release+0x15f/0x170
[   28.425968][  T299]  ? __cfi_bpf_link_release+0x10/0x10
[   28.432070][  T299]  __fput+0x1fc/0x8f0
[   28.436793][  T299]  ____fput+0x15/0x20
[   28.441169][  T299]  task_work_run+0x1db/0x240
[   28.446052][  T299]  ? __cfi_task_work_run+0x10/0x10
[   28.452586][  T299]  ? task_work_add+0x2b1/0x330
[   28.459994][  T299]  ptrace_notify+0x221/0x250
[   28.465273][  T299]  ? __cfi_ptrace_notify+0x10/0x10
[   28.470556][  T299]  ? fput+0x15b/0x1a0
[   28.474685][  T299]  ? filp_close+0x111/0x160
[   28.479498][  T299]  ? close_fd+0x28b/0x300
[   28.484162][  T299]  syscall_exit_work+0x84/0x140
[   28.489107][  T299]  syscall_exit_to_user_mode_prepare+0x1c/0x20
[   28.495344][  T299]  syscall_exit_to_user_mode+0xd/0x30
[   28.500900][  T299]  do_syscall_64+0x58/0xa0
[   28.505320][  T299]  ? clear_bhb_loop+0x30/0x80
[   28.510186][  T299]  ? clear_bhb_loop+0x30/0x80
[   28.515057][  T299]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   28.521321][  T299] RIP: 0033:0x7f82d2d79a59
[   28.526189][  T299] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   28.547547][  T299] RSP: 002b:00007ffdab10f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[   28.556829][  T299] RAX: 0000000000000000 RBX: 00007ffdab10f060 RCX: 00007f82d2d79a59
[   28.565583][  T299] RDX: 00007f82d2d78c90 RSI: 00007ffdab10f060 RDI: 0000000000000004
[pid   300] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="mm_lru_insertion", prog_fd=3}}, 16 <unfinished ...>
[pid   299] <... close resumed>)        = 0
[pid   299] exit_group(0)               = ?
[   28.573757][  T299] RBP: 0000000000000001 R08: 00007ffdab10ede7 R09: 0000000000000140
[   28.581939][  T299] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[   28.591114][  T299] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   28.599462][  T299]  </TASK>
[   28.602754][  T298] FAULT_INJECTION: forcing a failure.
[   28.602754][  T298] name failslab, interval 1, probability 0, space 0, times 0
[   28.608983][  T299] CFI failure at __traceiter_mm_lru_insertion+0x75/0xc0 (target: tp_stub_func+0x0/0x10; expected type: 0x1afd09c9)
[   28.618735][  T298] CPU: 0 PID: 298 Comm: syz-executor254 Not tainted 6.1.145-syzkaller-00002-gc750dc582629 #0
[   28.631032][  T299] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[   28.642092][  T298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   28.648270][  T299] CPU: 1 PID: 299 Comm: syz-executor254 Not tainted 6.1.145-syzkaller-00002-gc750dc582629 #0
[   28.658779][  T298] Call Trace:
[   28.658789][  T298]  <TASK>
[   28.669184][  T299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   28.672463][  T298]  __dump_stack+0x21/0x24
[   28.675567][  T299] RIP: 0010:__traceiter_mm_lru_insertion+0x75/0xc0
[   28.686260][  T298]  dump_stack_lvl+0xee/0x150
[   28.690726][  T299] Code: 49 8d 7e 08 48 89 f8 48 c1 e8 03 42 80 3c 20 00 74 05 e8 1e ce 16 00 49 8b 7f 08 48 89 de 41 ba 37 f6 02 e5 45 03 55 fc 74 02 <0f> 0b 41 ff d5 49 83 c6 18 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74
[   28.697349][  T298]  ? __cfi_dump_stack_lvl+0x8/0x8
[   28.702130][  T299] RSP: 0018:ffffc90000e878d8 EFLAGS: 00010093
[   28.722985][  T298]  ? is_bpf_text_address+0x177/0x190
[   28.728361][  T299] 
[   28.728373][  T299] RAX: 1ffff1102224c423 RBX: ffffea0004914dc0 RCX: ffff88810ea23cc0
[   28.734863][  T298]  dump_stack+0x15/0x24
[   28.740909][  T299] RDX: 0000000000000000 RSI: ffffea0004914dc0 RDI: ffffc900000ed000
[   28.743502][  T298]  should_fail_ex+0x3d4/0x520
[   28.752116][  T299] RBP: ffffc90000e87900 R08: dffffc0000000000 R09: fffffbfff0ee45d6
[   28.756481][  T298]  __should_failslab+0xac/0xf0
[   28.765051][  T299] R10: 000000008a435d43 R11: 1ffffffff0ee45d5 R12: dffffc0000000000
[   28.769829][  T298]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[   28.778100][  T299] R13: ffffffff81711ed0 R14: ffff888111262110 R15: ffff888111262110
[   28.783530][  T298]  should_failslab+0x9/0x20
[   28.792084][  T299] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   28.798506][  T298]  __kmem_cache_alloc_node+0x3d/0x2c0
[   28.807809][  T299] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   28.812523][  T298]  ? __cfi_mutex_lock+0x10/0x10
[   28.823833][  T299] CR2: 00007f82d2dec1f0 CR3: 00000001224b9000 CR4: 00000000003506a0
[   28.829480][  T298]  ? delete_node+0x3dc/0xa60
[   28.836947][  T299] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   28.842075][  T298]  ? tracepoint_probe_unregister+0x1e6/0x8b0
[   28.850443][  T299] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   28.855129][  T298]  __kmalloc+0xa1/0x1e0
[   28.863907][  T299] Call Trace:
[   28.863921][  T299]  <TASK>
[   28.870164][  T298]  ? __cfi___bpf_trace_mm_lru_insertion+0x10/0x10
[   28.878214][  T299]  lru_add_fn+0x616/0x660
[   28.882449][  T298]  tracepoint_probe_unregister+0x1e6/0x8b0
[   28.885815][  T299]  folio_batch_move_lru+0x282/0x470
[   28.888938][  T298]  bpf_probe_unregister+0x61/0x70
[   28.895812][  T299]  ? __cfi___switch_to+0x10/0x10
[   28.900349][  T298]  bpf_raw_tp_link_release+0x63/0x90
[   28.906405][  T299]  ? __cfi_lru_add_fn+0x10/0x10
[   28.911773][  T298]  bpf_link_free+0x13a/0x390
[   28.916882][  T299]  ? lru_add_drain_cpu+0x4b0/0x4b0
[   28.922013][  T298]  ? bpf_link_put_deferred+0x20/0x20
[   28.927311][  T299]  lru_add_drain_cpu+0xf8/0x4b0
[   28.932262][  T298]  bpf_link_release+0x15f/0x170
[   28.937650][  T299]  ? __cfi_lru_add_drain_cpu+0x10/0x10
[   28.943288][  T298]  ? __cfi_bpf_link_release+0x10/0x10
[   28.948790][  T299]  lru_add_drain+0x3d/0xc0
[   28.954082][  T298]  __fput+0x1fc/0x8f0
[   28.959074][  T299]  exit_mmap+0x20d/0xb60
[   28.965652][  T298]  ____fput+0x15/0x20
[   28.972013][  T299]  ? _raw_spin_unlock_irq+0x4d/0x70
[   28.976935][  T298]  task_work_run+0x1db/0x240
[   28.981022][  T299]  ? __cfi_exit_mmap+0x10/0x10
[   28.985435][  T298]  ? __cfi_task_work_run+0x10/0x10
[   28.989835][  T299]  ? __cfi_exit_aio+0x10/0x10
[   28.995464][  T298]  ? task_work_add+0x2b1/0x330
[   29.000865][  T299]  ? uprobe_clear_state+0x2c1/0x320
[   29.006874][  T298]  ptrace_notify+0x221/0x250
[   29.013036][  T299]  __mmput+0x93/0x320
[   29.018986][  T298]  ? __cfi_ptrace_notify+0x10/0x10
[   29.024446][  T299]  ? mmput+0x43/0x150
[   29.031661][  T298]  ? fput+0x15b/0x1a0
[   29.036888][  T299]  mmput+0x4b/0x150
[   29.041102][  T298]  ? filp_close+0x111/0x160
[   29.046224][  T299]  do_exit+0x981/0x2650
[   29.050770][  T298]  ? close_fd+0x28b/0x300
[   29.055986][  T299]  ? __cfi_do_exit+0x10/0x10
[   29.062528][  T298]  syscall_exit_work+0x84/0x140
[   29.068277][  T299]  ? _raw_spin_unlock_irq+0x4d/0x70
[   29.072883][  T298]  syscall_exit_to_user_mode_prepare+0x1c/0x20
[   29.077657][  T299]  ? __kasan_check_write+0x14/0x20
[   29.082692][  T298]  syscall_exit_to_user_mode+0xd/0x30
[   29.087937][  T299]  ? _raw_spin_lock_irq+0x8f/0xe0
[   29.094982][  T298]  do_syscall_64+0x58/0xa0
[   29.102125][  T299]  ? __cfi__raw_spin_lock_irq+0x10/0x10
[   29.107927][  T298]  ? clear_bhb_loop+0x30/0x80
[   29.113740][  T299]  ? zap_other_threads+0x2c1/0x2f0
[   29.118863][  T298]  ? clear_bhb_loop+0x30/0x80
[   29.124377][  T299]  do_group_exit+0x210/0x2d0
[   29.131163][  T298]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   29.136927][  T299]  __x64_sys_exit_group+0x3f/0x40
[   29.142880][  T298] RIP: 0033:0x7f82d2d79a59
[   29.148381][  T299]  x64_sys_call+0x7b4/0x9a0
[   29.153228][  T298] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 a1 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   29.159355][  T299]  do_syscall_64+0x4c/0xa0
[   29.165108][  T298] RSP: 002b:00007ffdab10f048 EFLAGS: 00000246
[   29.170332][  T299]  ? clear_bhb_loop+0x30/0x80
[   29.175535][  T298]  ORIG_RAX: 0000000000000003
[   29.199219][  T299]  ? clear_bhb_loop+0x30/0x80
[   29.204016][  T298] RAX: 0000000000000000 RBX: 00007ffdab10f060 RCX: 00007f82d2d79a59
[   29.210368][  T299]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[   29.215319][  T298] RDX: 00007f82d2d78c90 RSI: 00007ffdab10f060 RDI: 0000000000000004
[   29.221164][  T299] RIP: 0033:0x7f82d2d77ba9
[   29.226243][  T298] RBP: 0000000000000001 R08: 00007ffdab10ede7 R09: 0000000000000140
[   29.234978][  T299] Code: Unable to access opcode bytes at 0x7f82d2d77b7f.
[   29.241852][  T298] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[   29.252202][  T299] RSP: 002b:00007ffdab10efe8 EFLAGS: 00000246
[   29.257155][  T298] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   29.267333][  T299]  ORIG_RAX: 00000000000000e7
[   29.275345][  T298]  </TASK>
[   29.283931][  T299] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f82d2d77ba9
[   29.317204][  T299] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[   29.326767][  T299] RBP: 00007f82d2deb370 R08: ffffffffffffffb8 R09: 0000000000000140
[   29.336358][  T299] R10: 0000000000000001 R11: 0000000000000246 R12: 00007f82d2deb370
[   29.345424][  T299] R13: 0000000000000000 R14: 00007f82d2debde0 R15: 00007f82d2d411a0
[   29.354595][  T299]  </TASK>
[   29.358014][  T299] Modules linked in:
[   29.363272][  T299] ---[ end trace 0000000000000000 ]---
[   29.369712][  T299] RIP: 0010:__traceiter_mm_lru_insertion+0x75/0xc0
[   29.377612][  T299] Code: 49 8d 7e 08 48 89 f8 48 c1 e8 03 42 80 3c 20 00 74 05 e8 1e ce 16 00 49 8b 7f 08 48 89 de 41 ba 37 f6 02 e5 45 03 55 fc 74 02 <0f> 0b 41 ff d5 49 83 c6 18 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74
[   29.398922][  T299] RSP: 0018:ffffc90000e878d8 EFLAGS: 00010093
[   29.405229][  T299] RAX: 1ffff1102224c423 RBX: ffffea0004914dc0 RCX: ffff88810ea23cc0
[   29.414045][  T299] RDX: 0000000000000000 RSI: ffffea0004914dc0 RDI: ffffc900000ed000
[   29.423617][  T299] RBP: ffffc90000e87900 R08: dffffc0000000000 R09: fffffbfff0ee45d6
[   29.431865][  T299] R10: 000000008a435d43 R11: 1ffffffff0ee45d5 R12: dffffc0000000000
[   29.441309][  T299] R13: ffffffff81711ed0 R14: ffff888111262110 R15: ffff888111262110
[   29.451841][  T299] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   29.463227][  T299] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   29.471330][  T299] CR2: 00007f82d2dec1f0 CR3: 00000001224b9000 CR4: 00000000003506a0
[   29.480221][  T299] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   29.489011][  T299] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   29.497355][  T299] Kernel panic - not syncing: Fatal exception
[   29.507826][  T299] Kernel Offset: disabled
[   29.513580][  T299] Rebooting in 86400 seconds..